[92550] in North American Network Operators' Group
Re: icmp rpf
daemon@ATHENA.MIT.EDU (Chris Adams)
Mon Sep 25 13:40:25 2006
Date: Mon, 25 Sep 2006 12:36:08 -0500
From: Chris Adams <cmadams@hiwaay.net>
To: nanog@merit.edu
Mail-Followup-To: Chris Adams <cmadams@hiwaay.net>, nanog@merit.edu
In-Reply-To: <20060925170900.0D60A28467@noc.mainstreet.net>
Errors-To: owner-nanog@merit.edu
Once upon a time, Mark Kent <mark@noc.mainstreet.net> said:
> I think this is an important point to make because of my interaction
> with small.net. When I pointed out the timeouts they said that it was
> because they don't announce the router IP addresses, which is true but
> not the whole story. I mentioned that some providers in the past
> numbered on rfc1918 space and traceroute still worked, so that alone
> was not enough.
Not announcing their router interface IP space is not any type of
security. Anyone directly connected to them (customer or peer) could if
they wish statically route that IP space, and any such security would be
gone. Unless it is otherwise filtered, any customer with a default
route can reach their routers.
--
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
