North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IANA reserved Address Space

  • From: Jay Hennigan
  • Date: Sat May 31 02:55:41 2003

On Fri, 30 May 2003 [email protected] wrote:

> > I'm tasked with coming up with an IP plan for an very large lab
> > network. I want to maximize route table manageability and
> > router/firewall log readability. I was thinking of building this
> > lab with the following address space:
> >
> > /8
> > /8
> > /8
> I encourage my competitors to do this.
> or read another way, this is fairly stupid, but as log as
> this stupidity doesn't affect me, I don't care. However the
> person tasked with cleaning tha crap up behind you may not feel
> the same.
> Doing something right, the first time saves having to do it over
> again and again and again and again.

If this is a test lab or a learning/practice lab where the users will be
simulating real-world scenarios and/or doing NAT and other things that
involve public/private addressing issues, then it would IMHO be suitable
to use a mix of reserved private space and routable space as appropriate.

This would also be useful if it's being used to do a dry-run configuration
of networks that will eventually be connected to the Internet.  This way
once the bugs are worked out, you can cut-and-paste the configurations
onto the production network.

As long as the people running the lab have it sufficiently firewalled
that lab bogosities, BGP sessions, etc. are constrained to the lab
itself, it shouldn't matter.  Another caveat is that the students or
persons using the lab are sufficiently well trained in the differences
between routable and reserved private space.  No sense in teaching even
more people to use public space for private networks that later need to
connect to the world but don't/won't/can't renumber.  Worse yet are those
who want to advertise 10/8 to the rest of us.  There are enough of both
out there already.

As far as any need for the lab to access the Internet for software
downloads, general browsing, etc., a well-implemented and firewalled
proxy server might be a good idea.

What the "right" answer is depends to a great extent on the purpose of
the lab and the clue level of its users.

Jay Hennigan - CCIE #7880 - Network Administration - [email protected]
WestNet:  Connecting you to the planet.  805 884-6323      WB6RDV
NetLojix Communications, Inc.  -