nanog mailing list archives
Re: What were we saying about edge filtering?
From: Jack Bates <jbates () brightok net>
Date: Sat, 06 Sep 2003 13:18:22 -0500
Christopher L. Morrow wrote:
keep in mind its not destination addresses that are the problem here, BUT
True, but there is RPF checks based on routing. anything routed to NULL0 is generally treated by such filters as an invalid route and will discard the packet of any source address from such a route.
Setting up BGP peers internally and applying route policies to null route the routes received from the bogon peers would allow for easily invalidating the routes and dropping packets which supposably originate from them.
I know this is easily done with vendor C. I suspect that the other vendors have implemented something very similar (heard J was easier than C).
-Jack
Current thread:
- Re: What were we saying about edge filtering?, (continued)
- Re: What were we saying about edge filtering? Sean Donelan (Sep 04)
- Re: What were we saying about edge filtering? Adam Debus (Sep 04)
- RE: What were we saying about edge filtering? Terry Baranski (Sep 06)
- Re: What were we saying about edge filtering? Petri Helenius (Sep 07)
- Re: What were we saying about edge filtering? Petri Helenius (Sep 04)
- Re: What were we saying about edge filtering? Jack Bates (Sep 04)
- Re: What were we saying about edge filtering? bdragon (Sep 08)
- Re: What were we saying about edge filtering? Owen DeLong (Sep 04)
- Re: What were we saying about edge filtering? Iljitsch van Beijnum (Sep 05)
- Re: What were we saying about edge filtering? Jack Bates (Sep 06)
- Re: What were we saying about edge filtering? Sean Donelan (Sep 06)
- Re: What were we saying about edge filtering? bdragon (Sep 08)
- Re: What were we saying about edge filtering? Sean Donelan (Sep 08)
- Re: What were we saying about edge filtering? bdragon (Sep 12)