RE: Free range addresses

From: Jollon, Matthew (
Date: 08/21/01

Message-ID: <>
From: "Jollon, Matthew" <>
To: "''" <>,
Subject: RE: Free range addresses
Date: Tue, 21 Aug 2001 12:00:32 -0400


A company should never use routable addresses internally or in the DMZ.
Anything other than the router and firewall should conform to RFC1918. Both
for the internet sake and the companies sake.

-----Original Message-----
From: Michael Tench []
Sent: Tuesday, August 21, 2001 11:32 AM
Subject: Free range addresses

As you know, many different companies now use VPN
connectivity to communicate to each other, as well as
(unfortuantely) allowing remote users to VPN into
machines on their service network. As such, you cannot
have the same subnet allocated on both sides of the
VPN tunnel....but as an IT manager or WAN analyst, you
cannot tell the other company they must change their
internal addresses.

My questions are these:
Is this a good argument for using a routable(not free
range) IP address for your service network (some say
Do you think the risks of this outweigh the
benefits?(Like if the firewall fails in a manner that
allows all traffic to pass)

I welcome your comments.


Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger