Re: [Using Register IP Address on your Private network]
Hi, As far as I know, we use registered addresses only if we are directly connected to internet. Else there should be no problem to use un registered ip addresses for you= r private network. Pls anyone let me know if I am wrong Ganesh CCNA Hyderabad India [EMAIL PROTECTED] wrote: I have a question here? Why would anyone use register addresses on the= ir = private network, while you can use UN-register addresses like 10.X.X.X ? = Do = you really need to burn register addresses on a private network? = I would like to hear anyone opinion on this subject Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: [Using Register IP Address on your Private network]
Well, you could do either actually. With an unconnected network you could use private addresses (unregistered) or you could use registered addresses (in fact you could use someone elses registered addresses but I wouldn't recommend it). With a connected network you could also use either private or registered, the difference would be that if you use private addresses you would have to have NAT (network address translation) running on your border router which will convert your private addresses to public registered ones. At 07:18 PM 1/10/01 +0530, you wrote: >Hi, > >As far as I know, we use registered addresses only if we are directly >connected to internet. > >Else there should be no problem to use un registered ip addresses for you= >r >private network. > >Pls anyone let me know if I am wrong > >Ganesh >CCNA >Hyderabad >India >[EMAIL PROTECTED] wrote: > >I have a question here? Why would anyone use register addresses on the= >ir = > >private network, while you can use UN-register addresses like 10.X.X.X ? = >Do = > >you really need to burn register addresses on a private network? = > > >I would like to hear anyone opinion on this subject > >Brian > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using Register IP Address on your Private network
We had a MASSIVE dispute within our company about this. We bought another company and they uses registered IPs on everything down to the workstation. They claimed NAT caused problems with most programs and it was just easier to use registered IPs. We had a meeting with 3 different CCIE's that worked for Cisco and 2 security consulting firms and decided, although it would be nice to use registered IPs, it was more efficient and secure to use private IPs. We then tested the "apps that won't work with NAT" and found 99 percent of them worked fine if the server and firewalls where configed correctly. Don't get me wrong, NAT can and does have some minor downfalls but overall, in my opinion, it's does its job. regards, Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 10, 2001 7:08 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Using Register IP Address on your Private network I have a question here? Why would anyone use register addresses on their private network, while you can use UN-register addresses like 10.X.X.X ? Do you really need to burn register addresses on a private network? I would like to hear anyone opinion on this subject Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using Register IP Address on your Private network
For a service provider, all management workstations have to use real address even though they sit inside the network. Otherwise you have the risk of conflicting ip addresses with the customers. A bad example, Newbridge vivid switch uses 10/8 address for their in-band communciation and assume that users will never use 10/8 to management their switch. The result -- you can't set the ip address of vivid switch to 10/8. Cheers, --- Curtis Call <[EMAIL PROTECTED]> wrote: > Well NAT does cause problems for some applications for which you will need > real addresses. I can't think of any business applications off the top of > my head but being a gamer I've run into this problem when trying to host > games. > > At 08:08 AM 1/10/01 -0500, you wrote: > > >I have a question here? Why would anyone use register addresses on > their > >private network, while you can use UN-register addresses like 10.X.X.X ? > Do > >you really need to burn register addresses on a private network? > > > >I would like to hear anyone opinion on this subject > > > >Brian > > > >_ > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using Register IP Address on your Private network
Using addressed outside of the 1918 space that are properly registered with a registry can have some benefit to those organization that possess a sufficient quantity of them to suit their needs. The question I would ask would be; "what do you gain by using the 1918 space when you have enough unique address space to suit your current and future needs?" With the explosion of inter connectivity between organizations for business partnerships, mergers/acquisitions etc, having unique address space will ensure that duplicate addressing across an intranet/extranet is never a challenge you have to deal with. Naturally, if your addressing space is slim, you will be forced into unregistered addressing space. Pete *** REPLY SEPARATOR *** On 1/10/2001 at 8:08 AM [EMAIL PROTECTED] wrote: >I have a question here? Why would anyone use register addresses on their >private network, while you can use UN-register addresses like 10.X.X.X ? Do >you really need to burn register addresses on a private network? > >I would like to hear anyone opinion on this subject > >Brian > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using Register IP Address on your Private network
>Curtis Call <[EMAIL PROTECTED]> wrote, >Well NAT does cause problems for some applications for which you will need >real addresses. I can't think of any business applications off the top of >my head but being a gamer I've run into this problem when trying to >host games. As you very correctly observe, multiplayer games very often break with NAT. The underlying reason tends to be that these games have various home-brewed multicast routing protocols that depend on IP addresses to manage the leaves of the multicast tree. NAT is part of an even broader problem about "Internet transparency." Fundamentally, the Internet was designed in accordance with the "end to end assumption," in which it could be assumed that an IP address was constant from endpoint to endpoint. Other things, such as tunneling, encryption, etc., also create this problem. There are some excellent papers by Brian Carpenter and Eliot Lear, among others, about the broad problem. Unfortunately, I can't remember if these stayed at Internet Draft or went to RFC. There have been discussions at the Internet Activities Board level on these problems. Lots of material at the IETF NAT Working Group: http://www2.ietf.org/html.charters/nat-charter.html, including drafts: ---Traditional IP Network Address Translator (Traditional NAT) ---Protocol Complications with the IP Network Address Translator (NAT) ---NAT Friendly Application Design Guidelines Some of the protocols that often break are things that have IP addresses inside application layer packets (SNMP, FTP, DNS), applications that do redirection (HTTP, FTP, RPC), applications that do reverse DNS lookup, etc. In my new book, WAN Survival Handbook, I go through at least 12 kinds of NAT. Basic NAT, which deals simply with IP packets and TCP/UDP checksums, is inadequate for lots of applications and/or operational support of those applications. Realistic "NAT" tends to need upper layer awareness. > >At 08:08 AM 1/10/01 -0500, you wrote: > >> I have a question here? Why would anyone use register addresses on their >>private network, while you can use UN-register addresses like 10.X.X.X ? Do >>you really need to burn register addresses on a private network? >> >>I would like to hear anyone opinion on this subject >> >>Brian >> >>_ >>FAQ, list archives, and subscription info: >>http://www.groupstudy.com/list/cisco.html >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using Register IP Address on your Private network
I'm just curious why people seem to disregard the concept of using NAT and registered addresses together? Just because you have unique addressing doesn't mean you have to announce the prefixes to the Internet. I would highly suggest you use registered space in the same way that you would use 1918 space. In this way, you can still take advantage of NAT for its limited role in security. If security is a key concern, NAT is really not a huge component of the solution. Organizations really need to embrace and enforce policy and support them with electronic means including properly configured and deployed firewalls, IDS systems, logging systems (physical/electronic) etc. *** REPLY SEPARATOR *** On 1/10/2001 at 8:47 AM Steve Smith wrote: >We had a MASSIVE dispute within our company about this. We bought >another company and they uses registered IPs on everything down to the >workstation. They claimed NAT caused problems with most programs and it >was just easier to use registered IPs. > >We had a meeting with 3 different CCIE's that worked for Cisco and 2 >security consulting firms and decided, although it would be nice to use >registered IPs, it was more efficient and secure to use private IPs. We >then tested the "apps that won't work with NAT" and found 99 percent of >them worked fine if the server and firewalls where configed correctly. > >Don't get me wrong, NAT can and does have some minor downfalls but >overall, in my opinion, it's does its job. > >regards, >Steve > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, January 10, 2001 7:08 AM >To: [EMAIL PROTECTED] >Cc: [EMAIL PROTECTED] >Subject: Using Register IP Address on your Private network > > > > I have a question here? Why would anyone use register addresses on >their >private network, while you can use UN-register addresses like 10.X.X.X ? >Do >you really need to burn register addresses on a private network? > >I would like to hear anyone opinion on this subject > >Brian > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using Register IP Address on your Private network
FYI, Netware 5 over IP does not work with NAT, as the NCP requests inside the packet are not translated. Migration to provate IP addressing can also take a long time, especially in a large enterprise where things such as DNS are involved. -Brant -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Curtis Call Sent: Wednesday, January 10, 2001 9:17 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Using Register IP Address on your Private network Well NAT does cause problems for some applications for which you will need real addresses. I can't think of any business applications off the top of my head but being a gamer I've run into this problem when trying to host games. At 08:08 AM 1/10/01 -0500, you wrote: >I have a question here? Why would anyone use register addresses on their >private network, while you can use UN-register addresses like 10.X.X.X ? Do >you really need to burn register addresses on a private network? > >I would like to hear anyone opinion on this subject > >Brian > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using Register IP Address on your Private network
Addressing authorities have the concepts of: Private address space Registered address space that is globally routable Registered address space that is NOT globally routable Admittedly, address space continues to be tight, and it's beginning to be time to start thinking about IPv6 (which has the same concepts). But it's certainly not unheard of to request unique space that will not go into the global table, for environments where it is specifically not planned to connect to the Internet, but where too many organizations are involved to coordinate private addressing. Think, for example, of interbank networks, credit authorization networks, and interagency classified networks. The address registries may put a caveat on an address request that you agree to renumber into provider-assigned space, or do a new justification, if you subsequently connect to the Internet. IPv6 finally has a "killer application." The third generation wireless industry has mandated V6, so we now have a real driver for its use. Don't expect everything to convert overnight -- hey, I still see Bisync that hasn't gone to SNA. Peter van Oene wrote, >I'm just curious why people seem to disregard the concept of using >NAT and registered addresses together? Just because you have unique >addressing doesn't mean you have to announce the prefixes to the >Internet. I would highly suggest you use registered space in the >same way that you would use 1918 space. In this way, you can still >take advantage of NAT for its limited role in security. > >If security is a key concern, NAT is really not a huge component of >the solution. Organizations really need to embrace and enforce >policy and support them with electronic means including properly >configured and deployed firewalls, IDS systems, logging systems >(physical/electronic) etc. > > > >*** REPLY SEPARATOR *** > >On 1/10/2001 at 8:47 AM Steve Smith wrote: > >>We had a MASSIVE dispute within our company about this. We bought >>another company and they uses registered IPs on everything down to the >>workstation. They claimed NAT caused problems with most programs and it >>was just easier to use registered IPs. >> >>We had a meeting with 3 different CCIE's that worked for Cisco and 2 >>security consulting firms and decided, although it would be nice to use >>registered IPs, it was more efficient and secure to use private IPs. We >>then tested the "apps that won't work with NAT" and found 99 percent of >>them worked fine if the server and firewalls where configed correctly. >> >>Don't get me wrong, NAT can and does have some minor downfalls but >>overall, in my opinion, it's does its job. >> >>regards, >>Steve >> >>-Original Message- >>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >>Sent: Wednesday, January 10, 2001 7:08 AM >>To: [EMAIL PROTECTED] >>Cc: [EMAIL PROTECTED] >>Subject: Using Register IP Address on your Private network >> >> >> >>I have a question here? Why would anyone use register addresses on >>their >>private network, while you can use UN-register addresses like 10.X.X.X ? >>Do >>you really need to burn register addresses on a private network? >> >>I would like to hear anyone opinion on this subject >> >>Brian >> >>_ >>FAQ, list archives, and subscription info: >>http://www.groupstudy.com/list/cisco.html >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >> >>_ >>FAQ, list archives, and subscription info: >>http://www.groupstudy.com/list/cisco.html >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using Register IP Address on your Private network
How does any application no if it's registerd or non-registered? or real address? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using Register IP Address on your Private network
With the shortage of registerd addresses out there and 99 percent of all programs work with NAT. Then why are we wasting register addresses on private networks for? Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using Register IP Address on your Private network
SmartAlec answer: Because people don't have the technical knowledge to implement NAT. I would bet that many folks out there even in the networking world have ever heard of it. Otherwise, like others have pointed out, people may encounter problems when gaming online, running VPNs, etc. --- [EMAIL PROTECTED] wrote: > > With the shortage of registerd addresses out there > and 99 percent of all > programs work with NAT. Then why are we wasting > register addresses on private > networks for? > > Brian > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Dan West -- CCNA, CCNP (in progress) __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Using Register IP Address on your Private network
Also... NATing drops your throughput substantially. In my experience, NATing is normally used only as a last resort (no ip addresses or to clear a financial hurdle) or to connect external networks such as business partners. It is definitely not a cure-all, "why use registered addresses?" solution. Just an opinion of course... Roman -Original Message- From: Dan West [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 10, 2001 1:07 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Using Register IP Address on your Private network SmartAlec answer: Because people don't have the technical knowledge to implement NAT. I would bet that many folks out there even in the networking world have ever heard of it. Otherwise, like others have pointed out, people may encounter problems when gaming online, running VPNs, etc. --- [EMAIL PROTECTED] wrote: > > With the shortage of registerd addresses out there > and 99 percent of all > programs work with NAT. Then why are we wasting > register addresses on private > networks for? > > Brian > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Dan West -- CCNA, CCNP (in progress) __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using Register IP Address on your Private network
Using addressed outside of the 1918 space that are properly registered with a registry can have some benefit to those organization that possess a sufficient quantity of them to suit their needs. The question I would ask would be; "what do you gain by using the 1918 space when you have enough unique address space to suit your current and future needs?" With the explosion of inter connectivity between organizations for business partnerships, mergers/acquisitions etc, having unique address space will ensure that duplicate addressing across an intranet/extranet is never a challenge you have to deal with. Naturally, if your addressing space is slim, you will be forced into unregistered addressing space. Pete *** REPLY SEPARATOR *** On 1/10/2001 at 8:08 AM [EMAIL PROTECTED] wrote: >I have a question here? Why would anyone use register addresses on their >private network, while you can use UN-register addresses like 10.X.X.X ? Do >you really need to burn register addresses on a private network? > >I would like to hear anyone opinion on this subject > >Brian > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using Register IP Address on your Private network
Hi, Some applications are written with a particular address in mind, some people put security lists on servers and applications. When working across a network with a lot of structural changes constantly happening (Government Networks as an example when there is Departmental or Agency mergers.) often the "private addresses" used is the same within two merging organisations. This can create issues for accessing servers. It is therefore important to hard map NAT in these circumstances but that requires a one to one relationship. Why put in the extra level of complexity. (DHCP often has similar security issues) Just a thought Teunis Hobart, Tasmania Australia On Wednesday, January 10, 2001 at 12:34:49 PM, [EMAIL PROTECTED] wrote: > How does any application no if it's registerd or non-registered? or real > address? > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
