3.3 IPv4 Addressing
An IP address is a network layer (Layer 3) address. It uniquely identifies a host on a TCP/IP network, including network components or devices that communicate on the TCP/IP network. An IP address is composed of 32 binary bits and consists of two parts: a network ID and a host ID.
A Network ID, which identifies the TCP/IP hosts that are located on the same physical network. All hosts on the same physical network must be assigned the same network ID to communicate with each other. If routers connect your networks, a unique network ID is required for each wide area connection.
A Host ID, which identifies a host within a network. The host ID must be unique to the network designated by the network ID.
Binary Value | Decimal Value |
---|---|
00000001 |
1 |
00000010 |
2 |
00000100 |
4 |
00001000 |
8 |
00010000 |
16 |
00100000 |
32 |
01000000 |
64 |
10000000 |
128 |
Binary to Decimal Conversion
The boundary between the network ID and the host ID of the IP address is defined by the subnet mask, another 32-bit field. There is a bit-for-bit alignment between the IP address and the subnet mask. The subnet mask contains a continuous field of ones followed by a continuous field of zeros. Where the contiguous ones stop indicates the boundary between the network ID and the host ID of the IP address. The network boundary can occur at any place after the eighth bit position from the left. Once the boundary between the network part and the host part of the IP address is known, all devices addressed in that network will have a common binary pattern in the network part that identifies the device as belonging to the specified network.
There are a number of formats for referencing an IP address. The popular formats are binary (base 2), decimal (base 10) and hexadecimal (base 16.
3.3.1 Binary Format
Binary is a numeral system that is 2 based, i.e., it uses only os and is, to denote a value. Because binary is 2 based, each successive bit is twice the value of the preceding bit, read from right to left. This is illustrated below. A o denotes that the bit does not carry a value and a 1 denotes that the bit does carry a value. When binary value has more than one 1, as in ooooiooi the decimal values for the is are added to produce the decimal value. In this example oooooooi is 1 and ooooiooo is 8. Therefore the decimal value for ooooiooi is 9 (8+1). The maximum binary value for an octet would contain all is, as in iiiiiiii, and would have a decimal value 255 (128+64+32+16+8+4+2+1), as illustrated below.
Binary Code |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
Decimal Value |
128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |
Binary Code 11111111
Note: The corresponding decimal value of the binary code is calculated from right to left and not left to right.
As mentioned earlier, a o in the binary code indicates that the corresponding bit has no value. The figure below illustrates a byte with a binary code of iiioiioi and the value of each of its eight bits.
Binary Code |
1 |
0 |
1 |
0 |
1 |
1 |
0 |
1 |
Decimal Value |
128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |
Binary Code 11101101
The decimal value for this binary code is 128+0+32+0+8+4+0+1=173
Note: Each bit in the binary code that is marked with a 0 has no value. Therefore the corresponding decimal value of these bits are also 0.
3.3.2 Dotted Decimal Format
Both the IP address and its associated subnet mask contain 32 bits. However, the 32-bit IP address can be represented in other formats. The common formats include decimal (base 10) and hexadecimal (base 16) notation. The generally accepted format for representing IP addresses and subnet masks the doted decimal notation in which the 32-bit field is divided into four groups of eight bits, also called a byte, which are translated to decimal value and separated by dots. Each group of eight bits is called an octet. Thus, an IP Address expressed as 11000000101010001010011001111110 in binary format can be broken into its four octets: 11000000.10101000.10100110.01111110. These octets are converted to decimal value in the figure below.
First Octet |
Binary Code |
1 |
1 |
0 |
0 |
0 |
0 |
0 |
0 |
---|---|---|---|---|---|---|---|---|---|
Decimal Value |
128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |
|
Second Octet |
Binary Code |
1 |
0 |
1 |
0 |
1 |
0 |
0 |
0 |
Decimal Value |
128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |
|
Third Octet |
Binary Code |
1 |
0 |
1 |
0 |
0 |
1 |
1 |
0 |
Decimal Value |
128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |
|
Fourth Octet |
Binary Code |
0 |
1 |
1 |
1 |
1 |
1 |
1 |
0 |
Decimal Value |
128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |
Binary Code 11000000.10101000.01111011
The decimal value of the first octet is: 128+64+0+0+0+0+0+0=192
The decimal value of the second octet is: 128+0+32+0+8+0+0+0=168
The decimal value of the third octet is: 128+0+32+0+0+4+2+0=166
The decimal value of the fourth octet is: 0+64+32+16+8+4+2+0=126
In dotted decimal format this IP Address would be expressed as: 192.168.166.126
3.3.3 The Hexadecimal System
The decimal system used has 10 numeric digits, 0 through 9. After 9, you use 2 digits starting at 10 and then cycle the right-most digits from 0 through 9 again. The hexadecimal numeric system follows this same concept, but uses 16 digits (0 through F) as shown in the figure below. Three methods are used to indicate that a value is hexadecimal number and not a decimal number.
- The hexadecimal number can be preceded by a 0x as in 0x10;
- The hexadecimal number can be followed by an h subscript as in 10h; or
- The term hex can be used to indicate a hexadecimal number as in hex 10.
There are two methods that you can use to convert decimal numbers to hexadecimal numbers. You can either convert decimal to binary and then from binary to hexadecimal; or you can divide the decimal number by 16; the residual is the rightmost bit. Then keep dividing until the result is no longer divisible by 16. For example, to convert decimal number 1000 to hexadecimal first divide 1000 by 16. This gives us the resultant 62 with a residual of 8. The residual 8, which is 8h, is our right most digit. Now take the resultant 62 and divide it by 16 again. This gives us the resultant 3 with a residual of 14. The residual 14, which is Eh, becomes our next right most digit. The resultant 3, which is 3h, is not divisible by 16 therefore it becomes our next right most digit. Thus, the hexadecimal number for the decimal number 1000 is 3E8h.
To convert a hexadecimal number to a decimal number, you must multiply the decimal value of each digit by 16 to the power n-1 where n is the position of the digit from right to left, and add the resultant decimal values. Thus, to convert 3E8h to decimal, we would take the third right most digit, 3h, and convert it to its decimal equivalent, which is 3. We would then multiply 3 by 162 which would give us 768. Next, we would take the second right most digit, Eh, and convert it to its decimal equivalent, which is 14. We would then multiply 14 by 161 which would give us 224. Next, we would take the right most digit, 8h, and convert it to its decimal equivalent, which is 8. We would then multiply 8 by 160 which would give us 8.
Hexadecimal |
Decimal Value |
0 |
0 |
1 |
1 |
2 |
2 |
3 |
3 |
4 |
4 |
5 |
5 |
6 |
6 |
7 |
7 |
8 |
8 |
9 |
9 |
A |
10 |
B |
11 |
C |
12 |
D |
13 |
E |
14 |
F |
15 |
Hexadecimal to Decimal Values
Note: Any number raised to the exponential value of 0 (as in 160) equals 1. Thus, 160 is equal to 1 and 8x160 is the equivalent of 8x1.
Finally, we would add the three resultant values: 768, 224 and 8, which would give us 1000.
3.3.4 IP version 6
Note: IPv6 will be covered in more detail in section 10, but a brief overview will be provided here.
IPv4 has a number of disadvantages. The two most important disadvantages is the limited address space, with public IPv4 addresses are becoming scarce; and the lack of built-in security. Instead, security for IPv4 is provided by the use of IPSec. However, IPSec is optional for IPv4 implementations. Because an application cannot rely on IPSec being present to secure traffic, an application might resort to other security standards or a proprietary security scheme.
These and other issues prompted the Internet Engineering Task Force (IETF) to begin the development of IPv6 that would replace IPv4, solve the problems of IPv4, and be extensible to solve additional problems in the future. The IPv6 specification is defined in RFC 2460. Other RFCs that describe IPv6 specifications are 2373, 2374, 2461, 2462, and 2463.
IPv6 offers a number of advantages over IPv4.
The IPv6 address field is 128 bits long - a significant increase from 32-bits IPv4 address field, and thus provides a larger address space.
IPv6 has built-in support for IPSec and thus offers better security.
IPv6 provides a new header format that is streamlined to minimize overhead and provide more efficient processing while crossing intermediate routers.
All the option fields and any other fields in the header that are not required for routing are placed after the IPv6 header.
The IPv6 header also added more Quality of Service (QoS) support by adding Flow Label fields that provide special handling for a series of packets that travel between a source and destination.
IPv6 also provides Neighbor Discovery (ND), which is a set of process and messages that are used in an IPv6 environment to identify relationships between neighboring nodes. This allows hosts to discover routers on the same segment, addresses, and address prefixes. With ND, hosts can also resolve neighboring nodes and determine when the MAC address of a neighbor changes. This is similar to ARP in IPv4.
ND provides the process for address autoconfiguration, which provides for the dynamic assignment of IPv6 addresses and is referred to as stateless address configuration. In the absence of a stateful address configuration server, such as a DHCP version 6 (DHCPv6) protocol server, ND provides a complex process that allows each interface to use router advertisement messages to define an IPv6 address, and then subsequently ensure the uniqueness of the selected address. However, the standards for DHCPv6 and IPv6 stateful addressing are still under development.
The new routing structure provides a hierarchical addressing and routing structure that includes a global addressing scheme. Global addresses are the equivalent of public IPv4 addresses and are accessible over the Internet.
The global addressing scheme defines new ways to summarize global addresses to facilitate smaller routing tables on the Internet backbone, thus improving the efficiency and performance on the Internet.
3.3.4.1 IPv6 Address Representation
The IPv6 addressing architecture is defined in RFC 2373. IPv6 addresses are 128-bits long with the first 64 bits defining the network address and the last 64 bits defining the host address. An IPv6 address consists of eight 16-bit sections and is represented in hexadecimal format. Each 16-bit section is separated by a colon.
An example of a full IPv6 address is FE36:0000:0000:36F0:0000:0000:004B:04B0. All leading 0s do not need to be represented while all 0 16-bit sections can be compressed to 0. Multiple 16-bit sections of 0s can be represented with a :: symbol, which can appear only once in the number. Thus
FE36:0000:0000:36F0:0000:0000:004B:04B0 can be shortened to FE36:0:0:36F0::4B:4B0 or FE36::36F0:0:0:4B:4B0
In a mixed IPv4 and IPv6 environment, addresses can be represented by six hexadecimal 16-bit sections that are concatenated with the dotted-decimal format.
3.3.4.2 Allocated IPv6 Addresses
The leading bits of an IPv6 address can define the address type. These leading bits are of variable length and are called the format prefix (FP). The table below shows some allocations of some prefixes.
IPv6 Prefix Allocations
Prefix | Allocation |
---|---|
00 |
Unspecified, looback, IPv4-compatible |
2 or 3 |
Aggregatable global unicast address |
FE8 |
Link-local unicast addresses |
FEC |
Site-local unicast addresses |
FF |
Multicast addresses |
Note: IPv6 supports unicast addressing, which identifies a single IP host; anycast addressing, which identifies a set of IP hosts and delivers the transmitted packet to nearest of these hosts; and multicast addressing, which identities a set of hosts who can choose to receive the packet or not. IPv6 does not support broadcast addressing and has no broadcast address. IPv6 uses "all-nodes" multicast instead.
To convert a hexadecimal number to a decimal number, you must multiply the decimal value of each digit by 16 to the power n-1 where n is the position of the digit from right to left, and add the resultant decimal values. Thus, to convert 3E8h to decimal, we would take the third right most digit, 3h, and convert it to its decimal equivalent, which is 3. We would then multiply 3 by 162 which would give us 768. Next, we would take the second right most digit, Eh, and convert it to its decimal equivalent, which is 14. We would then multiply 14 by 161 which would give us 224. Next, we would take the right most digit, 8h, and convert it to its decimal equivalent, which is 8. We would then multiply 8 by 160 which would give us 8.
Finally, we would add the three resultant values: 768, 224 and 8, which would give us 1000.
3.3.4.3 Classfull IP Addresses
IP addresses are divided in to ‘classes', based on the decimal value represented in the first octet. This class definition is referred to as the First Octet Rule. There are five classes of IP addresses: classes A, class B, class C, class D; and class E, but only class A, B and C addresses are used to identify devices connected to the Internet. Class D addresses are used for multicasting, and Class E addresses are reserved for experimental use. The subnet mask is related to the IP address class. Thus, once the IP address class is known, the default routing mask is also known. The IP address classes and their related subnet masks are:
Class A addresses range from 0.0.0.0 through 126.255.255.255 and use a default subnet mask of
255.0. 0.0. In Class A addresses, the first octet is used as for the network ID while the last three octets are used for the host ID. In other words, the first 8 bits of the subnet mask are all is, hence a subnet mask of
255.0. 0.0. As a result, networks that use Class A addresses can theoretically support a maximum of 256 networks and 16,777,216 (224) hosts, however, the first and the last address cannot be used. The first address is the network address and the last address is the broadcast address. For example, a network with an IP address of 10.10.11.12 has a network ID of 10.0.0.0, the fist address, and a broadcast address of
10.255.255.255, the last address. Thus networks with a Class A IP address space can support a maximum of 254 networks (28-2) and 16,777,214 hosts (224-2). Consequently, Class A addresses are used for a few networks with a very large number of hosts on each network.
Class B addresses range from 128.0.0.0 through 168.255.255.255 and 170.0.0.0 through
191.255.255.255. These addresses use a default subnet mask of 255.255.0.0. In Class B addresses, the first two bits are used as for the network ID while the last two bits are used for the host ID. As a result, networks that use Class B addresses can support a maximum of 65,534 networks (216-2) and 65,534 hosts. Consequently, Class B addresses are used for a reasonable number of medium sized networks.
Note: IP addresses with a first octet of 127, i.e. 127.0.0.0 through 127.255.255.255 do not fall in either the Class A address range or the Class B address range. IP addresses that have a first octet of 127 are reserved for diagnostics purposes.
Note: The IP address range of 169.0.0.1 through 169.253.255.254 has been reserved by InterNIC for future use.
Class C addresses range from 192.0.0.0 through 223.225.225.225 and default subnet mask of
255.255.255.0. In Class C addresses, the first three bits are used as for the network ID while only the last bit is used for the host ID. As a result, networks that use Class C addresses can support a maximum of 16,777,214 networks and 254 hosts. Consequently, Class C addresses are used for a large number of networks with a relatively small number of hosts on each network.
Class D addresses are in the range 224.0.0.0 through 239.255.255.255. These addresses are reserved for multicast transmissions.
Class E addresses are in the range 240.0.0.0 through 254.255.255.255. These addresses are reserved for experimental use.
3.3.4.4 Classless Interdomain Routing (CIDR)
Class-based IP addressing is fairly rigid. Thus, a small company with 50 hosts that wants to connect to the Internet would need a Class C address. However, a Class C address range supports 253 hosts; therefore 203 addresses would be wasted. Similarly, a company with 4,000 hosts would require a Class B address to connect to the Internet. A Class B address can support up to 65,023 hosts, resulting in 61,023 addresses being wasted. This problem can be overcome by extending the default subnet mask by adding more continuous is to it. The result is that the network can support less hosts. Thus, the company that has 4,000 hosts would use a Class B address with a subnet mask of 255.255.240.0. This is achieved by extending the subnet mask by 4 bits so that the first 20 bits represent the network ID and 12 bits only represent the host ID. Thus the address range now supports only 4,094 hosts, representing a loss of only 94 addresses. We can calculate the number of hosts supported by using the formula: 2n-2 where n is the number of bits used for the host ID. We need to subtract 2 addresses: the network address and the broadcast address. In this example, 12 bits are used for the host ID. Thus using the formula we can see that this subnet mask supports 4,094 hosts (212-2).
This solves the problem of IP address allocation on the internet but presents a problem for routing tables, as the routing table cannot determine the subnet mask on the basses of the IP address class. Hence a different format of representing the IP address and its subnet mask is required. This format is called the Classless
Interdomain Routing (CIDR) notation. CIDR is in essence an adaptation of the Dotted Decimal Format and represents the subnet mask as a number of bits used for the network ID. This number of bits is indicated after the IP address by the number that follows the slash (/) symbol and is referred to as the prefix mask. For example, the CIDR notation IP address 140.12.26.128/20 has a prefix mask of /20, which indicates that the first 20 bits of the IP address is used for the subnet mask, i.e., the first 20 bits are all is. Thus, the subnet mask expressed in binary format is 11111111.11111111.11110000.00000000, being represented in dotted decimal format as 255.255.240.0. In addition, the routing protocols must send the mask with the routing update.
3.3.4.5 Subneting
The process of extending the default subnet mask creates a counting range in the octet that the subnet was extended into, which can be used to represent subnetworks. For example, when we extend the default Class B subnet mask to 255.255.240.0, we do so by extending the subnet mask by 4 bits into the third octet. The number of bits that the subnet mask is extended by represents a counting range for counting the number of subnetworks that new subnet mask can support, using the 2"-2 formula. Thus, the subnet mask 255.255.240.0 subnet mask can support 14 subnets (24-2). In other words, the 65,534 hosts supported by the default subnet mask can now be divided among 14 subnetworks. The number of IP addresses supported by each subnet is called an address range. To calculate the range of addresses for each subnet, we would take the decimal value for the last bit used for the subnet mask as the starting point for the first address in our subnetwork, and then increment that number for each subsequent subnet. In this octet the bit range would be 11110000. The last bit in the subnet mask would thus have a decimal value of 16 (00010000). Therefore the first IP address in the first subnet address range would be 140.12.16.1. The address ranges for the 14 subnets would be:
140.12.16.1 to 140.12.31.254 | 140.12.128.1 to 140.12.143.254 |
140.12.32.1 to 140.12.47.254 | 140.12.144.1 to 140.12.159.254 |
140.12.48.1 to 140.12.63.254 | 140.12.160.1 to 140.12.175.254 |
140.12.64.1 to 140.12.79.254 | 140.12.176.1 to 140.12.191.254 |
140.12.80.1 to 140.12.95.254 | 140.12.192.1 to 140.12.207.254 |
140.12.96.1 to 140.12.111.254 | 140.12.208.1 to 140.12.223.254 |
140.12.112.1 to 140.12.127.254 | 140.12.224.1 to 140.12.239.254 |
Note: The IP address range for each subnet beginning with a 1, as in 140.12.16.1 or 140.12.32.1 and not 140.12.16.0 or 140.12.32.0 as this would be the first address in the subnetwork, and would therefore be the network address. Similarly, the last address in the range ends in 254 and not 255 as the last address would be the broadcast address.
3.3.4.6 Variable-Length Subnet Masks
CIDR is used within the Internet. Its counterpart within an organization is the Variable-length subnet mask (VLSM). Like CIDR, VLSM allows you to allocate the required host bits on a granular basis. In other words, it allows you to provide only the bits required to address the number of hosts on a particular subnetwork. Like CIDR, VLSM requires a routing protocol that supports the sending of the subnet mask in its updates. The routing protocols that support VLSM are: RIPv2; OSPF; IS-IS; EIGRP; and BGP-4. The routing protocols do not support VLSM are: RIPv1; IGRP; and EGP.
3.3.5 Summarization and Discontiguous Networks
Summarization, which is also called supernetting, is the process of combining networks to save routing table entries. In other words, it represents of a series of networks in a single summarized network address. At the top of the hierarchical design, the subnets in the routing table are more generalized. The subnet masks are shorter because they have aggregated the subnets lower in the network hierarchy. These summarized networks are often referred to as supernets, particularly when seen in the Internet as an aggregation of class addresses. They are also known as aggregated routes. The summarization of multiple subnets within a few subnets has several advantages including: reducing the size of the routing table; simplifying the recalculation of the network as the routing tables are smaller; network overhead scalability; and hiding network changes.
All routing protocols employ summarization. RIP and IGRP automatically summarize at the NIC or natural class boundary as the subnet mask is not sent in the routing updates. When a routing update is received, the router checks if it has an interface in the same class network. If it has one, it applies the mask configured on the interface to the incoming routing update. With no interface configured in the same NIC network, there is insufficient information and the routing protocol uses the first octet rule to determine the default subnet mask for the routing update.
Both EIGRP and Open Shortest Path First (OSPF) send the subnet mask along with the routing update. This feature allows the use of VLSM and summarization. When the routing update is received, it assigns the subnet mask to the particular subnet. When the routing process performs a lookup, it searches the entire database and acts on the longest match, which is important because it allows for the granularity of the hierarchical design, summarization, and discontiguous networks.
A discontiguous network is a network in which a different NIC number separates two instances of the same NIC number. This can happen either through intentional design or through a break in the network topology. If the network is not using a routing protocol that supports VLSM, this will create a routing problem because the router will not know where to send the traffic. Without a subnet mask, a routing protocol that supports VLSM resolves the address down to the NIC number, which appears as if there is a duplicate address. This will incorrectly lead to the appearance of intermittent connectivity symptoms.
If there are discontiguous networks in the organization, it is important that summarization is turned off or not configured. Summarization may not provide enough information to the routing table on the other side of the intervening NIC number to be capable of appropriately routing to the destination subnets, especially with EIGRP, which automatically summarizes at the NIC boundary. In OSPF and EIGRP, manual configuration is required for any sophistication in the network design. However, because EIGRP can perform summarization at the interface level, it is possible to select interfaces that do not feed discontiguous networks for summarization.
If summarization is not possible, you can either turn summarization off and understand the scaling limitations that have now been set on the network or you can readdress the network.