North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

aggregation & table entries

  • From: bmanning
  • Date: Wed Oct 13 14:11:18 2004

> i've never seen a dns attack that didn't have 50% or more packets coming
> from spoofed sources, though due to loose-mode uRPF, most spoofed sources
> in the last year or so have been from addresses for which a route exists.
> -- 
> Paul Vixie

	reiterating a sometimes heretical idea...

	are you refering to things like where
	only a couple hundred of those numbers have real services, e.g.
	all the services are in and the spoofed addresses
	are in space?

	or... why do people insist on injecting routes to non-existent
	things?    a route table entry is a route table entry, regardless
	of the scope.