home       basis       routing       switching       advanced       security       overig       testen       english      

private address ranges in ipv4

  1. background ...
     
    https://en.wikipedia.org/wiki/Private_network
     
  2. ranges
     
    192.168.0.0/16
    172.16.0.0/12
    10.0.0.0/8
     
    The above 3 ranges can be used as private addressing in IPv4.
    Private addressing is mostly used in combination with NAT: Network Address Translation on your router.
     
  3. Purpose of Private addressing:
    • solve the ipv4 address exhaustion problem (a lot more internet participants behind 1 public ipv4 addres
    • setting up a home-network with as many participants as necessary
    • to protect business networks via a NATTED firewall, using 3 zones (public, demilitarized zone, private) and split horizon voor DNS en e-MAIL.
       
  4. split horizon (short)
    • split horizon NAT means that a server or service is reachable under different IP addresses
      depending on where the client is located:
    • inside the local network, clients see the internal (private) IP of the server.
    • outside the network, clients see the public IP of the same server.
      the NAT device (usually the router/firewall) “splits” the view of the network
      depending on the horizon — inside vs. outside.
    • This prevents problems such as hairpin NAT or clients trying to reach a public IP that actually belongs to their own network.
       
  5. use
    the 192.168.0.0/16 range is mostly used in combination with mask /24. It appears as if one has 256 networks with a /24 mask available. The choice of mask is free between /30 en /16.
     
  6. The 172.16.0.0/12 range is used in combination with a /16 mask. As if one has 16 networks with a /16 available. (172.16/16, 172.17/16, .. 172.31/16). Freedom te choose a mask between /30 en /12
     

  7. The 10.0.0.0/8 would often be used in combination with a /24 but any mask between /30 en /8 is possible.

  8. why and how
     
    In a far away past classful ipv4 existed. The netmask was fixed.
    In classful ipv4 existed a 10.0.0.0/8 in Class A with a default mask /8,
    192.168.x.0 was part of Class C with a default mask /24
    172.16-31.x was part of class B with default mask /16.
    This has been abandoned since the late nineties.
      
  9. sources
     
    rfc 1918 Address Allocation for Private Internets
    rfc 2663 IP Network Address Translator [NAT] Terminology and Considerations
    en.wikipedia.org/wiki/IPv4_address_exhaustion
    en.wikipedia.org/wiki/Network_address_translation