On Thu, 1 Sep 2011, Mustafa Shahanshah wrote:
> I have multiple IP ranges 192.0.0.0/8, 172.0.0.0/8 and 10.0.0.0/8 One is
> allocated to the each sub company.
Not related to Squid, but you should know: neither 192.0.0.0/8 nor
172.0.0.0/8 are fully allocated for private use. Portions of those nets
are Internet-routable and are explicitly assigned to specific owners, and
if you actually do have the full /8 space allocated for them on your local
networks you _will_ experience problems.
Even if you're not exposing those addresses to the Internet (e.g. possibly
via TPROXY) you'll have problems because the users won't be able to access
any resources on the public Internet portions of those nets because they
think they are local resources.
The portions of those nets allocated for nonroutable private use are
192.168.0.0/16 (192.168.x.x) and 172.16.0.0/12 (172.16.0.0 -
172.31.255.255)
Consider what would happen on your network if (for example) the next
Google gets assigned 192.100.x.x
Please see http://tools.ietf.org/html/rfc1918
-- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhardin_at_impsec.org FALaholic #11174 pgpk -a jhardin_at_impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Sheep have only two speeds: graze and stampede. -- LTC Grossman ----------------------------------------------------------------------- 266 days since the first successful private orbital launch (SpaceX)Received on Thu Sep 01 2011 - 17:38:22 MDT
This archive was generated by hypermail 2.2.0 : Fri Sep 02 2011 - 12:00:02 MDT