rfc1918 ignorant
Ben Buxton
B.Buxton at Planettechnologies.nl
Wed Jul 23 13:11:04 UTC 2003
Uhhh...PMTU-d can break as routers will send back icmp cant-frag
packets from those link addresses and rpf, filtering, etc will
bring tcp connections to a standstill.
Don't filter rfc1918? umm good luck convincing the rest of the
net to eliminiate their filters. The basic premise of building
public networks is that you have to work around other peoples
policies. If it's corporate nets, then sure you can control it
all, but not here.
Though the PMTU-d point is arguable (what are your internal links doing
with
crummy MTU, for example).
BB
>
> Is this really an issue? So long as they're not advertising
> the space I
> see no issue with routing traffic through a 10. network as
> transit. If
> you have no reason to reach their router directly (and after
> Cisco's last
> exploit, I'd think no one would want anyone to reach their
> router directly
> :-) ), what's the harm done?
>
> RFC1918 merely states that it shouldn't be routed on the
> global internet,
> not that it can't be used for transit space.
>
>
>
> <--------------------------->
>
> Is there a site to "report" networks/isps that still leak
> rfc1918 space?
> By leaking I not only mean "don't filter", but actually _use_ in their
> network?
>
> If someone is keeping a list, feel free to add ServerBeach.com. All
> traceroutes to servers housed there, pass by 10.10.10.3.
>
> traceroute to www.serverbeach.com
> ...
> 20. 64-132-228-70.gen.twtelecom.net
> 21. 10.10.10.3
> 22. 66.139.72.12
>
> Kind Regards,
> Frank Louwers
>
> --
> Openminds bvba www.openminds.be
> Tweebruggenstraat 16 - 9000 Gent - Belgium
> --
> David Temkin
>
More information about the NANOG
mailing list