North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: rfc1918 ignorant

  • From: John Palmer
  • Date: Wed Jul 23 14:42:56 2003

When the RFC's are broken, then what do you do?

RFC's are to be followed if one can operate one's network
under those constraints. Often times, RFC's don't take into
account real world considerations.

For instance: The "rule" that there should be only one root
server network does not provide a solution to the problem of
a corrupt monopoly gaining control over that one root server
network (as is the case now).

----- Original Message -----
From: "Petri Helenius" <[email protected]>
To: "Dave Temkin" <[email protected]>; "Kevin Oberman" <[email protected]>
Cc: "Lyndon Nerenberg" <[email protected]>; "David Schwartz" <[email protected]>; <[email protected]>; <[email protected]>
Sent: Wednesday, July 23, 2003 13:19
Subject: Re: rfc1918 ignorant


>
>
>
> >
> > Unless of course I block ICMP for the purposes of denying traceroute but
> > still allow DF/etc.  Then it's not "broken" as you say.
> >
> Sure, but people "blocking all ICMP" haven�t usually heard that there are different
> types and codes in ICMP.
>
> It�s surprising how many large www sites do not work if your MTU is less
> than 1500. Even if you do PMTU. (because the packets vanish somewhere
> before or at the server).
>
> Pete
>
>
> >
> > --
> > David Temkin
> >
> > On Wed, 23 Jul 2003, Kevin Oberman wrote:
> >
> > > > Date: Wed, 23 Jul 2003 13:50:05 -0400 (EDT)
> > > > From: Dave Temkin <[email protected]>
> > > > Sender: [email protected]
> > > >
> > > >
> > > > Needs is a tough call.  Plenty of networks block ICMP at the border and
> > > > could very well be using 1918 addressing in between and you'd have no
> > > > idea.
> > >
> > > And the network is broken.
> > >
> > > People persist in blocking ICMP and then complain when things don't
> > > work right. Even if you explain why blocking ICMP is breaking
> > > something, they say "ICMP is evil and we have to block it". OK. they
> > > are broken and when things don't work, they need to tell their
> > > customers that they are choosing to run a network that does not work
> > > correctly. (Not that I expect anyone to do this.)
> > >
> > > I don't see anything "tough" about this call.
> > >
> >
>
>
>