The INTERNET PROTOCOL A Primer

Individual Assignment #1 - in partial fulfillment of the requirements for:

CSEC-610

Submitted by: Stephen M. Jaksec 27 Feb 11

INTERNET PROTOCOL - Introduction

TCP and IP were developed by a Department of Defense (DOD) research project to connect a number different networks designed by different vendors into a network of networks (the "Internet"). Several computers in a small department can use TCP/IP (along with other protocols) on a single LAN.

Why did this happen? [1] The scenario is simple. Years ago, the United Starts Army put out to bid requirements for specific computer hardware/software architectures. The Navy and Air Force was also competing their similar requirements. Interestingly enough, each branch went with a different vendor to fulfill their contract. Not until the Invasion of Grenada however was it realized that these disparate systems, owned and operated by the sister services of the Armed Forces did not speak to each other! The common thread however was the LAN infrastructure, and the decision was made to standardize how the traffic moves across that LAN, regardless of who the manufacturer was, or what language their particular hardware devices were speaking. The effort was on to build the roads and the addressing scheme that would let the data pass between these devices. Hence, TCP/IP was born. The Internet Protocol was developed to create a Network of Networks (the "Internet"). Individual machines are first connected to a LAN (Ethernet or Token Ring). TCP/IP shares the LAN with other uses (a Novell file server, Windows for Workgroups peer systems). One device provides the TCP/IP connection between the LAN and the rest of the world.
The main purpose of the IP Protocol is to deliver datagrams from one host to another on a network such as the Internet or a battlefield communications network. [12] TCP/IP was designed to be robust in order to sustain battlefield damage, therefore a TCP/IP network can automatically recover from any node or transmission line failure. One issue with the concept of automatic recovery however enables network problem to go undiagnosed and uncorrected for extended periods of time. This paper will discuss some of the basic knowledge concepts of the IP Protocol (hereby referred to as IP). In particular, we will discuss the concepts of how assets in a network are addressed using binary representation, how a network is defined by assigning masks that route those binary addresses to the correct network partitions and eventually to the end host. We will discuss different classes of network addresses as well as addresses that are reserved for private use, and will be visible to the Internet user population. This discussion will build the basis for understanding the concept of dialing the phone number for the machine you want to talk to on the other side of the world, and how that data traverses the network from point A to point B. TCP-IP is comprised of layers. We will concentrate on the IP layer. [12]
y

IP - is responsible for moving packets of data from node or machine to another. Node, Host and Machine can all be used interchangeably. node. IP forwards a packet based on a destination address known as the IP number. TCP - is responsible for verifying the correct delivery of data from client to server. TCP adds support to detect errors or lost data and to trigger retransmission until the data is correctly and completely received. Sockets refers to applications that provide access to TCP/IP on most systems.

IP was conceived as a method that enable the separate networks running different LAN architectures (such as CSMA/DC or Ethernet, Token-Ring etc.) to link together by a attaching the networks together logically and physically by the means of a specific device that provides the TCP/IP protocol suite functionality. In other words, larger networks could be linked together

around the world using routers. The trick now is to understand the addressing and routing scheme to get your childs picture successfully delivered to the grandparents laptop using a Wi-Fi link in a Starbucks 8,000 miles away. IP is a critical protocol because it allows the IP data packets known as datagrams to be assembled and transported across the network. IP is responsible for the addressing portion of the total message transmission, and does not assume the responsibility for ensuring successful delivery of the data to the distant host. What IP does do though, is to package the information needed in a datagram to layout the route. This is where the MapQuest route is put together based on the Start and End addresses that the user inputs! IP will designate the recipient of the message using 3 fields: 1. IP Address Field 2. Sub-Net Mask Field (this allows the network to determine what part of the long string of 1s and 0s make up the network address. Think of the network address as being the State portion of a mailing address. This will get the datagram letter routed to the correct portion of the network or city where the recipient resides. 3. Default Gateway Field (consider this to be the zip code portion of an address. You are now in the correct neighborhood). Further definitions (IP Address Field) actually are the house number and therefore complete the address. Just like you would expect on a normal letter, a datagram must include the destination and originating IP addresses, (the recipient and return address on an envelope). IP HEADERS Below is a diagram [12] which lays out the logical structure of what is referred to as an IP Header. The IP Header is actually made up of a series of contiguous fields. As you can see, the first field in the header is known as the Version field. Below is a brief definition of these fields.
IP as first developed had the inherent risk of eventually running out of IP Addresses, (or phone numbers). A new version of IP knows as IP Version 6, or IPv6, has re-allocated the same amount of bits in the IP Header to actually exponentially increase the amount of addresses that are available. Thats why the network has to know which addressing scheme (IPv4 or IPv6) is being used. The Version field denotes which version of IP is being used, IPv4 or IPv6. The version field is followed by the header length field, which provides the length of the header itself. The length is measured in 32-bit units (or words).

So as billions of bits and bytes traverse the Internet instantaneously, there has to be some logical means of breaking that flow of 1s and 0s into meaningful chunks of data. The means to assign some level of meaning to the data is to segment it into chunks of data. These chunks traversing the network are known as packets or datagrams. The most obvious method of controlling the flow of these packets is to make sure everyone on the network who has to look at these packets knows precisely when a packet starts, and how long its supposed to be. If you are armed with that knowledge, you can at least be assured that you will have the correct chunk of data in your hands, to now try to translate further. That chunk or datagram is therefore constructed of fields, each of which are a specified length, and refer to a particular network metric. This will make more sense as we identify the fields, their lengths, and the type of information they represent below [3].

y y

y y

y y y

Version ->(4 bits). as mentioned above this refers the particular version of IP being used. Version 4 or Version 6. Very important to know as each version will actually use the same digits to represent vastly different mailing addresses Header length -> (4 bits). this represents the number of 32-bit words that actually make up the IP Header. Service type -> (8 bits). the concept of service in IP can be construed as a level of importance or urgency that is assigned to this particular packet of data. In network terms, that concept is known as Quality of Service, or QoS. Simply stated, critical data regarding disaster or defense issues, or data from customers willing to pay for it, will be prioritized and pushed through the network at a faster, more efficient and possibly more secure rate? That is a very simplistic explanation. Total length ->(16 bits). indicates the total size of the datagram in bytes. By using this information, knowing the constant sizes of the other fields in the header, you can see how it would be possible to determine exactly where the data or payload would reside, and exactly how many bytes it should comprise. Identification - Flags - Fragment offsetting -> These fields enable a datagram or packet to be fragmented. TTL or Time to Live -> (8 bits). The time-to-live field is actually a hop counter. Each time the data unit traverses through a router, the router decrements this field by 1. The field originates with some value (maximum is 15, since 16 is considered as unreachable). The value is determined by the originating network, depending on the quality of service required by the data unit. When the time-to-live field reaches a value of zero, the data unit is discarded. Protocol -> (8 bits). The protocol field identifies the protocol contained in the data field. Each protocol related to TCP/IP is identified by a number in the standards. Header checksum ->(16 bits). this field can be thought of as the piece of special paper with the strategically-placed holes punched into it, that when placed over another piece of text, will reveal specific letters actually constituting a new message. That is not the best analogy, however suffice to say that through a long process of Boolean logic, the checksum field represents a very long binary number that gets calculated when the packet is being sent out. Later at the destination, or at check points along the way, the algorithm will be run again, and the result will be matched up against the original checksum. If the new checksum does not match exactly the original in the Header, it can be deduced that the datagram was corrupted at some point, the original message is not longer authentic, and the data will be discarded and resent. Source-IP address -> (32 bits). This is the actual address of the host sending the data packet out. The recipient uses that information to know who sent it the particular data it is processing. This is actually your laptops unique phone number in whatever network it may be attached to. Destination-IP address -> (32 bits). This is the same concept as above, however it is the IP Address of the host you are sending to.

ADDRESSES AS DOT-DECIMAL AND BINARY NUMBERS

Quite simply, in the example of using phone numbers as we know them to call someone else, which would be analogous to one laptop communicating with another laptop across the Internet or another IPbased network, it is important to know how those phone numbers are derived and translated. For simplicitys sake, assume that EVERY host or machine on a given network needs to have a unique phone number or IP ADDRESS. This number is actually a series of 1s and 0s, that can be translated depending on the template that is laid over the number, to identify the piece of the network, and the actual machine in question. Every laptop, mainframe, IP Phone etc. actually has a unique 32-bit address assigned to it. First, lets look at how an IP address is translated from binary to a decimal representation, which is what we know as an IP Address. With a combination of 32 ones and zeros in a given IP Address, we can determine that the total possible combinations, or hosts that can exist with unique address is 4,294,967,296. A huge number indeed, but now when you realize that every computer, pad device, smart phone, VoIP device, and telemetry device in the world requires an IP address. As we move forward, we are putting intelligence into appliances and metering devices, not just computers. EACH one of these devices has its own IP Address. That being said, the number of available addresses now appears to be woefully inadequate. Rest assured, this is being addressed by shifting the available number of 1s and 0s through the use of Sub-Netting, and Classing to ensure all devices can be addressed uniquely. If the concept of altering a set number of digits to address a larger number of users is not starting to present itself, consider this scenario and explanation. You have a city full of people with phones, but only 7 digits available in the phone network in which identify actual phones. With only 7 numbers, you can only call a total of 9,989,001 people. Consider the numbers to be 000-0000 through 999-9999, and every combination in between. Now, logic may state that you designate the first 3 numbers to a specific geographic area (network), and the last 4 to be a specific house. But what if you were able to move the - in that number, and you could designate each part of the number to be either the state or the house you were calling. Now you would see that you could call a smaller subset of states with a larger number of houses, i.e., New York, or a large number of states with a smaller number of total houses, i.e., several states in the Midwest. That exact concept is what is driving the move to a new addressing scheme in the world of IP. From IP version 4 to IP version 6. Quite simply, the dash has been moved 2 digits to allow for more combinations of states (networks) and houses (IP devices). Now we will look at the concept of using 32 consecutive 1s and 0s to indicate an almost limitless array of network/host combinations.

CONVERTING BINARY TO DIGITAL

A skill that needs to be developed if any at a basic level, is how to convert a single number, or 4 numbers put together with dots between them (i.e., an IP Address) into it binary equivalent. This is important to understand, because at the lowest level of all communications, there is a micro-chip receiving pulses of electricity in defined patterns with defined timing, and the pulses, or 1s and 0s are what is put together to make meaningful data. Binary by nature means 2. In communications, that means ON or OFF, or to make it visual, 1 or 0. IP groups these binary digits in groups of 8, and it calls that group of bits a Byte. You will soon see how the 256 possible combinations of 1s and 0s exist in an 8-bit Byte. Once you see that logic, you will see how those binary numbers get translated into the 256 decimal numbers, 0 through 256. [4] Below is a table, and the key to remember is that you always read it from left to right. In each box, there will either be a 1 or a 0. The value that each of those bits carries is noted above its box. So quite simply, the binary number 00000110 will translate to the decimal number 5.

So, in the example of IP Address 172.16.0.5, we will lay out the first Octet, which is 172. The term Octet is used, because it takes 8 bits, (8 actual 1s and 0s) to make that number. Starting from the left, 172 would include 128, with a remainder of 44 so put a 1 in position 8. right.. 44 would NOT include 64, so 0 in position 7. right. 44 WOULD include 33, so 1 in position 6, with a remainder of 12. right. 12 does not include 16, enter 0, move right, 12 WOULD include 8, with a remainder of 4, so enter 1 in position 4, right, 4 WOULD fit perfectly into 4, so enter a 1 into position 3 with a remainder of 0 right.. 2 and 1 do not go into 0, so enter 0 into the final 2 slots, and you now have the binary representation of decimal 172 which would be: 10101000 00010000 0000000 00000101 (spaces put in to show the separation of each octet).
172 16 0 5

The process uses the same logic, only in reverse to translate a decimal number to a binary number. In the example below, the task is to translate the decimal number 207 into its 32-bit (4 octet) representation. Using the same logic as above, start in column 8, row 3 and work left. Does 207 contain a 128. YES enter 1 in that column, get the remainder and work left. Too easy! To convert 207 to binary: 1. Start with the digit farthest to the left. Determine if the decimal value can be divided by it. Since it will go one time, put a 1 in row three of the conversion table under the 128 value and calculate the remainder, 79. 2. Since the remainder can be divided by the next value, 64, put a 1 in row three under the 64 value of the table. 3. Since the remainder cannot be divided by either 32 or 16, put 0s in row three of our table under the 32 and 16 values. 4. Continue until there is no remainder. 5. If necessary, use row four to check the work. As you can see, the binary representation of decimal number 207 = 11001111

Lets try reversing that logic and changing a binary number to decimal notation: 1. Enter the bits10111001 into the 3rd row. Now lets see what those bits represent. 2. If there is a 1 in a block, bring its decimal value down into row 4. Complete this for all 8 boxes. 3. Simply sum up the numbers making up row 4. 128+32+16+8 = 185 !

CLASSFUL IP ADDRESSES (CLASS A, B, C) As mentioned in the telephone number example earlier, the - in a phone number can be moved left of right which would result in less states but more houses, or more states with less houses. The same concept is in place for the IP Address field, which happens to be locked to 32-bits, of only 1s and 0s, vs. 7 digits in a phone number, which could actually be anything from 0 to 9. The concept stays the same however. So how do we take those 32 digits and make them represent different states or Unique Networks and Hosts? The answer is to first identify

something called CLASSES of networks. Quite simply, A, B and C. Consider each Class to be a phone number with the - in a different position. Class A addresses therefore allocate a vastly different combination of Network/Host combinations than a Class C address. Lets look closer how this is done. Lets look at the Network/Host combinations in each class: [12] Class A: 0xxxxxxx . xxxxxxxx . xxxxxxxx . xxxxxxxx Network
y

Hosts

Class A IP address, the first byte (left-most 8 digits out of the 32) => network.

The most significant bit is at zero which means that there are 27 or 128 network possibilities (00000000 to 01111111) . It is important to note that network (00000000) does not exist and number (01111111) 127 is reserved to indicate your machine. The networks available in class A are therefore networks ranging in addresses from 1.0.0.0 to 126.0.0.0 (The three bytes to the right represent the computers on the network, the network can therefore contain a number of computers equal to: 224-2 = 16,777,214 computers. Class B: 10xxxxxx . xxxxxxxx . xxxxxxxx . xxxxxxxx Network
y

Hosts

Class B IP address, the 2 most significant bytes represent the network.

The first two bits are 1 and 0, which means that there are 214 or 16,384 possible networks (10 000000 00000000 to 10 111111 11111111). The networks available in class B are therefore networks going from address 128.0.0.0 to 191.255.0.0. The 2 octets, or bytes that are at the right-most positions represent the number of computers that can possibly exist on this network. Therefore, these 2 bytes contain a combination representing: 216-21 = 65,534 computers.

Class C:

110xxxxx . xxxxxxxx . xxxxxxxx . xxxxxxxx Network Hosts

Class C IP address, the first three bytes represent the network.

The first three bits, 110, equal 221 which translates to 2,097,152 possible networks. The networks available in Class C are therefore networks going from address 192.0.0.0 to 223.255.255.0. The 1 octet, or byte that is at the right-most position (remember, only for a Class C network), represents the number of computers that can possibly exist on this network. Therefore, this byte

contains a combination representing: 28-21 = 254 computers. Summarization of Classes and Network/Host Allocations:

The formats of the fundamental address classes are illustrated below. [5]

PRIVATE IP ADDRESSES
We have discussed IP addresses and the different classes they any one of them may reside in. Now lets talk about the concept of Private IP Addresses. Devices may be connected in a LAN configuration, however may not be connected to the Internet. This may happen in a business or even in a home environment. In order for these machines to talk to each other however, they still need to be running network protocols, to include IP. If that is the case, each machine will indeed need a unique IP Address, unique only to its own organic network. The agencies that allocate IP addresses (just like the phone company allocates phone numbers) has reserved a series of IP addresses, to be used by anyone who is running an internal or private network, and thus does not have a need to have those IP addresses administered by the IANA (Internet Assigned Numbers Authority). An IP address that you may be using in your home network or business network that is isolated from the Internet could/should be assigned an IP address from the private pool. Private addresses fall within the three ranges shown below: Class A Private IP addresses: 10.0.0.1 to 10.255.255.254 This addressing scheme results in huge networks that consist of thousands or even millions of hosts Class B Private IP addresses: 172.16.0.1 to 172.31.255.254 - This addressing scheme results in medium sized private networks.

Class C Private IP addresses: 192.168.0.1 to 192.168.0.254 This addressing scheme results in small private networks, the type of which an ISP would hand out for your home use or for small to mediumsized business to use.

To put this into perspective, when you sign up for service with an Internet Service Provider at home or at work, the IP addresses that you are provided with are Public IP Addresses, and are therefore registered and known within the Internet . WHAT IS A SUB-NET MASK?

A sub-net mask is a series of bits, 1s and 0s, that are arranged in a fashion, that when laid against another address field, provides a template that will result in a specific output pattern, once the 2 fields have the Boolean Logical AND computed against them. [7] The Sub-Net Mask, or Netmask is 4 bytes in length (32 bits) with the bits separated by dots as you would see in a normal IP Address. The concept is that this mask will contain a 0 for any bit from the OTHER IP Address that the system does not want brought forth. In essence the 0s will cancel the originating 1 and that 1 will not be part of the new network address being composed. 1s in the mask will allow the corresponding 1 to filter through and help compose the new network addressing template. So, what is the purpose of a sub-net mask. Lets try this example. You decide to make spaghetti for dinner, however you have 3 kids, and they all want a different kind. Ancini de Pepe (very small little balls), elbows (a little larger), and rigatoni (big and square). Is there a way to make them all at once? Well, maybe, if you have 3 separate colanders, or masks. So if you can picture ALL the pasta in the pot, and you have 3 colanders with different sized holes, and you want to try to separate the pasta as best you can. Take the strainer with the smallest holes first, and you should get all the Ancini de Pepe to fall through, leaving the elbows and the rigatoni. Then get the slightly large strainer, and the elbows fall through, leaving the rigatoni. You have just applied 2 masks to the pot full of pasta IP addresses, and only let traffic you wanted through the bowl (network) it was intended for. So how do we put this into more technical terms? At the router or smart device level, all incoming packets are being analyzed. The router has the ability to turn data left, right, back or ignore it. Your router has a network behind it with hosts, that it owns and protects. It does not want to allow any traffic to go in that isnt supposed to enter its network. The router, is the bouncer standing at the door of your network. Instead of looking at drivers licenses or id cards, the router has a mask made up of 1s and 0s. The 1s apply to portions of data that allow you in. The 0s are portions that keep you out. Depending on the Class of the bar, or the network class, the mask may state that everyone, or only a very small amount of people are allowed in. You present your id that contains a combination of 32 ones and zeros, and the bouncer (router) places the mask that allows you in over top. If your 1s match up with the 1s on the ENTER template, you are allowed in to the Network Lounge. This is precisely what happens with IP. The masks can change depending on your network architecture and class. So we can say that the primary importance of a subnet mask is to enable the simple identification of the network associated to an IP address.

In the screenshot above, [10] the issue is: in todays environment, what part of this address denotes the network?. In fact, the network could be translated as 192 or 192.168 or even 192.168.101. We have now learned that the NETWORK is formulated by specific bytes in contained in the IP address: Class A 1 byte Class B 2 bytes Class C 3 bytes As an exercise, lets attempt to determine the network associated with: IP address 34.56.123.12 1. Apply a mask where the 1st byte is all 1s. 11111111 = 255 decimal. Then use 0s in all remaining bytes. Therefore: Netmask = 11111111.00000000.00000000.00000000 2. We can now make the determination, that the Netmask associated with the IP Address 34.56.123.12 = 34.208.123.12 ( represented in binary as 00100010.11010000.01111011.00001100 3. Now apply a Logical AND operation against the 2 addresses and remember to only carry through a 1 when it matches up against 1 from the Netmask. The result looks like this: 00100010.11010000.01111011.00001100 AND 11111111.00000000.00000000.00000000 = 00100010.00000000.00000000.00000000 NETWORK 34.0.0.0 SO WHY DID WE DO THIS? WHAT DOES IT GET ME? ANSWER - You can now accurately state that host 34.56.123.12 is assigned to Network 34.0.0.0 ! Since we know what bytes get all 1s for each class of network, we can now deduce the network mask for each type of network: CLASS A B C BYTES = to ALL 1s 1(left-most) 2 3 BIINARY MASK 11111111.00000000.00000000.00000000 11111111.11111111.00000000.00000000 11111111.11111111.11111111.00000000 DEC MASK 255.0.0.0 255.255.0.0 255.255.255.0

CONCLUSION: What we have learned here, is that the IP protocol, Is the Internet and other networks as FedEx, UPS and the US Postal Service is to letters travelling around the world. The mission of IP is to have standardized addressing and control fields that ensure the best opportunity for a letter to be delivered successfully at any point on earth, even if transmission paths may fail enroute. IP, just like UPS, delivers, it does not guarantee the accuracy of the information inside the envelope. The biggest dilemma to show itself to the I/T world has been the potential diminishment of available IP addresses to meet the data demands of devices worldwide. Through the use of masking and sub-nets, IP has managed to make billions more addresses available to the world by merely shifting some addressing bits through the use of masks. To understand the Internet, one must surely have a sturdy understanding of the IP protocol. The contents of the letter and the pretty writing on the envelope, and whether it got to its recipient by air, sea or land is irrelevant to IP. IP just ensures that the envelope has the correct address on it, and the correct return address in the event of failure. IP can send that envelope as many times as it needs to until grandma gets that picture.

Works Cited:
[1] Introduction to TCP/IP. Retrieved from http://www.yale.edu/pclt/COMM/TCPIP.HTM [2] Kozierok, C. (2005) The TCP/IP GUIDE - retrieved from http://www.TCPIPGuide.com [3] Russell, Travis, (1997) Telecommunications Protocols. McGraw-Hill Telecommunications [4] CCNA 1: Networking Basics v 3.1 - Lab 1.2.6 pp. 23-175. 2003, Cisco Systems Inc. [5] 3-COM Whitepaper. (2001). Understanding IP Addressing: Everything You Ever Wanted to Know

[6] TCP / IP - An animated discussion pt. 2 Retrieved from htttp://www.youtube.com/watch?v=_XH0VgoD5lQ&feature=related

[7] Fisher, T. Private IP Addresses. Retrieved from http://pcsupport.about.com/od/termsp/g/private-ipaddress.htm [8] subnetting IP addresses part 2 Retrieved from http://www.youtube.com/watch?v=gD5WkqNmb7

[9] subnetting IP addresses part 3. Retrieved from hhttp://www.youtube.com/watch?v=9_TioAloonI

[10] IP Addressing and Subnetting pt 2 . Retrieved from http://wwww.youtube.com/watch?v=FXKKSqutuDY

[11] subnetting IP addresses part 2. Retrieved from http://www. youtube.com/watch?v=gD5WkqNmb78

[12] The role of IP Protocol. Retrieved from http://en.kioskea.net/contents/internet/protip.php3