IP address routing question

--chris--

I have not dove into too many IP videos or books yet as I am trying to stay focused on school work and the A+, but I have this question that has been driving me nuts. I am finally breaking down and just asking here.

I use a VPN client to login to my employer's network from my laptop/at home. During the setup of the client, I had to put in the IPv4 address of our VPN gateway.

I know that IPv6 is widely adopted and in use in order to assign unique addresses to the billions of destinations around the internet, so how is it that the IPv4 address gets me connected to the VPN gateway?

I was (wrongly?) under the impression that without a IPv6 address it would not connect due to the current state of the internet compared to...20 years ago.

shodown

When you connect to your companies VPN you connect over your public IP to a public IP of a VPN server. Once the VPN is setup its like your computer is part of the your corporate network, and you can see the Networks (which maybe private IP's) of your company.


There You can still get IPV4 address space from providers. You may not be able to order an entire class A range, but you can still get some. Whenever you connect from broadband you get some form of a IP address. Most of the time its from a DHCP server that the ISP's use to give addresses when needed so someone who doesn't' connect often doesn't' suck up an IP address

willIAMss

Guys, is RDP a part of VPN?? not sure why I don't know this, but at my previous job when we set up VPN we used RDP in conjunction with VPN. So is RDP officially a part of VPN?

Thanks

--chris--

@willIAMss - I believe they are completely separate, nothing to do with each other.

@showdown, I am afraid I blurred my question wiht details. I understand why when I am connected via VPN I can use remote desktop to connect to servers via IPv4 addresses and why all the network resources are their.

What I dont understand is how I only used a IPv4 address from my house and yet I still successfully connected to my employers VPN gateway over the internet without any IPv6 address involved.

For example, when I downloaded and installed the software here at my house I entered an IP address similar to this: 204.193.10.162. That got me connected to our VPN gateway. I always thought that wasnt enough info to get the job done via the internet? I understand that would work within a much smaller network like my employers, but with a network like the internet how is it possible those few numbers gets the job done?



edit: One idea did just occur to me though, is it likely that the VPN software has a VPN database of IP's that the software contacts when attempting to connect? That database receives the simpler IPv4 from the user, references that against what it has in its DB then provides the rest of the IP address info to create a successful connection?


Or am I going way off in the wrong direction? We are using Barracuda VPN btw.

shodown

Hmmm

Ok, I'll try again


When you entered the IP address of your VPN "204.193.10.162", Lets say your home IP address is "18.5.3.5" What happens is that your computer tries to find out how to get to that address. It figures out that 204.193.10.162 is not on its local network, so it goes to your default gateway which maybe "18.5.3.254". The default gateway looks for a route to 204.193.10.162, it may or may not have a route to 204.193.10.162. If it does have a route it sends your request to that destination, if it doesn't have a route it sends the traffic to its "default route ip address" which is kinda like a escalation point. This default route is where you can set your router to send traffic that it doesnt' know how to get to and that router that accepts those routes may or may not have a way to that 204.193.10.162 IP address and the process repeats.

THe router itself uses several tools to exchange routes with other routers, but I'll leave that out. This is a generalization of how things work and I hope I made it simple enough. All a router basically is is a box with a few doors and it runs logic to figure out which door traffic should go out.

AwesomeGarrett

The internet is still IPv4. My understanding is that an ISP that is using IPv6 is using NAT PT to communicate with the rest of the internet that is IPv4.

There is still a lot of wasted IPv4 address space out there and I'm sure the powers at be will want some of that back before moving on to IPv6. So, your company uses a 32 bit address for the VPN because they have a range of public IPv4 address space available to them.

The internet is a large place but not everyone can have their own IPv4 address space thus NAT and private IP addresses.

So, yes an IPv4 address is still enough to communicate on the internet. In fact I tried to pull an IPv6 address from my ISP and failed meaning they are probably not running an IPv6 DHCP server on the subnet that I am on.

phoeneous

willIAMss wrote: »

Guys, is RDP a part of VPN?? not sure why I don't know this, but at my previous job when we set up VPN we used RDP in conjunction with VPN. So is RDP officially a part of VPN?

Thanks

No, two different protocols. Well, rdp is a protocol and vpn is a concept suite which may involve many other protocols like ipsec, ssl, gre, vpls, dmvpn etc..

--chris-- wrote: »

Or am I going way off in the wrong direction? We are using Barracuda VPN btw.

Yes and no. The internet is still largely comprised of ipv4, although on paper we have run out of "new" internet routeable ipv4 addresses that can be given out. You don't need ipv6 to use ipv4 and vice versa, but the two can work together if needed.

ratbuddy

I know that IPv6 is widely adopted and in use in order to assign unique addresses to the billions of destinations around the internet, so how is it that the IPv4 address gets me connected to the VPN gateway?

Chris, IPv4 still works because everyone still uses it. IPv6 will eventually take over, but that day is not any time soon.

IPv4 has something like 4.3 billion addresses, while IPv6 uses a longer address space and can handle 3400000000000000000000000000000000000000 addresses, give or take a few quintiillion. There are a couple other differences (read the wikipedia article for an overview), but the main thing is that IPv4 will someday run out of addresses, so an address system that can handle essentially unlimited addresses was created. So far, IPv4 still handles the vast majority of internet addresses.

IPv4 will not stop working just because IPv6 sees wider use. A system can run dual IP stacks and have an address in both IP versions simultaneously to maintain compatibility with both. The system is still the same, just reachable by dialing different numbers, so to speak.

For example, when I downloaded and installed the software here at my house I entered an IP address similar to this: 204.193.10.162. That got me connected to our VPN gateway. I always thought that wasnt enough info to get the job done via the internet? I understand that would work within a much smaller network like my employers, but with a network like the internet how is it possible those few numbers gets the job done?

IPv4 addresses are most assuredly enough to reach an address across the internet. "Only" a few billion, but that's enough for now

Qord

As others have hinted at, IPv6 is not yet required. IPv4 will probably remain in place for at least another 20 years. For most companies, there's just no need to move over to v6 because of private addressing and nat.

--chris--

Thanks, everyone

The answer is now crystal clear.

jibbajabba

I wonder how many companies actually still require their /8 ...I think Apple, HP and even MIT have all a /8 ... a University needing 16M IPs ?

They were all assigned in the same year NAT was invented so they probably only got them because they could

Qord

jibbajabba wrote: »

I wonder how many companies actually still require their /8 ...

Our org is holding steady with our Class B....I don't see us ever moving to v6 honestly, except maybe for external purposes. We'll never exhaust our pool.

The "old timers" still talk about when they had to decide between an A and a B. Some of them still say they should have gotten an A... Ridiculous.

willIAMss

So VPN is just foraccessing networked drives at a different location?

phoeneous wrote: »

No, two different protocols. Well, rdp is a protocol and vpn is a concept suite which may involve many other protocols like ipsec, ssl, gre, vpls, dmvpn etc..



Yes and no. The internet is still largely comprised of ipv4, although on paper we have run out of "new" internet routeable ipv4 addresses that can be given out. You don't need ipv6 to use ipv4 and vice versa, but the two can work together if needed.

phoeneous

willIAMss wrote: »

So VPN is just foraccessing networked drives at a different location?

For the most part yes, but accessing them securely.

Qord

More broadly stated, VPN's are for creating a secure connection to a remote network. You can access networked drives over a VPN, but you can also connect to printers, full corporate email, and internal web pages, not just network drives.

--chris--

VPN's also allow users to access communication servers (Avaya or Lync). In a nutshell, it brings everything that you would have sitting at your desk (as far as network resources go) to your laptop or home PC securely.

Now a question I always have, but never bothered to look it up because I dont want to get side tracked while studying...What mechanism makes a VPN secure and how secure is a VPN connection?

phoeneous

--chris-- wrote: »

VPN's also allow users to access communication servers (Avaya or Lync). In a nutshell, it brings everything that you would have sitting at your desk (as far as network resources go) to your laptop or home PC securely. Now a question I always have, but never bothered to look it up because I dont want to get side tracked while studying...What mechanism makes a VPN secure and how secure is a VPN connection?

Several things can make a vpn mainly firewalls, routers, and servers, and each can use different mechanisms. The level of security I suppose would be dependent on the protocols that you use and the level of encryption: 128, 256, 1024, 2048.