Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SYN spoofing

  • From: Forrest W. Christian
  • Date: Wed Jul 28 21:41:31 1999

On Wed, 28 Jul 1999, Daniel Senie wrote:

> Cisco implemened a feature called "Unicast RPF" That disallows
> forwarding of packets on an interface where a reverse path is not
> present. The command to activate it is:
> 
> 	ip verify unicast reverse-path

This only works if you have CEF turned on.   And...  Turning CEF on in a
4500 series router w/64mb ram & 2 BGP views just plain isn't good.

Now, if we could get CEF to only cache non BGP routes....

- Forrest W. Christian (forrestc@imach.com) KD7EHZ
----------------------------------------------------------------------
iMach, Ltd., P.O. Box 5749, Helena, MT 59604      http://www.imach.com
Solutions for your high-tech problems.                  (406)-442-6648
----------------------------------------------------------------------







Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.