North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: rfc 1918?

  • From: Richard A. Steenbergen
  • Date: Thu Feb 22 18:14:03 2001

On Fri, Feb 23, 2001 at 12:32:11AM +0200, Ariel Biener wrote:
> On Thu, 22 Feb 2001, Greg A. Woods wrote:
> This gets us back to the discussin we had here about 3-4 months ago
> about what should be done in order to create a friendly internet
> environment, that is, where every Internet connected entity actually
> gives a damn about everyone else.

We go through this every couple months, and the same conclusion is reached
every time.

The psycho paranoid people like Greg Woods and Eric Hall scream that any
RFC1918 sourced packet on the internet is a sign of the apocalypse, and
you must apply packet filters to stop them from going out and coming in.

Most everyone else just doesn't care, and realizes that yes it's a packet
you won't be able to reply to but the world will not end if a few of them are
floating around on the internet. There is far worse traffic floating about
then an RFC1918 packet because of someone's misconfigured NAT, and they
will probably proceed to FIX IT when they can't communicate with the rest
of the world through it.

Yes sometimes there IS communication from sources where we DO NOT want a
reply back, like the ICMP messages generated by a router. It might be a
better practice to simply put them in a section of allocated but
unannounced IP space to avoid the 1918-nazi's, but thats another
story. If you have your own 1918 space and you are worried that there
might be some mysterious conflict, then by all means filter them from your
ingress connection the same way you should filter ALL packets sourced from
your ip space.

Now can we please let it go?

Richard A Steenbergen <[email protected]>
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)