|
View: 10862|Reply: 38
|
Network Tutorial: Internet Protocol
[Copy link]
|
|
|
Internet Protocol Course - Outline
Below is outline of the lesson plan. Each lesson contains articles and other references that explain the basics of IP networking. We recommend completing these lessons in the order listed.
Lesson 1 - IP Address Notation
→ What IP addresses look like
→ Find your IP address on Windows 95/98/ME, Windows XP/2000/NT
→ Vocabulary - bits and bytes, octet
→ Extra credit - Who invented Internet Protocol?
Lesson 2 - Static and Dynamic IP Addressing
� → What is DHCP?
→ Release and renew your IP address on Windows 95/98/ME, Windows XP/2000/NT
→ Vocabulary - APIPA, ISP
→ Extra credit - About Windows Internet Connection Sharing
Lesson 3 - Network Naming for IP
→ Introduction to DNS
� → What is WINS?
→ Introduction to Ping
→ Vocabulary - DDNS, IANA, ICMP
→ Extra credit - What is the Ping of Death?
Lesson 4 - The IP Address Space
→ The IP address space
→ IP special and private addresses
→ IP network numbering
→ Vocabulary - LAN, WLAN, intranet
→ Extra credit - What is peer-to-peer networking?�
Lesson 5 - IP Subnetting
� → What is a subnet?
→ How to subnet (parts 1 and 2)
→ Vocabulary - router, CIDR
→ Extra credit - CIDR tutorial
Lesson 6 - IP and Hardware Addressing
→ Introduction to MAC addressing
→ Introduction to 'winipcfg'
→ Vocabulary - ARP, NAT
→ About home broadband routers
Lesson 7 - TCP/IP and Related Protocols
� → What is TCP/IP?
→ Introduction to UDP
→ What is FTP?
→ Vocabulary - protocol, HTTP
→ Extra credit - More about FTP clients, servers and tools
→ Extra credit -"TCP/IP Clearly Explained" (review)
Additional Reading
→ Introduction to sockets
→ Profile of an IP datagram
[ Last edited by Remy_3D on 25-2-2004 at 08:24 PM ] |
|
|
|
|
|
|
|
|
|
|
|
Lesson 1
IP Addresses, Classes, Subnets, CIDR, DNS - IPv4 and IPv6
The Internet Protocol - IP - was created in the 1970s to support early computer networking with the Unix operating system. Today, IP has become a standard for all modern network operating systems (NOS) to communicate with each other. Many popular higher-level protocols such as HTTP and TCP rely on IP.
Two versions of IP exist in production use today. Nearly all networks use IP version 4 (IPv4), but an increasing number of educational and research networks have adopted the next generation IP version 6 (IPv6).
IPv4 Addressing Notation
An IPv4 address consists of four bytes (32 bits). These bytes are also known as octets.
For readability purposes, humans typically work with IP addresses in a decimal notation that uses periods to separate each octet. For example, the IP address
00001010 00000000 00000000 00000001
usually appears in the equivalent dotted decimal representation
10.0.0.1
Because each byte is 8 bits in length, each octet in an IP address ranges in value from a minimum of 0 to a maximum of 255. Therefore, the full range of IP addresses is from 0.0.0.0 through 255.255.255.255. That represents a total of 4,294,967,296 possible IP addreses.
IPv6 Addressing Notation
IP addressing changes significantly with IPv6. IPv6 addresses are 16 bytes (128 bits) long rather than four bytes (32 bits). That represents more than
300,000,000,000,000,000,000,000,000,000,000,000,000
possible addresses! In the coming years, as an increasing number of cell phones, PDAs, and other network appliances expand their networking capability, this much larger IPv6 address space will probably be necessary.
IPv6 addresses are generally written in the following form:
hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh
In this notation, pairs of IPv6 bytes are separated by a colon and each byte in turns is represented as an equivalent pair of hexadecimal numbers, like in the following example:
E3D7:0000:0000:0000:51F4:9BC8:C0A8:6420
IPv6 addresses often contain many bytes with a zero value. Shorthand notation in IPv6 removes these values from the text representation (though the bytes are still present in the actual network address) as follows:
E3D7::51F4:9BC8:C0A8:6420
Finally, many IPv6 addresses are extensions of IPv4 addresses. In these cases, the rightmost four bytes of an IPv6 address (the rightmost two byte pairs) may be rewritten in the IPv4 notation. Converting the above example to mixed notation yields
E3D7::51F4:9BC8:192.168.100.32
[ Last edited by Remy_3D on 24-2-2004 at 06:09 AM ] |
|
|
|
|
|
|
|
|
|
|
|
Find your IP address on Windows 95/98/ME, Windows XP/2000/NT
Windows 95, Windows 98, or Windows ME.
Here's How:
1. Click the Start menu button on the Windows taskbar.
2. Click Run... on this menu.
3. In the text box that appears, type winipcfg. The "IP Address" field shows the IP address for the default network adapter. The "Adapter Address" field shows the MAC address for this adapter.
4. Use the drop-down menu near the top of the window to browse address information for alternate network adapters. Computers installed with VPN software or emulation software will possess one or more virtual adapters.
Tips:
1. Take care to read the IP address from the correct adapter. Virtual adapters generally show a private address rather than an actual Internet address.
2. Virtual adapters possess software-emulated MAC addresses and not the actual physical address of the network interface card.
Windows XP, Windows 2000, or Windows NT.
Here's How:
1. Click the Start menu button on the Windows taskbar.
2. Click Run... on this menu.
3. Type cmd in the text box that appears. A command prompt window launches on the desktop.
4. In this command window, type ipconfig /all. Details are shown for each of the computer's network adapters. Computers installed with VPN software or emulation software will possess one or more virtual adapters.
5. The IP Address field states the current IP address for that network adapter.
6. The Physical Address field states the MAC address for that adapter.
Tips:
1. Take care to read the IP address from the correct adapter. Virtual adapters generally show a private address rather than an actual Internet address.
2. Virtual adapters possess software-emulated MAC addresses and not the actual physical address of the network interface card. |
|
|
|
|
|
|
|
|
|
|
|
Vocabulary - bits and bytes, octet
Bits & Bytes:
A bit is a single numeric value, either '1' or '0', that represents a single unit of digital information. A byte is a sequence of bits; usually eight bits equal one byte.
For example, in network addressing, IP addresses contain 32 bits or 4 bytes. The bits encode the network address so that it can be shared on the network. The bytes divide the bits into groups. Consider the IP address 192.168.0.1, that is encoded with the following bits and bytes:
11000000 10100100 00000000 00000001
Bits are grouped into bytes to increase the efficiency of computer hardware, including disks and memory.
Octet:
Technically, an octet represents any eight bit quantity. By definition, an octet ranges in mathematical value from zero to 255. Typically an octet is also a byte, but the term octet came into existence because historically some computer systems did not represent a byte as eight bits.
In networking, an octet most commonly refers to any of the four bytes of an IPv4 address. In dotted-decimal notation, an IP address appears as follows -
[ octet ] . [ octet ] . [ octet ] . [ octet ]
for example
192 . 168 . 0. 1
Also Known As: byte |
|
|
|
|
|
|
|
|
|
|
|
Extra credit - Who invented Internet Protocol?
In May, 1974, the Institute of Electrical and Electronic Engineers (IEEE) published a paper titled "A Protocol for Packet Network Interconnection." The paper's authors -- Vinton Cerf and Robert Kahn -- described a protocol called "TCP" that incorporated both connection-oriented and datagram services.
It soon became apparent to the two men that this design should be subdivided into two separate protocols. Session management was not easy to do in an application-independent way. In practice, an application could sometimes run more efficiently or be implemented more easily when it managed network connections itself. "TCP" became Internet Protocol (IP) that supported datagrams and Transmission Control Protocol (TCP/IP) that added connection semantics as a layer on top of IP. |
|
|
|
|
|
|
|
|
|
|
|
Lesson 2
DHCP - Dynamic Host Configuration Protocol
DHCP allows a computer to join an IP-based network without having a pre-configured IP address. DHCP is a protocol that assigns unique IP addresses to devices, then releases and renews these addresses as devices leave and re-join the network.
Internet Service Providers (ISPs) usually use DHCP to allow customers to join the Internet with minimum effort. Likewise, home network equipment like broadband routers offers DHCP support for added convenience in joining home computers to the LAN.
DHCP environments require a DHCP server set up with the appropriate configuration parameters for the given network. Key DHCP parameters include the range or "pool" of available IP addresses, the correct subnet masks, plus gateway and name server addresses.
Devices running DHCP client software can then automatically retrieve these settings from DHCP servers as needed. Using DHCP on a network means system administrators do not need to configure these parameters individually for each client device. |
|
|
|
|
|
|
|
|
|
|
|
Release and renew your IP address on Windows 95/98/ME, Windows XP/2000/NT
Windows 95, Windows 98, or Windows ME.
Here's How:
1. Click the Start menu button on the Windows taskbar.
2. Click Run... on this menu.
3. Type 'winipcfg' (without the quotes) in the text box that appears. A new window appears on the screen. The "IP Address" field shows the current IP address for the default network adapter.
4. If the computer is holding a current IP address, click the Release button to let go of the address.
5. Click the Renew button to obtain a new IP address (whether or not the computer is holding a current address).
Tips:
1. If it is not necessary to view the current IP addresses on a computer, simply type 'winipcfg /release' or 'winipcfg /renew' (without the quotes) to save a step in the process.
2. To bring a computer back onto the network after moving it to a different location, or experiencing an unexpected outage, first release, then renew the IP address. Computers on DHCP networks often (but not always) re-establish network connectivity automatically.
Windows XP, Windows 2000, or Windows NT.
Here's How:
1. Click the Start menu button on the Windows taskbar.
2. Click Run... on this menu.
3. If the computer is holding a current IP address, type 'cmd' (without the quotes) in the text box that appears. A command prompt window appears on the screen.
4. Type 'ipconfig' (without the quotes) to view the status of the computer's IP address(es).
5. If the computer is holding a current IP address, type 'ipconfig /release' to let go of the address.
6. Type 'ipconfig /renew' to obtain a new IP address (whether or not the computer is holding a current address).
Tips:
1. If it is not necessary to view the current IP addresses on a computer, simply type 'ipconfig /release' or 'ipconfig /renew' (without the quotes) in the text box that appears in Step 3.
2. To bring a computer back onto the network after moving it to a different location, or experiencing an unexpected outage, first release, then renew the IP address. Computers on DHCP networks often (but not always) re-establish network connectivity automatically. |
|
|
|
|
|
|
|
|
|
|
|
Vocabulary - APIPA, ISP
APIPA:
A feature of Microsoft Windows, APIPA is a DHCP failover mechanism. With APIPA, DHCP clients can obtain IP addresses when DHCP servers are nonfunctional. APIPA exists in all popular versions of Windows except Windows NT.
When a DHCP server fails, APIPA allocates addresses in the private range 169.254.0.1 to 169.254.255.254. Clients verify their address is unique on the LAN using ARP. When the DHCP server is again able to service requests, clients update their addresses automatically.
In APIPA, all devices use the default network mask 255.255.0.0 and all reside on the same subnet.
APIPA is enabled on all DHCP clients in Windows unless the computer's Registry is modified to disable it. APIPA can be enabled on individual network adapters.
Also Known As: Automatic Private IP Addressing; AutoNet
Examples: Because APIPA uses IP addresses in the private Class B space, APIPA is a feature generally only useful on home or other small intranet LANs.
ISP:
An ISP is a company that provides Internet connectivity to home and business customers. ISPs choose what forms of access to provide customers, ranging from traditional modem dial-up to DSL and cable modem to T1/T3 lines.
Recently, ISP companies have begun to diversify and offer additional services besides Net access. These include email, Web site and database hosting, and Web site development services and tools.
Also Known As: Internet Service Provider, Internet Access Provider (IAP) |
|
|
|
|
|
|
|
|
|
|
|
Extra credit - About Windows Internet Connection Sharing
ICS allows a local network of Windows computers to share a single Internet connection. Microsoft developed ICS as part of Windows 98 Second Edition. The feature has been included as part of all subsequent Windows releases, but it is not available as a separate installable program.
ICS follows a client/server model. To set up ICS, one computer must be chosen as the server. The designated computer must support two network interfaces, one directly connected to the Internet and the other connected to the remainder of the LAN. In a traditional home dial-up network, for example, the server computer is directly connected to the modem.
When configured through Windows, the ICS server behaves as a NAT router, directing messages on behalf of multiple computers. ICS incorporates a DHCP server that allows clients to obtain their local addresses automatically rather than needing to be set manually.
Compared to hardware routers, ICS has the advantage of being included with the operating system so no additional purchase is required. On the other hand, ICS lacks many of the configuration options that hardware routers possess.
Also Known As: Internet Connection Sharing, Windows ICS |
|
|
|
|
|
|
|
|
|
|
|
Lesson 3
Introduction to DNS
Domain Naming and Registration with DNS
Though IP addresses allow computers and routers to identify each other efficiently, humans prefer to work with names rather than numbers. The Domain Name System - DNS - supports the best of both worlds.
DNS allows nodes on the public Internet to be assigned both an IP address and a corresponding name, called a domain name. For DNS to work as designed, these names must be unique worldwide. Hence an entire "cottage industry" has emerged around the purchasing of domain names in the Internet name space.
DNS Name Space
DNS is a hierarchical system. DNS organizes all registered names in a tree structure.
At the base or root of the tree are a group of top-level domains including familiar names like com, org, and edu and numerous country-level domains like fi (Finland), ca (Canada), and bn (Brunei). One generally cannot purchase names at this level. However, in a well-publicized and controversial event in 2000, the island nation of Tuvalu agreed to receive a large payment in return for rights to the root domain tv.
Below this level are the second-level registered domains such as about.com. These are domains that organizations can purchase from any of numerous accredited registrars. For nodes in the com, org, and edu domains, the Internet Corporation for Assigned Names and Numbers (ICANN) oversees registrations.
Below that, local domains like compnetworking.about.com are defined and administered by the overall domain owner. DNS supports additional tree levels as well. The period ('.') always separates each level of the hierarchy in DNS.
DNS Root Level and Other Servers
DNS is also a distributed system. The DNS database contains a list of registered domain names. It further contains a mapping or conversion between each name and one or more IP addresses. However, DNS requires a coordinated effort among many computers (servers); no one computer holds the entire DNS database. Each DNS server maintain just one piece of the overall hierarchy - one level of the tree and then only a subset or zone within that level.
The top level of the DNS hierarchy, also called the root level, is maintained by a set of 13 servers called root name servers. These servers have gained some notoriety for their unique role on the Internet. Maintained by various independent agencies, the servers are uniquely named A, B, C and so on up to M. Ten of these servers reside in the United States, one in Japan, one in London, and one in Stockholm, Sweden.
DNS Resolvers
DNS works in a client/server fashion. DNS servers respond to requests from DNS clients called resolvers. ISPs and other organizations set up local DNS resolvers as well as servers. Most DNS servers also act as resolvers, routing requests up the tree to higher-level DNS servers, and also delegating requests to other servers. DNS servers eventually return the requested mapping (either address-to-name or name-to-address) to the resolver.
DNS and DHCP
DNS was not designed to work with dynamic addressing such as that supported by DHCP. DNS requires that fixed (static) addresses be maintained in the database. Web servers in particular require fixed IP addresses for this reason. |
|
|
|
|
|
|
|
|
|
|
|
WINS - Windows Internet Naming Service
The Windows Internet Naming Service (WINS) supports name resolution, the automated conversion of computer names to network addresses, for Windows networks. Specifically, WINS converts NetBIOS names to IP addresses on a LAN or WAN.
Like DNS, the Windows Internet Naming Service employs a distributed client/server system to maintain the mapping of computer names to addresses. Windows clients can be configured to use primary and secondary WINS servers that dynamically update name/address pairings as computers join and leave the network. The dynamic behavior of WINS means that it also supports networks using DHCP.
Also Known As: Windows Internet Naming Service |
|
|
|
|
|
|
|
|
|
|
|
Introduction to Ping
"Ping" is a standard troubleshooting tool available on most network operating systems. A ping utility sends specially-marked packets from the local computer to a remote device. Besides determining whether the remote computer is currently "alive," ping also provides indicators of the general speed or reliability of the network connection.
Ping Basics
Operating systems like Microsoft Windows, Linux/UNIX, and NetWare supply a text-mode ping utility. These shell commands require only a single argument that specifies the host name or IP address of the target computer.
Taking Windows/DOS as an example, the following illustrates the results of pinging a responsive Web server.
C:\> ping www.google.com
Pinging google.com [64.208.34.100] with 32 bytes of data:
Reply from 64.208.34.100: bytes=32 time=210ms TTL=49
Reply from 64.208.34.100: bytes=32 time=211ms TTL=49
Reply from 64.208.34.100: bytes=32 time=200ms TTL=49
Reply from 64.208.34.100: bytes=32 time=201ms TTL=49
Ping statistics for 64.208.34.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 200ms, Maximum = 211ms, Average = 205ms
As shown, the default configuration of Windows ping sends four, 32-byte packets to the destination. Both of these parameters can be overridden on the command line, and in Windows the -t option causes packets to be sent indefinitely (until terminated by the user). On a few other systems, including Red Hat Linux, indefinite pings are the default.
Ping reports the percentage of packets acknowledged by the remote host. Typically this number will be 100% (as in the example above) or 0%. When an Internet host pings at 0%, this does not necessarily mean the server is "down" or unavailable. Internet Web servers especially may be configured to disregard ping requests for security purposes. The output of Windows ping in these cases looks like the following:
C:\> ping www.cnn.com
Pinging cnn.com [207.25.71.26] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 207.25.71.26:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
On intranets and other private LANs, ping can be an especially useful network diagnostic tool. One scenario that will result in a ping response rate of other than 0% or 100% occurs when a host is shutdown and leaves the network (or boots and joins the network) as shown below:
C:\> ping boswell
Pinging boswell [192.168.0.1] with 32 bytes of data:
Reply from 192.168.0.1: bytes=32 time=<10ms TTL=128
Reply from 192.168.0.1: bytes=32 time=<10ms TTL=128
Request timed out.
Request timed out.
Ping statistics for 192.168.0.1:
Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),
...
It is also possible for ping packets to be lost in transit, causing ping to report a host as unavailable when in fact it is available but unreachable. One cause of lost or dropped packets is extreme levels of traffic; in general, ping utilities will be unusable on heavily-loaded networks. Another cause of lost packets -- the "too many hops" or zero-TTL condition -- will be described later. |
|
|
|
|
|
|
|
|
|
|
|
Round Trip Time
Another interesting result from ping is round-trip time calculation. Measured in milliseconds, round-trip time indicates the delay between the sending of a ping request packet and the receipt of the corresponding response packet. The network delay or latency indicated by ping offers a good indicator of the responsiveness of network services on that remote host.
Multiplayer network gamers will be familiar with this statistic. Ping latency can dramatically affect the quality of play of Web-based games like Quake 3 and Unreal Tournament. In such environments, a latency of 100 milliseconds or less is most desirable but relatively difficult to achieve over dial-up connections; latency over 500 milliseconds can make one a sitting duck target!
Ping and Domain Names
When using host names with ping instead of IP addresses, one is relying on a network name service like DNS to translate that name into the address that ping eventually uses. However, name services can take time (anywhere from minutes to hours) to receive the latest addressing updates. Devices that use frequently-changing dynamic addresses (such as mobile computers that are occasionally-connected to the network) can be difficult to track via ping.
Internet Control Message Protocol - ICMP
ICMP was defined in the early 1980s and documented in RFC 792. ICMP travels on top of the IP layer and consists of a 4-byte header (including checksum) followed by data. Multiple ICMP message types exist to support ping requests (type 8 Echo Request) and replies.
Most operating systems include facilities for programming applications that can work with ICMP. Even though the interface is undocumented, Microsoft includes an ICMP.DLL with Windows.
TTL
Another important concept in ping is Time to Live or TTL. TTL prevents circular routing -- the condition where an ICMP packet bounces in an infinite loop among intermediate hosts. The mechanism counts intermediate hosts along the route from source to destination. Each time an IP device such as a router receives a ping packet, it decrements the TTL counter by one. Should the packet's TTL reach zero, the device discards the packet and ping will report the following result:
Reply from 192.168.0.1: TTL expired in transit
Successful pings will typically report the final TTL number. A ping that starts with a TTL of 128 and returns with a TTL of 49 (as illustrated earlier) means that 79 intermediate "hops" were traversed along the route. Routes with 50-100 hops are fairly common on today's Internet, but this number will usually be less than 10 for an intranet.
The So-Called "Ping of Death"
In 1996 and 1997, a common practice in the hacker community involved sending malicious ICMP packets to computers on the Internet with the intention of "crashing" them. This technique became known as the Ping of Death for its unpredictable consequences and its relatively high probability of success.
The technique only worked because many network operating systems at the time were not designed to handle these packets gracefully. Earlier versions of UNIX and Linux computers, Macintoshes, NetWare servers, and some Windows computers were all prone to attack. In a nutshell, the Ping of Death involved sending an unusually large ICMP request that created buffer overflow conditions on the remote computers. Such overflows could hang the computer's network applications, crash the operating system, or possibly create other undesirable effects.
Although developers quickly fixed the "holes," actually these operating systems were susceptible to other sources of buffer overflow besides ping. Effectively any oversized (larger than 64 kilobyte) IP packet -- TCP, UDP, ICMP, and others -- could do the trick; ping utilities merely happened to be more convenient way to generate them.
Custom Pingers
Standard and very functional ping utilities have existed for more than a decade, but these command line utilities lack appeal with the new generation of Net users raised on graphic user interfaces (GUIs). In response to the changing times, a slew of souped-up graphic ping tools have appeared as shareware and freeware programs in recent years.
Predominately for Windows clients, these tools augment the basic command utility with features like
* support for multiple concurrent targeting or subnet ping sweeps
* advanced result reporting and logging
* timed monitoring (periodic scheduling)
* integration of related features such as port monitoring and route tracing
If computer networking were like television viewing, ping would be comparable to 60 Minutes -- an old concept but still a very useful and respected program. In the past, only IT administrators and engineers used ping, but the new generation of Net gamers and network-savvy home users should become familiar with this utility too. |
|
|
|
|
|
|
|
|
|
|
|
Vocabulary - DDNS, IANA, ICMP
DDNS:
DDNS is a service that maps Internet domain names to IP addresses. DDNS serves a similar purpose to DNS: DDNS allows anyone hosting a Web or FTP server to advertise a public name to prospective users.
Unlike DNS that only works with static IP addresses, DDNS works with dynamic IP addresses, such as those assigned by an ISP or other DHCP server. DDNS is popular with home networkers, who typically receive dynamic, frequently-changing IP addresses from their service provider. To use DDNS, one simply signs up with a provider and installs network software on their host to monitor its IP address.
Compared to ordinary DNS, the disadvantage of DDNS is that additional host software, a new potential failure point on the network, must be maintained.
Also Known As: dynamic DNS
IANA:
IANA is one of the primary governing bodies for Internet networking. IANA oversees three key aspects of the Internet:
* top-level domains. Top level domains are the trailing portion of Web domain names such as .com, .org, and .edu.
* IP address allocation
* TCP and UDP port number assignments
Also Known As: Internet Assigned Numbers Authority
ICMP:
ICMP is a network protocol useful in Internet Protocol (IP) network management and administration. ICMP is a required element of IP implementations.
ICMP is a control protocol, meaning that it does not carry application data, but rather information about the status of the network itself. ICMP can be used to report
* errors in the underlying communications of network applications
* availability of remote hosts
* network congestion
Perhaps the best known example of ICMP in practice is the ping utility, that uses ICMP to probe remote hosts for responsiveness and overall round-trip time of the probe messages. ICMP also supports traceroute, that can identify intermediate "hops" between a given source and destination.
Also Known As: Internet Control Message Protocol |
|
|
|
|
|
|
|
|
|
|
|
cheh .. bodoh nye forum ...
sia sia i tambah url ... tapi dia gi bukak kat window lain .. :agr:
anyway .. nice material here |
|
|
|
|
|
|
|
|
|
|
|
Rosak thread aku
url apa?
BTW kat cisco site banyak info tapi terlampau advanced & mostly ceta pasal product dia. |
|
|
|
|
|
|
|
|
|
|
|
Extra credit - What is the Ping of Death?
In late 1996 and early 1997, a flaw in the implementation of networking in some operating systems became well-known and popularized by hackers as a way to crash computers remotely over the Internet. The Ping of Death attack was relatively easy to carry out and very dangerous due to its high probability of success.
Technically speaking, the Ping of Death attack involved sending IP packets of a size greater than 65,535 bytes to the target computer. IP packets of this size are illegal, but applications can be built that are capable of creating them. Carefully programmed operating systems could detect and safely handle illegal IP packets, but some failed to do this. ICMP ping utilities often included large-packet capability and became the namesake of the problem, although UDP and other IP-based protocols also could transport Ping of Death.
Operating system vendors quickly devised patches to avoid the Ping of Death. Still, many Web sites today block ICMP ping messages at their firewalls to avoid similar denial of service attacks.
Also Known As: |
|
|
|
|
|
|
|
|
|
|
|
Lesson 4
IPv4 Address Classes
The IPv4 address space can be subdivided into 5 classes - Class A, B, C, D and E. Each class consists of a contiguous subset of the overall IPv4 address range.
With a few special exceptions explained further below, the values of the leftmost four bits of an IPv4 address determine its class as follows
Class Leftmost bits Start address Finish address
A 0xxx 0.0.0.0 127.255.255.255
B 10xx 128.0.0.0 191.255.255.255
C 110x 192.0.0.0 223.255.255.255
D 1110 224.0.0.0 239.255.255.255
E 1111 240.0.0.0 255.255.255.255
All Class C addresses, for example, have the leftmost three bits set to '110', but each of the remaining 29 bits may be set to either '0' or '1' independently (as represented by an x in these bit positions):
110xxxxx xxxxxxxx xxxxxxxx xxxxxxxx
Converting the above to dotted decimal notation, it follows that all Class C addresses fall in the range from 192.0.0.0 through 223.255.255.255.
IP Address Class E and Limited Broadcast
The IPv4 networking standard defines Class E addresses as reserved, meaning that they should not be used on IP networks. Some research organizations use Class E addresses for experimental purposes. However, nodes that try to use these addresses on the Internet will be unable to communicate properly.
A special type of IP address is the limited broadcast address 255.255.255.255. A broadcast involves delivering a message from one sender to many recipients. Senders direct an IP broadcast to 255.255.255.255 to indicate all other nodes on the local network (LAN) should pick up that message. This broadcast is 'limited' in that it does not reach every node on the Internet, only nodes on the LAN.
Technically, IP reserves the entire range of addresses from 255.0.0.0 through 255.255.255.255 for broadcast, and this range should not be considered part of the normal Class E range.
IP Address Class D and Multicast
The IPv4 networking standard defines Class D addresses as reserved for multicast. Multicast is a mechanism for defining groups of nodes and sending IP messages to that group rather than to every node on the LAN (broadcast) or just one other node (unicast).
Multicast is mainly used on research networks. As with Class E, Class D addresses should not be used by ordinary nodes on the Internet.
IP Address Class A, Class B, and Class C
Class A, Class B, and Class C are the three classes of addresses used on IP networks in common practice, with three exceptions as explained next. |
|
|
|
|
|
|
|
|
|
|
|
IP Loopback Address
127.0.0.1 is the loopback address in IP. Loopback is a test mechanism of network adapters. Messages sent to 127.0.0.1 do not get delivered to the network. Instead, the adapter intercepts all loopback messages and returns them to the sending application. IP applications often use this feature to test the behavior of their network interface.
As with broadcast, IP officially reserves the entire range from 127.0.0.0 through 127.255.255.255 for loopback purposes. Nodes should not use this range on the Internet, and it should not be considered part of the normal Class A range.
Zero Addresses
As with the loopback range, the address range from 0.0.0.0 through 0.255.255.255 should not be considered part of the normal Class A range. 0.x.x.x addresses serve no particular function in IP, but nodes attempting to use them will be unable to communicate properly on the Internet.
Private Addresses
The IP standard defines specific address ranges within Class A, Class B, and Class C reserved for use by private networks (intranets). The table below lists these reserved ranges of the IP address space.
Class Private start address Private finish address
A 10.0.0.0 10.255.255.255
B 172.16.0.0 172.31.255.255
C 192.168.0.0 192.168.255.255
Nodes are effectively free to use addresses in the private ranges if they are not connected to the Internet, or if they reside behind firewalls or other gateways that use Network Address Translation (NAT).
IPv6 Address Types
IPv6 does not use classes. IPv6 supports the following three IP address types:
* unicast
* multicast
* anycast
Unicast and multicast messaging in IPv6 are conceptually the same as in IPv4. IPv6 does not support broadcast, but its multicast mechanism accomplishes essentially the same effect. Multicast addresses in IPv6 start with 'FF' (255) just like IPv4 addresses.
Anycast in IPv6 is a variation on multicast. Whereas multicast delivers messages to all nodes in the multicast group, anycast delivers messages to any one node in the multicast group. Anycast is an advanced networking concept designed to support the failover and load balancing needs of applications.
IPv6 Reserved Addresses
IPv6 reserves just two special addresses: 0:0:0:0:0:0:0:0 and 0:0:0:0:0:0:0:1. IPv6 uses 0:0:0:0:0:0:0:0 internal to the protocol implementation, so nodes cannot use it for their own communication purposes. IPv6 uses 0:0:0:0:0:0:0:1 as its loopback address, equivalent to 127.0.0.1 in IPv4. |
|
|
|
|
|
|
|
|
|
|
|
IP Network Partioning
Computer networks consist of individual segments of network cable. The electrical properties of cabling limit the useful size of any given segment such that even a modestly-sized local-area network (LAN) will require several of them. Gateway devices like routers and bridges connect these segments together although not in a perfectly seamless way.
Besides partitioning through the use of cable, subdividing of the network can also be done at a higher level. Subnets support virtual network segments that partition traffic flowing through the cable rather than the cables themselves. The subnet configuration often matches the segment layout one-to-one, but subnets can also subdivide a given network segment.
IP Network Numbering
Even without subnetting (explained later), hosts on the Internet or any other IP network are assigned a network number. Network numbering allows a group of hosts (peers) to communicate efficiently with each other. Hosts on the same network may be computers located in the same facility or all computers used by a workgroup, for example. Multi-homed hosts, that contain multiple network adapters, can belong to multiple networks, but each adapter is assigned exactly one network number.
Network numbers look very much like IP addresses, but the two should not be confused. Consider for example the host IP address 10.0.0.1, an address commonly used on private networks. Because it is a Class A address, with no subnetting employed, its leftmost byte (eight bits) by default refer to the network address and all other bits remain set at zero. Thus, 10.0.0.0 is the network number corresponding to IP address 10.0.0.1.
The portion of the IP address that does not refer to the network refers instead to the host address - literally, the unique identifier of the host on that network. In the above example, the host address becomes '0.0.0.1' or simply '1'. Also note that a network address becomes a reserved address that should not be assigned to any actual host. Configuring a live host at 10.0.0.0 in the example above could impact communications for all hosts on that network.
The table below illustrates the default numbering scheme for Class A, B, and C networks.
Class Host address range Network address Default mask
A 0.0.0.0 - 127.255.255.255 x.0.0.0 255.0.0.0
B 128.0.0.0 - 191.255.255.255 x.x.0.0 255.255.0.0
C 192.0.0.0 - 223.255.255.255 x.x.x.0 255.255.255.0
In general, a network address uses the leftmost byte of its hosts' addressing if the hosts fall within the Class A range, the leftmost two bytes for hosts in Class B, and the leftmost three bytes for hosts in Class C. This algorithm is applied in practice through the use of a network mask. The above table shows the decimal representation of the default network masks that is commonly used by network operating systems. Note that the decimal value '255' corresponds to one byte that has all bits set to one (11111111).
Benefit of Network Addressing
Network addressing fundamentally organizes hosts into groups. This can improve security (by isolating critical nodes) and can reduce network traffic (by preventing transmissions between nodes that do not need to communicate with each other). Overall, network addressing becomes even more powerful when introducing subnetting and/or supernetting. |
|
|
|
|
|
|
|
|
|
| |
|
Post time 24-2-2004 05:52 AM
变色卡
Author
