[dns-operations] Configurable TC=1?

Robert Edmonds edmonds at mycre.ws
Thu Dec 24 01:26:01 UTC 2015

Mark Andrews wrote:
> Encouraging all DSL and Cable forum members to have *all* equipment
> they produce support BCP 38 filtering at line rate is a good way
> to start.  This may already be being done.  This gets rid of the
> "it costs more to buy BCP 38 filtering capable equipment" excuse.
> If is doesn't support "BCP 38 filtering" it doesn't get the stamp
> of approval.

Done, at least for cable.


    Data-Over-Cable Service Interface Specifications
    DOCSIS 3.0

    Security Specification


    9.6 Source Address Verification

    [...] The CMTS MUST be capable of being configured to enable and
    disable SAV. By default, the CMTS MUST enable SAV. [...]

Anyway, what makes you so sure spoofing in DSL and cable access networks
is a real problem, compared to say spoofed traffic from compromised
"dedicated servers" sitting in data centers?

Robert Edmonds

More information about the dns-operations mailing list