nanog mailing list archives
Re: address spoofing
From: sthaug () nethelp no
Date: Fri, 23 Apr 1999 23:56:37 +0200
means that packets with source addresses from RFC 1918 space should not be permitted on the global internet. While I agree that RFC 1918 addresses should not be used on internet visible interfaces, I'm unaware of anywhere in the RFC's where it says that "routers should be configured to reject packets coming from RFC 1918 space."
As others have pointed out, there are indeed RFC sections which seem to imply that packets coming from RFC 1918 space should not be visible on the global Internet. Furthermore, whether the RFC says so or not, I'm going to block these packets at *my* border routers, because: - I have absolutely *no* idea of where these packets might be coming from, - and I have no possibility of generating sensible replies to packets with RFC 1918 source addresses. Steinar Haug, Nethelp consulting, sthaug () nethelp no
Current thread:
- Re: address spoofing, (continued)
- Re: address spoofing Randy Bush (Apr 22)
- Re: address spoofing Tim Finkenstadt (Apr 22)
- Re: address spoofing Jeremy Porter (Apr 22)
- Re: address spoofing John Leong (Apr 23)
- Re: address spoofing John Leong (Apr 23)
- Re: address spoofing Simon Leinen (Apr 27)
- Re: address spoofing Daniel Senie (Apr 22)
- Re: address spoofing Forrest W. Christian (Apr 23)
- Re: address spoofing Andrew Brown (Apr 23)
- Re: address spoofing Forrest W. Christian (Apr 23)
- Re: address spoofing sthaug (Apr 23)
- Re: address spoofing John Leong (Apr 23)
- Re: address spoofing Daniel Senie (Apr 23)
- Re: address spoofing bmanning (Apr 23)
- Re: address spoofing Andrew Brown (Apr 23)
- Re: address spoofing Randy Bush (Apr 23)
- Re: address spoofing Dan Hollis (Apr 23)
- Re: address spoofing sthaug (Apr 23)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Phil Howard (Apr 22)