On Wed, 2007-02-28 at 17:11 +0900, giuseppe de marco wrote: [...] > It makes sense or I am loosing something? Apart from layer 1 and layer 2 attacks (see Sven-Olas mail), one can simply announce wrong routes (via HNA, just configure it on your interface, etc.). And all routing protocols AFAIK may suffer from routers advertising illegal/wrong routes. Usually this is not a serious problem because - on border routers (with BGPv4) one blocks neighbors advertising wrong routes. - within an AS, you have *one* organization (with interest in a working network) and if they do not manage to get the routers working securily they (both the admins and their bosses) are screwed anyway. Bernd -- Firmix Software GmbH http://www.firmix.at/ mobil: +43 664 4416156 fax: +43 1 7890849-55 Embedded Linux Development and Services