Exodus / Clue problems
Phil Howard
phil at whistler.intur.net
Mon Nov 16 23:00:47 UTC 1998
> Define "network border." I used to block all traffic from or to RFC1918
> addresses, but my present upstream is using 10.0.0.0/8 and
> 172.16.0.0/16, at least, for their internal use. So, the IP address of
> the WAN interface on my router connecting to them has a 10.0.0.0/8
> address. If I block incoming traffic to 10.0.0.0/8, they can't monitor
> my net.
They are using (wasting) the whole 10.0.0.0/8 on one LAN? Sheesh!
I've picked 172.30.0.0/16 to be divided up into 16384 /30's to use for
numbered links. I'll probably choose another piece of address space
in 172.16.0.0/12 for a LAN for a few special things like "permanent"
DNS server addresses that will "never" change. My current thinking is
to leave 10.0.0.0/8 workable between customers, let 172.16.0.0/12 be for
special uses, and let customers do with 192.168.0.0/16 whatever they
wish. There's no real ideal solution.
How far from the intent of RFC1918 has that gone?
--
-- *-----------------------------* Phil Howard KA9WGN * --
-- | Inturnet, Inc. | Director of Internet Services | --
-- | Business Internet Solutions | eng at intur.net | --
-- *-----------------------------* philh at intur.net * --
More information about the NANOG
mailing list