Use private IP on inside interfaces of transit routers

Discussion in 'Cisco' started by mliu, Jul 15, 2003.

  1. mliu

    mliu Guest

    What happens if you put private IPs (192.168.x.x) on the INSIDE
    interfaces of your internet transit routers.

    ISP -- (public IP) Edge Router ( private IP) -- inside network --
    (private IP) BGP Router (public IP) -- downstream

    1. It wont work at all, it stops passing internet traffic?
    2. It passes traffic, but traceroute wont work, skips the hop with
    private ip configured?
    3. It works well. (doubt about this one)

    Thanks for your answer!
    mliu, Jul 15, 2003
  2. mliu

    Chris Guest

    It shouldn't matter as long as the source and destination IP's are live
    addresses for any IP traffic crossing the network as long as your routing is
    configured correctly and you are advertising the routes correctly. I work
    for a comms company / ISP and we use 10.x.y.x addresses on our core network
    for many devices.

    Chris, Jul 15, 2003
  3. mliu

    mliu Guest

    Thanks Chris. Could you show me what the traceroute looks like from
    outside and pass through your netowork to your downstream AS? This
    question has been borthering me for awhile...Thanks.
    mliu, Jul 15, 2003
  4. mliu

    mliu Guest

    Great! That makes sense and it is the way that I thought. Thanka alot!!!
    mliu, Jul 15, 2003
  5. :>What happens if you put private IPs (192.168.x.x) on the INSIDE
    :>interfaces of your internet transit routers.

    :Strictly speaking it's a violation of RFC 1918, but it's a very common one

    You can make it RFC 1918 compliant by using a little bit of NAT
    at the edges of your network -- the criteria is that you must
    not let packets with those addresses be routed into the public networks.
    Walter Roberson, Jul 15, 2003
  6. That'll make for some confusing traceroutes -- you'll see the NAT's address
    repeated for each internal router link (assuming you do many-to-1 NAT).
    But I guess it's better than lots of timeouts.
    Barry Margolin, Jul 15, 2003
