What about providers that use portions of the private address space on their network (up to and including the client's serial interface)?
Mohamad
On Tue, 23 Sep 1997 bmanning@ISI.EDU wrote:
Should I be filtering all reserved space at my border, or would it be reasonable for me to expect the big guys not to take packets with clearly inappropriate source addresses?
Yes you should. (and with kudos to Andrew)
! Loopback access-list 100 deny ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255 ! RFC 1918 private blocks access-list 100 deny ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255 access-list 100 deny ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255 access-list 100 deny ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255 ! Test Network access-list 100 deny ip 192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255 ! Tiny networks. access-list 100 deny ip any 255.255.255.128 0.0.0.127 access-list 100 permit ip any any
The operative phrase here is border. That means ASN border, i.e. where you BGP peer with others. At the provider/subscriber interface, within your IGP, using RFC 1918 space is ok. -- --bill