[AusNOG] Telstra using US DOD IP's like they are RFC1918

Shaun Dwyer shaun at dwyer.id.au
Fri Apr 22 16:13:04 EST 2016 

Using bogon space, even in an internal network can be troublesome. I'd suggest ipv6 before ipv4 bogons.

I have a client using some bogon space internally, and even though you tweak the knobs in $vendor’s product to permit the specific bogon range, some protocols have hard-coded  ‘do-not-forward-this-ever’... and stuff breaks. In this particular network, we’ve ended up with a few corner cases that we’d rather not have. Interoperability via VPNs to external networks is a big problem for them too. You almost always end up NAT’ing or migrating servers into sensible IP space. Some times is bugs, other times its other networks not wanting to permit bogons.


Cheers!
Shaun


> On 22 Apr 2016, at 11:41 AM, Ben Hohnke <settra+ausnog at gmail.com> wrote:
> 
> I supposed technically you could use anything on the bogon list as internal space if you really needed.
> http://www.team-cymru.org/bogon-dotted-decimal.html <http://www.team-cymru.org/bogon-dotted-decimal.html>
> 
> 
> 0.0.0.0/8 <http://0.0.0.0/8> anyone?
> 
> On Fri, Apr 22, 2016 at 1:36 PM Mark Smith <markzzzsmith at gmail.com <mailto:markzzzsmith at gmail.com>> wrote:
> 
> On 22 Apr 2016 1:25 PM, "Jim Woodward" <jim at alwaysnever.net <mailto:jim at alwaysnever.net>> wrote:
> >
> >
> >
> > On 22/04/2016 11:17 AM, Damien Luke wrote:
> >>
> >> I've generally seen it used when they join two MPLS VPNs, they do a NAT in between to keep the routing domains separate.
> >>
> >> Damien
> >
> >
> > I would have thought if they were worried about RFC 1918 overlap then they could use RFC 6264 (CGNat Transition space) which is 100.64.0.0/10 <http://100.64.0.0/10>
> >
> 
> The lesson is to *NOT* use things for which they're *NOT* intended.
> 
> *CGNat Transition space*
> 
> 
> 
> 
> 
> > Legacy tidy ups aside :)
> >
> > Kind Regards,
> > Jim.
> >
> >
> > _______________________________________________
> > AusNOG mailing list
> > AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
> > http://lists.ausnog.net/mailman/listinfo/ausnog <http://lists.ausnog.net/mailman/listinfo/ausnog>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
> http://lists.ausnog.net/mailman/listinfo/ausnog <http://lists.ausnog.net/mailman/listinfo/ausnog>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160422/3bd1db8e/attachment.html>

More information about the AusNOG mailing list