Is it just me or has there been an increase in packets with IP options set
hitting
our front door? There are ways to mitigate e.g. IP options selective
discard, and ACL
IP options support. ACL entries on the edge appear to be the best
way identify and log the source.
IP options selective discard
got pcaps?
On Thu, Nov 17, 2011 at 10:04 AM, harbor235 harbor...@gmail.com wrote:
Is it just me or has there been an increase in packets with IP options set
hitting
our front door? There are ways to mitigate e.g. IP options selective
discard, and ACL
IP options support. ACL entries
...@gmail.com wrote:
got pcaps?
On Thu, Nov 17, 2011 at 10:04 AM, harbor235 harbor...@gmail.com wrote:
Is it just me or has there been an increase in packets with IP options
set
hitting
our front door? There are ways to mitigate e.g. IP options selective
discard, and ACL
IP options support. ACL
be painful :(
Some vendor gear has 'no ip-options' as an option...(which is really,
'ignore ip options', I believe), some has the ability to filter based
on option(s).
-chris
Mike
On Thu, Nov 17, 2011 at 10:07 AM, Christopher Morrow
morrowc.li...@gmail.com wrote:
got pcaps?
On Thu, Nov 17
:-)
- Original Message
From: joel jaeggli joe...@bogus.com
To: Ron Bonica rbon...@juniper.net
Cc: nanog nanog@nanog.org
Sent: Wed, November 4, 2009 3:41:26 AM
Subject: Re: ip options
How about unused and/or private/local diffserve code points?
Ron Bonica wrote:
Folks,
I would
Tosolini wrote:
Experts,
out of the well-known values for ip options:
x...@r4# set ip-options ?
Possible completions:
range Range of values
[Open a set of values
any Any IP option
loose-source-route Loose source route
route
?
Ron
(co-director IETF OM Area)
Luca Tosolini wrote:
Experts,
out of the well-known values for ip options:
x...@r4# set ip-options ?
Possible completions:
range Range of values
[Open a set of values
Experts,
out of the well-known values for ip options:
x...@r4# set ip-options ?
Possible completions:
range Range of values
[Open a set of values
any Any IP option
loose-source-route Loose source route
route-record Route
Tosolini [mailto:bit.gos...@chello.nl]
Sent: Wednesday, October 28, 2009 3:06 PM
To: nanog
Subject: ip options
Experts,
out of the well-known values for ip options:
x...@r4# set ip-options ?
Possible completions:
range Range of values
[Open a set
On Oct 29, 2009, at 2:05 AM, Luca Tosolini wrote:
Considering the security hazard that they imply, I am therefore
thinking
to drop them.
You should certainly consider the impact on traceroute and possibly
QoS (i.e., RSVP, if it's relevant) in your environment.
Some vendors/platforms
10 matches
Mail list logo