Where is the edge of the Internet?

• Previous message (by thread): Where is the edge of the Internet? Re: no ip forged-source-address
• Next message (by thread): Where is the edge of the Internet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

$author = "alok" ;
> 
> makes sense on the edge/aggregation but if you do it further up in
> the network.....there maybe some cases where we have assymetric routing,
> where the path of uplink is never the path the same as the downlink

hence the suggestion of "reachable-via any" rather then "route to source IP
must be out the interface packet came in" in the scenario you paint. it's
hard to block spoofed source addresses that actually exist in the routing
table except at the "edges", hence the discussion about where the "edge"
is...  

if you pick the right places to implement filtering there is no need to do
it to all routers.


> infact the source network of the packet may never be present in the routing
> table....(it is possible, after all its a packet switched network and the
> routing is destination IP based) ...

ummmm, if the source address isn't in the routing table why would we bother
carrying the packet a single hop further?

marty

--
Skirwan - "And if pigs can fly, and I can ride one, and they fly me to hell, 
           and it just froze over, and we all have ice cream..." [1]

talonyx - "I really need to stop reading Slashdot while on codeine....." [2]

[1] - http://slashdot.org/comments.pl?sid=28984&cid=3113144
[2] - http://slashdot.org/comments.pl?sid=28984&cid=3113355 [3]

[3] - Yes, I corrected his spelling... ;)

• Previous message (by thread): Where is the edge of the Internet? Re: no ip forged-source-address
• Next message (by thread): Where is the edge of the Internet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]