On 15 Nov 2010, at 10:27, Viktor Steinmann wrote: > Wouldn't that do it? > > ! > route-map bar deny 10 > match invalid
Hi, Works *only* if you had a direct adjacency with the network being spoofed. If your upstream sends you a /22, and a spoofed /24, you can drop the spoofed /24, but as soon as you send the packet upstream, it will still end up with the spoofer. Another argument in favour of being widely peered. :-) Andy _______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
