<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    I meant to add that the text I pasted was from
    <a class="moz-txt-link-freetext" href="https://en.wikipedia.org/wiki/Private_network">https://en.wikipedia.org/wiki/Private_network</a><br>
    <br>
    <br>
    <div class="moz-cite-prefix">On 8/04/2014 2:11 p.m., Mark Foster
      wrote:<br>
    </div>
    <blockquote cite="mid:53435AE3.9070002@blakjak.net" type="cite">
      <meta content="text/html; charset=ISO-8859-1"
        http-equiv="Content-Type">
      Did I miss something?<br>
      <br>
      <h2><span class="mw-headline" id="Private_IPv4_address_spaces">Private

          IPv4 address spaces</span></h2>
      <p>The <a moz-do-not-send="true"
          href="https://en.wikipedia.org/wiki/Internet_Engineering_Task_Force"
          title="Internet Engineering Task Force">Internet Engineering
          Task Force</a> (IETF) has directed the <a
          moz-do-not-send="true"
          href="https://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority"
          title="Internet Assigned Numbers Authority">Internet Assigned
          Numbers Authority</a> (IANA) to reserve the following IPv4
        address ranges for private networks, as published in <a
          moz-do-not-send="true" class="external mw-magiclink-rfc"
          rel="nofollow" href="https://tools.ietf.org/html/rfc1918">RFC
          1918</a>:<sup id="cite_ref-1" class="reference"><a
            moz-do-not-send="true"
            href="https://en.wikipedia.org/wiki/Private_network#cite_note-1"><span>[</span>1<span>]</span></a></sup></p>
      <table class="wikitable">
        <tbody>
          <tr>
            <th>RFC1918 name</th>
            <th>IP address range</th>
            <th>number of addresses</th>
            <th>largest <a moz-do-not-send="true"
                href="https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing"
                title="Classless Inter-Domain Routing">CIDR</a> block
              (subnet mask)</th>
            <th>host id size</th>
            <th>mask bits</th>
            <th><i><a moz-do-not-send="true"
                  href="https://en.wikipedia.org/wiki/Classful_network"
                  title="Classful network">classful</a></i> description<sup
                id="cite_ref-3" class="reference"><a
                  moz-do-not-send="true"
                  href="https://en.wikipedia.org/wiki/Private_network#cite_note-3"><span>[</span>Note

                  1<span>]</span></a></sup></th>
          </tr>
          <tr>
            <td>24-bit block</td>
            <td>10.0.0.0 - 10.255.255.255</td>
            <td>16,777,216</td>
            <td>10.0.0.0/8 (255.0.0.0)</td>
            <td>24 bits</td>
            <td>8 bits</td>
            <td>single <a moz-do-not-send="true"
                href="https://en.wikipedia.org/wiki/Class_A_network"
                title="Class A network" class="mw-redirect">class A
                network</a></td>
          </tr>
          <tr>
            <td>20-bit block</td>
            <td>172.16.0.0 - 172.31.255.255</td>
            <td>1,048,576</td>
            <td>172.16.0.0/12 (255.240.0.0)</td>
            <td>20 bits</td>
            <td>12 bits</td>
            <td>16 contiguous class B networks</td>
          </tr>
          <tr>
            <td>16-bit block</td>
            <td>192.168.0.0 - 192.168.255.255</td>
            <td>65,536</td>
            <td>192.168.0.0/16 (255.255.0.0)</td>
            <td>16 bits</td>
            <td>16 bits</td>
            <td>256 contiguous class C networks</td>
          </tr>
        </tbody>
      </table>
      <br>
      .... pretty sure that 172.31.1.x IP's fit nicely within that
      20-bit block that encompasses everything from 172.16.0.0 to
      172.31.255.255...<br>
      <br>
      So where you've said 'non-RFC1918' you infact mean 'RFC1918',
      right? So you're having problems with AWS routing traffic for
      these RFC1918 addresses to the Internet when that's not what you
      want?<br>
      <br>
      Mark.<br>
      <br>
      <div class="moz-cite-prefix">On 8/04/2014 2:07 p.m., Geordie Guy
        wrote:<br>
      </div>
      <blockquote
cite="mid:CAHTNzfkxkJH1nAHToS+aAAeZZBp20yZPb+7WBS4nxO7SA+2P5Q@mail.gmail.com"
        type="cite">
        <div dir="ltr">Hi Folks,
          <div><br>
          </div>
          <div>Working with a B2B partner who has exposed non-RFC1918
            addresses 172.31.1.2 and 172.31.1.3 through a VPN tunnel to
            our environment, and this works fine for hitting a web
            service down the tunnel from our local networks.  We have a
            development footprint in AWS that is shanking at this,
            because an overlying abstraction layer for how AWS S3
            instances route means that if it sees a non-RFC1918 range it
            sends it out to the Internet regardless of any host or other
            level routes that are specified.  I can set route add <a
              moz-do-not-send="true" href="http://172.31.1.0/24">172.31.1.0/24</a>
            via a gateway or for that matter the loopback until I go
            blue in the face and the server will merrily continue to try
            and find the IP on the Internet.</div>
          <div><br>
          </div>
          <div>What I need to do, other than not allow design decisions
            that involve non RFC-1918 addresses for private networks, is
            redirect a TCP port (443) from an IP that I *CAN* hit inside
            our network, to the 172.31.1.0 range down the tunnel, so
            that <span
style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px"><a
                moz-do-not-send="true" href="http://1654287.r.msn.com">1654287.r.msn.com</a>
              stops scratching his head at the traffic trying to hit him
              from AWS.</span></div>
          <div><span
style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px"><br>
            </span></div>
          <div><span
style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px">What

              do I do to accomplish this?  Netcat?  And before anyone
              says NAT, there's already been enough bad decisions made
              here.</span></div>
          <div><span
style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px"><br>
            </span></div>
          <div><span
style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px">Regards,</span></div>
          <div><span
style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px"><br>
            </span></div>
          <div><span
style="color:rgb(0,0,0);font-family:Arial,Helvetica,sans-serif;font-size:12px;line-height:18px">Geordie</span></div>
        </div>
        <br>
        <fieldset class="mimeAttachmentHeader"></fieldset>
        <br>
        <pre wrap="">_______________________________________________
AusNOG mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
      </blockquote>
      <br>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
AusNOG mailing list
<a class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>
<a class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>