A.2. IP Addressing

A.2.1. Format of an Address

An IP address consists of four numbers, ranging from 0 to 255, connected with dots, i.e. 192.168.1.1. This format is called a dotted IP address. Each computer on your networks needs a different IP address. Depending on your network configuration, IPCop needs between one and four different IP addresses.

A.2.2. Networks

An IP network consists of two or more computers with IP addresses in the same range. The network mask determines the ranges. Even though they are not mandatory any more, there are several default network masks based on the first number in the dotted IP address.

A.2.3. Network Address Classes

Class A networks' first numbers range from 1 to 126 (127 is special). These networks, with their default network mask of 255.0.0.0, allow over 16 million computers to be on the same network. Computers on the 4.x.y.z network, are on the same network. While computers on the 5.x.y.z network are on a different class A network. The IP address of x.0.0.0 designates the entire network and the IP address of x.255.255.255 designates a broadcast to every computer on the network.

Class B networks' first numbers range from 128 to 191. These networks with their default network mask of 255.255.0.0 allow over 65 thousand computers to be on the same network. Computers on the 190.4.y.z network, are on the same network. While computers on the 190.5.y.z network are on a different class B network. The IP address of x.y.0.0 designates the entire network and the IP address of x.y.255.255 designates a broadcast to every computer on the network.

Class C networks' first numbers range from 192 to 203. These networks with their default network mask of 255.255.255.0 allow over 250 computers to be on the same network. Computers on the 193.4.5.z network, are on the same network. While computers on the 193.4.6.z network are on a different class C network. The IP address of x.y.z.0 designates the entire network and the IP address of x.y.z.255 designates a broadcast to every computer on the network.

A.2.4. Private Address Ranges

Why should you care about this?

The powers that be have designated several IP address ranges as private in RFC1918. If packets addressed to or from one of these ranges leak out onto the Internet they will be discarded.

One of IPCop's features is Port Address Translation or PAT. Using this technique any conversations over the Internet will appear to originate from IPCop's RED network address. To help shield your GREEN, BLUE and ORANGE networks from malicious users, you should use private address ranges for your network(s). Remember, your GREEN, BLUE and ORANGE networks must have different network addresses.

The private address ranges are:

  • 10.0.0.0 - A class A network. You can conceivably have over 16 million computers on this network.

  • 172.16.0.0 through 172.31.0.0 - 16 class B networks. You can conceivably have over 64 thousand computers on each network.

  • 192.168.0.0 through 192.168.255.0 - 256 class C networks. You can conceivably have over 250 computers on each network.

You can, if you wish, subdivide each network using a custom network mask. For example, if you wish to keep both your GREEN and ORANGE networks in the same private range, and you don't expect to ever need 32 thousand computers, you can use 172.16.0.0 with a network mask of 255.255.128 as your GREEN network and 172.16.128.0 with the same network mask as your ORANGE network. You will still have the ability to have over 32 thousand computers on each network.