[162005] in North American Network Operators' Group
Re: BCP38 tester?
daemon@ATHENA.MIT.EDU (Jay Ashworth)
Sun Mar 31 22:42:43 2013
Date: Sun, 31 Mar 2013 22:32:28 -0400 (EDT)
From: Jay Ashworth <jra@baylink.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <84AB044A-F56D-40F6-990C-938F2DD65514@lixfeld.ca>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
> From: "Jason Lixfeld" <jason@lixfeld.ca>
> I believe that most everyone has a CPE of some sort, whether their
> service is resi or commercial. So, what about shifting the focus to
> the CPE manufacturers? They bend to technology and/or market pressures
> by bringing things like NAT, Firewalls, DLNA, UPnP, IPv6 (heh), PPPoE,
> RFC1483, etc. to their respective products in to satisfy technology
> limitations or security concerns or whatever. Why can't they help the
> cause by implementing some sort of RFC'ified BCP38 thing?
This thought crossed my mind earlier today, when I asked Jeff if IP-forged
packets would make it through a NAT, outbound. He said no (I think), but
I'm not entirely sure that's right.
While that would be egress filtering, from the POV of the home-LAN, it
would still help in the trojan-horse-bot situation, as long as it couldn't
be opened up via something like PPTP, and would thus still be useful,
to some extent, sure.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA #natog +1 727 647 1274
