was bogon filters, now "Brief Segue on 1918"

Darden, Patrick S. darden at armc.org
Wed Aug 6 17:01:25 UTC 2008


Well, how about this then: 10.Z.X.Y with Z being continent, X being country name with letters beginning with A assigned 1-10, B 11-20, with any unused letters having their numbers appended as needed, and Y being of course the host/int itself with maybe still 1-20 as switches/routers, 21-50 as servers and static workstations, 51-100 as printers, and 101--200 as DHCP scope for PCs, and 201-254 for remote login DHCP scope (vpn, dialup, etc.)

continent 1:	10.100.x.y/16 provides ~65,000 IP addresses
Continent 2:	10.101.x.y/16 provides the same
continent 3:	whoa, asian market is big, better allocate for enterprise growth. 10.102.x.y and 10.103.x.y
cont 4:		10.104/16
cont 5:		10.105/16

We have provided for ~400,000 employees here, fairly spread out equally amongst your 5 continents.  With lots of room for growth by just adding another 10.Z/16 or two to each continent.

Country algeria gets 10.100.1 and 10.100.2, country aguonia (?) gets 10.100.3 and 10.100.4, country bwabistan gets 10.100.11-15 (~1270 usable IPs, room for 150 servers, 250 printers, 500 PCs, 250 simultaneous telecommuters, and 100 switches and routers) because the company is big there.  Etc. etc.

My off the cuff network scheme isn't very good, but you get the drift.

RFC1918 works.  Details just have to be worked out on a case by case basis.

IPV6 where are you?!

--p

-----Original Message-----
From: Joel Jaeggli [mailto:joelja at bogus.com]
Sent: Wednesday, August 06, 2008 12:36 PM
To: Darden, Patrick S.
Cc: nanog at nanog.org
Subject: Re: was bogon filters, now "Brief Segue on 1918"


Darden, Patrick S. wrote:
> Most organizations that would be doing this would not randomly pick out subnets, if I understand you.  They would randomly pick out a subnet, then they would sub-subnet that based on a scheme.  I believe this is the intent of RFC 1918.  Not to apply a random IP scheme, but to randomly pick a network from the appropriate sized Private Networking ranges, then apply a well thought out scheme to the section of IP addresses you chose.
> 
> E.g. 10.150.x.y/16 as their network.  X could be physical positioning, and Y could be purposive in nature.  10.150.0.0 as basement, 10.150.1.0 as first floor, 10.150.2.0 as second floor, etc.  1-20 as switches/routers, 21-50 as servers and static workstations, 51-100 as printers, and 101--200 as DHCP scope for PCs, and 201-254 for remote login DHCP scope (vpn, dialup, etc.)
> 
> Yes, I think a large private network would work this way.  RFC 1918 wants it to work this way (imho).

How much of 10/8 and 172.16/12 does an organization with ~80k employees, 
on 5 continents, with hundreds of extranet connections to partners and 
suppliers in addition to numerous aquistions and the occasional 
subsidiary who also use 10/8 and 172.16/12 use?





More information about the NANOG mailing list