[74698] in North American Network Operators' Group
Re: BCP38 making it work, solving problems
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Mon Oct 11 23:08:27 2004
Date: Tue, 12 Oct 2004 08:39:28 +0530
From: Suresh Ramasubramanian <suresh@outblaze.com>
To: Daniel Senie <dts@senie.com>
Cc: nanog@merit.edu
In-Reply-To: <6.1.2.0.2.20041011205442.069d8930@mail.amaranth.net>
Errors-To: owner-nanog-outgoing@merit.edu
Daniel Senie wrote:
> One of your arguments presented was that corporate customers weren't
> asking for unicast RPF, and I responded that corporate customers are not
> in need of automated mechanisms to implement BCP38, since in most cases
> their networks are EDGE networks, and it's quite simple to filter your
> egress points to ensure you don't send out any spoofed packets.
There is, of course, the issue of multihomed networks, or networks that
have satellite connectivity etc emitting spoofed source packets.
Yes I know that multihoming customers must make sure packets going out
to the internet over a link match the route advertised out that link ..
but stupid multihoming implementations do tend to ensure that lots of
people will yell loudly, and yell loudly enough for several tickets to
be escalated well beyond tier 1 NOC support desks, for ISPs to kind of
think twice before they put uRPF filters in ..
srs
