I am not surprised. Private networks conflicting with each other has burned me before. So they are probably using a range that technically breaks the Internet, but in practice, doesn't break their customers' internal networks. Horrifying on some level, but no doubt necessary to sell an enterprise product.

I had some troubles with AWS when I created a VPC private subnet that happened to conflict with an internal IP range used by Docker. (You can change that, but not if you use their managed k8s offering. At the time it made sense, but, upon further reflection, I am baffled as to why Docker needs IP ranges outside of what the k8s CNI gives it. But I can assure you -- stuff broke in exciting and fun ways!) It was at that point I realized we had to have some central management of "internal" IP addresses, just like the IANA but for internal addresses. We were an ISP, so we already used Netbox, and it ended up being quite straightforward. Plus, the documentation was great -- you would see a connection from 10.42.123.8, look it up in Netbox, and see "oh that's the management network in NYC-FOOBAR-42".

Anyway, be careful about private subnets. Someone else already has a private subnet with that IP range, and those two networks can never talk to each other. No doubt, some Hamachi customer ran into this problem at some point in the past ;)

It is possible to have those networks talk to each other using bi-directional 1:1 NAT, but it will almost certainly cause you far more trouble than it is worth. I have done it, and I don't recommend it.

TIL: https://networkengineering.stackexchange.com/questions/35958...

100.64.whatever was defined in 2012, which is like yesterday in internet terms. Hamachi is much older than that.