draft-ietf-grow-private-ip-sp-cores-00.txt   draft-ietf-grow-private-ip-sp-cores-01.txt 
Network Working Group A. Kirkham Network Working Group A. Kirkham
Internet-Draft Palo Alto Networks Internet-Draft Palo Alto Networks
Obsoletes: None (if approved) March 28, 2012 Obsoletes: None (if approved) April 10, 2012
Intended status: Informational Intended status: Informational
Expires: September 29, 2012 Expires: October 12, 2012
Issues with Private IP Addressing in the Internet Issues with Private IP Addressing in the Internet
draft-ietf-grow-private-ip-sp-cores-00 draft-ietf-grow-private-ip-sp-cores-01
Abstract Abstract
The purpose of this document is to provide a discussion of the The purpose of this document is to provide a discussion of the
potential problems of using private, RFC1918, or non-globally- potential problems of using private, RFC1918, or non-globally-
routable addressing within the core of an SP network. The discussion routable addressing within the core of an SP network. The discussion
focuses on link addresses and to a small extent loopback addresses. focuses on link addresses and to a small extent loopback addresses.
While many of the issues are well recognised within the ISP While many of the issues are well recognised within the ISP
community, there appears to be no document that collectively community, there appears to be no document that collectively
describes the issues. describes the issues.
skipping to change at page 1, line 48 skipping to change at page 1, line 48
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 29, 2012. This Internet-Draft will expire on October 12, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 10, line 19 skipping to change at page 10, line 19
range is assigned by both the administrator of a corporate network range is assigned by both the administrator of a corporate network
and their ISP. Some applications discover the outside address of and their ISP. Some applications discover the outside address of
their local CPE to determine if that address is reserver for special their local CPE to determine if that address is reserver for special
use. Application behavior may then be based on this determination. use. Application behavior may then be based on this determination.
[weil-shared-transition-space-request] provides further analysis of [weil-shared-transition-space-request] provides further analysis of
this situation. this situation.
To address this scenario and others, at the time of writing, work was To address this scenario and others, at the time of writing, work was
in progress to obtain a dedicated /10 address block for the purpose in progress to obtain a dedicated /10 address block for the purpose
of Shared CGN (Carrier Grade NAT) Address Space. Please refer to of Shared CGN (Carrier Grade NAT) Address Space. Please refer to
[bdgks-arin-shared-transition-space] and [weil-shared-transition- [weil-shared-transition-space-request] for details. The purpose of
space-request] for details. The purpose of Shared CGN Address Space Shared CGN Address Space is to number CPE (Customer Premise
is to number CPE (Customer Premise Equipment) interfaces that connect Equipment) interfaces that connect to CGN devices. As explained in
to CGN devices. As explained in [weil-shared-transition-space- [weil-shared-transition-space-request], RFC1918 addressing has issues
request], RFC1918 addressing has issues when used in this deployment when used in this deployment scenario.
scenario.
6. Interactions with edge anti-spoofing techniques 6. Interactions with edge anti-spoofing techniques
Denial of service attacks and distributed denial of attacks can make Denial of service attacks and distributed denial of attacks can make
use of spoofed source IP addresses in an attempt to obfuscate the use of spoofed source IP addresses in an attempt to obfuscate the
source of an attack. RFC2827 (Network Ingress Filtering) strongly source of an attack. RFC2827 (Network Ingress Filtering) strongly
recommends that providers of Internet connectivity implement recommends that providers of Internet connectivity implement
filtering to prevent packets using source addresses outside of their filtering to prevent packets using source addresses outside of their
legitimately assigned and advertised prefix ranges. Such filtering legitimately assigned and advertised prefix ranges. Such filtering
should also prevent packets with private source addresses from should also prevent packets with private source addresses from
skipping to change at page 14, line 35 skipping to change at page 14, line 35
[RFC3021] Retana, A., White, R., Fuller, V., and D. McPherson, [RFC3021] Retana, A., White, R., Fuller, V., and D. McPherson,
"Using 31-Bit Prefixes on IPv4 Point-to-Point Links", "Using 31-Bit Prefixes on IPv4 Point-to-Point Links",
December 2000. December 2000.
[RFC6304] Abley, J. and W. Maton, "AS112 Nameserver Operations", [RFC6304] Abley, J. and W. Maton, "AS112 Nameserver Operations",
July 2011. July 2011.
[RFC792] Postel, J., "RFC792 Internet Control Message Protocol", [RFC792] Postel, J., "RFC792 Internet Control Message Protocol",
September 1981. September 1981.
[bdgks-arin-shared-transition-space]
Barber, S., Delong, O., Grundemann, C., Kuarsingh, V., and
B. Schliesser, "ARIN Draft Policy 2011-5: Shared
Transition Space".
[weil-shared-transition-space-request] [weil-shared-transition-space-request]
Weil, J., Kuarsingh, V., Donley, C., Liljenstolpe, C., and Weil, J., Kuarsingh, V., Donley, C., Liljenstolpe, C., and
M. Azinger, "IANA Reserved IPv4 Prefix for Shared CGN M. Azinger, "IANA Reserved IPv4 Prefix for Shared CGN
Space". Space".
Appendix A. Acknowledgments Appendix A. Acknowledgments
The author would like to thank the following people for their input The author would like to thank the following people for their input
and review - Dan Wing (Cisco Systems), Roland Dobbins (Arbor and review - Dan Wing (Cisco Systems), Roland Dobbins (Arbor
Networks), Philip Smith (APNIC), Barry Greene (ISC), Anton Ivanov Networks), Philip Smith (APNIC), Barry Greene (ISC), Anton Ivanov
skipping to change at page 15, line 22 skipping to change at page 15, line 18
Index Index
H H
http://tools.ietf.org/html/draft-ietf-dnsop-as112-ops-08 11 http://tools.ietf.org/html/draft-ietf-dnsop-as112-ops-08 11
http://tools.ietf.org/html/rfc2827 5 http://tools.ietf.org/html/rfc2827 5
Author's Address Author's Address
Anthony Kirkham Anthony Kirkham
Palo Alto Networks Palo Alto Networks
Level 32, 100 Miller St Level 32, 101 Miller St
North Sydney, New South Wales 2060 North Sydney, New South Wales 2060
Australia Australia
Phone: +61 7 33530902 Phone: +61 7 33530902
Email: tkirkham@paloaltonetworks.com Email: tkirkham@paloaltonetworks.com
 End of changes. 7 change blocks. 
16 lines changed or deleted 10 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/