Where is the edge of the Internet? Re: no ip forged-source-address

if what u mean by loose is "exist only" then yes on a bgp running router
probably the WHOLE INTERNET IS EXIST ONLY…that surely gives u enuf ips to
spoof with…?? how do u block by source???

you could only know that "frrom that link between as-1 and as-2 there will
be some traffic from a network IP of AS-1" etc...which still is a huge
network..enuf to spoof lots of IPs.....

=====> for clarification.....i mean "any *registered* netowrk of AS-1 can
uplink via this link" ...this link may not be the downlink for this network
into AS-1 but can still be an uplink.....

fine now? u can put "loose"...its NO USE!! thats what i said..there will
always be a route to the source....all u may drop is 10.x/192.168 and
172/16-31......that too if ur network isnt internally using it....

and if u end up putting "loose" an OSPF router ull drop valid traffic if ur
not redistributing bgp etc..and if u are redistributing...well again the
above argument holds true...every registered network will be there in BGP
.....

-rgds
Alok