Managing ACL exceptions (was Re: Filter NTP traffic by packet size?)

• Next message (by thread): Managing ACL exceptions (was Re: Filter NTP traffic by packet size?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

+1 in my experience uRPF get’s enabled, breaks something or causes confusion (usually related to multi-homing) and then get’s disabled.

On Feb 28, 2014, at 11:49 AM, Christopher Morrow <morrowc.lists at gmail.com> wrote:

> On Fri, Feb 28, 2014 at 9:02 AM, Ray Soucy <rps at maine.edu> wrote:
>> If you have uRPF enabled on all your access routers then you can
>> configure routing policy such that advertising a route for a specific
>> host system will trigger uRPF to drop the traffic at the first hop, in
>> hardware.
> 
> note that 'in hardware' is dependent upon the model used...
> note that stuffing 2k (or 5 or 10 or...) extra routes into your edge
> device could make it super unhappy.
> 
> your points are valid for your designed network... they may not work everywhere.
> making the features you point out work better or be more widely known
> seems like a great idea though :)

• Next message (by thread): Managing ACL exceptions (was Re: Filter NTP traffic by packet size?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]