I'm trying to come up with a simple picture that embraces all the
comments I've seen thus far on the definition of BCP38. The example
scenario I'm about to paint may be over-simplified -- but I like to
start simple.
Given a single local inside network with:
* multiple uplink providers (typical multi-home situation)
* multiple edge routers, each connected to an upstream via a public
routeable /30, and each further connected to the downstream inside network
* 50 subnets (to pick a number) of routeable IP address space
downstream from the edge routers, with routing announcements to the
world that direct packets back to the edge routers
BCP38 demands that ANY packet leaving ANY edge router to the upstream
MUST have a source address:
* within the 50 inside public route-able subnets, or
* within a list of "my" addresses in the public /30 subnets.
True statement?
What am I missing here?
(In this simplified view, I'm divorcing the BCP38 aspects from the
practical effects of any policy or input filtering done by the
upstreams, as I think that's a separate discussion -- important but
off-topic right now for my understanding of BCP38 at its core. Those
practical aspects can be added later, AFTER describing the basics.)