North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Bogon list

  • From: Sean M. Doran
  • Date: Tue Jun 04 20:14:28 2002

| Traceroute to www.foo.com, see it goes through an exchange.  Ping
| the router on the far end of the exchange, "host unreachable".

How do you know the name of the thing at the far end of the exchange?
Is it traceroute?  Did the traceroute come from a looking glass, perhaps,
or pass through a router controlled by the network participating
in the exchange?

If someone massaged or annotated the results of the traceroute,
do you think you might a/ not ping that address, b/ ping an address
which somehow corresponds to that router, c/ not know what the hell
is going on at all -- maybe there's an MPLS tunnel across 15 routers!

| Traceroute to it, "host unreachable" at the first default free
| router.  Not only will this confuse your customers, but often first
| level support staff.

The latter can be programmed to use an expert system that
looks alot like a looking glass, but returns edited or annotated
traceroutes instead.  Hey, an in-house FAQ with hyperlinks 
for your support staff, that's too novel!  Let's leak prefixes instead.

| Also, you buy service from your favorite default free network.
| They aren't present at an exchange.  You want to traceroute/ping
| a host on that lan.  You can't, unless someone tranists the exchange.

: macosx ;  host some-router-at-mae-xyzzy.foo-bar.net
<some loopback address>
: macosx ;  host some-router-at-mae-xyzzy-actual-interface-address.foo-bar.net
<some RFC 1918 address>

Which do you more likely ping?  This is done all over the place now,
unfortunately minus the 1918 addressing.

Are there router implementations out there which ALWAYS do the wrong thing,
and use the actual-interface-address when sending unreachables & 
exceededs?  (Well, yes, I know there are.  Sigh.)

	Sean.