|
|
TCP/IP Networking Resources |
|
|
|
|
|
Table of contents → indicates a link to a dedicated page.
|
DS3 interfaces on a Cisco 7000 series router. |
This idealized model organizes any look at network protocols. Remember this by reading from bottom to top:
|
Advice |
Application | |
| People's | Presentation | |
| Sales' | Session | |
| Take | Transport | |
| Not | Network | |
| Do | Data-Link | |
| Please | Physical |
| Application | Let's be honest: The top three layers are pretty much just academic. Practical implementations like TCP/IP leave this to the application itself. Some network applications like NFS really have seven or so layers, analogous to these, but they are the exception! |
| Presentation | |
| Session | |
| Transport | Deals with end-to-end process addressing using ports. TCP is a connection-oriented protocol, UDP is a message-passing protocol. |
| Network | Route a packet from its source to its destination, including hops through routers across multiple networks. IP is the protocol. |
| Data Link |
Data link layer
uses hardware addresses (also called
MAC addresses or physical addresses) to
transmit
a frame across a network link. Physical layer is physics and electrical engineering — how to modulate electrical signals and photons to send zeros and ones. Both these layers are done in the network interface. ARP is a protocol mapping MAC address to IP address. |
| Physical |
In order to understand IP addresses, netmasks, subnet design, VLSM, CIDR, etc., you should read this paper: Understanding IP Addressing
Here is information on your IP address block — a lookup of the DNS PTR record, the network assignment and possibly some routing information:
The key to all this is the following relations of decimal versus binary:
| Decimal | Binary | How the binary is built | ||
| 0 | 00000000 | |||
| 128 | 10000000 | 128 | ||
| 192 | 11000000 | 128 + 64 | ||
| 224 | 11100000 | 128 + 64 + 32 | ||
| 240 | 11110000 | 128 + 64 + 32 + 16 | ||
| 248 | 11111000 | 128 + 64 + 32 + 16 + 8 | ||
| 252 | 11111100 | 128 + 64 + 32 + 16 + 8 + 4 | ||
| 254 | 11111110 | 128 + 64 + 32 + 16 + 8 + 4 + 2 | ||
| 255 | 11111111 | 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 |
Given that, we can build the following table of netmasks:
|
Useful only for CIDR block of any networks |
Useful for subnets of /8, or for CIDR blocks of /16 and /24 networks |
Useful for subnets of /8 or /16, or for CIDR blocks of /24 networks |
Useful for subnets of any networks |
| 0.0.0.0 /0 | 255.0.0.0 /8 | 255.255.0.0 /16 | 255.255.255.0 /24 |
| 128.0.0.0 /1 | 255.128.0.0 /9 | 255.255.128.0 /17 | 255.255.255.128 /25 |
| 192.0.0.0 /2 | 255.192.0.0 /10 | 255.255.192.0 /18 | 255.255.255.192 /26 |
| 224.0.0.0 /3 | 255.224.0.0 /11 | 255.255.224.0 /19 | 255.255.255.224 /27 |
| 240.0.0.0 /4 | 255.240.0.0 /12 | 255.255.240.0 /20 | 255.255.255.240 /28 |
| 248.0.0.0 /5 | 255.248.0.0 /13 | 255.255.248.0 /21 | 255.255.255.248 /29 |
| 252.0.0.0 /6 | 255.252.0.0 /14 | 255.255.252.0 /22 | 255.255.255.252 /30 |
| 254.0.0.0 /7 | 255.254.0.0 /15 | 255.255.254.0 /23 | 255.255.255.254 /31 |
Note that not all combinations are really useful, apply the follow exceptions.
0.0.0.0 isn't useful for much of anything at all. Plus, those CIDR blocks represented by the rest of the first column are awfully big! You probably won't encounter them unless you're running a backbone or selling IP space to a continent.
255.0.0.0, 255.255.0.0, and 255.255.255.0 define the classful /8, /16, and /24, or Class A, B, and C, respectively. They cannot define subnets of their own classful nets.
255.254.0.0, 255.255.254.0, and 255.255.255.254 cannot define subnets of /8, /16, and /24 nets, respectively, as that would only allow one bit for the host number, and that is not allowed by the RFC's.
CIDR is an acronym for Classless Inter-Domain Routing, and relates to higher level abstractions of IP address blocks.
To answer the question, "Does this set of classful network
addresses form a CIDR block",
instead answer the following question.
Is there a netmask /X such that:
If so, the answer is "Yes", and the CIDR block description is the first network address followed by /X.
As an example, this is a CIDR block, divided as indicated:
| network | host bits | |||||
| 200.201.200.0 | = | 1100 1000 | 1100 1001 | 1100 10 | 00 | xxxx xxxx |
| 200.201.201.0 | = | 1100 1000 | 1100 1001 | 1100 10 | 01 | xxxx xxxx |
| 200.201.202.0 | = | 1100 1000 | 1100 1001 | 1100 10 | 10 | xxxx xxxx |
| 200.201.203.0 | = | 1100 1000 | 1100 1001 | 1100 10 | 11 | xxxx xxxx |
| 22 constant bits | varying | |||||
| CIDR block = 200.201.200.0/22 | ||||||
But this is not a CIDR block:
| network | host bits | |||||
| 200.201.201.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 001 | xxxx xxxx |
| 200.201.202.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 010 | xxxx xxxx |
| 200.201.203.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 011 | xxxx xxxx |
| 200.201.204.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 100 | xxxx xxxx |
| 21 constant bits | varying incompletely |
|||||
The above is not a CIDR block, because not all eight possible combinations of the last three bits of the classful network designations are used, 001, 101, 110 and 111 are missing. But this shows us what would have to be added to make it a CIDR block:
| network | host bits | ||||||
| 200.201.200.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 000 | xxxx xxxx | added! |
| 200.201.201.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 001 | xxxx xxxx | |
| 200.201.202.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 010 | xxxx xxxx | |
| 200.201.203.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 011 | xxxx xxxx | |
| 200.201.204.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 100 | xxxx xxxx | |
| 200.201.205.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 101 | xxxx xxxx | added! |
| 200.201.206.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 110 | xxxx xxxx | added! |
| 200.201.207.0 | = | 1100 1000 | 1100 1001 | 1100 1 | 111 | xxxx xxxx | added! |
| 21 constant bits | varying | ||||||
| CIDR block = 200.201.200.0/21 | |||||||
VLSM stands for Variable Length Subnet Mask, and is used with CIDR.
The best place to look is the 3com paper (see above), but here's a fairly simple example. Let's say you're allocated the /24 address space 200.201.202.0/24, and you have to address hosts on the following networks:
Assign the addresses as below, where bits marked "x" can take all possible patterns other than all zeros and all ones.
| IP addresses, dotted-quad and binary | Net base address |
Number of hosts |
Final octet |
||||||
| 200 | . | 201 | . | 202 | . | ??? | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 01xx xxxx | 200.201.202.64/26 | 62 | 65-126 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 10xx xxxx | 200.201.202.128/26 | 62 | 128-190 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 001x xxxx | 200.201.202.32/27 | 30 | 33- 62 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 110x xxxx | 200.201.202.192/27 | 30 | 193-222 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 1110 xxxx | 200.201.202.224/28 | 14 | 225-238 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 0001 xxxx | 200.201.202.16/28 | 14 | 17- 30 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 0000 01xx | 200.201.202.4/30 | 2 | 5- 6 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 0000 10xx | 200.201.202.8/30 | 2 | 9- 10 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 0000 11xx | 200.201.202.12/30 | 2 | 13- 14 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 1111 00xx | 200.201.202.240/30 | 2 | 241-242 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 1111 01xx | 200.201.202.244/30 | 2 | 245-246 | |||
| 1100 1000 | 1100 1001 | 1100 1010 | 1111 10xx | 200.201.202.248/30 | 2 | 249-250 | |||
Final octet for host addresses on each network:
Minimum = final octet of base address plus one
Maximum = final octet of base address plus number of hosts
Final octet for broadcast on each net:
Broadcast = final octet of base address plus one plus number of hosts
Inadequately theoretical for you? Then read the paper by Mikail Atallah and Doug Comer.
Click here for my simple explanation of what IPsec is, what cryptographic security it provides, and a little about how to set it up. For more details:
See http://www.iana.org/assignments/multicast-addresses for the assigned multicast addresses and address blocks.
RFC 1112 describes how to do multicast.
Anycast, on the other hand, is described in RFC 1546 and RFC 4786.
RFC 2460 is the formal specification of IPv6 or Internet Protocol, Version 6. RFC 4291 defines the IPv6 addressing architecture. And RFC 2461, RFC 2462, RFC 2463, RFC 2464, RFC 2465, RFC 2466, RFC 2471, and RFC 2473 address various details and applications of IPv6.
See the NSA's US Patent 6,947,978, "Method for Geolocating Logical Network Addresses". It builds a network latency topology map using latency to and between known nodes.
Check the current Internet backbone activity with the Internet Traffic Report. The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.
Click here to see how routing works.
Click here to see how NAT (Network Address Translation) works.
An article about virtual Cisco routers and Linux servers.
Dynamips, the Cisco 7200 simulator itself.
VNUML (Virtual Network User Mode Linux), the the Linux simulator.
I was working on this networking project in Japan, and ... Click here to be subjected to them.
A demonstration of how a PHP script on the server can read and reformat the connection information and the client's request: moanmyip.com.
Including Jessica Simpson's thoughts on open-source routers, Gillian Anderson's on LAN switching, Elizabeth Hurley on the Cisco 2600 series routers, Mr Rogers on the RS-232 standard, and other really odd stuff: routergod.com.
If you're curious, look here:
According to the Oxford English Dictionary, it is "an attendant, ministering, or indwelling spirit." Socrates wrote of his daemon as his inner spirit. The designers of daemons in Linux/Unix (a concept later ported to most other operating systems) intended this meaning, as pointed out in some manual pages. It's an uncommon word these days, we usually use the Arabic djinn, these days often spelled genie, when we're talking about what used to be called a daemon in the Middle Ages.
|
|
|||||||||
|
|
|||||||||
|
|||||||||
|
| © Bob Cromwell May 2013. Created with /bin/vi and ImageMagick, hosted on OpenBSD with Apache. Root password available here, privacy policy here. | |||||