IP TutorialTutorial originally appeared here: IP Tutorial: Basic Addressing The Internet Protocol (IP) had its origins in UNIX® networking as it developed in the 1970s. Today, IP has become a standard mechanism for network operating systems (NOS) to communicate with each other. Well-known protocols such as HTTP and TCP have been built on top of the IP foundation. Bits and Bytes An IP address contains a full four bytes (32 bits) of data. For readability purposes, humans typically work with IP addresses in a decimal notation that uses periods to separate each byte (also known as an octet). For example, the IP address 00001010 00000000 00000000 00000001 often appears in the equivalent string representation 10.0.0.1 IP addresses can be subdivided into classes. The values of the leftmost four (4) bits of an address determine its class. All "Class A" addresses, for example, have the leftmost bit set to zero, but each of the remaining 31 bits may be set to either "0" or "1" independently (as represented by an'x' in these bit positions): 0xxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx From this rule it follows that Class A addresses include all values in the range "0.0.0.0" to "127.255.255.255". Class B addresses must have the leftmost bit set to one, and the next bit set to zero, but all other bits may vary: 10xxxxxx xxxxxxxx xxxxxxxx xxxxxxxx And so it follows that Class B addresses fall in the range from "128.0.0.0" to "191.255.255.255". Similarly, Class C, D, and E addresses set the second, third, and fourth bit (respectively) to one. The following table summarizes the overall breakdown of all IP addresses into this class system. ClassLeftmost bitsStart addressFinish address A0xxx0.0.0.0127.255.255.255 B10xx128.0.0.0191.255.255.255 C110x192.0.0.0223.255.255.255 D1110224.0.0.0 239.255.255.255 E1111240.0.0.0 255.255.255.255 Domain Naming and Registration Names offer a more convenient, easily-remembered way to uniquely identify computers on the network than IP addresses alone. The domain name system (DNS) used across the Internet assigns names to individual IP addresses and performs the mapping (translation from name to address) on demand as needed. The term domain naming refers to the structure of the naming system: names and addresses are organized in a hierarchy and maintained in a distributed fashion across the Internet. Names and addresses on the public Internet must be registered with an accredited registrar. For nodes in the ".com," ".net," and ".org" domains, the Internet Corporation for Assigned Names and Numbers (ICANN) oversees registrations. Registered names and addresses must be renewed periodically, and should a dispute occur between two parties over ownership of a given name, such as in trademarking, ICANN's Uniform Domain-Name Dispute-Resolution Policy (URDP) can be invoked. IPv4 and IPv6 The IP system in widespread use today is also known as IPv4 ("version four"). A newer system, IPv6 ("version six" -- version five was essentially skipped), exists now in small deployments and should replace IPv4 in years to come. IPv6 improves the addressing system by supporting up to 128-bit instead of 32-bit addresses, and it adds additional features for performance and privacy. IPv4 can only represent a finite number of computers on the Internet -- approximately 4,294,967,296, or 2 raised to the 32nd power. At the time IP was conceived this number was perfectly reasonable, but with the explosive growth of the Web and networked computing generally, a time may come in the not-too-distant future when the IPv4 address space will be exhausted. Thanks to technologies like Network Address Translation (NAT), computers can use virtual addressing analogous to the way network operating systems use virtual memory, but it remains unclear if these relatively recent technology developments will adequately conserve IP space. Conclusion Nearly all of the Class A and Class B IPv4 address domains have already assigned to large organizations. Addresses in the Class D and E ranges have been reserved for special purposes by the IP administrative authorities. (The terms "Class D" and "Class E," while technically correct, do not appear much in practice.) Effectively this leaves only Class C address ranges available for public consumption. Next time you sit down at your computer, see if you can determine its IP address and domain name. Its a good start toward becoming familiar with the vast world of networking around you! IP Tutorial: Network Numbering Computer networks consist of individual segments of network cable. The electrical properties of cabling limit the useful size of any given segment such that even a modestly-sized local-area network (LAN) will require several of them. Gateway devices like routers and bridges connect these segments together although not in a perfectly seamless way. Besides partitioning through the use of cable, subdividing of the network can also be done at a higher level. Subnets support "virtual" network segments that partition the traffic flowing through the cable rather than the cables themselves. The subnet configuration often matches the segment layout one-to-one, but subnets can also subdivide a given network segment. Network Addresses Even without subnetting, hosts on the Internet (or any other IP network) are uniquely identified on a network by something called the network number. (Multi- homed nodes, that contain multiple network adapters, can belong to multiple networks.) Network numbering allows a group of hosts (peers) to communicate efficiently with each other; these may be computers located in the same facility or all computers used by a workgroup, for example. Network numbers look very much like IP addresses, but the two should not be confused. In the absense of subnetting, some "default" networks can be derived immediately from host IP addressing and its class structure. Consider the host IP address 10.0.0.1, for example, an address commonly used on private networks. Because it is a Class A address, with no subnetting employed, its leftmost byte (eight bits) by default refer to the network address (10), and all other bits remain set at zero (10.0.0.0). Thus, 10.0.0.0 is the network number corresponding to IP address 10.0.0.1. In this scheme, the part of the IP address that does not refer to the network refers instead to the host address (literally, the unique identifier of the host on that network). In this example, the host address becomes "0.0.0.1" or simply "1". Also note that a network address becomes a reserved address that should not be assigned to any actual host. Hosts like 10.0.0.1 may use the 10.0.0.0 address for special purposes, and having a live host at that location could cause conflicts. The table below illustrates the numbering scheme for Class A, B, and C networks. Although the same scheme can apply to Class D and E networks, those address ranges have been reserved for other purposes and should be discussed separately. ClassHost address rangeNetwork addressDefault mask A 0.0.0.0 - 127.255.255.255x.0.0.0255.0.0.0 B128.0.0.0 - 191.255.255.255x.x.0.0255.255.0.0 C192.0.0.0 - 223.255.255.255x.x.x.0255.255.255.0 In general, a network address uses the leftmost byte of its hosts' addressing if the hosts fall within the Class A range, the leftmost two bytes for hosts in Class B, and the leftmost three bytes for hosts in Class C. This algorithm is applied in practice with the use of a network mask. The above table shows the decimal representation of the default network masks that is commonly used by network operating systems. The decimal value "255" corresponds to one byte that has all bits set to one (11111111). Conclusion Network addressing fundamentally organizes hosts into groups. This can improve security (by isolating critical nodes) and can reduce network traffic (by preventing transmissions between nodes that do not need to communicate with each other). Overall, network addressing becomes even more powerful when introducing subnetting and/or supernetting. IP Tutorial: Subnetting Subnets allow network traffic between hosts to be segregated based on the network's configuration. In IP networking, traffic takes the form of packets. IP subnets improve network security and performance to some degree by organizing hosts into logical groups. Subnet Masks Probably the most easily recognizable aspect of subnetting is the "mask." Just like IP addresses, subnet masks contain four bytes (32 bits) and usually appear in the same "dotted decimal" notation. For example, a very common subnet mask in its binary representation 11111111 11111111 11111111 00000000 will usually be shown in the equivalent, more human-readable form 255.255.255.0 Masking Rules A subnet mask neither serves as an IP address nor does it exist independently from them. Instead, subnet masks must be applied to IP addresses. Masking a full IP address has the effect of splitting it into two parts -- an "extended network address" and a host address. For a subnet mask to be valid, its leftmost bits must be set to one; a mask of all zeros 00000000 00000000 00000000 00000000 is invalid. In addition, its rightmost bits must be set to zero; the mask of all ones 11111111 11111111 11111111 11111111 is likewise invalid. In other words, all valid subnet masks contain two parts: the all-ones left side (the extended network portion) and the all-zeros right side (the host portion). Subnetting in Practice An extended network address includes the basic network address as well as additional bits that represent the "subnet number." Used in conjuction with a network address, a subnet number supports a two-level, "extended" addressing scheme recognized in a standard way by implementations of IP. Taken together, the extended network address with the host address actually produce a three-level scheme. Consider the following real-world example. A small business plans to use the "192.168.1.0" network for its internal (intranet) hosts. The human resources department wants their computers to be on a controlled part of this network because they store payroll information and other sensitive employee data. But because this is a Class C network, its default subnet mask of "255.255.255.0" will allow all computers to be peers on the network by default. The first four bits of 192.168.1.0 -- 1100 -- place this network in the Class C range and also fix the length of the network address at 24 bits. To subnet this network, more than 24 bits must be set to one on the left side of the subnet mask. For instance, the 25-bit mask "255.255.255.128" creates a two-subnet network as follows. Network address (24 bits)Subnet number (1 bit)Extended networkHost address range 11000000 10101000 000000010192.168.1.0192.168.1.1 - 192.168.1.127 11000000 10101000 000000011192.168.1.128192.168.1.129 - 192.168.1.255 For every additional bit set to one in the mask, another bit becomes available in the subnet number to index additional subnets. A two-bit subnet number can support up to four subnets, a three-bit number supports up to eight, and so on. Private Networks The governing bodies that administer the Internet Protocol have identified certain networks as reserved for internal use. In general, intranets that use these networks can reduce the difficulty in administering their IP configuration and Internet access. These three networks, along with their default masks, are listed below. Network addressDefault mask 10.0.0.0255.0.0.0 172.16.0.0255.240.0.0 192.168.0.0255.255.0.0 Consult RFC 1918 for more details about these special networks. Conclusion Subnetting allows network administrators some flexibility in defining relationships among network hosts. Hosts on different subnets can only "talk" to each other through specialized network gateway devices like routers. The ability to filter traffic between subnets can make more bandwidth available to applications and can limit access in desirable ways.