[25257] in North American Network Operators' Group
RE: Martian list of IP's to block???
daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Fri Oct 1 13:57:36 1999
From: "Rubens Kuhl Jr." <rkuhljr@uol.com.br>
To: "Jared Mauch" <jared@puck.Nether.net>
Cc: <nanog@merit.edu>
Date: Fri, 1 Oct 1999 14:46:41 -0300
Message-ID: <004501bf0c34$eb7c5550$5cf1e7c8@users.uol.com.br>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-reply-to: <19991001122233.C17774@puck.nether.net>
Errors-To: owner-nanog-outgoing@merit.edu
> Most of us can't "ip verify unicast reverse-path" our upstreams.
I think you can run it on low/mid-range Cisco routers with IOS 12, as CEF is
not 75xx privilege any more, although I have not tested myself.
> > Routing those networks to nul0 and turning 'ip verify unicast
> reverse-path'
> > on CEF-enabled Cisco routers does this without CPU load or does not ?
Rubens Kuhl Jr.
