Maybe we need a BGP list and check against it for tunnel endpoints?
------------------------------ John D. Hays K7VE PO Box 1223, Edmonds, WA 98020-1223 http://k7ve.org/blog http://twitter.com/#!/john_hays http://www.facebook.com/john.d.hays
On Fri, Mar 1, 2013 at 12:56 PM, Brian Kantor Brian@ucsd.edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Fri, Mar 01, 2013 at 08:52:09PM +0000, Chris Smith wrote:
I am also putting in an additional check to ensure the tunnel endpoint is outside 44/8 as well as bogon / un-routable networks.
When the BGP-routed subnets start supplying tunnels to their clients both the destination network and the tunnel origin endpoint will be in network 44 space. Validation will be a bit more complex. - Brian _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html