4

I have a network that uses the 192.192.192.x network address for their private network. It looks like publicly those are IP addresses that are assigned in Taiwan. I don't think they do too much business there, so it shouldn't "impact" their work.

My question: Is there any RFC information or any other networking articles for best practices that I could present to justify changing the network to a real private IP class network?

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Nixphoe
  • 4,524
  • 7
  • 32
  • 51
  • It could make routing harder for you in the future if you route with someone who refuses to handle your private networks that are in the public space. You might need some NAT trickery to solve it, making everyone's life more painful. – gparent Oct 17 '12 at 15:05
  • 7
    There isn't an RFC saying you shouldn't use a CAT5 cable as a urinary catheter. Not all bad ideas are prohibited by RFCs or best practices; some bad ideas are just stupid. (In this case there is an RFC you can refer to, but something to keep in mind.) – HopelessN00b Oct 17 '12 at 15:06
  • Yes, our firewall handles all that. I like running things "correctly" vs "oh that shouldn't effect us." – Nixphoe Oct 17 '12 at 15:06
  • http://serverfault.com/questions/402702/confronting-other-orgs-using-public-ips-internally/402706#402706 – mfinni Oct 17 '12 at 15:08
  • 1
    Routing isn't the only issue. If you need to email any organization whose MX/A records fall within that range then your email is going to go into a black hole. – joeqwerty Oct 17 '12 at 21:15

1 Answers1

11

RFC1918 outlines the IP space that should be used for private internal use.

It sounds like you already know this, but users on this network will not be able to communicate with any devices that are on the real 192.192.192.0/24.

Also, as @voretaq7 points out in chat, your registrar might be none too pleased with you using public IPs that aren't yours.

Community
  • 1
MDMarra
  • 100,183
  • 32
  • 195
  • 326
  • 2
    That netblock is owned by the Taiwan Ministry of Education, which uses it to provide name service for the entire `.tw` top-level domain. At least one of the `.tw` name servers resides within the 192.192.192.0/24 block. So, not only can they not reach you, but you may have trouble reaching _anything_ in `.tw`. – Michael Hampton Oct 17 '12 at 15:16
  • 1
    @MichaelHampton Actually, it sounds like they're NATing to the outside world, so they would be reachable from .tw, but certainly not the other way around. – MDMarra Oct 17 '12 at 15:25
  • 3
    Good point. Though I wouldn't count on return traffic working properly if the edge server also has visibility to the private network. – Michael Hampton Oct 17 '12 at 15:26
  • Actually...that's a good point. – MDMarra Oct 17 '12 at 15:28