[hrlinneweh@sbcglobal.net: Re: Source address validation (was Re:
UUNet Offer New Protection Against DDoS)]
Barney Wolff
barney at databus.com
Mon Mar 8 08:21:20 PST 2004
The following may be of some interest, given the recent laudable effort
to add urpf to fbsd. I'll note that anyone with does want default to
validate any source address can always add 0/1 and 128/1 instead of
default to achieve the same effect.
----- Forwarded message from Henry Linneweh <hrlinneweh at sbcglobal.net> -----
Delivered-To: nanog at merit.edu
Date: Mon, 8 Mar 2004 07:09:50 -0800 (PST)
From: Henry Linneweh <hrlinneweh at sbcglobal.net>
Subject: Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)
To: nanog-post at rsuc.gweep.net, nanog at merit.edu
Here is some insight on this issue
What is Unicast Reverse Path Forwarding (uRPF)? Can a default route 0.0.0.0/0 be used to perform a uRPF check?
http://www.cisco.com/warp/public/105/44.html#Q18
-Henry
----- End forwarded message -----
--
Barney Wolff http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
More information about the freebsd-current
mailing list