To help you prepare for the Network+ N10-005 exam, this chapter deals with the individual protocols within the protocol suite, looking at the functions of the individual protocols and their purposes. It starts by discussing one of the more complex facets of TCP/IP: addressing.This chapter is from the book
Without question, the TCP/IP suite is the most widely implemented protocol on networks today. As such, it is an important topic on the Network+ exam. To pass the exam, you definitely need to understand the material presented in this chapter.
This chapter deals with the individual protocols within the protocol suite. It looks at the functions of the individual protocols and their purposes. It starts by discussing one of the more complex facets of TCP/IP: addressing.
- Explain the purpose and properties of IP addressing.
IP addressing is one of the most challenging aspects of TCP/IP. It can leave even the most seasoned network administrators scratching their heads. Fortunately, the Network+ exam requires only a fundamental knowledge of IP addressing. The following sections look at how IP addressing works for both IPv4 and the newest version of IP: IPv6.
To communicate on a network using TCP/IP, each system must be assigned a unique address. The address defines both the number of the network to which the device is attached and the number of the node on that network. In other words, the IP address provides two pieces of information. It’s a bit like a street name and house number in a person’s home address.
Each device on a logical network segment must have the same network address as all the other devices on the segment. All the devices on that network segment must then have different node addresses.
In IP addressing, another set of numbers, called a subnet mask, defines which portion of the IP address refers to the network address and which refers to the node address.
IP addressing is different in IPv4 and IPv6. The discussion begins by looking at IPv4.
An IPv4 address is composed of four sets of 8 binary bits, which are called octets. The result is that IP addresses contain 32 bits. Each bit in each octet is assigned a decimal value. The leftmost bit has a value of 128, followed by 64, 32, 16, 8, 4, 2, and 1, left to right.
Each bit in the octet can be either a 1 or a 0. If the value is 1, it is counted as its decimal value, and if it is 0, it is ignored. If all the bits are 0, the value of the octet is 0. If all the bits in the octet are 1, the value is 255, which is 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1.
By using the set of 8 bits and manipulating the 1s and 0s, you can obtain any value between 0 and 255 for each octet.
Table 3.1 shows some examples of decimal-to-binary value conversions.
Table 3.1. Decimal-to-Binary Value Conversions
8 + 2 = 10
128 + 64 = 192
128 + 64 + 8 + 4 + 1 = 205
128 + 64 + 16 + 8 + 4 + 2 + 1 = 223
IP Address Classes
IP addresses are grouped into logical divisions called classes. The IPv4 address space has five address classes (A through E); although, only three (A, B, and C) assign addresses to clients. Class D is reserved for multicast addressing, and Class E is reserved for future development.
Of the three classes available for address assignments, each uses a fixed-length subnet mask to define the separation between the network and the node address. A Class A address uses only the first octet to represent the network portion; a Class B address uses two octets; and a Class C address uses the first three octets. The upshot of this system is that Class A has a small number of network addresses, but each Class A address has a large number of possible host addresses. Class B has a larger number of networks, but each Class B address has a smaller number of hosts. Class C has an even larger number of networks, but each Class C address has an even smaller number of hosts. The exact numbers are provided in Table 3.2.
Table 3.2. IPv4 Address Classes and the Number of Available Network/Host Addresses
Number of Networks
Number of Hosts Per Network
Binary Value of First Octet
1 to 126
128 to 191
192 to 223
224 to 239
240 to 255
Subnet Mask Assignment
Like an IP address, a subnet mask is most commonly expressed in 32-bit dotted-decimal format. Unlike an IP address, though, a subnet mask performs just one function—it defines which parts of the IP address refer to the network address and which refer to the node address. Each class of the IP address used for address assignment has a default subnet mask associated with it. Table 3.3 lists the default subnet masks.
Table 3.3. Default Subnet Masks Associated with IP Address Classes
Default Subnet Mask
Now that you have looked at how IP addresses are used, you can learn the process of subnetting. Subnetting is a process by which the node portions of an IP address create more networks than you would have if you used the default subnet mask.
To illustrate subnetting, for example, suppose that you have been assigned the Class B address 184.108.40.206. Using this address and the default subnet mask, you could have a single network (150.150) and use the rest of the address as node addresses. This would give you a large number of possible node addresses, which in reality is probably not useful. With subnetting, you use bits from the node portion of the address to create more network addresses. This reduces the number of nodes per network, but you probably will still have more than enough.
Following are two main reasons for subnetting:
- It enables you to more effectively use IP address ranges.
- It makes IP networking more secure and manageable by providing a mechanism to create multiple networks rather than having just one. Using multiple networks confines traffic to the network that it needs to be on, which reduces overall network traffic levels. Multiple subnets also create more broadcast domains, which in turn reduces networkwide broadcast traffic. A difference exists between broadcast domains and collision domains: The latter is all the connected nodes, whereas the former is all the logical nodes that can reach each other. As such, collision domains are typically subsets of broadcast domains.
Identifying the Differences Between IPv4 Public and Private Networks
IP addressing involves many considerations, not the least of which are public and private networks.
- A public network is a network to which anyone can connect. The best (and perhaps only pure) example of such a network is the Internet.
- A private network is any network to which access is restricted. A corporate network and a network in a school are examples of private networks.
The main difference between public and private networks, other than access to a private network is tightly controlled and access to a public network is not, is that the addressing of devices on a public network must be carefully considered. Addressing on a private network has a little more latitude.
As already discussed, for hosts on a network to communicate by using TCP/IP, they must have unique addresses. This number defines the logical network that each host belongs to and the host’s address on that network. On a private network with, say, three logical networks and 100 nodes on each network, addressing is not a difficult task. On a network on the scale of the Internet, however, addressing is complex.
If you connect a system to the Internet, you need to get a valid registered IP address. Most commonly, you obtain this address from your ISP. Alternatively, if you wanted a large number of addresses, for example, you could contact the organization responsible for address assignment in your area. You can determine who the regional numbers authority for your area is by visiting the IANA website.
Because of the nature of their business, ISPs have large blocks of IP addresses that they can assign to their clients. If you need a registered IP address, getting one from an ISP is almost certainly a simpler process than going through a regional numbers authority. Some ISPs’ plans actually include blocks of registered IP addresses, working on the principle that businesses want some kind of permanent presence on the Internet. Of course, if you discontinue your service with the ISP, you can no longer use the provided IP address.
Private Address Ranges
To provide flexibility in addressing and to prevent an incorrectly configured network from polluting the Internet, certain address ranges are set aside for private use. These address ranges are called private ranges because they are designated for use only on private networks. These addresses are special because Internet routers are configured to ignore any packets they see that use these addresses. This means that if a private network “leaks” onto the Internet, it won’t get any farther than the first router it encounters. So a private address cannot be on the Internet because it cannot be routed to public networks.
Three ranges are defined in RFC 1918: one each from Classes A, B, and C. You can use whichever range you want; although, the Class A and B address ranges offer more addressing options than Class C. Table 3.4 defines the address ranges for Class A, B, and C addresses.
Table 3.4. Private Address Ranges
Default Subnet Mask
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
Classless Interdomain Routing (CIDR)
Classless interdomain routing (CIDR) is a method to assign addresses outside the standard Class A, B, and C structure that is used by IPv6. Specifying the number of bits in the subnet mask offers more flexibility than the three standard class definitions.
Using CIDR, addresses are assigned using a value known as the slash. The actual value of the slash depends on how many bits of the subnet mask are used to express the network portion of the address. For example, a subnet mask that uses all 8 bits from the first octet and 4 from the second would be described as /12, or “slash 12.” A subnet mask that uses all the bits from the first three octets would be called /24. Why the slash? In actual addressing terms, the CIDR value is expressed after the address, using a slash. So the address 192.168.2.1/24 means that the node’s IP address is 192.168.2.1, and the subnet mask is 255.255.255.0.
Default gateways are the means by which a device can access hosts on other networks for which it does not have a specifically configured route. Most workstation configurations actually default to just using default gateways rather than having any static routes configured. This enables workstations to communicate with other network segments, or with other networks, such as the Internet.
When a system wants to communicate with another device, it first determines whether the host is on the local network or a remote network. If the host is on a remote network, the system looks in the routing table to determine whether it has an entry for the network on which the remote host resides. If it does, it uses that route. If it does not, the data is sent to the default gateway.
In essence, the default gateway is simply the path out of the network for a given device. Figure 3.1 shows how a default gateway fits into a network infrastructure.
On the network, a default gateway could be a router or a computer with network interfaces for all segments to which it is connected. These interfaces have local IP addresses for the respective segments. If a system is not configured with any static routes or a default gateway, it is limited to operating on its own network segment.
IPv4 Address Types
IPv4 has three primary address types: unicast, broadcast, and multicast. You need to distinguish between these three types of IPv4 addresses.
With a unicast address, a single address is specified. Data sent with unicast addressing is delivered to a specific node identified by the address. It is a point-to-point address link.
A broadcast address is at the opposite end of the spectrum from a unicast address. A broadcast address is an IP address that you can use to target all systems on a subnet or network instead of single hosts. In other words, a broadcast message goes to everyone on the network.
Multicasting is a mechanism by which groups of network devices can send and receive data between the members of the group at one time, instead of separately sending messages to each device in the group. The multicast grouping is established by configuring each device with the same multicast IP address.
Internet Protocol Version 4 (IPv4) has served as the Internet’s protocol for almost 30 years. When IPv4 was in development 30 years ago, it would have been impossible for its creators to imagine or predict the future demand for IP devices and therefore IP addresses.
Where have all the IPv4 addresses gone?
IPv4 uses a 32-bit addressing scheme. This gives IPv4 a total of 4,294,967,296 possible unique addresses that can be assigned to IP devices. More than 4 billion addresses might sound like a lot, and it is. However, the number of IP-enabled devices increases daily at a staggering rate. Not all these addresses can be used by public networks. Many of these addresses are reserved and are unavailable for public use. This reduces the number of addresses that can be allocated as public Internet addresses.
The IPv6 project started in the mid-1990s, well before the threat of IPv4 limitations. Now network hardware and software are equipped for and ready to deploy IPv6 addressing. IPv6 offers a number of improvements. The most notable is its capability to handle growth in public networks. IPv6 uses a 128-bit addressing scheme, enabling a huge number of possible addresses:
Identifying IPv6 Addresses
As previously discussed, IPv4 uses a dotted-decimal format: 8 bits converted to its decimal equivalent and separated by periods. An example of an IPv4 address is 192.168.2.1.
Because of the 128-bit structure of the IPv6 addressing scheme, it looks quite a bit different. An IPv6 address is divided along 16-bit boundaries, and each 16-bit block is converted into a four-digit hexadecimal number and separated by colons. The resulting representation is called colon-hexadecimal. Now look at how it works. Figure 3.2 shows the IPv6 address 2001:0:4137:9e50:2811:34ff:3f57:febc from a Windows 7 system.
Figure 3.2. An IPv6 address in a Windows 7 dialog screen.
An IPv6 address can be simplified by removing the leading 0s within each 16-bit block. Not all the 0s can be removed, however, because each address block must have at least a single digit. Removing the 0 suppression, the address representation becomes
Some of the IPv6 addresses you will work with have sequences of 0s. When this occurs, the number is often abbreviated to make it easier to read. In the preceding example you saw that a single 0 represented a number set in hexadecimal form. To further simplify the representation of IPv6 addresses, a contiguous sequence of 16-bit blocks set to 0 in colon hexadecimal format can be compressed to ::, known as the double colon.
For example, the IPv6 address of
can be compressed to
Of course, there are limits on how the IPv6 0s can be reduced. 0s within the IPv6 address cannot be eliminated when they are not first in the number sequence. For instance, 2001:4000:0000:0000:0000:0000:0000:0003 cannot be compressed as 2001:4::3. This would actually appear as 2001:4000::3.
When you look at an IPv6 address that uses a double colon, how do you know exactly what numbers are represented? The formula is to subtract the number of blocks from 8 and then multiply that number by 16. For example, the address 2001:4000::3 uses three blocks: 2001, 4000, and 3. So the formula is as follows:
(8 – 3) * 16 = 80
Therefore, the total number of bits represented by the double colon in this example is 80.
IPv6 Address Types
Another difference between IPv4 and IPv6 is in the address types. IPv4 addressing was discussed in detail earlier. IPv6 addressing offers several types of addresses, as detailed in this section.
Unicast IPv6 Addresses
As you might deduce from the name, a unicast address specifies a single interface. Data packets sent to a unicast destination travel from the sending host to the destination host. It is a direct line of communication. A few types of addresses fall under the unicast banner:
Global Unicast Addresses
Global unicast addresses are the equivalent of IPv4 public addresses. These addresses are routable and travel throughout the network.
Link-local addresses are designated for use on a single local network. Link-local addresses are automatically configured on all interfaces. This automatic configuration is comparable to the 169.254.0.0/16 APIPA automatically assigned IPv4 addressing scheme. The prefix used for a link-local address is fe80::/64. On a single-link IPv6 network with no router, link-local addresses are used to communicate between devices on the link.
Site-local addresses are equivalent to the IPv4 private address space (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16). As with IPv4, in which private address ranges are used in private networks, IPv6 uses site-local addresses that do not interfere with global unicast addresses. In addition, routers do not forward site-local traffic outside the site. Unlike link-local addresses, site-local addresses are not automatically configured and must be assigned through either stateless or stateful address configuration processes. The prefix used for the site-local address is FEC0::/10.
As with IPv4 addresses, multicasting sends and receives data between groups of nodes. It sends IP messages to that group rather than to every node on the LAN (broadcast) or just one other node (unicast).
Anycast addresses represent the middle ground between unicast addresses and multicast addresses. Anycast delivers messages to any one node in the multicast group.
Comparing IPv4 and IPv6 Addressing
Table 3.5 compares IPv4 and IPv6 addressing.
Table 3.5 compares IPv4 and IPv6 addressing.
IPv4 public address ranges
Global unicast IPv6 addresses
Private network addresses
10.0.0.0 172.16.0.0 192.168.0.0
Site-local address ranges (FEC0::)
IPv4 automatic private IP addressing (169.254.0.0)
Link-local addresses of the FE80:: prefix
Assigning IP Addresses
Now that you understand the need for each system on a TCP/IP-based network to have a unique address, the following sections examine how those systems receive their addresses.
Static addressing refers to the manual assignment of IP addresses to a system. This approach has two main problems:
- Statically configuring one system with the correct address is simple, but in the course of configuring, say, a few hundred systems, mistakes are likely to be made. If the IP addresses are entered incorrectly, the system probably cannot connect to other systems on the network.
- If the IP addressing scheme for the organization changes, each system must again be manually reconfigured. In a large organization with hundreds or thousands of systems, such a reconfiguration could take a considerable amount of time. These drawbacks of static addressing are so significant that nearly all networks use dynamic IP addressing.
Dynamic addressing refers to the automatic assignment of IP addresses. On modern networks, the mechanism used to do this is Dynamic Host Configuration Protocol (DHCP). DHCP, part of the TCP/IP suite, enables a central system to provide client systems with IP addresses. Automatically assigning addresses with DHCP alleviates the burden of address configuration and reconfiguration that occurs with static IP addressing.
The basic function of the DHCP service is to automatically assign IP addresses to client systems. To do this, ranges of IP addresses, known as scopes, are defined on a system running a DHCP server application. When another system configured as a DHCP client is initialized, it asks the server for an address. If all things are as they should be, the server assigns an address to the client for a predetermined amount of time, which is known as the lease, from the scope.
A DHCP server typically can be configured to assign more than just IP addresses. It often is used to assign the subnet mask, the default gateway, and Domain Name Service (DNS) information.
Using DHCP means that administrators do not need to manually configure each client system with a TCP/IP address. This removes the common problems associated with statically assigned addresses, such as human error. The potential problem of assigning duplicate IP addresses is also eliminated. DHCP also removes the need to reconfigure systems if they move from one subnet to another, or if you decide to make a wholesale change in the IP addressing structure.
Configuring a client for TCP/IP can be relatively complex, or it can be simple. Any complexity involved is related to the possible need to manually configure TCP/IP. The simplicity is because TCP/IP configuration can occur automatically via DHCP or through APIPA. At the least, a system needs an IP address and subnet mask to log on to a network. The default gateway and DNS server IP information is optional, but network functionality is limited without them. The following list briefly explains the IP-related settings used to connect to a TCP/IP network:
- IP address: Each system must be assigned a unique IP address so that it can communicate on the network.
- Subnet mask: Enables the system to determine what portion of the IP address represents the network address and what portion represents the node address.
- Default gateway: Enables the system to communicate on a remote network, without the need for explicit routes to be defined.
- DNS server addresses: Enable dynamic hostname resolution to be performed. It is common practice to have two DNS server addresses defined so that if one server becomes unavailable, the other can be used.
BOOT Protocol (BOOTP)
BOOTP was originally created so that diskless workstations could obtain information needed to connect to the network, such as the TCP/IP address, subnet mask, and default gateway. Such a system was necessary because diskless workstations had no way to store the information.
When a system configured to use BOOTP is powered up, it broadcasts for a BOOTP server on the network. If such a server exists, it compares the MAC address of the system issuing the BOOTP request with a database of entries. From this database, it supplies the system with the appropriate information. It can also notify the workstation about a file that it must run on BOOTP.
In the unlikely event that you use BOOTP, you should be aware that, like DHCP, it is a broadcast-based system. Therefore, routers must be configured to forward BOOTP broadcasts.
Automatic Private IP Addressing (APIPA)
Automatic Private IP Addressing (APIPA) was introduced with Windows 98 and has been included in all subsequent Windows versions. The function of APIPA is that a system can give itself an IP address if it is incapable of receiving an address dynamically from a DHCP server. Then APIPA assigns the system an address from the 169.254.0.0 address range and configures an appropriate subnet mask (255.255.0.0). However, it doesn’t configure the system with a default gateway address. As a result, communication is limited to the local network.
The idea behind APIPA is that systems on a segment can communicate with each other if DHCP server failure occurs. In reality, the limited usability of APIPA makes it little more than a last resort. For example, imagine that a system is powered on while the DHCP server is operational and receives an IP address of 192.168.100.2. Then the DHCP server fails. Now, if the other systems on the segment are powered on and cannot get an address from the DHCP server because it is down, they would self-assign addresses in the 169.254.0.0 address range via APIPA. The systems with APIPA addresses would talk to each other, but they couldn’t talk to a system that received an address from the DHCP server. Likewise, any system that receives an IP address via DHCP cannot talk to systems with APIPA-assigned addresses. This, and the absence of a default gateway, is why APIPA is of limited use in real-world environments.
Identifying MAC Addresses
Many times this book refers to MAC addresses and how certain devices use them. However, it has not yet discussed why MAC addresses exist, how they are assigned, and what they consist of.
A MAC address is a 6-byte (48-bit) hexadecimal address that enables a NIC to be uniquely identified on the network. The MAC address forms the basis of network communication, regardless of the protocol used to achieve network connection. Because the MAC address is so fundamental to network communication, mechanisms are in place to ensure that duplicate addresses cannot be used.
To combat the possibility of duplicate MAC addresses being assigned, the Institute of Electrical and Electronics Engineers (IEEE) took over the assignment of MAC addresses. But rather than be burdened with assigning individual addresses, the IEEE decided to assign each manufacturer an ID and then let the manufacturer further allocate IDs. The result is that in a MAC address, the first 3 bytes define the manufacturer, and the last 3 are assigned by the manufacturer.
For example, consider the MAC address of the computer on which this book is being written: 00:D0:59:09:07:51. The first 3 bytes (00:D0:59) identify the manufacturer of the card; because only this manufacturer can use this address, it is known as the Organizational Unique Identifier (OUI). The last 3 bytes (09:07:51) are called the Universal LAN MAC address: They make this interface unique. You can find a complete listing of organizational MAC address assignments at http://standards.ieee.org/regauth/oui/oui.txt.
You can discover the NIC’s MAC address in various ways, depending on what system or platform you work on. Table 3.6 defines various platforms and methods you can use to view an interface’s MAC address.
Table 3.6. Methods of Viewing the MAC Addresses of NICs
Enter at a command prompt.
Enter the command.
Enter the command.
Enter the command.
Network Address Translation (NAT) and Port Address Translation (PAT)
This chapter has defined many acronyms and continues with two more: NAT and PAT.
The basic principle of NAT is that many computers can “hide” behind a single IP address. The main reason you need to do this (as pointed out earlier in the section “IP Addressing”) is because there simply aren’t enough IPv4 addresses to go around. Using NAT means that only one registered IP address is needed on the system’s external interface, acting as the gateway between the internal and external networks.
NAT enables you to use whatever addressing scheme you like on your internal networks; although, it is common practice to use the private address ranges, which were discussed earlier.
When a system is performing NAT, it funnels the requests given to it to the Internet. To the remote host, the request looks like it is originating from a single address. The system performing the NAT function keeps track of who asked for what and makes sure that when the data is returned, it is directed to the correct system. Servers that provide NAT functionality do so in different ways. For example, you can statically map a specific internal IP address to a specific external one (known as the one-to-one NAT method) so that outgoing requests are always tagged with the same IP address. Alternatively, if you have a group of public IP addresses, you can have the NAT system assign addresses to devices on a first-come, first-served basis. Either way, the basic function of NAT is the same.
There is a transition technology known as Teredo that gives full IPv6 connectivity for IPv6-capable hosts, which are on the IPv4 Internet but lack direct native connection to an IPv6 network. The distinguishing feature of Teredo is that it can do this from behind network address translation (NAT) devices (such as home routers). You can find more information on this at http://ipv6.com/articles/nat/NAT-In-Depth.htm.
NAT enables administrators to conserve public IP addresses and, at the same time, secure the internal network. Port Address Translation (PAT) is a variation on NAT. With PAT, all systems on the LAN are translated to the same IP address, but with a different port number assignment. PAT is used when multiple clients want to access the Internet. However, with not enough available public IP addresses, you need to map the inside clients to a single public IP address. When packets come back into the private network, they are routed to their destination with a table within PAT that tracks the public and private port numbers.
When PAT is used, there is a typically only a single IP address exposed to the public network, and multiple network devices access the Internet through this exposed IP address. The sending devices, IP address, and port number are not exposed. For example, an internal computer with the IP address of 192.168.2.2 wants to access a remote Web server at address 220.127.116.11. The request goes to the PAT router where the sender’s private IP and port number are modified, and a mapping is added to the PAT table. The remote web server sees the request coming from the IP address of the PAT router and not the computer actually making the request. The web server sends the reply to the address and port number of the router. When received, the router checks its table to see the packet’s actual destination and forwards it.
Static NAT is a simple form of NAT. Static Network Address Translation (SNAT) directly maps a private IP address to a static unchanging public IP address. This enables an internal system, such as a mail server, to have an unregistered (private) IP address and still be reachable over the Internet. For example, if a network uses a private address of 192.168.2.1 for a mail server, it can be statically linked to a public IP address such as 18.104.22.168.
What is the IPv6 equivalent of 127.0.0.1? (Choose two.)
Which of the following is a Class B address?
You are the administrator for a network with two Windows Server systems and 65 Windows 7 systems. At 10 a.m., three users call to report that they are experiencing network connectivity problems. Upon investigation, you determine that the DHCP server has failed. How can you tell that the DHCP server failure is the cause of the connectivity problems experienced by the three users?
Which of the following address types are associated with IPv6? (Choose three.)
Which of the following IP addresses is not from a private address range?
You have been assigned to set up a new network with TCP/IP. For the external interfaces, you decide to obtain registered IP addresses from your ISP, but for the internal network, you choose to configure systems by using one of the private address ranges. Of the following address ranges, which one would you not consider?
You ask your ISP to assign a public IP address for the external interface of your Windows 2008 server, which is running a proxy server application. In the email message you get that contains the information, the ISP tells you that you have been assigned the IP address 22.214.171.124/24. When you fill out the subnet mask field on the IP configuration dialog box on your system, what subnet mask should you use?
- Examine the diagram shown here. What is the most likely reason that user Spencer cannot communicate with user Evan?
Cram Quiz Answers
- A and C. The IPv4 address 127.0.0.1 is reserved as the loopback address, and IPv6 has the same reservation. IPv6 addresses 0:0:0:0:0:0:0:0 and 0:0:0:0:0:0:0:1 are reserved as the loopback addresses. The address 0:0:0:0:0:0:0:1 can be shown using the :: notation with the 0s removed, resulting in ::1.
- A. Class B addresses fall into the range 128 to 191. Answer A is the only address listed that falls into that range. Answer B is a Class A address, and answers C and D are Class C IP addresses.
- D. When a Windows 7 system that is configured to obtain an IP address via DHCP fails to obtain an address, it uses APIPA to assign itself an address from the 169.254.x.x address range. An address of 0.0.0.0 normally results from a system that does not support APIPA. APIPA does not use the 192.168.x.x address range. The IP address 255.255.255.255 is the broadcast address. A DHCP failure would not lead to a system assigning itself this address.
- B, C, and D. A key difference between IPv4 and IPv6 is in the address types. IPv6 addressing has three main types of addresses: unicast, multicast, and anycast. IPv4 uses broadcast addressing, but IPv6 doesn’t.
- C. The 127.x.x.x network range is reserved for the loopback function. It is not one of the recognized private address ranges. The private address ranges as defined in RFC 1918 are 10.x.x.x, 172.16.x.x to 172.31.x.x, and 192.168.x.x.
- B. The 131.16 range is from the Class B range and is not one of the recognized private IP address ranges. All the other address ranges are valid private IP address ranges.
- B. In CIDR terminology, the number of bits to be included in the subnet mask is expressed as a slash value. If the slash value is 24, the first three octets form the subnet mask, so the value is 255.255.255.0.
- C. The most likely problem, given the IP values for each user’s workstation, is that the subnet value is not correct on Spencer’s machine and should be 255.255.255.0.
This document provides basic information needed in order to configure your router for routing IP, such as how addresses are broken down and how subnetting works. You learn how to assign each interface on the router an IP address with a unique subnet. There are examples included in order to help tie everything together.
Cisco recommends that you have a basic understanding of binary and decimal numbers.
This document is not restricted to specific software and hardware versions.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
If definitions are helpful to you, use these vocabulary terms in order to get you started:
Address - The unique number ID assigned to one host or interface in a network.
Subnet - A portion of a network that shares a particular subnet address.
Subnet mask - A 32-bit combination used to describe which portion of an address refers to the subnet and which part refers to the host.
Interface - A network connection.
If you have already received your legitimate address(es) from the Internet Network Information Center (InterNIC), you are ready to begin. If you do not plan to connect to the Internet, Cisco strongly suggests that you use reserved addresses from RFC 1918.
Understand IP Addresses
An IP address is an address used in order to uniquely identify a device on an IP network. The address is made up of 32 binary bits, which can be divisible into a network portion and host portion with the help of a subnet mask. The 32 binary bits are broken into four octets (1 octet = 8 bits). Each octet is converted to decimal and separated by a period (dot). For this reason, an IP address is said to be expressed in dotted decimal format (for example, 172.16.81.100). The value in each octet ranges from 0 to 255 decimal, or 00000000 - 11111111 binary.
Here is how binary octets convert to decimal: The right most bit, or least significant bit, of an octet holds a value of 20. The bit just to the left of that holds a value of 21. This continues until the left-most bit, or most significant bit, which holds a value of 27. So if all binary bits are a one, the decimal equivalent would be 255 as shown here:
1 1 1 1 1 1 1 1 128 64 32 16 8 4 2 1 (128+64+32+16+8+4+2+1=255)
Here is a sample octet conversion when not all of the bits are set to 1.
0 1 0 0 0 0 0 1 0 64 0 0 0 0 0 1 (0+64+0+0+0+0+0+1=65)
And this sample shows an IP address represented in both binary and decimal.
10. 1. 23. 19 (decimal) 00001010.00000001.00010111.00010011 (binary)
These octets are broken down to provide an addressing scheme that can accommodate large and small networks. There are five different classes of networks, A to E. This document focuses on classes A to C, since classes D and E are reserved and discussion of them is beyond the scope of this document.
Note: Also note that the terms "Class A, Class B" and so on are used in this document in order to help facilitate the understanding of IP addressing and subnetting. These terms are rarely used in the industry anymore because of the introduction of classless interdomain routing (CIDR).
Given an IP address, its class can be determined from the three high-order bits (the three left-most bits in the first octet). Figure 1 shows the significance in the three high order bits and the range of addresses that fall into each class. For informational purposes, Class D and Class E addresses are also shown.
In a Class A address, the first octet is the network portion, so the Class A example in Figure 1 has a major network address of 126.96.36.199 - 127.255.255.255. Octets 2, 3, and 4 (the next 24 bits) are for the network manager to divide into subnets and hosts as he/she sees fit. Class A addresses are used for networks that have more than 65,536 hosts (actually, up to 16777214 hosts!).
In a Class B address, the first two octets are the network portion, so the Class B example in Figure 1 has a major network address of 188.8.131.52 - 184.108.40.206. Octets 3 and 4 (16 bits) are for local subnets and hosts. Class B addresses are used for networks that have between 256 and 65534 hosts.
In a Class C address, the first three octets are the network portion. The Class C example in Figure 1 has a major network address of 192.0.0.0 - 220.127.116.11. Octet 4 (8 bits) is for local subnets and hosts - perfect for networks with less than 254 hosts.
A network mask helps you know which portion of the address identifies the network and which portion of the address identifies the node. Class A, B, and C networks have default masks, also known as natural masks, as shown here:
Class A: 255.0.0.0 Class B: 255.255.0.0 Class C: 255.255.255.0
An IP address on a Class A network that has not been subnetted would have an address/mask pair similar to: 18.104.22.168 255.0.0.0. In order to see how the mask helps you identify the network and node parts of the address, convert the address and mask to binary numbers.
22.214.171.124 = 00001000.00010100.00001111.00000001 255.0.0.0 = 11111111.00000000.00000000.00000000
Once you have the address and the mask represented in binary, then identification of the network and host ID is easier. Any address bits which have corresponding mask bits set to 1 represent the network ID. Any address bits that have corresponding mask bits set to 0 represent the node ID.
126.96.36.199 = 00001000.00010100.00001111.00000001 255.0.0.0 = 11111111.00000000.00000000.00000000 ----------------------------------- net id | host id netid = 00001000 = 8 hostid = 00010100.00001111.00000001 = 20.15.1
Subnetting allows you to create multiple logical networks that exist within a single Class A, B, or C network. If you do not subnet, you are only able to use one network from your Class A, B, or C network, which is unrealistic.
Each data link on a network must have a unique network ID, with every node on that link being a member of the same network. If you break a major network (Class A, B, or C) into smaller subnetworks, it allows you to create a network of interconnecting subnetworks. Each data link on this network would then have a unique network/subnetwork ID. Any device, or gateway, that connects n networks/subnetworks has n distinct IP addresses, one for each network / subnetwork that it interconnects.
In order to subnet a network, extend the natural mask with some of the bits from the host ID portion of the address in order to create a subnetwork ID. For example, given a Class C network of 188.8.131.52 which has a natural mask of 255.255.255.0, you can create subnets in this manner:
184.108.40.206 - 11001100.00010001.00000101.00000000 255.255.255.224 - 11111111.11111111.11111111.11100000 --------------------------|sub|----
By extending the mask to be 255.255.255.224, you have taken three bits (indicated by "sub") from the original host portion of the address and used them to make subnets. With these three bits, it is possible to create eight subnets. With the remaining five host ID bits, each subnet can have up to 32 host addresses, 30 of which can actually be assigned to a device since host ids of all zeros or all ones are not allowed (it is very important to remember this). So, with this in mind, these subnets have been created.
220.127.116.11 255.255.255.224 host address range 1 to 30 18.104.22.168 255.255.255.224 host address range 33 to 62 22.214.171.124 255.255.255.224 host address range 65 to 94 126.96.36.199 255.255.255.224 host address range 97 to 126 188.8.131.52 255.255.255.224 host address range 129 to 158 184.108.40.206 255.255.255.224 host address range 161 to 190 220.127.116.11 255.255.255.224 host address range 193 to 222 18.104.22.168 255.255.255.224 host address range 225 to 254
Note: There are two ways to denote these masks. First, since you use three bits more than the "natural" Class C mask, you can denote these addresses as having a 3-bit subnet mask. Or, secondly, the mask of 255.255.255.224 can also be denoted as /27 as there are 27 bits that are set in the mask. This second method is used with CIDR. With this method, one of these networks can be described with the notation prefix/length. For example, 22.214.171.124/27 denotes the network 126.96.36.199 255.255.255.224. When appropriate, the prefix/length notation is used to denote the mask throughout the rest of this document.
The network subnetting scheme in this section allows for eight subnets, and the network might appear as:
Notice that each of the routers in Figure 2 is attached to four subnetworks, one subnetwork is common to both routers. Also, each router has an IP address for each subnetwork to which it is attached. Each subnetwork could potentially support up to 30 host addresses.
This brings up an interesting point. The more host bits you use for a subnet mask, the more subnets you have available. However, the more subnets available, the less host addresses available per subnet. For example, a Class C network of 188.8.131.52 and a mask of 255.255.255.224 (/27) allows you to have eight subnets, each with 32 host addresses (30 of which could be assigned to devices). If you use a mask of 255.255.255.240 (/28), the break down is:
184.108.40.206 - 11001100.00010001.00000101.00000000 255.255.255.240 - 11111111.11111111.11111111.11110000 --------------------------|sub |---
Since you now have four bits to make subnets with, you only have four bits left for host addresses. So in this case you can have up to 16 subnets, each of which can have up to 16 host addresses (14 of which can be assigned to devices).
Take a look at how a Class B network might be subnetted. If you have network 172.16.0.0 ,then you know that its natural mask is 255.255.0.0 or 172.16.0.0/16. Extending the mask to anything beyond 255.255.0.0 means you are subnetting. You can quickly see that you have the ability to create a lot more subnets than with the Class C network. If you use a mask of 255.255.248.0 (/21), how many subnets and hosts per subnet does this allow for?
172.16.0.0 - 10101100.00010000.00000000.00000000 255.255.248.0 - 11111111.11111111.11111000.00000000 -----------------| sub |-----------
You use five bits from the original host bits for subnets. This allows you to have 32 subnets (25). After using the five bits for subnetting, you are left with 11 bits for host addresses. This allows each subnet so have 2048 host addresses (211), 2046 of which could be assigned to devices.
Note: In the past, there were limitations to the use of a subnet 0 (all subnet bits are set to zero) and all ones subnet (all subnet bits set to one). Some devices would not allow the use of these subnets. Cisco Systems devices allow the use of these subnets when the ip subnet zero command is configured.
Sample Exercise 1
Now that you have an understanding of subnetting, put this knowledge to use. In this example, you are given two address / mask combinations, written with the prefix/length notation, which have been assigned to two devices. Your task is to determine if these devices are on the same subnet or different subnets. You can use the address and mask of each device in order to determine to which subnet each address belongs.
DeviceA: 172.16.17.30/20 DeviceB: 172.16.28.15/20
Determine the Subnet for DeviceA:
172.16.17.30 - 10101100.00010000.00010001.00011110 255.255.240.0 - 11111111.11111111.11110000.00000000 -----------------| sub|------------ subnet = 10101100.00010000.00010000.00000000 = 172.16.16.0
Looking at the address bits that have a corresponding mask bit set to one, and setting all the other address bits to zero (this is equivalent to performing a logical "AND" between the mask and address), shows you to which subnet this address belongs. In this case, DeviceA belongs to subnet 172.16.16.0.
Determine the Subnet for DeviceB:
172.16.28.15 - 10101100.00010000.00011100.00001111 255.255.240.0 - 11111111.11111111.11110000.00000000 -----------------| sub|------------ subnet = 10101100.00010000.00010000.00000000 = 172.16.16.0
From these determinations, DeviceA and DeviceB have addresses that are part of the same subnet.
Sample Exercise 2
Given the Class C network of 220.127.116.11/24, subnet the network in order to create the network in Figure 3 with the host requirements shown.
Looking at the network shown in Figure 3, you can see that you are required to create five subnets. The largest subnet must support 28 host addresses. Is this possible with a Class C network? and if so, then how?
You can start by looking at the subnet requirement. In order to create the five needed subnets you would need to use three bits from the Class C host bits. Two bits would only allow you four subnets (22).
Since you need three subnet bits, that leaves you with five bits for the host portion of the address. How many hosts does this support? 25 = 32 (30 usable). This meets the requirement.
Therefore you have determined that it is possible to create this network with a Class C network. An example of how you might assign the subnetworks is:
netA: 18.104.22.168/27 host address range 1 to 30 netB: 22.214.171.124/27 host address range 33 to 62 netC: 126.96.36.199/27 host address range 65 to 94 netD: 188.8.131.52/27 host address range 97 to 126 netE: 184.108.40.206/27 host address range 129 to 158
In all of the previous examples of subnetting, notice that the same subnet mask was applied for all the subnets. This means that each subnet has the same number of available host addresses. You can need this in some cases, but, in most cases, having the same subnet mask for all subnets ends up wasting address space. For example, in the Sample Exercise 2 section, a class C network was split into eight equal-size subnets; however, each subnet did not utilize all available host addresses, which results in wasted address space. Figure 4 illustrates this wasted address space.
Figure 4 illustrates that of the subnets that are being used, NetA, NetC, and NetD have a lot of unused host address space. It is possible that this was a deliberate design accounting for future growth, but in many cases this is just wasted address space due to the fact that the same subnet mask is used for all the subnets.
Variable Length Subnet Masks (VLSM) allows you to use different masks for each subnet, thereby using address space efficiently.
Given the same network and requirements as in Sample Exercise 2 develop a subnetting scheme with the use of VLSM, given:
netA: must support 14 hosts netB: must support 28 hosts netC: must support 2 hosts netD: must support 7 hosts netE: must support 28 host
Determine what mask allows the required number of hosts.
netA: requires a /28 (255.255.255.240) mask to support 14 hosts netB: requires a /27 (255.255.255.224) mask to support 28 hosts netC: requires a /30 (255.255.255.252) mask to support 2 hosts netD*: requires a /28 (255.255.255.240) mask to support 7 hosts netE: requires a /27 (255.255.255.224) mask to support 28 hosts * a /29 (255.255.255.248) would only allow 6 usable host addresses therefore netD requires a /28 mask.
The easiest way to assign the subnets is to assign the largest first. For example, you can assign in this manner:
netB: 220.127.116.11/27 host address range 1 to 30 netE: 18.104.22.168/27 host address range 33 to 62 netA: 22.214.171.124/28 host address range 65 to 78 netD: 126.96.36.199/28 host address range 81 to 94 netC: 188.8.131.52/30 host address range 97 to 98
This can be graphically represented as shown in Figure 5:
Figure 5 illustrates how using VLSM helped save more than half of the address space.
Classless Interdomain Routing (CIDR) was introduced in order to improve both address space utilization and routing scalability in the Internet. It was needed because of the rapid growth of the Internet and growth of the IP routing tables held in the Internet routers.
CIDR moves way from the traditional IP classes (Class A, Class B, Class C, and so on). In CIDR , an IP network is represented by a prefix, which is an IP address and some indication of the length of the mask. Length means the number of left-most contiguous mask bits that are set to one. So network 172.16.0.0 255.255.0.0 can be represented as 172.16.0.0/16. CIDR also depicts a more hierarchical Internet architecture, where each domain takes its IP addresses from a higher level. This allows for the summarization of the domains to be done at the higher level. For example, if an ISP owns network 172.16.0.0/16, then the ISP can offer 172.16.1.0/24, 172.16.2.0/24, and so on to customers. Yet, when advertising to other providers, the ISP only needs to advertise 172.16.0.0/16.
For more information on CIDR, see RFC 1518 and RFC 1519.
Routers A and B are connected via serial interface.
hostname routera ! ip routing ! int e 0 ip address 172.16.50.1 255.255.255.0 !(subnet 50) int e 1 ip address 172.16.55.1 255.255.255.0 !(subnet 55) int s 0 ip address 172.16.60.1 255.255.255.0 !(subnet 60) int s 0 ip address 172.16.65.1 255.255.255.0 (subnet 65) !S 0 connects to router B router rip network 172.16.0.0
hostname routerb ! ip routing ! int e 0 ip address 184.108.40.206 255.255.255.240 !(subnet 192) int e 1 ip address 220.127.116.11 255.255.255.240 !(subnet 64) int s 0 ip address 172.16.65.2 (same subnet as router A's s 0) !Int s 0 connects to router A router rip network 18.104.22.168 network 172.16.0.0
Host/Subnet Quantities Table
Class B Effective Effective # bits Mask Subnets Hosts ------- --------------- --------- --------- 1 255.255.128.0 2 32766 2 255.255.192.0 4 16382 3 255.255.224.0 8 8190 4 255.255.240.0 16 4094 5 255.255.248.0 32 2046 6 255.255.252.0 64 1022 7 255.255.254.0 128 510 8 255.255.255.0 256 254 9 255.255.255.128 512 126 10 255.255.255.192 1024 62 11 255.255.255.224 2048 30 12 255.255.255.240 4096 14 13 255.255.255.248 8192 6 14 255.255.255.252 16384 2 Class C Effective Effective # bits Mask Subnets Hosts ------- --------------- --------- --------- 1 255.255.255.128 2 126 2 255.255.255.192 4 62 3 255.255.255.224 8 30 4 255.255.255.240 16 14 5 255.255.255.248 32 6 6 255.255.255.252 64 2 *Subnet all zeroes and all ones included. These might not be supported on some legacy systems. *Host all zeroes and all ones excluded.