I am wondering what is best practice for using IP addresses in publicly available reports, e.g. bug reports, if I don’t want to use the actual one for privacy reasons and don’t want to confuse people who actually want to help me.
I considered addresses from the TEST-NETs, see RFC 5737:
192.0.2.0/24 - TEST-NET-1 198.51.100.0/24 - TEST-NET-2 203.0.113.0/24 - TEST-NET-3
But it is not clear for me what this paragraph means:
RFC 5737, section 4:
Addresses within the TEST-NET-1, TEST-NET-2, and TEST-NET-3 blocks
SHOULD NOT appear on the public Internet and are used without any
coordination with IANA or an Internet registry [RFC2050].
Does that mean, one should use it only for in-house documentation or no device should appear on the Internet claiming has one address from the test nets?
The other option is to use private IP addresses, e.g. from 10.0.0.0/8.
Anything else?
What is considered best practice?
The latter — no device on the Internet should use one of those IP addresses. Documentation published to the Internet could and should use them.
I was confused at first, because I thought you were talking about RFC 1918. It specifies the private IP address ranges that I am very familiar with:
But RFC 5737 is different, using IP address ranges I have never heard of.
The purpose of setting aside these IP networks for use in documentation, is to ensure that documentation (such as documentation showing how to use NAT software) will never use any IP address that could ever be in use anywhere. That is, not on the Internet and not on any private networks. This way, if someone accidentally ran one of those example commands by doing a copy/paste from that documentation page, it would have no effect on any real networks.