Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1565
Views
10
Helpful
4
Replies

Why do you not need to configure a subnet mask on a public IP address

Go to solution
Joe20
Level 1
Level 1

‎09-12-2021 03:58 AM

Hi,

 

I got a question from a friend who asked to what subnet a public IP address belongs to.

I never thought about it because i never seen it in a home router config. I only see it in a lan with private IP addresses.

If you configure an Outside IP address with DHCP you get one from a pool of adresses  i assume.

 

That made me thinking about how the isp is configuring this in there tier.

 

With theory in mind from private IP subnetting i learned that devices have to be on the same subnet first off all to be able to talk to each other.

If this rule is the same for Public IP's than a outside router ip address, could be possible a part off a subnet where devices can talk to each other. 

When these devices are different customers how do ISP's prevent network traffic from one host (router) to another?

And do you know why you as a home user do not need to know the subnet mask or do you ? 

 

I'm curious and appreciate your answers.

THX in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP

‎09-12-2021 07:41 AM

Hello,

 

actually, you can get a static e.g. /30 address from an ISP, in which case you would have to know and manually enter the subnet mask.

 

That said, given the shortage of IPv4 addresses (all of which have now been assigned by IANA, the Internet address authority), there are various techniques such as Carrier Grade NAT (which involves hardware and software that lets ISPs assign the same public IP address to multiple customers).

 

As for how ISPs provide security between customer networks: there are a whole lot of tools available (the simplest ones being ACLs). The presentation linked below gives a good overview:

 

https://archive.nanog.org/meetings/nanog26/presentations/ispsecure.pdf

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎09-12-2021 07:03 AM

Any network-required subnet mask depends on the size of the network.

 

ISP may have a different larger pool for the Customer (based on the requirement, take here DSL) - some ISP provides subnet mask of 255.255.255.255 (from their radius) - how they routing is a different topic here.

 

The IP Address you getting from ISP most cases Public Routable IP. Your Internet RFC 1918 address can not be reachable to the Internet, that is the reason you do NAT using ISP Public IP, this will happen automatically based on the ISP router provided to you.

 

And do you know why you as a home user do not need to know the subnet mask or do you ?

You do not need to much worry, since this changes when you reboot ISP Modem.

 

 

When these devices are different customers how do ISP's prevent network traffic from one host (router) to another?

This is more of a Provider network, they do use BGP peering to exchange the routing information to reach each other.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Georg Pauwen
VIP
VIP

‎09-12-2021 07:41 AM

Hello,

 

actually, you can get a static e.g. /30 address from an ISP, in which case you would have to know and manually enter the subnet mask.

 

That said, given the shortage of IPv4 addresses (all of which have now been assigned by IANA, the Internet address authority), there are various techniques such as Carrier Grade NAT (which involves hardware and software that lets ISPs assign the same public IP address to multiple customers).

 

As for how ISPs provide security between customer networks: there are a whole lot of tools available (the simplest ones being ACLs). The presentation linked below gives a good overview:

 

https://archive.nanog.org/meetings/nanog26/presentations/ispsecure.pdf

0 Helpful

Go to solution
Joe20
Level 1
Level 1
In response to Georg Pauwen

‎09-14-2021 12:02 PM

Hi Georg

Thank you for your answer, and thanks for the link that gives indeed a good overview off security between customers , isp etc. 

 

WKR

Joe20   

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎09-12-2021 01:36 PM

Hello @Joe20 ,

actually ISPs can emulate a point to point session with each customer using for example PPPoE in this way they can perform authentication, authorization and accounting and they can also "isolate" each of them.

Public IP addresses for consumer connections change at each session and they are picked up from ISP pools.

 

All the notes from @Georg Pauwen  apply given the shortage of public IPv4 addresses ISPs can use different strategies to serve customers.

 

For business connections with a static IP address the public address is manually configured with its own appropriate subnet mask that can be a /30 or it can be something larger like a /29 a /28 or /27 depending on the customer needs additional IP addresses in that case are used to publish some servers on the internet using static NAT statements.

In other cases the provider can give a /30 subnet for the WAN link and a separate IP subnet for the purposes of company servers publishing over the internet.

NAT overload allows to use a single IP address to serve multiple internal clients saving on address space.

 

Hope to help

Giuseppe

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card