On Jun 16, 12:26am, John Hawkinson wrote:
[ Dave Crocker:]
> > Since that is an entirely unsafe assumption, RFC1597 is inclined to
> > lull us into taking a 'filter only this small set' approach rather
> > than 'pass only this small set'. I.e., the backbone routers should
> > allow through only those IP numbers that are known to be safe,
> > rather than filter only those known to be unsafe.
> But that's what they DO already!
Not all vendors do this, and those that do it are probably in the minority.
Some filter routing info; I've yet to hear of a vendor that filtered incoming
packets. The latter is definitely a cause for concern.