display | more...
A special hierarchy of IP addresses reserved for local, non-public networks. Any IP address beginning with 192.168, for example 192.168.0.1, is not routable on the general internet. Anyone can assign and use these addresses for computers on local networks, and any computer with one of these addresses cannot talk to the rest of the internet using that address unless some sort of special IP sharing has been set up.

There are two other IP blocks (see Nonroutable IP Addresses that behave the exact same way as 192.168.*: 172.16.*, and 10.*. 10.* is where routers, dsl modems, and similar such things tend to like to live, since they consider themselves to be only important as local beasts. (thanks m_turner)

Most of the time when you see a computer with a 192.168.* address, a proxy or ip masquerade has been set up somewhere on the network in order to allow the computers on the local network to communicate with the outside world by sending all their traffic to the proxy computer-- which has a real, non-192.168.* address-- which shares its IP with the local computer, retrieves the information the local computer needs, and forwards it back to the computer. This is all generally totally transparent, and you see it done a lot at colleges and some businesses that don't want to pay for an IP address for each computer. Computers with a 192.168.* address generally can't be used for web, ftp or telnet servers-- the computers on the local network will be able to talk to that server, but the rest of the internet will be unable to get inside of and talk to the 192.168.* network unless inbound port mapping has been set up.

Under IPv6 none of this should be a problem.

This node was originally titled "192.168.*". The "*" was meant to be a wildcard, in the UNIX tradition of using a * to describe the idea of "you can put anything you like here". At one point, this node was renamed for an editor to "192.168.0.0/16". I was not notified as to why, and didn't understand the significance of the /16, so i posted a request for someone to explain this. Shannara256's writeup below was the reply.

Ocelotbob points out that if you want to understand this all in detail, you can see RFC 1918.

The class C address range set aside for internal use. The private addresses are described in RFC 1918, and also include 10.* (10.0.0.0/8) and 172.16.* (172.16.0.0/12).

As to the naming convention:
Short answer: 192.168.* == 192.168.0.0/16 and 192.168.0.* == 192.168.0.0/24

Long answer:

An IP address is composed of two parts: the network name and the host name. In order to derive the network name from an IP address, the TCP/IP stack bitwise ANDs the IP address with the subnet mask. The result is the network name. If the network name is the same as the network name for the network adapter, then it proceeds to look at the host name (the bitwise complement of the network name ANDed with the IP address) to see who to give it to, otherwise it sends it along its predestined route.

Now that we know all that, we can explain the little /x at the end of the network name. That is the subnet mask, with the first x bits of the 32-bit number (in IPv4) set to 1, and the remaining bits set to 0. So, for 192.168.0.0/16, the subnet mask is 11111111.11111111.00000000.00000000 in binary, or 255.255.0.0 in decimal. This means that the first two numbers, 192.168, are the network name, and all the rest of the numbers designate different hosts on that network.

The private class-C address block, 192.168.0.0/24, is the most-used private IP network address, probably due to the proliferation of home-network devices like Linksys routers. When using this address scheme, you actually have a total of 254 usable addresses (192.168.0.1 through 192.168.0.254). For home networks and small businesses, this is more than enough addresses for all the devices on the local area network (LAN).

One of the mistakes I see all the time involves setting up a home router with cable or DSL. A router will route traffic from one network to another, but it will not allow local traffic to get through. For example:

                       _________
                      | LINKSYS |
  WAN=192.168.0.2/24  W         L  LAN=192.168.0.1/24
                      |_________|

In the above example, traffic from the LAN will not get to the WAN (Internet) because both addresses are on the same network. The WAN and LAN must be on different networks for the router to function. Because of all the problems Linksys ran into, they now ship routers with the LAN set to 192.168.2.1/24. Because the first three octets are different (192.168.0.x versus 192.168.2.x), they act like they are on different networks, and the traffic will flow.

Log in or register to write something here or to contact authors.