Another question on rfc1918

• Previous message (by thread): Another question on rfc1918
• Next message (by thread): VLANs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michael Painter wrote:
>
> Source route allows the packets to follow a set path. It does not
> require the standard routing protocols and is thus dangerous. Source
> routing is used in a number of multicast protocols (still) and many are
> loath to disable it.

Not true. DVMRP with tunnels hasn't been used for inter-domain multicast 
for a long time.
Many implementations, including FreeBSD, have deprecated the use of IPIP 
and LSRR.

I believe most folk who are serious about inter-domain multicast are 
running BGP with PIM-SM and MSDP. However, this hasn't really been 
accessible to the individual hobbyist until now, and there are no free 
MSDP implementations out there that I know of.

If security is a concern, turn LSRR off on packet filtering NAT 
gateways, if you don't know *for sure* that the forwarding plane is 
smart enough to block LSRR according to a well-defined site security policy.

There are however cogent arguments for turning LSRR on in an AS's 
transit routers here:
    http://www.gweep.net/~crimson/network/lsrr.html

regards,
BMS

• Previous message (by thread): Another question on rfc1918
• Next message (by thread): VLANs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]