View Single Post
Old 21st July 2008
edhunter's Avatar
edhunter edhunter is offline
Real Name: Georgi Iovchev
Port Guard
 
Join Date: May 2008
Location: Sofia, Bulgaria
Posts: 41
Default

Quote:
Originally Posted by ai-danno View Post
Not to nitpick, but the way you are describing your subnet is not correct- 16 addresses is a /28 (255.255.255.240 subnetmask)
oops type mystake mask is really 28

Quote:
Originally Posted by ai-danno
I make mention of this because a few years back a client I consulted for decided to make this same reference to his ISP and BGP peer session. The ISP didn't vet this properly, propagated the erroneous /16, and as a result blackholed Microsoft for a short period of time (probably not a bad thing in hindsight lol.) It really highlighted the client's naivete... as you wouldn't announce anything smaller than a /24 over BGP in the first place, but that's another story.
))) ... so far I am not using BGP


And yes i have done it like you described ... but anyway i have nat because, not all internal machines are with real ips (actually many of them doesnt need to be with real ips - it is more secure)

Last edited by edhunter; 21st July 2008 at 09:34 AM.
Reply With Quote