To deal with this, two forms of addressing are used on IP networks: • Physical/hardware addresses • Logical/IP addresses Physical Addresses Physical addresses are used to identify t
Trang 1Addressing in IP Networks
Without an address, you can put a stamp on an envelope, put it in the mail, and it is not going to go anywhere IP traffic on the network is no different Without an address, it is impossible for hosts on a network to determine where the data should be delivered To deal with this, two forms of addressing are used on IP networks:
• Physical/hardware addresses
• Logical/IP addresses
Physical Addresses
Physical addresses are used to identify the specific host that data is being transmitted to The important thing about physical addresses is that they have a local significance only What this means is that the physical address can only be used to communicate between hosts that share a common subnet or network segment This is a legacy that goes back to the early days of networking where all hosts on a network received the electric signal that contained the data (such as how Ethernet functions) To ensure that only the host that the data belongs to processes the data, physical addresses were used to distinguish between hosts
The most common form of physical address, and the physical address that is used for TCP/IP communications, is the MAC address The MAC address is a vendor-assigned value that is supposed to be globally unique and that identifies the actual network card MAC addresses are 6 bytes in length and typically consist of a 3-byte vendor identifier (known as the organizationally unique identifier or OUI) followed by a 3-byte unique identifier that is assigned by the vendor
The use of physical addresses allows for network communications between two hosts on the same subnet regardless of logical address and is a key element to how routing works For example, when two hosts on different networks want to communicate with each other, they use their logical addresses to identify each other from a global perspective When they transmit the data to each other, each host physically addresses the frames to the hardware address of their corresponding router interface This allows the routers to receive and process the frames directly, while still being able to use the logical addresses
to determine the original source and final destination of the data Figure 3-11 illustrates how this process works
Figure 3-11 Physical Addressing of Data Between Hosts
Trang 2[View full size image]
The process in Figure 3-11 is as follows:
1 Host A logically addresses the data for Host B but physically addresses it to
00:05:9A:3C:78:00, the router interface physical address
2 The router receives the data, because it is physically addressed to it, but realizes that logically it must be delivered to Host B Therefore, it rebuilds the frame, using the physical address of the interface on the same network as Host B
(00:05:9A:3C:78:01) and physically addresses it to 00:05:9A:3C:78:30
Logical Addresses
Logical addresses are the counterpart to physical addresses and allow for the
identification of hosts and the delivery of data to hosts regardless of physical location or proximity to each other Consequently, logical addresses must have a true global
significance, and must be unique within all interconnected network segments TCP/IP uses IP addresses as the logical addressing method The following sections look at IP addresses in more detail
IP Addressing
An IP address is a 32-bit universal identifier that provides a means of uniquely
identifying from a global perspective What we mean by global perspective is that the address is unique on all interconnected networks, such as all internal networks in an organization, or in a truly global sense on all networks across the Internet
The 32-bit IP address is separated into four 8-bit octets, allowing each octet to have a value ranging from 0 to 255 Furthermore, the IP address is logically separated into two distinct components: the network ID and the host ID The network ID is used to identify the subnet upon which the host resides The host ID is used to identify the host itself within the given subnet
IP addresses can be displayed in three typical formats:
• Binary notation Binary notation is the format that systems on the network use to
Trang 3process the address An example of binary notation is
11000000.10101000.00000001.01100100
• Hexadecimal notation Hexadecimal notation is the format typically used when identifying IPv6 addresses An example of hexadecimal notation of an IPv4
address is C0.A8.01.64
• Dotted-decimal notation Dotted-decimal notation is the format that is typically
used for displaying the IP address in a human-readable format An example of dotted-decimal notation is 192.168.1.100
IP Address Classes
Not all networks are the same size Some are smaller than others; some are larger than others To provide a hierarchy and structure to the assignment of IP addresses, they were broken down into distinct classes, with each class natively supporting a different number
of networks and hosts
For the public IP address space, which is managed by the IANA, three classes of
addresses were defined:
• Class A addresses Class A addresses provide for 128 (27
) total networks, with each network containing 16,777,216 (224) hosts This is achieved by designating the first octet as the network ID and the remaining 3 octets as the host ID Class A addresses can be identified by the first bit of the first octet, which must be a 0, providing for a range of first octet values from 1 to 126 because the values of 0 and 127 are unusable (because 0 is all 0s and 127 is reserved for use as a loopback address)
• Class B addresses Class B addresses provide for a greater number of network IDs
at the cost of the total number of hosts per network For the Class B address space, the first 2 octets are designated as network ID, and the last 2 octets are designated
as the host ID Class B addresses can be identified by the fact that the first 2 bits of the first octet must be a 10 This allows for the total number of network IDs to be 16,384 (or 214 because the first 2 bits are defined) and the total number of hosts per network to be 65,536 (216) This provides a first octet range of values from 128 to
191
• Class C addresses Class C addresses provide for an extremely large number of networks, with a small number of hosts per network For the Class C address space, the first 3 octets are designated as network ID, and the last octet is
designated as host ID Class C addresses can be identified by the fact that the first
3 bits of the first octet must be 110, which provides for a first octet range of values from 192 to 223 This provides for 2,097,152 total networks (221) with each
network containing 256 host IDs (28)
In addition to the public address space, there are two additional address spaces,
Trang 4one for use in multicasting and the other for future use and testing:
• Class D addresses Class D addresses are identified by the first 4 bits of the first
octet having a value of 1110, which allows for a range of values in the first octet
of 224 to 239 Unlike the public address space, which is designed to allow an IP address to be assigned to and represent the host on the network, the Class D
addresses are used to assign multicast addresses (addresses that may be assigned to multiple hosts allowing them to receive the same data without the data needing to
be transmitted uniquely to each host) In addition, Class D addresses have no network or host portion of the address, leaving the remaining 28 bits of the address
to be the multicast address
• Class E addresses Class E addresses are identified by the first 4 bits of the first
octet having a value of 1111, which allows a range of values in the first octet of
240 to 255 This address space should not be used in any circumstance The
address of 255.255.255.255 is used to indicate an "all subnets" broadcast
Figure 3-12 shows the different address classes
Figure 3-12 Address Classes
Classless Interdomain Routing (CIDR)
Although the classful address space is a great idea, the truth is that not everyone needs networks with the number of hosts that each class of address provides For example, if you have more than 255 hosts that you need to connect to a network, using the classful address space you have to bump up to a full Class B, providing for 65,534 hosts on the network Obviously, that is far more hosts than is necessary To address this deficiency,
Trang 5CIDR was implemented
One of the benefits of classful addresses is that they provide a hierarchy to the network through the use of the network ID This translates into an efficient routing environment because it is easy for a router to determine what networks can be grouped together and treated as a single routing entry CIDR adheres to this philosophy while allowing for administrators to create additional networks regardless of address class by using a strict interpretation of the subnet mask as the means of identifying a network The subnet mask
is used to determine the network prefix, which defines where the network ID portion of a given IP address ends For example, a default Class B address (let's say 172.16.0.0) uses
a network prefix of /16, or 16 bits However, using CIDR, the administrator can elect to assign 20 bits of the IP address to the network, resulting in a network prefix of /20 This allows an administrator that has been assigned a single Class B address space to
effectively turn that single network (172.16.0.0) into 16 individual networks (the result of
24, or the 4 additional bits that were borrowed from the host ID portion of the address and given to the network portion of the address) Similarly, because 4 bits have been taken from the host ID of the address, this leaves a total 12 bits for host ID assignment This results in each of the 16 networks that were created having the potential for a maximum
of 4096 hosts per network (212)
Note
As you have read through this chapter, you may have noticed the use of (2x) when
referring to the number of hosts per network This is the technically accurate
representation of hosts per network However, most networks reserve a host ID to
identify the subnet itself (a host ID that consists of all 0s) as well as the broadcast ID for the subnet (a host ID that consists of all 1s) Consequently, the number of usable hosts per subnet is typically represented as (2x) -2 to account for the loss of those two host IDs
Subnets
Throughout this section, I have mentioned subnets repeatedly, but what is a subnet and why are they important to firewalls? A subnet is nothing more than a group of IP
addresses that are on the same network ID By extension, a subnet is the collection of hosts that are on the same network segment Subnets allow us to dissect the network into small, easier-to-manage chunks The reason for this is simple: The fewer the number of hosts on a given subnet, the less extraneous the traffic and the smoother the flow of traffic will go because there are not as many hosts in contention with each other
For communications to occur between subnets, a router needs to be involved Routers
Trang 6keep track of the list of the subnets in existence through the use of a routing table This allows a router to receive traffic and determine how to forward the traffic so that it can eventually be delivered to the destination network (and thus the destination host)
Subnets are important to firewalls because in many cases a firewall performs a similar function as a router In fact, in most firewall implementations the firewall is implemented
in such a manner as to explicitly reside between two subnets and thus restrict and control the traffic passing between subnets
IPv6
Although the IPv4 address space provides for what would seem to be a virtually
unlimited number of IP addresses, the reality is that with the growth of the Internet the number of IP addresses that are available for assignment has continued to decline This served as the catalyst to motivate the designers of the Internet and IP to develop a new addressing system to address the lack of available IP addresses as well as a number of other issues that are covered here They came up with IPv6
Whereas IPv4 is based on a 32-bit address space, IPv6 is based on a 128-bit address space This increased the total number of addresses from 4,294,967,296 (232) addresses
to 340,282,366,920,938,463,463,374,607,431,768,211,456 (2128) addresses This will allow for an address space that is so large that it will not be depleted for the foreseeable future
IPv6 also addressed a number of other deficiencies with IPv4, particularly around the areas of performance, security, control, and reliability Whereas IPv4 needs to rely on numerous other protocols to handle many of these tasks, IPv6 includes new options and extensions that allow for performance, control, and reliability information and
configuration to be handled natively by IPv6 This makes for a much more efficient communications system Finally, IPv6 allows for a flexible header format, allowing for the implementer of the protocol to determine which optional header components they will
or will not implement
IPv6 is completely incompatible with IPv4, and with the widespread implementation of Network Address Translation (NAT) this has caused adoption of IPv6 to be dramatically slowed