On 5-Mar-2007, at 05:53, Stephane Bortzmeyer wrote:
It's not excessive to repeat that, although recommended
configurations described in this document could alleviate the
problem, the only solution to source address spoofing problems is
the wide-scale deployment of Ingress Filtering to prevent use of
spoofed IP addresses [BCP38], [BCP84].
Not only it *is* excessive (four mentions in a small I-D) but it is
not true since there is no notice in the I-D that BCP-38 does not
prevent intra-provider spoofing.
If it doesn't, then the problem is the definition of a provider's
border, not in BCP 38.
Joe
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
