Re: Using private APNIC range in US
On 3/18/10 8:52 AM, Jaren Angerbauer wrote: Hi all, I have a client here in the US, that I just discovered is using a host of private IPs that (as I understand) belong to APNIC (i.e. 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. Actually, those are public IPs. The 1/8 block is presently undergoing testing for use as a public network. Private IPs are defined in RFC1918 and don't belong to a regional registry. I'm assuming that the addresses probably nat to a [US] public IP. If their webservers are located in North America and visible from the Internet, that is probably a valid assumption. nslookup, host or dig on the hostname should give you a more definitive answer. I'm not familiar enough with the use of private address space outside of ARIN (i.e. 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and accessible it must be working for them. For some value of working, that may be accurate today. It is also going to be true for some values of broken, if not now then in the future. Private address space is not part of ARIN, APNIC, etc. It is global and defined by RFC1918. I'm just wondering if there is any recommendation or practice around this -- using private IP ranges from another country. Thanks. There is no such thing as a private IP range from a country. Private addresses are global. The recommendation and practice is to use addresses from RFC1918 for private addresses. If these resources need to be visible from the Internet, then NAT to public addresses assigned or allocated to the operator of the system will be needed. Your client should renumber his private addresses to a netblock that is defined in RC1918 such as 10/8, 172.16/12, or 192.168/16 -- -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
Re: Using private APNIC range in US
On Thu, 18 Mar 2010 10:48:52 -0600 Tom Ammon tom.am...@utah.edu wrote: RFC1918 is a good place to start ;) Most of the issues in Deprecating Site Local Addresses http://www.rfc-editor.org/rfc/rfc3879.txt identified in IPv6 Site-Local addressing also apply to duplicated/overlapping IPv4 addressing. On 3/18/2010 10:22 AM, Jaren Angerbauer wrote: Thanks all for the on / off list responses on this. I acknowledge I'm playing in territory I'm not familiar with, and was a bad idea to jump to the conclusion that this range was private. I made that assumption originally because the entire /8 was owned by APNIC, and just figured since the registrar owned them, it must have been a private range. :S It sounds like this range was just recently assigned -- is there any document (RFC?) or source I could look through to learn more about this, and/or provide evidence to my client? Thanks, Jaren -- Tom Ammon Network Engineer Office: 801.587.0976 Mobile: 801.674.9273 Center for High Performance Computing University of Utah http://www.chpc.utah.edu
Re: Using private APNIC range in US
It sounds like this range was just recently assigned -- is there any document (RFC?) or source I could look through to learn more about this, and/or provide evidence to my client http://www.iana.org/assignments/ipv4-address-space/ Thanks, Jaren -- Tom Ammon Network Engineer Office: 801.587.0976 Mobile: 801.674.9273 Center for High Performance Computing University of Utah http://www.chpc.utah.edu
Re: Using private APNIC range in US
On 2010-03-18 19:35, Jared Mauch wrote: http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. A lot of cheap, low-end devices (sometimes with names of well-know vendors) use IPs like 1.1.1.1 and 1.2.3.4 as captive portal IPs to authenticate connecting clients. A lot of WLAN hotspots users will have problems reaching 1/8 unless they connect via VPN to corporate and browse from there or something like that. The question is how soon 1/8 will have interesting content to serve, as I know at least one popular hotel chain in Europe using 1.1.1.1. -- Everything will be okay in the end. | Łukasz Bromirski If it's not okay, it's not the end. | http://lukasz.bromirski.net
Re: Using private APNIC range in US
On 19/03/2010 06:04, Matt Shadbolt wrote: I once had a customer who for some reason had all their printers on public addresses they didn't own. Not advertising them outside, but internally whenever a user browsed to a external site that happened to be one of the addresses used, they would just receive a HP or Konica login page :) I have seen quite a number of organisations using /24s that they have pirated from various places. Worst culprits seem to be small access providers who change upstream providers and are too lazy to renumber their corporated network away from the IPs that have been reclaimed. They stick in a NAT and then ignore the problem for a few years. One particular company insisted that their pirate IP block be routable within the shiny new core network causing endless headaches making sure it doesn't leak into their BGP. Another ISP is even using oops-I-thought-that-was-RFC1918-addresses in the vicinity of 172.50.x.x and pirate space from 6.7.8.x for their point to point links. They didn't mind though. No idea if they've changed it since. On Fri, Mar 19, 2010 at 6:41 AM, Larry Sheldonlarryshel...@cox.net wrote: On 3/18/2010 14:30, William Allen Simpson wrote: On 3/18/10 2:35 PM, Jared Mauch wrote: Does anyone know if the University of Michigan or Cisco are going be updating their systems and documentation to no longer use 1.2.3.4 ? http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. Dunno about cisco. med.umich.edu seems to run their own stuff, separately from umich.edu, and quite badly. I've complained about their setup repeatedly over the past several years. No traction. Is it something about Medical Schools? When we were first putting together the campus network, Surgery was running a Token Ring (I thought Vampire Tap was a fitting item for their inventory) running in Class D space as I recall. Should we try again, jointly? ;-) Towards the end, there were people who insisted I must rout their net to the Internets. I declined. -- Democracy: Three wolves and a sheep voting on the dinner menu. (A republic, using parliamentary law, protects the minority.) Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml -- Graham Beneke
Re: Using private APNIC range in US
On Thu, 2010-03-18 at 14:50 -0400, Daniel Senie wrote:
As you note, debugging this type of thing is often not intuitive, as
everything appears to work from almost everywhere
I got curious yesterday and set off a couple (very slow {option -T0},
very polite, very restrictive) nmap single port scans of a few lumps of
1.0.0.0/22 yesterday, but couldn't see much out there due to my several
of our ISPs internal boxes.
It looks like chaos-squared out there. I don't envy anyone fathoming
that stuff out for real.
Still, that said, the transition to fully signed roots seems to be going
along without too much breakage (I think/hope!) so maybe only time will
tell how much this latest block release will give trouble longterm.
Gord
--
rockin ze chair mit Davey Graham to Banshee from rackserver-2
Re: Using private APNIC range in US
On Fri, 2010-03-19 at 06:08 +, gordon b slater wrote: It looks like chaos-squared out there. I don't envy anyone fathoming that stuff out for real. clarification: `chaos` due to our ISP running internal boxes on the range in question, rather than external chaos. The implication being: if it's looping around inside the customers ISP then there's not much hope of easy troubleshooting, Gord -- sig nal generator
Re: Using private APNIC range in US
I love war stories. I once got chewed out by a colleague ? from another organization because we were using their address space. We were using 10.0.0.0/8. Explanation of NAT and RFC1918 was met with a deer in the headlights look. On Fri, Mar 19, 2010 at 12:04 AM, Matt Shadbolt matt.shadb...@gmail.com wrote: I once had a customer who for some reason had all their printers on public addresses they didn't own. Not advertising them outside, but internally whenever a user browsed to a external site that happened to be one of the addresses used, they would just receive a HP or Konica login page :) They didn't mind though. No idea if they've changed it since. On Fri, Mar 19, 2010 at 6:41 AM, Larry Sheldon larryshel...@cox.net wrote: On 3/18/2010 14:30, William Allen Simpson wrote: On 3/18/10 2:35 PM, Jared Mauch wrote: Does anyone know if the University of Michigan or Cisco are going be updating their systems and documentation to no longer use 1.2.3.4 ? http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. Dunno about cisco. med.umich.edu seems to run their own stuff, separately from umich.edu, and quite badly. I've complained about their setup repeatedly over the past several years. No traction. Is it something about Medical Schools? When we were first putting together the campus network, Surgery was running a Token Ring (I thought Vampire Tap was a fitting item for their inventory) running in Class D space as I recall. Should we try again, jointly? ;-) Towards the end, there were people who insisted I must rout their net to the Internets. I declined. -- Democracy: Three wolves and a sheep voting on the dinner menu. (A republic, using parliamentary law, protects the minority.) Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml -- = Charles L. Mills Westmoreland Co. ARES EC Amateur Radio Callsign W3YNI Email: w3y...@gmail.com
Re: Using private APNIC range in US
Chuck - Very true... What about the time our old manager (MARTIN) gave your old organization that Entire Class B On Fri, Mar 19, 2010 at 11:06 AM, Charles Mills w3y...@gmail.com wrote: I love war stories. I once got chewed out by a colleague ? from another organization because we were using their address space. We were using 10.0.0.0/8. Explanation of NAT and RFC1918 was met with a deer in the headlights look. On Fri, Mar 19, 2010 at 12:04 AM, Matt Shadbolt matt.shadb...@gmail.com wrote: I once had a customer who for some reason had all their printers on public addresses they didn't own. Not advertising them outside, but internally whenever a user browsed to a external site that happened to be one of the addresses used, they would just receive a HP or Konica login page :) They didn't mind though. No idea if they've changed it since. On Fri, Mar 19, 2010 at 6:41 AM, Larry Sheldon larryshel...@cox.net wrote: On 3/18/2010 14:30, William Allen Simpson wrote: On 3/18/10 2:35 PM, Jared Mauch wrote: Does anyone know if the University of Michigan or Cisco are going be updating their systems and documentation to no longer use 1.2.3.4 ? http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. Dunno about cisco. med.umich.edu seems to run their own stuff, separately from umich.edu , and quite badly. I've complained about their setup repeatedly over the past several years. No traction. Is it something about Medical Schools? When we were first putting together the campus network, Surgery was running a Token Ring (I thought Vampire Tap was a fitting item for their inventory) running in Class D space as I recall. Should we try again, jointly? ;-) Towards the end, there were people who insisted I must rout their net to the Internets. I declined. -- Democracy: Three wolves and a sheep voting on the dinner menu. (A republic, using parliamentary law, protects the minority.) Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml -- = Charles L. Mills Westmoreland Co. ARES EC Amateur Radio Callsign W3YNI Email: w3y...@gmail.com
Using private APNIC range in US
Hi all, I have a client here in the US, that I just discovered is using a host of private IPs that (as I understand) belong to APNIC (i.e. 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. I'm assuming that the addresses probably nat to a [US] public IP. I'm not familiar enough with the use of private address space outside of ARIN (i.e. 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and accessible it must be working for them. I'm just wondering if there is any recommendation or practice around this -- using private IP ranges from another country. Thanks. --Jaren
Re: Using private APNIC range in US
I have a client here in the US, that I just discovered is using a host of private IPs that (as I understand) belong to APNIC (i.e. 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. Those aren't private IPs .. (in the RFC1918 sense) .. those are public IPs. They just weren't assigned until recently. accessible it must be working for them. I'm just wondering if there is any recommendation or practice around this -- using private IP ranges from another country. Thanks. Since they're already using NAT, it shouldn't be hard to renumber them into the appropriate RFC1918 space. Cheers, Michael Holstein Cleveland State University
Re: Using private APNIC range in US
1.0.0.0/8 is NOT private address space and never was. It was an arbitrary mis-use by your customer of space which is now part of the APNIC pool of addresses to issue in response to requests for new globally unique addresses. The result for your customer is that they've gotten away with treating it like RFC-1918 space (10/8, 172.16/12, 192.168/16) so far because there was no legitimate external use of that address. RFC-1918 in ARIN is the same as everywhere else. There is no region- specific aspect of it. What will happen if your customer does not renumber out of 1/8 is that there will be a portion of the internet rightfully using 1/8 that will be unreachable from your customer's internal systems and any requests to those legitimate hosts in 1/8 will be erroneously routed within your customer's premises. There are other possible issues if your cusotmer leaks DNS entries containing A records pointed towards 1/8 hosts as well. Hope that helps. Owen On Mar 18, 2010, at 8:52 AM, Jaren Angerbauer wrote: Hi all, I have a client here in the US, that I just discovered is using a host of private IPs that (as I understand) belong to APNIC (i.e. 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. I'm assuming that the addresses probably nat to a [US] public IP. I'm not familiar enough with the use of private address space outside of ARIN (i.e. 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and accessible it must be working for them. I'm just wondering if there is any recommendation or practice around this -- using private IP ranges from another country. Thanks. --Jaren
Re: Using private APNIC range in US
On 3/18/2010 11:22, Jaren Angerbauer wrote: It sounds like this range was just recently assigned -- is there any document (RFC?) or source I could look through to learn more about this, and/or provide evidence to my client? See related traffic on this list, for openers. -- Democracy: Three wolves and a sheep voting on the dinner menu. (A republic, using parliamentary law, protects the minority.) Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: Using private APNIC range in US
Are they using them only within their domain(s), and ARIN addresses outside, or are they advertising them to their upstream(s) to be readvertised into the backbone? If they are using them internally and NAT'ing to the outside, they're not hurting themselves or anyone else. I would personally let them alone. If they are advertising them outside, it adds a small prefix in the ARIN domain that doesn't get aggregated by the upstream. Among 300K such prefixes it is probably noise, but gently suggesting that they use something aggregatable into their upstream's allocation would help a little bit in that regard. What they are most likely hurting is themselves, really; a datagram sent to the address from an ISP outside themselves probably travels via Australia or an Australian ISP. On Mar 18, 2010, at 8:52 AM, Jaren Angerbauer wrote: Hi all, I have a client here in the US, that I just discovered is using a host of private IPs that (as I understand) belong to APNIC (i.e. 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. I'm assuming that the addresses probably nat to a [US] public IP. I'm not familiar enough with the use of private address space outside of ARIN (i.e. 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and accessible it must be working for them. I'm just wondering if there is any recommendation or practice around this -- using private IP ranges from another country. Thanks. --Jaren http://www.ipinc.net/IPv4.GIF
Re: Using private APNIC range in US
On Thu, Mar 18, 2010 at 09:34:47AM -0700, Fred Baker wrote: Are they using them only within their domain(s), and ARIN addresses outside, or are they advertising them to their upstream(s) to be readvertised into the backbone? If they are using them internally and NAT'ing to the outside, they're not hurting themselves or anyone else. I would personally let them alone. Right up until someone actually starts *using* 1/8, in which case they're hurting both themslves, and who ever gets stuck with it. If they are advertising them outside, it adds a small prefix in the ARIN domain that doesn't get aggregated by the upstream. Among 300K such prefixes it is probably noise, but gently suggesting that they use something aggregatable into their upstream's allocation would help a little bit in that regard. What they are most likely hurting is themselves, really; a datagram sent to the address from an ISP outside themselves probably travels via Australia or an Australian ISP. On Mar 18, 2010, at 8:52 AM, Jaren Angerbauer wrote: Hi all, I have a client here in the US, that I just discovered is using a host of private IPs that (as I understand) belong to APNIC (i.e. 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. I'm assuming that the addresses probably nat to a [US] public IP. I'm not familiar enough with the use of private address space outside of ARIN (i.e. 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and accessible it must be working for them. I'm just wondering if there is any recommendation or practice around this -- using private IP ranges from another country. Thanks. --Jaren http://www.ipinc.net/IPv4.GIF -- --
Re: Using private APNIC range in US
RFC1918 is a good place to start ;) On 3/18/2010 10:22 AM, Jaren Angerbauer wrote: Thanks all for the on / off list responses on this. I acknowledge I'm playing in territory I'm not familiar with, and was a bad idea to jump to the conclusion that this range was private. I made that assumption originally because the entire /8 was owned by APNIC, and just figured since the registrar owned them, it must have been a private range. :S It sounds like this range was just recently assigned -- is there any document (RFC?) or source I could look through to learn more about this, and/or provide evidence to my client? Thanks, Jaren -- Tom Ammon Network Engineer Office: 801.587.0976 Mobile: 801.674.9273 Center for High Performance Computing University of Utah http://www.chpc.utah.edu
Re: Using private APNIC range in US
Excerpts from Jaren Angerbauer's message of Thu Mar 18 09:22:40 -0700 2010: Thanks all for the on / off list responses on this. I acknowledge I'm playing in territory I'm not familiar with, and was a bad idea to jump to the conclusion that this range was private. I made that assumption originally because the entire /8 was owned by APNIC, and just figured since the registrar owned them, it must have been a private range. :S It sounds like this range was just recently assigned -- is there any document (RFC?) or source I could look through to learn more about this, and/or provide evidence to my client? There's a couple of relevant documents you could refer them to: IANA's IPv4 Address Space Registry ( http://www.iana.org/assignments/ipv4-address-space/ ), which will show you a listing of which registries and various entities are assigned /8 chunks of IPv4 space. There's some interesting names and historical registrations in there (including 1.0.0.0/8's recent allocation to APNIC) There's also an RFC, RFC1918 that sets aside some IPv4 space for private, ad-hoc use. http://www.faqs.org/rfcs/rfc1918.html This is also a good lay reference: http://en.wikipedia.org/wiki/Private_network Have fun, jof
Re: Using private APNIC range in US
On Mar 18, 2010, at 9:34 AM, Fred Baker wrote: Are they using them only within their domain(s), and ARIN addresses outside, or are they advertising them to their upstream(s) to be readvertised into the backbone? If they are using them internally and NAT'ing to the outside, they're not hurting themselves or anyone else. I would personally let them alone. Except you're missing a keyword on the not hurting themselves part of that... It's YET. Once 1.0.0.0/8 starts getting used in the wild for legitimate sites, it means that this customer won't be able to reach the legitimate 1.0.0.0/8 sites from within their environment and it won't be immediately intuitive to debug the failures. If they are advertising them outside, it adds a small prefix in the ARIN domain that doesn't get aggregated by the upstream. Among 300K such prefixes it is probably noise, but gently suggesting that they use something aggregatable into their upstream's allocation would help a little bit in that regard. What they are most likely hurting is themselves, really; a datagram sent to the address from an ISP outside themselves probably travels via Australia or an Australian ISP. The route announcement notwithstanding, they're using space that does not belong to them and will belong to someone else in the near future. If you think that is OK, please let me know what your addresses are so that I can start re-using them. Owen On Mar 18, 2010, at 8:52 AM, Jaren Angerbauer wrote: Hi all, I have a client here in the US, that I just discovered is using a host of private IPs that (as I understand) belong to APNIC (i.e. 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. I'm assuming that the addresses probably nat to a [US] public IP. I'm not familiar enough with the use of private address space outside of ARIN (i.e. 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and accessible it must be working for them. I'm just wondering if there is any recommendation or practice around this -- using private IP ranges from another country. Thanks. --Jaren http://www.ipinc.net/IPv4.GIF
Re: Using private APNIC range in US
On Mar 18, 2010, at 2:25 PM, Owen DeLong wrote: On Mar 18, 2010, at 9:34 AM, Fred Baker wrote: Are they using them only within their domain(s), and ARIN addresses outside, or are they advertising them to their upstream(s) to be readvertised into the backbone? If they are using them internally and NAT'ing to the outside, they're not hurting themselves or anyone else. I would personally let them alone. Except you're missing a keyword on the not hurting themselves part of that... It's YET. Once 1.0.0.0/8 starts getting used in the wild for legitimate sites, it means that this customer won't be able to reach the legitimate 1.0.0.0/8 sites from within their environment and it won't be immediately intuitive to debug the failures. If they are advertising them outside, it adds a small prefix in the ARIN domain that doesn't get aggregated by the upstream. Among 300K such prefixes it is probably noise, but gently suggesting that they use something aggregatable into their upstream's allocation would help a little bit in that regard. What they are most likely hurting is themselves, really; a datagram sent to the address from an ISP outside themselves probably travels via Australia or an Australian ISP. The route announcement notwithstanding, they're using space that does not belong to them and will belong to someone else in the near future. If you think that is OK, please let me know what your addresses are so that I can start re-using them. Does anyone know if the University of Michigan or Cisco are going be updating their systems and documentation to no longer use 1.2.3.4 ? http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. - Jared
Re: Using private APNIC range in US
On Mar 18, 2010, at 2:25 PM, Owen DeLong wrote: On Mar 18, 2010, at 9:34 AM, Fred Baker wrote: Are they using them only within their domain(s), and ARIN addresses outside, or are they advertising them to their upstream(s) to be readvertised into the backbone? If they are using them internally and NAT'ing to the outside, they're not hurting themselves or anyone else. I would personally let them alone. Except you're missing a keyword on the not hurting themselves part of that... It's YET. Once 1.0.0.0/8 starts getting used in the wild for legitimate sites, it means that this customer won't be able to reach the legitimate 1.0.0.0/8 sites from within their environment and it won't be immediately intuitive to debug the failures. While the analysis above is correct, the original poster talked about the 1/8 addressing being used on web server farms with translation of incoming connections. Sounds like load balancers using 1/8 for the addresses behind them and on the servers that are providing the service. As such, prospective users of the web site(s) provided by the outfit will not function for broadband users and such who get allocated addresses from 1/8. Reality of course is that both are true, but in terms of who gets hurt the issue here may well be a large server farm that is inaccessible from consumer networks in places in Asia. As you note, debugging this type of thing is often not intuitive, as everything appears to work from almost everywhere. If they are advertising them outside, it adds a small prefix in the ARIN domain that doesn't get aggregated by the upstream. Among 300K such prefixes it is probably noise, but gently suggesting that they use something aggregatable into their upstream's allocation would help a little bit in that regard. What they are most likely hurting is themselves, really; a datagram sent to the address from an ISP outside themselves probably travels via Australia or an Australian ISP. The route announcement notwithstanding, they're using space that does not belong to them and will belong to someone else in the near future. If you think that is OK, please let me know what your addresses are so that I can start re-using them. A scenario repeated many times over the years. In the 1990s, it was common to see leakage of the address blocks of vendors that were used in documentation for routers, workstations, etc., as people would look at examples in the manual, and use the exact IP addresses shown, not understanding the go get your own addresses first part of the process. Owen On Mar 18, 2010, at 8:52 AM, Jaren Angerbauer wrote: Hi all, I have a client here in the US, that I just discovered is using a host of private IPs that (as I understand) belong to APNIC (i.e. 1.7.154.70, 1.7.154.00-99, etc.) for their web servers. I'm assuming that the addresses probably nat to a [US] public IP. I'm not familiar enough with the use of private address space outside of ARIN (i.e. 192.0.0.0, 10.0.0.0, etc) but I figure if their sites are up and accessible it must be working for them. I'm just wondering if there is any recommendation or practice around this -- using private IP ranges from another country. Thanks. --Jaren http://www.ipinc.net/IPv4.GIF
Re: Using private APNIC range in US
On 3/18/10 2:35 PM, Jared Mauch wrote: Does anyone know if the University of Michigan or Cisco are going be updating their systems and documentation to no longer use 1.2.3.4 ? http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. Dunno about cisco. med.umich.edu seems to run their own stuff, separately from umich.edu, and quite badly. I've complained about their setup repeatedly over the past several years. No traction. Should we try again, jointly? ;-)
Re: Using private APNIC range in US
On 3/18/2010 14:30, William Allen Simpson wrote: On 3/18/10 2:35 PM, Jared Mauch wrote: Does anyone know if the University of Michigan or Cisco are going be updating their systems and documentation to no longer use 1.2.3.4 ? http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. Dunno about cisco. med.umich.edu seems to run their own stuff, separately from umich.edu, and quite badly. I've complained about their setup repeatedly over the past several years. No traction. Is it something about Medical Schools? When we were first putting together the campus network, Surgery was running a Token Ring (I thought Vampire Tap was a fitting item for their inventory) running in Class D space as I recall. Should we try again, jointly? ;-) Towards the end, there were people who insisted I must rout their net to the Internets. I declined. -- Democracy: Three wolves and a sheep voting on the dinner menu. (A republic, using parliamentary law, protects the minority.) Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: Using private APNIC range in US
I once had a customer who for some reason had all their printers on public addresses they didn't own. Not advertising them outside, but internally whenever a user browsed to a external site that happened to be one of the addresses used, they would just receive a HP or Konica login page :) They didn't mind though. No idea if they've changed it since. On Fri, Mar 19, 2010 at 6:41 AM, Larry Sheldon larryshel...@cox.net wrote: On 3/18/2010 14:30, William Allen Simpson wrote: On 3/18/10 2:35 PM, Jared Mauch wrote: Does anyone know if the University of Michigan or Cisco are going be updating their systems and documentation to no longer use 1.2.3.4 ? http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. Dunno about cisco. med.umich.edu seems to run their own stuff, separately from umich.edu, and quite badly. I've complained about their setup repeatedly over the past several years. No traction. Is it something about Medical Schools? When we were first putting together the campus network, Surgery was running a Token Ring (I thought Vampire Tap was a fitting item for their inventory) running in Class D space as I recall. Should we try again, jointly? ;-) Towards the end, there were people who insisted I must rout their net to the Internets. I declined. -- Democracy: Three wolves and a sheep voting on the dinner menu. (A republic, using parliamentary law, protects the minority.) Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
