[j-nsp] JUNOS and 128.0.0.0 martian (JFYI)
Mark Tinka
mtinka at globaltransit.net
Mon Oct 10 22:04:17 EDT 2011
On Tuesday, October 11, 2011 03:49:33 AM Paul Stewart wrote:
> As the private intercommunication within a Juniper box is
> in a private table, I don't believe it should be viewed
> as "public vs private" as that IP addressing can never
> been reached publicly anyways ....
That's where I don't have absolute confidence anymore.
With the kinds of bugs we've seen (for instance, firewalls
not actually blocking ports they're configured to block), it
wouldn't surprise me if some piece of software suddenly
causes routes to leak between routing tables without any
deliberate operator input.
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20111011/835a0378/attachment.pgp>
More information about the juniper-nsp
mailing list