North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Strange public traceroutes return private RFC1918 addresses

  • From: Pekka Savola
  • Date: Tue Feb 03 01:04:08 2004

On Tue, 3 Feb 2004, Rubens Kuhl Jr. wrote:
> Using real but announced IPs for routers will make their packets fail
> unicast-RPF checks, dropping traceroute and PMTUD responses as happens with
> RFC1918 addresses.

I guess you meant "unannounced".

This is the case for those who run uRPF towards their upstream (or
transit ISPs peering with them who'd run uRPF on the peering links).  
I don't think too many folks do that.

But I see very little point in not announcing them.  Equally well you
could just set up an acl at the edge which drops or rate-limits the
traffic.  Well, you might not be able to if you're using a vendor 
the implementation of which doesn't allow you to do that.. :)

Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings