IP Addressing

Address types: physical (MAC address), network (IP address) and symbolic (DNS name)

Each computer on a TCP / IP network has three levels of addresses:

• The local node address, determined by the technology with which the separate network is built, to which this node belongs. For nodes entering local networks, this is the MAC address of the network adapter or router port, for example, 11-A0-17-3D-BC-01. These addresses are assigned by equipment manufacturers and are unique addresses, as they are managed centrally. For all existing technologies of local area networks, the MAC address has a format of 6 bytes: the upper 3 bytes is the manufacturer’s company identifier, and the lower 3 bytes are assigned uniquely by the manufacturer. For nodes that are members of global networks, such as X.25 or frame relay, the local address is assigned by the global network administrator.
• An IP address consisting of 4 bytes, for example, 109.26.17.100. This address is used at the network level. He is appointed by the administrator during the configuration of computers and routers. An IP address consists of two parts: a network number and a node number. The network number can be chosen arbitrarily by the administrator or assigned according to the recommendation of the special division of the Internet (Network Information Center, NIC), if the network is to operate as part of the Internet. Typically, Internet service providers receive address ranges from NIC units and then distribute them among their subscribers.

A node number in the IP protocol is assigned independently of the local address of the node. The division of the IP address into the field of the network number and the node number is flexible, and the boundary between these fields can be set quite arbitrarily. A node can belong to several IP networks. In this case, the host must have multiple IP addresses, according to the number of network connections. Thus, an IP address does not characterize a single computer or router, but a single network connection.

• Symbolic identifier-name, for example, SERV1.IBM.COM. This address is assigned by the administrator and consists of several parts, for example, the name of the machine, the name of the organization, the domain name. Such an address, also called a DNS name, is used at the application level, for example, in FTP or telnet protocols.

The three main classes of IP addresses

An IP address is 4 bytes in length and is usually written as four numbers representing the values ​​of each byte in decimal form and separated by dots, for example:

128.10.2.30 - traditional decimal form of address representation,

10000000 00001010 00000010 00011110 - the binary form of the representation of the same address.

Figure 3.1 shows the structure of an IP address.

Class A

Class B

Class C

Class D

Class E

Fig. 3.1. IP address structure

The address consists of two logical parts - the network number and the node number in the network. What part of the address refers to the network number, and which to the node number, is determined by the values ​​of the first address bits:

• If the address starts with 0, then the network is classified as Class A, and the network number is one byte, the remaining 3 bytes are interpreted as a node number in the network. Class A networks have numbers in the range from 1 to 126. (Number 0 is not used, and number 127 is reserved for special purposes, which will be discussed below.) In Class A networks, the number of nodes must be greater than 216, but not exceed 224.
• If the first two bits of the address are 10, then the network belongs to class B and is a medium-sized network with 28 to 216. In class B networks, the network address and the node address are allocated 16 bits each, that is, 2 bytes each.
• If the address starts with a sequence of 110, then this is a class C network with no more than 28 nodes. Under the network address, 24 bits are allocated, and under the node address, 8 bits.
• If the address starts with a sequence of 1110, then it is a class D address and means a special, multicast group address. If a class D address is specified as a destination address in the package, then such a package should receive all the nodes to which this address is assigned.
• If the address starts with the sequence 11110, then this is an E class address, it is reserved for future applications.

The table shows the ranges of network numbers corresponding to each class of networks.

Special address agreements: broadcast, multicast, loopback

There are several special IP address interpretation conventions in the IP protocol:

• if the IP address consists only of binary zeros,

then it indicates the address of the node that generated this packet;

• if the network numbers in the field are 0,

then by default it is considered that this node belongs to the same network as the node that sent the packet;

• if all bits of the IP address are 1,

then a packet with this destination address must be distributed to all nodes on the same network as the source of this packet. Such a broadcast is called a limited broadcast message (limited broadcast);

• if in the field of the destination address are solid 1,

then a packet having such an address is sent to all network nodes with a given number. Such a broadcast is called a broadcast message;

• The address 127.0.0.1 is reserved for providing feedback when testing the operation of the node software without actually sending the packet over the network. This address is called loopback.

The already mentioned multicast IP address form — multicast — means that the packet must be delivered to several nodes at once, which form the group with the number indicated in the address field. Nodes themselves identify themselves, that is, determine which of the groups they belong to. The same node can belong to several groups. Such messages, in contrast to broadcasting, are called multicast. The multicast address is not divided into the network and host number fields and is processed in a special way by the router.

In IP, there is no concept of broadcasting in the sense in which it is used in the data link layer protocols of local networks, when data must be delivered to absolutely all nodes. Both the limited broadcast IP address and the broadcast IP address have propagation limits on the intranet — they are limited to either the network to which the node belongs - the source of the packet, or the network whose number is specified in the destination address. Therefore, dividing the network with the help of routers into parts localizes the broadcasting storm outside one of the parts that make up the common network simply because there is no way to address a packet to all nodes of all networks of the composite network at the same time.

Mapping of physical addresses to IP addresses: ARP and RARP protocols

In the protocol, the IP address of the host, that is, the address of the computer or the port of the router, is arbitrarily assigned by the network administrator and is not directly associated with its local address, as is done, for example, in the IPX protocol. The approach used in IP is convenient to use in large networks both because of its independence from the local address format, and because of stability, since otherwise, if the network adapter changed on the computer, all the recipients of the worldwide Internet would have to take into account this change ( in that case, of course, if the network is connected to the Internet).

The local address is used in the IP protocol only within the local network when data is exchanged between the router and the node of this network. A router, having received a packet for a node of one of the networks directly connected to its ports, must create a frame to transmit a packet in accordance with the requirements of technology adopted in this network and indicate in it the local address of the node, for example its MAC address. In the incoming packet, this address is not specified, therefore, the router faces the task of searching for it by the known IP address, which is specified in the packet as the destination address. The end node also faces a similar task when it wants to send a packet to a remote network through a router connected to the same local network as this node.

The address resolution protocol Address Resolution Protocol (ARP) is used to determine the local address by IP address. ARP protocol works in a different way depending on which data link protocol on this network — the local area network protocol (Ethernet, Token Ring, FDDI) with the ability to broadcast access to all network nodes simultaneously, or the wide area network protocol (X.25, frame relay), generally not supporting broadcast access. There is also a protocol that solves the inverse problem — finding an IP address at a known local address. It is called reverse ARP - RARP (Reverse Address Resolution Protocol) and is used when starting diskless stations that do not know their IP address at the initial moment, but who know the address of their network adapter.

In local area networks, ARP protocol uses broadcast frames of the data link layer protocol to search the network for a node with a specified IP address.

The node that needs to perform the mapping of the IP address to the local address generates an ARP request, inserts it into the link layer protocol frame, specifying the known IP address, and broadcasts the request. All nodes on the local network receive an ARP request and compare the IP address specified there with their own. If they coincide, the node generates an ARP response, in which it indicates its IP address and its local address and sends it already sent, as in the ARP request the sender indicates its local address. ARP requests and responses use the same packet format. Since local addresses can have different lengths in different types of networks, the format of an ARP packet depends on the type of network. Figure 3.2 shows the format of an ARP packet for transmission over an Ethernet network.

0 8 16 31

Fig. 3.2. ARP protocol packet format

The network type field for Ethernet networks indicates the value 1. The protocol type field allows using ARP packets not only for the IP protocol, but also for other network protocols. For IP, the value of this field is 0800 ₁₆ .

The length of the local address for the Ethernet protocol is 6 bytes, and the length of the IP address is 4 bytes. In the operation field for ARP requests, the value 1 is specified for the ARP protocol and 2 for the RARP protocol.

The host sending the ARP request fills all the fields in the packet, except for the field of the local address sought (for the RARP request, the IP address you are looking for is not specified). The value of this field is populated with a host that identifies its IP address.

In global networks, the network administrator most often has to manually create ARP tables in which he sets, for example, the corresponding IP address to the address of an X.25 network node, which has the meaning of a local address. Recently, there has been a tendency to automate the operation of the ARP protocol in global networks. For this purpose, among all routers connected to a global network, a special router is allocated, which maintains an ARP table for all other nodes and routers of this network. With this centralized approach for all nodes and routers manually, you only need to set the IP address and the local address of the dedicated router. Then each node and router registers its addresses in a dedicated router, and if it is necessary to establish a correspondence between the IP address and the local address, the node addresses the selected router with a request and automatically receives a response without the administrator's participation.

Mapping symbolic addresses to IP addresses: DNS service

A DNS (Domain Name System) is a distributed database that supports a hierarchical name system for identifying nodes on the Internet. DNS is designed to automatically search for an IP address using a well-known symbolic host name. The DNS specification is defined by RFC 1034 and 1035 standards. DNS requires a static configuration of its tables that map computer names to an IP address.

The DNS protocol is the application layer service protocol. This protocol is asymmetric — it defines DNS servers and DNS clients. DNS servers store part of a distributed database of symbolic names and IP addresses. This database is distributed across the administrative domains of the Internet. The clients of the DNS server know the IP address of the DNS server of their administrative domain and transmit a request via the IP protocol in which they report a known symbolic name and ask to return the corresponding IP address.

If the data on the requested match is stored in the database of this DNS server, then it immediately sends a response to the client, if not, then it sends the request to the DNS server of another domain, which can process the request itself, or transfer it to another DNS server. All DNS servers are connected hierarchically, in accordance with the hierarchy of Internet domains. The client polls these name servers until it finds the correct mappings. This process is accelerated by the fact that name servers constantly cache information provided by requests. Client computers can use the IP addresses of several DNS servers in their work to increase the reliability of their work.

The DNS database has a tree structure, called a domain namespace, in which each domain (tree node) has a name and may contain subdomains. The domain name identifies its position in this database with respect to the parent domain, with the dots in the name separating the parts corresponding to the domain nodes.

The root of the DNS database is managed by the Internet Network Information Center. Top-level domains are assigned for each country, as well as on an organizational basis. The names of these domains must follow the ISO 3166 international standard. Three-letter and two-letter abbreviations are used to designate countries, and the following abbreviations are used for various types of organizations:

• com - commercial organizations (for example, microsoft.com);
• edu - educational (for example, mit.edu);
• gov - government organizations (for example, nsf.gov);
• org - non-profit organizations (for example, fidonet.org);
• net - organizations supporting networks (for example, nsf.net).

Each DNS domain is administered by a separate organization, which usually splits its domain into subdomains and transfers the administration functions of these subdomains to other organizations. Each domain has a unique name, and each of the subdomains has a unique name within its own domain. Domain name can contain up to 63 characters. Each host on the Internet is uniquely identified by its fully qualified domain name (FQDN) , which includes the names of all domains from host to root. An example of a full DNS name:

citint.dol.ru.

Automating the process of assigning IP addresses to network nodes - DHCP

As already mentioned, IP addresses can be manually assigned by the network administrator. This is a tedious procedure for the administrator. The situation is further complicated by the fact that many users do not have enough knowledge to configure their computers to work on the Internet and therefore must rely on administrators.

Dynamic Host Configuration Protocol (DHCP) was designed to relieve the administrator of these problems. The primary purpose of DHCP is to dynamically assign IP addresses. However, in addition to dynamic, DHCP can support more simple ways of manual and automatic static assignment of addresses.

In the manual procedure for assigning addresses, the administrator takes an active part, who provides the DHCP server with information about the correspondence of IP addresses to physical addresses or other client identifiers. These addresses are communicated to clients in response to their requests to the DHCP server.

With the automatic static method, the DHCP server assigns an IP address (and possibly other client configuration parameters) from the pool of available IP addresses without operator intervention. The boundaries of the pool of assigned addresses are set by the administrator when configuring the DHCP server. As in the case of a manual assignment, there is still a constant correspondence between the client ID and its IP address. It is set at the time of the initial assignment by the DHCP server of an IP address to a client. For all subsequent requests, the server returns the same IP address.

With dynamic allocation of addresses, the DHCP server issues the address to the client for a limited time, which makes it possible to subsequently reuse IP addresses by other computers. Dynamic separation of addresses allows you to build an IP network, the number of nodes in which far exceeds the number of available IP addresses for the administrator.

DHCP provides a reliable and easy way to configure a TCP / IP network, ensuring that address conflicts do not occur due to centralized management of their distribution. The administrator controls the process of assigning addresses using the lease duration parameter, which determines how long the computer can use the assigned IP address before requesting it again from the DHCP server for rent.

An example of how DHCP works can be when a computer that is a DHCP client is removed from a subnet. At the same time, the IP address assigned to it is automatically released. When a computer connects to a different subnet, it is automatically assigned a new address. Neither the user nor the network administrator intervenes in this process. This property is very important for mobile users.

DHCP uses a client-server model. Во время старта системы компьютер-клиент DHCP, находящийся в состоянии "инициализация", посылает сообщение discover (исследовать), которое широковещательно распространяется по локальной сети и передается всем DHCP-серверам частной интерсети. Каждый DHCP-сервер, получивший это сообщение, отвечает на него сообщением offer (предложение), которое содержит IP-адрес и конфигурационную информацию.

Компьютер-клиент DHCP переходит в состояние "выбор" и собирает конфигурационные предложения от DHCP-серверов. Затем он выбирает одно из этих предложений, переходит в состояние "запрос" и отправляет сообщение request (запрос) тому DHCP-серверу, чье предложение было выбрано.

Выбранный DHCP-сервер посылает сообщение DHCP-acknowledgment (подтверждение), содержащее тот же IP-адрес, который уже был послан ранее на стадии исследования, а также параметр аренды для этого адреса. Кроме того, DHCP-сервер посылает параметры сетевой конфигурации. После того, как клиент получит это подтверждение, он переходит в состояние "связь", находясь в котором он может принимать участие в работе сети TCP/IP. Компьютеры-клиенты, которые имеют локальные диски, сохраняют полученный адрес для использования при последующих стартах системы. При приближении момента истечения срока аренды адреса компьютер пытается обновить параметры аренды у DHCP-сервера, а если этот IP-адрес не может быть выделен снова, то ему возвращается другой IP-адрес.

В протоколе DHCP описывается несколько типов сообщений, которые используются для обнаружения и выбора DHCP-серверов, для запросов информации о конфигурации, для продления и досрочного прекращения лицензии на IP-адрес. Все эти операции направлены на то, чтобы освободить администратора сети от утомительных рутинных операций по конфигурированию сети.

However, the use of DHCP carries with it some problems. First, there is the problem of reconciling the information address database in DHCP and DNS. As you know, DNS is used to convert symbolic names to IP addresses. If the IP addresses are dynamically changed by the DHCP server, then these changes must also be dynamically made to the DNS server database. Although the dynamic interaction protocol between DNS and DHCP has already been implemented by some firms (the so-called Dynamic DNS service), the standard for it has not yet been adopted.

Secondly, the instability of IP addresses complicates the network management process. Management systems based on the SNMP protocol are designed with a view to the static nature of IP addresses. Similar problems arise when configuring filters of routers that operate on IP addresses.

Finally, centralizing the address assignment procedure reduces system reliability: if a DHCP server fails, all its clients are unable to obtain an IP address and other configuration information. The consequences of such a failure can be reduced by using multiple DHCP servers on the network, each of which has its own pool of IP addresses.