Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: rfc 1918?

  • From: Greg A. Woods
  • Date: Thu Feb 22 19:53:01 2001

[ On Thursday, February 22, 2001 at 19:12:14 (-0500), Mark Radabaugh wrote: ]
> Subject: RE: rfc 1918?
>
>  I can see that packets destined for RFC1918 addresses will leave our network
> (due to default routes) but are promptly dropped at the first BGP speaking
> router they encounter.  Is it worth the extra router processing time to check
> all outgoing packet destinations as well?  I can't see where this extra
> filtering is worth the trouble.

I suppose that depends on just how far away the first BGP speaking
router is from your network border(s), and how properly configured it
is.

In practical terms I suppose it also depends on just exactly what
filtering technology you've deployed, and just exactly how close it is
to being overloaded.  If you are already pushing your router's CPU too
hard (and if your filters are done by your router's CPU rather than an
ASIC) then obviously reducing your filter load will be in your own best
interests and not filtering destination addresses against RFC-1918 will
be one relatively benign way of reducing the filter load.  However if
your router's CPU is only partially utilised now (even if you push your
pipe to capacity), then adding such destination filters won't hurt
anyone.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.