Private Addresses
Private IPv4 Addresses
- Private IPv4 addresses
- RFC 1918
- Defines private address ranges
- Everything that is not private are public addresses which are routable
- For example 8.8.8.8 is a public DNS address.
- Single IP is allocated to a single system
- RFC 1918
- Not globally routable
- Unique local
- Extends life of IPv4
- NAT
- Gives us the ability to really extend the lifetime of IPv4
- NAT
| Class | From | To |
|---|---|---|
| A | 10.0.0.0 | 10.255.255.255 |
| B | 172.16.0.0 | 172.31.255.255 |
| C | 192.168.0.0 | 192.168.255.255 |
- You could almost always look at this as dollars as cents
- One less than 172.32.0.0 (like taking a penny out of it)
- Is 172.31.255.255
- This is a /16 mask
- The first two bites are network bits
- Out hosts are 2^16 power - 2 because you have a network and broadcast address.
- Is 172.31.255.255
/CAP/Network+/Visual%20Aids/Pasted%20image%2020250226125056.png)
- When we utilize NAT is a two way process.
- As it comes back in it gets readdressed
- Sometimes when we say we are doing NAT, we are actually doing PAT (Port Address Translation)
- Each user is going to pick a resource port
- By paying attention to each of the source ports, the router can track which internal devices are talking to which external hosts.
NAT is the process of taking a private address and converting into a public IP address WHEN YOU CROSS THE PERIMETER ROUTER
- You need public IPs to talk to the internet.
- Routing tables of the routers at the ISP should filter that.
- If it hits the target device there is no way it comes back to you if you are not a public IP
- With NAT there is a one to one ration of private to public addresses
NAT Overload, also known as PAT
- One single IP address will service many devices
- A client creates an outbound connection to a server
- The source port is typically some random number
- If you send a TCP SYN, you will get a SYN ACK which will com back to you on the same port
- Here we are translating from private to public
- Each user has a unique source port, that is the reason we call this Port Address translation, since there is only one public IP address.
- In the rare even that two devices pick the exact same source port, firewalls have the intelligence to notice it and changes it, when the respond comes back it changes the destination and source port IP.
- From 1025, to 65,535
- The ports available for PAT.
- There are around 64k ports per IP
- If you start to use more and more ports there is greater chance for conflicts to exist.