On 26/03/2013 15:06, Alain Hebert wrote: > And why not targeting all that animosity to the peers allowing > source IP spoofing?
I do - and I gave a bunch of talks in europistan over the last 12 months which included explicit encouragement, practice and configuration for implementing BCP38 as part of real-time black hole system deployment. > DNS Servers don't attack you, people letting their customers spoof > source IP do. DNS amp packets attack me. Please stop them from leaving your network, and I will both implement BCP38 and encourage others to do so. Thank you. Nick