[9733] in North American Network Operators' Group
Re: 10.0.0
daemon@ATHENA.MIT.EDU (Jared Mauch)
Sat May 31 03:02:54 1997
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <01IJHU3VLHM08WVYNT@ACES.COM> from Ehud Gavron at "May 30, 97 09:20:49 pm"
To: GAVRON@ACES.COM (Ehud Gavron)
Date: Sat, 31 May 1997 02:46:04 -0400 (EDT)
Cc: jdp@cyberramp.net, nanog@merit.edu, ler@cyberramp.net, GAVRON@ACES.COM
Ehud Gavron boldly claimed:
> This does not belong to NANOG. I'm only CCing so you're not
> inundated with responses.
>
> 1. A host can have multiple addresses. These do not have
> to be on the same network. It's a redundancy thing.
> Since the host in question is a nameserver, it's even
> more reasonable.
True.
> 2. Reserved addresses can be used anywhere. They are just
> not supposed to be leaked into the public internet.
Also true, but please re-examine this traceroute:
> >traceroute to ns1.sierra.net (207.135.224.247), 30 hops max, 40 byte packets
> > 9 207.49.13.50 (207.49.13.50) 114 ms 117 ms 112 ms
> >10 207.14.235.22 (207.14.235.22) 112 ms 116 ms 113 ms
> >11 10.0.0.2 (10.0.0.2) 116 ms 108 ms 114 ms
> >12 rock.sierra.net (207.135.224.247) 116 ms 112 ms 113 ms
You can have an internal mesh made up of entireley rfc1918 address
space, and not leak these routes to the rest of the world, I've only
once caught MCI leaking stuff from a test lab, which was kinda annoying,
but not really anything bad, and a polite e-mail message to them got
an immediate fix of the problem.
that next-hop is only relevant to someones local lan, but you
can't traceroute to 10.0.0.2, otherwise someone is doing something naughty.
I ran into this before I realized this could be done in this
fashion, and asked a few questions around and got an answer as to how
it worked.
If your parser is having problems with this message, please ask
me any questions, and I can clarify any questions you have.
- jared
--
jared@CIC.Net - CICNET --------- jared@Nether.Net - Nether Network
"I've got a question" "What is it?" "An interrogative expression often used
to test knowledge, but that's not important right now."
