Of defaults and bad ideas

Since CloudFlare has taken over 1.1.1.1 and 1.0.0.1, they have started pulling back the curtain on some really ugly default settings.  From router configs with hardcoded ips to really bad documentation not using the RFC5737 IPs, it’s apparent that companies great and small are bad users of the internet.

To help fight that, please use only your allocated space (either from your RIR or ISP), and for generic documentation use the correct IP space.  1.1.1.1, 2.2.2.2, and 3.3.3.3 are all valid IPs, and it’s very unlikely that you own them.

For documentation, please use the following subnets (RFC5737 and RFC3849):

  • 192.0.2.0/24
  • 198.51.100.0/24
  • 203.0.113.0/24
  • 2001:DB8::/32

In the same vein, for documentation, please use the following domains (RFC2606):

  • example.com
  • example.net
  • example.org

For internal networks, please use the following IPs if you absolutely must because NAT is awful (RFC1918 and RFC4193:

  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.0.0/16
  • fd00::/8

For internal domains, just buy a domain, they’re cheap, and .local, .dev, et al break things in unforseen ways. I recommend NameCheap as a registrar, because they stood against SOPA and PIPA when other reigstrars wouldn’t.