IP addresses
While IP addresses are public information, we again strive to not use any public routable IPs. A reason for that is we don't know the history of an IP address and have no control of how the data is being used. The safe option here is to make sure they can't be routed.
Private networks
For local networks RFC 1918 networks should be used
| Block | Purpose |
|---|---|
10.0.0.0/8
| Private-Use Network |
172.16.0.0/12
| Private-Use Network |
192.168.0.0/16
| Private-Use Network |
169.254.0.0/16, fe80::/10
| Link-Local addresses |
224.0.0.0/4
| Multicast network. Typically used for devices to locate each other behind the same firewall |
fc00::/7
| Unique Local Addresses |
ff00::/8
| Multicast Addresses RFC 4291 |
Public networks
For public networks we generally only allow TEST-NET blocks, with a few exceptions. The list of exceptions is growing so please reach out to humio_packages@crowdstrike.com if you have any additions. Generally we only allow IPs of services that are specific to an IP address, like DNS.
| Block | Purpose |
|---|---|
192.0.2.0/24
| TEST-NET-1, RFC 5737 |
198.51.100.0/24
| TEST-NET-2, RFC 5737 |
203.0.113.0/24
| TEST-NET-3, RFC 5737 |
1.1.1.1, 1.0.0.1
| CloudFlare DNS |
8.8.8.8, 8.8.4.4
| Google DNS |
2001:db8::/32
| Reserved for documentation and examples |
2001:4860:4860::8888,
2001:4860:4860::8844
| Google DNS |
2606:4700:4700::1111,
2606:4700:4700::1001
| CloudFoundry DNS |