Re: rfc1918 ignorant

[bdragon () gweep net]

> Is this really an issue?  So long as they're not advertising the space I
> see no issue with routing traffic through a 10. network as transit.  If
> you have no reason to reach their router directly (and after Cisco's last
> exploit, I'd think no one would want anyone to reach their router directly
> :-) ), what's the harm done?
>
> RFC1918 merely states that it shouldn't be routed on the global internet,
> not that it can't be used for transit space.

RFC1918:
   Because private addresses have no global meaning, routing information
   about private networks shall not be propagated on inter-enterprise
   links, and packets with private source or destination addresses
          --------------------------------------------------------
   should not be forwarded across such links. Routers in networks not
   ----------------------------------------- 
   using private address space, especially those of Internet service
   providers, are expected to be configured to reject (filter out)
   routing information about private networks. If such a router receives
   such information the rejection shall not be treated as a routing
   protocol error.

By virtue of using RFC1918 addresses on packet-passing interfaces
(those which generate ICMP error messages) it is a violation of RFC1918.
One could, in turn, disable those messages, or filter them, but as others
point out, that breaks such things as PMTU-D.

Also, those who think their RFC1918-numbered device is not directly reachable
solely due to being RFC1918 numbered, are deluded.