nanog mailing list archives

Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment

From: Jimmy Hess <mysidia () gmail com>
Date: Mon, 23 Feb 2015 21:33:41 -0600

On Mon, Feb 23, 2015 at 9:02 AM, Eric Germann <ekgermann () cctec com> wrote:

In spitballing, the boat hasn’t sailed too far to say “Why not use 100.64/10 in the VPC?”


Read RFC6598.
If you can assure the conditions are met that are listed in.... 4.
Use of Shared CGN Space..

Then usage of the 100.64/10  shared space may be applicable,  under
other conditions it may be risky;   the proper usage of IP addresses
is in accordance with the standards or by the registrant under the
right assignment agreements.

If you are just needing space to squat on regardless of the
standardized usage,  then you might do anything you want ---  you may
as well use 25/8  or  11.0.0.0/8  internally,   after taking steps to
ensure you will not be leaking Reverse DNS queries, routes,  or
anything like that,  this space is larger than a /10 and would provide
more expansion flexibility.

Then, the customer would be allocated a /28 or larger (depending on needs) to NAT on their side and NAT it once.  
After that, no more NAT for the VPC and it boils down to firewall rules.  Their device needs to NAT outbound before 
it fires it down the tunnel which pfSense and ASA’s appear to be able to do.


--
-JH

Current thread:

Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment, (continued)
- - - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Blair Trosper (Feb 24)
    - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Gino O'Donnell (Feb 24)
    - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Ca By (Feb 24)
    - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Patrick W. Gilmore (Feb 24)
- Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment William Herrin (Feb 23)
  - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Benson Schliesser (Feb 23)
    - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Owen DeLong (Feb 24)
- Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Måns Nilsson (Feb 23)
  - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Blair Trosper (Feb 23)
    - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Eric Germann (Feb 23)
- Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Jimmy Hess (Feb 23)
  - Re: Wisdom of using 100.64/10 (RFC6598) space in an Amazon VPC deployment Randy Bush (Feb 23)