Publc wifi weird setup?

[PornoSatan]

What type of network configuration is this? I connected to a public wifi recently and was curious on how it was configured. After acquiring my IP, the netmask was set to 255.0.0.0 and I was given an IP with 10.x.x.x, with x being anywhere from 0-254. So for example I had 10.178.54.12. The gateway was 10.128.128.128. The mac address manufacturer was Meraki, so presumably it was a Cisco Meraki. I'm not familiar with them, but was curious on why it was handing out weird ip ranges. The only thing I could think of is it's a security measure to isolate clients from each other, or is there another reason?

It was also running a captive portal of sorts that only seemed half functional. It would redirect HTTP requests to the agreement, but not HTTPS requests.

Anyone know what the hell was going on with this thing?

 

[Liger88]

What kind of public Wi-Fi was it? Like a college campus or mom and pop shop?


People go a little freakin crazy with the 10.x.x.x range. My own college loves to go ape shit breaking practices "just because". I guess it comes with the idea that if you have millions of private IP's for free that you'll NEVER need then whats the point of good practice over easy to remember.

 

[goodcooper]

10.x.x.x isn't a "weird ip range" lol it's private space...

 

[Jay_2]

10.0.0.0 / 8 is fine, nothing wrong with that.

 

[DermicSavage]

You were connected to a Meraki access point that was likely running in NAT mode for that SSID. The AP runs NAT on all connections on that pubic SSID through its wired interface.

The advantage this has is that Meraki has an "easy mode" option to isolate all traffic from touching the company's private network while still proving pubic access, without the need for VLANs or firewalls.

The ip addresses you are pulling are perfectly normal, but I just worked with weigh Meraki gear that I can tell how it's being configured.

 

[PornoSatan]

10.x.x.x isn't a "weird ip range" lol it's private space...

That's not why I said it was weird. I meant it was weird because it's a small shop running on a class A 255.0.0.0 with 16,777,214 possible IPs rather than the more regular class C

 

[Jay_2]

Just personal preference, nothing wrong with it.

 

[Quartz-1]

It's very common to use one private address range for company use and a visibly different one for customers / clients.

 

[/usr/home]

That's not why I said it was weird. I meant it was weird because it's a small shop running on a class A 255.0.0.0 with 16,777,214 possible IPs rather than the more regular class C

No such thing as classes anymore

 

[PornoSatan]

Just personal preference, nothing wrong with it.

So with their setup, would there be any problems with 10.128.99.84 talking to 10.64.88.45 or would they need additional routing to make that happen?

 

[Jay_2]

There would be no issues assuming its a flat network.

 

[PornoSatan]

There would be no issues assuming its a flat network.

Ok then 192.168.1.20 trying to talk to 192.168.2.23 would only run into problems if they were on separate subnets ie they had different subnet masks?

 

[Jay_2]

If it was 255.255.255.0 then you would need routing if you used 255.255.0.0 then you should be able to ping either address.

 

[PornoSatan]

If it was 255.255.255.0 then you would need routing if you used 255.255.0.0 then you should be able to ping either address.

Mhmmm. I think I need to learn more about subnetting then. I just assumed in my OP that none of the IP's could talk to each other.