private ip addresses from ISP
Richard A Steenbergen
ras at e-gerbil.net
Tue May 23 07:33:34 UTC 2006
On Mon, May 22, 2006 at 04:30:37PM -0400, Andrew Kirch wrote:
>
> > 3) You are seeing packets with source IPs inside private space
> > arriving at
> > your interface from your ISP?
...
> Sorry to dig this up from last week but I have to strongly disagree with
> point #3.
> >From RFC 1918
> Because private addresses have no global meaning, routing information
> about private networks shall not be propagated on inter-enterprise
> links, and packets with private source or destination addresses
> should not be forwarded across such links. Routers in networks not
> using private address space, especially those of Internet service
> providers, are expected to be configured to reject (filter out)
> routing information about private networks.
>
> The ISP shouldn't be "leaving" anything to the end-user, these packets
> should be dropped as a matter of course, along with any routing
> advertisements for RFC 1918 space(From #1). ISP's who leak 1918 space
> into my network piss me off, and get irate phone calls for their
> trouble.
The section you quoted from RFC1918 specifically addresses routes, not
packets. If you're receiving RFC1918 *routes* from anyone, you need to
thwack them over the head with a cluebat a couple of times until the cluey
filling oozes out. If you're receiving RFC1918 sourced packets, for the
most part you really shouldn't care. There are semi-legitimate reasons for
packets with those sources addresses to float around the Internet, and
they don't hurt anything. If you really can't stand seeing an RFC1918
sourced packet over the Internet it is more of a personality problem than
a networking problem, so a good shrink is probably going to be more useful
than a good firewall.
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the NANOG
mailing list