You are here: Home > Participate > Join a Discussion > Mailman Archives

RE: [spoofing-tf] Preparing for anti-spoofing project at $fooBig carrier

  • To: "Gert Doering" gert@localhost, "Martin Hannigan" hannigan@localhost
  • From: "Barry Greene \(bgreene\)" bgreene@localhost
  • Date: Tue, 17 Oct 2006 03:53:29 -0700
  • Authentication-results:; header.From=bgreene@localhost dkim=pass ( sig from verified; );
  • Dkim-signature: a=rsa-sha1; q=dns; l=384; t=1161082410; x=1161946410; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;; i=bgreene@localhost z=From:=22Barry=20Greene=20\(bgreene\)=22=20bgreene@localhost |Subject:RE=3A=20[spoofing-tf]=20Preparing=20for=20anti-spoofing=20project=20at=2 0$fooBig=20carrier;; b=W6xzT2XLRbGA3A7jzVy6jD8VRbRKc88/ALBcw0tEWcy+ny1gVL9SVrsaXbsJbuqrSlPL17uR WG6pZ55l2gF7zMiLYEv1KqBIqC1jWZtmDUmFJr03k3q1qCrYFuHYHwaz;


> Don't enable ingress filtering on backbone links with 
> asymmetric traffic.
> This is something for the customer edge.

You making "ingress filtering" = uRPF. uRPF is one of many techniques to
do ingress filtering. It is one of many techniques to do BCP 38. 

Please do protect your network on the peering and multihoming edges. SPs
get attacked.