Using private APNIC range in US

Jay Hennigan jay at west.net
Sun Mar 28 22:53:26 UTC 2010


On 3/18/10 8:52 AM, Jaren Angerbauer wrote:
> Hi all,
> 
> I have a client here in the US, that I just discovered is using a host
> of private IPs that (as I understand) belong to APNIC (i.e.
> 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. 

Actually, those are public IPs.  The 1/8 block is presently undergoing
testing for use as a public network.  Private IPs are defined in RFC1918
and don't "belong" to a regional registry.

> I'm assuming
> that the addresses probably nat to a [US] public IP.  

If their webservers are located in North America and visible from the
Internet, that is probably a valid assumption.  "nslookup", "host" or
"dig" on the hostname should give you a more definitive answer.

> I'm not familiar
> enough with the use of private address space outside of ARIN (i.e.
> 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and
> accessible it must be working for them. 

For some value of "working", that may be accurate today.  It is also
going to be true for some values of "broken", if not now then in the
future.

Private address space is not part of ARIN, APNIC, etc.  It is global and
defined by RFC1918.

> I'm just wondering if there
> is any recommendation or practice around this -- using private IP
> ranges from another country.  Thanks.

There is no such thing as a "private IP range from a country".  Private
addresses are global.

The recommendation and practice is to use addresses from RFC1918 for
private addresses.  If these resources need to be visible from the
Internet, then NAT to public addresses assigned or allocated to the
operator of the system will be needed.

Your client should renumber his private addresses to a netblock that is
defined in RC1918 such as 10/8, 172.16/12, or 192.168/16

-- 
--
Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
Impulse Internet Service  -  http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV




More information about the NANOG mailing list