Add Book to My BookshelfPurchase This Book Online

Chapter 2 - TCP/IP Communications

Cisco TCP/IP Routing Professional Reference
Chris Lewis
  Copyright © 1999 The McGraw-Hill Companies, Inc.

TCP/IP Addressing
As previously illustrated, when connecting two systems using TCP/IP, each protocol layer on one host communicates directly with the corresponding layer on the other host. For example, the DoD Network Access layer on one host communicates directly with the Network Access layer on another host. Each layer will use its own addressing scheme:
  The Application layer uses a hostname.
  The Transport layer uses a port number.
  The Internet layer uses an IP address.
  The Network Access layer uses a MAC address.
Now that all the terms we need to use have been introduced, we start to look at how things really work in an internetwork. The goal of the seven OSI layers of communication protocols is to form a packet that is correctly encoded for the network topology in use (such as Ethernet or Token-Ring), and to direct the packet to the correct destination—or at least to the next router in sequence to reach the desired destination. Figure 2-5 shows how the various addresses have to be assembled before a packet can be transferred on a network.
Figure 2-5: Addresses used in a packet to deliver application data across a network
We will now examine in more detail the addressing used at each layer of the DoD model, and conclude the chapter with a summary that illustrates how all the addresses work together to deliver a packet.
Application Layer Addressing
The Application layer is the interface to the user. At this layer, computers are addressed by hostnames, as it is easier for humans to refer to computers by name rather than by IP address. For example, you could call the VAX system in the sales department Sales-VAX, or use any other name that is convenient.
In the case of the Internet, which contains thousands of systems, two different computers could well have the same name assigned by a local administrator. For example, two different companies might both choose to name the VAX system in their sales departments Sales-VAX. To avoid confusion, the Internet has a number of domains. Each domain has sub domains that can have further divisions as necessary. The Internet includes the following domains and usages:
  MILUsed by the Department of Defense
  EDUUsed by colleges and universities
  COMUsed by corporations and other commercial entities
  NETUsed by those managing the Internet
The domain name for a host consists of a set of subdomains separated by periods. For example, the computer Sales-VAX located at the Acme company might have a Sales-VAX.acme.com domain name. This is referred to as a fully qualified hostname. If one wishes to communicate with a host that is at another Internet site, the fully qualified hostname must be used.
Hostnames cannot be used as an address in forming a packet to be sent over a network, so they are converted to IP addresses, which are used in addressing a packet. To translate a hostname to an IP address, a computer typically will refer to a hosts file (normally stored locally in the /etc subdirectory) or a Domain Name Service server on the internetwork, which is, effectively, a centralized hosts file.
The hosts file contains three columns: hostname, IP address, and alias. (There can be multiple aliases.) Here's an example:
123.45.45.45Host1Host1.acme.com
345.12.12.12 Host2Host2.acme.com
173.23.6.4 Host3Host3.acme.com
127.0.0.1 localhost
Manually keeping all hosts files on all machines on an internetwork the same can become quite a headache. DNS enables you to point hosts to a DNS server on the network, which will resolve hostnames to IP addresses for many hosts. This reduces administration, as you only have to maintain one database, not multiple hosts files.
Transport Layer Addressing
The Transport layer addresses are quite simple: They consist of a destination and source port number. A portion of an /etc/services file from a Unix machine that lists certain well-known port numbers is shown below:
ftp
21/tcp
telnet
23/tcp
smtp
25/tcp
tftp
69/udp
snmp
161/udp
For each Application layer protocol, this tells us the port number and whether the Transport layer protocol is TCP or UDP. The port numbers given are destination port numbers. If, for example, a computer needs to establish a Telnet session to another computer, it will set a destination port address of 23 and pick a random source port address of value greater than 1023. Port numbers lower than 1023 are reserved as "well-known" destination port numbers.
Internet Layer Addressing
At the Internet layer, all hosts must have a software address. In TCP/IP the software address for a host is the Internet or IP address. This address identifies the network to which the host is attached. Routers use this address to forward messages to the correct destination. This layer of addressing is the most labor-intensive for network administrators, so we will  spend more time on this than any other layer.
The Internet address of a host consists of 4 bytes or octets, which contain both a network and a node address. For every computer, the network portion of its address must match the network address of every other computer on that network. The host portion, however, must be unique for that network number.
If a computer is on the Internet, it is using a network address assigned by the Network Information Center of Chantilly, VA, known as the InterNIC, which operates under the authority of the Internet Assigned Numbers Authority. Typically an Internet service provider assigns the numbers for organizations or individuals. Normally the address is in dotted decimal notation.
The Internet Protocol supports three classes of Internet network addresses: A, B, and C, as shown in the following table. The important point here is that the value of the first octet defines the class to which the address belongs. These classes are summarized in Table 2.4, and shown graphically in Fig. 2-6.
Examples of network numbers (in bold) followed by host addresses for each of the classes appear below.
Class A100.1.1.1
Class B165.8.1.1
Class C199.119.99.1
To keep track of all the network numbers on an internetwork, each machine maintains a routing table.
Table  2.4 : Internet Address Classes
Address Class
Characteristics
Class A Networks
In a class A network, the first byte is the network address and the final 3 bytes are for the host address. There are 126 Class A networks, each having up to 16,777,216 hosts. On the Internet, all Class A addresses have been assigned.
Class B Networks
In a class B network, the first byte is in the 128 to 191 range. The first 2 bytes identify the network and the last 2 bytes identify the host within that network.
Class C Networks
In a class C network, the first byte is in the 192 to 223 range. The first 3 bytes define the network and the last byte defines the host within that network.
Figure 2-6: Class A, B, and C network numbers
The Routing Table.     Each entry in a routing table provides a variety of information, including the ultimate destination network number, a metric, the IP address of the next router in sequence to get to the destination (if appropriate), and the interface through which to reach this destination. The metric is a measure of how good the route is—basically, the lower the metric, the better the route. Other information can be present in routing tables, including various timers associated with the route. The routing table can have entries from the following sources:
  RIP, IGRP, or some other routing protocol
  Manual entries that can be default or static
Static routes are routes that are added manually; a destination and gateway address are specified for either a specific host (such as 193.1.1.1), or for an entire network (such as 193.1.1.0). A default route can be added by specifying a destination address of 0.0.0.0 when entering a static route. If a packet is destined for a network number not listed in the routing table, the default route entry tells the router to which IP address it should forward packets. It is assumed that the router to which the packet is forwarded will know how to get the packet to its ultimate destination.
Life gets more complicated when we use netmasks to split a network number into several subnets. A specific example of applying and changing subnet masks on a Cisco router is given in Chap. 3, but we will discuss the basic theory here. Most people new to the subject have some difficulty understanding how netmasks work. If the following discussion does not help you, don't panic. When we get to Chap. 3 and see the effect that changing netmasks has on a real network, things should become more clear.
Subnet Masks.     Netmasks are used to split a network into a collection of smaller subnetworks. This may be done to reduce network traffic on each subnetwork, or to make the internetwork more manageable. To all intents and purposes, each subnetwork functions as if it were an independent network.
Communication between a node on a local subnetwork and a node on a different subnetwork is like communication between nodes on two different networks. To a user, routing between subnetworks is transparent. Internally, however, the IP software recognizes any IP addresses that are destined for a subnetwork and sends those packets to the gateway for that subnetwork.
In an internetwork without netmasks, the routing table keeps track of network numbers. In an internetwork with netmasks, the routing table maintains a list of subnets and how to reach them. When netmasks are used, an IP address is interpreted as follows:
IP address = Network address.Subnetwork address.Host address
This shows that when a network is divided into subnetworks, the host address portion of the IP address is divided into two parts, the subnetwork address and the host address.
For example, if a network has the Class B IP network address portion 129.47, the remainder of the IP address can be divided into subnetwork addresses and host addresses. The network administrator controls this division to allow for maximum flexibility for network development at the site.
A subnet mask is the mechanism that defines how the host portion of the IP address is divided into subnetwork addresses and local host address portions. The subnet mask is a 32-bit (4-byte) number, just as an IP address is.
To understand the mechanics of the netmask, it is important to know a little binary arithmetic. We will go through the process of working out how netmasks work. Then I will show you a shortcut.
In binary, the only digits available are 0 and 1. This means that the rightmost digit of a binary number represents the amount of 1s in the number, either 0 or 1. The next digit represents the number of 2s the next digit the number of 4s, etc. To convert the 8-bit binary number 01101001 to the more familiar decimal, we need to use the map below:
128
64
32
16
8
4
2
1
0
1
1
0
1
0
0
1
This binary number is in fact 105 in the more familiar decimal. You can check this by using a scientific calculator. If you have eight 0s in a binary number, the decimal value is obviously 0. If you have eight ones, the decimal value is 255.
To see how a netmask splits up the host portion into subnet address and host address, it is necessary to convert both the IP address and the netmask to binary.
Once the IP address and netmask have been converted to binary, a logical AND is performed between the address and netmask (which means the resultant value is 1 if both IP and netmask value are a 1; otherwise the result is 0). Let's look at the example computation in Fig. 2-7.
IP address:
201.222.5.121
Subnet mask:
255.255.255.248
      
Network Number
Subnetwork Number
Host Address
201.222.5.121:
11001001
11011110
00000101
01111
001
255.255.255.248:
11111111
11111111
11111111
11111
000
Subnet:
11001001
11011110
00000101
01111
000
201
222
5
120
Figure 2-7: Calculating a subnet mask
Thus the resultant subnet address is 201.222.5.120. This netmask is said to have 5 bits in the subnet field, which leaves 3 bits to define hosts. Note that the last 3 bits of the fourth byte are separated off to show the effect of the netmask. With 3 binary bits, there are eight possible values (0 through 7). There are, however, only six of these addresses that can be used for hosts on this subnet. This is because the first and last values are reserved. The first is reserved for identifying the subnet number itself, and the last is the broadcast address for that subnet. This is shown for our example IP address and netmask below:
IP address
= 201.222.5.121
Subnet mask
= 255.255.255.248
Subnet address
= 201.222.5.120
Usable subnet host addresses
= 201.222.5.121 - 201.222.5.126
Subnet broadcast address
= 201.222.5.127
It is good to work through a few examples to understand how it works. Try to work out the subnet address, usable host addresses, and broadcast address for the following:
IP address
= 164.2.34.35
netmask
= 255.255.255.224
IP address
= 101.2.3.18
netmask
= 255.255.0.0
The answers are given at the end of this chapter.
A quicker way to work it out, which you can use once you are happy with what is going on, is as follows:
  Write down the netmask in binary.
  Look at the decimal value of the rightmost 1 in the netmask.
This decimal value tells you what increment in the IP address puts you into a new subnet.
This is best explained by using an example. Let's say we have a netmask of 255.255.255.224. Converting this to binary, we get:
11111111.11111111.11111111.11100000
We can see that the 1s end in the spot that represents the number of 32s we have in the number. This means that with every increment of 32 in the IP address, we go into a new subnet. We can illustrate this by applying this netmask to the following IP address:
150.2.3.56
With the 255.255.255.224 netmask, we get a new subnet every 32 addresses, so the subnets will start at:
150.2.3.0
150.2.3.32
150.2.3.64
150.2.3.96
150.2.3.128
150.2.3.160
150.2.3.192
150.2.3.224
So, for the address 150.2.3.56, with a netmask of 255.255.255.224, the subnet address is 150.2.3.32.
Tables 2.5 and 2.6 show how many hosts and subnets result when a range of subnet masks is applied to both class B and C networks. Always note that the first and last address for a host or a subnet cannot be used.
Network Access Layer Addressing
The Network Access layer addresses can be referred to by several names, which include MAC, hardware, and physical addresses. I refer to them as MAC addresses. A MAC address is used by one of the network types defined by the Project 802 committee, basically either an Ethernet or token-passing network.
A MAC address is a collection of 6 bytes of information, usually represented with hexadecimal numbers and looking something like this:
08:CA:00:12:34:56
Every MAC address in the world is unique. The way this is ensured is that a central body assigns the first 3 bytes to manufacturers as a prefix, and the manufacturer then numbers the devices with 3 additional bytes that are numbered sequentially. If a manufacturer runs out of numbers to assign, it can always get a new prefix. If you ever see a device on a network with a MAC address that begins with 00.00.0C, you know it is a Cisco device.
Table 2.5 : Class B Subnetting
Bits
Subnet Mask
Subnets
Hosts
2
255.255.192.0
2
16382
3
255.255.224.0
6
8190
4
255.255.240.0
14
4094
5
255.255.248.0
30
2046
6
255.255.252.0
62
1022
7
255.255.254.0
126
510
8
255.255.255.0
254
254
9
255.255.255.128
510
126
10
255.255.255.192
1022
62
11
255.255.255.224
2046
30
12
255.255.255.240
4094
14
13
255.255.255.248
8190
6
14
255.255.255.252
16382
2
Table 2.6 : Class C Subnetting
Bits
Subnet Mask
Subnets
Hosts
2
255.255.192
2
62
3
255.255.224
6
30
4
255.255.240
14
14
5
255.255.248
30
6
6
255.255.252
62
2
MAC addresses are used to deliver packets to their destination on one network. People often ask, "If there is a guaranteed-unique MAC address on the internetwork, why bother assigning IP addresses?"
The answer goes back to the analogy of delivering a letter via the postal service, discussed in Chap. 1. The postal service is efficient because it uses distribution points, generally located in each city. An internetwork is the same in that it uses a router as a distribution point for a network number. If there were no IP addresses, each router would have to keep track of the location of every MAC address on the internetwork. This soon becomes unwieldy in an internetwork of any size.
So, we have IP addresses that are responsible for getting a packet delivered to the correct network (or subnet if netmasks are used), and MAC addresses are then used to deliver the packet locally. What actually happens as a packet is transported through an internetwork is that the source and destination MAC addresses change each time the packet travels through a router, whereas the IP source and destination addresses remain constant. This is illustrated in Fig. 2-8.
This figure shows that when PC1 sends a packet to PC2 through the router, the source and destination IP addresses remain constant, but the MAC addresses change as the packet moves from one network segment to another through the router.
Figure 2-8: How the MAC addresses used in addressing a packet change as it traverses an internetwork

 


 
Books24x7.com, Inc © 2000 –  Feedback