|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Qwest/forthelife.net rfc1918 goodness
I used to think that this was wrong also, and I would never build a network like that, but aside from making for ugly traceroutes, there's really nothing wrong with it. RFC 1918 doesn't address this issue directly, but it's pretty clear that the routers in question don't require network access beyond the scope of their enterprise, so they are candidates for being assigned addresses out of private space. The general public doesn't need to be able to address those devices directly. Cable operators seem to be pretty fond of this scheme, and it probably saves a fair amount of public address space in the end. As long as nobody's leaking routes for 10/8 and friends, the only suggestion 1918 makes is to filter out private address space at the edges of the enterprise. Apparently, the cable operators aren't doing this, but then again, it was only a suggestion anyway. Your traceroutes would be even more annoying if everyone was filtering as recommended, you'd need to wait for packets that would never show up because they'd be in some bit bucket somewhere. I see this routinely, since I filter on ingress. Then again, if proper filtering had been applied, nobody would think twice about the missing hop in a traceroute, it could just as easily be attributed to a router blocked from sending ICMP time exceeded messages. The exact same network architecture would no longer look so strange. Mark Jade E. Deane wrote: >Anyone know the drug policy at Qwest?? > >Type escape sequence to abort. >Tracing the route to forthelife.net (216.144.196.7) > > 1 63.237.160.113 8 msec 12 msec 8 msec > 2 lax-core-01.inet.qwest.net (205.171.19.149) 8 msec 8 msec 8 msec > 3 sjo-core-03.inet.qwest.net (205.171.5.155) 16 msec 16 msec 16 msec > 4 sjo-core-01.inet.qwest.net (205.171.22.10) 16 msec 16 msec 16 msec > 5 sfo-core-02.inet.qwest.net (205.171.5.131) 20 msec 48 msec 16 msec > 6 chi-core-01.inet.qwest.net (205.171.5.42) 72 msec 64 msec 68 msec > 7 chi-core-03.inet.qwest.net (205.171.20.174) 64 msec 64 msec 76 msec > 8 chi-edge-17.inet.qwest.net (205.171.20.154) 64 msec 64 msec 68 msec > 9 63.149.1.70 80 msec 84 msec 84 msec > 10 10.60.1.9 80 msec * 80 msec > 11 172.16.250.1 96 msec 84 msec 88 msec > 12 * * * > 13 * * *
|