IANA reserved Address Space
bmanning at karoshi.com
bmanning at karoshi.com
Fri May 30 14:37:00 UTC 2003
> This lab *could* be filled with millions of hosts (real/simulated)
> and thousands of networks (real/simulated). This lab is
yup. built several of those over the years. last simulated
network had 100,000 networks, ASNs et.al.
(built it all inside a single host!)
> 1) create manageable and quickly adaptable firewall rulesets
> 2) create an IP plan that will lend itself to quick human parsing
> both in routing tables and router/firewall logs
> 3) consider that the lab will likely have machines that require
> patching/updates, etc from the real internet.
if this is supposed to represent realworld,
then use realworld numbers. design your lab so that
patches/updates go to staging platforms and then
pull into your lab from those - no direct network
connections.
> Imagine you want to create an environment for experiments.
> You want to reduce complexity as much as possible and create
> a scenario where feedback of a test is quick...doesnt require
> much memorization of what is what and that allows you to suddenly
> stop and rerun tests. Rapidly. Think of access lists,route tables,
> firewall rulesets and logs. If you're running tests do you want too
> see results such as 192.168.22.0, 172.16.89.22, 10.129.20.222,
> 10.12.22.2? Wouldnt it be easier if your test results looked
> like this: 1.10.1.1, 10.10.1.1, 100.10.1.1, 1.1.1.1, 10.1.1.1,
> 100.1.1.1, etc?
perhaps I am unique, but I suffer from dyslexia.
1.1.10.0.1.1.0.0.0.0.1.1.1.11.0 looks way too much
like binary to me. Much easier for machine parsing.
Humans that I have worked with tend to discriminate
easier on differing patterns.
>
> Thanks....I really appreciate everyone's feedback on this.
>
>
> -----Original Message-----
> From: Murphy, Brennan
> Sent: Friday, May 30, 2003 9:21 AM
> To: nanog at merit.edu
> Subject: RE: IANA reserved Address Space
>
>
>
> OK, I see now that down the road using
> a 1 and 100 net address on the lab would
> create unmanageable problems if those nets
> were ever put into use on the internet...
> something NAT couldnt fix. And the
> responses saying use 1918 space point out
> the potential problems were this lab ever
> to leak out an advertisement on to the
> internet, etc.... all advice I appreciate
> people have taken the time to offer.
>
> But not to be a pest but what are the odds
> the IANA would ever allocate the 1 and 100
> nets to someone? Is this an unpredictable
> matter or is there a schedule of what's
> next somewhere? Or which is more likely, the
> world adopts IP v6 or the 1 and 100 nets
> are deployed on the internet? :-) It is
> apparent that I really want to use these
> address ranges but I do need to grapple
> with the possibility that this lab will
> need internet connectivity at some point.
>
> -----Original Message-----
> From: Murphy, Brennan
> Sent: Friday, May 30, 2003 8:49 AM
> To: nanog at merit.edu
> Subject: RE: IANA reserved Address Space
>
>
>
> Others have pointed out that I should stick to
> RFC 1918 address space. But again, this is a
> lab network and to use the words of another,
> one of the things I want to do is make it much
> easier to "parse visually" my route tables.
> Think of it as a "metric system" type of numbering
> plan. The 1 and 100 nets would not be advertised
> via BGP obviously...not a hijack situation at all.
>
> If I take into account the possibility that this
> lab will have later requirements to connect to
> the internet, all I have to do is have a NAT plan
> in place...one that even takes into account that
> the 1 and 100 nets could become available some
> day, correct?
>
> Thanks to those who have responded so far.
>
> -----Original Message-----
> From: bmanning at karoshi.com [mailto:bmanning at karoshi.com]
> Sent: Friday, May 30, 2003 8:08 AM
> To: Murphy, Brennan
> Cc: nanog at merit.edu
> Subject: Re: IANA reserved Address Space
>
>
>
> networks 1 and 100 are reserved for future delegation.
> network 10 is delegated for private networks, such as your
> lab.
>
> if you use networks 1 and 100, you are hijacking these
> numbers.
>
> that said, as long as your lab is never going to connect
> to the Internet, you may want to consider using the following
> prefixes:
>
> 4.0.0.0/8
> 38.0.0.0/8
> 127.0.0.0/8
> 192.0.0.0/8
>
>
>
> >
> >
> > I'm tasked with coming up with an IP plan for an very large lab
> > network. I want to maximize route table manageability and
> > router/firewall log readability. I was thinking of building this lab
> > with the following address space:
> >
> > 1.0.0.0 /8
> > 10.0.0.0 /8
> > 100.0.0.0 /8
> >
> > I need 3 distinct zones which is why I wanted to separate them out. In
>
> > any case, I was wondering about the status of the 1 /8 and the 100 /8
> > networks. What does it mean that they are IANA reserved? Reserved for
> > what? http://www.iana.org/assignments/ipv4-address-space
> >
> > Anyone else ever use IANA reserved address spacing for
> > lab networks? Is there anything special I need to know?
> > I'm under the impression that as long as I stay away
> > from special use address space, I've got no worries.
> > http://www.rfc-editor.org/rfc/rfc3330.txt
> >
> > Thanks,
> > BM
> >
>
More information about the NANOG
mailing list