Re: private ip addresses from ISP

["Patrick W. Gilmore" <patrick () ianai net>]

On May 23, 2006, at 3:33 AM, Richard A Steenbergen wrote:

> > > From RFC 1918
> >    Because private addresses have no global meaning, routing  
> > information
> >    about private networks shall not be propagated on inter-enterprise
> >    links, and packets with private source or destination addresses
> >    should not be forwarded across such links. Routers in networks not
> >    using private address space, especially those of Internet service
> >    providers, are expected to be configured to reject (filter out)
> >    routing information about private networks.
> >
> > The ISP shouldn't be "leaving" anything to the end-user, these  
> > packets
> > should be dropped as a matter of course, along with any routing
> > advertisements for RFC 1918 space(From #1). ISP's who leak 1918 space
> > into my network piss me off, and get irate phone calls for their
> > trouble.
>
> The section you quoted from RFC1918 specifically addresses routes, not
> packets.

I know it was late when you wrote that, RAS, but from the  
_very_first_sentence_:

> > and packets with private source or destination addresses
> >    should not be forwarded across such links


> If you're receiving RFC1918 *routes* from anyone, you need to
> thwack them over the head with a cluebat a couple of times until  
> the cluey
> filling oozes out. If you're receiving RFC1918 sourced packets, for  
> the
> most part you really shouldn't care. There are semi-legitimate  
> reasons for
> packets with those sources addresses to float around the Internet, and
> they don't hurt anything. If you really can't stand seeing an RFC1918
> sourced packet over the Internet it is more of a personality  
> problem than
> a networking problem, so a good shrink is probably going to be more  
> useful
> than a good firewall.

Incorrect.  Not to mention Just Plain Wrong.

Please read BCP38 again.  (For the first time? :)

--
TTFN,
patrick