Network+ Study Guide
|
|
As you know from “The Internet Protocol” section earlier in this chapter, IP moves data between computer systems in the form of a datagram, and each datagram is delivered to the destination port number that is contained in the datagram header. This destination port number, or address, is a standard 16-bit number that contains enough information to identify the receiving network and the specific host on that network for which the datagram is intended.
In this section, you’ll learn what IP addresses are, why they are so necessary, and how they are used in TCP/IP networking. But first, let’s clear up a possible source of confusion: Ethernet addresses and IP addresses.
Ethernet Addresses Explained
You may remember from an earlier section that TCP/IP is independent of the underlying network hardware. If you are running on an Ethernet-based network, be careful not to confuse the Ethernet hardware address and the IP address required by TCP/IP.
Each Ethernet network card (and any other NIC, for that matter) has its own unique hardware address, known as the media access control (MAC) address. This hardware address is predefined and preprogrammed on the NIC by the manufacturer of the board as a unique 48-bit number.
The first three parts of this address are called the Organizationally Unique Identifier (OUI) and are assigned by the Institute of Electrical and Electronics Engineers (IEEE). Manufacturers purchase OUIs in blocks and then assign the last three parts of the MAC address, making each assignment unique. Remember that the Ethernet address is predetermined and is hard-coded onto the NIC. IP addresses, however, are very different.
IP Addresses Explained
TCP/IP requires that each computer on a TCP/IP network have its own unique IP address. There are two addressing schemes for TCP/IP: IPv4 and IPv6. You should know how each of these schemes differs.
IPv4
An IPv4 address is a 32-bit number, usually represented as a four-part number, with each of the four parts separated by a period or decimal point. You may also hear this method of representation called dotted decimal or quad decimal. In the IPv4 address, each individual byte, or octet as it is sometimes called, can have a value in the range of 0 through 255.
Note | The term octet is the Internet community’s own term for an 8-bit byte. It came into common use because some of the early computers attached to the Internet had bytes of more than 8 bits; for example, DEC’s systems have blocks of 18 bits. |
The way these addresses are used varies according to the class of the network, so all you can say with certainty is that the 32-bit IPv4 address is divided in some way to create an address for the network and an address for each host. In general, though, the higher-order bits of the address make up the network part of the address, and the rest constitutes the host part of the address. In addition, the host part of the address can be divided further to allow for a subnetwork address. For more detail on this addressing scheme, see the “IPv4 Address Classifications” and “Understanding Subnets” sections later in this chapter.
Some host addresses are reserved for special use. For example, in all network addresses, host numbers 0 and 255 are reserved. An IPv4 host address with all host bits set to 0 identifies the network itself; so 52.0.0.0 refers to network 52. An IP address with all host bits set to 255 is known as a broadcast address. The broadcast address for network 204.176 is 204.176.255.255. A datagram sent to this address is automatically sent to every individual host on the 204.176 network.
ARIN (American Registry of Internet Numbers) assigns and regulates IP addresses on the Internet; you can get one directly from ARIN, or you can ask your Internet service provider (ISP) to secure an IP address on your behalf. Another strategy is to obtain your address from ARIN and only use it internally until you are ready to connect to the Internet.
Note | If you are setting up an intranet and you don’t want to connect to the outside world through the Internet, you don’t need to register the IP addresses you use on your intranet with ARIN. Registering your addresses with ARIN simply ensures that the addresses you propose to use are unique over the entire Internet. If you are never going to connect to the Internet, there's no reason to worry about whether those addresses are redundant with a computer that isn't even on your network. |
IPv6
IPv6 was originally designed because the number of available unregistered IPv4 addresses was running low. Because IPv6 uses a 128-bit addressing scheme, it has more than 79 octillion (that’s 79,000,000,000,000,000,000,000,000,000 to you and me) times as many available addresses as IPv4. Also, instead of using binary digits or decimal digits, IPv6 uses eight sets of four hexadecimal digits, like so:
3FFE:0B00:0800:0002:0000:0000:0000:000C
In addition, you can abbreviate these very long addresses by dropping leading zeros (like the zero before the B in “0B00”). You can also drop any single grouping of zero octets (as in the number above) between numbers as long as you replace them with a double colon (::) and they are complete octets (you can’t drop the three zeros in the second octet to make it just “B” instead of “0B00,” for example). If you apply this rule (known as the zero compression rule) to the above address, it would make the example address look like so:
3FFE:0B00:0800:0002::000C
Warning | You can’t use the zero compression rule to drop more than one grouping of zero octets. For example, you can’t make 3FFE:0000:0000:0002:0000:0000: 0000:000C into 3FFE::0002::000C. This is also part of the zero compression rule: There can be only one set of double colons! |
As with IPv4, there are several addresses that are reserved for special uses. The IPv6 address ::/0 is the default address for a host (like 0.0.0.0 in IPv4). The address ::1/128 is reserved for the local loopback (like 127.0.0.1 in IPv4). IPv6 also includes provisions for the old IPv4 hosts so they can be migrated to the new addressing scheme. This is accomplished by using the address ::xxx.xxx.xxx.xxx where the last four sets of digits refer to the old IPv4 address.
The way a host is configured is one very unique aspect of the IPv6 addressing scheme. Instead of an IP address, subnet mask, and default gateway, each station is required to have three different addresses. First of all, the host has an address from each upstream supplier, a local address, and a link-local address. The local address is a number like ::1/128 that defines the local host. The link-local address is the address for the local subnet.
Finally, IPv6 has some other unique addressing concepts, like autoconfiguration (similar to DHCP, but extended further) and neighbor discovery, whereby the IPv6 host discovers its network surroundings.
Note | For more information on IPv6, check out RFC 2373 at www.faqs.org/rfcs. |
IPv4 Address Classifications
In the 32-bit IP address, the number of bits used to identify the network and the host vary according to the network class of the address. If you never connect your intranet to the outside world and the Internet, you have no need to concern yourself with this information. If you do plan to connect to the Internet (and to do well on the exam), you’ll need to know that the several classes are as follows:
-
Class A is used for very large networks only. The high-order bit in a Class A network is always 0, which leaves 7 bits available to define 127 networks. The remaining 24 bits of the address allow each Class A network to hold as many as 16,777,214 hosts. Examples of Class A networks include General Electric, IBM, Hewlett-Packard, Apple, Xerox, DEC, Columbia University, and MIT. All possible Class A networks are in use; no more are available.
-
Class B is used for medium-sized networks. The two high-order bits are always 10 (that’s “one zero”, not “ten”), and the remaining bits are used to define 16,384 networks, each with as many as 65,534 hosts attached. Examples of Class B networks include Microsoft and Exxon. All Class B networks are in use; no more of them are available.
-
Class C is for smaller networks. The three high-order bits are always 110, and the remaining bits are used to define 2,097,152 networks, but each network can have a maximum of only 254 hosts. Class C networks are still available.
-
Class D is a special multicast address and cannot be used for networks. The four high-order bits are always 1110, and the remaining 28 bits allow access to more than 268 million possible addresses.
-
Class E is reserved for experimental purposes. The first four bits in the address are always 1111.
Figure 3.5 illustrates the relationships among these classes and shows how the bits are allocated by InterNIC.
Because the bits used to identify the class are combined with the bits that define the network address, we can draw the following conclusions from the size of the first octet, or byte, of the address:
-
A value of 126 or less indicates a Class A address. The first octet is the network number; the next three, the host address.
-
A value of exactly 127 is reserved as a loopback test address. If you send a message to 127.0.0.1, the Ping doesn’t actually generate any network traffic. It does, however, test that TCP/IP is installed correctly. Using this number as a special test address has the unfortunate effect of wasting more than 24 million possible IP addresses.
-
A value of 128 through 191 is a Class B address. The first two octets are the network number, and the last two are the host address.
-
A value of 192 through 223 is a Class C address. The first three octets are the network address, and the last octet is the host address.
-
A value greater than 223 indicates a reserved address.
Tip | Three other special address types are 10.x.x.x, 192.168.xxx.xxx, and 172.16.x.x– 172.31.x.x. These addresses are specified in RFC 1918 as being available to anyone who wants to use IP addressing on a private network, but does not want to connect to the Internet. Private addresses are those addresses that are not routed by Internet routers. Public addresses are those IP addresses that will be passed by Internet routers. You can use this address without the risk of compromising someone else’s registered network address. |
Understanding Subnets
The IP addressing scheme provides a flexible solution to the task of addressing thousands of networks, but it is not without problems. The original designers did not envision the Internet growing as large as it has; at that time, a 32-bit address seemed so large that they quickly divided it into different classes of networks to facilitate routing rather than reserving more bits to manage the growth in network addresses. (Who ever thought we would need a PC with more than 640KB of memory?) To solve this problem, and to create a large number of new network addresses, another way of dividing the 32-bit address was developed, called subnetting.
An IP subnet modifies the IP address by using host address bits as additional network address bits. In other words, the dividing line between the network address and the host address is moved to the right, thus creating additional networks but reducing the number of hosts that can belong to each network.
When IP networks are subnetted, they can be routed independently, which allows a much better use of address space and available bandwidth. To subnet an IP network, you define a bit mask, known as a subnet mask, in which a bit pattern cancels out unwanted bits so that only the bits of interest remain.
Working out subnet masks is one of the most complex tasks in network administration and is not for the faint of heart. If your network consists of a single segment (in other words, there are no routers on your network), you will not have to use this type of subnetting; but if you have two or more segments (or subnets), you will have to make some sort of provision for distributing IP addresses appropriately. Using a subnet mask is the way to do just that.
The subnet mask is similar in structure to an IP address in that it has four parts, or octets, but now it defines three elements (network, subnet, and host) rather than two (network and host). It works a bit like a template that, when superimposed on top of the IP address, indicates which bits in the IP address identify the network and which bits identify the host. If a bit is on (such as a 1) in the mask, that equivalent bit in the address is interpreted as a network bit. If a bit is off (such as a 0) in the mask, the bit is part of the host address. The 32-bit value is then converted to dotted decimal notation. In general, you will use only one subnet mask on your network.
A subnet is only known and understood locally; to the rest of the Internet, the address is still interpreted as a standard IP address. Table 3.2 shows how this works for the standard IP address classes.
Class | Subnet Mask Bit Pattern | Subnet Mask |
---|---|---|
A | 11111111 00000000 00000000 00000000 | 255.0.0.0 |
B | 11111111 11111111 00000000 00000000 | 255.255.0.0 |
C | 11111111 11111111 11111111 00000000 | 255.255.255.0 |
Routers then use the subnet mask to extract the network portion of the address so that they can send the data packets along the proper route on the network.
Because all the Class A and Class B networks are taken, you are most likely to encounter subnet-related issues when working with a Class C network. In the next section, you’ll get a detailed look at how to subnet a Class C network.
When faced with the choice of whether or not to subnet your network, you must remember several of the advantages to subnetting. The following list summarizes the advantages of the subnetting solution.
-
It reduces the size of routing tables.
-
It minimizes network traffic.
-
It isolates networks from others.
-
It maximizes performance.
-
It optimizes IP address space.
-
It enhances the ability to secure a network.
Subnetting a Class C Network
How do you find out the values that you can use for a Class C network subnet mask? Remember from a previous discussion that InterNIC defines the leftmost three octets in the address, leaving you with the rightmost octet for your own network addresses. If your network consists of a single segment, you have the following subnet mask:
11111111 11111111 11111111 00000000
When expressed as a decimal number, this is:
255.255.255.0
Because all of your addresses must match these leftmost 24 bits, you can do what you’d like with the last 8 bits, given a couple of exceptions that we’ll look at in a moment.
You might decide to divide your network into two equally sized segments, with, for example, the numbers 1 through 127 as the first subnet (00000001 through 01111111 in binary), and the numbers 128 through 255 as the second subnet (10000000 through 11111111 in binary). Now the number inside the subnets can vary only in the last seven places, and the subnet mask becomes:
255.255.255.128
In binary this is:
11111111.11111111.11111111.10000000
Tip | Use the Windows Calculator in scientific mode (choose View Ø Scientific) to look at binary-to-decimal and decimal-to-binary conversions. Click the Bin (binary) button and then type the bit pattern that you want to convert. Click the Dec (decimal) button to display its decimal value. You can also go the other way, and display a decimal number in binary form. |
Now let’s get back to the exceptions mentioned earlier. The network number is the first number in each range, so the first subnet’s network number is X.Y.Z.0, and the second is X.Y.Z.128 (X, Y, and Z are the octets assigned by InterNIC). The default router address is the second number in each range—X.Y.Z.1 and X.Y.Z.129—and the broadcast address is the last address, or X.Y.Z.127 and X.Y.Z.255. You can use all the other addresses within the range, as you see fit, on your network.
Table 3.3 describes how you can divide a Class C network into four equally sized subnets with a subnet mask of 255.255.255.192. This gives you 61 IP addresses on each subnet once you have accounted for the network, router, and broadcast default addresses.
Network Number | First Address | Broadcast Address |
---|---|---|
X.Y.Z.0 | X.Y.Z.1 | X.Y.Z.63 |
X.Y.Z.64 | X.Y.Z.65 | X.Y.Z.127 |
X.Y.Z.128 | X.Y.Z.129 | X.Y.Z.191 |
X.Y.Z.192 | X.Y.Z.193 | X.Y.Z.255 |
Table 3.4 describes how you can divide a Class C network into eight equally sized subnets with a subnet mask of 255.255.255.224. This gives you 29 IP addresses on each subnet once you have accounted for the network, router, and broadcast default addresses.
Network Number | First Address | Broadcast Address |
---|---|---|
X.Y.Z.0 | X.Y.Z.1 | X.Y.Z.31 |
X.Y.Z.32 | X.Y.Z.33 | X.Y.Z.63 |
X.Y.Z.64 | X.Y.Z.65 | X.Y.Z.95 |
X.Y.Z.96 | X.Y.Z.97 | X.Y.Z.127 |
X.Y.Z.128 | X.Y.Z.129 | X.Y.Z.159 |
X.Y.Z.160 | X.Y.Z.161 | X.Y.Z.191 |
X.Y.Z.192 | X.Y.Z.193 | X.Y.Z.223 |
X.Y.Z.224 | X.Y.Z.225 | X.Y.Z.255 |
Classless Internetwork Domain Routing (CIDR)
InterNIC no longer gives out addresses under the Class A, B, or C designations. Instead, it uses a method called Classless Internetwork Domain Routing (or CIDR, which is usually pronounced “cider”). CIDR networks are described as “slash x” networks; the x represents the number of bits in the IP address range that InterNIC controls. This allows InterNIC to define networks that fall between the old classifications, which means that you can get a range of addresses much better suited to your needs than in times past. In CIDR terms, a network classified as a Class C network under the old scheme becomes a slash 24 network, because InterNIC controls the leftmost 24 bits and you control the rightmost 8 bits. Table 3.5 shows some examples of slash x network types.
InterNIC Network Type | Subnet Mask | Approximate Number of IP Addresses |
---|---|---|
slash 8 | 255.0.0.0 | 16,000,000 |
slash 12 | 255.240.0.0 | 1,000,000 |
slash 16 | 255.255.0.0 | 65,536 |
slash 20 | 255.255.240.0 | 4,096 |
slash 21 | 255.255.248.0 | 2,048 |
slash 22 | 255.255.252.0 | 1,024 |
slash 23 | 255.255.254.0 | 512 |
slash 24 | 255.255.255.0 | 256 |
slash 25 | 255.255.255.128 | 128 |
slash 26 | 255.255.255.192 | 64 |
slash 27 | 255.255.255.224 | 32 |
slash 28 | 255.255.255.240 | 16 |
slash 29 | 255.255.255.248 | 8 |
slash 30 | 255.255.255.252 | 4 |
Note | You can also combine multiple Class C networks into a single network using this same designation system. This process is known as supernetting. |
IP Proxy Servers Explained
A proxy server is one of several solutions to the problems associated with connecting your intranet or corporate network to the Internet. A proxy server is a program that handles traffic to external host systems on behalf of the client software running on the protected network; this means that clients access the Internet through the proxy server. It’s a bit like those oneway mirrors—you can see out, but a potential intruder cannot see in.
Note | Another mechanism used to monitor and control traffic between the Internet and an internal network is a firewall. Although the functions performed by proxy servers and firewalls are related and are starting to appear in combination products, they’ll be presented in different chapters here. You will find more information on firewalls in Chapter 9, “Fault Tolerance and Disaster Recovery.” |
A proxy server sits between a user on your network and a server out on the Internet. Instead of communicating with each other directly, each talks to the proxy (in other words, to a “stand-in”). From the user’s point of view, the proxy server presents the illusion that the user is dealing with a genuine Internet server. To the real server on the Internet, the proxy server gives the illusion that the real server is dealing directly with the user on the internal network. So a proxy server can be both a client and a server; it depends on which way you are facing. The point to remember here is that the user is never in direct contact with the Internet server, as Figure 3.6 illustrates.
The proxy server does more than just forward requests from your users to the Internet and back. Because it examines and makes decisions about the requests that it processes, it can control what your users can do. Depending on the details of your security policy, client requests can be approved and forwarded, or they can be denied. And rather than requiring that the same restrictions be enforced for all users, many advanced proxy server packages can offer different capabilities to different users.
Warning | A proxy server can be effective only if it is the only type of connection between an internal network and the Internet. As soon as you allow a connection that does not go through a proxy server, your network is at risk. |
Proxy Server Caching
Many proxy servers can cache documents, which is particularly useful if a number of clients request the same document independently. With caching, the client request is filled more quickly, and Internet traffic is reduced. The types of caching are as follows:
Active Caching The proxy server uses periods of low activity to go out and retrieve documents that it thinks will be requested by clients in the near future.
Passive Caching The proxy server waits for a client to make a request, retrieves the document, and then decides whether or not to cache the document.
Note | Some documents, such as those from a paid subscription service or those requiring specific authentication, cannot be cached. |
Large companies may have multiple proxy servers, and two caching standards have emerged: Internet Cache Protocol and Cache Array Routing Protocol.
Internet Cache Protocol (ICP)
Internet Cache Protocol (ICP) specifies a message format to be used for communications between proxy servers; these messages are used to exchange information about the presence or absence of a specific web page in the proxy server cache. Unfortunately, ICP is not scalable, and the number of ICP messages exchanged between proxy servers climbs rapidly as the number of proxy servers increases.
Cache Array Routing Protocol (CARP)
Cache Array Routing Protocol (CARP) offers a solution to the ICP problem by using multiple proxy servers with a single large cache. CARP removes the need for proxy server–to–proxy server communications and also prevents the information in the cache from becoming redundant over time. CARP is referred to as queryless distributed caching and is supported in Netscape and Microsoft proxy server products.
|
|