On Thu, 26 Oct 2006, Fergie wrote:
The point I'm trying to make is that if the community thinks it is valuable, then the path is clear.
What is the biggest problem to solve? Would it be enough for ISPs to make sure that they will not send out packets which didn't belong within their PA blocks, or is it that one user shouldn't be able to spoof at all (even IPs adjacant to their own)? Would the global problem go away if global spoofing stopped working? I of course realise that it's best if user cannot spoof at all, but it might be easier for ISPs to filter based on their PA blocks than to (in some cases) purchase new equipment to replace their current equipment that cannot do IP spoof filtering. -- Mikael Abrahamsson email: swmike@swm.pp.se