[Collisions] "controlled interruption" - 127/8 versus RFC1918 space
Joe Abley
jabley at hopcount.ca
Mon Jan 13 15:02:58 UTC 2014
On 2014-01-13, at 09:45, Jeff Schmidt <jschmidt at jasadvisors.com> wrote:
> Using 1918 space could wind-up with
> traffic sent to a printer, as Warren (I think) pointed out.
It's a mistake to assume that traffic with 1918 destinations will stay site-local, too. Without explicit bogon filters and with a default route, I've seen traffic to 10-net destinations (say) travel across more than two external ASes before it is dropped. I'm not suggesting that it's commonplace to be able to get packets to a host that will answer, but the leaks (even without a reachable host) present additional opportunities for third-party data collection.
For example, many wholesale access networks (e.g. via cable) are observed to use 1918 space in the connective tissue between the wholesale customer and their retail customer, and since correctly-implemented bogon filters would make traceroute ugly (and hence cause support costs) the filters are frequently incorrect or absent.
I still don't entirely know what I think about this whole proposal (drc is doing his usual good job at shifting around my assumptions and making me forget my own name) but I think it's a given that 1918 destinations are going to trigger more unpredictable fallout than 127/8 destinations.
Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.dns-oarc.net/pipermail/collisions/attachments/20140113/f8e4a52c/attachment-0001.pgp>
More information about the Collisions
mailing list