rfc1918 ignorant
Dave Temkin
dave at ordinaryworld.com
Wed Jul 23 18:06:09 UTC 2003
Unless of course I block ICMP for the purposes of denying traceroute but
still allow DF/etc. Then it's not "broken" as you say.
--
David Temkin
On Wed, 23 Jul 2003, Kevin Oberman wrote:
> > Date: Wed, 23 Jul 2003 13:50:05 -0400 (EDT)
> > From: Dave Temkin <dave at ordinaryworld.com>
> > Sender: owner-nanog at merit.edu
> >
> >
> > Needs is a tough call. Plenty of networks block ICMP at the border and
> > could very well be using 1918 addressing in between and you'd have no
> > idea.
>
> And the network is broken.
>
> People persist in blocking ICMP and then complain when things don't
> work right. Even if you explain why blocking ICMP is breaking
> something, they say "ICMP is evil and we have to block it". OK. they
> are broken and when things don't work, they need to tell their
> customers that they are choosing to run a network that does not work
> correctly. (Not that I expect anyone to do this.)
>
> I don't see anything "tough" about this call.
>
More information about the NANOG
mailing list