- Posts: 1
- Thank you received: 0
non-private address on a private LAN
14 years 4 months ago #35271
by ignite255
non-private address on a private LAN was created by ignite255
Just started work at a small company who have a lan in a seperate office with 2 hosts (pc and a nasbox). The IT admin is using the address range 9.9.9.2 /24 and .3 for the pc and nasbox (he's using 9.9.9.1 /24 for the router default gateway). i asked him why he didnt use a 192. address and he said you can use any address on the private side of a lan? I thought 10/172/192 addresses were supposed to be used for private addresses or does it not matter?
14 years 4 months ago #35272
by JamieP
Jamie Parks
Network Engineer, UK
Replied by JamieP on topic Re: non-private address on a private LAN
Well...to start with tell him he dosnt have a clue....
In theory you can use ANY address inside your network, but if you dont own the range, you would have to NAT them to your public IP address, otherwise traffic wouldnt be able to get back to your network. also, say you used googles IP address range on your inside network, no one would be able to access google, as the traffic to googles main IP would never leave the LAN.
obivously best practice is to use one of the RFC1918 addresses
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
I would add that i have worked at places where they own a whole class B Range, and have given every machine inside the network a publicly routeable IP Address. i have no idea why you would do that, and given the current issues surrounding IPv4 shortages, it is quite irresponsible
In theory you can use ANY address inside your network, but if you dont own the range, you would have to NAT them to your public IP address, otherwise traffic wouldnt be able to get back to your network. also, say you used googles IP address range on your inside network, no one would be able to access google, as the traffic to googles main IP would never leave the LAN.
obivously best practice is to use one of the RFC1918 addresses
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
I would add that i have worked at places where they own a whole class B Range, and have given every machine inside the network a publicly routeable IP Address. i have no idea why you would do that, and given the current issues surrounding IPv4 shortages, it is quite irresponsible
Jamie Parks
Network Engineer, UK
14 years 4 months ago #35284
by KiLLaBeE
Replied by KiLLaBeE on topic Re: non-private address on a private LAN
Pretty bad idea of him to do that.
Not only is it bad practice, but he's also introducing complexity to troubleshooting, routing, and configuration. It irritates me when admins choose to not keep things simple or follow best practices...
Not only is it bad practice, but he's also introducing complexity to troubleshooting, routing, and configuration. It irritates me when admins choose to not keep things simple or follow best practices...
14 years 4 months ago #35291
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: non-private address on a private LAN
I Second Killabee's opinion - why do some admins choose to use non-standard ranges in their private networks ???
I Guess they just want to do something different from all the rest ? :roll:
I Guess they just want to do something different from all the rest ? :roll:
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Time to create page: 0.123 seconds