[47533] in North American Network Operators' Group
Re: uRPF Loose Check Mode vs. ACL
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon May 6 00:51:26 2002
Message-Id: <200205060450.g464orQn009989@foo-bar-baz.cc.vt.edu>
To: Richard A Steenbergen <ras@e-gerbil.net>
Cc: nanog@merit.edu
In-reply-to: Your message of "Sun, 05 May 2002 22:11:12 EDT."
<20020506021112.GM523@overlord.e-gerbil.net>
From: Valdis.Kletnieks@vt.edu
Date: Mon, 06 May 2002 00:50:53 -0400
Errors-To: owner-nanog-outgoing@merit.edu
On Sun, 05 May 2002 22:11:12 EDT, Richard A Steenbergen said:
> What we all really need is a protocol which can distribute filtering
> information network-wide. Go make one. :)
No, what we need is a protocol that can do *secured* distribution of
filtering info net-wide. Otherwise, some bozo is going to accidentally
inject a flter for 127/8, causing as much fun as the announcement of same
a few years ago. And I'm *sure* there's at least a few people on this
list that would be *very* tempted to inject filters for RFC1918 space
for the benefit of those providers that don't egress filter it currently ;)
