[127253] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Todd Underwood was a little late

daemon@ATHENA.MIT.EDU (Chris Adams)
Fri Jun 18 08:50:06 2010

Date: Fri, 18 Jun 2010 07:49:55 -0500
From: Chris Adams <cmadams@hiwaay.net>
To: nanog@nanog.org
Mail-Followup-To: Chris Adams <cmadams@hiwaay.net>, nanog@nanog.org
In-Reply-To: <4C1B6884.4000606@ipv6canada.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

Once upon a time, Steve Bertrand <steve@ipv6canada.com> said:
> If all IP blocks are tied down to null, and urpf is enabled in loose
> mode on an interface, it will catch cases where someone is sourcing
> traffic to you using IPs from the unassigned space that you have in your
> free pools.

That's not true on JUNOS devices - discard routes still count as valid
routes for loose-mode uRPF.
-- 
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[127253] in North American Network Operators' Group

Re: Todd Underwood was a little late

daemon@ATHENA.MIT.EDU (Chris Adams)Fri Jun 18 08:50:06 2010

daemon@ATHENA.MIT.EDU (Chris Adams)
Fri Jun 18 08:50:06 2010