Slashdot Mirror

← Back to Stories (view on slashdot.org)

Local Network IPs - 10.0.0.0/8 or 192.168.0.0/16?

Posted by Cliff on from the matters-of-personal-opinion dept.

mike9010 asks: "After reading a few articles on the net about networking, I have come up with a question. It seems that most of them say to use 192.168.0.0/16 for a local network. Why not use 10.0.0.0/8 though? It is my understanding that it can hold a lot more IP addresses, and it is also prettier." What local network range are you using for your networks?

12 of 215 comments (clear)

  1. 10.0.0.0/8 by MazTaim · · Score: 4, Informative

    I actually asked this question once. Nobody could really give me a good answer. I personally prefer 10.0.0.0 over 192.168.0.0. It does look pretier, it's easier to type, and you do have more IPs to play with. Who has need for all those IPs is beyond me, but I say you can never have too many IPs.

    It does look prettier. here is how I broke down my NAT network

    10.0.0.0-255 = Routers/Server - Kinda, sorta DMZ
    10.0.1.0-255 = Wired Workstations
    10.0.2.0-255 = Wireless Workstations
    10.0.3.0-255 = Test stuffage

    192.168.0.0 is the defacto standard for just about any router you buy off the shelf. Perhaps there is a valid reason?

  2. Re:What if your provider has a private network too by ArmorFiend · · Score: 4, Informative

    furthermore, DO NOT use 192.168.0.XX. Because you might get a job with a vpn-ing company that uses that to. Get a random number under 256, and use that instead of 1.

    e.g. I use 192.168.88.XX. I used to use 192.168.1.XX, but guess what, I got a job ...

  3. IP Subnetworking by hawkstone · · Score: 5, Informative
    From the IP subnetworking HOWTO:
    There are also special addresses that are reserved for 'unconnected' networks - that is networks that use IP but are not connected to the Internet, These addresses are:-

    * One A Class Network
    10.0.0.0
    * 16 B Class Networks
    172.16.0.0 - 172.31.0.0
    * 256 C Class Networks 192.168.0.0 - 192.168.255.0


    The one most often used by home networking products is 192.168.1.x in my experience, not the full /16. They are designed to hold 254 addresses, no more. Why are these designed for only a small number of IP addresses? Well, the home routers often have 4 ports, with maybe wireless. Are you really going to have a few hundred clients? Anyway, it's probably best to stick with the 192.168.1.x for a small network if you're planning on connecting to one of these. If, not, do whatever floats your boat!
  4. Choose randomly by Fluffy+the+Cat · · Score: 4, Informative

    RFC 1918 recommends that you choose a network randomly in order to reduce the chances of colliding with any other internal network you may ever want to connect to.

  5. Disabling APIPA by Futurepower(R) · · Score: 3, Informative


    Disabling Auto IP-address generation

  6. Pedantic correction: by Asprin · · Score: 4, Informative


    192.168.0.0/16 doesn't exist.

    It's really a set of 256 (254, really because you aren't supposed to use 0 or 255) /24 networks:
    192.168.1.0/24
    192.168.2.0/24
    192.168.3.0/24
    ...
    192.168.254.0/24

    Now, if you set up your internal routing and gateways correctly, the difference doesn't matter, but TECHNICALLY, since 192 starts with the binary digits '110', it's a class C (/24) network.

    FYI.

    Which (10.0.0.0/8 or 192.168.0.0/24) you use doesn't matter unless you need to connect your network to somebody else's, but a bad decision (or evaluation of capacity) early on can come back to create problems if your network grows beyond the address space you planned for it. GOOD DESIGN IS ESSENTIAL to preventing problems down the road. Usually the # of hosts you need on your network segments drives the decision. Some larger networks will use the /24 blocks for local departmental LANs, and hook them together with /8 block addresses on the internetwork routers, but there are gobs of ways to do it.

    I'd recommend searching Cisco's site for white papers on network design, or maybe googling for TCP/IP tutorials.

    --
    "Lawyers are for sucks."
    - Doug McKenzie
  7. Re:Hi, I'm ignorant. Pleeztameecha! by Medieval_Gnome · · Score: 5, Informative

    It is a method of indicating how many bits in the address are part of the 'network' number, as opposed to the 'host' number. For example..

    In 10.0.0.0/8 that means there are 8 bits that identify the network (10.x.x.x) and 24 bits (IP addresses are 32 bits, 8 bits are already used for network; 32-8=24) for the machine number (the x.15.53.45)

    So now, for '192.168.0.0/16'. The 192.168 part is the network part, and the '/16' means the last 16 bits are used for hosts. When the slash-number is larger, that means the person with that IP range has less IPs. /24 means the user has 254 hosts at their disposal, while a /8 means over 16 million.

    I really hope this helps, sorry I'm not the greatest at explaining things.

    --

    :wq

  8. Re:Hi, I'm ignorant. Pleeztameecha! by shfted! · · Score: 3, Informative

    It's to seperate the bitmask. An IPv4 address is 32 bits long, in big endian order (biggest value goes first, like our decimal system). The /XX is simply an abbreviated way of writing a subnet that starts with n 1's and ends with 32-n 0's. For instance, 10.0.0.0/8 means the 10.x.x.x network with a subnet mask of 255.0.0.0. 192.168.0.0/16 means the 192.168.x.x network with a subnet mask of 255.255.0.0. 192.168.123.128/26 means the 192.168.123.[128 to 192] network, with a subnet mask of 255.255.255.64.

    Almost always, if written in binary, subnets will look like a bunch of ones, then a bunch of zeros. Sometimes, it's convenient to have a subnet that does *NOT* designate a contiguous network segment. For instance, you might have 192.168.2.[64 to 127] and 192.168.3.[64 to 95]. In this case, this is a network 192.168.[2-3].[64-95] with a subnet mask of 255.255.253.32 (which can't be represented in the / form). Don't try this though, as certain buggy OS's might get confused.

    --
    He who laughs last is stuck in a time dilation bubble.
  9. CIDR! by tachyonflow · · Score: 5, Informative
    Welcome to the world of classless routing!

    192.168.0.0/16 certainly does exist. The first three bits has not dictated the netmask for years. See RFC1817 for more information on this. Here's a relevant excerpt (emphasis added):

    Classless Inter-Domain Routing (CIDR) ([RFC1518], [RFC1519]) is deployed in the Internet as the primary mechanism to improve scaling property of the Internet routing system. Essential to CIDR is the generalization of the concept of variable length subnet masks (VLSM) and the elimination of classes of network numbers (A, B, and C). The interior (intra-domain) routing protocols that support CIDR are OSPF, RIP II, Integrated IS-IS, and E-IGRP. The exterior (inter-domain) routing protocol that supports CIDR is BGP-4. Protocols like RIP, BGP-3, EGP, and IGRP do not support CIDR.
  10. Re:What about 172.16.0.0/12? by nocomment · · Score: 3, Informative

    That's exactly it.

    Here at my company I use the 10/8 wherever I can.

    Set it up something like this

    10.0.0.0 = IT
    10.0.1.0 = dhcp range

    10.1.0.0 = IT at a different site
    10.1.1.0 = dhcp range 2nd site

    10.4.0.0 = test systems
    10.5.0.0 = production nat

    The ranges have been changed to protect the weak ;-) But you get the idea. I have seen a /24 fill up which was a huge pain so I use a /16 for the dhcp range. I will never ever run out of IP's.

    There's a couple of 192.168 network scattered about, but this makes things really easy.

    I do use the 192.168.0.* range on my home LAN though.

    --
    /* oops I accidentally made a comment, sorry */
    /* http://allyourbasearebelongto.us */
  11. Re:FP... by afidel · · Score: 5, Informative

    These are not BS. This was an IP block set aside for future use and Apple, MS, Sun, and others decided to use it for local link zero config stuff. This was codified by the ietf and is specified in RFC 3330 and other places.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  12. Re:Don't go with the flow by schon · · Score: 3, Informative

    Now granted this limits me to 256 IP's

    So if you're concerned about that, why not just change the mask to /16 instead of /24? Considering that the 172.(16-32).x.x addresses are all /16's anyway.

    honestly, you could use whatever you wanted with the proper network setup.

    Please, PLEASE, PLEASE, never do any network setup. Ever. Until such time as you understand what you're talking about.

    Worst case scenerio is that you might stumble upon a computer in the real world with the same IP address as you, but that'd be rare.

    Depending on the range, "rare" is pretty subjective.

    It's not the specific IP address, but the whole network. When you take an IP address belonging to someone else, you are not only limiting yourself from talking to that one IP address, but you're limiting yourself from talking to every computer on that IP network.

    It might not even be a problem if you accessed it by a DNS entry through a DNS server that was external to your network

    Before giving out advice, please learn a little bit about IP. DNS means NOTHING .