[52660] in North American Network Operators' Group
Re: what's that smell?
daemon@ATHENA.MIT.EDU (Joe Abley)
Tue Oct 8 11:00:09 2002
Date: Tue, 8 Oct 2002 10:54:54 -0400
Cc: <nanog@merit.edu>
To: Iljitsch van Beijnum <iljitsch@muada.com>
From: Joe Abley <jabley@isc.org>
In-Reply-To: <20021008164157.F84850-100000@sequoia.muada.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Tuesday, Oct 8, 2002, at 10:45 Canada/Eastern, Iljitsch van Beijnum
wrote:
> On Tue, 8 Oct 2002, Joe Abley wrote:
>
>> Also, egress filtering is NOT easy,
>
>> What is difficult about dropping packets sourced from RFC1918
>> addresses
>> before they leave your network?
>
> But what's the point?
Politeness, I guess. Seems rude to send traffic to peers when you
absolutely know that the source address is inaccurate.
> That's like complaining that the door isn't locked while the house has
> no
> walls.
Right. The no walls problem is far more usefully tackled by filtering
inbound at the edge, not outbound.
Joe
