[26798] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ICMP rate limiting on EGRESS (Warning, operational content

daemon@ATHENA.MIT.EDU (Paul Ferguson)
Mon Jan 17 06:32:33 2000

Message-Id: <4.2.2.20000117062716.00a4ae80@lint.cisco.com>
Date: Mon, 17 Jan 2000 06:28:49 -0500
To: Sam Thomas <sthomas@lart.net>
From: Paul Ferguson <ferguson@cisco.com>
Cc: nanog@merit.edu
In-Reply-To: <20000117091303.A9357@lart.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu


At 09:13 AM 01/17/2000 +0000, Sam Thomas wrote:

>ideas that good should have been implemented a long time ago. OTOH, I am
>of the opinion that the real problem is neither ICMP nor IP directed
>broadcast. the real problem, as I see it, is spoofed-source packets.

This is the principle reason to encourage everyone to implement
RFC2267 -style filtering. :-/

- paul


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[26798] in North American Network Operators' Group

Re: ICMP rate limiting on EGRESS (Warning, operational content

daemon@ATHENA.MIT.EDU (Paul Ferguson)Mon Jan 17 06:32:33 2000

daemon@ATHENA.MIT.EDU (Paul Ferguson)
Mon Jan 17 06:32:33 2000