The problem of solving for $N$ the equation $G^N\equiv A\pmod P$ for given integers $P$, $G$, $A$ is generally stated for integer $N$ with $0<N\le Q$ for some $Q<P$.
The function $N\mapsto G^N\bmod P$ is periodic. Hence if $N$ is a solution, the set of all solutions is obtained by adding a multiple of the period¹ of that function to that $N$. Thus it's pointless to consider $N$ larger than the period if we can find it, in which case we choose the upper limit for $P$ equal to that period, and name it $Q$. In any case, since $G^N\bmod P$ (when not $0$) belongs to the integers in $[1,P-1]$, which has $P-1$ elements, the period cant exceed $P-1$, hence $Q<P$.
That period $Q$ is the order of $G$ modulo $P$, that is the smallest integer $Q$ with $G^Q\equiv1\pmod P$. It depends on $G$. It is a divisor of $\lambda(P)$, where $\lambda$ is Carmichael's function. $\lambda(P)$ is $P-1$ when $P$ is prime, lower otherwise.
When the factorization of $P$ is known (including prime $P$), $\lambda(P)$ is easy to compute, and the order of $G$, being a divisor of $\lambda(P)$, also is easy to compute.
Standard practice in cryptography are $P$ a large prime (e.g. at least 1024-bit, that is 309 decimal digits), and $Q$ the order of $G$ modulo $P$, thus $Q$ a divisor of $P-1$. Depending on cryptosystem that can be $Q=P-1$, or prime $Q=(P-1)/2$, or a mildly large prime $Q$ (e.g. at least 160-bit, that is 49 decimal digits) dividing $P-1$. The former two are common in Diffie-Hellman, the later in Schnorr signature and DSA.
Depending on the magnitude of $P$ and $Q$, the best algorithms we know to find $N$ are either
- Pollard's rho, which cost is $\mathcal O(\sqrt Q)$ modular multiplications modulo $P$.
- index calculus, which cost grows sizably slower when $\log (Q)\lesssim\log(P)$.
¹ We define the period as the lowest strictly positive period.
