what's that smell?

Joe Abley jabley at isc.org
Tue Oct 8 14:54:54 UTC 2002



On Tuesday, Oct 8, 2002, at 10:45 Canada/Eastern, Iljitsch van Beijnum 
wrote:

> On Tue, 8 Oct 2002, Joe Abley wrote:
>
>> Also, egress filtering is NOT easy,
>
>> What is difficult about dropping packets sourced from RFC1918 
>> addresses
>> before they leave your network?
>
> But what's the point?

Politeness, I guess. Seems rude to send traffic to peers when you 
absolutely know that the source address is inaccurate.

> That's like complaining that the door isn't locked while the house has 
> no
> walls.

Right. The no walls problem is far more usefully tackled by filtering 
inbound at the edge, not outbound.


Joe




More information about the NANOG mailing list