ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Non terminated traffic...

2003-12-10 17:08:11
from [bill] [Permanent Link] 
So is your problem 
1) That you are seeing packets outside of your address range (x.y.z/24)
in which case the upstream router incorrectly routed a packet over your
link
Or
2) That you have x.y.z/24 assigned to you, AND you are only using 10 of
those address, and you are seeing packets for the other 245 addresses 

If it is 1) correct routing will eventually solve the problem.  If it is
2) that would be a very hard problem to solve, having to hook up various
servers to figure out WHAT addresses have endpoints attached to them.
What do you want to happen when one of your machines reboots - so for 3
minutes isn't an endpoint.  What do you expect to happen when a new
endpoint is brought up, hopefully with DHCP (the DHCP server can the the
"Endpoint survey Server" that a new host is configured), but without it
- it would be difficult (I guess the end point will eventually SEND a
packet that will hit the gateway and therefor it can be configured - but
there is a first packet problem)

Bill
-----Original Message-----
From: owner-ietf(_at_)ietf(_dot_)org [mailto:owner-ietf(_at_)ietf(_dot_)org] On 
Behalf Of
Franck Martin
Sent: Wednesday, December 10, 2003 2:33 PM
To: ietf(_at_)ietf(_dot_)org
Subject: Non terminated traffic...


Another finding...

A solution?

I see that I receive a lot of non-terminated traffic. Meaning a packet
for an IP that does not exists (about 10% inbound)

Apart from setting up ingress(?) filtering to ensure that these packets
gets dropped before they go further, I need to communicate with my
upstream provider to ensure that he/she drops these packets too before
they go on my link. Is there a way to automatise that, so a soft can
talk to my upstream provider network system and automatically inform him
on which IPs are terminated? Routing protocol aggregates IPs, so I'm not
sure it may select only valid IP and not a range where some IPs are
valid...

Is something like that exists or a new RFC is needed?

Cheers

----
Franck Martin
franck(_at_)sopac(_dot_)org
SOPAC, Fiji
GPG Key fingerprint = 44A4 8AE4 392A 3B92 FDF9  D9C6 BE79 9E60 81D9 1320
"Toute connaissance est une reponse a une question" G.Bachelard
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: just a brief note about anycast, Franck Martin
Next by Date:  Re: Non terminated traffic..., Joe Abley
Previous by Thread:  Non terminated traffic..., Franck Martin
Next by Thread:  RE: Non terminated traffic..., Franck Martin
Indexes:  [Date] [Thread] [Top] [All Lists]