[187444] in North American Network Operators' Group
Re: Dear Windstream engineers
daemon@ATHENA.MIT.EDU (Saku Ytti)
Mon Feb 1 04:08:56 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <56AEF883.7080802@bogus.com>
Date: Mon, 1 Feb 2016 11:08:51 +0200
From: Saku Ytti <saku@ytti.fi>
To: joel jaeggli <joelja@bogus.com>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On 1 February 2016 at 08:17, joel jaeggli <joelja@bogus.com> wrote:
Hey,
> source based RTBH requires urpf, which while generally available may
> have practical limitations on implementation.
I'd say uRPF/loose is one way to do it on some platforms. In JunOS for
longest time it was not possible, and in default config it still is
not, as source route pointing to null does not fail uRPF/loose check.
However JunOS has had ~always SCU (I compare it to QPPB in CSCO) which
can be used to implement source based RTBH, without use of uRPF. It
likely out-performs uRPF/loose massively, as you don't have to do two
LPM lookups.
--
++ytti
