Eliot,
Agreed. It was a bad example. But my intent was not to recommend this
forwarding policy. It was only to show that an ISP might deploy a
forwarding policy that includes source validation.
Ron
Eliot Lear wrote:
> The nature of a DDOS attack involves zombies, and zombies may behave in
> very different ways, depending on the code. If I wore a black hat, my
> zombies would likely to not use spoofed source addresses, lest their
> traffic be blocked by simple source filters at the edge.
>
> Also, if this is truly about source address authentication, then what is
> the difference between this and AH?
>
> Eliot
>
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
