URPF on small BGP-enabled customers?
Joe Maimon
jmaimon at ttec.com
Fri Jun 3 20:54:51 UTC 2005
Joe Abley wrote:
>
>
> On 2005-06-03, at 10:26, Andre Oppermann wrote:
>
>>
>> christian.macnevin at uk.bnpparibas.com wrote:
>>
>>> I guess it's been a while since I've played with it, but isn't this
>>> pretty
>>> well what happens with uRPF anyhow?
>>>
>>
>> No, my proposal works as long as the customer advertizes their prefixes
>> via BGP, not matter how long the path or what community attributes are
>> set (for example NOEXPORT). No matter how they send it, as long as they
>> send it, it works fine.
>
>
> So, your proposal is loose-mode uRPF?
>
>
I thought that loose-mode uRPF is what was recommended for any connected
entity that is multi-homed. And that makes sense.
What happened to that? Whats next? uRPF in core?
At which point do we stop breaking things?
There must be a safe way to solve the problem of spoofing routed space
without breaking multi-homing.
More information about the NANOG
mailing list