range   1922

« earlier    

Ranges for the Standard Library, Revision 1
The decision to defer any discussion about specific wording was taken in recognition of the fact that any range design is likely to undergo significant revision by the committee. The paper is intended merely as a starting point for discussion and as a basis for future work.
c++  c++17  range  paper  std 
4 weeks ago by cjitlal
Beyond RFC1918: Additional ranges for private use : networking
For most organizations, even very large ones, the standard RFC1918 address ranges of 10.0.0.0 /8, 172.16.0.0 /12, and 192.168.0.0 /16 provide more than enough usable space to address all your network clients and gear. However, there are scenarios where it is very useful to have access to unregistered address space which isn't in widespread use the way RFC1918 is. This is especially true of complex organizations with lots of M&A activity, where there's no way to be confident that the next company you have to integrate into your network isn't already using the same 10.x space you are. Another potential use case is for short term network deployments by outside contractors, such as a proof of concept or a penetration testing engagement.

So, if you need some private IP space and for whatever reason you can't or don't want to use any of the standard RFC1918 ranges, there are some additional options when you dig deeper in the RFC's. Note that none of these are actually intended for this sort of use, and while everything should be fine as long as nobody else is doing the same thing, nothing is stopping anyone else from using them too. So avoid using any of these except when you genuinely can't leverage RFC1918, and remain consciously aware that there are no guarantees. If you absolutely need addresses which are reliably noncolliding with anyone else's space, get some registered IPv4 addresses, or use IPv6 instead.

192.0.2.0 /24, 198.51.100.0 /24, 203.0.113.0 /24

These three /24s, Test-Net-1 through 3, are reserved for use in example texts and documentation- the numeric equivalent of 'example.com' in DNS. If you just need a few small ranges of probably-non-colliding space e.g. for a NAT bridgehead or a shared-services datacenter vlan, these will probably cover you. These ranges are documented in RFC5737.

198.18.0.0/15

This large block of addresses is reserved for network device benchmark testing, with the intention being that by using this space you could be confident that high volume traffic in your test environment would not escape into production or into the internet. If you're not doing serious network performance testing, this space is wide open for you to use for anything else. This range is documented in RFC2544.

100.64.0.0/10

WARNING. This huge chunk of addresses should be considered as a last resort, and only if you are confident that you understand the risks. This range is reserved for carriers to deploy in NAT444 (CGN) environments; it should only be deployed with caution by end users in these scenarios:

The devices with these addresses will never need to reach the internet, or will only reach the internet through a proxy server; or
You have your own PI IPv4 addresses to NAT to; or
Your NAT gateway is smart enough to handle the same IP addresses on both sides of the NAT table; or
You have discussed CGN with your carrier(s) and are confident they are not and will not be using this space in the context of your network traffic
If any of those things is true then you have access to a truly huge range of addresses which is highly unlikely to be in use in any other private network you need to interoperate with. This range is documented in RFC6598.

And finally:

169.254.0.0 /16

WTF? That's the "my DHCP server is down" address range! Yes, yes it is. But this range is actually valid and usable address space for link-local addressing only. You can't (reliably) route to a 169.254 address from two hops away, which means it's no good for a client vlan or a device's primary management IP address; however, this range is perfectly fine for addressing a transit link such as a PE-CE /30 or a DCI connection. If you set up a Direct Connect link to Amazon AWS, the /30 addressing you'll get from Amazon for those links will use this range. It's also viable for isolated vlans with clients which will never need to talk off net, such as a dedicated storage or backup network, or some process control networks. In fact, addressing a PCN with 169.254 addresses ensures that those devices are not remotely attackable unless someone gains access to a jump host on that network segment. This range is documented in RFC3927.

Reminder: Don't do any of this. None of this is best practice, and any of it may blow up in your face. The number of scenarios where using these addresses is actually justifiable, is far fewer than the number of scenarios where an over-clever engineer using these addresses will cause more problems than the ones he's trying to solve. Unless you're working in an environment where multiple private networks under different management need to interoperate, this is almost certainly the wrong path. You've been warned.
rfc1918  address  ranges  range  alternatives  alternative 
7 weeks ago by theskett
I discovered a browser bug - JakeArchibald.com
CORS bypass using browsers undefined behavior in certain scenarios where the Range header is used with media elements.
security  cors  bypass  http  range  header 
7 weeks ago by m4f10

« earlier    

related tags

&  (jayem  -  2014  365  41te  46.95  :  a  a604  adapter  address  alexandra  algorithm  all  allergy  alternative  alternatives  analysis  and  animation  antenna  antennas.  antivirus  appointments  ar  argument  article  as  async  asyptomatic  atoz  audio  available-time  aws  az  backwards-compatibility  battery  beacon  beat  between  birds  break  browser  browsers  buffer  bug  bundle  burgio  busy  bypass  c++  c++17  calculator  camera  characters  cherry-pick  chrysler  cidr  coding  combine  communication  comparison  composer  consolidate  constraints  consumer  context  continue  controls  converter  coroutine  cors  cpp  create  crossing  css  css3  currently  cycle  damaged  data  date  dates  datetime  design  detect  detection  development  device  devices  diy  dji  documentation  domain  dot  driving  drone  dsp  dublincore  dynamic  e4000  e5  ebike  edge  editor  egress  elastic  electric  electronics  enclosure  endless  estendere  ev  example  excel  exchange  exploit  expression  extended  extender  extinct  extremely  facial  features  firefox  flickr  font-face  font  fonts  footfall  for  forhome  forms  fp  frequency  g2  gas  gasoline  ge  generator  generic  geography  get  gh  gigapixel  git  github  go  golang  golf  grade10  guide  guns  hacking  hardware  hdr  header  heterodyne  history  hood  house  howto  html5  http  hugo  human  image  important  induction  infinite  information  input  ip  ipaddress  ipv4  island  iteration  iterators  javascript  jbs15  kef  keyword  kitchen  knobs  kotlin  kube  laser  launch  launches  lib  lidar  limit  liquid  list  loadbalance  local  location  long  longe  loop  lorawan:  low  mailbox  manchester  manual  map  matrice  mean  measurement  meat  median  memo  minimum  mobile  mode  moment  monad  motion  mqtt  multicopter  nano  naturalhistory  neo)  nesdr  network  node.js  node  nooelec  note  npx  number  numbers  nvm  ocean  of  office  office365  on  onewheel  open  optics  option  or  outlook  oven  pacific  pacifica  paper  parakeet  park  passive  pelvic  pentesting  per  performance  phev  photo  photography  picker  playback  plugin  population  port  power  powershell  presence  price  print  processing  product  protocol  proximity  purplemath  python  python2.7  quadcopter  query  racing  radio  rangeexpression  ranges  ranging  rdfs  react  recognition  records  recovery  recuperator  reduce  reference  remote  repair  reports  research  resistor  restaurant  rete  rf  rf_beleg  rfc1918  router  rows  rtl-sdr  rtl2832u  ruby  sap  scanner  scope  script  search  security  semantics  semver  sensor  shadow  shooting  shopify  show  signal  signature  siobhan  slider  sma  smart  so  solr  space  specs  sql  stackoverflow  statement  std  stl  store  stove  stroke  style  subset  subwoofer  sum  superheterodyne  surveillance  svg  swift  syntax  table  tags  tata  technology  temperature  template  the  through  tick  tilde  tilt  time-of-flight  time  tips  to  tolearn  tool  toread  tounderstand  transitive  trap  tuning  turbine  tut  tutorial  two  typescript  typography  uav  ui  unicode  url  validation  values  vba  version-manager  version  view  visit  vulnerability  w3c  wan  wavelength  web  webdesign  webhistory  whalley  what's  wifi  wired  wireless  wolf  xtr  | 

Copy this bookmark:



description:


tags: