Hexadecimal numbers are always preceded with "0x", so they're easily recognizable.
At this point, the simplest thing to do is use either a calculator or a conversion table. Presented for your convenience is Table 5.1, a slash−to−hex−to−binary−to−decimal conversion for netmasks /24 and longer.
Table 5.1: Netmask conversions |
|
|
||
Prefix Binary mask |
Decimal mask Hex mask |
Available IPs |
||
/24 |
00000000 |
0 |
0x00 |
256 |
/25 |
10000000 |
128 |
0x80 |
128 |
/26 |
11000000 |
192 |
0xc0 |
64 |
/27 |
11100000 |
224 |
0xe0 |
32 |
/28 |
11110000 |
240 |
0xf0 |
16 |
/29 |
11111000 |
248 |
0xf8 |
8 |
/30 |
11111100 |
252 |
0xfc |
4 |
/31 |
11111110 |
254 |
0xfe |
2 |
/32 |
11111111 |
255 |
0xff |
1 |
|
|
|
|
|
Unusable IP Addresses
You now understand that a /26 has 64 IP addresses. Unfortunately, you can't use them all. The first IP address is the network number. It's used for internal bookkeeping. And the last number in any group of IP addresses is the broadcast address. According to the IP specifications, every machine on a network is supposed to respond to a request to this address. This allows you to ping the broadcast address and quickly determine which IP addresses are in use. For example, on a typical /24 network, the broadcast address is x.y.z.255. In the late '90s, this feature was turned into an attack technique. It's now disabled by default on most operating systems. If you need it to work on your BSD systems, set the sysctl net.inet.icmp.bmcastecho to 1.
In any case, the point is that you cannot assign either the first or last IP address in a network to an interface. Go ahead, try it.
If you remember, in the first part of this chapter I mentioned that a /31 is mostly useless. A /31 has two IP addresses. You cannot use the top or the bottom addresses. This doesn't leave much room for servers, or even clients.
Routing
So, now you have the IP addresses for your Ethernet, and every host on the local network can find every other host. You still have to tell those systems how to reach other networks. Generally, every network has a router or other exterior gateway, and this device is called the default router. A network should have one and only one default router. Every system on the network needs to know the IP address of this device.
106
Once you have the default router set, you should be able to ping anything on the Internet by IP address–and by hostname, if your resolver is configured correctly (see the discussion of /etc/resolv.conf in Chapter 11).
UDP and TCP
Now that you have IP running, you probably want to transmit some data over it. The User Datagram Protocol (UDP) is one way programs can do this. UDP is arguably the most bare−bones protocol possible in IP. It has no error handling, no content verification, no defense whatsoever against data loss. Despite this, it can be a good protocol choice, and many vital Internet services use it. An application using UDP most often has its own error−correction requirements that don't jibe with those provided by other protocols.
When a host transmits data via UDP, it doesn't know if the data reached its destination or not. And when a host receives data via UDP, it has no way to verify where that data came from. While UDP packets include a source address, this is easily faked. UDP is called connectionless for this reason.
Another common IP data transport is Transmission Control Protocol (TCP). TCP includes error correction and packet recovery. Every packet sent must be acknowledged by the receiver, or it will be retransmitted. Applications that use TCP can expect reliable data transmission unless one of the lower layers fails.
Unlike UDP, TCP is a connected protocol. For data to be transmitted, the two hosts must set up a channel for data to flow over. This is known as the three−way handshake. The exact specifics aren't important right now, but you should know that there is a certain amount of work that must be done to establish a TCP connection. When the connection is finished, there's some work to be done to tear it down.
You can compare IP, TCP, and UDP to a family sitting at a table passing dishes back and forth. IP is like knowing where everybody's sitting and understanding that to hand the peas to Uncle Jim you pass it by Cousin Colleen. TCP is where one person hands another a dish, and the other must say "Thank you" before the first person will let go. UDP is like tossing a muffin at Aunt Jane–she might catch it, or it might get snatched in midair by the dog.
Network Ports
Have you ever noticed that computers have too many ports? Well, we're going to add TCP and UDP ports to the list. Network ports permit one server to provide many different network services–they are ways to multiplex connections between machines.
When a packet (either TCP or UDP) arrives at a system, it requests to be delivered to a certain port. Different ports provide different services. For example, the Internet mail service is called SMTP. According to /etc/services, SMTP runs on port 25. If a TCP connection request asks for port 25, we can guess that it's for the mail server. Ports allow multiple connections between multiple machines.
The /etc/services file contains a list of those port numbers and the services that they're generally associated with. It's possible to run almost any service on an arbitrary port, but by doing so you'll confuse other Internet hosts that try to connect to your system. The format of the file is very simple: the official service name, the port number, the protocol, any aliases for that service, and finally comments, all separated by tabs. For example, one old service that could befound on UNIX hosts was Quote of the Day, or qotd. If we look in /etc/services, we'll find an entry for it:
107