[Dshield] Spam Problem - RFC1918 Comment

David Sentelle David.Sentelle at cnbcbank.com
Mon Jan 12 20:48:05 GMT 2004


The important thing to note with RFC1918 traffic is that the RFC states
these are 'non-routable' addresses.  However, an RFC is just a Request
For Comment, and not a concrete law.  ISPs can and do route RFC1918
addresses.  My ISP does route them inside their own network, and I
frequently see traffic hitting our external interface from RFC1918
addresses.  

It is my understanding that they do this so their internal equipment
doesn't take up address space.  Whatever the case, don't rely on RFCs
(or ISPs) to keep out non-routeable traffic.

I know there's people much more knowledgeable than me on this list. 
(Why else would I subscribe?)   I'm sure (consider it an invitation) one
of them will correct me on whatever I've screwed up in what little I've
said here.  I'm just regurgitating what I was told by my ISP's support
staff when I was asking why I saw this RFC1918 traffic hitting our
external interface.  (traffic which wasn't spoofed because I could
connect to the addresses)





More information about the list mailing list