USR :: What are Static IP, Dynamic IP and NAT?
More about Networking
What are Static IP, Dynamic IP, Network Address Translation (NAT), firewalls, Stateful Packet Inspection (SPI), and DNS?
It’s a good idea to understand what these terms mean, as it will make it easier for you to set up your network.
A static IP address is always the same. You manually configure your computer to use a specific IP address. Your ISP will provide this address.
A dynamic IP address needs to be assigned to a computer. When the computer is turned on, it will “search” for the Dynamic IP server (in Windows, this may also be called DHCP). Once this IP address is assigned, your computer uses it until it is turned off.
Why would I use one or the other?
It is important for web and mail servers to always have the same IP address; that way the address doesn’t have to be looked up every time a server needs to be accessed. When you get residential high-speed Internet access, your ISP maygive you a static IP address.
However, not every machine on the Internet can have a static IP address. In the current IP protocol, there are a limited number of numbered IP addresses, and they need to be conserved. Chances are (unless you request it or you purchase more costly “Business” high-speed internet access) you use a Dynamic IP address. This allows your ISP to conserve outside IP addresses. However, inside their network, they can use a “block” of reserved internal addresses for you, their customers. Other ISPs also use the same block of addresses for their customers, while conserving outside IP addresses.
This may seem confusing, but in many ways, it is similar to how phone numbers are conserved. For example, the same telephone number may be used in two separate households. This is feasible since each household is located within a distinct area code. In the same way an area code serves to localize a telephone number, Network Address Translation (NAT) is used to map private, internal IP addresses to public ones.
What is NAT?
When you have a dynamic IP address from this block of internal IP addresses, and you request information from the Internet, your internal address really doesn’t mean much outside of your ISP’s network. It would be like calling someone in another country and saying “Call me back at 123456.” Without an area code, this information is useless.
(Actually, the Internet takes this one step further: if you use one of these reserved internal IP addresses to make your request, most routers handling Internet traffic will completely ignore, or “drop” the message.)
In order for this traffic to get through, these addresses need to be translated from the internal IP address to a valid IP address. When a response is received, your ISP “remembers” where it came from and sends it back to you. This also helps secure your network by hiding the true IP addresses of your computers.
Why do I need to know all of this?
When you have a home network, you have to do the same thing for the computers in your network! Fortunately, software in the router or in one of your computers does all of the work for you, but it helps if you understand how it all works. Setting up a router is fairly simple, but you need to know if your ISP provides a static or Dynamic IP address. Your router (or Internet Connection Software, if you share Broadband through one of your computers) will dynamically handle the Network Address Translation. Firewall software monitors the traffic passing through and prevents unauthorized outsiders from accessing your files. In addition, you can configure your router to handle some traffic differently: certain applications use ports to communicate to the internet, and you may need to configure your firewall to allow traffic through these ports. Some USRobotics products, such as the SureConnect™ ADSL Ethernet/USB Router, have advanced security features like Stateful Packet Inspection (SPI).
What is SPI? Stateful Packet Inspection is advanced firewall functionality that allow certain types of attacks to be identified and blocked in real time. There are many different types of attacks that aren’t blocked by simple NAT. By closely analyzing the packet structure of incoming traffic, you can better protect your network.
What is DNS? When your computer needs to locate another computer on the Internet, it contacts a Domain Name Server (DNS) to find out the IP address, so the two computers can communicate directly. If that DNS server doesn’t know, it contacts other DNS servers until the IP address is located. The address is passed back down to your computer, and it uses the correct IP address to communicate directly. Wireless networking operates on many of the same principles as conventional networking.