What is the relationship between my public IP address and the address assigned to my NIC?

Question

When I run an online IP-lookup tool, like https://whatismyipaddress.com/, I get an IP address like 24.253.65.208.

But I've set up my home router as a DHCP Server and I've assigned static IP addresses in a certain range, as in this screenshot:

And if I run ifconfig on my laptop, I see that its Ethernet NIC is assigned IP address 10.0.0.2:

$ ifconfig
br-fbff3346e4d9: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.49.1  netmask 255.255.255.0  broadcast 192.168.49.255
        inet6 fe79::42:e9fe:ff10:c35d  prefixlen 64  scopeid 0x20<link>
        ether 02:43:e9:10:c4:5e  txqueuelen 0  (Ethernet)
        RX packets 522576  bytes 24843001 (24.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 680143  bytes 1914033742 (1.9 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 30455  bytes 3345251 (3.3 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 30455  bytes 3345251 (3.3 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth84aa4c6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::f8a6:1dff:fea5:7eae  prefixlen 64  scopeid 0x20<link>
        ether fb:b6:1d:b5:7e:be  txqueuelen 0  (Ethernet)
        RX packets 505519  bytes 30297179 (30.2 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 661456  bytes 1855293659 (1.8 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.2  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::5f9c:c301:a6a3:6e36  prefixlen 64  scopeid 0x20<link>
        ether f8:59:72:01:69:cf  txqueuelen 1000  (Ethernet)
        RX packets 4847088  bytes 6757721096 (6.7 GB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1937921  bytes 256121852 (256.1 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

But as you can see, there's no sign of 24.253.65.208.

So my question is: what is the relationship between 24.253.65.208 -- that the outside world seems to see -- and 10.0.0.2, that my NIC is actually assigned?

I imagine that some piece of software/hardware is "translating" between 24.253.65.208 and 10.0.0.2 -- but who is that? My router?

What would be different if the User Router as DHCP Server box was unchecked? If that box wasn't checked, how would the various devices in my network be assigned IP addresses?

Answer 1

I imagine that some piece of software/hardware is "translating" between 24.253.65.208 and 10.0.0.2 -- but who is that? My router?

It's usually your router, yes. All home routers come with NAT functionality in addition to regular IP routing – most ISPs can only afford one public IP address per customer, and you cannot directly share that address across multiple devices (i.e. it can't simply be assigned via ifconfig to three PCs at once), so instead the address gets assigned to the router's "WAN" interface and it becomes the router's job to "masquerade" your entire LAN's private addresses as the public address.

If you ran ifconfig or ip addr on the router itself, it would probably look something like this (I made it up and the interfaces are probably not called "wan0" and "lan0", but you get the idea):

wan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 24.253.65.208  netmask 255.255.255.0  broadcast 24.253.65.255

lan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.1  netmask 255.255.255.0  broadcast 10.0.0.255

Address translation isn't a built-in part of routing though, but is done as a separate feature (and can be enabled/disabled separately from routing). As many home routers run a variant of Linux inside, the NAT functionality is commonly implemented through standard Linux iptables – you can find various examples of iptables SNAT and MASQUERADE rules online. You can imagine that the router has something like this:

iptables -t nat -A POSTROUTING -i lan0 -o wan0 -j MASQUERADE

But note that recently, with some ISPs running out of IP addresses even more and implementing CGNAT ("carrier-grade" NAT) as a result, the translation to a public address may be done by a router (or a dedicated NAT appliance) at the ISP instead. More precisely, with CGNAT ISPs there are two layers of translation – your router still has NAT as before, masquerading your entire LAN as a single IP address, but it's not the public address anymore; the ISP adds a second translation layer which provides the public address. It's a bit ugly.

On the opposite side though, many ISPs are now deploying IPv6 to customers – you don't have it yet (not seen in the ifconfig output, at least), but if you did have IPv6, then you would indeed find your computer's own public IP address directly on its "wlan0" interface, and the router would be just that, a router that forwards packets without doing any kind of address translation. (That is, it'd still do NAT for IPv4, but not anymore for IPv6.)

What would be different if the User Router as DHCP Server box was unchecked? If that box wasn't checked, how would the various devices in my network be assigned IP addresses?

Your devices wouldn't be assigned IP addresses automatically anymore, but nothing would change besides that. They would still be expected to have IP addresses in the router's "LAN" range as before. You would use this option if you wanted to set up your own DHCP server on a separate system while still using the same router as now, or if you preferred to avoid DHCP and rely exclusively on static IP configuration.

This checkbox doesn't disable NAT nor routing; the router's LAN and WAN interfaces remain separate LAN and WAN interfaces. If you wanted to bypass the router completely (e.g. in situations when the router has a built-in DSL modem and you still need the "modem" part), you'd be looking for "bridge" mode.

I think I get it: there are several layers of "internal networks" between the public IP address (24.253.65.208) and my modem.

No, there shouldn't be. In the usual case, your home router is directly bordering your home LAN and the ISP's network – and the modem doesn't get involved in IP at all, it just transforms the lower layer signals.

Though what gets called "the modem" is often a modem and a home router in one unit, in which case it could indeed create an additional layer of routing and NAT – it's entirely possible to chain several layers of NAT devices, not that you should, but it can happen.

In that situation, the outermost home router (e.g. the one built into the modem) would get assigned the public IP address.

Is it correct, then, that each of these layers of "internal networks" implement a NAT (as in John's comment) so that inbound packets from the layer closer to the public get routed to the layer closer to my modem?

No, typically there's just one such layer (unless you chain several home routers and they're all configured to think each of them is connected directly to an ISP).

There are indeed many networks and many routers that a packet goes through, but as a general rule, routers do not translate IP addresses – they only forward packets. Your home router doing NAT is an exception, not the default.

---

As a side note, don't rely on ifconfig on Linux systems to always report things correctly. While it works most of the time, sometimes there might be multiple IPv4 addresses on the same interface, but ifconfig still hasn't been updated to show more than the first address (after 20 years?), which might cause a lot of confusion. While ifconfig is still the primary tool on BSD systems, the "current" Linux commands are ip a[ddr] to list IP addresses (possibly ip -br a for a "brief" one-interface-per-line list) and ip -s -h l[ink] to get the statistics.

Answer 2

But as you can see, there's no sign of 24.253.65.208

That would be listed under WAN generally.

I imagine that some piece of software/hardware is "translating" between 24.253.65.208 and 10.0.0.2 -- but who is that? My router?

Yes. Your router routes traffic between your home network and your ISP's network.

Your ISP routes traffic between their network and the rest of the internet via their own router.

You could think about the ISP/WAN and Home/LAN as two separate networks that your router passes information between.

What would be different if the User Router as DHCP Server box was unchecked?

Devices on your local network wouldn't be assigned addresses on the same subnet as your router.

As a result, they would not be able to communicate with your router or access the internet via your router.

If that box wasn't checked, how would the various devices in my network be assigned IP addresses.

Semi randomly, dependent on the devices software if the devices are set to get their IP addresses via DHCP or by static IP address if you have configured them to use one.

Answer 3

I imagine that some piece of software/hardware is "translating" between 24.253.65.208 and 10.0.0.2 -- but who is that? My router?

Yes, that's it exactly. In fact, it's called Network Address Translation (NAT), and it's there so you can have just one public IP address but multiple private addresses on your network.

There's no actual correlation between your public address and the address that your internal devices get assigned. Home routers that have DHCP servers built in will pretty much always use one of these ranges to assign addresses:
10.0.0.1 - 10.255.255.254
172.16.0.1 - 172.31.255.254
192.168.0.1 - 192.168.255.254

Those ranges are set aside for use as private addresses.

If you turned off your router's DHCP function, your devices would fail to get IP addresses when you power them on - UNLESS one of the following is true:
You have another DHCP server running on your network
or if you assign static addresses to every device