icmp rpf

virendra rode // virendra.rode at gmail.com
Sun Sep 24 23:25:50 UTC 2006

Hash: SHA1

Mark Kent wrote:
> A smaller North American network provider, with a modest North
> American backbone, numbers their internal routers on public IP space
> that they do not announce to the world.
> One of the largest North American network providers filters/drops
> ICMP messages so that they only pass those with a source IP
> address that appears in their routing table.
> As a result, traceroutes from big.net into small.net have numerous
> hops that time out.
> Traceroutes from elsewhere that go into small.net but return on
> big.net also have numerous hops that time out.
> We do all still think that traceroute is important, don't we?
> If so, which of these two nets is unreasonable in their actions/policies?
> Please note that we're not talking about RFC1918 space, or reserved IP
> space of any kind.   Also, think about the scenario where some failure
> happens leaving big.net with an incomplete routing table, thus breaking
> traceroute when it is perhaps most needed.
> Thanks,
> -mark
- --------------------------
This is yet another reason one shouldn't rely on pings & traceroutes to
perform reachability analysis.

Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the NANOG mailing list