[33148] in North American Network Operators' Group
Re: RFC1918 addresses to permit in for VPN?
daemon@ATHENA.MIT.EDU (Stephen Stuart)
Sun Dec 31 17:16:31 2000
Message-Id: <200012312203.eBVM3MV01967@hi.tech.org>
To: John Fraizer <nanog@EnterZone.Net>
Cc: "Derek J. Balling" <dredd@megacity.org>, nanog@merit.edu
In-reply-to: Your message of "Sun, 31 Dec 2000 16:51:43 EST."
<Pine.LNX.4.21.0012311647400.26306-100000@Overkill.EnterZone.Net>
Date: Sun, 31 Dec 2000 14:03:22 -0800
From: Stephen Stuart <stuart@mfnx.net>
Errors-To: owner-nanog-outgoing@merit.edu
> Blocking source-routed packets at the borders will stop this in short
> order, except for those of you who peer with people who require "loose
> source routing". (Randy, I believe it was Verio that required this, am I
> mistaken?)
Source-routing has more value to me as a debugging measure than
RFC1918 addressing has as a security measure. Perhaps a customer
network can derive some security from blocking source-routed packets,
though.
Stephen
