On Sat, 06 Sep 2008 06:49:05 PDT, k claffy said:
do that many networks really allow spoofing? i used to think so, based on hearsay, but rob beverly's http://spoofer.csail.mit.edu/summary.php suggests things are a lot better than they used to be, arbor's last survey echos same. are rob's numbers inconsistent with numbers anyone else believes to be true?
You can easily have a network configuration where 95% of the networks do very stringent BCP38 on their customer-facing connections, but the spoofing sources are carefully chosen to be within the 5% of places that aren't filtering... Plus, there's nothing that says that a network can't do BCP38 on 99.998% of its ports, but has a punchout for the 3 or 4 ports that need it for network monitoring/research. So a network could be reported as "non-spoofable" to the MIT project, *and* still provide a sensor machine for the reverse path project...