Re: Where rhetoric meets reality (routing)

Subject: Re: Where rhetoric meets reality (routing)
From: Ned Bedinger <ned -at- EDWORD -dot- COM>
Date: Fri, 18 Jun 1999 02:31:23 -0700

At 11:20 AM 6/17/99 -0700, Joe Schrengohst opined:


>If you put real IP addresses (your own, someone else's, or a "made up" but
>real address), there's some idiot out there that's not only going to
"ping" it,
>he's going to try all the latest "security breaches" to see if he can get into

Unbelievable but true, I know. This responsibility appears to transgress my
professional commitment to delivering lucid, concise examples for people
who are learning complex things, who also might do something wrong if I am
not careful to say things clearly. I really depend on a normal curve to
find the audience, and I try to catch the flyers too, but the
criminal-class student seems far away to me. I can't afford to be flippant
about this professionally, but the fact is there are mad dogs and hackers
everywhere, who is responsible for them?

>the site, bring the site down, or otherwise create havoc and hostility. The
>liability the publisher of the manual could face for using a "real" IP address
>isn't worth the added "realism" for the reader.

Eric conjured an interesting idea: invent networks out beyond 255. He
didn't exactly endorse it as an alternative, but I like it for going
outside of the box. Creative solutions seem practical in comparison with
the big hammer approach of overloading private addresses with
Internet-routable properties. I mean, that is one corrupt practice! Where
does it leave us when the topic turns to e-commerce sites? Will we just
keep on pretending that we do all that on our private WAN? What I feel
like I want to build into the documentation I think of it as dependability,
or something more like "accuracy" than "realism". (Boy, I'm tired, someone
let me know if I've succumbed to semantic diversions.) I think the fake
names thread is about realism, but this is different from that).

>If you have a real router and real IP addresses of your own, then using the
>examples and substituting your own IP addresses shouldn't pose a problem.
>The manuals you refer to should have explained what real IP addresses are,
>what they look like (dotted decimal format), but they should NEVER EVER
>use anyone's actual IP addresses.

Wow, it finally dawns on me. Accuracy won't add anything because the
documentation is for people who know all about 32-bit IP addresses in 4
8-bit octets. When they see a characterised as an
Internet-routable address, they don't go back and re-read it to make sure
they didn't miss something. They know better than to be misled because
they understand why real addresses are vulnerable, and why it is important
to mind that constraint. But can I be forgiven for thinking that docs
would benefit from treating IP addresses as data (with type definitions,
validation, etc). My rule would be (stop me if I already harped on this)
Internet-routable addresses can't be private addresses. Why choose instead
to do the disingenuous thing by making the rules plastic like a comic-book.

>And you can forget about getting "a few IP addresses set aside for examples."
>It isn't going to happen because there aren't enough IP addresses to go around
>as it is. Hopefully, IP Version 6 will cure this problem.

Now this troubles me, because the distinction between Internet and private
network is becoming more important as techniques for getting by with fewer
addresses become more practicable. But now that you mention it, the Class
A - owning organizations that I might expect to cough up those blocks are
probably the very ones for whom static addressing is so entrenched that
they can't make an economic case for the jump to NAT.

Last gasp: At Java One they talked about the internet ("ubiquitous
everywhere") and programmable appliances that would drive the density of
the network to one IP address for every square foot of the planet. IPV6 or

Edward Bedinger
Edword Technical Communications Co.
Seattle, WA

If this were merely my opinion, I'd probably keep it to myself.
My employer is not responsible for my expressions.


From ??? -at- ??? Sun Jan 00 00:00:00 0000=

Previous by Author: Where rhetoric meets reality (routing)
Next by Author: Re: Where rhetoric meets reality (routing)
Previous by Thread: Re: Where rhetoric meets reality (routing)
Next by Thread: Re: Where rhetoric meets reality (routing)

What this post helpful? Share it with friends and colleagues:

Sponsored Ads