Aoraki Digital Technologies/Level 2/DT 2.50 AS91377/More Advanced Networking

From WikiEducator
Jump to: navigation, search


This topic covers 4 areas that are slightly more complicated than the previous work on IP addresses.  Needless to say it is vey important you have understood all of the work so far.  We are going to answer the following questions:

  • How can a computer with a private IP address access resources on other networks (e.g. the internet) if it does not have a public IP address?
  • How do messages on networks know where to go - why isn't the interenet completely flooded with messages travelling between computers?
  • What will happen when IPv4 addresses run out?
  • How do IP addresses and network cards interact?

This topic is a combination of activities and information.

How can a computer with a private IP address access resources on other networks (e.g. the internet) if it does not have a public IP address?

Another way of more carefully describing this probelm is by considering school networks:

  • School A has a LAN and has IP addresses in the range -
  • School B also has a LAN and also has IP addresses in the range -
  • All the computers at school A and school B can connect to the internet
  • No two computers on the internet or a particular LAN can have the same IP address

How does this work - by something called Network Address Translation or NATing.

Network Address Translation (NATing)

NAT is a way that many computers with private addresses in one network can access (or find) IP addresses in another network while appearing to come from or originate from only one computer.  Read the following section on NAT and then complete the activities below.

Network Address Translation


#1 NAT and DHCP

You are going to set up a NAT router and get it to NAT addresses between your own mini private LAN and your school network. Your teacher will provide you with a switch, cables, a NAT capable router that also acts as a DHCP server, some PC's and a few zenix CD's

  1. Connect the router to the switch and your school network.  The internet port on the router should be connected to the school network and the "LAN ports" should be connected to the switch.  Configure the router as follows
    • The routers own private address is
    • The router gives out addresses by DHCP in the range -
    • The routers own public address can either be static or public depending on your school configuration (see your teacher)
    • The router settings need to be checked by your teacher
  2. Now attach the zenix computers to the switch and configure them to accept dynamic addresses by DHCP
  3. Use the sudo ifconfig command to check the ip address is set correctly
  4. Now use the ping command to ping a server (see your teacher for the ip address) on your schools network
  5. Use Wireshark on one of the zenix computers (Right click on the desktop > security > wireshark to catch packets when you are pinging the server.  Where are the packets coming from?  Wireshark is a very useful networking tool we will use a little later in the course.
  6. Dissconnect the router from the school network
  7. Connect the switch to the school network
  8. Try instruction 4 again - did it work?  Try and explain your results.

#2 NAT and Static Addresses, Gateways

  1. Set up your network the same as point 1 above
  2. Now attach the zenix computers to the switch and configure them to have static ip addresses in the range -  Set the gateway to be the routers ip address, .  This should be the default setting.
  3. Use the sudo ifconfig command to check the ip address is set correctly
  4. Now use the ping command to ping a server (see your teacher for the ip address) on your schools network - All should work as before.  All we have done is replaced the dynamic address with a static address.
  5. Back on the Zenix machines, replace the gateway address in wicd so that is replaced by
  6. Now try pinging the school server - what happens?
  7. Try and explain your results  - you could use wireshark to see what is happening in more detail.
  8. What is a gateway?

How are networks divided into logical segments and what is this thing?

Subnets and Subnet Masks

A subnetwork (or subnet for short) is simply a way of grouping IP addresses together.  This is oftern needed to group computers on a LAN and can be very useful to prevent different networks from communicating with each other even if they are physically connected by ethernet cables (or wireless).  A subnet breaks down a large physical network into smaller logical networks. 

In order for computers to communicate on one network, they will all need their own IP address. However, if you have two or more networks, instead of purchasing different numbers for each network, subnetting provides the ability to easily divide one IP address range amongst all the hosts in your network. Subnetting is used in IP networks to break up larger networks into a smaller network. Subnetting involves manually calculating the bits of an IP address and taking them from the host side of bits and adding them to the network side.

Network address and logical address

The term network address sometimes refers to logical address, i.e. network layer address such as the IP address, and sometimes to the first address (the base address) of a classful address range to an organization.

Computers and devices that are part of internetworking network such as the Internet all have a logical address. The network address is unique to that device and can either be dynamically or statically configured. This address allows the device to communicate with other devices connected to the network. The most common network addressing scheme is IPv4. The IPv4 network address consists of a 32 bit address divided into 4 octets and a subnet mask of like size. In order to facilitate the routing process the address is divided into two pieces, the network address and the host address. This works much like a postal address where the network address would represent the city and the host address would represent the street address. The subnet mask is used in conjunction with the network address to determine which part of the address is the network address and which part is the host address.

  • A subnet is a group of IP addresses that form a network.
  • A subnet mask is used to tell an IP address which network the IP address is on.

Binary subnet masks

While subnet masks are often represented in dot-decimal form their use becomes clearer in binary. Looking at a network address and a subnet mask in binary a device can determine which part of the address is the network address and which part is the host address. To do this, it performs a bitwise "AND" operation.


Dot-decimal Address Binary
Full Network Address 11000000.10101000.00000101.00001010
Subnet Mask 11111111.11111111.11111111.00000000
Network Portion 11000000.10101000.00000101.00000000
Host Portion 00000000.00000000.00000000.00001010

Subnet masks consist of a series of 1s in binary followed by 0s. The 1s designate that part of the address as being part of the network portion and the 0s designate that part as being part of the host address. Subnet masks do not have to fill a given octet. This allows a classful network to be broken down into subnets. A classful network is a network that has a subnet mask of, or Subnet masks can also be expressed in a shorter form, known as Classless Inter-Domain Routing (CIDR) notation, which gives the network number followed by a slash ("/") and the number of 'one' bits in the binary notation of the netmask (i.e. the number of relevant bits in the network number). For example, indicates an IP address where the first 24 bits are used as network address (same as

IPv4 classes

IPv4 addresses are broken down into three parts: the network part, the subnet part, and the host part. There are three classful network classes of IP address which determine how much is which

Class Leading bits Start End Default Subnet Mask in dotted decimal CIDR notation
A 0 /8
B 10 /16
C 110 /24
D 1110
E 1111

The network is left out because it is designated for loopback and cannot be assigned to a network

Class D multicasting

Class E reserved

Subnetting is the process of allocating bits from the host portion as a network portion. The above example shows the bitwise "AND" process being performed on a classful network. The following example shows bits being borrowed to turn a classful network into a subnet.


Dot-decimal Address Binary
Full Network Address 11000000.10101000.00000101.10000010
Subnet Mask 11111111.11111111.11111111.11000000
Network Portion 11000000.10101000.00000101.10000000

In this example two bits were borrowed from the original host portion. This is beneficial because it allows a single network portion to be split into several smaller network portions. By design IPv4 address are limited in number and each classful network portion is capable of supporting a finite number of hosts. A classful C address for example has space for 254 hosts. If a network were to be split into four parts using classful address four different class C addresses would have to be used to serve those networks.


  1. Why do most LAN's have a subnet mask of
  2. Find out the Ip address range of the VC gear at your, or a neighboring school.  What is the subnet mask of the VC gear ip address?  Explain your reasoning?

What is a Gateway?


A gateway is a computer or router that acts as a path or route to one or more other networks.  It enables devices on one network to reach devices on another network.  Gateways have an IP address which must be known by other computers for it to be used as a gateway.

Activity # 4

  1. Make a simple network with 3 computers ( - set to have a gateway of and a netmask of connected through a switch.
  2. Check that the 3 computers can ping each other
  3. Now add a router to the network, it should have a "private ip address" of and a public ip address that is dynamic.  Configure the router to enable "NATing" between the public and private interfaces
  4. Connect the private interface to your network and the public interface to your schools network
  5. Check that, for example, you can ping a school server from the machine i.e. NATing is working.
  6. Now on the machine, change the gateway to
  7. Try  step 5 again.  Can you ping the server?  Explain your results.  Change the gateway back to and confirm your reasoning.

IPv4 and IPv6

As you might have noticed, there is a limit to the number of IPv4 addresses we can have, this limit is well below the current population of the world. If we were in the future to have every inhabitant of the planet connected to the internet, there wouldn't be enough IP Addresses for them to use! This problem is very current and IPv6 is being introduced to try and resolve it. IPv6 uses 128 bits for each address, meaning we have theoretically 2128 addresses available = 340,282,366,920,938,463,463,374,607,431,768,211,456 different possible addresses.
Decomposition of an IPv6 address from hexadecimal representation to its binary value.
The IPv6 address has 128 bits split into:
  • 64 bits for the network
    • the first 16 bits are used for address type
    • 16 bits for sub networks
    • leaving 32 bits for main networks
  • 64 bits for the interface addresses

Why would we ever need this many you may ask? With so many addresses this will allow each person to have multiple devices connected to the internet, currently driven by the demand for internet on mobile phones. We are also looking at connecting lots of other devices to the internet that might not currently be connected. For example we could have fridges telling us when we are low on milk, ovens telling us when they need cleaning, bikes telling us when they need a service. The future is coming, watch this IPv6 space!

MAC Address

IP addresses change, for example if you connect your laptop to the internet at home you get one IP address.  If you were then to take it around a friends and connect there, you would be given another IP address.  MAC addresses are unique to the device they are given to and every network interface has a MAC address, including mobile phones, games consoles and wireless cards.  This is important when you consider that a computer can have more than one network interface.  For example with a laptop you might have a cat-6 network card and a wireless card, one handling bittorrent and the other web browsing.  When you receive a message, which network interface should it be sent to?  The MAC address would mean that messages can be directed to a particular network interface, namely the wireless card or the cat-6 card. 
Each networkable device has its own unique MAC address

Activity # 5

Using Zenix and the sudo ifconfig command, find out the MAC address of your computers LAN interface.  Repeat this on a laptop that has both a wireless and a wired interface so that you find out two MAC addresses.

Activity # 6

Each network card manufacturer, for example IBM produces network cards that have a particular range of MAC addresses.  Using this utility find out the manufacturer of the network cards you determined the MAC address of above.


  • No two computers on the same network should have the same IP address
  • Network Address Translation (NAT) allows computers on on network to access another network and appear as though they originate from the gateway router
  • A gateway is a router that connects two or more networks
  • IP addresses can be either static or given out automatically through Dynamic Host Configuration Protocol (DHCP)
  • A subnet is part of a network
  • A subnet mask of an IP address determines which part of an IP address is the network part and which is the host part
  • IPv4 addresses are limited in number and will need to be replaced by IPv6, which has a far greater number of addresses
  • Each network card has a unique MAC address which cannot change.

Now do the excercises at the bottom of this wikibook page.