ccr_1016_config
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
ccr_1016_config [2015/03/27 18:05] – [Use USB serial port to connect to other devices (switch)] admin | ccr_1016_config [2015/04/08 14:31] – [Use USB serial port to connect to other devices (switch)] admin | ||
---|---|---|---|
Line 74: | Line 74: | ||
* Configure the port:< | * Configure the port:< | ||
* Connect to the device (Ctrl-a to quit):< | * Connect to the device (Ctrl-a to quit):< | ||
- | * If connection does not happen, | + | * If connection does not happen, |
</ | </ | ||
+ | ====Source validation==== | ||
+ | Current recommended practice in RFC3704 is to enable strict mode to prevent IP spoofing from DDos attacks. If using asymmetric routing or other complicated routing, then loose mode is recommended. | ||
+ | |||
+ | strict - Strict mode as defined in RFC3704 Strict Reverse Path. Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded. | ||
+ | * set rp_filter to strict:< |
ccr_1016_config.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1