How to prevent loss of intentionally spoofed packets?

January 22, 2019 338 views
Apache

I have 3 nodes setup on digital ocean, one as a load balancer+reverse proxy(Server A) & the other two as my upstream servers(Servers B).

I have gsm devices sending data over UDP to Server A. To preserve the devices’ source IP & Port am running the Nginx reverse proxy in transparent mode to Servers B.

With this configuration, I am unable to receive the packets on Servers B & on removing the configuration the packets are well received.

This has led me to conclude that the packets are b

1 Answer

Hey friend,

We do drop spoofed packets on our network. While your use case is absolutely fine and not problematic, spoofed traffic has historically been responsible for extreme abuse on the internet. We are unable to determine the difference between good and bad use cases at the network level, leading to the standard practice of simply dropping the traffic.

Jarland

Have another answer? Share your knowledge.