icmp rpf
Patrick W. Gilmore
patrick at ianai.net
Mon Sep 25 01:40:46 UTC 2006
[Can we all have a moment of silence for a useful, interesting, and
on-topic post?]
On Sep 24, 2006, at 5:59 PM, Mark Kent wrote:
> A smaller North American network provider, with a modest North
> American backbone, numbers their internal routers on public IP space
> that they do not announce to the world.
>
> One of the largest North American network providers filters/drops
> ICMP messages so that they only pass those with a source IP
> address that appears in their routing table.
>
> As a result, traceroutes from big.net into small.net have numerous
> hops that time out.
>
> Traceroutes from elsewhere that go into small.net but return on
> big.net also have numerous hops that time out.
>
> We do all still think that traceroute is important, don't we?
>
> If so, which of these two nets is unreasonable in their actions/
> policies?
Who said either was?
First: Your network, your rules. Don't expect others to play by your
rules.
But more importantly, there is nothing that says two perfectly
reasonable, rational "rules" cannot create a problem when
intersecting in interesting ways.
But if forced, I'd say Small.Net gets my vote for needing
correction. I see less "wrongness" in a networking running what is
essentially loose RPF than a network who expects supposedly bogon-
sourced packets to be forwarded. (One could argue that non-announced
space is bogus.)
Just remember, I would only say that if pushed. Normally I would say
neither is wrong.
> Please note that we're not talking about RFC1918 space, or reserved IP
> space of any kind. Also, think about the scenario where some failure
> happens leaving big.net with an incomplete routing table, thus
> breaking
> traceroute when it is perhaps most needed.
In such an instance, I would suggest Big.Net will have far, far
larger problems than whether pings get returned from prefixes it
can't reach anyway.
--
TTFN,
patrick
More information about the NANOG
mailing list