|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Packets from net 10 (no, not the lyrics)
What about providers that use portions of the private address space on their network (up to and including the client's serial interface)? Mohamad On Tue, 23 Sep 1997 bmanning@ISI.EDU wrote: > > Should I be filtering all reserved space at my border, or would > > it be reasonable for me to expect the big guys not to take packets > > with clearly inappropriate source addresses? > > Yes you should. (and with kudos to Andrew) > > ! Loopback > access-list 100 deny ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255 > ! RFC 1918 private blocks > access-list 100 deny ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255 > access-list 100 deny ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255 > access-list 100 deny ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255 > ! Test Network > access-list 100 deny ip 192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255 > ! Tiny networks. > access-list 100 deny ip any 255.255.255.128 0.0.0.127 > access-list 100 permit ip any any > > > > Or is my view on the situation incomplete? > > I think so. > > > > -- > --bill >
|