
What are these 100.x.x.x addresses? - tosh
https://tailscale.com/kb/1015/100.x-addresses
======
crawshaw
It is surprising to see this here, but I see how it could be interesting. When
we were experimenting very early on with Tailscale I went Googling around for
IP ranges just to understand the space better and that was when I first
discovered CGNAT.

It took a bit of digging through RFC6598 to realize that, if it's only being
used properly (and I had never seen it used directly), then it would be
generally available for an overlay network.

Since then we've run into a couple of other edge cases where people are using
CGNAT. More reason for us to get our IPv6 support sorted out.

~~~
isaack
I don't think Tailscale's use of 100.x.x.x address space conforms with the
RFC, but I don't think that there are any better alternatives out there. Do
note though, once people start abusing the 100.x.x.x space, it will become
"just another private IP space" and lost its significance:

RFC6598 requires that, when used as a routable address, the device must be
able to do address translation across router interfaces when the addresses are
identical on two different interfaces.

[1]:
[https://tools.ietf.org/html/rfc6598#section-4](https://tools.ietf.org/html/rfc6598#section-4)

~~~
tlynchpin
CGNAT block is popular in private k8s as overlay network address space because
often the enterprise network already claims rfc1918 blocks. I'm not sure how
close to the line that kind of usage is but I suspect it is SHOULD NOT.
Speaking of, I probably should not even post this comment as it will now be
indexed and served in search results, further contributing to the corruption.
Alas, it works.

------
rurcliped
> We are considering using other unused address ranges, including the
> otherwise wasted 0.x.x.x

0.x.x.x is currently incompatible with WordPress:
[https://github.com/WordPress/WordPress/blob/641c632b0c9fde4e...](https://github.com/WordPress/WordPress/blob/641c632b0c9fde4e094b217f50749984ca43a2fa/wp-
includes/http.php#L558)

To put it another way, 0.x.x.x and 100.x.x.x don't have equivalent properties
in WordPress. 0.x.x.x is blocked in some cases to prevent SSRF attacks.
100.x.x.x is considered a "normal" IP address.

~~~
ktm5j
But this would be trivial to fix, no?

------
api
IPv4 address space is too small, exhibit #34138408340314.

