[c-nsp] Private IP in point to point link on internet

Mark Tinka mark.tinka at seacom.mu
Tue Jun 21 17:24:55 EDT 2016

On 21/Jun/16 21:42, Mike wrote:

> The issue is that many routers, when the need arises to fragment
> packets, will send back an icmp 'fragmentation needed' message, *from
> the source ip address of the interface that was traversed*. So, if you
> have a p2p link with your end being, your router may very
> well send the packet with that ip. And, many providers filter packets
> with rfc1918 addresses inbound and outbound, meaning that the
> likelyhood of the icmp message reaching the initiator of the flow in
> the first place, is low to zero. Its a devil of a problem to diagnose,
> but it's real, and for that reason I reccomend making sure your gear
> can source these with a valid ip instead.

Not to mention that RFC 1918 space is poorly routable on the Internet.


More information about the cisco-nsp mailing list