Addressing

From securityrouter.org, an OpenBSD-based firewall
Revision as of 21:08, 24 November 2011 by Anders (talk | contribs) (Created page with "This article deals primarily with IP addressing; a fundamental but yet important matter. A network device, such as a computer or router, usually have one or more IP addresses, as...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This article deals primarily with IP addressing; a fundamental but yet important matter. A network device, such as a computer or router, usually have one or more IP addresses, assigned to network interfaces. The interface can be physical (which is the most common case), or logical, which would be the case when for example creating a VLAN. These are some important facts and constraints regarding IP addressing:

  • Addresses affect the routing table, which results in several constraints:
    • The netmask/prefix length needs to be specified with an address, in order to define how large the layer 2 (directly reachable, normally Ethernet) network is.
    • As a consequence of the previous statement, the same IP address should not be assigned to two different interfaces because it is ambiguous.
    • Similarly, in cases when several IP addresses are defined in the same subnet/prefix, all addresses (aliases) except one (the primary) should be specified with an all-ones mask (/32 for IPv4 and /128 for IPv6).
    • One special case regarding the previous two statements, is that the same subnet/prefix can be used on both an address redundancy (CARP) interface and a physical interface, preferably with the address on the CARP interface being the alias (all-ones mask)
  • The product uses almost exclusively the CIDR notation, with an IP address of 192.168.0.1 on a class C network (255.255.255.0) being specified as address 192.168.0.1/24 (some pages in the web administration have a toolbox which can be used for netmask to CIDR conversions).