10.0.0

• Previous message (by thread): 10.0.0
• Next message (by thread): 10.0.0
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 01:10 AM 5/31/97 -0700, Danny McPherson wrote:
>
>> 	You can have an internal mesh made up of entireley rfc1918 address
>> space, and not leak these routes to the rest of the world, I've only
>> once caught MCI leaking stuff from a test lab, which was kinda annoying,
>> but not really anything bad, and a polite e-mail message to them got
>> an immediate fix of the problem.
>> 
>
>i'd think most providers filter rfc1918 addresses both inbound and
outbound at 
>naps (mci does, i believe), although maybe not to customers...

This is unfortunately not the case. I was bombarded by someone with a
172.16.x.x address for several days, at a rate of a significant fraction of
my T1. When I asked, folks said they don't filter the traffic at their
attachment points because the routers they have there couldn't handle doing
any filtering due to limitations in the router architecture, softare or both.

ISPs should at the very least do ingress filtering from customers, but
really should also filter RFC 1918 addresses and ideally not-yet-assigned
addresses from all links. Of course they may have to buy routers which are
capable of performing such work.

>
>using reserved address space internally (as long is it remains internal), 
>seems like a good idea to me - isn't that why it was reserved?

Exactly. Their use is an excellent idea.

Daniel Senie                           mailto:dts at openroute.com
Sr. Staff Engineer                     http://www.openroute.com/
OpenROUTE Networks, Inc.               (a wholly owned subsidiary of
Proteon, Inc.)

• Previous message (by thread): 10.0.0
• Next message (by thread): 10.0.0
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]