I mean... yes. And then there's the real world where your parent company has bought a dozen small companies over the years who have things spread across all of the 1918 ranges and you're setting up VPNs and static NAT and RIP and IS-IS paths and... you just do something easier. It's not a _good_ idea, but it's definitely a thing that happens (fortunately, for me at least, it's been a good long time since I've had to deal with that brand of network badness).

In a perfect world where everyone used IPv6 ULAs this would be a solved problem. I wonder if we will ever get there

There's probably some group of network operators out there who decided amongst themselves that it'd be cheaper and easier to squat the dod ranges when shuffling traffic amongst themselves, than having to wrap each packet with a tunneling header. Or who knows maybe some third world dictator told their isps to use the dod ranges because they mistakenly assumed it would isolate their nation's traffic from the rest of the world. It's a real shame that the linked article doesn't divulge what's actually happening.

The DOD owns all IPs starting with 6, 7, 11, 21, 22, 26, 28, 29, 30, 33, 55, 214, and 215. To a network operator who spends his day filling out forms explaining why he needs each and every /32 I imagine it must make you feel like someone who spends half his income to live in a tiny crumby apartment in a city surrounded by vacant unsecured mansions. The owners of these mansions haven't set foot in them for thirty years. So surely it must be safe to just move in right?

Wait. One of my last actions as the DISA.MIL Technical POC was to turn one of those Class-A network ranges back into the NIC. I thought it was 21/8?

You mean they never actually turned that one back in?

Dang it! I thought that was one of my minor successes during my time in that role.

;(

49/8 and 50/8 were returned by DoD in the late 90s if that is what you are thinking of.

I was going to suggest 240 and up but apparently Windows will flat-out reject those addresses for any use.

Some corporations have exhausted the RFC1918 address space. After exhausting that they tend to fall back to the space allocated to CGNAT. And once that is finally exhausted they tend to fall back to privately used public IP addresses (PUPI addresses). We allow all of this on GCP in our VPCs: https://cloud.google.com/vpc/docs/vpc#valid-ranges

The problem is that every one reuses the same RFC1918 space and this becomes a problem when you join them all together. For instance I discovered this year there is a electronic payments processor here in Australia that uses the 29/8 space. I'm doing a project for a large retail company that has to route payments to lots of providers. Each one has a different way of handling the conflict - either through properly registered public space, or through NATting to their own or the customers space. I did raise the issue that 29/8 was now actually routable on the internet, and maybe the provider should pick another strategy. But I don't think they see it as an issue mainly because these networks are quite closed and separated from regular internet space

Formerly. But now we have wide v6 adoption so there is much less incentive to use ambiguous addresses given the security, monitoring, internetworking, complexity etc costs & risks.