[17941] in North American Network Operators' Group
Re: GRE packets
daemon@ATHENA.MIT.EDU (Michael Dillon)
Wed Jun 17 19:32:04 1998
Date: Wed, 17 Jun 1998 16:24:27 -0700 (PDT)
From: Michael Dillon <michael@memra.com>
To: nanog@merit.edu
In-Reply-To: <199806172223.WAA26321@ice.genuity.net>
On Wed, 17 Jun 1998, Danny McPherson wrote:
> Perhaps to combat this, unless I'm missing something, one could justifiably
> deploy GRE filters with source & destination addresses of the exchange
> subnets.
What's the point of this? Wouldn't it make more sense to just run a
sniffer on the exchange fabric looking for such GRE tunnels and then
kick the offending parties out of the exchange? Seems to me this has
happened at least once at LINX.
--
Michael Dillon - Internet & ISP Consulting
Memra Communications Inc. - E-mail: michael@memra.com
Check the website for my Internet World articles - http://www.memra.com