What's new

Private IPs going out to WAN?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Ydnaroo

Regular Contributor
Hi. RT-AX86U with 386.3.2 connected to BT FTTP ONT. Full reset using WPS button method, access and WiFi usernames and passwords set and connection details set on WAN page, nothing else has been changed. If I do a traceroute to random private IPs in the 10.0.0.0/8 range or IPs in the 192.168.0.0/16 range (except the router 192.168.50.0/24 subnet) the trace seems to go out onto the WAN to what I assume are gateway servers. Is this normal? I'd expected these to be stopped at the router. Example:

Screenshot 2021-08-08 134545.jpg


Traces to unused IPs in the 192.168.50.0/24 range stop at the router. Traces to private IPs in the 172.16. 0.0/12 range seem to go nowhere. Tracerts from a command prompt window give the same result on all ranges. Any info appreciated. (Apologies if this is another dumb question. :confused:)
 
Your router knows what scope is local either by dynamic routing or static routing.
Any other ip it does not know about has whats called a "default route" which goes out you wan interface.
If i dont know about it, send it to my gateway, which is your isp link.
Also, many isp use the private scopes but dont advertise them tonthe world. Similar to your home network. Not exactly the same but a in broad sense.
I work for Charter and was a network engineer here for 5 years before getting into mgmt.

Without getting too deep i can tell you for a fact that much of the CMTS infrastructure uses 10.x.x.x among other private ip ranges.

Bad things happen when carriers accidently leak private and bogon routes. It happens from time to time. Usually human error during a maint.

You could configure the firewall to block all rfc1918 and bogon scopes at the edge but there really is no reason for a home user to worry about that.
 
Thank you very much for that. I'm aware of CGNAT in the mobile world and seem to recall reading that some ISPs in the UK have been using Cat A 'private' IPs for broadband connections. Now you've pointed it out it makes sense. Understand how cockups could make things interesting! Thank you again.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top