Who does source address validation? (was Re: what's that smell?)

• Previous message (by thread): Who does source address validation? (was Re: what's that smell?)
• Next message (by thread): Who does source address validation? (was Re: what's that smell?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sean Donelan <sean at donelan.com> writes:

> Whether this is still true, the legend lives on.  A 20% throughput hit
> won't be offset by a 12 to 18 percent bandwidth savings.  Especially on
> heavily loaded circuits.  Some network engineers are reluctant to do any
> type of packet filtering (uRPF or ACL based) because of the belief it will
> hurt performance (latency, throughput, etc).

Some network operators got burned by broken ACL implementations, too.

-- 
Florian Weimer 	                  Weimer at CERT.Uni-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898

• Previous message (by thread): Who does source address validation? (was Re: what's that smell?)
• Next message (by thread): Who does source address validation? (was Re: what's that smell?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]