In Internet terminology, a private network is a network that uses private IP address space, following the agreed standard of RFC 1918. Computers may be allocated addresses from this address space when it is necessary for them to communicate with other computing devices on an internal (non-Internet) network.
Private networks are becoming quite common in office local area network (LAN) designs, as many organizations do not see a need for globally unique IP addresses for every computer, printer and other device that the organizations use. Another reason for the extensive use of private IP addresses is the shortage of publicly registered IP addresses. IPv6 was created to alleviate this shortage, but has yet to achieve widespread use.
Routers on the Internet are (normally) configured to discard any traffic using private IP addresses. This isolation gives private networks a basic form of security as it is not usually possible for the outside world to establish a connection directly to a machine using these addresses. As connections cannot be made between different private networks via the internet, different organizations can use the same private address range without risking address conflicts (communications accidentally reaching third party which is using the same IP address).
If a device on a private network needs to communicate with other networks, a "mediating gateway" is needed to ensure that the outside network is presented with an address that is "real" (or publicly reachable) so that routers allow the communication. This gateway is typically a network address translation (NAT) device or a proxy server.
This can cause problems, however, when organizations try to connect networks that both use private address spaces. There is the potential for clashes and routing problems if both networks use the same IP addresses for their private networks, or rely on NAT to connect them through the Internet.
The current IANA private internet addresses are:
| Name | IP address range | number of IPs | classful description | largest CIDR block | defined in |
|---|---|---|---|---|---|
| 24-bit block | 10.0.0.0 – 10.255.255.255 | 16,777,216 | single class A | 10.0.0.0/8 | RFC 1597 (obsolete), RFC 1918 |
| 20-bit block | 172.16.0.0 – 172.31.255.255 | 1,048,576 | 16 contiguous class Bs | 172.16.0.0/12 | |
| 16-bit block | 192.168.0.0 – 192.168.255.255 | 65,536 | 256 contiguous class Cs | 192.168.0.0/16 |
To reduce load on the root nameservers caused by reverse DNS lookups for these IP addresses, a system of "black-hole" nameservers are provided by anycast network AS112. [1]
No comments:
Post a Comment