RE: RFC 1918 Addresses

From: Christopher M. Heffner (cheffner@certified-labs.com)
Date: Fri Dec 15 2006 - 13:38:28 ART

Check out RFC 3704 for Ingress and Engress filtering rules for the
additional ip addresses that would be considered illegal.

RFC 3704 is an update for RFC 2827 that now includes additional
information on proper filtering for dual homing environments.

HTH.

Christopher M. Heffner, CCIE 8211, CCSI 98760
Strategic Network Solutions, Inc.
 
 
 
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Kal Han
Sent: Thursday, December 14, 2006 9:11 PM
To: Groupstudy; Cisco certification
Subject: RFC 1918 Addresses

Hi I saw rfc1918 list only the private addresses
( as its title suggests )
<RFC1918>
3. Private Address Space

   The Internet Assigned Numbers Authority (IANA) has reserved the
   following three blocks of the IP address space for private internets:

     10.0.0.0 - 10.255.255.255 (10/8 prefix)
     172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
     192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
</RFC1918>

but in most of the solutions to deny rfc 1918 address I see lot more
addresses in the deny ace s ??

access-list 111 deny ip host 0.0.0.0 any
access-list 111 deny ip 1.0.0.0 0.255.255.255 any
access-list 111 deny ip 2.0.0.0 0.255.255.255 any
access-list 111 deny ip 5.0.0.0 0.255.255.255 any
access-list 111 deny ip 7.0.0.0 0.255.255.255 any
access-list 111 deny ip 127.0.0.0 0.255.255.255 any
access-list 111 deny ip 224.0.0.0 31.255.255.255 any

access-list 111 deny ip 10.0.0.0 0.255.255.255 any
access-list 111 deny ip 172.16.0.0 0.15.255.255 any
access-list 111 deny ip 192.168.0.0 0.0.255.255 any

Is this not including part of RFC3330 / &| / IANA reserved addresses as
well
?

Thanks
Kal

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:38 ART