and of course my routing table goes to hell and I can't use the 100.64/10 network for my purposes. the gateway IP is 100.0.0.1.100.101.198.98/8
What can I do to be able to use 100.64/10 for my internal segments? policy-based routing?
and of course my routing table goes to hell and I can't use the 100.64/10 network for my purposes. the gateway IP is 100.0.0.1.100.101.198.98/8
chill a little. I don't know and I'm asking. and politely explaining what I know to someone who knows even less. you say it's bad and I wont' use it. thanks for the insight.@gdanov
Please don't start writing things uninformed or uncomplete...
The 100.64.0.0/10 is born to give to the ISP CGNAT or IPs for internal device o other use, for leave the 10.... 192.168... and 172.16.... ranges free for consumer/business network.[…] uses the 10.x.x.x (not sure about the mask) […]
[…] and 172.x.x.x net for the same purposes […]
Of course it would be better to contact them directly instead of sending a tweet. That may be read only by the marketing department.This is major telco in Bulgaria (A1, former Mtel). Yes, their DHCP assigns exactly this IP with that mask, this is what my MT reports. I've complained already to their twitter account about this being itiotic some time ago. Doubt they'll do something about it.
"Safe" would be difficult to say, I presume you want to be able to roam between such different networks.My other provider in different country, uses the 10.x.x.x (not sure about the mask) and 172.x.x.x net for the same purposes. I've seen 10.x.x.x used also in hotels and this messed with my WG client because I use 10.1.1.0/24 for my WG "road warriors". What exactly was the case I don't remember, it was long day, I was tired..so on.
So I'm bit at a loss what address space to allocate to my backbone/backhaul and WG clients that would be safe under any circumstances.
Yes, I'm expecting nothing less from seroius ISP,(those test networks mentioned by rextended are often blocked in firewalls)
thanks! I need several /24 nets , will look into theseThe 100.64.0.0/10 is born to give to the ISP CGNAT or IPs for internal device o other use, for leave the 10.... 192.168... and 172.16.... ranges free for consumer/business network.[…] uses the 10.x.x.x (not sure about the mask) […]
[…] and 172.x.x.x net for the same purposes […]
But those ISPs often are lazy more than the end users...
I do not know how many IPs you need but the 192.0.2.0/24 segment (from 198.0.2.0 to 198.0.2.255) is unassigned, or better, is assigned for testing purpose,
nothing forbid you to use that range on your VPN.
Ranges usable as alternative. Are not routed on internet, and can be used for own network for testing purposes.
No one can complain if you use it for YOUR OWN network....
192.0.2.0/24 TEST-NET-1
198.51.100.0/24 TEST-NET-2
203.0.113.0/24 TEST-NET-3
Be careful what you wish for! I am barely grasping ipv4 fundamentals.
Time to move on to IPv6!
Agree....
Too much water will have to pass under the bridge before there is only IPv6...Be careful what you wish for! I am barely grasping ipv4 fundamentals.
If they switch to IPV6, I hope you have a spare bed in your house because I will be there for intensive training,
oh and perhaps a little sampling of the fine foods and beverages ........
Translation: No need to wait for IPV6, you are welcome anytime and the sooner the better and yes Belgium, Slovenia and Czechia pale in comparison!!Too much water will have to pass under the bridge before there is only IPv6...
with a sign that says.........
ZEROTRUST CLOUDFLARE
OPTIONS PACKAGE
FOR ALL MT USERS
/ip route add dst-address=100.64.0.0/10 gateway=100.0.0.1 routing-mark=10064
/ip firewall filter add chain=forward protocol=all dst-address=100.64.0.0/10 action=mark-routing new-routing-mark=10064
/ip firewall nat add chain=srcnat out-interface=<external interface> src-address=100.64.0.0/10 action=masquerade