Todd Underwood was a little late

William Herrin bill at
Thu Jun 17 21:10:15 UTC 2010

On Thu, Jun 17, 2010 at 12:38 AM, Roy <r.engehausen at> wrote:
> On 6/16/2010 7:43 PM, Jon Lewis wrote:
>> With a larger
>> network, multiple IP blocks, ***numerous multihomed customers***, some of which
>> use IP's we've assigned them, it gets a little more complicated to do.
>> I could reject at our border, packets sourced from our IP ranges with
>> exceptions for any of the IP blocks we've assigned to multihomed customers.
> Sounds like a good use of URPF.

Reverse path filtering + asymmetric routing = epic fail. Jon did say
Multihomed customer.

Refer to RFC 3704 (BCP84). Note section 2.2 (Strict Reverse Path
Forwarding) last part of the final sentence: "in particular, when
applied to multihoming to different ISPs, this assumption may fail."

Bill Herrin

William D. Herrin ................ herrin at  bill at
3005 Crane Dr. ...................... Web: <>
Falls Church, VA 22042-3004

More information about the NANOG mailing list