----- Original Message -----
From: Michael H. Warfield <[EMAIL PROTECTED]>
To: Steve Costaras <[EMAIL PROTECTED]>
Cc: Michael H. Warfield <[EMAIL PROTECTED]>; at Linux-Net
<[EMAIL PROTECTED]>; Bruce Stephens <[EMAIL PROTECTED]>
Sent: Sunday, June 06, 1999 20:49
Subject: Re: Illegal IP addresses???
> Ok... Good deal... I stand corrected. There is explicit reference
> to ISP's in that RFC.
>
> However, the remarks about "shall not be propoated on
> inter-enterprise links" also dumps the problem right back square on
> the "enterprise". Regardless of what is blocked at the ISP level,
> the onus also exists on the enterprise to insure that these packets
> do not transit the "inter-" part. Or do you mean to imply that the
> ISP must block at their point of presence against their customers?
> I suppose one could infer that as well...
I think it's two fold. Each enterprise should make it's own effort to stop
the
'leakage' of these IPs into the public. However this does not mean that
ISP's
don't have to. Since ISP's are 'supposed to know' (ie, are the 'experts')
on IP
addressing/routing they have to take up the slack in all cases to protect
companies from themselves.
On the links here to our customers I have simple rules in place on the
serial
interface on our routers both to clients and to our Inet backbone. Blocking
traffic
which 'shouldn't' be present. It doesn't take up much CPU even on a 2500
series
router for these simple ACL's and each packet you don't need to carry makes
your life easier when you're call on to debug things anyway.
Steve
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
