Thus spake <bdragon@gweep.net>
<snip>
our packets. While I'm certainly in favor of anything edge providers can do to eliminate denial of service attacks based on source-routing, I certainly don't want anything further. <snip>
denial of service based upon source routing? I hadn't heard of any denial of service attacks of that sort.
Disabling source-routing is like filtering icmp, sure you might block a few abuses, but more often than not, you are throwing out legitimate traffic.
I can't come up with any legitimate reason to use source-routed packets today. If your routers even support them, they probably consume orders of magnitude more processing power than normal packets; that is enough reason to disable source-routing, not to mention the security implications. S