On Friday 08 Apr 2005 11:00 am, Michael.Dillon@radianz.com wrote:
Which leads me to the question: Why are RFC 1918 addresses defined in a document rather than in an authoritative protocol feed which people can use to configure devices?
Because they don't change terribly often. Indeed the ones in RFC1918 don't change at all. A protocol feed to deliver the same 6 integers? The discussion here seems to be muddling two issues. One is ISPs routing packets with RFC1918 source addresses. Which presumably can and should be dealt with as a routing issue, I believe there is already BCP outlining several way to deal with this traffic. This is noticable to DNS admins, as presumably most such misconfigured boxes never get an IP address for the service they actually want to use, since the enquiries are unrepliable, or at least the boxes issue more DNS queries because some of them are unrepliable. The other is packets enquiring about RFC1918 address space, which can probably be minimised by changing the default settings when DNS server packages are made. For example Debian supplies the config files with the RFC1918 zones commented out (although they are all ready to kill the traffic by removing a "#"). However whilst I'm sure there is a lot of dross looking up RFC1918 address space, I also believe if the volume of such enquiries became an operational issue for the Internet there are other ways of reducing the number of these queries. Whilst we are on dross that turns up at DNS servers, how about traffic for port 0, surely this could be killed at the routing level as well, anyone got any figures for how much port 0 traffic is around? My understanding is it is mostly either scanning, or broken firewalls, neither of which are terribly desirable things to have on your network, or to ship out to other peoples networks.