| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 63889 | 2005-11-25 21:38:00 | Curious networking. | Caesius (3758) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 407635 | 2005-11-25 21:38:00 | I've just started learning about various networking tools, and following, also about networked computers. I'm stuck on dial-up but my mate with ADSL let me have a play on his network, try and remotely connect etc. What I've relised is he only has one true IP address (which is actually the router isn't it), and the other 4-5 computers are all of IP address 10.1.1.x. What is this setup, is it NAT? Is it a shortcut so ISP's only have to assign one IP? I also want to know (although I think the answers no) if its possible to access the 10.1.1.x computers from outside. Which, if the answer is no, wouldn't it make any computer connected thus (behind a router with no true IP)...the most secure computer in the world...? Hey thanks for you're guru explanations - I think networking is learnt by doing. |
Caesius (3758) | ||
| 407636 | 2005-11-25 22:45:00 | The setup will most likely be NAT (network address translation) Your isp is not doing it to be evil but it does stop them from having to give ips to all computer connected NAT does make the computer harder to hack but it is not the most secure computer in the world(i recoment you still use a firewall) You can access the computer from outside if you use port fowding on the router |
sambaird (47) | ||
| 407637 | 2005-11-26 00:07:00 | The 10 . xxx . yyy . zzz range of IP numbers is non-routable . That means that any packet addressed to a host using a number in the range isn't passed through the routers on the Internet . The original reason for having non-routable addresses was to make it easy for people using TCP/IP on local networks, not attached to the Internet, to use "legal" IP addresses which they could assign themselves, without having to apply for officially allocated ones . The designers thought of this when there were still only a few sites on the Internet . They weren't stupid . The other reason was to avoid major problems which would arise if a local network "accidentally" got connected . Any "real" IP addresses which people had "given" to themselves would conflict with properly allocated ones . I don't know how sambaird can access a computer with a 10 . x . x . x IP address from the Internet . This is nothing to do with "port fowding"; the IP address is the delivery address for a host . The Internet doesn't "know" hosts with 10 . x . x . x addresses . There are too many of them, for a start . :D A home network using NAT has one address . All packets sent from it go out carrying that as the return address . All replies come addressed to that IP address . The NAT mechanism remembers what its hosts have sent, and where . so it can change the IP address on the incoming packets to the internal one so the appropriate host receives them . |
Graham L (2) | ||
| 407638 | 2005-11-26 02:25:00 | what abuot 192.168.x.x , hows that work [edit] and 172.16.x.x |
Mirddes (10) | ||
| 407639 | 2005-11-26 02:37:00 | what abuot 192.168.x.x , hows that work [edit] and 172.16.x.x Exactly the same. They are non-routable. :D They are just in different "classes" of IP address. |
Graham L (2) | ||
| 407640 | 2005-11-27 01:39:00 | Ok, it's making more sense. So if computers behind the router can't be accessed, why would they need any sort of protection whatsoever? |
Caesius (3758) | ||
| 407641 | 2005-11-27 01:50:00 | They can't be addressed/accessed directly . If you have a host called caesius . on . caesius . network which has an IP of 10 . 0 . 0 . 4 in your local network, someone outside can't address it as caesius . on . caesius . network, or even as 10 . 0 . 0 . 4 . The on . caesius . network doesn't have an entry in the DNS system for the 10 . 0 . 0 . 4 to be found, and the Internet won't handle that IP address anyway . But if, from that host, you start a transaction with an outside site, the NAT system in yout router will handle the whole transaction, and ensure that what comes back from the outside site gets to that particular host in your LAN, even though the 10 . etc address is never known outside . It's what is in those incoming packets that you need protection from . |
Graham L (2) | ||
| 407642 | 2005-11-27 01:59:00 | There are a series of ips allocated to various things... As Graham has said, there are non-routable IPS that can use 3 IP ranges: 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255 There is also the IP range 169.254.0.0 - 169.254.255.255 that are allocated automatically by your computer if it can't find a dhcp server (the dhcp server just allocates IPs) Then there other IPs for other purposes; such as 127.0.0.1 which is the localhost IP |
Myth (110) | ||
| 1 | |||||