
Hi guys, I have a set of /29 public IP addresses, out of which I need to use.. say three public IP addresses, leaving me with some three free IP addresses since /30 allows for two hosts. I wouldn't want the extra IP addresses to remain unassigned - feels insecure. What would you advise me to do with them, to prevent someone from joining my /29 subnet?? Would it be OK to use them as virtual interfaces to fill up the address space? Me.

On Thu, Apr 21, 2011 at 12:37 PM, Simon Mbuthia <simon.mbuthia@gmail.com> wrote:
Hi guys,
I have a set of /29 public IP addresses, out of which I need to use.. say three public IP addresses, leaving me with some three free IP addresses since /30 allows for two hosts. I wouldn't want the extra IP addresses to remain unassigned - feels insecure. What would you advise me to do with them, to prevent someone from joining my /29 subnet??
filter all traffic to/from these IPs at your router? BR S -- This message represents the official view of the voices in my head.

Interesting question, you need to undestand subnetting. The /29 implys that is strictly within your block and if someone was to use the IP's it means he/she is already within your territory i.e. if it is within the public routable domain as you said. If private then make sure accounting comes in handy. Now what do you mean secure? ./TheMburu On Thu, Apr 21, 2011 at 12:48 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Thu, Apr 21, 2011 at 12:37 PM, Simon Mbuthia <simon.mbuthia@gmail.com> wrote:
Hi guys,
I have a set of /29 public IP addresses, out of which I need to use.. say three public IP addresses, leaving me with some three free IP addresses since /30 allows for two hosts. I wouldn't want the extra IP addresses to remain unassigned - feels insecure. What would you advise me to do with them, to prevent someone from joining my /29 subnet??
filter all traffic to/from these IPs at your router?
BR S
-- This message represents the official view of the voices in my head. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Conservatism is the adherence to the old tried against the new untried.

When you say " to prevent someone from joining my /29 subnet", Do you mean from the LAN or outside? The /29 block is routed by your ISP to your link. Therefore, whatever IP you are not using is idle and secure. Unless someone uses it within your LAN.. On Thu, Apr 21, 2011 at 12:37 PM, Simon Mbuthia <simon.mbuthia@gmail.com>wrote:
Hi guys,
I have a set of /29 public IP addresses, out of which I need to use.. say three public IP addresses, leaving me with some three free IP addresses since /30 allows for two hosts. I wouldn't want the extra IP addresses to remain unassigned - feels insecure. What would you advise me to do with them, to prevent someone from joining my /29 subnet?? Would it be OK to use them as virtual interfaces to fill up the address space?
Me.
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

Tell your ISP to drop (would save you bandwidth - if an attack is targeted etc) it as an alternative OR create an ACL on your router. Wilson. On 21 April 2011 15:04, george <theonlydamnedavailablename@gmail.com> wrote:
When you say " to prevent someone from joining my /29 subnet", Do you mean from the LAN or outside?
The /29 block is routed by your ISP to your link. Therefore, whatever IP you are not using is idle and secure. Unless someone uses it within your LAN..
On Thu, Apr 21, 2011 at 12:37 PM, Simon Mbuthia <simon.mbuthia@gmail.com>wrote:
Hi guys,
I have a set of /29 public IP addresses, out of which I need to use.. say three public IP addresses, leaving me with some three free IP addresses since /30 allows for two hosts. I wouldn't want the extra IP addresses to remain unassigned - feels insecure. What would you advise me to do with them, to prevent someone from joining my /29 subnet?? Would it be OK to use them as virtual interfaces to fill up the address space?
Me.
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
participants (5)
-
george
-
Simon Mbuthia
-
Steve Muchai
-
TheMburu George
-
Thuo Wilson