Daniel Karrenberg, co-author of RFC1918, said this 2017-10-06 on the NANOG mailing list:
> On 05/10/2017 07:40, Jay R. Ashworth wrote:
> > Does anyone have a pointer to an *authoritative* source on why
> >
> > 10/8
> > 172.16/12 and
> > 192.168/16
> >
> > were the ranges chosen to enshrine in the RFC? ...
>
> The RFC explains the reason why we chose three ranges from "Class A,B &
> C" respectively: CIDR had been specified but had not been widely
> implemented. There was a significant amount of equipment out there that
> still was "classful".
>
> As far as I recall the choice of the particular ranges were as follows:
>
> 10/8: the ARPANET had just been turned off. One of us suggested it and
> Jon considered this a good re-use of this "historical" address block. We
> also suspected that "net 10" might have been hard coded in some places,
> so re-using it for private address space rather than in inter-AS routing
> might have the slight advantage of keeping such silliness local.
>
> 172.16/12: the lowest unallocated /12 in class B space.
>
> 192.168/16: the lowest unallocated /16 in class C block 192/8.
>
> In summary: IANA allocated this space just as it would have for any
> other purpose. As the IANA, Jon was very consistent unless there was a
> really good reason to be creative.
>
> Daniel (co-author of RFC1918)
>>> This is a fuzzy recollection of something I believe I read, which might
well be inaccurate, and for which I can find no corroboration. I
mention it solely because it might spark memories from someone who
actually knows:
>>> A company used 192.168.x.x example addresses in some early
documentation. A number of people followed the manual literally when
setting up their internal networks. As a result, it was already being
used on a rather large number of private networks anyway, so it was
selected when the RFC 1597 was adopted.
>> sun
> Wasn't 192.9.200.x Sun's example network?
of course you are correct. sorry. jet lag and not enough coffee.
I worked in the early 90s getting UK companies connected. The number of people who had copied Suns (and HPs and others) addresses out of the docs was enormous. One of them was a very well known token ring network card vendor.
We're a 2-man crew, about to start one of America's biggest ISP's.
We'd just gotten the closet cleared, the racks assembled, the modems installed, the terminal server wired up, the USENET machine booted, and we're waiting for the T1 to go live. The modems are answering calls, but there's nowhere for our new subscribers to go .. yet.
The tech line rings, its the T1 guy on the other end "Ready to configure your router with you if you're ready .. "
Sure, I say .. whats our IP address ..
"198.162 .. "
"WAIT!", I say. "Are you SURE about that?"
He sure was.
The line comes up, the routes flow, customers get online for their first time.
But for months afterwards I was constantly in fear of our IP address.
Junior network guys would call me up in the middle of the night, adding some NOC somewhere or other "it doesn't work!" - "did you mix a 2 and an 8?", I'd say .. and much swearing would be heard until things started working again.
Man, that was fun. Getting that IP address assigned to us definitely was an act of mischief on the part of some devil somewhere, I'm quite sure ..
Hooking up that first T1 was super exciting! I worked at an early ISP (not a big one) in 1995. They were still on a 56K dedicated line and a very small bank of modems. I still remember when the guy from MCI showed up to test the new T1 we were getting. The first frame relay customers I brought up were also super fun. I sometimes miss networking.
As the authors themselves note, RFC 1597 was merely formalizing already widespread common practice. If the private ranges were not standardized then people would still have created private networks, but just used some random squatted blocks. I can not see that being better outcome.
The optimist in me wants to claim that not assigning any range for local networks would have lead to us running out of IPv4 addresses in the late 90s, leading to the rapid adoption of IPv6, along with some minor benefits (merging two private networks would be trivial, much fewer NATs in the world leading to better IP based security and P2P connectivity).
The realists in me expects that everyone would have used one of the ~13 /8 blocks assigned to the DoD
I'm not the OP or author, but the argument against private network addresses is that such addresses break the Internet in some fundamental ways. Before I elaborate on the argument, I want to say that I have mixed feelings on the topic myself.
Let's start with a simple assertion: Every computer on the Internet has an Internet address.
If it has an Internet Address, it should be able to send packets to any computer on the Internet, and any other computer on the Internet should be able to send packets to it.
Private networks break this assumption. Now we have machines which can send packets out, but can't receive packets, not without either making firewall rule exceptions or else doing other firewall tricks to try to make it work. Even then, about 10-25% of the time, it doesn't work.
But it goes beyond firewall rules... with IP addresses being tied to a device, every ISP would be giving every customer a block of addresses, both commercial and residential customers.
We'd also have seen fast adoption of IPv6 when IPv4 ran out. Instead we seem to be stuck in perpetual limbo.
On team anti-private networking addresses:
- Worse service from ISPs
- IPv4 still in use past when it should have been replaced
- Complex work around overcoming firewalls
I'm sure we all know the benefits of private networks, so I don't need to reiterate it.
Most SMB companies did not have IP addresses in 1994 when RFC 1597 was published, although the range was known. However, the well known companies did, and some of those have the older full class B assignments. It was common for those companies to use those public IP addresses internally to this day, although RFC-1918 addresses were also in use.
Since Netware was very popular in businesses and it was possible/common to use only the IPX protocol for endpoints, you could configure endpoints to use a host that had both an IPX and IP address as the proxy, and not use an IP address on most endpoints. That was common due to Netware actually charged for DHCP and DNS add-ons. When Windows became more popular, IP on endpoints likely used RFC-1918 around ~1996.
This is probably apocryphal, and I'm probably getting the details wrong anyway, but tangentially related to this, when I worked for a small network security firm (later purchased by Cisco, as most were), we had a customer that used, I'm told, the IP ranges typically seen in North Korea as their internal network. They TOLD us they did it because the addresses wouldn't conflict with anything they cared about, and no one had told them about 1918 + NAT, which I find dubious.
Weirdly enough, there are a few systems at my workplace which are in the 192.9.200.x subnet! They're only about 20 years old, though. We are actively looking to replace the entire system.
I've done work for several municipalities and police departments in western Ohio and found 192.9.200.0/24 in several. They all had a common vendor who did work back in the 90s and was the source.
Readit News
* https://superuser.com/a/1257080/38062
Deleted Comment
Dead Comment
>>> This is a fuzzy recollection of something I believe I read, which might well be inaccurate, and for which I can find no corroboration. I mention it solely because it might spark memories from someone who actually knows:
>>> A company used 192.168.x.x example addresses in some early documentation. A number of people followed the manual literally when setting up their internal networks. As a result, it was already being used on a rather large number of private networks anyway, so it was selected when the RFC 1597 was adopted.
>> sun
> Wasn't 192.9.200.x Sun's example network?
of course you are correct. sorry. jet lag and not enough coffee.
---
So no answers.
We're a 2-man crew, about to start one of America's biggest ISP's.
We'd just gotten the closet cleared, the racks assembled, the modems installed, the terminal server wired up, the USENET machine booted, and we're waiting for the T1 to go live. The modems are answering calls, but there's nowhere for our new subscribers to go .. yet.
The tech line rings, its the T1 guy on the other end "Ready to configure your router with you if you're ready .. "
Sure, I say .. whats our IP address ..
"198.162 .. "
"WAIT!", I say. "Are you SURE about that?"
He sure was.
The line comes up, the routes flow, customers get online for their first time.
But for months afterwards I was constantly in fear of our IP address.
Junior network guys would call me up in the middle of the night, adding some NOC somewhere or other "it doesn't work!" - "did you mix a 2 and an 8?", I'd say .. and much swearing would be heard until things started working again.
Man, that was fun. Getting that IP address assigned to us definitely was an act of mischief on the part of some devil somewhere, I'm quite sure ..
LoRA is all the world needs. ;)
Not everyone thought this was a good idea, and I still maintain the alternative path would have led to a better internet than the one we today.
The realists in me expects that everyone would have used one of the ~13 /8 blocks assigned to the DoD
Let's start with a simple assertion: Every computer on the Internet has an Internet address.
If it has an Internet Address, it should be able to send packets to any computer on the Internet, and any other computer on the Internet should be able to send packets to it.
Private networks break this assumption. Now we have machines which can send packets out, but can't receive packets, not without either making firewall rule exceptions or else doing other firewall tricks to try to make it work. Even then, about 10-25% of the time, it doesn't work.
But it goes beyond firewall rules... with IP addresses being tied to a device, every ISP would be giving every customer a block of addresses, both commercial and residential customers.
We'd also have seen fast adoption of IPv6 when IPv4 ran out. Instead we seem to be stuck in perpetual limbo.
On team anti-private networking addresses:
- Worse service from ISPs - IPv4 still in use past when it should have been replaced - Complex work around overcoming firewalls
I'm sure we all know the benefits of private networks, so I don't need to reiterate it.
Since Netware was very popular in businesses and it was possible/common to use only the IPX protocol for endpoints, you could configure endpoints to use a host that had both an IPX and IP address as the proxy, and not use an IP address on most endpoints. That was common due to Netware actually charged for DHCP and DNS add-ons. When Windows became more popular, IP on endpoints likely used RFC-1918 around ~1996.
Yep, a desktop PC with its own IPv4 address. Back in the day, no firewall afaik.
What's the history behind 192.168.1.1? - https://news.ycombinator.com/item?id=17467203 - July 2018 (48 comments)
This was in the 10's of 1000's of devices.
> > Wasn't 192.9.200.x Sun's example network?
> of course you are correct. sorry. jet lag and not enough coffee.