nanog mailing list archives
Re: address spoofing
From: Alex Bligh <amb () gxn net>
Date: Thu, 22 Apr 1999 23:47:29 +0200
anyone have clues other than net slime and misconfigured nats?
Possibly users behind your filters are tracerouting through somewhere which has PtP links configured in RFC1918 space, and you are seeing ICMP TTL exceeded back from these addresses. Some people allege configuring publicly visible PtPs to RFC1918 addresses is not bad practice. YMMV. If you really want to know what they are, policy route them to a spare ethernet port back to backed with a box running tcpdump. But then you knew that already. -- Alex Bligh GX Networks (formerly Xara Networks)
Current thread:
- Re: address spoofing, (continued)
- Re: address spoofing Forrest W. Christian (Apr 23)
- Re: address spoofing sthaug (Apr 23)
- Re: address spoofing John Leong (Apr 23)
- Re: address spoofing Daniel Senie (Apr 23)
- Re: address spoofing bmanning (Apr 23)
- Re: address spoofing Andrew Brown (Apr 23)
- Re: address spoofing Randy Bush (Apr 23)
- Re: address spoofing Dan Hollis (Apr 23)
- Re: address spoofing sthaug (Apr 23)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Phil Howard (Apr 22)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Phillip Vandry (Apr 23)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Phil Howard (Apr 23)
- Re: address spoofing Bryan Bradsby (Apr 23)
- Re: address spoofing Phil Howard (Apr 23)
- Re: address spoofing Andrew Brown (Apr 23)
- Re: address spoofing Phil Howard (Apr 25)
- Re: address spoofing sthaug (Apr 25)