Ipv4 Addressing and Subnetting
Ipv4 Addressing and Subnetting
Ipv4 Addressing and Subnetting
41 – Aaron Balchunas 1
***
All original material copyright © 2013 by Aaron Balchunas (aaron@routeralley.com),
unless otherwise noted. All other material copyright © of their respective owners.
consent of the owner of the above copyright. Updated material may be found at
http://www.routeralley.com.
Logical Addressing
Logical addressing is a function of the Network layer of the OSI Model
(Layer-3), and provides a hierarchical structure to separate networks.
Logical addresses are never hardcoded on physical network interfaces, and
can be dynamically assigned and changed freely.
A logical address contains two components:
Network ID – identifies which network a host belongs to.
Host ID – uniquely identifies the host on that network.
Examples of logical addressing protocols include Internetwork Packet
Exchange (IPX) and Internet Protocol (IP). IPX was predominantly used
on Novell networks, but is now almost entirely deprecated. IP is the most
widely-used logical address, and is the backbone protocol of the Internet.
2n
The exponent ‘n’ identifies the number of bits to steal from the host portion
of the subnet mask. The default Class C mask (255.255.255.0) looks as
follows in binary:
11111111.1111111.1111111.00000000
There are a total of 24 bits set to 1, which are used to identify the network.
There are a total of 8 bits set to 0, which are used to identify the host, and
these host bits can be stolen.
Stealing bits essentially involves changing host bits (set to 0 or off) in the
subnet mask to network bits (set to 1 or on). Remember, network bits in a
subnet mask must always be contiguous - skipping bits is not allowed.
Consider the result if three bits are stolen. Using the above formula:
2n = 23 = 8 = 8 new networks created
However, a total of 8 new networks does not meet the original requirement
of at least 10 networks. Consider the result if four bits are stolen:
2n = 24 = 16 = 16 new networks created
A total of 16 new networks does meet the original requirement. Stealing four
host bits results in the following new subnet mask:
11111111.11111111.11111111.11110000 = 255.255.255.240
Subnetting (continued)
In the previous example, a Class C network was subnetted to create 16 new
networks, using a subnet mask of 255.255.255.240 (or /28 in CIDR). Four
bits were stolen in the subnet mask, leaving only four bits for hosts.
To determine the number of hosts this results in, for each of the new 16
networks, a slightly modified formula is required:
2n – 2
Consider the result if four bits are available for hosts:
2n – 2 = 24 – 2 = 16 – 2 = 14 usable hosts per network
Thus, subnetting a Class C network with a /28 mask creates 16 new
networks, with 14 usable hosts per network.
Why is the formula for calculating usable hosts 2n – 2? Because it is never
possible to assign a host an address with all 0 or all 1 bits in the host portion
of the address. These are reserved for the subnet and broadcast addresses,
respectively. Thus, every time a network is subnetted, useable host addresses
are lost.
The ip subnet-zero commands allows for the use of networks with all 0 or all
1 bits in the stolen network portion of the address. Thus, the formula for
calculating the number of new networks created is simply 2n.
Remember though, the formula for calculating usable hosts is always 2n – 2.
(Reference: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f18.shtml)
Determining the Range of Subnetted Networks
Determining the range of the newly created networks can be accomplished
using several methods. The long method involves some binary magic.
Consider the example 192.168.254.0 network again, which was subnetted
using a 255.255.255.240 mask:
192.168.254.0: 11000000.10101000.11111110.00000000
255.255.255.240: 11111111.11111111.11111111.11110000
Subnetting stole four bits in the fourth octet, creating a total of 16 new
networks. Looking at only the fourth octet, the first newly created network is
0000. The second new network is 0001. Calculating all possible
permutations of the four stolen bits:
Binary Decimal Binary Decimal Binary Decimal
.0000 xxxx .0 .0110 xxxx .96 .1100 xxxx .192
.0001 xxxx .16 .0111 xxxx .112 .1101 xxxx .208
.0010 xxxx .32 .1000 xxxx .128 .1110 xxxx .224
.0011 xxxx .48 .1001 xxxx .144 .1111 xxxx .240
.0100 xxxx .64 .1010 xxxx .160
.0101 xxxx .80 .1011 xxxx .176
Note that this equates to exactly 16 new networks. The decimal value
represents the first (or the subnet) address of each newly created network. To
determine the range for the hosts of the first new network:
Binary Decimal Binary Decimal Binary Decimal
.0000 0000 .0 .0000 0110 .6 .0000 1100 .12
.0000 0001 .1 .0000 0111 .7 .0000 1101 .13
.0000 0010 .2 .0000 1000 .8 .0000 1110 .14
.0000 0011 .3 .0000 1001 .9 .0000 1111 .15
.0000 0100 .4 .0000 1010 .10
.0000 0101 .5 .0000 1011 .11
The binary value has been split to emphasize the separation of the stolen
network bits from the host bits. The first address has all 0 bits in the host
portion (0000), and is the subnet address for this network. The last address
has all 1 bits in the host portion, and thus is the broadcast address for this
network. Note that there are exactly 14 usable addresses to assign to hosts.
Determining the Range of Subnetted Networks (continued)
Calculating the ranges of subnetted networks can quickly become tedious
when using the long binary method. The shortcut method involves taking the
subnet mask (255.255.255.240 from the previous example), and subtracting
the subnetted octet (240) from 256.
256 – 240 = 16
Assuming ip subnet-zero is enabled, the first network will begin at 0. Then,
simply continue adding 16 to identify the first address of each new network:
Usable Range
Usable Range
The 224.x.x.x – 239.x.x.x ranges are reserved for multicast, and are
referred to as Class D addresses.
The 8-bit Time to Live (TTL) field limits the lifetime of the packet,
preventing it from being endlessly forwarded. When a router forwards a
packet, it will decrement the TTL value by one. Once the TTL value reaches
zero, the packet is dropped.
The 8-bit Protocol field identifies the next upper-layer header, and is
covered in the next section.
The 16-bit Header Checksum field is used to error-check the IPv4 header.
The receiving host will discard the packet if it fails the checksum
calculation.
The 32-bit Source Address field identifies the sending host. The 32-bit
Destination Address field identifies the receiving host. The value of both of
these fields can be changed as the packet is forwarded, using NAT.
The variable-length Options field provides additional optional IPv4
parameters, outside the scope of this guide.
IPv4 Protocol Numbers
The 8-bit Protocol field specifies the next upper-layer header within the data
payload of the packet. These upper-layer protocols are identified using IP
Protocol Numbers.
The following is a list of common IP Protocol Numbers, as assigned by the
IANA:
Protocol Upper-Layer Protocol
Number
1 ICMP
2 IGMP
6 TCP
9 IGRP
17 UDP
46 RSVP
47 GRE
50 IPSEC ESP
51 IPSEC AH
88 EIGRP
89 OSPF
(Reference: http://www.iana.org/assignments/protocol-numbers)
Resolving Logical Addresses to Hardware Addresses
A host cannot directly send data to another host’s logical address. A
destination logical address must be mapped to a hardware address, so that
the Data-Link layer can package a frame to transmit on the physical
medium.
The Address Resolution Protocol (ARP) provides this mechanism for IPv4
on Ethernet networks. ARP allows a host to determine the MAC address for
a particular destination IP address.
Consider the above diagram. The following demonstrates the steps required
for HostA to communicate with HostB:
First, HostA will determine if the destination IP address of 10.1.1.6 is
itself. If that address is configured on a local interface, the packet
never leaves HostA. In this example, 10.1.1.6 is not locally
configured on HostA.
Next, HostA will determine if the 10.1.1.6 address is on the same
network or subnet as itself. HostA consults its local routing table to
make this determination. In this example, the subnet mask is /16.
Thus, HostA’s IP address of 10.1.1.5 and the destination address of
10.1.1.6 are on the same network (10.1).
Because HostA and HostB are on the same network, HostA will then
broadcast an ARP request, asking for the MAC address of the
10.1.1.6 address.
HostB responds to the ARP request with an ARP reply, containing its
MAC address (AAAA.BBBB.CCCC).
HostA can now construct a Layer-2 frame, with a destination of
HostB’s MAC address. HostA forwards this frame to the switch,
which then forwards the frame to HostB.
Resolving Logical Addresses to Hardware Addresses (continued)
Now consider a slightly modified scenario between HostA and HostB:
Note that as a packet is routed, the source and destination IP address remain
unchanged. However, both the source and destination MAC address did
change.
This is because a MAC address contains no network hierarchy, and thus is
only significant on the local network. In the above scenario, HostA and
HostB could not communicate directly using Layer-2 addressing. At every
routed hop, the source and destination MAC address are adjusted to reflect
the source and destination hosts on the local network.
The source and destination IP address will only be changed if NAT is used.
3 - Destination Unreachable
0 Network Unreachable
1 Host Unreachable
2 Protocol Unreachable
3 Port Unreachable
4 Fragmentation Needed – Don’t Fragment Flag Set
6 Destination Network Unknown
7 Destination Host Unknown
9 Destination Network Administratively Prohibited
10 Destination Host Administratively Prohibited
5 Redirect
8 Echo
11 TTL Exceeded
The two most common troubleshooting tools that utilize ICMP are:
Packet Internet Groper (ping)
Traceroute
Ping is a core connectivity troubleshooting tool, which utilizes the Echo
Request and Echo Reply ICMP messages to determine if an IP address is
reachable and responding. Ping will additionally provide the round-trip
time between the source and destination, usually measured in milliseconds.
Traceroute determines the routing path a packet takes to reach its
destination. Traceroute will not only identify each router the packet has been
forwarded through, but will also measure the delay experienced at each
router hop.