[ale] 5.x.x.x IP range
Edward Holcroft
eholcroft at mkainc.com
Fri Dec 13 21:55:03 EST 2013
Came across this from which glean that 5.0.0.0/8 was not always publicly
allocated:
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_10-3/103_awkward.html
The literature says it was used until recently by Hamachi
http://en.wikipedia.org/wiki/Hamachi_(software). I am wondering if one of
my colleagues sneaked in a Hamachi server somewhere on the network that
is handing these IP's to the PPTP clients.
ed
On Fri, Dec 13, 2013 at 5:54 PM, Michael B. Trausch <mbt at naunetcorp.com>wrote:
> On 12/13/2013 02:31 PM, Edward Holcroft wrote:
>
> What is 5.x.x.x? I've never heard of them before and am I allowed to use
> them? More importantly, where are they coming from? I never set anything to
> offer IP's in that range, unless it's some kind of default.
>
>
> The whois utility can tell you a good bit:
>
> - 5.0.0.0/8 is *allocated* for assignment by RIPE, meaning that these
> addresses belong in Europe.
> - Various chunks of it are assigned to ISPs and backbone links (e.g.
> 5.0.0.0/17).
>
> This means that you should absolutely not be using these IP addresses, as
> they *will* conflict with the public Internet.
>
> Verify that the configuration of the server handing out the addresses is
> correct; even Microsoft products should not intentionally be using IP
> address space that is not allocated to it, unless some administrator in the
> admin chain told it to figuring that it wouldn't hurt anything.
>
> Remember the private IPv4 networks:
>
> 1. 10.0.0.0/8 if you need something very large.
> 2. 172.16.0.0/12 if you need something moderately large and
> nonconflicting.
> 3. 192.168.0.0/16 if you need something recognizable. I don't use
> this range anymore, myself.
>
> I also use the TEST-NET-1 through TEST-NET-3 allocations for LAN-only
> testing of development apps and systems, but I never deploy anything with
> those addresses.
>
> For dial-in and VPN access, you should be using either addresses assigned
> to you by your upstream (e.g., your ISP or ARIN), RFC1918 space (one of the
> three ranges listed above), or assigned, delegated or organization-local
> IPv6 addressing.
>
> Ideally, the VPN should be its own routed subnet. This isn't always
> possible though, so many VPN servers will actually do proxy-ARP to make the
> VPN-connected peers appear to be on the local subnetwork.
>
> — Mike
> --
> [image: Naunet Corporation Logo] Michael B. Trausch
>
> President, *Naunet Corporation*
> ☎ (678) 287-0693 x130 or (855) NAUNET-1 x130
> FAX: (678) 783-7843
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
--
Edward Holcroft | Madsen Kneppers & Associates Inc.
11695 Johns Creek Parkway, Suite 250 | Johns Creek, GA 30097
O (770) 446-9606 | M (770) 630-0949
--
MADSEN, KNEPPERS & ASSOCIATES USA, MKA Canada Inc. WARNING/CONFIDENTIALITY
NOTICE: This message may be confidential and/or privileged. If you are not
the intended recipient, please notify the sender immediately then delete it
- you should not copy or use it for any purpose or disclose its content to
any other person. Internet communications are not secure. You should scan
this message and any attachments for viruses. Any unauthorized use or
interception of this e-mail is illegal.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20131213/32b1d1ec/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ehahdefc.png
Type: image/png
Size: 1701 bytes
Desc: not available
URL: <http://mail.ale.org/pipermail/ale/attachments/20131213/32b1d1ec/attachment.png>
More information about the Ale
mailing list