1

I recently noticed something odd while performing traceroutes from my home network, and its made me wonder as to the architecture of my ISP's network.

My home network uses 192.168.0.0/16 addresses (192.168.0.0/24 to be exact). When I perform a traceroute from my home network, the first three hops are:

  1. My home network's gateway (192.168.0.1).
  2. A 10.0.0.0/8 (i.e. RFC1918 private address), seemingly indicating that the near-side interface of the first hop in my ISP's network is using private addresses.
  3. A public IP address, which I've confirmed is allocated to my ISP's ASN.

A bit of poking around has confirmed to me that I can receive responses from tens of thousands of 10.0.0.0/8 addresses, presumably the home gateways of other customers of my ISP.

When I look at the settings of my home gateway, I find two things:

  • Its external IP address is not a 10.0.0.0/8 address, but rather a public address part of a range allocated to my ISP, and
  • Its gateway (the address of its next hop) is also a public IP address allocated to my ISP and not a 10.0.0.0/8 address.

My suspicion is that my ISP is using carrier-grade NAT and assigning its customers 10.0.0.0/8 addresses. I'm wondering:

  • Does this indeed seem to be whats happening?
  • If so, why is my home gateway assigned a public IP address rather than a 10.0.0.0/8 address, given that the near-side interface of the next hop has a 10.0.0.0/8 address?
Improve this question
4
  • 1
    If I understand it correctly, it is similar to how my ISP does it as well... my router is assigned a 96.8.x.x address, the next hop is 10.11.0.1, then to a 24.220.x.x address and progresses through the ISP's network. This is more of a routing technique than NATing, they are just using private IP space to route through so as not too use up too much public IP address space. Remember traceroute shows you the network hops, not necessarily how the underlying routing is done.
    – acejavelin
    Commented Mar 12, 2016 at 22:19
  • Can you get traceroutes from outside your ISP back to your IP address? You can test from work, ask a friend, or try one of these tools. Does your ISP do any kind of content filtering that you know of?
    – Moshe Katz
    Commented Mar 13, 2016 at 13:32
  • Also, when you go to any website (example) that shows your public IP address, is it the same one as the address that shows up on your home gateway, or is it a different address?
    – Moshe Katz
    Commented Mar 13, 2016 at 13:35
  • Traceroute from a looking glass (e.g. lg.he.net) back to my public IP address does indeed work, showing my public IP as the last hop. I don't know of any content filtering.
    – PriceHardman
    Commented Mar 13, 2016 at 17:33

1 Answer 1

Reset to default
0

Its doesn't look like carrier grade NAT - Carrier Grade nat is supposed to use 100.64.0.0/10.

Further than that, its a crap-shot as to what the ISP is doing without more information. It may be they have assigned a large number of 10.x.x.x addresses for management of CPE devices or roadside cabinet equipment.

It could also be a device on their network - possibly a misconfigured one, or maybe a legitimate one of a number of routers set up to handle failover.

Improve this answer
8
  • 1
    That's not correct. Carrier Grade NAT is supposed to use 100.64.0.0/10, but many carriers, such as AT&T (both wired and wireless), are using 10.0.0.0/8. T-Mobile in the US actually uses addresses that belong to the US Military for their NAT.
    – Moshe Katz
    Commented Mar 13, 2016 at 0:46
  • If they are using 10.0.0.0 they are not doing carrier grade nat. tools.ietf.org/html/rfc6598#section-7. The tests would fail clause 3 "The Service Provider knows that the [RFC1918] address block that it uses to number interfaces between the CGN and CPE is not used on the subscriber side of the CPE".
    – davidgo
    Commented Mar 13, 2016 at 6:15
  • @MosheKatz Also, Carrier Grade nat makes no sense as the OP stated he has a static IP. As you voted me down, I'd be keen to see your answer.
    – davidgo
    Commented Mar 13, 2016 at 6:18
  • Where do you see anything in the question about a static IP? Also, AT&T "solved" the problem with CGN and RFC1918 address blocks by forcing customers to change their internal IP addresses. T-Mobile "solved" the problem by using USDoD addresses for theirs. If it's not Carrier Grade NAT, what would you call what is being done by AT&T and T-Mobile?
    – Moshe Katz
    Commented Mar 13, 2016 at 13:26
  • @MosheKatz - sorry, public ip, not static
    – davidgo
    Commented Mar 13, 2016 at 23:47

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .