[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Source address selection insufficient?

To: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
Subject: Re: Source address selection insufficient?
From: Pekka Savola <pekkas@netcore.fi>
Date: Wed, 3 Mar 2004 13:47:03 +0200 (EET)
Cc: Erik Nordmark <Erik.Nordmark@sun.com>, <multi6@ops.ietf.org>
In-reply-to: <200403031135.i23BZmSj061352@givry.rennes.enst-bretagne.fr>

On Wed, 3 Mar 2004, Francis Dupont wrote:
>  In your previous mail you wrote:
> 
>    Policy-based routing works, has been widely implemented (multiple for
>    v6 as well), and works quite well.
> 
> => I disagree a little because Cisco policy-based routing and Juniper
> filter-based forwarding share the same problem: they are based on ACLs
> and lack of dynamic capabilities. In fact they are only useful in the
> ingress filtering context.

What kind of dynamic capabilities would you looking for?  Reaction to 
the routing table?

But this is out of scope, so maybe you should follow up off-list.

The point is that you can match against the source prefix, which is 
what is required here.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Follow-Ups:
- Re: Source address selection insufficient?
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

References:
- Re: Source address selection insufficient?
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

Prev by Date: Re: Source address selection insufficient?
Next by Date: Re: Source address selection insufficient?
Previous by thread: Re: Source address selection insufficient?
Next by thread: Re: Source address selection insufficient?
Index(es):
- Date
- Thread