The following may be of some interest, given the recent laudable effort to add urpf to fbsd. I'll note that anyone with does want default to validate any source address can always add 0/1 and 128/1 instead of default to achieve the same effect. ----- Forwarded message from Henry Linneweh <hrlinneweh_at_sbcglobal.net> ----- Delivered-To: nanog_at_merit.edu Date: Mon, 8 Mar 2004 07:09:50 -0800 (PST) From: Henry Linneweh <hrlinneweh_at_sbcglobal.net> Subject: Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) To: nanog-post_at_rsuc.gweep.net, nanog_at_merit.edu Here is some insight on this issue What is Unicast Reverse Path Forwarding (uRPF)? Can a default route 0.0.0.0/0 be used to perform a uRPF check? http://www.cisco.com/warp/public/105/44.html#Q18 -Henry ----- End forwarded message ----- -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net.Received on Mon Mar 08 2004 - 07:21:20 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:46 UTC