On Tue, Aug 18, 2015 at 4:43 PM, Nick Hilliard <n...@foobar.org> wrote: > On 18/08/2015 20:22, Tim Durack wrote: >> This has always been my understanding - thanks for confirming. I'm weighing >> cost-benefit, and looking to see if there are any other smart ideas. As >> usual, it looks like simplest is best. > > i'd advise being careful with this approach: urpf at ixps is a nightmare.
Hi Nick, This technique described isn't URPF, it's simple destination routing. The routes I offer you via BGP are the only routes in my table, hence the only routes I'm capable of routing. If you send me a packet for a _destination_ I didn't offer to you, I can't route it. URPF is the opposite of that. I'll only accept packets from you with a _source_ address which is included in the routes you sent to me. Regards, Bill Herrin -- William Herrin ................ her...@dirtside.com b...@herrin.us Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
