paul vixie <[email protected]> wrote on 10/26/2012 10:32:57 AM: > i just don't see it. there isn't more to it than that. from the point of > view of everyone on the connected internet, it is a bad idea to let some > new person connect some new router that forwards packets, if that person > is unaware of the s.a.v. issue. if a vendor won't make s.a.v. the > default because they need the new business and they don't want the > training burden of making sure they understand the issues of s.a.v., > then they are following the 'chemical polluter business model' where the > money is made "here" and the impact is only felt "over there".
I'm not an internet routing guru, so I must not be seeing something. When my organization connects to an upstream provider, they know we have a block of addresses assigned (Actually, we have more than one). They know that we connect to their switch in rack X, switch Y, port Z. If they see a packet with a source address of 8.8.8.8 appearing on that port, what possible reason could they have for allowing it through? Obviously, that's a Google address, and possibly forged a lot. I just don't see why a packet claiming to be from an address we do not own should be coming from our net. Can anyone explain why that would happen (other than forgery)? I looked at BCP84/RFC3704, but as a non-networking person, it was brushing the bald-spot. I know this is drifting from the list topic, so thank you for the indulgence. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
