---Reply to mail from David Gillett about read-rfc1918-for-details.iana.net
> On 22 Apr 99, at 11:08, Bret wrote:
>
>> RFC1918 Addresses are not routable back to the small business, so
>
> So packets with these as originating IPs have no business being passed on
> across the Internet. Especially when these anonymous goodies could be
> carrying nasty payloads.
>
Technically yes, however in theory that doesnt work right.. People config
routers with the primary interface being a RFC1918 addr.. If I do a
traceroute to see if something is broke, then I may find that it goes to
provider A and then hits a RFC1918 addr, then breaks.. Well that lets me
know that it at least got to that router and gives me a little more info
to try to get a problem resolved (quicker)..
Net admins/firewall admins should filter all outbound traffic that isnt
from one of their assigned network numbers.. This makes it harder for
people to accidentally or intentionally spew out garbage (but wont prevent
a dns lookup on a RFC1918 addr) that shouldnt go outside.. But experience
shows that this isnt gonna happen globally any time soon :)
--
Bret McDanel http://www.rehost.com
Realistic Technologies, Inc. 973-514-1144
These opinions are mine, and may not be the same as my employer
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
