|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: RFC 1918
> OARnet is doing it for "security" last I talked to them (which was > several years ago), they've been using RFC1918 on transit links for a while > now, CIP ohio-dmz.net. > > -jamie Security? I have not, nor do I plan to, but I can think of tons of different points on OARnet directly and two places offnet that one could inject packets into their network and get to those routers, 1918 addressed or not. What ever happened to using good old access-lists on the router for security and blocking traffic destined for the router itself at the borders? It seems to be a much better security model than using 1918 space on the routers. Beyond that, it lets you actually have REAL in-addr.arpa replies for the WAN interfaces in a traceroute. Then again, being an OS-hUge activity, it is very much in character for them to do things their own way and damn the world if they don't like it. I'm convinced that the only thing OS-hUge breeds is primadonnas with a worthless piece of paper that proves they wasted their money and several years of their life. --- John Fraizer EnterZone, Inc
|