I have been posting a lot on Twitter recently about RFC's and I get a lot of questions from people about what they are, why they matter and why should anyone care.
This post is an attempt to explain all that and then focus on just two of them RFC1918 and RFC 5737.
First what is an RFC and a little bit of history.
RFC stands for "Request For Comments" that are basically memorandums from the technology community to document how things should work and for people to comment on them till a somewhat standard is agreed on how things should be done.
RFC's started in 1969 as part of the ARPANET project (the birth of the internet). The first ones were hard printed and distributed, once ARPANET was running they took advantage of this as a medium to share them. The very first RFC, was about "Host Software" and like all RFC's can be found here https://tools.ietf.org/html/rfc1 (there are currently as of today 8388 RFC's it is well worth spending some idle time reading through them).
The important thing to note here is that once an RFC is published it is NEVER changed or modified, only another RFC can supersede it. In fact the whole process is described in RFC2026. There are rules around what can and cant be in RFC's for example RFC2119 and RFC8174.
Right, now we know what they are and a little history, lets look at the two I mentioned at the start.
RFC1918 and RFC5737. These are very important as these define how IP addresses should be used and displayed.
I am not going into what and how IP addresses work, but hopefully we can agree that IP addresses are used to address an individual end points. What is important to understand is the concept of Internet routable and private address spaces. But we can not just arbitrarily use what ever we like where we want, or things will just break.
According to RFC1918, certain IP ranges must ONLY be used for internal private networks, this gives a segregation between private and public networks.
Here are the RFC1918 private network ranges:
10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
What this allows is for you to decide what size network your company requires and use that particular range. This is why small home systems use a 192.168.x.x range as they normally do not need more than 65534 end points (unless you have a lot of kettles and fridges on the internet!). Most importantly this means if we see any IP in those ranges we understand that it should be a private network.
So the reason for these private IPs is that if every private company wanted a network they would use up IP addresses that could be used for internet facing endpoints. In the early days of the internet this is what happened and this is why certain IPV4 blocks are assigned to a large company. for example:
126.96.36.199/8 Hewlett-Packard Company 188.8.131.52/8 Apple Inc 184.108.40.206/8 Ford Motor Company
They all have 16,777,214 internet facing endpoints, maybe more than they need for a couple of websites!
Now this doesn't seem much but there are only 4,294,967,294 IP addresses available, so if every company did this we would be limited to just 256 companies on the internet! This is why we have NAT and IPV6 was invented.
For more information on assigned /8 IP ranges take a look here - https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks
The benefit of having these private ranges defined by the RFC is that a properly set up system should never route traffic for any of those ranges to the outside world.
So now we understand that when we build a network we will have IP address that won't be routed to the internet.
But what if we have to share our network design with anyone not in the company, either for questions on how to do things better, to help troubleshoot or maybe you are in the design stage and don't know the actual IP addresses.
This is where RFC 5737 comes in. This RFC defines how to display IP addresses that are not real or needed for display purpose can be used.
So if you are in need of substituting IP addresses or designing a network use these IP ranges:
192.0.2.0/24 (TEST-NET-1) 198.51.100.0/24 (TEST-NET-2) 203.0.113.0/24 (TEST-NET-3)