I very often see 1918 space in ICMP responses. It's quite dumb.
-Original Message-
From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu]
Sent: 16 August 2010 14:27
To: Joe Greco
Cc: na...@merit.edu
Subject: Re: BCP38 exceptions for RFC1918 space
On Mon, 16 Aug 2010 06:50:00 CDT
...@vt.edu]
Sent: 16 August 2010 14:27
To: Joe Greco
Cc: na...@merit.edu
Subject: Re: BCP38 exceptions for RFC1918 space
On Mon, 16 Aug 2010 06:50:00 CDT, Joe Greco said:
What *possible* use case would require a 1918-sourced packet to be
traversing the public internet? We're all waiting
To: Joe Greco
Cc: na...@merit.edu
Subject: Re: BCP38 exceptions for RFC1918 space
On Mon, 16 Aug 2010 06:50:00 CDT, Joe Greco said:
What *possible* use case would require a 1918-sourced packet to be
traversing the public internet? We're all waiting with bated breath
to hear this one
Oh I do, just not to my workstation ;-)
-Original Message-
From: Joel Jaeggli [mailto:joe...@bogus.com]
Sent: 23 August 2010 16:48
To: Leigh Porter
Cc: valdis.kletni...@vt.edu; Joe Greco; na...@merit.edu
Subject: Re: BCP38 exceptions for RFC1918 space
On 8/23/10 2:31 AM, Leigh Porter
On Mon, Aug 16, 2010 at 1:49 AM, Marco Hogewoning mar...@marcoh.net wrote:
On 15 aug 2010, at 20:05, Randy Bush wrote:
rfc1918 packets are not supposed to reach the public internet. once you
start accommodating their doing so, the downward slope gets pretty steep
and does not end in a nice
Florian Weimer wrote:
What's the current consensus on exempting private network space from
source address validation? Is it recommended? Discouraged?
(One argument in favor of exceptions is that it makes PMTUD work if
transfer networks use private address space.)
IMHO, operators who
On Sun, 15 Aug 2010 19:02:50 +0200, Florian Weimer said:
* Valdis Kletnieks:
On Sun, 15 Aug 2010 18:46:49 +0200, Florian Weimer said:
And that connection that's trying to use PMTU got established across the
commodity internet, how, exactly? ;)
ICMP fragmentation needed, but DF
What does originating mean? Creating the packets? Or forwarding
them?
Either way, there's no excuse.
First off, remember that BCP38 and 1918 don't apply on your set of
interconnected private networks, no matter how big a net it is. You want to
filter between two of your private
On Mon, 16 Aug 2010 06:50:00 CDT, Joe Greco said:
What *possible* use case would require a 1918-sourced packet to be
traversing
the public internet? We're all waiting with bated breath to hear this one.
;)
It's great for showing in traceroutes who the heel is.
Like I said, at that
On Sun, 15 Aug 2010 18:14:41 +0200, Florian Weimer said:
What's the current consensus on exempting private network space from
source address validation? Is it recommended? Discouraged?
What you do on your internal networks and internal transit is your business.
BCP38 talks about where you
* Valdis Kletnieks:
On Sun, 15 Aug 2010 18:14:41 +0200, Florian Weimer said:
What's the current consensus on exempting private network space from
source address validation? Is it recommended? Discouraged?
What you do on your internal networks and internal transit is your business.
BCP38
On Aug 15, 2010, at 9:14 AM, Florian Weimer wrote:
What's the current consensus on exempting private network space from
source address validation?
BCP38-land MUST *never* see RFC1918-space traffic. Ever.
Unless you're using a border router as a NAT device, of course
The only way your
* Valdis Kletnieks:
On Sun, 15 Aug 2010 18:46:49 +0200, Florian Weimer said:
And that connection that's trying to use PMTU got established across the
commodity internet, how, exactly? ;)
ICMP fragmentation needed, but DF set messages carry the a addresses
of intermediate routers which
* Michael J. Wise:
On Aug 15, 2010, at 9:14 AM, Florian Weimer wrote:
What's the current consensus on exempting private network space from
source address validation?
BCP38-land MUST *never* see RFC1918-space traffic. Ever.
Unless you're using a border router as a NAT device, of course
What's the current consensus on exempting private network space from
source address validation? Is it recommended? Discouraged?
(One argument in favor of exceptions is that it makes PMTUD work if
transfer networks use private address space.)
and this is a good thing?
rfc1918 packets
On 15/08/2010 18:02, Florian Weimer wrote:
* Valdis Kletnieks:
On Sun, 15 Aug 2010 18:46:49 +0200, Florian Weimer said:
And that connection that's trying to use PMTU got established across the
commodity internet, how, exactly? ;)
ICMP fragmentation needed, but DF set messages carry the a
On 15 aug 2010, at 20:05, Randy Bush wrote:
What's the current consensus on exempting private network space from
source address validation? Is it recommended? Discouraged?
(One argument in favor of exceptions is that it makes PMTUD work if
transfer networks use private address space.)
17 matches
Mail list logo