IP Address Question
Results 1 to 7 of 7

Thread: IP Address Question

  1. #1
    Registered User
    Join Date
    Aug 2000
    Location
    Grand Rapids, MI, USA
    Posts
    813

    IP Address Question

    I'm going through a networking CBT at work and I have a question. Here's the part I read leading up to my question:

    Private IP addresses:
    Unlike an Internet host that requires a globally unique IP address, a host on a private network can use any valid address, provided the address is unique within the private network.

    Because many private networks exist alongside public networks, the practice of randomly taking any address is strongly discouraged.

    Three blocks of IP addresses have been designated for private, internal use 1 Class A network, 16 Class B networks, and 256 Class C networks. The internal class ranges are as follows:


    Class A is from 10.0.0.0 to 10.255.255.255
    Class B is from 172.16.0.0 to 172.31.255.255
    Class C is from 192.168.0.0 to 192.168.255.255


    You can address a nonpublic intranet using these private addresses instead of globally unique IP addresses. However, private addresses cannot be routed on the Internet backbone.

    Internet routers are configured to discard packets from private IP addresses. Therefore, to connect a network with a private address to the Internet, the private address must be translated into a public address.

    This translation process is referred to as Network Address Translation (NAT), and it is typically performed by a router.


    Okay, now my question. What does it matter what range of IP addresses I use on a private network? It's private, so it's not going to conflict with anyone on the Internet. If I need to access the Internet, the IP address being used by my computer will be translated by the router using NAT to a unique public IP address assigned to my organization. Are they saying that the router will only translate the IP address from private to public if I am using a known private IP address for my network? It seems like a router could be configured to recognize any particular range of IP addresses to be private so that it would properly translate them if someone wanted to leave the private network. Thanks.
    "Tell me, and I'll forget. Show me, and I'll remember. Involve me, and I'll learn." -- Marla Jones

  2. #2
    Intel Mod Platypus's Avatar
    Join Date
    Jan 2001
    Location
    Australia
    Posts
    5,783
    Quote Originally Posted by Pinnacle
    It seems like a router could be configured to recognize any particular range of IP addresses to be private so that it would properly translate them if someone wanted to leave the private network.
    In theory that would seem to be so. I can't speak authoritatively for the internal design of routers, but what would prevent the system you've mentioned, would be that it isn't possible to exclude wanting to connect to the same IP address on the internet as you've chosen to use on the private network. This would produce a situation where the router, which routes by IP address, can't tell which of the two same addresses a packet needs to go to. ie in this case NAT would fail.

    The chances of this actually happening are tiny, but it mustn't be capable of occurring. So using mutually exclusive IP address ranges automatically prevents the possibility.

  3. #3
    Registered User rgharper's Avatar
    Join Date
    Sep 2002
    Location
    The wilds of Northern Michigan
    Posts
    1,173
    I think the article did not mean that you need to be picky about what private range you take - I think it meant that the formerly common practice of randomly picking any IP address range to be used internally instead of using a private address range instead should be avoided for the obvious reasons.

    Many network technicians used to just pick an address range at random and use it inside their router. Let's say that you decided to set up a new network and decided to randomly pick a set of addresses (say maybe 207.138.0.x - 207.138.128.x) as your "internal" address ranges. That would work fine, and NAT would indeed keep the outside world from seeing your address range ... but your choice of address range would cut you off from about 40% of the available Microsoft Web resources since those addresses would be resolved internally instead of externally.

    Picking random addresses usually worked in the 60's, 70's and 80's but from about the mid-90's on the chance that your "private" address range would intersect with a public range started growing substantially. Nowadays it's almost impossible to pick a random set of addresses and not have it assigned to - or worse, actually going - somewhere.

  4. #4
    Registered User
    Join Date
    Aug 2000
    Location
    Grand Rapids, MI, USA
    Posts
    813
    Thanks to each of you for your answers. I assumed that if I used 207.138.128.10 for my private IP address that the router would differentiate that from 207.138.128.10 the public IP address because each IP address would be on opposite sides of the router. While this logic is probably possible, I can understand why it would be simpler to just have established private IP address ranges for everyone to use so that this is not an issue. Thanks again.
    "Tell me, and I'll forget. Show me, and I'll remember. Involve me, and I'll learn." -- Marla Jones

  5. #5
    Registered User slgrieb's Avatar
    Join Date
    Feb 2003
    Posts
    4,103
    Not all routers by any means will work with the address ranges of all 3 classes. You can't take take a Linksys BEFSR 41 and set its internal address to a Class B address.
    Yes, Mr. Death... I'll play you a game! But not CHESS !!! BAH... FOOEY! My game is...
    WIFFLEBALL!

  6. #6
    Registered User WebHead's Avatar
    Join Date
    Oct 2000
    Posts
    8,208
    Quote Originally Posted by Pinnacle
    ...Okay, now my question. What does it matter what range of IP addresses I use on a private network? It's private, so it's not going to conflict with anyone on the Internet. If I need to access the Internet, the IP address being used by my computer will be translated by the router using NAT to a unique public IP address assigned to my organization. Are they saying that the router will only translate the IP address from private to public if I am using a known private IP address for my network? It seems like a router could be configured to recognize any particular range of IP addresses to be private so that it would properly translate them if someone wanted to leave the private network. Thanks.
    It is true that it's a private network and if there is absolutely no connectivity to the outside world then you would be correct about it actually being a true private network. And if it was that easy (using any addressing we want) then we'd all already be switched over to IPv6 by now. But actually, routers are programmed to work a certain way. Part of that certain way to use IP addressing a certain way. So different IP address ranges serve different purposes and each address segment defines a location on the WAN and/or a LAN or WLAN. Technically, in theory the 192.168.x.x could become a public range. And in some cases it has. For instance, SBC Yahoo has some circumstances where they have ran out of public addresses so they NAT addresses out to some customers (which is BS imo but that's for another topic). So the customer ends up getting a 192.168.x.x address which then conflicts with his NAT router. It can get pretty hairy. So you might see a lot of I.T. guys using the 10.x.x.x range these days just because 192 has these types of issues to consider. This is a topic that can go far beyond what I could ever hope to type in one post but check this out: http://en.wikipedia.org/wiki/Internet_Protocol
    Last edited by WebHead; August 18th, 2006 at 06:35 PM.
    Hello World

  7. #7
    Registered User rgharper's Avatar
    Join Date
    Sep 2002
    Location
    The wilds of Northern Michigan
    Posts
    1,173
    Quote Originally Posted by Pinnacle
    Thanks to each of you for your answers. I assumed that if I used 207.138.128.10 for my private IP address that the router would differentiate that from 207.138.128.10 the public IP address because each IP address would be on opposite sides of the router. While this logic is probably possible, I can understand why it would be simpler to just have established private IP address ranges for everyone to use so that this is not an issue. Thanks again.
    The problem is that your router will never make an external inquiry for 207.138.x.x addresses because it "knows" it's an internal address. Likewise, any internal DNS servers would also "know" that anything in the 207.138.x.x range should be an internal address and won't go looking outside for the resources that might exist. That's why the private address blocks were defined and why good network design always uses them internally instead of just taking any block of addresses and using them instead.

    If you did manage to program your router to work around this somehow, and the time and effort it would take would be pretty monumental, you'd still have conflicts when an address inside directly matches an address outside. Your network would favor the internal address over the external address so you'd still be unable to access external resources in the case of a matched address conflict.

Similar Threads

  1. can't obtain an IP Address.
    By nunob in forum Networking
    Replies: 4
    Last Post: June 12th, 2003, 11:29 AM
  2. cable modem with router with separate IP address
    By Todo in forum Tech-To-Tech
    Replies: 10
    Last Post: January 7th, 2002, 01:50 PM
  3. ?? IP address ??
    By ngc4414 in forum Tech-To-Tech
    Replies: 3
    Last Post: November 25th, 2001, 11:48 PM
  4. Replies: 2
    Last Post: November 14th, 2001, 05:53 PM
  5. Can't change IP address in ME
    By FreeFreak in forum Windows 95/98/98SE/ME
    Replies: 3
    Last Post: August 14th, 2001, 12:07 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •