
Anybody know why 240.0.0.0/4 is not used? - PugCPC
We have figured out a scheme to use it in a newly created layer of cyberspace between the current public and private networks, thus avoiding the legacy issues. A proposal nicknamed EzIP (phonetic for Easy IPv4) has been submitted to IETF:<p>https:&#x2F;&#x2F;tools.ietf.org&#x2F;html&#x2F;draft-chen-ati-adaptive-ipv4-address-space-03<p>EzIP can establish stand-alone &quot;sub-Internets&quot;, each from one IPv4 public address to serve a region with population up to Tokyo Metro or 75% of the countries on earth. The sub-Internet configuration can realize the CIR (Country-based Internet Registry) model proposed by ITU several years ago, without establishing the CIR organization. If a government is not interested, private enterprises can make use of it to provide &quot;Local Internet&quot; services. Either way, it will be an option for consumers may to choose from for an more open competitive environment.<p>Thoughts and comments will be much appreciated.<p>Abe (2018-09-17 12:12)
======
LinuxBender
240/4 is not globally reachable, so you can certainly use it in your org if
you are not already using it for any multicast applications. [1]

This could vary wildly from company to company so there is not a universally
correct answer here.

[1] - [https://www.iana.org/assignments/iana-ipv4-special-
registry/...](https://www.iana.org/assignments/iana-ipv4-special-
registry/iana-ipv4-special-registry.xhtml)

~~~
icedchai
Not necessarily. Some OSes will not allow you to assign unicast IPs in that
space. You may not even be able to route it locally.

~~~
LinuxBender
For sure, people may have to configure systems and routers to allow this.
People would also have to ensure they don't accidentally leak routes for this.
That happens from time to time. I'm just saying it would be fine to use this
if you are not already using it internally for multicast applications.

An example of vpn's that already do this with routable IP space is the LogMeIn
Hamachi gaming VPN [1]. It uses 25.0.0.0/8 (Ministry of Defense). Gamers don't
need to talk to the MoD, so that VPN implements it locally on each PC. You can
take over address space of anything you know for certain you won't need to
talk to, ever.

[1]
[https://en.wikipedia.org/wiki/LogMeIn_Hamachi](https://en.wikipedia.org/wiki/LogMeIn_Hamachi)

Avoid using that VPN btw, super insecure and dangerous. You bridge your PC
with lots of potentially infected PC's. I am just linking as an example.

~~~
icedchai
240.0.0.0/4 is a bit different, however. It is "reserved" (class E) space, not
multicast, and some OSes are hard coded to not even allow its use. My
understanding is newer OSes have relaxed these restrictions.

~~~
LinuxBender
I could imagine HPUX 10.x not allowing that. They followed all manor of
optional RFC's, then later added options to disable the checks for some of
them.

Somewhat related, I used to blackhole 169.254/16 (zeroconf) on our linux
images. Then people started using that in AWS and could not reach their
internal API's. They route that network internally.

~~~
icedchai
Ah yes, EC2 uses 169.254 for the "metadata API." Basically, an internal
network that allows a host to retrieve its own configuration data. I can see
how that denying that would cause problems!

