On Sun, 29 Jun 2008 01:26:59 +0530, Ashish Shukla आशीष श
ुक्ल wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I've recently experienced this issue with VSNL, an Indian ISP. I've an
> internet connection from them, I recently noticed this:
>
> - ---->8---->8----
> edmond@monte-cristo:~$ traceroute -I msdn.microsoft.com traceroute to
> msdn.microsoft.akadns.net (65.55.11.235), 30 hops max, 52 byte packets
> 1 210.211.168.1.bb-static.vsnl.net.in (210.211.168.1) 26.749 ms
> 27.256 ms 27.091 ms
> 2 delhi-203.200.108-213.vsnl.net.in (203.200.108.213) 26.836 ms
> 27.022 ms 26.588 ms
> 3 59.163.16.138.static.vsnl.net.in (59.163.16.13 8) 294.918 ms
> 294.162 ms 295.428 ms
> 4 219.64.231.5.mpls-vpn-sj.static.vsnl.net.in (219.64.231.5)
> 299.259 ms 299.098 ms 298.917 ms
> 5 ge-6-3-0-46.pao-64cb-1b.ntwk.msn.net (207.46.46.67) 298.534 ms
> 299.173 ms 297.798 ms
> 6 ge-1-2-0-0.tuk-64cb-1b.ntwk.msn.net (207.46.33.222) 312.887 ms
> 313.286 ms 313.417 ms
> 7 ge-3-0-0-0.co1-64c-1b.ntwk.msn.net (207.46.34.41) 316.248 ms
> 317.286 ms 316.995 ms
> 8 ge-0-0-0-0.co1-64c-1a.ntwk.msn.net (207.46.34.189) 321.016 ms
> 320.803 ms 320.532 ms
> 9 10.22.8.62 (10.22.8.62) 321.021 ms 319.924 ms 319.659 ms
> 10 * * *
> 11 * * *
> 12 * * *
> 13 * * *
> 14 * * *
> - ---->8---->8----
>
> I'm a n00b in routing, esp. never configured any EGRP protcol
> implementation, so I wanted to know how is MSN being able to send a
> packet from an RFC1918 address to VSNL's network. I expect packets
> destined to RFC1918 address to be dropped at site-level (or
> organization-level) routers, but this is border-level. And following is
> the traceroute to the same from another Indian ISP (Airtel), which
> relies on Sprint to reach MSN.

What you have to understand is that routing takes place on the
destination address. In this case, the TTL exceeded packages that are
sent back to you. These have your public IPA as the destination address
so these do arrive.

Whatever internal addressing someone uses is irrelevant. Some links in
between you and the destination may use RFC1918 addresses to reach each
other. As long as the target has a public IP address and all hops along
the path know how to get the packet one hop closer to the destination,
that's cool. It's how IP works. You normally never notice this, unless
you do a traceroute.

I the case of a traceroute, all routers along the path will send back
eventually a TTL exceeded message (packet). This message is addressed to
you, so it arrives. The router chooses some source address, normally the
address of the interface the TTL-exceeded packet goes out on, or the IP
address of the interface your original packet came in on, I'm not sure
which one (more often than not, these are the same).

So you get a packet addressed to you from some IP address. In normal
communication the source address matters. It tells your machine (together
with some other ID, like a tcp or udp port, or an icmp ID, which
conversation this packet is a part of. In this case, the source address
just tells you which router along the way dropped your packet. And if
that router happens to be part of a link that uses RFC1918 addresses, you
see RFC1918 addresses.

HTH,
M4