Question on overlap-IP range within organization

Answered Question
May 16th, 2007

Imagine my internal network-organization operates using IP=192.168.1.0/24.

Imagine I have a Department-in-another-corner-of-theworld using private address range 10.0.0.0/8.

Then My-Department-US has some hardcoded devices which require IP address in the range 10.0.0.0/8 in order to operate. Such devices should be placed behind a layer 3 device (router or switch) in order to contain broadcast traffics anyway.

That said, if I let this My-Department-US connect OK on 10.0.0.8/24 and I do #ip nat inside and I translate all inside local addresses on 10.0.0.8/24 using an 'inside global' 192.168.1.0/24 do you see any technical or practical issue in which I should prevent them from using such 10.0.0.0/24 behind this layer 3 device? Just because that IP address range 10.0.0.0/24 conflicts with the Department-inanother-corner-oftheworld that should not be a technical or practical issue to prevent this? Am I right?

I have this problem too.
0 votes
Correct Answer by sundar.palaniappan about 9 years 6 months ago

It may or mayn't create problems and that depends on lot of factors. It's very hard to give a correct answer without knowing the whole topology and who is initiating the traffic etc. But, to be sure that you don't run into problems you would want NAT the users on both sides and ensure you have routes to get to the NAT IP range from the remote routers.

HTH

Sundar

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
sundar.palaniappan Wed, 05/16/2007 - 13:56

It may or mayn't create problems and that depends on lot of factors. It's very hard to give a correct answer without knowing the whole topology and who is initiating the traffic etc. But, to be sure that you don't run into problems you would want NAT the users on both sides and ensure you have routes to get to the NAT IP range from the remote routers.

HTH

Sundar

paulnigel Mon, 08/06/2007 - 21:22

hi Sundar,

how do you configure the route to point to the NATed range of IP? if I am using EIGRP, can I just add the NATed range into the EIGRP?

Thanks much,

pn

Jon Marshall Mon, 08/06/2007 - 22:19

Hi Pn

Yes, that is exactly what you do. You can add a route for the Natted address range and redistribute it into EIGRP.

Jon

Actions

This Discussion