|
Because TCP/IP is the world's
dominant routed protocol, most network applications and operating systems offer extensive support for it. Thus, many
designers build their networks around TCP/IP-even if they do not require Internet
connectivity. As you already know, Internet hosts require a globally unique IP addresses.
However, private hosts that are not connected to the Internet can use any valid
address, as long as it is unique within the private network.
Because many private networks exist alongside public nets, grabbing
"just any address"
is strongly discouraged. RFC 1918 sets aside three blocks of IP
addresses (i.e., a Class A, a Class B, and a Class C range) for private, internal use. Addresses
in this range will not be
routed on the Internet backbone (see Figure ).
Internet
routers immediately discard private addresses.
If you are addressing a nonpublic intranet, a test lab, or a home
network, these private
addresses can be used instead of globally unique addresses. Global
addresses must be
obtained from a provider or a registry at some expense.
RFC 1918 addresses have found a home in production networks as well.
Earlier in this
chapter, you saw the advantages of using VLSM to address the
point-to-point WAN links
in an internetwork. Recall that with VLSM, you were able to further
subnet one of the
subnets left in a Class C network's address space. Although this
solution was better than wasting an entire 30-host subnet on each two-host WAN link, it still
costs one subnet that could have been used for future growth. A less wasteful solution is
to address the WAN
links using private network numbers. In Figure , the WAN links
are addressed using
subnets from the private address space, 10.0.0.0 /8.
How can these routers use private addresses if LAN users at site A,
B, C, and D expect to
access the Internet? End users at these sites should have no problem
because they use
globally unique addresses from the 207.21.24.0 network. The routers
use their serial
interfaces with private addresses merely to forward traffic and
exchange routing
information. Upstream providers and Internet routers see only the
source and destination
IP addresses in the packet; they do not care if the packet traveled
through links with private addresses at some point. In fact, many providers use RFC 1918
network numbers in the core of their network to avoid depleting their supply of globally
unique addresses.
One trade-off of using private numbers on WAN links is that these
serial interfaces
cannot be the original source of traffic bound for the Internet or
the final destination of traffic from the Internet. Routers do not normally spend time surfing
the web, so this limitation typically becomes an issue only when troubleshooting with
ICMP, using SNMP, or connecting remotely with Telnet over the Internet. In those
cases, the router
can be addressed only by its globally unique LAN interfaces.
The following sections discuss implementation of a private addresses
scheme, including
the pitfalls of discontiguous subnets and the advantages of Network
Address Translation
(NAT).
|