266
`
`Chapter Six
`
`Class B
`0
`
`Network number
`
`Host number
`
`31
`
`Subnet mask 255.25
`
`130-1-192-0
`Host number
`
`130‘ 1
`
`130.1
`
`OD
`
`.
`
`Network number
`
`Subnet number
`
`Host number
`
`1000001 0
`
`00000001
`
`Class A
`
`0
`
`XXXXXXXX \\
`00000000
`This may slide from 1 to 14 bits;
`
`8-bit subnet is shown above
`
`31
`
`Network number
`
`Host number
`
`Host number
`
`Host number
`
`17
`
`17
`
`0
`
`xxx
`
`0
`
`0
`
`0
`
`.0
`
`Network number Subnet number
`
`Host number
`
`Assigned address
`130.1 .0.0
`
`
`
`
`130.1 .96.l
`
`00010001
`
`Class C
`
`xxxxxxxx \~.‘
`
`00000000
`
`ms may sfitfe from T to 22 bits;
`8-bit subnet is shown above
`
`00000000
`
`)j
`
`Figure 6.6
`
`(c) Subnettjr
`
`bers, We could possi _0
`
`Network number Network number Network number
`
`Host number
`
`0
`
`Network number Network number Network number
`
`Subnet number
`Host number
`
`1 1000011
`
`00000001
`
`xxxxxxoo
`00000001
`Subnet number 1 to 6 bits
`
`(b)
`
`Figure 6.6
`
`.
`(b) Subnettrng a network number.
`
`This takes in all
`and all ls. In the pr
`
`a little more realist
`have to use many 1
`Work number and l:
`network. Without s"
`up to 65535 hosts as
`made 30 Subnetwm
`any of the subnet 01
`HOW did We get 3
`gives us 32 possible
`be used (subtract 2
`could have used all 1
`(all 0s and all 1s no
`
`
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:22)(cid:25)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`Transmission Control Protooolllnternet Protocol
`
`26?
`
`Subnet mask 255.255.2550 on a Class B address
`
`Assigned addres
`130.1 .0.0
`
`
`
`130.1.192.0
`
`130.1.‘[28.0
`
` 130.1 .96.0 130.1 .64.0
`
`
`
`130.1 .32.0
`
`
`
`(C)
`
`Figure 6.6
`
`(c) Subuetting on an internetwork.
`
`This takes in all possible combinations with the exclusion of all Us
`and all 15. In the previous example with each of those subnetwork num-
`bers, we could possibly have 2046 hosts per subnetwork number. This is
`a little more realistic than not subnetting. With subnetting, We did not
`have to use many unique class B addresses. We used one class B net—
`Work number and have 30 subnets available to us from the one class B
`network. Without subnetting, We would have one network number and
`up to 65535 hosts assigned to it. Now, We used one network number and
`made 30 subnetworks from it. All zeros or all ones are not allowed in
`any of the subnet or host fields.
`How did we get 30 possibilities? Using five bits for the subnet mask
`gives us 32 possible combinations (0 to 31). Since all ls or all Os cannot
`be used (subtract 2), that gives us 30 possibilities. The subnet mask
`could have used all eight bits, which would give us 254 subnet numbers
`(all 0s and all ls not used).
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:22)(cid:26)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`263
`
`Chapter Six
`
`How does a router or workstation know when a subnet is being used.
`It employs the use of a subnet mask. What does a subnet mask look
`like? It is always written in decimal and shows the number that will be
`use to mask the bits. For example,
`let’s use the IP address
`130.40.132.3. Using the first five bits of the first host field (the third
`octet) yields 248 (convert the first five bits to binary 11111000). This
`means the subnet mask for that IP address will be 255.255.2430 in
`
`decimal. This is the mask that we have assigned to the network
`address of 130.40.132.3. 255 will always be the case for the network
`number portion of the address. The 248 is used to tell the network sta-
`tion to use the first five bits of the network address, not for a host ID,
`but for a subnet. It tells a network station which bits to use for a sub-
`
`net mask. The remaining eleven hits (the remaining three bits of the
`third octet and eight bits of the fourth octet) should be used for the host
`ID. This allows for 30 subnets with 2046 (actually 2048, but all 0s and
`all ls are not allowed assignable host IDs) hosts on each subnet.
`Therefore, the IP address of 130.40.132.3, with a subnet mask of
`255.255.2480, yields the network number of 130.40, subnet number
`128, and host ID of 1027. (Hint: convert the address to binary, apply
`the mask in binary, and then convert it back to decimal as shown in
`Fig. 6.6a.
`An operation is performed on an IP address. It is called a bitwise
`AND operation. The IP address is AND’ed with the subnet mask to
`allow the network station to determine the subnet mask.
`
`Again, Figure 6.6:: shows the mask operation. At the bottom of the
`figure is the IP address in binary. This address is logically AND’ed with
`the mask. The bits that drop out of this operation will indicate to any
`TCP/IP station the network address. It masks out the host address and
`leaves the network address.
`
`One last rule: when a network is subnetted, the whole network (all
`stations assigned to that network number) must be subnetted exactly
`the same. This is for networks using the IP RIP routing update proto-
`col. When the network number changes (not the subnetwork number),
`the subnet mask may change. You cannot assign one network number
`with different subnet masks. The exception to this rule is the routing
`algorithm of OSPF, which is beyond the scope of this book.
`For example, if using the RIP routing protocol (explained later), the
`subnet mask must remain the same throughout a single class B assign-
`ment. For example, if the network assignment is 130.1.0.0 and the sub-
`net mask assigned is 255.255.2550, this subnet mask must remain the
`same throughout
`the 130.1.0.0 network. If the network address
`changes—for example,
`to 131.l.0.0—the subnet mask may also
`change. If the network is using the OSPF routing protocol, the subnet
`mask may change within one network address.
`
`As stated before.
`into the fourth octet
`could be 255255.25
`
`this would allow for
`
`Figure 6.6.2 shov
`Internet. It is assi
`mask. The Internet
`the subnets involve
`to remain smaller.
`
`Do you need mc
`hosts? Unless the 1‘.
`
`choosing a subnet 1
`the mask. If the sit
`
`only one subnet ma
`protocol that suppc
`number, expansion
`other alternative is
`
`and, unless the net‘
`If the network st
`
`for that station cha
`
`change when the 1
`employs a differeni
`on the same logical
`example, if a netwc
`but the network pc
`change, the whole
`tion was moved to :
`IP address of the 11‘
`
`New with TCP/I
`number to the sa:
`
`employ more than
`plant. A router will
`to converse on the
`the amount of net
`
`cable plant varies.
`In doing this, mul
`same cable plant. C
`work number. This :
`than 254 network :
`
`multiple stations on
`addresses. A router
`are located on the s;
`An unfortunate c
`visible when an IP
`
`
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:22)(cid:27)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`
`
`26?
`
`Transmission Control Protocclllnternet Protocol
`
`Subnet mask 255.255.2551) on a Class B address
`
`Assigned address
`
`‘I30.1'.0.0
`
`Figure 6.6
`
`{c) Subnetting on an intemetwork.
`
`
`
`
`
`This takes in all possible combinations with the exclusion of all Us
`and all ls. In the previous example with each. ofthose subnetwork num-
`bers, we could possibly have 2046 hosts per subnetwork number. This is
`a little more realistic than not subnetting. With subnetting, we did not
`have to use many unique class B addresses. We used one class B net-
`work number and have 30 subnets available to us fi'on1 the one class B
`network. Without subnetting, We would have one network number and
`up to 65535 hosts assigned to it. Now, we used one network number and
`made 30 subnetworks from it. All zeros or all ones are not allowed in
`any of the subnet or host fields.
`How did we get 30 possibilities? Using five bits for the subnet mask
`gives us 32 possible combinations (0 to 31). Since all ls or all Os cannot
`be used (subtract 2), that gives us 30 possibilities. The subnet mask
`could have used all eight bits, which would give us 254 subnet numbers
`{all 0s and all ls not used).
`
`
`
`
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:22)(cid:28)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`
`
`

`
`
`
` ACTIVISION, EA, TAKE-TWO, 2K, ROCKSTAR, Ex. 1004, p. 640 of 787
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:19)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`Note:
`
`Class A addres:
`fourth router fi.
`
`Class B address
`field) field for s1.‘
`
`Class C is trick:
`ting this is allovi
`field. You need t
`
`Address resolution
`
`identify those stat
`Token Ring, etc.). l
`works at the netw
`
`not a physical or
`layer addressing, 1
`Networks (LANS)
`This is known as
`
`addresses identify
`scheme used at the
`
`Token Ring, etc.), t
`if they know each c
`An RFC resolved
`not affect the alrea
`Address Resolution
`station—address res
`
`follows: If you are t
`her as the one you
`use ARP to find the
`
`ing a remote statir
`than yours—is exp]
`Refer to Fig. 6.8.
`network, the sourc
`address. Station 12
`
`net addressing is 1.
`class B address is J
`
`is 1.1; hence the ad
`With ARP, it is a:
`tion is already kno
`vice or file on a r
`
`names, explained 1'
`itself. To reduce ove
`
`
`Physical- and MAC-l
`
`270
`
`Chapter Six
`
`(two routers using a leased phone line to connect). The serial link
`between two routers has its own network number assigned to it even
`though the only attachments will be the two routers that are linked
`together. A serial link will consume a network number and associated
`host IDS. Therefore, a unique network number will be assigned and,
`instead of being able to use all available hosts IDs, it will be possible to
`use only two hosts IDs (there will be only two addressable points on
`that network). Figure 6.7 depicts this situation.
`The rest of the host IDs will be lost for that network number and Will
`
`now be assigned and used for that serial link and will not be able to be
`assigned to any other links. If you have a large site that will encompass
`many serial links and you do not have the ability to assign a large
`number of network numbers, use subnet addressing and the routing
`protocol of OSPF. OSPF supports variable length subnet masks, which
`will collapse that serial link into two hosts within a network number
`and, therefore, no host numbers are wasted on serial links. Variable
`length subnet masks are beyond the scope of this book, but they allow
`a single network number to use multiple masks (unlike RIP). This
`allows more bits to be assigned back to the network, allowing a more
`efficient use of the address.
`
` 130.1 .0.0
`
`
`A unique network number
`has to be used on this single
`interface with two host
`assignments. the two ends
`of the serial link.
`
`131.2110
`
`
`
`
`131.3.0.0
`
`Figure 5.7 Serial line IP address assignment.
`
`
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:20)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`Transmission Control Protocolllnternet Protocol
`
`271
`
`Note:
`
`Class A addresses can use the second, third, or fourth (not the whole
`fourth router field) field for subnets.
`
`Class B addresses can use the third or fourth (not the whole fourth
`field) field for subnets.
`
`Class. C is tricky. The only field left is the single host field. Subnet—
`ting this is allowed, but you must use up to 6 of the bits in the fourth
`field. You need to have a couple of hosts somewhere!
`
`Address resolution protocoi (ARP). The IP address does not physically
`identify those stations on a hjgh—speed local area network (Ethernet,
`Token Ring, etc.). IP addresses are meant to identify IP hosts and net-
`works at the network layer of the OSI model. It is an IP address and
`not a physical or MAC address. (For more information on physical-
`layer addressing, please refer to Chap. 2). The designers of Local Area
`Networks (LANS) allotted 48 bits to identify a network attachment.
`This is known as their physical address or MAC czdcZress.* Physical
`addresses identify stations at their data-link level. IP is an addressing
`scheme used at the network level- On a local area network (Ethernet,
`Token Ring, etc.), two communicating stations can set up a session only
`if they know each other’s physical address.
`An RFC resolved this problem. The resolution was simple and it did
`not affect the already established IP addressing scheme. It is known as
`Address Resolution Protocol or ARR This is an IP-address-to—physical-
`station—address resolution (actual name is binding) and is explained as
`follows: Ifyou are trying to connect to a host on the same network num-
`ber as the one you are currently residing on, the TCP/IP protocol will
`use ARP to find the physical address of the destination station. (Find-
`ing a remote station—one with a different network number address
`than yours—-—is explained in a moment.)
`Refer to Fig. 6.8. In order to attach to another station on a TCP/IP
`network, the source station must know the designation station’s IP
`address. Station 129.l.1.1 wants a connection with 129.1.1.4 (no sub-
`net addressing is used here). Therefore, the network address of this
`class B address is l29.1.0.0 and the personal computer’s host address
`is 1.1; hence the address 129.1.1.1.
`With ARP, it is assumed that the IP address of the destination sta-
`tion is already known either through a name service (a central ser-
`vice or file on a network station that maps IP addresses to host
`names, explained in more detail later) or by using the IP address
`itself. Tb reduce overhead on the network, most TCP network stations
`
`5-‘ Physical- and MAC-layer addresses are synonymous throughout this book.
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:21)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`272
`
`Chapter Six
`
`129.1.1.'1
`
`129.‘|.1.2
`
`No response
`
`129.1.1.5
`
`129.1.1.4
`
`Response
`
`Legend
`
`—j——|'* ARP response
`
`------ ---F ARP request
`
`Figure 5.8 ARP request and response.
`
`will maintain a LAN physical-address—to—IP-address table on their
`host machine. The ARP table is nothing more than a section of RAM
`memory that will contain data-link physical (or MAC addresses) to IP
`address mappings that it has learned from the network. Although
`vendor independent, the first entry in the table should contain the
`physical address and the IP address of the station on which ARP is
`currently residing. The second entry in this table may contain the
`broadcast mapping for the physical address.
`Once the IP address is known for the destination station, IP on the
`source station will first look into its ARP table to find the physical
`address for that destination IP address. If a mapping was found, no
`ARP request packet will be transmitted onto the network. IP can bind
`(place the physical addresses on the data-link headers of the packet)
`the IP address with the physical address and send the IP datagrarn to
`the data link for transmission to the network. (See Table 6.1.)
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:22)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`TABLE 5.1 AFIP Table
`
`
`
`Physical address
`02-60-80-01-02-03
`FF~FF-FF-FF-FF-FF
`FF—FF-FF—FF-FF-FF
`00-00-A2-O5-09-89
`08-00-20-67-92-89
`O8-00-02-90-90-90
`
`
`If the address is
`build an ARP rec
`broadcast mode
`
`packet is shown in
`mode, all stations 1
`only the host with '
`will reply to the rec
`physically address:
`When the host w
`
`will respond with .
`broadcast but with
`inside the ARP rep
`
`Bit 0
`
`
`
`Hardware an
`
`Protocol ad:
`
`Length of header
`
`Hardware addr
`
`Protocol addre
`
`Ethernet frame
`
`Destination
`address
`
`Source
`address
`
`
`
`Figure 6.9
`
`(CI) ARP pack:
`
`
`
`

`
`Transmission Control Protoculilnternet Protocol
`
`273
`
`TABLE 6.1 AHF’ Table for Station 129.1 .1 .1—
`
`Physical address
`
`IP address
`
`129.1.l.1
`02-60-8C—01-O2-03
`148.9.2:55.255
`FF-FF-FF—FF-FF-FF
`255. 255 255.255
`FF-FF—FF-FF-FF-FF
`129.1.1.4
`00-00-A2-05-09-89
`129.1.l.2
`08-00-20-67-92-89
`
`08-00-02-90-90-90 129.1.1.5—
`
`If the address is not located in the ARP table, the AR}? protocol will
`build an ARP request packet and send it physically addressed in
`broadcast mode (destination address FF—FF—FF—FF—FF-FF). This
`packet is shown in Fig. 6.95;, Since the packet is sent out in broadcast
`mode, all stations on the physical network will receive the packet, but
`only the host with that IP address will reply. In Fig. 6.8, host 129.l.1.4
`will reply to the request packet with an ARP response packet. It will be
`physically addressed to station 129.1.1.1.
`Written the host whose IP address is in the request packet responds, it
`will respond with an ARP reply packet not addressed to destination
`broadcast but with the source address set to its address (physically and
`inside the ARP reply packet), and the destination address is the origi-
`
`
`
` Bit 0 Bit 16
`
`
`
`
`
`E13-iE.3ll.H‘RT’z:s'-Fi}"°:9-WEE‘
`
`address
`
`Destination
`
`Figure 6.9
`
`(a) ARP packet format.
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:23)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`
`
`274
`
`Chapter Six
`
`nator. Once the originator of the request receives the response, it will
`extract the physical address from the source address in the packet and
`update its ARP table. Now that it has the mapping, it will try to sub-
`mit its IP datagram to the destination station using the proper
`addresses (IP and physical address).
`This process is completed as an involuntary act to the user. The user
`Will typically be using one of TCP’s applications (TELNET for terminal
`service, SMTP for mail service, or FTP for file transfer service)
`attempting a connection. This ARP request and reply will happen
`automatically in the connection. Most TCP vendors supply a utility
`program that allows a user see the entries in the ARP table.
`To improve the efficiency of the protocol, any station on the physical
`network that received the ARP packet (request packet) can update the
`ARP cache. In looking at the packet format, the sender’s physical and
`IP addresses will be in the packet. Therefore, all stations can update
`their ARP tables at the same time.
`Figure 6.9:: shows the ARP packet format. It is encapsulated in an
`Ethernet packet as shown. (See also Table 6.2. This ARP process works
`for stations communicating with each other on the same LAN (the
`
`L-..j:1
`
`TABLE 6.2 Definition of the ARP Packet
` ..j.__
`
`Type of hardware
`
`Type of protocol
`
`Length of header
`Length of protocol address
`
`Operation
`
`Address of the source station
`
`Protocol address
`of the source station
`Hardware address
`of the destination station
`
`Normally indicates IEEE 802 network for local area
`networks. It could also indicate other types of
`networks.
`
`Would indicate IP for TCP/[P networks. It could also
`indicate AppleTa1k.
`Indicates the length of the ARP header.
`Since this header is used for other types of networks
`(AppleTalk), this field indicates the length of the
`protocol address (IP or AppleTa1k address, not the
`physical address).
`Indicates the operation of the header: ARP request
`or response.
`Physical address of the source station. This would
`be filled in by the requester.
`IP address of the source station.
`
`Physical address of the destination station. This
`field is usually, but not always, set to Os if it is a
`request packet. This field would be set to the phys-
`ical address ofthe destination station if it is anARP
`reply. This field is filled in by the responding desti-
`nation station.
`
`Protocol address
`of the destination station
`
`Set by the source station (ARP requester). This will
`contain the IP address of the wanted destination
`station. Only a station whose IP address matches
`this will respond to the ARP request.
` j_m.
`
`
`
`same network n1
`
`cess still works,
`explained later. 4
`
`Rules for AHP
`
`1. ARP is not a p
`headers.
`
`2. ARP requests
`physical broai
`logical networ
`
`3. Since ARP is
`
`assigned to id
`0806 is an AB
`
`the 0800 Ethe
`
`request or AB
`types. Some s‘
`
`*3‘ All stations broau
`by a router.
`
`1. IP requests a MAC
`2. Searches ARP cac
`3. ARP cache will eitl
`4. If the address is nc
`
`the network (localiz
`reply to [P with the
`5. Upon an ARP reply
`back to [P_
`
`Figure 6.9
`
`(b) the AI
`
`
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:24)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`Transmission Control Protocolflnternet Protocol
`
`275
`
`same network number). If they are not on the same LAN, the ARP pro-
`cess still Works, but an address of a router will be found. This is fully
`explained later. Summarizing the ARP process is shown in Fig. 6.96.
`
`Rules for ARP
`
`1. AB]? is not a part ofthe IP protocol and therefore does not contain IP
`headers.
`
`2. ARP requests and responses are transmitted with a destination
`physical broadcast address (all Fs) and therefore never leave their
`logical network.*
`
`3. Since ARP is not part of the IP protocol, new Ethertypes were
`assigned to identify this type of packet. 0806 is an ARP request and
`0806 is an ARP reply. Some ARP implementations can be assigned
`the 0800 Ethertype, for IP will be able identify the packet as an AR]?
`request or ARP reply packet. Not all implementors of IP use these
`types. Some still use the Ethertype of 0800 for ARE
`
`* All stations broadcasts (all FFs in the MAC destination header) will not be forwarded
`by a router.
`
`to
`[5
`Ie e
`
`I
`E
`e-
`r
`
`E
`gt
`
`5
`i"
`
`:1
`B
`d
`its
`
`5
`i
`
`1
`
`ha
`he
`he
`
`E E
`
`5
`5 4
`75-
`31’
`56-
`
`rill
`‘am
`:35
`
`1
`
`
`
`
`1
`IP
`ARP request
`
`
`
`3
`
`2, 5
`
`
`
`
`ARP table
`
`1. IF requests a MAC address to IP address translatlon.
`2. Searches ARP cache table for possible entry.
`3. ARP cache will either return the MAC address (if it is in the table) or not.
`4. If the address is not in the table, generates an ARP request packet to
`the network (localized packet).
`If the address mapping is in the table,
`reply to IP with the MAC address.
`5. Upon an ARP reply, ARP updates its table and reports the address
`back to IP.
`
`Figure 6.9
`
`(5) the ARP process.
`
`lb)
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:25)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`
`
`276
`
`Chapter Six
`
`TABLE 6.3 Ethertype Field Entries for ARP
`
`0806h
`ARP request
`
`ARP reply 0806h
`
`4. ARP contains an aging entry to delete entries that have not been
`used for a period of time. This reduces the ARP look—up time and
`saves memory.
`
`5. If a machine submits an ARP request for itself, it must reply to the
`request.
`
`Reverse address resolution protocol (FIAFIP). This protocol is used when
`a network station knows its MAC address but does not know its IP
`
`address. When Would this happen? This is a common application for
`diskless Workstations (Sun Microsystems, for example).
`The requesting client machine will send out a RARP request to a
`server located on the physical network somewhere that has the RARP
`Server service running on it. This RARP server will respond to the
`request with that particular station’s IP address.
`The packet format for a RARP packet is the same for as for ARP. The
`only difierence it that the field that will be filled in will be the senders
`physical address. The IP address fields will be empty. A RARP server
`will receive this packet, fill in the IP address fields and reply to the
`sender. It is the opposite of the ARP process.
`
`Proxy
`Proxy AFIP. One last variation on ARP is called Proxy
`ARP is the capability of a router to be able to respond to an end station
`(host) that does not support subnet addressing. By the time IP subnet
`addressing became adopted, there were already a tremendous amount
`of hosts established with TCP/IP as their networking protocol. Subnet—
`ting was implemented later, so if a host did not support subnet
`addressing, it could incorrectly mistake an IP network number (the
`subnet portion of the IP address) for a host number. The router tricks
`the transmitting station into believing that the source station is on the
`local LAN.
`
`As shown in Fig. 6.10, the host on network A may not attach to other
`devices on network B since it has no concept of subnetting. When the
`IP layer does a comparison of its address to the destination IP address,
`it will think the packet is locally addressed and, therefore, will not
`transmit it to a router for delivery. Instead it will invoke the algorithm
`
`* This is also known as promiscuous ARP or ARP hack.
`
`
`
`Local
`
`128.9
`
`
`
`Figure 6.10 Proxg
`
`to deliver it lo
`
`packet will no1
`tion is not av
`allowed Wlthlj
`
`routing protoc
`routing updatu
`
`
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:26)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`

`
`Transmission Control Protocolllnternet Protocol
`
`27?
`
`End station A
`
`Network station does
`
`not support subnetting
`
`Local AFIP for
`
`128.9.10.9
`
`
`
` 128.9.10.0
`
`Network station
`
`-
`
`-_
`ta
`Host B
`
`Figure 5.10 Proxy ARP.
`
`‘I 28.9.10.9
`Subnet mask 255.255.255.0
`
`to deliver it locally. Unless the local router is running proxy ARE the
`packet will not be answered and the host will think the destination sta-
`tion is not available. Furthermore, different subnet masks are not
`allowed within the same network number (unless you are running a
`routing protocol that supports the broadcasting of subnet masks in its
`routing updates, like OSPF).
`
`
`
`(cid:36)(cid:38)(cid:55)(cid:44)(cid:57)(cid:44)(cid:54)(cid:44)(cid:50)(cid:49)(cid:15)(cid:3)(cid:40)(cid:36)(cid:15)(cid:3)(cid:55)(cid:36)(cid:46)(cid:40)(cid:16)(cid:55)(cid:58)(cid:50)(cid:15)(cid:3)(cid:21)(cid:46)(cid:15)(cid:3)(cid:53)(cid:50)(cid:38)(cid:46)(cid:54)(cid:55)(cid:36)(cid:53)(cid:15)(cid:3)(cid:40)(cid:91)(cid:17)(cid:3)(cid:20)(cid:19)(cid:19)(cid:23)(cid:15)(cid:3)(cid:83)(cid:17)(cid:3)(cid:25)(cid:23)(cid:27)(cid:3)(cid:82)(cid:73)(cid:3)(cid:26)(cid:27)(cid:26)
`
`
`
`
`
`
`Subnet mask 255.255.255.63
`
`for both connectors
`
`5.5
`
`
`
`
`
`gig?“ggggsgmiaHamsas»sea
`
`

`
`278
`
`Chapter Six
`
`The problem is that the host is looking on the wrong network. Refer
`to Fig. 6.10. End station A thinks host B is on the local LAN. By deci-
`phering the IP address, the first two fields are the same. Host B sup-
`ports subnet addressing and end station A does not. Therefore, end
`station A will send out a local ARP request packet when it should be
`submitting the packet to the router so that it can deliver the packet to
`the end station. The router which supports subnetting will look up the
`ARP request and then notice that the subnetwork address is in its
`routing table. If the router has proxy ARP enabled, the router will
`answer for host B. End station A will receive this response and think it
`is from host B. There is nothing in the physical address of a packet to
`indicate where it came from.
`
`The host will then submit all packets to the router and the router
`will deliver them to end station A. This communication will continue
`until one end terminates the session.
`
`Proxy ARP is a very useful protocol for those networks that have
`been using bridges to implement their IP network and are moving to a
`router environment. Proxy ARP allows the network to migrate to a
`routed environment. There are other useful situations for proxy ARP,
`but its use is waning. Today, most hosts on a TCP/IP internet support
`subnet masking and most IP networks are using routers.
`A potential problem in using proxy ARP is for those networks that
`implement the mechanism to ensure single IP addresses on are each
`network. Most TCP/IP implementations allow users easy access to
`their network number (that is, they can change it with a text editor).
`This allows any hacker to change his or her number to another in order
`to receive datagrams destined for another host. Some implementations
`of TCP/IP will detect for this. Routers that implement proxy ARP will
`get caught, for they will answer for any station on a different network,
`thereby giving the impression that there is one physical address to
`multiple IP addresses. There is a trust on any IP network that IP
`addresses will not be arbitrarily assigned. There should be one IP
`address for each physical address on a internet.
`
`IP routing
`
`Routing fundamentals: interior gateway protocols. To make any network
`more manageable, it will be split into many networks. The intercon-
`nection of these networks is accomplished by routers. Routers enable
`data to be forwarded to other networks in a very efficient maimer. It
`will always be easier to manage many smaller networks than it will be
`to manage one large network. In order for routers to forward data to
`other networks, they use special protocols to enable them to internally
`draw a map of the entire internet for the purposes of routing. To accom-
`
`plish this, there an
`tocols (IGPS) and
`
`gateway protocol tl
`ered in this book. I
`
`ing protocol will be
`the Routing Inform
`In the previous
`routers, and packs
`own. This section vi
`
`Referring to Fi