network session 5 hakim sabzevari university dr.malekzadeh
TRANSCRIPT
NetworkSession 5
Hakim Sabzevari university Dr.Malekzadeh
Network Layer Addressing
2
IP address
One of the most important aspects of the network layer is assigning logical addresses to the network systems. The logical addresses allow a host to be identified on the network. This logical address is called IP address.
An IP address in computer network is equivalent of a postal address in real life.
Each computer has to have its own IP address so that it will only receive the information that is meant for it and not anything that is meant for someone else.
3
IP address cont…
The IPv4 addresses are 32-bit addresses. But rather than working with 32 ones and zeros, we use four decimal numbers one for each byte, separated by three dots to represent IP addresses.
These four dotted-decimal numbers represent 32 binary digits separated into four equal parts called octets. An octet is 8 bits.
Some sample IP addresses are:15.231.25.115 1.26.251.32 221.26.0.1 209.132.95.3
4
IP address classes
The global IP address space is divided into five classes:
5
Class From To
A 0.0.0.0 127.255.255.255
B 128.0.0.0 191.255.255.255
C 192.0.0.0 223.255.255.255
D 224.0.0.0 239.255.255.255
E 240.0.0.0 255.255.255.255
IP address classes cont…
6
IP address classes cont…
As we can see in each class, the IP address includes two parts: Network part: to identify the network that a computer belongs to
and is common for all the IP addresses in the same network. Host part: to identify the actual computer on the network, thus it
is unique for each host in the same network.
7
Example1:
8
Example2:
9
Class D; IP multicast
Class A, B, and C are the only address classes that are available for TCP/IP host IP addresses. In contrast, no host can have a Class D address. They are invalid for any workstation or host to use.
The purpose of a multicast address is to enable a server to send data so that several hosts can listen to that data at the same time. When watching TV on the Internet or listening to the radio on the Internet, your computer is listening to a Class D address. No server is sending data directly to your workstation; instead, a server is sending data to the multicast address. Any host can use software to listen data at that address, and many hosts can be listening at once.
10
Multicasting
The most common transport layer protocol to use multicast addressing is UDP (TCP provides point-to-point connections, hence it is not feasible for multicast traffic). By its nature, UDP is not reliable—messages may be lost or delivered out of order. Reliable multicast protocols such as Pragmatic General Multicast (PGM) have been developed to add loss detection and retransmission on top of IP multicast.
11
The first thing to know about IP multicasting is that there only exists UDP multicasting. There's no such thing as TCP multicast. Why not? See, the point of multicast is to be efficient with the network and send the same data packet to as many different, possibly unknown computers. But each TCP connection can potentially require retransmission of different lost packets, or different delays or ordered arrival and assembly of packets. So managing and sending all that for each possible device would be resource-intensive even if it were possible, which would defeat much of the point of using multicast. (And it's not possible anyway because multicast can't know where the outbound packets actually wind up.)
12
Class E IP address
The last class of addresses is Class E. Class E addresses range from 240-255 in the first octet.
Class E addresses are reserved and are invalid host addresses. They are used for experimental purposes.
13
Summary of IP classes
14
ClassLeftmost
bitsStart
addressFinish address
1st Octet Decimal Range
Network/Host ID (N=Network,
H=Host)
Default netmask
Hosts per Network (Usable
Addresses)
A 0xxx 0.0.0.0127.255.255.
2551-126 N.H.H.H 255.0.0.0
16,777,214 (224 – 2)
B 10xx128.0.0.
0191.255.255.
255128-191
N.N.H.H.255.255.0.
065,534 (216
– 2)
C 110x192.0.0.
0223.255.255.
255192-223
N.N.N.H255.255.25
5.0254 (28 – 2)
D 1110224.0.0.
0239.255.255.
255224-239
Multicasting
E 1111240.0.0.
0255.255.255.
255240-255
Reserved for future use, Research, or Development Purposes.
Ping hostname = ping its IP
15
Special IP addresses localhost (meaning this computer) is the standard hostname given to the
address of the loopback network interface. Simply put, when users send data to localhost, they will receive their own data. This mechanism is useful for programmers to test their software during development.
localhost as a hostname translates to 127.0.0.0/8 (loopback). It means, 127.0.0.1 through 127.255.255.254 all represent your computer (127.x.x.x). For most purposes, though, it is only necessary to use one IP address, and that is 127.0.0.1, or ::1 in IPv6.
All 127.x.x.x addresses are used by the loopback interface which copies data from the transmit buffer to the receive buffer of the NIC when used for diagnostic purposes. For example, 127.0.0.1 is reserved for localhost address. This means that it is used by the host computer to send a message back to itself. It is commonly used for troubleshooting and network testing.
On Unix-like systems, the loopback interface usually has the device name lo.
16
Ping localhost
17
Special IP addresses cont…
0.0.0.0 is called zero network/ this network/ local network/default network. This is reserved for hosts that don't know their own address and use BOOTP or DHCP protocols to determine their addresses.
255.255.255.255 is a special broadcast address (which would be FF:FF:FF:FF:FF:FF for Ethernet). It is the broadcast address of the zero network.
18
Special IP addresses cont…
The hosts can have any value in the host bits except all zero or all 1 (255). Because with the host bits all 0, the address is a network address and with the host bits all 1 the address is the broadcast address. Thus, in any network, the first and last IP addresses of the whole range are reserved.
19
Special IP addresses cont…
To check internet connectivity send ICMP packets to free public DNS addresses which are always up, such as: Microsoft DNS: 4.2.2.2 to 4.2.2.4 Google DNS: 8.8.8.8 And so on
20
Example
The followings are all invalid IP addresses for a host: 10.0.0.0All host bits can't be 0. 10.1.0.255ok 10.255.255.255All host part can't be 255. 255.9.56.45Class E is reserved. 230.34.255.1Class D is for multicast.
21
Private IP addresses
Private or non-routable IP addresses are typically used on local networks including home, school and business LANs including airports and hotels.
Devices with private IP addresses cannot connect directly to the Internet. Likewise, computers outside the local network cannot connect directly to a device with a private IP.
22
Private IP addresses ranges
23
Class Private Networks Netmask
A 10.0.0.0 - 10.255.255.255 255.0.0.0
B
172.16.0.0 -
172.31.255.255
169.254.0.0 -
169.254.255.255
255.240.0.
0
C192.168.0.0 -
192.168.255.255
255.255.0.
0
Private IP address purposes
Private IP addresses are designed:
To prevent a shortage of public IP addresses available to Internet service providers (ISP) and subscribers.
For computers that do not need Internet connectivity, such as printers, print servers, and local file servers. The private addresses allow them to communicate with computers on the network or remote computers connected to VPN, but not be vulnerable to attacks from the Internet.
24
Public IP addresses
To help extending the life of the IPv4 addressing scheme while the newer IPv6 protocol is developed and deployed, other technologies have been developed.
To access the Internet you need a public address. Therefore, to use public addresses and have access to the Internet, you can use: Internet Connection Sharing (ICS) Network Address Translation (NAT) which include in
router or firewall.
25
Assignment:
ICS: only provides address in 192.168.0.1range. Since this range is in class C with 255.255.255.0 subnet mask, so ICS can provide IP address for only 254 computer which is very small number.
26
NAT
To go to the Internet we need to get an public IP address and it is unique all over the world. If each host in the world required a unique public IP address, we would have run out of IP address years ago. But by using Network Address Translation (NAT) we can save tons of IP addresses for later uses. NAT allows a small number of public IP addresses to be shared by a large number of hosts using private addresses.
27
NAT cont…
For example your computer is assigned a private IP address of 10.0.0.9 and of course this address can not be routed on the internet but you can still access the internet. This is because your router (or modem) translates this address into a public IP address, 123.12.23.1 for example, before routing your data into the internet.
When your router receives a reply packet destined for 123.12.23.1 it will convert back to your private IP 10.0.0.9 before sending that packet to you.
28
NAT cont…
NAT helps only a single unique IP address is required to represent an entire group of computers to anything outside their network.
NAT types are: Static NAT Dynamic NAT Masquerading NAT
29
Static NAT
One public IP for each private IP. Static NAT maps a single inside local address to a single global, or public address. This mapping ensures that a particular inside local address always associates with the same public address.
30
Dynamic NAT
limited number of public IP for many private IP. In the following picture only the first 2 users can access the internet and the rest receive error message.
31
PAT
Masquerading NAT/ Overloading NAT/Port Address Translation (PAT): Router assign a unique port number to each user to give internet to all users. Then the users information are exchanged with the same IP but different port number.
32
PAT cont…
In PAT, the gateway router translates the local source address and port number combination to a single global IP address.
A table in the router contains a list of the internal IP address and port number combinations that are translated to the external address. Although each host translates into the same global IP address, the port number associated with the conversation is unique.
Since over 64,000 ports are available, a router is unlikely to run out of addresses.
33
NAT cont…
NAT also makes the network more secure, since traffic to and from the Internet now goes through the router's address substitution process, blocking direct access to the local IP addresses. Unless you use the followings, the computers are not reachable from the Internet: port forwarding port triggering UPnP DMZ
34
Port forwarding
Port forwarding allows remote computers (e.g. public machines on the Internet) to connect, communicate, and access directly to a specific computer within a private LAN.
In fact, port forwarding (static) is the process of opening a door in the router, by the user, so that an outside person/entity can access a PC or server behind the router. The door is always open and requires no action by the users on the LAN.
35
Port triggering
A port trigger opens a set of ports to the outside world when an inside request is made. It is often useful for applications (games) where you do not want to expose ports all the time but when you open game session then prepared to allow others to join you. Pc tells the router that I am about to expect some traffic back on this particular port so when it arrives, open the port temporarily, send traffic to me and then close the port. So it is not permanently left open.
36
Port forwarding vs. Port trigger
Port forwarding opens the ports you specify permanently. When you turn the router on, it automatically allows any incoming connections from the Internet to use those ports at any time. Port forwarding is fixed to open ports at all times. Not just when the internal request is made. Port forwarding works by looking for all traffic coming in on a port and automatically forwarding it to the designated internal address.
Port Triggering only opens the ports when your computer sends an outgoing connection using the "Trigger Port". At all other times, all ports are completely blocked.
37
Universal Plug and Play
Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other's presence on the network and establish functional network services for data sharing, communications, and entertainment.
The concept of UPnP is an extension of plug-and-play, a technology for dynamically attaching devices directly to a computer, although UPnP is not directly related to the earlier plug-and-play technology. UPnP devices are "plug-and-play" in that when connected to a network they automatically establish working configurations with other devices.
38
Comparison
Port triggering and UPnP is a feature whereby a router will open required ports upon request; a bit like knocking on a door & having it answered.
Port forwarding leaves the requested doors open at all times, meaning there is no need to knock & so should make things a little smoother or faster.
DMZ leaves all doors open at all times, no need to open any specific ports. think of DMZ as the front yard of your house. Anything you put in the front yard is visible to everyone. So if you configure your router for DMZ zone and told it to expose the IP of your web camera, your camera will be visible via internet.
39
IP forwarding
IP forwarding, also known as Internet routing, is a process used to determine which path a packet can be sent. The process uses routing information to make decisions and is designed to send a packet over multiple networks.
40
Local or remote destination
IP protocol in network layer needs to determine how to get a packet to the destination:
If the destination is addressed to a host on the local network, TCP/IP can communicate directly with the destination host.
If the host is on a remote network, TCP/IP needs to send the packet through the default gateway.
41
Remote vs. Local hosts
Remote network: is a network other than the one that the host is on; a remote network is on the other side of a router. In other words, hosts that have a router separating them are considered to be on a remote network from each other. Two hosts on remote networks have different network ID of their IP addresses.
Local network: Hosts that are on the same side of a router are considered to be on the same local network. Thus, the destination host is in local network when IP determines that both the sending and destination hosts have the same network ID in their IP addresses.
42
Determine destination is local or remote
A simple test is performed by routing algorithm, to find out whether the destination is local or remote:
Source station knows its own subnet mask. Thus, it will AND its subnet mask with its IP address to obtain its network address.
Then, the source station will AND its subnet mask with IP address of destination to obtain the network address of destination.
Then, the source station compares the result of these two AND:
If they are identical it means the destination is local (on source LAN).
If they are different it means the destination is remote (not on source LAN).
43
Example:
Workstation IP Address Subnet mask
A 192.168.16.4 255.255.252.0
B 192.168.17.20 255.255.252.0
C 192.168.30.4 255.255.255.0
44
Are A and B in the same subnet?
bitwise-AND
11111111 . 11111111 . 11111100 . 0000000011000000 . 10101000 . 00010001 . 00010100
subnet mask of AIP addr of dest (B)
11000000 . 10101000 . 00010000 . 00000000
network of dest (B)
compare11000000 . 10101000 . 00010000 . 00000000
network of A
They are equal - Both Workstations are on the network 192.168.16.0Are C and B in the same subnet?
bitwise-AND
11111111 . 11111111 . 11111111 . 0000000011000000 . 10101000 . 00010001 . 00010100
subnet mask of CIP addr of dest (B)
11000000 . 10101000 . 00010001 . 00000000
network of dest (B)
compare11000000 . 10101000 . 00011110 . 00000000
network of C
They ARE NOT equal –The workstations are on different networks
Transmitting to a local or remote destination
If the target host is local, then the source host uses an ARP broadcast to find out the MAC address of the destination host.
If the target host is remote, source host looks in its routing table for an explicit route to the network of the destination.
If there is an explicit route, source host needs to get the MAC address of the router which can connect to that destination.
If there is no explicit route, source host needs to get the MAC address for the default gateway.
45
Transmitting to a local or remote destination cont…
46
Transmitting to a local or remote destination cont…
TCP/IP communication process is similar to mailing a package. If you want to send a package to someone who lives on the same street that you do, you'd be able to deliver it yourself. If you mail a package to someone who lives on any other street, the package would go to the post office, and then the post office could figure out how to get the package to its destination. The post office is like a default gateway.
Or we can think of it just as the telephone system that uses an area code to determine whether a number is local or long distance.
47
Netmask to determine local or remote hosts
In order to determine if the destination host is remote or local, the netmask (network mask) is used.
In the standard netmask, all the network ID bits are set to '1' and all the host ID bits are set to '0'. This means that the standard network masks for the three classes of networks are:
A Class network mask: 255.0.0.0 B Class network mask: 255.255.0.0 C Class network mask: 255.255.255.0
48
Classless Inter-Domain Routing (CIDR)
The traditional IP class system considers an IP address with netmask address as follow:
IP address: 192.195.240.0
Network mask: 255.255.255.0
Another shorter form to show this, is using Classless Inter-Domain Routing (CIDR). The CIDR is an IP addressing scheme that uses a slash followed by a number to highlight the network portion of an address instead of using a netmask.
Using CIDR addressing, fewer and shorter addresses (routes) need to be entered into the routing tables. The above example becomes:
IP address: 192.195.240.0/24
49
Example:
IP address: 192.168.1.1/16
The first part indicates the IP address of the NIC, which is 192.168.1.1 in this case.
The second part /16, indicates the netmask value meaning in this case that the first 16 bits of the netmask are set (are 1). This makes the netmask value:
255.255.0.0.
50
Subnetting
A network can be divided into several subnets by using a subnet mask that makes the network address larger and the possible range of host addresses smaller.
A subnet mask is the same basic thing as a netmask with the only real difference being that you are breaking a larger network into smaller parts, and each smaller part will use a different set of network IP address. This will allow network packets to be routed between subnetworks.
Note that if you don’t have any subnetting, then the netmask and subnet mask are the same thing.
51
Subnetting advantages
Subnetting provides the following advantages:
Network traffic isolation: There is less network traffic on each subnet.
Simplified administration: Networks may be managed independently.
Improved security: Subnets can isolate internal networks so they are not visible from external networks.
52
Subnet mask
When subnetting, each subnet has a custom subnet mask. The subnet mask uses the netmask to take some bits from the host portion of the IP address and give them to the network portion.
For example a standard class A IP address with standard netmask 255.0.0.0 has a the following format:
nnnn nnnn.hhhh hhhh.hhhh hhhh.hhhh hhhh
We can take for example 8 bits from host portion and add them to the network portion which creates more networks that have fewer hosts on each of the networks as follow:
nnnn nnnn.ssss ssss.hhhh hhhh.hhhh hhhh
n for network, s for subnet, h for host.
53
Extended Network Prefix
Network Prefix
Creating a custom subnet mask
The following five steps are used in creating a custom subnet mask:
1. Determine how many subnets are needed.2. Determine the maximum number of hosts on each
network.3. Determine the subnet mask.4. Determine the jump values for subnets.5. Determine the valid network addresses.
54
Step 1 and 2
# of subnets needed or available=2n-2 # of hosts needed per subnet=2m-2 n=# of bits used for these needed subnets m=# of bits used for these needed hosts
Example: IP=151.1.2.3 class B
we need 5 subnets 5=2n-22n=7n=3, m=13
55
n n h h
n n s=3
h=5 h
Step 3
A unique subnet address is required on each side of a router where there is not another router on that segment.
Put 1 for network and subnet portion Put 0 for host portion Change binary to decimal to obtain subnet mask
Example:
Subnet mask=255.255.224.0
224=11100000
56
n n s=3
h=5 h
Step 4 and 5
Two to the power of the rightmost bits of s (remainder bits from host part that borrow bits to subnet) will obtain the jump value of the subnet addresses. In the last example: jump=25=32 Put network part as it is. Put zero for host part. Put related jump value for S part.
In the last example subnet addresses are:
57
Subnet #1 address is: 151.1.32.0Subnet #2 address is: 151.1.64.0Subnet #3 address is: 151.1.96.0Subnet #4 address is: 151.1.128.0Subnet #5 address is: 151.1.160.0Subnet #6 address is: 151.1.192.0
Practice:
IP is 151.1.2.3 and we need 1020 subnets
(210=1024)
58
n n h h
Answer:
we need 1020 subnets 1020=2n-22n=1022n=10
m= 8-2=6 Subnet mask=255.255.255.192 192=11000000 Jump=26=64
59
n n s s=2
h=6
Your turn:
IP is: 192.168.4.10 and maximum number of host per subnet is 30.
60
Answer:
We need 30 hosts in each subnet 30=2m-22m=32m=5
n= 8-5=3 Subnet mask=255.255.255.224 224=11100000 Jump=25=32
61
n n n s=3
h=5
Assignment
IP is 118.1.2.3 in class A and we need 12 subnets 126.168.10.5 in class A and we need 62 subnets
62