|
|
| |
Addressing schemes-Focusing on TCP/IP
|
|
| |
By Erik Rozman
What would you do if there was a fire in your office?
|
|
| |
When we think of computers communicating the
first question that pops into mind is what kind of protocol
are they using? Have you ever thought about what a protocol
actually is? A protocol is a set of rules that helps you pass
information from one party to another-the protocol dictates
the rules that govern the communication and addressing schemes.
Lets take TCP/IP as an example for a protocol that
dictates rules- a user uses a web browser to view a web site-he enters
the web sites address (the information request) this request is addressed
to the Web Service (port) on a remote computer (IP address) and is
delivered by a hardware system that is not the concern of the user.
The remote system using TCP/IP will understand the addressing information
(protocol) and will deliver the information (the request) to the
specific service.
That sounds a bit familiar-When we send a letter using
standard mail(yes, some people still use it…) we are actually
using a protocol that dictates a few rules of its own-first of all
we have to write the letter(information) place it in an envelope
and on the envelope scribble the address of the receiver(state, street,
apartment number/IP+PORT)-on the other side we usually scribble our
own address. After we are done with it we drop it off at our local
post office.
The post office, based on the address places the letter
on a truck/plane/ship(not our concern) that delivers the letter to
the post office responsible for the destination address-they understand
the address you scribbled on the envelope thus they deliver the letter
to its exact destination.
As you can see the two processes are quite similar,
we will take a closer look at the TCP/IP addressing scheme dictated
by the protocol.
|
|
| |
Binary notation versus Decimal Counting
Numbers and the options they provide and represent can be
notated in two manners: Decimal and Binary.
Decimal Counting
The decimal system represents the numbers we use on
a daily basis when speaking about money or quantities. As we can
derive from its name the deci-mal systems basis is 10 since it can
represent 10 different options with the numbers 0 through 9. When
we say 253 we are actually using a 10 based system to create the
number, when each position in the number represents X(a position
between 0-9) multiplied by 10 at the power of n(representing the
location of the number from the right) minus one:
|
|
| |
| 3 * 10 |
1-1 |
+ 5 * 10 |
2-1 |
+ 2 * 10 |
3-1 |
=2 53 |
| |
|
|
|
|
| |
Binary Counting
The binary system represents only two options (positions)-on
or off with each digit (contrasting the decimal system that
can represent 10). Keeping that in mind each binary digit
or bit can only be 1 or 0 at any given time. To represent
larger numbers or options we can add the bits together based
on their position and state. Because we are speaking of bi-nary
numbers each position represents 2 at the power of n minus
one, if the position is ON-1 :
If we want to represent 253(decimal) in binary we will receive
an 8-bit number(called a byte):
253=11111101
|
|
| |
Converting Decimal numbers to Binary
Divide the number by 2 if you get an even result add
a zero to the right of your result, if you get an un-even result
add a one to the right of your result. When you reach a lower result
then one you have reached the last bit. Finally take the ones and
zeroes you wrote down and represent them from right(the highest)
to left(the lowest).
253:2=126 - 1
126:2=63 - 0
63:2 =31 - 1
31:2 =15 - 1
15:2 =7 - 1
7:2 =3 - 1
3:2 =1 - 1
1:2 =0 - 1
All information on a computer is based on the binary notation system, computers
process and save all data as binary data. Everything in a computer can
be represented by the binary system. For a better understanding of computer
functions we should have some knowledge of the binary system. One of the
functions that use the binary system in a computer is the IP addressing
system.
|
|
| |
An IP address
An IP (Internet Protocol) address is used to identify a TCP/IP
host as a unique logical entity in a TCP/IP based network.
As we stated earlier the computer uses the binary
system to perceive IP addresses yet humans tend to understand the
decimal system better so for the purpose of representing IP addresses
the decimal system is used and for the internal processes of the
computer the binary system is used.
Keeping that in mind we can look at an IP address
both in the binary and decimal format an IP address looks like this:
Dotted Decimal = 199.203.185.177
Binary = 11000111.11001011.10111001.10110001
The binary number is represented by four octets (An
octet is 8 bits. It is equivalent to a byte),divided by
periods. If an octet is an 8 bit number then the largest value we
can represent is 255(11111111) and the lowest is zero (00000000)
thus the values of 0 through 255(decimal) can be represented(256).
|
|
| |
Host ID - Net ID
An IP address is synonymous to an address, usually a physical
address represents the street name and house number to uniquely
identify the specific location you want to reach an IP address
uses a similar system.
An IP address uses a Net ID to identify a specific
network (street address), each physical network that you create should
have a unique Network ID. Another very important role of the Network
ID is to help a computer determine whether it is communicating with
a local host or remote host.
A Network ID has different hosts (computers, printers
etc.), which are represented by the Host ID(a specific house in the
street), the Host ID should be unique on the Net ID.
If we look at the IP address we used above (199.203.185.177)
we can not differentiate the Net Id from the Host ID with a naked
eye. The role of the glasses will be played by a Subnet Mask and
the ANDing function. |
|
| |
Subnet Mask
A subnet mask is a number that is represented in the same
format as an IP address - a 32 bit number divided by octets.
AND
The division is achieved by the computer using the
AND function, we AND the IP address with the provided Subnet Mask
in order to receive the Net ID.
The ANDing function provides us with a logic gate
that blocks out the Host ID and provides us with the Net ID.
The basis of the AND function is that 1 and 1 equals
1,all other(0 and 1,1 and 0) combination result in zero.
For instance if we use the IP address 199.203.185.177
and convert it to binary we receive 11000111.11001011.10111001.10110001.
If we use the Subnet Mask 255.255.255.0 and convert it to binary
we receive 11111111.11111111.11111111.00000000.
The AND function will look like this:
199.203.185.177 - 11000111.11001011.10111001.10110001
255.255.255.0 - 11111111.11111111.11111111.00000000
199.203.185.0 - 11000111.11001011.10111001.00000000
So as you can see our Net ID is 199.203.185.0.
When a TCP/IP host starts up it ANDs its own IP address
with it's own subnet mask, it keeps the result (=Net ID) in RAM (different
implementations use different solutions to achieve this).
Whenever the local host tries to contact another host
it ANDs the other hosts IP address with it's own Subnet Mask and
then it checks to see if the result it received is equal to it's
own.
If it is equal (the same street) then the communication
is local (the next step is ARPing the remote host-a function that
concerns hardware delivery), if it isn't equal(different street)
the communication is remote(the next step is checking routing opportunities).
Lets look at the host we ANDed earlier, we received
a Net ID of 199.203.185.0. If this host tries to communicate with
another host (IP=199.203.186.169) it will AND the other hosts IP
address with its own subnet mask.
199.203.186.169 - 11000111.11001011.10111010.10101001
255.255.255.0 - 11111111.11111111.11111111.00000000
199.203.186.0- 11000111.11001011.10111010.00000000
As you see the Net ID is equal to 199.203.185.186.0,if
we compare it to our local Net ID(199.203.185.0) we can see that
they differ thus this is a remote host and we have to look for routing
possibilities. Ok, ok, so we use a subnet mask but who told us the
value of the subnet mask??
|
|
| |
Classful Addressing
In the classful addressing scheme our IP addresses are divided
into different classes, each class providing us with information
on how many networks can be created in the specific class
and how many hosts can be placed on a specific network in
a specific class.
Each class provides us with it's own default Subnet
Mask.
We can identify classes by the decimal(or binary…if you are
that kind of a person) value of the first octet in the IP address
we are provided with.
C
L
A
S
S |
Range of first octet |
Net ID/Host ID |
Number of Networks
A 2n-2
B 2n
C 2n |
Number of hosts per network
2n-2 |
Default Subnet Mask |
| A |
1-126 |
x.y.y.y |
126 |
16777214 |
255.0.0.0 |
| B |
128-191 |
x.x.y.y |
16384 |
65534 |
255.255.0.0 |
| C |
192-223 |
x.x.x.y |
2,097,152 |
254 |
255.255.255.0 |
n-number of bits used to represent the changing bits
of the net/host portion
X=Net ID.
Y=Host ID.
Some network IDs can not be used on public and/or
private networks, these networks are reserved for specific purposes
(RFC 1918). 127.0.0.0(255.0.0.0)-loopback address-this whole Class
A network has been reserved for tests-can not be used on private
or public networks.
10.0.0.0(255.0.0.0)- can be used only on private networks(can
not be connected to the Internet)
172.16.0.0(255.240.0.0)- can be used only on private
networks(can not be connected to the Internet)
192.168.0.0(255.255.0.0)- can be used only on private
networks(can not be connected to the Internet)
169.254.0.0(255.255.0.0)- this network is used by
the Automatic Private IP Addressing feature used by some Microsoft
systems. |
|
| |
Note On Addressing Guidelines
| 1. |
The first number in the network ID cannot be 127-This
ID number is reserved for testing connections. |
| 2. |
The host ID cannot be all 255s- this address is
used as a directed IP broadcast. |
| 3. |
The host ID cannot be all zeros- This syntax is
used to denote a network ID. |
| 4. |
The host ID must be unique to the local network
ID. |
The classful system places very rigid limitations on networks
since it gives us a given number of networks and hosts per
network. If we have a company with approximately 2000 hosts
it can't be assigned a Class C network ID since it is too
small(254 hosts per network) and if we assign it a Class
B network ID we waste about 63,000 IP addresses.
A second problem arises- if a company has 60 hosts but 6 different networks
(physical locations). If we provide them with 6 Class C network IDS we
waste IP addresses in each Net ID.
|
|
| |
Breaking the rules! |
|
| |
Subnetting |
|
| |
Let's look at our second problem first. We have
a company that has six physical branches, the company wants
to connect all six branches to the internet. Each branch has
about 10 hosts.
When you contact your ISP (=Internet Service Provider)
you receive a class C net ID-199.203.185.0 You cannot change the
Net ID you received yet you can manipulate the subnet mask and thus
the perceived Net ID. Using this manipulation technique you can add
new Net IDs to the original Net ID, the new Net IDs will be called
subnets.
The first step is to calculate the number of physical
networks you need-6,actually you should always add two to the number
of the physical networks you need since as you will later see we
need to remove two-so in our case 8. Take the number and find the
number of bits needed to display 8 different positions, in our case
3 bits.
Turn the three leftmost bits in the octet that represents
your Host ID in the Subnet Mask to 1s: Original subnet mask:
11111111.11111111.11111111.00000000-255.255.255.0
New subnet mask :
11111111.11111111.11111111.11100000-255.255.255.224
All hosts on all six networks (branches) will use
the new Subnet Mask. Now we have to find the new Sub Net IDs :
You take the smallest bit that is turned on (1) in
the octet you changed and you verify it's decimal value:
In our case: 11100000-32
You take 32 and you add it to the original Net ID:
|
|
| |
199.203.185.0-Original Net ID-cannot be used(RFC
950)
199.203.185.0 +32=199.203.185.32 Subnet ID 1
199.203.185.32 +32=199.203.185.64 Subnet ID 2
199.203.185.64 +32=199.203.185.96 Subnet ID 3
199.203.185.96 +32=199.203.185.128 Subnet ID 4
199.203.185.128+32=199.203.185.160 Subnet ID 5
199.203.185.160+32=199.203.185.192 Subnet ID 6
199.203.185.192+32=199.203.185.224 -cannot be used(RFC
950) |
|
| |
To assign host IDs you use the range between the new Subnet
IDs:
| Subnet |
Subnet ID |
Beginning
Range |
Ending
Range |
Number
of Hosts |
| 1 |
199.203.185.32 |
33 |
62 |
30 |
| 2 |
199.203.185.64 |
65 |
94 |
30 |
| 3 |
199.203.185.96 |
97 |
126 |
30 |
| 4 |
199.203.185.128 |
129 |
158 |
30 |
| 5 |
199.203.185.160 |
161 |
190 |
30 |
| 6 |
199.203.185.192 |
193 |
222 |
30 |
*Note that you can't use the last number in the range since
it is the Net IDs broadcast address.
When a host ANDs its own address with the new Subnet
Mask (255.255.255.224) it will receive the subnet ID of the specific
subnet it is located in (subnet 3):
IP: 199.203.185.100 - 11000111.11001011.10111010.01100100
Subnet Mask: 255.255.255.224 - 11111111.11111111.11111111.11100000
Network ID 199.203.185.96 - 11000111.11001011.10111010.01100000
If this host will try to communicate with a host on
subnet 1 it will AND the subnet 1 hosts address with it's own subnet
mask:
IP: 199.203.185.33 - 11000111.11001011.10111010.00100001
Subnet Mask: 255.255.255.224 11111111.11111111.11111111.11100000
Network ID: 199.203.185.32 11000111.11001011.10111010.00100000
199.203.185.96 <> 199.203.185.32
As you see what we actually do is enlarge the portion
of the subnet mask that allows Net ID bits to pass through-by doing
so we allow addition of new "Net Ids" at the cost of Host IDs.
In a normal Class C address(first octet 199) we have
254 host ids, after subnetting we lose 30 hosts to the last range(224-254),we
lose 30 hosts to the first range(1-31) ,we lose the subnet ids(32,64,96,128,160,192)
and we lose the broadcast addresses for each Sub Net ID (63,95,127,159,191,223).
Each Sub Net receives a unique Sub Net broadcast address that can
be used-the address is the one that has all ones (binary) in the
host ID portion.
Another system exists-this system uses Variable Length
Subnet Masking, it allows you to build a different subnet mask for
each of your subnets-in order to provide a finer control for the
number of hosts on each subnet-this technique can get quite complicated
and isn't widely used.
|
|
| |
Supernetting(CIDR)
Supernetting is the exact opposite of subnetting. A company
has 500 hosts. They can't be assigned a class C address since
it is too small(254 hosts) and they can't be assigned a class
B address since that would waste about 65,000 hosts. The
companies ISP tells them that they can provide them with
two class C network IDs. This solution is adequate since
two class C networks include 508 host ids.
Now a new problem arises-every router has to be configured
to include both network IDs, to overcome this problem you can use
supernetting. You receive these two network ids:
Net ID 1 -199.203.132.0 11000111.11001011.10000100.00000000
Net ID 2 -199.203.133.0 11000111.11001011.10000101.00000000
As you can see the only difference between the two
net ids is the one(underlined) bit, if you want a computer to perceive
them as identical you have to hide this bit. As we stated earlier
you can not change the net ids you receive yet you
can manipulate them by using the Subnet Mask.
The default subnet mask for class C is 255.255.255.0.
If we use it to AND a specific IP address on one of the subnets the
problematic bit will be visible:
Net ID 1
IP: 199.203.132.1 - 11000111.11001011.10000100.00000001
Subnet Mask: 255.255.255.0 - 11111111.11111111.11111111.00000000
Net ID: 199.203.132.0 - 11000111.11001011.10000100.00000000
Net ID 2
IP: 199.203.133.1 - 11000111.11001011.10000101.00000001
Subnet Mask: 255.255.255.0 - 11111111.11111111.11111111.00000000
Net ID: 199.203.133.0 - 11000111.11001011.10000101.00000000
199.203.132.0 <> 199.203.133.0
If we use a custom subnet mask, a subnet mask that
hides the problematic bit we solve the problem:
Net ID 1
IP: 199.203.132.1 - 11000111.11001011.10000100.00000001
Subnet Mask: 255.255.254.0 - 11111111.11111111.11111110.00000000
Net ID: 199.203.132.0 - 11000111.11001011.10000100.00000000
Net ID 2
IP: 199.203.133.1 - 11000111.11001011.10000101.00000001
Subnet Mask: 255.255.254.0 - 11111111.11111111.11111110.00000000
Net ID: 199.203.132.0 - 11000111.11001011.10000100.00000000
199.203.132.0 = 199.203.132.0
|
|
| |
Classless Inter-Domain Routing (CIDR)
Notation In CIDR we note the IP address we want to use and
we add a slash (/) and the number of bits turned on in the
subnet mask.
For instance: 199.203.185.32/24 means:
IP: 199.203.185.32
Subnet Mask:
255.255.255.0 -11111111.11111111.11111111.00000000
(24 bits used)
At this stage we understand (I hope) how two hosts
can reach each other using the IP addressing scheme. The next question
that comes to mind is how is a specific service (tenant) on a host
identified?
This question is very important since we send information
from one service to another, and the carrier of the information has
to identify the source service and target service to enable a discussion
between the two. The solution can be found in TCP/IP ports(actually
TCP or UDP ports). |
|
| |
By Erik Rozman MCT,
MCSE, MCSA, MCP+I, CCNA, CNA
|
|
|
 Special Promotions |
AVG Internet Security |
|
|
|
Save postage and get Key online
Weekend offer!
only 75 €
|
AVG Anti-Virus |
|
|
|
Save postage and get Key online
Weekend offer!
only 32 €
|
Get complete protection from the most dangerous threats on the internet - worms, viruses, trojans, spyware, and adware.
incl.
Anti-Spyware
"1 computer 1 year"
Get it for 32€ incl. VAT!
Save up to 15€!
PROMOTION
|
Consulting Articles 
