Hi all, Given the thread over the last couple of days asking how TCL is implementing RPF and transparent caching I thought a semi-official reponse might be useful. We have RPF (the ERXs call it SA Validate) enabled on DSL connections, and the filters applied to the cable modems implement the same functionality there. RPF is not enabled on non-residential services, nor it is configured within the core of the network. Regarding transparent caching, all international traffic passes through the caching infrastructure, although only certain IP ranges are matched for redirection to the caches. There's nothing in there which takes into consideration whether you have a mixed international/domestic link (sorry Philip :). Wholesale customers are very much in the "do not redirect" category, as most are multi-homed and the probability of encountering problems due to asymmetric routing are high. Residentially allocated IP Hi all, The caches themselves spoof the source IP of the client when making an outbound connection to the greater internet, because we've found that although there are occasionally issues caused by asymmetry the problems of cache IPs being blacklisted or DoSd are much fewer. Probably the most commonly observed scenario is where more specific routes are advertised by someone to their upstream (and thus internationally) than domestically (either directly to TCL or via Telecom or whatever) - a number of the routers on the TCL network carry a full routing table, and will prefer the more specific route out via the international path, thus feeding packets to the caches. The return path's then via the path one would normally expect, with the ensuing breakage of port 80 traffic. While this obviously isn't ideal, we do our best to work with the other ISPs to resolve this as fast as possible. --David Robb Network Design Engineer TelstraClear