[NCLUG] Egress Filtering
mike cullerton
michaelc at cullerton.com
Tue Aug 14 20:31:49 MDT 2001
on 8/14/01 8:15 PM, Eric Brunson at brunson at level3.net wrote:
>> if you already have some filtering in place, adding
>>
>> filter 10.0.0.0/8
>> filter 172.16.0.0/12
>> filter 192.168.0.9/16
>>
>> to the beginning of your filter won't add a discernable (sp?) load.
>>
>
> Umm, when the router is routing 10 OC-192's per fiber pair that does
> entail a discernable load.
ok, maybe discernable isn't a good word. but, if you are are filling 10
OC-192's, you aren't the kind of network i was referring to, and you
probably had a chance to filter that traffic before it reached that pipe.
and i still claim that if you are already applying an access list to that
interface, adding these 3 lines to the top off your list won't break your
router or be the root cause of any trouble that router might be having.
-- mike cullerton
More information about the NCLUG
mailing list