nanog mailing list archives
Re: RFC1918 addresses to permit in for VPN?
From: Sean Donelan <sean () donelan com>
Date: 28 Dec 2000 23:25:14 -0800
On Thu, 28 December 2000, "Miguel A.L. Paraz" wrote:
Our DSUA filter had to have a small hole punched in since a customer had a VPN (I do not know yet as to what kind) which was receiving packets sourced at 172.17.x.x. Is this a misconfiguration on the sender's end, or a "feature." I think there was earlier discussion on VPN's requiring ICMP (echo?)
Its not a very private or virtual network if it leaks addresses into a data stream visible to your filters.
Current thread:
- RFC1918 addresses to permit in for VPN? Miguel A.L. Paraz (Dec 28)
- <Possible follow-ups>
- Re: RFC1918 addresses to permit in for VPN? Sean Donelan (Dec 28)
- Re: RFC1918 addresses to permit in for VPN? Andrew Brown (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? John Fraizer (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? Andrew Brown (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? John Fraizer (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? Andrew Brown (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? John Fraizer (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? Andrew Brown (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? Andrew Brown (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? Daniel L. Golding (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? Andrew Brown (Dec 29)
- Re: RFC1918 addresses to permit in for VPN? Simon Lyall (Dec 29)