[30085] in North American Network Operators' Group
Re: RFC 1918
daemon@ATHENA.MIT.EDU (Michael Shields)
Fri Jul 14 18:50:40 2000
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: gary miller <gem@rellim.com>, Bennett Todd <bet@rahul.net>,
nanog@merit.edu
From: Michael Shields <shields@msrl.com>
Date: 14 Jul 2000 22:32:56 +0000
In-Reply-To: "Steven M. Bellovin"'s message of "Fri, 14 Jul 2000 15:47:22 -0400"
Message-ID: <87ya34jqav.fsf@challah.msrl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Errors-To: owner-nanog-outgoing@merit.edu
In article <20000714194722.AD3EA35DC2@smb.research.att.com>,
"Steven M. Bellovin" <smb@research.att.com> wrote:
> No -- 1918 addresses would only break PMTU if folks did ingress or
> egress filtering for 1918 addresses.
It is easy to argue that using interface 1918 addresses and PMTUD are
incompatible with connecting to the Internet, for PMTUD requires
sending an ICMP message with the source address of the interface,
and using 1918 space on the Internet is not allowed.
RFC 1918 section 3:
"In order to use private address space, an enterprise needs to
determine which hosts do not need to have network layer
connectivity outside the enterprise in the foreseeable future and
thus could be classified as private. Such hosts will use the
private address space defined above. [...] However, they cannot
have IP connectivity to any host outside of the enterprise."
"Indirect references to such addresses should be contained within
the enterprise. Prominent examples of such references are DNS
Resource Records and other information referring to internal
private addresses. In particular, Internet service providers
should take measures to prevent such leakage."
--
Shields.
