Skip to main content

non-private address on a private LAN

More
14 years 4 months ago #35271 by ignite255
Just started work at a small company who have a lan in a seperate office with 2 hosts (pc and a nasbox). The IT admin is using the address range 9.9.9.2 /24 and .3 for the pc and nasbox (he's using 9.9.9.1 /24 for the router default gateway). i asked him why he didnt use a 192. address and he said you can use any address on the private side of a lan? I thought 10/172/192 addresses were supposed to be used for private addresses or does it not matter?
More
14 years 4 months ago #35272 by JamieP
Well...to start with tell him he dosnt have a clue....

In theory you can use ANY address inside your network, but if you dont own the range, you would have to NAT them to your public IP address, otherwise traffic wouldnt be able to get back to your network. also, say you used googles IP address range on your inside network, no one would be able to access google, as the traffic to googles main IP would never leave the LAN.

obivously best practice is to use one of the RFC1918 addresses

10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255


I would add that i have worked at places where they own a whole class B Range, and have given every machine inside the network a publicly routeable IP Address. i have no idea why you would do that, and given the current issues surrounding IPv4 shortages, it is quite irresponsible

Jamie Parks
Network Engineer, UK
More
14 years 4 months ago #35284 by KiLLaBeE
Pretty bad idea of him to do that.

Not only is it bad practice, but he's also introducing complexity to troubleshooting, routing, and configuration. It irritates me when admins choose to not keep things simple or follow best practices...
More
14 years 4 months ago #35291 by Chris
I Second Killabee's opinion - why do some admins choose to use non-standard ranges in their private networks ???

I Guess they just want to do something different from all the rest ? :roll:

Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Time to create page: 0.123 seconds