Re: RFC1918 addresses to permit in for VPN?
On Fri, Dec 29, 2000 at 11:31:17AM -0500, Andrew Brown wrote:
speaking of rfc1918 addresses...one of my machines at home got poked at, so i did the usual thing which was perhaps waste about five minutes poking back from some place else if i feel like it. what i saw piqued my interest: [snip bt.net traceroute]
BT have little-to-no-clue in their ISP technical management it seems. They filter out all ICMP to their web servers, then use NT web servers that set the DF bit. (NANOGs passim) As a result, you can't access BTs web servers if there's any network with an MTU of less than 1500 between you and BT. (Which covers many default Frame Relay configs...) Talking to BT tech support is useless, they refuse the escalate any problem unless they get large numbers (tens/hundreds) or users complaining. (Kudos to Unet for rapidly escalating the problem to their top engineers and 'fixing' their network by upping the Frame Relay MTU, when it wasn't even their problem in the first place.) They're also totally inflexible in their sales department - refuse to sell just a leased line with BGP peering, they insist on supplying a router too because it's "too difficult" to support a customer that doesn't have an ISP-provided router, apparently. They only appear to want to sell to clueless customers. I've also had issues with BT leaking routes they shouldn't be and their NOC probing (Telnet and SNMP) routers I've managed, because they weren't sure what they were. (They were not in their network, they were in a colo facility) Rant over. :-) -- Ryan O'Connell - <ryan@complicity.co.uk> - http://www.complicity.co.uk I'm not losing my mind, no I'm not changing my lines, I'm just learning new things with the passage of time
participants (1)
-
Ryan O'Connell