North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: private RFC-1918 addresses on public routers
- From: Greg A. Woods
- Date: Fri Feb 18 09:32:44 2000
[ On Friday, February 18, 2000 at 04:11:02 (-0700), Forrest W. Christian wrote: ]
> Subject: Re: private RFC-1918 addresses on public routers
> It used to be that "be conservative in what you send, be liberal in what
> you accept" was the rule.
That's always been an extremely wrong rule to apply to this context.
That rule was supposed to have to do with protocol implementations,
things like accepting SMTP commands in upper, lower, or mixed case,
accepting message headers in any order, and other more interesting
things in lower-level protocols.
Accepting packets which claim to have come from some address that they
literally could never have legally come from is negligent, if not stupid
-- it is not "liberal". That's like believing that the guy who wants to
come in and root around your house is from your insurance company when
you can plainly see that the ID he's showing you is totally fake. In
the IP world you might not call 911 right away, but you certainly don't
let the packet into your network!
Greg A. Woods
+1 416 218-0098 VE3TCP <firstname.lastname@example.org> <robohack!woods>
Planix, Inc. <email@example.com>; Secrets of the Weird <firstname.lastname@example.org>