IP Routing Question
Brian Densmore
DensmoreB at ctbsonline.com
Wed Jan 3 16:36:32 CST 2001
Mike,
> And then Mike wrote:
>
> It would work BUT it would require writing many RFCs. I am
> going to say you
> definitely do not want to use a private IP between two public
> sites. Problems
I tend to agree here, but for different reasons.
> will arise when duplicate networks appear behind a company's
> firewall and out
> on the internet. Internal routers will route internet
> traffic destined for
> private IPs on the internet to the same internal network
> number. You're
> proposing nothing short of moving private address space back
> into the public.
>
> If you wanted to use private IPs in the public internet, you
> can't guarantee
> uniqueness. In IP this create....well a problem. So if you
> nail it down to
> one reason why you should not do this, it would be duplicate
> IP networks and
> addressing. I hope this helps.
>
> Mike
>
But if the routers know about the "internal routes" and any requests for
"public Target" come in then Router 1 says "Yes I have a route to Target and
that route is Public IP -> route thru me -> Public IP" then there should be
no confusion as long Router 1 isn't stupid enough to broadcast the private
IP. Certainly not all routers will be smart enough to do this, but many can.
I'd like to see how traceroute and the routers handle this.
We actually have a setup like this but the routers are locked down and
bounce most of the traffic, especially traceroute (although there have been
a few times they have opened up the routers to troubleshoot and I got some
really strange traceroutes back [being inquisitive as I am and all]!). On
the flip side, one of the firewall boxes rejects all traffic from public to
private to public in one direction and does address translation in the
other.
Brian
More information about the Kclug
mailing list