Packets from net 10 (no, not the lyrics)
Mohamad Eljazzar
eljazzar at ns.utk.edu
Tue Sep 23 15:29:17 UTC 1997
What about providers that use portions of the private address space on
their network (up to and including the client's serial interface)?
Mohamad
On Tue, 23 Sep 1997 bmanning at ISI.EDU wrote:
> > Should I be filtering all reserved space at my border, or would
> > it be reasonable for me to expect the big guys not to take packets
> > with clearly inappropriate source addresses?
>
> Yes you should. (and with kudos to Andrew)
>
> ! Loopback
> access-list 100 deny ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
> ! RFC 1918 private blocks
> access-list 100 deny ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
> access-list 100 deny ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
> access-list 100 deny ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255
> ! Test Network
> access-list 100 deny ip 192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255
> ! Tiny networks.
> access-list 100 deny ip any 255.255.255.128 0.0.0.127
> access-list 100 permit ip any any
>
>
> > Or is my view on the situation incomplete?
>
> I think so.
>
>
>
> --
> --bill
>
More information about the NANOG
mailing list