North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: classful routes redux

  • From: Stephen Sprunk
  • Date: Tue Nov 08 23:24:00 2005

Thus spake <[email protected]>
... which is why I specifically said "no intention to ever connect to,
or communicates with nodes on, the global network". In which case
overlaps in adressblocks are irrelevant, as are any mention of NAT and
firewalls as there is no connection (direct or indirect) between the
networks.
The only case that I am aware of where there is truly
*NO* intention to ever connect to the global Internet
is military networks. When I was referring to other
internets I did not have military networks in mind.

In every other case that I am aware of, the partcipants
in the internet also maintain connectivity to the Internet
via alternate paths.
I've personally dealt with private networks that had no intent of ever connecting to the Internet, though they were connected to other internal networks that did have such connectivity and to business partners (over private links) that probably did as well.

One I still have nightmares about was a mess of eight (yes, eight) instances of 10/8 which were dynamically NATed to class B addresses to reach common servers and for communication to various partners, with a few tens of thousands of static NAT entries for devices that needed to be polled. I suppose if those private networks had had a default route (they didn't) and there were no firewalls in the way (there were) they could have reached the Internet, but at the time it was designed there was no intent to ever allow such.

Too bad the equipment we had to support didn't understand IPv6, or we could have gotten away with using the site-local prefix (or, later, ULAs) and no NAT at all.

S

Stephen Sprunk "Stupid people surround themselves with smart
CCIE #3723 people. Smart people surround themselves with
K5SSS smart people who disagree with them." --Aaron Sorkin