I won't comment on the sanity of doing so, but _many_ service providers use EMTAs, ATAs, and other voice devices over RFC1918 space back to their core.
On Fri, Mar 2, 2018 at 4:11 PM, Mark Andrews <[email protected]> wrote: > Are you insane. ISPs should never use RFC 1918 addresses for stuff that > talks to their customers. They have no way of knowing which addresses the > customers are using. > > Traffic from RFC 1918 addresses should be dropped by any sane border > router which all routers connecting to a ISP are. > > -- > Mark Andrews > > > On 2 Mar 2018, at 22:49, Bjørn Mork <[email protected]> wrote: > > > > Owen DeLong <[email protected]> writes: > > > >> I don’t agree that making RFC-1918 limitations a default in any daemon > makes any > >> sense whatsoever. > > > > +1 > > > > One of the more annoying anti-features I know of in this regard is the > > dnsmasq rebind "protection". It claims to protect web browsers on the > > LAN against DNS rebind attacks. But the implementation does not > > consider which adresses are used on the LAN at all. It simply blocks > > any A record pointing to an RFC1918 address, making a few bogus > > assumptions: > > - IPv4 LAN addresses are selected from RFC1918 > > - RFC1918 addresses are never used on the WAN side of a CPE > > - Noone use IPv6 on their LAN > > > > It's hard to know how many users have been bitten by the first > > one. You'd have to depend on this rebind "protection" in the first > > place, and that would be.... stupid. > > > > But the second assumption regularily bites end users when their ISP > > provides some ISP internal service using RFC1918 addresses. Which of > course > > is fine. > > > > The anti-feature has been enabled by default in OpenWrt for a long time, > > ref https://wiki.openwrt.org/doc/uci/dhcp#all_options , which means that > > there is a large user base having this enabled without knowing. > > > >> First, there are plenty of LANs out there that don’t use RFC-1918. > >> > >> Second, RFC-1918 doesn’t apply to IPv6 at all, > > > > Could you try to explain that to the OpenWrt guys? Thanks > > > > > > > > Bjørn > >
