[123967] in North American Network Operators' Group
Re: Using private APNIC range in US
daemon@ATHENA.MIT.EDU (Owen DeLong)
Thu Mar 18 14:29:33 2010
From: Owen DeLong <owen@delong.com>
In-Reply-To: <A54114F5-D1DF-4988-89D4-CFBB25206136@cisco.com>
Date: Thu, 18 Mar 2010 11:25:15 -0700
To: Fred Baker <fred@cisco.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mar 18, 2010, at 9:34 AM, Fred Baker wrote:
> Are they using them only within their domain(s), and ARIN addresses =
outside, or are they advertising them to their upstream(s) to be =
readvertised into the backbone?
>=20
> If they are using them internally and NAT'ing to the outside, they're =
not hurting themselves or anyone else. I would personally let them =
alone.
>=20
Except you're missing a keyword on the "not hurting themselves" part of =
that... It's "YET".
Once 1.0.0.0/8 starts getting used in the wild for legitimate sites, it =
means that this
customer won't be able to reach the legitimate 1.0.0.0/8 sites from =
within their
environment and it won't be immediately intuitive to debug the failures.
> If they are advertising them outside, it adds a small prefix in the =
ARIN domain that doesn't get aggregated by the upstream. Among 300K such =
prefixes it is probably noise, but gently suggesting that they use =
something aggregatable into their upstream's allocation would help a =
little bit in that regard. What they are most likely hurting is =
themselves, really; a datagram sent to the address from an ISP outside =
themselves probably travels via Australia or an Australian ISP.
>=20
The route announcement notwithstanding, they're using space that does =
not
belong to them and will belong to someone else in the near future. If =
you
think that is OK, please let me know what your addresses are so that I =
can
start re-using them.
Owen
> On Mar 18, 2010, at 8:52 AM, Jaren Angerbauer wrote:
>=20
>> Hi all,
>>=20
>> I have a client here in the US, that I just discovered is using a =
host
>> of private IPs that (as I understand) belong to APNIC (i.e.
>> 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. I'm assuming
>> that the addresses probably nat to a [US] public IP. I'm not =
familiar
>> enough with the use of private address space outside of ARIN (i.e.
>> 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and
>> accessible it must be working for them. I'm just wondering if there
>> is any recommendation or practice around this -- using private IP
>> ranges from another country. Thanks.
>>=20
>> --Jaren
>>=20
>=20
> http://www.ipinc.net/IPv4.GIF
>=20
