[c-nsp] Feedback on: Security Advice for Routers and Switches
Mark Tinka
mtinka at africaonline.co.zw
Sun May 6 15:43:32 EDT 2007
On Sunday 06 May 2007 03:39, Joel M Snyder wrote:
> Any and all feedback is welcome!
Very good paper!
On point 12a (page 27), though:
* recommend the use of IP prefix lists as opposed to distribute
lists; the former are more cumbersome.
* I'm personally very wary of route-flap dampening, in the
long run, but this is one of those subjects :-).
* highly recommend uRPF, strict for single-homed customers and
loose for multi-homed situations.
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20070506/1bd61cc5/attachment.bin
More information about the cisco-nsp
mailing list