General question on rfc1918

Joe Greco jgreco at ns.sol.net
Tue Nov 13 15:20:47 UTC 2007


>         Hi there, I just had a real quick question. I hope this is found to be on topic.
> 
> Is it to be expected to see rfc1918 src'd packets coming from transit carriers?
> 
> We have filters in place on our edge (obviously) but should we be seeing traffic from 192.168.0.0 and 10.0.0.0 et cetera hitting our transit interfaces?
> 
> I guess I'm not sure why large carrier networks wouldn't simply filter this in their core?

[pick-a-random-BCP38-snipe ...]

It's a feature: You can tell which of your providers does BCP38 this way.

Heh.

It's the networking equivalent of all the bad sorts of DOS/Windows 
programming.  You know, the rule that says "once it can run successfully,
it must be correct."  Never mind checking for exceptional conditions,
buffer overruns, etc.

It's the same class of problem where corporate IT departments, listening
to some idiot, filter all ICMP, and are convinced this is okay because 
they can reach ${one-web-site-of-your-choice}, and refuse to contemplate
that they might have broken something.

Once your network is routing packets and you aren't hearing complaints
about being unable to reach a destination, it's got to be configured
correctly ... right?

Consider it life on the Internet.  Do their job for them.

Around here, we've been doing BCP38 since before there was a BCP38.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.



More information about the NANOG mailing list