Bogon list
Stephen Griffin
stephen.griffin at rcn.com
Fri Jun 7 19:28:56 UTC 2002
In the referenced message, Stephen J. Wilcox said:
>
> On Thu, 6 Jun 2002, Stephen Griffin wrote:
>
> >
> > In the referenced message, Sean M. Doran said:
> > > Basically, arguing that the routing system should carry around
> > > even more information is backwards. It should carry less.
> > > If IXes need numbers at all (why???) then use RFC 1918 addresses
> > > and choose one of the approaches above to deal with questions
> > > about why 1918 addresses result in "messy traceroutes."
> > >
> > > Fewer routes, less address consumption, tastes great, less filling.
> > >
> > > Sean.
> >
> > Do you:
> > 1) Not believe in PMTU-D
>
> RFC1918 does not break path-mtu, filtering it does tho..
sending RFC1918 addressed packets across enterprise boundaries is
against RFC1918. RFC1918 states to filter ingress/egress at enterprise
boundaries. Hence, filtering RFC1918 addresses is part of RFC1918.
Therefore, the use of addresses where they are likely to generate
traffic which violates RFC1918, is, well, a violation of RFC1918.
This applies regardless of the ICMP error message generated.
> > 2) Not believe in filtering RFC1918 sourced traffic at enterprise boundaries
> > (of which an exchange would be a boundary)
>
> What for? You'll find many more much more mailicious packets coming from
> legit routable address space.
Who said anything about malicious? In any event, ICMP error messages
are generally useful with a few minor exceptions. Things like Source
Quench, unreachables, TTL expired, and Can't Frag (as examples of useful
icmp.)
<snip>
> For p2p you can use unnumbered.. it wont work on exchanges but i agree
> they shouldnt be rfc1918.
I agree, however, most folks want to see the topology, some just choose
to violate RFC1918 in order to do it.
> Steve
More information about the NANOG
mailing list