On Tue, 15 Feb 2000, Alan Brown wrote: > On Sun, 13 Feb 2000, Darren Reed wrote: > > > You know if anyone was of a mind to find someone at fault over this, > > I'd start pointing the finger at ISP's who haven't been doing this > > due to "performance reasons". > > To be fair, if you do this on most terminal servers (eg, Cisco 5300, Max > 4000), they will collapse under the load. > How exactly are you configuring these things? You're not trying to do filtering on a per-dialup or per-user basis, are you? You put one outbound filter on the Ethernet or WAN interface that covers the dialup address pool. Or on the next router out. All the ISPs I've seen (and granted, it's only a few) have another router in front of the dialup router. Sure, dialup users will still be able to spoof at each-other, but I assume that's a much smaller concern. Ryan
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:29 PDT