[40627] in North American Network Operators' Group
Re: NOC servers with public/private ip address
daemon@ATHENA.MIT.EDU (Greg Maxwell)
Wed Aug 15 11:40:00 2001
Date: Wed, 15 Aug 2001 11:38:45 -0400 (EDT)
From: Greg Maxwell <gmaxwell@martin.fl.us>
To: Wojtek Zlobicki <wojtekz@idirect.com>
Cc: <nanog@merit.edu>
In-Reply-To: <010201c1250c$084ffe60$020a0a0a@wojtek>
Message-ID: <Pine.GSO.4.33.0108151137150.1316-100000@da1server.martin.fl.us>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 14 Aug 2001, Wojtek Zlobicki wrote:
> That isn't quite correct. Internet routers should never "advertise" private
> IP blocks to the global Intenet, I've never heard of anyone stating that
> they should not have them in their routing table. I've worked in a few NOCs
> in my short life and the NOC has always been on an isolated private subnet.
> Acess to critical hardware was only allowed from behind that subnet.
>
> Private addressing adds an extra layer of security as well as saving
> valuable IP space.
Security?! Come on. That's a lame reason.
It's that kind of mindset that leads to your customers being able to
manage your routers, simply because you had them secured by only being
manageable from a private space.
