t this time.
--D
--
-- Darren Bolding
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Haesu
> Sent: Wednesday, July 23, 2003 5:10 PM
> To: [EMAIL PROTECTED]
> Subject: Re: rfc1918 ignorant (fwd)
>
>
>
> Well, if uBR
On Thu, Jul 24, 2003 at 01:44:33PM +0100, [EMAIL PROTECTED] wrote:
> On Wed, 23 Jul 2003, Jared Mauch wrote:
>
> > I think you'll see more and more networks slowly over
> > time move closer to bcp38.
>
> Is there anywhere that this is recorded? It would be interesting to see
> what the
C.
TowardEX Technologies, Inc.
WWW: http://www.towardex.com
E-mail: [EMAIL PROTECTED]
Cell: (978) 394-2867
>
> Sprint??? you out there?
>
>
> -Original Message-
> From: Haesu [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, July 23, 2003 12:53 PM
> To: Vin
>
> Hmm this could affect routing protocols which use the primary address..
>
I haven't tried doing that with igp protocols.. But with BGP, it works does
manage to bind itself to the working address. (Or if you are sourcing update
to loopback, that would be fine too)
>
> Right but this one b
ED]>
Sent: Thursday, July 24, 2003 3:44 PM
Subject: RE: rfc1918 ignorant
>
>
> According to the notice they send me on 7/1, this isn't supposed to take
> effect until Aug 17th or 18th for existing customers, and they didn't
> mention an option to specifically request that the
: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 24, 2003 8:44 AM
To: [EMAIL PROTECTED]
Subject: RE: rfc1918 ignorant
According to the notice they send me on 7/1, this isn't supposed to take
effect until Aug 17th or 18th for existing customers, and they didn't
mention an
On Wed, 23 Jul 2003, Jared Mauch wrote:
> I think you'll see more and more networks slowly over
> time move closer to bcp38.
Is there anywhere that this is recorded? It would be interesting to see
what the actual state of play on implementation of BCP38 was.
> I believe that AT&T is
uly 23, 2003 12:53 PM
> To: Vinny Abello; [EMAIL PROTECTED]
> Subject: Re: rfc1918 ignorant
>
>
>
> Heh, check this out.
>
> traceroute to 219.168.64.121 (219.168.64.121), 64 hops max, 44 byte packets
> 1 216.93.161.1 (216.93.161.1) 0.532 ms 0.518 ms 0.405 ms
>
: Haesu [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 12:53 PM
To: Vinny Abello; [EMAIL PROTECTED]
Subject: Re: rfc1918 ignorant
Heh, check this out.
traceroute to 219.168.64.121 (219.168.64.121), 64 hops max, 44 byte packets
1 216.93.161.1 (216.93.161.1) 0.532 ms 0.518 ms 0.405
On Wed, 23 Jul 2003, Haesu wrote:
> Well, if uBR showing RFC1918 address out on the traceroute is an issue, why not
> just reverse the way its configured?
>
> Put RFC1918 as secondary, and put the routable addr as primary. Either way, it
> should work w/o issues, right?
Hmm this could affect r
RFC1918 is a wonderful document. It probably added 10-15 years
to the lifespan of the IPv4 address space, made IP addressing
much simpler for internal applications, and it's prevented
a large number of problems like people randomly making up addresses
for boxes they "know" that they'll "never" ne
Well, if uBR showing RFC1918 address out on the traceroute is an issue, why not
just reverse the way its configured?
Put RFC1918 as secondary, and put the routable addr as primary. Either way, it
should work w/o issues, right?
I know quite a few people who purposely put a non-routable IP (whethe
On Wed, Jul 23, 2003 at 06:03:13PM -0400, Daniel Senie wrote:
> At 02:11 PM 7/23/2003, Dave Temkin wrote:
>
> >2003 7:07 AM:]
> >> Comcast and many others seem to
> >> blithely ignore this for convenience sake. (It's not like they need a
> >> huge amount of space to give private addresses to thes
At 02:11 PM 7/23/2003, Dave Temkin wrote:
-- Forwarded message --
Date: Wed, 23 Jul 2003 07:53:26 -1000
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: rfc1918 ignorant
There's a common misconception reflected here that I wanted to correc
> Needs is a tough call. Plenty of networks block ICMP at the border and
> could very well be using 1918 addressing in between and you'd have no
> idea.
>
> --
> David Temkin
Wholesale blocking of ICMP is another sign of incompetence. Either way
a network using RFC1918 inappropriately, filteri
> Is this really an issue? So long as they're not advertising the space I
> see no issue with routing traffic through a 10. network as transit. If
> you have no reason to reach their router directly (and after Cisco's last
> exploit, I'd think no one would want anyone to reach their router direc
> Date: Wed, 23 Jul 2003 14:06:09 -0400 (EDT)
> From: Dave Temkin <[EMAIL PROTECTED]>
>
> Unless of course I block ICMP for the purposes of denying traceroute but
> still allow DF/etc. Then it's not "broken" as you say.
And where do the ICMPs come from if the DF bit results in a failure?
Surely
>
> When the RFC's are broken, then what do you do?
If negotiations fail, you revolt and overthrow the corrupt governing body.
If applicable, add overseas occupation forces :)
>
> RFC's are to be followed if one can operate one's network
> under those constraints. Often times, RFC's don't take
I have been busy today and not monitoring the list. I hate it when I
miss the start of an rfc1918 rant. It feels like old news when you have
to go back and read the email string and miss out on the name calling
and ranting in real time.
-Ron
"Kevin Oberman" <[EMAIL PROTECTED]>
Cc: "Lyndon Nerenberg" <[EMAIL PROTECTED]>; "David Schwartz" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, July 23, 2003 13:19
Subject: Re: rfc1918 ignorant
>
>
>
On Wed, Jul 23, 2003 at 01:49:37PM -0400, [EMAIL PROTECTED] wrote:
> On Wed, 23 Jul 2003 13:40:03 EDT, Dave Temkin said:
> > If it's being used for purely transit then your third paragraph doesn't
> > apply at all. The traffic is not originating or terminating there, it is
> > merely passing thro
> ARIN required cable operators to use RFC 1918 space for the management
> agents of the bridge cable modems that have been rolled out to the
> millions of residential cable modem customers.
this would be really amazing, as it would have required a time machine.
the cable build was before arin ex
>
> Unless of course I block ICMP for the purposes of denying traceroute but
> still allow DF/etc. Then it's not "broken" as you say.
>
Sure, but people "blocking all ICMP" haven´t usually heard that there are different
types and codes in ICMP.
It´s surprising how many large www sites do not w
M
Subject: RE: rfc1918 ignorant (fwd)
>
> -- Forwarded message --
> Date: Wed, 23 Jul 2003 07:53:26 -1000
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: rfc1918 ignorant
>
> There's a common misconception re
-- Forwarded message --
Date: Wed, 23 Jul 2003 07:53:26 -1000
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: rfc1918 ignorant
There's a common misconception reflected here that I wanted to correct. I
don't have nanog-post, so I apolog
Unless of course I block ICMP for the purposes of denying traceroute but
still allow DF/etc. Then it's not "broken" as you say.
--
David Temkin
On Wed, 23 Jul 2003, Kevin Oberman wrote:
> > Date: Wed, 23 Jul 2003 13:50:05 -0400 (EDT)
> > From: Dave Temkin <[EMAIL PROTECTED]>
> > Sender: [EMA
> Date: Wed, 23 Jul 2003 13:50:05 -0400 (EDT)
> From: Dave Temkin <[EMAIL PROTECTED]>
> Sender: [EMAIL PROTECTED]
>
>
> Needs is a tough call. Plenty of networks block ICMP at the border and
> could very well be using 1918 addressing in between and you'd have no
> idea.
And the network is brok
On Wednesday, July 23, 2003, at 11:50 AM, Dave Temkin wrote:
Needs is a tough call. Plenty of networks block ICMP at the border and
could very well be using 1918 addressing in between and you'd have no
idea.
True enough, but my view of networks that blindly block all ICMP is
about the same as
> Date: Wed, 23 Jul 2003 13:40:03 -0400 (EDT)
> From: Dave Temkin <[EMAIL PROTECTED]>
> Sender: [EMAIL PROTECTED]
>
>
> Except you're making assumptions as to how that router is used.
>
> If it's being used for purely transit then your third paragraph doesn't
> apply at all. The traffic is not
Needs is a tough call. Plenty of networks block ICMP at the border and
could very well be using 1918 addressing in between and you'd have no
idea.
--
David Temkin
On Wed, 23 Jul 2003, Lyndon Nerenberg wrote:
>
> On Wednesday, July 23, 2003, at 11:40 AM, Dave Temkin wrote:
> > Except you're
On Wed, 23 Jul 2003 13:40:03 EDT, Dave Temkin said:
> If it's being used for purely transit then your third paragraph doesn't
> apply at all. The traffic is not originating or terminating there, it is
> merely passing through.
If it shows up on a traceroute, it originated an ICMP packet.
10 * *
On Wednesday, July 23, 2003, at 11:40 AM, Dave Temkin wrote:
Except you're making assumptions as to how that router is used.
If it's being used for purely transit then your third paragraph doesn't
apply at all. The traffic is not originating or terminating there, it
is
merely passing through.
On 23.07 10:07, Kevin Oberman wrote:
>
> "In order to use private address space, an enterprise needs to
> determine which hosts do not need to have network layer connectivity
> outside the enterprise in the foreseeable future and thus could be
> classified as private. Such hosts will use the priv
Schwartz wrote:
>
>
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> > [EMAIL PROTECTED]
> > Sent: Wednesday, July 23, 2003 6:10 AM
> > To: Dave Temkin
> > Cc: [EMAIL PROTECTED]
> > Subject: re: rfc1918
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> [EMAIL PROTECTED]
> Sent: Wednesday, July 23, 2003 6:10 AM
> To: Dave Temkin
> Cc: [EMAIL PROTECTED]
> Subject: re: rfc1918 ignorant
>
>
>
> On Wed, 23 Jul 2003, Dave T
Heh, check this out.
traceroute to 219.168.64.121 (219.168.64.121), 64 hops max, 44 byte packets
1 216.93.161.1 (216.93.161.1) 0.532 ms 0.518 ms 0.405 ms
2 66.7.159.33 (66.7.159.33) 0.796 ms 0.667 ms 0.543 ms
3 gigabitethernet8-0-513.ipcolo1.SanFrancisco1.Level3.net (63.211.150.225)
Ahhh...but this all comes down to how one defines "enterprise" and it's
network scope. IANALBPSB (I am not a lawyer but probably shoud be)
Daryl
PGP Key: http://www.introspect.net/pgp
[...]
> That's not what is in my copy of 1918.
>
> "In order to use private address space, an enterprise nee
> Date: Wed, 23 Jul 2003 08:59:18 -0400 (EDT)
> From: Dave Temkin <[EMAIL PROTECTED]>
> Sender: [EMAIL PROTECTED]
>
>
> Is this really an issue? So long as they're not advertising the space I
> see no issue with routing traffic through a 10. network as transit. If
> you have no reason to reach
On Wed, Jul 23, 2003 at 02:10:17PM +0100, [EMAIL PROTECTED] wrote:
>
> On Wed, 23 Jul 2003, Dave Temkin wrote:
>
> > Is this really an issue? So long as they're not advertising the space I
> > see no issue with routing traffic through a 10. network as transit. If
> > you have no reason to reac
Good point on the PMTU, you're correct and I wasn't thinking about that
(though generally that would have come from the inside router, unless one
of those routers was where the MTU limitation was). Engineered *correctly
*I don't see an issue.
I never implied that people should remove filters for
On Wed, 23 Jul 2003, Dave Temkin wrote:
> Is this really an issue? So long as they're not advertising the space I
> see no issue with routing traffic through a 10. network as transit. If
> you have no reason to reach their router directly (and after Cisco's last
> exploit, I'd think no one woul
I agree... The only problem is if you filter all inbound RFC 1918 and
inadvertently block ICMP messages from their routers on rfc1918 space. That
could potentially cause issues with network connectivity related to MTU, etc...
At 08:59 AM 7/23/2003, Dave Temkin wrote:
Is this really an issue?
Uhhh...PMTU-d can break as routers will send back icmp cant-frag
packets from those link addresses and rpf, filtering, etc will
bring tcp connections to a standstill.
Don't filter rfc1918? umm good luck convincing the rest of the
net to eliminiate their filters. The basic premise of building
pub
On Wed, 23 Jul 2003, Frank Louwers wrote:
> Is there a site to "report" networks/isps that still leak rfc1918 space?
http://www.ris.ripe.net/martians/
Henk
--
Henk Uijterwaal Email: [EMAIL P
Heh... Check out Comcast. A large part of their network uses rfc1918:
216 ms 9 ms10 ms 10.110.168.1
315 ms10 ms11 ms 172.30.116.17
410 ms13 ms10 ms 172.30.116.50
514 ms12 ms26 ms 172.30.112.123
610 ms14 ms23 ms 172.30.110.1
Speaking on Deep Background, the Press Secretary whispered:
>
>
> Is there a site to "report" networks/isps that still leak rfc1918 space?
> By leaking I not only mean "don't filter", but actually _use_ in their
> network?
How about:
http://rfc-ignorant.org/
--
A host is a host fr
Is this really an issue? So long as they're not advertising the space I
see no issue with routing traffic through a 10. network as transit. If
you have no reason to reach their router directly (and after Cisco's last
exploit, I'd think no one would want anyone to reach their router directly
:-)
Is there a site to "report" networks/isps that still leak rfc1918 space?
By leaking I not only mean "don't filter", but actually _use_ in their
network?
If someone is keeping a list, feel free to add ServerBeach.com. All
traceroutes to servers housed there, pass by 10.10.10.3.
traceroute to www.
48 matches
Mail list logo