MCSE Magazine

By Erik Rozman

What would you do if there was a fire in your office?

When we think of computers communicating the first question that pops into mind is what kind of protocol are they using? Have you ever thought about what a protocol actually is? A protocol is a set of rules that helps you pass information from one party to another-the protocol dictates the rules that govern the communication and addressing schemes.

Lets take TCP/IP as an example for a protocol that dictates rules- a user uses a web browser to view a web site-he enters the web sites address (the information request) this request is addressed to the Web Service (port) on a remote computer (IP address) and is delivered by a hardware system that is not the concern of the user. The remote system using TCP/IP will understand the addressing information (protocol) and will deliver the information (the request) to the specific service.

That sounds a bit familiar-When we send a letter using standard mail (yes, some people still use it…) we are actually using a protocol that dictates a few rules of its own-first of all we have to write the letter (information) place it in an envelope and on the envelope scribble the address of the receiver (state, street, apartment number/IP+PORT) – on the other side we usually scribble our own address. After we are done with it we drop it off at our local post office.

The post office, based on the address places the letter on a truck/plane/ship (not our concern) that delivers the letter to the post office responsible for the destination address-they understand the address you scribbled on the envelope thus they deliver the letter to its exact destination.

As you can see the two processes are quite similar, we will take a closer look at the TCP/IP addressing scheme dictated by the protocol.

Binary notation versus Decimal Counting

Numbers and the options they provide and represent can be notated in two manners: Decimal and Binary.

Decimal Counting

The decimal system represents the numbers we use on a daily basis when speaking about money or quantities. As we can derive from its name the decimal systems basis is 10 since it can represent 10 different options with the numbers 0 through 9. When we say 253 we are actually using a 10 based system to create the number, when each position in the number represents X (a position between 0-9) multiplied by 10 at the power of n (representing the location of the number from the right) minus one:

Binary Counting

The binary system represents only two options (positions)-on or off with each digit (contrasting the decimal system that can represent 10). Keeping that in mind each binary digit or bit can only be 1 or 0 at any given time. To represent larger numbers or options we can add the bits together based on their position and state. Because we are speaking of bi-nary numbers each position represents 2 at the power of n minus one, if the position is ON-1:

If we want to represent 253 (decimal) in binary we will receive an 8-bit number (called a byte):253=11111101

Converting Decimal numbers to Binary

Divide the number by 2 if you get an even result add a zero to the right of your result, if you get an un-even result add a one to the right of your result. When you reach a lower results then one you have reached the last bit. Finally take the ones and zeroes you wrote down and represent them from right (the highest) to left (the lowest).

All information on a computer is based on the binary notation system, computers process and save all data as binary data. Everything in a computer can be represented by the binary system. For a better understanding of computer functions we should have some knowledge of the binary system. One of the functions that use the binary system in a computer is the IP addressing system.

An IP address

An IP (Internet Protocol) address is used to identify a TCP/IP host as a unique logical entity in a TCP/IP based network.

As we stated earlier the computer uses the binary system to perceive IP addresses yet humans tend to understand the decimal system better so for the purpose of representing IP addresses the decimal system is used and for the internal processes of the computer the binary system is used.

Keeping that in mind we can look at an IP address both in the binary and decimal format an IP address looks like this:

The binary number is represented by four octets (An octet is 8 bits. It is equivalent to a byte), divided by periods. If an octet is an 8 bit number then the largest value we can represent is 255 (11111111) and the lowest is zero (00000000) thus the values of 0 through 255 (decimal) can be represented (256).

Host ID – Net ID

An IP address is synonymous to an address, usually a physical address represents the street name and house number to uniquely identify the specific location you want to reach an IP address uses a similar system.

An IP address uses a Net ID to identify a specific network (street address), each physical network that you create should have a unique Network ID. Another very important role of the Network ID is to help a computer determine whether it is communicating with a local host or remote host.

A Network ID has different hosts (computers, printers etc.), which are represented by the Host ID(a specific house in the street), the Host ID should be unique on the Net ID.

If we look at the IP address we used above (199.203.185.177) we cannot differentiate the Net Id from the Host ID with a naked eye. The role of the glasses will be played by a Subnet Mask and the AND function.

Subnet Mask

A subnet mask is a number that is represented in the same format as an IP address – a 32 bit number divided by octets.

AND

The division is achieved by the computer using the AND function, we AND the IP address with the provided Subnet Mask in order to receive the Net ID.

The AND function provides us with a logic gate that blocks out the Host ID and provides us with the Net ID.

The basis of the AND function is that 1 and 1 equals 1, all other (0 and 1,1 and 0) combination result in zero.

For instance if we use the IP address 199.203.185.177 and convert it to binary we receive 11000111.11001011.10111001.10110001. If we use the Subnet Mask 255.255.255.0 and convert it to binary we receive 11111111.11111111.11111111.00000000.

The AND function will look like this:

So as you can see our Net ID is 199.203.185.0.

When a TCP/IP host starts up it ANDs its own IP address with its own subnet mask, it keeps the result (=Net ID) in RAM (different implementations use different solutions to achieve this).

Whenever the local host tries to contact another host it ANDs the other hosts IP address with its own Subnet Mask and then it checks to see if the result it received is equal to its own.

If it is equal (the same street) then the communication is local (the next step is ARPing the remote host-a function that concerns hardware delivery), if it isn’t equal (different street) the communication is remote (the next step is checking routing opportunities).

Let’s look at the host we ANDed earlier, we received a Net ID of 199.203.185.0. If this host tries to communicate with another host (IP=199.203.186.169) it will AND the other hosts IP address with its own subnet mask.

As you see the Net ID is equal to 199.203.185.186.0, if we compare it to our local Net ID (199.203.185.0) we can see that they differ thus this is a remote host and we have to look for routing possibilities. Ok, ok, so we use a subnet mask but who told us the value of the subnet mask??

Classful Addressing

In the classful addressing scheme our IP addresses are divided into different classes, each class providing us with information on how many networks can be created in the specific class and how many hosts can be placed on a specific network in a specific class.

Each class provides us with its own default Subnet Mask.

We can identify classes by the decimal (or binary…if you are that kind of a person) value of the first octet in the IP address we are provided with.

Y=Host ID.

Some network IDs cannot be used on public and/or private networks, these networks are reserved for specific purposes (RFC 1918). 127.0.0.0 (255.0.0.0)-loopback address-this whole Class A network has been reserved for tests-cannot be used on private or public networks.

10.0.0.0 (255.0.0.0)- can be used only on private networks(cannot be connected to the Internet)

172.16.0.0 (255.240.0.0)- can be used only on private networks(cannot be connected to the Internet)

192.168.0.0 (255.255.0.0)- can be used only on private networks(cannot be connected to the Internet)

169.254.0.0 (255.255.0.0)- this network is used by the Automatic Private IP Addressing feature used by some Microsoft systems.

Note On Addressing Guidelines

The classful system places very rigid limitations on networks since it gives us a given number of networks and hosts per network. If we have a company with approximately 2000 hosts it can’t be assigned a Class C network ID since it is too small(254 hosts per network) and if we assign it a Class B network ID we waste about 63,000 IP addresses.

A second problem arises- if a company has 60 hosts but 6 different networks (physical locations). If we provide them with 6 Class C network IDS we waste IP addresses in each Net ID.

Let’s look at our second problem first. We have a company that has six physical branches, the company wants to connect all six branches to the internet. Each branch has about 10 hosts.

When you contact your ISP (=Internet Service Provider) you receive a class C net ID-199.203.185.0 You cannot change the Net ID you received yet you can manipulate the subnet mask and thus the perceived Net ID. Using this manipulation technique you can add new Net IDs to the original Net ID, the new Net IDs will be called subnets.

The first step is to calculate the number of physical networks you need-6,actually you should always add two to the number of the physical networks you need since as you will later see we need to remove two-so in our case 8. Take the number and find the number of bits needed to display 8 different positions, in our case 3 bits.

Turn the three leftmost bits in the octet that represents your Host ID in the Subnet Mask to 1s: Original subnet mask:

New subnet mask :

All hosts on all six networks (branches) will use the new Subnet Mask. Now we have to find the new Sub Net IDs :

You take the smallest bit that is turned on (1) in the octet you changed and you verify it’s decimal value:

In our case: 11100000-32

You take 32 and you add it to the original Net ID:

To assign host IDs you use the range between the new Subnet IDs:

*Note that you can’t use the last number in the range since it is the Net IDs broadcast address.

When a host ANDs its own address with the new Subnet Mask (255.255.255.224) it will receive the subnet ID of the specific subnet it is located in (subnet 3):

IP: 199.203.185.100 – 11000111.11001011.10111010.01100100
Subnet Mask: 255.255.255.224 – 11111111.11111111.11111111.11100000
Network ID 199.203.185.96 – 11000111.11001011.10111010.01100000

If this host will try to communicate with a host on subnet 1 it will AND the subnet 1 hosts address with it’s own subnet mask:

IP: 199.203.185.33 – 11000111.11001011.10111010.00100001

Subnet Mask: 255.255.255.224 11111111.11111111.11111111.11100000
Network ID: 199.203.185.32 11000111.11001011.10111010.00100000

As you see what we actually do is enlarge the portion of the subnet mask that allows Net ID bits to pass through-by doing so we allow addition of new “Net Ids” at the cost of Host IDs.

In a normal Class C address(first octet 199) we have 254 host ids, after subnetting we lose 30 hosts to the last range(224-254),we lose 30 hosts to the first range(1-31) ,we lose the subnet ids(32,64,96,128,160,192) and we lose the broadcast addresses for each Sub Net ID (63,95,127,159,191,223). Each Sub Net receives a unique Sub Net broadcast address that can be used-the address is the one that has all ones (binary) in the host ID portion.

Another system exists-this system uses Variable Length Subnet Masking, it allows you to build a different subnet mask for each of your subnets-in order to provide a finer control for the number of hosts on each subnet-this technique can get quite complicated and isn’t widely used.

Supernetting(CIDR)

Supernetting is the exact opposite of subnetting. A company has 500 hosts. They can’t be assigned a class C address since it is too small(254 hosts) and they can’t be assigned a class B address since that would waste about 65,000 hosts. The companies ISP tells them that they can provide them with two class C network IDs. This solution is adequate since two class C networks include 508 host ids.

Now a new problem arises-every router has to be configured to include both network IDs, to overcome this problem you can use supernetting. You receive these two network ids:

Net ID 1 -199.203.132.0 11000111.11001011.10000100.00000000

Net ID 2 -199.203.133.0 11000111.11001011.10000101.00000000

As you can see the only difference between the two net ids is the one(underlined) bit, if you want a computer to perceive them as identical you have to hide this bit. As we stated earlier you can not change the net ids you receive yet you can manipulate them by using the Subnet Mask.

The default subnet mask for class C is 255.255.255.0. If we use it to AND a specific IP address on one of the subnets the problematic bit will be visible:

Net ID 1

IP: 199.203.132.1 – 11000111.11001011.10000100.00000001
Subnet Mask: 255.255.255.0 – 11111111.11111111.11111111.00000000
Net ID: 199.203.132.0 – 11000111.11001011.10000100.00000000

Net ID 2

IP: 199.203.133.1 – 11000111.11001011.10000101.00000001
Subnet Mask: 255.255.255.0 – 11111111.11111111.11111111.00000000
Net ID: 199.203.133.0 – 11000111.11001011.10000101.00000000

If we use a custom subnet mask, a subnet mask that hides the problematic bit we solve the problem:

Net ID 1

IP: 199.203.132.1 – 11000111.11001011.10000100.00000001
Subnet Mask: 255.255.254.0 – 11111111.11111111.11111110.00000000
Net ID: 199.203.132.0 – 11000111.11001011.10000100.00000000

Net ID 2

IP: 199.203.133.1 – 11000111.11001011.10000101.00000001
Subnet Mask: 255.255.254.0 – 11111111.11111111.11111110.00000000
Net ID: 199.203.132.0 – 11000111.11001011.10000100.00000000

Classless Inter-Domain Routing (CIDR)

Notation In CIDR we note the IP address we want to use and we add a slash (/) and the number of bits turned on in the subnet mask.

For instance: 199.203.185.32/24 means:

IP: 199.203.185.32

Subnet Mask:

255.255.255.0 -11111111.11111111.11111111.00000000 (24 bits used)

At this stage we understand (I hope) how two hosts can reach each other using the IP addressing scheme. The next question that comes to mind is how is a specific service (tenant) on a host identified?

This question is very important since we send information from one service to another, and the carrier of the information has to identify the source service and target service to enable a discussion between the two. The solution can be found in TCP/IP ports(actually TCP or UDP ports).