CN 211: COMPUTER

NETWORKING PROTOCOLS

IP Fundamentals
IP Fundamentals
• IP packet-Format
• IP addressing
• IP networking classes A-E
• Network address masks and wildcard mask
• Decimal vs. binary format
• Ipv4 vs. Ipv6
• Private/public IP addressing
• Static/dynamic Network Address Translation.
Network address masks
• For the network address scheme to work, every machine
on the network must know which part of the host
address will be used as the network address.

• This is accomplished by assigning a network mask to

each machine.

• A network mask is a 32-bit value that allows the

recipient of IP packets to distinguish the network ID
portion of the IP address from the host ID portion of the
IP address.
Network address masks
• The network administrator creates a 32-bit network
address mask composed of 1s and 0s.

• The 1s in the network address mask represent the

positions that refer to the network or subnet addresses.

• Note: All networks address need network address

mask, meaning they use the default network address
mask.

• Table on the next slide shows the default subnet masks

for Classes A, B, and C.
Network address masks

Default Subnet Mask

Network address masks
• These default masks cannot change.

• In other words, you can’t make a Class B network

address mask read 255.0.0.0.

• If you try, the host will read that address as invalid and
usually won’t even let you type it in.

• For a Class A network, you can’t change the first byte in

a network address mask; it must read 255.0.0.0 at a
minimum.
Network address masks
• Similarly, you cannot assign 255.255.255.255, as this is
all 1s—a broadcast address.

• A Class B address must start with 255.255.0.0, and a

Class C has to start with 255.255.255.0.
Wildcard Mask
• A wildcard mask is a mask of bits that indicates which
parts of an IP address are available for examination.

• In the Cisco IOS, they are used in several places, for

example:
— To indicate the size of a network or subnet for some routing
protocols, such as OSPF.

— To indicate what IP addresses should be permitted or denied in

access control lists (ACLs).
Wildcard Mask
• A wildcard mask can be thought of as an inverted
subnet mask.

• For example, a subnet mask of 255.255.255.0 (binary

equivalent = 11111111.11111111.11111111.00000000)
inverts to a wildcard mask of 0.0.0.255 (binary
equivalent = 00000000.00000000.00000000.11111111).

• A wild card mask is a matching rule. The rule for a

wildcard mask is:
— 0 means that the equivalent bit must match
— 1 means that the equivalent bit does not matter
Wildcard Mask
• Any wildcard bit-pattern can be masked for examination.

• For example, a wildcard mask of 0.0.0.254 (binary

equivalent = 00000000.00000000.00000000.11111110)
applied to IP address 10.10.10.2
(00001010.00001010.00001010.00000010) will match
even-numbered IP addresses 10.10.10.0,
10.10.10.2,10.10.10.4, 10.10.10.6 etc.

• Same mask applied to 10.10.10.1

(00001010.00001010.00001010.00000001) will match
odd-numbered IP addresses 10.10.10.1, 10.10.10.3,
10.10.10.5 etc.
Wildcard Mask
• A network and wildcard mask combination of 1.1.1.1
0.0.0.0 would match an interface configured exactly
with 1.1.1.1 only, and nothing else.

• Wildcard masks are used in situations where subnet

masks may not apply.

• For example, when two affected hosts fall in different

subnets, the use of a wildcard mask will group them
together.
Wildcard Mask
Wildcard Mask
Wildcard Mask
Wildcard Mask Examples
• Range to restrict:
—172.16.0.0 – 172.31.255.255

• Base IP Address:
—172.16.0.0

• Wildcard Mask:
—0.15.255.255
Wildcard Mask Examples
172.16.0.0
0.15.255.255
10101100 . 00010000 . 00000000 . 00000000
00000000 .00001111 . 11111111 . 11111111
Keep:
10101100 . 0001xxxx . xxxxxxxx . xxxxxxxx
Minimum:
10101100 . 00010000 . 00000000 . 00000000
Maximum:
10101100 . 00011111 . 11111111 . 11111111
Wildcard Mask Examples
• Question: What IP addresses does this
combination isolate?

—Base IP Address:
• 192.168.20.37

—Wildcard Mask:
• 0.0.0.254
Wildcard Mask Challenge
192.168.20.37
0.0.0.254
11000000 . 10101000 . 00010100 . 00100101
00000000 .00000000 . 00000000 . 11111110
Keep:
11000000 . 10101000 . 00010100 . xxxxxxx1
Wildcard Mask Challenge: Answer
11000000 . 10101000 . 00010100 . xxxxxxx1

Isolates all the ODD numbers in the

192.168.20.X
Subnet!
Wildcard Mask Keywords
• Wildcard mask of: 0.0.0.0
—Keeps all bits Keyword is: Host

• Wildcard mask of: 255.255.255.255

—Eliminates all bits Keyword is : ANY
Wildcard Mask Keywords Example
Private and public IP addressing
• The people who created the IP addressing scheme also
created what we call private IP addresses.

• These addresses can be used on a private network, but

they’re not routable through the Internet.

• This is designed for the purpose of creating a measure

of well-needed security, but it also conveniently saves
valuable IP address space.
Private and public IP addressing
• If every host on every network had to have real routable
IP addresses, we would have run out of IP addresses to
hand out years ago.

• But by using private IP addresses, ISPs, corporations,

and home users only need a relatively tiny group of
bona fide IP addresses to connect their networks to the
Internet.

• This is economical because they can use private IP

addresses on their inside networks and get along just
fine.
Private and public IP addressing
• To accomplish this task, the ISP and the corporation—
the end user, no matter who they are—need to use
something called a Network Address Translation (NAT),
which basically takes a private IP address and converts
it for use on the Internet.

• Many people can use the same real IP address to

transmit out onto the Internet.

• Doing things this way saves megatons of address

space—good for us all!
Private and public IP addressing
• Table below list the reserved Private addresses.

Reserved IP addresses space

Private and public IP addressing
• The remaining ip addresses from classes A, B
and C are used for public ip address space.
 Static/dynamic
Network Address Translation (NAT).
• Whether your network is the home or the corporate
type, if it uses the private IP addresses that we just
talked about, you have to translate your private inside
addresses to a global outside address by using NAT.

• The main idea is to conserve Internet global address

space, but it also increases network security by hiding
internal IP addresses from external networks.

• In NAT terminology, the inside network is the set of

networks that are subject to translation.
 Static/dynamic
Network Address Translation (NAT).
• The outside network refers to all other addresses—
usually those located on the Internet.

• However, just to help confuse you, it’s important to

understand that you can translate packets coming into
the private network as well.

• NAT operates on a router—generally only connecting

two networks together—and translates your private
(inside local) addresses within the internal network, into
public (inside global) addresses before any packets are
forwarded to another network.
 Static/dynamic
Network Address Translation (NAT).
• This functionality gives you the option to configure NAT
so that it will advertise only a single address for your
entire network to the outside world.

• Doing this effectively hides the internal network from

the whole world really well, giving you some much-
needed additional security.

• There are different flavors of NAT:-

— Static NAT
— Dynamic NAT
Static NAT
• Designed to allow one-to-one mapping between local
and global addresses.

• This flavor requires you to have one real Internet IP

address for every host on your network.
Dynamic NAT
• Designed to map an unregistered IP address to a
registered IP address from out of a pool of registered IP
addresses.

• You don’t have to statically configure your router to map

an inside to an outside address as in static NAT, but you
do have to have enough real IP addresses for everyone
who wants to send packets to and from the Internet.

• If you have a single public IP address, you could allow

only a single host on your network to have access to the
outside.
 Static/dynamic
Network Address Translation (NAT).
• Overloading This is the most popular type of NAT
configuration.

• Overloading is a form of dynamic NAT that maps multiple

unregistered IP addresses to a single registered IP address
(many-to-one) by using different ports.

• Therefore, it’s also known as port address translation (PAT).

• By using PAT (NAT Overload), you can have thousands of

users connect to the Internet using only one real global IP
address—pretty slick! NAT Overload is the reason we have
not run out of valid IP address on the Internet.
Broadcast Addresses
• Broadcast address The address used by applications
and hosts to send information to all nodes on a network.

• Examples include 255.255.255.255, which is all

networks, all nodes; 172.16.255.255, which is all
subnets and hosts on network 172.16.0.0; and
10.255.255.255, which broadcasts to all subnets and
hosts on network 10.0.0.0.
Broadcast Addresses
• Here are the four different types of addressing scheme:-

— Layer 2 broadcasts These are sent to all nodes on a LAN.

— Broadcasts (layer 3) These are sent to all nodes on the

network.

— Unicast These are sent to a single destination host.

— Multicast These are packets sent from a single source, and

transmitted to many devices on different networks.
Broadcast Addresses
• First, understand that layer 2 broadcasts are also known
as hardware broadcasts—they only go out on a LAN,
and they usually don’t go past the LAN boundary
(router) unless they become a unicast packet.

• The typical hardware address is 6 bytes (48 bits) and

looks something like 0c.43.a4.f3.12.c2.

• The broadcast would be all 1s in binary and all Fs in

hexadecimal, as in FF.FF.FF.FF.FF.FF.
Broadcast Addresses
• Then there’s the plain old broadcast addresses at layer
3. Broadcast messages are meant to reach all hosts on a
broadcast domain.

• These are the network broadcasts that have all host bits
on.

• Here’s an example that you’re already familiar with:-

— The network address of 172.16.0.0 and mask of 255.255.0.0
would have a broadcast address of 172.16.255.255—all host bits
on.
— Broadcasts can also be “all networks and all hosts,” as indicated
by 255.255.255.255, a good example of a broadcast message is
an Address Resolution Protocol (ARP) request-(for physical add).
Broadcast Message (Eg. ARP)
• To get the packet to the destination, the host needs to
forward the packet to a default gateway if the
destination resides on a different IP network.

• If the destination is on the local network, the source will

forward the packet directly to the destination.

• Because the source doesn’t have the MAC address it

needs to forward the frame to, it sends out a broadcast,
something that every device in the local broadcast
domain will listen to.
Broadcast Message (Eg. ARP and DHCP)
• This broadcast says, in essence, “If you are the owner
of IP address 192.168.2.3, please forward your MAC
address to me,” with the source giving the appropriate
information.

• A unicast is different because it’s a broadcast that

becomes directed to an actual destination IP address—in
other words, it’s directed to a specific host, and a DHCP
client request is a good example of how a unicast works.

• Here’s an example:
— Your host on a LAN sends out an FF.FF.FF.FF.FF.FF layer 2
broadcast and 255.255.255.255 layer 3 destination broadcast
looking for a DHCP server on the LAN.
Broadcast Addresses
• The router will see that this is a broadcast meant for the
DHCP server because it has a destination port number
of 67 (BootP server), and will forward the request to the
IP address of the DHCP server on another LAN.

• So, basically, if your DHCP server IP address is

172.16.10.1, your host just sends out a
255.255.255.255 DHCP client broadcast request, and
the router changes that broadcast to the specific
destination address of 172.16.10.1.
Broadcast Addresses
• Be careful here—a host address can really look like a
broadcast address!

• For example, a Unicast is a broadcast that’s forwarded

to a specific host.

• Is the IP address 172.16.128.255/18 a valid host or a

broadcast address? Sure looks like a broadcast address!
Broadcast Addresses
• First, /18 is 255.255.192.0, this makes the valid
networks 64.0 and 128.0, where the broadcast address
for the 172.16.128.0 subnet is 172.16.191.255, so the
valid hosts are 128.1 through 191.254. 172.16.128.255
is a valid host and is a unicast!

• For now, understand that just because an IP address

has a 0 or 255 in the address doesn’t always make it a
network or broadcast respectively.
Broadcast Addresses
• Multicast is a different beast entirely, at first glance, it
appears to be a hybrid of unicast and broadcast
communication, but that isn’t quite the case.

• Multicast does allow point-to-multipoint communication,

which is similar to broadcasts, but it happens in a
different manner.

• The crux of multicast is that it enables multiple

recipients to receive messages without flooding the
messages to all hosts on a broadcast domain.
Broadcast Addresses
• Multicast works by sending messages or data to IP
multicast group addresses.

• Routers then forward copies of the packet out every

interface that has hosts subscribed to that group
address.

• This is where multicast differs from broadcast

messages—with multicast communication, copies of
packets, in theory, are sent only to subscribed hosts.

• There are several different groups that users or

applications can subscribe to.
Broadcast Addresses
• The range of multicast addresses starts with 224.0.0.0,
and goes through 239.255.255.255. As you can see, this
range of addresses falls within IP Class D address space
based on classful IP assignment.