classful routes redux
Stephen Sprunk
stephen at sprunk.org
Wed Nov 9 04:19:24 UTC 2005
Thus spake <Michael.Dillon at btradianz.com>
>> ... which is why I specifically said "no intention to ever connect to,
>> or communicates with nodes on, the global network". In which case
>> overlaps in adressblocks are irrelevant, as are any mention of NAT and
>> firewalls as there is no connection (direct or indirect) between the
>> networks.
>
> The only case that I am aware of where there is truly
> *NO* intention to ever connect to the global Internet
> is military networks. When I was referring to other
> internets I did not have military networks in mind.
>
> In every other case that I am aware of, the partcipants
> in the internet also maintain connectivity to the Internet
> via alternate paths.
I've personally dealt with private networks that had no intent of ever
connecting to the Internet, though they were connected to other internal
networks that did have such connectivity and to business partners (over
private links) that probably did as well.
One I still have nightmares about was a mess of eight (yes, eight) instances
of 10/8 which were dynamically NATed to class B addresses to reach common
servers and for communication to various partners, with a few tens of
thousands of static NAT entries for devices that needed to be polled. I
suppose if those private networks had had a default route (they didn't) and
there were no firewalls in the way (there were) they could have reached the
Internet, but at the time it was designed there was no intent to ever allow
such.
Too bad the equipment we had to support didn't understand IPv6, or we could
have gotten away with using the site-local prefix (or, later, ULAs) and no
NAT at all.
S
Stephen Sprunk "Stupid people surround themselves with smart
CCIE #3723 people. Smart people surround themselves with
K5SSS smart people who disagree with them." --Aaron Sorkin
More information about the NANOG
mailing list