Request for comment -- BCP38
fw at deneb.enyo.de
Mon Sep 26 19:22:45 UTC 2016
* Baldur Norddahl:
> Den 26. sep. 2016 18.02 skrev "Mike Hammett" <nanog at ics-il.net>:
>> The only asymmetric routing broken is when the source isn't in public
> Internet route-able space. That just leaves those multi-ISP WAN routers
> that NAT it.
> Some of our IP transits implement filtering. All of our transits assigned
> /30 subnets on the transit ports from their own range (the alternate would
> have be to ask us to supply the /30 from our pool).
> Our provider edge router will send back ICMP packets using the interface
> address from the interface that received the original packet. It will then
> route the packet using our normal routing table.
> This means we can receive some packet on transit port A and then route out
> a ICMP response on port B using the interface address from port A. But
> transit B filters this ICMP packet because it has a source address
> belonging to transit A.
Interesting. But this looks like a feature request for the router
vendor, and not like an issue with BCP 38 filtering as such.
> From this follows that BCP38 can break things like traceroute and path MTU
> discovery in what is a very common setup.
That doesn't follow. In order to break PMTUD, you also need an MTU
drop. Is that a common configuration for routers in points in the
network where this would matter?
More information about the NANOG