The MPLS-OPS Archive

Cell Relay Retreat>MPLS-OPS Archive>month:2003-May> msg00099



[Date Prev][Date Next][Thread Prev][Thread Next]  
  [Date Index][Thread Index][Author Index][Subject Index]

RE: URPF for route-leaking / vpn-mpls

  • From: "Constantin Tivig" <Constantin.Tivig@connex.ro>
  • Date: Thu, 15 May 2003 15:48:05 +0300
  • Importance: normal
  • Resent-Date: Thu, 15 May 2003 09:53:51 -0400
  • thread-index: AcMa1F3Ac54iI+LCSbG33uyhWTOpFgACNVxA
  • Thread-Topic: [MPLS-OPS]: URPF for route-leaking / vpn-mpls
  • To: "Lars Higham" <lhigham@yahoo.com>, "MPLS-ops Mailing List" <mpls-ops@mplsrc.com>
  • X-OriginalArrivalTime: 15 May 2003 12:48:05.0894 (UTC) FILETIME=[3ADB1A60:01C31AE0]

Title: Message

Dear Lars,

 

The disclosure is attached automaticaly to the message by the Mail Server. I can not override this.

I addressed this message to the list so you can feel free to express yourself.

 

I try not to consider ip acl as an option, because it can become extremely difficult to manage it for a number of customers.

I am interested if anyone had to deal with this problem …

 

Tks,

 

Constantin Tivig

Xnet/Connex

-----Original Message-----
From: Lars Higham [mailto:lhigham@yahoo.com]
Sent: Thursday, May 15, 2003 2:22 PM
To: Constantin Tivig; 'MPLS-ops Mailing List'
Subject: RE: [MPLS-OPS]: URPF for route-leaking / vpn-mpls

 

Sorry Constantin,

 

We can't answer this because we're afraid of violating your Mobifon SA Romania Confidential and Proprietary Information notification...

-----Original Message-----
From: Constantin Tivig [mailto:Constantin.Tivig@connex.ro]
Sent: Thursday, May 15, 2003 2:31 PM
To: MPLS-ops Mailing List
Subject: [MPLS-OPS]: URPF for route-leaking / vpn-mpls

Hello,

 

How can I assure that my vpn-mpls clients cannot use rfc1918 sourced ip packets (or spoof ) in case they have also internet access configured by route-leaking ?

 

If I use URPF it will look in the vrf’s FIB (not in the global RoutingTable FIB ) so it will let pass ip packets sourced with private addresses.

 

Any nice implementation you can share w/ me ?

 

Tks,

 

 

 

Constantin Tivig

Xnet/Connex

 

-------------------------------------------------------------------------------
The content of this communication is classified as Mobifon SA Romania Confidential and Proprietary Information.The content of this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this communication then delete it from your system. We appreciate your assistance in preserving the confidentiality of our correspondence. Thank you.

Prezentul mesaj constituie o Informatie confidentiala si este proprietatea exclusiva a MobiFon S.A.. Mesajul se adreseaza numai persoanei fizice sau juridice mentionata ca destinatara, precum si altor persoane autorizate sa-l primeasca. In cazul in care nu sunteti destinatarul vizat, va aducem la cunostinta ca dezvaluirea, copierea, distribuirea sau initierea unor actiuni pe baza prezentei informatii sunt strict interzise si atrag raspunderea civila si penala. Daca ati primit acest mesaj dintr-o eroare, va rugam sa ne anuntati imediat, ca raspuns la mesajul de fata, si sa-l stergeti apoi din sistemul dvs. Apreciem si va multumim pentru sprijinul acordat in pastrarea confidentialitatii corespondentei noastre.
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
The content of this communication is classified as Mobifon SA Romania Confidential and Proprietary Information.The content of this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this communication then delete it from your system. We appreciate your assistance in preserving the confidentiality of our correspondence. Thank you.

Prezentul mesaj constituie o Informatie confidentiala si este proprietatea exclusiva a MobiFon S.A.. Mesajul se adreseaza numai persoanei fizice sau juridice mentionata ca destinatara, precum si altor persoane autorizate sa-l primeasca. In cazul in care nu sunteti destinatarul vizat, va aducem la cunostinta ca dezvaluirea, copierea, distribuirea sau initierea unor actiuni pe baza prezentei informatii sunt strict interzise si atrag raspunderea civila si penala. Daca ati primit acest mesaj dintr-o eroare, va rugam sa ne anuntati imediat, ca raspuns la mesajul de fata, si sa-l stergeti apoi din sistemul dvs. Apreciem si va multumim pentru sprijinul acordat in pastrarea confidentialitatii corespondentei noastre.
-------------------------------------------------------------------------------