[100807] in North American Network Operators' Group
Re: General question on rfc1918
daemon@ATHENA.MIT.EDU (Joe Abley)
Tue Nov 13 10:11:31 2007
Cc: "nanog@merit.edu" <nanog@merit.edu>
From: Joe Abley <jabley@ca.afilias.info>
To: Drew Weaver <drew.weaver@thenap.com>
In-Reply-To: <B7152C470C9BF3448ED33F16A75D81C14D0FDF0265@exchanga.thenap.com>
Date: Tue, 13 Nov 2007 10:10:26 -0500
Errors-To: owner-nanog@merit.edu
On 13-Nov-2007, at 10:08, Drew Weaver wrote:
> Hi there, I just had a real quick question. I hope this is
> found to be on topic.
>
> Is it to be expected to see rfc1918 src'd packets coming from
> transit carriers?
You should not send packets with RFC1918 source or destination
addresses to the Internet. Everybody should follow this advice. If
everybody did follow that advice, you wouldn't see the packets you are
seeing.
The cynical answer, however, based on observation of real-life
networks, is "yes" because people are naturally messy creatures.
> We have filters in place on our edge (obviously) but should we be
> seeing traffic from 192.168.0.0 and 10.0.0.0 et cetera hitting our
> transit interfaces?
>
> I guess I'm not sure why large carrier networks wouldn't simply
> filter this in their core?
I can think of lots of things that large carrier networks (as well as
smaller, non-carrier networks!) do that seem on the face of it to defy
explanation, of which this is just one example :-)
Joe
