nanog mailing list archives
Re: address spoofing
From: Daniel Senie <dts () senie com>
Date: Fri, 23 Apr 1999 19:24:25 -0400
John Leong wrote:
Furthermore, whether the RFC [1918] says so or not, I'm going to blockthese packets at *my* border routers, because:Curious as to the cost (added latency) in doing RFC 1918 source address filtering on all packets in the context of cost-benfit analysis.
The cost is dependent on the quality of the filtering implementation of your routers. It's quite possible to implement source address filtering as a part of ASIC-assisted routing, resulting in wire-speed filtering. Whether any given vendor has or has not implemented their equipment to allow wire speed filtering is something you might want to ask salesmen. As it's something which network providers should be doing, its a capability that should be demanded of the hardware vendors. -- ----------------------------------------------------------------- Daniel Senie dts () senie com Amaranth Networks Inc. http://www.amaranthnetworks.com
Current thread:
- Re: address spoofing, (continued)
- Re: address spoofing Jeremy Porter (Apr 22)
- Re: address spoofing John Leong (Apr 23)
- Re: address spoofing John Leong (Apr 23)
- Re: address spoofing Simon Leinen (Apr 27)
- Re: address spoofing Daniel Senie (Apr 22)
- Re: address spoofing Forrest W. Christian (Apr 23)
- Re: address spoofing Andrew Brown (Apr 23)
- Re: address spoofing Forrest W. Christian (Apr 23)
- Re: address spoofing sthaug (Apr 23)
- Re: address spoofing John Leong (Apr 23)
- Re: address spoofing Daniel Senie (Apr 23)
- Re: address spoofing bmanning (Apr 23)
- Re: address spoofing Andrew Brown (Apr 23)
- Re: address spoofing Randy Bush (Apr 23)
- Re: address spoofing Dan Hollis (Apr 23)
- Re: address spoofing sthaug (Apr 23)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Phil Howard (Apr 22)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Phillip Vandry (Apr 23)