NeoSoft Support Forum

[Gaev]

This has nothing to do with NeoBook but knowing that there are a few Internet Protocol gurus here I thought I'd ask here.

There are server scripts (e.g. php) that will return the calling user's IP address (e.g. 1.2.3.4). I also know that this scheme does not provide sufficient combinations (256 * 256 * 256 * 256) to meet the worlds' demand for IP addresses for every Netizen and Website ... so ISP's deploy the port number facility such that a single 1.2.3.4 can be shared amongst upto 65,000 users. I don't recall the exact details, but basically the ISP's servers perform some kind of mapping where they maintain a cross reference of internal IP addresses vs. dynamically assigned external 1.2.3.4 port:5678 addresses.

So my question is ... does this mean that if two users (deploying the same ISP) can potentially have the same 1.2.3.4 ? ... in other words, this number can not be relied upon to "uniquely identify a user requesting services of a server side script/program" ? ... I am not looking to uniquely identify a user for all time (between logout/login cycles) ... just between the time he/she navigates to PageA ... and clicks on a link to navigate to PageB.

If you know of any document that explains with clear examples how this translation process works, perhaps you can post its url here ... or if you have an explanation of your own, that will do too.

[virger]

Perhaps, in this Link, you find something of answer and links external associated in this.

http://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority

PURA VIDA
FROM
COSTA RICA
CENTRAL AMERICA

[dpayer]

... so ISP's deploy the port number facility such that a single 1.2.3.4 can be shared amongst upto 65,000 users. I don't recall the exact details, but basically the ISP's servers perform some kind of mapping where they maintain a cross reference of internal IP addresses vs. dynamically assigned external 1.2.3.4 port:5678 addresses.

So my question is ... does this mean that if two users (deploying the same ISP) can potentially have the same 1.2.3.4 ? .

Well, I have run a small ISP for a decade and the method you refer to is actually the DHCP (Dynamic Host Configuration Protocol) process.

http://en.wikipedia.org/wiki/Dhcp

In reality, most people on the net have their own unique IP address for the duration of their time on the net but it may not be the same IP the next time they get on. An ISP may have 256 addresses to share and it can be used by 300-400 people as not all are on line at the same time and via DHCP they are given a valid address from the pool.

In addition to DHCP, there are Network Address Translation

http://en.wikipedia.org/wiki/Network_ad ... ranslation

devices (typically routers) that will have ONE public IP address to speak to the internet with but they will assign via DHCP a private address (typically 192.168.0.*, but also can be 10.*.*.* or 172.*.*.* and each group has a specific subnet it would use).

The router/nat device will keep track of all Internet requests from the private address computers/devices and will then make a request to the destination device on the public IP address but will do so from a port in a certain range it has assigned to that specific private address. So when the request reaches the destination site (example: a webserver) that server replies to the public address of the nat router on that port.

So, you can have a router with 254 private addresses it hands out (192.168.0.2 - 192.168.0.254) and each of those devices using an IP can have multiple connections to the Internet and each request/process maintains the connection via the specific port the router used. This way the various connections to the net are not confused among the various users of the router.

This is how your home connection to the net can have many computers connected at the same time while it only has one "public" IP address given by your ISP.

There is another method used on some servers where you can assign unique port numbers to various services that typically use a standard port number. Example:

http://mywebsite.com is actually the same as
http://mywebsite.com:80 as the standard port for http is 80

but you can create a website on a server that has a unique port number:

http://mywebsite.com:61235

which will work exactly as the original example did but it is on a non standard port. Using this method, you could have 64000 unique websites with the same domain name on that IP address. (In reality most webserver applications like Apache and IIS use host headers embedded in the request ---> http://mywebsite.com and http://myotherwebsite.com can then go to the same IP but will be resoved to a separate folder on the server).

Have I addressed your question?

David P

[beno]

Hi Gaev,

I am not looking to uniquely identify a user for all time (between logout/login cycles) ... just between the time he/she navigates to PageA ... and clicks on a link to navigate to PageB.

My guess is that it would be real hard to do this tracking IP addresses. There may be other easier options like Cookies.

My cent,

beno

[Gaev]

David P:

Thank you very much for your comprehensive response ... I will follow up on the links later.

BTW, somehow the forum software didn't publish your post (timestamped yesterday afternoon) until this morning.

Have I addressed your question?

I believe so ... but I may have to get back after I absorb the other information.

I believe I was refering to NAT as ...

- using port numbers for services or websites was not relevant to my planned usage

- DHCP might not be practical for (say) a large Service Provider like mine (Bell Canada) with around a million plus subscribers ... don't know if they can acquire a large enough number of addresses in the pool to ensure that there are always more addresses than simultaneous connected users ... especially if some choose to be connected 24/7.


Righ now, my Connection WIzard? (that pops up when I click on the sytem tray icon) says ...

Server IP Address 64.230.A.B
Client IP Address 70.48.X.Y
Device Type PPPoE
Server Type PPP

... A.B,X and Y suppressed here for security reasons.

When I enquire about my IP Address from websites that provide this facility, they return the Client IP Address ... what I am trying to determine is if this address is shared (by my ISP) with other subscribers (each with a different port address).

You see, I have been exploring some Cloud Computing (Software As A Service) platforms of late ... on one of these platforms, Applications marked Private require Users to be "registered' with the platform first ... which is not very practical for a number of Applications ... so Applications defined as Public plus an Application Form that asks for User credentials would work ... but in order to carry this information from page to page, the only (efficient) facility available so far would be to use the IP Address (made available to the Application Script) ... but I am not sure if this would be unique enough without the port address.


Thanks again for enlightening me.


@Beno:

There may be other easier options like Cookies

Thank you for your suggestion but this is not possible in the (controlled) environment I described above ... nor is the concept of "Session Variables".

[dpayer]

... what I am trying to determine is if this address is shared (by my ISP) with other subscribers (each with a different port address).

In this regard, I am 99% sure they do not. The IP you are using is unique to your router/cable modem - but - even though it most likely remains the same IP, it can theoretically change at a reboot of the device. The DHCP process has an expiration component to it. This is important as there are times the ISP has to change the IP numbers it assigns to customers. So yes, I believe they do use DHCP.

You see, I have been exploring some Cloud Computing (Software As A Service) platforms of late ... on one of these platforms, Applications marked Private require Users to be "registered' with the platform first ... which is not very practical for a number of Applications ... so Applications defined as Public plus an Application Form that asks for User credentials would work ... but in order to carry this information from page to page, the only (efficient) facility available so far would be to use the IP Address (made available to the Application Script) ... but I am not sure if this would be unique enough without the port address.


Thanks again for enlightening me.

Gaev, are you writing these apps? If so, I would think that validating the IP address for the duration of the session would work. You do need to decide on a length of timeout though, I would think. What transport of data are being used? http over open IP? VPN forming a private lan?

Most connections over the internet break occasionally. You need to account for that. It may not be you, it could be one or two steps above you that cause a momentary glitch and a loss of state.

David P.

[Gaev]

David P:

Thank for the follow up.

I am 99% sure they do not

I guess even if one major ISP in the world did, I would have to allow for it.

it can theoretically change at a reboot of the device

I am not concerned with IP Addresses changing between sessions ... as the concept is to ...

- have an Entry (Welcome) page where a User enters Name and Password ... the Application stores this information and the IP Address provided by the platform software.

- enquire about the IP Address on all other pages and lookup the corresponding Name in order to identify the User.


So, if a User's IP Address changed in a subsequent session, the Entry page would handle it ... if the same user tried to navigate directly to another page, there would be no match with the stored IP Addresses ... so he/she would be redirected to the Entry page.

What I want to avoid is if ...

John at ISP XYZ is assigned 11.22.33.44 port 45
Mary at ISP XYZ is assigned 11.22.33.44 port 89

... and both happen to be using the same Application ... the second person to login would overwrite the stored record for the person who logged in earlier.


Thanks again.

[dpayer]

David P:

What I want to avoid is if ...

John at ISP XYZ is assigned 11.22.33.44 port 45
Mary at ISP XYZ is assigned 11.22.33.44 port 89

... and both happen to be using the same Application ... the second person to login would overwrite the stored record for the person who logged in earlier.


Thanks again.

Well, remember that on either end, you can perform a netstat command, or a variation thereof, to determine the IP & Port of the connections being made at any one time. This assumes of course that YOUR app only uses one port on the client side. Applications like FTP/Http open multiple connections and therefore multiple ports on the client side. Even a web application may make multiple requests of a server at once and each request is responded to on a separate port.

Example of making a request to a website:

mypcIP:9001 ------> serverIP:80
request index.html
mypcIP:9002 ------> serverIP:80
request pic1.jpg
mypcIP:9003 ------> serverIP:80
request pic2.jpg

There could be multiple references for each item that is referenced in the page.

David P