Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: IGPs and services?

  • From: Roeland Meyer (E-mail)
  • Date: Fri May 19 13:40:14 2000

> From: Bryan C. Andregg [mailto:bandregg@redhat.com]
> Sent: Thursday, May 18, 2000 8:15 AM
>
> On Wed, May 17, 2000 at 10:14:58PM -0400, jlewis@lewis.org
mailed:
> > Running a routing protocol on a unix box doesn't mean
> you're using it as a
> > router.  Perhaps he just wants OSPF on a few servers so
> they can send
> > their packets more efficiently.  Consider a case where you
> have a few
> > access servers and unix servers on the same switch and a
> router connecting
> > that POP to your backbone.  Having a routing protocol on
> those unix boxes
> > means they can send packets directly to the appropriate
> access server (or
> > the router) rather than everything to the router, just to
> have it spit the
> > packets back out headed for an access server on that segment.
>
> Pardon my ignorance here, but wont ICMP redirects take care
> of this situation
> already?

ICMP redirects create a potential security vulnerability, for
man-in-the-middle attacks. MHSC.NET doesn't allow them. Not host,
at MHSC.NET, will respond to them (in theory <g>).






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.