DOKK Library

Your own privacy-aware, personally controlled server, part four

Authors Jason Self

License GPL-3.0-or-later

Plaintext
jxself.org


Your own privacy-aware, personally controlled server, part four                              Home

This is part four of a series. I'm going to assume that you've already the previous          Linux-libre
parts. If not they're linked to from the archive.

I'll continue with the same theme as last time: Your internet connection.                    GitWeb

You may be connected (more or less) directly to the internet, meaning that your              How To
computer has a "public" IP address assigned directly to it or there may be a router in
your home (often, the very same device that handles your internet connection) that           Articles
hands out a "private" IP address instead. If you have this later setup there are
additional things to consider when setting up your server.
                                                                                             RSS Feed
For some background, every device connected to the internet requires a unique
address. Version 4 of the Internet Protocol (aka IPv4) can, at most, support just a little   About Me
bit under 4.3 billion unique IP addresses. Since a single person could easily own a cell
phone, home computer, work computer, wireless tablet, wireless ebook reader and              Contact Me
video game system, each of which could be connected to the internet and each of
which would need their own IP address, it becomes easy to see how 4.3 billion                GPL enforced
addresses are nowhere near enough to provide an address for every device on the
planet.
                                                                                              If you appreciate any of the things I
A private IP address is a way to conserve these 4.3 billion IP addresses by using a           am doing you can make a donation.
single public IP address assigned to your router for a block of locally connected
computers or other devices. It can also also lower your costs since you need fewer
public addresses because most ISPs will charge extra for multiple public IP
addresses.

Imagine a ten-person office where everyone needs to participate in a conference call.
One way to do this is to have everyone dial into the conference call from their phones
at their desks. Another way to accomplish this is to have them all sit in the conference
room where a high-quality conference phone broadcasts the call to all of them. The
latter is an example of how private IP addresses work -- although everyone gets to
hear and speak on the call, they connect through a single point of contact. The phone
is the router, and each person's "connection" to the call is through a private address --
they get to hear it with their own ears, but the signal comes through the one phone.

Using this method a router which is connected to the internet assigns every computer
connected to it a unique private IP address, but then aggregates all of the inputs and
outputs from all of those computers and sends it to the internet over its own single
address. Depending on how the router is configured, it could give every computer a
specific address, or randomly assign them as needed. Since many ISPs charge extra
for multiple public IP addresses, using private IP addresses can reduce your
connection charges by needing only a handful of public IP addresses -- usually just
one -- to serve tens, hundreds or even thousands of computers and devices at a
single location but this also creates an additional level of administration for you.

Since your router could potentially assign a different private IP address to your server
at different times one thing you should do is configure your router to always give your
server the same private IP address all the time. This is similiar in concept to having a
static public IP address but your ISP isn't involved in this: It's just you & your router.
Your server will need a fixed private IP address because your internet traffic is going
through a public single IP address and your router needs to know where to send
incoming connections to. If your server's private IP address changes that mapping will
need to be updated or your server won't be accesible from the outside world anymore.
The exact way to do this depends on the make and model of your router and there are
so many I can't possibly cover them all. If your router doesn't offer the option to assign
a static private IP address to your server one work around is to configure your server
for a manual address rather than asking your router for one. I'll cover that when I get
to the part of installing Trisquel.

In addition to a static private IP address, each program you run on your server that
needs to communicate over the internet will listen for incoming connections on a so-
called "port." There needs to be some sort of standard so an organization called IANA
(short for the "Internet Assigned Numbers Authority") maintains the official list of what
ports should be used for different things. If this didn't exist you would somehow need
to know in advance what port someone's web server was listening on before you
could access the site. Fortunately most people follow this list and all you need to do is
type in their domain name or IP address. Your browser knows to automatically try
connecting on port 80, or port 443 for a secure connection.

In addition, most routers act as firewalls and block incoming connections by default.
For each port that you want to accept connections on from the outside world --
whether it's for your web server, email, instant messaging, or something else -- you'll
need to do two things: Configure your router to accept the incoming connection on
that particular port, and then specify which private IP address that connection should
be forwarded to so that it can be received and properly handled by your server. This is
often referred to as "port forwarding" or "port mapping" or "opening a port" or "poking
a hole" in your router/firewall or other such similiar terms. Just like assigning a static
private IP address the exact way to do this depends on the make and model of your
router and there are so many I can't possibly cover them all. Time for more reading.
There's no need to open any ports just yet since your server isn't even running and
you can always open and close ports as needed, but you need to know about how to
do this in your particular router.

IPv4 is well into the process of being replaced by IPv6, a new standard for Internet
communications. Under IPv6, the number of addresses is orders of magnitude larger
than under IPv4, eliminating the concern about a potential shortage of addresses in
the foreseeable future. Nevertheless, private IP addresses still make sense. Not only
do they still represent good stewardship of network resources, but they also make it
easier for system and network administrators to route and control internet traffic by
having it pass through a single connection over a single router.

At this point I think I've covered all of the prep work so I think it's time to move on to
installing and setting up Trisquel, but that's for another article.


Copyright © 2012 Jason Self. See license.shtml for license conditions. Please copy and share.