On 24/03/10 09:10, Dobbins, Roland wrote:
On Mar 24, 2010, at 3:46 PM, Phil Mayers wrote:
...which brings us back to having to fill a gigantic ACL with
hundreds, potentially thousands of router interface IPs from
potentially arbitrary subnets.
Um, no.
It means having a rational, easily-summarizable IP addressing plan
for your loopbacks and p2p interfaces, so that only a few entries are
required to keep unwanted packets off them. That's all.
Ok sure. That's easy.
What about the hundreds of non-p2p/loopbacks?
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
