[81308] in North American Network Operators' Group
Re: URPF on small BGP-enabled customers?
daemon@ATHENA.MIT.EDU (Joe Maimon)
Fri Jun 3 16:55:33 2005
Date: Fri, 03 Jun 2005 16:54:51 -0400
From: Joe Maimon <jmaimon@ttec.com>
To: Joe Abley <jabley@isc.org>
Cc: Andre Oppermann <nanog-list@nrg4u.com>,
christian.macnevin@uk.bnpparibas.com, christopher.morrow@mci.com,
will@loopfree.net, nanog@merit.edu
In-Reply-To: <02A9DD1B-4BCA-4513-8860-3E5DDB2C925A@isc.org>
Errors-To: owner-nanog@merit.edu
Joe Abley wrote:
>
>
> On 2005-06-03, at 10:26, Andre Oppermann wrote:
>
>>
>> christian.macnevin@uk.bnpparibas.com wrote:
>>
>>> I guess it's been a while since I've played with it, but isn't this
>>> pretty
>>> well what happens with uRPF anyhow?
>>>
>>
>> No, my proposal works as long as the customer advertizes their prefixes
>> via BGP, not matter how long the path or what community attributes are
>> set (for example NOEXPORT). No matter how they send it, as long as they
>> send it, it works fine.
>
>
> So, your proposal is loose-mode uRPF?
>
>
I thought that loose-mode uRPF is what was recommended for any connected
entity that is multi-homed. And that makes sense.
What happened to that? Whats next? uRPF in core?
At which point do we stop breaking things?
There must be a safe way to solve the problem of spoofing routed space
without breaking multi-homing.
