The immeasurable SpyBlog has been doing fine work reducing the bamboozlement certain bloggers have been propagating regarding government e-mail addresses and the cash-for-peerages inquiry. (Shorter: "x.gsi.gov.uk" domains denote the top level of network security, not TEH SEKRIT EMAILS!!)
But the Spy has found something, though - as well as the netblocks assigned to Energis and C&W's Government Secure Intranet operations, there's another, PA space out of Pipex, that's registered to the "Prime Minister's Office". Some of the IPs in this block are used for the No.10 website, but not all.
I have a little theory. I can well imagine that the No.10 LAN is entirely x.gsi and secured within an inch of its life by the securigurus at CESG. Which gives you a problem when you have non-gov.uk visitors. Would you invite the CEO of Google over and not offer him any bandwidth? Quite a lot of security-minded organisations maintain segregated networks for their own purposes and visitors. For example, at a large IBM facility in Montpellier, they have not just a secure LAN and a secure WLAN, but also a nonsecure WLAN firewalled off from the rest of the system for random visitors to use.
There is of course one way to find out...