[j-nsp] JUNOS and 128.0.0.0 martian (JFYI)

Mark Tinka mtinka at globaltransit.net
Mon Oct 10 22:04:17 EDT 2011


On Tuesday, October 11, 2011 03:49:33 AM Paul Stewart wrote:

> As the private intercommunication within a Juniper box is
> in a private table, I don't believe it should be viewed
> as "public vs private" as that IP addressing can never
> been reached publicly anyways ....

That's where I don't have absolute confidence anymore.

With the kinds of bugs we've seen (for instance, firewalls 
not actually blocking ports they're configured to block), it 
wouldn't surprise me if some piece of software suddenly 
causes routes to leak between routing tables without any 
deliberate operator input.

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20111011/835a0378/attachment.pgp>


More information about the juniper-nsp mailing list