[hrlinneweh_at_sbcglobal.net: Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)]

From: Barney Wolff <barney_at_databus.com>
Date: Mon, 8 Mar 2004 11:21:19 -0500
The following may be of some interest, given the recent laudable effort
to add urpf to fbsd.  I'll note that anyone with does want default to
validate any source address can always add 0/1 and 128/1 instead of
default to achieve the same effect.

----- Forwarded message from Henry Linneweh <hrlinneweh_at_sbcglobal.net> -----

Delivered-To: nanog_at_merit.edu
Date: Mon, 8 Mar 2004 07:09:50 -0800 (PST)
From: Henry Linneweh <hrlinneweh_at_sbcglobal.net>
Subject: Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)
To: nanog-post_at_rsuc.gweep.net, nanog_at_merit.edu

Here is some insight on this issue 

What is Unicast Reverse Path Forwarding (uRPF)? Can a default route 0.0.0.0/0 be used to perform a uRPF check? 

http://www.cisco.com/warp/public/105/44.html#Q18

-Henry

----- End forwarded message -----

-- 
Barney Wolff         http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
Received on Mon Mar 08 2004 - 07:21:20 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:46 UTC