[7344] in North American Network Operators' Group
Re: Alpha test of MAE filtering capability
daemon@ATHENA.MIT.EDU (Paul A Vixie)
Fri Jan 31 13:27:53 1997
To: nanog@merit.edu
In-reply-to: Your message of "Fri, 31 Jan 1997 10:11:58 PST."
<CMM.0.90.2.854734318.vaf@hq.barrnet.net>
Date: Fri, 31 Jan 1997 10:18:48 -0800
From: Paul A Vixie <paul@vix.com>
> I don't disagree. Do you have tools for reliably detecting unacceptable
> default route usage? Until those tools are available and until IXP's agree
> to police their interconnects, the MAC filtering approach is the only real
> solution available.
I've long thought that the routers should be able to reject packets which
come from MAC addresses to whom no route has been offered for the
destination. Tony and Jerry and Andrew and Hank and Joe have all explained
to me why the current Cisco design makes this impossible, but I can dream.
(Perhaps Cisco's hopeful competitors will take this as a product requirement.)
But let me turn it around. With no means of detection, why do we suspect
that it's a problem? That is, why doesn't the cause for suspicion also work
as a means of detection?
