Help me understand IP addressing please

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

Xicaque

New Member
Mar 28, 2017
23
2
3
114
Olympia
Disclaimer: I am not an IT professional but I like messing/learning/building and making my wife mad as I spend $$$ on our home network. She thinks that having a huge rack server with tons of stuff is only for bussines environment. Well, not for me. So I will keep spending :)

Currently, my network has assigned IP addressing via DHCP. I have a couple of FreeNAS boxes that after a certain number of days, I think like 15 days. Not sure. Have their IP changed and then I can't connect unless I go check the box on what new IP there are on.

Well, I have gotten tired of it and I am now thinking of setting static IP addresses. My network is rather small.

I have the cable modem, followed by a wireless router then a 24 port switch. To that switch, I have 6 computers connected via cat 6 cable, 2 printers, and the two FreeNAS boxes.

Wirelessly, I have 4 iPhones, 4 iPads, a printer, 4 Apple TVs and a Linksys Velop wifi range expander.

I've been reading several articles and such. What confuses me is the following:

The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)


I am using the 192.168.x.x addressing. See that forward slash followed by 16? What exactly does that mean? Do I type 192.168.5.50/1, xxx.xxx.5.51/2 and so on when I assign static addresses?

I plan to eventually have a dedicated LAN for guests, printers, vid surveillance, one LAN for remote accessing when I am on the road, and one reserved for future use.

Thanks for any input you can provide.


Rob
 

i386

Well-Known Member
Mar 18, 2016
4,218
1,540
113
34
Germany
The "slash 16" means that of 32bits for an ipv4 address the first 16 bits are used for the network part and that the other bits can be used for hosts.
 

cliffr

Member
Apr 2, 2017
77
32
18
45
Rob that's a big topic.

Sounds like all you need is a /24 so 192.168.1.0/24 will be OK. That gives 250 ish addresses.

How you can easily fix your FreeNAS issue is to statically assign addresses via DHCP. Get the MAC address of each FreeNAS NIC. Then add a static entry mapping a MAC address to a static IP address such as 192.168.1.4 as an example. That will keep the IP addresses the same and still let you manage everything with DHCP.
 
  • Like
Reactions: Xicaque and T_Minus

ttabbal

Active Member
Mar 10, 2016
743
207
43
47
This is a pretty big topic, but I'll try to condense it a bit.

Those address blocks you mentioned are considered private addresses that people are expected to use on their internal networks. If you send one to an ISP, their router will block it. They should never be seen on the public internet. The /24 etc is the netmask. Some platforms want to see that written out, /24 = 255.255.255.0. This tells the machines on the network which other addresses they can talk to without needing a router to help them find it. Most people recommend /24 as the "normal" internal network mask. The broken out blocks are known as "subnets".

If a machine wants to talk to an address outside it's subnet, it needs a router. This is set in the gateway field. So your computer will check to see if the address it wants to talk to is on the local subnet. If not, it will send the request to the gateway. The gateway will decide how to forward it on, provide NAT, or block it depending on how it's set up.

Set servers and other "infrastructure" devices to use static addresses. I like to reserve the lower 50-100 addresses for static, and tell the DHCP server to only assign from 100-250, for example. The lower range I use for servers, printers, routers, switches, etc.. Everything else, I don't care what it's address is so I let them auto-configure.

So, one example for your subnets would be like this..

10.0.0.0/24 - General internal hosts. I would put printers etc. in here as well to keep it simple.
10.1.0.0/24 - video network, they don't need internet usually...
10.2.0.0/24 - VPN network
10.3.0.0/24 - Guest network (internet only)

A rule to keep in mind, you should never have more than one interface on a machine/router have the same subnet as another. So if you set up like above, but used 10.0.0.0/18 as the first entry, you would have conflicts. The machine wouldn't know where to send the packets. Some systems will warn you about this, others will silently fail.

More subnets means more firewall rules to configure. So keep it as simple as you can while getting what you want out of it. To properly do all that, and prevent someone from just changing their IP so they can access something you don't want them to, AND prevent multiple DHCP servers from interfering with each other, you really need a switch that has VLAN support, or one interface and switches for each subnet connected only to the router box. That way, the router can control who can go where. Otherwise, a guest could just change their IP and access whatever they want. That's probably not what YOU want. If it IS what you want, just use one network and save yourself the trouble.
 

vl1969

Active Member
Feb 5, 2014
634
76
28
here is an outline of how it works Subnet Mask Cheat Sheet
you only need to look at the first table on the page, the rest is a bit more in-depth look on subnetting.

but essentially think of it like this.
when the internet hit the real world it was only a small number of clients so they did not sweat much on address and how to find them. but as it keep growing there were a need to make it all organized and manageable. hence a special network and sub networks definitions have been created and assigned to the network providers. that what you would call an outside or public IPs.
when you connect to your internet provider you get one of those IP address . the IP address are leased out in sets or blocks as in a xxx.xxx.xxx.0 to xxx.xxx.nnn.n so say a verizon ISP will ahve an address like 65.25.n.0 though 65.30.n.255 and that is how many clients can be connected to it's network at any time.
in the same time it was decided to reserve a set of ranges to be used for local networks (hence why we need a router between our internal network and outside world you have only one connection to the outside but you might need more on the local network.)

so a several ranges have been set a side and agreed on not to be used for manything by internal networks
this ranges have been divided on classes like Class A, B and C respectively

10.0.0.0 - 10.255.255.255 (10/8 prefix) is class A network
172.16.0.0 - 172.31.255.255 (172.16/12 prefix) is class B
192.168.0.0 - 192.168.255.255 (192.168/16 prefix) is class C


each of this network have a predetermined range of IP address sets that it can handle.
here is a good explanation on how it works Address Classes

and one more Networking - Explain the classes of IP address.
there are other classes of networks exists but they are special applications and not relevant here.

so you will not see any IP address from this 3 classes outside of the organization or private network, ie. real world. exceptions do exist as in in some parts of the world large municipalities and college campuses, create their own networks with in say a town boundaries, which is than connected to an outside ISP and users are provided with accounts by the network management rather than ISP. so it works like a big company network. and uses the internal range, usually class A or B ranges.
 
  • Like
Reactions: Xicaque

Xicaque

New Member
Mar 28, 2017
23
2
3
114
Olympia
Thanks for the replies and links!!! Much appreciated. I am off to read those links. Keep them coming please! :)
 

Xicaque

New Member
Mar 28, 2017
23
2
3
114
Olympia
Rob that's a big topic.

Sounds like all you need is a /24 so 192.168.1.0/24 will be OK. That gives 250 ish addresses.

How you can easily fix your FreeNAS issue is to statically assign addresses via DHCP. Get the MAC address of each FreeNAS NIC. Then add a static entry mapping a MAC address to a static IP address such as 192.168.1.4 as an example. That will keep the IP addresses the same and still let you manage everything with DHCP.
Thanks for your reply!!! I went to option 1 on the box and set that to static IP. No more issues there.

I am leaning towards using /24. I do not think I will ever need that many addresses...lol.

Appreciate the replies. Friendly forum unlike others.
 

Xicaque

New Member
Mar 28, 2017
23
2
3
114
Olympia
Forgot to ask something...

The router, leave it dynamic or give it it's own static address?
What about the 24 port switch? I have this one Netgear GS724T

Thanks!!
 

vl1969

Active Member
Feb 5, 2014
634
76
28
Forgot to ask something...

The router, leave it dynamic or give it it's own static address?
What about the 24 port switch? I have this one Netgear GS724T

Thanks!!
by default, your router gets the first ip in the range, usually,
so if you use 192.168.0.n range it would get a 192.168.0.1 which also becomes your gateway address as the router IS your gateway to the internet. so it can never be DHCP from inside the network
now from the outside the network (the port that connects to your ISP either directly or through the modem box) it depends on your ISP. if you have static IP from your ISP (almost never happens nowadays) than you would set it to it. but usually it is dynamic and uses what ever comes from the ISP(WAN)
now switch depends on few things , mostly do you actually manage it or do anything with it?
if no than leave it DHCP if yes it makes it easier to set a static address to it.
although NetGear makes it easier to manage their switches by giving you a management utility "Smart Control Center Manager". this whelps finding the gear on the network what ever the setting are.
 
  • Like
Reactions: Xicaque

i386

Well-Known Member
Mar 18, 2016
4,218
1,540
113
34
Germany
For the internet it's already "obsolete"/too small.
For private networks (lans at home or work) it will be fine for a while (unless you want to have 16+ million devices in one network)