[c-nsp] Private IP in point to point link on internet

Mike mike-cisconsplist at tiedyenetworks.com
Tue Jun 21 15:42:12 EDT 2016

On 06/21/2016 07:37 AM, Nick Cutting wrote:
> We have a few providers in HK who deliver our public /24's via a /30 RFC 1918 Address.
> I'm not 100 percent sure how it breaks the path discovery, I would love to test this too, as we have a few of these setups in place.

The issue is that many routers, when the need arises to fragment 
packets, will send back an icmp 'fragmentation needed' message, *from 
the source ip address of the interface that was traversed*. So, if you 
have a p2p link with your end being, your router may very 
well send the packet with that ip. And, many providers filter packets 
with rfc1918 addresses inbound and outbound, meaning that the likelyhood 
of the icmp message reaching the initiator of the flow in the first 
place, is low to zero. Its a devil of a problem to diagnose, but it's 
real, and for that reason I reccomend making sure your gear can source 
these with a valid ip instead.


More information about the cisco-nsp mailing list