News Stay informed about the latest enterprise technology news and product updates.

Staying legal -- Internet and local addresses

In the final installment of their four-part series, IT-Director covers the problems facing companies as they go outside of their own network and on to the Internet for the very first time.

Market Analysis
Part 4

Staying legal -- Internet and local addresses
With all those IP addresses available, it would be easy to think that there is plenty to go round and there would not be any problems. Well aside from the ever growing number of devices eating up the number of valid IP address available, there is also the problem facing companies as they go outside of their own network and on to the Internet for the very first time.

Most organisations already use TCP/IP products on their internal networks, but if the network is purely for internal use, then it is unlikely the IP addresses used will be illegal. Typically, companies may have used - there is nothing wrong with this approach, for an internal network, it makes sense and is easy to remember.

But when it comes to moving onto the Internet, the devices associated to these addresses will have to be reassigned Internet legal addresses or the organisation will have to use in address-translation gateways to rewrite outbound IP packets so they appear to be coming from an Internet-accessible host. If an address-translation gateway is installed there are still problems - the organisation will not be able to communicate with any site that is a registered owner of the IP addresses in use on its local network - so if you use on your internal network you will never be able to access the Internet site with that address as local routers will interpret the request as one for the local system and so the packets will never leave your own internal network.

Another issue facing organisations is that they simply may not be able to afford the luxury of implementing legal Internet Addresses across their network. Many organisations will have legacy applications that use hard coded addresses and with numerous such systems implemented the chances of a successful upgrade are remote.

A half way house solution to the problem is the possible use of selected Internet legal private addresses that are blocked from being used in the Internet in general. For a Class A network the addresses 10.n.n.n, for a class B network addresses in the range 172.16.n.n to 172.31.n.n and in a class C network the addresses in the range 192.168.0.n through to 192.168.255.n are all such addresses. These addresses cannot be routed across the Internet and the Internet's backbone routers are configured not to route packets to these addresses, so they are of no use whatsoever outside of an organisation's own internal network. An added complication is if one organisation sets up a private connection with another organisation and both are using the same block of addresses, again the packets intended for the other organisations network will simply be routed round your own network.

Its clear to see that there are many opportunities for problems and conflict in IP address and the bottom line is that the best way is to use formally-assigned, Internet-legal addresses whenever possible, even if you do not always require direct Internet access. Where hosts are using a firewall or application proxy of some sort, the use of Internet-legal addresses gives the lowest maintenance overhead. If this cannot be done, there are the Internet legal private address pools to fall back on. Whatever the case random, self-assigned addresses should be avoided at all costs, as they will only cause connectivity problems in the long run.

Copyright 2002 provides IT decision makers with free daily e-mails containing news analysis, member-only discussion forums, free research, technology spotlights and free on-line consultancy. To register for a free email subscription, click here.

For More Information:

Dig Deeper on Topics Archive

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.