[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04

To: Pekka Savola <pekkas at netcore.fi>
Subject: Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04
From: "Smith, Donald" <Donald.Smith at qwest.com>
Date: Thu, 11 Jun 2009 15:07:29 -0600
Accept-language: en-US
Acceptlanguage: en-US
Cc: "'opsec at ietf.org'" <opsec at ietf.org>
Delivered-to: opsec at core3.amsl.com
In-reply-to: <alpine.LRH.2.00.0906100853050.12367 at netcore.fi>
List-archive: <http://www.ietf.org/mail-archive/web/opsec>
List-help: <mailto:opsec-request@ietf.org?subject=help>
List-id: opsec wg mailing list <opsec.ietf.org>
List-post: <mailto:opsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
References: <4A2DE63B.5070300 at bogus.com> <B01905DA0C7CDC478F42870679DF0F1005731DEFDC at qtdenexmbm24.AD.QINTRA.COM> <4A2EA70B.5020405 at bogus.com> <B01905DA0C7CDC478F42870679DF0F1005739584BA at qtdenexmbm24.AD.QINTRA.COM>, <alpine.LRH.2.00.0906100853050.12367 at netcore.fi>
Thread-index: AcnpkB1mExHJZ7hmSUuJN8FeK+MuYgBR/QaWAAAj9BY=
Thread-topic: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04

Based on this conversation I withdraw my objection.
Several members expressed interest in doing a urpf feature recommendations type rfc aimed at making it easier for ISPs to implement urpf including things like feasible paths.

(coffee != sleep) & (!coffee == sleep)
 Donald.Smith at qwest.com gcia
________________________________
From: Pekka Savola [pekkas at netcore.fi]
Sent: Tuesday, June 09, 2009 11:55 PM
To: Smith, Donald
Cc: 'Joel Jaeggli'; 'opsec at ietf.org'
Subject: Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04

On Tue, 9 Jun 2009, Smith, Donald wrote:
> Feasible path is nice and there are a couple of other urpf
> recommendations I could make to make it easier for other ISPs to
> start using strict mode urpf.
>
> Let me gather together recommendations and try to write them into a rfc.

Seconded.

You may already know this but RFC3704 talks a bit about feasible paths
on a generic level, and draft-savola-bcp84-urpf-experiences-03
describes experiences with multihomed uRPF using feasible paths. We're
using it everywhere but some manual fiddling is required in our case
(described in the draft above).

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

References:
- [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04
  - From: Joel Jaeggli
- Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04
  - From: Smith, Donald
- Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04
  - From: Joel Jaeggli
- Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04
  - From: Smith, Donald
- Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04
  - From: Pekka Savola

Prev by Date: Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04
Next by Date: [OPSEC] Document Shepherd / Announcement Write-Up for draft-ietf-opsec-blackhole-urpf
Previous by thread: Re: [OPSEC] FYI draft-ietf-opsec-blackhole-urpf-04
Index(es):
- Date
- Thread