N+ 1.4 - Public vs. Private

What is a public network?

A network that anyone can connect to

What is an example of a public network?

The Internet, Anywhere Access, and Web Servers

For addressing devices on a public network, how must it be handled?

They must be carefully considered

What is a private network?

Any network where access is restricted

What are examples of a private network?

A corporate network, or a network in a school

For addressing devices on a private network, how must it be handled?

It is less strict

What are Private Ranges?

They are ranges set aside for private use

What do private ranges provide?

Flexibility in addressing, as well as preventing an incorrectly configured network from polluting the Internet

What kind of networks are private ranges for use on?

Private networks

Why are private ranges special addresses?

Internet routers are configured to ignore any packets they see that use these addresses

What is the outcome of routers ignoring packets on private range addresses?

If a private network “leaks” onto the internet, it won’t get any further than the first router it encounters

Why can’t a private address be on the internet?

It can’t be routed to public networks

What does RFC 1918 define?

Three ranges, one each for Class A, B, and C

What do Class A and B address ranges offer in comparison to Class C?

More addressing options

Address range of Class A?

10.0.0.0 - 10.255.255.255

Address range of Class B?

172.16.0.0 - 172.31.255.255

Address range of Class C?

192.168.0.0 - 192.168.255.255

Default subnet mask of Class A?

255.0.0.0

Default subnet mask of Class B?

255.255.0.0

Default subnet mask of Class C?

255.255.255.0

What is a NAT?

Network Address Translation

What is the basic principle behind Network Address Translation (NAT)?

Many computers can “hide” behind a single IP address

What is the main reason for many computers hiding behind a single IP address, with a NAT?

There aren’t enough IPv4 addresses to go around

What does using NAT mean?

Only one registered IP address is needed on the system’s external interface

What does the one registered IP address on a NAT system’s external interface act as?

The gateway between the internal and external networks

How do NAT and proxy servers relate?

Many proxy server applications include NAT functionality, but proxy servers are definitively different than NATs

What does NAT enable?

The use of whatever addressing scheme you like on your internal networks

What is the common practice of addressing schemes with NATs?

Using private address ranges

What happens when a system is performing NAT?

It funnels the request given to it to the internet

What does a funneled request while a system is performing NAT look like?

It appears to be originating from a single address

What does the system performing the NAT function do?

It keeps track of who asked for what and makes sure when the data is returned, it is directed to the correct system

What are the different ways a NAT is provided from servers?

• You can statically map a specific internal IP address to a specific external one so that outgoing requests are always tagged with the same IP address

• If there is a group of public IP addresses, you can have the NAT system assign addresses to devices on a first-come, first-server basis

When you statically map a specific internal IP address to a specific external one so that outgoing requests are always tagged with the same IP address, what is that called?

One-To-One NAT Method

What is PAT?

Port Address Translation

What is Port Address Translation (PAT)?

A variation on NAT

What happens with PAT?

All systems on the LAN are translated into the same IP address, but with a different port number assignment

When is PAT used?

When multiple clients want to access the internet

With PAT, why do you need to map the inside clients to a single public IP address?

There are not enough available public IP addresses

With PAT, what happens when the packets come back into the private network?

They are routed to their destination with a table within PAT that tracks the public and private port numbers

What is typical when PAT is used?

There is only a single IP address exposed to the public network, and multiple network devices access the internet through this exposed IP address

What is not exposed when a PAT is used?

The sending devices, IP address, and port numbers

What does PAT enable?

Nodes on a LAN to communicate with the internet without revealing their IP address

What is translated to the router’s external IP address in a PAT?

All outbound IP communications

What is a SNAT?

Static Network Address Translation

What is Static Network Address Translation (SNAT)?

It is a simple form of NAT

What does SNAT do?

Directly maps a private IP address to a static unchanging public IP address

What does a SNAT enable?

An internal system to have an unregistered private IP address and still be reachable over the internet

What is DNAT?

Destination Network Address Translation

When is DNAT implemented?

On a router to change the destination IP address on a packet

When is DNAT typically used?

Between services located on a private network and IP addresses that are publicly accessible

What is DNAT more commonly referred to as?

Port Forwarding

What does a public address need to be?

Unique

Why can private addresses be configured basically any way?

It doesn’t matter if an address is repeated outside of the network

What is the reason there would never be conflict from one private network to another private network in regards to addresses?

Private addresses are internal

What does RFC1918 stand for?

Request for Comment

What year was RFC1918 implemented?

1996

What is category 1 of RFC1918?

LAN only

What is category 2 of RFC1918?

LAN + limited outside resources, like an email service

What is category 3 of RFC1918?

Internet access

Which RFC1918 category is the most modern?

Category 3