Chapter 9
TCP/IP networks: some theory
|
|
|
|
|
 |
In this chapter: |
|
|
|
  |
Learning some basic facts about the TCP/IP protocol
|
  |
Understanding subnets and routing
|
  |
Examining a sample network
|
  |
Setting up the routing tables of all participating hosts
|
|
|
|
 |
|
As a child of the Internet, almost every network service is available
for Linux. SuSE ships a full-featured set of network services on its
CDs. Most of them come with reasonable default configurations and
don't need much customization to get them running.
Many books have been written solely on Unix networking. This part of
the book is intended to be9 an introduction to networking and points
out those features particular to SuSE when one is setting up and
maintaining network services. For a thorough understanding of TCP/IP,
or to get details on each service, consult one of the many excellent
books at your local or online bookseller or use one of the many
how-tos available online.
The standard protocol for Unix systems is TCP/IP (Transfer Control
Protocol/Internet Protocol). This is a somewhat old protocol suite,
and many companies tried to replace it with their own proprietary
protocols. But with the rising popularity of the Internet, which was
based on TCP/IP from its inception, TCP/IP has made its way into the
local nets and is now the de facto standard for computer networks.
Networking protocols can be broken down into layers that handle a
certain aspect of the communication. Figure 9-1
sets the
common OSI (Open System Interconnection) model for computer
communication in relation to the TCP/IP protocol stack.
|
Figure 9-1 |
 |
| The OSI and the TCP/IP Network Layers |
|
You see, there is no direct mapping between the two models. The TCP/IP
stack is about ten years older than the OSI model. Some of the newer
services that are based on TCP/IP implement OSI layers one to three,
but most of the older ones, such as telnet, ftp, and SMTP, don't.
Most network services can be treated as some type of client-server
application. A client process connects to the server to send or get
information. Each chunk of data has to go through all layers of the
protocol stack on either side of the connection. It makes its way from
the application to the hardware layer on the sending side, and back
from the hardware to the application at the receiving machine.
Before we go into further details, we focus on the practice of
networking and provide the background you need in the field of
networking, instead of discussing different ways of implementing a
networking stack.
|
9.1 | Managing networks: subnets and routing |
|
Networks can be constructed to fit many needs and in a wide range of
sizes. They range from small networks, with only two or three machines
connected to each other, to large-scale networks that connects
thousands of machines. Without a doubt, the largest network is the
Internet, where millions of machines communicate over many different
kinds of media.
The networks you work with probably fall somewhere in this range. The
larger a network, the more complicated its structure and
topology. Because of hardware restrictions, a single network segment
can have a limited number of hosts connected to it. An ethernet
segment can be a single coax wire running from one machine to another,
a set of hosts connected to the same hub, or a switch in a twisted
pair environment. So, what to do if you have more machines to connect
than the hardware allows? You break them down into separate segments
and use routers (also called gateways) to connect these individual
segments. A router is simply a machine connected to more than one
segment. It transfers data from one segment (or network) to the
other. A simple network is shown in Figure 9-2
.
|
Figure 9-2 |
 |
| Simple network example |
|
Unfortunately, the hardware side has direct influence on the numbering
scheme that you use to assign IP numbers to the machines connected to
each segment. The three segments in Figure 9-2 have
different network addresses. A network address is the IP address used
to identify the whole subnet (we refer to segments if we focus on the
hardware side, and subnet for the software or IP portion of this).
Connected to a network address is the network mask. Together, the
network address and the network mask (netmask) tell you which IP
addresses can be reached within a given subnet. Netmasks are often a
source of confusion if you don't know how to decipher them.
An IP address is a 64-bit number that can address a single host or a
complete (sub)network, depending on the netmask. The netmask is a
filter that decides which part of the IP address will hold the network
address and which part addresses the host within this network. If you
do a logical bitwise of an IP address and netmask, you'll get the
network address of this IP address. There are two different
notations for netmasks. The traditional way is to write the netmask
the same way as you would an IP address, in decimal dot notation as
a quadruple of 8-bit numbers, for example, 255.255.255.0. These
days, the preferred method is to write the number of bits set in the
netmask. As a netmask becomes filled up with 1 bits from left to right
(no gaps allowed), 24 has the same meaning as 255.255.255.0.
The network address and the netmask are usually delimited with a
forward slash (/). For host addresses, it's optional to
give the netmask, but for network addresses, it's mandatory.
What does this mean for the networks in the example? You'll see three
network addresses in Figure 9-2, each with different
netmasks. Network A has the address 192.168.0.0/25. This means that
the network can be reached by addressing the IP number
192.168.0.0. The /25 tells you that the first 25 bits are
used for the network address, so there are seven bits left to
address single hosts within this network.
Figure 9-3
illustrates the relationship between netmask
and IP address for these values. The netmask masquerades all bits in
the IP address that contain the network part of the address. The empty
bits of the netmask determine which bits are used to address the host
within the given network.
|
Figure 9-3 |
 |
| The netmask masquerades bits in the IP address |
|
This means that the host addresses in this network are in a range that
begins with 192.168.0.185 and goes up to 192.168.0.126. The last
address (which in this case is 192.168.0.127) is always reserved as
the broadcast address for this subnet. All hosts in the network listen
for broadcast messages on this address. If you transfer this to
network B and C, you get the IP address ranges shown in Table
9-1
for the three networks.
|
Table 9-1 |
Address ranges for the example networks |
|
Network |
First Address |
Last Address |
Broadcast |
192.168.0.0/25 |
192.168.0.1 |
192.168.0.126 |
192.168.0.127 |
192.168.0.128/25 |
192.168.0.129 |
192.168.0.254 |
192.168.0.255 |
192.168.1.0/24 |
192.168.1.1 |
192.168.1.254 |
192.168.1.255 |
|
|
|
9.2 | Routing |
|
What happens if a host wants to communicate with another machine? The
answer is that it depends on whether the target machine is in the same
subnet or not. To determine this, the source host uses its network
mask. If the network portion of its own address is exactly the same as
the network part of the target machine's address, both hosts are
within the same subnet and can communicate directly with each
other. If they are in different subnets, a gateway is needed to
forward the packages to this subnet. The kernel routing table holds
the information that the source host needs to determine which
gateway should be used to forward packages to a particular
subnet. Usually, there is a default gateway that will be taken if no
specific gateway can be found.
If you refer back at Figure 9-2, you can see that there
are two routers connecting the three subnets and one of them is also
connected to the Internet. To get a detailed picture about routing in
this constellation, you have to look at the routing tables of regular
hosts in the three subnets, and on the routing table of the routers
themselves.
|
9.2.1 | Hosts in Network A |
|
All hosts in Network A can reach other hosts in their network (which
has the address 192.168.0.0/25) directly over their ethernet
interface (in this instance, eth0). They reach
everything else via Router A/B.
So, the routing table for a host in this network would look like this:
|
|
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.128 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
|
|
If you run the command /sbin/route -n, the routing table
of your system will appear. It should look similar to the one
presented here. The column titled Destination lists
the networks that can be reached with this routing entry. A
destination address of 0.0.0.0 specifies the default gateway.
The Gateway column lists the router, which is the
packages' destination. If the gateway is 0.0.0.0, the packages will be
sent directly to the device specified in the device
column. Genmask is the netmask that is applied to the
destination address.
The routing table in this illustration will send all packages destined
to 192.168.0.0/255.255.255.128 to the device eth0. The
loopback device lo handles the pseudo net 127.0.0.0/255.0.0.0. All
packages not going to the local subnet are forwarded to Router A/B,
whose address is 192.168.0.1 and is listed as the default
gateway. This is fine because this router is the only connection to
other networks for those hosts.
|
9.2.2 | Hosts in Network B |
|
The situation in this subnet has two routers and is a bit more
complicated. The routing table for these hosts has an additional
entry:
|
|
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.0.128 0.0.0.0 255.255.255.128 U 0 0 0 eth0
192.168.0.0 192.168.0.130 255.255.255.128 UG 0 0 0 eth0
0.0.0.0 192.168.0.129 0.0.0.0 UG 0 0 0 eth0
|
|
You see the same entry for 127.0.0.0/255.0.0.0. The second line
specifies the local subnet 192.168.0.128/255.255.255.128. Router A/B
is given as the gateway to Network A. Note that this machine has a
different IP address for this network. A router has to have one
network device for each network to which it's connected. Each of these
devices must have an address in the network to which it's
pointing. The default gateway points to Router B/C.
|
9.2.3 | Hosts in Network C |
|
This setup is almost the same as the one in Network A. The local
subnet can be reached over the eth0 interface. Everything
else is forwarded to Router B/C:
|
|
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
|
|
|
9.2.4 | Router A/B |
|
This machine is part of Network A and Network B. It can reach both of
these networks directly over its network interfaces. Assuming that
eth0 is the interface pointing to Network A and
eth1 is the one for Network B, you get a routing table
that looks like this:
|
|
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.0.0 0.0.0.0 255.255.255.128 U 0 0 0 eth0
192.168.0.128 0.0.0.0 255.255.255.128 U 0 0 0 eth1
0.0.0.0 192.168.0.129 0.0.0.0 UG 0 0 0 eth1
|
|
There is one line for each network, and the default gateway is Router B/C.
|
9.2.5 | Router B/C |
|
This machine has the most complicated routing table in this
example. It is directly connected to Network B and C. It must forward
packages directed to Network A to Router A/B, and it serves as the
gateway to the Internet. In this case, it is assumed that every host
not in one of the local networks can be reached through the
Internet. If eth0 is the device to Network B and
eth1 points to Network C, you will need to set up this
routing table for Router B/C:
|
|
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.0.128 0.0.0.0 255.255.255.128 U 0 0 0 eth0
192.168.0.0 192.168.0.130 255.255.255.128 U 0 0 0 eth0
0.0.0.0 204.179.13.1 0.0.0.0 UG 0 0 0 ppp0
|
|
The default gateway is set to 204.179.13.1 on device
ppp0. This is the address of the router to which you will
connect for your Internet connection. In a real-world environment,
this might be some kind of ISDN or T1 card. Even a ppp connection (as
shown in this example) is possible, but is much too slow to connect
an entire office.
This example works with so-called static routes. This means that the
routing table of each host never changes. Routing can be configured
dynamically, which means that the routing table can change during
runtime. There are protocols and daemons that perform this task. In
most cases, dynamic routing is not needed. If you require more details
on dynamic routing, look in the man page routed(1)
(routed is a daemon for dynamic routing) or, better yet, download
gated and read the documentation provided with its
source. The gated daemon is another routing daemon that supports
additional routing protocols and is more flexible in its
configuration. Unfortunately, gated is not part of the
SuSE distribution.
|
 |
Summary: |
|
TCP/IP is the de facto standard protocol for computer networks. It is
fairly easy to set up and has simple principles to make it easy to
route.
Routing is based on IP addresses and netmasks. The netmask tells the
machine whether the destination address is in the local network and
can be reached directly or is in a foreign net and requires a
router to reach this machine.
Routers are machines that are connected to more than one network and
forward IP packages from one net to the other. Every host has a
routing table, which is used to determine a package's
destination.
|
 |