nanog mailing list archives
Re: Rogers Canada using 7.0.0.0/8 for internal address space
From: Jeremy <jbaino () gmail com>
Date: Tue, 24 May 2011 22:22:20 -0500
Please excuse my ignorance on this and note that I am not condoning the hijacking of IP address space. As long as necessary precautions are taken (route filters, tunnels, VRF's) shouldn't this be technically feasible without any negative ramifications? These 7-NET address seem to be assigned to the modem itself, but surely they aren't what the customer sees at thier WAN IP address right? So as long as the modem is configured to send ALL traffic, regardless of destination address (could be a 7NET dst) over a GRE tunnel to some aggregation point via its acquired 7-net address and all routers were to keep the 7net on a separate VRF, shouldn't they be able to avoid any IP collisions? Couldn't you theoretically use anyone's IP space, advertised or not, for this internal transit? I'm not saying it's a good idea, it's certainly more complex which leads to its own issues, but shouldn't it be possible? -Jeremy On Tue, May 24, 2011 at 9:50 PM, Steven Bellovin <smb () cs columbia edu>wrote:
On May 24, 2011, at 9:29 06PM, Jay Ashworth wrote:----- Original Message -----From: "Jimmy Hess" <mysidia () gmail com>On Tue, May 24, 2011 at 4:34 PM, <Vinny_Abello () dell com> wrote:I think those within the organization that deploy those vehicles or are Navy SEALs might sit at different lunch tables than the guysworriedabout IP address collisions. ;-)The F/A-18 Hornets, F/A-22 Raptors are well, and good, but that's old technology The folks in charge of the MQ-1 predator drones might sitcloser tothe guys worried about the IP addresses. And automated drone strikes can always be blamed on a malfunction caused by the hijackingIf packets that control armed drones cross any router that has accesseven toSIPRnet, much less the Internet, someone's getting relieved.http://www.eweek.com/c/a/Security/Militants-Hack-Unencrypted-Drone-Feeds-477219/ --Steve Bellovin, https://www.cs.columbia.edu/~smb
Current thread:
- Re: Rogers Canada using 7.0.0.0/8 for internal address space, (continued)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Joel Jaeggli (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space D'Arcy J.M. Cain (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Rubens Kuhl (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Owen DeLong (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Valdis . Kletnieks (May 24)
- Godwin was here ... was Re: Rogers Canada using 7.0.0.0/8 Edward Lewis (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Joel Jaeggli (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Jimmy Hess (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Jay Ashworth (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Steven Bellovin (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Jeremy (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Valdis . Kletnieks (May 24)
- Re: Rogers Canada using 7.0.0.0/8 for internal address space Cameron Byrne (May 24)