Infrastructure addresses definition
How do you define infrastructure addresses in your network? Ok, probably router loopbacks are some of them. Router LANs also. But what about addresses used on WAN (or LAN p2p) links that are used for interconnections with customers? What about addresses used for public servers (dns, mail, web, etc)? Do you consider these as infrastructure addresses? If yes, how do you define your iACLs with these included? Regards, Tassos
On Thu, Feb 24, 2011 at 11:13 AM, Tassos Chatzithomaoglou <achatz@forthnet.gr> wrote:
How do you define infrastructure addresses in your network? Ok, probably router loopbacks are some of them. Router LANs also.
But what about addresses used on WAN (or LAN p2p) links that are used for interconnections with customers? What about addresses used for public servers (dns, mail, web, etc)?
Do you consider these as infrastructure addresses? If yes, how do you define your iACLs with these included?
Defining customer interconnect addresses as infrastructure subject to filtering is a bad idea. One of my ISPs does that: you can't reach the serial interface of my router from outside their network because of the filtering. There are customer applications where it's useful to originate a tunnel from the customer serial interface. I had to carve off a chunk of an extra assignment, introducing an extra route into their system. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
I consider anything not facing the customer to be infrastructure. In terms of CPE, routers, etc. If it's a point to point connection (t1,wireless,etc) the address on the router on my end facing the customer router is considered a customer address. Justin -- Justin Wilson <j2sw@mtin.net> Aol & Yahoo IM: j2sw http://www.mtin.net/blog xISP News http://www.twitter.com/j2sw Follow me on Twitter Wisp Consulting Tower Climbing Network Support On 2/24/11 11:13 AM, "Tassos Chatzithomaoglou" <achatz@forthnet.gr> wrote:
How do you define infrastructure addresses in your network? Ok, probably router loopbacks are some of them. Router LANs also.
But what about addresses used on WAN (or LAN p2p) links that are used for interconnections with customers? What about addresses used for public servers (dns, mail, web, etc)?
Do you consider these as infrastructure addresses? If yes, how do you define your iACLs with these included?
Regards, Tassos
participants (3)
-
Justin Wilson -
Tassos Chatzithomaoglou -
William Herrin