Anyone know the drug policy at Qwest?? Type escape sequence to abort. Tracing the route to forthelife.net (216.144.196.7) 1 63.237.160.113 8 msec 12 msec 8 msec 2 lax-core-01.inet.qwest.net (205.171.19.149) 8 msec 8 msec 8 msec 3 sjo-core-03.inet.qwest.net (205.171.5.155) 16 msec 16 msec 16 msec 4 sjo-core-01.inet.qwest.net (205.171.22.10) 16 msec 16 msec 16 msec 5 sfo-core-02.inet.qwest.net (205.171.5.131) 20 msec 48 msec 16 msec 6 chi-core-01.inet.qwest.net (205.171.5.42) 72 msec 64 msec 68 msec 7 chi-core-03.inet.qwest.net (205.171.20.174) 64 msec 64 msec 76 msec 8 chi-edge-17.inet.qwest.net (205.171.20.154) 64 msec 64 msec 68 msec 9 63.149.1.70 80 msec 84 msec 84 msec 10 10.60.1.9 80 msec * 80 msec 11 172.16.250.1 96 msec 84 msec 88 msec 12 * * * 13 * * * Jade Jade E. Deane Network Engineer helloNetwork.com Las Vegas, Nevada Office: +1 (702) 938-9267 Cell: +1 (702) 604-4759 Fax: +1 (702) 456-1471 email: jade.deane@helloNetwork.com epage: 7026044759@page.nextel.com
I have seen traces on the @home network go thru 10. space, currently from sprintlink in anaheim, a trace to www.home.com goes thru a 192.168 ip. Very Nice Bri On Sun, 10 Dec 2000, Jade E. Deane wrote:
Anyone know the drug policy at Qwest??
Type escape sequence to abort. Tracing the route to forthelife.net (216.144.196.7)
1 63.237.160.113 8 msec 12 msec 8 msec 2 lax-core-01.inet.qwest.net (205.171.19.149) 8 msec 8 msec 8 msec 3 sjo-core-03.inet.qwest.net (205.171.5.155) 16 msec 16 msec 16 msec 4 sjo-core-01.inet.qwest.net (205.171.22.10) 16 msec 16 msec 16 msec 5 sfo-core-02.inet.qwest.net (205.171.5.131) 20 msec 48 msec 16 msec 6 chi-core-01.inet.qwest.net (205.171.5.42) 72 msec 64 msec 68 msec 7 chi-core-03.inet.qwest.net (205.171.20.174) 64 msec 64 msec 76 msec 8 chi-edge-17.inet.qwest.net (205.171.20.154) 64 msec 64 msec 68 msec 9 63.149.1.70 80 msec 84 msec 84 msec 10 10.60.1.9 80 msec * 80 msec 11 172.16.250.1 96 msec 84 msec 88 msec 12 * * * 13 * * *
Jade
Jade E. Deane Network Engineer helloNetwork.com Las Vegas, Nevada
Office: +1 (702) 938-9267 Cell: +1 (702) 604-4759 Fax: +1 (702) 456-1471 email: jade.deane@helloNetwork.com epage: 7026044759@page.nextel.com
I used to think that this was wrong also, and I would never build a network like that, but aside from making for ugly traceroutes, there's really nothing wrong with it. RFC 1918 doesn't address this issue directly, but it's pretty clear that the routers in question don't require network access beyond the scope of their enterprise, so they are candidates for being assigned addresses out of private space. The general public doesn't need to be able to address those devices directly. Cable operators seem to be pretty fond of this scheme, and it probably saves a fair amount of public address space in the end. As long as nobody's leaking routes for 10/8 and friends, the only suggestion 1918 makes is to filter out private address space at the edges of the enterprise. Apparently, the cable operators aren't doing this, but then again, it was only a suggestion anyway. Your traceroutes would be even more annoying if everyone was filtering as recommended, you'd need to wait for packets that would never show up because they'd be in some bit bucket somewhere. I see this routinely, since I filter on ingress. Then again, if proper filtering had been applied, nobody would think twice about the missing hop in a traceroute, it could just as easily be attributed to a router blocked from sending ICMP time exceeded messages. The exact same network architecture would no longer look so strange. Mark Jade E. Deane wrote:
Anyone know the drug policy at Qwest??
Type escape sequence to abort. Tracing the route to forthelife.net (216.144.196.7)
1 63.237.160.113 8 msec 12 msec 8 msec 2 lax-core-01.inet.qwest.net (205.171.19.149) 8 msec 8 msec 8 msec 3 sjo-core-03.inet.qwest.net (205.171.5.155) 16 msec 16 msec 16 msec 4 sjo-core-01.inet.qwest.net (205.171.22.10) 16 msec 16 msec 16 msec 5 sfo-core-02.inet.qwest.net (205.171.5.131) 20 msec 48 msec 16 msec 6 chi-core-01.inet.qwest.net (205.171.5.42) 72 msec 64 msec 68 msec 7 chi-core-03.inet.qwest.net (205.171.20.174) 64 msec 64 msec 76 msec 8 chi-edge-17.inet.qwest.net (205.171.20.154) 64 msec 64 msec 68 msec 9 63.149.1.70 80 msec 84 msec 84 msec 10 10.60.1.9 80 msec * 80 msec 11 172.16.250.1 96 msec 84 msec 88 msec 12 * * * 13 * * *
On Sun, 10 Dec 2000, Mark Mentovai wrote:
I used to think that this was wrong also, and I would never build a network like that, but aside from making for ugly traceroutes, there's really nothing wrong with it. RFC 1918 doesn't address this issue
It, together with a martian ingress-filters break PMTU-D _IF_ any of the links between these routers has MTU less than 1500. This topic pops up on nanog every 4-6 months, but I doubt that it'll make home.net or qwest change their addressing schemes. -- Alex Pilosov | http://www.acecape.com/dsl CTO - Acecape, Inc. | AceDSL:The best ADSL in Bell Atlantic area 325 W 38 St. Suite 1005 | (Stealth Marketing Works! :) New York, NY 10018 |
Its not Q with the 1918 addressing. notice: 8 chi-edge-17.inet.qwest.net (205.171.20.154) 64 msec 64 msec 68 msec edge = elvis has left the building .chance -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Alex Pilosov Sent: Sunday, December 10, 2000 8:16 PM To: Mark Mentovai Cc: Jade E. Deane; nanog@merit.edu Subject: Re: Qwest/forthelife.net rfc1918 goodness On Sun, 10 Dec 2000, Mark Mentovai wrote:
I used to think that this was wrong also, and I would never build a network like that, but aside from making for ugly traceroutes, there's really nothing wrong with it. RFC 1918 doesn't address this issue
It, together with a martian ingress-filters break PMTU-D _IF_ any of the links between these routers has MTU less than 1500. This topic pops up on nanog every 4-6 months, but I doubt that it'll make home.net or qwest change their addressing schemes. -- Alex Pilosov | http://www.acecape.com/dsl CTO - Acecape, Inc. | AceDSL:The best ADSL in Bell Atlantic area 325 W 38 St. Suite 1005 | (Stealth Marketing Works! :) New York, NY 10018 |
On Sun, 10 Dec 2000, Mark Mentovai wrote:
I used to think that this was wrong also, and I would never build a network like that, but aside from making for ugly traceroutes, there's really nothing wrong with it. RFC 1918 doesn't address this issue directly, but it's pretty clear that the routers in question don't require network access beyond the scope of their enterprise, so they are candidates for being assigned addresses out of private space. The general public doesn't need to
There are a few other points. Routers tend to have multiple interfaces. Just because a router sends packets in a traceroute with a private IP source address doesn't mean the router isn't accessible from the internet via a public address on some other interface...just that interface with that address isn't, and most likely doesn't need to be. Some routers neatly accomodate this by allowing you to specify the IP address they'll use for all locally sourced packets. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
participants (6)
-
Alex Pilosov -
Brian W. -
Chance Whaley -
Jade E. Deane -
jlewis@lewis.org -
Mark Mentovai