North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Strange public traceroutes return private RFC1918 addresses
On Tue, 3 Feb 2004, Rubens Kuhl Jr. wrote: > Using real but announced IPs for routers will make their packets fail > unicast-RPF checks, dropping traceroute and PMTUD responses as happens with > RFC1918 addresses. I guess you meant "unannounced". This is the case for those who run uRPF towards their upstream (or transit ISPs peering with them who'd run uRPF on the peering links). I don't think too many folks do that. But I see very little point in not announcing them. Equally well you could just set up an acl at the edge which drops or rate-limits the traffic. Well, you might not be able to if you're using a vendor the implementation of which doesn't allow you to do that.. :) -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
|