Maybe we need a BGP list and check against it for tunnel endpoints?
------------------------------
John D. Hays
K7VE
PO Box 1223, Edmonds, WA 98020-1223
<http://k7ve.org/blog> <http://twitter.com/#!/john_hays>
<http://www.facebook.com/john.d.hays>
On Fri, Mar 1, 2013 at 12:56 PM, Brian Kantor <Brian(a)ucsd.edu> wrote:
(Please trim inclusions from previous messages)
_______________________________________________
On Fri, Mar 01, 2013 at 08:52:09PM +0000, Chris Smith wrote:
I am also putting in an additional check to
ensure the tunnel
endpoint is outside 44/8 as well as bogon / un-routable networks.
When the BGP-routed subnets start supplying tunnels to their clients
both the destination network and the tunnel origin endpoint will be in
network 44 space. Validation will be a bit more complex.
- Brian
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
http://www.ampr.org/donate.html