TCP/IP – Transmission Control Protocol / Internet Protocol
TCP/IP is an industry standard suite of protocols designed for local and wide area networks (LAN – WAN). It was developed by the United States Department of Defense Advanced Research Projects Agency (ARPA) in 1969 for a research sharing project called ARPANET. Their purpose in creating TCP/IP was to provide high-speed communication links. The Internet was built on the foundation of the original ARPANET project.The TCP/IP protocol suite can be mapped directly to the seven-layer Open Systems Interconnection (OSI) model.
| OSI Model | Internet Protocol Suite |
| Application | Application |
| Presentation | |
| Session | |
| Transport | Transport |
| Network | Internet |
| Data-Link | Network Interface |
| Physical |
- Network Interface – responsible for putting frames on and pulling frames off the network wire.
- Internet – responsible for addressing, packaging, and routing. Three protocols make up this layer:
- IP – responsible for addressing and routing packets between networks and hosts.
- ARP – responsible for obtaining hardware (NIC) addresses of hosts located on the same physical network.
- ICMP – responsible for messages and reporting errors regarding the delivery of packet(s).
- Transport – responsible for providing communications between two hosts. Two protocols make up this layer:
- TCP – provides connection-oriented, reliable communications for applications that transfer large amounts of data at one time or that requires an acknowledgement of data received.
- UDP – provides connectionless communications and does not guarantee a packet will be delivered. Applications that use UDP transfer small amounts of data at one time, and pass responsibility of the reliable delivery of packet(s) to the application.
- Application – responsible for allowing applications to gain access to the physical network.
When the destination host receives the packet, the corresponding layer(s) strips off the header(s) and treat the remainder of the packet as data for the protocol that is above it.
IP Addresses
Every device that communicates on a network, utilizing the TCP/IP protocol, is identified by a unique IP address. The IP address identifies a host’s location on the network, much like a street address identifies a house location. The IP address must be unique for the network that it is a member of. Just like a house address, the IP address must be unique and be created using a uniform format.
Each IP address defines the network ID and the host ID of the device. The network ID defines devices that are on the same physical network. All devices on the same physical network must have the same network ID, and this ID must be unique for the network that the device is a member of. The host ID defines the actual device on the physical network, and must be unique for the network ID the device is a member of.
Each IP address is 32 bits long and made up of four 8-bit fields, called octets. Each of the four octets is separated by a period (.). Each of the four octets represents a decimal number between 0 and 255. This format is called dotted decimal notation. The following is an example:
| Binary Format | Dotted Decimal Notation |
| 10000011 01101011 00000011 00011000 | 131.107.3.24 |
Each bit position of an octet has an assigned decimal value or number. If a bit is set to 0 (zero), the bit position value is 0 (zero). If a bit position is set to 1 (one), then the bit position is converted to the decimal value or number assigned to that position. All of the decimal values of the bit positions of an octet are added together to get it’s decimal value. The low-order bit of the octet represents a decimal value of 1 (one), while the high-order bit represents 128. The highest decimal value that an octet may represent is 255 – or all bit positions set to 1 (one). The following table illustrates the bit position values of an octet.
Decimal Bit Values
| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
| 1 | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
Given the example above, to find the decimal number associated with this octet, we would add all of the decimal values of the bit positions that have a binary value of 1 (one) together to come up with the octet’s decimal value. So we would add 1 + 2 + 128 together, which equals 131. So this octets value is a decimal dotted notation of 131.
IP Address Classes
There are 5 classes of IP addresses, A, B, C, D, and E. These addresses have a standard range of addresses that are assigned to them, with specific network IDs and host IDs associated as the next table illustrates.
| Address Class | IP Address | Network ID | Host ID | Address Range | Use |
| A | w.x.y.z | w | x.y.z | 1.x.y.z – 126.x.y.z | Very large networks |
| B | w.x.y.z | w.x | y.z | 128.0.y.z – 191.255.y.z | Large networks |
| C | w.x.y.z | w.x.y | z | 192.0.0.z – 223.255.255.z | Small networks |
| D | 224.x.y.z – 239.x.y.z | IP Multicasting | |||
| E | 240.x.y.z – 255.x.y.z | Experimental |
Notice that all addresses that start with 127 are omitted, as these addresses are associated with loop back addresses and local hosts. Do not use any address that starts with 127.
IP Subnet Mask
An IP address by itself is only one half of the required information for TCP/IP addressing to work. Every IP address class has a default subnet mask associated with it. The subnet mask is what differentiates the network ID and the host ID for a given TCP/IP address. In the table above, you can see that for a given class of address, there is a network ID and a host ID associated with it. The subnet mask is what breaks the address into these different pieces. The table below illustrates the default subnet mask for the three main TCP/IP address classes.
| Address Class | Default Subnet Mask |
| A | 255.0.0.0 |
| B | 255.255.0.0 |
| C | 255.255.255.0 |
Along with this, there are ways of supernetting, i.e., applying subnet masks that allow a specific class of addresses to be split up, providing more network addresses, and fewer host addresses, for network segmentation than does the default class subnet mask. The table below illustrates some common subnet masks for class C addresses.
| Additional bits | Subnet Mask | Binary Mask | # of Subnets | # of hosts per subnet |
| 0 | 255.255.255.0 | 11111111.11111111.11111111.00000000 | 1 | 254 |
| 1 | 255.255.255.128 | 11111111.11111111.11111111.10000000 | 2 | 126 |
| 2 | 255.255.255.192 | 11111111.11111111.11111111.11000000 | 4 | 62 |
| 3 | 255.255.255.224 | 11111111.11111111.11111111.11100000 | 8 | 30 |
| 4 | 255.255.255.240 | 11111111.11111111.11111111.11110000 | 16 | 14 |
| 5 | 255.255.255.248 | 11111111.11111111.11111111.11111000 | 32 | 6 |
| 6 | 255.255.255.252 | 11111111.11111111.11111111.11111100 | 64 | 2 |
Using the 255.255.255.128 subnet mask for a class C address, we can figure the actual network numbers and the usable host addresses. The lowest high-order bit has a value of 128 for the subnet mask. If you divide the maximum number of addresses (256) by the lowest high-order bit (128) we find that the number of networks that we end up with is 2 (256/128=2). This lowest high-order bit value also tells us the number of nodes per network (128), but we cannot use the first address in a segment as this is the physical network number, and we cannot use the last address in a segment as this is the broadcast address for the physical network number. So the actual number of usable host addresses is the lowest high-order bit (128) minus 2 (the network number and the broadcast address) or 128-2=126 usable host addresses per segment. If the IP addresses use a subnet mask of 255.255.255.128, then the network segments would have addresses xxx.xxx.xxx.0 – xxx.xxx.xxx.127 and xxx.xxx.xxx.128 – xxx.xxx.xxx.255. Since the first address of each segment is the network number, and we cannot use this, so the first usable number is the next IP address of each segment, i.e., xxx.xxx.xxx.1 for network 0 and xxx.xxx.xxx.129 for network 128. We also loose the highest IP number for use as the network broadcast address in each segment. So the last IP address that we can use is xxx.xxx.xxx.126 for network 0 and xxx.xxx.xxx.254 for network 128. This gives you 2 networks with 126 usable IP addresses for hosts or devices.
Default Gateway
If a host needs to access a resource on another host, the first step is to resolve the host name to an IP address. This can be done in numerous ways depending on the OS that you are using. Some ways are MS WINS, DNS, ARP, etc. Once the requesting host has the Name to IP resolution, it must then decide if the resource host is on the same physical network or not. This is accomplished by ANDING the requesting host’s subnet mask to its IP address. The result is the requesting host’s physical network ID where it resides. The requesting host then ANDs the resource host’s IP address with the requesting host’s subnet mask to see if the result is the same physical address ID. If the physical network ID is the same, then the requesting host sends it’s request directly to the resource host. If the physical network ID is not the same, then the requesting host will send its request to the physical network’s default gateway (router) for submission to the resource host. When the requesting host does an ANDING with the subnet mask and the IP address, the rules that are applied are: 0 AND 0 = 0, 0 AND 1 = 0, 1 AND 0 = 0, 1 AND 1 = 1. The following table illustrates ANDING an IP address to a subnet mask to get the physical network ID and the host ID.
| Description Binary | Decimal | Dotted Notation |
| Host IP Address | 11001000.11001000.11001000.11001000 | 200.200.200.200 |
| Host Subnet Mask | 11111111.11111111.11111111.10000000 | 255.255.255.128 |
| ANDING Result | 11001000.11001000.11001000.10000000 | 200.200.200.128 |
| Physical Network ID | 11001000.11001000.11001000.10000000 | 200.200.200.128 |
| Host ID | 00000000.00000000.00000000.01001000 | 72 |
Domain Names
An Internet host name, like an IP address, is divided into two distinct parts. One part identifies the domain in which the host is located and the other identifies the host, itself. The host identifier is a single word, while the domain name consists of at least two words. For example, in a common host name allotted to a web server, like www.mycorp.com, www identifies the host and mycorp.com the domain. Like IP addresses, Internet host names must be unique, and the responsibility for assigning and maintaining them is divided between the Internet authorities and the individual network administrators.
The multiple words of a domain name reflect the order formed by an Internet naming hierarchy. This is used to implement the DNS. A domain is a logical identifier for a collection of hosts, which may or may not be located on the same TCP/IP network. Organizations register their domain names with an Internet authority like InterNIC, just as they do their IP network addresses (but the two are completely separate). You need not register one in order to use the other.
Internet domains are hierarchical, and can be displayed in a tree diagram, much like a directory structure. At the top of the hierarchy is the root domain, which consists of a collection of root servers. Beneath the root are the top-level domains, which have been established by the Internet authorities to provide basic categories for organizations using the Internet. There are two basic principles used in the creation of the top-level domains: geographical and organizational.
Most of the world outside the U.S. uses geographical domains. Based on the X.500 directory service structure, these top-level domains use two letter codes to represent countries. The domain name uk is used for the United Kingdom, for example, and fr for France. The domain name for Germany is de, for Deutschland, because the names are abbreviations of the country's name, in its native language. There is also a us domain name, which is coming into more popular use because of the serious depletion of effective names in the com domain.
Com is an organizational name, and is the prevalent system used in the U.S. There are six organizational top-level domain names. Used by various bodies according to their primary function, they are as follows:
- com - used by commercial organizations
- mil - used by military organizations
- gov - used by government agencies
- edu - used by educational institutions
- net - used by network support organizations, such as ISPs
- org - used by non-profit organizations, and other uncategorizable bodies
- firm - used for businesses or firms
- store - used for businesses offering goods for purchase
- web - used for organizations emphasizing World Wide Web-related activities
- arts - used for organizations emphasizing cultural and entertainment activities
- rec - used for organizations emphasizing recreation/entertainment activities
- info - used for organizations providing information services
- nom - used for those wishing individual or personal nomenclature
Having registered a domain name, an organization can assign host names to individual systems, or they can choose to create subdomains. Like subnetting IP addresses, the responsibility of creating subdomains lies exclusively with the organization's network administrators. The owners of the mycorp.com domain can create subdomains for each of their branch offices, such as ny.mycorp.com and la.mycorp.com—or use any organizational principle they wish, without consulting InterNIC or registering the names.
Host names are always written in the reverse order of IP addresses. The least significant word, the host identifier, comes first and each name in the domain hierarchy follows. The hierarchy culminates in the name of the top-level domain. The host identifier is also assigned by the network administrator, and must be unique within the domain (or subdomain). Systems are often named for the services they provide, such as www for web servers and ftp for FTP servers. There is no official standard that controls host naming.
IP Address for networks NOT on the Internet
There are specific IP address that have been set aside for networks that do not need to be part of the Internet. These addresses are not routable on the Internet, thus making them perfect for use by private Intranet LANs and WANs. Even though a private closed network can choose to use any IP addressing scheme that the administrators desire, it is better to be safe and use these non-routable addresses. The addresses are specified in the table below.
| Address Class | IP Address Ranges |
| A | 10.0.0.0 – 10.255.255.255 |
| B | 172.16.0.0 – 172.31.255.255 |
| C | 192.168.0.0 – 192.168.255.255 |
Note that the first block is nothing but a single class A network number, while the second block is a set of 16 contiguous class B network numbers, and the third block is a set of 255 contiguous class C network numbers. The complete RFC 1597 can be found via FTP on nic.ddn.mil, in the RFC directory.
Herb McBrude, MCSE - tcpIP.doc - 6/1/1998
mcbride@primenet.com
Comments: