TCP/BGP vulnerability - easier than you think
Aditya
aditya at grot.org
Wed Apr 21 16:42:18 UTC 2004
> On Wed, 21 Apr 2004 07:35:27 -0700, "Michel Py" <michel at arneill-py.sacramento.ca.us> said:
> Insist that the peer uses "ip verify unicast reverse-path" on all
> interfaces, or similar command for other vendors.
I sure hope there are no asymmetric paths on the Internet that will
bite you when you turn on strict RPF on your peering interfaces
</sarcasm>
Seriously, if you do turn RPF on on peering interfaces, please let
your peers know (plea from circa 1999)
Aditya
More information about the NANOG
mailing list