I'm doing some research on users connected to Internet via cable operators and I've seen some unusual route traces.
A bit about setup:
Basically user has a home router connected to a DOCSIS modem. The router seems to receive a public IP address from the modem for its WAN interface using DHCP, but when traceroute is done, there is a number of routers in the path which have private IP addresses.
Example traceroute output:
Tracing route to google.com [5.22.190.25]
over a maximum of 30 hops:
1 3 ms 1 ms 1 ms 192.168.1.1//This router has public WAN address
2 10 ms 12 ms 8 ms 10.14.0.1
3 11 ms 19 ms 9 ms bg-he-m-1-pc2.sbb.rs [89.216.6.94]
4 12 ms 11 ms 11 ms bg-he-m-1-pc2.sbb.rs [89.216.6.94]
5 12 ms 11 ms 12 ms cache.google.com [5.22.190.25]
Trace complete.
I've seen some examples on other providers as well which use the 176.16.0.0/12 addresses. The private addresses are always right after the user's CPE.
Some of my thoughts on this:
As far as I understand it, it shouldn't be possible to route private addresses over public Internet and all routers on the Internet should drop packets with private IP address destinations. I'm aware that the routers with private addresses here are in ISP's network, but I still don't understand how this all works.
I expect that there is some sort of tunneling involved, but I believe that in that case only tunnel endpoints would be visible. The other option would be carrier grade NAT. I'm not sure how that would look like. From what I've heard (but I could be wrong), in CGN systems, users usually can't directly access the Internet and can't be directly accessed from the Internet. In setup I've seen, I can connect to user from the Internet using its IP address normally.
After this rather long exposition, I've come to point where I should present the actual question:
I'd like to know which technology is used here to enable such a setup? A little bit about architecture and some keywords for Google would be helpful as well.
Best Answer
There is no tunneling. This is completely normal. With IP routing you are concerned about the source and destination address which doesn't change unless something is NAT'd. If a router in the middle has an RFC1918 address that's fine as it can still forward transit traffic as again the source and destination is unchanged.
Each router will simply reply to the source with their own directly connected interface address. The 10.14.0.1 above is not being routed over the internet, it's simply the device that is attached to the CPE on the WAN side.
There is no magic technology being used. It's pure standard routing.