----- On Dec 10, 2023, at 12:08 AM, Christopher Hawker chris@thesysadmin.au wrote: Hi,
Starting to digress here for a minute... How big would a network need to get, in order to come close to exhausing RFC1918 address space? There are a total of 17,891,328 IP addresses between the 10/8 prefix, 172.16/12 space and 192.168/16 space. If one was to allocate 10 addresses to each host, that means it would require 1,789,132 hosts to exhaust the space.
Imagine a 20 year old platform originally built in the late 90s/early 2000s, gradually evolving to what it is today. You'll have several version of design, several versions of applications, several versions of networking, firewalls, and other infrastructure. It is so old, when it was first built, each HTTPS address required its own IP. What you end up with is your typical pod design with 40-some TORs where you allocate a /24 per IRB, not knowing how many hosts are going to end up on the hypervisor. And due to PCI-DSS restrictions, you may need multiple IRBs per TOR. And all of this in an environment where datacenters and pods are scaled based on the amount of power available, not the amount of space. Now factor in "legacy" pods and datacenters that were never properly migrated out of, an address-guzzling corporate network administered by a separate team that for some reason also needs to talk to prod and thus demands unique RFC1918 space out of the same pool, and all of a sudden that DOD space looks awfully appealing. This is how you end up with projects named "Save The Bacon". Even after very rigorous reclaiming we still ended up using close to 60% of RFC1918 space. Thanks, Sabri