From owner-freebsd-ipfw@FreeBSD.ORG Tue Mar 17 17:02:08 2009 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1D921106567E for ; Tue, 17 Mar 2009 17:02:08 +0000 (UTC) (envelope-from steve@ibctech.ca) Received: from cohiba.eagle.ca (cohiba.eagle.ca [208.70.104.203]) by mx1.freebsd.org (Postfix) with ESMTP id B19338FC1A for ; Tue, 17 Mar 2009 17:02:07 +0000 (UTC) (envelope-from steve@ibctech.ca) Received: (qmail 46154 invoked by uid 89); 17 Mar 2009 16:35:26 -0000 Received: from unknown (HELO ?192.168.1.114?) (steveb@eagle.ca@208.70.104.100) by cohiba.eagle.ca with ESMTPA; 17 Mar 2009 16:35:26 -0000 Message-ID: <49BFD13F.8000608@ibctech.ca> Date: Tue, 17 Mar 2009 12:35:11 -0400 From: Steve Bertrand User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: freebsd-ipfw@freebsd.org X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: [Fwd: uRPF] X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Mar 2009 17:02:08 -0000 [ I tried this over at -net, but with no response, thought I'd try here] Hi everyone, I've implemented RTBH within our network, but I have one small issue. I've got one FreeBSD/Quagga edge router that has an interface which contains a default route out. Although this will change in the next while, at this time, it is preventing me from doing reverse path check, thereby breaking source-based black-holing. It appears to me that IPFW's verrevpath (and it's kin) do not provide the ability to perform the RPF check and allow default. Have there been any advancements in this regard? Am I missing something, or is there another approach to allowing default with reverse path? Regards, Steve _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"