IP Address Fundamentals and Network Address Translation Explained
Understanding IP Addresses
An IP Address is a 32-bit numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. IP addresses are usually written as decimal numbers with dots (e.g., 192.168.1.1). Every IP address has at least two parts:
- Network Portion: Identifies the network segment.
- Host Portion: Identifies a specific device within that network segment.
Types of IP Addresses
Not all IP addresses are used for assigning to hosts. Some addresses are special and have uses other than normal device assignment.
Network and Host Addresses (All Zeros)
When an address has every bit set to 0 in either the network or host portion (or both), this address refers to a network or a broadcast domain, and not to a specific machine.
Broadcast Addresses (All Ones)
Addresses with all bits set to 1 in the host portion (or the entire address for a network broadcast) are also special cases: they are used to disseminate messages to all devices on a network. No device is assigned a broadcast address.
Valid Host Addresses
A host address is a valid address for a computer or other network device. Any address that is not all zeros or all ones in the host portion is considered a valid host address.
Network Prefixes and CIDR Notation
IP addresses can be abbreviated using network prefixes, also known as CIDR (Classless Inter-Domain Routing) notation. This notation specifies the number of bits used for the network portion of the address. For example, a common network mask has the first 24 bits set to 1 and the last 8 bits set to 0.
You can abbreviate any IP address as follows:
192.168.1.0 / 24
This means that the network mask is 255.255.255.0 or, in binary, 11111111.11111111.11111111.00000000.
Public and Private IP Addresses
A private IP address is one that, when assigned to a device, cannot be used as a source or destination address for direct connections to the public internet. Private addresses were created to prevent the exhaustion of public IP addresses. A side effect is that we do not need to pay for them.
Private IP Address Ranges
The private IP address ranges are as follows:
- Class A: From
10.0.0.0to10.255.255.255(/8) - Class B: From
172.16.0.0to172.31.255.255(/16) - Class C: From
192.168.0.0to192.168.255.255(/24)
Other Reserved IP Addresses
Beyond public and private addresses, several other IP address ranges are reserved for special purposes:
- Default Gateway (
0.0.0.0): This address is used in the routing tables of routers, specifically to mark the address of a default gateway. - Loopback Addresses (
127.0.0.0 / 8): These addresses are used for testing network configurations. Even if your computer is not connected to a network, you can send messages to this IP. These messages simply travel down through the TCP/IP layers and then climb back up the same path. - Link-Local Addresses (
169.254.0.0 / 16): Also called Automatic Private IP Addressing (APIPA), their range is from169.254.0.1to169.254.255.254. They are used for very small local areas, such as Bluetooth connections, or when a device has not obtained an IP address from a DHCP server.
Router Rules for Special Addresses
Routers must handle these special addresses with care:
- A router should never accept anything as a source or destination IP that starts with
127. - No equipment or router must generate, or route anything where the IP source or destination is
0.0.0.0. - No router should accept traffic whose source IP or destination is a link-local address (i.e.,
169.254.0.0/16).
Historical IP Address Classes
Historically, IP addresses were categorized into classes based on their first bits:
- Class A: Starts with
0 - Class B: Starts with
10 - Class C: Starts with
110
Network Address Translation (NAT)
NAT (Network Address Translation) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
Consider this example: Your PC has a private address like 192.168.1.2. Your gateway is 192.168.1.1, which is the internal interface of your router. The router, on its external side, has a public IP address. So, when the router needs to send a message from your PC to the outside world, it records your request, sends it using its own public IP address (which is valid on the internet), and when the answer comes back, it forwards it to your PC.
How NAT Works
NAT is the process by which a router translates source addresses. When a machine on a private network with a private IP address needs to connect to the outside, the router intercepts the packet, changes the source IP address to its own public IP address, and then forwards the packet. This allows multiple devices on a private network to share a single public IP address.
Cisco NAT Configuration Example
Here are basic steps for configuring NAT on a Cisco router:
- Configure the external or public interface:
enable configure terminal interface FastEthernet 0/1 ip nat outside - Configure the internal or private interface:
enable configure terminal interface FastEthernet 0/0 ip nat inside - Perform static translation (e.g., redirecting public IP port 80 to an internal private IP):
enable configure terminal ip nat inside source static tcp 192.168.1.1 80 192.168.1.4 80
IP Address Allocation
IP addresses can be allocated in two primary ways: static or dynamic.
Static IP Address Allocation
Static allocation refers to an address assigned by the administrator in a fixed form for each device. This means the IP address does not change unless manually reconfigured.
- Advantages: Easier to control and manage specific users or devices, useful for servers or network devices that require consistent access.
- Disadvantages: Very laborious to change or manage in large networks; prone to human error (e.g., duplicate IPs).
Dynamic IP Address Allocation
Dynamic allocation is generally based on address assignment from a machine or server (like a DHCP server) that can assign IPs automatically from a pool. These addresses can change over time.
- Advantages: Easy to switch and manage for large numbers of devices; reduces administrative overhead.
- Disadvantages: Control can become much more difficult for specific devices; IP addresses may change, which can be problematic for services requiring a fixed address.