IPv4

 

- IPv4 Addressing and Subnetting -

 

Hardware Addressing

 

The hardware address is used by devices to communicate on the local

network. Hardware addressing is a function of the data-link layer of the OSI

model (Layer-2).

The hardware address for Ethernet networks is the MAC address, a 48-bit

hexadecimal address that is usually hard-coded on the network card. In

theory, this means the MAC address cannot be altered; however, the MAC

address is often stored in flash on the NIC, and thus can be changed with

special utilities.

MAC addresses can be represented in two formats (either notation is

acceptable):

00:43:AB:F2:32:13

0043.ABF2.3213

The MAC address has one shortcoming – it contains no hierarchy. There is

no mechanism to create boundaries between networks.

Instead, the first six hexadecimal digits of a MAC identify the manufacturer

of the network card (referred to as the OUI (Organizational Unique

Identifier)), and the last 6 digits identify the host device (referred to as the

host ID). Still, there is no way to distinguish one network from another.

Imagine the difficulties this poses. If only hardware addressing existed, all

devices would technically be on the same network. Modern internetwork

systems like the Internet could not exist, as there would be no way to

separate my network from your network.

Furthermore, imagine if the entire Internet was a purely switched, data-link

layer environment. Switches, as a rule, forward broadcasts out all ports.

Guesstimating that there are billions devices on the Internet, with each

device sending out a broadcast on average every few seconds, the resulting

broadcast storms would be devastating. The Internet would simply collapse.

The need for logical addressing, and routers, became apparent.

 

Logical Addressing

 

Logical addressing is a function of the network layer of the OSI Model

(Layer-3).

Logical addresses, unlike hardware addresses, provide a hierarchical

structure to separate networks. A logical address identifies not only a unique

Host ID, but also the network that host belongs to. Additionally, logical

addresses are rarely hard-coded onto hosts, and can be changed freely.

Two common logical addressing protocols are IPX (Internetwork Packet

Exchange) and IP (Internet Protocol). IPX was predominantly used on

Novell networks, but is mostly deprecated. IP is the most widely-used

logical address today.

Internet Protocol (IP)

IP was developed by the Department of Defense (DoD) during the late

1970’s. It was included in a group of protocols that became known as the

TCP/IP protocol suite.

The DoD developed their own networking model to organize and define the

TCP/IP protocol suite. This became known as the DoD Model, and consists

of four layers:

OSI Model DoD Model Example Protocols

7 Application

6 Presentation

5 Session

4 Application FTP, HTTP, SMTP

4 Transport 3 Host-to-Host TCP, UDP

3 Network 2 Internet IP

2 Data-link

1 Physical

1 Network Access Ethernet

IP provides two core functions:

• Logical addressing of hosts

• Routing of packets between networks.

IP has undergone several revisions. IP Version 4 (IPv4) is currently in

widespread deployment, but will eventually be replaced with IP Version 6

(IPv6). This guide will concentrate on IPv4, and IPv6 will be covered

extensively in a separate guide.

 

IPv4 Addressing

 

One of IP’s core functions is to provide logical addressing for hosts. An IP

address provides a hierarchical structure to separate networks. Consider the

following address as an example:

158.80.164.3

An IP address is separated into four octets:

First Octet

Second Octet Third Octet Fourth Octet

158 .80 .164 .3

Each octet is 8 bits long, resulting in a 32-bit IP address. A computer

understands an IP address in its binary form; the above address in binary

would look as follows:

First Octet

Second Octet Third Octet Fourth Octet

10011110 .01010000 .10100100 .00000011

Part of the above IP address identifies the network. The other part of the

address identifies the host. A subnet mask helps make this distinction.

Consider the following:

158.80.164.3 255.255.0.0

The above IP address has a subnet mask of 255.255.0.0. The subnet mask

follows two rules:

• If a binary bit is set to a 1 (or on) in a subnet mask, the corresponding

bit in the address identifies the network.

• If a binary bit is set to a 0 (or off) in a subnet mask, the corresponding

bit in the address identifies the host.

Looking at the above address and subnet mask in binary:

Address: 10011110.01010000.10100100.00000011

Subnet Mask: 11111111.11111111.00000000.00000000

The first 16 bits of the subnet mask are set to 1. Thus, the first 16 bits of the

address (158.80) identify the network. The last 16 bits of the subnet mask are

set to 0. Thus, the last 16 bits of the address (164.3) identify the unique host

on that network.

 

IPv4 Addressing (continued)

 

Hosts on the same logical network will have identical network addresses,

and can communicate freely. For example, the following two hosts are on

the same network:

Host A: 158.80.164.100 255.255.0.0

Host B: 158.80.164.101 255.255.0.0

Both share the same network address (158.80), which is determined by the

255.255.0.0 subnet mask. Hosts that are on different networks cannot

communicate without an intermediating device. For example:

Host A: 158.80.164.100 255.255.0.0

Host B: 158.85.164.101 255.255.0.0

The subnet mask has remained the same, but the network addresses are now

different (158.80 and 158.85 respectively). Thus, the two hosts are not on

the same network, and cannot communicate without a router between them.

Routing is the process of sending packets from one network to another.

Consider the following, trickier example:

Host A: 158.80.1.1 255.248.0.0

Host B: 158.79.1.1 255.248.0.0

The specified subnet mask is now 255.248.0.0, which doesn’t fall cleanly on

an octet boundary. To determine if these hosts are on separate networks, first

convert everything to binary:

Host A Address: 10011110.01010000.00000001.00000001

Host B Address: 10011110.01001111.00000001.00000001

Subnet Mask: 11111111.11111000.00000000.00000000

Remember, the 1 (or on) bits in the subnet mask identify the network portion

of the address. In this example, the first 13 bits (the 8 bits of the first octet,

and the first 5 bits of the second octet) identify the network. Looking at only

the first 13 bits of each address:

Host A Address: 10011110.01010

Host B Address: 10011110.01001

Clearly, the network addresses are not identical. Thus, these two devices are

on separate networks, and require a router to communicate.

 

IP Address Classes

The IPv4 address space has been structured into several classes. The value

of the first octet of an address determines the class of the network:

Class First Octet Range

Default Subnet Mask

Class A 1 - 127 255.0.0.0

Class B 128 - 191 255.255.0.0

Class C 192 - 223 255.255.255.0

Class A networks range from 1 to 127. The default subnet mask is

255.0.0.0; thus, by default, the first octet defines the network, and last three

octets define the host. This results in a maximum of 127 Class A networks,

with 16,777,214 hosts per network!

Example of a Class A address:

Address: 64.32.254.100

Subnet Mask: 255.0.0.0

Class B networks range from 128 to 191. The default subnet mask is

255.255.0.0; thus, by default, the first two octets define the network, and the

last two octets define the host. This results in a maximum of 16,384 Class B

networks, with 65,534 hosts per network.

Example of a Class B address:

Address: 152.4.12.195

Subnet Mask: 255.255.0.0

Class C networks range from 192 to 223. The default subnet mask is

255.255.255.0; thus, by default, the first three octets define the network, and

the last octet defines the host. This results in a maximum of 2,097,152 Class

C networks, with 254 hosts per network.

Example of a Class C address:

Address: 207.79.233.6

Subnet Mask: 255.255.255.0

 

 

CIDR (Classless Inter-Domain Routing)

 

Classless Inter-Domain Routing (CIDR) is simplified method of

representing a subnet mask. CIDR identifies the number of binary bits set to

a 1 (or on) in a subnet mask, preceded by a slash.

Consider the following subnet mask: 255.255.255.240

Looking at the above subnet mask in binary:

11111111.11111111.11111111.11110000

The first 28 bits of the above subnet mask are set to 1. To represent this in

CIDR notation: /28

Consider this next example:

192.168.1.1 255.255.255.0

The above address/subnet mask can be represented as follows using CIDR:

192.168.1.1 /24

Address “Classes” vs. Subnet Mask

Remember the following three rules:

• The first octet on an address dictates the class of that address.

• The subnet mask dictates what portion of an address identifies the

network, and what portion identifies the host.

• Each class has a default subnet mask.

Thus, the address 10.1.1.1 is a Class A address, and its default subnet mask

is 255.0.0.0 (or in CIDR, /8). However, it is possible to use subnet masks

other than the default, such as applying a Class B mask to a Class A address:

10.1.1.1 /16

However, this does not change the class of the above address. It remains a

Class A address, which has been subnetted using a Class B mask.

Remember, the only thing that determines the class of an IP address is the

first octet of that address. Likewise, the subnet mask is the only thing that

determines what portion of an address is the network, and which portion is

the host.

 

Subnet and Broadcast Addresses

 

Two addresses have been reserved on each network for special use. Each

network must have a subnet (or network) address, and a broadcast address.

Neither of these addresses can be assigned to a host device.

The subnet address is used to identify the network itself. Routing tables

contain lists of networks, and each network is identified by its subnet

address. Subnet addresses contain all 0 bits in the host portion of the

address.

For example, the following is a subnet address: 192.168.1.0/24

The broadcast address identifies all hosts on a particular network. A packet

sent to the broadcast address will be received and processed by every device

on that network. Broadcast addresses contain all 1 bits in the host portion

of the address.

For example, the following is a broadcast address: 192.168.1.255/24

Broadcasts are one of three types of IP packets:

• Unicasts are packets sent from one host to another host

• Multicasts are packets sent from one host to a group of hosts

• Broadcasts, as stated earlier, are packets sent from one host to all

other hosts on the local network

A router, by default, will never forward a multicast or broadcast packet

from one interface to another.

A switch, be default, will forward a multicast or broadcast out every port,

except for the port that sent the multicast/broadcast.

 

 

Subnetting

 

Subnetting is the process of creating new networks (or subnets) by stealing

bits from the host portion of a subnet mask. There is one caveat: stealing bits

from hosts creates more networks but fewer hosts per network. Thus, every

time a network is subnetted, addresses are lost.

Consider the following Class C network:

192.168.254.0

The default subnet mask for this network is 255.255.255.0. This single

network can be segmented, or subnetted, into multiple networks. For

example, assume a minimum of 10 new networks are required. Resolving

this is possible using the following magical formula:

2n – 2

The exponent ‘n’ identifies the number of bits to steal from the host portion

of the subnet mask. The default Class C mask (255.255.255.0) looks as

follows in binary:

11111111.1111111.1111111.00000000

There are a total of 24 bits set to 1, which are used to identify the network.

There are a total of 8 bits set to 0, which are used to identify the host, and

these host bits can be ‘stolen.’

Stealing bits essentially involves changing host bits (set to 0 or off) in the

subnet mask to network bits (set to 1 or on). Network bits in a subnet mask

must always be sequential, skipping bits is not allowed.

Consider the result if three bits are stolen. Using the above formula:

2n – 2 = 23 – 2 = 8 – 2 = 6 new networks created

However, a total of six new networks does not meet the original requirement

of at least 10 networks. Consider the result if four bits are stolen:

2n – 2 = 24 – 2 = 16 – 2 = 14 new networks created

A total of fourteen new networks does meet the original requirement.

Stealing four host bits results in the following new subnet mask:

11111111.11111111.11111111.11110000 = 255.255.255.240

 

Subnetting (continued)

 

In the previous example, a Class C network was subnetted to create 14 new

networks, using a subnet mask of 255.255.255.240 (or /28 in CIDR). Four

bits were stolen in the subnet mask, leaving only four bits for hosts.

To determine the number of hosts this results in, for each of the new 14

networks, the same formula can be used: 2n – 2

Consider the result if four bits are available for hosts:

2n – 2 = 24 – 2 = 16 – 2 = 14 usable hosts per network

Thus, subnetting a Class C network with a /28 mask creates fourteen new

networks, with fourteen usable hosts per network.

The “-2” Rule of Subnetting

There is a specific purpose for the ‘– 2’ portion of the 2n – 2 formula.

Previously, it was unacceptable to use an address that contained all ‘0’ or all

‘1’ bits in the network portion of the address.

However, this is no longer true on modern systems. Specifically, on Cisco

IOS devices, the following command is now enabled by default:

Router(config)# ip subnet-zero

The ip subnet-zero commands allows for the use of networks with all ‘0’ or

all ‘1’ bits in the network portion of the address. Thus, the formula for

calculating the number of new network is slightly altered, to simply 2n.

Consider if four bits are stolen for networks:

2n

= 24

= 16 new networks created

However, it is never possible to assign an address with all ‘0’ or all ‘1’

bits in the host portion of the address. These are reserved for the subnet

and broadcast addresses, respectively. Thus, the formula for calculating

usable hosts is always 2n – 2.

Some have questioned whether CCNA/CCNP simulations and questions

have ip subnet-zero enabled. It is generally accepted that having this enabled

is now default behavior, and test questions should be answered accordingly.

All future examples in this guide will assume the command is enabled.

 

Determining the ‘Range’ of Subnetted Networks

 

Determining the range of the newly created networks can be accomplished

using several methods. The ‘long’ method involves some binary magic.

Still looking at the example 192.168.254.0 network, which was subnetted

using a 255.255.255.240 mask:

192.168.254.0: 11000000.10101000.11111110.00000000

255.255.255.240: 11111111.11111111.11111111.11110000

Subnetting stole four bits in the fourth octet, creating a total of 16 new

networks (assuming ip subnet-zero is enabled). Looking at only the fourth

octet, the first newly created network is 0000. The second new network is

0001. Calculating all possible permutations of the four stolen bits:

Binary Decimal Binary Decimal Binary Decimal

.0000 xxxx .0 .0110 xxxx .96 .1100 xxxx .192

.0001 xxxx .16 .0111 xxxx .112 .1101 xxxx .208

.0010 xxxx .32 .1000 xxxx .128 .1110 xxxx .224

.0011 xxxx .48 .1001 xxxx .144 .1111 xxxx .240

.0100 xxxx .64 .1010 xxxx .160

.0101 xxxx .80 .1011 xxxx .176

Note that this equates to exactly 16 new networks. The decimal value

represents the first (or the subnet) address of each newly created network. To

determine the range for the hosts of the first new network:

Binary Decimal Binary Decimal Binary Decimal

.0000 0000 .0 .0000 0110 .6 .0000 1100 .12

.0000 0001 .1 .0000 0111 .7 .0000 1101 .13

.0000 0010 .2 .0000 1000 .8 .0000 1110 .14

.0000 0011 .3 .0000 1001 .9 .0000 1111 .15

.0000 0100 .4 .0000 1010 .10

.0000 0101 .5 .0000 1011 .11

The binary value has been ‘split’ to emphasize the separation of the network

bits from the host bits. The first address has all 0 bits in the host portion

(0000), and thus is the subnet address for this network. The last address has

all 1 bits in the host portion, and thus is the broadcast address for this

network. Note that there are exactly 14 usable addresses to assign to hosts.

 

Determining the ‘Range’ of Subnetted Networks (continued)

 

Calculating the ranges of subnetted networks can quickly become tedious

when using the ‘long’ binary method. The ‘shortcut’ method involves taking

the subnet mask (255.255.255.240 from the previous example), and

subtracting the subnetted octet (240) from 256.

256 – 240 = 16

Assuming ip subnet-zero is enabled, the first network will begin at 0. Then,

simply continue adding 16 to list the first address of each new network:

0 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240

Knowing the first address of each new network makes it simple to determine

the last address of each network:

First address of network 0 16 32 48 64 80 96 112 128 144

Last address of network 15 31 47 63 79 95 111 127 143 159

Only the first 10 networks were calculated, for brevity. The first address of

each network becomes the subnet address for that network. The last address

of each network becomes the broadcast address for that network.

Once the first and last address of each network is known, determining the

usable range for hosts is straightforward:

Subnet address 0 16 32 48 64 80 96 112 128 144

Usable Range

1

14

17

30

33

46

49

62

65

78

81

94

97

110

113

126

129

142

145

158

Broadcast address 15 31 47 63 79 95 111 127 143 159

Hosts on the same network (such as 192.168.254.2 and 192.168.254.14) can

communicate freely.

Hosts on different networks (such as 192.168.254.61 and 192.168.254.66)

require a router to communicate.

 

 

Class A Subnetting Example

 

Consider the following subnetted Class A network: 10.0.0.0 255.255.248.0

Now consider the following questions:

• How many new networks were created?

• How many usable hosts are there per network?

• What is the full range of the first three networks?

By default, the 10.0.0.0 network has a subnet mask of 255.0.0.0. To

determine the number of bits stolen:

255.0.0.0: 11111111.00000000.00000000.00000000

255.255.248.0: 11111111.11111111.11111000.00000000

Clearly, 13 bits have been stolen to create the new subnet mask. To calculate

the total number of new networks:

2n

= 213

= 8192 new networks created

There are clearly 11 bits remaining in the host portion of the mask:

2n – 2 = 211 – 2 = 2048 – 2 = 2046 usable hosts per network

Calculating the ranges is a bit tricky. Using the ‘shortcut’ method, subtract

the third octet (248) of the subnet mask (255.255.248.0) from 256.

256 – 248 = 8

The first network will begin at 0, again. However, the ranges are spread

across multiple octets. The ranges of the first three networks look as follows:

Subnet address 10.0.0.0 10.0.8.0 10.0.16.0

Usable Range

10.0.0.1

10.0.7.254

10.0.8.1

10.0.15.254

10.0.16.1

10.0.23.254

Broadcast address 10.0.7.255 10.0.15.255 10.0.23.255

 

Private vs Public Addresses

 

The rapid growth of the Internet resulted in a shortage of IPv4 addresses. In

response, the powers that be designated a specific subset of the IPv4 address

space to be private, to temporarily alleviate this problem.

A public address can be routed on the Internet. Thus, devices that should be

Internet accessible (such as web or email servers) must be configured with

public addresses.

A private address is only intended for use within an organization, and can

never be routed on the internet. Three private addressing ranges were

allocated, one for each IPv4 class:

• Class A - 10.x.x.x

• Class B - 172.16-31.x.x

• Class C - 192.168.x.x

NAT (Network Address Translation) is used to translate between private

addresses and public addresses. NAT allows devices configured with a

private address to be stamped with a public address, thus allowing those

devices to communicate across the Internet. NAT is covered in-depth in

another guide.

NAT is only a temporarily solution to the address shortage problem.

Eventually, IPv4 will be replaced with IPv6. This also is covered extensively

in another guide.

Two other ranges, while not considered “private,” have been reserved for

specific use:

• 127.x.x.x - reserved for diagnostic purposes. One such address

(127.0.0.1), identifies the local host, and is referred to as the loopback

or localhost address.

• 169.254.x.x - reserved for Automatic Private IP Addressing (APIPA).

A host assigns itself an APIPA address if a DHCP server is

unavailable to dynamically assign an address.

IPv4 Addressing and Subnetting v1.32 – Aaron Balchunas

* * *

All original material copyright © 2007 by Aaron Balchunas ([email protected]),

unless otherwise noted. All other material copyright © of their respective owners.

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

14

The IPv4 Header

The IPv4 header has 12 required fields and 1 optional field¸ and is 160 bits

long.

Field Length Description

Version 4 bits Version of IP (in this case, IPv4)

Header Length 4 bits Specifies the length of the IP header (minimum 160 bits)

Type of Service 8 bits Classifies traffic for QoS

Total Length 16 bits Specifies the length of both the header and data payload

Identification 16 bits Uniquely identifies fragments of a packet

Flags 3 bits Flags for fragmentation

Fragment Offset 13 bits Identifies the location of a fragment in a packet

Time to Live 8 bits Decremented by each router traversed

Protocol 8 bits Specifies the next upper layer protocol

Header Checksum 16 bits Checksum for error checking

Source Address 32 bits Source IPv4 address

Destination Address 32 bits Destination IPv4 address

Options 32 bits Optional field for various parameters

The Identification, Flags, and Fragment Offset fields are used in

conjunction with each other. An IP packet larger than the MTU size of a link

must be fragmented. Each fragment of the packet is marked with the same

Identification number. The Fragment Offset allows the destination device to

reassemble the fragments in the proper order.

The Flags field can dictate two conditions:

• Don’t Fragment (DF) – indicates the packet cannot be fragmented. If

the packet reaches a link with a small MTU, the packet is then

dropped, and an ICMP error message is sent back to the source.

• More Fragments (MF) – all fragments have this bit set to one, except

for the last fragment, where the bit is set to zero. This allows the

destination device to know it has received all fragments.

 

IPv4 Protocol Numbers

 

The Next Header field is of some importance. This field identifies the next

upper-layer header (for example, UDP, TCP or ICMP). These upper layer

protocols are identified using IP Protocol Numbers.

The following is a list of common IP Protocol Numbers:

Protocol

Number

Upper-Layer Protocol

1 ICMP

2 IGMP

6 TCP

9 IGRP

17 UDP

46 RSVP

47 GRE

50 IPSEC ESP

51 IPSEC AH

88 EIGRP

89 OSPF

 

Resolving Logical Addresses to Hardware Addresses

 

Hosts cannot directly send data to another device’s logical address. Network

communication occurs across the data-link layer, using hardware addresses.

A mechanism is required to map logical addresses to hardware addresses.

When using IP over an Ethernet network, the Address Resolution Protocol

(ARP) provides this function for us. ARP allows a host to determine the

MAC (hardware) address for a particular IP (logical) address.

Observe the above diagram. Following the step-by-step path a packet travels

from HostA to the 10.2.1.5 address (HostB):

• First, HostA determines if the 10.2.1.5 address is itself. If the address

is configured on a local interface, the packet never leaves HostA.

• Second, HostA determines if the 10.2.1.5 address is on the same

network (or subnet). If it is, HostA will broadcast an ARP request, and

wait for the appropriate host to reply with its MAC address.

• HostA determines that the 10.2.1.5 address is indeed on a separate

network. It now parses its local routing table for a route to this remote

network. Usually, hosts will be equipped with a default route (or,

default gateway), to reach all other networks.

• Host A determines that RouterA is its default gateway. The host

broadcasts an ARP request for RouterA’s MAC address, and then

forwards the packet to RouterA’s MAC (4444.5555.6666).

• RouterA receives the packet, and parses at its own routing table. It

determines that the 10.2.x.x network is directly attached off of its fa1

interface. The router then broadcasts an ARP request for the 10.2.1.5

address.

• HostB responds to the router’s ARP request with its MAC address

(AAAA.BBBB.CCCC). RouterA is then able to forward the packet to

HostB.

 

 

Troubleshooting IP using ICMP

 

 

Internet Control Message Protocol (ICMP) is used for a multitude of

informational and error messaging purposes.

The following is a list of common ICMP types and codes:

Type Code Description

0 0 Echo Reply

- Destination Unreachable

0 Network Unreachable

1 Host Unreachable

2 Protocol Unreachable

3 Port Unreachable

4 Fragmentation Needed – Don’t Fragment Flag Set

6 Destination Network Unknown

7 Destination Host Unknown

9 Destination Network Administratively Prohibited

10 Destination Host Administratively Prohibited

3

5 Redirect

8 Echo

11 TTL Exceeded

Several IP troubleshooting tools utilize ICMP, including Packet Internet

Groper (ping) and traceroute.

Ping utilizes the Echo Request and Echo Reply ICMP messages to

determine if a host is responding on a particular address.

Traceroute determines the routing path a packet takes to reach its

destination.

 
 
This website was built using N.nu - try it yourself for free.