The Fundamental Knowledge of System Design — (8) — Understanding IP Address & Ports

IP address — The address of the system in the network Port — The address of the service within the system IP address + port = the address of the particular service on the particular system

It is the eighth series of the fundamentals knowledge of system design. You can read my previous articles.

Protocol Suites

1. The IP protocol (IP) — It is the core protocol suite in the TCP/IP protocol suite. It defines the network layer packet format used to implement connectionless services, including addressing between hosts and routing data packets. The main difference between different network technologies is the data link layer and the physical layer, such as different local area network technologies and wide area network technologies. The internet protocol can unify different network technologies under the Internet protocol at the network layer of TCP/IP. The Internet protocol enables many interconnected computer networks to communicate with the unified IP packet transmission. There are other protocols.
2. Internet Control Message Protocol (ICMP) — It is a connectionless protocol, which is a sub-protocol of the TCP/IP protocol suite and is used to transmit control messages between IP hosts and routers. Control messages refer to the messages of the network itself, such as if the network is reachable if the host is reachable, and if the route is available. Hence. these control messages do not transmit user data, but it is important for the transmission of user data and network security.
3. Address Resolution Protocol (ARP) — It is used to realize the mapping from IP address to MAC address, that is, to query the MAC address corresponding to the target IP.
4. Reverse Address Resolution Protocol (RARP) — It allows physical machines on the LAN to request their IP addresses from the gateway server’s ARP table or cache. The network administrator creates a table in the gateway router of the LAN to map physical addresses (MACs) and their corresponding IP addresses.
5. Routing Information Protocol (RIP) — It is a relatively simple Interior Gateway Protocol. In the RIP network, the RIP requires each router in the network to maintain the routing information from each router to each destination network. It adopts the distance vector algorithm, which uses the hop count as a metric to measure the distance to the destination network. The distance is the number of links required to reach the destination site, ranging from 0 to 16, with a value of 16 indicating that the path is infinitely long. The number of hops from a router to its directly connected network is defined as 1, and the distance from a router to its non-directly connected network is defined as the distance per router (n+1).
6. Open Shortest Path First (OSPF) — It is a link-state routing protocol and an interior gateway protocol, which is used for routing decisions in a single autonomous system. Each OSPF router uses the shortest path first algorithm (SPF) to calculate different routes and construct a routing table. This protocol only concerns the status of links or interfaces in the network (up-down of Ip address, mask bandwidth, utilization, and delay). Each router exchanges its link-state information with other routers in the area. In this way, each router on the network will have the same understanding of the network structure. Then, the OSPF can not only calculate the shortest path between two network nodes but also calculate the communication cost.
7. Exterior Gateway Protocol (EGP) — It is designed to exchange routing and reachability information among exterior routers on the Internet.
8. User Datagram Protocol (UDP) — It is a connectionless transport layer protocol that provides a simple transaction-oriented unreliable communication service. It is a mechanism for sending the data sent by the application to the network as it is when it is received. It cannot perform flow control even when the network is congested. Packet loss occurs during transmission and there is no retransmission.
9. Transmission Control Protocol (TCP) — It is a connection-oriented, and reliable streaming and transmission service. Stream is uninterrupted data. When an application uses TCP to send a message, it is sent in sequence, but the receiver receives a data stream without interval. Also, TCP gains reliability by assigning a sequence number to each field it transmits.

In our daily life, the electronic devices that we use with Internet access have IP addresses. The IP address is divided into IPV4 and IPV6. Here, we can refer to the IPV4 address as an IP address.

IPv4

• It is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods on the Internet.
• However, the IPv4 address pool in the Internet Assigned Numbers Authority (IANA) was completely exhausted, which severely restricted the development of the Internet in 2011.
• When 2 hosts in the network want to communicate, they must know their respective IP addresses. The TCP/IP protocol uses IP addresses to identify different hosts in the network.

• It assigns a logical address to each network and each host on the Internet. The IP address consists of a 32-bit binary number. In order to facilitate memory, the IP address is divided into 32-bit hexadecimal numbers, each segment is 8 bits, and there are 4 segments in total, and then each segment of 8-bit binary numbers is converted into decimal numbers, and the middle dots are divided. The expression is called dot-decimal notation. In fact, it can provide 4,294,967,296 (2³²) unique addresses, but large blocks are reserved for special networking purposes.

IPv4 Datagram Format

Version — These 4 bits specify the IP protocol version of the datagram

Head length — These 4 bits determine where in the IP datagram the payload actually begins

Type of Service —8 bits are included in the IPv4 header to allow different types of IP datagrams to be distinguished from each other

Datagram Length — The total length of the IP datagram (header + data), measured in bytes

16-bit Identifier, Flags, 13-bit Fragmentation offset — When a large IP datagram is broken into several smaller IP datagrams which are then forwarded independently to the destination when they are reassembled before their payload data is passed up to the transport layer at the destination host or when IPv6 does not allow for fragmentation

Time-to-Live(TTL) — This field is to ensure that datagrams do not circulate forever

Upper-Layer Protocol — The value of this field indicates the specific transport layer protocol to which the data portion of this IP datagram should be passed, TCP=6, UDP=17.

Header Checksum — To aid the router in detecting Bit Errors in a received IP datagram

Source and Destination IP addresses — When a source creates a datagram, it inserts its IP address into the source IP address field and inserts the address of the ultimate destination into the destination IP address field.

Options — The options fields allow an IP header to be extended

Data — The data field of the IP datagram contains the transport-layer segment (TCP or UDP) to be delivered to the destination.

Overhead — An IP datagram has 20 bytes of the header if the datagram carries a TCP segment.

• Each IP address is internally divided into 2 parts, namely the network number and the host number.

• Network Number (Network Address) — It is used to identify a single network segment (that is, a network of networks) within a large-scale TCP/IP network.
• Host Number (Host Address) — It is used to identify TCP/IP nodes inside each network, such as workstations, servers, routers, or other TCP/IP devices.
• The network number and host number in the IP address are a total of 32 bits.
• Due to the difference in the network scale, there are 5 types of A, B, C, D, and E, and only B and C are more commonly used.
• Class A, B, and C addresses are called unicast addresses and can only be assigned to a unique host.
• Class E addresses are reserved for scientific research at the beginning of IP address design.

• Class A IP address — It consists of a 1-byte network address and a 3-byte host address. It is mainly designed for large networks. The highest bit of the network address must be “0”, and the address range is from 1.0.0.0 to 127.0.0.0. There is 127 class A networks available, each network can accommodate 16,777,214 hosts, where 127.0.0.1 is a special IP address representing the host itself, for testing on the local machine. 0 represents any address and 127 is the loopback test address, so the actual range of class A IP addresses is 1–126. The default subnet mask is 255.0.0.0.
• Class B IP address — It consists of a 2-byte network address and a 2-byte host address. The highest bit of the network address must be “10”, and the address range is from 128.0.0.0 to 191.255.255.255, where 128.0.0.0 and 191.255.0.0 are reserved IPs, so the actual range is 128.1.0.0–191.254.0.0. There are 16,382 networks, each network can accommodate 65,534 hosts.
• Class C IP address — It consists of a 3-byte network address and a 1-byte host address, and the highest bit of the network address must be “110”. The address range is from 192.0.0.0 to 233.255.255.255, where 192.0.0.0 and 223.255.255.0 are reserved IPs, so the actual range is 192.0.1.0–223.255.254.0. There are 2,097,152 networks, and each network can accommodate 254 hosts.
• Class D IP address — It is used for multicast. The first byte of class D IP address begins with “1110”, which is a specially reserved address. It does not point to a specific network, and this type of address is currently used in multicast which addresses a group of computers at a time by identifying a group of the computer that shares the same protocol between 224.0.0.0 to 239.255.255.255.
• Class E IP address — It is reserved for future use. The address range is from 240.0.0.0 to 255.255.255.254, where 255.255.255.255 for broadcast address.
• Public address — IP addresses are uniformly managed by the Network Information Center and assigned to organizations that apply for registration.
• Special IP Address:

1. Broadcast Address — All network interfaces within a subnet can receive this broadcast message. There are direct broadcasts and limited broadcasts. Direct broadcast is the network address with the target network and host address with all 1s in binary. Limited broadcast is an address whose network address and host address are all 1s in binary (ie. 255.255.255.255).
2. Multicast Address — It is used in video broadcasting systems. Its address range is from 224.0.0.0 to 239.255.255.255 (Class D IP address). 224.0.0.1 refers to all hosts, and 224.0.0.2 refers to all routers.
3. Loopback Address — The IP address whose network address is 127 becomes the loopback address, which is mainly used for local loopback testing and communication between local machine processes. The loopback address often used in practice is 127.0.0.1, which is also called localhost.
4. Private Address — It is an unregistered address and is used exclusively for the organization’s internal network.

Class A — 10.0.0.0 ~10.255.255.255

Class B — 172.16.0.0 ~ 172.31.255.255

Class C — 192.168.0.0 ~ 192.168.255.255

• The static IP address is a fixed address that is permanently assigned to a device by a network administrator
• The dynamic IP address is a temporary address that is automatically assigned to a device by a Dynamic Host Configuration Protocol (DHCP) server and changes frequently.
• In Microsoft computer, the “Obtain an IP address automatically” option can be selected in the network properties to set the device to obtain an IP address (network address, subnet masks, default gateways, and DNS servers) dynamically.
• Each time a device connects to the network, the dynamic IP address changes. When a user enters a URL on a web browser, DNS servers map domain names to IP addresses. For example, computers that access the Internet through Modem, ISDN, ADSL, and cable broadband are temporarily allocated once they access the Internet each time. The dynamic IP address will be drawn from the address pool and then assigned to the user and returned to the pool after a few days, or weeks.

Subnet

• Subnet Mask — A pattern of “all ones” bits to mask the network portion of an IP address
• For Class A IP addresses, the default subnet mask is 255.0.0.0;
• For Class B IP addresses, the default subnet mask is 255.255.0.0;
• For Class C IP addresses, the default subnet mask is 255.255.255.0
• Using the subnet mask, a large network can be divided into subnets, namely Variable Length Subnet Mask (VLSM), and a small network can be merged into a large network, that is a supernet.

• When designing an IP address, the hierarchical characteristics of IP address allocation are considered, and each IP address is divided into 2 parts, the first part represents the network, and the second part represents the host. For example, the IP address 172.16.254.1, which is a 32-bit address, assumes that its network part is the first 24 bits (172.16.254), then the host part is the last 8 bits (the last 1). Computers on the same subnet must have the same network part of their IP address, which means that 172.16.254.2 should be on the same subnet as 172.16.254.1.
• However, the problem is that we cannot judge the network part from the IP address alone. Let’s take 172.16.254.1 as an example. Whether its network part is the first 24 bits, the first 16 bits, or even the first 28 bits, you can’t tell from the IP address. So, how can we judge whether two computers belong to the same subnet from the IP address? This requires another parameter “subnet mask” (subnet mask). The so-called “subnet mask” is a parameter that indicates the characteristics of the subnet. It is equivalent to the IP address in the form and is also a 32-bit binary number. Its network part is all 1s and the host part is all 0s. For example, for the IP address 172.16.254.1, if it is known that the network part is the first 24 digits and the host part is the last 8 digits, then the subnet mask is 11111111.11111111.11111111. 00000000, which is 255.255.255.0 in decimal. Knowing the “subnet mask”, we can determine whether any two IP addresses are on the same subnet. The method is to perform an AND operation on the two IP addresses and the subnet mask respectively (both digits are 1, the result of the operation is 1, otherwise it is 0), and then compare whether the results are the same. If so, it means that they are in the same subnet. In the network, otherwise, it is not.
• For example, the subnet masks of the known IP addresses 172.16.254.1 and 172.16.254.233 are both 255.255.255.0, are they in the same subnet? Both and the subnet mask are AND operated separately, and the result is 172.16.254.0, so they are in the same subnet. To sum up, there are two main functions of the IP protocol. One is to assign a dynamic IP address to each computer, and the other is to determine which addresses are on the same subnet.
• Only through the subnet mask, the relationship between the subnet where a host is located and other subnets can be indicated, so that the network can work normally.

• Subnetting — the operation that divides a single network into multiple physical networks (subnets) and uses routers to connect them so that the limited IP address resources can be fully utilized.
• For the standard A, B, and C addresses, there is a 2-layer structure of network number of host number. In order to divide the subnet, its host number can be divided into 2 parts, one part is used for the compilation of the subnet number, and the remaining part is used for the compilation of the host number. In this way, a 3-layer structure is formed, that is, the network number, the subnet number, and the host number.
• The network Number — Specify the network where the host is located
• The subnet number — Specify the subnet which contains several hosts
• The host number — Specify a host within the subnet
• However, there is no difference in appearance between the IP address with or without subnet. So how do we distinguish the 2 addresses? The subnet mask is the same as the IP address. A subnet mask consists of 1s and 0s. The length of the subnet mask is also 32 bits. The left side is the network bit, which is represented by the binary number “1”, and the number of 1 is equal to the length of the network bit; the right side is the host bit, which is represented by the binary number “0”, and the number of 0 is equal to the host bit length. The purpose of using the binary number “0” for the host number is to cover the original host number with 0 when the mask and IP address do the bitwise AND operation without changing the original network segment number, and it is easy to determine the number of hosts in the subnet by the number of 0 bits.
• When the host number is all 1, it represents the broadcast address of the network, and when it is all 0, it represents the network number of the networks.
• Network prefix length — The number of bits of a network number and subnet number is taken to represent the subnet mask. For example, a class B network address 156.81.0.0 with a subnet mask of 255.255.0.0 is represented as 156.8.0.0/16.

Subnetting an IPv4 Network

• Default subnet mask for Class A, B, and C network

IPv6

• IPv4 uses a 32-bit address length, and there are only 4.3 billion addresses, which are estimated to be depleted soon.
• IPv6 addresses are expressed in hexadecimal, with a total of 128-bits, which are represented in 8 groups, each group has 16 bits, and each group represents 4 hexadecimal numbers. The groups are separated by colons (:).
• The example of IPv6 — 2001:0db8:85a3:0000:0000:8a2e:0370:7334
• IPv6 contains IPv4 addresses — The last 2 groups of IPv6 are represented by the decimal notation of IPv4 addresses that are customary.

IPv6 Datagram Format

1. Version — 4 bits, the value is 6 (binary value is 0110), indicating IPv6 packets
2. Traffic class — 8 bits, which is equivalent to the type of service (ToS) field in the IPv4 protocol.
3. Flow Label — 24 bits, it can be used to mark packets of a specific flow so that different packets can be distinguished at the network layer. Routers on the forwarding path can differentiate and process flows based on flow labels. Since the flow label is carried in the IPv6 packet header, the forwarding router does not need to identify different flows according to the content of the packet, and the destination node can also identify the flow according to the flow label.
4. Payload Length — 16 bits, the length of the payload in bytes, or the length of the subsequent part of the basic header of the IPv6 message.
5. Next Header — 8 bits, it is used to identify the type of the next header after the current header.
6. Hop Limit — 8 bits, similar to the Time-to-live (TTL) field in IPv4.
7. Source Address — 128 bits, the source address of the message
8. Destination Address — 128 bits, the destination address of the message

An IPv6 IP address is 128-bit that consists of a 64-bit network address and a 64-bit host address. The 64-bit network address is further divided into a 48-bit global network identifier and a 16-bit local subnet identifier.

For more information on IPv6 addressing, refer to the IP Version 6 Working Group (IPv6) or IPv6.

IPv6 addresses are 4 times larger than IPv4 addresses .

IPv6 address space is 1e28 times that of the IPv4 address space.

The features of IPv6

1. The expanded routing and addressing capabilities — IPv6 increases the IP address from 32 bits to 128 bits, which can support a larger address space so that the IP addresses will not be used up in the foreseeable future.
2. The simplification of the header format — Some redundant fields in the IPv4 header format are either discarded or listed as extension headers, thereby reducing the overhead of packet processing and header bandwidth. IPv6 fixes its basic header length up to 40 bytes, reducing processor overhead and saving network bandwidth.
3. Hierarchical address structure — The IPv6 divides the address space of IPv6 according to different address prefixes and adopts a hierarchical address structure to facilitate the fast-forwarding of data packets by backbone network routers. There are 3 different address types defined in IPv6. There are a unicast address, a multicast address, and an anycast address.
4. Greater support for optional options — IPv6 options are not placed in headers but are placed in individual extension headers.
5. Authentication and Encryption — IP Security Protocol (IPSec) is an optional extension protocol of IPv4 and an essential part of IPv6. Its main function is to provide security services such as encryption and authentication to data packets at the network layer. IPSec provides authentication and encryption mechanisms. The authentication mechanism is to enable the data receiver of IP communication to confirm the true identity of the data sender and whether the data has been altered during transmission. The encryption mechanism is to encrypt the data to ensure the confidentiality of the data to prevent the data from being intercepted by others during transmission.
6. Support stateless automatic address configuration — It simplifies the address configuration process. The address configuration can be completed without the need for a DNS server, and the broadcast address prefix can be routed. Each host generates an aggregated global unicast address according to its own MAC address and the received address prefix. It is also convenient for hosts in a certain area to change IP address prefixes at the same time.

Port

• Ports include physical ports and logical ports.
• A physical port is an interface used to connect physical devices
• A logical port is a port that is logically used to differentiate services. Ports in the TCP/IP protocol are logical ports, and different services are distinguished by different logical ports. A host with an IP address can provide many services such as Web services, FTP services, SMTP services, etc.
• In actual communication, the port number is used to allocate according to certain regulations. The allocation standards of ports mainly include common ports and dynamic ports.
• Multiple applications can run on the same host at the same time. At this time, the port number is used for identification. The port number represents the program address. The transport layer protocol uses these port numbers to identify the application program that is communicating in the machine and transmit the data accurately.
• When communicating on the Internet, it is a must to know the other IP addresses. In fact, the IP address is already attached to the data packet. After sending the data packet to the router, the router will find the location of the other router according to the IP address to complete data transmission. The MAC address has an independent IP and the IP address can only be located in the local area network, but cannot be located on a specific computer.
• The port number has an IP address and a MAC address. A computer can provide multiple network services at the same so that the computer can receive data packets accordingly.
• The computer will assign a unique port number to each network program.
• Common ports— These ports have port numbers ranging from 0 to 1023, and they are tightly bound to some specific service. Usually, the communication of these ports clearly indicates the protocol of certain services.
• Registered ports — These ports have port numbers ranging from 1025 to 49151. Assigned to a user process or application. These processes are mainly some applications that the user chooses to install, rather than common programs that are assigned common ports.
• Dynamic/Private ports —These ports have port numbers ranging from 49152 to 65535. They are generally not assigned a service fixedly but are assigned dynamically.
• 49152 to 65535 are dynamically allocated ports for some processes that need to allocate ports, which are dynamically taken from here.

References

If you’ve found any of my articles helpful or useful then please consider throwing a coffee my way to help support my work or give me patronage😊, by using

Patreon

Ko-fi.com

buymeacoffee

Last but not least, if you are not a Medium Member yet and plan to become one, I kindly ask you to do so using the following link. I will receive a portion of your membership fee at no additional cost to you.

It is my first affiliate program, if you like to further enhance your system knowledge, you can click the links and buy the course. Honestly speaking, I will receive 20% of your course fees at no additional cost to you. You will have unlimited access to our courses. There is no time expiry and you will have access to all future updates free of cost.