> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William
> Herrin
> Sent: Thursday, October 04, 2018 8:53 PM
>
> > - RFC 1918 for loopbacks and PTP
> > - Immediately “protects” from the internet at large, as they aren’t
> routable.
> > - Traceroutes are miserable.
>
> Also breaks PM
On Thu, Oct 4, 2018, at 21:53, William Herrin wrote:
> On Thu, Oct 4, 2018 at 3:10 PM Brandon Applegate wrote:
> > - Traceroutes are miserable.
>
> Also breaks PMTUD which can break TCP for everybody whose packets
> transit your router. So don't do this.
... unless you happen to provide a "
William Herrin wrote on 04/10/2018 20:53:
I wonder if it would be useful to ask the IETF to assign a block of
"origination-only" IP addresses... IP addresses which by standard are
permitted to be the source of ICMP packets but which should be
unreachable by forward routing.
no - this would be a
Hello Brandon,
instead of not announcing it you can send it to your upstream and tag it with
no-export.
That way you can still see your router in traceroutes if the source ASN of the
traceroute doesn't do uRPF.
If you don't have a separate range from which you assign PTP/loopback
addresses, bu
On Thu, Oct 4, 2018 at 3:10 PM Brandon Applegate wrote:
> I’ve seen mention on this list and other places about keeping one’s PTPs /
> loopbacks out of routing tables for security reasons. Totally get this and
> am on board with it. What I don’t get - is how. I’m going to list some of
> my i
> On Oct 4, 2018, at 3:07 PM, Brandon Applegate wrote:
>
> Thanks in advance for insights on this.
If you’re MPLS enabled, one implementation could see place the loop/infra/p2p
in the global table and customer/internet traffic inside a VRF.
Le jeu. 4 oct. 2018 à 21:12, Brandon Applegate a écrit :
>
> I’ve seen mention on this list and other places about keeping one’s PTPs /
> loopbacks out of routing tables for security reasons. Totally get this and
> am on board with it. What I don’t get - is how. I’m going to list some of
> m
7 matches
Mail list logo