Problem solve Get help with specific problems with your technologies, process and projects.

Public vs. private networks

ITKnowledge Exchange member "rpvish" had a question about how to ping internal and external networks, and fellow techies helped out. Here is a portion of the conversation.

ITKnowledge Exchange member "rpvish" had a question about how traffic gets routed to internal and external networks, and fellow techies jumped in on the conversation and helped out. Here is a portion of the conversation. Read the rest of the thread.

Want to join in on a similar conversation? Register for ITKnowledge Exchange and fill out your profile so you can ask specific sets of people your IT questions and also help out your fellow geeks.

ITKnowledge Exchange member "rpvish" asked:
One user from a private network IP address can ping a global domain like or How can it reach these external domains when it cannot ping another gateway IP address within its own network?

It's pretty simple. A machine can communicate directly with any other machine on it's own network (as defined by the subnet). The default gateway tells it where to send any traffic that is not on it's own network. It's up to the gateway device (typically a router) to determine what to do with the traffic from that point.

So, when you ping, your machine sends the traffic to it's default gateway that eventually routes it out to the Internet and to Yahoo.

There are blocks of reserved addresses for different purposes. The ones for private networks are,, and default, packets on these networks do not route, unless something is set up explicitly to route them. That's why they do not travel across the Internet, because the standard is that those packets are not supposed to route out on the Internet.

So, if your router/gateway isn't told how to route the packets, and the subnet is, then it doesn't know what to do with them and the traffic dies. What you could do is change your gateway and network to to increase the size of the network and put them on the same subnet.


Because, as long as the address is routable, there are routers that are tasked with DNS, static routing and so on. By definition, routing is the ability to send messages to subnetworks that are not directly accessible. If you are using broadband, you probably have a router at your house. This router, in addition to connecting between its WAN and LAN IP addresses, which are different and most likely on different subnets, also probably supports NAT (Network Address Translation), which allows you to have unroutable internal IP addresses (192.168... or 10...., and so on); through the use of either static routing or NAT services the router allows you to connect to and from the Internet to your internal, unroutable IPs.


How is the path to your xxxx.1.1 networked? Your gateway is routing you out to Internet. That's why you can ping Yahoo. If you want to ping xxx1.1 network, you need another route (gateway) showing you the path to this network.

This was last published in February 2005

Dig Deeper on Network Infrastructure