Re: Block RFC 1918 Addresses

From: John Ciccone (ccie.ciccone@gmail.com)
Date: Tue Feb 17 2009 - 13:12:39 ARST

• Next message: Scott Morris: "RE: 101101111110111 -->> I'm in the "Club""
• Previous message: Rick Tyrell: "Re: Why is multihop only between ebgp neighbors and not ibgp ?"
• Maybe in reply to: John Ciccone: "Block RFC 1918 Addresses"
• Next in thread: Tyson Scott: "RE: Block RFC 1918 Addresses"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Tyson,

Thanks, you bring up a good point. If we include the other addresses just
to be safe, could that be marked as incorrect? And more importantly, how
are the proctors with regard to clarifying exactly what is required of a
task?

John

On Tue, Feb 17, 2009 at 9:58 AM, Tyson Scott <tscott@ipexpert.com> wrote:

> The 3 addresses are the only ones that are part of RFC 1918. 0.0.0.0/8 is
> part of RFC1700. 169.254.0.0/16 is part of RFC 3330 - Special-Use IPv4
> Addresses. You will also find 127.0.0.0/8 in this RFC. 224.0.0.0/4 is
> RFC
> 3171 but is included in 3330. Pray they only ask for RFC1918 as RFC 3330
> includes a lot more ;) RFC 3330 is part of the Security exam now.
>
> Often people include other addresses when they ask for 1918 but technically
> it is only the three. If a question didn't say to include nothing else
> than
> it can't hurt throwing everything you can think of right ;O
>
> http://www.faqs.org/rfcs/rfc3330.html
>
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S and Security
> Technical Instructor - IPexpert, Inc.
>
> Telephone: +1.810.326.1444
> Cell: +1.248.504.7309
> Fax: +1.810.454.0130
> Mailto: tscott@ipexpert.com
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Alexandre Oliveira
> Sent: Tuesday, February 17, 2009 9:35 AM
> To: 'Cisco certification'
> Subject: RES: Block RFC 1918 Addresses
>
> I've found the same question in my studies. Some exercises inform that
> RFC1918 should also include this:
>
> deny 0.0.0.0/8 le 32
> deny 10.0.0.0/8 le 32
> deny 127.0.0.0/8 le 32
> deny 169.254.0.0/16 le 32
> deny 172.16.0.0/12 le 32
> deny 192.0.2.0/24 le 32
> deny 192.168.0.0/16 le 32
> deny 224.0.0.0/3 le 32
> permit 0.0.0.0/0 le 32
>
> I mean, deny all "non-allowed" or private prefixes and then permit the
> rest.
> Based on John's following e-mail, which group of address we must
> consider???
>
> Thanks,
>
> Alexandre.
>
>
> -----Mensagem original-----
> De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Em nome de John
> Ciccone
> Enviada em: terga-feira, 17 de fevereiro de 2009 11:12
> Para: Cisco certification
> Assunto: Block RFC 1918 Addresses
>
> I recently took a vendors mock lab where the task asked block all RFC1918
> adddress. So, I created an access-list and applied it to deny the
> following:
>
> 10.0.0.0/8
> 172.16.0.0/12
> 192.168.0.0/16
>
> I've read RFC1918 from top to bottom, and the above addresses are the only
> ones mentioned. However, upon checking my answers with the solutions, they
> also included the following:
>
> 127.0.0.0/8
> 169.254.0.0/16
>
> Now, while the above addresses are not valid internet addresses, they are
> NOT RFC1918 addresses. If the question stated that I should block non
> valid
> internet addresses, then I could see denying the two ip blocks above as
> well. But even in that case, there are at least a half dozen more ipv4
> blocks that are either not valid or not yet allocated for the internet.
>
> My main question is this: If I get the same type of task on the actual lab,
> what do I do? Will the questions be specific enough to leave no doubt
> as to what they are looking for (not only for this type of questions, but
> any others as well)? If there are any doubt's about what they are looking
> for, how helpful will the proctor be in clarifying?
>
> I am scheduled to take the lab in 3 weeks, so any help would be greatly
> appreciated.
>
> Thanks.
>
> John
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

• Next message: Scott Morris: "RE: 101101111110111 -->> I'm in the "Club""
• Previous message: Rick Tyrell: "Re: Why is multihop only between ebgp neighbors and not ibgp ?"
• Maybe in reply to: John Ciccone: "Block RFC 1918 Addresses"
• Next in thread: Tyson Scott: "RE: Block RFC 1918 Addresses"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:11 ARST