nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Request for comment -- BCP38

From: Ken Chase <math () sizone org>
Date: Mon, 26 Sep 2016 10:47:24 -0400
This might break some of those badly-behaving "dual ISP" COTS routers out there
that use different inbound from outbound paths since each is the fastest of
either link.

I did this manually when I was messing around with multiple broadband links on
a fbsd router years ago, was glad it worked at the time.

/kc


On Mon, Sep 26, 2016 at 07:11:42AM -0700, Paul Ferguson said:
  >No -- BCP38 only prescribes filtering outbound to ensure that no packets leave your network with IP source addresses 
which are not from within your legitimate allocation.
  >
  > - ferg 
  >
  >
  >On September 26, 2016 7:05:49 AM PDT, Stephen Satchell <list () satchell net> wrote:
  >>Is this an accurate thumbnail summary of BCP38 (ignoring for the moment
  >>
  >>the issues of multi-home), or is there something I missed?
  >>
  >>>     The basic philosophy of BCP38 boils down to two axioms:
  >>>
  >>>         Don't let the "bad stuff" into your router
  >>>         Don't let the "bad stuff" leave your router
  >>>
  >>>     The original definition of "bad stuff" is limited to source-
  >>>     address grooming both inbound and outbound.  I've expanded on the
  >>>     original definition by including rule generation to control
  >>>     broadcast address abuse.
  >
  >-- 
  >Sent from my Android device with K-9 Mail. Please excuse my brevity.

-- 
Ken Chase - math () sizone org Toronto Canada
Previous By Date Next
Previous By Thread Next

Current thread: