[137054] in North American Network Operators' Group
Re: Post-Exhaustion-phase "punishment" for early adopters
daemon@ATHENA.MIT.EDU (George Herbert)
Tue Feb 8 17:59:18 2011
In-Reply-To: <20110208220442.90F889D4BED@drugs.dv.isc.org>
Date: Tue, 8 Feb 2011 14:59:12 -0800
From: George Herbert <george.herbert@gmail.com>
To: Mark Andrews <marka@isc.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>,
"gb10hkzo-nanog@yahoo.co.uk" <gb10hkzo-nanog@yahoo.co.uk>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Feb 8, 2011 at 2:04 PM, Mark Andrews <marka@isc.org> wrote:
>
> I wish people would actually read RFC 1918.
>
> =A0 =A0 =A0Category 1: hosts that do not require access to hosts in other
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0enterprises or the Internet at large; =
hosts within
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0this category may use IP addresses tha=
t are
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0unambiguous within an enterprise, but =
may be
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0ambiguous between enterprises.
>
> =A0 =A0 =A0Category 2: hosts that need access to a limited set of outside
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0services (e.g., E-mail, FTP, netnews, =
remote login)
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0which can be handled by mediating gate=
ways (e.g.,
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0application layer gateways). For many =
hosts in this
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0category an unrestricted external acce=
ss (provided
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0via IP connectivity) may be unnecessar=
y and even
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0undesirable for privacy/security reaso=
ns. Just like
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0hosts within the first category, such =
hosts may use
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0IP addresses that are unambiguous with=
in an
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0enterprise, but may be ambiguous betwe=
en
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0enterprises.
>
> =A0 =A0 =A0Category 3: hosts that need network layer access outside the
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0enterprise (provided via IP connectivi=
ty); hosts in
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0the last category require IP addresses=
that are
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0globally unambiguous.
>
> RFC 1918 addresses for machines that fall in Categories 1 and 2.
You're assuming there that people followed the directions.
That is demonstrably false.
It's easy to say "Well, foo on them", but for those of us who provide
services or consulting to those who failed to follow the directions,
we still have to deal with it.
--=20
-george william herbert
george.herbert@gmail.com
