Jon Lewis writes...
Why is it that the NSPs I've encountered refuse to do any sort of sanity filtering on their customer connections? i.e. If UUNet knows that FDT has only 205.229.48/20 and 208.215.0/20, why should they let me send traffic through their network with random source addresses?
I'm assuming that they don't want to overload their router with all that extra filtering, especially on the interface inbounds. OTOH, I've always believed that all routers should be required to apply routing decisions first to the source address and determine if the interface it arrived on is at least a valid return path (not necessarily best) and if not, drop the packet. Then do the destination work. Again, too much work for the routers to do. But then, I wonder how much work they are doing routing source forged packets and other denial of service traffic. -- Phil Howard KA9WGN +-------------------------------------------------------+ Linux Consultant | Linux installation, configuration, administration, | Milepost Services | monitoring, maintenance, and diagnostic services. | phil at milepost.com +-------------------------------------------------------+