In my testing, both computers have the same PUBLIC IPV4 address:
Two computers bound to the same private class range (192.168.X.X)
PC_0 (192.168.1.2) -> SendsTo -> PC_1 (192.168.1.40) (PC_1 - SUCCESSFULLY RECIEVED MSG)
Two computers bound to the different private class ranges (192.168.X.X) && (172.(16-31).X.X)
PC_0 (192.168.1.2) -> SendsTo -> PC_1 (172.29.3.2) (PC_1 - FAILED TO RECIVE MSG)
Is it possible for two computers on the same private network, but in differnet private class ranges, communicate with each other?
I can't find anything on this specific situation.
Any help or information is appreciated.
Related
I have a question, for BLE experts, regarding the IRK exchanged when bonding occurs between two BLE devices with public address. I don't remember where I saw the statement that if during exchange keys a device "A" got IRK from a peer device "B" that has public address, the device "A" keep the received IRK as zeros.
Could somebody confirm or deny this statement?
Thank you in advance
Searching in the spec5.3 I found nothing about keeping the IRK that received from device with public address.
Every device must have either a Public Address or a Static Random Address that is used as the Identity Address.
When a device advertises, connects or sends a scan request, it can either choose to use this Identity address as its own address or use a Resolvable Private Address derived from its own IRK (if the device has an IRK). If the device does not have an IRK, it must use its Identity Address (or possibly a non-resolvable private address).
Whenever the IdKey bit is set in the Pairing Request and Pairing Response messages for the central or the peripheral, respectively, the IRK and Identity Address shall be distributed. If a device does not have an IRK, it sets the IRK field to 16 zero bytes in the SMP Identity Information packet during the key distribution phase during the pairing, per Bluetooth Core specification v5.3, Vol 3, Part H (SMP), section 3.6.4:
Note: An all zero Identity Resolving Key data field indicates that a device does not have a valid resolvable private address.
I think you have misunderstood something, because there is nothing that says that a device receiving a valid IRK or no IRK at all shall "set it to zeros" if the same remote device happens to have a Public Address (either as the address used during the connection or as its Identity Address). In fact, an all-zero IRK is not even valid, since such a one could not be sent over the SMP protocol (since an all-zero IRK would mean a non-existing IRK).
Note that it's perfectly fine for a device that "has a public address" to also have an IRK. It might for one connection use the public address and for another connection use a Resolvable Private Address derived from its IRK.
It is however common that devices have a public address as Identity Address and no IRK. In that case the bonding storage representing this device will store the public address and no IRK, (since it receives an all-zero IRK during key distribution).
I am developing an application for peer-peer conversation in ad-hoc network. when a peer wants to communicate with other peer, it uses its ip address to connect.
Once devices connected with each other in an Ad-hoc network, a IP address is assigned to each one of them, but I need a smaller string(of 4-6 character) as a unique ID for each device in an ad-hoc network. Since this is a peer-peer network, there is no server(which can generate unique ID), so it is a responsibility of each peer itself to generate unique ID. I am searching for a mechanism or algorithm to generate the unique ID in java.
This is probably best solved by use of each device's interface specific MAC address. MAC addresses are, in standard implementation, unique to each network interface, so each one of your devices already has a unique number. You can use this address directly or as a seed value to create derived IDs.
Use the below code for generating random numbers with 6 characters
private static SecureRandom random = new SecureRandom();
public static String getUniqueId() {
return new BigInteger(130, random).toString(32).substring(0, 6);
}
Can anybody explain me why I got two different IP-addresses?
So if I type on terminal ipconfig I get my network information where my Ip-adress is like 192.168.###.###.
So I know that this is in private IP-range (private IP).
But if I for example google after myipadress I got as result something like this: 84.112.###.###.
And this is in my opinion the public IP-adress and after the website information the location of the ip-address (ISP) is about 3.3 km away from my current location...
So what would you answer if somebody asks after your IP-address??? which one would you say to him?
And the second question (or my own opinion) how can I determine my public IP without googling? What is technique behind that?
I think thats easy for this kind of websites because they get of course your public IP in the IP-frame if you go on their website and therefore that is not a problem.
And finally why do I have a private address at all? I know behind a network/interface there can be about 255 devices. In this case my modem must be able to grant up to 255 devices to the internet by giving a private(dynamic) address to everyone. The last 3 numbers of the IP-address can differ.
Can I say that my wlan-modem is a router?
I'm really confused about the IP-adresses can anybody help me?
thanks before
You would tell them the 84 address as this is what is visible to the world.
The wlan-modem that you describe (it sounds like you are on a home network) acts as a translator between the one public address that your internet provider assigns you and the many devices in your house. You can usually point your web browser at the wlan-modem and it will tell you its public address. You would point your browser to http://192.168.XXX.YYY where XXX.YYY is what your computer lists as its gateway. In most cases it works like this:
your computer's address is 192.168.1.100, and it will have a gateway of 192.168.1.1.
Why private addresses? There are two reasons, first is your ISP has a limited number of public addresses that is can give out to users (and only wants to give you one), and second is that by putting your computer on a private network its not directly accessible to the internet (picture your computer behind a one way mirror). All non-private IP's are like phone numbers, they are unique, nobody else has your number, while private IP addresses act more like internal extensions in a business.
What's special about the private 192.168.XXX.YYY vs 84.5.XXX.YYY ranges? Nothing really, other than a group of people said this set of addresses isn't global and can be used privately. https://www.rfc-editor.org/rfc/rfc1918
The technical term for what your wlan-modem is "Network Address Translation" (NAT) device. This is a device that sits between a private and public network and rewrites network traffic to make everything look like it originated from one public address.
Your modem (yes, you can call it a router) creates a private address space. Every device behind the router receives a private address in the 192.168.x.x network. 192.168 is a special address space reserved for private networks. (There are other blocks reserved for private networks, but your router uses 192.168, which is common.)
Your Internet Provider only allocates one public IP address to your router, which can then share it with all its connected devices. This strategy is called Network Address Translation.
It has a few purposes, some security-related, but the primary purpose of NAT is to allow multiple devices to share a single public IP address.
If someone is asking for your IP address, give them your public IP address if they are outside your network because that's what they see. Or if they are connected to the same router as you, they will want to know the private IP because that's what they see.
As you know "IPv4" can handle maximum 4.3 billion unique IP (name as public IP or valid IP) for us (one of the reason that nowadays we change to IPv6 is this). So we need to use private IP to control usage of valid one. you can see PRIVATE IP on your router or DSL modem or any other devices connect you to IPS (that you can change it to any private IP that you need on your network , Local Area Network). You have IP pool on this device (modem) that can assign to other devices on your LAN so your modem change to position of a router here and have a table like CAM table on a router that you can see on your modem configuration (or GUI).
Now what happen too this IP addresses on your LAN when your data packets want to access to other network (like downloading and uploading)?
Here we have a technology name as "NAT" that change your Private IP to valid IP that can access to other network on internet (WAN) so we use many many many private IP in our network but maybe other networks know us just with one Public IP but (big but) we can't use this Public IP forever(it is not assign for us) because our IPS (our internet provider service) maybe use this public IP for many of its customer.
So what can we do?
You can rent a Public IP address for yourself and pay for that to use it just for yourself (that many of big company have Public IPs for themselves to connect directly without NAT)
for yourself to know more you can test it like that I do below :
C:\Users\EliAs>tracert google.com
Tracing route to google.com [173.194.40.197]
over a maximum of 30 hops:
1---- 1 ms 1 ms 2 ms 192.168.1.1
2---- 41 ms 58 ms 162 ms 85-15-16-105.shatel.ir [85.15.16.105]
3---- 54 ms 103 ms 43 ms 85-15-16-97.shatel.ir [85.15.16.97]
4---- 47 ms 47 ms 49 ms 85-15-2-9.shatel.ir [85.15.2.9]
5---- 67 ms 44 ms 43 ms 85-15-0-1.shatel.ir [85.15.0.1]
6---- 44 ms 41 ms 43 ms 85-15-0-58.shatel.ir [85.15.0.58]
7---- 48 ms 43 ms 42 ms 78.38.255.89
8---- 53 ms 44 ms 93 ms 10.10.53.197
9---- 88 ms 121 ms 84 ms 10.201.22.102
10---- 43 ms 43 ms * 10.10.36.218
11---- * * * Request timed out.
12---- 182 ms 188 ms 217 ms ae0-xcr1.fra.cw.net [195.2.30.25]
13---- 191 ms 184 ms 266 ms xe-0-0-1-xcr1.fix.cw.net [195.2.28.202]
you can see your private IP add on NO.1 and change of IP on other NO.
I'm trying to make WiFi hotspot for customers and keep our company network separated. I'm thinking of using mikrotik devices for this reason. The idea is to make every customer connect for maximum 1 hour. Other requirement is that we have to use tablet that is connected to private network as well.
Here are different ways how I think this could work:
1) The first idea was to connect mikrotik public router and private office switch to modem. Then (somehow) connect router to switch for reasons of router settings. Then make VAP for tablet with ability to connect to private network ( in case vap has some option minimal bandwith because even with 200 users connected table must work) PC in office would connect to router over switch and my app would dynamically create WiFi users.
2) Next is that I would use second router for private network but I would still need connection to mikrotik router over switch.
3) I would buy bigger mikrotik switch and connect only some cheaper WiFi access point the connect. Switch would have separated subnets.
Next question is how secure can I make private AP? Is Mac filtering and hidden ssid enough?
Also should I generate 2000 users at once and enable/disable them dynamically or generate users dynamically?
And is in mikrotik some option to limit time connection is valid? And not just actual login time?
You can use Mikrotik devices for this reason. About security, you can use isolation+WPA2/AES+MAC Filtering+Hotspot authentication together, but for Hotspots with public access, there's solutions to use short messages on mobile phone authentication i think it's more useful.
As far as I understand, I can tell if an organisation is using NAT if they are using private IP address space.
It can be determined that an organization is using private IP address space if its addresses fall into the following ranges, reserved for private uses by Internet standards groups:
10.0.0.0 through 10.255.255.255
169.254.0.0 through 169.254.255.255 (APIPA only)
172.16.0.0 through 172.31.255.255
192.168.0.0 through 192.168.255.255
Am I correct.....? Please correct the logic if it is not correct.
While you are basically correct about which space is considered "private" (see RFC 1918 section 3), I do not think you can make this assumption in your program, for the following reasons:
An organization might be using private addresses, but not be using NAT at all (for example, a completely private intranet)
An organization might be using NAT, but with a reserved public subnet. (Yes, I have seen organizations with IP address space to burn do this.)
Your question is practically incomprehensible, but taking this from the title:
How will i get to know if organisation is using NAT?
You can't.