[14029] in North American Network Operators' Group
Re: Advisory - tunneling of IP at exchange points.
daemon@ATHENA.MIT.EDU (John Meylor)
Tue Nov 25 13:34:04 1997
Date: Tue, 25 Nov 1997 10:19:31 -0800
From: John Meylor <jmeylor@cisco.com>
To: Paul Thornton <prt@linx.net>
CC: nanog@merit.edu, jmeylor@cisco.com
Paul Thornton wrote:
>
We have created
> an advisory which describes details of the vulnerability, and how to
> detect and prevent it.
Paul, well written. It is important to remember that many
of the exchange points include dedicated multicast routers
which are utilizing GRE or IPinIP tunnels to route multicast
to participating ISPs located on the respective exchange.
Assumung the tunnels are routed appropriatly by prior agreement
these tunnels would fall into the "legitimate" use category
and should not be filtered.
- John
