Re: Block traffic not orignating from ISP autonomous system from jack daniels on 2010-06-02 (Ccielab archives 06/2010)

From: jack daniels <jckdaniels12_at_gmail.com>
Date: Wed, 2 Jun 2010 22:21:43 +0530

traffic is coming back from ISP-A , but orignating from another ISP......
traffic needs to be filtered on ISP-A, if not orignating in ISP-A....

how URPF can help in this case.

On Wed, Jun 2, 2010 at 7:25 PM, Tyson Scott <tscott_at_ipexpert.com> wrote:

> Put unicast reverse path filtering on your inside interfaces to stop user A
> from originating traffic internally from an external address.
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S, Security, and SP
> Managing Partner / Sr. Instructor - IPexpert, Inc.
> Mailto: tscott_at_ipexpert.com
> Telephone: +1.810.326.1444, ext. 208
> Live Assistance, Please visit: www.ipexpert.com/chat
> eFax: +1.810.454.0130
>
> IPexpert is a premier provider of Self-Study Workbooks, Video on Demand,
> Audio Tools, Online Hardware Rental and Classroom Training for the Cisco
> CCIE (R&S, Voice, Security & Service Provider) certification(s) with
> training locations throughout the United States, Europe, South Asia and
> Australia. Be sure to visit our online communities at
> www.ipexpert.com/communities and our public website at www.ipexpert.com
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> jack
> daniels
> Sent: Wednesday, June 02, 2010 7:18 AM
> To: Cisco certification
> Subject: Block traffic not orignating from ISP autonomous system
>
> Hi Guys,
>
> I'm facing a issue and stuck on a thought process , would appreciate if
> some
>
> way you guys can show with your experience in industry -
>
>
>
> ISSUE ----
>
>
> user X spoofs IP ADDRESS OF ISP-A and sends traffic out to internet...
> now when traffic is comming back via ISP-A... I want to block such traffic
> which is not orignating from my ISP...
> but catch here is ---- filtering is to be done in ISP ...so putiing acl for
> each users and ports is not scallable.....
> Please help with any way out ...
>
> Thanks and Regards
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 9.0.819 / Virus Database: 271.1.1/2913 - Release Date: 06/02/10
> 05:57:00

Blogs and organic groups at http://www.ccie.net
Received on Wed Jun 02 2010 - 22:21:43 ART

This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 09:11:36 ART