North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Who does source address validation? (was Re: what's that smell?)

  • From: Sean Donelan
  • Date: Tue Oct 08 12:44:00 2002

On Tue, 8 Oct 2002, Jared Mauch wrote:
> 	install this on all your internal, upstream, downstream
> interfaces (cisco router) [cef required]:
> "ip verify unicast source reachable-via any"
> 	This will drop all packets on the interface that do not
> have a way to return them in your routing table.

Once again, which providers do this?

If provider did this, they wouldn't see any RFC1918
traffic because it would be dropped at their provider's border routers.
If provider's peer did this, again
provider wouldn't see the rfc1918 packets.

So why doesn't provider or its peers implement this
"simple" solution?  Its not a rhetorical question.  If it was so simple,
I assume they would have done it already.  PSI wrote one of the original
peering agreements that almost everyone else copied.  If it was a
concern, I imagine PSI could have included the requirement,  most of
their peers would have signed it 10 years ago.  But they didn't.

Does AT&T? Yes
Does UUNET? ?
Does Cable & Wireless? ?
Does Level 3? ?
Does Qwest? ?
Does Genuity? ?
Does Sprint? ?