Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

what is source-routing?

could someone explain to me what source routing is? a cisco security whitepaper suggested i shut that off on my interfaces. i'm curious to why. also they mentioned no ip directed-broadcast. thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: what is source-routing?

Source routing (specified in RFC 791 I believe) is where you specify the route that packets take though the network. There are options in the IP header (Option 3?) that can be set to specify the routers that a packet should pass through on the way to its destination. There are 2 modes of source-routing, loose and strict. Loose specifies that the packet should pass though the listed hops, strict specifies the exact path on a hop-by-hop basis. This means that someone can force their traffic to take a specific path through your network, possisbly bypassing various security stuff. There are very few "legitimate" uses for source routing, the main one being ensuring that people at exchange points are sticking to their agreements.....

IP Directed broadcast lets you ping the broadcast address on an interface. This us used in many amplifier attacks (See Smurf for an example). If you have a large, flat network and you have ip directed broadcast on, someone could spoof a ping to the broadcast address on your network. All of the machines on that network would replay to the (spoofed) source, possibly causing a DoS.

-Warren.

* Source routing in the token ring world is something similar but different...

2 REPLIES
New Member

Re: what is source-routing?

Hi,

Default routing setting is dynamic. There is no fixed path from source to destination. If you want to provide a specific path from src to dest you can use source routing. (loose or strict)

Jjuergen

Bronze

Re: what is source-routing?

Source routing (specified in RFC 791 I believe) is where you specify the route that packets take though the network. There are options in the IP header (Option 3?) that can be set to specify the routers that a packet should pass through on the way to its destination. There are 2 modes of source-routing, loose and strict. Loose specifies that the packet should pass though the listed hops, strict specifies the exact path on a hop-by-hop basis. This means that someone can force their traffic to take a specific path through your network, possisbly bypassing various security stuff. There are very few "legitimate" uses for source routing, the main one being ensuring that people at exchange points are sticking to their agreements.....

IP Directed broadcast lets you ping the broadcast address on an interface. This us used in many amplifier attacks (See Smurf for an example). If you have a large, flat network and you have ip directed broadcast on, someone could spoof a ping to the broadcast address on your network. All of the machines on that network would replay to the (spoofed) source, possibly causing a DoS.

-Warren.

* Source routing in the token ring world is something similar but different...

467
Views
5
Helpful
2
Replies
CreatePlease to create content