Using Policy Routing to stop DoS attacks
Stefan Mink
mink at schlund.net
Tue May 13 07:46:50 UTC 2003
On Mon, May 12, 2003 at 04:38:30PM +0530, Lars Higham wrote:
> Ya, you configure the next-hop of the source route(s) to discard -
just if I got this right: On both, Juniper and Cisco, if the
source OR destination address is reachable via [NULL0|Discard],
the packet gets dropped if RPF is enabled on the interface.
Does this work in loose mode too?
Thanx &&
tschuess
Stefan Mink
--
Stefan Mink, Schlund+Partner AG (AS 8560)
Primary key fingerprint: 389E 5DC9 751F A6EB B974 DC3F 7A1B CF62 F0D4 D2BA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030513/5cc0fd55/attachment.sig>
More information about the NANOG
mailing list