About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [ncc-services-wg] [routing-wg] Re: New Draft Document: De-boganising New AddressBlocks

  • To: Jørgen Hovland < >
  • From: Gert Doering < >
  • Date: Thu, 26 Feb 2004 09:33:14 +0100
  • Cc: Gert Doering < >
Hi,

On Thu, Feb 26, 2004 at 06:20:01AM +0100, Jørgen Hovland wrote:
> > On Wed, Feb 25, 2004 at 10:23:48PM +0100, Jørgen Hovland wrote:
> > > There are actually some people here doing exactly that: Sending packets
> > > with an unroutable source-ip - with totally "legit" reasons.
> >
> > Could you be somewhat more specific about these "legit" reasons?
> 
> Well..
> Generally any device that would like to send
> messages without the need of a reply, or not in need of a reply through
> the same transport method/layer or ip (kind of asynchronous
> communication).

No specific reason why these applications couldn't use "proper" source-IPs,
even if not expecting a reply.

> I could name some, but I think what you are looking for is this:
> Routers with a non-routed ip-address by choice or by nature. IX-prefix
> for instance. IPv6 applies here specially.

IXP prefixes can be non-routed, but *are* well-known and properly 
assigned.  So bogon source filtering will (usually) NOT blackhole IXP 
prefixes (while excessive uRPF on upstream lines will).

> Besides from that there are software taking advantage of it like our
> own little project AP2P, truly anonymous P2P.

Now this is an interesting problem indeed.

You need to weigh the benefits of this (in comparision to things like
encrypted P2P clouds that claim to bring anonymity as well) against the
chances of non-trackable abuse.  This is a tricky question.

I have made my decision on that: our customers can do whatever they 
like - as long as they do it from IP addresses that are well-assigned
to them (even if temporary).  If they commit abuse, in whatever form,
be it a virus infection or intentional hacking, they can be traced back,
and can be made legally liable for any damage they cause (if necessary).

Gert Doering
        -- NetMaster
-- 
Total number of prefixes smaller than registry allocations:  58081  (57882)

SpaceNet AG                 Mail: netmaster@localhost
Joseph-Dollinger-Bogen 14   Tel : +49-89-32356-0
80807 Muenchen              Fax : +49-89-32356-299
  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community