Wasn't trying to make you mad, just looking for clarity. =) -----Original Message----- From: Mark Turpin [mailto:mark@gomez.charter.com] Sent: Thursday, May 02, 2002 11:25 AM To: nanog@merit.edu Subject: Re: Effective ways to deal with DDoS attacks? On Thu, May 02, 2002 at 10:16:55AM -0700, LeBlanc, Jason wrote something like this:
Thats how it we understood it to work (CEF lookup). It checks for a route in the table, obviously any real route would be in the CEF table. I may be wrong, but it doesn't actually send a packet to verify, the logical way to check would be by checking CEF, as anything the router knows about that is valid would be in CEF. If I'm misunderstanding, please do send more info.
I think a typo on my part has led to misunderstanding even more. However, the thread's getting hot, so I'm about ready to part ways with it. Regarding my statements, I was not inferring a packet be sent off to a host, or anything of that nature. What I'm referring to is a simple lookup [we now agree by CEF] to verify that the interface a packet was received on was actually the interface CEF would use to go back to the source of that packet. (I forgot source last time) If you can tweak rpf now to support multihoming, woohoo. And yes, depending on where you implement rpf the routing table comes into play. big woop. Earlier LeBlanc, Jason wrote something like this:
There are some limitations as to where uRPF works, SONET only on GSRs for example (thanks Cisco). I believe it will work on 65xx (SUP1A and SUP2 I think) regardless of interface type. Impact should be minimal, as it simply does a lookup in the CEF table, if the route isn't there it discards.
That's what prompted me to even reply in the first place was noticing the fact you stated rpf only worked on pos interfaces on gsrs and that it did a simple route lookup. Both of which I disagree with. I've already stated what its looking for in the fib, and its *not* whether its 'there or not'. i'm over it, so have a good day... -mark -- Why is it considered necessary to nail down the lid of a coffin?