Filtering every last 1918 sourced packet you receive because it might have a DoS is like filtering all ICMP because people can ping flood. If you want to rate limit it, that is reasonable. If you want to restrict it to ICMP responses only, that is also reasonable. If on the other hand you are determined to filter every 1918 sourced packets between AS boundries (including ttl exceed, mtu exceed, and dest unreachable) because an RFC told you you "should", you are actually doing your customers a disservice.
Well, some of us happen to disagree. I have been very happy to see that both at my previous and at my present employer (large SPs by Norwegian standards), all 1918 traffic is filtered at the borders. We have never had any trouble from customers because of this, and we certainly intend to keep the filters. And yes, we have had these filters in place for several years... Steinar Haug, Nethelp consulting, sthaug@nethelp.no