On 2013/01/31 15:29, Jon Morby wrote: > If unicast RPF were a default part of the configuration of end user CPE > we'd see a dramatic reduction in this sort of crap killing the > networks. (but yes they'd probably find some even more ingenious way to > generate crap)
In a lot of cases the end user machines behind CPE routers are NATted so they won't be spoofing the source address anyway - I would imagine the bigger source of spoofed packets would be exploited servers etc. And clearly most CPE vendors are taking a special approach to avoid being affected by this on IPv6 ;) On the CPE side I think the bigger problem is with caching DNS forwarders open to anyone (which seems like it may be a default on some CPE routers, or at least on some ISP default configurations), obviously answering the spoofed queries and bombarding the supposed source.
