[atlas] All-Probe Traceroute + detect RFC1918 addresses

Gert Doering <gert at space.net> writes:
> On Fri, Sep 17, 2021 at 03:43:29PM +0200, Bjørn Mork wrote:
>> Gert Doering <gert at space.net> writes:
>> > On Fri, Sep 17, 2021 at 03:23:24PM +0200, Bjørn Mork wrote:
>> >> Using RFC1918 on links in your own network is fine. And having
>> >> them show up in traceroutes is a feature.
>> >
>> > s/feature/sign of sloppy network design, and a RFC1918 violation/
>> 
>> Sorry for being slow. but I need a direct reference to the paragraph
>> this violates.
>
> Section 5:
>
>    It is strongly recommended that routers which connect enterprises to
>    external networks are set up with appropriate packet and routing
>    filters at both ends of the link in order to prevent packet and
>    routing information leakage.
>
> I think that speaks very clearly about "you can do in your network
> whatever you want, but nobody else wants to see that"

This fails to consider the situation where you are using RFC1918
addresses on that link, which is common for mobile network access today.

My example didn't make that clear, but the traceroute probes are sent
from an RFC1918 address:

 bjorn at miraculix:~$ ip route get 130.67.15.198
 130.67.15.198 dev wwan0 src 10.82.241.88 uid 1000 
     cache 

So you should drop packets using RFC1918 addresses on that link?


> Given the age of the document, the language used to be less STRONG
> back then.

Sure. Assigning RFC1918 addresses to customers was also unheard of, and
didn't even need to be mentioned.




Bjørn