RE: Who does source address validation? (was Re: what's that smel l?)

[James Smith <jsmith () PRESIDIO com>]

> -----Original Message-----
> From: Jared Mauch [mailto:jared () puck Nether net]
> Sent: Thursday, October 10, 2002 12:59 PM
> To: Iljitsch van Beijnum
> Cc: Richard A Steenbergen; nanog () merit edu
> Subject: Re: Who does source address validation? (was Re: what's that
> smell?)
>
>       People number out of 1918 space primarily for a few
> reasons, be them good or not:
>
>       1) Internal use
>       2) Cost involved.. nobody else needs to telnet to my p2p
> links but me, and i don't want to pay {regional_rir} for my
> internal use to reduce costs
>       3) "security" of not being a "publicly" accessible
> network.

I'll stick my neck out (others from my company monitor this list...) and say
that we are not really worried about #3. With #1, if we could get more
space, we would not need/want to (except for the test lab) to use RFC1918
space. This leads to #2, which is the issue.

We are a growing company. We are expanding our list of regional offices,
plus our home office is growing. I'd rather use globally unique addresses
for all this, but the cost of additional space (we have outgrown the /24 we
have traditionally used), the cost of an ASN, and the cheapness of NAT and
"bandwidth/link managers" have driven us to use RFC1918 space.

As long as the cost and ease of doing global unique addresses and BGP is
greater than the cost and ease of a NAT/link manager setup, businesses will
continue to use RFC1918 space, and ignore (or remain blissfully unaware of)
the pain it may or may not cause others. 


James H. Smith II 

I speak for me, and what I observe, which gets me in enough trouble as it
is...