North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Bogon list
- From: Stephen Griffin
- Date: Fri Jun 07 15:31:44 2002
In the referenced message, Stephen J. Wilcox said:
>
> On Thu, 6 Jun 2002, Stephen Griffin wrote:
>
> >
> > In the referenced message, Sean M. Doran said:
> > > Basically, arguing that the routing system should carry around
> > > even more information is backwards. It should carry less.
> > > If IXes need numbers at all (why???) then use RFC 1918 addresses
> > > and choose one of the approaches above to deal with questions
> > > about why 1918 addresses result in "messy traceroutes."
> > >
> > > Fewer routes, less address consumption, tastes great, less filling.
> > >
> > > Sean.
> >
> > Do you:
> > 1) Not believe in PMTU-D
>
> RFC1918 does not break path-mtu, filtering it does tho..
sending RFC1918 addressed packets across enterprise boundaries is
against RFC1918. RFC1918 states to filter ingress/egress at enterprise
boundaries. Hence, filtering RFC1918 addresses is part of RFC1918.
Therefore, the use of addresses where they are likely to generate
traffic which violates RFC1918, is, well, a violation of RFC1918.
This applies regardless of the ICMP error message generated.
> > 2) Not believe in filtering RFC1918 sourced traffic at enterprise boundaries
> > (of which an exchange would be a boundary)
>
> What for? You'll find many more much more mailicious packets coming from
> legit routable address space.
Who said anything about malicious? In any event, ICMP error messages
are generally useful with a few minor exceptions. Things like Source
Quench, unreachables, TTL expired, and Can't Frag (as examples of useful
icmp.)
<snip>
> For p2p you can use unnumbered.. it wont work on exchanges but i agree
> they shouldnt be rfc1918.
I agree, however, most folks want to see the topology, some just choose
to violate RFC1918 in order to do it.
> Steve
|
