Richard Rauch <rkr@olib.org> typed:
: I did a little looking around and tracerouted the connecting machine
: (218.45.234.31):
: 
:  [...]
: 15  gige11-0-10.hsipaccess2.tok1.net.reach.com (210.57.4.196)  248.464 ms  249.307 ms  248.133 ms
: 16  unknown.net.reach.com (210.57.52.50)  249.223 ms  248.807 ms  249.133 ms
: 17  10.0.1.17 (10.0.1.17)  242.064 ms  244.924 ms  243.203 ms
: 18  10.15.0.30 (10.15.0.30)  249.702 ms  254.012 ms  249.626 ms
: 19  218.45.234.31 (218.45.234.31)  255.120 ms  242.816 ms  243.469 ms

% ipw 218.45.234.31
inetnum:      218.45.234.0 - 218.45.234.63
netname:      RURUBUNET
descr:        JTB CORP.
country:      JP
admin-c:      KO3649JP
tech-c:       KO3649JP
...

My traceroute correctly(*) tells me:

...
12  unknown.net.reach.com (210.57.52.50)  200.112 ms  197.813 ms  195.724 ms
13  * * *
14  * * *
15  218.45.234.31 (218.45.234.31)  199.686 ms  192.841 ms  201.955 ms

: I thought that 10.0/8 was not allowed on the public 'net.  Has the
: rule changed, or is something really fishy going on here?  (I remember
: starting to ask this before, but decided to delete the message, as I
: recall.)

It's a fairly common method ISPs use to set up large scale DHCP systems,
e.g. for broadband.  The nodes on the private IP range don't produce TCP/UDP
traffic, they just route it - which also allows ISPs to put in transparent
proxies (whether you want them or not).

: (Yes, I normally filter all outside traffic from 10.0/8, but I also normally
: filter all ICMP traffic, so I have to disable ipf in order to run a
: traceroute.  (^&)

(*) ``correctly'' since (as you indicate you have) private IP traffic doesn't
enter my network from outside.

Regards,
-- 
Geoff Wing