NET 102 - Networking Essentials II

Chapter 7, TCP/IP Basics

Objectives:

This lesson goes into more detail about some concepts we have touched on already. Objectives important to this lesson:

  1. Relate the structure and function of common logical and physical transport systems to their specific OSI layers
  2. Calculate and apply logical network addressing schemes in a TCP/IP environment using decimal and binary numbering.
  3. Evaluate the use of TCP/IP subnetting and supernetting, and calculate a subnet masking scheme.
  4. Describe the purpose and use of DHCP, DNS, and host files for static and dynamic TCP/IP addressing, and understand the use of BOOTP and WINS in proprietary or legacy environments
Concepts:
Chapter 7

Protocol has two meanings that apply to networking: a rule used on networks, or a program that implements that kind of rule. You have probably heard of networks using the TCP/IP protocol. TCP/IP, in fact, is the name of two protocols: Transmission Control Protocol (TCP) and Internet Protocol (IP). They are used with several other protocols to enable some kinds of network communications. IP is used by routers, devices that find communication paths to other computers. Finding currently valid paths is necessary because any path may be available or unavailable at any given time. TCP is used to assure that messages we send are actually delivered. A group of protocols that are meant to work together can be called a protocol suite. TCP/IP, as your text used that term, means the suite or group of protocols that support IP based networks.

The text lists four protocol suites for the sake of history:

  • IPX/SPX was the suite for Novell networks
  • NetBIOS/NetBEUI still exists as a suite on Microsoft networks
  • AppleTalk was invented for Apple networks
  • TCP/IP was invented on Unix networks, and is now used on almost all networks

The text begins discussing the TCP/IP suite, using the TCP/IP model. TCP/IP protocols operate on the top three layers of the TCP/IP model. (I already feel like I'm typing Hodor, Hodor, Hodor.) It makes sense to start with the Internet (OSI: Network) layer, because that is where IP addresses are used and where the IP protocol lives. The text gets around to using the ideas I have mentioned before: as data is passed down the layers it is wrapped in a package by a protocol on a layer, header information is added, and the result is passed to a protocol on the next layer down, where it is packaged again, header information is added, and it is handed to a protocol on the next layer.

In the discussion of this process on page 146, the text says that the IP protocol creates "the final IP packet" and hands it off to Layer 2 for encapsulation into a frame. This statement is odd in two ways. The IP protocol creates all IP packets, not just the "final" one, whatever that is. I think the author may be trying to say that each segment that is received from the Transport layer has an IP header added to it, and it is then wrapped into an IP packet (also called a datagram) and it is handed to the next layer. The second odd part is the reference to Layer 2. According to the TCP/IP model, we are already on Layer 2. It only has four layers. The statement would be accurate if we were using the OSI model, handing off from the Network layer to the Data-Link layer. In the TCP/IP model, we are handing off from the Internet layer to the Link layer.

On page 147, the author discusses five of the fourteen fields you may find in an IPv4 packet header. More information about header fields is available here.

  • Version will say 4 or 6.
  • Header Length, measured in 32-bit words. This number can be as small as 5, or as large as 15.
  • Differentiated Services Code Point is defined unclearly by the text and some web references. The idea is to tag a packet according to its need for priority service. The example in the text, Voice over IP, is meant to show us a packet type that needs to be delivered on time.
  • Time to Live - This is a counter that increments with each hop (entering and leaving a router) the packet goes through. Packets are dropped when this counter reaches a predetermined limit. The field is one byte wide, so this value cannot go over 255. Despite the name, this is not a measure of time. It is a measure of times processed by a router.
  • Protocol is a number that identifies the protocol that handed off its data to the IP protocol. The text point out that IP usually receives data from TCP (6) or UDP (17).

Internet Layer Protocols

The text continues with a couple of lines about IP addresses. IP addresses, as we have discussed come in two varieties: IPv4 and IPv6. The text shows you an example of both on page 146. The text also mentions ICMP, Internet Control Message Protocol, which is used to send a ping to an IP address or a domain name. Those are the three things to associate with the Internet layer from this discussion: IPv4, IPv6, and ICMP.

Transport Layer Protocols

The text reminds us that the two main protocols on the Transport layer are TCP and UDP. TCP is connection-oriented, made for reliable, guaranteed delivery. UDP is connectionless, made for speed, but not guaranteed. Think of TCP as the FedEx guy, making sure the package arrives. Think of UDP as Vin Diesel in The Fast and the Furious, racing down the street and probably finishing.

The text describes several fields in a TCP header.

  • Two are the source and destination port numbers. They reference the applications/services that originated the request/message and the applications/services that this segment is going toward. 
  • Another field is the sequence number, which is critical for reassembling the segments created on this layer.
  • The ACK number field is holds symbols for ACK (acknowledgement) or NACK (negative-acknowledgement). TCP uses these symbols to confirm receipt of segments.
  • Checksum is important for checking the contents of the data field. If a bad segment is received, the receiving host would transmit a NACK message about that segment, including its sequence number.

The text discusses UDP briefly, adding to our confusion by stating that UDP sends datagrams. It does, even though the book answer for a test question is that datagram message units are associated with the Internet/Network layer. It tells us that UDP is suitable for VoIP applications, because a few dropped frames will not hurt a conversation. I suppose that greatly depends on the definition of "a few".

Application Layer Protocols

The text moves on to the Application layer (TCP/IP model) which we may want to recall covers three layers of the OSI model. The author really tells us little here, except that every application will send data and make headers differently from every other application.

IP Addresses

Having told us little about the largest layer in the model, the text returns to a discussion of IP. The text begins by telling us that messages need to be addressed, partly for the good of the network. We are asked to imagine the millions of users on the Internet at any given moment, all sending broadcast messages. In the graphic on page 151, we can imagine the symbolic message canisters converging on a single PC as being some kind of ordinance, bent on destroying the device at the end. It would not be just the end device that would melt down, but most of the Internet's supporting structure if this were allowed.  So, we return to IP addresses.

The author reveals the truth: the dotted decimal notation we have seen for IPv4 addresses is an illusion. Real systems send addresses as binary numbers. This should not be a surprise: all computers send data in a binary format. In a marginal note, the author remarks that you should get comfortable converting decimal to binary, and binary to decimal, using a calculator and by hand.

The author reminds us that every MAC address on a network must be unique (and in the world, for that matter), and that every IP address on a network must be unique. The leads to a useful observation that if you can get to a command prompt, knowing two commands will show you the IP address and MAC address of most computers:

  • ipconfig - good for Windows operating systems (typically used by entering ipconfig /all)
  • ifconfig - good for UNIX, Linux, and Mac OS X operating systems

These commands will give you more useful information as well.

If you do not know how IP addresses work, look at page 156, where the author shows us a picture of five computers connected to a wiring concentrator (could be a hub, a switch, or a router). All five PCs have IP addresses, which are all the same except for the fourth number. It is a good bet that the first three numbers identify the LAN these computers are on. We could be certain of this if we knew the subnet mask for this network. The subnet mask is something you tell network devices, typically when you assign an address to them. The author is jumping around instead of building your knowledge, so let's talk for a minute.

To pass the certification test for this course, you will need to be able to convert decimal notation to binary notation and vice versa. You will need to know a conversion method to pass the test, so we will discuss this one in class.

Values of Positions in a Byte
Bit position: 7 6 5 4 3 2 1 0
Value of Position (if a 1 is in it): 128 64 32 16 8 4 2 1

Like decimal numbers, binary and hex numbers use a positional value scheme. Each digit in a number is worth that digit times the value of the position it occupies. For example, in the decimal number 725, the 7 is worth 7 times 100, the 2 is worth 2 times 10, and the 5 is worth 5 times 1.

Binary is easier, since the only digits we can use are 1s and 0s. The largest number that can be stored in one byte is 255. This is the sum of the values of all the the positions in the byte. Converting a binary number to decimal is simple: add the values of all the positions that hold a one. The only trick is to have a clear memory of the value of each position. They are all powers of two. Start on the right with 1, and double the value for the each new position, moving to the left: 1, 2, 4, 8, 16, 32, 64, and 128.

When you convert a decimal number to binary, do a series of subtraction problems, one for each position in the byte, starting from the left. For example, let's convert 175 to binary.

  1. Ask yourself this question for each bit position: Can I subtract the value of this bit from the current number? You must be able to do it without getting a negative result. Remainders are okay.
    So, can you subtract 128 (a bit position value) from 175 (our current number)? Yes, you can. So you write a one in the 128 bit position, and do the math: 175 - 128 = 47.
  2. Can you subtract 64 from 47? No, so you write a zero in the 64 bit position.
  3. Can you subtract 32 from 47? Yes, so write a one in the 32 bit position, and do the math: 47 - 32 = 15.
  4. Can you subtract 16 from 15? No, so you write a zero in the 16 bit position.
  5. Can you subtract 8 from 15? Yes, so write a one in the 8 bit position, and do the math: 15 - 8 = 7.
  6. Can you subtract 4 from 7? Yes, so write a one in the 4 bit position, and do the math: 7 - 4 = 3.
  7. Can you subtract 2 from 3? Yes, so write a one in the 2 bit position, and do the math: 3 - 2 = 1.
  8. When you have 1 left, write a one in the 1 bit position. This will always be done for odd numbers.
    If there is no remainder at any of the steps, write a zero in each of the remaining bit positions.
Conversion to Binary
Bit position: 128 64 32 16 8 4 2 1
Conversion of 175 (above) 1 0 1 0 1 1 1 1

Practice converting decimal to binary and binary to decimal. Use the calculator in Windows to check your answers.

The IP protocol stack was invented with networking in mind. IP addresses contain two parts: one to identify the address of the network a host is on, and the other part to identify the host itself. Every network is assigned an address which, according to the original design, could be one, two, or three bytes, depending on the class of the network (A, B, or C). The remaining byte or bytes are typically used for hosts on networks. (It gets more complex, this is how we start.)

There are five address classes you need to know. The first three classes can be described by the number of bytes assigned to the network portion of their addresses:

  • one byte identifies a class A network
  • two bytes identify a class B network
  • three bytes identify a class C network

Class D and E addresses use portions of the fourth byte as well for network addressing. You may wish to know that only class A, B, and C addresses are for general use. Class D addresses are for multicasting (messages to groups of machines), and class E addresses are for experimental use.

One way to recognize the class of a given address is to know the range of possible addresses in each class. The five classes of addresses are defined as limited to specific ranges of values of the first byte. The numeric ranges are hard to remember until you see a chart that explains what the ranges have to do with the binary version of the first octet.

Remember the basics of binary notation: a byte has eight bits. Each bit is a digit in a binary number. Since we can only use 1s and 0s in binary notation, we either have (1) or don't have (0) the number of units represented by a position in the binary number.

Values of Positions in a Byte
Bit position: 7 6 5 4 3 2 1 0
Value of Position (if a 1 is in it): 128 64 32 16 8 4 2 1

Reading from left to right, if the first bit (position 7, above) of the first octet (another word for a byte) is a zero, that octet must represent a number less than 128. This defines a class A address: the first octet must be 127 or less. Consider it this way:

  • Class A - first bit is a 0, range for the byte is 0 to 127
  • Class B - first bit is a 1, second is a 0, range for the byte is 128 to 191
  • Class C - first two bits are 1s, third is a 0, range for the byte is 192 to 223
  • Class D - first three bits are 1s, fourth is a 0, range for the byte is 224 to 239
  • Class E - first four bits are 1s, fifth is a 0, range for the byte is 240 to 255

What good does it do to know the class of a network? That brings us back to a subnet mask. If I tell a device that its address is 10.25.31.46, it does not know which part of that address identifies the network until I tell it the subnet mask to use.

A subnet mask is like a pattern or filter. It tells hosts on a network which bits in an address are network address bits and which bits are host address bits. It does it by the use of 1s and 0s. Consider the table below that shows you three simple masks:

Standard Subnet Masks for Classes A, B, and C
Class A 255.0.0.0 11111111.00000000.00000000.00000000
Class B 255.255.0.0 11111111.11111111.00000000.00000000
Class C 255.255.255.0 11111111.11111111.11111111.00000000

Network devices read a mask to learn how to interpret addresses. A mask is always a series of 1s followed by a series of 0s. It is never a jumble. Address positions marked by 1s in a mask are considered network address positions. Address positions marked by 0s in a mask are considered host address positions.

Another way of saying this is that certain address bits are considered to be network address bits and the rest are considered host address bits. The actual method used involves Boolean math, but understanding it is not critical to understanding or using the concept. When a device reads an actual IP address, the rule from the subnet mask is applied, and the device understands which bits are the net address and which are the host address.

If you need another metaphor, think about this one. A router on a class C network might receive traffic bound for device 204.112.44.16. When received, that address would look like this:
11001100011100000010110000010000
(No dots, remember?)

A subnet mask is like a filter that only shows a portion of an address to a device. Routers only care about the network portion of an address. Imagine a pair of glasses that has one red lens and one blue lens. Imagine that the subnet mask colors all the bits of an incoming address so that the network bits are red and the host bits are blue. On a class C network, the subnet mask is 255.255.255.0, so the address would look like this:
11001100011100000010110000010000

The router would look at the address through a filter that would show it only the network address portion. This would be like looking through the blue lens, hiding the host portion of the address.
11001100011100000010110000010000

If this traffic were received by a device that cared only about the host portion of the address, it would be like looking through the red lens.
11001100011100000010110000010000

Subnet masks are also used when we subdivide a network, creating subnets. More on that shortly.

In my example above, the host was assigned 10.25.31.46 as its address. If it uses a class A mask, that means it is on network 10.0.0.0. If it uses a class B mask, that means it is on network 10.25.0.0. If it uses a class C mask, that means it is on network 10.25.31.0.

Why is it important to know what the network address is? Because we need to know whether we are sending to a machine on our own network or some other network. If it is on another network, we need to send the packets to a router, a device whose job is to connect two or more networks together. There may be more than one router on our network. Whether there is or not, a standard piece of information to give to a device is the address of its default gateway, the router on its network that gets all packets bound for other networks.

Let's assume for a minute that the mask we gave to the host in the example above was 255.255.0.0. This means that the address of the network this host is on is 10.25.0.0. The text mentions that the default gateway on a network is usually given the first address, which would be 10.25.0.1 in this case.

By the way, why isn't the first address on that network 10.25.0.0? That's the network's address, which is never assigned to a host. One way to remember that is that all the host bits are set to 0, which would not identify any machine. Another address never assigned to a host is the broadcast address for the network. The broadcast address is computed by taking the network address and turning on all host bits (making them all 1s). How do I know which are the host bits? Go back and look at the subnet mask again. In this example the third and fourth bytes are the host bits. That makes this network's broadcast address 10.25.255.255,

Remember when I told you that some networks would work just fine using only OSI layers 1 and 2? That's because you only need to know MAC addresses to reach another machine on your own network. What if you don't know their MAC addresses? You can get MAC addresses for local network devices by sending a broadcast request for them using ARP, Address Resolution Protocol. The ARP broadcast is sent to all local network devices, but it asks for the MAC address of a device that has a specific IP address, typically the one in a message you are trying to pass on. That's what routers do when a message arrives for a device on the router's network.

Quick fact: ARP is used to get a MAC address when you know an IP address.
RARP, Reverse Address Resolution Protocol, used to be used to get an IP address when you knew a MAC address: typically, a workstation would use RARP to ask to be assigned an IP address.
The author refers to RARP as being long dead. You could still see a question about it on certification test.
RARP is unnecessary if you are using DHCP to assign IP addresses, or if your workstations use BOOTP to ask for IP address assignment.

Routers pass signals from one network to another. Routers use software addresses instead of hardware addresses. This makes them independent of protocols used at lower layers. Almost. Example: a transmission is sent from a host on network 10.25.0.0 to a host on network 10.28.0.0. It could travel along several different routes. What happens is like this:

  • The Network Layer header of the outgoing message has a place to write information about the sender and the intended receiver. We are talking about IP addresses. The sender's IP address is saved in the Network Layer header, along with the IP address for the recipient. This data stays in the Network Layer header until the intended recipient breaks down the header.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer    

  • The Data Link Layer header also has a place to write down the address of the sender and the receiver, the difference being that this layer uses MAC addresses. Since the intended recipient is not on the sender's network, the sending station sets the Data Link Layer address of the recipient to the MAC address of the router (default gateway) on its network, and sends the message as a frame to that router. If necessary, an ARP signal is sent to determine the MAC address of the default gateway router.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Sender's MAC Default Gateway MAC

  • The router on the sender's network gets the frame, erases the sender and recipient addresses in the Data Link Layer (the green layer), and decides on a route to the recipient's network (which is written on the header of the Network layer, remember?). The next router in a logical chain is selected. If necessary, ARP is used to find the MAC address of the next router. The next router's MAC address is written in the Data Link Layer header as the "recipient", and the current router's MAC address is written to the Data Link Layer header as the "sender". The frame is forwarded to the next router.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Default Gateway MAC Next router's MAC

  • The process in the step above is repeated until a router on the intended recipient's network gets the frame. Then, the final router's MAC information and the receiver's MAC information are written to the Data Link Layer header, and the frame is delivered, where it is unpacked and handed to the IP protocol on the Network layer, and up the stack of layers.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Final router's MAC Receiver's MAC

Back to subnet masks for a bit. They are useful to know, but they are a bit bulky. On page 162, the text shows you another way to pass along mask information. What if I was told that a message was meant for the address 10.28.33.44/16? What's the /16 part for? That's CIDR notation. Classless InterDomain Routing information tells you the subnet mask that an address uses. /16 means that the network that address is part of uses 16 network bits, which is the same thing as saying it has a subnet mask of 255.255.0.0, which is the same as 11111111.11111111.00000000.00000000, but not nearly as boring, or nearly as prone to error.

Standard Subnet Masks for Classes A, B, and C
Class A 255.0.0.0 11111111.00000000.00000000.00000000 CIDR is /8
Class B 255.255.0.0 11111111.11111111.00000000.00000000 CIDR is /16
Class C 255.255.255.0 11111111.11111111.11111111.00000000 CIDR is /24

The text mentions on page 162 that IP address ranges in the various classes are assigned by the Internet Assigned Numbers Authority (IANA). Ranges of addresses assigned within a given class are called class licenses. Once upon a time, this was done by one person. Now, IANA doles out licenses to Regional Internet Registries (RIRs), who assign them to ISPs (Internet Service Providers).

There is a discussion about how many hosts you can have on a given network. Class C networks are a good example. Each class C network has 255 host addresses, but you can't assign the first address or the last address to a host. The first address has all host bits set to 0, which makes it the address of the network. The last address has all host bits set to 1, which makes it the IP broadcast address for that network. This is true within any class license: two addresses are not assignable to hosts.

The text also talks about class D and class E addresses. Class D and E addresses use portions of the fourth byte, as well as the first three, for network addressing. You may wish to know that only class A, B, and C addresses are for general use. Class D addresses are for multicasting (messages to groups of machines), and class E addresses are for experimental use. What's multicasting? When you send a message to all hosts on a network, that's a broadcast. When you send a message to one host on a network, that's a unicast. When you send a message to an address that is shared by several computers, that is a multicast. When they were frequently used, bridges on a network would be assigned their own addresses and a multicast address that they shared, so that they could easily send messages to each other. The text remarks that routers do this as well.

In addition to not assigning a network address or a broadcast address to hosts, there are some special addresses that are reserved. The list below shows some specific addresses that have special meanings:

  • 0.0.0.0 - the default route, used by Cisco routers
  • 127.0.0.0 - reserved for loopback. 127.0.0.1 is the Local Host. Any address in the 127.0.0.0 network can work as a loopback address.
  • All network bits set to 0, host bits set to some number - this means that the host bits are set to something other than 0, and we mean a specific host on the current network.
  • All host bits set to 0, network bits set to your network number - this is the address for the network itself
  • Network bits all set to 1 - this is the equivalent of using wildcards, meaning all networks
  • Host bits all set to 1 - this is the equivalent of using wildcards, meaning all hosts (broadcast address)
  • 255.255.255.255 - this is all wildcards, but refers to all hosts on this network

IANA has designated some address ranges as private or unregistered addresses. They are also called nonroutable addresses:

Class Private Addresses
Begin
Private Addresses
End
Class A 10.0.0.0 10.255.255.255
Class B 172.16.0.0 172.31.255.255
Class C 192.168.0.0 192.168.255.255

Any address beginning with a 10, for example, is assumed to be a private address. This is the format used in many networks, because it provides lots of addresses for hosts, and lots of room for subnets. (We will discuss this next.)

Within any organization, addresses in these ranges may be used without registering the addresses with IANA. Each address you use within your network must still be unique in your network. The problem is that there is no guarantee whatsoever that any address I use in my organization is not already in use in your organization, which makes direct networking between our networks unreliable, if not impossible.

The magic part: To access the Internet, traffic from a private address network passes through a router that acts as a proxy server, providing a shared connection with a registered address. That router has both a private address on your network, and a registered public address that lets it communicate with other networks. The proxy server shares its public address with the devices on your network, allowing them to send signals to other networks through it. The service that does this sharing of the address is called Network Address Translation (NAT).

Subnetting

Subnetting is the next topic in the text. You create subnets by subdividing a network, breaking it into useful subdivisions. Subnetting works by borrowing bits from the host portion of an address, and using those bits to identify subsections of your network. The use of borrowed bits only works because of subnet masks.

By borrowing one bit, two subnets are theoretically possible. However, as a general rule, subnet numbers using all 1s or all 0s are not used, so borrowing one bit will usually not yield any usable subnet addresses. This is why the traditional formula for number of usable subnets is:

2N - 2 = number of subnets (where N is the number of bits borrowed).

This limitation can be overcome with Cisco routers. The router command to accomplish it is IP subnet-zero. This command allows us to borrow one bit, so this would eliminate the need to subtract 2 from the number of possible subnets. When you are given an exam question, assume that the formula requires you to subtract 2 unless it says otherwise, often in some obscure way.

Assume we borrow two bits. In the table below, you see what the new subnet mask for be for each of the three useful classes. Borrowed bits are shown in red in the resulting subnet mask numbers below:

Subnet Masks if Borrowing 2 Bits

Decimal Mask Binary Mask
Class A 255.192.0.0 11111111.11000000.00000000.00000000
Class B 255.255.192.0 11111111.11111111.11000000.00000000
Class C 255.255.255.192 11111111.11111111.11111111.11000000

Note that the subnet masks above do not match the standard masks we learned. The standard masks are classful masks, because they match the intended use of class address schemes. The masks above are classless, because they do not match any network class.

Be aware that routers on the Internet only use the network bits of an address for routing. Routers connecting subnets within a network must use the network, subnet, and host bits for routing.

Regarding the topic of assigning subnet addresses:

  • Each address on a network must be unique. This is true for all IP addresses, not just subnet addresses.
  • The network and subnet numbers must be the same for all devices on the same network. A classic error is to assign two workstations to different subnets and expect them to communicate as if they were on the same logical LAN.
  • The host portion of the address must not be set to all 1s or all 0s.
  • Unless you are told otherwise, the subnet portion of an address must not be set to all 1s or all 0s.
  • Plan for growth. You will have to add more stations later to most LANs, and you may have to add more subnets than you need today. In general, you calculate the number of subnets required, then round up to the nearest power of two. Do the same with the number of hosts needed per subnet. You may find that the two goals are in conflict.
  • Don’t use IP addresses reserved for special use. These have been noted above.

You must strike a balance between how many subnets you need and how many hosts you may put on each subnet. If the network administrator has decided to borrow 3 bits from the host byte for subnets on a class C network, this leaves 5 bits for host addresses. To calculate how many usable subnets are obtained when borrowing a specific number of bits, use this formula:

2N - 2 = number of subnets (where N is the number of bits borrowed).

To calculate the number of hosts possible for each subnet, you actually do the same calculation, except that for the value of N, you use the TOTAL number of host bits still available in the address.

For instance, if this were a class B network, and you were borrowing 3 bits from the third byte for subnet addresses, the remaining 5 bits in the third byte and the 8 bits in the fourth byte would give you 13 as the value of N. Some methods call the exponent M when calculating the possible hosts, but the math is the same. DO subtract 2 in this case, because you cannot have all host bits as 0s (this is the subnet address) or all host bits as 1s (this is the broadcast address for the subnet).
For this example, the number of subnets would be 2N - 2 = 23 - 2 = 6
The number of hosts would be 2N - 2 =  213 - 2 = 8190

Assume a class C network whose address is 210.199.10.0. A class C network is born with the classful subnet mask of 255.255.255.0. If we borrow two bits from the host portion of the address, we make the subnet mask 255.255.255.192 (because 128 + 64 = 192).

The next step is to calculate the actual subnet addresses, that is, the addresses of the subnets themselves. The method is this:

  • Find the right-most 1 in the binary version of the subnet mask. The mask we are using in this example is this:
    255.255.255.192 11111111.11111111.11111111.11000000

  • Determine the value of this digit, based on its position in its byte. This value can only be 128, 64, 32, 16, 8, 4, 2 or 1. Call the value delta. (For those who are curious, Δ (the Greek letter delta) is a common physics symbol for "the amount of change".) In this example, the leftmost two bits of a byte are borrowed, so this value of delta is 64.
  • The value of delta is used as the value of the shared byte, creating the first practical subnet address. The network address in this example is 210.199.10.0, so the first subnet address would be 210.199.10.64. Subsequent subnet addresses are multiples of delta, used as the value of the shared byte. Obviously, no value greater than 255 can be used. In this example, the potential subnet addresses would look like the table below. We either do or don't count the first and last ones, depending on what the routers allow. Delta times 0, times 1, times 2, and times 3:

    210.199.10.0 11010010.11000111.00001010.00000000
    210.199.10.64 11010010.11000111.00001010.01000000
    210.199.10.128 11010010.11000111.00001010.10000000
    210.199.10.192 11010010.11000111.00001010.11000000

    These are not masks, nor are they host addresses. They are the addresses of the possible subnetworks.
    Subnet addresses using all 0s or all 1s in the subnet address section are possible only if your routers support them. If you were not to use that command, there would be two fewer possible subnets.

You must be able to calculate the number of possible subnets and possible hosts per subnet. You must also be able to state the addresses of the possible subnets. We have just covered this. You are further required to calculate the broadcast address of each subnet, and the range of host addresses on each.

The broadcast address of each subnet is actually one less than the address of the next subnet. For the last subnet, it is the broadcast address of the network. For example, the broadcast address for subnet 210.199.10.0 above is 210.199.10.63. Why? Because this is the same address with all host bits turned on (host bits shown in purple):
11010010.11000111.00001010.00111111
This is easily seen in binary, but also easily calculated in decimal. So for each subnet, the broadcast address is easily obtained.

Subnet Broadcast address
210.199.10.0 210.199.10.63
210.199.10.64 210.199.10.127
210.199.10.128 210.199.10.191
210.199.10.192 210.199.10.255

Once you have this information, you can derive the host address range for each subnet: it is the range of numbers between the subnet address and its broadcast address.

Subnet Broadcast address Host address range
210.199.10.0 210.199.10.63 210.199.10.1-62
210.199.10.64 210.199.10.127 210.199.10.65-126
210.199.10.128 210.199.10.191 210.199.10.129-190
210.199.10.192 210.199.10.255 210.199.10.193-254

An objective for the class is to understand supernetting. The text does not address the topic in this chapter. If you understand that subnetting is borrowing host bits to subdivide a network, you may find it easy to understand that supernetting is borrowing network bits to combine contiguous networks.

Supernets exist because of the growth of networks. The concept was invented to allow the use of larger numbers of hosts on a network than are allowed by standard IPv4 addressing rules. Another text states that supernets were invented to "extend the 32-bit IP address lifetime". This is also true.

All available class A and class B licenses for network addresses have been assigned. If you get a class C address, your network can only have about 254 hosts on it. This is not enough for some users.

Supernets combine multiple, sequential class C network addresses into single logical networks. The networks used will fall into the range 192 through 223. This is the opposite of subnetting, so it should be logical that you begin the opposite way: you borrow bits from the network portion of the IP address in order to use them as host bits. Every bit you borrow for use as a host bit doubles the theoretical number of hosts for your network. A phrase used to describe the combining of addresses into a supernet is address aggregation.

Supernets have rules that are different from subnets:

  • Supernets are created from class C network addresses.
  • Network addresses used must be consecutive.
  • In each pair of network addresses, the third octet of the first address must be an even number. Another way of saying this is that the binary version of the third octet of this address must end with a 0. For example, if you own the network addresses 201.41.18.0 and 201.41.19.0, you can make a supernet. If you own the addresses 201.41.19.0 and 201.41.20.0, you cannot make a supernet. (I will leave the binary conversion to you as an exercise.)
  • Supernet masks are subnet masks that use fewer 1 bits than classful masks. A standard class C subnet mask is 255.255.255.0. If you borrow one bit for supernetting, your mask is 255.255.254.0, and your network can have 512 (theoretical) hosts instead of 256. This mask uses 23 bits for the network identifier, instead of the standard 24 bits for class C. Routers will be informed of this shorter mask, and they must support it or the supernet will not work.
  • It would be easier to just use a private addressing scheme and to use Network Address Translation on a proxy server to let your hosts access the Internet.

In an IP network, each device needs a unique IP address. Assignment of these addresses takes some planning. First, there are two major approaches:

  • Static assignment - someone has to manually configure the address on each device, including workstations, servers, and printers. Unless your network is small, this is very painful.
  • Dynamic assignment - a server on the network can assign an address to workstations as they are powered up or as a user logs in to a network. You will still want to manually configure addresses on servers, printers, routers, and other network resource devices. However, you can automate the "manual" part: see below.

Static assignment is summarized in the graphic on page 171. Hosts need to be given an IP address, a subnet mask, and a default gateway address. It is a good idea to give them a DNS server address. Note that this address does not need to be on the same network as the other two addresses. You may have to do this in a simulation for a certification test, so you should know how to open the Windows Network and Sharing Center, open the Status dialog of the Local Area Connection, open the Properties of that connection, and the Properties of the IPv4 stack.

Dynamic Host Configuration Protocol (DHCP) service allows us to dynamically assign IP addresses to hosts on an IP network. You need to understand that, as far as IP is concerned, "host" means any device on the network. It can also set the subnet mask, the default gateway, and the DNS server. Three methods for assigning addresses:

  • Automatic Allocation: DHCP assigns a permanent IP address to a host.
  • Dynamic Allocation: An IP address is assigned to a host for a limited period of time (or until the host relinquishes the address). Also called address leasing.
  • Manual Allocation: This method requires that you assign the address. DHCP simply delivers the address to the host. Read that carefully: you can make the assignment, but you tell the DHCP server to deliver it, so you don't have to visit the host yourself.

On page 175, the text discusses what you will see if DHCP fails. Automatic Private IP Addressing (APIPA) could be described as an error condition, if you are using DHCP on your Windows-based network. The first clue may be that a workstation cannot reach the Internet, because APIPA does not set a default gateway. What it does is to set a private IP address instead of one that matches your network scheme. It will be in the range 169.254.0.0 - 169.254.255.254. APIPA is meant to be a fallback method of assigning addresses. It will result in communications failures if some of your workstations have APIPA addresses, and others have DHCP assigned addresses. The two groups will essentially be on two different networks.

If a Windows workstation is configured for DHCP, but has an address in the APIPA range, try opening a command line interface and entering two commands:

ipconfig -release
ipconfig -renew

The first command tells the computer to let go of the lease it has (or thinks it has). The second command tells the computer to start a DHCP discover, offer, request, acknowledge sequence. These commands will have no effect if your DHCP server is not running, or not reachable.

The text also give us the Linux/UNIX/OS X version of these commands:

sudo ifconfig eth0 down
sudo ifconfig eth0 up

The text remarks that you may not need to type sudo.

Assignment 1: Chapter 7

  1. Do the multiple choice questions for chapter 7.

Assignment 2: Chapter 7

  1. Review LabSim items 5.1.2 (IP Address Facts), 5.1.4 (Subnetting Facts) and 5.2.3 (Addressing Method Facts).
  2. Play LabSim lessons 5,2,4 (Configuring a DHCP Server) and 5.2.6 (Configuring Host Addressing)
  3. Do LabSim exercise 5.1.5 (Configure IP Addresses), 5.2.5 (Configure a DHCP Server), and 5.2.7 (Configure a DHCP Host).