Stanford has been allocated a fixed number of IP addresses. To conserve IP addresses, additional private networks are added implemented to most Stanford address spaces (171.64, 171.65, 171.66, 171.67, and 128.12). Most private network ranges are related to the "public" net ranges: for example, if the local network is 171.64.8, a secondary network of 172.24.8 is placed on the same router interface. Consult whois to determine the private range assigned for a particular network. To do so, search for the ".0" address, i.e.: "whois 171.64.8.0" will show that 172.24.8.0 has also been reserved for this network.
Traffic to and from hosts on the private networks will not be routed beyond Stanford. Network Engineering recommends that LNAs reassign hosts that do not need access beyond Stanford to the new private networks. Devices such as network equipment (hubs, switches), printers and certain internal "Intranet" servers are good candidates for IP addresses on the private range.
Addresses on the private networks can be allocated, as usual, through NetDB. Placing a host on the private network should not be considered as a security measure; a system can be compromised by from another Stanford host.
Your Network Number | Additional Private Network Number |
171.64.x | 172.24.x |
171.65.x | 172.25.x |
171.66.x | 172.26.x |
171.67.x | 172.27.x |
128.12.x | 172.19.x |
Private address ranges are used as a central part of Network Address Translation (NAT). LNAs should be aware that Staford private networks do not use NAT. Devices on the Stanford private networks have no way of accessing or being accessed from devices outside of Stanford. NAT is disscussed in more detail in RFC 1631.
References
- RFC 1918- Address Allocation for Private Internets
Global private address range as defined in RFC 1918:
10.0.0.0 | through | 10.255.255.255 | CIDR: 10/8 |
172.16.0.0 | through | 172.31.255.255 | CIDR: 172.16/12 |
192.168.0.0 | through | 192.168.255.255 | CIDR: 192.168/16 |