IANA reserved Address Space

Fri May 30 14:20:33 UTC 2003

I've got replies ranging from "great idea, totally understand
what youre trying to do" to "moron just use 1918." So I
guess a bit more about the scenario is in order. 

This lab *could* be filled with millions of hosts (real/simulated)
and thousands of networks (real/simulated). This lab is
a sort of add on to an existing lab built out of 1918 address
space---10, 172, 192. Two zones will be created consisting
of 172 & 192 space and the other would be 1 10 100. Firewalls
will separate the two as well as other subzones, etc. I've been 
asked to investigate how to make it easy to do the following:

1) create manageable and quickly adaptable firewall rulesets
2) create an IP plan that will lend itself to quick human parsing
   both in routing tables and router/firewall logs
3) consider that the lab will likely have machines that require
   patching/updates, etc from the real internet. 

Imagine you want to create an environment for experiments. 
You want to reduce complexity as much as possible and create
a scenario where feedback of a test is quick...doesnt require
much memorization of what is what and that allows you to suddenly
stop and rerun tests. Rapidly. Think of access lists,route tables,
 firewall rulesets and logs.  If you're running tests do you want too
see results such as 192.168.22.0, 172.16.89.22, 10.129.20.222,
10.12.22.2?  Wouldnt it be easier if your test results looked
like this:  1.10.1.1, 10.10.1.1, 100.10.1.1, 1.1.1.1, 10.1.1.1,
100.1.1.1, etc?  

Thanks....I really appreciate everyone's feedback on this. 

-----Original Message-----
From: Murphy, Brennan 
Sent: Friday, May 30, 2003 9:21 AM
To: nanog at merit.edu
Subject: RE: IANA reserved Address Space

OK, I see now that down the road using
a 1 and 100 net address on the lab would
create unmanageable problems if those nets
were ever put into use on the internet...
something NAT couldnt fix. And the
responses saying use 1918 space point out
the potential problems were this lab ever
to  leak out an advertisement on to the
internet, etc.... all advice I appreciate
people have taken the time to offer. 

But not to be a pest but what are the odds
the IANA would ever allocate the 1 and 100
nets to someone? Is this an unpredictable
matter or is there a schedule of what's
next somewhere? Or which is more likely, the
world adopts IP v6 or the 1 and 100 nets
are deployed on the internet? :-) It is
apparent that I really want to use these
address ranges but I do need to grapple
with the possibility that this lab will
need internet connectivity at some point. 

-----Original Message-----
From: Murphy, Brennan 
Sent: Friday, May 30, 2003 8:49 AM
To: nanog at merit.edu
Subject: RE: IANA reserved Address Space

Others have pointed out that I should stick to
RFC 1918 address space. But again, this is a
lab network and to use the words of another,
one of the things I want to do is make it much
easier to "parse visually" my route tables.
Think of it as a "metric system" type of numbering
plan.  The 1 and 100 nets would not be advertised
via BGP obviously...not a hijack situation at all.

If I take into account the possibility that this
lab will have later requirements to connect to
the internet, all I have to do is have a NAT plan
in place...one that even takes into account that
the 1 and 100 nets could become available some
day, correct?

Thanks to those who have responded so far.

-----Original Message-----
From: bmanning at karoshi.com [mailto:bmanning at karoshi.com] 
Sent: Friday, May 30, 2003 8:08 AM
To: Murphy, Brennan
Cc: nanog at merit.edu
Subject: Re: IANA reserved Address Space

networks 1 and 100 are reserved for future delegation.
network 10 is delegated for private networks, such as your
lab.

if you use networks 1 and 100, you are hijacking these
numbers.  

that said, as long as your lab is never going to connect
to the Internet,  you may want to consider using the following
prefixes:

4.0.0.0/8
38.0.0.0/8
127.0.0.0/8
192.0.0.0/8

> 
> 
> I'm tasked with coming up with an IP plan for an very large lab 
> network. I want to maximize route table manageability and 
> router/firewall log readability. I was thinking of building this lab 
> with the following address space:
> 
> 1.0.0.0 /8
> 10.0.0.0 /8
> 100.0.0.0 /8
> 
> I need 3 distinct zones which is why I wanted to separate them out. In

> any case, I was wondering about the status of the 1 /8 and the 100 /8 
> networks. What does it mean that they are IANA reserved? Reserved for 
> what? http://www.iana.org/assignments/ipv4-address-space
> 
> Anyone else ever use IANA reserved address spacing for
> lab networks? Is there anything special I need to know?
> I'm under the impression that as long as I stay away
> from special use address space, I've got no worries. 
> http://www.rfc-editor.org/rfc/rfc3330.txt
> 
> Thanks,
> BM
> 