nanog mailing list archives
Re: BCP38 tester?
From: Jimmy Hess <mysidia () gmail com>
Date: Tue, 2 Apr 2013 03:33:37 -0500
On 4/1/13, Jay Ashworth <jra () baylink com> wrote:
It would just be way too much luck and convenience for that to happen by coincidence.Once in a while, you win.
The trouble with winning by coincidence or winning as a side-effect... Do you keep winning? What happens with IPv6 CPE devices, when there is no NAT? No translation occurs, so possibly rogue source IP packets get through, unless the device specifically applies uRPF or clamping source addresses to the LAN interface subnet. It would be nice if the RFCs specified Ingress filtering by default in router requirements for IPv4 and IPv6, as a MUST requirement; instead of some 2nd class citizen, optional best practices document. By specifying ingress as the default, it then becomes an implementor responsibility to understand when and where in their network they have to override the default for things to work properly, when it is safe to, and where the filtering is required. -- -JH
Current thread:
- Re: BCP38 tester? Dobbins, Roland (Apr 01)
- <Possible follow-ups>
- Re: BCP38 tester? Karl Auer (Apr 01)
- Re: BCP38 tester? Dobbins, Roland (Apr 01)
- Re: BCP38 tester? Jimmy Hess (Apr 01)
- Re: BCP38 tester? Jay Ashworth (Apr 01)
- Re: BCP38 tester? Matt Palmer (Apr 01)
- Re: BCP38 tester? Jimmy Hess (Apr 02)
- Re: BCP38 tester? Jay Ashworth (Apr 02)
- Re: BCP38 tester? Alain Hebert (Apr 01)
- Re: BCP38 tester? Valdis . Kletnieks (Apr 01)
- Re: BCP38 tester? Alain Hebert (Apr 01)
- Message not available
- Re: BCP38 tester? Peter Baldridge (Apr 01)
- Re: BCP38 tester? Alain Hebert (Apr 01)