address spoofing
alex at nac.net
alex at nac.net
Sun Apr 25 09:04:44 UTC 1999
On Sun, 25 Apr 1999, Phil Howard wrote:
>
> Greg A. Woods wrote:
>
> > my upstream provider to use RFC1918 on inter-router links, but they do
> > anyway. I'd like them to filter those addresses too, but they won't.
>
> I do agree they should be filtered out.
>
> At what point should we draw the line and say who can, and who cannot,
> use RFC1918 addresses on links? My first thought would be any link over
> which traffic from more than one AS transits, or between AS's, should
> always be fully routable. Any better ideas?
Somewhere along the lines of this thread, the point has been lost (IMHO).
If a provider uses 1918 addresses on internal links, who cares? And when
you say 'filter' them, do you mean filter them in routing announcements,
or filter any traffic to/from that ips?
If the former, than thats good, you should do that; it should be part of
your martian filters. If the latter, thats fine too, but traceroutes will
'*' on those hops.
But, once again, who cares? Conservation of IP space is good at worst.
> > won't be using precious unique IPs and feel the pressure to use RFC1918
> > numbers instead). I'm certainly no expert at this, but from the outside
> > I've seen it done quite successfully. It sure cuts down on the hop
> > count visible from traceroute too!
Using 1918 space will have no bearing on hop count or visibility of the
hop. Thats rediculous.
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Atheism is a non-prophet organization. I route, therefore I am.
Alex Rubenstein, alex at nac.net, KC2BUO, ISP/C Charter Member
Father of the Network and Head Bottle-Washer
Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
Don't choose a spineless ISP; we have more backbone! http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
More information about the NANOG
mailing list