Re: an effect of ignoring BCP38

[Valdis.Kletnieks () vt edu]

On Sat, 06 Sep 2008 06:49:05 PDT, k claffy said:
> do that many networks really allow spoofing?  i used
> to think so, based on hearsay, but rob beverly's
> http://spoofer.csail.mit.edu/summary.php suggests
> things are a lot better than they used to be, arbor's
> last survey echos same.  are rob's numbers inconsistent
> with numbers anyone else believes to be true?

You can easily have a network configuration where 95% of the networks
do very stringent BCP38 on their customer-facing connections, but the
spoofing sources are carefully chosen to be within the 5% of places that
aren't filtering...

Plus, there's nothing that says that a network can't do BCP38 on 99.998%
of its ports, but has a punchout for the 3 or 4 ports that need it for
network monitoring/research.  So a network could be reported as "non-spoofable"
to the MIT project, *and* still provide a sensor machine for the reverse
path project...

Attachment: _bin
Description: