Re: Request for comment -- BCP38

[Florian Weimer <fw () deneb enyo de>]

* Stephen Satchell:

> Given a single local inside network with:
>   * multiple uplink providers (typical multi-home situation)
>   * multiple edge routers, each connected to an upstream via a public
> routeable /30, and each further connected to the downstream inside
> network
>   * 50 subnets (to pick a number) of routeable IP address space
> downstream from the edge routers, with routing announcements to the
> world that direct packets back to the edge routers
>
> BCP38 demands that ANY packet leaving ANY edge router to the upstream
> MUST have a source address:
>   * within the 50 inside public route-able subnets, or
>   * within a list of "my" addresses in the public /30 subnets.
>
> True statement?

This depends on the agreements with the upstream providers.  They
might reasonably exclude their own /30 they provided to you and the
/30s from the other providers.

In general, packets from the /30s would not travel far anyway because
they would wail source address verification checks at the upstream
provider.  Some providers also use globally unique, but unrouted
addresses for transfer networks, for infrastructure protection
purposes.