[26802] in North American Network Operators' Group
Re: ICMP rate limiting on EGRESS (Warning, operational content
daemon@ATHENA.MIT.EDU (Sean Donelan)
Mon Jan 17 11:09:46 2000
Date: 17 Jan 2000 08:07:36 -0800
Message-ID: <20000117160736.22827.cpmta@c004.sfo.cp.net>
Content-Type: text/plain
Content-Disposition: inline
Mime-Version: 1.0
To: bmanning@vacation.karoshi.com
From: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 17 January 2000, bmanning@vacation.karoshi.com wrote:
> Source routing and connection based services are creaping into
> the Internet, slowly but surely. Both are a far cry from the
> destination forwarding and connectionless service that I grew
> up with.
Yes, but as far as I know, none of the new services rely on the ability
to spoof the source address outside of local (perhaps VPN extended) network.
Even old services such as roaming and redirector applications have switched
to using tunnels instead of spoofed source addresses.
Are there any real-world applications which have no alternative but to
use spoofed source addresses on the Internet at large?
Or is this a case, if we had thought about it, we would have prohibited
it at the start; but now its in the wild we don't know how to get it back
in the barn.
