Todd Underwood was a little late

Chris Adams cmadams at hiwaay.net
Fri Jun 18 07:49:55 CDT 2010


Once upon a time, Steve Bertrand <steve at ipv6canada.com> said:
> If all IP blocks are tied down to null, and urpf is enabled in loose
> mode on an interface, it will catch cases where someone is sourcing
> traffic to you using IPs from the unassigned space that you have in your
> free pools.

That's not true on JUNOS devices - discard routes still count as valid
routes for loose-mode uRPF.
-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.




More information about the NANOG mailing list