Displaying or Blocking a Private IP Address

This topic outlines the strategy that MR Storage Administrator is following for displaying or blocking a private IP address in a corresponding sub-net.

Private IP address – A private IP address is a non-internet facing IP address on an internal network. Private IP addresses are provided by network devices, such as routers, using network address translation (NAT).

Virtual IP address – A virtual IP address (VIPA) is an IP address assigned to multiple domain names or servers that share an IP address based on a single network interface card (NIC). VIPAs are allocated to virtual private servers, websites, or any other application residing on a single server. The host server for these applications has a network IP address assigned by a network administrator, whereas the different server applications have VIPAs. VIPAs enhance network load balancing and redundancy.

Automatic Private IP Addressing – Automatic Private IP Addressing (APIPA) is a feature of Windows-based operating systems that enable a computer to automatically assign itself an IP address when there is no Dynamic Host Configuration Protocol (DHCP) server available to perform that function. APIPA serves as a DHCP server failover mechanism and makes it easier to configure and support small local area networks.

Private IP Address Range– The following is the IP address range which falls under either of private (or) Virtual (or) APIPA category:

NAT– 10.0.0.0 - 10.255.255.255

Private (or) Virtual– 172.16.0.0 - 172.31.255.255 or 192.168.0.0 - 192.168.255.255

APIPA– 169.254.0.0 to 169.254.255.255

The following use cases provide details on how MR Storage Administrator behaves in various situations:

Table 3. Use case#1: Without blocking the Private IP

Use Case	Standalone / Client	Remarks
No NIC CARD (Windows)	Loopback (or) 127.0.0.1	As the server is not in network, MR Storage Administrator Gateway cannot access the Standalone server.
No NIC CARD (Linux)	Loopback (or) 127.0.0.1	As the server is not in network, MR Storage Administrator Gateway cannot access the Standalone server.
Static IP	Using Static IP
DHCP IP	Using the DHCP IP
Private IP	Using the Private IP	In a more secured environment, Private IP address cannot be accessed outside the server.

Table 4. Use case#2: After blocking the Private IP

Use Case	Standalone / Client	Remarks
No NIC CARD (Windows)	Loopback (or) 127.0.0.1	As the server is not in network, MR Storage Administrator Gateway cannot access the Standalone server.
No NIC CARD (Linux)	Loopback (or) 127.0.0.1	As the server is not in network, MR Storage Administrator Gateway cannot access the Standalone server.
Static IP	Using Static IP
DHCP IP	Using the DHCP IP
Private IP	If there is a valid IP, it will be. displayed. If there is no valid IP, Loopback (or) 127.0.0.1 will be displayed.	In a more secured environment, as Private IP address cannot be accessed outside the server, MR Storage Administrator does not populate a Private IP Address.

Why MR Storage Administrator blocks certain IP Addresses: In an enterprise world, when a computer is assigned a private IP address, the local devices see this computer through its private IP address. However, the devices residing outside of your local network cannot directly communicate through the private IP address, but uses your router's public IP address to communicate. To allow direct access to a local device which is assigned a private IP address, a Network Address Translator (NAT) must be used.

In a more secured environment, although MR Storage Administrator is able to discover and display the Private IP address through the Gateway server, when the request(s) is made through the Gateway server, the Private IP will not be accessible. As MR Storage Administrator cannot access the Private IP, MR Storage Administrator is unable to service the requests which are meant for the Private IP.

Due to the above-mentioned reason, when the MR Storage Administrator installation is Gateway, the corresponding Gateway server will not be able to communicate with the Private IP Address which in turn will be an issue. MR Storage Administrator will work if the private IP addresses are behind the NAT router which is the most preferable option in an enterprise world.

The following illustration explains how a private IP address should be accessed in enterprise networks and the problems with the Private IP address:

Figure 1. Private IP Address Access