Tip

Public vs. private networks

ITKnowledge Exchange member "rpvish" had a question about how traffic gets routed to internal and external networks, and fellow techies jumped in on the conversation and helped out. Here is a portion of the conversation. Read the rest of the thread.

    Requires Free Membership to View

Want to join in on a similar conversation? Register for ITKnowledge Exchange and fill out your profile so you can ask specific sets of people your IT questions and also help out your fellow geeks.


ITKnowledge Exchange member "rpvish" asked:
One user from a private network IP address can ping a global domain like yahoo.com or google.com. How can it reach these external domains when it cannot ping another gateway IP address within its own network?

"DAVIDFIGUEROA" WRITES:
It's pretty simple. A machine can communicate directly with any other machine on it's own network (as defined by the subnet). The default gateway tells it where to send any traffic that is not on it's own network. It's up to the gateway device (typically a router) to determine what to do with the traffic from that point.

So, when you ping yahoo.com, your machine sends the traffic to it's default gateway that eventually routes it out to the Internet and to Yahoo.

There are blocks of reserved addresses for different purposes. The ones for private networks are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.By default, packets on these networks do not route, unless something is set up explicitly to route them. That's why they do not travel across the Internet, because the standard is that those packets are not supposed to route out on the Internet.

So, if your router/gateway isn't told how to route the 192.168.1.0/24 packets, and the subnet is 192.168.0.0/24, then it doesn't know what to do with them and the traffic dies. What you could do is change your gateway and network to 192.168.0.0/23 to increase the size of the network and put them on the same subnet.

itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke

"WEBTREKKER" WRITES:
Because, as long as the address is routable, there are routers that are tasked with DNS, static routing and so on. By definition, routing is the ability to send messages to subnetworks that are not directly accessible. If you are using broadband, you probably have a router at your house. This router, in addition to connecting between its WAN and LAN IP addresses, which are different and most likely on different subnets, also probably supports NAT (Network Address Translation), which allows you to have unroutable internal IP addresses (192.168... or 10...., and so on); through the use of either static routing or NAT services the router allows you to connect to and from the Internet to your internal, unroutable IPs.

itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke

"EIKELMT" WRITES:
How is the path to your xxxx.1.1 networked? Your gateway is routing you out to Internet. That's why you can ping Yahoo. If you want to ping xxx1.1 network, you need another route (gateway) showing you the path to this network.



This was first published in February 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.