North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: icmp rpf

  • From: Patrick W. Gilmore
  • Date: Sun Sep 24 21:43:11 2006

[Can we all have a moment of silence for a useful, interesting, and on-topic post?]

On Sep 24, 2006, at 5:59 PM, Mark Kent wrote:

A smaller North American network provider, with a modest North
American backbone, numbers their internal routers on public IP space
that they do not announce to the world.

One of the largest North American network providers filters/drops
ICMP messages so that they only pass those with a source IP
address that appears in their routing table.

As a result, traceroutes from into have numerous
hops that time out.

Traceroutes from elsewhere that go into but return on also have numerous hops that time out.

We do all still think that traceroute is important, don't we?

If so, which of these two nets is unreasonable in their actions/ policies?
Who said either was?

First: Your network, your rules. Don't expect others to play by your rules.

But more importantly, there is nothing that says two perfectly reasonable, rational "rules" cannot create a problem when intersecting in interesting ways.

But if forced, I'd say Small.Net gets my vote for needing correction. I see less "wrongness" in a networking running what is essentially loose RPF than a network who expects supposedly bogon- sourced packets to be forwarded. (One could argue that non-announced space is bogus.)

Just remember, I would only say that if pushed. Normally I would say neither is wrong.

Please note that we're not talking about RFC1918 space, or reserved IP
space of any kind. Also, think about the scenario where some failure
happens leaving with an incomplete routing table, thus breaking
traceroute when it is perhaps most needed.
In such an instance, I would suggest Big.Net will have far, far larger problems than whether pings get returned from prefixes it can't reach anyway.