North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: address spoofing
>>>>> "rb" == Randy Bush <[email protected]> writes: > [...] > but the uglier symptoms are packets from my own address space > deny ip 147.28.0.0 0.0.255.255 any (6 matches) One of our customers has 129.129.0.0/16, and we sure receive a lot of leaked packets with source and destination addresses in that range from our upstream. (One of these days I'll try to get those traced :-) 147.28.0.0 doesn't seem like a likely "random" prefix though. Maybe an ex-customer/employee of yours didn't clean up their configuration when they left? -- Simon. http://www.switch.ch/misc/leinen/
|