Re: AOL Proxy Servers not connecting via https - resolved
On Thu, Sep 25, 2003 at 04:48:11PM -0700, Andy Ellifson wrote: Actually a /12. But the value of 172.16.0.0 0.15.255.255 has been burned into my head for some reason... yup... s/20/12/ typo...thanks Andy -ron
Re: AOL Proxy Servers not connecting via https - resolved
A Clue Bat was gently swung by a friendly and clueful (semi-anonymous) AOL NetOps guys who contacted me from my post on Nanog. Thanks Nanog, and this sounds strange from me, but Thank's AOL. :) And yes, it should have been obvious on my part.. a router was configured with a 172.0.0.0/8 netmask. ..there is what we call an RFC1918 issue. AOL was given some IPs in the 172.16.x.x range by ARIN. These are valid routable IPs, and we use them as IPs for the AOL user's machines (kinda like DHCP). The problem is that some people block all of 172.x.x.x thinking it's only for non-routable IPs when it's only half that range that is non-routable. (172.16.0.0/20 is the routable part). That appears to be the case with this one. We've asked ARIN for a different range, and they told us to go away, so we are stuck with this issue. If you can ask someone who does firewall and/or router ACLs in front of that website, they should be able to fix the issue.
Re: AOL Proxy Servers not connecting via https - resolved
This might be helpful to people setting up ACLs and the like: http://webmaster.info.aol.com/proxyinfo.html -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.2mbit.com ICQ: 8077511 - Original Message - From: mike harrison [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 25, 2003 5:10 PM Subject: Re: AOL Proxy Servers not connecting via https - resolved A Clue Bat was gently swung by a friendly and clueful (semi-anonymous) AOL NetOps guys who contacted me from my post on Nanog. Thanks Nanog, and this sounds strange from me, but Thank's AOL. :) And yes, it should have been obvious on my part.. a router was configured with a 172.0.0.0/8 netmask. ..there is what we call an RFC1918 issue. AOL was given some IPs in the 172.16.x.x range by ARIN. These are valid routable IPs, and we use them as IPs for the AOL user's machines (kinda like DHCP). The problem is that some people block all of 172.x.x.x thinking it's only for non-routable IPs when it's only half that range that is non-routable. (172.16.0.0/20 is the routable part). That appears to be the case with this one. We've asked ARIN for a different range, and they told us to go away, so we are stuck with this issue. If you can ask someone who does firewall and/or router ACLs in front of that website, they should be able to fix the issue.
Re: AOL Proxy Servers not connecting via https - resolved
On Thu, Sep 25, 2003 at 06:11:23PM -0400, Brian Bruns wrote: This might be helpful to people setting up ACLs and the like: http://webmaster.info.aol.com/proxyinfo.html I think the point that Mike was making is that RFC1918 space is 172.16.0.0/20 not a /8. -ron
Re: AOL Proxy Servers not connecting via https - resolved
Actually a /12. But the value of 172.16.0.0 0.15.255.255 has been burned into my head for some reason... ---snip--- Page 4 3 Private Address Space The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets: 10.0.0.0- 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) ---snip--- --- Ron da Silva [EMAIL PROTECTED] wrote: On Thu, Sep 25, 2003 at 06:11:23PM -0400, Brian Bruns wrote: This might be helpful to people setting up ACLs and the like: http://webmaster.info.aol.com/proxyinfo.html I think the point that Mike was making is that RFC1918 space is 172.16.0.0/20 not a /8. -ron
Re: AOL Proxy Servers not connecting via https - resolved
On Thu, 25 Sep 2003, Ron da Silva wrote: On Thu, Sep 25, 2003 at 06:11:23PM -0400, Brian Bruns wrote: This might be helpful to people setting up ACLs and the like: http://webmaster.info.aol.com/proxyinfo.html I think the point that Mike was making is that RFC1918 space is 172.16.0.0/20 not a /8. At least two people have posted incorrectly about 172.16, wrt who has what and how big it is. Rekhter, et al Best Current Practice [Page 3] RFC 1918Address Allocation for Private Internets February 1996 3. Private Address Space The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets: 10.0.0.0- 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) AOL has NetRange: 172.128.0.0 - 172.191.255.255 CIDR: 172.128.0.0/10 NetRange: 172.192.0.0 - 172.211.255.255 CIDR: 172.192.0.0/12, 172.208.0.0/14 and apparently a bunch of other blocks. -- Jon Lewis [EMAIL PROTECTED]| I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
