[Networking] Private IP vs Public IP
There’s always two sides to any story
Every devices need an IP address for data communication. Well, this is an understatement. In fact, a device’s IP address changes several times on their way from the source to destination. In short, the source IP and destination IP found in the IP header are translated by the Network Address Translation (NAT) mechanism and possibly layer-3 header rewrite throughout the brave journey of network packets across the Internet.
Private IP
“A private IP address is the address space allocated by InterNIC to allow organisations to create their own private network”
Private IP(s) are assigned to both physical and virtual hosts within a LAN. This address is the unique identifier used by the nodes in a LAN to talk to each others. There are two important IP subnet rules here:
(1) the private IP addresses assigned to hosts within a LAN must be unique (to prevent IP conflict)(2) the private address assigned must be from one of the three IANA allocated network ranges as shown in the diagram
Private address blocks can be reused by many LANs. For example, if Taylor use 192.168.1.0/24 for her home network; her neigbhour, Dua Lipa can also use the same 192.168.1.0/24 for her network. There are no special consideration on choosing which block (among the three) of private IP to use to depending on the number of hosts in a LAN. The reason is that; in modern network, network addressing is based on Classless Interdomain Routing (CIDR). This means we can freely change the subnet mask within any of these address blocks to fit our network needs. Two networks that uses network address from two different private IP blocks (e.g. 192.168.1.0/24 and 10.10.0.0/16) can communicate across the Internet after NAT.
Public IP
“Public IP is the address used by end devices to communicate on the Internet (or the core/backbone networks)”
Devices that have a public IP is globally reachable. Meanwhile, devices that only has a private IP is only reachable within its own LAN. For example, for Taylor (who is in New York) to talk to Gaga (in Malaysia); they’ll need two public IP for each end for the packets to travel across the Internet.
Public IP is the reason you pay for the Internet. Public IP is assigned by ISP to their service subscribers. Each ISP like Maxis or Verizon has their own Public address blocks which is allocated by IANA. Telcos have to pay IANA for these address allocations before further ‘selling’ them to end customers like us. Normally, each Internet account will be assigned a dynamic Public IP. You may notice that your public IP address changes from time to time. This is because the Telcos normally do not have enough public IP each for all of their customers. For example, Maxis are allocated with 10000 public IP(s) that need to be assigned to 100,000 customer base. Telco would dynamically assign any available public IP in their pool whenever you are trying to get online; and release the lease when you are not connected for some other users. In modern days, most people are online all the time. In this case, telco further ‘NAT’ the available public IP address in their pool before assigning to each customer terminal unit (CTU) end points.
Do you know how to find out what’s your current public IP? Well, it is actually just a google search away. You can just google ‘what’s my IP’.
This is not a concern for end user, as long as our router has a routable public IP assigned in the WAN interface when needed. However, for data center or if you are hosting a server; then the randomness of public IP can lead to connectivity issues like server is not reachable. This is simply because client that are trying to connect to server needs to know the server’s IP in advance. For example, the server IP configured in the client host.ini file is 68.68.68.68:8080. After a while, the telco renew the lease of the server IP to 68.68.68.60. When the client establish new connections, they are not aware of these changes (unless host file is updated) and keep sending client request to 68.68.68.68 which is no longer pointing to the same server. Having a fixed IP would have solve this issue. The same goes with online gaming; where having a fixed public IP provide better connectivity since NAT has less works to do. Some telco allow users to request for a ‘fixed’ public IP, free or at some minimal cost.
Why (there is a need for) Private and Public IP?
The Internet is running out of unique IPv4 addresses. Imagine each devices needing one unique IP to get online. Now, count the number of devices you own that needs an active connection. Consider if an average person has 3 devices (a phone, a laptop and a playstation); now take this number multiple with the global population (7.8 billions); that’s almost 24 billions addresses that we need. However, the maximum IPv4 address space is 2³²; which translates to only 4294967296 addresses. This is a far cry from the IP address we need.
Well, the long term solution to this problem is to move to a new addressing scheme; which is the IPv6 address. For a make shift solutions, we are now using private addressing scheme with NAT. Remember that private address blocks can always be reused for many LANs. It is ok for Taylor’s iPhone to use 192.168.1.1 and Gaga’s Macbook is also using 192.168.1.1 if there are on two separate LANs. Now you might wonder, how can the devices talk to each other if they have the same address? Suppose that Taylor sends a picture from her iPhone to Gaga on her Macbook. The IP header of this packet would look like this:
Theoretically, the source host (Taylor’s iPhone) would be sending the packet back to itself since the source IP and destination IP (of Gaga’s Macbook) is the same in this case. This also means that the packet will be looping until the packet time-to-live expires. Now, that’s where NAT comes in. NAT is a mechanism that translate this private IP to the public IP of these end devices. In this case, the source IP would be replaced with Taylor’s router IP address (the public IP); and the destination address would be Gaga’s router public IP address. Of course, Taylor may have other devices like an iPad or a smart TV. These devices will also share the same public address going to the Internet. Here, the router will keep a NAT table, or a PAT table depending on which kind of NAT is configured on the router to identify all the hosts within a LAN that share this global IP. We will discuss NAT in length in other stories.
The flow of data communications (a closer look)
Private IP address can be safely reused thanks to NAT. But public IP is not always needed for data communication. In fact, Public IP is only needed if the hosts are communicating with another host from a different network. This means that you can get away with not paying for the Internet; but you can only talk to your peers in the same LAN. But that’s a naive thought, since the Internet is built based on the client-server architecture; and server(s) are almost always located somewhere on some remote data center on the Internet ;especially in the age of the cloud computing. However, some enteprises built their own private networks using dedicated lease line or frame relay switches to provide campus to campus connectivity that bypass the Internet. In this case, private addressing would suffice despite two hosts are geographically distanced.
Scientifically speaking, there are intra-LAN communication and inter-LAN communication. Intra-LAN refers to hosts in the same LAN talking to each others. Inter-LAN refers to hosts in different LAN(s) talking to each other. First, the host will determine if the destination is in the same LAN. If it is, then the packet will be forwarded to the switch. The switch then further forwards this ‘frame’ to the right destination based on MAC address. Meanwhile, if the destination is not in the same LAN, the host will forward this packet to the router. Then, the router will translate the source IP of this packet (which is the private IP of the host) to the public IP address (of the router given by the ISP) before forwarding it to the backbone networks (the Internet). Here’s a video to explain this intuition.
More about IPv4 addressing
So now you have it. Computer networks use two types of IP addressing; which is private IP and public IP. The private IP is used to uniquely identify a host within a LAN. Meanwhile, the public IP is used to uniquely identify a host on the Internet. Private IP can always be reuse to save IPv4 address space; but this address is not recognisable on the Internet; just like your nickname is only known within your close circle of friends but not to the public. Remember that private IP address can be assigned manually to the host as static IP, or automatically assigned using DHCP servers. It is important to exclude the IP addresses that has been assigned manually in the DHCP IP pool to prevent double OFFER of the same IP to two different hosts. To learn more about static and dynamic IP, read here.
