|
Re: Routing packets to RFC1918 address over internet
Ashish Shukla आशीष शुक्ल wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I've recently experienced this issue with VSNL, an Indian ISP. I've an
> internet connection from them, I recently noticed this:
>
> - ---->8---->8----
> edmond@monte-cristo:~$ traceroute -I msdn.microsoft.com
> traceroute to msdn.microsoft.akadns.net (65.55.11.235), 30 hops max,
> 52 byte packets
> 1 210.211.168.1.bb-static.vsnl.net.in (210.211.168.1) 26.749 ms
> 27.256 ms 27.091 ms
> 2 delhi-203.200.108-213.vsnl.net.in (203.200.108.213) 26.836 ms
> 27.022 ms 26.588 ms
> 3 59.163.16.138.static.vsnl.net.in (59.163.16.13 8) 294.918 ms
> 294.162 ms 295.428 ms
> 4 219.64.231.5.mpls-vpn-sj.static.vsnl.net.in (219.64.231.5)
> 299.259 ms 299.098 ms 298.917 ms
> 5 ge-6-3-0-46.pao-64cb-1b.ntwk.msn.net (207.46.46.67) 298.534 ms
> 299.173 ms 297.798 ms
> 6 ge-1-2-0-0.tuk-64cb-1b.ntwk.msn.net (207.46.33.222) 312.887 ms
> 313.286 ms 313.417 ms
> 7 ge-3-0-0-0.co1-64c-1b.ntwk.msn.net (207.46.34.41) 316.248 ms
> 317.286 ms 316.995 ms
> 8 ge-0-0-0-0.co1-64c-1a.ntwk.msn.net (207.46.34.189) 321.016 ms
> 320.803 ms 320.532 ms
> 9 10.22.8.62 (10.22.8.62) 321.021 ms 319.924 ms 319.659 ms
> 10 * * *
> 11 * * *
> 12 * * *
> 13 * * *
> 14 * * *
> - ---->8---->8----
>
> I'm a n00b in routing, esp. never configured any EGRP protcol
> implementation, so I wanted to know how is MSN being able to send a
> packet from an RFC1918 address to VSNL's network. I expect packets
> destined to RFC1918 address to be dropped at site-level (or
> organization-level) routers, but this is border-level. And following is
> the traceroute to the same from another Indian ISP (Airtel), which
> relies on Sprint to reach MSN.
The ISP's are free to use the RFC 1918 addresses in their network,
as long as they are kept inside their own network. The same applies
to anybody wishing to use them.
A different story is if you want to connect two RFC 1918 segments
at separate locations so they see each other. Here, the solution
is tunneling, often implemented as a Virtual Private Network (VPN).
--
-Tauno Voipio
|