2.7. IPv4 NETWORKS |
55 |
byte ordering. For example, Solaris (SPARC hardware) uses network byte ordering (big endian), while Windows or Unix-like operating systems on Intel hardware use the opposite (little endian). Intel systems have to convert their data format every time ordered data are transmitted over the network.
2.7 IPv4 networks
TCP/IP networking is so important to networked hosts that we shall return to it several times during the course of this book. Its significance is cultural, historical and practical, but the first item in our agenda is to understand its logistic structure.
2.7.1IP addresses
Every network interface on the Internet needs to have a unique number which is called its address. IP addresses are organized hierarchically so that they can be searched for by router networks. Without such a structure, it would be impossible to find a host unless it were part of the same cable segment. At present the Internet protocol is at version 4 and this address consists of four bytes, or 32 bits. In the future this will be extended, in a new version of the Internet protocol IPv6, to allow more IP addresses since we are rapidly using up the available addresses. The addresses will also be structured differently. The form of an IP address in IPv4 is
aaa.bbb.ccc.mmm
Some IP addresses represent networks, whereas others represent individual interfaces on hosts and routers. Normally an IP address represents a host attached to a network.
In every IPv4 address there are 32 bits. One uses these bits in different ways: one could imagine using all 32 bits for host addresses and keep every host on the same enormous cable, without any routers (this would be physically impossible in practice), or we could use all 32 bits for network addresses and have only one host per network (i.e. a router for every host). Both these extremes are silly; we are trying to save resources by sharing a cable between convenient groups of hosts, but shield other hosts from irrelevant traffic. What we want instead is to group hosts into clusters so as to restrict traffic to localized areas.
Networks were grouped historically into three classes called class A, class B and class C networks, in order to simplify traffic routing (see chapter 10). Class D and E networks are also now defined, but these are not used for regular traffic. This rigid distinction between different types of network addresses has proved to be a costly mistake for the IPv4 protocol. Amongst other things, it means that only about two percent of the actual number of IP addresses can actually be used with this scheme. So-called classless addresses (CIDR) were introduced in the 1990s to patch the problem of the classed addressing, but not all deployed devices and protocol versions were able to understand the new classless addresses, so classed addressing will survive in books and legacy networks for some time.
56 |
CHAPTER 2. SYSTEM COMPONENTS |
The difference between class A, B and C networks lies in which bits of the IP addresses refer to the network itself and which bits refer to actual hosts within a network. Note that the details in these sections are subject to rapid change, so readers should check the latest details on the web.
Class A legacy networks
IP addresses from 1.0.0.0 to 127.255.255.255 are class A networks. Originally only 11.0.0.0 to 126.255.255.255 were used, but this is likely to change as the need for IPv4 address space becomes more desperate. In a class A network, the first byte is a network part and the last three bytes are the host address (see figure 2.8). This allows 126 possible networks (since network 127 is reserved for the loopback service). The number of hosts per class A network is 2563 minus reserved host addresses on the network. Since this is a ludicrously large number, none of the owners of class A networks are able to use all of their host addresses. Class A networks are no longer issued (as class A networks), they are all assigned, and all the free addresses are now having to be reclaimed using CIDR. Class A networks were intended for very large organizations (the U.S. government, Hewlett Packard, IBM) and are only practical with the use of a netmask which divides up the large network into manageable subnets. The default subnet mask is 255.0.0.0.
|
0 |
|
|
|
|
|
8 |
16 |
24 |
32 |
|||||||
CLASS A |
0 |
|
Network |
|
|
|
|
|
|
|
|
|
|
|
|||
|
|
|
|
|
|
Host |
|
|
|
|
|
||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CLASS B |
1 |
0 |
|
|
|
|
Network |
|
|
Host |
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CLASS C |
1 |
1 0 |
|
|
|
|
|
|
Network |
|
|
Host |
|
|
|||
CLASS D |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
1 1 0 |
|
|
|
|
|
Multicast addresses |
|
|
|
|
|
|||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CLASS E |
1 |
1 1 1 |
0 |
|
|
|
|
Experimental |
|
– reserved for |
future |
|
|
|
|||
Figure 2.8: Bit view of the 32 bit IPv4 addresses.
Class B legacy networks
IP addresses from 128.0.0.0 to 191.255.0.0 are class B networks. There are 16,384 such networks. The first two bytes are the network part and the last two bytes are the host part. This gives a maximum of 2562 minus reserved host addresses, or 65,534 hosts per network. Class B networks are typically given to large institutions such as universities and Internet providers, or to institutions such as Sun Microsystems, Microsoft and Novell. All the class B addresses have now been allocated to their parent organizations, but many of these lease out these addresses to third parties. The default subnet mask is 255.255.0.0.
2.7. IPv4 NETWORKS |
57 |
Class C legacy networks
IP addresses from 192.0.0.0 to 223.255.255.0 are class C networks. There are 2,097,152 such networks. Here the first three bytes are network addresses and the last byte is the host part. This gives a maximum of 254 hosts per network. The default subnet mask is 255.255.255.0. Class C networks are the most numerous and there are still a few left to be allocated, though they are disappearing with alarming rapidity.
Class D (multicast) addresses
Multicast networks form what is called the MBONE, or multicast backbone. These include addresses from 224.0.0.0 to 239.255.255.0. These addresses are not normally used for sending data to individual hosts, but rather for routing data to multiple destinations. Multicast is like a restricted broadcast. Hosts can ‘tune in’ to multicast channels by subscribing to MBONE services.
Class E (Experimental) addresses
Addresses 240.0.0.0 to 255.255.255.255 are unused and are considered experimental, though this may change as IPv4 addresses are depleted.
Other addresses
Some IP addresses are reserved for a special purpose. They do not necessarily refer to hosts or networks.
0.0.0.0Default route
0.*.*.* |
Not used |
127.0.0.1 |
Loopback address |
127.*.*.* |
Loopback network |
*.*.*.0 |
Network addresses (or old broadcast) |
*.*.*.255 |
Broadcast addresses |
*.*.*.1 |
Router or gateway (conventionally) |
224.*.*.* |
Multicast addresses |
RFC 1918 defines private addresses that are not routed
10.0.0.0- 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
and as of July 2001
169.254.0.0 - 169.254.255.255 (192.254/16 prefix)
The network
192.0.2.0- 192.0.2.255
58 |
CHAPTER 2. SYSTEM COMPONENTS |
is reserved by RFC 1166 to be the domain example.org for testing and example (as in this book).
Note that older networks used the network address itself for broadcasting. This practice has largely been abandoned however. The default route is a default destination for outgoing packets on a subnet and is usually made equal to the router address.
The loopback address is an address which every host uses to refer to itself internally. It points straight back to the host. It is a kind of internal pseudoaddress which allows programs to use network protocols to address local services without anything being transmitted on an actual network.
The zeroth address of any network is reserved to mean the network itself, and the 255th (or on older networks sometimes the zeroth) is used for the broadcast address. Some Internet addresses are reserved for a special purpose. These include network addresses (usually xxx.yyy.zzz.0), broadcast addresses (usually xxx.yyy.zzz.255, but in older networks it was xxx.yyy.zzz.0) and multicast addresses (usually 224.xxx.yyy.zzz).
2.7.2Subnets and broadcasts
What we refer to as a network might consist of very many separate cable systems, coupled together by routers and switches. One problem with very large networks is that broadcast messages (i.e. messages which are sent to every host) create traffic which can slow a busy network. In most cases broadcast messages only need to be sent to a subset of hosts which have some logical or administrative relationship, but unless something is done a broadcast message will by definition be transmitted to all hosts on the network. What is needed then is a method of assigning groups of IP addresses to specific cables and limiting broadcasts to hosts belonging to the group, i.e. breaking up the larger community into more manageable units. The purpose of subnets is to divide up networks into regions which naturally belong together and to isolate regions which are independent. This reduces the propagation of useless traffic, and it allows us to delegate and distribute responsibility for local concerns.
This logical partitioning can be achieved by dividing hosts up, through routers, into subnets. Each network can be divided into subnets by using a netmask. Each address consists of two parts: a network address and a host address. A system variable called the netmask decides how IP addresses are interpreted locally. The netmask decides the boundary between how many bits of the IP address will be kept for hosts and how many will be kept for the network location name. There is thus a trade-off between the number of allowed domains and the number of hosts which can be coupled to each subnet. Subnets are usually separated by routers, so the question is, how many machines do we want on one side of a router?
The netmask is most easily interpreted as a binary number. When looking at the netmask, we have to ask which bits are ones and which are zeros? The bits which are ones decide which bits can be used to specify the subnets within the domain. The bits which are zeros decide which are hostnames on each subnet. The local network administrator decides how the netmask is to be used.
2.7. IPv4 NETWORKS |
59 |
The host part of an IP address can be divided up into two parts by moving the boundary between network and host part. The netmask is a variable which contains zeros and ones. Every one represents a network bit and every zero represents a host bit. By changing the value of the netmask, we can trade many hosts per network for many subnets with fewer hosts. A subnet mask can be used to separate hosts which also lie on the same physical network, thereby forcing them to communicate through the router.
2.7.3Netmask examples
The most common subnet mask is 255.255.255.0. This forces a separation where three bytes represent a network address and one byte is reserved for hosts. For example, consider the class B network 128.39.0.0. With a netmask of 255.255.255.0 everywhere on this network, we divide it up into 255 separate subnets, each of which has room for 254 hosts (256 minus the network address, minus the broadcast address):
128.39.0.0
128.39.1.0
128.39.2.0
128.39.3.0
128.39.4.0
...
We might find, however, that 254 hosts per subnet is too few. For instance, if a large number of client hosts contact a single server, then there is no reason to route traffic from some clients simply because the subnet was too small. We can therefore double the number of hosts by moving the bit pattern of the netmask one place to the left (see figure 2.9). Then we have a netmask of 255.255.254.0. This has the effect of pairing the addresses in the previous example. If this netmask were now used throughout the class B network, we would have single subnets formed as follows:
128.39.0.0
128.39.1.0
128.39.2.0
128.39.3.0
128.39.4.0
128.39.5.0
...
Each of these subnets now contains 510 hosts (256 × 2 − 2), with two addresses reserved: one for the network and one for broadcasts. Similarly, if we moved the netmask again one place to the left, we would multiply by two again, and group the addresses in fours: i.e. netmask 255.255.252.0:
128.39.0.0
128.39.1.0
60 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CHAPTER 2. SYSTEM COMPONENTS |
||||||||||||||
|
|
|
|
|
|
|
|
|
|
|
Class B address |
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
Net |
|
|
|
|
|
Net |
|
|
|
|
|
|
Host |
|
|
|
|
|
Host |
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||||||
|
|
|
|
|
|
|
|
|
Subnet mask 255.255.254.0 |
|
|
|
|
|
|
|
|
|
|
|
||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
0 |
0 0 |
0 |
0 |
0 |
0 |
0 |
0 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
Interpretation |
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||
|
|
Net id |
|
|
|
|
|
Net id |
|
|
|
|
|
Subnet |
|
|
|
|
Host |
|
|
|
|
|
||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||
|
|
|
|
|
|
|
|
|
|
Broadcast address (ones) |
|
|
|
|
|
|
|
|
|
|
|
|||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
? |
|
|
|
|
|
|
? |
|
|
|
|
|
|
? |
|
|
|
1 1 1 1 1 1 1 |
1 |
1 |
|
|||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Figure 2.9: Example of how the subnet mask can be used to double up the number of hosts per subnet by pairing host parts. The boundary between host and subnet parts of the address is moved one bit to the left, doubling the number of hosts on the subnets which have this mask.
128.39.2.0
128.39.3.0
128.39.4.0
128.39.5.0
128.39.6.0
128.39.7.0
...
It is not usually necessary for every host on an entire class B network to share the same subnet mask, though certain types of hardware could place restrictions upon the allowed freedom (e.g. multi-homed hosts). It is only necessary that all hosts within a self-contained group share the same mask. For instance, the first four groups could have netmask 255.255.252.0, the two following could have mask 255.255.254.0, the next two could have separately 255.255.255.0 and 255.255.255.0 and then the next four could have 255.255.252.0 again. This would make a pattern like this:
128.39.0.0 (255.255.252.0) 128.39.1.0 128.39.2.0 128.39.3.0
128.39.4.0 (255.255.254.0) 128.39.5.0
128.39.6.0(255.255.255.0)
128.39.7.0(255.255.255.0)
2.7. IPv4 NETWORKS |
61 |
128.39.8.0 (255.255.252.0) 128.39.9.0 128.39.10.0 128.39.11.0
...
2.7.4Interface settings
The IP address of a host is set in the network interface. The Unix command ifconfig (interface-configuration) or the Windows command ipconfig are used to set this. Normally the address is set at boot time by a shell script executed as part of the rc startup files. These files are often constructed automatically during the system installation procedure. The ifconfig command is also used to set the broadcast address and netmask for the subnet. Each system interface has a name. Here are the network interface names commonly used by different Unix types.
Sun |
le0 / hme0 |
DEC ultrix |
ln0 |
DEC OSF/1 |
ln0 |
HPUX |
lan0 |
AIX |
en0 |
GNU/Linux |
eth0 |
IRIX |
ec0 |
FreeBSD |
ep0 |
Solarisx86 |
dnet0 |
Look at the manual entry for the system for the ifconfig command, which sets the Internet address, netmask and broadcast address. Here is an example on a SUN system with a Lance-Ethernet interface.
ifconfig le0 192.0.2.10 up netmask 255.255.255.0 broadcast 192.0.2.255
Normally we do not need to use this command directly, since it should be in the startup-files for the system, from the time the system was installed. However we might be working in single-user mode or trying to solve some special problem. A system might have been incorrectly configured.
2.7.5Default route
Unless a host operates as a router in some capacity, it only requires a minimal routing configuration. Each host must define a default route which is a destination to which outgoing packets will be sent for processing when they do not belong to the subnet. This is the address of the router or gateway on the same network segment. It is set by a command like this:
route add default my-gateway-address 1
62 |
CHAPTER 2. SYSTEM COMPONENTS |
The syntax varies slightly between systems. On GNU/Linux systems one writes:
/sbin/route add default gw my-gateway-address metric 1
The default route can be checked using the netstat -r command. The result should just be a few lines like this:
Kernel IP routing table |
|
|
|
|
|
|
|
Destination |
Gateway |
Genmask |
Flags Metric Ref Use |
Iface |
|||
localnet |
* |
255.255.255.0 |
U |
0 |
0 |
932 |
eth0 |
loopback |
* |
255.0.0.0 |
U |
0 |
0 |
38 |
lo |
default |
my-gw |
0.0.0.0 |
UG |
1 |
0 |
1534 |
eth0 |
where my-gw is the address of the local gateway (usually subnet address 1).
If this default route is not set, a host will not know where to send packets and will therefore attempt to build a table of routes, using a different entry for every outgoing address. This consumes memory rapidly and leads to great inefficiency. In the worst case the host might not have contact with anywhere outside its subnet at all.
As of Solaris 9, one obtains a nice overview of both IPv4 and IPv6 protocols:
Routing Table: IPv4 |
|
|
|
|
|
|
Destination |
Gateway |
Flags |
Ref |
Use |
Interface |
|
-------------------- |
-------------------- ----- ----- ------ --------- |
|||||
128.39.89.0 |
128.39.89.4 |
U |
1 |
8 |
le0 |
|
224.0.0.0 |
128.39.89.4 |
U |
1 |
0 |
le0 |
|
default |
128.39.89.1 |
UG |
1 |
67 |
|
|
127.0.0.1 |
127.0.0.1 |
UH |
1 |
0 |
lo0 |
|
Routing Table: IPv6 |
|
|
|
|
|
|
Destination/Mask |
Gateway |
|
Flags Ref Use |
If |
||
--------------------- --------------------------- ----- --- --- |
----- |
|||||
2001:700:700:3::/64 |
2001:700:700:3:a00:20ff:fe85:bb11 U 1 |
0 |
le0:1 |
|||
fe80::/10 |
fe80::a00:20ff:fe85:bb11 |
U |
1 |
0 |
le0 |
|
ff00::/8 |
fe80::a00:20ff:fe85:bb11 |
U |
1 |
0 |
le0 |
|
default |
fe80::2a0:c9ff:fe28:2489 |
UG |
1 |
0 |
le0 |
|
::1 |
::1 |
|
UH |
1 |
9 |
lo0 |
See section 2.9 for a discussion of IPv6.
2.7.6ARP/RARP
The Address Resolution Protocol (ARP) is a name service directory for translating from IP address to hardware, Media Access Control (MAC) address (e.g. Ethernet address). The ARP service is mirrored by a reverse lookup ARP service (RARP). RARP takes a hardware address and turns it into an IP address.
Ethernet MAC addresses are required when forwarding traffic from one device to another, on the same subnet. While it is the IP addresses that contain the structure of the Internet and permit routing, it is the hardware address to which one must deliver packets in the final instance; because IP addresses are encapsulated in Ethernet packets.