Paul, Only one question. If the src address is changed by some filter either ingress or egress how is the node located on either network.
thanks /jim > -----Original Message----- > From: Fergie [mailto:[EMAIL PROTECTED] > Sent: Monday, November 13, 2006 1:29 PM > To: [email protected] > Subject: [Int-area] RFC2827-bis comments solicitation > > First, sorry for any duplicates, but we wanted to reach all > interested parties. > > After several discussions with many different folks last week > at IETF 67 in San Diego, as well as various people over the > course of the past few months, Dan Senie and I have decided > to undertake an effort to "update" RFC2827/BCP38 [1]. > > I know that I'm not the only person who has heard various > discussions in the past couple of years that concluded that > (paraphrased), "BCP38 needs to be updated." > > Now is your chance to speak up. :-) > > We would very much like to solicit comments & suggestions > from the community-at-large on areas where you feel BCP38 is > lacking, or in areas where you feel it does not properly > address with regards to prohibiting source-spoofed traffic > from any given administrative network boundary, given that > some technical aspects of the Internet may have changed since > it's publication. > > While we acknowledge that a uniform application of a source > address verification architecture/ingress filtering scheme > will not mitigate _all_ "unwanted traffic" [2] in the > Internet, it will most certainly address the issue of hosts > which attempt to source-spoof traffic into the Internet. > > I have not set up a mailing list for this yet, but if there > is enough discussion/input, I will make an effort to do so > (or perhaps the SAVA mailing list [3] might be a good place > for discussion). In the interim, you can contact me or Dan directly: > > Paul Ferguson: fergdawg(at)netzero.net > Dan Senie: dts(at)senie.com > > > Thanks, > > fergie & dan > > > p.s. Also, for anyone who might be interesting in related > work, there is an effort to bring some additional work into > the IETF called SAVA, or Source Address Validation Architecture [4]. > > > [1] http://www.rfc-editor.org/rfc/rfc2827.txt > [2] http://www.iab.org/about/workshops/unwantedtraffic/index.html > [3] http://www.nrc.tsinghua.edu.cn/mailman/listinfo/sava > [4] > http://www.nrc.tsinghua.edu.cn/pipermail/sava/2006-September/0 00004.html > > > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawg(at)netzero.net ferg's tech blog: > http://fergdawg.blogspot.com/ > > > _______________________________________________ > Int-area mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/int-area > _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
