On Thu, 1 Sep 2011, Mustafa Shahanshah wrote:
I have multiple IP ranges 192.0.0.0/8, 172.0.0.0/8 and 10.0.0.0/8 One is allocated to the each sub company.
Not related to Squid, but you should know: neither 192.0.0.0/8 nor 172.0.0.0/8 are fully allocated for private use. Portions of those nets are Internet-routable and are explicitly assigned to specific owners, and if you actually do have the full /8 space allocated for them on your local networks you _will_ experience problems.
Even if you're not exposing those addresses to the Internet (e.g. possibly via TPROXY) you'll have problems because the users won't be able to access any resources on the public Internet portions of those nets because they think they are local resources.
The portions of those nets allocated for nonroutable private use are 192.168.0.0/16 (192.168.x.x) and 172.16.0.0/12 (172.16.0.0 - 172.31.255.255)
Consider what would happen on your network if (for example) the next Google gets assigned 192.100.x.x
Please see http://tools.ietf.org/html/rfc1918 -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhardin@xxxxxxxxxx FALaholic #11174 pgpk -a jhardin@xxxxxxxxxx key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Sheep have only two speeds: graze and stampede. -- LTC Grossman ----------------------------------------------------------------------- 266 days since the first successful private orbital launch (SpaceX)
