[72921] in North American Network Operators' Group
Re: problems with covad.net 192.168 address space
daemon@ATHENA.MIT.EDU (Robert Bonomi)
Mon Aug 2 19:23:36 2004
Date: Mon, 2 Aug 2004 18:23:09 -0500 (CDT)
From: Robert Bonomi <bonomi@mail.r-bonomi.com>
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
> From owner-nanog@merit.edu Mon Aug 2 17:30:06 2004
> Date: Mon, 02 Aug 2004 18:25:00 -0400
> From: Eric Kimminau <ekimminau@rainfinity.com>
> To: nanog@merit.edu
> Subject: problems with covad.net 192.168 address space
>
>
> Hola!
>
> Anyone having problems with covad.net and 192.168 public broadcasts?
Covad uses some RFC-1918 space internally, for routers, etc. Nothing
unusual there.
They are known to use the low part of the 172.16.0.0/12 space for the
PPP links betwen CPE and DSLAM, and the high part of the same space
for the 'upstream gateway'.
They use 192.168.0.0/16 for internal routing.
They do not use 'Net 10' _at_all_.
A traceroute from my home network goes from my dsl modem/router to a
172.31.x.x address; then through two 192.168.x.x addresses, And then
to the public internet.
Covad does NOT filter *any* RFC-1918 _source_address_ packets from going
_to_ their customers.
I've had some lengthy discussions with their abuse desk about this, when
my firewall has blocked/logged hostile *incoming* packets with RFC-1918
source addresses.
For "some strange reason" they can't tell, _or_track_, where those packets
are coming from.
I'm told they _do_ have RFC-1918 ingress and egress filtering for both source
and destination addresses, at their gateways to the _external_ internet. That
-that- filtering means that the stuff that shows up 'at _my_ front door' *is*
coming from another COVAD customer, and not from "somewhere _outside_ Covad's
network".