Re: [spoofing-tf] Preparing for anti-spoofing project at $fooBig carrier
To: "Barry Greene \(bgreene\)" bgreene@localhost
From: Gert Doering gert@localhost
Date: Tue, 17 Oct 2006 13:35:30 +0200
Cc: Gert Doering gert@localhost, Martin Hannigan hannigan@localhost, spoofing-tf@localhost
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=testkey; d=space.net; b=VaG8wAWd8ruMAyjDRSuH4jaAos+kNe9D31xsBg4Ji2TPSn9ce55pNsa9UOwiWoIj ;
On Tue, Oct 17, 2006 at 03:53:29AM -0700, Barry Greene (bgreene) wrote:
> > Don't enable ingress filtering on backbone links with
> > asymmetric traffic.
> > This is something for the customer edge.
> You making "ingress filtering" = uRPF. uRPF is one of many techniques to
> do ingress filtering. It is one of many techniques to do BCP 38.
> Please do protect your network on the peering and multihoming edges. SPs
> get attacked.
Well, we do (infrastructure ACLs, anti-spoofing ACLs), but we don't use
So my wording could have been somewhat more clear.
Total number of prefixes smaller than registry allocations: 98999
SpaceNet AG Mail: netmaster@localhost
Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0
D- 80807 Muenchen Fax : +49-89-32356-234