address spoofing
Phil Howard
phil at whistler.intur.net
Sat Apr 24 02:27:34 UTC 1999
Phillip Vandry wrote:
> > > My outbound access lists block it, so you should never see 1918
> > > sources coming from me. You should see "* * *" instead, even
> > > if you don't block them coming in to your net.
> >
> > I think this sucks big-time. It wouldn't be quite so bad if traceroute
> > were the only thing that were broken by it (though I do like my
> > traceroutes to work properly too), but when all ICMP traffic from such a
> > router is hosed, and one of the links my packets are trying to hop onto
> > through such a router is down, then I'm a particularly unhappy camper
> > (if I could see the !H or !N I'd still be unhappy of course, but not
>
> ...and I'd certainly like to see my ICMP unreachables which are vital to
> path MTU discovery not blocked.
Since the road doesn't narrow, this won't be a problem on these links.
This is taken into consideration when the addresses are assigned. There
might be others doing this improperly.
--
Phil Howard KA9WGN
phil at intur.net phil at ipal.net
More information about the NANOG
mailing list