Re: [fw-wiz] Duplicate Public IP Addresses?



So the short answer is that the real owner of the 80.X.X.X ISP advertises the route, and you don't. So it would only affect your users local to your network, in which case they would go to your local 80.X.X.X address over the one on the internet someplace (assuming your advertising the 80.X.X.X subnet on your network).

Very few people would need to use more space than listed in RFC1918 and RFC 3330 before using other random IP addresses. If one still needs more than what these RFCs offer, then choose one that is unlikely to be on the common internet, or services that your local users don't use, like one of the DoD networks. But of course these can only be used internally; publically you will need addresses assigned to you from ARIN, or re-assigned from your ISP.

-Steve

--------------------------------------------------
From: "arvind doraiswamy" <arvind.doraiswamy@xxxxxxxxx>
Sent: Friday, January 01, 2010 7:10 AM
To: "Firewall Wizards Security Mailing List" <firewall-wizards@xxxxxxxxxxxxxxxxxxxxx>
Subject: [fw-wiz] Duplicate Public IP Addresses?

Hey Guys,
Maybe this is a bit of a basic question but I thought I'd ask here all
the same. Please let me know if this is too Non Firewall to be posted
:)

Over the years a lot of clients have used Public IP addresses on an
Internal network. So there's whole internal ranges with 80.x.x.x . Now
almost all of those systems do not have publicly reachable services at
all. Lets also assume that there is some website somewhere which has
the 80.x.x.x IP address assigned to it and people DO visit it and use
its "services". All ok so far.

What though if the internal network suddenly decided to make one of
his systems a web server , put a site onto it and pushed it on to the
Internet with the same 80.x.x.x address that was assigned to the
server when it was part of the Internal Network? Effectively it means
that now.. 2 servers ; the original web server (A) and the new web
server (B) both have an IP of 80.x.x.x (SAME).

Now I haven't done this practically and checked what will happen , but
I have a few questions in mind.

a) What happens to all the traffic going to A? Does it still go there
or do clients of A get redirected to B?
b) What about B wrt Question a) ?
c) What about DNS servers everywhere? What IP addresses will they
cache and how will they ensure that people are "routed" correctly?
d) Isn't this a very easy DOS condition? Anyone just changes IP ,
registers with their own DNS and sits back and waits?

Am I missing something? It just seems to easy to do..so I thought I'd
post here and get educated :)

Thnx
Arvind
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards