RHCSA: IP Addresses Classes and subnetting

News Certifications Recommended links Lecture notes for RHSCA certification for RHEL 7 Curriculum Reference Reviews Notes on RHCSA Certification for RHEL 7  
RH133 (old, RHEL6 based info) Red Hat Linux Essentials New Page 1 Sysadmin Horror Stories Understanding and using essential tools Access a shell prompt and issue commands with correct syntax Finding Help Managing files in RHEL Working with hard and soft links
Working with archives and compressed files Using the Midnight Commander as file manager Text files processing Using redirection and pipes Use grep and extended regular expressions to analyze text files Finding files and directories; mass operations on files Connecting to the server via ssh, using multiple consoles and screen command Introduction to Unix permissions model Managing users and groups
RHCSA: Managing local users and groups RHCSA: Introduction to Unix permissions model Introduction to Process Management Configuring network in RHEL7 Installation and configuration of KVM in RHEL7 Tips Unix History with some Emphasis on Scripting Humor Etc

Originally, IP addresses were assigned via /etc/hosts. 

Conceptually IP address which has the length of 4 bytes is split into two parts networking part and host part.  The place of split is determined by a special parameter called network mask  which specifies number of bits in networking part of the address. Network mask is provided in two forms

As you can see netmask notations  /24 and 255.255.255.0 are equivalent and both translate into bit mask

111111111.11111111.11111111.0000.0000

So the notation 10.10.10.10/24  means that network part (or as it is often called network number) of this IP address consists of 24 bits and correspondingly host part (or as it often is called host number) consists of 8 bit. 

If Server 1 with IP1 wants to communicate with server2 with IP2 two situations are possible

  1. Network part of the address IP1 and IP2 match. In this case communication will be done directly host to host  (local network communication)
  2. Network part of the IP1 does not match network part of IP2 the packet will be send to router IP of which is determined from a special table called routing table.  In other words if an IP address that belongs to a specific network wants to  communicate to computers on another network, the router is always used. The router is a machine (often dedicated hardware that has been created for that purpose) that connects networks to one another. After receiving the packet router determines the next hop, the  router or host to which the packet should be sent next

Class IDs

The Internet  contains around a billion computers with IPv4 addresses.  As you understand that creates a challenge of assigning them in such a way so that no two devices share the same public IP address. To this purpose  an organization called the Internet Assigned Numbers Authority (IANA) was formed to track and it assigns block of IP addresses to large organizations, countries. Initially handled by a single person (the famous Jon Postel) until 1998, the IANA has grown dramatically and now oversees a number of Regional Internet Registries (RIRs) that parcel out IP addresses to large ISPs and major corporations within a particular country. The RIR for North America is called the American Registry for Internet Numbers (ARIN). The vast majority of end users get their IP addresses from their respective ISPs. IANA passes out IP addresses in contiguous chunks called class licenses, which are outlined in the following table:

Under so called "classful network addressing", the 32-bit IPv4 address space was partitioned into 5 classes (A-E) and network mask  was determined automatically from the  first bits of the IP address.

Classes as shown in the following tables.

Class Leading bits Netmask Size of host part of IP address Number of networks Addresses per network Total addresses in class Start address End address Default subnet mask in dot-decimal notation CIDR notation
Class A 0 /8 24 128 (27) 16,777,216 (224) 2,147,483,648 (231) 0.0.0.0 127.0.0.0[a] 255.0.0.0 /8
Class B 10 /16 16 16,384 (214) 65,536 (216) 1,073,741,824 (230) 128.0.0.0 191.255.0.0 255.255.0.0 /16
Class C 110 /24 8 2,097,152 (221) 256 (28) 536,870,912 (229) 192.0.0.0 223.255.255.0 255.255.255.0 /24
Class D (multicast) 1110 not defined not defined not defined not defined 268,435,456 (228) 224.0.0.0 239.255.255.255 not defined not defined
Class E (reserved) 1111 not defined not defined not defined not defined 268,435,456 (228) 240.0.0.0 255.255.255.255 not defined not defined
Some lucky large organizations and pioneers of Internet such a DOD, AT&T, Apple, Ford, Prudential, US postal service, Comcast  got class A block of  addresses (List of assigned -8 IPv4 address blocks - Wikipedia)
 
Less lucky large organizations got class B address blocks.  Most smaller organization got Class C block of addresses (sometimes several of them)
The number of addresses usable for addressing specific hosts in each network is always 2N - 2, where N is the number of rest field bits, and the subtraction of 2 adjusts for the use of the all-bits-zero host portion for network address and the all-bits-one host portion as a broadcast address. Thus, for a Class C address with 8 bits available in the host field, the maximum number of hosts is 254.

Today, IP addresses are associated with a subnet mask. This was not required in a classful network because the mask was implied by the address itself

CIDR and the concept of subnets

CIDR (Classless Inter Domain Routing) is the term that is used for the ability to specify arbitrary boundary between network part of IP address and host part of the IP address using netmask. This concept is also known as subnetting: taking a single class of IP addresses and chopping it up into multiple smaller subsets. 

If is obvious that subnetting enables a much more efficient use of IP addresses compared to old class licenses. For example, it enables you to separate a networks into segments for security (separating for example address used for remote controls such as DRAC or ILO from addresses that are used by the server itself. That improved security as some attacks are directly on DRAC and ILO.

Separate subnets also can be used for bandwidth control (separating a heavily used LAN from one that’s not so heavily used).

Calculating the number of host on the network

Let’s look at the subnet mask /24 for  the IP  10.194.181.50  --  10.194.181.50/24:

11111111.111111.11111.11111111.0000000

Before going even one step further, you need to answer this question: On a /24 network, how many hosts can you have? Well, if you used dotted decimal notation you might say

192.168.4.1 to 192.168.4.254 = 254 hosts

But do this from the binary instead. In a /24 network, you have eight last zeroes in network mask so 8 bit area assigned to the host ID. So the formula 28 – 2 and we get the same number:

28 – 2 = 254

Similarly if you have a /16 subnet mask you have 16 bits assigned to the host part of the address which will get

216 – 2 = 65,534 total hosts.

Private non-routable network IP

Lots of folks use TCP/IP in networks that either aren’t connected to the Internet or want to hide their computers from the rest of Internet. Certain groups of IP addresses, known as private IP addresses, are available to help in these situations. All routers destroy private IP addresses. Those addresses can never be used on the Internet, making them a handy way to hide systems. Anyone can use these private IP addresses, but they’re useless for systems that need to access the Internet—unless you use NAT (see below)

There are three special classes of IP addresses that are designed for use in internal networks only.

All other IP addresses are public IP addresses. Typically corporations use 10.0.0.0/8 for their internal networks and 192.168.0.0/16 networks, 172.16.0.0/12 is often used for computational clusters.

NOTE: No device on Internet can have those IP addresses. In other word they are not routable:

Network Address translation (NAT)

When you communicate with Internet using for example I.e. web browser, the problem arises that you can sent packets to the target host but the host can't send you anything back as those addresses are not routable. to solve this problem corporation use special software on  internet facing router which accepts on one end internal address translated it into specific port and send request from this port to the Internet from its Internet facing address. Then it receives reply it consults special table called NAT address translation table and convert port into internal IP address and send packet from its internal interface to the corresponding host on the internal network.

This mechanism is called Network Address Translation (NAT) is often used. In NAT, the nodes use a private IP address, but when accessing the Internet, this private IP address is replaced with the IP address of the NAT router or Proxy. Hence, nodes on the Internet think that they are communicating with the public IP but in reality they are communicating with internal IP belonging to subnet 10.0.0.0/8 .

In other words, the NAT router uses tables to keep track of all connections that are currently existing for the hosts in the network. Based on this table, the NAT router helps make it possible for computers with a single internet facing address to connect multiple hosts on the home network. The use of NAT now is so common that is embedded in most routers that are used in home and small business networks to connect computers and other devices in those networks to the Internet.

So web host things that it is communicating with the specific IP address but in reality it communicated with hidden private IP address on the internal corporate

But corporations want to keep track of who is who accessing what  and also what the capability to block certain sites. So instead they typically use another. more specialized  device called Internet proxy which words similarly: it access non-routable IP on internal corporate network and perform WEB request from public IP on internet facing interface of this device (and of course write a log on your accesses for the analysis by the security group ;-)

In Internet proxy is used installation of software for various sites on  Internet became considerably more complex and involved as some of those sites can be blocked. One rule of thumb is that if you see and access site from your Pc you can always access it from the server using the credentials you use for you PC.  Still a lot of time and efforts is wasted for "fight with proxy" type of activities. 

Similarly home routers usually use 192.168.0.0/16 (256 Class C networks) to provide 252 addresses for you home network. In this case there is no web proxy and router itself performs address translation service as NAT device.

Conversion of dot notation of netmask into slash notation and vise versa

There are subnet calculators that do it for you. For example

When you line up an IP address with a corresponding subnet mask in binary, the portion of the IP address that aligns with the ones of the subnet mask is the network ID portion of the IP address. The portion that aligns with the zeroes is the host ID. With simple IP addresses, you can see this with dotted decimal, but you’ll want to see this in binary for a true understanding of how the computers work.

When talking about network addresses, you use a 4-byte number, as well, in which the node address is set to 0. So in the example of 192.168.10.100/24, the network address is 192.168.10.0. In IPv4 networks, there is also always a broadcast address. This is the address that can be used to address all nodes in the network. In the broadcast address, all node bits are set to 1, which makes for the decimal number 255 if an entire byte is referred to. So in the example of the address 192.168.10.100/24, the broadcast address is 192.168.10.255.