nanog mailing list archives
Re: rfc1918 ignorant
From: "John Palmer" <nanog () adns net>
Date: Wed, 23 Jul 2003 13:38:58 -0500
When the RFC's are broken, then what do you do? RFC's are to be followed if one can operate one's network under those constraints. Often times, RFC's don't take into account real world considerations. For instance: The "rule" that there should be only one root server network does not provide a solution to the problem of a corrupt monopoly gaining control over that one root server network (as is the case now). ----- Original Message ----- From: "Petri Helenius" <pete () he iki fi> To: "Dave Temkin" <dave () ordinaryworld com>; "Kevin Oberman" <oberman () es net> Cc: "Lyndon Nerenberg" <lyndon () orthanc ab ca>; "David Schwartz" <davids () webmaster com>; <variable () ednet co uk>; <nanog () merit edu> Sent: Wednesday, July 23, 2003 13:19 Subject: Re: rfc1918 ignorant
Unless of course I block ICMP for the purposes of denying traceroute but still allow DF/etc. Then it's not "broken" as you say.Sure, but people "blocking all ICMP" haven´t usually heard that there are different types and codes in ICMP. It´s surprising how many large www sites do not work if your MTU is less than 1500. Even if you do PMTU. (because the packets vanish somewhere before or at the server). Pete-- David Temkin On Wed, 23 Jul 2003, Kevin Oberman wrote:Date: Wed, 23 Jul 2003 13:50:05 -0400 (EDT) From: Dave Temkin <dave () ordinaryworld com> Sender: owner-nanog () merit edu Needs is a tough call. Plenty of networks block ICMP at the border and could very well be using 1918 addressing in between and you'd have no idea.And the network is broken. People persist in blocking ICMP and then complain when things don't work right. Even if you explain why blocking ICMP is breaking something, they say "ICMP is evil and we have to block it". OK. they are broken and when things don't work, they need to tell their customers that they are choosing to run a network that does not work correctly. (Not that I expect anyone to do this.) I don't see anything "tough" about this call.
Current thread:
- Re: source filtering (Re: rfc1918 ignorant), (continued)
- Re: source filtering (Re: rfc1918 ignorant) variable (Jul 24)
- Re: source filtering (Re: rfc1918 ignorant) Jared Mauch (Jul 24)
- RE: rfc1918 ignorant David Schwartz (Jul 23)
- RE: rfc1918 ignorant Dave Temkin (Jul 23)
- Re: rfc1918 ignorant Lyndon Nerenberg (Jul 23)
- Re: rfc1918 ignorant Dave Temkin (Jul 23)
- Re: rfc1918 ignorant Lyndon Nerenberg (Jul 23)
- Re: rfc1918 ignorant Kevin Oberman (Jul 23)
- Re: rfc1918 ignorant Dave Temkin (Jul 23)
- Re: rfc1918 ignorant Petri Helenius (Jul 23)
- Re: rfc1918 ignorant John Palmer (Jul 23)
- Re: rfc1918 ignorant Petri Helenius (Jul 23)
- Re: rfc1918 ignorant Kevin Oberman (Jul 23)
- Re: rfc1918 ignorant bdragon (Jul 23)
- Re: rfc1918 ignorant Valdis . Kletnieks (Jul 23)
- Re: rfc1918 ignorant Jared Mauch (Jul 23)
- Re: rfc1918 ignorant Kevin Oberman (Jul 23)
- Re: rfc1918 ignorant Daniel Karrenberg (Jul 23)