private ip addresses from ISP

Richard A Steenbergen ras at
Tue May 23 07:33:34 UTC 2006

On Mon, May 22, 2006 at 04:30:37PM -0400, Andrew Kirch wrote:
> > 	3) You are seeing packets with source IPs inside private space
> > arriving at
> > your interface from your ISP?
> Sorry to dig this up from last week but I have to strongly disagree with
> point #3.  
> >From RFC 1918
>    Because private addresses have no global meaning, routing information
>    about private networks shall not be propagated on inter-enterprise
>    links, and packets with private source or destination addresses
>    should not be forwarded across such links. Routers in networks not
>    using private address space, especially those of Internet service
>    providers, are expected to be configured to reject (filter out)
>    routing information about private networks.
> The ISP shouldn't be "leaving" anything to the end-user, these packets
> should be dropped as a matter of course, along with any routing
> advertisements for RFC 1918 space(From #1). ISP's who leak 1918 space
> into my network piss me off, and get irate phone calls for their
> trouble.

The section you quoted from RFC1918 specifically addresses routes, not 
packets. If you're receiving RFC1918 *routes* from anyone, you need to 
thwack them over the head with a cluebat a couple of times until the cluey 
filling oozes out. If you're receiving RFC1918 sourced packets, for the 
most part you really shouldn't care. There are semi-legitimate reasons for 
packets with those sources addresses to float around the Internet, and 
they don't hurt anything. If you really can't stand seeing an RFC1918 
sourced packet over the Internet it is more of a personality problem than 
a networking problem, so a good shrink is probably going to be more useful 
than a good firewall.

Richard A Steenbergen <ras at>
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)

More information about the NANOG mailing list