[plug] Come to the masquerade ball . . .

Matt Kemner zombie at networx.net.au
Fri Jul 10 09:38:59 WST 1998


On Thu, 9 Jul 1998, John Darrington wrote:

> I was of course aware that 192.168.*.* was for private networks, but didn't 
> realise this was enforced by the software.

It's not enforced by software.

> I thought its was just convention.

It is just convention, however the core routers of the internet have been 
configured to drop all packets with source or destination addresses in
that range, as should any decent ISP's (my border router does not permit
packets with source addresses other than Networx' to come from local
hosts, or packets with source addresses from Networx, 192.168.*, 127.* etc
from the "world" side of the router)

It is for this reason that you are recommended to use the 192.168 numbers
- you can use anything you like, you can use microsoft's class C if you
prefer, as long as you have your masquerading set up properly.. the idea
is however that if you make a mistake, and your gateway starts routing the
packets instead of masquerading them, it will do no harm because the
packets (with source 192.168.* or 10.* or 172.16-31.*.*) will be silently
dropped by the core routers)

"Routers in networks not using private address space, especially those of
Internet service providers, are expected to be configured to reject
(filter out) routing information about private networks.  If such a router
receives such information the rejection shall not be treated as a routing
protocol error."
 from RFC1918 "Address Allocation for Private Internets"
   ftp://typhaon.ucs.uwa.edu.au/pub/rfc/rfc1918.txt.gz
    (and from any other rfc mirror, but uwa.edu.au is on WAIX)

 - Matt Kemner
System Administrator/BOFH        "An NT server can be run by an idiot,
Networx Internet                  and usually is."
(08) 9 345 3377                            -- emsi at it.pl



More information about the plug mailing list