[30211] in North American Network Operators' Group
Re: RFC 1918
daemon@ATHENA.MIT.EDU (Richard A. Steenbergen)
Tue Jul 18 19:24:51 2000
Date: Tue, 18 Jul 2000 19:22:44 -0400 (EDT)
From: "Richard A. Steenbergen" <ras@e-gerbil.net>
To: "Eric A. Hall" <ehall@ehsco.com>
Cc: nanog@merit.edu
Message-ID: <Pine.BSF.4.21.0007181920520.95155-100000@overlord.e-gerbil.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 17 Jul 2000, Eric A. Hall wrote:
> When ISPs choose to mark their packets with Internet-illegal addresses,
> they are contributing to these problems. Sorry, but you're not supposed
> to be using these addresses anyway.
This is utterly stupid. You can use these addresses any way you see fit,
you can source packets from them if you'd like, and they are as valid as
any other address to use and be "on the internet". What you CAN'T do
however, is expect that these packets can ever be replied to, or exchange
or accept any kind of information on how to route this IP space outside of
your network. Sure its probably not the best idea in the world to send out
packets you can't expect a reply to, but its not prohibited for a reason,
and its certainly not the end of the world you make it out to be.
If you really want to filter RFC1918 sourced packets at your borders for
whatever reason its your choice. Trust me I've probably seen a lot more
DoS then most people in one way or another, and filtering 1918 space is in
absolutily NO way any kind of magic bullet or even worth the processor
time (if you're gonna spend the time filtering there are much better
things out there).
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/humble
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
