I'm asking about if the IP address of my router (my "public" IP address) is actually unique, i.e. it is not shared with other routers/hosts over the Internet.
If it is the case, I imagine that there will be some NAT policies applied by my ISP, which translates my "public" IP address and the port of my connection in some other IP:port pair (just like happens in local NAT).
Many operators use a version of NAT which is called by several names: Carrier Grade NAT, NAT 44, Large Scale NAT.
Essentially the operators use private addressing between the network core and the edge devices (i.e. your router) and then translate the private addresses to public addresses at the core of their network before traffic goes to another network.
There is not a one to one mapping between the private addresses and the public addresses, and even port numbers can be reused over time.
So to identify a given private address and hence user from the operator logs, you need to look at the public IP address, the public port and the timestamp (as the same public IP and port may be mapped to a different private IP at a different time).
Things start to get even more complex when you try to make the network devices as optimised as possible - there are mechanisms to try to assign to same public IP and port to a private IP that it has used previously for efficiency. This can give the impression to an end device that it has a static IP mapping in the NAT, but often this is not actually the case.
Finally, all the above is independent of any locate NAT you may have in your home or business - i.e. you can and probably will have a NAT translation on you local router for your locals devices also.
Unlike IP addresses, public IP addresses are not used in a local network but only on the internet. The routers (iphone: your box) IP address to internet, it that rent your box visible on the internet (it will respond to the ping). But also, when you use a website you use the public address of the web server.
A public IP address is unique in the world, which is not the case for private addresses which must be unique in the same local network but not at the global level since these addresses can not be routed on the internet.
Public IP addresses that list all IP addresses of classes A, B, and C that are part of the list of private addresses for those classes or class A exceptions.
Related
How public ipv4 addresses works in any cloud service.
Let consider GCP,
If all the Virtual Machines has public IPv4 addresses then IPv4 will runs out, because it has some limit but we can create a lot of machines on the cloud.
Same goes with either AWS or Azure.
So how they manage the IPv4 addresses?
A simple answer to your question is that cloud service providers like Azure, AWS, etc. have a pool of public IP addresses. These IP addresses are assigned to VMs when required and are released when your job is done.
You need to understand few things about IPv4 addresses.
There are two types of IPv4 addresses: Public IP address and private IP address
You can use only public IP addresses on the Internet. (Private IP addresses can be used only inside your network or company)
Every machine on the internet must have a unique IP address.
If you assign public addresses to every device (VMs) then they will get extinct. To overcome this problem we can use private IP addresses. Same Private IP addresses can be used by different organization at the same time. But what about the uniqueness? There comes the concept of NAT.
NAT allows you to use private IP addresses within an organization or your network and also allows you to communicate over Internet.
You can read more about NAT over here
In depth knowledge about NAT over here
When using TCP/IP Sockets (IPv4) for sending data from one to another device I can only access devices over their private IP address within my own WiFi. I can not send TCPs to public IP addresses because the NAT (Network Address Translation) rejects them or struggles translating into private IPs.
But with IPv6 every device gets it's own public IP. I suppose there are no private IPs then, are there? So there should not be problems with the NAT such as symmetric NAT because there will be no need of NAT.
Assuming both devices support IPv6 and know their IPv6 addresses: can I send data directly from one to the other device?
But with IPv6 every device gets it's own public IP. I suppose there are no private IPs then, are there?
Not all IPv6 addresses are public. There are loopback addresses, link-local addresses, local addresses ... - see IPv6 - Special Addresses. Devices usually have multiple IPv6 addresses (i.e. loopback, link-local, ...), but there is no guarantee that they have a global IPv6 address. This depends a lot on the network setup.
can I send data directly from one to the other device?
If both devices have a public IP, you can send data from one to the other. Only, it might not be received by the other device since firewalls deny such traffic. It is actually pretty common that a SoHo router, at least by default, doesn't allow initiating IPv6 connections from outside. Corporate firewalls also usually deny this. There might be firewalls on the device itself, too. And so on.
As per IANA standards, below is the range for private IP,
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
Can IP addresse outside the range(above) used as private IP to communicate packets within a specific network?
Basically, you can use ever IP-Address-Range you want in your private network. There is no reglementation against this.
But you have to take precautions to avoid routing-trouble when a machine with an IP-Address that actually belongs to a public range wants to access the internet. Here you have to have a Router or Firewall that is able to NAT your internal address bidirectionally.
Sure, there is nothing preventing you from setting your static IP to anything you want. It's up to the router to decide where packets are routed. On your internal network, since you own the router, you can decide to use an IP range normally used for public traffic if you are OK with those public servers being inaccessible to you.
Note that this may cause unusual side effects with DNS if your server is running on an IP address to which another domain name resolves. The server would appear to be running on that domain. Maybe this is what you want, although with SSL you would get a warning that the server fingerprint does not match.
I want to access localhost of a computer but other computers in the same network also has the same public IP. Can we access its localhost host by knowing both(public and private) IP address of that computer. I want to connect to it directly(not through any software like ngrok or VPN).
Thanks in advance.
You can only access localhost on the computer itself. Localhost refers to 'this node' by definition.
When communicating on an internal network you usually use the private IP addresses, not the public one(s). Connecting to a computer with a private IP behind a public IP requires reverse NAT aka destination NAT aka port mapping.
Connecting out from and right back into the same network through NAT may require a special firewall setup aka hairpinning. It's usually easier and faster to use split-brain DNS and resolve the public name to the private IP address of the device.
can one NAT have multiple public IP addreses for same end hosts behind it?
also
can one NAT have multiple public IP addreses one for each end hosts behind it?
Yes, and yes. NAT potentially represents a complete abstraction between private and public IP addresses; a single private address could make two outgoing connections and use a different public IP for each.
Whether that's useful is questionable, particularly since some protocols assume that a single application will always have the same public-facing IP address. And I don't know why you'd ever do 1:1 NAT. But you could, if you really wanted.