6 Feb
2017
6 Feb
'17
3:05 p.m.
Subject:
Re: [44net] 192.168.0.2 gateway
From:
Mark Phillips <g7ltt(a)g7ltt.com>
Date:
02/06/2017 02:34 PM
To:
AMPRNet working group <44net(a)hamradio.ucsd.edu>
I would say "no".
Y'see, we don't know what kind of network things are riding over. the
network in question could be (for example) a mesh install configured
similar to that of the local cable company. The users get real addresses
but the infrastructure does not.
I think precisely this is the reason why such addresses should be rejected:
The user may have the wrong assumption that the address to be entered here is
the address of the system terminating the tunnel, while in reality it has to be the
internet-visible address that supposedly is NATted to the tunnel gateway.
So, what happens in the local infrastructure does not matter.
Rob
6 Feb
6 Feb
3:24 p.m.
New subject: 192.168.0.2 gateway
On 02/06/2017 03:05 PM, Rob Janssen wrote:
I think precisely this is the reason why such
addresses should be rejected:
The user may have the wrong assumption that the address to be entered
here is
the address of the system terminating the tunnel, while in reality it
has to be the
internet-visible address that supposedly is NATted to the tunnel gateway.
So, what happens in the local infrastructure does not matter.
Exactly. RFC1918 speaks of autonomous networks. RFC-1918 netblocks
should never be routed or advertised outside your own autonomous
network. Ingress interfaces and routers should also drop packets and
route advertisements from these networks.
2846
days inactive
2846
days old
1 comments
2 participants
participants (2)
-
James Sharp -
Rob Janssen