Date: Wed, 24 May 2006 15:26:15 -0400
From: Valdis.Kletnieks
d: A fish (not a fish anything, just a random posting not related to
anything on topic)
And this one will invariably start a "trout"/"salmon"/"swordfish"/"octopus"
debate.
...at which point someone interjects that an octopus
On Wed, 24 May 2006 11:50:34 PDT, Warren Kumari said:
> d: A fish (not a fish anything, just a random posting not related to
> anything on topic)
And this one will invariably start a "trout"/"salmon"/"swordfish"/"octopus"
debate.
pgpey06HNxilK.pgp
Description: PGP signature
On May 24, 2006, at 2:05 AM, [EMAIL PROTECTED] wrote:
So again, I ask the question: Is NANOG an appropriate
forum to develop some best practices text that
could be incorporated into service agreements and
peering agreements by reference in the same way
that a software licence incorporates th
> > Does NANOG have a role in developing some best
> > practices text that could be easily imcorporated
> > into peering agreements and service contracts?
> ...
>
> RFC 2267 -> RFC 2827 == Best Current Practice (BCP) 38
> RFC 3013 == BCP 46
> RFC 3704 == BCP 84
> Are these followed?
No, the IETF
On Tue, May 23, 2006 at 11:55:56AM -0400, Joe Maimon wrote:
...
> Its also quite annoying to wait for each hop to timeout.
Well, yes. ;-} But as someone hinted, that's purely a problem with my
own psyche, which I do [to some degree] control.
OBTW, the 'ad hominem' attacks starting up in this
On May 23, 2006, at 1:14 PM, Richard A Steenbergen wrote:
[...]
Filtering every last 1918 sourced packet you receive because it
might have
a DoS is like filtering all ICMP because people can ping flood. If you
want to rate limit it, that is reasonable. If you want to restrict
it to
ICMP re
> Filtering every last 1918 sourced packet you receive because it might have
> a DoS is like filtering all ICMP because people can ping flood. If you
> want to rate limit it, that is reasonable. If you want to restrict it to
> ICMP responses only, that is also reasonable. If on the other hand y
On Tue, May 23, 2006 at 12:23:54PM -0400, Patrick W. Gilmore wrote:
>
> I know it was late when you wrote that, RAS, but from the
> _very_first_sentence_:
Er yeah I meant to say it says nothing about filtering 1918 packets.
> Please read BCP38 again. (For the first time? :)
Clearly allowin
On May 23, 2006, at 10:47 AM, Robert Bonomi wrote:
Really? You really want TTL-E messages with RFC1918 source addr? Even
if they're used as part of a denial of service attack? Even though
you can't tell where they actually came from?
"Can be" is not sufficient (in and of itself, that is) reas
On May 23, 2006, at 3:33 AM, Richard A Steenbergen wrote:
From RFC 1918
Because private addresses have no global meaning, routing
information
about private networks shall not be propagated on inter-enterprise
links, and packets with private source or destination addresses
should
Joseph S D Yao wrote:
Folks are sounding as if they'd never 'traceroute'd THROUGH a set of
unroutable IP addresses. I have seen cases where my 'traceroute' looked
like this [when I've had the patience to not hit Interrupt at the first
sign of stars]:
1 1 ms 1 ms 1 ms router.here
2 10
On Tue, May 23, 2006 at 04:22:26PM +0100, [EMAIL PROTECTED] wrote:
...
> Does NANOG have a role in developing some best
> practices text that could be easily imcorporated
> into peering agreements and service contracts?
...
RFC 2267 -> RFC 2827 == Best Current Practice (BCP) 38
RFC 3013 == BCP
Folks are sounding as if they'd never 'traceroute'd THROUGH a set of
unroutable IP addresses. I have seen cases where my 'traceroute' looked
like this [when I've had the patience to not hit Interrupt at the first
sign of stars]:
1 1 ms 1 ms 1 ms router.here
2 10 ms 10 ms 10 ms router.ther
Robert Bonomi wrote:
Date: Tue, 23 May 2006 11:14:53 -0400
"Translating" those addresses is a *BAD*IDEA*(TM). That obscures who
the reporting machine was _if_ you have to actually communicate with that
network operator.
These are the options:
Construct the network so that icmp is nev
Brian Johnson wrote:
In the Cisco world, I thought that the source would always be the interface
that replies to the ICMP packet. That seems to be good form to me.
Where am I going wrong?
You are correct, however it could be usefull in regards to the topic at
hand if this was configurab
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Joe Maimon
> Sent: Tuesday, May 23, 2006 10:15 AM
> To: Robert Bonomi
> Cc: [EMAIL PROTECTED]
> Subject: Re: private ip addresses from ISP
>
>
>
>
> Ro
> Proper "good net neighbor" egress filtering of RFC1918 source addresses
> takes a number of separate rules. Several 'allows', followed by a
default
> 'deny'.
Really?
Do you have those rules on your network?
Any reason why you didn't post the operational
details on this operational list?
Hav
Robert Bonomi wrote:
TTL-E messages _do_ have legitimate function in network management.
TTL-E messages _can_ originate from RFC1918 space, addressed to 'public
internet' addresses. Usefully, and meaningfully. Ever hear of 'traceroute'?
Ever use it where packets went across a network usin
> Date: Tue, 23 May 2006 09:36:30 -0400
> To: [EMAIL PROTECTED]
> From: Daniel Senie <[EMAIL PROTECTED]>
> Subject: Re: private ip addresses from ISP
>
>
> At 09:22 AM 5/23/2006, Robert Bonomi wrote:
>
> > > Date: Tue, 23 May 2006 03:33:34 -0400
&g
While we're on the topic, perhaps I should ask for some best practices
(where 'best' equals one for every listserv member) on the use of RFC 1918
addresses within a network provider's infrastructure.
We use private addresses for some stub routes, as well as our cable modems.
Should we aggressivel
At 09:22 AM 5/23/2006, Robert Bonomi wrote:
> Date: Tue, 23 May 2006 03:33:34 -0400
> From: Richard A Steenbergen <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: private ip addresses from ISP
>
>
> On Mon, May 22, 2006 at 04:30:37PM -0400, Andrew Kirch wr
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
> Robert Bonomi
> Sent: Tuesday, May 23, 2006 9:22 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: private ip addresses from ISP
>
>
> > Date
> Date: Tue, 23 May 2006 03:33:34 -0400
> From: Richard A Steenbergen <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: private ip addresses from ISP
>
>
> On Mon, May 22, 2006 at 04:30:37PM -0400, Andrew Kirch wrote:
> >
> > > 3) You are see
RAS> Date: Tue, 23 May 2006 03:33:34 -0400
RAS> From: Richard A Steenbergen
RAS> If you're receiving RFC1918 sourced packets
#include "flamewars/urpf.h"
#include "flamewars/pmtud.h"
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsm
On Mon, May 22, 2006 at 04:30:37PM -0400, Andrew Kirch wrote:
>
> > 3) You are seeing packets with source IPs inside private space
> > arriving at
> > your interface from your ISP?
...
> Sorry to dig this up from last week but I have to strongly disagree with
> point #3.
> >From RFC 1918
>
se junk traffic.
Hyun
Andrew Kirch wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
David Schwartz
Sent: Wednesday, May 17, 2006 1:37 PM
To: [EMAIL PROTECTED]
Subject: RE: private ip addresses from ISP
Our router is running BGP and connect
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
> David Schwartz
> Sent: Wednesday, May 17, 2006 1:37 PM
> To: [EMAIL PROTECTED]
> Subject: RE: private ip addresses from ISP
>
>
>
> > Our router is running BGP a
> Our router is running BGP and connecting to our
> upstream provider with /30 network. Our log reveals
> that there are private IP addresses reaching our
> router's interface that is facing our upstream ISP.
> How could this be possible? Should upstream ISP be
> blocking private IP address ac
On Wed, 2006-05-17 at 15:14 +0100, Ivan Groenewald wrote:
[..]
> If you mean you are getting traffic destined for RFC1918 space, then make
> sure you aren't announcing those networks to your upstreams by accident.
> Poor upstream configs/filters could allow stuff like that to escape to peers
> of t
IL PROTECTED]>
CTO
Tel: 0845 345 0919
Xtraordinary Hosting, 6 The Clocktower, South Gyle, Edinburgh, EH12 9LB
http://www.xtrahost.co.uk
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
adrian kok
Sent: Wednesday, May 17, 2006 2:48 PM
To: [EMAIL PROTECTED
Hi all
Have you had this experience?
Our router is running BGP and connecting to our
upstream provider with /30 network. Our log reveals
that there are private IP addresses reaching our
router's interface that is facing our upstream ISP.
How could this be possible? Should upstream ISP be
blo
31 matches
Mail list logo
