Private and Public IP Addressing

All public Internet addresses must be registered with a Regional Internet Regiestry (RIR). Organizations can lease public addresses from an ISP. Only the registered holder of a public Internet address can assign that address to a network device.

You may have noticed that all the examples in this course use a somewhat restricted number of IP addresses. You may also have noticed the similarity between these numbers and numbers you have used in a small network to view the setup web pages of many brands of printers, DSL and cable routers, and other peripherals. These are reserved private Internet addresses drawn from the three blocks shown in the figure. These addresses are for private, internal network use only. Packets containing these addresses are not routed over the Internet, and are referred to as non-routable addresses. RFC 1918 provides details.

Unlike public IP addresses, private IP addresses are a reserved block of numbers that can be used by anyone. That means two networks, or two million networks, can each use the same private addresses. To prevent addressing conflicts, routers must never route private IP addresses. To protect the public Internet address structure, ISPs typically configure the border routers to prevent privately addressed traffic from being forwarded over the Internet.

By providing more address space than most organizations could obtain through a RIR, private addressing gives enterprises considerable flexibility in network design. This enables operationally and administratively convenient addressing schemes as well as easier growth.

However, because you cannot route private addresses over the Internet, and there are not enough public addresses to allow organizations to provide one to every one of their hosts, networks need a mechanism to translate private addresses to public addresses at the edge of their network that works in both directions. Without a translation system, private hosts behind a router in the network of one organization cannot connect with private hosts behind a router in other organizations over the Internet.

Network Address Translation (NAT) provides this mechanism. Before NAT, a host with a private address could not access the Internet. Using NAT, individual companies can address some or all of their hosts with private addresses and use NAT to provide access to the Internet.

For a more in-depth look at the development of the RIR system, see the Cisco Internet Protocol Journal article at


Post a Comment


NBA Live Streaming. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com | Distributed by Blogger Templates Blog