[CentOS] DNS forwarding vs recursion
John R Pierce
pierce at hogranch.com
Mon Apr 1 18:17:10 UTC 2013
On 4/1/2013 6:11 AM, Michael H. Warfield wrote:
> it's also very important to implement BCP (Best Common Practice) 38.
> BCP 38 recommends router egress filtering. That is, you only route out
> what will route back in. That prevents you (or any of your customers)
> from being a spoofing source.
of course, this breaks a bunch of types of ad-hoc multihoming, where you
have multiple ISPs, each with their own subnets, and you're trying to
load balance your outbound traffic.
--
john r pierce 37N 122W
somewhere on the middle of the left coast
More information about the CentOS
mailing list