Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: icmp rpf

  • From: Bill Stewart
  • Date: Wed Sep 27 19:08:31 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=pVUAt59CQQu1HCxT6eXfPcrZJoOAyrilEKy9Z6rPi5RmUiyi9xKpBnbSYPwKAW0qy+IJ7q/j8k08AGkw0QM3fFuqKXwupIPxC/SoaKUxJTGmA8VwRsh+naS9Oayw3PIlI2xTQ5ZyhSRe5DVFXkPzumoOX6fdH17koNwYPGnyNcA=

Possible approach for small.net - ok, you know that big.net will drop
any packets sourced from x.x.x.x if there's no route there (loose uRPF
for downstream ISPs like small.net, strict uRPF for end-users.)  So
give them a route.  Either give them a route on one of your direct
interfaces to them, and then get rid of the packets by ACL or by
null-routing it, or if that causes too much trouble, get yourself a
56kbps line from a spare router and advertise it from there.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.