[j-nsp] network engineering

Tore Anderson tore at linpro.no
Mon Feb 9 02:25:13 EST 2009


* Keegan.Holley at sungard.com

> My apologies I misunderstood your question. However, isn't ICMP into
> your connector networks a small thing?  I don't think anything
> catastrophic would happen if someone pinged your router and the return
> traffic took your primary link.  The traceroute packets would only be
> discarded if your ISP has some sort of RPF enabled, which is rare on an
> internet link.  Even if they were this would not affect traffic from
> your users or downstreams.  I guess you could do filter based forwarding
> to rectify this behavior, but it seem a little like putting out a match
> with a firehose.

You are right, it is no big deal.  Still, it seems wrong to me, and if
it was an easy way to fix it I'd do it.  It was very easy to do in Linux
back when I used Quagga for eBGP, but I realise now that on JUNOS it's
simply not worth the effort.

Thanks,
-- 
Tore Anderson
Redpill Linpro AS - http://www.redpill-linpro.com/


More information about the juniper-nsp mailing list