[107481] in North American Network Operators' Group
RE: Force10 Gear - Opinions
daemon@ATHENA.MIT.EDU (James Jun)
Thu Sep 4 10:25:35 2008
From: "James Jun" <james@towardex.com>
To: "'Paul Wall'" <pauldotwall@gmail.com>,
"'Jo Rhett'" <jrhett@netconsonance.com>
In-Reply-To: <620fd17c0809040047k3d2ff053g3f4e9e2e26da76ac@mail.gmail.com>
Date: Thu, 4 Sep 2008 10:24:53 -0400
Cc: nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
> uRPF strict as a configuration default, on customers without possible
> asymmetry (multihoming, one-way tunneling, etc) is not a bad default.
> But when the customers increase in complexity, the time might come to
> relax things some. It's certainly not a be-all-end-all. And it's
> been demonstrated time after time here that anti-spoof/bogon filtering
> isn't even a factor in most large-scale attacks on the public Internet
> these days. Think massively sized, well connected, botnets. See also
> CP attacks (which, again, the F10 can't even help you with).
Indeed... In today's internet, protecting your own box (cp-policer/control
plane filtering) is far more important IMO than implementing BCP38 when much
of attack traffic comes from legitimate IP sources anyway (see botnets).
james
