There is something I've always been mixed up about with IP addressing. When a company purchases internet access from an ISP and obtains their inside global IP address that they'll use for NAT (lets say they're just using PAT and only in need of 1 inside global address to make things easy), do your private IP address schemes have to stick within the class of network you purchased from your ISP? When purchasing internet access from your ISP, does it coincide with network classes?
I'm mixed up about the process itself, considering my public IP at home for instance is 24.x.x.x (which traditionally is a class A network 0-127 range), but at home obviously we all have class C networks, so I'm confused about the whole thing.
I notice most companies use a 172.16-31.0.0 private address scheme and subnet further from there. Which is a class B private address scheme, but is this because they purchased a class B network? Or as a result of CIDR, there are no classes of networks to be purchased, the internet access is the only thing needing purchasing which you will then be given a public IP from your ISP, and the private scheme is left up to the company and Network Engineers to determine. Could a company purchase internet access from their ISP for instance, then make the internal network 10.0.0.0 and subnet from there giving themselves as many subnets and host IPs they could ever use?
If you're totally confused by my questions by now, just to sum up, I want to know basically whether or not the public IP a company is administered from their ISP when they purchase internet access (inside global IP) has any influence on your private IP address scheme (for instance, having to use 172.16.0.0/16 as a starting point instead of being able to use anything I want because of your inside global address), and then subnetting from there. Any clarity on this would be greatly appreciated. I apologize for the enormous length of this post! Thanks everyone.
Best Answer
First, understand that any idea of network classes lost its relevance sometime in the mid 1990's. Protocols where classes were significant have versions that accept subnet masks as additional parameters and do not care about what class an IP address is in.
There are three ranges of private IP addresses, and one for each class, but the class doesn't have any meaning anymore, unless you are using an ancient protocol that doesn't let you specify a subnet mask with IP addresses. What does have meaning is the subnet associated with each "class":
If your company is really distributing private addresses to customers (this is called Carrier Grade NAT), then you are stuck with what your ISP provides as far as the interface where your computer or network connects to the ISP.
Second, your router has two interfaces. One faces the IP and receives an IP from your ISP's DHCP server. The other is facing your network and completely up to you what you do with. Now, if you are going to reuse any addresses your ISP is using, then you will have to juggle some complex NAT rules. A consumer-level router may not support such complex NAT rules - a Linux PC with
iptablescan do it but it's difficult to set up.So, it is possible, but usually a lot easier to just select a range your ISP is not using. It doesn't matter which one. 10.0.0.0/8 is typically what businesses choose by convention, but it is just a convention.
Now, with the right NAT setup, you could pick any IP range out of thin air and use it on your home network. However, if your configuration has an error, traffic destined for your home network may go to external hosts instead. The above "private" IP ranges are agreed to be "non-routable" - if they happen to make it to your ISP, your ISP is supposed to drop them. With carrier-grade NAT being an exception of course. So if you use a private IP range that your ISP is not using, it protects you from a consequence of accidental misconfiguration.