Register.com .....routing issue?
Hey folks, Has anyone tried to trace to Register.com's main page yet? I haven't been able to hit it, and when I try to trace down to them I end up hitting a 10.0.30.x network, then go back to public IP's...how is that possible? Anyone else having trouble connecting to them? Happy Monday! (still) Ralph M. Los Asst. Vice-President, Internet Systems and Security EnvestNetPMC rlos@envestnet.com (312) 827-3945 (direct) (312) 296-9003 (wireless w/voicemail) * If you haven't been hacked, you don't know where your vulnerabilities lie*
I believe Register.com (or any for that matter) has the right to use internal address space where ever they want. The fact that internal address space is showing in a traceroute between you and them might mean a wide range of things. In this case, Register.com 'might' be using internal address space on some(all) of their WAN links. You <-> Internet <-> Company A Router <-> WAN Link (internal IP space) <-> Company A Router <-> Web Servers Whether or not people should used RFC reserved IP space for WAN links is not a discussion I wish to have. Chris Kleban -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Los, Ralph Sent: Wednesday, September 05, 2001 4:13 PM To: 'nanog@merit.edu' Subject: Register.com .....routing issue? Sensitivity: Confidential Hey folks, Has anyone tried to trace to Register.com's main page yet? I haven't been able to hit it, and when I try to trace down to them I end up hitting a 10.0.30.x network, then go back to public IP's...how is that possible? Anyone else having trouble connecting to them? Happy Monday! (still) Ralph M. Los Asst. Vice-President, Internet Systems and Security EnvestNetPMC rlos@envestnet.com (312) 827-3945 (direct) (312) 296-9003 (wireless w/voicemail) * If you haven't been hacked, you don't know where your vulnerabilities lie*
@home is/was famous for the public/private/public transition in the middle of a traceroute.. Brian "Sonic" Whalen Success = Preparation + Opportunity On Wed, 5 Sep 2001, Los, Ralph wrote:
Hey folks,
Has anyone tried to trace to Register.com's main page yet? I haven't been able to hit it, and when I try to trace down to them I end up hitting a 10.0.30.x network, then go back to public IP's...how is that possible?
Anyone else having trouble connecting to them?
Happy Monday! (still)
Ralph M. Los Asst. Vice-President, Internet Systems and Security EnvestNetPMC rlos@envestnet.com (312) 827-3945 (direct) (312) 296-9003 (wireless w/voicemail) * If you haven't been hacked, you don't know where your vulnerabilities lie*
Oh Gawd. Not this again! That is because someone who doesn't care about PMTU working end-to-end has used RFC1918 addresses on WAN links inside their network. --- John Fraizer EnterZone, Inc On Wed, 5 Sep 2001, Los, Ralph wrote:
Hey folks,
Has anyone tried to trace to Register.com's main page yet? I haven't been able to hit it, and when I try to trace down to them I end up hitting a 10.0.30.x network, then go back to public IP's...how is that possible?
Anyone else having trouble connecting to them?
Happy Monday! (still)
Ralph M. Los Asst. Vice-President, Internet Systems and Security EnvestNetPMC rlos@envestnet.com (312) 827-3945 (direct) (312) 296-9003 (wireless w/voicemail) * If you haven't been hacked, you don't know where your vulnerabilities lie*
On Wed, Sep 05, 2001 at 05:17:35PM -0400, John Fraizer wrote:
Oh Gawd. Not this again! That is because someone who doesn't care about PMTU working end-to-end has used RFC1918 addresses on WAN links inside their network.
Any chance everyone could just read the threads at http://www.merit.edu/mail.archives/nanog/1998-10/msg00552.html http://www.merit.edu/mail.archives/nanog/2001-02/msg00702.html and forego this little flamewar? No, didn't think so. --Adam -- Adam McKenna <adam@flounder.net> | GPG: 17A4 11F7 5E7E C2E7 08AA http://flounder.net/publickey.html | 38B0 05D0 8BF7 2C6D 110A
please stop scott On Wed, 5 Sep 2001, John Fraizer wrote:
Oh Gawd. Not this again! That is because someone who doesn't care about PMTU working end-to-end has used RFC1918 addresses on WAN links inside their network.
--- John Fraizer EnterZone, Inc
On Wed, 5 Sep 2001, Los, Ralph wrote:
Hey folks,
Has anyone tried to trace to Register.com's main page yet? I haven't been able to hit it, and when I try to trace down to them I end up hitting a 10.0.30.x network, then go back to public IP's...how is that possible?
Anyone else having trouble connecting to them?
Happy Monday! (still)
Ralph M. Los Asst. Vice-President, Internet Systems and Security EnvestNetPMC rlos@envestnet.com (312) 827-3945 (direct) (312) 296-9003 (wireless w/voicemail) * If you haven't been hacked, you don't know where your vulnerabilities lie*
On Wed, 05 Sep 2001 17:17:35 EDT, John Fraizer said:
Oh Gawd. Not this again! That is because someone who doesn't care about PMTU working end-to-end has used RFC1918 addresses on WAN links inside their network.
And they'll defend to the death their right to do it. It's the sort of mindset you usually find in religious cults - and we know how hard it is to deprogram cult members - so let's let that issue be and not start another flame war... ;) -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
On Wed, 5 Sep 2001, Los, Ralph wrote:
Has anyone tried to trace to Register.com's main page yet? I haven't been able to hit it, and when I try to trace down to them I end up hitting a 10.0.30.x network, then go back to public IP's...how is that possible?
RFC 1918 space is very commonly used (although it should be almost universal by now) between the public internet and the final destination [also public] space. Simple resource conservation. As for "How", remember that private space is no different from public space, except for the "gentlemans agreement" we all have not to route it externally. For use as transit networks, private space _almost always_ a Good Idea. -- Yours, J.A. Terranson sysadmin@mfn.org If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place... --------------------------------------------------------------------
<measl@mfn.org> said:
As for "How", remember that private space is no different from public space, except for the "gentlemans agreement" we all have not to route it externally. For use as transit networks, private space _almost always_ a Good Idea.
Umm, it's socially irresponsible. Traceroutes through RFC-1918 space are worthless. My reverse lookups don't work for your private addresses meaning that I have no idea who's network is eating the packets. Even worse is when they overlap with a local set. Traceroutes through local 10.0.0.0 into ISP 10.0.0.0 are extraordinarily confusing when ISP-B's routers are showing up as RTR-x.local.net. What fun figuring out why there's a router loop through my first hop after it's already left that network. Also a blast trying to decipher ICMP errors like host unreachable and Frag Req'd messages that appear to orignate from nowhere in particular. You should also be ingress/egress filtering packets with these addresses. That means no traceroutes, no path MTU discovery, no errors, no nothing. If you or your peers aren't having problems, then you aren't filtering. It's anti-clever to use RFC 1918 space on public networks. I'm sorry that it's too much work to use valid addresses on your network but please don't try to pass it off as being good behavior. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
participants (9)
-
Adam McKenna
-
Brian Whalen
-
Chris Kleban
-
Eric A. Hall
-
John Fraizer
-
Los, Ralph
-
measl@mfn.org
-
scott w
-
Valdis.Kletnieks@vt.edu