background, data, network-3228704.jpg

CEH Preparation series: Internet Protocol Introduction

Leave a Comment / By /

 Introduction

The goal of the Internet Protocol (IP) is to provide a common way of sending packets of data between computers on the Internet.

IP is the foundation of the Internet and is used to send data to and from computers on the network. IP is a connectionless protocol, which means that it does not require a connection to be established between the sender and the receiver before sending data.

IP packets are simply sent to the destination, where they are handled by the appropriate protocol. IP is a best-effort protocol, which means that it does not guarantee that packets will be delivered to the destination.

IP packets may be lost or corrupted, and there is no guarantee that they will be received in the order in which they were sent.

Since IP and its accompanying protocols form the foundation of the Internet, we won’t discuss any other protocols at the Network layer, such as the Internet Packet Exchange (IPX).

Headers have gotten little attention so far. Each layer adds a collection of data unique to the protocol that is processing the message to the message as it passes through.

The headers are a collection of information that is used to identify the content of a document. The headers for each protocol are unique.

A new PDU is created by enclosing the message in headers. The PDU is referred to as a packet in the Internet Protocol (IP).

Technically speaking, a message from the IP header down is a packet, even though you may hear this term used for any data set on the network.

Additionally, it’s a good idea to think about addressing. An address is something that most individuals who deal with networking are acquainted with, but it’s still important to know what it is.

The subnet mask is linked to the address. There are a few mathematical strategies that might make this easier to grasp after you’ve learned them.

The subnet mask may be shown in a few different ways, and you’ll see both of these methods often.

There are now two forms of IP in use: the IPv4 and IPv6 protocols. IPv4 is the most used version, and it is known as the Internet Protocol version 4.

Throughout the previous two decades, we’ve been working to migrate to version 6. Because every current device and operating system supports IPv6, even if it hasn’t occurred yet, you may expect to see an IPv6 address on almost every system you deal with.

In comparison to IPv4, the address space of IPv6 is much larger. IPv6 is regarded as a best-effort protocol. Packets are delivered as quickly as possible from the point of origin to their final destination.

It does not guarantee that they will arrive. It does, however, make transmission easier since it provides addressing for the message.

What are Internet Protocol (IP) Headers?

In order to keep track of protocols, the Internet Engineering Task Force (IETF) maintains all of the relevant documentation.

A Request for Comments (RFC) document is created when a person or group of people wishes to propose a new protocol or an amendment to an existing standard.

The IETF is in charge of both the RFCs’ upkeep and their approval by the Internet Engineering Task Force (IETF).

IMP host software, which connected a computer system to the ARPAnet through an IMP, was the subject of RFC 001, which was created in 1969.

Every IP packet includes a header that contains information about the packet. The header includes the source and destination IP addresses, the protocol used to send the packet, and other information.

The following are the header fields with their descriptions and sizes:

Version This field tells you what version of IP this packet is using. This field has four bits.

Header Length The number of characters in the IP header is represented by this field. The amount of bytes in the header may be calculated by multiplying the number of 32-bit words by four. The headers in this example are 20 bytes (five words), which is standard for an IP header.

Type of Service Although it’s referred to variously as the ToS field and the differentiated services field, this is what the RFC refers to as the type of service field.

Prioritizing certain messages and deprioritizing others lets network components make quality of service (QoS) choices. In this case, the field is 8-bit (1-byte).

Total Length Included in this is the IP header and any further data that follows. The layer 2 header, for example, is not included in this calculation. Allows a total message length of 65,535 octets, which is 2 bytes long (bytes).

Flags A flags field has three bits dedicated to it. First, the message is reserved, and then, if necessary, the message may be broken down. In certain circles, it’s known as the DF bit. The message should not be fragmented if this is set.

Additional pieces are indicated by the final bit. There are more pieces if it’s set. This is the last piece if the value is unset (indicating 0). Messages that are self-contained, meaning they don’t need to be fragmented, would have this part of the message apparent.

Fragment Offset The 13-bit fragment offset field identifies the location in the packet where the data is aligned. These instructions are sent to the receiving system so that it knows how to assemble all of the pieces. Double words, or eight octets, are used to represent the value in this field (bytes).

Time to Live When a message expires, the time to live (TTL) field determines how long it may remain on the network. Every network device that handles the message must decrement this field, which is designed to be measured in seconds.

The original meaning of this field is no longer applicable, and the TTL genuinely shows the number of network devices (routing devices, basically) the message may transit through.

The message is destroyed and an error message is given to the sender when the field reaches zero. Eight bits make up this field.

Protocol The following protocol is indicated by this number. In the transport header, an 8-bit field notifies the receiving system which headers to search for.

Checksum Whether or whether the header is intact is determined by this 16-bit value The 16-bit words in the header are multiplied by 1, and the result is the 1’s complement total.

Source Address The mail is sent from this IP address. It has a length of four octets.

Destination Address The message will arrive at this IP address. It similarly has a length of 4 octets.

What is the difference between Octets and Bytes?

When you hear the phrase “octet,” you may ask why we don’t just say “byte” when we’re talking about something that’s 8 bits long. Due to their open-ended nature, RFCs may be used by any system that implements them.

This was not always the case when these protocols were created. Some bytes had 10 bits, some had 12 bits, while yet others had 8 bits. To be clear, the term “byte” was never utilized.

An octet, on the other hand, was a value of 8 bits. There is no misunderstanding if the term “octet” is used.

Internet Protocol (IP) Addressing

IPv4 addresses have a length of four octets. A period is usually used to separate them (.). As a result, they’re also known as dotted quads.

The range of possible values is 0 to 255 since each value is 8 bits long. Only the first two octets of values are really utilized. Because of different reasons, certain addresses are being kept back from the general public.

Start by making sure that you don’t use any addresses in the range of 127.0.0.0 to 127.55.55.55. In other words, they’re IP addresses that point to a certain machine. There are a variety of loopback addresses, but the most common is 127.0.0.1.

For private networks, RFC 1918 provides a set of IP addresses. Internet users cannot reach them because of the fact that these addresses are not routable.

As a general rule, most networks will do something to prevent source addresses in these ranges from entering their own network.

Private IP address ranges include 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, and 192.168.0.0–192.168.255.255, and are intended for use by networks without public IP addresses.

Additional address ranges are also kept in reserve for future use. In the 224.0.0.0 to 239.255.255 range, multicast messages are sent to and from each other.

Additionally, everything beyond the designated range of 240.0.0.0 is likewise not in use at this time.

Due to IPv4’s address constraint, many organizations are transitioning to IPv6. IPv4 offers a whopping 4 billion possible addresses.

However, the whole list of addresses is included in this. Because of the 10.0.0.0 private address block, we’re able to shave off 16 million. As a result, we have to subtract more than 268 million from this total.

It’s easy to observe how rapidly the IPv4 address space has been depleted. In addition, you may have observed a near-exponential rise in the number of devices connected to the Internet.

In the meantime, private address ranges, particularly inside home networks, may be used as a workaround.

business, technology, city-5475661.jpg

IPv6 Addressing

IPv6 utilizes 16 bytes instead of the four octets that are utilized in IPv4. To avoid the awkwardness of writing IPv6 addresses in dotted octet form, IPv6 addresses are written differently.

There are two hexadecimal digits that may represent an octet in an IPv6 address, therefore you’ll see it that way. As a result, it saves both space and time.

The maximum length of an IPv6 address is 32 characters due to the use of 16 octets. However, the whole address is usually divided into byte pairs with a colon (:) between each one.

Additionally, you’ll see that the address is divided into byte pairs, like fe80, and that there is a colon pair with nothing between them.

Surely this isn’t an error? It’s a convenient way to say that the data in the center is entirely comprised of 0s. For example, the whole address would be fe80 001 002 003 006 daa2 62e3 05 3e06 It’s more convenient to remove the additional 0s.

IPv6 addresses come in three varieties. The term “unicast” simply means “to one system,” and this is the most basic kind. Groups of computers that share a single IP address are known as anycast addresses.

Only one of the hosts in the anycast group will receive a message submitted to the anycast address. Based on routing principles, this is often the most convenient location.

Using anycast addresses is much like using unicast addresses. There are some subtle differences in the structure of multicast vs. non-multicast addresses, which are depending on their nature as multicast addresses and the application they are being used by. A multicast address, such as 224.0.0.1, may be shown.

How to do Subnetting?

The notion of subnetting might be difficult to grasp, yet it is crucial. For example, you may need to know what subnets your target is in order to locate them.

Assuming you have the subnet boundaries right, you may begin testing against systems outside of your target’s network. To avoid difficulties, you should avoid doing this.

Contiguous IP addresses are used to combine IP addresses into networks. Regardless of whether we’re discussing IPv4 or IPv6, this is significant.

That way, routing tables won’t be burdened with keeping track of every single IP address. Instead, the total number of blocks is being kept tabs on.

When the IP address is split into two parts, a portion of each part is owned by each individual host and a portion by the network. A system’s ability to distinguish between local and non-local addresses is made easier by this division of the address.

A subnet mask is combined with an IP address to tell computers which networks are local and which are not.

The subnet mask is likewise a dotted quad and has a length of 32 bits. The bits in the subnet mask that are set to 1 are used to identify which component of an IP address belongs to the network.

Let’s look at a binary representation of a subnet mask to better comprehend this notion.

11111111.11111111.11111111.10000000

Every bit location with a 1 in it is considered to be part of the network. A closer inspection reveals that there are no spaces between the 1s on the left side.

For the sake of clarity, subnet masks may only have the following values: 0, 128/192/24/24/252/254/255. It’s a power of two, so we start with the most important portion on the left and work our way down.

The decimal equivalent of the binary value 10000000 is 128. It’s worth noting that 11000000 is divisible by two. In other words, we multiply by 2 for every time we reduce a bit by a factor of 1.

As we can see from the subnet mask above, the subnet mask (255.255.255.128) may be translated from binary to decimal. Only the final seven bits of octet 74 are utilized to represent host values.

Last but not least, 10000000 is the bit representation. The IP address must be applied to the subnet mask here in order to get the address range.

No matter what the IP address is, I may have two address blocks with a subnet mask of 255.255.255.128. There are just two options: 0–127 or 128–255.

As an alternative method of defining network blocks, CIDR notation may be used. This implies that the amount of prefix bits is all you receive instead of a subnet mask.

In the prefix you can see which pieces of the network are being utilized. In this case, the /25 subnet mask is used to denote the network where the IP address is located, therefore I’d write 168.19.24.56/25 instead. Use this notation if you think about it in terms of multiples of 2.

Assuming you have the CIDR notation, you can find out how many IP addresses are in one network block. It’s possible to begin with a known amount in order to make this judgment.

CIDR notations are often seen in the /24 range, which corresponds to the 255.255.255.0 subnet mask. Count the number of hosts by multiplying or dividing the number of prefixes by two.

The host component of a /24 network has 256 potential values (the last octet). A /25 signifies that you have 128 potential values (divide by 2 because you added a prefix bit, meaning you lost a host bit).

As a result of losing a prefix bit, the host section is now twice as large as if you had gone in the opposite way to /23. Instead of 256 potential host values, there are now 512.

A brief glance at the amount of bits in each octet will reveal how to get even lower prefix values. Assuming that you utilize the first 8 bits of the first octet to identify your network and the rest of the octets to identify your host values, you’ll have an 8-bit network designation and a CIDR designation of /8.

With two octets, you’re utilizing 16 bits, thus the result is /16.

However, there are two values that cannot be utilized for systems in subnets. The network uses the smallest feasible address in any network segment.

The broadcast address is always set to the highest address feasible on the network. In a /24 network, the network address is.0 and the broadcast address is.255. Both of these can’t be used as hosts, though.

The method is simplified even more using IPv6. There are no longer any subnet masks used on the Internet. For the sole purpose of distinguishing between the network and the host portions of a system, the CIDR identifier is utilized solely.

The regulations are the same. When building the network, we always start at the left and work our way right. The network identification appears in the first 50 bits of an address in a /50 network.

A total of 78 bits (remember that IPv6 addresses are 128-bits long) are left for the host to use. Of course, this would be a massive network.

Summary

IP is the foundation of the Internet and is used to send data to and from computers. There are two forms of IP in use: the IPv4 and IPv6 protocols. An address is something most individuals are familiar with, but it’s still important to know what it is.

The address space of IPv6 is much larger than that of  IP 4. Every IP packet includes a header that contains information about the packet.

Some organizations are transitioning to  IPv6, which offers a whopping 4 billion possible addresses. However, we have to subtract more than 268 million from this total. IPv6 addresses come in three varieties. Using anycast addresses is much like using unicast addresses.

 There are some subtle differences in multicast vs. non-multicast addresses, which are depending on their nature as well as the application they are being used by.

Knowing your IP address enables you to know which networks are local and which are not. A subnet mask is combined with an IP address to tell computers which networks belong to them. Using CIDR notation, you can work out how many IP addresses are in one network block.

Count the number of hosts by multiplying or dividing the prefixes by two. The /25 subnet mask is used to denote the network where the IP address is located.

There are no longer any subnet masks used on the Internet. Instead of 256 potential host values, there are now 512.

The CIDR identifier is utilized solely for the sole purpose of distinguishing between the network and the host portions of the system. A total of 78 bits (remember that  addresses are 128-bits long) are left for the host.

Review quesions

  • what size is an internet protocol (ip) v6 payload field?
    • Ans. The IPv6 payload field size is variable, and can be up to 128 octets.
  • what is the fundamental protocol that the internet uses today
    • Ans. TCP/IP
  • which dynamic routing protocol was developed to interconnect different internet service providers?
    • Ans. Open Shortest Path First (OSPF)
  • what is a subnet mask
    • Ans. A subnet mask is a number that is used with an IP address to identify the specific network that the address belongs to.
  • how to find subnet mask
    • Ans. There is no one-size-fits-all answer to this question, as the subnet mask will vary depending on the network configuration. However, a general way to find the subnet mask is to look at the IP address and find the first number that is not a 0 or a 255. This number is the network number, and the remaining numbers are the host number. The subnet mask will be the number that is the inverse of the network number, or 255.255.255.0.
  • a network with a cidr notation of /26 would have what subnet mask?
    • Ans. 255.255.255.192
  • which subnet mask would be used if 5 host bits are available?
    • Ans. 255.255.255.240
  • what is an octet?
    • Ans. An octet is a unit of measurement in computer networking for a quantity of eight bits.
  • what value is the maximum of an octet in internet protocol version 4 (ipv4)
    • Ans. 255

Related Posts

Leave a Comment

Shopping Cart