27 Jul
2020
27 Jul
'20
9:22 a.m.
Hi Julien, I would use packet filtering for that (i.e. iptables or alike). Regards, Kees On 27-07-2020 11:13, Julien Sansonnens wrote:
Dear list,
I only export three prefixes I own to my peers and upstreams.
In theory, nothing prevents one of my peers to choose my router as default route (without my consent), and to pass his packets through my network (only in output, therefore).
How to prevent this abuse? It doesn't depend on the BGP layer, but on the IP kernel isn't it ? Is it common to filter incoming IP packets according to their destination?
Cheers, julien