[c-nsp] ISP - unwanted traffic
Dobbins, Roland
rdobbins at arbor.net
Fri Jun 4 05:04:16 EDT 2010
On Jun 3, 2010, at 1:04 AM, jack daniels wrote:
> user X spoofs IP ADDRESS OF ISP-A and sends traffic out to internet... now when traffic is comming back via ISP-A..
You should be doing antispoofing at your customer access edge via uRPF and/or ACLs.
uRPF scales very well. Automation can make ACLs less painful.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
More information about the cisco-nsp
mailing list