North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: rfc 1918?
- From: Chris Davis
- Date: Fri Feb 23 10:08:17 2001
My incident started the thread. The packets are not even an irritant; I
was just curious as to why the rfc1918 addresses were being logged by my
ingress filter. Now I know- General Practice dictates that my filters on
my stub network are the appropriate place to filter out the private
I had always believed the private addresses to be "non routable" (ie handled
by ISPs) but that seems to be at least partially incorrect.
Thanks to everyone who discussed! Hopefully this thread shed some light for
some other people regarding the difference between the way things work in
theory and in practice.
My apologies to Mr Steenbergen who seemed very, very distressed about seeing
From: Mark Borchers [mailto:email@example.com]
Sent: Friday, February 23, 2001 9:46 AM
Subject: RE: rfc 1918?
> This is not an issue of paranoia (except for those who actually use
> PRIVATE addresses internally and have properly configured
> their gateways
> to be paranoid about even seeing such packets, let alone
> routing them).
Unless I'm mistaken, a prime reason for the evolution of RFC 1918
addresses was that it was once common practice for people to
help themselves to PUBLIC address space to use on PRIVATE
networks. As the world got more connected, these addresses
occasionally got leaked and caused address conflicts.
Using RFC 1918 addresses prevents conflicts with public/registered
space. Obviously the possibility of leakage still exists,
but with RFC 1918 the havoc potential is diminished to a mere
irritant level. Which is what the incident that started this
thread appeared to be.