North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Loose Source Routing
On Tue, Mar 06, 2001 at 09:49:47AM -0800, David McGaugh wrote: > What are people's feelings on loose source routing? The general > sentiment around here is that it is a very evil thing. The reason I ask > is that there is a certain network out there (who will remain nameless) > who refuses to peer unless loose source routing is enabled. I can > somewhat understand their reasoning (they can reroute traffic on OUR > network as necessary) but the security implications far out way the > benefits. Not only this I'm not comfortable with an outside source > having control over routing on our network anyway. Huh? The reason to permit this is to verify peering policy. This allows people to traceroute to verify packet path. Example: I announce 172.16.0.0/16 only. I want to verify that you are not pointing default at me, so I can do a loose source traceroute to 10.0.0.0 via the peering point. Most peoples peering policies that I'm aware of only required that it be enabled at the edge (peering/nap router). - Jared -- Jared Mauch | pgp key available via finger from [email protected] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
|