nanog mailing list archives
Re: Post-Exhaustion-phase "punishment" for early adopters
From: Joel Jaeggli <joelja () bogus com>
Date: Wed, 09 Feb 2011 09:21:09 -0800
On 2/9/11 4:35 AM, Sam Stickland wrote:
On 9 Feb 2011, at 02:43, "R. Benjamin Kessler" <Ben.Kessler () zenetra com> wrote:From: George Herbert [mailto:george.herbert () gmail com]"Let's just grab 2/8, it's not routed on the Internet..."+1 I was consulting for a financial services firm in the late '90s that was acquired by a large east-coast bank; the bank's brilliant scheme was to renumber all new acquisitions *out* of RFC1918 space and into (at the time) bogon space. If I recall, some of the arguments were "they were too big to fit into RFC1918 space" and by having all of their divisions in non-RFC1918 space it would make it easier for them to acquire new companies who used RFC1918 space internally.You don't have to trawl back to the late 90's to find this, I know of at least 3 or 4 large enterprises using large chunks of public address (multiple /8's) that aren't their's /today/. This "works" because 1) the Internet is only accessed through proxies, 2) devices that require direct Internet access are addressed out of registered address space (or NATed to registered address space), and 3) third party connections to others enterprises are usually src/dst NATTed to the enterprise's own ranges (with the added benefit that this NAT at 3rd party boundaries helps ensure symmetric traffic flow through firewalls).
sotime it works... if you are natted (from your public scoped but overlapping ipv4 address) but don't go through a proxy, or you go through a transparent proxy you may still be dead because the internal route covers you destination. Those aren't just enterprises either, some fairly common offenders are ISPs or wireless carriers and they did use just one or two additional /8s... joel
And I've only worked at 3 or 4 large enterprises so it's probably safe to assume there's more! With my SP background I was shocked and I'm not trying to defend this practice, but in the enterprise land it seems accepted. Sam
Current thread:
- Re: Post-Exhaustion-phase "punishment" for early adopters, (continued)
- Re: Post-Exhaustion-phase "punishment" for early adopters Sam Stickland (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters Matthew Kaufman (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters Mark Andrews (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters George Herbert (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters Valdis . Kletnieks (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters George Herbert (Feb 08)
- RE: Post-Exhaustion-phase "punishment" for early adopters R. Benjamin Kessler (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters David Barak (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters George Herbert (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters Sam Stickland (Feb 09)
- Re: Post-Exhaustion-phase "punishment" for early adopters Joel Jaeggli (Feb 09)
- Re: Post-Exhaustion-phase "punishment" for early adopters Owen DeLong (Feb 09)
- Re: Post-Exhaustion-phase "punishment" for early adopters Sam Stickland (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters Lynda (Feb 08)
- Re: Post-Exhaustion-phase "punishment" for early adopters Benson Schliesser (Feb 08)