|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Customer-facing ACLs
We also use ingress bogon ACLs at our borders. -- Tim Sanderson, network administrator [email protected] -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Justin Shore Sent: Friday, March 07, 2008 3:20 PM To: [email protected] Cc: NANOG Subject: Re: Customer-facing ACLs [email protected] wrote: > On Fri, 07 Mar 2008 13:55:05 CST, Justin Shore said: > >> I'm assuming everyone uses uRPF at all their edges already so that >> eliminates the need for specific ACEs with ingress/egress network >> verification checks. > > You're new here, aren't you? :) Hopefully optimistic. Don't bum me out going into a weekend... :-) From the looks of my ingress BOGON ACLs on my borders (yes, I'm using ACLs and not null routes for a reason) I'd most people not reading NANOG (and maybe even some of them!) are not doing any ingress filtering on their customer source IPs. Sad.... Justin
|