On 2/18/2014 11:20 AM, Jay Ashworth wrote:
Here's a piece which uses the MIT ANA data to assert that the job is mostly done already.
Unless I'm very much mistaken, it appears that a large percentage of the failed BCP 38 spoofing tests listed in that data are actually due to customer side NAT routers dropping packets...
which is of course egress filtering rather than ingress filtering, and thus doesn't actually apply to our questions.
Am I interpreting that correctly?
The date seems a little past "buy by" in light of the very recent observations and comments here.
http://www.senki.org/everyone-should-be-deploying-bcp-38-wait-they-are/
-- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actio Infallibility, and the ability to learn from their mistakes. (Adapted from Stephen Pinker)