Why my ip address starts with 192.? - networking

i am from non networking background. I suddenly wondered why the companies i worked almost always had the ip's like 192.168.x.x . Why can't they have something like 1.2.3.4
I understand that ip has and there is a concept called subneting.
Also, 192.168.0.0 to 192.168.255.255 seems to used for private use.
Question:
1) How does IP address matters thought all devices are connected to internet through roughter?
Any wisdom pls?

According to RFC 1918, addresses in the 192.168.0.0-192.168.255.255 range are private. Such addresses can be used internally by any network so they're often used inside an organization. They cannot be used on the Internet since they aren't intended to be kept globally unique.
192.168.X.X isn't the only private range defined in the RFC. You might also run into 10.0.0.0 - 10.255.255.255 or 172.16.0.0 - 172.31.255.255
Most other addresses are public, and have to be assigned to the network by a Regional Internet Registrty (RIR).

Without knowing it, you might see a kind of playing around with symmetries and numbers of 1-Bits, it it is likely not by chance that they chose these binary subnet mask prefixes and a chosen number of 1-Bits and their slightly playful positions (in brackets: number of 1-Bits for each nibble of the subnet mask prefix, just my guess what might have been thought of, since these Bit patterns were “sacrificed” for private networks):
00001010 (=02): 10/8
11001100.0001 (=221): 172.16/12
11000000.10101000 (=2021): 192.168/16
10101001.11111110 (=2243): 169.254/16
Further links:
IPv4
CIDR - Classless Inter Domain Routing.
The many 1-Bits for just the automatic IPs might also be swiftly chosen.

Related

Cidr blocks AWS explanation

Can someone explain exactly how CIDR blocks work and how it translates into 0.0.0.0/32 for example? Please use laymen’s terms or perhaps even an analogy to something not network related. Can’t seems to find an explanation that clicks with me. Thanks!!
Classless Inter-Domain Routing (CIDR) blocks are for specifying a range to IP addresses in format of IPv4 or IPv6. For the sake of simplicity I will explain rest of this in format of IPv4 however it is applicable to IPv6.
General format for CIDR Blocks: x.y.z.t/p
x, y, z and t are numbers from 0 to 255. Basically, each represents an 8 bit binary number. That's why it is range is up to 255. Combination of this numbers becomes an IPv4 IP address that must be unique to be able to identify a specific instance.
In case of AWS, p is a number from 16 to 28. It represents the number of bits that are inherited from given IP address. For example: 10.0.0.0/16 represents an IP address in following format: 10.0.x.y where x and y are any number from 0 to 255. So, actually it represents a range of IP addresses, starting from 10.0.0.0 to 10.0.255.255.
However for each CIDR block, AWS prohibits 5 possible IP addresses. Those are the first 4 available addresses and the last available address. In this case:
10.0.0.0: Network address
10.0.0.1: Reserved for VPC router
10.0.0.2: DNS server
10.0.0.3: Reserved for future use
10.0.255.255: Network broadcast
See here for official doc.
Actually this is one of the main reasons why AWS permits numeric value of p up to /28. Because for p=30, there will be 4 available values however AWS needs 5 IP address to use. In my opinion for p=29, they might found it inefficient to occupy 5 addresses to provide 3 possible IP address.
Number of possible IP addresses can be calculated by using this formula:
NumberOfPossibleIPs = 2^(32-p) - 5
Classless Inter-Domain Routing (CIDR) block basically is a method for allocating IP addresses and IP routing. When you create a network or route table, you need to specify what range are you working in. "0.0.0.0" means that it will match to any IP address. Some IP addresses are specific, like 10.0.0.0, which will match to any IP address beginning with 10. With any IP address range, you can be more specific by using a suffix(something like /32 from your example). These allow the notation to specify number of bits to be used from Prefix(actual IP-range like 10.0.0.0). It represents the bit length of the subnet mask, as indicated above. The subnet mask is like masking when painting. You place a mask over what you DO NOT want to paint on.
For example, 10.10.0.0/16 will have 256 * 256 IP address in its range.
NOTE: Some of the IP address in a range are reserved for various purposes. According to AWS VPC documentation, following are the reserved IP addresses.
10.0.0.0: Network address.
10.0.0.1: Reserved by AWS for the VPC router.
10.0.0.2: Reserved by AWS. The IP address of the DNS server is always the base of the VPC network range plus two; however, we also reserve the base of each subnet range plus two. For VPCs with multiple CIDR blocks, the IP address of the DNS server is located in the primary CIDR. For more information, see Amazon DNS Server.
10.0.0.3: Reserved by AWS for future use.
10.0.0.255: Network broadcast address. We do not support broadcast in a VPC, therefore we reserve this address.
Hope this helps!
All of the above answers are great, but are missing something pretty important for the people who don't understand addressing.
IP addresses are literally just a string of binary, broken up into 4 "octets". Each octet is a 2^8 block; 00000000. So to a machine, an IP address looks like this (with (.) added for human-ness):
00000000(.)00000000(.)00000000(.)00000000
When we're talking about the "mask" on the IP address, it means "the bits that don't change". The /8 or /255.0.0.0 on the end of the block signifies the number of bits that are not allowed to be used by this network.
So, lets say we have a CIDR block of 10.0.0.0/8 - this can also be written in the format 10.0.0.0/255.0.0.0, and you may in fact see this for of notation in older versions of linux. You will also note that 255 is the decimal representation of the binary string 11111111 - 8 binary "ones". So what the machine sees is the following:
Net: 00001010(.)00000000(.)00000000(.)00000000
Mask: 11111111(.)00000000(.)00000000(.)00000000
The part of the mask with 0's is usable address space within the network.
So the following example addresses are valid in this network, because on the 0 parts of the masked range are changing:
00001010(.)00000001(.)00110000(.)00111000
00001010(.)00110001(.)00110100(.)00111001
When we say "cidr block" we simply mean "the human-readable shorthand way of expressing binary strings understood by a machine". In the above example, the first octet can be expressed as 10, and the latter octets 0. And the Mask can be expressed as 255 and the latter octets of 0, or; because the mask is always a sequence of 1's, then a sequence of 0's, the length of the 1's, i.e. 8
And as such, we get a cidr of 10.0.0.0/255.0.0.0, or 10.0.0.0/8
A few more examples:
-- 172.1.1.0/24
net: 10101100.00000001.00000001.00000000
mask: 11111111.11111111.11111111.00000000
^ 24 bits for the mask ^ 8 bits of usable space
-- 10.10.10.8/29
net: 00001010.00001010.00001010.00001000
mask: 11111111.11111111.11111111.11111000
^ 29 bits for the mask. ^ 3 bits of usable space
Importantly though, this is only one aspect of networking. Usually a couple of these are reserved for things. See other answers for AWS specific things. In their examples, the "first 4" ip addresses reserved for AWS will be the first 4 usable addresses, which would be
...00 - Network address
...01 - Router
...10 - DNS
...11 - Futureproofing

Multicast over layer 2

Pardon my limited knowledge in networks.
I am trying to setup two small programs as client and server, which join to a particular multicast group. The servers sends some arbitrary data to the group and the client receives the data as it listens to the group.
This of course is possible with UDP programs which I have already done. However I need to work with MAC addresses instead of IPs. And I have a few questions regarding this:
Is it possible to fix a range of MAC addresses for my multicast application ? As I understand, the least significant bit of the first octet in the MAC address signifies if it is multicast or not. So the multicast MAC should look like 01:*:*:*:*:* . So I guess, there should be some way to use a wide range of MAC addresses (except for those reserved).
Many places it is written as All multicast MAC addresses begin with: 0100.5e . Is it always true? AFAIK this prefix is fixed in the MAC address which leaves space for the rest of the IP address bits to be mapped here. But what if my application doesn't care about IP addresses and listens to multicast groups based on MAC addresses (if it is possible) ?.
Can't I keep the first octet as 01 and use a wide range for my multicast addressing ?
How to send packets to a multicast group and listen to a multicast group only based on MAC addresses and irrespective of IP ? i.e. the multicast group addresses are defined based on MACs.
I hope my questions made sense.
If you are not using IP (or UDP on top of that) then the default way of mapping IP addresses to mac addresses have probably no added value for you. These mappings are specified for example in:
http://en.wikipedia.org/wiki/IP_multicast#Layer_2_delivery
rfc1112 https://www.rfc-editor.org/rfc/rfc1112 paragraph 6.4
If you insist on using layer2 and multicasting it will probably be sufficient to send out frames with the LSB of the first octet set (the multicast bit, ref: http://en.wikipedia.org/wiki/File:MAC-48_Address.svg ). And put your own mapping on top of that. But you should take into account that:
you probably need to force your NIC to pass the data, often NIC's filter out frames they are interested in hardware. And these filters are typically set when joining a group or e.g. when setting the ALLMULTI flag).
There is probably networking equipment in the middle and some pseudo-intelligent switches may refuse to forward data unless they have seen IGMP joins (ref igmp snooping).
And you code will obviously need to deal with raw layer 2 sockets to read out the data.
Considering the ease of just using UDP this may be a lot of work.

How can I determine if an organization is using NAT?

As far as I understand, I can tell if an organisation is using NAT if they are using private IP address space.
It can be determined that an organization is using private IP address space if its addresses fall into the following ranges, reserved for private uses by Internet standards groups:
10.0.0.0 through 10.255.255.255
169.254.0.0 through 169.254.255.255 (APIPA only)
172.16.0.0 through 172.31.255.255
192.168.0.0 through 192.168.255.255
Am I correct.....? Please correct the logic if it is not correct.
While you are basically correct about which space is considered "private" (see RFC 1918 section 3), I do not think you can make this assumption in your program, for the following reasons:
An organization might be using private addresses, but not be using NAT at all (for example, a completely private intranet)
An organization might be using NAT, but with a reserved public subnet. (Yes, I have seen organizations with IP address space to burn do this.)
Your question is practically incomprehensible, but taking this from the title:
How will i get to know if organisation is using NAT?
You can't.

non-routable IP address [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed last year.
The community reviewed whether to reopen this question last year and left it closed:
Original close reason(s) were not resolved
Improve this question
I know that 127.0.0.1 is by convention the loopback address and that there are various address ranges which are reserved for local use.
Is there an IP address that is reserved never to be assigned?
I would like to test that something works when an IP address can't be found, I could just use a local address which isn't used but thought that there may be an address which is reserved for such use.
According to Wikipedia article on reserved addresses, there are 3 test networks intended for use in documentation only.
192.0.2.0/24
198.51.100.0/24
203.0.113.0/24
Any address in one of those ranges (eg 203.0.113.1) should not map to anything, and indeed should fail to route.
Depending on the type of test you are doing, there are other listed addresses and address ranges that could be appropriate for what you are trying to do.
I think you may want to reword your question. The private address segments (10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.31.255.255, 192.168.0.0 - 192.168.255.255) are commonly referred to as "non-routable" addresses. I think what you are asking for is a reserved IP address that is reserved specifically to never be assigned. As far as I know there is no address that is reserved in this fashion.
Anything in the
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
ranges will be dropped by any Internet router - they are intended for internal use only and are not routed. There isn't a single address but using one from a block you don't use internally, as long as your router isn't too clever will do the job.
Of course if you have a managed router it may well drop these anyway and not let them go out of the internal network.
RFC-3330 lists these, and lots of other blocks as well
Looking at RFC 3330, I don't see any IPv4 address reserved for a globally non-routable address.
What I would do is assign -- in local DNS -- an unused local network IP address to the name "blackhole.<domain>" (using the appropriate domain) so you are guaranteed a stable address to which no computer will ever respond. Of course, like always when configuring DNS, ensure that no DHCP server is configured to give out the same address.
192.0.2.0
According to http://en.wikipedia.org/wiki/Reserved_IP_addresses
Assigned as "TEST-NET" in RFC 5737 for use solely in documentation and example source code and should not be used publicly.
https://www.rfc-editor.org/rfc/rfc5737
According to https://en.wikipedia.org/wiki/0.0.0.0, the IP address 0.0.0.0 “is a non-routable meta-address used to designate an invalid, unknown or non-applicable target.”
Well, the answers given are more or less correctly. What you can do is to assign some of the special addresses that are commonly only used as net masks. These will never be encountered in the wild as IP-addresses, so are safe - as long as you don't actually try to use them in the wrong circumstances.
The best ones are:
0.0.0.0 - but be careful to not use it to open a socket, since it will then open a socket to the current main interface on the computer
255.255.255.255 - this one is never assigned, so it should be the best sentinel, unless you need to interact with netmasks.
I had a similar question and I went to figure; if I understood properly; to use a non-forwardable network such as : 169.254.0.0/16 or 127.0.0.0/8
http://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
Will IPv6 work for your purposes? It looks like IPv6 has a whole range specifically reserved for blackhole usage: 100::/64
So, specifically, 100:: should work.
Wikipedia reference: https://en.wikipedia.org/wiki/IPv6_address#Special_addresses
RFC: https://datatracker.ietf.org/doc/html/rfc6666
depending on what the test is you might be able to use the subnet broadcast address.
i.e.
network = 192.168.1.0 /24
broadcast = 192.168.1.255
For IPV4 the non-routable addresses ranges are from 10.1.1.1 to 10.255.255.254, from 172.16.1.1 to 172.31.255.254, and from 192.168.1.1 to 192.168.255.254. These IP addresses will not be recognized outside of a private network.

How do ports work with IPv6?

Conventional IPv4 dotted quad notation separates the address from the port with a colon, as in this example of a webserver on the loopback interface:
127.0.0.1:80
but with IPv6 notation the address itself can contain colons. For example, this is the short form of the loopback address:
::1
How are ports (or their functional equivalent) expressed in a textual representation of an IPv6 address/port endpoint?
They work almost the same as today. However, be sure you include [] around your IP.
For example : http://[1fff:0:a88:85a3::ac1f]:8001/index.html
Wikipedia has a pretty good article about IPv6: http://en.wikipedia.org/wiki/IPv6#Addressing
The protocols used in IPv6 are the same as the protocols in IPv4. The only thing that changed between the two versions is the addressing scheme, DHCP [DHCPv6] and ICMP [ICMPv6]. So basically, anything TCP/UDP related, including the port range (0-65535) remains unchanged.
Edit: Port 0 is a reserved port in TCP but it does exist. See RFC793
Wikipedia points out that the syntax of an IPv6 address includes colons and has a short form preventing fixed-length parsing, and therefore you have to delimit the address portion with []. This completely avoids the odd parsing errors.
(Taken from an edit Peter Wone made to the original question.)
They're the same, aren't they? Now I'm losing confidence in myself but I really thought IPv6 was just an addressing change. TCP and UDP are still addressed as they are under IPv4.
I'm pretty certain that ports only have a part in tcp and udp. So it's exactly the same even if you use a new IP protocol
I would say the best reference is Format for Literal IPv6 Addresses in URL's where usage of [] is defined.
Also, if it is for programming and code, specifically Java, I would suggest this readsClass for Inet6Address java/net/URL definition where usage of Inet4 address in Inet6 connotation and other cases are presented in details. For my case, IPv4-mapped address Of the form::ffff:w.x.y.z, for IPv6 address is used to represent an IPv4 address also solved my problem. It allows the native program to use the same address data structure and also the same socket when communicating with both IPv4 and IPv6 nodes. This is the case on Amazon cloud Linux boxes default setup.

Resources