Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Bogon list

  • From: Richard A Steenbergen
  • Date: Thu Jun 06 21:11:07 2002

On Thu, Jun 06, 2002 at 06:34:48PM -0400, Stephen Griffin wrote:
> 
> Do you:
> 1) Not believe in PMTU-D

Yes.

> 2) Not believe in filtering RFC1918 sourced traffic at enterprise
> boundaries

Yes.

> I would love if RFC1918 were adhered to such that L3 packet-passing
> devices either weren't numbered out of those blocks, or allowed what
> juniper allows with the ability to select the ip address with which
> packets sourced by the L3 packet-passing device sent traffic (other than
> primary ip on destination interface). The latter would permit
> intra-enterprise use of RFC1918 addresses, while still conforming with
> RFC1918. Failing that, use of RFC1918 addresses in places where
> inter-provider packets get RFC1918 sources, is a violation of RFC1918.

Why? Why do you care about your inter-device link IPs other than for 
traceroute results? Please, someone tell me another reason why they're 
important. :)

There are very legitimate reasons for wanting that communication to be 
one-way, for example DoS attacks directed at the IPs which show up in 
traceroutes. But using RFC1918 IPs is not practical for large networks, 
since you can't communicate any DNS information about those IPs.

Even if there was an option to source ICMP from loopbacks (which I 
support, the OPTION is nice), I wouldn't use it. The devices along the 
path is far less important than the actual path, and you would immediately 
lose the ability to see which of multiple circuits is being taken between 
two endpoints. Loopbacks are better used for administrative access.

-- 
Richard A Steenbergen <ras@e-gerbil.net>       http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.