[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

internal ip address, external, subnet mask

Posted on 2004-04-26
10
Medium Priority
?
1,321 Views
Last Modified: 2013-11-13
could somebody explain me what r the difference betn internal and external ip addresses,,also Subnet mask..why subnet mask is used..? what subnet mask is sometimes 255.255.255.255, but sometimes 255.255.255.0?? please explain with an example with simple english :) also, why somtimes MAC addresses r needed...also, what r the roles of Firewall, proxy server, DSN etc. i tried to read couple of books but the explanation is hazy..thanx in advance.
0
Comment
Question by:openujs
  • 3
  • 2
  • 2
  • +1
8 Comments
 

Author Comment

by:openujs
ID: 10921308
i did not get this part
The subnet mask is the network address plus the bits reserved for identifying the subnetwork. (By convention, the bits for the network address are all set to 1, though it would also work if the bits were set exactly as in the network address.) In this case, therefore, the subnet mask would be 11111111.11111111.11110000.00000000.
how did they come up with  that?
0
 
LVL 3

Expert Comment

by:justintx
ID: 10921359
ok.... are you familiar with binary?  if so, it's just binary math....
11111111.11111111.11111111.00000000 = 255.255.255.0  .... if not, click here http://www.learntosubnet.com/ and click on the video to learn binary math.  it's a great site for subnetting in general, by the way.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 2

Expert Comment

by:si_j
ID: 10921530
Woah, that's a lot of questions....!

>could somebody explain me what r the difference betn internal and external ip addresses

Internal addresses - IP addresses which are not available on the Internet, behind address translation. They are 'FAKE' addresses used for added security and to share smaller amounts of 'REAL' addresses. You would give them to computers on a LAN, 'inside' your Network

External addresses - addresses from outside of your Network, usually Internet addresses which can be found by other people using the Internet.

>also Subnet mask..why subnet mask is used..? what subnet mask is sometimes 255.255.255.255, but sometimes 255.255.255.0?? please explain with an example with simple english :)

A subnet mask breaks up larger networks into smaller ones. Subnet masks are binary strings of 32 digits.. i.e

binary...

Digit places go up in order
1 2 4 6 8 16

So in binary
1 = 1 (1 of 1)
10 = 2 (one 2, no 1's)
100 = 4 (one 4 no 2's no 1's)
11 = 3  (one 2, one 1)
101 = 5  (one 4, no 2's, one 1)
1000 = 8 (one 8, no 4....)

11111111.11111111.11111111.11111111 = 255.255.255.255
11111111.11111111.11111111.00000000 = 255.255.255.0

The binary part is to do with computer calculation, but it explains the numbers involved. A binary calculation with the subnet explains to the computer how big the network is.

So...

A 'Network' IP 192.168.0.0 with a 'subnet' 255.255.255.0 has 255 addresses.
192.168.0.0, 192.168.0.1, 192.168.0.2...........192.168.0.254   (the 0 makes 255)
Subnet 255.255.255.0 = 11111111.11111111.11111111.00000000
binary number 11111111 (=255) missing, therefore 255 addresses....  

A 'Network' IP 192.168.0.0 with a 'subnet' 255.255.255.248 has 8 addresses; (255-248
192.168.0.0-192.168.0.7 (the 0 makes 8)
Subnet 255.255.255.248 = 11111111.11111111.11111111.11110111
binary number 1000 (=8) missing, therefore 8 addresses.

Anyway.. I digress. Only computers in the same network, denoted by it's IP and subnet, can communicate on a LAN. Whatsmore, you can describe groups of computers by their IP and subnet.

>also, why somtimes MAC addresses r needed

MAC address is literally another part of the communication letter soup, literally this is just a (seemingly random) string of digits which is unique to any single piece of hardware, pre-determined at manufacture. This is also sent when communicating, and you can therefore add extra security by making connections identify by their unique 'MAC' address, then applying rules to different sets of' 'MAC' addresses.

>...also, what r the roles of Firewall

A firewall sits in-between inside and outside your network and polices traffic in and out, its behaviour is determined by your instructions to it. You can be very specific in the traffic you allow. I.E. 'Allow (or block) all IP's in this subnet' or 'Allow (or Block) IP's in this subnet to send (or receive or both) THIS type of information..' or 'Allow (or Block) these specific MAC addresses.

>proxy server

Bit more complicated to summarise.... in essence you have a computer which you connect to the internet through. This computer then can protect you from direct internet access and the associated risks, but can also speed up your browsing (sometimes) and allow one point of access for firewalling within a network. (There are other purposes, but using the same thing)

>DSN

You mean DNS > Domain Names Service. It literally does what it says on the lid. You use one every time you use the Internet. I.E. When you go to 'www.Experts-Exchange.com' you are really going to an IP address, not the name. You ask your DNS server 'What is the IP for 'www.Experts-Exchange.com' and it tells your PC a number in the form A.B.C.D which allows it to find a 'route' to the domain, and once there the domain will tell you where the default web-server is.

>i tried to read couple of books but the explanation is hazy..

Try Harder!!! lol. These are large topics, I've only scratched the surface. You really wanna know? Sit and learn it....

>thanx in advance.

NP. Hope this helped....

Simon
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 10923548
For 30 points???

An IP address is a 32-bit number, divided into two fields:  the network address and the host address.  The boundary between the two fields can be anywhere in those 32 bits.  One of the most common ways to specify where the boundary is is with a "mask", another 32-bit number with '1' bits corresponding to the bits that are part of the network address, and '0' bits corresponding to the bits that are part of the host address.

Both addresses and masks are routinely written in "dotted quad" notation, as four 8-bit portions (bytes), each expressed in decimal and separated from each other by periods/dots.

0
 

Author Comment

by:openujs
ID: 10939505
hey si_j
i definitely liked ur explanation
good example
Subnet 255.255.255.248 = 11111111.11111111.11111111.11110111
binary number 1000 (=8) missing, therefore 8 addresses.

so how many 255.255.254.248 have addresss...1 + 8..= 9??
0
 
LVL 3

Expert Comment

by:justintx
ID: 10940909
6...  see below for an example for the 192.168.50.0 subnet with a 255.255.255.248 mask.

192.168.50.0 - network
192.168.50.1 thru 192.168.50.6 - host addresses
192.168.50.7 - broadcast address

192.168.50.8 - next network
0
 
LVL 2

Accepted Solution

by:
si_j earned 120 total points
ID: 10942833
ok.... so you spotted the deliberate mistake?

i.e

>Subnet 255.255.255.248 = 11111111.11111111.11111111.11110111
>binary number 1000 (=8) missing, therefore 8 addresses.

Should read:

Subnet 255.255.255.248 = 11111111.11111111.11111111.11111000
binary number 111 (=7) missing, therefore 8 addresses if you include the '0'

>An IP address is a 32-bit number, divided into two fields:  the network address and the host address.  The boundary between the two fields >can be anywhere in those 32 bits.  One of the most common ways to specify where the boundary is is with a "mask", another 32-bit number >with '1' bits corresponding to the bits that are part of the network address, and '0' bits corresponding to the bits that are part of the host >address.
>Both addresses and masks are routinely written in "dotted quad" notation, as four 8-bit portions (bytes), each expressed in decimal and >separated from each other by periods/dots.

Exactly.

Due to the way computers 'parse' (read and interpret) subnets (looking for the first 0 from the left) you can only use certain subnets.

255.255.255.248 is a valid subnet, which in binary string form: '11111111111111111111111111111000'
255.255.254.0 is a valid subnet, which in binary string form: '11111111111111111111111000000000'
128.0.0.0 is a valid subnet, which in binary string form: '10000000000000000000000000000000'
255.255.254.248 IS NOT a valid subnet, which in binary string form: '11111111111111111111111011111000'
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question