We have a few providers in HK who deliver our public /24's via a /30 RFC 1918 Address.
I'm not 100 percent sure how it breaks the path discovery, I would love to test this too, as we have a few of these setups in place. It is very annoying for other reasons, i.e remotely managing the router on the outside interface, when the BGP prefix we own is preferred inbound on the other router in the HSRP pair. Why not deliver a /31 and not break the hearts of us poor customers :) -----Original Message----- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Satish Patel Sent: Tuesday, June 21, 2016 9:08 AM To: Mike Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Private IP in point to point link on internet You have a point, what if I increase MTP size to 9000 on that point to point interface? -- Sent from my iPhone > On Jun 21, 2016, at 1:10 AM, Mike <mike-cisconspl...@tiedyenetworks.com> > wrote: > >> On 06/20/2016 07:52 PM, Satish Patel wrote: >> This is weird question but i thought let me get opinion from you guys. >> We have following scenario >> >> [ISP]------<Public-IP>-----[Router]-------<Private-IP>-------[L3 >> Switch]------------[Hosts] >> >> >> In above diagram we get /24 subnet from ISP for hosts, Now i want to >> configure routed network between [Router] and [L3 switch] so can i >> use Private IP address (rfc1981) like 192.168.100.1/30 instead of >> Public IP address, to save public IP address in point to point link. >> what would be the disadvantage i will get doing that? > > > Well, if I understand your question, you want to put private IP's on the > point-to-points to save ip addresses. The only primary side-effect you will > have is for path mtu discovery - if the router or l3 switch needs to fragment > a packet for example (or send back any other icmp messages like host > unreachable or the like), it's likely to use the interface address 'facing' > the destination which would be your private IP's. These are dropped by many > firewalls and such, which effectively breaks path mtu discovery and such. > Depending on your equipment, you could assign 1 public IP to a loopback > interface on the router and to the l3 switch, which usually will cause that > device to use that address as the source for any icmp messages it generates.I > am not %100 certain of the fine details (would love someone to point out an > authoratitive doc that explains this for cisco), but I have used this method > for exactly this reason and it does seem to work. > > Mike- > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
