Search

All of Symantec All of Symantec Support Viruses & Risks Home & Home Office Small Business Enterprise Partners VERITAS

Question/Issue:
This page gives an overview of IP addressing and subnetting for use as a reference and general background. Many operating system sellers provide reference books, technical papers, and training documents, if you want further information.


Solution:
This page is about setting up and using TCP/IP networks.

Networks and IP addresses

What is a network?
A "network" is a way to connect two or more computers in order to share resources. There are many different types of networks that work on a variety of media and hardware.

TCP/IP
TCP/IP stands for Transmission Control Protocol / Internet Protocol. It covers different protocols that work together to give a robust network of computer communication

The function of a network
A network allows computers to share data and resources. These resources can range from simple file sharing to network printing, network storage, antivirus scanning, email, proxy services, and much more. A properly configured network should provide services to the computers within that network and other networks as allowed by your security policy.

IP addresses
An IP address is a unique number that identifies a computer on a TCP/IP network. An IP address also gives routing information. IP addresses are logically assigned.

The network adapter has a physical (MAC) address. The MAC address is a permanent part of that adapter. The MAC address is only useful on the same physical LAN segment.

The IP address is used to route packets between networks. When a message reaches the physical segment of the destination host, the IP address is matched to a physical address by the router.

An IP address usually uses dot decimal notation, with the decimal values separated by periods (for example, 10.1.2.3). Each dot-separated number is a decimal representation of one byte (8 binary digits, or bits) of the 32-bit address. IP addresses are made up of two parts: a network number, referring to the network that the computer is part of, and a unique host number, specific to the computer that uses that IP address.

Classes of addresses
IP addresses are broken into a series of classes. These classes are as follows:

• Class A: In a class A address, the first bit identifies the class of the address and is always 0. The next 7 bits of the address identify the network. The last 24 bits of the address specify the host.
• Class B: A class B address identifies the address class in the first 2 bits (10) of the address. The next 14 bits identify the network. The host is identified with the final 16 bits.
• Class C: Class C addresses use the first 3 bits (110) of the address to designate the class. The network is identified with the following 21 bits. The final 8 bits specify the host.

There are other classes and types of addresses. However, they are beyond the scope of this page.

Special IP addresses
Each network has two addresses that cannot be assigned to any computers in that network. These are the network address and broadcast address. For example, using a network of 10.0.0.0 (a reserved class A network), The network address is 10.0.0.0 and that address may not be assigned to any computer in the network. The last address of a network is called the broadcast address, and may also not be assigned to any computer. The broadcast address for the 10.0.0.0 network is 10.255.255.255.

IP addresses in your network
You may assign IP addresses within your network on a static or a dynamic basis. Whichever method you use, a computer needs an IP address before it can communicate with other computers on the network.

A "static address" means that each computer is configured to use a specific IP address at all times. "Dynamic" IP addresses can be assigned by methods like Dynamic Host Configuration Protocol (DHCP). Dynamic IP addresses are assigned to computers as they are needed.

When a computer needs an address, it broadcasts a message to the network. This message is received by a DHCP server. The DHCP server sends a response to the physical address of the network interface. This response includes information to configure that network interface. This information commonly includes the IP address that the interface should use, name server information and routing or gateway information. The computer then assigns the appropriate information to that network interface, and this computer becomes part of the network.

Address Resolution Protocol
Because IP addresses are a logical addressing mechanism, they must be translated to the unique physical address of a network interface to allow direct communication to a computer.

Address Resolution Protocol (ARP) is used to determine the physical address of another computer on the same physical segment of a network. When a computer needs to send a message to another computer on its network, it checks its ARP table. If there is no ARP entry for the computer to which it must send the message, it broadcasts a message to the network, asking "Who is <ip address>". The computer to which that address is assigned should respond with its physical address. The address is then entered into the ARP table of the broadcasting computer.


Subnets
What is a subnet?
A subnet is logical division of a larger network. Basically, a portion of a network that shares a network address with other portions of the network and is distinguishable by a subnet number.

In a subnetted network, the host portion of the IP address is further split into a subnet number and a host number by use of a subnet mask. This allows you to divide a network into smaller networks to enhance routing and logically group the computers and resources in your network.

What is a subnet mask?
A subnet mask is a number that, when coupled with the IP address, provides a clear distinction between the network number and the host number. The subnet mask is created so that the 0 bits (or "off" bits) in the mask show the host number and the 1 bits (or "on" bits) mask the network number. For example, a computer uses an IP address of 10.1.2.3. The network mask that the computer is configured to use is 255.255.255.0. This network mask, when viewed as a set of binary digits, is 11111111.11111111.11111111.00000000 and only the last octet of the address is seen as the host number. Therefore, the host number of the IP address 10.1.2.3 is 3.

Subnet masks and classful subnets
Address classes have different subnet masks that are naturally associated with them. Class A networks, because only the first octet signifies the network, are associated with an 8-bit network mask (255.0.0.0). Class B subnets, using the first 16 bits for their network address, use a natural subnet mask of 255.255.0.0. Class C subnets use only the last octet to describe the host number and, therefore, have a natural subnet mask of 255.255.255.0.

classful networks, meaning subnets that only use the natural mask, are impractical in most situations and are very often modified using a bit-mask. This means that, instead of a subnet mask based on the class of network, a subnet mask is created that further divides networks (subnetting) or merges networks (supernetting) to allow greater flexibility for the network administrator. This use of bit-masks to determine the destination network is known as Classless Inter-Domain Routing (CIDR).

When you are recording address and netmask combinations, writing the entire address and netmask in dot decimal notation may be cumbersome and frustrating. An easier method of describing an address/netmask combination is to simply specify the number of bits in the network mask at the end of the address. For example, 10.0.0.0/24 describes a network, 10.0.0.0, that uses a network mask with 24 "on" bits (255.255.255.0).


Routing
Subnets and routing
Computers on a network may communicate directly with any other computer that is on the same subnet. For computers beyond the local subnet, the traffic must be passed through a router of some sort. A router performs the necessary job of directing traffic to and from the appropriate networks based on information within its routing table. If there is no specific entry in the routing table, the router passes the message to its "route of last resort" or default gateway. The default gateway setting provides a default route when no existing route is more suitable.

If you have more than one subnet, or use your network to gain access to other networks, such as the Internet, many of the messages on your network pass through at least one router. When your router receives a message that is destined for another network, based on the information in its routing table or information provided to it by a routing protocol, the router is able to determine the next leg of the message's path to its destination. It sends the message to the next router along that path.

If a computer needs to send a message to another computer that is outside of its network, it refers to its local routing table to determine if there is a route to the destination network. If no route exists that is specific to the destination, the computer forwards the message to its default gateway.

The default gateway router then checks its routing table and sends the message along to the next designated router or, if the destination is one of the networks to which it is connected, directly to the destination host. If the router has no direct route for the message, it then forwards the message to the router that is designated as its default gateway, or route of last resort, and the process continues in this manner. Eventually, if no routes are found to send the message along, it reaches the maximum number of "hops," is discarded, and a message is sent back to the originator.

Reserved networks
RFC (Request For Comment) document 1918 (Address Allocation for Private Internets) describes the use of special networks that are reserved for private network use. These networks are often called "non-routable" networks because most Internet routers do not route traffic that is destined for these networks.

References:
For more information on TCP/IP, network addressing, routing and other network related information, the Internet Engineering Task Force (http://www.ietf.org) keeps an archive of RFC documents on their Web site. These documents contain a wealth of information and specifications for networking and protocols used on modern TCP/IP networks. In specific, RFC 1918 (Address Allocation for Private Internets), RFC 1983 (Internet Users' Glossary), RFCs 1517-1519, RFC 1122 (Requirements for Internet Hosts -- Communication Layers), and RFC 1180 (A TCP/IP Tutorial) may be of special interest.
There are many online tutorials on TCP/IP networking and subnetting such as those available at Learn TCP/IP™ .com, PC Support Advisor, and Cisco Systems, to name a few.

 

Document ID: 2004041210193254
Last Modified: 01/18/2007
Date Created: 04/12/2004
Operating System(s): Not applicable
Product(s): Symantec Enterprise Firewall 8.x
Release(s): Symantec Enterprise Firewall 8.0

Site Index · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements