Chapter 11In-Depth TCP/IP Networking

Network+ Guide to Networks, Fourth Edition

Objectives

• Understand methods of network design unique to TCP/IP networks, including subnetting, CIDR, NAT and ICS

• Explain the differences between public and private networks

• Describe protocols used between mail clients and mail servers, including SMTP, POP3, and IMAP4

• Employ multiple TCP/IP utilities for network discovery and troubleshooting

Designing TCP/IP-Based Networks

• Review of some TCP/IP fundamentals:– IP is a routable protocol

– On a network using TCP/IP, each interface associated with unique IP address

– Some nodes may use multiple IP addresses

– IP addresses consist of four 8-bit octets

– Many networks assign IP addresses and host names dynamically, using DHCP

– Every IP address can be associated with a network class

Subnetting

• Separates network into multiple, logically defined segments (subnets)

• Each subnet’s traffic separated from every other subnet’s traffic– Enhances security

• Subnetworks must be connected via routers or other Layer 3 devices

– Improves performance• Data is selectively retransmitted

– Simplifies troubleshooting

Classful Addressing

• Adheres to network class distinctions– Only Class A, B, and C addresses are recognized

– Network ID limited to first 8 bits in Class A, first 16 bits in Class B, and first 24 bits in Class C

• Fixed network ID size ultimately limits number of hosts a network can include

Classful Addressing (continued)

Figure 11-1: Example IP addresses with classful addressing

Subnet Masks

• Subnetting depends on subnet masks to identify how a network is subdivided– Indicates where network information is located in an IP

address

– “1” bits indicate corresponding bits in IP address contain network information

– “0” bits indicate corresponding bits in IP address contain host information

• To calculate host’s network ID given IP address and subnet mask, perform ANDing

Subnet Masks (continued)

Table 11-1: Default subnet masks

Subnet Masks (continued)

Figure 11-2: Example of calculating a host’s network ID

Table 11-2: ANDing

Reserved Addresses

• Certain types of IP addresses reserved for special functions– In network IDs, bits for host information set to 0

– In broadcast addresses, octet(s) representing host information set to all 1s (255 in decimal notation)

Subnetting Techniques

• Subnetting breaks rules of classful addressing– Some bits that in classful addressing would represent host

information changed to represent network information

– Reduce number of usable host addresses per subnet

Subnetting Techniques (continued)

Table 11-3: Class B subnet masks

Subnetting Techniques (continued)

Table 11-4: Class C subnet masks

Calculating Subnets

• Formula for determining how to modify a default subnet mask: 2n-2=Y– n = number of bits in subnet mask that must be switched

from 0 to 1

– Y = number of subnets that result

• Extended network prefix: Additional bits used for subnet information plus existing network ID

• Class A, B, and C networks can all be subnetted• External routers pay attention to only the network

portion of devices’ IP addresses

Calculating Subnets (continued)

Figure 11-3: A router connecting several subnets

Calculating Subnets (continued)

Figure 11-3 (continued): A router connecting several subnets

CIDR (Classless Interdomain Routing)

• Classless routing or supernetting• Provides additional ways of arranging network and

host information in an IP address• Supernet: Subnet created by moving subnet

boundary to the left– Generates more usable IP addresses

• CIDR notation (slash notation): network ID followed by forward slash (/), followed by number of bits used for extended network prefix– CIDR Block

CIDR (continued)

Figure 11-5: Calculating a host’s network ID on a supernetted network

Figure 11-4: Subnet mask and supernet mask

Internet Gateways

• Combination of software and hardware enabling two different network segments to exchange data

• Every device on a TCP/IP-based network has a default gateway– First interprets outbound requests to other subnets

– Interprets inbound requests from other subnets

– Each node on network has one default gateway

– May be network interface on a router• Must maintain routing tables as well

• Core gateways make up the Internet backbone

Internet Gateways (continued)

Figure 11-6: The use of default gateways

NAT (Network Address Translation)

• Default gateways can be used to “hide” IP numbers assigned within an organization– Clients behind gateway may use any IP addressing

scheme• Even non-legitimate schemes

– Must have legitimate IP address to exchange data with Internet

• NAT: when client’s transmission reaches default gateway, it assigns client’s transmission a valid IP address

NAT (continued)

Figure 11-7: NAT through an Internet gateway

ICS (Internet Connection Sharing)

• Computer with Internet access (ICS host) configured to translate requests to and from Internet on behalf of other computers on network– Acts as DHCP server, DNS resolver, and NAT gateway

for clients on its LAN

• Network adapter on ICS host assigned IP address of 192.168.0.1– Clients must be set up to obtain IP addresses

automatically

– ICS host assigns clients IP addresses in range of 192.168.0.2 through 192.168.0.255

Intranets and Extranets

• Intranet: network or part of network that uses browser-based services to exchange information within an enterprise– Used for supplying HTTP-accessible documents,

e-mail, file sharing, document management, and collaboration

– Defined by its security policies

• Extranet: network that uses Internet-like services and protocols to exchange information within an organization and with certain, authorized users outside of that organization

TCP/IP Mail Services

• E-mail is most frequently used Internet service that network administrators manage

• Mail servers communicate with other mail servers to deliver messages across Internet

• Hundreds of software packages for mail servers exist– Sendmail, Microsoft Exchange Server, Lotus Notes,

Novell Groupwise

• Mail clients send/retrieve messages to/from mail servers

• Servers and clients communicate through TCP/IP Application layer protocols

SMTP (Simple Mail Transfer Protocol)

• Protocol responsible for moving messages between mail servers over TCP/IP-based networks– Belongs to Application layer of TCP/IP Model

– Relies on TCP at Transport layer

– Operates from port 25

– Relies on higher-level programs for instructions

– Can only transport or hold mail

• When configuring clients to use Internet e-mail, must identify user’s SMTP server

MIME (Multipurpose Internet Mail Extensions)

• Standard SMTP message format allows for lines that contain 1000 ASCII characters max– Cannot handle pictures or formatted text

• MIME: standard for encoding and interpreting binary files, images, video, and non-ASCII character sets within e-mail messages– Identifies each element of a message according to content

type

– Works in conjunction with SMTP

POP (Post Office Protocol)

• Application layer protocol used to retrieve messages from mail servers

• POP3 is most current and commonly used version– Mail delivered and stored on mail server until user

connects (via e-mail client) to retrieve messages

– Mail deleted from server after retrieval • Minimizes use of server resources

• Best suited to users who retrieve mail from same workstation all the time

IMAP (Internet Message Access Protocol)

• Developed as sophisticated alternative to POP3– IMAP4 is most current version

– Users can store messages on mail server

• IMAP4 provides the following features:– Retrieve all or only a portion of any mail message

– Review messages and delete them while the messages remain on the server

– Create sophisticated methods of organizing messages on the server

– Share mailboxes in a central location

Additional TCP/IP Utilities

• TCP/IP comes with complete set of utilities that can help to track down most TCP/IP-related problems– e.g., Ping, Telnet, ARP

• Nearly all TCP/IP utilities can be accessed from command prompt on any type of server or client running TCP/IP– Syntax may differ depending on OS

– Options may differ according to OS

Netstat

• Displays TCP/IP statistics and details about TCP/IP components and connections on a host– Port on which a particular TCP/IP service is running

– Network connections currently established

– Number of packets handled by network interface since activation

– Number of data errors

Netstat (continued)

• Common Netstat switches:– -a lists all available TCP and UDP connections– -e displays details about all packets that have been sent– -n lists currently connected hosts according to their ports

and IP addresses (in numerical form)– -p allows you to specify what type of protocol statistics to

list– -r provides list of routing table information– -s provides statistics about each packet transmitted by a

host, separated according to protocol type

Nbtstat

• Given NetBIOS name, get IP address• Common nbtstat switches:

– -a displays a machine’s name table given its NetBIOS name

– -A displays a machine’s name table given its IP address

– -r lists statistics about names that have been resolved to IP addresses by broadcast and by WINS

– -s displays a list of all the current NetBIOS sessions for a machine

Nslookup

• Query DNS database from any network computer and find host name of a device by specifying its IP address, or vice versa– Provides host’s IP address, primary DNS server name,

and address holding record for this name

– Many options (switches)

Dig

• Domain information groper (dig): similar to nslookup– Provides more detailed information than nslookup

• e.g., specifics about resource records associated with host name

– Many switches

– Must be explicitly installed on Windows systems

Dig (continued)

Figure 11-11: Output of a simple dig command

Whois

• Query DNS registration database and obtain information about a domain– Who is domain registered to?

– Technical person responsible for domain?

– Hosting entity?

– DNS Server addresses?

• Must install software to use on Windows systems• Web-based alternatives exist

– e.g., www.arin.net

Traceroute (Tracert)

• Uses ICMP to trace path from one node to another– Identifies all intermediate hops– Useful for determining router or subnet connectivity

problems– Transmits series of UDP datagrams to specified

destination• Increases TTL as path is discovered

• Traceroute may stop before completing– Device problem on path– Device does not accept ICMP transmissions

• Often indicates firewall

Traceroute (continued)

• Common switches:– -d instructs traceroute not to resolve IP addresses to host

names

– -h specifies maximum number of hops packets should take when attempting to reach a host

• Default is 30

– -w identifies timeout period for responses

Ipconfig

• TCP/IP administration utility for use with Windows NT, 2000, XP, and Server 2003 OSs– Provides information about network adapter’s IP address,

subnet mask, and default gateway

• Commonly used switches:– /? displays list of available switches– /all displays complete TCP/IP configuration information

for each network interface on device– /release releases DHCP-assigned addresses for all

network interfaces– /renew renews DHCP-assigned addresses for all network

interfaces

Winipcfg

• Same as ipconfig utility, but applies to Windows 9x and Me OSs– Graphical interface

Ifconfig

• TCP/IP configuration and management utility used on UNIX-type of systems– Similar to ipconfig on Windows systems

• Commonly used switches:– -a applies command to all interfaces on a device

– down marks interface as unavailable to network

– up reinitializes interface after it has been taken “down”

• Complete list of switches found in man pages

VoIP (Voice over IP)

• Use of packet-switched networks and TCP/IP to transmit voice conversations– IP telephony

• Objectives for implementing VoIP:– Lower costs for voice calls

– Supply new or enhanced features and applications

– Centralize voice and data network management

VoIP (continued)

• VoIP callers can use:– Traditional telephone– IP telephones: telephones designed for TCP/IP

transmission– Softphones: computers equipped with microphone,

speaker, and VoIP client software

• IP telephones must have unique IP addresses• More difficult to transmit voice signals over a

packet-switched network than data signals• Internet telephony: VoIP carried via Internet

– May also be carried over private lines

VoIP (continued)

Figure 11-16: Accessing a VoIP network from traditional telephones

VoIP (continued)

Figure 11-17: Accessing a VoIP network from IP phones

Summary

• Subnetting separates one network or segment into multiple, logically defined segments, or subnets

• Bits in a subnet mask that equal 1 indicate that corresponding bits in an IP address contain network information

• Bits in a subnet mask that equal 0 indicate that corresponding bits in an IP address contain host information

• CIDR allows the creation of supernets, or subnets established by using bits that normally would be reserved for network class information

Summary (continued)

• Gateways facilitate communication between different subnets

• Every device on a TCP/IP-based network has a default gateway

• NAT allows a network administrator to “hide” IP addresses assigned to nodes on a private network

• ICS is a service that allows a network of computers to share a single Internet connection through an ICS host computer

Summary (continued)

• SMTP is responsible for moving messages from one e-mail server to another over TCP/IP-based networks

• POP is a mail retrieval protocol• IMAP4 allows users to store messages on the mail

server, rather than always having to download them to the local machine

• The netstat utility displays TCP/IP statistics and the state of current TCP/IP components and connections

Summary (continued)

• The nslookup utility allows you to look up the DNS host name of a network node by specifying the node’s IP address, or vice versa

• The traceroute utility useful for determining router or subnet connectivity problems

• VoIP is the use of packet-switched TCP/IP-based networks to carry voice signals