Network Addressing

IP addresses are broken into 4 octets (IPv4) separated by dots called dotted decimal notation. An octet is a byte consisting of 8 bits. The IPv4 addresses are in the following form:

192.168.10.1

There are two parts of an IP address:
●     Network ID
●     Host ID 

The various classes of networks specify additional or fewer octets to designate the network ID versus the host ID.





When a network is set up, a netmask is also specified. The netmask determines the class of the network as shown below, except for CIDR. When the netmask is setup, it specifies some number of most significant bits with a 1's value and the rest have values of 0. The most significant part of the netmask with bits set to 1's specifies the network address, and the lower part of the address will specify the host address. When setting addresses on a network, remember there can be no host address of 0 (no host address bits set), and there can be no host address with all bits set.

Class A-E networks

The addressing scheme for class A through E networks is shown below. Note: We use the 'x' character here to denote don't care situations which includes all possible numbers at the location. It is many times used to denote networks. 

Network Type Address Range                    Normal Netmask Comments

Class      A 001.x.x.x to 126.x.x.x            255.0.0.0              For very large networks 

Class      B 128.1.x.x to 191.254.x.x        255.255.0.0          For medium size networks 

Class      C 192.0.1.x to 223.255.254.x    255.255.255.0      For small networks

Class      D 224.x.x.x to 239.255.255.255                             Used to support multicasting 

Class      E 240.x.x.x to 247.255.255.255

RFCs 1518 and 1519 define a system called Classless Inter-Domain Routing (CIDR) which is used to allocate IP addresses more efficiently. This may be used with subnet masks to establish networks rather than the class system shown above. A class C subnet may be 8 bits but using CIDR, it may be 12 bits.
 

There are some network addresses reserved for private use by the Internet Assigned Numbers Authority (IANA) which can be hidden behind a computer which uses IP masquerading to connect the private network to the internet. There are three sets of addresses reserved. These address are shown below:

●     10.x.x.x 

●     172.16.x.x - 172.31.x.x 

●     192.168.x.x
 

Other reserved or commonly used addresses:
●     127.0.0.1 - The loopback interface address. All 127.x.x.x addresses are used by the loopback 

       interface which copies data from the transmit buffer to the receive buffer of the NIC when used. 

●     0.0.0.0 - This is reserved for hosts that don't know their address and use BOOTP or DHCP     protocols to determine their addresses. 

●     255 - The value of 255 is never used as an address for any part of the IP address. It is reserved for broadcast addressing. Please remember, this is exclusive of CIDR. When using CIDR, all bits of the address can never be all ones.
 

To further illustrate, a few examples of valid and invalid addresses are listed below:
 

1.  Valid addresses: 

❍     10.1.0.1 through 10.1.0.254 

❍     10.0.0.1 through 10.0.0.254 

❍     10.0.1.1 through 10.0.1.254 2.  

2.Invalid addresses: 

❍     10.1.0.0 - Host IP can't be 0.

❍     10.1.0.255 - Host IP can't be 255. 

❍     10.123.255.4 - No network or subnet can have a value of 255. 

❍     0.12.16.89 - No Class A network can have an address of 0. 

❍     255.9.56.45 - No network address can be 255. 

❍     10.34.255.1 - No network address can be 255.

Network/Netmask specification

Sometimes you may see a network interface card (NIC) IP address specified in the following manner:
 

192.168.1.1/24
 

The first part indicates the IP address of the NIC which is "192.168.1.1" in this case. The second part "/24" indicates the netmask value meaning in this case that the first 24 bits of the netmask are set. This makes the netmask value 255.255.255.0. If the last part of the line above were "/16", the netmask would be 255.255.0.0.

Subnet masks

Subnetting is the process of breaking down a main class A, B, or C network into subnets for routing purposes. A subnet mask is the same basic thing as a netmask with the only real difference being that you are breaking a larger organizational network into smaller parts, and each smaller section will use a different set of address numbers. This will allow network packets to be routed between subnetworks. When doing subnetting, the number of bits in the subnet mask determine the number of available subnets. Two to the power of the number of bits minus two is the number of available subnets. When setting up subnets the following must be determined:
 

●     Number of segments 

●     Hosts per segment
 

Subnetting provides the following advantages:
 

●     Network traffic isolation - There is less network traffic on each subnet. 

●     Simplified Administration - Networks may be managed independently. 

●     Improved security - Subnets can isolate internal networks so they are not visible from 

        external  networks.

A 14 bit subnet mask on a class B network only allows 2 node addresses for WAN links. A routing algorithm like OSPF or EIGRP must be used for this approach. These protocols allow the variable length subnet masks (VLSM). RIP and IGRP don't support this. Subnet mask information must be transmitted on the update packets for dynamic routing protocols for this to work. The router subnet mask is different than the WAN interface subnet mask.
 

One network ID is required by each of:
 

●     Subnet

●     WAN connection
 

 One host ID is required by each of:
 

●     Each NIC on each host. 

●     Each router interface.
 

Types of subnet masks:
 

●     Default - Fits into a Class A, B, or C network category 

●     Custom - Used to break a default network such as a Class A, B, or C network into subnets.

IPv6

IPv6 is 128 bits. It has eight octet pairs, each with 16 bits and written in hexadecimal as follows:
 

2b63:1478:1ac5:37ef:4e8c:75df:14cd:93f2
 

Extension headers can be added to IPv6 for new features.

Supernetting

Supernetting is used to help make up for some of the shortage if IP addresses for the internet. It uses Classless Inter-Domain Routing (CIDR). If a business needs a specific number of IP addresses such as 1500, rather than allocating a class B set of addresses with the subnet mask of 255.255.0.0, a subnet mask of 255.255.248.0 may be allocated. Therefore the equivalent of eight class C addresses have been allocated. With supernetting, the value of 2 is not subtracted from the possible number of subnets since the router knows that these are contiguous networks. 8 times 254 = 2032.

What section of this document to read next

At this point the reader should have enough fundamental knowledge to grasp routing, so the reader may continue on or skip to the section entitled, "simple routing". The reader may at this time read all the sections in the "Functions" group of sections, then continue back at the section after this one where you left off.

IEEE 802 Standard

The Data Link Layer and IEEE

When we talk about Local Area Network (LAN) technology the IEEE 802 standard may be heard. This

standard defines networking connections for the interface card and the physical connections, describing how they are done. The 802 standards were published by the Institute of Electrical and Electronics Engineers (IEEE). The 802.3 standard is called ethernet, but the IEEE standards do not define the exact original true ethernet standard that is common today. There is a great deal of confusion caused by this. There are several types of common ethernet frames. Many network cards support more than one type.

The ethernet standard data encapsulation method is defined by RFC 894. RFC 1042 defines the IP to link

layer data encapsulation for networks using the IEEE 802 standards. The 802 standards define the two

lowest levels of the seven layer network model and primarily deal with the control of access to the

network media. The network media is the physical means of carrying the data such as network cable. The

control of access to the media is called media access control (MAC). The 802 standards are listed below:

•  802.1 - Internetworking
•  802.2 - Logical Link Control *
•  802.3 - Ethernet or CSMA/CD, Carrier-Sense Multiple Access with Collision detection LAN *
•  802.4 - Token-Bus LAN *
•  802.5 - Token Ring LAN *
•  802.6 - Metropolitan Area Network (MAN)
•  802.7 - Broadband Technical Advisory Group
•  802.8 - Fiber-Optic Technical Advisory Group
•  802.9 - Integrated Voice/Data Networks
•  802.10 - Network Security
•  802.11 - Wireless Networks
•  802.12 - Demand Priority Access LAN, 100 Base VG-AnyLAN

*The Ones with stars should be remembered in order for network certification testing.

Network Access Methods

There are various methods of managing access to a network. If all network stations tried to talk at once, the messages would become unintelligible, and no communication could occur. Therefore a method of being sure that stations coordinate the sending of messages must be achieved. There are several methods listed below which have various advantages and disadvantages.

 Contention

1.  Carrier-Sense Multiple Access with Collision Detection (CSMA/CD) - Used by Ethernet
2.  Carrier-Sense Multiple Access with Collision Avoidance (CSMA/CA)

•  Token Passing - A token is passed from one computer to another, which provides transmission permission.
•  Demand Priority - Describes a method where intelligent hubs control data transmission. A computer will send a demand signal to the hub indicating that it wants to transmit. The hub sill respond with an acknowledgement that will allow the computer to transmit. The hub will allow computers to transmit in turn. An example of a demand priority network is 100VG-AnyLAN (IEEE 802.12). It uses a star-bus topology.
•  Polling - A central controller, also called the primary device will poll computers, called secondary devices, to find out if they have data to transmit. Of so the central controller will allow them to transmit for a limited time, then the next device is polled.

Token passing performs better when the network has a lot of traffic, while ethernet which uses CSMA/CD is generally faster but loses performance when the network has a lot of traffic. CSMA/CD is basically a method that allows network stations to transmit any time they want. They, however, sense the network line and detect if another station has transmitted at the same time they did. This is called a collision. If a collision happened, the stations involved will retransmit at a later, randomly set time in hopes of avoiding another collision.

IP to link layer encapsulation

The requirements for IP to link layer encapsulation for hosts on a Ethernet network

•  All hosts must be able to send and receive packets defined by RFC 894.
•  All hosts should be able to receive a mix of packets defined by RFC 894 and RFC 1042.
•  All hosts may be able to send RDC 1042 defined packets.

Hosts that support both must provide a means to configure the type of packet sent and the default must be

packets defined by RFC 894.

Ethernet and IEEE 802 Encapsulation formats

Ethernet (RFC 894) message format consists of:

1. 6 bytes of destination address.

2. 6 bytes of source address.

3. 2 bytes of message type which indicates the type of data being sent.

4. 46 to 1500 bytes of data.

5. 4 bytes of cyclic redundancy check (CRC) information.

IEEE 802 (RFC 1042) Message format consists of 3 sections plus data and CRC as follows:

•  802.3 Media Access Control section used to coordinate the sending of data between computers.

      1. 6 bytes of destination address.

      2. 6 bytes of source address.

      3. 2 bytes of length - The number of bytes that follow not including the CRC.

•  802.2 Logical Link control establishes service access points (SAPs) between computers.

      1. 1 byte destination service access point (DSAP).

      2. 1 byte source service access point (SSAP).

      3. 1 byte of control.

•  Sub Network Access Protocol (SNAP).

      1. 3 bytes of org code.

      2. 2 bytes of message type which indicates the type of data being sent.

•  38 to 1492 bytes of data.
•  4 bytes of cyclic redundancy check (CRC) information.

Some ethernet message types include:

•  0800 - IP datagram with length of 38 to 1492 bytes. 
•  0806 - ARP request or reply with 28 bytes and pad bytes that are used to make the frame long enough for the minimum length.
•  8035 - RARP request or reply of 28 bytes and pad bytes that are used to make the frame long enough for the minimum length.

These message types are the same for both formats above with the exception of the pad bytes. The pad bytes for the RFC 894 and RFC 1042 datagrams are of different lengths between the two message formats because the RFC 894 minimum message length is 46 bytes and the RFC 1042 minimum message length is 38 bytes. Also the two message formats above are distinguishable from each other. This is because the RFC 894 possible length values are exclusive of RFC 1042 possible type values.

Trailor Encapsulation

This is described in RFC 1122 and RFC 892, but this scheme is not used very often today. The trailer protocol [LINK:1] is a link-layer encapsulation method that rearranges the data contents of packets sent on the physical network. It may be used but only after it is verified that both the sending and receiving hosts support trailers. The verification is done for each host that is communicated with.

RFC 1122 states: "Only packets with specific size attributes are encapsulated using trailers, and typically only a small fraction of the packets being exchanged have these attributes. Thus, if a system using trailers exchanges packets with a system that does not, some packets disappear into a black hole while others are

delivered successfully."

Trailer negotiation is performed when ARP is used to discover the media access control (MAC) address

of the destination host. RFC 1122 states: "a host that wants to speak trailers will send an additional "trailer ARP reply" packet, i.e., an ARP reply that specifies the trailer encapsulation protocol type but otherwise has the format of a normal ARP reply. If a host configured to use trailers receives a trailer ARP reply message from a remote machine, it can add that machine to the list of machines that understand trailers, e.g., by marking the corresponding entry in the ARP cache."

TCP/IP Ports and Addresses

Each machine in the network shown below, has one or more network cards. The part of the network that does the job of transporting and managing the data across the network is called TCP/IP which stands for Transmission Control Protocol (TCP) and Internet Protocol (IP). There are other alternative mechanisms for managing network traffic, but most, such as IPX/SPX for Netware, will not be described here in much detail. The IP layer requires a 4 (IPv4) or 6 (IPv6) byte address to be assigned to each network interface card on each computer. This can be done automatically using network software such as dynamic host configuration protocol (DHCP) or by manually entering static addresses into the computer.

Ports

The TCP layer requires what is called a port number to be assigned to each message. This way it can determine the type of service being provided. Please be aware here, that when we are talking about "ports" we are not talking about ports that are used for serial and parallel devices, or ports used for computer hardware control. These ports are merely reference numbers used to define a service. For instance, port 23 is used for telnet services, and HTTP uses port 80 for providing web browsing service. There is a group called the IANA (Internet Assigned Numbers Authority) that controls the assigning of ports for specific services. There are some ports that are assigned, some reserved and many unassigned which may be utilized by application programs. Port numbers are straight unsigned integer values which range up to a value of 65535.

Addresses

Addresses are used to locate computers. It works almost like a house address. There is a numbering system to help the mailman locate the proper house to deliver customer's mail to. Without an IP numbering system, it would not be possible to determine where network data packets should go.

IPv4, which means internet protocol version 4, is described here. Each IP address is denoted by what is called dotted decimal notation. This means there are four numbers, each separated by a dot. Each number represents a one byte value with a possible mathematical range of 0-255. Briefly, the first one or two bytes, depending on the class of network, generally will indicate the number of the network, the third byte indicates the number of the subnet, and the fourth number indicates the host number. This numbering scheme will vary depending on the network and the numbering method used such as Classless Inter-Domain Routing (CIDR) which is described later. The host number cannot be 0 or 255. None of the numbers can be 255 and the first number cannot be 0. This is because broadcasting is done with all bits set in some bytes. Broadcasting is a form of communication that all hosts on a network can read, and is normally used for performing various network queries. An address of all 0's is not used, because when a machine is booted that does not have a hardware address assigned, it provides 0.0.0.0 as its address until it receives its assignment. This would occur for machines that are remote booted or those that boot using the dynamic host configuration protocol (DHCP). The part of the IP address that defines the network is referred to as the network ID, and the latter part of the IP address that defines the host address is referred to as the host ID. IPv6 is an enhancement to the IPv4 standard due to the shortage of internet addresses. The dotted notation values are increased to 12 bit values rather than byte (8 bit) values. This increases the effective range of each possible decimal value to 4095. Of course the values of 0 and 4095 (all bits set) are generally reserved the same as with the IPv4
standard.