Notes: RFC 1918: Address Allocation for Private Networks
Summary#
–
These are my notes for the Request for Comments 1918; Address Allocation for Private Networks doument. Released by IETF in February 1996. Provided are all of the parts of RFC 1918 that I felt were the most important to understand. Given that it plays a large part of how IPv4 networks are designed and operated today.
As I review the document more. I would like to note that these are my notes and interpretations of this RFC. So, if anyone would like to discuss what they think is wrong and what they think is right. Feel free to send me an email.
RFC 1918#
RFC 1918 is considered a best current practice (BCP 5) for the Internet community.
RFC 1918 obsoletes RFC 1597 and RFC 1627.
01. Introduction#
The purpose of the document is to provide a guideline to enterprise entities so they can autonomously operate their TCP/IP networks and develop addressing plans and assignments within the network.
This RFC covers private (internal) networks. As they would describe it as private internets. Allowing internal networks or network clients to communicate with one another either in-enterprise or from different regions.
The allocation permits full network layer connectivity among all hosts inside an enterprise as well as among all public hosts of different enterprises.
02. Motivation#
There were an increasing number of non-connected enterprises using TCP/IP global addressing for intra-enterprise communications. With no intention to conect these enterprise devices to other entrprises or the Internet directly.
RFC 1918 touches on the unexpected growth of the Internet and the challenges associated with that.
- The globally unique address space exhaustion.
- Routing overhead growing beyond the capabilities of Internet Service Providers (ISP).
Something to note here is this isn’t just adopted in enterprises. This is also adopted in homes as well. But, the primary driver for this would have been enterprises at the time.
They move to discussing their strategies on how to contain the growth of routing overhead.
Internet Service Providers (ISP) obtains a block of address space from an address registery, then assigns to it’s customers addresses from within that block based on the requirements of their customers.
Result is routes to many customers are aggregated together and will appear to other providers as a single route.
This is touched on in RFC1518 and RFC1519.
With the size and the growth rate of the Internet it’s not longer reasonable to assume that by aquiring globally unique IP addresses from an Internet Registry that the address acquired by the organization will have Intenret-wide connectivity once connected to the Internet.
It is possible that said organaization would need to change IP addresses (renumber) it’s public hosts, regardless of whether they were used by the organization initially or if they were globally unique or not.
They are doing away with the typical assignment of globally unique addresses to all hosts using TCP/IP to extend the availability of IPv4 address space.
Address registries are required to provide more justification to make it more difficult for orgnaizations to aquire address space RFC1466.
Hosts within organziations/enterprises using IP can be partitioned into three categories:
Sections were close to copied word for word…
Category 1: hosts that do not require access to hosts in other enterprises or the Internet. hosts within this category may use IP addresses that are the same/similar inner-enterprise but different in other enterprises.
Category 2: hosts need access to limited outside services. Which can be handled by gateways for many hosts that fall within this category. Giving unecessary/undesirable access due to privacy/security reasons.
Category 3: hosts that need network layer access outside the enterprise; hosts within this last category require addresses that are globally unambiguous.
Category 1 & 2 hosts are described as either private hosts or hosts within a private network.
Category 3 hosts can be referred to as public or hosts avaialble within the public address space.
They proceed to describe that there are a number of hosts within enterprises or private networks that don’t need to be hosted on the Internet.
Privoded were some examples of devices that wouldn’t need access:
- Large airport arrival/departure displays addressable via TCP/IP. It is unlikely that these need to be unique.
- Globally unique addresses aren’t needed for cash drawers or registers; of which could utilize the TCP/IP protocol stack.
- For security reasons enterprises may use application layer gateways to connect internal/private networks to the Internet. Internal/private networks don’t need direct access to the Internet. Which is why only a few are visible from the Internet. For this example. Only one unique address is used for routing traffic to the Internet from the internal network.
- Router interfaces on the internal network don’t need to be accessible directly from outside the internal network. (or outside the enterprise for that matter)
03. Private Address Space#
The Internet Assigned Numbers Authority (IANA) has reserved the following blocks of IPv4 addresses for private networks.
- 10.0.0.0 – 10.255.255.255 (10/8 prefix)
- Class: A
- Used as the “24-bit block”.
 
- 172.16.0.0 – 172.31.255.255 (172.16/12 prefix)
- Class: B
- Used as the “20-bit block”.
 
- 192.168.0.0 – 192.168.255.255 (192.168/16 prefix)
- Class: C
- Used as the “16-bit block”.
 
Block one is a single class A network.
Block two is a set of 16 class B networks.
Block three is a set of 256 class C networks.
An enterprise that decides to use the IP addresses out of the address space defined in this document can do so without any coordination with IANA or an Internet Registry.
Previous statement also applies to residential as well as business entities.
The use of this address space is unique only within the entity utilizing it. Entities can also use cooperate within those separate spaces to have their own private network(s).
This address space is not routable over the Internet.
Enterprises/entities that need globally unique address space will be required to obtain it from an Internet registry. Addresses will never be assigned from the blocks mentioned within this section.
Routing information is not propogated on inter-enterprise links because private addresses have no global meaning. These should not be forwarded across links.
All routers are expected to be configured to reject routing information regarding private networks.
References to private addresses with the enterprise should be contained within the enterprise.
DNS resource records and other infoamtion referring to private addresses can pose a leak. Measures should be taken to prevent this. Especially with Internet Service Provers (ISP).