[84717] in North American Network Operators' Group
Re: router worms and International Infrastructure
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Wed Sep 21 12:11:18 2005
Date: Wed, 21 Sep 2005 16:09:13 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <17201.33616.585888.485084@roam.psg.com>
To: nanog@nanog.org
Errors-To: owner-nanog@merit.edu
On Wed, 21 Sep 2005, Randy Bush wrote:
> >> Btw. Juniper's Feasible Path uRPF (mentioned in RFC3704) is your
> >> friend, even on multihomed/asymmetric links.
> > So, say I'm a large consumer broadband ISP, and I made the decision some
> > years ago to use net-10 as my infrastructure space? How does 'feasible
> > path' help block 10.x.x.x sources exactly?
>
> as ye sow, so shall ye reap
>
> when you shoot yourself in the foot, just because you are so neurally
> broken that the signal takes years to register in your brain, it does
> not mean that your foot does not have a hole in it.
somewhat agreed :) At the time I'd think that the providers in question
(lots of other normal network people made the same 'decision' I might add)
didn't think it'd be a good idea to get a /8 allocation from *RIR for
internal infrastructure that they never planned on being reachable from
the outside world.
anyway, I just don't want folks to get the wrong impression about either
uRPF or 'feasible path'. They are tools, they have implications when used,
if you don't understand them you will be making holes in someone's feets
:(
