[107702] in North American Network Operators' Group
Re: Cisco uRPF failures
daemon@ATHENA.MIT.EDU (Saku Ytti)
Thu Sep 11 13:12:44 2008
Date: Thu, 11 Sep 2008 20:11:28 +0300
From: Saku Ytti <saku+nanog@ytti.fi>
To: nanog@nanog.org
In-Reply-To: <E7A6066D-2520-4A83-B9BC-98080F17F169@netconsonance.com>
Errors-To: nanog-bounces@nanog.org
On (2008-09-11 00:50 -0700), Jo Rhett wrote:
> As someone who does a lot of work talking to NOCs trying to chase down
> attack sources, I can honestly tell you that I haven't talked to a
> single NOC in the last 16 months who had BCP38 on every port, or even on
> most of their ports. And the majority response is "our (vendor) gear
> can't handle it". As we both know, Cisco is the largest by far vendor
> in the marketplace, and I've heard that name more than 70% of the time.
Sound like these shops are using 3550 as router, which is common for
smaller shops, especially in EU. And indeed, 3550 would not do uRPF.
(3560E does).
--
++ytti
