On Oct 26, 2012, at 12:48 AM, paul vixie wrote: > until cisco makes source address validation the default
Unfortunately, neither Cisco nor any other network infrastructure vendor will do this absent some fundamental breakthrough in anti-spoofing mechanisms, because there are too many topological situations in which the primary existing mechanism (uRPF, ACLs) can induce overblocking. ----------------------------------------------------------------------- Roland Dobbins <[email protected]> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
