Hello, and welcome back to CS615 System Administration! This is week 5, segment 2, and after we looked at the details of the IP packet in the last video, I think it's time we quickly rehash some of the basics of IPv4. So in this video, we'll take a look at what exactly an IPv4 IP address looks like, and how we sort out where on the network it is placed. We'll discuss the concept of classful networking from the early days of the internet as well as the ubiquitous subnetting approach known as Classless Inter-Domain Routing or CIDR. --- Remember, in our last video we looked at this illustration of the network packet with respect to the IP protocol, and we noted that it contains two IPv4 addresses: the source address as well as the destination address. --- The destination address in our example was 155.246.56.11, the address of the Stevens CS web server, which in our IP header of course was represented as binary digits. Which gets us to our very first and rather basic observation: --- IPv4 addresses are 32-bit numbers. Meaning, we have exactly 2^32 possibilities for the entirety of the IPv4 IP space -- something that we'll get back to in our next video when we talk about IP exhaustion and IPv6. But so our IPv4 address is a 32-bit binary number. But a 32-bit binary number is somewhat unwieldy and hard to remembers, which is why --- we commonly divide these 32 bits into 4 octets. --- Each of these octets is then represented with their decimal value and separated by a dot, leading to the common dotted-decimal representation of the IP address, or 155.246.56.11 in our example here. --- Although of course we can represent the octets in hex as well, if we like. We've seen this being done in the tcpdump(8) hex output, where the destination address did indeed show up as exactly 9B F6 38 0B. But how does this 32 bit number, even if divided into four octets, help us understand where on the network the address might be or what other systems it might be able to talk to? To understand that, we need to note that --- each IP address is divided into a network and a host component. Here we observe that the first 16 bits represent the _network_ portion of the address and the last 16 bits the host portion. But what does this mean, "the network portion"? - Well, hosts on the same network can communicate with one another without the help of a router. We call this being within the same _broadcast domain_, and it's an example of the difference between layer 2 -- the network layer -- and layer 3, the transport layer. A packet addressed to a host on the same layer 2 network can be delivered by a network switch; if the host is on a different network, then you need a layer 3 capable device, such as a router. How do we know what the network portion of an IP address is? --- In the early days of the internet, all you had to do was look at the first three bits of the address, which could tell you exactly which _class_ of a network the address was on. So we had a total of three classes of networks, known as a "class A", a "class B", and a "class D" network. --- Except, of course, there were really 5 different classes you could identify by inspection of the first 4 bits. Specifically, --- if the 32 bit IP address started with a 0, then you know you had a Class A network, where the first 8 bits comprised the network portion of the address, meaning you had 24 bits remaining for the host portion, allowing you to address 2^24 -- or over 16 million -- hosts within the same broadcast domain. If the first two bits were 1 and 0, then you had a class B network, with 16 bits of network portion and 16 bits used for the host portion. If the first three bits were 1 1 and 0, then you had a class C network with 24 bits of network, 8 bits host portion. But then we also have the Class D and E networks, where Class D is reserved for multicast addresses, and Class E was early on reserved "just in case". Remember, IPv4 was intended to an experiment, and so we reserved a chunk of addresses for future use -- the class E network shown here. But ok, so if you had a class B IP address, that meant that you had 16 bits network portion and 16 bits host portion, meaning you were on the same broadcast domain - as about 64K other hosts. That's one big network! Chances are, you didn't _need_ such a large network and would have preferred to have a smaller network. --- So instead of just looking at the IP address and dividing the network and host portion based on the first few bits, we then introduced the concept of a _netmask_. That is, we added a second 32 bit number that was used to _mask_ certain bits in the original address. All the bits that were ones would represent the network portion, and all the bits that were zero would represent the host portion. Now the advantage of this was that even if you had such a class B network IP address as the one shown here, you can then --- divide that network further into a smaller network, a "subnet", by picking a different netmask. Here, we show a 24 bit netmask, leaving 8 bits for the host portion, effectively taking the class B network and creating a Class C subnet within this network. The 24 bits that are ones here are then denoted in the netmask in so-called "slash notation" - as "/24", although we can also represent this netmask in decimal notation - yielding 255.255.255.0 in this case. You've probably seen this netmask before, as it's a fairly common one, since it creates a reasonably sized network while at the same time making it easy for humans to quickly identify where this network begins and ends -- namely exactly at the quad-dotted boundary. But a netmask doesn't _have_ to align with the decimal dot boundaries. After all, it's really just a sequence of bits, so if we wanted to create a smaller subnet, --- we could, for example, use a /26 network -- 255.255.255.192 in decimal. Or, if we had a need for a larger network, we might --- use a 22 bit network. Fortunately for us, we don't need to perform this logic in our head -- after all, computers are much better than humans when it comes to manipulating numbers and especially binary numbers, so there are all sorts of convenient tools that can help you identify the right netmask. --- For example, we have the 'ipcalc' utility, which you can install from your favorite package manager. If we pass it our IP address and a netmask in slash notation, using /16 in this example, then we get back output like this. It shows us the 16 bits of the network portion in the netmask being set to all ones, but it also tells us that this was originally a class B network address, based on inspection of the first two bits. With 16 bits left for the host portion, we now know how many hosts we can have on this subnet: almost 64K. With 16 bits left, we should be able to get 2^16 hosts, or exactly 64K, but we are losing two entries, because the first and last addresses on the network cannot be assigned to a host: the first address is the network address itself, and the last address is the so-called broadcast address, where if a packet is sent to this address, it is broadcast to all hosts on the network. So if we adjust the netmask to a /24, then we get the adjusted information as shown here, with 24 bits of network portion and eight bits of host portion yielding 2^8 - 2 possible host addresses. A /26, then, looks like this: 26 bits for the network portion, 6 bits for the host portion. [pause] But ipcalc can do more for us: suppose you want to take a network and create subnets of different sizes. [continue] Let's say we want to carve up an existing /24 into one subnet able to contain 24 hosts, one for 64 hosts, and one for 48 hosts. What would be the right netmasks for that? Let's ask ipcalc. It shows us that for the first network we'd use a /27, able to hold 30 hosts. For the second subnet, we need a /25, and for the third subnet, we'll need a /26. ipcalc also shows us that we still have some network space left -- we could create another /27 with the remaining IP addresses. --- So what 'ipcalc' showed us was that the calculations of the CIDR notation all follow the same logic: - Let's assume you have an IP address A.B.C.D/N -- 155.246.56.11/27 , let's say. Then - we know that N represents the number of bits in the netmask that are all ones, describing the network portion - ie, 27 in this example. - The total IP address length is 32, so the remaining bits available for the host portion are 32 - N, or - 32 - 27 = 5 in our example. The total number of addresses available here is then - two to the power of that number - or 2^5 = 32 in this example. But we know we can't use all of them, as we - have to subtract two, namely - the first address of the network, the network address itself; and - the last address of the network, the broadcast address. Finally, the netmask being just another 32 bit number - can also be represented as a decimal quad-dotted address. --- Alright, time for another break. In this video, we - briefly mentioned the historical context of classful networking. This is not used any longer, but it's still useful to understand, as always. - We then talked a bit about the concept of dividing a network into smaller networks, ie subnets through the use of a netmask, and we identified the different logical steps in this process. Now all of this applies to IPv4 - but what - about IPv6? Well, we'll talk about that in our next video. You'll find out that things are quite different in the IPv6 world, but not _all_ different. It'll be interesting, though, so make sure to catch our next video. Thanks for watching - cheers!