Aoraki Digital Technologies/Level 2/DT 2.50 AS91377/More Advanced Networking
Contents
Introduction
This topic covers 4 areas that are slightly more complicated than the previous work on IP addresses. Needless to say it is vey important you have understood all of the work so far. We are going to answer the following questions:
- How can a computer with a private IP address access resources on other networks (e.g. the internet) if it does not have a public IP address?
- How do messages on networks know where to go - why isn't the interenet completely flooded with messages travelling between computers?
- What will happen when IPv4 addresses run out?
- How do IP addresses and network cards interact?
This topic is a combination of activities and information.
How can a computer with a private IP address access resources on other networks (e.g. the internet) if it does not have a public IP address?
Another way of more carefully describing this probelm is by considering school networks:
- School A has a LAN and has IP addresses in the range 192.168.10.1 - 192.168.10.254
- School B also has a LAN and also has IP addresses in the range 192.168.10.1 - 192.168.10.254
- All the computers at school A and school B can connect to the internet
- No two computers on the internet or a particular LAN can have the same IP address
How does this work - by something called Network Address Translation or NATing.
Network Address Translation (NATing)
NAT is a way that many computers with private addresses in one network can access (or find) IP addresses in another network while appearing to come from or originate from only one computer. Read the following section on NAT and then complete the activities below.
Activities
#1 NAT and DHCP
You are going to set up a NAT router and get it to NAT addresses between your own mini private LAN and your school network. Your teacher will provide you with a switch, cables, a NAT capable router that also acts as a DHCP server, some PC's and a few zenix CD's
- Connect the router to the switch and your school network. The internet port on the router should be connected to the school network and the "LAN ports" should be connected to the switch. Configure the router as follows
- The routers own private address is 10.168.11.1
- The router gives out addresses by DHCP in the range 10.168.11.5 - 10.168.11.10
- The routers own public address can either be static or public depending on your school configuration (see your teacher)
- The router settings need to be checked by your teacher
- Now attach the zenix computers to the switch and configure them to accept dynamic addresses by DHCP
- Use the sudo ifconfig command to check the ip address is set correctly
- Now use the ping command to ping a server (see your teacher for the ip address) on your schools network
- Use Wireshark on one of the zenix computers (Right click on the desktop > security > wireshark to catch packets when you are pinging the server. Where are the packets coming from? Wireshark is a very useful networking tool we will use a little later in the course.
- Dissconnect the router from the school network
- Connect the switch to the school network
- Try instruction 4 again - did it work? Try and explain your results.
#2 NAT and Static Addresses, Gateways
- Set up your network the same as point 1 above
- Now attach the zenix computers to the switch and configure them to have static ip addresses in the range 10.168.11.5 - 10.168.10.10. Set the gateway to be the routers ip address, 10.168.11.1 . This should be the default setting.
- Use the sudo ifconfig command to check the ip address is set correctly
- Now use the ping command to ping a server (see your teacher for the ip address) on your schools network - All should work as before. All we have done is replaced the dynamic address with a static address.
- Back on the Zenix machines, replace the gateway address in wicd so that 10.168.11.1 is replaced by 10.168.11.11
- Now try pinging the school server - what happens?
- Try and explain your results - you could use wireshark to see what is happening in more detail.
- What is a gateway?
How are networks divided into logical segments and what is this 255.255.255.0 thing?
Subnets and Subnet Masks
A subnetwork (or subnet for short) is simply a way of grouping IP addresses together. This is oftern needed to group computers on a LAN and can be very useful to prevent different networks from communicating with each other even if they are physically connected by ethernet cables (or wireless). A subnet breaks down a large physical network into smaller logical networks.
In order for computers to communicate on one network, they will all need their own IP address. However, if you have two or more networks, instead of purchasing different numbers for each network, subnetting provides the ability to easily divide one IP address range amongst all the hosts in your network. Subnetting is used in IP networks to break up larger networks into a smaller network. Subnetting involves manually calculating the bits of an IP address and taking them from the host side of bits and adding them to the network side.
Network address and logical address
The term network address sometimes refers to logical address, i.e. network layer address such as the IP address, and sometimes to the first address (the base address) of a classful address range to an organization.
Computers and devices that are part of internetworking network such as the Internet all have a logical address. The network address is unique to that device and can either be dynamically or statically configured. This address allows the device to communicate with other devices connected to the network. The most common network addressing scheme is IPv4. The IPv4 network address consists of a 32 bit address divided into 4 octets and a subnet mask of like size. In order to facilitate the routing process the address is divided into two pieces, the network address and the host address. This works much like a postal address where the network address would represent the city and the host address would represent the street address. The subnet mask is used in conjunction with the network address to determine which part of the address is the network address and which part is the host address.
- A subnet is a group of IP addresses that form a network.
- A subnet mask is used to tell an IP address which network the IP address is on.
Binary subnet masks
While subnet masks are often represented in dot-decimal form their use becomes clearer in binary. Looking at a network address and a subnet mask in binary a device can determine which part of the address is the network address and which part is the host address. To do this, it performs a bitwise "AND" operation.
Example
Dot-decimal Address | Binary | |
---|---|---|
Full Network Address | 192.168.5.10 | 11000000.10101000.00000101.00001010 |
Subnet Mask | 255.255.255.0 | 11111111.11111111.11111111.00000000 |
Network Portion | 192.168.5.0 | 11000000.10101000.00000101.00000000 |
Host Portion | 0.0.0.10 | 00000000.00000000.00000000.00001010 |
Subnet masks consist of a series of 1s in binary followed by 0s. The 1s designate that part of the address as being part of the network portion and the 0s designate that part as being part of the host address. Subnet masks do not have to fill a given octet. This allows a classful network to be broken down into subnets. A classful network is a network that has a subnet mask of 255.0.0.0, 255.255.0.0 or 255.255.255.0. Subnet masks can also be expressed in a shorter form, known as Classless Inter-Domain Routing (CIDR) notation, which gives the network number followed by a slash ("/") and the number of 'one' bits in the binary notation of the netmask (i.e. the number of relevant bits in the network number). For example, 192.0.2.96/24 indicates an IP address where the first 24 bits are used as network address (same as 255.255.255.0).
IPv4 classes
IPv4 addresses are broken down into three parts: the network part, the subnet part, and the host part. There are three classful network classes of IP address which determine how much is which
Class | Leading bits | Start | End | Default Subnet Mask in dotted decimal | CIDR notation |
---|---|---|---|---|---|
A | 0 | 0.0.0.0 | 126.255.255.255 | 255.0.0.0 | /8 |
B | 10 | 128.0.0.0 | 191.255.255.255 | 255.255.0.0 | /16 |
C | 110 | 192.0.0.0 | 223.255.255.255 | 255.255.255.0 | /24 |
D | 1110 | 224.0.0.0 | 239.255.255.255 | ||
E | 1111 | 240.0.0.0 | 255.255.255.0 |
The 127.0.0.1 network is left out because it is designated for loopback and cannot be assigned to a network
Class D multicasting
Class E reserved
Subnetting is the process of allocating bits from the host portion as a network portion. The above example shows the bitwise "AND" process being performed on a classful network. The following example shows bits being borrowed to turn a classful network into a subnet.
Example
Dot-decimal Address | Binary | |
---|---|---|
Full Network Address | 192.168.5.130 | 11000000.10101000.00000101.10000010 |
Subnet Mask | 255.255.255.192 | 11111111.11111111.11111111.11000000 |
Network Portion | 192.168.5.128 | 11000000.10101000.00000101.10000000 |
In this example two bits were borrowed from the original host portion. This is beneficial because it allows a single network portion to be split into several smaller network portions. By design IPv4 address are limited in number and each classful network portion is capable of supporting a finite number of hosts. A classful C address for example has space for 254 hosts. If a network were to be split into four parts using classful address four different class C addresses would have to be used to serve those networks.
Activity#3
- Why do most LAN's have a subnet mask of 255.255.255.0?
- Find out the Ip address range of the VC gear at your, or a neighboring school. What is the subnet mask of the VC gear ip address? Explain your reasoning?
What is a Gateway?
Introduction
A gateway is a computer or router that acts as a path or route to one or more other networks. It enables devices on one network to reach devices on another network. Gateways have an IP address which must be known by other computers for it to be used as a gateway.
Activity # 4
- Make a simple network with 3 computers (10.168.11.5 - 10.168.11.7) set to have a gateway of 10.168.11.1 and a netmask of 255.255.255.0 connected through a switch.
- Check that the 3 computers can ping each other
- Now add a router to the network, it should have a "private ip address" of 10.168.11.1 and a public ip address that is dynamic. Configure the router to enable "NATing" between the public and private interfaces
- Connect the private interface to your 10.168.11.0 network and the public interface to your schools network
- Check that, for example, you can ping a school server from the machine 10.168.11.7 i.e. NATing is working.
- Now on the machine 10.168.11.7, change the gateway to 10.168.11.5
- Try step 5 again. Can you ping the server? Explain your results. Change the gateway back to 10.168.11.1 and confirm your reasoning.
IPv4 and IPv6
As you might have noticed, there is a limit to the number of IPv4 addresses we can have, this limit is well below the current population of the world. If we were in the future to have every inhabitant of the planet connected to the internet, there wouldn't be enough IP Addresses for them to use! This problem is very current and IPv6 is being introduced to try and resolve it. IPv6 uses 128 bits for each address, meaning we have theoretically 2128 addresses available = 340,282,366,920,938,463,463,374,607,431,768,211,456 different possible addresses. The IPv6 address has 128 bits split into:- 64 bits for the network
- the first 16 bits are used for address type
- 16 bits for sub networks
- leaving 32 bits for main networks
- 64 bits for the interface addresses
Why would we ever need this many you may ask? With so many addresses this will allow each person to have multiple devices connected to the internet, currently driven by the demand for internet on mobile phones. We are also looking at connecting lots of other devices to the internet that might not currently be connected. For example we could have fridges telling us when we are low on milk, ovens telling us when they need cleaning, bikes telling us when they need a service. The future is coming, watch this IPv6 space!
MAC Address
IP addresses change, for example if you connect your laptop to the internet at home you get one IP address. If you were then to take it around a friends and connect there, you would be given another IP address. MAC addresses are unique to the device they are given to and every network interface has a MAC address, including mobile phones, games consoles and wireless cards. This is important when you consider that a computer can have more than one network interface. For example with a laptop you might have a cat-6 network card and a wireless card, one handling bittorrent and the other web browsing. When you receive a message, which network interface should it be sent to? The MAC address would mean that messages can be directed to a particular network interface, namely the wireless card or the cat-6 card.
Activity # 5
Using Zenix and the sudo ifconfig command, find out the MAC address of your computers LAN interface. Repeat this on a laptop that has both a wireless and a wired interface so that you find out two MAC addresses.
Activity # 6
Each network card manufacturer, for example IBM produces network cards that have a particular range of MAC addresses. Using this utility http://www.coffer.com/mac_find/ find out the manufacturer of the network cards you determined the MAC address of above.
Summary
- No two computers on the same network should have the same IP address
- Network Address Translation (NAT) allows computers on on network to access another network and appear as though they originate from the gateway router
- A gateway is a router that connects two or more networks
- IP addresses can be either static or given out automatically through Dynamic Host Configuration Protocol (DHCP)
- A subnet is part of a network
- A subnet mask of an IP address determines which part of an IP address is the network part and which is the host part
- IPv4 addresses are limited in number and will need to be replaced by IPv6, which has a far greater number of addresses
- Each network card has a unique MAC address which cannot change.
Now do the excercises at the bottom of this wikibook page.