IT Network Documentation - IPv4/v6 Public Facing addresses

Ben Fairless made this Freedom of Information request to Department of Home Affairs as part of a batch sent to 29 authorities

This request has been closed to new correspondence from the public body. Contact us if you think it ought be re-opened.

The request was successful.

Dear Department of Immigration and Border Protection,

I am writing to you to request information pertaining to your Information Technology infrastructure.

Namely, I am after records detailing the IPv4 (and if relevant,
IPv6) addresses used to access the public internet from within your network.

To clarify, these are the public facing addresses of your private network. I am only requesting addresses that are used to access the general public internet.

In addition, if it is such that a particular IP address serves a
particular area within your department (for example, one IP address is used for Media Relations, while another is used for Ministerial Communications), I also request access to this information.

To assist you in locating this information, I suggest it would be found in network documentation, or at the very least in configuration files of your
router and firewall equipment.

Please do not hesitate to reply if you require clarification to
fulfil this request.

I look forward to your response.

Yours faithfully,

Ben Fairless

UNCLASSIFIED

Dear Mr Fairless,

The public facing IP address for the department is 164.97.0.0 It is the address used to access the 'general public internet'. There is no specific IP address for National Communications (I believe you referred to them as 'Media Relations'), or Ministerial within the Department. They all use the above.

Please see the below links, which will confirm the IP address for the Department:

http://whatismyipaddress.com/ip/164.97.0.0

http://www.ip-secrets.com/land.php

Can you please advise if this is the information you are seeking? If so, would you consider withdrawing your FOI request?

Regards

Steven Hocking
Assistant Director
FOI & Privacy Policy Section
Parliamentary & Executive Coordination Branch | Immigration and Border Protection Portfolio
T: 02 6264 1007
E: [email address]

show quoted sections

Ben Fairless left an annotation ()

I would really appreciate some help from the RTK community on this. I find it odd that there is only 1 IP address for the entire department... Is that possible?

Alex Sadleir left an annotation ()

Don't worry. It's actually shorthand to mean the whole 164.97.[1-254].[1-254] range is assigned to DIBP.

However, could the RTK lazyweb help me with a related question - if you search for "Department of" rather than an IP address on http://wq.apnic.net/apnic-bin/whois.pl you get quite a number of Australian government agency contacts. How do you trace back from those contact details to the IP ranges? There's a Department of Parliamentary Services contact in there!

Peter Lawler left an annotation ()

At first, DIBP say they use one address.

Then (as per Alex's annotation) they indicate there are 256^256 possible addresses that they use.

These two statements cannot simultaneously be true.

Further I believe they've given you a network address, or allocation, of what would be used to face the public rather than IP addresses of which systems actually face the public. The information given to you is publicly available anyway so that proper routing can take place http://bgp.he.net/AS38470#_prefixes They've not actually answered your query.

NOTE: This is all for IPv4 address notation. They've not provided you with any requested IPv6 information.

Dear Steven,

Thanks for the Information provided.

It would appear that "164.97.0.0" is actually shorthand to mean the whole 164.97.[1-254].[1-254] range (256^256 possible addresses!). Your response also doesn't address IPv6 addresses.

Therefore, I would like my request to stand. If it assists the Department further, I want only the Public IPv4 and IPv6 (if applicable) addresses that are used by Departmental staff to access the internet. I don't require, for example, the IP address of the Department's website.

Regards,

Ben Fairless

Ben Fairless left an annotation ()

Thanks Peter and Alex, I've used that information to respond to Steven. Hopefully the answer will be a bit more restricted!

UNCLASSIFIED

Dear Mr Fairless,

Thank you for your email.

In your request you sought:

"Namely, I am after records detailing the IPv4 (and if relevant, IPv6) addresses used to access the public internet from within your network."

I did not address IPv6 in my response because it is not used to access the public internet from within the DIBP network. Therefore, it is not relevant. I hope this clarifies things for you.

Regarding the proxy servers used to access the public internet, they are:
164.97.245.84 - hostname is proxy1.sgs.immi.gov.au and
164.97.246.84 - hostname is proxy2.sgs.immi.gov.au

Can you please confirm if this is the information you are seeking? If so, you may wish to withdraw your request. If not, the department will process your request.

Regards

Steven Hocking
Assistant Director
FOI & Privacy Policy Section
Parliamentary & Executive Coordination Branch | Immigration and Border Protection Portfolio
T: 02 6264 1007
E: [email address]

show quoted sections

Dear Steven,

Assuming that those are the only IP addresses that would appear on internet traffic from Departmental workstations, I'm happy to consider this query resolved.

Thanks for your prompt reply in dealing with this request, it is appreciated.

Regards,

Ben Fairless

Peter Lawler left an annotation ()

Going out on a limb here but I suspect the email from the department originated on a public facing server that doesn't have either of those IPv4 addresses. However, I'd need access to the RTKorg email logs to have any form of certainty on this.

Ben Fairless left an annotation ()

I wouldn't expect the email server and the proxy server to be the same..... I present a different IP address when browsing as the mail server at work.

I do have access to the RTK email log, and the sending server was 164.97.24x.x (removed the whole IP address).

Alex Sadleir left an annotation ()

Peter accidentally answered my question! http://bgp.he.net/search?search%5Bsearch...