Public & Private IPs

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Yo guys...

I understand that a public IP address is assigned by the ISP... and Routers perform a process of NAT to allow a private IP to 'converted' into a public IP, which is able to be used on the internet.

However, my query is, with public IPs, when you are creating a network... can you use any ip range you like within reason? so if I wanted to set-up a network, would I have to use a private class C address of 192.168.1.0 (255.255.255.0) for example, or could I just use any address I like within reason? (other than the addresses which you are unable to use such as 127.0.0.0)???

Might be a stupid question... but heyoh...

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

The short answer to your question is yes you can - but best practise would be to use one of the private ranges specified in RFC1918

The first company I worked for used a range outwith the private address space internally - it didn't cause any issues but used to really bug me...

 

Well the answer is simple,

So here's an example of why this wouldn't work. You give a device in your network the public IP address of 8.8.8.8 (e.g. load balancer), a host in the LAN makes a request for googles DNS server which conveniently is 8.8.8.8. Where is the DNS lookup query going to go?

Yep... that's right straight to the load balancer... This will cause you loads of problems, thus NEVER ever EVER use public IP addresses on your internal network.

If you use public's on the internal network any legitimate public request that should be going out the default gateway to the ISP for routing will be routed internally instead...

Funnily enough this is a common thing people do. I have worked with a Bank that did this and yes it caused a huge amount of problems.

 

As the others have said, only use the private ranges (copied from RFC191:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

I've got one client where the previous IT company set them up on 192.169.0.0 range - that's a muscle and mental memory screw up for me whenever I'm manually addressing something on their network.

 

I am pretty sure the OP is asking "can you" purely from a technical point of view, i.e. will this still work at a local level. The answer to this is yes.

 

Back when the first IPv4 allocations were given to large, public companies, several of them picked up large ranges of addresses. I read somewhere (maybe it was the Network+ CompTIA study material that mentioned this) that Apple got something like 65k addresses and Microsoft received a few thousand as well.

Recently, Microsoft also received 666k addresses from Nortel: Microsoft offers $7.5M for 666,624 IPv4 addresses - Computerworld

Technically, these things 'could' mean that Microsoft could assign a public IP address for every employee (90k FTE's and 50k non-FTE's) and Apple could nearly do the same as well (~70k employees).

But is it a good idea? Maybe not always, IPv4 to begin with, isn't secure in the same manner as IPv6 is, so you may not wish to give public IP's to internal networks 'as is' with a fully routable network.

 

Yep, this. The company networks I work on own a class A each and they are assigned to the client network, not just internet facing services

Of course these networks still sit behind a firewall and use NAT.