Another question on rfc1918
Randy Bush
randy at psg.com
Fri Nov 23 23:54:03 UTC 2007
aloha michael,
i realize that good practice many not be general practice, but ...
lsr is encouraged at routers bordering with bgp peers for debugging
purposes, i.e. so that A may learn B's routing towards C without
calling/writing/bothering B's engineers.
but lsr really should be blocked at hosts, e.g.
# grep lsr /etc/ipfw.rules
add deny log all from any to any ipoptions ssrr,lsrr,rr
i am not aware of a similar common use case for ssr.
randy
More information about the NANOG
mailing list