Earlier this week I renumbered my home network from 192.168.0.x to 10.x.x.x due mostly to my new company using the former address space for their internal networks. I was trying to get a VPN client to work at the time and figured that I'd have better luck using the 10.x.x.x network for home rather then trying to get the VPN client to work with the 192.168.x.x network. So afterwards I simply thought my ping replies from 192.168.0.100 were just some rogue box still on my network that I had forgotten to change. However, a traceroute from the IP_MASQ box just deepened my concerns.
traceroute to 192.168.0.100 (192.168.0.100), 30 hops max, 38 byte packets
1 10.4.164.129 (10.4.164.129) 32.456 ms 12.499 ms 10.893 ms
2 bb1-fe0-0-100bt.rdc1.sfba.home.net (184.108.40.206) 9.277 ms 23.973 ms 11.117 ms
3 c2-pos6-1.snjsca1.home.net (220.127.116.11) 9.627 ms 10.839 ms 9.978 ms
4 18.104.22.168 (22.214.171.124) 10.402 ms 9.371 ms 16.897 ms
5 126.96.36.199 (188.8.131.52) 25.644 ms 26.784 ms 25.380 ms
6 bb1-pos2-3.rdc1.bc.home.net (184.108.40.206) 30.024 ms 28.766 ms 31.057 ms
7 172.16.4.101 (172.16.4.101) 30.443 ms 28.734 ms 30.255 ms
8 10.0.186.62 (10.0.186.62) 43.649 ms 10.0.186.106 (10.0.186.106) 35.896 ms 45.543 ms
This was pretty much the last thing I expected to see. According to the trace, traffic is moving over all three of the reserved private network spaces. Now I realize that it's pretty common practice these days to use private address spaces behind a NAT box (I'm doing it myself both at work and at home) but I was not aware that ISPs were doing this too. My concern is as to if this is good practice on the part of the ISP and if using private addresses within the ISP's transport networks is a good idea. I admit that off the top of my head I can't see any reason to be concerned but then again I don't consider myself the expert on routing issues. When I brought these concerns to my ISP all I got from the technical support staff was:
1) You're in violation of the AUP
2) We have no security issues
3) If you continue to ask us about these issues we'll terminate your service
I've actually been pretty happy with the service and want to make it very clear that I'm not just some disgruntled customer. Quite the opposite; I'm impressed with the performance of the cable box and would definitely recommend the service to friends, etc. I was pretty surprised by their response and can't for the life of me understand why they seemed so hostile towards my questions. But I still would like some answers to my questions and if not from the ISP perhaps from K5. Is it OK to route private addresses across even a small part of the Internet?