From owner-freebsd-hackers Sat Dec 13 10:02:05 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id KAA05872 for hackers-outgoing; Sat, 13 Dec 1997 10:02:05 -0800 (PST) (envelope-from owner-freebsd-hackers) Received: from verdi.nethelp.no (verdi.nethelp.no [195.1.171.130]) by hub.freebsd.org (8.8.7/8.8.7) with SMTP id KAA05862 for ; Sat, 13 Dec 1997 10:01:53 -0800 (PST) (envelope-from sthaug@nethelp.no) From: sthaug@nethelp.no Received: (qmail 21539 invoked by uid 1001); 13 Dec 1997 18:01:49 +0000 (GMT) To: joerg_wunsch@uriah.heep.sax.de Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: I seriously need some networking help In-Reply-To: Your message of "Sat, 13 Dec 1997 15:37:55 +0100 (MET)" References: <199712131437.PAA22262@uriah.heep.sax.de> X-Mailer: Mew version 1.05+ on Emacs 19.28.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Sat, 13 Dec 1997 19:01:49 +0100 Message-ID: <21537.882036109@verdi.nethelp.no> Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > What IP does it use? If it uses the private one, you lose. This does > > break things like PMTU-D. > > It doesn't, even if the IP source address is 10.*. As long as the > ICMP packet has the correct recipient address, it will arrive, and the > (original) sender takes the appropriate actions -- it couldn't verify > the validity of the ICMP packet's sender address anyway, be it 10.* or > anything else. No, in many cases packets with RFC 1918 source addresses will *not* arrive - because they are blocked by packet filters meant to prevent IP address forgery. I know for a fact that UNINETT (AS 224) blocks such packets at its border routers. Using RFC 1918 addresses for router links on the Internet is *not* a good idea. Steinar Haug, Nethelp consulting, sthaug@nethelp.no