Kai Schlichting writes:
I recall that SprintLink had some, uhm, plans to put ingress (and egress?) filters on all interfaces facing dedicated customers that were not multi-homed. This came after realization that education of the end-user was a fruitless and herculian task: Network smarts are virtually non-existent in IT departments, and even loads of smaller ISPs everywhere. Whatever became of this project ?
At what traffic level (across the entire box) do Cisco 7{0;2;5}00 routers with RSP{2;4} cards fall over and die because of CPU load?
This becomes rather difficult to do properly when a large percentage of an ISPs customer base are multihomed. The unicast RPF check knob does not handle this situation so you are left generating access lists which has different scaling issues to contend with. Still doable but more difficult. -Hank