IP is the Internet Protocol, the one and only one protocol used for routing between (possibly heterogeneous) networks on the Internet.
Highlights:
IP allows the transport layer not to have to care at all about how the data gets from source to destination. It does, however, leave details like congestion control and retransmission (if needed) to the transport layer.
There are two versions in use today: IPv4 and IPv6.
In IPv4, addresses are 32 bits wide. For example:
10011101111100100100011101101001
We don’t actually write the binary; we write either a 32-bit hex value, a 32-bit decimal value, or a numbers-and-dots expression. Examples:
Hex | 8-8-8-8 | 8-8-16 | 8-24 | 32 |
---|---|---|---|---|
0x7f000001 | 127.0.0.1 | 127.0.1 | 127.1 | 2130706433 |
0x9df24622 | 157.242.70.34 | 157.242.17954 | 157.15877666 | 2649900578 |
0x68c7f0d3 | 104.199.240.211 | 104.199.61651 | 104.13103315 | 1757933779 |
The 8-8-8-8 (dotted-quad) is by far the most popular. So much so, the others are not very well known!
inet_aton
. But is this function “official”?
The whole point of internets is that the address has a network part and a host part. We indicate this with a slash. The number after the slash tells how many of the (leftmost) bits is for the network part.
For historical reasons, this notation is called CIDR Notation.
Notation | Binary | Network | Host |
---|---|---|---|
157.211.63.12/24 | 10011101110100110011111100001100 | 157.211.63.0/24 | 12 |
202.155.11.6/8 | 11001010100110110000101100000110 | 202.0.0.0/8 | 155.11.6 |
54.123.254.15/20 | 00110110011110111111111000001111 | 54.123.240.0/20 | 14.15 |
/32
A value ending in /24 indicates a network with 255 addresses, and a value ending in /20 indicates a network with 4096 addresses. What about /32? That’s used to indicate a single host.
By convention, there is never a host numbered 0 on a network; that is reserved to denote the network itself. And there is never a host whose binary representation is all 1s; that is used to denote a broadcast.
Here’s an example:
Make sure you can, when given a network specification, determine the range of addresses. For example:
Network | First Host | Last Host | Broadcast |
---|---|---|---|
130.5.88.0/25 | 130.5.88.1 | 130.5.89.254 | 130.5.89.255 |
205.5.30.224/28 | 205.5.30.225 | 205.5.30.238 | 205.5.30.239 |
Some IPv4 addresses have special meaning. Here are some:
0.0.0.0 | Refers to the current host (self) |
0/8 | No addresses allowed here (16777216 addresses shot) |
127/8 | Network prefix for loopback. If you send a packet to any address in this net, your networking software will not send the packet out; it just returns the packet to you. Great for testing (but another 16,777,216 addresses shot). |
Host part all ones | Direct Broadcasst. For example, on net 150.290/16, the address 150.290.255.255 broadcasts to all hosts on the network. |
255.255.255.255 | Broadcast on local network |
Host part all zeros | Refers to the network itself. |
Network part all zeros | Refers to the host on the local network. For example, on net 157.11.64.0/22, the address 0.0.1.6 refers to 157.11.65.6. |
10/8 172.16/12 192.168/16 | Reserved for private internets. Routers on the public Internet will discard packets addressed to any of these addresses. |
Pro Tip: You really should memorize the private IPv4 blocks.
In IPv6, addresses are 128 bits wide. By convention, we write them as eight colon-separated hextets (always lowercase for hex!), with a couple shorthands if you like: leading zeros in a hextet can be dropped, and a single consecutive range of 0000 hextets can be replaced with ::
.
2001:0db8:85a3:0000:0000:8a2e:0370:7334
2001:db8:85a3:0:0:8a2e:370:7334
2001:db8:85a3::8a2e:370:7334
0:0:0:0:0:0:0:1
::1
94cf::bbc0::82:1
?
ClassworkGive the shorthand IPv6 addresses for:
- 0072:0000:0002:0000:0000:0000:0000:0000
- 9ffc:0000:0000:5000:0000:1333:8888:8888:8888
- 2345:6789:abcd:efff:0011:0002:0333:000a
You might sometimes see IPv6 addresses with the last 32 bits written as a dotted quad.
:: | Unspecified Address |
::1 | The loopback address |
::ffff:0:0/96 | IPv4 mapped addresses |
::ffff:0:0:0/96 | IPv4 translated addresses |
64:ff9b::/96 | IPv4/IPv6 translation |
100::/64 | Discard Prefix |
2001::/32 | Teredo Tunneling |
2001:20::/28 | ORCHIDv2 |
2001:db8::/32 | For documentation and examples |
2002::/16 | 6to4 (deprecated) |
fc00::/7 | Unique local address |
fe80::/10 | Link-local address |
ff00::/8 | Multicast address |
For detailed information on each of these, see Wikipedia.
Here is the IPv4 format:
0 0 | 0 1 | 0 2 | 0 3 | 0 4 | 0 5 | 0 6 | 0 7 | 0 8 | 0 9 | 1 0 | 1 1 | 1 2 | 1 3 | 1 4 | 1 5 | 1 6 | 1 7 | 1 8 | 1 9 | 2 0 | 2 1 | 2 2 | 2 3 | 2 4 | 2 5 | 2 6 | 2 7 | 2 8 | 2 9 | 3 0 | 3 1 |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Version | IHL | DSCP | ECN | Total Length | |||||||||||||||||||||||||||
Identification | Flags | Fragment Offset | |||||||||||||||||||||||||||||
TTL | Protocol | Header Checksum | |||||||||||||||||||||||||||||
Source IP Address | |||||||||||||||||||||||||||||||
Destination IP Address | |||||||||||||||||||||||||||||||
Options (if IHL > 5) | |||||||||||||||||||||||||||||||
Body |
Highlights (see the RFCs for details):
IPv6 packets not only take advantage of 128-bit addresses, but the packets themselves are much simpler:
0 0 | 0 1 | 0 2 | 0 3 | 0 4 | 0 5 | 0 6 | 0 7 | 0 8 | 0 9 | 1 0 | 1 1 | 1 2 | 1 3 | 1 4 | 1 5 | 1 6 | 1 7 | 1 8 | 1 9 | 2 0 | 2 1 | 2 2 | 2 3 | 2 4 | 2 5 | 2 6 | 2 7 | 2 8 | 2 9 | 3 0 | 3 1 |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Version | Traffic Class | Flow Label | |||||||||||||||||||||||||||||
Payload Length | Next Header | Hop Limit | |||||||||||||||||||||||||||||
Source IP Address | |||||||||||||||||||||||||||||||
Destination IP Address | |||||||||||||||||||||||||||||||
Additional headers (if any) | |||||||||||||||||||||||||||||||
Body |
Highlights (see the RFCs for details):
A router’s job is to send a packet to the next hop, by looking at the destination address.
Basic idea: if the destination address is on my network, send it directly. If not, send it to one of the routers. This is best understood by looking at an example and considering routing tables, which each host has.
Informally the routing table for the router at the top of this diagram is:
Destination Network | Next Hop |
---|---|
25.17.128.0/18 | Deliver Direct |
123.5.6.0/24 | Deliver Direct |
15.2.5.16/28 | 123.5.6.1 |
8.0.0.0/8 | Deliver Direct |
192.169.1.0/24 | 8.0.75.1 |
Anywhere else | 8.0.1.1 |
In real life, routing tables don’t store slashes, they store...netmasks! Also, a single router has multiple interfaces. For now, let’s call our router’s interfaces eth0, eth1, and eth2. A more accurate routing table would be:
Destination Network | Interface | Next Hop | |
---|---|---|---|
Base IP | Netmask | ||
25.17.128.0 | 255.255.192.0 | eth0 | Deliver Direct |
123.5.6.0 | 255.255.255.0 | eth2 | Deliver Direct |
15.2.5.16 | 255.255.255.240 | eth2 | 123.5.6.1 |
8.0.0.0 | 255.0.0.0 | eth1 | Deliver Direct |
192.169.1.0 | 255.255.255.0 | eth1 | 8.0.75.1 |
0.0.0.0 | 0.0.0.0 | eth1 | 8.0.1.1 |
Here’s how it works:
Note how the last entry in that table (all zeros for base and netmask) works so beautifully.
Individual hosts have routing tables too. For example, the host 123.5.6.100 might have this table:
Destination Network | Interface | Next Hop | |
---|---|---|---|
Base IP | Netmask | ||
127.0.0.0 | 255.0.0.0 | local | |
123.5.6.200 | 255.255.255.255 | local | |
123.5.6.0 | 255.255.255.0 | eth0 | Deliver Direct |
15.2.5.16 | 255.255.255.240 | eth0 | 123.5.6.1 |
0.0.0.0 | 0.0.0.0 | eth0 | 123.5.6.3 |
We can simplify the table, really, leaving the 127/8 loopback address and the host’s own IP out of the table and have that logic wired into the software (or firmware). If we do that, we don’t need an entry for the interface, because all remaining entries would implicitly have the same router.
Remember why we have a network part and a host part? It’s so we can identify which other hosts are on our local network, so we don’t have to send packets to a router. For example, if we’re the host 30.19.200.55/25, then what do we do with a packet 30.19.200.188? Is that host on our network or do we have to send the packet to a router?
To answer the question, we just have to figure out “do the initial 25 bits match?” How can we do this quickly? We can bitwise AND each address with 0xFFFFFF80 (the value with the first 25 bits of 1 and the rest 0) and see if we get the same result in both cases. Let’s see:
30 . 19 . 200 . 55 30 . 19 . 200 . 188 AND 255 . 255 . 255 . 128 AND 255 . 255 . 255 . 128 30 . 19 . 200 . 0 30 . 19 . 200 . 128
so no, they are not!
As an aside, note that network professionals can intuitively move between slashes and netmasks, as they’ve memorized the following:
CIDR | Netmask | Number of addresses |
---|---|---|
/0 | 0.0.0.0 | The whole Internet (meaningless) |
/1 | 128.0.0.0 | Half the Internet |
/2 | 192.0.0.0 | Quarter of the Internet |
/3 | 224.0.0.0 | 536870912 |
/4 | 240.0.0.0 | 268435456 |
/5 | 248.0.0.0 | 134217728 |
/6 | 252.0.0.0 | 67108864 |
/7 | 254.0.0.0 | 33554432 |
/8 | 255.0.0.0 | 16777216 |
/9 | 255.128.0.0 | 8388608 |
/10 | 255.192.0.0 | 4194304 |
/11 | 255.224.0.0 | 2097152 |
/12 | 255.240.0.0 | 1048576 |
/13 | 255.248.0.0 | 524288 |
/14 | 255.252.0.0 | 262144 |
/15 | 255.254.0.0 | 131072 |
/16 | 255.255.0.0 | 65536 |
/17 | 255.255.128.0 | 32768 |
/18 | 255.255.192.0 | 16384 |
/19 | 255.255.224.0 | 8192 |
/20 | 255.255.240.0 | 4096 |
/21 | 255.255.248.0 | 2048 |
/22 | 255.255.252.0 | 1024 |
/23 | 255.255.254.0 | 512 |
/24 | 255.255.255.0 | 256 |
/25 | 255.255.255.128 | 128 |
/26 | 255.255.255.192 | 64 |
/27 | 255.255.255.224 | 32 |
/28 | 255.255.255.240 | 16 |
/29 | 255.255.255.248 | 8 |
/30 | 255.255.255.252 | 4 (only two real hosts) |
/31 | 255.255.255.254 | 2 (useless, since one addr is for net and other for broadcast) |
/32 | 255.255.255.255 | 1 (used to identify a single host! Cool, right?) |
This is the Internet Control Message Protocol, used by routers to send informational messages and error messages. See Wikipedia for details.
This is the Border Gateway Protocol, used by routers to send reachability and other routing information to each other. See Wikipedia for details.
We’ve covered: