From owner-freebsd-hackers  Sat Dec 13 11:54:57 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id LAA10714
          for hackers-outgoing; Sat, 13 Dec 1997 11:54:57 -0800 (PST)
          (envelope-from owner-freebsd-hackers)
Received: from ymris.ddm.on.ca (cisco2-119.cas.golden.net [207.6.168.119])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id LAA10688
          for <freebsd-hackers@FreeBSD.ORG>; Sat, 13 Dec 1997 11:54:24 -0800 (PST)
          (envelope-from dchapes@ddm.on.ca)
Received: from squigy.ddm.on.ca (squigy.ddm.on.ca [209.47.139.138])
	by ymris.ddm.on.ca (8.8.7/8.8.8) with ESMTP id OAA10087;
	Sat, 13 Dec 1997 14:54:04 -0500 (EST)
	(envelope-from dchapes@ymris.ddm.on.ca)
Received: (from dchapes@localhost)
	by squigy.ddm.on.ca (8.8.7/8.8.7) id OAA10731;
	Sat, 13 Dec 1997 14:54:03 -0500 (EST)
Message-ID: <19971213145402.25283@ddm.on.ca>
Date: Sat, 13 Dec 1997 14:54:02 -0500
From: Dave Chapeskie <dchapes@ddm.on.ca>
To: freebsd-hackers@FreeBSD.ORG
Cc: J Wunsch <j@uriah.heep.sax.de>
Subject: Re: I seriously need some networking help
References: <199712110048.BAA09610@uriah.heep.sax.de> <Pine.BSF.3.95.971210190020.1361E-100000@alive.znep.com> <199712131437.PAA22262@uriah.heep.sax.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.81
In-Reply-To: <199712131437.PAA22262@uriah.heep.sax.de>; from J Wunsch on Sat, Dec 13, 1997 at 03:37:55PM +0100
Sender: owner-freebsd-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Sat, Dec 13, 1997 at 03:37:55PM +0100, J Wunsch wrote:
> >> Sure, but that's only a cosmetical problem.  I've seen 10.*
> >> intermediate network addressess even on major Internet relays when
> >> tracerouting.
> 
> > So tell me what happens when the box that interface is on needs to send an
> > ICMP message like can't fragment? 
> > 
> > What IP does it use?  If it uses the private one, you lose.  This does
> > break things like PMTU-D.
> 
> It doesn't, even if the IP source address is 10.*.  As long as the
> ICMP packet has the correct recipient address, it will arrive, and the
> (original) sender takes the appropriate actions -- it couldn't verify
> the validity of the ICMP packet's sender address anyway, be it 10.* or
> anything else.

But don't the RFCs prohibit any packets with reserved IP numbers from
being routed onto the internet?  Or doesn't the source address count?

I know my firewall drops anything to or from a reserved IP number.

-- 
Dave Chapeskie, DDM Consulting
E-Mail: dchapes@ddm.on.ca