Re: 192.168 - why?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

AZ Nomad wrote:
[snippage]
Very true, but the use of RFC-1918 addresses is not limited to home
users. The Very Large Corporation I work for has been migrating from
publicly routable address space for servers in datacenters, and more
importantly, desktops, in order to

a) conserve IPv4 address space allocated to us, and;
b) improve routing internally, by allowing sane aggregation, and;
c) improving security by being able to drop RFC-1918 addresses from
inside the network at the border, as all routers that are connected to
the Internet at large should.

A corporation with 100,000 employees isn't going to need nonroutable
addresses. They're going to have a network topography a bit more
sophisticated than a $45 linksys.

If my non-routeable addresses, you are referring to RFC-1918 addresses,
then you, sir, are incorrect.

Try getting a /8 from ARIN, APNIC, RIPE or AFNIC. I invite you to try.
Ergo, corporations that have Internet-routeable addresses have been
migrating to RFC-1918 addresses because:

a) IPv4 address space that is allocated to a corporation is facing
exhaustion, hence the need to reclaim it from places that can use
RFC1918 addresses. That is, anywhere that it isn't necessary to route to
the Internet. That frees up those publicly routeable IPs for use where
they DO need to be reachable from the Internet.

b) Ever had to manage a network of disparate subnets, across multiple
sites? When you do a), using RFC-1918 to allow decent aggregation (eg,
site A uses a /16 from 10.1.0.0, site B uses a /16 from 10.2.0.0, etc)
to allow single routes to be inserted instead of multiple single subnet
routes is a major win.

c) Should be self-evident.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkiM70IACgkQecRyDK/YpE48+ACggDD+xaUNba3jmvDdCfCeG64I
vp8AoIzCao6nLS+TpDgjnK73H+Y+5sf8
=uiYs
-----END PGP SIGNATURE-----
.

Relevant Pages

  • Re: "Backwards" Default Gateway on ISA?
    ... local and remote routes are clearly defined. ... Make sure that no network falls into the "external" range, because ISA ... Internet. ...
    (microsoft.public.isa.configuration)
  • Re: Summary Route Question
    ... several BVIs that have IP addresses for my internal subnets. ... route that points to my firewall for Internet connectivity. ... installed that connects to their network. ...  The routes consist of a couple of host routes, ...
    (comp.dcom.sys.cisco)
  • Re: routing problem
    ... the internet, shouldn't have access to 192.168.1 or 10.10/16. ... but shouldn't access the academic network. ... How I would set up my rc.conf with my static routes? ... this is a non-contiguous netmask. ...
    (freebsd-questions)
  • Re: 2 nics DMZ
    ... I added the routes for the ... Since I have 2 network cards I can only have 1 gateway. ... I use Network Card #2 for dmz -> PIX to Internet. ...
    (microsoft.public.windows.server.networking)
  • drone armies C&C report - July/2005
    ... 3356 LEVEL3 Level 3 Communications ... 3491 BTN-ASN - Beyond The Network A ... 3801 MISNET - Mikrotec Internet Ser ... 15857 DIALOG-AS DIALOG-NET Autonomuo ...
    (Bugtraq)