Month: July 2015

IP Addresses for LANs

There are currently two systems for IP addressing – IP version 4 and IP version 6.  Version 6 is important because the world is running out of IP version 4 addresses, as there are only a little more than 4.23 trillion addresses, and we have used most of them up. We are going to concern ourselves in this article with v4 because on a Local Area Network (LAN) there is a neat scheme called Network Address Translation (NAT) that lets us re-use some IPv4  addresses in different local networks, and because IPv4 is much simpler.

IP v4 addresses consist of four, (up to) three digit numbers separated by periods or “tacks” – nnn.nnn.nnn.nnn – where each nnn can be a number between 0 and 255 (that is as much as 8 bits can hold).  192.168.20.3 is an example of a IP v4 address, while 320.168.20.3 would not.  Since a network consists of a number of computers, printers, set top boxes, internet radios, etc. we need to define what IPv4 addresses (numbers) are in your piece of the network called a “subnet”.  This can be done by a construct called a netmask.

An example of a subnet designation would be 192.168.20.0\24 (8 bits x 3 =24 bits) or 192.168.20.0 netmask 255.255.255.0 (another way of saying 24 bits) which says that the last number in the address of a device can be anything from 1 to 254 (0 and 255 are for special purposes)and it is in the subnet.  This particular example is a “Class C” network with 254 addresses available for assignment.  A netmask of 255.255.255.254 would only include two addresses

There are several sets of network addresses that are set aside for LANs as they have been made “non-routable” and cannot be routed over the internet. Any of these can be used for LAN addressing behind a home or office router.

They make up a subnet that can consist of :

  • 192.168.0.0 – 192.168.255.255    – 255 contiguous Class C networks using 192.268.nnn.000 netmask 255.255.255.0 This can also be referred to as 192.168.X.0/24  meaning that the netmask is 24 bits and X is assignable to the network.
  • 10.0.0.0 – 10.255.255.255.255    – One Class A network using 10.0.0.0 netmask 255.0.0.0  or 10.0.0.0/8
  • 172.16.0.0 – 172.31.255.255         – 16 contiguous Class B network using 172.16.0.0 netmask 255.255.0.0  or 172.16.0.0/16 – 172.31.0.0\16

There are other addresses that are also not routed, but they should never be used on a local network either

  • 192.0.2.0/24                    – These three ranges should only be used for documentation, and not have devices mapped on them
  • 198.51.100.0/24
  • 203.0.113.0/24
  • 127.0.0.1 /32                  –  The localhost or self address of a device
  • 169.254.0.0/16              –   The Link-Local default address range of a device which is not statically addressed, nor been given a DHCP lease.
  • 0.0.0.0/8                        –  This host on the network
  • 255.255.255.255/32     – Broadcast

A small office LAN will normally be connected to a router that handles the administration of the LAN IP addresses with a Dynamic Host Control Protocol (DHCP) server. The router connects to the internet through  Network Address Translation (NAT) where communication is done to the internet or your Wide Area Network (WAN) using the WAN IP address(es) of the router, and the LAN computers “Masquerade” as the router address when communicating outside the LAN.

Often, when advanced DHCP configuration is needed, for services such as auto configuration of VOIP phones you will want to use a DHCP server with more features than that offered by a home router.  This can be readily accomplished by installing a DHCP daemon on your server, the devices on the net will be answered in their DHCP requests, but be sure you disable the DHCP function on the router when you do this.  Another advantage to this scheme is that if the router dies, and you can’t get an identical replacement you will have the settings as part of your normal server backup, whereas the router ‘s backup would be useless.

These small networks often utilize an address range from the 192.168. group of class C  unroutable networks.  There are 254 ranges to choose from, with each range having 254 available addresses.  You might say 254 is an awful lot, but things add up quick when you add workstations, routers, each virtual machine on a server, cameras, phones, Ethernet switches and routers etc.

The provide a service called Dynamic Host Configuration Protocol (DHCP), by default.  Simple DHCP is insufficient for some network components like servers and printers because it is not a sure thing that a device will get the same address back each time it is turned on.  There are some technologies to get over this such as uPnP  and the techniques below for  printers, scanners, switches, servers and and other devices.  It is crucial that only one DHCP server provides configuration on a network. (There are some configurations for have backup servers, but that will not be covered here.

You might not want to choose 192.168.0.  or 192.168.1. as your class C network since those are the default address ranges for many over the shelf routers.  Other third octets to avoid are 3, 10, 15, 16, 20, 30, 86, 100, 102 and 254 as some manufacturers use them as default values also.  Avoiding these address values might make you slightly less vulnerable to to getting hacked (security from obscurity).

If you are part of a large organization that need coordination between various sites, it is desirable that certain network ranges are used for specific purposes.  One a specific address range for each purpose. ie  one range for VOIP phones, one for office traffic to printers, etc.  one for music or video work, this way the purpose of the network can be determined from its address range and color coded patch cords. When personnel have to go from site to site they won’t disconnect a Studio Transmitter Link by mistake.  Avoiding re-use or coordinating an address ranges at both ends of a Virtual Private Network (VPN) systems can avoid conflicts, confusion and collisions.

There are two other address assignment techniques which work well but require manual intervention to set up.

Static addressing is the simplest in theory, but can become quite unwieldy for large networks.  Each computer ethernet interface is setup to (a) specific address(es) within the subnet.  There are several limitations to this.  First, the IP  address used must not be also assigned to another device on the network, statically or by the DHCP server on the network.  This can be accomplished by configuring the DHCP server so only a portion of the subnet addresses can be issued by the DHCP Server, and the static addresses are within the subnet address space, but not among those that the DHCP server will issue.  The second problem is that the addresses statically configured must be kept track of – manually, usually in a spreadsheet so they can be reached by other computers, and so you don’t assign the address to another statically configured computer.  Another consideration is that many routers keep track of the host-names of the computers they assign DHCP addresses to.  Usually these office and home routers automatically enter this information into their Domain Name Servers (DNS) which translate names like www.google.com to an IP Address.  They can do this for the computers on the LAN also.  The router has no knowledge of the statically assigned computers, and cannot provide this service for them.

A better solution is to have the DHCP server for the LAN to reserve certain IP addresses for the particular Media Access Connection (MAC) addresses of the ethernet interfaces on  computers and devices on the net that need to always have the same IP Address.  These MAC addresses are printed on the devices, and can be displayed using the ifconfig command on Linux and ipconfig command on Windows. Many modern small office and home routers have this function.  You usually have to dig through the DHCP connections list to find the menu item to do this.  The manufacturers think that this is a seriously advanced feature.  On some routers it can be tricky if the device has already been issued an IP Address by the DHCP server.

If your router has the MAC reserved IP Address function (sometimes the menu calls it Static – Confusing isn’t it?) then it is generally the preferable method.  If your network has no DHCP server, then Static IP Addresses are the only route available.  The Music Networks described throughout this site generally are simple Static assigned networks, while the Office networks have DHCP assignments where all the devices that need a fixed IP address are assigned using the reserved MAC address function of the DHCP server.  If you were planning on using a home router without this feature, you might want to get another.

Whatever you do with assigned addresses, as opposed to DHCP leases issued ad hoc,  is that you should keep a spreadsheet of the Assigned IP, the MAC address, the name or hostname of the device and its physical location.  (first layer documentation of a network)   you should also keep a record of all the reserved addresses and the device MAC addresses in the case that your router dies and the router backup settings cannot be loaded into the replacement unit because it is a different model.