In our example, we will focus on private networks connected to the Internet through a single public IP address. Under such circumstances, the local network will be “hidden” behind this IP address entirely.
Local networks which do not belong to the Internet (so called private networks) use reserved special ranges of IP addresses. These addresses must not exist in the Internet (Internet routers are usually set in order to drop all packets that include these addresses).
The following IP ranges are reserved for private networks:
10.x.x.x
, network mask 255.0.0.0
172.16.x.x
, network mask 255.240.0.0
192.168.x.x
, network mask 255.255.0.0
Do not use other IP addresses in private networks, otherwise some web pages (those networks that have the same IP addresses) might be unavailable!
For the headquarters' LAN, the private addresses 192.168.1.x
with subnet mask 255.255.255.0
(IP subnet 192.168.1.0
) will be used whereas IP addresses10.1.1.x
with subnet mask 255.255.255.0
(IP subnet 10.1.1.0
) will be used for the filial's LAN.
The following methods can be used to assign IP addresses to local hosts:
The 192.168.1.2
static IP address will be assigned to the domain server/FTP server (its IP address must not be changed, otherwise mapping from the Internet will not work).
A Static IP address will be assigned to the network printer by the DHCP server (DHCP lease). Printing machines cannot have dynamic IP addresses, otherwise they would be unavailable from clients if the IP changes.
IP addresses can be assigned to printers either manually or by a DHCP server. If a DHCP server is used, the printing machine is configured automatically and its address is listed in the DHCP lease list. If configured manually, the printing machine will be independent of the DHCP server's availability.
Dynamic IP addresses will be assigned to local workstations (easier configuration).
Notes:
The DNS domain in the LAN must be identical with the Active Directory domain (i.e. company.com
).
IP addresses 10.1.1.x
with the subnet mask 255.255.255.0
will be used in the network of the branch office. The Active Directory domain is not used in this network, so it is necessary to create a local DNS domain filial.company.com
.