|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: What were we saying about edge filtering?
On Mon, 8 Sep 2003 [email protected] wrote: > > keep in mind its not destination addresses that are the problem here, BUT > > if it was, on an experiment (not a very smart one) we routed 0/1 to a lab > > system inside 701 once in 2001 (as I recall, so before > > nimda/code-red/blaster) and recieved +600kpps of garbage traffic as a > > result. Trying to acl/analyze/deal-with that flow was almost impossible... > > I'm not sure what you want to do with it today when our 'sinkhole' network > > is consistently handling +20kpps (5x previous) MORE of random garbage > > than 3 weeks ago, before blaster/nachi started to cause more pain :( > > Just think, if you used loose uRPF, you wouldn't need to carry that traffic > to your sinkhole network, even you win. Don't confuse the source and destination. This traffic is packets with an unused DESTINATION address. loose uRPF has *NO* effect on the destination address. Which is greater in a typical backbone? Traffic with a bogon source, or traffic with a bogon destination entering the backbone?
|