BCP38 tester?

• Previous message (by thread): BCP38 tester?
• Next message (by thread): BCP38 tester?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/1/13, Jay Ashworth <jra at baylink.com> wrote:
>> It would just be way too much luck and convenience for that to happen
>> by coincidence.
>
> Once in a while, you win.

The trouble with winning by coincidence or winning as a side-effect...
Do you keep winning?

What happens with IPv6 CPE devices,  when there is no NAT?
No translation occurs, so possibly  rogue source IP packets get
through,  unless the device specifically applies uRPF  or clamping
source addresses to the LAN interface subnet.

It would be nice if the RFCs specified Ingress filtering by default in
router requirements for IPv4 and IPv6, as a MUST requirement;  instead
of  some   2nd class citizen, optional  best practices document.

By specifying ingress as the default, it then becomes an implementor
responsibility to understand when and where in their network they have
to override the default for things to work properly,  when it is safe
to,   and where the filtering is required.

--
-JH

• Previous message (by thread): BCP38 tester?
• Next message (by thread): BCP38 tester?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]