[c-nsp] Private IP in point to point link on internet
Satish Patel
satish.txt at gmail.com
Tue Jun 21 16:34:44 EDT 2016
I do have public Interface on that router but how do we tell them use
"Public IP" for ICMP unreachable?
On Tue, Jun 21, 2016 at 3:42 PM, Mike
<mike-cisconsplist at tiedyenetworks.com> wrote:
> On 06/21/2016 07:37 AM, Nick Cutting wrote:
>>
>> We have a few providers in HK who deliver our public /24's via a /30 RFC
>> 1918 Address.
>>
>> I'm not 100 percent sure how it breaks the path discovery, I would love to
>> test this too, as we have a few of these setups in place.
>
>
> The issue is that many routers, when the need arises to fragment packets,
> will send back an icmp 'fragmentation needed' message, *from the source ip
> address of the interface that was traversed*. So, if you have a p2p link
> with your end being 192.168.1.1, your router may very well send the packet
> with that ip. And, many providers filter packets with rfc1918 addresses
> inbound and outbound, meaning that the likelyhood of the icmp message
> reaching the initiator of the flow in the first place, is low to zero. Its a
> devil of a problem to diagnose, but it's real, and for that reason I
> reccomend making sure your gear can source these with a valid ip instead.
>
>
> Mike-
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list