On Wed, 2005-03-09 at 08:39, Zdenek Radouch wrote: > At 07:39 AM 3/9/05 -0500, jamal wrote: [..] > Imagine a simple gateway, connecting two parts of your company > - the east > interface connects to a corporate net with a default gateway, the west net > is the software dept. net. Now imagine that you give your internal line card > in this simple gateway a "_whatever_" address, say 18.7.22.69. > Your gateway now has a route 18.7.22.69/32 -> dev linecard > Now please tell me what happens when a guy on the west net tries > to check his MIT evening class schedule. Are we still talking about the same problem? The linecards addresses and interconnect interfaces are "internal". They are never advertised/seen outside of the chasis. So if you choose 18.7.22.69/32 to use internally you make sure it is never advertised to the outside world as belonging to you. If you have to advertise it or actually know it is used, then you must deal with the conflict. Of course, there are "externally" visible addresses which are seen outside the chasis; How you end up connecting internal inter-line card is your problem - lets say there are more than one ways and infact you may never even need to use IP. > >a) using private addresses implies possibility of conflict of addresses > >within customer's network. To quote Zdenek: > >You couldn't walk in the NOC and tell them: "You can't use the 10.x > >net to manage your equipment - my box is already using that net". > >Conclusion: > >You walk into the NOC and say "can i use 10.0.0.x/22 subnet" they say "no > >thats going to collide use 10.0.0.0/28" > > In real world, where you pay for addresses and for people's time, no one > will give you *their* address for *your* interconnect. Not a public address, > and not a RFC1918 address. Your interconnect is your problem, > they are neither interested nor paid to deal with your design issues. > I dont think i was saying anything different. > > >a') Using 127.x addresses. You -> NOC "can i use 127.0.0.x/22 subnet" > > I know I can use it. I own it as per RFC 3330. > RFC 3300 does not give you any rights to use it the way you are. To quote RFC 3300: -- A datagram sent by a higher level protocol to an address anywhere within this block should loop back inside the host. --- > >So tell me what i am missing! > > Experience of having built a router. Sorry to be so blunt. > Youd be the first person to ever accuse me of that. Lets say I have never needed this hack; the key is to be able to clearly demarcate what are _internal and external interfaces as well as what are internal and external IP addresses_. Yes, you can do it with Linux. What you seem to be counting on is you being the only person ever using the hack. In other words, survival via obscurity. If the router upstream from you used the same hack you end up being in trouble. You seem to be getting angry, it may be time to end the discussion. cheers, jamal - : send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
