North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: dsl providers that will route /24

  • From: David Schwartz
  • Date: Fri Mar 30 04:29:00 2001

> David.
>
> We're seeing a flood of RFC1918 sourced traffic bounce off our ingress
> filters.
>
> This is causing unwarranted load on our edge routers.  I feel that we
> should be compensated by whomever is originating or allowing the
> origination of said packets.
>
>  As a result of your strance on the matter, we're going to be naming you
> as a defendant in a civil lawsuit.  Please be sure to have available
> packet logs from _all_ of your customers at _every_ _ingress_ and
> _egress_
> point on your network for the past 24 and next 48 hours.
>
> See you in court.

	We don't log egress points. Obviously, you're so deep into personal attack
mode that you're not capable of rational argument.

	By the way, we haven't had a customer hit us with a single packet with an
RFC1918 source address in about 4 months. The last time, one of our
customers had a misconfigured firewall and was quite glad we alterted them
to the problem. We do get hit with a lot of them, and we pass them on to our
customers unless our customers request that we filter them.

	I don't think there's a clear consensus that this is wrong. If someone
numbers a gateway inside RFC1918 space (which *is* wrong, IMO) blocking the
packets could cause problems. Of course, one can argue that it's the bad
numbering of the gateway that cause the problem, and I won't disagree with
that argument. There's also something to be said for interoperating with
broken configurations.

	My current position is that it's definitely wrong to introduce packets with
RFC1918 source addresses to the global Internet, but that it's not
necessarily a good idea to filter them if you happen to see them. Others may
disagree, but I *definitely* don't want to start up this debate again.

	DS