local network

i mentioned earlier that i had tried the traceroute scan on the institute's local network. i had, but it was so dense that trying to look at the graph caused nmap to die. i did it again today, but carefully collapsed the densest nodes, so i could see the 'backbone' of the network. what i saw was interesting, and implies that my thinking was kind of mistaken.

i had been thinking that i would be looking at the institute network - that the institute must have set up a local 192.168 network within the Harvard system, and that by scanning that prefix (up to 192.168.36.255, which was where addresses seemed to stop existing) i would get back a picture of the institute network. instead, i saw that the scan went out into the Harvard 128.103 network, then back into the local network. I think this may have been scanning into systems outside of the Institute, and except for the hosts themselves (on the other side of the Harvard nodes) i got back no IP info, so couldn't see the structure. what i could see was that hosts with names on my side of the Harvard nodes all were associated explicitly with the institute (having the institute initials in the hostname), while those on the other side did not.

but, from institute out, i could see that there's a single way out of the institute network, connecting to two nodes both named something like 'core' (i don't have the scan here at home to look at). one of these led into many, many other private network hosts along those blind pathways, and so did the other, along with leading to the node that exits the system into NOX, or level3, or wherever the localhost is pointing.

so, point is, a traceroute to another address with the same prefix as the localhost may not traverse only other hosts with the same prefix. i had assumed that the 192.168 network was somehow self contained, that any hosts i saw within it must be linked through other 192.168 hosts. apparently this isn't necessarily how it works. i have more to learn.

(actually, i had noticed this last week, in scanning my comcast prefix - i found other systems separated from me by large interchanges with different prefixes (but prefixes common to other interchanges), but themselves having the same prefix as mine. i didn't understand it at the time, but forgot about it. this bugged me more, probably because of the 'private network' label attached to 192.168.)