nanog mailing list archives

Re: Infrastructure addresses definition

From: William Herrin <bill () herrin us>
Date: Thu, 24 Feb 2011 11:39:24 -0500

On Thu, Feb 24, 2011 at 11:13 AM, Tassos Chatzithomaoglou
<achatz () forthnet gr> wrote:

How do you define infrastructure addresses in your network?
Ok, probably router loopbacks are some of them. Router LANs also.

But what about addresses used on WAN (or LAN p2p) links that are used for
interconnections with customers?
What about addresses used for public servers (dns, mail, web, etc)?

Do you consider these as infrastructure addresses?
If yes, how do you define your iACLs with these included?


Defining customer interconnect addresses as infrastructure subject to
filtering is a bad idea. One of my ISPs does that: you can't reach the
serial interface of my router from outside their network because of
the filtering. There are customer applications where it's useful to
originate a tunnel from the customer serial interface. I had to carve
off a chunk of an extra assignment, introducing an extra route into
their system.

Regards,
Bill Herrin



-- 
William D. Herrin ................ herrin () dirtside com  bill () herrin us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

Current thread:

Infrastructure addresses definition Tassos Chatzithomaoglou (Feb 24)
- Re: Infrastructure addresses definition William Herrin (Feb 24)
- Re: Infrastructure addresses definition Justin Wilson (Feb 24)