Network Performance
Social networking

What are private IP ranges? to - -

RFC 1918.

What are Network ID, Broadcast ID, Network Ranges, Network Mask, Prefix?

The first IP address in every network is called the Network ID, while the last address in every network is called the Broadcast ID. While neither should ever be used for Host addresses, they are referenced by Hosts for both local & internetwork communication, as well as admins when creating networks.

Network Ranges are commonly defined by the Network ID and Network Mask. Also known as the Prefix, the Network Mask appears similar to a host IPv4 address, but contains a specific number of 1-bits from left to right. In this way, the Prefix is abbreviated as a slash & the total number of 1-bits. For the following network ranges, the notation is as follows: - abbreviated as (Network ID) with prefix /8, as - abbreviated as (Network ID) with prefix /12 as - abbreviated as (Network ID) with prefix /16 as

Notices that the Prefix is written like a post fix, but it is actually a prefix. For example, in the case of, the /8 indicate the the first 8 bits are reserved, and the remaining bits can be used. In the case of, the first 12 bits is reserved, and the remaining bits can be used. In the case of, the first 16 bits (from left to right) are reserved, and the remaining bits can be used. As the size of the prefix (netmask) is increased, the less number of IP addresses are available in the subnet.

What is IP takeover?

What is TUN/TAP?

TUN and TAP are virtual network kernel drivers. They implement network devices that are entirely supported in software. TAP simulates an Ethernet device and it operates with layer 2 packets such as Ethernet frames. TUN simulates a network layer device and it operates with layer 3 packets such as IP packets. TAP is used to create a network bridge, while TUN is used with routing.

What is a Network Bridge?

A network bridge connects multiple network segments at the data link layer (layer 2) of the OSI model. The term layer 2 switch is very often used interchangeably with bridge. Bridges are similar to repeaters or network hubs, devices that connect network segments at the physical layer. However with bridging, traffic from one network is managed rather than simply rebroadcast to adjacent network segments. Bridge is also commonly known as network switch. Bridges tend to be more complex than hubs or repeaters due to the fact that bridges are capable of analyzing incoming data packets on a network to determine if the bridge is able to send the given packet to another segment of that same network. Since bridging takes place at the data link layer of the OSI model, a bridge processes the information from each frame of data it receives. In an Ethernet frame, this provides the MAC address of the frame's source and destination.

How can we monitor network congestion?

I don't know yet.

How can we improve your network performance by choosing better DNS servers?

How can we determine if a port is open on a Windows server?

Assuming that it's a TCP (rather than UDP) port, on the server itself, use netstat -an to check to see which ports are listening. From outside, just telnet host port (or telnet host:port on Unix systems) to see if the connection is refused, accepted, or timeouts. In general:

  • connection refused means that nothing is running on that port
  • accepted means that something is running on that port
  • timeout means that a firewall is blocking access

How can I edit a Windows Firewall to allow a port through?

  1. Open Control Panel
  2. Click on System and Security
  3. Click on Windows Firewall
  4. Click on Advanced settings
  5. Click on Inbound Rules (on the left hand side)
  6. Click on New Rule (on the right hand side)
  7. Choose Port
  8. Click Next
  9. Choose Specific local port and provide the port number that you wish to allow.
  10. Click Next
  11. Give this rule a name
  12. Click Next

How can we interpret the network traffic graph?

Refer to the graph on

Unless you’re a network engineer, that graph won’t mean much. The data shown is the amount of bandwidth into the Iconfactory’s main server. The blue line is the number of megabits per second for requests and the green area is the amount for responses to those requests. Normally, the blue line is much smaller than the green area: a small HTTP request returns larger HTML, CSS and images.

How can we response to a network emergency or a DDoS attack?

The first course of business was to regain control of the server. Every service on the machine was unresponsive, including SSH. The only thing to do was perform a remote restart and wait for things to come back online. As soon as I got a shell prompt, I disabled the web server since that was the most likely source of the traffic.

If you still have access to the firewall, you may be able to use it to reject the traffic as well, but still try to remote reboot so that the server comes back online faster.

Another option to consider is moving the server’s IP address. You’ll have to deal with the normal DNS propagation and reconfigure reverse DNS (especially if you’re running a mail server on the box), but this may be quick and effective way to avoid the firehose.

How can I get a list of IP address blocks for a given country?

The first step is to get a list of all the IP address blocks in the country. At present that’s 5,244 separate zones. You’ll then need to feed them to your firewall. See

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License