[47351] in North American Network Operators' Group
Re: Effective ways to deal with DDoS attacks?
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Thu May 2 13:48:49 2002
Date: Thu, 2 May 2002 19:46:21 +0200 (CEST)
From: Iljitsch van Beijnum <iljitsch@muada.com>
To: Richard A Steenbergen <ras@e-gerbil.net>
Cc: <nanog@merit.edu>
In-Reply-To: <20020502172248.GN523@overlord.e-gerbil.net>
Message-ID: <20020502193623.V37493-100000@sequoia.muada.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 2 May 2002, Richard A Steenbergen wrote:
> RPF works by matching the source address of the packet against the CEF
> table, in addition to the normal match against the destination address.
> There are multiple modes of operation, ranging from "is there a route
> for the source address to the specific interface it come in on" to "is
> there a route to the source address for ANY interface on the box" The
> former is used to stop your single homed customers from spoofing wildly
> into the internet.
You can do this for multihomed customers to: it's just that multihomed
customers can't use it for traffic coming from their transits (= you),
because uRPF breaks asymmetric routing.
