A private network is a network that is not connected to the internet, or is connected indirectly using NAT (Network Address Translation) so that the address does not appear on the public network. However, a private network allows you to connect with other computers that are on the same physical network. This method is necessary if you want to communicate with a series of other computers or share data and does not require an internet connection.
Step
Step 1. Design your network
This is probably the most difficult part of setting up a network.
Draw first any routers that you might use to share most of your network. Smaller private networks don't need a router, but may still use them for administrative reasons. A router is only needed if you plan to a) Split the network into several smaller networks, or b) Allow indirect internet access using NAT. Next, add a network switch (switch) and a hub. For small networks, you only need to use one network switcher or hub. Draw boxes to represent computers and the lines connecting all the devices. This image will serve as your network diagram. While a diagram intended for you can use any symbol you like, using industry standard symbols will simplify this task and won't be confusing to others. Typical industry standard symbols are:
- Ruter: Circle with four arrows crossed. Or just a cross if you're drawing a lightning concept.
- Grid switch: A square or rectangle, with four wavy arrows, two in each direction. Represents the concept of a "redirected" signal-forwarded only to the port that leads to the intended user by address.
- Hub: Same as network switcher, with one double-headed arrow. Represents the concept of all signals being blindly forwarded to all ports regardless of which port is pointing to the intended receiver.
- Lines and squares can be used to represent connections that lead to a computer.
Step 2. Create an address plan
-
IPv4 addresses (IP version 4) are written like this: xxx.xxx.xxx.xxx (four numbers separated by three dots), in all RFC-1166-compliant countries. Each number ranges from 0 to 255. This number is known as "Dotted Decimal Notation" or "Dot Notation" for short. The address is divided into two parts: the network part and the host part.
For a "Classy" network, the network part and the host part are as follows:
(" " represents the network portion, "x" represents the host portion)
If the first digit is 0 to 126- nnn.xxx.xxx.xxx (example 10.xxx.xxx.xxx),
this is known as a "Class A" network.
If the first number is 128 to 191- nnn.nnn.xxx.xxx (eg 172.16.xxx.xxx),
this is known as a "Class B" network.
If the first number is 192 to 223- nnn.nnn.nnn.xxx (example 192.168.1.xxx),
this is known as a "Class C" network.
If the first digit is 224 to 239, this address is used for multicasting.
If the first number is 240 to 255, this address is "experimental".
Multi-broadcast & Experimental addresses are beyond the scope of this article. However, note that because IPv4 does not treat it in the same way as other addresses, neither should be used.
Simply put, "nonclass networks", subnetworks, and CIDR will not be discussed in this article.
The network part defines the network; the hosts section defines the individual devices on the network.
For any network:
-
The range of all possible host share numbers resulting in an Address Range.
(e.g. 172.16.xxx.xxx the range is 172.16.0.0 to 172.16.255.255)
-
The lowest address is the Network Address.
(e.g. 172.16.xxx.xxx the network address is 172.16.0.0)
This address is used by the device to determine the network itself, and cannot be intended for any device.
-
The highest address is the Broadcast Address.
(e.g. 172.16.xxx.xxx the broadcast address is 172.16.255.255)
This address is used if a packet is addressed to all devices on a specific network, and cannot be aimed at any device.
-
The number remaining in the range is the Host Range.
(e.g. 172.16.xxx.xxx the parent range is 172.16.0.1 to 172.16.255.254)
These are the numbers you can assign to computers, printers, and other devices.
Host Address are the individual addresses in this range.
-
-
Set network. In this case, the network is a series of connections shared by the router.
Your network may not have a router or, if accessing the internet with NAT, have only one router between your private network and the public internet. If this is the only router, or if you don't have a router, your entire private network is considered a single network.
Choose a network with a host range large enough to provide an address on each device. Class C networks (eg 192.168.0.x) allow 254 host addresses (192.168.0.1 to 192.168.0.254), which is good if you don't have more than 254 devices. However if you have 255 devices or more, you will need to use a Class B network (eg 172.16.xx) or split your private network into smaller networks with a router.
If you use an additional router, it becomes an "internal router," the private network becomes a "private intranet," and each set of connections is a separate network that requires its own network address and range. This includes connections between routers, and direct connections from a router to a single device.
To keep things simple, the following steps will assume you have only one network, consisting of 254 devices or less, and use 192.168.2.x as an example. We will also assume you are not using DHCP (Dynamic Host Control Protocol) to automatically assign host addresses.
Step 3. Write "192.168.2.x" anywhere
If you have more than one network, it's a good idea to write each address near the appropriate network.
Step 4. Assign a host address in the range 1 to 254 for each computer
Write the host address next to the appropriate device in the diagram. Initially you may want to write down the entire address (eg 192.168.2.5) next to each device. However, as you get better at it, writing down the host part (eg 5) can help save time. The network switcher won't need an address for the purposes discussed here. The router will need an address.
Step 5. Write the subnet mask next to the network address
For 192.168.2.x, which is Class C, the mask is: 255.255.255.0. The computer needs it to know which part of the IP address is the network and which part is the host. IPv4 initially uses the first number (eg 192) to determine this by address class, as described above. However, the emergence of subnets and nonclassified networks necessitated masks because there are now many other ways to divide these addresses into network portions and host portions. For Class A addresses the mask is 255.0.0.0, for Class B the mask is 255.255.0.0
Step 6. Connect your network
Prepare all the necessary equipment, including: cables, computer, Ethernet switch, and router (if used). Look for ethernet ports on other computers and devices. Look for an 8 pin (RJ-45) modular connector. It looks like a standard telephone connector except that it is slightly larger because it has more conductors. Connect the cables between each device, just as in your chart. If there are unexpected circumstances that lead you to deviate from the chart, take notes to show the changes.
Step 7. Turn on all the computers connected to the network
Also turn on all other connected devices. Please note that some devices do not have a power button and turn on automatically once connected to the network.
Step 8. Configure the computer for the network
Enter Internet Options (this step varies depending on the Operating System), and enters the dialog box that allows you to change the TCP/IP protocol. Change the radio button from "Obtain from DHCP server automatically" to "Use the following IP address:". Type in your IP address for the computer, and the appropriate subnet mask (255.255.255.0).
If you don't have a router, leave the "Default Gateway" and "DNS server" fields blank.
If you are connecting to the internet using NAT, use Host Address defined on the router between your private network and the internet as either "DNS server" or "Default Gateway". Do not use Network Address (192.168.2.0)If you are using more than one router, see the Important Notes section. If you are configuring your home network with a relatively new router, this section can be omitted as long as the network is well connected. The router will assign network addresses to all devices on the network that enter your network, until they enter another router.
Step 9. Verify the connection
The simplest way to do this is with Ping. Open MS-DOS or an equivalent program on another Operating System. (On Windows, open a command prompt located in Start Menu - Accessories - Command Prompt) and type: ping 192.168.2. [Enter host number here]. Do this on one host and ping the other. Remember, your router is considered a host. If you can't reach it, read the steps again or contact a professional.
-
NAT allows private networks to connect to public networks by converting IP addresses on private networks to allowable addresses on public networks. From an internet point of view, all devices will connect to one of its public networks according to a public addressing scheme (as described by IANA - Internet Assignment Numbering Authority). "Dynamic NAT" allows multiple private IPs to use the public IP "in turn".
A related technology, PNAT (Port Network Address Translation) – also known as PAT (Port Address Translation) or NAT "Overloading", allows multiple private IPs to "share" a single public IP at the same time. This technology manipulates OSI Layer 3 and OSI Layer 4 information so that connections from multiple private IP seems to be from one computer with one public IP.
Many computer stores, electronics stores, and even convenience stores sell small routers designed to allow multiple users to share a single Internet connection. Almost all of them use PAT, to eliminate the need for more than one public IP (additional public IPs may be expensive, or not allowed, depending on your carrier).
If you use it, you must specify one of the Host Address your private network on the router.
If you're using a more complex commercial router, you'll need to set a private Host Address on the interface that connects to your private network, your public IP on the interface that connects to the Internet, and configure NAT/PAT manually.
If you are using only one router, the interface used to connect the router to the your private network will be "DNS Server Interface" and "Default Gateway". You will need to add the address to this field when configuring other devices.
-
If your network is shared using one or more internal routers, each router will need an address for each network connected to it. (Numbered IP is beyond the scope of this article). This address must be a host address (such as a computer) from the network host range. Usually, host address first available (i.e. address second in the address range, for example 192.168.1.1) will be used. However, every address in host range can be used as long as you know what the address is. Do not use a network address (eg 192.168.1.0), or a broadcast address (eg 192.168.1.255).
For networks that contain one or more user devices (e.g. printers, computers, storage devices) the address that the router uses for that network will be the "Default Gateway" for the other devices. "DNS Server", if applicable, must still be the address used by the router between your network and the internet. For networks that interconnect routers, there is no need for a "default gateway". For networks containing both user devices and routers, any router in that network can be used.
A network remains a network, no matter big or small. When two routers are connected by a single cable, even if the Class C network (the smallest network) contains 256 addresses, they will all belong to that cable. The network address is.0, the broadcast address is.255, two hosts will be used (one for each interface to which the cable is connected), and the other 252 will be wasted because they can't be used anywhere else.
Generally, the small home router described above is not used for this purpose. If used, be aware that the Ethernet interface on the "private network" side usually belongs to the "network switcher" that is built into the router. The router itself is connected to this device internally using just one interface. If this were the case, only one host IP would be shared by all, and they would all be on the same network.
If a router has multiple interfaces with multiple IPs, each interface and IP will create a different network.
-
Subnet mask concept. General concepts will help you understand why this number is important.
Dotted Decimal Notation is a human way of writing IP addresses for easy handling. What the computer "sees" are 32 consecutive ones and zeros like this: 11000000101010000000001000000000. IPv4 initially breaks these numbers into 4 groups of 8 numbers, this is where the "dots" come from - 11000000.10101000.00000010.00000000, each group is an "octet" of 8 bytes. Dotted decimal writes the value of the octet in decimal to make it easier for humans to read - 192.168.2.0
A complex set of rules regarding the sequence of ones and zeros in the first octet is used to create a "Classic Addressing Scheme". However, no subnet mask is required. For all Class A, the first octet is the network, for Class B, the first and second octets are the network, for Class C, the first three octets are the network.
In 1987, the intranet network began to get bigger and the internet was about to be born. Dumping the entire Class C range of 254 host addresses on a small network becomes a problem. Class A and B networks often waste addresses because physical limitations force the network to be shared by routers before it can become large enough to use so many addresses. (Class B host range [256 X 256] - 2 = 65,534 addresses; Class A [256^3] - 2 = 16,777,214).
Subnetting divides a Large Class network into many smaller "subnets" by increasing the number of ones and zeros used to assign the network address (leaving fewer hosts in each network). Small subnets can then be assigned to small networks without using many additional addresses. To determine which byte is the network address we use 1. "Mask" (eg 255.255.255. 192) if converted to binary code (eg 11111111.11111111.11111111.
Step 11.000000) defines exactly how many more bytes are added to the network portion (eg two host bytes). In this example, one Class C with 254 hosts becomes four subnets of 62 hosts each. Of these subnets only two can be assigned to the network; the former and the latter cannot be used according to the rules of RFC-950.
Further discussion of subnet rules is beyond the scope of this article. What's important here is that even if we use a Classy address, Windows (and other software) doesn't know this. And therefore, still need a mask to state how many bytes we want to use for the network part. We declare it using the number 255.255.255.0.
Tips
-
Many devices can determine whether you are using a cross-connect or straight-connect cable. If you must connect one device with a cable, you must use the correct type of cable connection between the two. The computer/router cable to the network switcher will require a straight type connection; computer/router to computer/router requires a cross-type connection.(Note: The port on the back of some home routers actually belongs to the network switcher installed on the router, and should be treated as a network switch)
A straight line is a CAT-5, CAT-5e, or CAT-6 Ethernet cable connection in the following order:
At both ends:
White Orange, Orange, White Green, Blue, White Blue, Green, White Brown, Chocolate
On the first tip:
White Orange, Orange, White Green, Blue, White Blue, Green, White Brown, Chocolate
On the second end:
White Green, Green, White Orange, Blue, White Blue, Orange, White Brown, Chocolate
The above conforms to the TIA/EIA-568 standard, but importantly, for the crosslinking to work, pins 1 & 2 (send) swap places with pins 3 & 6 (receive) on the other end. For straight joints, all pins must be the same at both ends. A series of colors (eg White Orange & Orange) marks the twisted pair of wires. Pinning the same twisted pair of wires (i.e. pins 1 & 2 on one color circuit, and pins 3 & 6 on the other) results in the best signal quality.
-
Note: The TIA/EIA standard has not yet been defined for CAT-7 or later cabling.
-
- Network switchers cost more, but are smarter. This tool uses addresses to decide where to send data, allows more than one device to connect at once, and doesn't waste the connection bandwidth of other devices.
- If you install a firewall on your computer, don't forget to add the IP addresses of all the computers on your network to the firewall. Do this for every computer on the network. If not done, communication between computers will be hampered, even though all other steps have been done correctly.
- Hubs are cheaper if you connect only a few devices, but they don't know which interface is pointing to where. The tool simply forwards everything to all ports, hoping to get to the right device, and letting the recipient decide whether or not it needs the information. This method consumes a lot of bandwidth, only allows one computer to connect at a time, and slows down the network if more computers are connected.
-
Never connect the hub in any way that creates loops or loops. This will cause the data packet to be repeated around the loop forever. Additional packets will be added, until the hub is saturated and cannot pass traffic.
It is best not to connect the network switcher this way either. If you connect the network switcher in this way, make sure the network switcher supports "Spanning Tree Protocol" and the feature is active. Otherwise, the packet will loop around forever just like the hub does.
Warning
- Avoid using the IP range 127.0.0.0 to 127.255.255.255. This range is reserved for loopback functionality, that is, looping back to your localhost (the computer you're currently on).
- While devices that don't affect public systems "in theory" don't have to comply with this policy, in practice DNS services and other software can get confused with using addresses outside this range if not specifically configured.
- Network experts never deviate from this policy if private IP data could affect devices outside their own network, and rarely do so on isolated intranet networks for no particular reason. Service providers are responsible for protecting the internet from IP conflicts by denying service, if private IP addresses outside this range affect public systems.
- IANA (Internet Assigned Numbers Authority) has reserved the following three blocks of IP address ranges for private networks: 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255
- Problems can also arise if a software, hardware, or human error problem causes a private IP outside this range to be used on the public internet. The causes could be anything from a router failing to properly set up to accidentally connecting one of your devices directly to the internet another time.
- For security reasons, do not deviate from the private address range that has been allocated. Adding Network Address Translation to a private network that forwards private addresses is a low-level security method and is known as the "Poor Man's Firewall".
