From owner-nanog@merit.edu Mon Aug 2 17:30:06 2004 Date: Mon, 02 Aug 2004 18:25:00 -0400 From: Eric Kimminau <ekimminau@rainfinity.com> To: nanog@merit.edu Subject: problems with covad.net 192.168 address space
Hola!
Anyone having problems with covad.net and 192.168 public broadcasts?
Covad uses some RFC-1918 space internally, for routers, etc. Nothing unusual there. They are known to use the low part of the 172.16.0.0/12 space for the PPP links betwen CPE and DSLAM, and the high part of the same space for the 'upstream gateway'. They use 192.168.0.0/16 for internal routing. They do not use 'Net 10' _at_all_. A traceroute from my home network goes from my dsl modem/router to a 172.31.x.x address; then through two 192.168.x.x addresses, And then to the public internet. Covad does NOT filter *any* RFC-1918 _source_address_ packets from going _to_ their customers. I've had some lengthy discussions with their abuse desk about this, when my firewall has blocked/logged hostile *incoming* packets with RFC-1918 source addresses. For "some strange reason" they can't tell, _or_track_, where those packets are coming from. I'm told they _do_ have RFC-1918 ingress and egress filtering for both source and destination addresses, at their gateways to the _external_ internet. That -that- filtering means that the stuff that shows up 'at _my_ front door' *is* coming from another COVAD customer, and not from "somewhere _outside_ Covad's network".