Once upon a time, Sam Stickland <[EMAIL PROTECTED]> said: > I think you misunderstand the meaning of the "ip verify unicasr source > reachable-via any" command. When a packet arrives the router will drop > it if it doesn't have a valid return path for the source. Since the > source is a bogon, and routed to Null0, then the inbound packet is dropped.
First, that is only true on Cisco routers (all the world is not a Cisco). Second, you are missing the point: you have bogon route for 10/8, but rouge route for 10.1/16 (or even 10.0/9 and 10.128/9) arrives; it is more specific and your automatic bogon filter is useless. -- Chris Adams <[EMAIL PROTECTED]> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
