Help: HOWTO buy IP address blocks from ARIN?

John Abreau jabr at blu.org
Tue Jan 13 14:30:27 EST 2015


You mentioned that 1k addresses go to a main-office LAN. I'd put all of
your fixed infrastructure on the main-office LAN, and host the vpn servers
there.

Granted, using a single IPv6 block instead of multiple RFC1918 blocks would
be far less of a headache to get working.

On Tue, Jan 13, 2015 at 2:21 PM, Joshua Judson Rosen <rozzin at hackerposse.com
> wrote:

> On 2015-01-13 13:45, John Abreau wrote:
>
>> If I were doing it, I'd consider setting up several redundant vpn servers.
>>
>> RFC1918 defines three private address blocks:
>>
>>      10.x.x.x/8
>>      172.16.x.x/12
>>      192.168.x.x/16
>>
>> I'd start with 3 vpn servers, each using one of these blocks. Odds are
>> one of
>> them would work at a given customer site. Maybe throw in a fourth one
>> with a
>> small pool of public addresses for the hypothetical pathological cases
>> where the
>> customer is using all three private address blocks.
>>
>
> And what subnet would you put all of your fixed infrastructure on to
> guarantee
> that hosts coming in through all of those VPNs can actually route to it?
> And to each other?
>



-- 
John Abreau / Executive Director, Boston Linux & Unix
Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0x920063C6
PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23  C2D0 E885 E17C 9200 63C6
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20150113/065409d1/attachment.html 


More information about the gnhlug-discuss mailing list