Does NANOG have a role in developing some best
practices text that could be easily imcorporated
into peering agreements and service contracts?
...
RFC 2267 - RFC 2827 == Best Current Practice (BCP) 38
RFC 3013 == BCP 46
RFC 3704 == BCP 84
Are these followed?
No, the IETF BCP's are
On May 24, 2006, at 2:05 AM, [EMAIL PROTECTED] wrote:
snip
So again, I ask the question: Is NANOG an appropriate
forum to develop some best practices text that
could be incorporated into service agreements and
peering agreements by reference in the same way
that a software licence
On Wed, 24 May 2006 11:50:34 PDT, Warren Kumari said:
d: A fish (not a fish anything, just a random posting not related to
anything on topic)
And this one will invariably start a trout/salmon/swordfish/octopus
debate.
pgpey06HNxilK.pgp
Description: PGP signature
Date: Wed, 24 May 2006 15:26:15 -0400
From: Valdis.Kletnieks
d: A fish (not a fish anything, just a random posting not related to
anything on topic)
And this one will invariably start a trout/salmon/swordfish/octopus
debate.
...at which point someone interjects that an octopus is a
Kirch wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
David Schwartz
Sent: Wednesday, May 17, 2006 1:37 PM
To: [EMAIL PROTECTED]
Subject: RE: private ip addresses from ISP
Our router is running BGP and connecting to our
upstream provider
On Mon, May 22, 2006 at 04:30:37PM -0400, Andrew Kirch wrote:
3) You are seeing packets with source IPs inside private space
arriving at
your interface from your ISP?
...
Sorry to dig this up from last week but I have to strongly disagree with
point #3.
From RFC 1918
Because
RAS Date: Tue, 23 May 2006 03:33:34 -0400
RAS From: Richard A Steenbergen
RAS If you're receiving RFC1918 sourced packets
#include flamewars/urpf.h
#include flamewars/pmtud.h
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman Dreger, Inc. - http://www.brotsman.com/
Date: Tue, 23 May 2006 03:33:34 -0400
From: Richard A Steenbergen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: private ip addresses from ISP
On Mon, May 22, 2006 at 04:30:37PM -0400, Andrew Kirch wrote:
3) You are seeing packets with source IPs inside private space
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
Robert Bonomi
Sent: Tuesday, May 23, 2006 9:22 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: private ip addresses from ISP
Date: Tue, 23 May 2006 03:33:34 -0400
From: Richard
At 09:22 AM 5/23/2006, Robert Bonomi wrote:
Date: Tue, 23 May 2006 03:33:34 -0400
From: Richard A Steenbergen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: private ip addresses from ISP
On Mon, May 22, 2006 at 04:30:37PM -0400, Andrew Kirch wrote:
3) You are seeing packets
While we're on the topic, perhaps I should ask for some best practices
(where 'best' equals one for every listserv member) on the use of RFC 1918
addresses within a network provider's infrastructure.
We use private addresses for some stub routes, as well as our cable modems.
Should we
Date: Tue, 23 May 2006 09:36:30 -0400
To: [EMAIL PROTECTED]
From: Daniel Senie [EMAIL PROTECTED]
Subject: Re: private ip addresses from ISP
At 09:22 AM 5/23/2006, Robert Bonomi wrote:
Date: Tue, 23 May 2006 03:33:34 -0400
From: Richard A Steenbergen [EMAIL PROTECTED]
To: [EMAIL
Robert Bonomi wrote:
TTL-E messages _do_ have legitimate function in network management.
TTL-E messages _can_ originate from RFC1918 space, addressed to 'public
internet' addresses. Usefully, and meaningfully. Ever hear of 'traceroute'?
Ever use it where packets went across a network
Proper good net neighbor egress filtering of RFC1918 source addresses
takes a number of separate rules. Several 'allows', followed by a
default
'deny'.
Really?
Do you have those rules on your network?
Any reason why you didn't post the operational
details on this operational list?
Have
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Joe Maimon
Sent: Tuesday, May 23, 2006 10:15 AM
To: Robert Bonomi
Cc: [EMAIL PROTECTED]
Subject: Re: private ip addresses from ISP
Robert Bonomi wrote:
TTL-E messages _do_ have
Brian Johnson wrote:
In the Cisco world, I thought that the source would always be the interface
that replies to the ICMP packet. That seems to be good form to me.
Where am I going wrong?
You are correct, however it could be usefull in regards to the topic at
hand if this was
Robert Bonomi wrote:
Date: Tue, 23 May 2006 11:14:53 -0400
Translating those addresses is a *BAD*IDEA*(TM). That obscures who
the reporting machine was _if_ you have to actually communicate with that
network operator.
These are the options:
Construct the network so that icmp is
Folks are sounding as if they'd never 'traceroute'd THROUGH a set of
unroutable IP addresses. I have seen cases where my 'traceroute' looked
like this [when I've had the patience to not hit Interrupt at the first
sign of stars]:
1 1 ms 1 ms 1 ms router.here
2 10 ms 10 ms 10 ms
On Tue, May 23, 2006 at 04:22:26PM +0100, [EMAIL PROTECTED] wrote:
...
Does NANOG have a role in developing some best
practices text that could be easily imcorporated
into peering agreements and service contracts?
...
RFC 2267 - RFC 2827 == Best Current Practice (BCP) 38
RFC 3013 == BCP 46
Joseph S D Yao wrote:
Folks are sounding as if they'd never 'traceroute'd THROUGH a set of
unroutable IP addresses. I have seen cases where my 'traceroute' looked
like this [when I've had the patience to not hit Interrupt at the first
sign of stars]:
1 1 ms 1 ms 1 ms router.here
2 10
On May 23, 2006, at 3:33 AM, Richard A Steenbergen wrote:
From RFC 1918
Because private addresses have no global meaning, routing
information
about private networks shall not be propagated on inter-enterprise
links, and packets with private source or destination addresses
should
On May 23, 2006, at 10:47 AM, Robert Bonomi wrote:
Really? You really want TTL-E messages with RFC1918 source addr? Even
if they're used as part of a denial of service attack? Even though
you can't tell where they actually came from?
Can be is not sufficient (in and of itself, that is)
On Tue, May 23, 2006 at 12:23:54PM -0400, Patrick W. Gilmore wrote:
I know it was late when you wrote that, RAS, but from the
_very_first_sentence_:
Er yeah I meant to say it says nothing about filtering 1918 packets.
Please read BCP38 again. (For the first time? :)
Clearly allowing
Filtering every last 1918 sourced packet you receive because it might have
a DoS is like filtering all ICMP because people can ping flood. If you
want to rate limit it, that is reasonable. If you want to restrict it to
ICMP responses only, that is also reasonable. If on the other hand you
On May 23, 2006, at 1:14 PM, Richard A Steenbergen wrote:
[...]
Filtering every last 1918 sourced packet you receive because it
might have
a DoS is like filtering all ICMP because people can ping flood. If you
want to rate limit it, that is reasonable. If you want to restrict
it to
ICMP
On Tue, May 23, 2006 at 11:55:56AM -0400, Joe Maimon wrote:
...
Its also quite annoying to wait for each hop to timeout.
Well, yes. ;-} But as someone hinted, that's purely a problem with my
own psyche, which I do [to some degree] control.
OBTW, the 'ad hominem' attacks starting up in this
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
David Schwartz
Sent: Wednesday, May 17, 2006 1:37 PM
To: [EMAIL PROTECTED]
Subject: RE: private ip addresses from ISP
Our router is running BGP and connecting to our
upstream provider
What do you mean by reaching?
Two quick observations from a mis-configuration point of view:
If you mean you are seeing BGP routes for those networks: Sometimes ISPs
null route private addresses with static routes in their networks and they
accidentally leak (redistribute) to customers/peers.
Our router is running BGP and connecting to our
upstream provider with /30 network. Our log reveals
that there are private IP addresses reaching our
router's interface that is facing our upstream ISP.
How could this be possible? Should upstream ISP be
blocking private IP address
29 matches
Mail list logo