RE: Routing

From: Andrew Lennon (alennon_uk@xxxxxxxxx)
Date: Tue Aug 07 2001 - 19:23:52 GMT-3

• Next message: Johnny Dedon: "Re: BGP filtering"
• Previous message: Bob Chahal: "Re: BGP filtering"
• Maybe in reply to: Leonard @ iname.com: "Routing"
• Next in thread: Jeff Omick: "Re: Routing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Monty,

192.168.0.0 can be a /8 (not recommended though). You need to think
CIDR. Because the address range starts at 192.0.0.0 and ends at
192.255.255.255, any address within that range is valid (no rfc 1918's
though). Hence if you are a crap ISP you can aggregate incorrectly and
advertise Martian Networks. Once this has happened, it is up to the
upstream ISP to block these using route-maps/communities etc.

Same applies to, say, 172.23.1.1/24. this should be filtered by the
upstream ISP

Using BGP aggregation with summary suppression and/or communities would
allow you to advertise those routes that are valid within the 192/8
block and shut out those not valid.

Providing you are not connecting to an address (rfc 1918) in that range
from a globally routable address and not passing though an intermediary
trying to route the same range you should be fine.

There are other addresses within the 192/8 block on top of those
specified in rfc 1918 which are not routable, but I can't remember now!

So far I know of the following:

10/8
66.0.0.0 - 126.0.0.0
164.0.0.0 -191.255.255.255 (some are in use now I think. 165-170 maybe)

Anyone know of any others outside this, let me know!

Andy

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Monty.Majszak@Level3.com
Sent: 07 August 2001 19:31
To: austin.alao@bt.com; andrew.2.shore@bt.com; Leonard_Ong@iname.com;
ccielab@groupstudy.com
Subject: RE: Routing

I must be missing something here Austin?! 192.168.0.0 cannot be a /8.
Technically the network address would be just 192.0.0.0 but the
"private"
address space of 192.168.0.0 falls w/in that block. Let me know if I
missed
something here or misunderstood you, thanks.

-Monty

"The point is that f you look carefully at the RFC, it specifies the
address
AND mask. Any bit shifting that alters the network prefix position
towards
the most significant direction, will render the route routable.

192.168.x.x is Internet routable when the mask is 255.0.0.0 that is the
whole thinking behind CDR. Makes hitherto illegal addresses useable in a
way."

-----Original Message-----
From: austin.alao@bt.com [mailto:austin.alao@bt.com]
Sent: Tuesday, August 07, 2001 9:23 AM
To: andrew.2.shore@bt.com; Leonard_Ong@iname.com; ccielab@groupstudy.com
Subject: RE: Routing

 Thought I had answered the question 2 hours ago only to find out I
forgot
to click "send".

Anyhow here goes again:

When dealing with protocols like BGP and OSPF an address means nothing
without its mask.

With CIDR which you are seeing in action here, 172.16.3.1 is not
routable
when the mask is /16. Move it to anything less and it is a valid
Internet
address.

The point is that f you look carefully at the RFC, it specifies the
address
AND mask. Any bit shifting that alters the network prefix position
towards
the most significant direction, will render the route routable.

192.168.x.x is Internet routable when the mask is 255.0.0.0 that is the
whole thinking behind CDR. Makes hitherto illegal addresses useable in a
way.

Trace and ping are limited network routing testing tools. And are more
suitable and yet nor perfect for reachability testing for this exact
reason
that you cannot specify a prefix length.

Until we now what the masks are on those routers we cannot tell if the
address space is routable or not.

172.x.x.x /8 s a valid Internet address.

Believe me people the first email was more elegant than this.

Cheers

Austin Alao,
01442 431 247 / 07764 356 424
"The significant problems we face cannot be solved at the same level of
thinking we were at when we created them."
-Albert Einstein.

-----Original Message-----
From: Shore,A,Andrew,IWO SHOREA2 C
Sent: 06 August 2001 07:46
To: Leonard_Ong@iname.com; ccielab@groupstudy.com
Subject: RE: Routing

In many data centres ISPs use privately addressed transit networks which
are
not publicly accessible unless you are going through it i.e.

R1- 201.234.93.3 ----> R2 156.3.6.77 ----> R3 172.16.3.1 ----> R4
76.4.56.3
   www ISP outside int ISP internal net ISP
public
server network

The 172 network is only used internally to the data centre.

Try tracing to the 172 network and you can't ! as routes to it are only
know
by R2

hope this makes sense.

Andrew Shore. CCNP+Security, MCSE, CCP, BSc
Network Consultant
Internetworking Solutions Limited

-----Original Message-----
From: Leonard @ iname.com [mailto:Leonard_Ong@iname.com]
Sent: 06 August 2001 14:20
To: ccielab@groupstudy.com
Subject: Routing

Hello Guys,

I found some traceroute that really bothers me and I don't know the
answer. Would you kindly explain it to me ?

traceroute from access.net.id to 202.156.227.140

  1 202.180.0.4 (202.180.0.4) 2.502 ms 2.017 ms 1.641 ms
  2 202.155.7.25 (202.155.7.25) 91.019 ms 28.084 ms 30.019 ms
  3 202.155.7.85 (202.155.7.85) 55.545 ms 59.557 ms 23.195 ms
  4 202.155.7.246 (202.155.7.246) 62.904 ms 25.812 ms 68.068 ms
  5 500.POS1-2.IG2.SAC1.ALTER.NET (157.130.193.221) 210.419 ms
210.405
ms 305.777 ms
  6 0.so-0-0-0.XR2.SAC1.ALTER.NET (152.63.54.118) 240.747 ms 208.259
ms 216.579 ms
  7 0.so-0-0-0.TR2.SAC1.ALTER.NET (152.63.3.197) 247.044 ms 217.252
ms 253.461 ms
  8 127.ATM5-0.IR2.SAC1.ALTER.NET (152.63.11.113) 209.069 ms 226.315
ms 208.555 ms
  9 POS3-0.IR2.SAC2.ALTER.NET (137.39.31.209) 204.193 ms 209.688
ms 265.266 ms
10 210.80.49.230 (210.80.49.230) 441.732 ms
335.ATM5-0-0.TR2.SIN1.ALTER.NET (210.80.51.142) 514.855 ms
435.ATM5-0-0.TR2.SIN1.ALTER.NET (210.80.51.134) 526.292 ms
11 POS1-0-0.XR2.SIN1.Alter.Net (210.80.48.62) 456.046 ms 473.853
ms 472.113 ms
12 312.ATM3-0-0.GW2.SIN1.Alter.Net (210.80.2.202) 451.268 ms 458.89
ms 434.287 ms
13 scv-gw-33.customer.alter.net (202.95.97.14) 544.822 ms 450.079
ms 460.404 ms
14 172.20.6.11 (172.20.6.11) 466.566 ms 516.396 ms 464.313 ms
15 172.20.2.15 (172.20.2.15) 458.438 ms 464.12 ms 446.679 ms
16 172.20.15.2 (172.20.15.2) 465.278 ms 476.811 ms 570.675 ms
17 mcns140.docsis227.singa.pore.net (202.156.227.140) 493.695 ms
494.196
ms 525.214 ms

If you check the entry 14-16 it is private address which is supposedly
not
routeable... and it goes at entry 17 to end-host of this ISP/cable...
which
is routeable address... Any idea ?

Thanks
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html

• Next message: Johnny Dedon: "Re: BGP filtering"
• Previous message: Bob Chahal: "Re: BGP filtering"
• Maybe in reply to: Leonard @ iname.com: "Routing"
• Next in thread: Jeff Omick: "Re: Routing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:46 GMT-3