Another question on rfc1918

Randy Bush randy at psg.com
Fri Nov 23 23:54:03 UTC 2007


aloha michael,

i realize that good practice many not be general practice, but ...

lsr is encouraged at routers bordering with bgp peers for debugging
purposes, i.e. so that A may learn B's routing towards C without
calling/writing/bothering B's engineers.

but lsr really should be blocked at hosts, e.g.

    # grep lsr /etc/ipfw.rules
    add deny log all from any to any ipoptions ssrr,lsrr,rr

i am not aware of a similar common use case for ssr.

randy



More information about the NANOG mailing list