[30109] in North American Network Operators' Group
Strange things which should never happen (was Re: RFC 1918)
daemon@ATHENA.MIT.EDU (Sean Donelan)
Sat Jul 15 01:18:09 2000
Date: 14 Jul 2000 22:14:56 -0700
Message-ID: <20000715051456.22266.cpmta@c004.sfo.cp.net>
Content-Type: text/plain
Content-Disposition: inline
Mime-Version: 1.0
To: nanog@merit.edu
From: Sean Donelan <sean@donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
In article <Pine.BSF.4.21.0007141956280.95155-100000@overlord.e-gerbil.net>, "Richard A. Steenbergen" <ras@e-gerbil.net> wrote:
> I still have not seen a single compelling arguement which says you gain
> one bit more security by filtering RFC1918-source'd packets. It is useless
> at best, and disruptive at worst.
I don't know my TCP/IP stack well enough, but what happens when a host
with multiple interfaces, one of which is assigned an RFC1918 address,
receives an packet through another interface with a source address the
same RFC1918 address. Are the stacks smart enough to realize the packet
is really an external packet, or will they assume the packet came from
inside.
