[Date Prev][Date Next
][Thread Prev][Thread Next
- To: TCP-Group@ucsd.edu
- Subject: Re: RFC1597
- From: Geert Jan de Groot <GeertJan.deGroot@ripe.net>
- Date: Thu, 01 Dec 1994 01:17:59 +0100
- In-reply-to: Your message of "Mon, 28 Nov 1994 04:30:02 PST." <199411281230.EAA07672@ucsd.edu>
- Sender: GeertJan.deGroot@ripe.net
On Mon, 28 Nov 94 04:30:02 PST Advanced Amateur Radio Networking Group wrote:
> Date: Sun, 27 Nov 94 16:34:30
> From: kz1f@RELAY.HDN.LEGENT.COM
> Subject: Should we share?
> Louie said...
> > These guys can use network 10.0.0.0, which is one of a set of 3 IP
> > network numbers which have been designated as "not connected" to the
> > rest of the internet. If you *never* expect to connect to the
> > Internet (or someone else using one of these network numbers) then you
> > can just use this addres space.
> > There's an RFC which describes the use of these nets, I don't recall
> > what it is off hand.
> I was not aware there were special networks set aside for encapsulated
> groups. If using 10 net is OK if you NEVER connect to i-net, how is that
> different than using 129. or 155. or (what is NATO?)?? If its guaranteed
> that you'll never connect what difference does it make?
> The point is still valid, however, that we (amprnet) should NOT connect
> these guys nor should we sublet our network to them.
The point of RFC1597 is that even if you connect to the Internet
via a firewall or tunnel, you can tell which numbers are 'internal'
and which are 'external'. If you would pick net 188.8.131.52/8 as private
net, you would not be able to talk to the 'official' net 27,
even via a firewall, because the firewall cannot tell which of these
numbers are internal or external.
Firewalls in the form of application layer gateways are very common,
which is where RFC1597 is intended for. Getting address space these
days isn't easy (I can tell; I work for one of the three regional
registries), and RFC1597 allows people to go crazy with address space
if they just want to use TCP/IP and not plan to have full direct link-layer
connectivity to the Internet (think of banks, electricity companies using
IP to read out their meters, companies with sensitive info and such),
then RFC1597 may be an easy way out.
The network numbers mentioned in RFC1597 are official. There is a
counter-document (RFC1627) but some of the things listed there
(such as deassigning the address space assigned in RFC1597)
has been denied by the IAB.
The authors of both have been asked to provide a merger document.
Given today's guidelines, AMPRnet would never have obtained a class
A network number today. The address space is grossly underutilized;
we are not even close to the 17 million hosts a class A net allows.
I feel that the administrative convience provided by looking
at the first octet is weak at best and not correct; there is
no guarantee that non-licensees will not use part of this address
space illegally and routes will not leak out.
Worse, because of differences in licensing, selecting service
is incorrect: most places do not allow 3rd part traffic. If a US
ham sends a 3rd party message via net 44 and a non-US ham would pick
it up, he would be in danger of losing his license.
Because of the global shortage of IP address space, I suggest that
some of it might be returned just to be a good network citizen.
I must comment, that announcing a chunk of a class A network isn't
easy, and that this is fully understood by whoever gets it.
I understand that using the CB band as cheap Internet link is
not legal anywhere in the world. If that is true, I see no
reason for CRS not to use private address space.
73, Geert Jan PE1HZG
(I'm one of the authors of RFC1597)
- Re: RFC1597
- From: email@example.com (Brian Kantor)