• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 215
  • Last Modified:

Public IP addressing on an internal network

Hello all!
I have taken over as admin for a company that has built an extensive internal network on the 128.x.x.x network.  When I resolve these addresses without using a host file, I get machines, switches, and routers at the Carnege Mellon University.  My boss says it is no big deal because we are behind a firewall and we are not publishing the internal addresses.  My question, is the use of public IP's on an internal network and issue and if so, what verbiage can I use to convince my boss of that fact.  I have always built my own networks or have taken over rathe properly configured networks so I have never had to make this argument.
0
redcell5
Asked:
redcell5
  • 2
4 Solutions
 
Kent OlsenData Warehouse Architect / DBACommented:
Hi redcell5,

The biggest issue is that you can't get to the owner's of these addresses from within your network.  Your routers will forward the messages to local machines and never put the packets on the open network.

Unless everyone has a static IP address, It's pretty trivial to switch the network to private addresses.  Maybe your boss will be reasonable on this?  :)


Good Luck,
Kent
0
 
bhnmiCommented:
It is not best practices to do this. You should have a private IP addressing scheme on your internal LAN.
If you have computers in your LAN with addresses reserved for Public use it can cause conflicts should you try to access a real resource on the internet with an address that now conflicts with one on your network.
0
 
Kent OlsenData Warehouse Architect / DBACommented:
Hi redcell5,

> It is not best practices to do this.

Very true.  I know of no sane (or even questionable) network admin that would build a local network with reserved addresses that belong to someone else.


Good Luck,
Kent
0
 
fsetoCommented:
If your previous admin did this, chances are there are other issues lurking about.  It sounds like you have to have a special host file on your Intranet PC?

If that's the case, it sounds like all the PC's would be on static address?

On one hand, your boss got a point, "fixing" this would likely mean extra downtime and you're likely to buy yourself a lot of extra work.  I would recommend waiting till the next downtime to fix it.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now