private ip addresses from ISP
davids at webmaster.com
Wed May 17 17:37:03 UTC 2006
> Our router is running BGP and connecting to our
> upstream provider with /30 network. Our log reveals
> that there are private IP addresses reaching our
> router's interface that is facing our upstream ISP.
> How could this be possible? Should upstream ISP be
> blocking private IP address according to standard
> configuration? Could the packet be stripped and IP be
> converted somehow during the transition? It happens in
> many Tier-1 ISP though !
> Thank you for your information
Do you mean:
1) You are seeing BGP routes for addresses inside private space?
2) You are seeing packets with destination IPs inside private space
arriving at your interface from your ISP?
3) You are seeing packets with source IPs inside private space arriving at
your interface from your ISP?
If 1, feel free to filter them. You ISP probably uses them internally and
is leaking them to you. Feel free to complain if you want.
If 2, make sure you aren't advertising routes into RFC1918 space to your
ISP. If not, you should definitely ask them what's up.
If 3, that's normal. These are packets your ISP received that are addressed
to you and the ISP is leaving to you the decision of whether to accept them
or not. Feel free to filter them out if you wish. (It won't break anything
that's not already broken.)
More information about the NANOG