North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Strange public traceroutes return private RFC1918 addresses

  • From: Bob Snyder
  • Date: Tue Feb 03 10:24:04 2004

[email protected] wrote:

If RFC1918 addresses are used only on interfaces with jumbo MTUs
on the order of 9000 bytes then it doesn't break PMTUD in a
1500 byte Ethernet world. And it doesn't break traceroute.
We just lose the DNS hint about the router location.

I'm confused about your traceroute comment. You're assuming a packet with a RFC1918 source address won't be dropped. In many cases, it will, and should be. Each organization is permitted to use the RFC1918 address space internally for any purpose they see fit. This often means they don't want people outside the organization to be able to generate packets with source addresses for machines they consider to be internal. It makes sense to drop such packets as they come in to your AS.

Assuming that a packet with an RFC1918 source address will get dropped as it crosses in to a new AS, this will break traceroute hops, Path MTU Discovery, Network/Host unreachable, or any other ICMP that needs to be generated from a router with a RFC1918 address.

Is everyone filtering RFC1918 at their edge? No. But my impression is that more and more places are. Certainly anyone who uses either Team Cymru's Bogon services or similar services (doesn't Cisco now do this in IOS as well?) will be blocking them...