24 Apr
2014
24 Apr
'14
1:47 p.m.
Brian F.,
We'll agree to disagree on the point that 44/8 is not one network. The last time I
checked, there was an announcement on the Internet for 44.0.0.0/8; but as I've
mentioned before, to each their own opinion. I think we often get lost on the Internal
(within AMPR, we are an island of subnets that use a proprietary routing protocol) versus
External (from the Public Internet we are one /8) viewpoint.
Regarding the security through obscurity: I allow (and can route) all 44/8 address that
reach me via encap; I also only return traffic to subnets for which I have a route. I
never mentioned that my firewall treats those maches any differnt than another Public
Internet IP address. Only my 44 IPs who entered my GW via a local interface are trusted.
-KB3VWG