[128786] in North American Network Operators' Group
Re: BCP38 exceptions for RFC1918 space
daemon@ATHENA.MIT.EDU (Joe Greco)
Mon Aug 16 07:50:14 2010
From: Joe Greco <jgreco@ns.sol.net>
To: Valdis.Kletnieks@vt.edu
Date: Mon, 16 Aug 2010 06:50:00 -0500 (CDT)
In-Reply-To: <131102.1281956555@localhost>
Cc: nanog@merit.edu
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> > What does "originating" mean? Creating the packets? Or forwarding
> > them?
>
> Either way, there's no excuse.
>
> First off, remember that BCP38 and 1918 don't apply on your set of
> interconnected private networks, no matter how big a net it is. You want to
> filter between two of your private nets, go ahead. You don't want to, that's
> OK to. The fun starts when those packets leave your network(s) and hit the
> public Internet.
>
> Now that we have that squared away...
>
> Either that intermediate router originated the ICMP 'frag needed' packet, in
> which case somebody needs to be smacked for originating a 1918-addressed packet
> on the public internet, or it's forwarding the packet. And if it's forwarding
> the packet, then somebody *else* needs to be smacked for injecting that packet
> into the public internet.
>
> What *possible* use case would require a 1918-sourced packet to be traversing
> the public internet? We're all waiting with bated breath to hear this one. ;)
It's great for showing in traceroutes who the heel is.
Do I win a prize?
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
