On Wed, 21 Sep 2005, Randy Bush wrote:
Btw. Juniper's Feasible Path uRPF (mentioned in RFC3704) is your friend, even on multihomed/asymmetric links. So, say I'm a large consumer broadband ISP, and I made the decision some years ago to use net-10 as my infrastructure space? How does 'feasible path' help block 10.x.x.x sources exactly?
as ye sow, so shall ye reap
when you shoot yourself in the foot, just because you are so neurally broken that the signal takes years to register in your brain, it does not mean that your foot does not have a hole in it.
somewhat agreed :) At the time I'd think that the providers in question (lots of other normal network people made the same 'decision' I might add) didn't think it'd be a good idea to get a /8 allocation from *RIR for internal infrastructure that they never planned on being reachable from the outside world. anyway, I just don't want folks to get the wrong impression about either uRPF or 'feasible path'. They are tools, they have implications when used, if you don't understand them you will be making holes in someone's feets :(