On Wed, 23 Jul 2003, Haesu wrote:
Well, if uBR showing RFC1918 address out on the traceroute is an issue, why not
just reverse the way its configured?
Put RFC1918 as secondary, and put the routable addr as primary. Either way, it
should work w/o issues, right?
Hmm this could affect
: Haesu [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 12:53 PM
To: Vinny Abello; [EMAIL PROTECTED]
Subject: Re: rfc1918 ignorant
Heh, check this out.
traceroute to 219.168.64.121 (219.168.64.121), 64 hops max, 44 byte packets
1 216.93.161.1 (216.93.161.1) 0.532 ms 0.518 ms 0.405
: rfc1918 ignorant
Heh, check this out.
traceroute to 219.168.64.121 (219.168.64.121), 64 hops max, 44 byte packets
1 216.93.161.1 (216.93.161.1) 0.532 ms 0.518 ms 0.405 ms
2 66.7.159.33 (66.7.159.33) 0.796 ms 0.667 ms 0.543 ms
3 gigabitethernet8-0-513.ipcolo1.SanFrancisco1.Level3.net
On Wed, 23 Jul 2003, Jared Mauch wrote:
I think you'll see more and more networks slowly over
time move closer to bcp38.
Is there anywhere that this is recorded? It would be interesting to see
what the actual state of play on implementation of BCP38 was.
I believe that ATT is the
: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 24, 2003 8:44 AM
To: [EMAIL PROTECTED]
Subject: RE: rfc1918 ignorant
According to the notice they send me on 7/1, this isn't supposed to take
effect until Aug 17th or 18th for existing customers, and they didn't
mention an option
, July 24, 2003 3:44 PM
Subject: RE: rfc1918 ignorant
According to the notice they send me on 7/1, this isn't supposed to take
effect until Aug 17th or 18th for existing customers, and they didn't
mention an option to specifically request that they not do this.
However, there was a link:
http
Hmm this could affect routing protocols which use the primary address..
I haven't tried doing that with igp protocols.. But with BGP, it works does
manage to bind itself to the working address. (Or if you are sourcing update
to loopback, that would be fine too)
Right but this one
.
WWW: http://www.towardex.com
E-mail: [EMAIL PROTECTED]
Cell: (978) 394-2867
Sprint??? you out there?
-Original Message-
From: Haesu [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 12:53 PM
To: Vinny Abello; [EMAIL PROTECTED]
Subject: Re: rfc1918 ignorant
Heh
On Thu, Jul 24, 2003 at 01:44:33PM +0100, [EMAIL PROTECTED] wrote:
On Wed, 23 Jul 2003, Jared Mauch wrote:
I think you'll see more and more networks slowly over
time move closer to bcp38.
Is there anywhere that this is recorded? It would be interesting to see
what the actual
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Haesu
Sent: Wednesday, July 23, 2003 5:10 PM
To: [EMAIL PROTECTED]
Subject: Re: rfc1918 ignorant (fwd)
Well, if uBR showing RFC1918 address out on the traceroute is
an issue, why not just reverse
I agree... The only problem is if you filter all inbound RFC 1918 and
inadvertently block ICMP messages from their routers on rfc1918 space. That
could potentially cause issues with network connectivity related to MTU, etc...
At 08:59 AM 7/23/2003, Dave Temkin wrote:
Is this really an issue?
On Wed, 23 Jul 2003, Dave Temkin wrote:
Is this really an issue? So long as they're not advertising the space I
see no issue with routing traffic through a 10. network as transit. If
you have no reason to reach their router directly (and after Cisco's last
exploit, I'd think no one would
Good point on the PMTU, you're correct and I wasn't thinking about that
(though generally that would have come from the inside router, unless one
of those routers was where the MTU limitation was). Engineered *correctly
*I don't see an issue.
I never implied that people should remove filters
On Wed, Jul 23, 2003 at 02:10:17PM +0100, [EMAIL PROTECTED] wrote:
On Wed, 23 Jul 2003, Dave Temkin wrote:
Is this really an issue? So long as they're not advertising the space I
see no issue with routing traffic through a 10. network as transit. If
you have no reason to reach their
Date: Wed, 23 Jul 2003 08:59:18 -0400 (EDT)
From: Dave Temkin [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
Is this really an issue? So long as they're not advertising the space I
see no issue with routing traffic through a 10. network as transit. If
you have no reason to reach their
Ahhh...but this all comes down to how one defines enterprise and it's
network scope. IANALBPSB (I am not a lawyer but probably shoud be)
Daryl
PGP Key: http://www.introspect.net/pgp
[...]
That's not what is in my copy of 1918.
In order to use private address space, an enterprise needs
Heh, check this out.
traceroute to 219.168.64.121 (219.168.64.121), 64 hops max, 44 byte packets
1 216.93.161.1 (216.93.161.1) 0.532 ms 0.518 ms 0.405 ms
2 66.7.159.33 (66.7.159.33) 0.796 ms 0.667 ms 0.543 ms
3 gigabitethernet8-0-513.ipcolo1.SanFrancisco1.Level3.net (63.211.150.225)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 6:10 AM
To: Dave Temkin
Cc: [EMAIL PROTECTED]
Subject: re: rfc1918 ignorant
On Wed, 23 Jul 2003, Dave Temkin wrote:
Is this really an issue? So
:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 6:10 AM
To: Dave Temkin
Cc: [EMAIL PROTECTED]
Subject: re: rfc1918 ignorant
On Wed, 23 Jul 2003, Dave Temkin wrote:
Is this really
On 23.07 10:07, Kevin Oberman wrote:
In order to use private address space, an enterprise needs to
determine which hosts do not need to have network layer connectivity
outside the enterprise in the foreseeable future and thus could be
classified as private. Such hosts will use the private
On Wednesday, July 23, 2003, at 11:40 AM, Dave Temkin wrote:
Except you're making assumptions as to how that router is used.
If it's being used for purely transit then your third paragraph doesn't
apply at all. The traffic is not originating or terminating there, it
is
merely passing
On Wed, 23 Jul 2003 13:40:03 EDT, Dave Temkin said:
If it's being used for purely transit then your third paragraph doesn't
apply at all. The traffic is not originating or terminating there, it is
merely passing through.
If it shows up on a traceroute, it originated an ICMP packet.
10 * * *
Needs is a tough call. Plenty of networks block ICMP at the border and
could very well be using 1918 addressing in between and you'd have no
idea.
--
David Temkin
On Wed, 23 Jul 2003, Lyndon Nerenberg wrote:
On Wednesday, July 23, 2003, at 11:40 AM, Dave Temkin wrote:
Except you're
Date: Wed, 23 Jul 2003 13:40:03 -0400 (EDT)
From: Dave Temkin [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
Except you're making assumptions as to how that router is used.
If it's being used for purely transit then your third paragraph doesn't
apply at all. The traffic is not
On Wednesday, July 23, 2003, at 11:50 AM, Dave Temkin wrote:
Needs is a tough call. Plenty of networks block ICMP at the border and
could very well be using 1918 addressing in between and you'd have no
idea.
True enough, but my view of networks that blindly block all ICMP is
about the same
Date: Wed, 23 Jul 2003 13:50:05 -0400 (EDT)
From: Dave Temkin [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
Needs is a tough call. Plenty of networks block ICMP at the border and
could very well be using 1918 addressing in between and you'd have no
idea.
And the network is broken.
Unless of course I block ICMP for the purposes of denying traceroute but
still allow DF/etc. Then it's not broken as you say.
--
David Temkin
On Wed, 23 Jul 2003, Kevin Oberman wrote:
Date: Wed, 23 Jul 2003 13:50:05 -0400 (EDT)
From: Dave Temkin [EMAIL PROTECTED]
Sender: [EMAIL
-- Forwarded message --
Date: Wed, 23 Jul 2003 07:53:26 -1000
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: rfc1918 ignorant
There's a common misconception reflected here that I wanted to correct. I
don't have nanog-post, so I apologize if its
ignorant (fwd)
-- Forwarded message --
Date: Wed, 23 Jul 2003 07:53:26 -1000
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: rfc1918 ignorant
There's a common misconception reflected here that I wanted to correct. I
don't have nanog-post, so I
Unless of course I block ICMP for the purposes of denying traceroute but
still allow DF/etc. Then it's not broken as you say.
Sure, but people blocking all ICMP haven´t usually heard that there are different
types and codes in ICMP.
It´s surprising how many large www sites do not work if
ARIN required cable operators to use RFC 1918 space for the management
agents of the bridge cable modems that have been rolled out to the
millions of residential cable modem customers.
this would be really amazing, as it would have required a time machine.
the cable build was before arin
On Wed, Jul 23, 2003 at 01:49:37PM -0400, [EMAIL PROTECTED] wrote:
On Wed, 23 Jul 2003 13:40:03 EDT, Dave Temkin said:
If it's being used for purely transit then your third paragraph doesn't
apply at all. The traffic is not originating or terminating there, it is
merely passing through.
Schwartz [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 13:19
Subject: Re: rfc1918 ignorant
Unless of course I block ICMP for the purposes of denying traceroute but
still allow DF/etc. Then it's not broken as you say.
Sure, but people blocking
When the RFC's are broken, then what do you do?
If negotiations fail, you revolt and overthrow the corrupt governing body.
If applicable, add overseas occupation forces :)
RFC's are to be followed if one can operate one's network
under those constraints. Often times, RFC's don't take into
Date: Wed, 23 Jul 2003 14:06:09 -0400 (EDT)
From: Dave Temkin [EMAIL PROTECTED]
Unless of course I block ICMP for the purposes of denying traceroute but
still allow DF/etc. Then it's not broken as you say.
And where do the ICMPs come from if the DF bit results in a failure?
Surely not an
Is this really an issue? So long as they're not advertising the space I
see no issue with routing traffic through a 10. network as transit. If
you have no reason to reach their router directly (and after Cisco's last
exploit, I'd think no one would want anyone to reach their router directly
Needs is a tough call. Plenty of networks block ICMP at the border and
could very well be using 1918 addressing in between and you'd have no
idea.
--
David Temkin
Wholesale blocking of ICMP is another sign of incompetence. Either way
a network using RFC1918 inappropriately, filtering
At 02:11 PM 7/23/2003, Dave Temkin wrote:
-- Forwarded message --
Date: Wed, 23 Jul 2003 07:53:26 -1000
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: rfc1918 ignorant
There's a common misconception reflected here that I wanted to correct. I
On Wed, Jul 23, 2003 at 06:03:13PM -0400, Daniel Senie wrote:
At 02:11 PM 7/23/2003, Dave Temkin wrote:
2003 7:07 AM:]
Comcast and many others seem to
blithely ignore this for convenience sake. (It's not like they need a
huge amount of space to give private addresses to these links.)
Well, if uBR showing RFC1918 address out on the traceroute is an issue, why not
just reverse the way its configured?
Put RFC1918 as secondary, and put the routable addr as primary. Either way, it
should work w/o issues, right?
I know quite a few people who purposely put a non-routable IP
RFC1918 is a wonderful document. It probably added 10-15 years
to the lifespan of the IPv4 address space, made IP addressing
much simpler for internal applications, and it's prevented
a large number of problems like people randomly making up addresses
for boxes they know that they'll never need
41 matches
Mail list logo