|
Home > Archive > CCNA > September 2003 > Are private IP's routable?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Are private IP's routable?
|
|
| digitalsoul 2003-09-14, 8:39 pm |
| How do routers deal with the three private IP blocks, i.e,:
10.0.0.0 - 10.255.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
My understanding that these IP's are not broadcasted across the Internet but are rahter presented using NAT address. But how do routers within an autonomus system, e. g, local rotuer deal with these IP blocks? | |
|
| same way.
they are not routable across the internet because they are explicitly excluded by isp, core etc, not because there is anything fundamentally unroutable with these range.
"Routers in networks not
using private address space, especially those of Internet service
providers, are expected to be configured to reject (filter out)
routing information about private networks. "
http://www.faqs.org/rfcs/rfc1918.html
for enterprise with internal routing using private addresses, they need to follow good guidelines, NSA
IP Address Spoof Protection
The filtering suggestions in this sub-section are applicable to border routers, and most
interior routers. With backbone routers, it is not always feasible to define ‘inbound’
and ‘outbound’.
Inbound Traffic
Do not allow any inbound IP packet that contains an IP address from the internal
network (e.g., 14.2.6.0), any local host address (127.0.0.0/8), the link-local DHCP
default network (169.254.0.0/16), the documentation/test network (192.0.2.0/24), or
any reserved private addresses (refer to rfc 1918) in the source field. Also, if your
network does not need multicast traffic, then block the IP multicast address range
(224.0.0.0/4). Apply this access list to the external interface of the router, as shown
in the transcript below.
http://www.nsa.gov/snac/cisco/guides/cis-2.pdf <--- good thing to read. |
|
|
|
|