What are the concepts of public network, private network, intranet, and extranet, and how should they be defined?

There isn't a very clear distinction regarding IP addresses, and there's no need to be overly pedantic about the terminology.

Internal network and external network are simply the result of choosing a reference point.

What's considered the external network to you is actually someone else's internal network; each has its own definition, and at most, each case needs to be analyzed individually.

However, under normal circumstances, it's still possible to distinguish between them.

Internal and external networks are relative to firewalls. Inside a firewall is called an internal network, and outside is an external network.

Therefore, to a certain extent, the external network is equivalent to the public network, and the internal network is equivalent to the private network.

01

Let's assume we now use uppercase letters to represent network groups, followed by numbers in parentheses to indicate their size and how many computers are in the group.

C(567918467)-Chinese online groups

W(407619781)-Global Network Groups

A(57619)-Alibaba Cloud server group

H(3)-Your home network group

This then involves some relationships, such as W←→C[A,H].

We know that because the domestic network is actually restricted, it can be called the world's largest local area network. Therefore, domestic network groups can (scientifically) access foreign network groups, while Alibaba Cloud and your own computer belong to C.

So if your computer is on C, W is called the external network for you, and the network you are on is called the internal network, and vice versa.

The same concept applies to local area networks (LANs). If you are on a LAN, then the external network is called the external network.

So what is the public internet? As the name suggests, it is a network that everyone can access.

For example, H and A can both access their upper layer, which is C. Therefore, C is called the public network for A and H.

Is the public network the same as the external network? It can be, but there are some situations that require specific analysis.

For example, sometimes large networks have their own self-built wide area networks (WANs), which are essentially their own backbone networks. We also call these backbone networks the public network.

Then, internal networks are called intranets (IVs), and the terms differ slightly.

For example, government extranets or government websites, the public part of government websites cannot actually access the Internet, but they are still called public networks.

Private network, network that cannot be accessed without authorization.

A local area network (LAN) is also a private network in a certain sense. The router only provides access and connection to the external network, so for A and H, they are each other's private networks.

So there's no need to get too hung up on the terminology; there's no clear definition.

02

Local area network (LAN)

An intranet, also called a local area network, is a small part of a network.

A local area network (LAN) is a group of computers interconnected within a specific area, typically within a radius of a few kilometers.

LANs can provide functions such as file management, application software sharing, printer sharing, workgroup scheduling, email, and fax communication services.

A Local Area Network (LAN) is a closed network that can consist of two computers in an office or thousands of computers within a company.

The term "internal network" (IVN), as the name suggests, is distinct from the external network (WAN).

In other words, an IVN is generally used for communication between computers within the LAN. Access to the Internet requires using the external network.

Key characteristics of a Local Area Network (LAN):

• It covers a relatively small geographical area, making it suitable for small-scale networking, such as in schools, factories, and government offices.
• Networking is achieved using specially laid transmission media, resulting in high data transmission rates (10Mb/s to 10Gb/s).
• It has short communication latency and high reliability;
• Local area networks (LANs) can support multiple transmission media;

03

External network (WAN)

The external network is also known as the wide area network, or public network.

It is a remote network that connects computers on local area networks or metropolitan area networks in different regions.

Typically spanning a large physical area, covering a range from tens to thousands of kilometers, it can connect multiple regions, cities, and countries, or cross several continents and provide long-distance communication, forming an international long-distance network.

Wide area network is not the same as Internet.

04

NAT (Network Address Translation) technology

Here's a brief discussion of NAT—the "Network Address Translation" technology.

It is a technology that translates internal private network addresses (IP addresses) into legal network IP addresses.

In essence, NAT uses internal addresses within a local area network (LAN). When an internal node needs to communicate with an external network, the gateway replaces the internal address with a public address, allowing it to function normally on the external public network (internet).

NAT allows multiple computers to share an Internet connection, a feature that effectively addresses the shortage of public IP addresses.

This method allows all computers on a local area network (LAN) to connect to the Internet using only a single valid IP address.

It is precisely because of NAT (Network Address Translation) technology that internal network addresses can easily access the Internet.

05

The difference between intranet and extranet

Two examples to illustrate this.

As shown in the diagram, let's assume our computer is device one and we want to access Baidu.

01 How to use the campus network

If using the campus network, you first need to use the campus network router to translate your internal IP address to an external IP address.

Then, use this external IP address to connect to Hunan Telecom's gateway, and finally to Baidu's gateway.

Baidu sends your requested information back to your campus network gateway, which then forwards the information to you (the entire network has a mesh structure).

It will automatically find a path to Baidu—based on either depth-first search or breadth-first search.

This process is similar to shopping on Taobao, just with a slight variation.

Imagine you order a book at school. Taobao receives your order, prepares the items, and starts shipping.

It finds your delivery address is in Hunan, so it might start from Hangzhou, first going to a transit station in Fujian, then to a transit station in Jiangxi.

Suddenly, it discovers the Jiangxi-to-Hunan transit station is down, so it has to detour to a transit station in Guangdong, and finally to the Hunan transit station.

These transit stations are like gateways on the public internet.

At the Hunan transit station, the delivery person delivers the package to your school gate (this is the final gateway).

The delivery person then leaves, and the school gate staff retrieves the package for you based on your dormitory information. (Internal communication within the local area network is handled by the campus network gateway.) This might be difficult for someone new to the internet to understand the difference between a private IP address and a public IP address, so let's take another example.

02 One is for internal use, the other for external use.

Let's compare room 201 in a hotel to a private network IP address. Every hotel might have a room 201. If you're hungry, you'd tell the waiter, "I'm in room 201, please bring me some food."

However, if you order takeout, simply telling the restaurant to deliver to room 201 (private network IP address) won't be known to anyone outside.

In this case, you'd need to tell the restaurant your hotel address (public network IP address) plus room 201 so they can find you.

The public network IP address assigned by the ISP (e.g., hotel address in a specific city/district) represents the hotel you're staying at, while room 201 (private network IP address) is assigned by the hotel's management system (router).

Therefore, a hotel can have many rooms (private network IP addresses), but when friends ask where you're staying, you certainly won't say you're in room 201 (private network IP address), but rather that you're in a hotel in a specific city/district (public network IP address).

This is the fundamental difference between internal IP addresses and public IP addresses.

One is for internal use, the other for external use.

03 5 things you need to know

1、Public IP addresses are unique worldwide, while private IP addresses are unique only within a local area network (LAN).

2、In a local area network (LAN), all computers have different internal IP addresses, but share the same external IP address.

Just like the hotel example: Your school's name is unique in the entire world, but classroom number 3 on the 3rd floor of Building A within your school is unique only within your campus.

Other schools also have classroom number 3 on the 3rd floor of Building A.

You can only tell the delivery person to deliver your package to XX University, not to deliver it to classroom number 3 on the 3rd floor of Building A.

3、In a local area network (LAN), each computer can be assigned its own IP address, but this IP address is only valid within the LAN.

When you connect your computer to the internet, your internet service provider's server will assign you an IP address; this is your public IP address.

Both IP addresses exist simultaneously: one for internal use and one for external use.

4、Internet IP addresses (i.e., external IP addresses) are uniformly managed by an organization called "IANA (Internet Assigned Numbers Authority)".

Due to irrational allocation and inherent limitations of the IPv4 protocol, internet IP address resources are becoming increasingly scarce.

IANA reserves a portion of Class A, B, and C IP addresses for local area network (LAN) use.

Specifically—IP address space:

Class A network10.0.0.0 ~ 10.255.255.255

Class B network172.16.0.0 ~ 172.31.255.255

Class C network192.168.0. 0~ 192.168.255.255

In other words, if the IP address you find falls within the range of Class A, B, or C IP addresses, it is definitely a local area network (LAN) IP address; otherwise, it is a public network (WAN) address.

5、In real life, there are not only Level 1 .NET technologies, but also Level 2 .NET technologies.

This means your campus gateway might just be a local area network (LAN). Multiple address translations can provide more IP addresses.

Empirical Method:

1. Generally, before upgrading to higher bandwidth, ADSL broadband from China Telecom uses (dynamic) public IP addresses. If you upgrade to 100M fiber optic internet for a small fee, 99.99% of the time it's a private network IP address; the remaining 0.01% is a case I haven't encountered.

2. 99.99% of reseller network operators' IP addresses are private network IP addresses, such as Great Wall Broadband and Juyou E-Home.

3. 99.99% of fiber optic internet addresses are private network IP addresses.

Intuitive Method: The following IP ranges are all private network IP addresses.

10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255