[4058] in North American Network Operators' Group
Re: customers and web servers and level one naps
daemon@ATHENA.MIT.EDU (Avi Freedman)
Thu Sep 5 16:11:36 1996
From: Avi Freedman <freedman@netaxs.com>
To: matthew@scruz.net (Matthew Kaufman)
Date: Thu, 5 Sep 1996 15:51:45 -0400 (EDT)
Cc: cook@netaxs.com, nanog@merit.edu
In-Reply-To: <199609051932.MAA06968@scruz.net> from "Matthew Kaufman" at Sep 5, 96 12:32:30 pm
> From: Avi Freedman <freedman@netaxs.com>
> ...
> > I'd like to know the answer to this (re: PAIX. No other exchange that I
> > know of gives IPs for use by non-routers that aren't RA machines).
> ...
>
> But that doesn't stop people from attaching hosts into the NAP infrastructure.
> I pointed this out on the mae-west list a few weeks ago. There are quite a
> few providers at mae-west who plug the NetEdge at their end into a FDDI
> ring which has multiple IP subnets on it, one of them the NAP addresses,
> and another for their local boxes. Since the NetEdge is a filtering bridge,
> it seems like it would isolate the traffic, but it DOESN'T STOP BROADCAST
> TRAFFIC. So you get lots of CDP packets, rwhod packets, RIP packets, internal
> ARP requests, and who knows what else floating around the entire exchange point.
Yes, and this *IS* a problem.
But none of those had a 198.32.136.x address...
The bigger problem (the one I was thinking about) would be someone putting
a host on 192.41.177.x or 192.157.69.x or 198.32.136.x or ...
Most providers carry the 192.41.177/24 (MAE-East) etc... routes and
"know" how to get to them, so any machine hooked up with the IP out
of the network of a major XP has the potential to get "free" full or
partial Internet connectivity.
*That*'s the big problem you have to make sure to avoid if you want
people to play with you (if you're an XP operator).
Avi
