Introduction to the Internet Protocol (IP)
Setting up and using a VPN connection often entails an adjustment to the IP address of one or both parties to the connection. This section explains the most important basis of IP technology based on a typical IP configuration under Windows XP.
Figure 1: Example configuration
The IP Address
For devices, or hosts to be able to communicate with each other in a network, each device must have a unique address. IP networks take care of this using an IP address. The IP address is a 32-bit address, i.e. a 32-character string consisting of the values 0 and 1. For the sake of simplicity, this binary combination is represented in the form of four decimal values, also called octets.
Thus an IP address has the form xxx.xxx.xxx.xxx, for instance 192.168.178.10 (represented as a 32-bit address: 11000000.10101000.10110010.00001010).
Because the decimal values are based on the actual binary address, they cannot be freely selected. Only values from 0 (all bits equal 0) through 255 (all bits equal 1) are allowed.
The Subnet Mask
In order to build networks and make orderly communication among them possible, an IP address always consists of two parts: the network part and the host part. Within a network, all devices must have the same network address and different host addresses.
Which part of the IP address designates the network and which the host is defined using the subnet mask. The value"255" in the subnet mask shows that this octet of the IP address belongs to the network part.
Figure 2: IP address and subnet mask
Accordingly, "192.168.178" is the network part and "10" is the host part. It could be said that this device is device number 10 in the network 192.168.178.
In order to address the network itself, the host part is set to 0. The correct address of the network in our example is thus 192.168.178.0. Since the host address 0 is reserved for the network, it may not be assigned to any device.
Another address is reserved: the broadcast address. A broadcast is a call that addresses all devices within a network. The broadcast address in a network is the last possible host address, generally the number 255.
Our example network has the following concrete addresses:
 | Network address: 192.168.178.0 |
| Hosts: 192.168.178.x, whereby x can take on the values from 1 to 254 |
| Broadcast: 192.168.178.255 |
The Default Gateway
Within a network, all devices can exchange data with each other directly. For communication outside the network, the networks must be connected with each other. This is done using routers. A router "knows" the networks connected to it and can deliver packets from one network to another. In large networks like the Internet, multiple routers are involved in delivery, as no router knows all networks.
The default gateway indicates the address of the router that is responsible for the local network. If a data packet is addressed to a different network, it is sent automatically to the default gateway, i.e., the router.
FRITZ!Box is an Internet router that connects the local network with the Internet. This is why the IP address of the FRITZ!Box generally has to be entered as the default gateway.
DNS Server
For the user it is extremely inconvenient to address devices using their IP addresses. For this reason devices are assigned names, which then can be resolved into IP addresses. There are a variety of mechanisms for assigning and resolving names. In the Internet the Domain Name System (DNS) has become the established method.
To open the AVM web site, for instance, the user does not have to enter the IP address of the AVM web server. The DNS name www.avm.de can be used instead. A DNS server resolves this name into the corresponding IP address so that the browser can then load the desired web page from the server with that IP address. The DNS server required for this is supplied by the Internet Service Provider (ISP).
Figure 3: The DNS server
FRITZ!Box automatically forwards DNS requests to the provider's DNS server. Even fritz.box is a DNS name, which the FRITZ!Box automatically resolves into the current IP address of the FRITZ!Box. This is why the configuration page of the FRITZ!Box can be reached by entering this name.
Assigning IP Addresses
The IP address can be assigned manually, as in our example, or automatically.
Figure 4: Assigning IP addresses
Automatic configuration has several advantages, like the prevention of doubled address assignments and typos. What is more, if you work in multiple networks, as on a laptop at home and in the office, this method ensures that the device always has the correct IP parameters.
In Windows 2000, XP and Vista, the IP address currently assigned can be displayed by entering ipconfig in the command line.
Figure 5: Displaying the IP address using the ipconfig command
Upon delivery the FRITZ!Box assigns IP addresses via DHCP.
Excursus: Public and Private IP Addresses
In a VPN private networks are connected via the public Internet. For better understanding it is thus an advantage to be able to differentiate between the two kinds of networks.
The Internet is nothing other than a large, complex IP network. In the Internet, too, every device must have its own, globally unique IP address. These addresses are called public addresses and assigned by the IANA (Internet Assigned Numbers Authority).
Every user in the Internet requires a public IP address. That is why the ISPs have address pools with public IP addresses which they assign to their customers for the duration of their respective Internet connections. This address generally changes with each connection, or, at the latest, after 24 hours when the connection is cleared by the ISP.
For local, private networks there are reserved addresses which the IANA does not assign in the Internet. Therefore private IP addresses can be assigned without any risk of conflict with Internet IP addresses. For smaller companies and private users private networks are most often assigned from the range 192.168.xxx.0, for instance 192.168.100.0 or 192.168.178.0. The following address ranges are reserved for private networks:
| Address Block | Description |
|---|---|
| 10.0.0.0 | Very large networks (up to 16 million clients) |
| 172.16.0.0 | Large networks (up to 65,000 clients) |
| 192.168.0.0 | Small networks (up to 254 clients) |
For a private network to be able to connect with the Internet, Internet routers like the FRITZ!Box resort to a simple "trick": They "hide" the private network behind the public IP address received from the ISP upon connection. This address conversion is called NAT (Network Address Translation).
IP Profile of the FRITZ!Box
All FRITZ!Boxes have the following IP parameters configured upon delivery:
Network address: 192.168.178.0
Local address: 192.168.178.1
DHCP server: yes, enabled
DHCP range: 192.168.178.20-200
The range 192.168.178.2-19 is designated for manual assignment; the range 192.168.178.200-254 is for VPN clients.
All of the parameters listed above can be modified. The DHCP server can also be switched off.