IP Addressing and Related Topics A Guide to TCP/IP Chapter 2

Objectives After reading this chapter and completing the exercises you will be able to: Understand IP addressing, anatomy and structures, and addresses from a computer’s point of view Recognize and describe the various IP address classes from A to E, and explain how they’re composed and used Understand the nature of IP address limitations, and how techniques like Classless Inter-Domain Routing and Network Address Translation ease those limitations Chapter 2

Objectives After reading this chapter and completing the exercises you will be able to: Define the terms subnet and supernet, and apply your knowledge of how subnets and supernets work to solve specific network design problems Understand how public and private Internet addresses are assigned, how to obtain them, and how to use them properly Recognize the importance and value of an IP addressing scheme Chapter 2

IP Addressing Basics Symbolic names are easier to remember a string, such as www.course.com, than a numeric address, such as 199.95.728—computers are the opposite They deal with network addresses in the form of bit patterns that translate into decimal numbers IP uses a three-part addressing scheme, as follows: Symbolic Logical numeric Physical numeric Chapter 2

IP Addressing Basics In keeping with the layered nature of network models, it makes sense to associate the MAC layer address with the Data Link layer (or TCP/IP Network Access layer, if you prefer to think in terms of that model), and to associate IP addresses with the Network layer (or the TCP/IP Internet layer) As data moves through intermediate hosts between the original sender and the ultimate receiver, it does so between pairs of machines, where each pair resides on the same physical network Chapter 2

IP Addressing Basics At the Network layer, the original sender’s address is represented in the IP source address field in the IP packet header, and the ultimate recipient’s address is represented in the IP destination address field in the same IP packet header The IP destination address value, in fact, is what drives the sometimes-long series of intermediate transfers, or hops, which occur as data makes its way across a network from sender to receiver Chapter 2

Anatomy of an IP Address Numeric IP addresses use dotted decimal notation when expressed in decimal numbers, and take the form n.n.n.n., in which n is guaranteed to be between zero and 255 for each and every value The numeric values in dotted decimal representations of numeric IP addresses are usually decimal values, but may occasionally appear in hexadecimal (base 16) or binary (base 2) notation Chapter 2

Anatomy of an IP Address Duplication of numeric IP addresses is not allowed because that would lead to confusion Also, there is a notion of “neighborhood” when it comes to interpreting numeric IP addresses Proximity between two numeric IP addresses (especially if the difference is only in the rightmost one or two octets) can sometimes indicate that the machines to which those addresses correspond reside close enough together to be on the same general network, if not on the same physical cable segment Chapter 2

IP Address Classes Initially, these addresses were further subdivided into five classes, from Class A to Class E For the first three classes of addresses, divide the octets as follows to understand how they behave: Class A n h.h.h Class B n.n h.h Class C n.n.n h If more than one octet is part of the network or host portion of the address, then the bits are simply concentrated to determine the numeric address Chapter 2

IP Address Classes The network portion of that address is 10, whereas the host portion is 12.120.2, treated as a three-octet number Address Classes D and E are for special uses Class D addresses are used for multicast communications, in which a single address may be associated with more than one network host machine This is useful only when information is broadcast to more than one recipient at a time so it should come as no surprise that video and teleconferencing applications, for example, use multicast addresses Chapter 2

More About Class A Addresses Expressed in binary form (ones and zeroes only), Class A addresses always take the form: 0bbbbbbb.bbbbbbbb.bbbbbbbb.bbbbbbbb The leading digit is always zero, and all other digits can be either ones or zeroes On any IP network, addresses consisting of all zeroes and all ones are reserved for special uses, so of those 128 possible network addresses, only those from 00000001 to 01111110 (or 1 to 126, in decimal terms) are considered usable Chapter 2

More About Class A Addresses The address for network 10 is reserved for private network use Also, by convention, the address 127.n.n.n is reserved for loopback testing (or checking the integrity and usability of a TCP/IP protocol stack installed on any computer Chapter 2

More About Class B Addresses Class B addresses always take the form: 10bbbbbb.bbbbbbbb.bbbbbbbb.bbbbbbbb The leading two digits are 10, and the remaining digits can be either ones or zeroes RFC 1918 stipulates that 16 Class B addresses, from 172.16.0.0 to 172.32.255.255, are reserved for private use This means that the maximum number of public IP addresses for Class B is 16,382-16, or 16,366 Chapter 2

Class B Address Facts and Figures Chapter 2

More About Class C Addresses Class C addresses always take the form: 110bbbbb.bbbbbbbb.bbbbbbbb.bbbbbbbb The leading three digits are 110, and the remaining digits can be either ones or zeroes Note that this scheme reduces the total number of networks possible by the most significant three bits Chapter 2

More About Address Classes D and E Class D addresses always take the form: 1110bbbb.bbbbbbbb.bbbbbbbb.bbbbbbbb Class E addresses always take the form: 11110bbb.bbbbbbbb.bbbbbbbb.bbbbbbbbb Class D is used for multicast addresses so that multiple users can “share” a single IP address and receive the same broadcast across a network from a single transmission Chapter 2

Network, Broadcast, Multicast, and Other Special IP Addresses When an IP packet moves from its sender to its receiver, the network portion of the address directs that traffic from the sender’s network to the receiver’s network The only time the host portion of the address comes into play is when the sender and receiver both reside on the same physical network or subnet Chapter 2

Network, Broadcast, Multicast, and Other Special IP Addresses The broadcast address represents a network address that all hosts on a network must read Although broadcasts still have some valid uses on modern networks, they originated in an era when networks were small and of limited scope, in which a sort of “all hands on deck” message represented a convenient way to ask for services when a specific server could not be explicitly identified Chapter 2

Broadcast Packet Structures IP broadcast packets have two destination address fields—one Data Link layer destination address field, and one destination network address field Chapter 2

Multicast Packet and Address Structures When a host uses a service that employs a multicast address (such as the 224. 0.0.9 address used for RIPv2 router updates), it registers itself to “listen” on that address, as well as on its own unique host address That host must also inform its IP gateway (the router or other device that will forward traffic to the host’s physical network) that it is registering for this service so that device will forward such multicast traffic to that network (otherwise, it will never appear there) Chapter 2

Multicast Packet and Address Structures The Internet Corporation for Assigned Names and Numbers (ICANN) allocates multicast addresses on a controlled basis Formerly, addresses were under the auspices of IANA, the Internet Assigned Numbers Authority Chapter 2

Multicast Packet and Address Structures The Data Link layer address 0x01-00-5E-00-05 is obtained with the following calculation: Replace the first byte with the corresponding 3-byte OUI. In this case, 224 is replaced with 0x00-00-5E (assigned to IANA) Change the first byte to an odd value (from 0x00 to 0x01) Replace the second through fourth bytes with their decimal equivalents Chapter 2

Data Link Layer Address Conversion Chapter 2

The Vanishing IP Address Space IP addresses were assigned for public use, they were assigned on a per-network basis With the ever-increasing demand for public IP addresses for Internet access, it should come as no surprise that, as early as the mid-1990s, experts began to predict that the Internet would “run out” of available IP addresses Chapter 2

The Vanishing IP Address Space The causes for concern have abated somewhat, Here’s why: The technocrats at the IETF introduced a new way to carve up the IP address space—Classless Inter-Domain Routing (CIDR) A brisk trade in existing IP network addresses sprung up during the same time RFC 1918 reserves three ranges of IP addresses for private use—a single Class A (10.0.0.0-10.255.255.255), 16 Class Bs (172.16.0.0-172.31.255.255), AND 256 Class Cs (192.168.0.0-192.168.255.255). When used in tandem with a technology called Network Address Translation (a.k.a NAT), private IP addresses can help lift the “cap” on public IP addresses Chapter 2

Understanding Basic Binary Arithmetic For the purposes of this text, you must master four different kinds of binary calculations: Converting binary to decimal Converting decimal to binary Understanding how setting increasing numbers of high-order bits to 1 in 8-bit binary numbers corresponds to specific decimal numbers Understanding how setting increasing low-order bits to 1 in 8-bit binary numbers corresponds to specific decimal numbers Chapter 2

Converting Decimal to Binary Simply divide the number by two, write the remainder (which must be 0 or 1), then write the dividend, and repeat until the dividend is zero To produce the binary number that corresponds to 125, you write the digits starting with the last remainder value, and work your way up: 1111101 The alternate approach to convert the number depends on what mathematicians like to call a “step function” Chapter 2

Converting Binary to Decimal This is extremely easy, if you know your powers of two Follow these steps, using 11011011 as the example number: Count the total number of digits in the number (11011011 has eight digits) Subtract one from the total (8-1 = 7). That is the power of two to associate with the highest exponent for two in the exponential notation for that number Convert to exponential notation, using all the digits as multipliers Chapter 2

High-Order Bit Patterns In an 8-bit number, there’s little or no value in blocking less than two bits, or more than six bits, so the bit patterns you care about most appear in the second through the sixth positions in the list of possibilities shown on page 68 of the textbook Chapter 2

Low-Order Bit Patterns Here, we stand the previous example on its head, and start counting up through the bit positions in 8-bit numbers from right to left, adding ones as we increment Note that each of these numbers is the same as two raised to the power of the number of bits showing, minus one Chapter 2

Of IP Networks, Subnets, and Masks If two network interfaces are on the same physical network, they can communicate directly with one another at the MAC layer In fact, each of the three primary IP address classes—namely A, B, and C— also has an associated default subnet mask Chapter 2

IP Subnets and Supernets A subnet mask is a special bit pattern that “blocks off” the network portion of an IP address with an all-ones pattern The reason why concepts like subnets and supernets are important for TCP/IP networks is because each of these ideas refers to a single “local neighborhood” on such a network, seen from a routing perspective Chapter 2

IP Subnets and Supernets Thus, a subnet mask that is larger than the default mask for the address in use divides a single network IP address into multiple subnetworks The network prefix identifies the number of bits in the IP address, counting from the left that represents the actual network address itself, and the additional two bits of subnetting represent the bits that were borrowed from the host portion of that IP address to extend the network portion Chapter 2

IP Subnets and Supernets The entire network address, including the network prefix and the subnetting bits, is called the extended network prefix This activity of stealing bits from the host portion of further subdivide the network portion of an address is called subnetting a network address, or subnetting Chapter 2

IP Subnets and Supernets When a computer on one subnet wishes to communicate with a computer on another subnet, traffic must be forwarded from the sender to a nearby IP gateway to send the message on its way from one subnet to another Supernetting takes the opposite approach: by combining contiguous network addresses, it steals bits from the network portion and uses them to create a single, larger contiguous address space for host addresses Chapter 2

Calculating Subnet Masks The simplest form of subnet masking uses a technique called constant-length subnet masking (CLSM), in which each subnet includes the same number of stations and represents a simple division of the address space made available by subnetting into multiple equal segments Another form of subnet masking uses a technique called variable-length subnet masking (VLSM) and permits a single address to be subdivided into multiple subnets, in which subnets need not all be the same size Chapter 2

Designing a Constant-Length Subnet Mask To design a CLSM subnet mask, in which each portion of the network has the same number of addresses, follow the steps outlined on pages 71 and 72 of the textbook Chapter 2

Another Constant- Length Subnet Mask Example Let’s pick a more ambitious design this time, which shows how subnet masks or host addresses can extend across multiple octets Remember, the whole purpose of this exercise is to compare the number of hosts needed for each subnet to the number you just calculated Chapter 2

Designing a Variable-Length Subnet Mask Designing and configuring variable-length subnet masks is more time-consuming and difficult, but makes much better use of available address space But let’s suppose that over half the subnets at PU require support for 30 devices or less VSLM was devised to cover this contingency VSLM makes it possible to create routing hierarchies and limit traffic on the backbone by making sure that smaller subnet address spaces can access the resources they need as efficiently as possible Chapter 2

Designing a Variable-Length Subnet Mask You must: Analyze the requirements for individual subnets Aggregate those requirements by their relationships to the nearest power of two that is at least two greater than the number of such subnets required Use the subnets that require the largest number of devices to decide the minimum size of the subnet mask Aggregate subnets that require smaller numbers of hosts within address spaces defined by the largest subdivisions Define a VLSM scheme that provides the necessary number of subnets of each size to fit its intended use best by aggregating subnets large and small to create the most efficient network traffic patterns Chapter 2

Calculating Supernets Supernets “steal” bits from the network portion of an IP address to “lend” those bits to the host part As part of how they work, supernets permit multiple IP network addresses to be combined and make them function together as if they represent a single logical network Chapter 2

Classless Inter-Domain Routing (CIDR) CIDR gets its name from the notion that it ignores the traditional A, B, and C class designations for IP addresses, and can therefore set the network-host ID boundary wherever it wants to, in a way that simplifies routing across the resulting IP address spaces Chapter 2

Classless Inter-Domain Routing (CIDR) Creating a CIDR address is subject to the following limitations: All the addresses in the CIDR address must be contiguous When address aggregation occurs, CIDR address blocks work best when they come in sets that are greater than one, and equal to some lower-order bit pattern that corresponds to all ones CIDR addresses are commonly applied to Class C addresses To use a CIDR address on any network, all routers in the routing domain must “understand” CIDR notation Chapter 2

Public Versus Private IP Addresses The private IP address ranges may be expressed in the form of IP network addresses, as shown in Table 2-4 Private IP addresses have one other noteworthy limitation Chapter 2

Public Versus Private IP Addresses Some IP services require what’s called a secure end-to-end connection—IP traffic must be able to move in encrypted form between the sender and receiver without intermediate translation Most organizations need public IP addresses only for two classes of equipment: Devices that permit organizations to attach networks to the Internet Servers that are designed to be accessible to the Internet Chapter 2

Managing Access to IP Address Information Although use of private IP addresses mandates NAT or a similar address substitutions or masquerade capability, some organizations elect to use address substitutions or masquerade even when they use perfectly valid public IP addresses on their internal networks Proxy servers can provide what is sometimes called reverse proxying This permits the proxy server to front for servers inside the boundary by advertising only the proxy server’s address to the outside world, and then forwarding only legitimate requests for service to internal servers for further processing Chapter 2

Obtaining Public IP Addresses Unless you work for an organization that has possessed its own public IP addresses since the 1980s (or acquired such addresses through merger or acquisition), it’s highly likely that whatever public IP addresses your organization uses were issued by the very same ISP who provides your organization with Internet access Because all devices accessible to the Internet must have public IP addresses, changing providers often means going through a tedious exercise called IP renumbering Chapter 2

IP Addressing Schemes To the uninitiated, it may appear that all these IP addresses are randomly assigned, or perhaps generated automatically by some computer somewhere A great deal of thought has gone into the strategy for allocating IP addresses around the world Chapter 2

The Network Space There are a number of critical factors that typically constrain IP addressing schemes, and we look at these in two groups The first group of constraints determines the number and size of networks These are: Number of physical locations Number of network devices at each location Amount of broadcast traffic at each location Availability of IP addresses Delay caused by routing from one network to another Chapter 2

The Network Space In most routers, the Layer 3 routing decisions are typically made by software, so it’s relatively slow when compared to similar decisions made at Layer 2 by switches This is because switches make their decisions with specialized hardware known as Application Specific Integrated Circuits (ASICs) A relatively new device known as a layer-3 switch simply implements the layer-3 logic from the software into its own ASICs Chapter 2

The Network Space The second group that helps users determine how to choose which IP addresses go where are design objectives: Minimize the size of the routing tables Minimize the time required for the network to “converge” Maximize flexibility and facilitate management and troubleshooting We already defined a number of networks necessary, so how do we reduce the number of routes in the routing table? The answer is called route aggregation, or summary addresses Chapter 2

The Host Space Now that you understand some of the factors involved in numbering the networks, let’s take a brief look at assigning IP addresses to hosts The advantage of a well-thought-out host naming strategy are a more flexible environment, and one that is easier to support You can easily identify devices by their IP addresses, regardless of which office they’re in Chapter 2

Summary IP addresses provide the foundation for identifying individual network interfaces (and therefore computers or other devices as well) on TCP/IP networks IP addresses come in five classes named A through E Classes A through C use the IPv4 32-bit address to establish different break points between the network and host portions of such network addresses Chapter 2

Summary Understanding binary arithmetic is essential to knowing how to deal with IP addresses, particularly when working with subnet masks To help ease address scarcity, the IETF created a form of classless addressing called Classless Inter-Domain Routing (CIDR) that permits the network-host boundary to fall away from octet boundaries Likewise, to make best use of IP network addresses, a technique called subnetting permits additional bits to be taken from the host portion of a network Chapter 2

Summary Several techniques exist to hide internal network IP addresses from outside view, including address masquerading and address substitution Within the Class A, B, and C IP address ranges, the IETF has reserved private IP addresses or address ranges When it comes to obtaining public IP addresses, the Internet Corporation for Assigned Names and Numbers (ICANN), previously the Internet Assigned Numbers Authority, or IANA, handled this task) is the ultimate authority Chapter 2