North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Another question on rfc1918

  • From: Randy Bush
  • Date: Fri Nov 23 18:55:57 2007

aloha michael,

i realize that good practice many not be general practice, but ...

lsr is encouraged at routers bordering with bgp peers for debugging
purposes, i.e. so that A may learn B's routing towards C without
calling/writing/bothering B's engineers.

but lsr really should be blocked at hosts, e.g.

    # grep lsr /etc/ipfw.rules
    add deny log all from any to any ipoptions ssrr,lsrr,rr

i am not aware of a similar common use case for ssr.