[c-nsp] Peering + Transit Circuits
Scott Granados
scott at granados-llc.net
Tue Aug 25 07:58:51 EDT 2015
If you’re not enabling URPF at the peering routers and edges how do you handle things like RTBH?
> On Aug 25, 2015, at 7:56 AM, Mark Tinka <mark.tinka at seacom.mu> wrote:
>
>
>
> On 18/Aug/15 22:43, Nick Hilliard wrote:
>
>> i'd advise being careful with this approach: urpf at ixps is a nightmare.
>
> We don't generally do uRPF at exchange points, for the simple reason
> that the router is dedicated (meaning it does not carry a full table),
> and peers leaking your routes to the Internet (which breaks uRPF in this
> scenario) is a constant scenario.
>
> *sigh*
>
> Mark.
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list