On Tue, 8 Oct 2002, Jason Lixfeld wrote:
Sure, but to RPF so many customer facing edge ports in comparison to the far fewer number of egress ports makes the implementation procedure quite extensive. The more configuration, the more room for errors or "oops, forgot to configure that there", not to mention change management.
For most RASen and routers its a single configuration statement, and far less complex than most all other RASen and router configurations. In many cases RPF is enabled by default (and imho should be enabled by default by many more vendors). Your job as a good netizen is not to allow shit to be injected at your edges into the backbones. As untraceable and RFC1918 packets increase, expect the community to become less and less tolerant of bad netizens. -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]