[14362] in North American Network Operators' Group
Re: Broadcast pings.
daemon@ATHENA.MIT.EDU (Jay R. Ashworth)
Wed Dec 24 12:10:26 1997
Date: Tue, 23 Dec 1997 21:14:29 -0500
From: "Jay R. Ashworth" <jra@scfn.thpl.lib.fl.us>
To: nanog@merit.edu
In-Reply-To: <199712232332.RAA00628@charon.milepost.com>; from Phil Howard <phil@charon.milepost.com> on Tue, Dec 23, 1997 at 05:32:15PM -0600
On Tue, Dec 23, 1997 at 05:32:15PM -0600, Phil Howard wrote:
> When a packet arrives, take note of the interface and gateway it came from.
> Check the route tables for where a reply to this packet could be delivered.
> Don't choose only the best route, but compare where the packet came from
> with all valid reply routes (except broad defaults larger than a certain
> size that can be configured). If the packet came from where it is valid
> to reply, then allow the packet to proceed. If not, then discard it (an
> ICMP probably won't make it back to the right place anyway).
Oh ghod... weren't you around, Phil, when _I_ got roundly trounced and
reviled as a clueless newbie about 3 months ago for alomst exactly the
same solution?
The outcome as I recall, was that the only practical thing to do was
ingress filtering at boundary routers, if they would.
Cheers,
-- jra
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby,
Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592
