* Nick Guenther <[EMAIL PROTECTED]> [2007-08-23 02:59]: > > > 4) trusts externally set TOS/DSCP > > > > No one should trust external TOS or DSCP markings. Again, what Google is > > doing is an excellent argument for re-marking capability in all routers. > > Yeah, really. Maybe we are misunderstanding, but wouldn't remarking > capability be exactly the ability to say "I don't trust these > externally set TOS/DSCP bits"? Henning, could you explain to the > luddites?
you really want to reset them. you don't want your random router/switch somewhere in the core that looks at these (be it because of stupid defaults, misconfig, or you're actually using tos/dscp internally) obey these bits. so resetting them at the edge is the best thing to do. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
