> No, Mehmet's public IP was _not_ from the RFC 1918 172.16.0.0/16 range.
I was guessing the same thing. It wouldn't matter even behind NAT if you are using RFC 1918 unless you are building a tunnel into the VPC since in the AWS VPC, you are behind a NAT / Internet Gateway for anything to reach the public IPv4 internet. - Javier On Fri, Oct 11, 2019 at 7:48 AM Jay Borkenhagen <j...@braeburn.org> wrote: > I'm surprised that no one else has corrected this, so allow me to do > so for the record. > > No, Mehmet's public IP was _not_ from the RFC 1918 172.16.0.0/16 > range. > > One of the public ipv4 ranges that AT&T assigns subscriber addresses > from is 172.0.0.0/12: [ 172.0.0.0 - 172.15.255.255 ] > > https://whois.arin.net/rest/net/NET-172-0-0-0-1 > > One of the private ipv4 ranges set aside by RFC 1918 is the > neighboring 172.16.0.0/12: [ 172.16.0.0 - 172.31.255.255 ] > > https://whois.arin.net/rest/net/NET-172-16-0-0-1 > > > > We notice more mis-originations of our 172.0.0.0/12 space and its > more-specifics than any of our other ipv4 blocks, probably because > other folks are similarly confused. So please, if you intend to use > RFC1918 space, please check your filters to make sure you're using > 172.16.0.0/12 and not our 172.0.0.0/12. > > Jay B. > > > Mehmet Akcin writes: > > Yes > > > > On Wed, Oct 9, 2019 at 20:46 Javier J <jav...@advancedmachines.us> > wrote: > > > > > I'm just curious, was the ip in the RFC 1918 172.16.0.0/16 range? > > > > > > https://tools.ietf.org/html/rfc1918 > > > > > > > > > > > > On Mon, Oct 7, 2019 at 6:01 PM Mehmet Akcin <meh...@akcin.net> wrote: > > > > > >> To close the loop here (in case if someone has this type of issue in > the > > >> future), I have spoken to AT&T instead of trying to work it out with > AWS > > >> Hosted Vendor, Reolink. > > >> > > >> AT&T Changed my public IP, and now I am no longer in that 172.x.x.x > > >> block, everything is working fine. > > >> > > >> mehmet > > >> > > >> On Thu, Oct 3, 2019 at 2:54 PM Javier J <jav...@advancedmachines.us> > > >> wrote: > > >> > > >>> Auto generated VPC in AWS use RFC1819 addresses. This should not > > >>> interfere with pub up space. > > >>> > > >>> What is the exact issue? If you can't ping something in AWS chances > are > > >>> it's a security group blocking you. > > >>> > > >>> > > >>> > > >>> On Tue, Oct 1, 2019, 7:00 PM Jim Popovitch via NANOG < > nanog@nanog.org> > > >>> wrote: > > >>> > > >>>> On October 1, 2019 9:39:03 PM UTC, Matt Palmer < > mpal...@hezmatt.org> > > >>>> wrote: > > >>>> >On Tue, Oct 01, 2019 at 04:50:33AM -0400, Jim Popovitch via NANOG > > >>>> >wrote: > > >>>> >> On 10/1/2019 4:09 AM, Christopher Morrow wrote: > > >>>> >> > possible that this is various AWS customers making > > >>>> >iptables/firewall mistakes? > > >>>> >> > "block that pesky rfc1918 172/12 space!!" > > >>>> >> > > >>>> >> AWS also uses some 172/12 space on their internal network (e.g. > the > > >>>> >network > > >>>> >> that sits between EC2 instances and the AWS external firewalls) > > >>>> > > > >>>> >Does AWS use 172.0.0.0/12 internally, or 172.16.0.0/12? They're > > >>>> >different > > >>>> >things, after all. > > >>>> > > > >>>> > > >>>> I don't know their entire operations, but they do use some > > >>>> 172.16.0.0/12 > > >>>> addresses internally. And yes, that is very different than 172/12, > sorry > > >>>> for the confusion. > > >>>> > > >>>> -Jim P. > > >>>> > > >>>> -- > > Mehmet > > +1-424-298-1903 >