
<html>

  <head>

    <meta content="text/html; charset=ISO-8859-1"

      http-equiv="Content-Type">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    I meant to add that the text I pasted was from

    <a class="moz-txt-link-freetext" href="https://en.wikipedia.org/wiki/Private_network">https://en.wikipedia.org/wiki/Private_network</a><br>

    <br>

    <br>

    <div class="moz-cite-prefix">On 8/04/2014 2:11 p.m., Mark Foster

      wrote:<br>

    </div>

    <blockquote cite="mid:53435AE3.9070002@blakjak.net" type="cite">

      <meta content="text/html; charset=ISO-8859-1"

        http-equiv="Content-Type">

      Did I miss something?<br>

      <br>

      <h2><span class="mw-headline" id="Private_IPv4_address_spaces">Private


          IPv4 address spaces</span></h2>

      <p>The <a moz-do-not-send="true"

          href="https://en.wikipedia.org/wiki/Internet_Engineering_Task_Force"

          title="Internet Engineering Task Force">Internet Engineering

          Task Force</a> (IETF) has directed the <a

          moz-do-not-send="true"

          href="https://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority"

          title="Internet Assigned Numbers Authority">Internet Assigned

          Numbers Authority</a> (IANA) to reserve the following IPv4

        address ranges for private networks, as published in <a

          moz-do-not-send="true" class="external mw-magiclink-rfc"

          rel="nofollow" href="https://tools.ietf.org/html/rfc1918">RFC

          1918</a>:<sup id="cite_ref-1" class="reference"><a

            moz-do-not-send="true"

            href="https://en.wikipedia.org/wiki/Private_network#cite_note-1"><span>[</span>1<span>]</span></a></sup></p>

      <table class="wikitable">

        <tbody>

          <tr>

            <th>RFC1918 name</th>

            <th>IP address range</th>

            <th>number of addresses</th>

            <th>largest <a moz-do-not-send="true"

                href="https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing"

                title="Classless Inter-Domain Routing">CIDR</a> block

              (subnet mask)</th>

            <th>host id size</th>

            <th>mask bits</th>

            <th><i><a moz-do-not-send="true"

                  href="https://en.wikipedia.org/wiki/Classful_network"

                  title="Classful network">classful</a></i> description<sup

                id="cite_ref-3" class="reference"><a

                  moz-do-not-send="true"

                  href="https://en.wikipedia.org/wiki/Private_network#cite_note-3"><span>[</span>Note


                  1<span>]</span></a></sup></th>

          </tr>

          <tr>

            <td>24-bit block</td>

            <td>10.0.0.0 - 10.255.255.255</td>

            <td>16,777,216</td>

            <td>10.0.0.0/8 (255.0.0.0)</td>

            <td>24 bits</td>

            <td>8 bits</td>

            <td>single <a moz-do-not-send="true"

                href="https://en.wikipedia.org/wiki/Class_A_network"

                title="Class A network" class="mw-redirect">class A

                network</a></td>

          </tr>

          <tr>

            <td>20-bit block</td>

            <td>172.16.0.0 - 172.31.255.255</td>

            <td>1,048,576</td>

            <td>172.16.0.0/12 (255.240.0.0)</td>

            <td>20 bits</td>

            <td>12 bits</td>

            <td>16 contiguous class B networks</td>

          </tr>

          <tr>

            <td>16-bit block</td>

            <td>192.168.0.0 - 192.168.255.255</td>

            <td>65,536</td>

            <td>192.168.0.0/16 (255.255.0.0)</td>

            <td>16 bits</td>

            <td>16 bits</td>

            <td>256 contiguous class C networks</td>

          </tr>

        </tbody>

      </table>

      <br>

      .... pretty sure that 172.31.1.x IP's fit nicely within that

      20-bit block that encompasses everything from 172.16.0.0 to

      172.31.255.255...<br>

      <br>

      So where you've said 'non-RFC1918' you infact mean 'RFC1918',

      right? So you're having problems with AWS routing traffic for

      these RFC1918 addresses to the Internet when that's not what you

      want?<br>

      <br>

      Mark.<br>

      <br>

      <div class="moz-cite-prefix">On 8/04/2014 2:07 p.m., Geordie Guy

        wrote:<br>

      </div>

      <blockquote

cite="mid:CAHTNzfkxkJH1nAHToS+aAAeZZBp20yZPb+7WBS4nxO7SA+2P5Q@mail.gmail.com"

        type="cite">

        <div dir="ltr">Hi Folks,

          <div><br>

          </div>

          <div>Working with a B2B partner who has exposed non-RFC1918

            addresses 172.31.1.2 and 172.31.1.3 through a VPN tunnel to

            our environment, and this works fine for hitting a web

            service down the tunnel from our local networks.  We have a

            development footprint in AWS that is shanking at this,

            because an overlying abstraction layer for how AWS S3

            instances route means that if it sees a non-RFC1918 range it

            sends it out to the Internet regardless of any host or other

            level routes that are specified.  I can set route add <a

              moz-do-not-send="true" href="http://172.31.1.0/24">172.31.1.0/24</a>

            via a gateway or for that matter the loopback until I go

            blue in the face and the server will merrily continue to try

            and find the IP on the Internet.</div>

          <div><br>

          </div>

          <div>What I need to do, other than not allow design decisions

            that involve non RFC-1918 addresses for private networks, is

            redirect a TCP port (443) from an IP that I *CAN* hit inside

            our network, to the 172.31.1.0 range down the tunnel, so

            that <span

style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px"><a

                moz-do-not-send="true" href="http://1654287.r.msn.com">1654287.r.msn.com</a>

              stops scratching his head at the traffic trying to hit him

              from AWS.</span></div>

          <div><span

style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px"><br>

            </span></div>

          <div><span

style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px">What


              do I do to accomplish this?  Netcat?  And before anyone

              says NAT, there's already been enough bad decisions made

              here.</span></div>

          <div><span

style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px"><br>

            </span></div>

          <div><span

style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px">Regards,</span></div>

          <div><span

style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px"><br>

            </span></div>

          <div><span

style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px">Geordie</span></div>

        </div>

        <br>

        <fieldset class="mimeAttachmentHeader"></fieldset>

        <br>

        <pre wrap="">_______________________________________________

AusNOG mailing list

<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>

<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>

</pre>

      </blockquote>

      <br>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

AusNOG mailing list

<a class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>

<a class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>

</pre>

    </blockquote>

    <br>

  </body>

</html>