Vyatta – open source router and firewall.

Posted on April 27th, 2009

The Vyatta open-source router firewall – Welcome to the Dawn of Open-Source Networking!

http://www.vyatta.com

If your network is growing, and you need to improve your networking skills, so you can convince your boss to commit sums of money on an expensive hardware solution – e.g. Cisco gear – try installing Vyatta linux natively onto a spare old pc with some network cards in, or use a vmware image.

Then you can practice setting up your network, however you please, all day long! =)

IPv4 Address Assignments

Posted on August 6th, 2008

A picture is certainly worth a thousand words, in this case!

———————
Matt Saunders said…

XKCD visualises the same data, in less detail:

http://xkcd.com/195/

🙂
———————

Here’s a much needed shortened version of the post

A list of all the currently (un)allocated IPv4 address blocks, can be obtained from http://www.iana.org/assignments/ipv4-address-space/ (or see the comments)

The reason for posting this before a discussing on setting up your cluster / lamp in more detail is to help you determine an IP addressing scheme for your network which fits your needs. For example, I was once under the impression that:

10.x.x.x,
172.16.x.x – 172.31.x.x, and
192.168.x.x

were the only network IPs that could be used on private IP networks. However, if you really wanted to, it’s technically feasible that you could run a 1.x.x.x and a 2.x.x.x subnet on your back-end network (nb If you are in any doubt at this point, stick to using one of the ranges shown above) The reason is that there still exists some blocks marked as unassigned or reserved by IANA.

WARNING!! You should definately bear in mind that the reason for it being ill-advisable is that these address blocks could be reclaimed by the IANA in the next couple of years for use as the IPv4 addresses run out!! (eta 2010)

NOTICE!! You should also ensure that they are never directly connected to or routable over the Internet in case you cause a conflict with a valid assigned user now, or at a later date!

EXAMPLE: I sometimes use the Hamachi VPN client (and HamachiX frontend on Mac OS/X). When I join a ‘network’ by name, my client is assigned a unique 5.x.x.x IP address, and other machines on the same ‘network’ name appear as if they were on the same LAN segment with their own 5.x.x.x addresses, when in fact they could be across the Internet and on the other side of the globe. (The private 5.x.x.x addresses are tunnelled over/encapsulated inside the VPN to each endpoint, and are not ‘directly’ routed).

BTW, IPv4 addresses are really just 32 bit integers ranging from 0 to 4,294,967,295 !