"Karl J. Runge" <[EMAIL PROTECTED]> writes:
> It's OK to use private IP addresses in creating a bridge and other
> sorts of "junctions", correct?
Yes -- as long as these aren't intended to be accessed directly by the
general Internet.
> I'm not saying this what mod saw is a bridge, but remember how
> traceroute works: it sends UDP packets but sets the total number of
> hops (TTL) so that it won't get there to the destination, then it waits
> for the ICMP error packet to come back and looks at where the ICMP
> error packet came from. Then it increments the TTL by one and repeats.
Yup. Of course, traceroute is never emitting an IP datagram with a
destination that corresponds to one of the carrier's routers, only to
the destination address.
> Unrelated to this, I've had numerous problems going to some websites
> where it sent back TCP packets with SOURCE addresses in the private IP
> range. Weird. My linux firewall drops these and that's how I noticed
> them.
These sites almost certainly shouldn't be doing this. Of course,
everybody is playing shenanigan's like this nowadays. <sigh>
--kevin
--
"Its normally seriously incompetent firewall admins on remote
sites. Most large ecommerce sites have these kind of basic
errors. Makes you glad to trust your credit card details to them
doesnt it 8)"
-- Alan Cox, on PMTU blackholes
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
