On Fri, Feb 23, 2001 at 12:32:11AM +0200, Ariel Biener wrote:
On Thu, 22 Feb 2001, Greg A. Woods wrote:
This gets us back to the discussin we had here about 3-4 months ago about what should be done in order to create a friendly internet environment, that is, where every Internet connected entity actually gives a damn about everyone else.
We go through this every couple months, and the same conclusion is reached every time. The psycho paranoid people like Greg Woods and Eric Hall scream that any RFC1918 sourced packet on the internet is a sign of the apocalypse, and you must apply packet filters to stop them from going out and coming in. Most everyone else just doesn't care, and realizes that yes it's a packet you won't be able to reply to but the world will not end if a few of them are floating around on the internet. There is far worse traffic floating about then an RFC1918 packet because of someone's misconfigured NAT, and they will probably proceed to FIX IT when they can't communicate with the rest of the world through it. Yes sometimes there IS communication from sources where we DO NOT want a reply back, like the ICMP messages generated by a router. It might be a better practice to simply put them in a section of allocated but unannounced IP space to avoid the 1918-nazi's, but thats another story. If you have your own 1918 space and you are worried that there might be some mysterious conflict, then by all means filter them from your ingress connection the same way you should filter ALL packets sourced from your ip space. Now can we please let it go? -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
The psycho paranoid people like Greg Woods and Eric Hall scream
unannounced IP space to avoid the 1918-nazi's, but thats another
Now can we please let it go?
I'd say from the references above that I'm not the one with "issues." RFC1918 addreses cause real problems. They are not supposed to be used. It cannot be made much clearer than that. Choosing to ignore the wishes of the rest of the Internet community in order to make your own life a little bit easier is not a question of free will, it is a matter of selfishishness. Furthermore, if you claim that you have the right to violate spirit and intent of Internet BCPs then I certainly have the right to complain about it without being labelled as psycho/paranoid/nazi. Thanks -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
On Thu, Feb 22, 2001, Eric A. Hall wrote:
RFC1918 addreses cause real problems. They are not supposed to be used. It cannot be made much clearer than that. Choosing to ignore the wishes of the rest of the Internet community in order to make your own life a little bit easier is not a question of free will, it is a matter of selfishishness.
Furthermore, if you claim that you have the right to violate spirit and intent of Internet BCPs then I certainly have the right to complain about it without being labelled as psycho/paranoid/nazi.
Neat. Well, how about we apply your zeal and get packet source address spoofing sorted out so we at least have a way of tracing broken machines being used as DoS hosts? Pretty please? :) Adrian -- Adrian Chadd "Romance novel?" <adrian@creative.net.au> "Girl Porn." - http://www.sinfest.net/d/20010202.html
[ On Thursday, February 22, 2001 at 17:58:33 (-0500), Richard A. Steenbergen wrote: ]
Subject: Re: rfc 1918?
The psycho paranoid people like Greg Woods and Eric Hall scream that any RFC1918 sourced packet on the internet is a sign of the apocalypse, and you must apply packet filters to stop them from going out and coming in.
This is not an issue of paranoia (except for those who actually use PRIVATE addresses internally and have properly configured their gateways to be paranoid about even seeing such packets, let alone routing them). This is an issue of co-operation and inter-networking -- i.e. what the Intenet is all about! If we are to have PRIVATE address space allocation (i.e. RFC-1918), then we must never allow PRIVATE addresses to appear in packets that traverse PUBLIC internetworks (i.e. the big-I Internet). -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
On Thu, 22 Feb 2001, Greg A. Woods wrote:
The psycho paranoid people like Greg Woods and Eric Hall scream that any ....
This is not an issue of paranoia (except for those who actually use PRIVATE addresses internally and have properly configured their gateways to be paranoid about even seeing such packets, let alone routing them).
Also, I find calling people that hold a different opinion than your own nazi, or psycho, or paranoid distastefull and unprofessional. --Ariel -- Ariel Biener e-mail: ariel@post.tau.ac.il PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html
participants (5)
-
Adrian Chadd
-
Ariel Biener
-
Eric A. Hall
-
Richard A. Steenbergen
-
woods@weird.com