1

I recently noticed something odd while performing traceroutes from my home network, and its made me wonder as to the architecture of my ISP's network.

My home network uses 192.168.0.0/16 addresses (192.168.0.0/24 to be exact). When I perform a traceroute from my home network, the first three hops are:

  1. My home network's gateway (192.168.0.1).
  2. A 10.0.0.0/8 (i.e. RFC1918 private address), seemingly indicating that the near-side interface of the first hop in my ISP's network is using private addresses.
  3. A public IP address, which I've confirmed is allocated to my ISP's ASN.

A bit of poking around has confirmed to me that I can receive responses from tens of thousands of 10.0.0.0/8 addresses, presumably the home gateways of other customers of my ISP.

When I look at the settings of my home gateway, I find two things:

  • Its external IP address is not a 10.0.0.0/8 address, but rather a public address part of a range allocated to my ISP, and
  • Its gateway (the address of its next hop) is also a public IP address allocated to my ISP and not a 10.0.0.0/8 address.

My suspicion is that my ISP is using carrier-grade NAT and assigning its customers 10.0.0.0/8 addresses. I'm wondering:

  • Does this indeed seem to be whats happening?
  • If so, why is my home gateway assigned a public IP address rather than a 10.0.0.0/8 address, given that the near-side interface of the next hop has a 10.0.0.0/8 address?
PriceHardman
  • 111

1 Answers1

0

Its doesn't look like carrier grade NAT - Carrier Grade nat is supposed to use 100.64.0.0/10.

Further than that, its a crap-shot as to what the ISP is doing without more information. It may be they have assigned a large number of 10.x.x.x addresses for management of CPE devices or roadside cabinet equipment.

It could also be a device on their network - possibly a misconfigured one, or maybe a legitimate one of a number of routers set up to handle failover.

Community
  • 1
davidgo
  • 73,366