North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: RFC1918 addresses to permit in for VPN?

  • From: John Fraizer
  • Date: Fri Dec 29 12:54:00 2000 

Block traffic sourced from 1918 space at the borders like all good
providers should do and it looks more like this:

11  transit1-pos10-3.ilford.ukcore.bt.net (194.74.16.245)  105.436 ms 104.467 ms  110.371 ms
12  core2-gig3-0.ilford.ukcore.bt.net (194.74.16.111)  109.295 ms  105.359 ms  107.466 ms
13  core2-pos10-0.bletchley.ukcore.bt.net (62.6.196.221)  107.255 ms 107.344 ms  109.345 ms
14  vhsaccess1-pos8-0.bletchley.fixed.bt.net (62.6.197.138)  107.308 ms 105.954 ms  111.282 ms
15  213.120.207.222 (213.120.207.222)  107.333 ms  106.454 ms  105.460 ms
16  * * *
17  * * *
18  213.120.62.61 (213.120.62.61)  106.933 ms  109.007 ms  111.363 ms
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *



---
John Fraizer
EnterZone, Inc



On Fri, 29 Dec 2000, Andrew Brown wrote:

> 
> speaking of rfc1918 addresses...one of my machines at home got poked
> at, so i did the usual thing which was perhaps waste about five
> minutes poking back from some place else if i feel like it.  what i
> saw piqued my interest:
> 
> % traceroute -f12 213.123.76.29
> traceroute to 213.123.76.29 (213.123.76.29), 30 hops max, 40 byte packets
> 12  core1-pos10-0.bletchley.ukcore.bt.net (62.6.196.217)  349.804 ms  391.793 ms  354.819 ms
> 13  vhsaccess1-pos7-0.bletchley.fixed.bt.net (62.6.197.134)  472.775 ms  413.810 ms  429.770 ms
> 14  213.120.207.218 (213.120.207.218)  288.801 ms  285.806 ms  376.831 ms
> 15  172.16.93.125 (172.16.93.125)  348.788 ms  383.831 ms  274.826 ms
> 16  172.16.93.49 (172.16.93.49)  284.805 ms  426.828 ms  869.717 ms
> 17  172.16.93.37 (172.16.93.37)  243.793 ms  386.818 ms  394.838 ms
> 18  172.16.93.1 (172.16.93.1)  399.757 ms  281.851 ms  324.813 ms
> 19  192.168.250.17 (192.168.250.17)  279.814 ms  315.717 ms  241.842 ms
> 20  213.123.76.29 (213.123.76.29) 241.812 ms  247.859 ms  193.838 ms
> 
> now i've seen people using 10.x.x.x addresses for the endpoints of the
> occasional serial link, but this makes it look like most of british
> telecom's backbone uses private addressing.  i wonder what would
> happen to them if someone were to leak a route into them for those
> addresses?
> 
> -- 
> |-----< "CODE WARRIOR" >-----|
> [email protected]             * "ah!  i see you have the internet
> [email protected] (Andrew Brown)                that goes *ping*!"
> [email protected]       * "information is power -- share the wealth."
>