2

On a bar conversation, someone told an anecdote about not being able to jump on a vpn as the private space was the same as the free wifi at the airport. And, after a thinly veiled competition of who knew more lesser known private IP ranges, Class E was mentioned and nobody had any actual evidence against it.

There are a lot of urban legends around Class E. And my limited testing found no problem so far.

So, is Class E the ultimate wireguard private IPv4 range or will I find issues somewhere?

Places i tested OK: linux5, linux6, android15, android8, juno, openbsd6 (again, only care for the private wg interface, not routing it much further than clients and maybe one router)

And yes, I know the correct answer is ipv6, but that is no fun.

gcb
  • 133
  • 4
  • 1
    Windows hosts won't talk to that address range at all. – Zac67 Nov 09 '24 at 21:53
  • oh that might be a problem. so far we only run windows virtualized, so not a problem as the host would route it for the vm. but it might impact some choices later on. – gcb Nov 10 '24 at 15:28
  • 2
    Whether you virtualize Windows or not, its IP stack will not talk to that range. – Zac67 Nov 10 '24 at 15:44
  • 1
    Most enterprise network hardware will not allow it. That encompasses much of the public internet. You can make it work locally, but you WILL run into issues with things that will ignore 240/4. (and some will think it's multicast, because they were programmed by stupid, lazy people.) – Ricky Nov 11 '24 at 12:02

1 Answers1

5

First, network address classes are dead, so there is really no Class E. You must mean the 240.0.0.0/4 address range, which is Reserved by IANA.

You could possibly use addressing in that range for experimental purposes on a network, with the caveat that there are applications and devices that refuse to work with addressing in that range. Also, firewalls and network edge routers that are properly configured will use the Bogon and Martian lists and will drop packets with those addresses, among others in the lists.

You do run the risk that IANA may redefine all or part of that range for something, and you could run afoul of that.

The upshot is that you use addresses in that range at your own risk, realizing that you may hit something that refuses to use those addresses.

Ron Maupin
  • 102,040
  • 26
  • 123
  • 202