25 Apr
2014
25 Apr
'14
7:23 p.m.
On 2014-04-25 10:15, K7VE - John wrote:
(Please trim inclusions from previous messages)
_______________________________________________
I was using 10.x.x.x for illustration. The point being non-routable vs routable address
space.
I have never understood people who use 10.x.x.x/8 in a home network or in a rack at a
data center. There is a class B space 172.16.x.x if you have more than 256 hosts, and
there are 256 class C networks... but that's just me.
Well, what happens is that people get burned with conflicts using
192.168.0.x/24 or 192.168.1.x/24, when they add a new device to their
network, and they seek to escape to 10.x.x.x/8, planning to avoid such
conflicts, and run straight into VPN issues with everyone else that
thinks that way.
It doesn't take much effort or equipment to run a DMZ in a separate
private-IP space from your LAN, and then if you have a VPN IP-address
conflict in your DMZ, you can change IP addresses (or even network
address space) there without affecting your LAN.
Also, just because the 192.168.x.x block is 256 /24 networks, doesn't
mean that you have to use it that way (ditto for 172.1x.x.x needing to
be 16 /16 networks). I run a DMZ using 192.168.0.x/18, but only one
host is in 192.168.0.x/24 (to deal with devices new to the network).
Yes, I know this is all old-hat to most of us, but since the subject
came up ...
ps: If anyone ever intends to network with, to, or through D-Star
DD-mode nodes, note that those are hard-allocated to the 10.x.x.x/8 block.