[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
an effect of ignoring BCP38
On Sat, 06 Sep 2008 06:49:05 PDT, k claffy said:
>
> do that many networks really allow spoofing? i used
> to think so, based on hearsay, but rob beverly's
> http://spoofer.csail.mit.edu/summary.php suggests
> things are a lot better than they used to be, arbor's
> last survey echos same. are rob's numbers inconsistent
> with numbers anyone else believes to be true?
You can easily have a network configuration where 95% of the networks
do very stringent BCP38 on their customer-facing connections, but the
spoofing sources are carefully chosen to be within the 5% of places that
aren't filtering...
Plus, there's nothing that says that a network can't do BCP38 on 99.998%
of its ports, but has a punchout for the 3 or 4 ports that need it for
network monitoring/research. So a network could be reported as "non-spoofable"
to the MIT project, *and* still provide a sensor machine for the reverse
path project...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20080908/c10557cd/attachment.bin>