Andrew sent me the following question: “I'm pushing to start a conversation about IPv6 in my organization, but meanwhile I've no RFC 1918 space left. What's your take on 100.64.0.0/10 - it's seems like this is available for RFC 1918 purposes, even if not intentionally?”
Short answer: Don’t even think about that!
What is shared IPv4 address space?
The shared IPv4 address space (defined in RFC 6598) is non-private IPv4 address space that the service providers can use to deploy carrier-grade NAT (CGN) services.
Why do they need it?
Imagine the following scenario: your SOHO router (CPE) is connected to a residential ISP network. The ISP ran out of IPv4 addresses and deployed CGN to offer at least some IPv4 connectivity to new customers.
Unless the ISP uses MAP-E or DS-Lite (both of them use IPv6 in the physical access network), they still have to assign an IPv4 address to the outside interface of the CPE, but they don’t have any public addresses left. They cannot use RFC1918 address space because the outside IPv4 address assignment might overlap with whatever you’re using internally. The only solution is another block of non-public IPv4 addresses – 100.64.0.0/10.
Why can’t I use 100.64.0.0/10 within my network?
Imagine the scenario from the previous paragraph in reverse: you’re using 100.64.0.0/10 within your enterprise network and a remote site gets assigned an IP subnet from the same address block on the outside interface. Someone is bound to be confused – first a router (or a few of them), then the poor engineer troubleshooting weird connectivity failures.
You could “solve” the problem by using VRFs on the remote site routers – put the Internet interface in a separate VRF (separating internal and public address spaces), use inter-VRF NAT for direct Internet access, and run IPsec tunnel with your corporate network across a transport VRF.
Scratch that! Stop being MacGyver and tell your manager it’s high time to move to IPv6 because you have the same problem as everyone else: you ran out of IPv4 addresses.
New to IPv6?
Start with Enterprise or Service Provider introduction webinars, the work your way through the whole IPv6 webinars roadmap. You can also get them all by buying IPv6 trilogy or the yearly subscription.