Professional Documents
Culture Documents
TCP/IP Networking Basics: Related Publications
TCP/IP Networking Basics: Related Publications
A network in your home or small business uses the same type of TCP/IP networking that is used for the Internet. This manual provides an overview of IP (Internet Protocol) networks and networking.
Related Publications
As you read this document, you may be directed to RFC documents for further information. An RFC is a Request For Comment (RFC) published by the Internet Engineering Task Force (IETF), an open organization that defines the architecture and operation of the Internet. The RFC documents explain the standard protocols and procedures for the Internet. The documents are listed on the World Wide Web at http://www.ietf.org and can also be found on many other Web sites.
What is a Router?
A router is a device that forwards traffic between networks based on network layer information in the data and on routing tables maintained by the router. In these routing tables, a router builds up a logical picture of the overall network by gathering and exchanging information with other routers in the network. Using this information, the router chooses the best path for forwarding network traffic. Routers vary in performance and scale, number of routing protocols supported, and types of physical WAN connection they support.
TCP/IP Networking Basics v1.0, September 2005 2-1
The latter version is easier to remember and easier to enter into your computer. In addition, the 32 bits of the address are subdivided into two parts. The first part of the address identifies the network, and the second part identifies the host node or station on the network. The dividing point may vary depending on the address range and the application. There are five standard classes of IP addresses. These address classes have different ways of determining the network and host sections of the address, allowing for different numbers of hosts on a network. Each address type begins with a unique bit pattern, which is used by the TCP/IP software to identify the address class. After the address class has been determined, the software can correctly identify the host section of the address. The figure below shows the three main address classes, including network and host sections of the address for each address type.
Class A
Network Class B
Node
Network
Node
Class C
Network
Node
7261
Figure 2-1
The five address classes are: Class A Class A addresses can have up to 16,777,214 hosts on a single network. They use an 8-bit network number and a 24-bit node number. Class A addresses are in this range:
1.x.x.x to 126.x.x.x.
Class B Class B addresses can have up to 65,354 hosts on a network. A Class B address uses a 16-bit network number and a 16-bit node number. Class B addresses are in this range:
128.1.x.x to 191.254.x.x.
Class C Class C addresses can have up to 254 hosts on a network. A Class C address uses a 24-bit network number and an 8-bit node number. Class C addresses are in this range:
192.0.1.x to 223.255.254.x.
Class D Class D addresses are used for multicasts (messages sent to many hosts). Class D addresses are in this range:
224.0.0.0 to 239.255.255.255.
This addressing structure allows IP addresses to uniquely identify each physical network and each node on each physical network.
TCP/IP Networking Basics v1.0, September 2005 2-3
For each unique value of the network portion of the address, the base address of the range (host address of all zeros) is known as the network address and is not usually assigned to a host. Also, the top address of the range (host address of all ones) is not assigned, but is used as the broadcast address for simultaneously sending a packet to all hosts with the same network address.
Netmask
In each of the address classes previously described, the size of the two parts (network address and host address) is implied by the class. This partitioning scheme can also be expressed by a netmask associated with the IP address. A netmask is a 32-bit quantity that, when logically combined (using an AND operator) with an IP address, yields the network address. For instance, the netmasks for Class A, B, and C addresses are 255.0.0.0, 255.255.0.0, and 255.255.255.0, respectively. For example, the address 192.168.170.237 is a Class C IP address whose network portion is the upper 24 bits. When combined (using an AND operator) with the Class C netmask, as shown here, only the network portion of the address remains:
11000000 10101000 10101010 11101101 (192.168.170.237)
combined with:
11111111 11111111 11111111 00000000 (255.255.255.0)
equals:
11000000 10101000 10101010 00000000 (192.168.170.0)
As a shorter alternative to dotted-decimal notation, the netmask may also be expressed in terms of the number of ones from the left. This number is appended to the IP address, following a backward slash (/), as /n. In the example, the address could be written as 192.168.170.237/24, indicating that the netmask is 24 ones followed by 8 zeros.
Subnet Addressing
By looking at the addressing structures, you can see that even with a Class C address, there are a large number of hosts per network. Such a structure is an inefficient use of addresses if each end of a routed link requires a different network number. It is unlikely that the smaller office LANs would have that many devices. You can resolve this problem by using a technique known as subnet addressing.
Subnet addressing allows us to split one IP network address into smaller multiple physical networks known as subnetworks. Some of the node numbers are used as a subnet number instead. A Class B address gives us 16 bits of node numbers translating to 64,000 nodes. Most organizations do not use 64,000 nodes, so there are free bits that can be reassigned. Subnet addressing makes use of those bits that are free, as shown below.
Class B
Network
Subnet
Node
7262
Figure 2-2
A Class B address can be effectively translated into multiple Class C addresses. For example, the IP address of 172.16.0.0 is assigned, but node addresses are limited to 255 maximum, allowing eight extra bits to use as a subnet address. The IP address of 172.16.97.235 would be interpreted as IP network address 172.16, subnet number 97, and node number 235. In addition to extending the number of addresses available, subnet addressing provides other benefits. Subnet addressing allows a network manager to construct an address scheme for the network by using different subnets for other geographical locations in the network or for other departments in the organization. Although the preceding example uses the entire third octet for a subnet address, note that you are not restricted to octet boundaries in subnetting. To create more network numbers, you need only shift some bits from the host address to the network address. For instance, to partition a Class C network number (192.68.135.0) into two, you shift one bit from the host address to the network address. The new netmask (or subnet mask) is 255.255.255.128. The first subnet has network number 192.68.135.0 with hosts 192.68.135.1 to 129.68.135.126, and the second subnet has network number 192.68.135.128 with hosts 192.68.135.129 to 192.68.135.254. Note: The number 192.68.135.127 is not assigned because it is the broadcast address of the first subnet. The number 192.68.135.128 is not assigned because it is the network address of the second subnet.
2-5
The following table lists the additional subnet mask bits in dotted-decimal notation. To use the table, write down the original class netmask and replace the 0-value octets with the dotted-decimal value of the additional subnet bits. For example, to partition your Class C network with subnet mask 255.255.255.0 into 16 subnets (four bits), the new subnet mask becomes 255.255.255.240.
Table 2-1. Netmask Notation Translation Table for One Octet
Number of Bits Dotted-Decimal Value 1 2 3 4 5 6 7 8 128 192 224 240 248 252 254 255
The following table displays several common netmask values in both the dotted-decimal and the masklength formats.
Table 2-2. Netmask Formats
Dotted-Decimal 255.0.0.0 255.255.0.0 255.255.255.0 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 255.255.255.254 255.255.255.255 Masklength /8 /16 /24 /25 /26 /27 /28 /29 /30 /31 /32
Configure all hosts on a LAN segment to use the same netmask for the following reasons:
2-6 v1.0, September 2005 TCP/IP Networking Basics
So that hosts recognize local IP broadcast packets When a device broadcasts to its segment neighbors, it uses a destination address of the local network address with all ones for the host address. In order for this scheme to work, all devices on the segment must agree on which bits comprise the host address.
So that a local router or bridge recognizes which addresses are local and which are remote
Private IP Addresses
If your local network is isolated from the Internet (for example, when using Network Address Translation, NAT, which is described below), you can assign any IP addresses to the hosts without problems. However, the IANA has reserved the following three blocks of IP addresses specifically for private networks:
10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255
Choose your private network number from this range. Some NETGEAR products have DHCP servers that are preconfigured to automatically assign private addresses. Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines explained here. For more information about address assignment, refer to RFC 1597, Address Allocation for Private Internets, and RFC 1466, Guidelines for Management of IP Address Space. The Internet Engineering Task Force (IETF) publishes RFCs on its Web site at http://www.ietf.org.
2-7
192.168.0.3
192.168.0.1
172.21.15.105 Internet
192.168.0.4
192.168.0.5
7786EA
Figure 2-3
This scheme offers the additional benefit of firewall-like protection because the internal LAN addresses are not shown to the Internet connection. This filtering can prevent intruders from probing your system. However, using port forwarding, you can allow one computer (for example, a Web server) on your local network to be accessible to outside users.
Related Documents
The station with the correct IP address responds with its own MAC address directly to the sending device. The receiving station provides the transmitting station with the required destination MAC address. The IP address data and MAC address data for each station are held in an ARP table. The next time data is sent, the address can be obtained from the address information in the table. For more information about address assignment, refer to the IETF documents RFC 1597, Address Allocation for Private Internets, and RFC 1466, Guidelines for Management of IP Address Space. For more information about IP address translation, refer to RFC 1631, The IP Network Address Translator (NAT).
IP Configuration by DHCP
When an IP-based local area network is installed, each computer must be configured with an IP address. If the computers need to access the Internet, they should also be configured with a gateway address and one or more DNS server addresses. As an alternative to manual configuration, Dynamic Host Configuration Protocol (DHCP) is a method by which each computer on the network can automatically obtain this configuration information. A device on the network may act as a DHCP server. The DHCP server stores a list or pool of IP addresses, along with other information (such as gateway and DNS addresses) that it may assign to the other devices on the network. Some NETGEAR products can act as DHCP servers. Some NETGEAR products also function as DHCP clients when connecting to the ISP. Such NETGEAR products can automatically obtain an IP address, subnet mask, DNS server addresses, and a gateway address if the ISP provides this information by DHCP.
What is a Firewall?
A firewall is a device that protects one network from another while allowing communication between the two. A firewall incorporates the functions of the NAT router, while adding features for dealing with a hacker intrusion or attack. Several known types of intrusion or attack can be recognized when they occur. When an incident is detected, the firewall can log details of the attempt, and it can optionally send e-mail to an administrator to report the incident. Using information from the log, the administrator can take action with the ISP of the hacker. In some types of intrusions, the firewall can fend off the hacker by discarding all further packets from the hackers IP address for a period of time.
Stateful Packet Inspection Unlike simple Internet sharing routers, a firewall uses a process called stateful packet inspection to ensure secure firewall filtering to protect your network from attacks and intrusions. Since userlevel applications such as FTP and Web browsers can create complex patterns of network traffic, it is necessary for the firewall to analyze groups of network connection states. Using stateful packet inspection, an incoming packet is intercepted at the network layer and then analyzed for staterelated information associated with all network connections. A central cache within the firewall keeps track of the state information associated with all network connections. All traffic passing through the firewall is analyzed against the state of these connections to determine whether or not it will be allowed to pass through or be rejected. Denial of Service Attack A hacker may be able to prevent your network from operating or communicating by launching a Denial of Service (DoS) attack. The method used for such an attack can be as simple as merely flooding your site with more requests than it can handle. A more sophisticated attack may attempt to exploit some weakness in the operating system used by your router or gateway. Some operating systems can be disrupted by simply sending a packet with incorrect length information.
2-11
Ethernet Cabling
Although Ethernet networks originally used thick or thin coaxial cable, most installations currently use unshielded twisted pair (UTP) cabling. The UTP cable contains eight conductors, arranged in four twisted pairs, and is terminated with an RJ45 type connector. A normal straight-through UTP Ethernet cable follows the EIA568B standard wiring as described below.
Table 2-1. UTP Ethernet cable wiring, straight-through
Pin 1 2 3 4 5 6 7 8 Wire color Orange/White Orange Green/White Blue Blue/White Green Brown/White Brown Receive (Rx) Signal Transmit (Tx) + Transmit (Tx) Receive (Rx) +
Figure 2-4
Figure 2-5
2-13
Figure 2-6
Note: Flat silver satin telephone cable may have the same RJ-45 plug. However, using telephone cable results in excessive collisions, causing the attached port to be partitioned or disconnected from the network.
Some NETGEAR products incorporate Auto Uplink technology (also called MDI/MDIX). With this feature, each local Ethernet port automatically senses whether the Ethernet cable plugged into the port should have a normal connection (for example, connecting to a computer) or an uplink connection (for example, connecting to a router, switch, or hub). That port then configures itself to the correct configuration. This feature also eliminates the need to worry about crossover cables because Auto Uplink will accommodate either type of cable to make the right connection.
2-15