"Gary E. Miller" wrote:
Yo Randy!
On Thu, 22 Apr 1999, Randy Bush wrote:
deny ip 10.0.0.0 0.255.255.255 any (593 matches) deny ip 172.16.0.0 0.15.255.255 any (201 matches) deny ip 192.168.0.0 0.0.255.255 any (769 matches)
[...]
anyone have clues other than net slime and misconfigured nats?
If you did a traceroute thru a router using a private address on one of it's interfaces you could see this. That would be legit.
What RFC 1918 says, is that you're supposed to ensure at border points that private addresses are not leaked. ISPs who insist on using RFC 1918 addresses on their routers should be responsible for filtering out any responses such routers make (e.g. traceroute packets) at their borders. In reality, routers used in the ISP infrastructure are NOT good candidates for RFC 1918 addresses. My present upstream (@Home network) appears to use all of the RFC 1918 address blocks for their own use, and leaks them everywhere. Had I known this before signing a contract, they wouldn't have gotten my business. An interesting passage from RFC 1918, a.k.a. BCP 5, is: "Because private addresses have no global meaning, routing information about private networks shall not be propagated on inter-enterprise links, and packets with private source or destination addresses should not be forwarded across such links. Routers in networks not using private address space, especially those of Internet service providers, are expected to be configured to reject (filter out) routing information about private networks. If such a router receives such Information the rejection shall not be treated as a routing protocol error." -- ----------------------------------------------------------------- Daniel Senie dts@senie.com Amaranth Networks Inc. http://www.amaranthnetworks.com