Private IP addresses in public networks

Did you want to use private IP addresses in a public network? The short recommendation is: “don't”. If you use them in the network core, your customers might have problems with network troubleshooting; if you assign them to your customers and use NAT or PAT, you've just created serious security issues. You can find more details in the Avoiding private IP security risks in public networks article I wrote for SearchTelecom.com.

The list of all articles I wrote for SearchTelecom is available in the CT3 wiki.

2 comments:

  1. Thanks for the nice summary.

    One thing to add is that assigning non-public/reserved IP address space to public transit networks not only might cause problems with troubleshooting (traceroute), but also can cause PMTUD to break.

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.