[23771] in North American Network Operators' Group
Re: address spoofing
daemon@ATHENA.MIT.EDU (Daniel Senie)
Thu Apr 22 20:20:43 1999
Date: Thu, 22 Apr 1999 20:18:30 -0400
From: Daniel Senie <dts@senie.com>
To: Randy Bush <randy@psg.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
Randy Bush wrote:
> when we tried it on routers in different parts of the network, it seemed
> to show similar patterns.
>
> anyone have clues other than net slime and misconfigured nats?
I actually have never seen a NAT box do this (but would like to hear
about such cases). The NAT implementations I've worked with have been
extremely good about avoiding leaks.
The likely cause is routers in people's infrastructure using private
address space for point to point links and as ways to avoid using up
public address space.
Oh, and you might check out a draft by Bill Manning which lists
additional address blocks which should be filtered,
draft-manning-dsua-00.txt. A URL to a copy is:
http://www.amaranthnetworks.com/ietf/drafts/draft-manning-dsua-00.txt
Dan
--
-----------------------------------------------------------------
Daniel Senie dts@senie.com
Amaranth Networks Inc. http://www.amaranthnetworks.com
