private ip addresses from ISP
Patrick W. Gilmore
patrick at ianai.net
Tue May 23 16:23:54 UTC 2006
On May 23, 2006, at 3:33 AM, Richard A Steenbergen wrote:
>>> From RFC 1918
>> Because private addresses have no global meaning, routing
>> information
>> about private networks shall not be propagated on inter-enterprise
>> links, and packets with private source or destination addresses
>> should not be forwarded across such links. Routers in networks not
>> using private address space, especially those of Internet service
>> providers, are expected to be configured to reject (filter out)
>> routing information about private networks.
>>
>> The ISP shouldn't be "leaving" anything to the end-user, these
>> packets
>> should be dropped as a matter of course, along with any routing
>> advertisements for RFC 1918 space(From #1). ISP's who leak 1918 space
>> into my network piss me off, and get irate phone calls for their
>> trouble.
>
> The section you quoted from RFC1918 specifically addresses routes, not
> packets.
I know it was late when you wrote that, RAS, but from the
_very_first_sentence_:
>> and packets with private source or destination addresses
>> should not be forwarded across such links
> If you're receiving RFC1918 *routes* from anyone, you need to
> thwack them over the head with a cluebat a couple of times until
> the cluey
> filling oozes out. If you're receiving RFC1918 sourced packets, for
> the
> most part you really shouldn't care. There are semi-legitimate
> reasons for
> packets with those sources addresses to float around the Internet, and
> they don't hurt anything. If you really can't stand seeing an RFC1918
> sourced packet over the Internet it is more of a personality
> problem than
> a networking problem, so a good shrink is probably going to be more
> useful
> than a good firewall.
Incorrect. Not to mention Just Plain Wrong.
Please read BCP38 again. (For the first time? :)
--
TTFN,
patrick
More information about the NANOG
mailing list