purpose and properties of IP addressing

1.3 Explain the purpose and properties of IP addressing

IP addresses are the logical addresses that are assigned to each host on a TCP/IP network. A host is generally defined as a NIC or a router interface to which an address is assigned. Basically then, a host is anything with an IP address. By assuring that IP addresses are kept unique within a network, effective communication can be maintained. There are many classes of IP addresses, but some do not fit into a defined class and others that do are reserved for special purposes. In this section, I will discuss the many forms of IP addressing and how they relate to your network.

Classes of addresses

An IPv4 address is a 32-bit binary address represented in what we call dotted decimal format. The following is an example of an IPv4 address:

192.168.1.1

In addition to the IP address, a subnet mask is also used with IPv4, which has the effect of “measuring” the address to determine which part of it is the network portion and which part is the host portion. You can think of the network portion as the street on which you live and the host portion as the specific address of your house or apartment. Simply put, where there are 1s in the binary of the subnet mask, the corresponding bits in the IPv4 address are network bits; and where there are 0s in the binary of the subnet mask, the corresponding bits in the IPv4 address are host bits.

A, B, C, D

The early developers of IPv4 established a class-based system of IP addresses that defined five classes of addresses. The engineers wanted to identify the type of class as quickly as possible in the addressing, so they actually did it in the first three bits of the address. Table 1.2 references how this was done and the effect it has on the number of networks and hosts per network. Note that all Class A addresses begin with 000, all Class B addresses begin with 100, all Class C addresses begin with 110, and all Class D addresses begin with 111. Since Class D addresses are used for multicasting and treated in a different way than A, B, or C, the other columns in the table are nonapplicable.

Table 1.2: IPv4 classful addressing system
Open table as spreadsheet
Class	First octet range	Subnet mask	Number of networks	Number of hosts/network
A	00000001-01111111 1-126 (127 is reserved)	255.0.0.0	126	16,777,214
B	10000000-10111111 128-191	255.255.0.0	16,384	65,534
C	11000000-11011111 192-223	255.255.255.0	2,097,152	254
D	11100000-11101111 224-239	NA	NA	NA

Public vs. Private

Unique IP address assignment on the Internet was originally the responsibility of the Internet Assigned Numbers Authority (IANA), but it has been handed over to other organizations that coordinate with each other to make sure that addresses are unique. The current three major organizations for the entire world are divided geographically as follows:

American Registry for Internet Numbers (ARIN): Serves the North American continent and parts of the Caribbean
Asia Pacific Network Information Centre (APNIC): Serves the Asia Pacific Region
Réseaux IP Européens Network Coordination Centre (RIPE NCC): Serves Europe, the Middle East, and parts of Africa

Addresses that are assigned by these authorities are referred to as registered, or public, addresses. If you are connecting a computer to the Internet, then you must use an address that has been assigned by one of these authorities. Now I know what you are thinking: “I'm connected to the Internet, and I never contacted any of those organizations.” That's probably because you use an address that is provided by your Internet service provider (ISP) that obtained the address from one of these authorities. ISPs have large blocks of IP addresses that they can assign to their clients, thereby giving them a valid and unique IP address to use on the Internet. Some large organizations still go through the process of registering for their own address blocks, but most individuals and smaller organizations simply get whatever addresses they need from their ISP.

Private IP addresses are completely different. To understand a network diagram, you have to be able to see the difference between public and private addresses. Public addresses are said to be routable, whereas private addresses are said to be nonroutable. What does this really mean? Is there something wrong with the bits in the private IP addresses that prevent them from being routed? No, the private addresses are actually nonroutable because they are filtered by the routers that would take you from one network to another on the Internet.

But now you may be asking, “How do they know which addresses to filter?” Well, the original designers of the Internet set aside some groups of IP addresses to be used for private addressing. That way, even if two companies were to choose the same addresses and even if neither of them used a firewall, there still could be no conflict because the addresses would never “see” each other. Table 1.3 lists the addresses that are automatically filtered by routers leading onto the Internet.

Table 1.3: Private IP address ranges
Open table as spreadsheet
Class	Address range	Default subnet mask
A	10.0.0.0-10.255.255.255	255.0.0.0
B	172.16.0.0-172.31.255.255	255.255.0.0
C	192.168.0.0-192.168.255.255	255.255.255.0

As always, the full address is determined by the IP address combined with the subnet mask. The important point to remember here is that these are the addresses that are filtered. In reality, you could use any address that you chose for the private IP addressing schemes of your network. However, if we both decided to use a public address on the inside—for example, 14.1.1.1 for a router—then we could possibly see each other and have an address conflict if everything went wrong with the firewalls and other network protection. In other words, we would not be able to rely on the configured filters throughout the Internet. This is why it is recommended to use the private IP addresses that I have listed, and this is why you should know them.

As you can see in Table 1.2, when the first bit of the address was a 0 and the subnet mask was 255.0.0.0, then the address was a Class A address. There aren't very many Class A addresses, but they sure cannot have a lot of hosts! These are generally assigned to ISPs, the military, government, and very large corporations.

When the first bit was a 1, the second bit was a 0, and the subnet mask was 255.255.0.0, then the address was a Class B address. There are many more Class B addresses, but they cannot have the tremendous number of hosts as Class A. These are generally assigned to medium-sized to large corporations and smaller governmental entities.

When the first bit was a 1, the second bit was also a 1, the third bit was a 0, and the subnet mask was 255.255.255.0, then the address was a Class C address. There are a great number of Class C addresses, but each one can contain only 254 hosts. These were originally used for small companies and very small government entities.

Classless (CIDR)

Now that you know about the subnet mask, I can talk about classful addressing vs. classless addressing. The first thing to remember is that the names for these can throw you offtrack if you aren't careful. Logically, it might seem that classful would be better than classless. However, this is not always true, and it isn't true either that classless is always better than classful. It depends on what you are trying to accomplish in your network.

Classful addressing takes its name because the first octet of the address determines the subnet mask that will be used, and therefore the subnet mask does not have to be, and is not, advertised by the routers in the routing protocols. In other words, referring to the information in Table 1.2, you will notice that an address that has 1 to 126 in the first octet would be considered a Class A address if it had a subnet mask of 255.0.0.0. With classful addressing, that's its only choice. In other words, with classful addressing, the subnet mask is always assumed to be the one that corresponds with its first octet address.

This has the effect of limiting some network designs that otherwise could have used, for example, networks 172.16.1.0 and 172.16.2.0 with other networks between them. This cannot be done because the classful routing protocols will assume both of the networks to be 172.16.0.0, because of the assumed mask of 255.255.0.0. This will result in a network scheme that will not function properly.

Now let's say you have a routing protocol that actually takes into account the address and subnet mask you assigned to the interface. Wouldn't that be nice? In that case, you could specify the networks 172.16.1.0 and 172.16.2.0 by assigning the subnet mask of 255.255.255.0 to each, rather than the classful subnet mask of 255.255.0.0. (We will discuss subnetting later in this chapter.) If the protocol could advertise the address along with the subnet mask, then you could use these two networks even if you had other networks between them because they would be seen as two unique networks. This type of addressing is used in today's networks because it allows for more complex networking schemes that can make more efficient use of the available IP addresses. This type of routing is referred to as Classless InterDomain Routing (CIDR), and it's used by most ISPs and large organizations to simplify IP addressing and make more efficient use of the addresses they have.

IPv4 vs. IPv6 (formatting)

The following is an IPv6 address on my laptop:

fe80::218:deff:fe08:6e14

That looks pretty weird, doesn't it?

Now I'll talk about what this really says and how you should interpret it.

Each hexadecimal character in the address is actually read by the network device as a binary number with 4 bits. Table 1.4 illustrates the relationship of each decimal, binary, and hexadecimal number and/or character.

Table 1.4: Decimal binary and hexadecimal conversion
Open table as spreadsheet
Decimal	Binary	Hexadecimal
0	0000	0x0
1	0001	0x1
2	0010	0x2
3	0011	0x3
4	0100	0x4
5	0101	0x5
6	0110	0x6
7	0111	0x7
8	1000	0x8
9	1001	0x9
10	1010	0xA
11	1011	0xB
12	1100	0xC
13	1101	0xD
14	1110	0xE
15	1111	0xF

As you can see from the table, if you were first to convert each of the characters you see in my example address into its binary equivalent, the result would be as follows:

1111 1110 1000 0000 :: 0010 0001 1000 : 1101 1110 1111 1111 : 1111 1110 0000
1000 : 0110 1110 0001 0100

Not so fast, though! Equally important as what you see is what you do not see but you still know must be there. For example, you know that there are a total of 128 bits in this address. Also, you know that each section between a set of colons should actually have 16 bits on its own, so what are you missing?

Well, to begin with, any “leading zeros” can be interpreted by the device easily and can therefore be left out, as you can see in the second section of the previous address. In addition, successive fields of zeros can be represented as ::, but this can be done only once in an address, because otherwise the device wouldn't know how many successive zeros were represented by each ::. If you do a quick count, you will find that you are missing 52 zeros! In other words, although you can represent the IPv6 address in this case as the following hexadecimal number:

fe80::218:deff:fe08:6e14

the device will actually use a 128-bit number that looks like the following:

1111 1110 1000 0000 : 0000 0000 0000 0000 : 0000 0000 0000 0000 : 0000 0000
0000 0000 : 0000 0010 0001 1000 : 1101 1110 1111 1111 : 1111 1110 0000 1000 :
0110 1110 0001 0100

As you can see, this is a huge addressing system:

2¹²⁸ = 3.4028367 × 10³⁸

that should allow for an almost limitless supply of addresses. Of course, the last time someone said that, we soon began to run out of addresses!

Well, now that you have seen the wildness of an IPv6 address, you should be glad to talk about the mundane IPv4 addresses. An IPv4 address is a 32-bit binary address represented in what we call dotted decimal format. The following is an example of an IPv4 address:

192.168.1.1

As I said before, in addition to the IP address, a subnet mask is also used with IPv4, which has the effect of “measuring” the address to determine which parts of it are the network portion and which parts are the host portion.

Now you may be thinking that IPv4 isn't in the binary form—IPv4 is in the dotted decimal format. Well, the network devices “see” the IPv4 addresses as binary numbers. In fact, 192.168.1.1 ends up looking like the following:

11000000 10101000 00000001 00000001

“How does that happen?” you may ask. Well, I'm glad you asked. The dotted decimal form uses the first 8 bits of binary over and over four times. The bits of the address are then valued based on the following template of values:

128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1

The address would then line up with the template as follows:

1 1 1 1 1 1 1

Everywhere there is not a 1 is a 0.

Later, I will discuss how the subnet mask combines with the IP address to determine which bits will be network bits and which will be host bits. I will also discuss how you can use a custom subnet mask to subnet a network further for more efficient and effective use of IP addresses.

MAC address format

The following is a MAC address on my computer:

00-18-DE-08-6E-14

If you examine this address closely against Table 1.4, you will note that its binary equivalent is the following:

0000 0000 - 0001 1000 - 1101 1110 - 0000 1000 - 0110 1110 - 0001 0100

In other words, the MAC address is actually a 48-bit binary address that is represented as hexadecimal. Figure 1.5 illustrates the structure of a MAC address. The first two bits on the left (high order) represent whether the address is broadcast and whether it is local or remote. The next 22 bits are assigned to vendors that manufacture network devices, such as routers and NICs. This is the organizational unique identifier (OUI). The next 24 bits should be uniquely assigned in regard to the OUI. In other words, if I am HP and I have already used a specific hexadecimal number with one of my OUIs, then I should not use it again. In this way, each NIC has an address that is as unique as a person's fingerprint.

Figure 1.5: The structure of a MAC address

The main point to remember about MAC addresses is that they should be unique within the network in which they are to be used. This means that if one is assigned to a NIC, it should be unique within the whole world, but if a MAC addresses is functioning only on an interface within your LAN, then you should just ensure that it's unique within your LAN. Sometimes administrators may change the MAC address on a router interface, for example, to facilitate a behavior of another protocol. These types of changes are beyond the scope of this book.

Subnetting

Subnetting is a method used to create additional broadcast domains. You may wonder why you want additional broadcast domains when broadcasts are typically considered bad; that is, they are something to be avoided whenever possible. Look at it this way: if you have a fixed number of hosts in a network, you can reduce the number of hosts per broadcast domain and therefore reduce the effect of broadcasts on the hosts by increasing the number of broadcast domains. This is because there will be fewer hosts in each of the broadcast domains. In other words, subnetting creates smaller logical networks and thereby reduces the traffic within each logical network.

In addition to reducing the effect of broadcasts, subnetting also allows you to apply security policies in an easy and efficient manner. Each subnet can represent a location, role, job, and so on. By applying access control lists and other types of network filtering rules, you can control who gets access to what on a network. This job would be made much more difficult if you could not use subnets.

Now that you know the “why” of subnetting, I'll cover the “how” of subnetting. In plain terms, when you subnet IPv4, you are just reapplying the same sets of rules that were used to create the classful system of IP addressing in the first place. Please refer to Table 1.4 to refresh your memory about these rules.

Are you ready for this now? Actually, we don't strictly follow this classful system anymore, but that doesn't mean you don't need to know it! What we do follow is based on the classful system, but we have customized it to fit our needs using logical addressing methods and new technologies such as NAT, PAT, and proxies, which I will discuss later.

In today's networks, you need to make the most efficient use possible of the IP addressing space that you have been given by ARIN or that you have created for yourself with private IP addressing. To do this, you use custom subnet masks that define the appropriate number of networks and the appropriate number of hosts per network for your particular situation.

You generally start with a classful address that has the capacity to be subnetted further to meet the needs of your network. For example, let's say I have one network defined as 192.168.1.0 with a subnet mask of 255.255.255.0. As I discussed, this subnet mask identifies the network bits and host bits in the network. If you were to convert the dotted decimal subnet mask to binary, you would find twenty-four 1s in a row followed by eight 0s in a row. This means the network portion of the address is the first 24 bits, or 192.168.1. The 0 identifies the beginning of new network, and the addresses after it would be 1 to 254. The last address would be 255; this is not a host address but rather a broadcast address. “What's the difference?” you may ask. Well, if another host wanted to address a packet in such a way that it would be received by all 254 hosts (in this case), then the host would use 192.168.1.255, which is the broadcast address. The broadcast address should be set aside for broadcasts and never be used as a host address.

Now that you have established what you already have, let's say what you have is not what you want. Let's say you want to have 8 subnets with as many hosts as possible in them instead of just one network with 254 hosts. What would you do then? You guessed it—you would subnet the classful network to create the custom networks you need. How would you do this?

You would begin by understanding that you have 8 host bits with which to work. The network bits assigned to you will not be changed, and you will always be moving from the left to the right on your template. The question now is “How many of those 8 host bits do you need to change into subnet bits to create the eight subnets that you need?” (Some people refer to this part as borrowing, which is a term I never really liked because I'm not really planning on “giving them back”!) The answer to this question lies in the formula 2^s ≤ # of subnets. In this formula, s is the number of host bits that will be turned into subnet bits, and # of subnets is the number of subnets you need to create.

In this case, 2^s ≤ 8. Solving for s, you find that it must be at least 3. You want the lowest s that works because you also want to maximize the number of host bits that you still have remaining, so s = 3. Now the next question is “Which three?” Well, you are always going to move from the left to the right, so you will start at the left of the remaining 8 bits and take the first 3 bits from the left toward the right. This means that the subnet bits will be the 128, 64, and 32 bits. To make these host bits into subnet bits, you will simply change the corresponding bits in the subnet mask from 0 to 1. When you make this change, the subnet mask will then change to 255.255.255.224 since “128 + 64 + 32 = 224.”

The next question on your mind might be “Then what are my 8 subnets?” You can answer this question by determining the increment of the subnets and therefore their numbers and ranges of hosts. The increment is always 256—the last number in the subnet mask that is not a 0. In this case, it's 256 - 224, which equals 32. The first network is always the same as what you started with, but with a new subnet mask. You can express the new subnet mask as 255.255.255.224, or you can express it by using a forward slash at the end of the IP address followed by a number indicating the number of 1s in the subnet mask. In this case, you could express your subnet mask as a /27. This is referred to as CIDR notation.

Since all the other networks are determined by the increment, your networks will be as follows:

192.168.1.0/27
192.168.1.32/27
192.168.1.64/27
192.168.1.96/27
192.168.1.128/27
192.168.1.160/27
192.168.1.192/27
192.168.1.224/27

The host ranges and broadcast addresses can then be determined without any further use of the binary. For example, the 0 network will have 30 hosts in it ranging from 1 to 30, and it will have a broadcast address of 31. The 32 network hosts will range from 33 to 62 with a broadcast address of 63, and so on, through the networks.

You can also check your math by understanding that the number of hosts will always be 2^h - 2, where h is the number of remaining host bits after the subnet bits are determined. In this example, there are five remaining host bits, so the formula will be 2⁵ - 2 = 30. Since this matches the number of hosts as determined by the increment, you know you are on the right track!

Now let's try one that is a little more complicated. Don't worry, I'll walk you right through it, and then you will be able to do it yourself. Let's say you have an IP network of 172.16.0.0 with a subnet mask of 255.255.0.0 and you want to have 60 subnets with as many hosts per subnet as possible. What would the new subnet mask be? How many hosts would you have? What would your networks look like?

You start solving this problem in the same way as the last by noticing where you are beginning in the address, based on the subnet mask. In other words, my first question is always “Where am I?” Since you have a subnet mask here of 255.255.0.0, you are halfway through the address. In other words, you have sixteen 1s followed by sixteen 0s in the subnet mask. The fact that you have sixteen 0s means you have 16 host bits, some of which will be used for subnet bits. The next question is “How many host bits do you need to convert to subnet bits to create the 60 subnets that you need?”

You can answer this question with the same formula as before, 2^s ≥ # of subnets. In this case, 2^s ≥ 60. Solving for s, you determine that s = 6, since 2⁶ = 64 and that's the first number that is higher than 60. Now the question is “Which six?” Remember that you are always moving from left to right, so the six bits that you will use will be the first six in the third octet starting from the left. This means you will change the corresponding bits in the subnet mask from 0s to 1s. This in turn means that the subnet mask number will change to 255.255.252.0, since 128 + 64 + 32 + 16 + 8 + 4 = 252. In other words, when you change the subnet bits to 1s, the values count and change the subnet mask accordingly.

The next question is “How many hosts could you have per network?” A close look at the template should show you that you have 2 host bits left in the third octet and 8 host bits left in the fourth octet. That's a total of 10 host bits. This means you can have 2¹⁰ - 2 hosts per subnet, or 1,022.

Now you might be wondering how you are going to do that and what the addresses are going to look like when you get done. Just as before, the first network is always the same network you started with, but it has the new subnet mask, and the rest of the networks are determined by the increment. In this case, your first network is 172.16.0.0 with a subnet mask of 255.255.252.0. The increment is always 256—the last number in the subnet mask that is not a 0. In this case, the increment is “256 - 252 = 4.” This means that the first three networks will be as follows:

172.16.0.0/22
172.16.4.0/22
172.16.8.0/22

Notice that I left some blank space between the network addresses. I like to call that space “thinking room,” because you are going to do a lot of thinking in there. It's rather straightforward to see that the first host in the 172.16.0.0 network will be 172.16.0.1, but where do you go from there to get 1,022 hosts? Imagine an old odometer that actually spins out the 10ths of miles. Do you have that in your mind? Now when it gets to nine 10ths, think about what happens. The 10ths will then go back to 0, the number on the left will increment by 1, and then it all starts over again. Right? That's the same thing that happens with the IP addresses, except that it's not 0 to 9 but rather 0 to 255. In this case, when the addresses get to 172.16.0.255, the next number is then 172.16.1.0. Now, here's the kicker: both of those addresses are valid hosts! In fact, there will be a lot of weird-looking numbers that will be valid hosts as well. So, what is the last host in the 172.16.0.0/22 network? The last host is 172.16.3.254, and the broadcast is 172.16.3.255. After that, the 172.16.4.0/22 network starts, which has a broadcast address of 172.16.7.255. Use the “thinking room,” and you will see it.

It's extremely important with today's networks that you understand IP addressing and subnetting. The quicker you can determine the subnet on which a host resides, the better you will be at network troubleshooting. I hope this has helped you see IP addresses for what they are without having to convert them to binary numbers. With practice, you will be able to “see” the answers instead of always having to figure them out. I highly recommend you spend some time working on IP address subnetting. One tool that I've found invaluable is the websitehttp://subnetttingquestions.com. It was created in part by Todd Lammle, a fellow Wiley author. This site is free and offers hundreds of questions and answers. Your challenge is to get the same answer as the site has and to do it as quickly as possible.

Multicast vs. unicast vs. broadcast

Three major types of addressing schemes are used on IPv4 networks. These are unicast, multicast, and broadcast. Each type has its own place in the network. In the following sections, I'll discuss each of these types of network addressing schemes:

Unicast Of the three types of addressing schemes used in IPv4, unicast is the most simple and straightforward. A packet (layer 3) or frame (layer 2) is said to have a unicast address if it has one source address and one destination address. If we are discussing packets, then the source and destination addresses are of a layer 3 protocol, likely IP. If we are discussing Ethernet frames, then the source and destination addresses of a layer 2 protocol are MAC addresses. In either case, the devices need to determine only the correct unique destination address to send the packet.

Multicast Multicast addressing can be much more complex than unicast. With multicast addressing there is still only one source address; however, there can be multiple destination addresses. In other words, the frame or packet basically carries a list of destination addresses with it, and each device checks to see whether it is on the list when it sees the data. Multicasting is especially useful for applications that send voice and video through network systems. Multicast addressing uses specialized protocols such as Internet Group Multicast Protocol (IGMP) to create and carry the “list.” The IP addresses carried by IGMP can be mapped to MAC addresses for layer 2 multicasting.

Broadcast Broadcast addressing is similar to just standing in a room yelling out a person's name or an announcement. Anyone in the room who hears you with the name you yelled would be likely to respond, but everyone in the room would be disturbed in the process. On the other hand, if the announcement were actually intended for everyone in the room, then you would have accomplished your goal.

Broadcasting is accomplished by using an address that directs the data to all the members of a network or subnet. Every IPv4 network or subnet has a broadcast address, which is the last numerical address before the next network. In the binary form of a broadcast address, you will notice that all the host bits are 1s. For example, the broadcast address of the network 192.168.1.0/27 is 192.168.1.31. As you can see, the host address portion is 31 in dotted decimal, which is 11111 in binary.

Some services in an IPv4 network work by broadcasts, such as DHCP and even ARP. That said, broadcasts are typically thought of as bad and to be avoided whenever possible. IPv6 uses a different form of addressing referred to as anycast to avoid using broadcasts and provide other specialized services. This is beyond the scope of this chapter and not listed as an objective on the current exam.

APIPA

All client computers since Windows 98 are configured by default to obtain their IP address from a DHCP server. What if a DHCP server is not available? In that case, they are also configured by default to use an address in the range of 169.254.0.1 to 169.254.255.254. These addresses are called Automatic Private Internet Protocol Addressing (APIPA) addresses. The advantage of using APIPA is that the clients in the same network segment that could not obtain a true IP address from a DHCP server can still communicate with each other. The disadvantage is that the clients can communicate with each other but not with the true network. This can lead to some wild troubleshooting for the unseasoned administrator. The bottom line is that when you see an address that begins with 169.254, you can rest assured that it was not obtained from any DHCP server!

Search This Blog

harrison valetski