Sriram, Kotikalapudi (Fed) wrote:
>> right, ok - I misunderstood. So you're suggesting that the control
>> plane correlates asns to interfaces and does something like
>> creating a higher cost alternative path out each candidate source
>> interface (based on ASN, as determined in the control
Hi,
On Wed, Nov 09, 2016 at 06:59:53PM +, Sriram, Kotikalapudi (Fed) wrote:
> The data plane would perform the usual uRPF check: Does the SA in the data
> packet
> belong in a prefix in the RPF list for the interface it was received on?
This, actually, is not "the usual uRPF check".
Marco,
Also might we distinguish if you are referring to spoofed packets, which
is what uRPF is about? Non-spoofed DDoS, both in-bound and out-bound is
not something that BCP-84 addresses. That problem still exists and still
must be dealt with by other means.
Given the prelevence of reflection