Chapter 9

TCP/IP networks: some theory
 

 
 
In this chapter:
 
 
* Learning some basic facts about the TCP/IP protocol
* Understanding subnets and routing
* Examining a sample network
* Setting up the routing tables of all participating hosts
 
 
 
As a child of the Internet, almost every network service is available for Linux. SuSE ships a full-featured set of network services on its CDs. Most of them come with reasonable default configurations and don't need much customization to get them running.
 
Many books have been written solely on Unix networking. This part of the book is intended to be9 an introduction to networking and points out those features particular to SuSE when one is setting up and maintaining network services. For a thorough understanding of TCP/IP, or to get details on each service, consult one of the many excellent books at your local or online bookseller or use one of the many how-tos available online.
 
The standard protocol for Unix systems is TCP/IP (Transfer Control Protocol/Internet Protocol). This is a somewhat old protocol suite, and many companies tried to replace it with their own proprietary protocols. But with the rising popularity of the Internet, which was based on TCP/IP from its inception, TCP/IP has made its way into the local nets and is now the de facto standard for computer networks.
 
Networking protocols can be broken down into layers that handle a certain aspect of the communication. Figure 9-1 sets the common OSI (Open System Interconnection) model for computer communication in relation to the TCP/IP protocol stack.
 
Figure 9-1
OSITCP
 
The OSI and the TCP/IP Network Layers
  You see, there is no direct mapping between the two models. The TCP/IP stack is about ten years older than the OSI model. Some of the newer services that are based on TCP/IP implement OSI layers one to three, but most of the older ones, such as telnet, ftp, and SMTP, don't. Most network services can be treated as some type of client-server application. A client process connects to the server to send or get information. Each chunk of data has to go through all layers of the protocol stack on either side of the connection. It makes its way from the application to the hardware layer on the sending side, and back from the hardware to the application at the receiving machine.
 
Before we go into further details, we focus on the practice of networking and provide the background you need in the field of networking, instead of discussing different ways of implementing a networking stack.
 
9.1 Managing networks: subnets and routing
 

Networks can be constructed to fit many needs and in a wide range of sizes. They range from small networks, with only two or three machines connected to each other, to large-scale networks that connects thousands of machines. Without a doubt, the largest network is the Internet, where millions of machines communicate over many different kinds of media.
 
The networks you work with probably fall somewhere in this range. The larger a network, the more complicated its structure and topology. Because of hardware restrictions, a single network segment can have a limited number of hosts connected to it. An ethernet segment can be a single coax wire running from one machine to another, a set of hosts connected to the same hub, or a switch in a twisted pair environment. So, what to do if you have more machines to connect than the hardware allows? You break them down into separate segments and use routers (also called gateways) to connect these individual segments. A router is simply a machine connected to more than one segment. It transfers data from one segment (or network) to the other. A simple network is shown in Figure 9-2 .
 

Figure 9-2
simplenet
 
Simple network example
  Unfortunately, the hardware side has direct influence on the numbering scheme that you use to assign IP numbers to the machines connected to each segment. The three segments in Figure 9-2 have different network addresses. A network address is the IP address used to identify the whole subnet (we refer to segments if we focus on the hardware side, and subnet for the software or IP portion of this).
 
Connected to a network address is the network mask. Together, the network address and the network mask (netmask) tell you which IP addresses can be reached within a given subnet. Netmasks are often a source of confusion if you don't know how to decipher them.
 
An IP address is a 64-bit number that can address a single host or a complete (sub)network, depending on the netmask. The netmask is a filter that decides which part of the IP address will hold the network address and which part addresses the host within this network. If you do a logical bitwise of an IP address and netmask, you'll get the network address of this IP address. There are two different notations for netmasks. The traditional way is to write the netmask the same way as you would an IP address, in decimal dot notation as a quadruple of 8-bit numbers, for example, 255.255.255.0. These days, the preferred method is to write the number of bits set in the netmask. As a netmask becomes filled up with 1 bits from left to right (no gaps allowed), 24 has the same meaning as 255.255.255.0.
 
The network address and the netmask are usually delimited with a forward slash (/). For host addresses, it's optional to give the netmask, but for network addresses, it's mandatory.
 
What does this mean for the networks in the example? You'll see three network addresses in Figure 9-2, each with different netmasks. Network A has the address 192.168.0.0/25. This means that the network can be reached by addressing the IP number 192.168.0.0. The /25 tells you that the first 25 bits are used for the network address, so there are seven bits left to address single hosts within this network.
 
Figure 9-3 illustrates the relationship between netmask and IP address for these values. The netmask masquerades all bits in the IP address that contain the network part of the address. The empty bits of the netmask determine which bits are used to address the host within the given network.
 
Figure 9-3
netmask
 
The netmask masquerades bits in the IP address
  This means that the host addresses in this network are in a range that begins with 192.168.0.185 and goes up to 192.168.0.126. The last address (which in this case is 192.168.0.127) is always reserved as the broadcast address for this subnet. All hosts in the network listen for broadcast messages on this address. If you transfer this to network B and C, you get the IP address ranges shown in Table 9-1 for the three networks.
 
 
Table 9-1 Address ranges for the example networks
 
Network First Address Last Address Broadcast
192.168.0.0/25 192.168.0.1 192.168.0.126 192.168.0.127
192.168.0.128/25 192.168.0.129 192.168.0.254 192.168.0.255
192.168.1.0/24 192.168.1.1 192.168.1.254 192.168.1.255
 
9.2 Routing
 

What happens if a host wants to communicate with another machine? The answer is that it depends on whether the target machine is in the same subnet or not. To determine this, the source host uses its network mask. If the network portion of its own address is exactly the same as the network part of the target machine's address, both hosts are within the same subnet and can communicate directly with each other. If they are in different subnets, a gateway is needed to forward the packages to this subnet. The kernel routing table holds the information that the source host needs to determine which gateway should be used to forward packages to a particular subnet. Usually, there is a default gateway that will be taken if no specific gateway can be found.
 
If you refer back at Figure 9-2, you can see that there are two routers connecting the three subnets and one of them is also connected to the Internet. To get a detailed picture about routing in this constellation, you have to look at the routing tables of regular hosts in the three subnets, and on the routing table of the routers themselves.
 

9.2.1 Hosts in Network A
 

All hosts in Network A can reach other hosts in their network (which has the address 192.168.0.0/25) directly over their ethernet interface (in this instance, eth0). They reach everything else via Router A/B.
 
So, the routing table for a host in this network would look like this:
 

 
Kernel IP routing table  
Destination    Gateway       Genmask           Flags Metric Ref Use Iface  
192.168.0.0    0.0.0.0       255.255.255.128   U     0      0   0   eth0  
127.0.0.0      0.0.0.0       255.0.0.0         U     0      0   0   lo  
0.0.0.0        192.168.0.1   0.0.0.0           UG    0      0   0   eth0  
 
 
If you run the command /sbin/route -n, the routing table of your system will appear. It should look similar to the one presented here. The column titled Destination lists the networks that can be reached with this routing entry. A destination address of 0.0.0.0 specifies the default gateway.
 
The Gateway column lists the router, which is the packages' destination. If the gateway is 0.0.0.0, the packages will be sent directly to the device specified in the device column. Genmask is the netmask that is applied to the destination address.
 
The routing table in this illustration will send all packages destined to 192.168.0.0/255.255.255.128 to the device eth0. The loopback device lo handles the pseudo net 127.0.0.0/255.0.0.0. All packages not going to the local subnet are forwarded to Router A/B, whose address is 192.168.0.1 and is listed as the default gateway. This is fine because this router is the only connection to other networks for those hosts.
 
9.2.2 Hosts in Network B
 

The situation in this subnet has two routers and is a bit more complicated. The routing table for these hosts has an additional entry:

 
Kernel IP routing table  
Destination    Gateway        Genmask           Flags Metric Ref Use Iface  
127.0.0.0      0.0.0.0        255.0.0.0         U     0      0   0    lo  
192.168.0.128  0.0.0.0        255.255.255.128   U     0      0   0    eth0  
192.168.0.0    192.168.0.130  255.255.255.128   UG    0      0   0    eth0  
0.0.0.0        192.168.0.129  0.0.0.0           UG    0      0   0    eth0  
 
 
You see the same entry for 127.0.0.0/255.0.0.0. The second line specifies the local subnet 192.168.0.128/255.255.255.128. Router A/B is given as the gateway to Network A. Note that this machine has a different IP address for this network. A router has to have one network device for each network to which it's connected. Each of these devices must have an address in the network to which it's pointing. The default gateway points to Router B/C.
 
9.2.3 Hosts in Network C
 

This setup is almost the same as the one in Network A. The local subnet can be reached over the eth0 interface. Everything else is forwarded to Router B/C:
 

 
Kernel IP routing table  
Destination    Gateway       Genmask           Flags Metric Ref Use Iface  
127.0.0.0      0.0.0.0       255.0.0.0         U     0      0   0   lo  
192.168.1.0    0.0.0.0       255.255.255.0     U     0      0   0   eth0  
0.0.0.0        192.168.1.1   0.0.0.0           UG    0      0   0   eth0  
 
 
9.2.4 Router A/B
 

This machine is part of Network A and Network B. It can reach both of these networks directly over its network interfaces. Assuming that eth0 is the interface pointing to Network A and eth1 is the one for Network B, you get a routing table that looks like this:
 

 
Kernel IP routing table  
Destination    Gateway       Genmask           Flags Metric Ref Use Iface  
127.0.0.0      0.0.0.0       255.0.0.0         U     0      0   0   lo  
192.168.0.0    0.0.0.0       255.255.255.128   U     0      0   0   eth0  
192.168.0.128  0.0.0.0       255.255.255.128   U     0      0   0   eth1  
0.0.0.0        192.168.0.129 0.0.0.0           UG    0      0   0   eth1  
 
 
There is one line for each network, and the default gateway is Router B/C.
 
9.2.5 Router B/C
 

This machine has the most complicated routing table in this example. It is directly connected to Network B and C. It must forward packages directed to Network A to Router A/B, and it serves as the gateway to the Internet. In this case, it is assumed that every host not in one of the local networks can be reached through the Internet. If eth0 is the device to Network B and eth1 points to Network C, you will need to set up this routing table for Router B/C:
 

 
Kernel IP routing table  
Destination    Gateway       Genmask           Flags Metric Ref Use Iface  
127.0.0.0      0.0.0.0       255.0.0.0         U     0      0   0   lo  
192.168.1.0    0.0.0.0       255.255.255.0     U     0      0   0   eth1  
192.168.0.128  0.0.0.0       255.255.255.128   U     0      0   0   eth0  
192.168.0.0    192.168.0.130 255.255.255.128   U     0      0   0   eth0  
0.0.0.0        204.179.13.1  0.0.0.0           UG    0      0   0   ppp0  
 
 
The default gateway is set to 204.179.13.1 on device ppp0. This is the address of the router to which you will connect for your Internet connection. In a real-world environment, this might be some kind of ISDN or T1 card. Even a ppp connection (as shown in this example) is possible, but is much too slow to connect an entire office.
 
This example works with so-called static routes. This means that the routing table of each host never changes. Routing can be configured dynamically, which means that the routing table can change during runtime. There are protocols and daemons that perform this task. In most cases, dynamic routing is not needed. If you require more details on dynamic routing, look in the man page routed(1) (routed is a daemon for dynamic routing) or, better yet, download gated and read the documentation provided with its source. The gated daemon is another routing daemon that supports additional routing protocols and is more flexible in its configuration. Unfortunately, gated is not part of the SuSE distribution.
 
 
Summary:
  TCP/IP is the de facto standard protocol for computer networks. It is fairly easy to set up and has simple principles to make it easy to route.
 
Routing is based on IP addresses and netmasks. The netmask tells the machine whether the destination address is in the local network and can be reached directly or is in a foreign net and requires a router to reach this machine.
 
Routers are machines that are connected to more than one network and forward IP packages from one net to the other. Every host has a routing table, which is used to determine a package's destination.
 
--
Back Up Contents Next
--

Copyright (c) 1999 by Terrehon Bowden and Bodo Bauer
To contact the author please sent mail to bb@bb-zone.com