[183209] in North American Network Operators' Group
Re: [c-nsp] Peering + Transit Circuits
daemon@ATHENA.MIT.EDU (William Herrin)
Tue Aug 18 17:10:29 2015
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <55D39903.6050009@foobar.org>
From: William Herrin <bill@herrin.us>
Date: Tue, 18 Aug 2015 17:10:00 -0400
To: Nick Hilliard <nick@foobar.org>
Cc: NANOG list <nanog@nanog.org>,
"cisco-nsp@puck.nether.net" <cisco-nsp@puck.nether.net>
Errors-To: nanog-bounces@nanog.org
On Tue, Aug 18, 2015 at 4:43 PM, Nick Hilliard <nick@foobar.org> wrote:
> On 18/08/2015 20:22, Tim Durack wrote:
>> This has always been my understanding - thanks for confirming. I'm weighing
>> cost-benefit, and looking to see if there are any other smart ideas. As
>> usual, it looks like simplest is best.
>
> i'd advise being careful with this approach: urpf at ixps is a nightmare.
Hi Nick,
This technique described isn't URPF, it's simple destination routing.
The routes I offer you via BGP are the only routes in my table, hence
the only routes I'm capable of routing. If you send me a packet for a
_destination_ I didn't offer to you, I can't route it.
URPF is the opposite of that. I'll only accept packets from you with a
_source_ address which is included in the routes you sent to me.
Regards,
Bill Herrin
--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
