[90493] in North American Network Operators' Group
Re: Fwd: 41/8 announcement
daemon@ATHENA.MIT.EDU (Stephen Sprunk)
Fri May 26 16:12:46 2006
From: "Stephen Sprunk" <stephen@sprunk.org>
To: "william(at)elan.net" <william@elan.net>,
"Bill Woodcock" <woody@pch.net>
Cc: "Mikisa Richard" <rmikisa@gmail.com>,
"North American Noise and Off-topic Gripes" <nanog@merit.edu>
Date: Fri, 26 May 2006 15:11:37 -0500
Errors-To: owner-nanog@merit.edu
Thus spake "william(at)elan.net" <william@elan.net>
> On Fri, 26 May 2006, Bill Woodcock wrote:
>> Presumably they're double-natting. I had to do that once for Y2K
>> compliance for three large governmental networks that were all statically
>> addressed in net-10 and wouldn't/couldn't renumber in time. In fact,
>> there were _specific hosts_ which had the same IP address, and _had to
>> talk to each other_. Gross. But it can be done.
>
> Please explain how. I simply can't imagine my computer communicating
> with another one with exactly same ip address - the packet would never
> leave it. The only way I see to achieve this is to have dns resolver
> on the fly convert remote addresses from same network into some other
> network and then NAT from those other addresses.
Unfortunately, I've done this several times, most notably within one company
that had multiple instances of 10/8 that needed to talk to each other. A
decent (if one can use that term) NAT device will translate the addresses in
DNS responses, so two hosts that both live at 10.1.2.3 will see the other's
address as, for example, 192.168.1.2, both in DNS and in the IP headers.
It's extremely ugly, but that's what one gets for using private address
space. This exact scenario was a large part of why I supported ULAs for
IPv6.
S
Stephen Sprunk "Stupid people surround themselves with smart
CCIE #3723 people. Smart people surround themselves with
K5SSS smart people who disagree with them." --Aaron Sorkin
