IP-basics | Ipv4/6

anchored to [[143.00_anchor]]

#Study #Network

This denotes the first lesson of the internet praktikum where we were discussing the basics of networking and how systems are communicating between networks.

TCP / IP Model

With the TCP-IP model we introduce a stack of 5 layers to describe different services / areas within networking.

Specifically those are defining protocols, operations, and allow to abstract over those layers - meaning that all upper layers depend on the interface provided by the ones below.

-> They build onto each other

Specifically we denote 5Layers here:

  1. Physical Layer
  2. Data Link Layer
    • interface for allowing communication between systems on a physical level --> MAC-Addresses that are unique to each physical device are given here
  3. Network Layer
    • layer to provide routing of packets between networks - routers and systems - --> logic on how to send a packet from a to b
  4. Transport Layer
    • provides either TCP / UDP to allow End-To-End Transmission between two hosts
  5. Application Layer
    • contains applicationspecific information - given by program that needs to be transported from system to system

With defined structure above we can then take a look at the strucutre of a packet sent through the network:

Pasted image 20240226170811

With given image what can we denote regarding transport of a packet for some application? Benefits? #card

We abstract and are encapsulating the uppermost packet with every information required for the lower parts one by one. That way they are all independent of each other and making it easier for us to build / adapt the communication.

The structure of such Payload will simply hold additional information the further we go down in the layers:

Pasted image 20240226171055 We also call this a Payload Data Unit - PDU

Addresses and routing

We need a way to address systems / computers within a network to allow them to communicate accordingly. We can define two different sets of addresses that will help us with networks!


[!Information] MAC-Addresses which layer, whats their purpose? #card

MAC-Addresses are used to identify a network interface - nic - and are mostly unique.

They consist of 48Bit where the first 24 Bit are usually denoting the Organizationally unique identifer --> who manufactured this interface

Important to note:

  • those mac-addresses are not bound to region or similar, they are purely unbound to anything

--> This also introduces the issue with these, and why they dont suffice for networking what exactly is creating an issue here? #card

  • If we were to route packets globally we would require some identifier to denote a location --> like saying aa this belongs to network X but we don't have any linking / correlation between such information so its not possible

Hence we require something on another layer - above:

IP-Addresses | L3

Now to enable us to communicate outside of the own network and to connect different networks together we require the IP - Internet Protocol.

[!Definition] IP _what are traits of this protocol, what does it enable, how? #card

The IP protocol gives the following traits:

  • connectionless communication -> no setup in establishing a communication involved
  • Packet Switching -> splitting up a large chunk of data into smaller pieces to send them. Might be necessary to allow sending large files over a connection that does not allow those larges packets completely --> splitting them up is required!
  • its not reliable
    • error correction not deployed
    • loops are possible during connection
    • ip cannot fix issue of layer 2
  • ICMP to indicate issue
    • echo / ping
    • TTL exceeded
  • No flow control

We divide into Ipv4 and Ipv6

We may take a look at a datagram of a IPV4 packet: Pasted image 20240226172854 explain the given fields briefly #card

  • total length -> size of packet
  • Flags -> to denote whether to fragment the packet or not
  • offset -> denote where the received data fits into a fragmented packet ( like pos 2 of 1,2,3,4)
  • src addr / dest addr
  • Options -> IP options defined

ICMP - Internet Control Message Protocol

[!Definition] What is ICMP used for? #card

In case of errors / failures during transmission ICMP allows us to indicate / signal those errors for the following issues:

  • dest unreachable
  • echo request / reply -> ping
  • TTL exceeded
  • ... some additional ones

Pasted image 20240226173156

Its send after a request --> so only issued by a request not send itself

IPv4 Address Structure

With IPV4 we have 32 bits available. what are we grouping those into? #card We divides those into two groups: Subnet-Prefix and Host-Identifier ( well technically also Network identifier, but Network-identifer + Subnet-identifier are equal to the subnet prefix )

[!Tip] Hosts in same subnet #card

Hosts in the same subnet can reach each other without any routing necessary ( no extra router necessary).

Communication between neighbours

Now with the given addresses of layer 3 we would like to establish a way to communicate between hosts in a local network.

For that we have to somehow match the unique identifier of an interface - MAC-Address - with the ip-address defined in the local network.

Introducing ARP:

ARP - Address Resolution Protocol (v4)

Arp is rather simple in its structure: how does it work? #card

A given host is frequently querying whom a given ip-address is belonging to on the broadcast channel of the network This packet is sent to all attached devices and the one matching the ip will then respond to the given device that issued the request. So we have the following structure: HOST_X -> Who has Ip X.X.X.X HOST_Y -> does not answer, not its ip HOST_Z -> registers its being asked, sends back its MAC + IP via Broadcast or direct Unicast

Subnetting | Networks within Networks

For further insights about subnetting consult 143.06_subnetting

How are we defining a subnet? #card By using subnet-masks ( also 32 bits long) we can set a given range - denoted by 1 to be part of the subnet-identifier, whereas the rest is up for host-identifiers to fill.

How do subnet-masks work?

Consider a subnetmask of /24 -

If we take a look at some ip-address like and compare both address bitwise we will gather 192.168.20 as the subnet-identifier and 20 as the host id.

IT allows us to split an ip-address into different portions. For the example above that does not change much / is not really helpful but as soon as we get subnet-masks that "tower into an octet" of an address it an get difficult to easily identify which subnet this ip-address belongs to.

see also: notions_for_gdi

Classfull Addressing

Belows information are taken from here

--> Classful addressing is an IPv4 addressing architecture that divides addresses into five groups.

Prior to classful addressing, the first eight bits of an IP address defined the network a given host was a part of. This would have had the effect of limiting the internet to just 254 networks. Each of those networks contained 16,777,216 different IP addresses. As the internet grew, the inefficiency of allocating IP addresses this way became a problem. After all, there are a lot more than 254 organizations that need IP addresses, and a lot fewer networks that need 16.7 million IP addresses to themselves.

Simply put: we needed a way to more efficiently allocate addresses. In 1981, RFC791 and classful addressing came along to help solve that problem. With classful addresses, we went from just 254 available networks to 2,113,664 available networks. How?

How classful addressing works

Classful addressing divides the IPv4 address space ( into 5 classes: A, B, C, D, and E. However, only A, B, and C are used for network hosts. Class D, which covers the IP address range, is reserved for multicasting, and class E ( is reserved for “future use.”

The table below details the default network mask (subnet mask), IP address ranges, number of networks, and number of addresses per network of each address class.

IPv4 address
Number of
IPv4 Networks
Number of
IPv4 addresses
per network
IPv4 address range
A255.0.0.012816,777,2140.0.0.0 –
B255.255.0.016,38465,534128.0.0.0 –
C255.255.255.02,097,152254192.0.0.0 –

As we can see, Class A continues to use the first 8-bits of an address, and may be suitable for very large networks. Class B is for networks much smaller than Class A, but still large in their own right. Class C addresses are suitable for small networks.

What are the limitations of classful IP addressing?

While classful IP addressing was much more efficient than the older “first 8-bits” method of chopping up the IPv4 address space, it still wasn’t enough to keep up with growth.

As internet popularity continued to surge past 1981, it became clear that allocating blocks of 16,777,216, 65,536, or 256 addresses simply wasn’t sustainable. Addresses were being wasted in too-large blocks, and it was clear there’d be a tipping point where we ran out of IP address space altogether.

One of the best ways to understand why this was a problem is to consider an organization that needed a network just slightly bigger than a Class C. For example, suppose our example organization needs 500 IP addresses. Going up to a Class B network means wasting 65,034 addresses (65,534 usable Class B host addresses minus 500). Similarly, if it needed just 2 public IP addresses, a Class C would waste 252 (254 usable addresses – 2).

Any way you look at it, IP addresses under the IPv4 protocol were running out, either through waste or the upper limits of the system.

The Issue with Classful IP Addresses

(taken from here)

The main issue with classful IP addresses is that it wasn't efficient, and could lead to a lot of wasted IP addresses.

For example, imagine that you're part of a large organization back then. Your company has 1,000 employees, meaning that it would fall into class B.

But if you look above, you'll see that a class B network can support up to 65,534 usable addresses. That's way more than your organization would likely need, even if each employee had multiple devices with a unique address.

And there was no way your organization could fall back to class C – there just wouldn't be enough usable IP addresses.

So while classful IP addresses were used around the time IPv4 addresses became widespread, it quickly became clear that a better system would be necessary to ensure we wouldn't use up all of the ~4.2 billion usable addresses.

Classful IP addresses haven't been used since they were replaced by CIDR in 1993, and are mostly studied to understand early internet architecture, and why subnetting is important.

To fix this issue of wasted potential addresses a way to dynamically set subnets and subnet-masks was constructed:

CIDR Classless Inter-Domain Routing

--> We want to be able to vary in ranges / balances of Ip-addressse available and subnet-possible according to needs one may encounter - housing student members as example here at #Netzak :

[!Definition] CIDR - Classless Interdomain Routing what does it enable? #card

Here we can now set subnets of abritrary length instead of the fixed classes definde ( by IANA )

Meaning that we can simply set the used subnet at the end of an address-range, like -> denoting subnetmask with 20 1-bits from left to right

IPv6 | cus v4 is too small

Since 199X it was apparent that the amount of addresses available with Ipv4 was not enough and thus needed an extension. This was now provided with Ipv6:

[!Definition] Ipv6 what are its traits? #card

128 Bit s for declaring an ip-address

Its denoted in 4 Hexadecimal in blocks of 8 divided by ":", multiple "0000" can be minimized to "::"

  • 0123:4567:89ab:cdef:0123:4567:89ab:cdef
  • abcd:0000:0000:0000:0000:0000:1234:5678 → abcd::1234:5678 there are no defined network classes -> still subnets! the header is different too ICMP -> ICMPv6 DHCP -> DHCPv6 ARP -> NDP

For a good overview - made by Ripe - consider the following file ripe_ipv6-address-types

The following resources were provided during an internship - course at university of tuebingen

Relevant RFCs for IPV6 might be:

  • RFC3587 (2003): IPv6 Global Unicast Address Format (Obsoletes RFC2374) (Status: INFORMATIONAL)
  • RFC3769 (2004): Requirements for IPv6 Prefix Delegation (Status: INFORMATIONAL)
  • RFC4193 (2005): Unique Local IPv6 Unicast Addresses (Status: PROPOSED STANDARD)
  • RFC4291 (2005): IP Version 6 Addressing Architecture (Status: DRAFT STANDARD)

IPv6-Address shortening

[!Tip] Shortening IPv6 addresses, by leaving out blocks of 0:

In RFC3513 states that:

  • The use of :: indicates one or more groups of 16 bits of zeros.
  • The :: can only appear once in an address.
  • The :: can also be used to compress leading or trailing zeros in an address.

ARP alternative for IPv6 - NDP - Neighbor Discovery Protocol

in its core this system is similar to ARP but comes with some additional features that allows advertising to the router directly, checking reachability to neighbours - NUD - and further

See also DaaD or SLAAC that use these protocols - afaik.

with those information we can basically construct a network of participants and have them communicate somehow. How this is done and further spread across networks is covered here:

Ip-Address configuration

Consider a set of devices we want to construct / use to build a network.

There are two options - well actually only one is feasible and good in long term:

  • manual configuration
  • DHCP

Manual configuration

If we want to manually set ip-addresses we ought to define them somewhere.

[!Important] Important here:

there are no checks to tackle possible duplicate assignments meaning that by mistake we could set an ip-address for two devices which will break communication with them --> Happened at #Netzak some time ago where Reutlingen was shutdown for some hours

Furthermore its tedious - and requires knowledge about networks, so not feasible for most - because it ought to be added for each device manually.

Hence we have a better autonomous solution:

Dynamic configuration

Instead of setting ip-addresses for each device on our own we could instead use DHCP - Dynamic Host Control Protocol and an according server.

how does DHCP roughly work? #card

With DHCP we have a server that is managing a given range of ip=addresses that it will dynamically assign to requesting / participating devices. For that a new device is sending an DHCP-Request via Broadcast in the network where the DHCP-server is listening. Upon reception of a request it will check whether the device is known already - stored in its db - and either send an answer with the previous ip-address assigned or sending an offer for a new address to take. The recipient will listen for this response and send an acknowledgement if its taking this Ip-address. that is confirmed once more and now we have a new device within the network that is able to communicate with its assigned ip-address.

This works for IPv4 (DHCP) and also IPv6 (DHCPv6) For IPv6 however we have an alternative for automatically assigning addresses in a network:

-> SLAAC - Stateless Address Autoconfiguration Here the client is receiving a network-prefix (64bit) via ICMPv6 - via Router Advertisement and will then choose an identifier for the latter (64bit). Its testing against possible duplicates by using DaaD

More specific information this operation can be found here: 143.18_dhcp