1. A single known ip address that redirects to the closest internal repo server. 172.16.0.0/32 redirects to a usable subnet ip in 172.16.xx.xx by static route.
2. Internal private network that is reachable by clients.
server. 172.16.0.0/32 redirects to a usable subnet ip in 172.16.xx.xx by
static route.
Hi Ryan,
Maybe if would help if you write the extended version because that's about
as clear as mud. First you asked about routing. Now you imply HTTP.
Regards,
Bill Herrin
I'm not implying HTTP, I'm implying a static route at each sites private layer 3 router (it'll move to BGP in the future). The repository server listens on the IP as well.
My original question was the fact of using 172.16.0.0/32 as a usable IP address (not even caring about anycast).
I'm not implying HTTP, I'm implying a static route at each sites private
layer 3 router (it'll move to BGP in the future). The repository server
listens on the IP as well.
My original question was the fact of using 172.16.0.0/32 as a usable IP
address (not even caring about anycast).
Internal private network that is reachable by clients.
Hi Ryan,
Clients meaning employee computers or clients meaning other networks who
subscribe to your service and connect with a VPN?
The the former, save yourself grief and use a different /32.
For the latter, it's semi-clever. It neatly avoids the problem of customers
using the same RFC1918 addresses as you. Even if they're using a subnet
like 172.16.0.0/24, a /32 route can usually override that one address
without ill effect.
It's only semi-clever because the .0 address is a corner case in the code
and corner cases are where bugs are most likely to happen. And if you're
sending clients from that address to another host with a regular 172.16
address anyway...
Regards,
Bill Herrin
why not use 192.0.2.0/24 addrs?
lots of other ranges you could probably use safely.
https://en.wikipedia.org/wiki/Reserved_IP_addresses
Using .0 you're asking to exercise bugs and undefined implimentation choices
of various tcp stacks and resolvers out there on myriad devices. Clever collision
avoidance, but relies on a prayer.
(IIRC try setting an NS record to resolve to 127.0.0.255 on windows 95 - it
used to lock the OS up.... fun times. Someone had pointed some popular domain
at us by accident, and having no entry and no negative caching of the day
meant we were being hammerred on our 10mbps uplink, had to set something to
get cached, so we did... several hours later a microsoft engineer called us
and pleaded with us to use a different IP. 
/kc
why not use 192.0.2.0/24 addrs?
lots of other ranges you could probably use safely.
Reserved IP addresses - Wikipedia
Using .0 you're asking to exercise bugs and undefined implimentation choices
of various tcp stacks and resolvers out there on myriad devices. Clever collision
avoidance, but relies on a prayer.
Please stop spreading Fear, Uncertainty and Doubt about valid CIDR
addresses. 
(IIRC try setting an NS record to resolve to 127.0.0.255 on windows 95 - it
used to lock the OS up.... fun times. Someone had pointed some popular domain
at us by accident, and having no entry and no negative caching of the day
meant we were being hammerred on our 10mbps uplink, had to set something to
get cached, so we did... several hours later a microsoft engineer called us
and pleaded with us to use a different IP.
Microsoft ended support for Windows 95 on December 31th 2001....
Kind regards,
Job
Right - usage of network and broadcast addresses will suddenly make all the
ToiletPaperLink devices upgrade themselves to a new firmware that the devs
released posthaste to handle them properly...
I like your upgrade-by-force ideas! (no, I do. Screw bad implimentations, let them
be binned!) (Tell me about your v6 adoption plans now.)
The Win95 thing was just a personal example of how these things can express
themselves... was a good laugh at the time. The incidence and hilarity of
similar events has not materially changed in the intervening decades, we'll
all note.
Have fun with your .0's people! Let us know how your support dept likes em.
/kc
In this example only semi-new devices with current OSes are accessing 172.16.0.0, concerns over old devices or a BSD4.2 machine hitting it is highly unlikely.
To clarify Ryan's statement, the device in question is our software repository where we store OS software updates, for only recent versions of software, so it should not be an issue. Since we have multiple locations, and multiple software stores, we use 172.16.0.0 as the AnyCast address.
I am glad that we have been able to stir up such a discussion, Ryan and I had the same conversation here so I am glad that he brought it to the group.
And thank god for that. Since Microsoft stopped diddle-farting with Windows 98 is was never infested with the UDP "Execute Payload with NT AUTHORITY\SYSTEM" flag that appeared in all later versions of Windows TCP/IP stack.
As Windows 98 worked on the day after Microsoft stopped diddling with it, so it will work on that day + N, for every value of N.
The most wonderful thing that can happen to a Microsoft product is that they stop diddling with it for at that point it stops being a moving target that works differently from one minute to the next. Additionally, features cannot be removed from the product as usually happens with each downgrade (I think Microsoft calls them upgrades) of the products.