On Jun 20, 2008, at 11:49 AM, John Hardin wrote:
10.x is (supposedly) not routable on the public internet. If you see
10.x (or other RFC-1918) traffic coming in from the world, your ISP
is broken.
You don't run packet sniffers on your hosts much, do you? ;-)
Does your ISP filter egress packets on your interface? No, neither
does mine ;-) (and in this case I control the border routing so I
know it for sure)
Most competent ISPs will filter customer interfaces to prevent bogons,
and some will filter public peering ports for bogons, but even with
both of those a surprising number of 10.x packets make their way to
our hosts.
belt-and-suspenders: Even if it's unlikely for a 10.x packet to reach
the host, why should I trust it?
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness
