Martin, Thank you for your comments. My responses marked with "[KS:]" below.
________________________________________ From: Martin Vigoureux via Datatracker <[email protected]> Sent: Wednesday, August 21, 2019 6:13 AM ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Ingress/egress Access Control Lists (ACLs) are maintained which list acceptable (or alternatively, unacceptable) prefixes for the source addresses in the incoming/outgoing Internet Protocol (IP) packets. the beginning of that sentence is a bit hard to parse, but maybe it's just for me. [KS:] The sentence now reads: Ingress/egress Access Control Lists (ACLs) are maintained to list acceptable (or alternatively, unacceptable) prefixes for the source addresses in the incoming/outgoing Internet Protocol (IP) packets. This was based on Roman's suggestion (s/which/to/). Any packet with a source address that does not match the filter is dropped. well, that really depend on the match criteria. If the list is of unacceptable addresses and you don't match on these, then you should forward the packet. [KS:] The sentence now reads: Any packet with a source address that fails the filtering criterion is dropped. Adj-RIB-Ins did you mean Adj-RIBs-In? [KS:] Yes, corrected. Figures 1 and 2 claim that EFP-uRPF works best but it has still not been described at that stage so it is a bit difficult to understand that claim. [KS:] We do refer back to those figures later again after EFP-uRPF is described. It seemed that was better than repeat the figures twice just to later add 'EFP-uRPF works best' in the second incarnation! We hope the reader will understand. Sriram _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
