Network Plus 2005 In Depth

The Internet has become not only a means of communication, but also a means of global commerce, development, and distribution. Industries such as banking, manufacturing, and healthcare depend on the Internet for daily transactions, recordkeeping, and sales. Individuals,

too, increasingly rely on the Internet for purchasing and data-gathering operations.

In previous chapters, you learned that the Internet depends on the TCP/IP suite of protocols, as do a number of network operating systems. Because of the increasing popularity of the Internet, having TCP/IP expertise can pave the way to a lucrative, challenging, and rewarding career. In Chapter 4, you learned about core protocols and subprotocols in the TCP/IP protocol suite, addressing schemes, and host and domain naming. You also learned that TCP/IP is a complex and highly customizable protocol suite. This chapter builds on these basic concepts, examining how TCP/IP-based networks are designed and analyzed. It also describes the services and applications that TCP/IP-based networks commonly support. If you are unclear about the concepts related to IP addressing or binary-to-decimal conversion, take time to review Chapter 4 before reading this chapter.

Designing TCP/IP-Based Networks

By now, you understand that most modern networks rely on the TCP/IP protocol suite, not only for Internet connectivity, but also for transmitting data over private connections. Before proceeding with TCP/IP network design considerations, it’s useful to briefly review some TCP/IP fundamentals. For example, you have learned that IP is a routable protocol, and that on a network using TCP/IP each interface is associated with a unique IP address. Some nodes may use multiple IP addresses. For example, on a router that contains two NICs, each NIC can be assigned a separate IP address. Or, on a Web server that hosts multiple Web sites—such as one operated by an ISP—each Web service associated with a site can have a different IP address.

IP addresses consist of four 8-bit octets (or bytes) that can be expressed in either binary (for example, 10000011 01000001 00001010 00100100) or dotted decimal (for example, 131.65.10.36) notation. Many networks assign IP addresses and host names dynamically, using DHCP, rather than statically. You also know that every IP address can be associated with a network class—A, B, C, D, or E (though Class D and E addresses are reserved for special purposes). A node’s network class provides information about the segment or network to which the node belongs. The following section explains how network and host information in an IP address can be manipulated to subdivide networks into smaller segments.

DESIGNING TCP/IP-BASED NETWORKS Chapter 11 483

NET+ Subnetting

2.7Subnetting separates a network into multiple logically defined segments, or subnets. Networks are commonly subnetted according to geographic locations (for example, the floors of a building connected by a LAN, or the buildings connected by a WAN), departmental boundaries, or technology types (for example, Ethernet or Token Ring). Where subnetting is implemented, each subnet’s traffic is separated from every other subnet’s traffic. A network administrator might separate traffic to:

Enhance security—Subnetworks must be connected via routers or other Layer 3 devices. As you know, these devices do not retransmit incoming frames to all other nodes on the same segment (as a hub does). Instead, they forward frames only as necessary to reach their destination. Because every frame is not indiscriminately retransmitted, the possibility for one node to tap into another node’s transmissions is reduced.

Improve performance—For the same reason that subnetting enhances security, it also improves performance on a network. When data is selectively retransmitted, unnecessary transmissions are kept to a minimum. In the case of Ethernet networks, subnetting is useful for limiting the amount of broadcast traffic—and therefore the amount of potential collisions—by decreasing the size of each broadcast domain. The more efficient use of bandwidth results in better overall network performance.

Simplify troubleshooting—For example, a network administrator might subdivide an organization’s network according to geography, assigning a separate subnet to the nodes in the downtown office, west-side office, and east-side office of her company. Suppose one day the network has trouble transmitting data only to a certain group of IP addresses—those located on the west-side office subnet. When troubleshooting, rather than examining the whole network for errors or bottlenecks, the network administrator needs only to see that the faulty transmissions are all associated with addresses on the west-side subnet to know that she should zero in on that subnet.

To understand how subnetting is implemented, it’s necessary to first review IP addressing conventions on a network that does not use subnetting.

NET+ Classful Addressing

2.6In Chapter 4, you learned about the first and simplest type of IP addressing, which is known as classful addressing because it adheres to network class distinctions. In classful addressing, only Class A, Class B, and Class C addresses are recognized. Recall that all IP addresses consist of network and host information. In classful addressing, the network information portion of an IP address (the network ID) is limited to the first 8 bits in a Class A address, the first 16 bits in a Class B address, and the first 24 bits in a Class C address. Host information is contained in the last 24 bits for a Class A address, the last 16 bits in a Class B address, and the last 8 bits in a Class C address. Refer to

2.6Figure 11-1 offers some example IP addresses separated into network and host information according to the classful addressing convention.

FIGURE 11-1 Example IP addresses with classful addressing

Adhering to a fixed network ID size ultimately limits the number of hosts a network can include. For example, leasing an entire Class C network of addresses gives you only 254 usable IP addresses. In addition, using classful addressing makes it difficult to separate traffic from various parts of a network. As you have learned, separating traffic offers many practical benefits. For example, if an organization used an entire Class B network of addresses, it could have up to 65,534 hosts all on one network segment. Imagine the challenges involved in managing such a highly populated network, not to mention the poor performance that would result. In 1985, because of the difficulty of managing a whole network class of addresses and the dwindling supply of usable IP addresses, computer scientists introduced subnetting.

NOTE

Depending on the source, you may find the term network ID used interchangeably with the terms network number or network prefix.

NET+ Subnet Masks

2.7Subnetting depends on the use of subnet masks to identify how a network is subdivided. A subnet mask indicates where network information is located in an IP address. The “1” bits in a subnet mask indicate that corresponding bits in an IP address contain network information. The “0” bits in a subnet mask indicate that corresponding bits in an IP address contain host information.

Each network class is associated with a default subnet mask, as shown in Table 11-1. For example, by default, a Class A address’s first octet (or 8 bits) represents network information and is

DESIGNING TCP/IP-BASED NETWORKS Chapter 11 485

2.7decimal notation. An octet composed of all 0s in binary notation equals 0 in decimal notation.) That means that if you work on a network whose hosts are configured with a subnet mask of 255.0.0.0, you know that the network is using Class A addresses and, furthermore, that it is not using subnetting, because 255.0.0.0 is the default subnet mask for a Class A network.

Table 11-1 Default subnet masks

To calculate a host’s network ID given its IP address and subnet mask, you follow a logical process of combining bits known as ANDing. In ANDing, a bit with a value of 1 plus another bit with a value of 1 results in a 1. A bit with a value of 0 plus any other bit results in a 0. If you think of 1 as “true” and 0 as “false,” the logic of ANDing makes sense. Adding a true statement to a true statement still results in a true statement. But adding a true statement to a false statement results in a false statement. ANDing logic is demonstrated in Table 11-2, which provides every possible combination of having a 1 or 0 bit in an IP address or subnet mask.

Table 11-2 ANDing

An example host IP address, its default subnet mask, and network ID are shown in Figure 11- 2 in both binary and dotted decimal notation. Notice that the IP address’s fourth octet could have been composed of any combination of 1s and 0s, and the network ID’s fourth octet would still be all 0s.

FIGURE 11-2 Example of calculating a host’s network ID

2.7and subnet mask. This section explained how to apply ANDing logic to an IP address plus a default subnet mask, but it works just the same way for networks that are subnetted and have different subnet masks, as you will soon learn. Before learning how to create subnets, however, it is necessary to understand the types of addresses that cannot be used as subnet masks or host addresses.

Reserved Addresses

Certain types of IP addresses cannot be assigned to a network interface on a node or used as subnet masks. Instead, these IP addresses are reserved for special functions. One type of reserved address should be familiar to you already—that is, the network ID. In a network ID, as you know, bits available for host information are set to 0. Therefore, a workstation on the example network used in Figure 11-2 could not be assigned the IP address 199.34.89.0, because that address is the network ID. When using classful addressing, a network ID always ends with an octet of 0 (and may have additional, preceding octets equal to 0). However, when subnetting is applied and a default subnet mask is no longer used, a network ID may have other decimal values in its last octet(s).

Another reserved IP address is the broadcast address for a network or segment. In a broadcast address, the octet(s) that represent host information are set to equal all 1s, or in decimal notation, 255. In the example in Figure 11-2, the broadcast address would be 199.34.89.255. If a workstation on that network sent a message to the address 199.34.89.255, it would be issued to every node on the segment.

Because the octets equal to 0 and 255 are reserved, only the numbers 1 through 254 can be used for host information in an IP address. Thus, on a network that followed the example in Figure 11-2, the usable host addresses would range from 199.34.89.1 to 199.34.89.254. If you subnetted this network, the range of usable host addresses would be different. The next section describes how subnets are created and how you can determine the range of usable host addresses on a subnet.

Subnetting Techniques

Subnetting breaks the rules of classful addressing. To create subnets, some of an IP address’s bits that in classful addressing would represent host information are changed to represent network information instead. By making bits that previously were used for host information represent network information, you reduce the number of bits available for identifying hosts. Consequently, you reduce the number of usable host addresses per subnet. The number of hosts and subnets available after subnetting is related to how many host information bits you use (or borrow, as network professionals like to say) for network information. Table 11-3 illustrates the numbers of subnets and hosts that can be created by subnetting a Class B network. Notice the range of subnet masks that can be used instead of the default Class B subnet mask of 255.255.0.0. Also compare the listed numbers of hosts per subnet to the 65,534 hosts available on a Class B network that does not use subnetting.

2.7Now that you have seen the results of subnetting, you are ready to try subnetting a network. Suppose you have leased the Class C network whose network ID is 199.34.89.0 and you want to divide it into six subnets to correspond to the six different departments in your company. The formula for determining how to modify a default subnet mask is:

2n-2=Y

where n = the number of bits in the subnet mask that must be switched from 0 to 1

and Y = the number of subnets that result

Notice that this formula subtracts 2 from the total number of possible subnets—that is, from the calculation of 2 to the power of the number of the bits that equal 1. That’s because in traditional subnetting, bit combinations of all 0s or all 1s are not allowed for identifying subnets; just as host addresses ending in all 0s or all 1s are not allowed because of addresses reserved for the network ID and broadcast transmissions. (However, in the next section of this chapter you learn why this equation doesn’t apply to all modern networks.)

Because you want six separate subnets, the equation becomes 6=2n-2. Because 6+2 equals 8 and 8=23, you know that the value of n equals 3. Thus, you need to change three additional subnet mask bits from 0 to 1. That means that rather than using the default subnet mask, in which the first 24 bits indicate the position of network information, you would use a subnet mask of 11111111 111111111 11111111 11100000, in which the first 27 bits indicate the position of network information. Converting from binary to the more familiar dotted decimal notation, this subnet mask becomes 255.255.255.224. When you configure the TCP/IP properties of clients on your network, you would specify this subnet mask.

Now that you have calculated the subnet mask, you still need to assign IP addresses to nodes based on your new subnetting scheme. Recall that you have borrowed three bits from what used to be host information in the IP address. That leaves five bits available in the last octet of your Class C addresses to identify hosts. Adding the values of the last five bits, 16 + 8 + 4 + 2 + 1, equals 31, for a total of 32 potential addresses (0 through 31). However, as you have learned, one address is reserved for the network ID and cannot be used. Another address is reserved for the broadcast ID and cannot be used. Thus, using five bits for host information allows a maximum of 30 different host addresses for each of the six subnets. So, in this example, you can have a maximum of 6 x 30, or 180, unique host addresses on the network.

Table 11-5 lists the network ID, broadcast address, and usable host addresses for each of the six subnets in this example Class C network. Together, the additional bits used for subnet information plus the existing network ID are known as the extended network prefix. The extended network prefix for each subnet is based on which of the additional (borrowed) network information bits are set to equal 1. For example, in subnet number 1, only the third bit of the three is set to 1, making the last octet of the extended network prefix 00100000, or in decimal notation, 32. In subnet number 2, only the second bit is set to 1, making the last octet of the extended network prefix 01000000, or 64. In Table 11-5, the three bits borrowed from the host information portion of the Class C address (to indicate network information) are underlined.

DESIGNING TCP/IP-BASED NETWORKS Chapter 11 489

2.7a different number of bits for network information, each class has a different number of host information bits that can be used for subnet information. The number of hosts and subnets on your network will vary depending on your network class and the way you use subnetting. Enumerating the dozens of subnet possibilities based on different arrangements and network classes is beyond the scope of this book. However, several Web sites provide excellent tools that help you calculate subnet information. One such site is www.subnetmask.info.

If you use subnetting on your LAN, only your LAN’s devices need to interpret your devices’ subnetting information. Routers external to your LAN, such as those on the Internet, pay attention to only the network portion of your devices’ IP addresses when transmitting data to them. As a result, devices external to a subnetted LAN (such as routers on the Internet) can direct data to those LAN devices without interpreting the LAN’s subnetting information.

Table 11-5 Subnet information for six subnets in an example Class C network

2.7addresses that begin with 199.34.89. The network administrator has subnetted this Class C network into six smaller networks with the network IDs listed in Table 11-5. As you know, routers connect different network segments via their physical interfaces. In the case of subnetting, a router must interpret IP addresses from different subnets and direct data from one subnet to another. Each subnet corresponds to a different port on the router.

FIGURE 11-3 A router connecting several subnets

DESIGNING TCP/IP-BASED NETWORKS Chapter 11 491

2.7199.34.89.73 to a machine with the IP address of 199.34.89.114, its interpretation of the workstations’ subnet masks (255.255.255.224) plus the host information in the IP addresses tells the router that they are on different subnets. The router forwards data between the two subnets (or ports). In this figure, the devices connecting subnets to the router are labeled switches, but they could also be routers, bridges, or hubs. Alternatively, nodes having different extended network prefixes could be directly connected to the router so that each subnet is associated with only one device, though this is an unlikely configuration.

When a server on the Internet attempts to deliver a Web page to the machine with IP address 199.34.89.73, however, the Internet router does not use the subnet mask information. It only knows that the machine is on a Class C network beginning with a network ID of 199.34.89. That’s all the information it needs to reach the organization’s router. After the data enters the organization’s LAN, the LAN’s router then interprets the subnet mask information as if it were transmitting data internally to deliver data to the machine with IP address 199.34.89.73. Because subnetting does not affect how a device is addressed by external networks, a network administrator does not need to inform Internet authorities about new segments created via subnetting.

You have learned how to subdivide a network into multiple smaller segments through subnetting. Next, you’ll learn about more contemporary variations on this method.

CIDR (Classless Inter-Domain Routing)

By 1993, the Internet was growing exponentially, and the demand for IP addresses was growing with it. The IETF (Internet Engineering Task Force) recognized that additional measures were necessary to increase the availability and flexibility of IP addresses. In response to this need, the IETF devised CIDR (Classless Inter-Domain Routing, pronounced cider), which is sometimes called classless routing or supernetting. CIDR is not exclusive of subnetting; it merely provides additional ways of arranging network and host information in an IP address. In CIDR, conventional network class distinctions do not exist.

For example, the previous section described subdividing a Class C network into six subnets of 30 addressable hosts each. To achieve this, the subnet boundary (or length of the extended network prefix) was moved to the right—from the default 24th bit to the 27th bit—into what used to be the host information octet. In CIDR, a subnet boundary can move to the left. Moving the subnet boundary to the left allows you to use more bits for host information and, therefore, generate more usable IP addresses on your network. A subnet created by moving the subnet boundary to the left is known as a supernet. Figure 11-4 contrasts examples of a Class C supernet mask with a subnet mask.

Notice that in Figure 11-4, 27 bits are used for network information in the subnet mask, whereas only 22 bits are used for network information in the supernet mask.

Suppose that you have leased the Class C range of addresses that shares the network ID 199.34.89.0 and, because of growth in your company, you need to greatly increase the number of host addresses this network allows by default. By changing the default subnet mask of 255.255.255.0 (11111111 11111111 11111111 00000000) to 255.255.252.0 (11111111