• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

IP Addressing Question

B

brshoemak

Member
Is there any reason I shouldn't use a 192.168.50.0 /23 addressing scheme?

Hear me out: I know most home and even SMB routers use 192.168.0.1 /24 or 192.168.1.0 /24 as default which can cause issues with VPNs if the networks overlap. However, the company is small and even if it grows it's not the type that will ever need a site-to-site VPN. I've also never seen hotels or any other wifi providing location hand out a 192.168.50.X IP range so remote access VPNs should be fine as well.

I know using 172.16.x.x or 10.x.x.x are also valid and usually preferred, but they have two other networks on separate internet connection that are using those two IP schemes (two separate call centers that only require internet) and I'd like to avoid confusion.
 
https://tools.ietf.org/html/rfc1918

Code: 
The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
It seems what you want to do it completely fine.
If you are afraid of overlapping with other people's address space, then you should realize that often there is NAT in between. A NAT router should take care of most of the problems with 2 sites using the same private addresses.
 
Yeah, I know about RFC1918 (private address space) - should've mentioned that before.

If two networks have overlapping IP ranges and try to ping something on the other side of the VPN with a shared address space, the originating network won't push the packets to the default gateway because it believe it is authoritative for that IP range and will drop the packets if nothing on the local network responds. You would have to do double-NAT, which is terrible, to allow VPN traffic to have it route to the proper endpoint.
 
If you are going through a NAT router, it does not matter what address scheme you use inside your private network, as that IP never leaves the "inside" network.
 
There are 100 Millions people with home network running 192.168.x.x.

It does not seem to be a Problem.



😎
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top