To shield information and activities of some networks from public view, such networks are implemented as private networks. Private networks can be used in organizations such as companies, research institutions, educational institutions, and so forth. Usually, a router or gateway is provided between the private network and a more public network, such as the Internet or some other network with greater accessibility by users than the private network. The router or gateway contains elements to provide security features that prevent entities on the more public network from gaining unauthorized access to resources and information on the private network.
Before a network device can communicate on a network (private network or public network), the network device is typically configured by a configuration server, such as a Dynamic Host Configuration Protocol (DHCP) server. In response to a request from the network device, the DHCP server provides configuration information to the network device, including the network address of the network device, resources that the network device has access to, and so forth. DHCP permits dynamic assignment of configuration information to network devices.
A gateway or router that provides the interface between a private and a public network often has multiple ports to connect to multiple networks. For example, the gateway or router may have multiple ports that are connected to a private network side, and one or more ports connected to the public network side. A common mistake that is made by network administrators or other users when installing gateways or routers is that both the private network and public network are connected to ports on the same side of the gateway or router (either the private network side or the public network side).
Usually a DHCP server is provided on a private network, and a separate DHCP server is provided on a public network. If the private and public networks are misconnected to ports on the same side of the gateway or router, then network devices on the private network may be able to access the DHCP server on the public network. Similarly, as a result of the misconnection, network devices on the public network may also have access to the DHCP server on the private network. Consequently, when a private network device sends a request for configuration information, the response may come from the DHCP server on the public network, rather than the DHCP server on the private network. The reverse may also be true, for example when a public network device receives configuration information from a DHCP server on the private network.
In most cases, the network addresses that are assigned to network devices on the private network are different from network addresses assigned to network devices on the public network. If the private network subnet is different from the public network subnet, then a private network device that is configured by a public network DHCP server may not be able to establish proper connectivity with the private network during normal operation. A subnet refers to a network that has a predefined range of network addresses.
Often, the misconnection of different networks at the ports of a gateway or router is not noticed until after setup of the gateway or router, and after users complain that they are having problems accessing the network.