Advanced Operations › Network Configuration Details › Network Addresses › Using 10.0.0.0/8 and 192.168.0.0/16 Addresses on the Public Network

Using 10.0.0.0/8 and 192.168.0.0/16 Addresses on the Public Network

CA 3Tera AppLogic installer will reject public IP addresses that overlap with the private network addresses reserved by CA 3Tera AppLogic. If you need to use those (For example, some addresses in the 10.249.0.0/16 range), contact Technical Support for a patch or field engineering code to disable the check, and see the limitations on their use described below.

By default, the TCP stack in Linux sends ARP response for an IP address the server has, regardless of whether the IP address is on the same NIC on which the ARP request was received. This may create problems when the same non-routable addresses are used on two independent networks.

CA 3Tera AppLogic has the following (version 1.2.3+):

• grid controller appliance:
  • ARP response is tied to the interface on which the request was received (/proc/sys/net/ipv4/conf/all/arp_ignore is set to 1).
• catalog appliances:
  • ARP response is tied to the interface on which the request was received (/proc/sys/net/ipv4/conf/all/arp_ignore is set to 1).
• physical server:
  • For CA 3Tera AppLogic prior to 1.2.12: ARP response is left to the default mode
  • For CA 3Tera AppLogic 1.2.12+: ARP responses are tied to the interface on which the ARP request was received (/proc/sys/net/ipv4/conf/all/arp_ignore is set to 1).

In short, this means that:

• the 192.168.{0-31}.n/24 subnets can be safely used on the public network, as long as: (A) CA 3Tera AppLogic version is 1.2.12 or above, (B) addresses that are actually in use by CA 3Tera AppLogic internally on the backbone are not assigned as the grid's controller address or as an external address used by an application on the grid; (C) CA 3Tera AppLogic doesn't need to talk with any of the conflicting addresses. For example:
  • If addresses in the 192.168.1.0/24 subnet are assigned to the controller or applications or accessed by them, they would overlap with the 192.168.1.0/24 range used by CA 3Tera AppLogicgrid number 1, so this grid number should not be configured; in this case CA 3Tera AppLogic will be able to use or access the 192.168.1.0/24 addresses as public IP addresses.
  • If the public network has a subnet 192.168.2.0/24 which doesn't need to interact with applications on the grid, CA 3Tera AppLogic grid 2 can be configured and will not interfere with the operation of the 192.168.2.0/24 subnet (but 192.168.2.0/24 addresses cannot be used as public addresses for the grid and connections from these addresses to the grid will not be possible).
  • In CA 3Tera AppLogic releases prior to 1.2.12, the 192.168.{0-31}.n/24 subnets cannot be safely used on the public network (CA 3Tera AppLogic servers may interfere with those addresses). If this is needed, upgrade to CA 3Tera AppLogic 1.2.14b or later.
• The 10.A.B.C/xx subnets can safely be used on the public network, as long as: (A) addresses that are actually in use by CA 3Tera AppLogic internally on the backbone are not assigned as the grid's controller address or as an external address used by an application on the grid; (B) CA 3Tera AppLogic doesn't need to talk with any of the conflicting addresses. For example:
  • If addresses in the 10.249.0.0/16 subnet are assigned to the controller or applications or accessed by them, they would overlap with the 10.248.0.0/13 range used by CA 3Tera AppLogic grid number 31, so this grid number should not be configured; in this case CA 3Tera AppLogic will be able to use or access the 10.249.0.0/16 addresses as public IP addresses.
  • If the public network has a subnet 10.8.0.0/16 which doesn't need to interact with applications on the grid, CA 3Tera AppLogic grid 1 can be configured and will not interfere with the operation of the 10.8.0.0/16 subnet (but 10.8.0.0/16 addresses cannot be used as public addresses for the grid and connections from these addresses to the grid will not be possible).