TCP/IP Addressing & Subnetting

Here are my notes on one of the more challenging topics of the MCSE and Cisco exams.

Buy domains for less

Topics:

IPv6 CIDR VLSM

Site Map  
About this site  

Sound: Submarine ping

ISO-OSI Layers
Routing & Switching
Ping sound

DHCP WINS NetBIOS!

IP addresses are needed for each
• Default gateway
• DNS IP addresses and subnet masks
• WINS name server
• router (in and out address)
• NAT   (RFC 1631) for Windows 98SE and smaller Windows 2000 networks.

Download this Visio 2000 graphic

Name Resolution Strategies

Support WebCast: Windows 2000 DNS Client-side Name Resolution by Tim Rains

RouterGod.com has articles "written" by celebrities, such as Gillian Anderson tracking down the elusive bugs within LAN switching and Robert Downey Jr. on that repeat offender, the IEEE 802.3 Ethernet frame.

NetBIOS

NetBIOS names specified by the user are limited to 15 characters. Microsoft reserves the 16th character of the NetBIOS name to indicate a resource type.

NetBIOS name resolution is the process of mapping from a computer's NetBIOS name to an Internet Protocol (IP) address. Windows has several means of Name-to-IP-Address mapping for name resolution:

• Broadcast B-NODE communicate using a mix of both broadcast and directed UDP datagrams and TCP connections. Typically UNIX clients using SMB networking, they generate high overhead, as each node on the LAN must examine every broadcast datagram. They interoperate with one another within a broadcast area, but cannot interoperate across routers in a routed network.

• Point-to-point P-NODE nodes communicate using only directed UDP datagrams and TCP sessions. They relay on NetBIOS name servers, local or remote. If the name server is down, the p-node cannot communicate with any other system, even those on the same local network.

• Mixed M-NODE use broadcast first (to optimize performance, assuming that most resources reside on the local broadcast medium) for name registration and resolution. If this is unsuccessful, point-to-point communication with the name server is used. M-nodes generate high-broadcast traffic, but can cross routers and continue to operate normally if the name server is down.

• Hybrid H-NODE is used by default on Windows computers. H-nodes contain a combination of b-node and p-node functionality: H-node uses point-to-point communication first. If the NetBIOS name server cannot be located, it switches to broadcast. H-node continues to poll for the name server and returns to point-to point communication when one becomes available.

To display the NetBIOS names registered locally on the system by the server and redirector:

nbtstat -n

To monitor the status of NetBIOS browsers on user-selected domains, use the Browser Monitor from the Resource Kit:

browmon

Windows Internet Naming Service (WINS): Architecture and Capacity Planning

OSPF from Cisco's Internetworking Technology Handbook

NetBIOS to IP using WINS, LMHOSTS, HOSTS

Client requests for computer name resolution are sent directly to a WINS server, which returnes the IP address directly to the client.

On a Windows 2000 Server, WINS is installed as a Windows service over TCP Port 42.

So make sure that ports WINs needs are specified in entries Ports, PortsInternetAvailable, and UseInternetPorts of registry key HKEY_LOCAL_MACHINE \Software \Microsoft \RPC \Internet

Windows legacy machines use WINS to resolve NetBIOS names to IP addresses across subnets.

1. Windows 2000 DDNS to add client records to DNS Zones.
2. Broadcast (B-node implementation of NetBT)
3. If an lmhosts file does not exist on the machine, or an entry is not found, WINS (Windows Internet Name Service) server service.

WINS Client

The client wanting to use a WINS server must have its TCP/IP NetBIOS Helper service started.

To display a WINS client's local name table: Nbstat -n

A workstation client can use a hosts file to manually assign IP addresses to domain names. These files have no file extension names and are in folder %windir% \System32 \Drivers \Etc

A maximum of 11 WINS servers can be specified by a Windows 2000 client, but only 2 in an NT4 client.

To force WINS clients to release and refresh NetBIOS names on resource servers in the WINS database (such as after a WINS server is restored from backup files): Nbstat -RR

WINS Server

WINS-R resource records for reverse lookup zones.

WINS servers do not recognize B-node broadcasts, so a WINS proxy must be used for segments with b-node clients. To resolve NetBIOS names on remote subnets:

• the single WINS server of a subnet must have registered as a WINS client by having its own IP address in TCP/IP Properties' WINS server address.
• multiple WINS servers on a subnet should have push/pull replication partnerships with each other.

To implement a replication partner... push/pull in a hub-and-spoke design to a multiple hub-and-spoke design

WINS MMC Show statistics and find records beginning with a specified set of characters.

To have WINS discover its WINS replication partners, check Enable Automatic Partner configuration.

To set database and event logging for WINS:

netsh set logparam

To overwrite the static records with dynamic records where applicable, in Replication Partners, Properties, check the Enable Migrate check box. However, for a WINS server to receive them, its “Migrate On” option needs to be enabled.

The default WINS backup path is \Wins_bak\New

Scavenging the database verifies and releases records.

WINS Proxy

A WINS proxy forwards b-node broadcasts to WINS servers on remote subnets.

Setting up a computer to become a WINS Proxy requires using regedit In key HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \Netbt \Parameters set the EnableProxy parmeter to 1.

Dan DiNicolo's article on WINS

How to Manually Recreate a WINS Database

Using Microsoft TCP/IP by John Ray. Indianapolis, Ind. Que, 1999.

Top Level Domain URL Names

Buy domains from the lowest cost/fastest service I know Search for name availability at DNSResearch

Additional TLDs being considered by ICANN for 2005:

.post — a non-profit domain, sponsored by the Universal Postal Union, with be prefixed with 3 letter code for each country,
.travel sponsored by Tralliance, a partnership of travel organizations
.jobs sponsored by The Society for Human Resource Management
.mobi for mobile content and service providers

.edu domains are for accredited degree granting higher education institutions.
.org domains are for non-profit organizations, such as the International Trademark Association
.gov domains are for governmental organizations, such as the US Patent and Trademark Office
.mil domains are used exclusively by the US military (Department of Defense).
.int domains are restricted to organizations established by international treaties between governments, including some agencies and organizations of the United Nations.

ccTLD (country code Top Level Domains) are designated by ICANN based on ISO 3166-1-alpha-2 code elements.

.tv was originally for websites from the South Pacific island nation of Tuvalu . But, for $50 million, it's being marketed as "television" around the world for businesses such as Tech.TV .
.fm for Micronesia is used for FM radio stations.

The .la ccTLD assigned to Laos is being associated with “Los Angeles”.
.cc for Cocos (Keeling Islands) is also “Country Club” by David Sams Industries.
.ph for Phillipines is also “Phone”
.vc for St. Vincent is also “Venture Capitalist”
.ws for Western Somoa is also “Website”
.nu for the South Pacific nation of Nieue is used by those who recognize that the word in French means "nude".

Several new top level domains approved by ICANN in 2001:

.biz further benefit lawyers who want to double revenues for repeating the same trademark fight as .com

.info (information services) registras are authorized by Afilias

The 7,000 nic.coop domains registered so far are for members of the sponsor, the U.S. National Cooperative Business Association (NCBA), or the International Co-operative Alliance (ICA).

.pro, and 85,000 registrations of
.name domains.

.eu was approved by ICANN in March 2005 to launch in early 2006 through Belgium-based registrar EURid.

Domain Naming Strategies

Enter a Domain Name to lookup: www. .com.net.org.biz.info.us.ws.name.de.jp.be.at.co.uk.me.uk.org.uk.co.nz.net.nz.org.nz.cn.com.cn.org.cn.net.cn.com.tw.org.tw.idv.tw.jobs.eu

Name already taken? Consider these variations:
e... i... internet... z... cyber... hyper... online... digital...
global... national... international... intl... (SCOPE/REACH)
free... official... public... academic...
1800... new...
the... extreme... total... all...
buy... ask... do... go... go2... think... try... (action verbs)
easy... fast... quick... fit... dynamic... rapid...
mobile... robo... wireless...
basic... advanced... mini... mass... massive... max... sample... special...
expert... helpful... wise... sound... smart...
useful... reliable... true... practical...
cool... fantastic... safe... open... real... bright... brilliant...
quality... magic... dynamic... phat... golden... amazing...
famous... killer... fantastic...
better... best... top... great... greatest... preferred... leading...
safer... optimal...
steel... titanium... granite... stone...
daily... your... my... our...
life... living... personal...
industry... commercial...
southern... (geographical)
irish... (social)
...online ...togo ...info ...portal ...tech ...link
...data ...database ...info ...share
...source ...bench ...bank
...sys ...systems ...app
...supply ...vendor
...command ...center ...control ...net
...summit ...group/s ...groupie ...afficiado ...forum
...haven ...site ...center ...central ...hub ...community
...heaven ...source ...resource
...house ...showroom ...loft ...store ...studio ...shack ...hotel
...avenue ...boulevard ...street ...highway ...corner
...station ...base ...depot ...zone ...lane
...galaxy ...universe ...orbit ...planet ...space
...home ...office ...desk ...paper ...tab ...box ...lockbox
...store ...shop ...pit ...bay ...garage ...pool ...rings ...lab/s ...factory
...clinic ...club ...school ...seminars
...help ...411 ...911 ...answers ...advice ...rx
...experts ...pro/s ...wiz ...geek/s ...champions ...kings
...consulting ...design/s ...initiative/s ...research ...survey/s ...alert
...advisor/s ...broker/s ...developer/s ...partners
...solutions ...tools ...toolkit ...app ...services
...corp ...enterprises ...fund ...foundation ...institute
...advantage ...keys
...ontime ...ready ...freedom
...forever ...4u ...baby ...fever ...age
...fx ...magic ...science
...above ...love ...shock
...123 ...007 ...86 ...89
...canada ...america
...anxiety ...phobia ...syndrome
...jobs ...work

Even though Wal-Mart won Wal-MartCanadaSucks.com, the company proactively registered over 100 unflattering variations on it trade name. Other examples: IHate... Dontbuy... evil...
...stinks ...Bites javaSucks.com

Buy domains from the lowest cost/fastest service I know

Popular hate sites include ununited.com

Un-Obfuscating URLs

Beware of obfuscated URLs such as this, which impersonates ebay to steals credit card and identity info:

http://cgi3.ebay.com:
aw-cgieBayISAPI.dll
SignInRegisterEnterInfo&
siteid=0co_partnerid=2@
66.230.230.51/7e3baycgi/

Copy and paste this to the form to un-obfuscate the tricks used by this URI to the format of a URI:
http://account: password& domain_name.TLD

The "ebay.com" at the begginning are actually part of the account and password portions of website requests. The real address is to the right of the first @ sign,

The real IP address is also obfuscated using extra leading zeros that are automatically ignored or specifying octal or hex addresses (which are preceded with x, as in xF3).

http://www.irs.gov%40%77w%77%2e%63yb%65%72%67atew%61%79%2e%6e%65%74/s%70%61%6d%6d%65r/%69%6Ed%65%78.%68%74m%6C#3491382728/%32c%72%65%64%69%74c/%69%6Ed%65%78.%68%74m%6C
After translating character codes

After removing unused authentication text before the @ character:

Real domain name of URL:

If the result is a numeric IP address, Reverse IP Lookup to find who owns the IP address. Report spammers annonymously to Spamcop.net.

IP Addresses from DHCP, APIPA, ICS, NAT

APIPA (Automatic IP Addressing) using 169.254

By default, when Windows 98 and Windows 2000 clients cannot find a DHCP server, it automatically assigns an IP address which IANA reserved from the Class B range 169.254.0.0 thru 169.254.255.255 with a subnet mask of 255.255.0.0.

This could be a security vulnerability for clients using other means (below) to obtain its IP address, so disable this default behavior by adding onto the client a IPAutoconfigurationEnable REG_DWORD entry with value 0 (zero) in registry key HKLM \System \ Current\ CurrentControlSet\ Services\ Tcpip\ Parameters\

DHCP

DHCP dynamically assign IP addresses to clients that request them. Reduced manual fiddling of each machine almost eliminates the chance (and hassle of tracking down) duplicate IP address assignments. (Unique static IP addresses cannot be assigned to users through DHCP).

All Windows 2000 systems have a DHCP client service that starts automatically by default without being configured as DHCP clients.

Client workstations automatically lease IP addresses from a DHCP server service [RFC 2131 & 2132] running on a Windows 2000 domain controller. The DHCP server service must be manually installed on a Domain Controller using Add/Remove Programs, Windows Components.

The DHCP database DHCP.mdb is in folder %systemroot%\system32\dhcp.

Registry keys used by DHCP are in
HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \DHCPServer

To stop DHCP server from a command line: net stop dhcpserver
net start dhcpserver

Client requests for DHCP can be routed 2 ways:

• through routers which are RFC 2131-compliant or
• through a DHCP Relay Agent server.

DHCP Server Authentication Protocol

New to Windows 2000: To avoid rogue DHCP servers on a network, DHCP service checks the Active Directory to see if its has been authorized by a member of the Enterprise Admins group.
• Windows 2000 servers manage (authenticate) Authorized DHCP servers by broadcasting a DHCPINFORM message when it boots up.
• DHCP servers reply with DHCPACK containing its Active Directory root domain.
• The DHCP service starts when it sees itself on the list its domain controller
• The DHCP service continues to check its status (by default every 5 minutes).

Otherwise:

• DHCP Client broadcasts a DHCPDISCOVER to initiate IP address.
• DHCP Sever replies with a DHCPOFFER of a possible address.
• DHCP Client sends a DHCPREQUEST to say it likes the IP address offered.
• DHCP Sever may (rarely) reply with a DHCPNAK if it's no longer available.
• DHCP Client sends a DHCPRELEASE to relinquish its IP address.

dhcp.org

Dan DiNicolo's article on DHCP

q130642 - How to Move a DHCP Database to Another Windows Server

Dhcpexim.exe from the Resource Kit exports the server configuration and database (scopes) from a DHCP server. It can only import into Windows 2000 DHCP servers. It does not export these items:

• DHCP database path
• DHCP database backup path
• Audit log path
• Detect Conflict Retry settings
• Multicast scopes
• BOOTP tables

DHCP Scopes

The scope of IP address ranges (and exclusions) are specified using the DHCP console.

To define IP scope options and client reservations:

• invoke DHCP from Administrative Tools or
• use the netsh dial-up scripting utility on the three sub-contexts: interface, ras, routing.

Static IP Addresses used for servers on the network should be specified in DHCP Exclusion scopes.

A Superscope combines individual scopes (within a single physical segment) into a logical multinet. Superscopes are used when several DHCP servers serve a single subnet. (In Windows 2000, they can only be specified after a scope has been defined) To ensure that individual DHCP clients always receive addresses from the same DHCP server, create on each DHCP server the same superscope with a member scope for the IP range managed by each DHCP server. This is so DHCP servers do not send DHCPNak messages for ranges of other DHCP servers. Then on each DHCP server exclude ranges for other servers.

Multicasting

MADCAP (Multicast Address Client Allocation Protocol) is used to multicast to IPv4 Class D addresses. Use the 239.x.x.x range and avoid 224-238 to prevent multicast traffice from being copied to the adjoining host.

Activating the scope is a separate manual step commonly missed.

DHCP Lease Durations

DHCP Lease durations are changed in Scope properties. The default is 3 days in Windows NT and 8 days in Windows 2000.


By default, the dynamic update client dynamically registers A and PTR resource records:

• Every 24 hours
• Its TCP/IP configuration is changed
• Its DHCP address is renewed or new lease obtained
• A Plug and Play event occurs
Some DHCP clients cannot perform dynamic updates.

Client OS	Command
Windows 2000	ipconfig /registerdns
Windows NT 4	ipconfig /release ipconfig /renew
Windows 9x	winipcfg /renew

Commands to force re-registration of IP addresses differ by OS:

The client broadcasts a DHCPREQUEST to attempt to renew its lease at 50% (point T1) and at 87.5% (point T2).

By default, DHCP servers are set to “Automatically update DHCP client information in DNS” — A and PTR records.

DHCP Advanced User Classes

A convenient way to specify one set of DHCP configuration settings for a group of DHCP clients (such as short lease period for mobile DHCP clients who typically log in for only a few hours at a time), from the DHCP console tree, choose from the context menu "Define User Class" and click Add. Specify the class name and description. Then configure advanced options for the user class.

To invoke DHCP class id XXXX on each DHCP client computer:

ipconfig /setclassid xxxx

DHCP Logging

HKLM\ SYSTEM\ CurrentControlSet\ Services\ DhcpServer\ Parameters\

Key	Data Type	Default Value
ActivityLogFlag	REG_DWORD	1
DhcpLogFilePath	REG_SZ	System32\dhcp
DhcpLogMinSpaceOnDisk	REG_DWORD	20 MB
DhcpLogDiskSpaceCheckInterval	REG_DWORD	50 MB
DhcpLogFilesMaxSize	REG_DWORD	7 MB

Network Address Translation

NAT provides IP address assignment and DNS Proxy name resolution services to internal network clients.

NAT is emphasized over ICS because NAT provides a higher level of customization and control.

A NAT server allows outbound traffic to the external internet. By default, a NAT server allows inbound traffic only through connections already established by an internet host (typically port 80).

To access traffic from a special port from an external host:

If the public interface of the NAT server is configured with a single IP address, add a Special Port in the Routing and Remote Assess MMC console.

If the public interface of the NAT server is configured with multiple IP addresses, make address reservations to map specific external addresses to specific internal addresses.

Selection of 006 DNS Servers option at the scope level overrides the selection at the server level.

Internet Connection Sharing (ICS) using 192.168

ICS is used in small offices to do the work of a DNS server for name resolution, and DHCP servers for automatic Internet Protocol (IP) address allocation. In other words, ICS can NOT be used on a network with DNS and DHCP servers. After ICS is enabled, no further configuration of DNS or IP addressing services can be allowed on the network.

ICS provides a proxy server service and Internet gateway. ICS and Windows 2000 routes packets from the internal LAN through one NIC on the internal subnet and out another NIC facing the external internet.

ICS allows clients to use standard Internet tools to access e-mail or the Web, or perform any other operations supported by the Internet.

ICS is implemented by setting the TCP/IP connection property.

During ICS installation, the ICS DHCP allocator is automatically enabled. Windows 2000 Server uses the ICS DHCP allocator (a simplified DHCP process) to automatically assign clients private IP addresses in the range of 192.168.0.2 to 192.168.254.254 and a class C subnet mask of 255.255.255.0.

The server's NIC which connects to the internal LAN is assigned the “LINKLOCAL Network” static private IP address of 192.168.0.1. This is the IP gateway address for other clients on the LAN.

The external NIC can include a standard telephone modem. If so, check the “Enable On-Demand Dialing” option.

DNS (Domain Name Service)

DNS servers obtain IP address from URL names by forwarding requests it cannot resolve from its own tables.

Clients -- called resolvers -- make requests of DNS name servers. Two DNS servers are usually specified (in client machine TCP/IP properties) for load balancing and fault tolerance.

DNS servers refer to 3 types of records to answer 3 types of queries:

A (host Address) records are used to answer forward lookup of an FQDN (host name) to a specific IP address. The host name to IP address mappings for a zone are stored in the Domain.dns file in the %systemroot%\System32\Dns folder.

PTR (Pointer resource) records are used to answer a reverse lookup of an IP address to a host name (another DNS domain name location). IP address to host name mappings are in the z.y.w.x.in-addr.arpa file. Create file 1.0.0.127.in-addr.arpa zone file for reverse lookup.

SRV (Server location) records -- new in Windows 2000 DNS -- are used to locate domain controllers. SRV specifies the server to which a DNS name server forwards when it cannot resolve a query. Windows 2000 server requires DNS to locate domain controllers. On Windows 2000, DNS is installed as a Windows component on a domain controller with a static (not dynamic) IP address.

Other types of resource records:

NS records notate which DNS servers are designated as authoritative for the zone.

SOA (Start Of Authority) records indicate the name of origin and other basic properties for each zone, including the name of the primary server for the source for information about the zone,

CNAME (Cononical name) records define aliases.

MX (Mail exchanger) records define the owner and mail exchange server DNS name, with preference number.

There is a separate set of these DNSNode records for each DNSZone handled by a DNS server. DNS only resolves queries for zones to which it has authority. Zones are part of a hierarchial structure of top-level domains over Second-level domains (represented by the organization's name, such as Microsoft or Compaq), etc.

Standard	Active Directory Integrated
DNSZone	Container Objects
DNSNode	Leaf Objects

DNS zone data can be stored in text files on Primary or Secondary domain controllers. This is under the single master model. Alternately, you can change a Windows 2000 DNS service to use the Active Directory Integrated database. Replication of AD data to other servers makes this a multi-master model.

This is done using the DNS Console Manager GUI -- in a zone's Properties dialog box General tab, click the change button. Alternately, use a script to issue sub-commands from command interface

nslookup.exe
Default Server:   rns2.earthlink.net
Address: 207.217.77.82

AD Integration is reversed in the Advanced tab by setting the “Load Data On Startup” field to “From Registry”.

Use the Windows 2000 Network Monitor to monitor and capture packets sent to and from DNS servers.

DNS server administration can be done by a script using this utility from the Windows 2000 Server product CD:

DNSCMD.EXE

Servers send an A (resource) record to DNS when it first boots up. To force a member server to register itself to DNS:

ipconfig /registerdns

In the Event Log, the DNS log file shows DNS request activities. But it doesn't show specific zone property changes or information about existing zone transfers.

Caching-only DNS servers work from data cached while resolving queries using server in Root Hints stored in the Cache.dns file rather than from DNS zone transfers.

If you have a dynamic IP address (such as a DSL modem), you can still give out a URL address if your machine has DynSite which constantly updates your actual IP address in the table referenced by the DNS server associated with the URL you give out. Companies such as DtDNS offer DNS servers which refer to Dynamic Hostnames (FREE or at $5 a year).

My notes on Routers and Routing

My notes on Data Communications

Dan DiNicolo's article on DNS

Name Server (NS) Registry.com allows you to check if a name server is valid.

Windows 2000: WINS and DNS: What's New.: November 16, 1999

Windows 2000: WINS and DNS: What's New: November 16, 1999

Windows 2000: Installing and Configuring the DNS Dynamic Update Protocol: December 23, 1999

How Microsoft Windows 2000 Dynamic DNS Updates Work by Tim Rains May 3, 2001

How to Change a Computer's Domain Name System Server from the Command Line [using Regfind]

DNS in the Active Directory Tree Part 1: by Mark Simos, September 12, 2000

DNS in the Active Directory Tree Part 2: Best Practices, Common Problems, and Troubleshooting by Mark Simos and JR Nieves, March 6, 2001

Microsoft Metadirectory Services by Paige Verwolf August 8, 2000

DNS and Bind by Cricket Liu (O'Reilly) Bind v8.1.2 (not 8.1)

Dynamic DNS

Windows 2000 uses Dynamic DNS [RFC 2136] which communicates with DHCP to dynamically register DNS A (resource) and PTR resource records.

Under DDNS, DCs dynamically register SRV (SeRVice location resource) records, which simplifies setup of Active Directory. Active Directory provides replication.

Earlier AXFR (All zone transfer) entire file is sent.

Incremental Zone Transfer (IXFR) [RFC 1995] is requested by a message with a serial number (SOA) so only the most recent changes are sent back.

Secure dynamic update, defined in IETF Internet-Draft "GSS Algorithm for TSIG (GSS-TSIG)" API [RFC 2078], protects zone and resource records from being manipulated:

• Prevent host name hijacking: Authoritative name server accepts updates only from clients and servers that are authorized to make dynamic updates.
• Enables granular control: specify exactly which users and groups can modify zones and resource records

Obfuscating IP Addresses

FreeProxy for Windows and SGI for UNIX.

Do anonymous surfing by hiding your identity (IP) from websites you visit using The Cloak charges 1.7 cents per megabyte.

SMTP in Anti-Spam

"It has been observed that when a domain has both a primary (high priority, low number) and a secondary (low priority, high number) MX record configured in DNS, overall SMTP connections will decrease when the primary MX is unavailable. This decrease is unexpected because RFC 2821 (Simple Mail Transfer Protocol) specifies that a client MUST try and retry each MX address in order, and SHOULD try at least two addresses. It turns out that nearly all violators of this specification exist for the purpose of sending spam or viruses. Nolisting takes advantage of this behavior by configuring a domain's primary MX record to use an IP address that does not have an active service listening on SMTP port 25. RFC-compliant clients will retry delivery to the secondary MX, which is configured to serve the role normally performed by the primary MX)."

IP Address Allocation

Each IP number points to a specific address:

• 1 per workstation, server, network printer, and other device.
• 2 per router

Allocation of IP's

IP adddresses are pre-allocated by the IANA in its IP version 4 (IPv4) RFC 1918 first published September, 1981.

Each IP address has network address and host portion. IANA allocates network address prefixes to organizations, which then manage their host portion.

With IPv6 CIDR defined by RFC 2471, instead of blocks of IP addresses being assigned in powers of 256, blocks will be assigned in powers of 2 — making more efficient use of the available address space.

Let showmyip.com lookup the geographic location associated with an IP Address

IP Address
or Host Name:
	100 Lookups allowed per day for unregistered users.

Size Matters

Each IPv4 address is 32 bits. Although 2 to the power of 32 is 4,294,967,296, there are only 3,720,314,628 possible hosts because some address are reserved by IANA. So, 25% of the pool of addresses is underutilized.

Each IPv6 address is 16 bytes or (x8=) 128 bits, which provides an address space of 3.4 times 1038 unique addresses. That's 1,500 address for each square meter on the earth's surface. Enough?

Visualroute (a Java applet) displays traceroutes on a world map. Very cool.

RFC 1918 lists TCP/'IP addresses not routed by the Internet.

Understanding TCP/IP addressing and subnetting basics

IPv4 Addresses vs. IPv6

Aspect	IPv4	IPv6
Separator	dot (.)	colon (:)
Notation style	Four sets of three digits	Eight sets of four digits
Abbreviation Compression	If all three digits are zero, single zero is used	If all four digits are zero, a double colon is used
Address Length	4 bytes (32 bits)	16 bytes (128 bits)
Types of addresses	Public, private, multicast	Global, local-use unicast, anycast
IPsec support	Optional	Requuired
Fragmentation	Done by hosts and routers	Done by hosts only
Error reporting	ICMP (for IPv4)	ICMPv6 and diagnostic
Router discovery	Optional	Required support
Host configuration	Optional	Required support
DNS record type	A record	AAAA record for name resolution
DNS record type and location for reverse name resolution	PTR records in IN-ADDR.ARPA	IP6.ARPA domain name resolution

For convenience, the 32 bits of IP addresses are expressed in dotted decimal notation and formated in 4 segments: w.x.y.z. An IP address such as 216.26.144.60 represents 4 octets of 8 bits each. The “oct” prefix in octet is a Greek word equivalent to the English word “eight”.

RFC 2073 describes the hierarchical structure of IPv6 addresses divided into 16 segments of 8 bits each:

The IPv6 Unicast Format [RFC 2073]

• First 16 bits for Top Level backbone routers
• Next 48 bits for the ISP
• Next 16 bits for the Network
• Next 48 or 64 bits of the MAC address

Decimal expressions do not include leading zeroes and extraneous zeros are replaced with a double colon (::).

RFC 2026 - IPv6 is processed tunnel within IPv6 equipment.
RFC 1883 uses 128 bit of 6 octets.

The 6bone experimental IPv6 network can run over IPv4 tunnels as it transitions to native IPv6. Beginning with Release 12.0(21)ST1, Cisco's 12000 series Internet Routers support IPv6.

Microsoft .NET Framework 3.0 (which includes CLR 2.0) improved the Microsoft's Dual IPv4 / IPv6 stack with Teredo, introduced in the "Advanced Networking Pack" of Windows XP SP 2 and is enabled by default in Windows Vista and above.

Classless Interdomain Routing (CIDR)

Classless Interdomain Routing (CIDR) [ RFC1419] replaces the IPv4 concept of class A, B, and C IP addresses with a generalized “IP prefix” consisting of an IP addresses and a mask length (the number of leftmost contiguous significant bits in the corresponding network address). Examples of current addresses:
172.223.43.0/16
198.50.1.0/24

Varible-length Subnet Masks (VLSMs)

VSLM result in less IP addresses in routing tables by aggregating at the origin AS level

Organization assigned to Autonomous System (AS) number cache used by the CIDR-Report

L2TP (Layer 2 Tunneling Protocol), submitted to IETF in RFC 2661, merges Microsoft's PPTP and Cisco's L2F for Secure IP (IPSec).

Sources of information on IPv6:

learntosubnet.com lectures are a part of the LearnTCPIP series.

IP Next Generation Overview

Next Generation Overview from the CableGuy on Technet

Changes to IPv6 in Windows Vista and Windows Server 2008

IPv6 Overview from Microsoft Technet is available as a Word file

tcpipguide.com [has pop-ups]

The IPv6 Working Group Charter and Documents

IPX Stream.com

Technical Management of Internet Names and Addresses 2/98 Federal Register

IPv4 Address Classes

The left-most bit of all IPv4 addresses is always 0.

The number of bits in each portion depends on the class of that IP address.

• The number of available addresses from the network portion of IP addresses excludes two reserved by the IANA:
  • All 0's - used for “this network”
  • All 1's - used for “boardcast”
• The number of available addresses from the host portion of IP addresses exclude two reserved by the IANA:
  • 0.0.0.0 for use as the default route.
  • 127.0.0.1 for loopback functions.

Subnetting

Class C addresses sometimes have an added “/24” (“slash 24”) because they have 24 bits in their network prefixes.

1985 RFC 950 allows a Network Number assigned by IANA to be divided into several physical segments in a TCP/IP environment, each segment with a unique Extended Network Prefix containing a Subnet number.

Class / Bits in Network Prefix	Highest Order Bit Val.	Dot Decimal First Octet	1985 RFC 950 Default Subnet Mask	Max. n Bits for alloc. to subnet or host ID	Max # Hosts (2n-2)
A /8	0xxxxxxx	001 - 126	255.0.0.0	24 bits	16,777,214
Diag.	01111111	127	.
B /16	10xxxxxx	128 - 191	255.255.0.0	16 bits	65,534
C /24	110xxxxx	192 - 223	255.255.255.0	8 bits	254
Reserved	111xxxxx	224 - 253	.
D - Multicasting	1110	254	.
Experimental	11111111	255	.

In a Class C address, the remaining 8 bits from the total 32 is for identifying hosts. But because of reserved addresses, two addresses cannot be used (all 0's and all 1's).

Practice constructing this table quickly. When you start the test, write it down from memory on the blank paper the proctor gives you. Don't bring your own papers into the testing center.

Octet Conversion: Between Decimal and Binary

Number systems are positional. For example, the number “321” in the Decimal (base 10) system we normally use for commerce has a value of 300 plus 20 plus 1 because each position has a different value. Positions start “Low” on right and go “Higher” to the left as you get more positions to work with. Each higher position available increases the value of a number exponentially.

Deep down, computers handle only 1's and 0's -- a Binary (base 2) system of counting. Because each position has only two (rather than 10) values, “10” (10₂) is equivalent to 2 in the decimal system.

Binary 1000 0000 is equivalent to 128 in our normal decimal system. All 1's is decimal 255.

The Decimal Value is calculated by the power of 2 (values 0 and 1). 128 is 2 to the 8th power.

Practice constructing this table quickly to convert between binary and base 10 numbering systems.

Right before starting to answer an exam, write this table down on scratch paper the proctor gives you (do not bring this on your own paper into the exam).

During the exam, refer to this table rather than wasting time

Octet Etudes 8 = 0 0 0 0 1 0 0 0 63 = 0 0 1 1 1 1 1 1 192 = 1 1 0 0 0 0 0 0 254 = 1 1 1 1 1 1 1 0 96 = 0 1 1 0 0 0 0 0 100 = 0 1 1 0 0 1 0 0 198 = 1 1 0 0 0 1 1 0

Use the “Low to High” row to quickly convert decimal value 109 to Binary representation: start from a decimal value less than the one you're translating:
109 is less than 128, so the 8th position must be zero.
Keep adding ... from the highest order bit until the sum is higher than the target value:
0 + 64 + 32 = 96
0 + 64 + 32 = 96 + 16 = 112 (too much)
0 + 64 + 32 = 96 + 0 + 8 = 104
0 + 64 + 32 = 96 + 0 + 8 = 104 + 4 = 108
0 + 64 + 32 = 96 + 0 + 8 = 104 + 4 = 108 + 2 = 110 (too much)
0 + 64 + 32 = 96 + 0 + 8 = 104 + 4 = 108 + 0 + 1 = 109
0   1   1   0   1   1   0   1

Bitmaps for Special Addresses reserved by IANA

• 255.255.255.255 (all 32 bits with value 1) is the broadcast address read by all hosts.
• The Bit mask for the loopback address used for diagnosis:
    0     1   1   1   1   1   1   1
    0+64+32+16+8+4+2+1 = 127

    0   0   0   1   1   1   1   1
    0+0+0+16+8+4+2+1 = 31

• Decimal value of "high" octal bit 110 boundry for Class C addresses:
    1     1       0     0   0   0   0   0
  128 + 64 + 0 + 0 + 0 + 0 + 0 + 0 = 192

• range 172.16.xxx.xxx through 172.32.xxx.xxx
• range 169.254.0.0 thru 169.254.255.255 with a subnet mask of 255.255.0.0 for Automatic IP Addressing
• 192.168.xxx.xxx for Network Address Translation

Decimal IP Addresses

To do arithmetic on IP addresses (such as determining whether a particular address is within a range between IP_FROM and IP_TO obtained from the IP-to-country database), first convert IP addresses in A.B.C.D form into decimal numbers.

A=192	+	B=168	+	C=101	+	D=62	=	?
A*m^3	+	B*m^2	+	C*m^1	+	D*m^0	=	?
A x (256*256*256)	+	B x (256*256)	+	C x 256	+	D	=	?
A x 16777216	+	B x 65536	+	C x 256	+	D	=	?
3221225472	+	11010048	+	25856	+	D	=	3232261438

PHP 4 provides functions to convert between the two formats:

$dotted_ip_address = $_SERVER['REMOTE_ADDR'];
$ip_number = sprintf("%u", ip2long($dotted_ip_address));

$dotted_ip_address = long2ip($ip_number);

MySQL provides its functions to convert:

SELECT country_name FROM iptocountry
  WHERE inet_aton('$remote_addr') >= ip_from
  AND inet_aton('$remote_addr') <= ip_to;

In VBScript:

function vbLong2ip(ipLong)
	ipLong = abs(ipLong)
	ipA = fix(ipLong/256^3)
	ipB = fix((ipLong-ipA*256^3)/256^2)
	ipC = fix((ipLong-(ipA*256^3+ipB*256^2))/256)
	ipD = fix(ipLong-((ipA*256^3)+(ipB*256^2)+(ipC*256)))
	vbLong2ip=ipA & "." & ipB & "." & ipC & "." & ipD
end function

Phython custom functions:

def num2dot(c):
    assert c > 0 and c < 4294967295
    ip = []
    for i in xrange(3, 0, -1):
        p = 256 ** i
        ip.append(c/p)
        c -= (c/p)*p
    ip.append(c)
    return '.'.join([str(x) for x in ip])

def dot2num(s):
    ip = [int(x) for x in s.split('.')]
    i = 0
    for x in xrange(3, 0, -1):
        i += ip.pop(0) * (256 ** x)
    i += ip.pop(0)
    return i

Allocating Classful Subnets

Class	Subnet Mask (in Dot.Decimal)	Binary Value 1 for subets h for hosts	n Bits for alloc. to subnet or host ID	# of Subnets	# of Host ID's
A	255.0.0.0		0 & 24	0	16,777,214
B	255.255.0.0		0 & 16	0	65,534
B	255.255.128.0	1hhhhhhh.hhhhhhhh	1 & 15		32,766
B	255.255.192.0	11hhhhhh.hhhhhhhh	2 & 14		16,382
B	255.255.224.0	111hhhhh.hhhhhhhh	3 & 13		8,190
B	255.255.240.0	1111hhhh.hhhhhhhh	4 & 12		4,096
B	255.255.248.0	11111hhh.hhhhhhhh	5 & 11		2,046
B	255.255.252.0	111111hh.hhhhhhhh	6 & 10		1,022
B	255.255.254.0	1111111h.hhhhhhhh	7 & 9	124	510
B	255.255.255.0	11111111.hhhhhhhh	8 & 8	254	254
C	255.255.255.0	11111111.hhhhhhhh	0 & 8	0	124
C	255.255.255.128	1hhhhhhh	1 & 7	???
C	255.255.255.192	11hhhhhh	2 & 6	2	62
C	255.255.255.224	111hhhhh	3 & 5	6	30
C	255.255.255.240	1111hhhh	4 & 4	14	14
C	255.255.255.248	11111hhh	5 & 3	30	6
C	255.255.255.252	111111hh	6 & 2	62	2
C	255.255.255.254	1111111h	7 & 1	???
C	255.255.255.255	11111111	broadcast

• The value in the Decimal Value column replaces the last octet of a subnet mask for a class C IP address. For example: 192 goes in 255.255.255.192.
• “Binary Value” means that each digit can only be either “1” or “0”.
• In each Binary Value entry, 0 (zero) bits indicate the number of bits available to come up with Host ID's within the same subnet.
• The more subnets, the less host ID's.
• The default subnet mask for a Class C address has a Binary Value of 00000000, resulting in a subnet of 255.255.255.0.
• The first bit on the Binary Value is always 1 because it has been reserved.
• The last bit on the Binary Value is always 0 because it has been reserved for the broadcast address, so a Class C subnet has 7 bits to allocate.

  Another explanation:
  255.255.255.192 (11000000) uses 2 bits to yield (2**2=4 -2 =2) subnets of (2**4=64-2==)62 hosts each
  255.255.255.224 (11100000) uses 3 bits to yield 6 subnets of (2**4=32 -2==30 hosts each
  255.255.255.240 (11110000) uses 4 bits to yield 14 subnets of 14 hosts each
  255.255.255.248 (11111000) uses 5 bits to yield 30 subnets of 6 hosts each
  255.255.255.252 (11111100) uses 6 bits to yield (2**6)=64 - 2 == 62 subnets, leaving one bit of 2 hosts each

  Dan DiNicolo's Subnetting practice exams

Subnetting Class A and B Addresses

• Question 1: Class B subnet has 12 bits to allocate:
  150.50.0.0 subnet mask 255.255.240.0

• Question 2: In a range of class C addresses of 190.16.4.0/22, what subnet mask would be required to provide two networks each allowing at least 300 hosts?
  a. 255.255.255.192
  b. 255.255.255.0
  c. 255.255.254.0
  d. 255.255.252.0
  e. 255.255.248.0
  

  Correct Answer: c. subnet mask will provide a network with 510 host addresses.

• Question 3: What is the host address in the IP Address 126.123.56.44 with a subn t mask of 255.248.0.0?

  Answer: Three of the third octet's bits are still part of the host ID. This means that the network ID for this address is 126.126.0.0. Removing the network address from the full IP address leaves 0.3.56.44 as the correct host address.

ANDing

When a host requests communications to be initiated, ARP obtains hardware MAC addresses of destination hosts by examining the subnet mask, Routing table, and default gateway.
1. ARP checks the subnet mask to see if the address is local or remote.

To collect data packets to analyse them with a spreadsheet program, use Performance Monitor.

Get Certified on Networking

Here are links to my pages on exam topics common to several exams on networking:

Exam Topic	MCP 70-221 Design	MCP 70-216 Admin	CCNA
TCP/IP Network Protocols	2	4
DHCP	3	2
DNS	4	1
WINS	5	5
Remote Access	6	3
RADIUS	7
Connection Manager	8
Routing	9	6
Multicasting	10
Demand-Dial Routing	11
VPN	12
IPSec	13
Connection Sharing	14	7 (NAT)
Proxy Server	15
Certificate Services	-	8

Braindumps for 70-216

Take the Brainbench certification test on TCP/IP Administration

Exams on Networking

• Microsoft's MCP Exam 70-216: Implementing and Administering a Microsoft® Windows® 2000 Network Infrastructure

  Installing, Configuring, Managing, Monitoring, and Troubleshooting ... in a Windows 2000 Network Infrastructure.

  Related Microsoft Courses 0950-0, 0989-6, 1380-x, 1388-5, 2153

• Microsoft's MCP Exam 70-221 Designing a Microsoft® Windows® 2000 Network Infrastructure

  Module 1: Windows 2000 Networking Overview
  Introducing Windows 2000 networking services
  Developing implementation and management designs

  Module X: Developing a/an YYY Strategy
  Role of YYY in a network
  Developing a/an YYY implementation strategy
  Developing a/an YYY management strategy
  Achieving YYY business goals

• Cisco Certified Networking Administrator

Readiness Review by Dave Perkovich. (Redmond, Wash.: Microsoft Press, 2000)

To help you prepare, Microsoft CTEC's such as Quickstart offer a $1,700 classroom 4 day course 1562: Designing a Microsoft Windows 2000 Networking Services Infrastructure

Best 2000 Web Links