[59871] in North American Network Operators' Group
Re: rfc1918 ignorant
daemon@ATHENA.MIT.EDU (Kevin Oberman)
Wed Jul 23 13:08:52 2003
To: Dave Temkin <dave@ordinaryworld.com>
Cc: nanog@merit.edu
In-Reply-To: Message from Dave Temkin <dave@ordinaryworld.com>
of "Wed, 23 Jul 2003 08:59:18 EDT." <Pine.LNX.4.50.0307230857210.27647-100000@ordinaryworld.com>
Date: Wed, 23 Jul 2003 10:07:27 -0700
From: "Kevin Oberman" <oberman@es.net>
Errors-To: owner-nanog-outgoing@merit.edu
> Date: Wed, 23 Jul 2003 08:59:18 -0400 (EDT)
> From: Dave Temkin <dave@ordinaryworld.com>
> Sender: owner-nanog@merit.edu
>
>
> Is this really an issue? So long as they're not advertising the space I
> see no issue with routing traffic through a 10. network as transit. If
> you have no reason to reach their router directly (and after Cisco's last
> exploit, I'd think no one would want anyone to reach their router directly
> :-) ), what's the harm done?
>
> RFC1918 merely states that it shouldn't be routed on the global internet,
> not that it can't be used for transit space.
That's not what is in my copy of 1918.
"In order to use private address space, an enterprise needs to
determine which hosts do not need to have network layer connectivity
outside the enterprise in the foreseeable future and thus could be
classified as private. Such hosts will use the private address space
defined above. Private hosts can communicate with all other hosts
inside the enterprise, both public and private. However, they cannot
have IP connectivity to any host outside of the enterprise. While not
having external (outside of the enterprise) IP connectivity private
hosts can still have access to external services via mediating
gateways (e.g., application layer gateways)."
As I read this, packets with a source address in 19298 space should
NEVER appear outside the enterprise. Comcast and many others seem to
blithely ignore this for convenience sake. (It's not like they need a
huge amount of space to give private addresses to these links.)
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman@es.net Phone: +1 510 486-8634
