sábado, 25 de julho de 2009

○ Unauthorized or Illegal IP Public IP Addresses on Private Network

Yes, they are out there on private networks. Luckily, routers do not route these packets outwards because they already know the interfaces to which those Illegal IP's are.

I say illegal but they are only illegal from an RFC point of view.

I remember a while back trying to look for information about these RFC illegal networks but not finding anything relevant.

I have been on a company that had been implemented with this scenario. They had IP from 190.1.X.X to 190.5.X.X . Even worst these were class B IP Addresses for a small to medium sized company with just over 100 employees.

What happened in theses cases was that altough the routers were routing correctly, the DNS Servers were getting their entries for the local domain hosts from the internet. So, depending on which hostname would register with the Internet's cached DNS, this host could not be reached from another by it's DNS name. Fortunely, NETBios was still in tha game and allowed other computers to ping and whatever to those trough their NetBios name. Nevertheless, caotic in my opinion. Useless to say that any computer in this network could not access outsite resources when these resource IP's were within these Class B ranges. What a mess, like it was not enough datacenter's switch wiring was all messed up as well.
Funny example:


A big restructuring for this network topology was issued some time later which i was a part of to deploy VLAN's and reformulate the entire infrastructure, from Class B to Class C and from Illegal to Legal Addresses ( Reserved Addresses for Private Networking ). Big adventure i tell you, but definitely payed off. Much better.