Oh I do, just not to my workstation ;-)
-Original Message-
From: Joel Jaeggli [mailto:joe...@bogus.com]
Sent: 23 August 2010 16:48
To: Leigh Porter
Cc: valdis.kletni...@vt.edu; Joe Greco; na...@merit.edu
Subject: Re: BCP38 exceptions for RFC1918 space
On 8/23/10 2:31 AM, Leigh Porter
; Sent: 16 August 2010 14:27
> To: Joe Greco
> Cc: na...@merit.edu
> Subject: Re: BCP38 exceptions for RFC1918 space
>
> On Mon, 16 Aug 2010 06:50:00 CDT, Joe Greco said:
>
>>> What *possible* use case would require a 1918-sourced packet to be
>>> traversin
s.kletni...@vt.edu]
> Sent: 16 August 2010 14:27
> To: Joe Greco
> Cc: na...@merit.edu
> Subject: Re: BCP38 exceptions for RFC1918 space
>
> On Mon, 16 Aug 2010 06:50:00 CDT, Joe Greco said:
>
>>> What *possible* use case would require a 1918-sourced packet to be
&
I very often see 1918 space in ICMP responses. It's quite dumb.
-Original Message-
From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu]
Sent: 16 August 2010 14:27
To: Joe Greco
Cc: na...@merit.edu
Subject: Re: BCP38 exceptions for RFC1918 space
On Mon, 16 Aug 2010 06:50:0
On Mon, 16 Aug 2010 06:50:00 CDT, Joe Greco said:
> > What *possible* use case would require a 1918-sourced packet to be
> > traversing
> > the public internet? We're all waiting with bated breath to hear this one.
> > ;)
>
> It's great for showing in traceroutes who the heel is.
Like I said,
> > What does "originating" mean? Creating the packets? Or forwarding
> > them?
>
> Either way, there's no excuse.
>
> First off, remember that BCP38 and 1918 don't apply on your set of
> interconnected private networks, no matter how big a net it is. You want to
> filter between two of your p
On Sun, 15 Aug 2010 19:02:50 +0200, Florian Weimer said:
> * Valdis Kletnieks:
>
> > On Sun, 15 Aug 2010 18:46:49 +0200, Florian Weimer said:
> >
> >> > And that connection that's trying to use PMTU got established across the
> >> > commodity internet, how, exactly? ;)
> >>
> >> ICMP "fragmentati
Florian Weimer wrote:
> What's the current consensus on exempting private network space from
> source address validation? Is it recommended? Discouraged?
>
> (One argument in favor of exceptions is that it makes PMTUD work if
> transfer networks use private address space.)
>
>
IMHO, operators
On Mon, Aug 16, 2010 at 1:49 AM, Marco Hogewoning wrote:
> On 15 aug 2010, at 20:05, Randy Bush wrote:
>> rfc1918 packets are not supposed to reach the public internet. once you
>> start accommodating their doing so, the downward slope gets pretty steep
>> and does not end in a nice place.
>
> I
On 15 aug 2010, at 20:05, Randy Bush wrote:
>> What's the current consensus on exempting private network space from
>> source address validation? Is it recommended? Discouraged?
>>
>> (One argument in favor of exceptions is that it makes PMTUD work if
>> transfer networks use private address s
On 15/08/2010 18:02, Florian Weimer wrote:
* Valdis Kletnieks:
On Sun, 15 Aug 2010 18:46:49 +0200, Florian Weimer said:
And that connection that's trying to use PMTU got established across the
commodity internet, how, exactly? ;)
ICMP "fragmentation needed, but DF set" messages carry the a
> What's the current consensus on exempting private network space from
> source address validation? Is it recommended? Discouraged?
>
> (One argument in favor of exceptions is that it makes PMTUD work if
> transfer networks use private address space.)
and this is a good thing?
rfc1918 packet
* Michael J. Wise:
> On Aug 15, 2010, at 9:14 AM, Florian Weimer wrote:
>
>> What's the current consensus on exempting private network space from
>> source address validation?
>
> BCP38-land MUST *never* see RFC1918-space traffic. Ever.
> Unless you're using a border router as a NAT device, of cou
* Valdis Kletnieks:
> On Sun, 15 Aug 2010 18:46:49 +0200, Florian Weimer said:
>
>> > And that connection that's trying to use PMTU got established across the
>> > commodity internet, how, exactly? ;)
>>
>> ICMP "fragmentation needed, but DF set" messages carry the a addresses
>> of intermediate
On Sun, 15 Aug 2010 18:46:49 +0200, Florian Weimer said:
> > And that connection that's trying to use PMTU got established across the
> > commodity internet, how, exactly? ;)
>
> ICMP "fragmentation needed, but DF set" messages carry the a addresses
> of intermediate routers which generate them (
On Aug 15, 2010, at 9:14 AM, Florian Weimer wrote:
> What's the current consensus on exempting private network space from
> source address validation?
BCP38-land MUST *never* see RFC1918-space traffic. Ever.
Unless you're using a border router as a NAT device, of course
The only way your qu
* Valdis Kletnieks:
> On Sun, 15 Aug 2010 18:14:41 +0200, Florian Weimer said:
>> What's the current consensus on exempting private network space from
>> source address validation? Is it recommended? Discouraged?
>
> What you do on your internal networks and internal transit is your business.
>
On Sun, 15 Aug 2010 18:14:41 +0200, Florian Weimer said:
> What's the current consensus on exempting private network space from
> source address validation? Is it recommended? Discouraged?
What you do on your internal networks and internal transit is your business.
BCP38 talks about where you co
What's the current consensus on exempting private network space from
source address validation? Is it recommended? Discouraged?
(One argument in favor of exceptions is that it makes PMTUD work if
transfer networks use private address space.)
19 matches
Mail list logo
