BCP38 - Internet Death Penalty
Adam Vitkovsky
adam.vitkovsky at swan.sk
Thu Mar 28 14:51:30 UTC 2013
Yes I see now I have worded it miserably :)
What I got on my mind was an eBGP session to stub site /single homed
customer.
Now that I think about it I believe it could have been "on" by default on
all the router interfaces and would have to be turned off manually(or
automatically if mpls is enabled on the interface) for core interfaces and
interfaces facing dual-homed sites.
Anyways disabling urpf would than soon become a part of standard
interface-config templates.
So I guess no matter what tools we'd have it boils down to (and I don't want
to use a word "laziness") maybe comfortability of operators.
adam
-----Original Message-----
From: wherrin at gmail.com [mailto:wherrin at gmail.com] On Behalf Of William
Herrin
Sent: Thursday, March 28, 2013 2:43 PM
To: Adam Vitkovsky
Cc: Saku Ytti; nanog at nanog.org
Subject: Re: BCP38 - Internet Death Penalty
On Thu, Mar 28, 2013 at 8:20 AM, Adam Vitkovsky <adam.vitkovsky at swan.sk>
wrote:
> It's a pity that rpf is not "on" by default for interfaces over which
> the ebgp session is configured.
Hi Adam,
Considering that's one of the key scenarios for which RPF is known to NOT
WORK reliably, I would have to disagree with that statement. Folks running
BGP expect to manipulate routes asymmetrically.
If you had said, "It's a pity that RPF is not on by default over interfaces
for which no routing protocol is configured (connected and static routes
only)" I might have agreed with you.
Regards,
Bill Herrin
--
William D. Herrin ................ herrin at dirtside.com bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls
Church, VA 22042-3004
More information about the NANOG
mailing list