nanog mailing list archives
Re: BCP38 making it work, solving problems
From: Mark Andrews <Mark_Andrews () isc org>
Date: Wed, 20 Oct 2004 10:12:11 +1000 (EST)
dropped over it's 25 day uptime: RPF Failures: Packets: 34889152, Bytes: 12838806927 RPF Failures: Packets: 4200, Bytes: 449923 RPF Failures: Packets: 3066337401, Bytes: 122772518288 RPF Failures: Packets: 30954487, Bytes: 3272647457 RPF Failures: Packets: 4707582841, Bytes: 227001949225 RPF Failures: Packets: 11291931, Bytes: 643099278 RPF Failures: Packets: 291592413, Bytes: 20642951232 RPF Failures: Packets: 380355, Bytes: 22616137 RPF Failures: Packets: 607543, Bytes: 31687907 RPF Failures: Packets: 0, Bytes: 0 RPF Failures: Packets: 91, Bytes: 6978 RPF Failures: Packets: 0, Bytes: 0 RPF Failures: Packets: 0, Bytes: 0 RPF Failures: Packets: 2, Bytes: 80 RPF Failures: Packets: 13904, Bytes: 1093686 this means the junk isn't reaching root servers, peers, or our customers. mitigating the need to carry this traffic when it is of (virtually) no use.
And those you do see it indicates a misconfigured / compromised system. A compromised system that is sending spoofed traffic can also launch attacks using regular traffic. Think of this as a early warning system. The same with those ISP's that block outbound port 25. Think of it as a early warning system. The customer is misconfigured or compromised. You need to find out which. [This is not to say that I agree with the practice of blocking port 25] Apply the same logic to anything else you filter outbound.
Current thread:
- Re: BCP38 making it work, solving problems, (continued)
- Re: BCP38 making it work, solving problems Randy Bush (Oct 19)
- Re: BCP38 making it work, solving problems JP Velders (Oct 19)
- Re: BCP38 making it work, solving problems David G. Andersen (Oct 19)
- Re: BCP38 making it work, solving problems JP Velders (Oct 19)
- Re: BCP38 making it work, solving problems Patrick W Gilmore (Oct 19)
- Re: BCP38 making it work, solving problems Jon Lewis (Oct 20)
- Re: BCP38 making it work, solving problems Joe Abley (Oct 21)
- Re: BCP38 making it work, solving problems Paul Vixie (Oct 19)
- Re: BCP38 making it work, solving problems JP Velders (Oct 19)
- Re: BCP38 making it work, solving problems Jared Mauch (Oct 19)
- Re: BCP38 making it work, solving problems Mark Andrews (Oct 19)
- Re: BCP38 making it work, solving problems Paul Vixie (Oct 12)
- Re: BCP38 making it work, solving problems Suresh Ramasubramanian (Oct 12)
- Re: BCP38 making it work, solving problems Bora Akyol (Oct 12)
- Re: BCP38 making it work, solving problems Patrick W Gilmore (Oct 12)
- Re: BCP38 making it work, solving problems Christopher L. Morrow (Oct 12)
- Re: BCP38 making it work, solving problems Hank Nussbacher (Oct 13)
- Re: BCP38 making it work, solving problems Randy Bush (Oct 13)
- Re: BCP38 making it work, solving problems Hank Nussbacher (Oct 13)
- Re: BCP38 making it work, solving problems Randy Bush (Oct 13)
- Re: BCP38 making it work, solving problems Suresh Ramasubramanian (Oct 13)