CHAPTER 7: TCP/IP and Routing 286 career-limiting when considering becoming a network engineer. The TCP/IP suite is primarily what keeps the Internet running as well as it does. TCP/IP is also used to provide network communication in most of the world’s com- panies, universities, and countries. Anywhere there is a network connection; it is most likely that TCP/IP is in use. Keep in mind that this chapter does in no way explore all there is to know about TCP/IP, as that could literally take volumes to cover. By the end of this chapter, you should be comfortable with navigating numbering schemes, have a better understanding of the protocol suite, and can work your way through any problem presented to you (on the Network exam and in real life). TCP/IP has rattled many test takers in the past who have taken exams where these fundamentals are tested extensively. As Network is somewhat of an entry-level exam, you will not have to have TCP/IP addressing and design perfected or mastered, but you will have to know the fundamentals of it. Learning about network protocols is not too tough an issue once you understand the underlying mechanics. The intent of this chapter is to ensure that you have the foundation and fundamental knowledge needed to pass the exam and build the rest of your studies on. Now, let’s delve into these network protocols and see exactly what we need to know for the Network exam as well as in your day-to-day activities as a network administrator. TCP/IP In the 1970s, Internet Protocol (IP) was developed as part of the Transmission Control Protocol effort to provide logically addressed and structured network- ing. Since then, IP has matured greatly and can convey a wide array of infor- mation and services. The primary role of IP is to provide logical addresses and support the routing of traffic to its destination. Recent efforts to expand the capacity of IP addresses (which are nearly exhausted) have resulted in the next generation of the protocol, IP version 6 (IPv6). IP supports the ability to send to a group via multicasting. These topics are covered in the next sec- tions, starting with IP version 4 (IPv4). Note This chapter covers TCP/IP in depth and also looks briefly at other protocol suites such as AppleTalk and IPX/SPX. These protocols will show up on the exam, but not as much as TCP/IP. Although the information in this chapter is good for test preparation purposes, as a working network engineer, you should know more about these somewhat obscure and less-commonly used protocols. IPv4 287 IP provides the network layer addressing and functions for the TCP/IP stack, as shown in Figure 7.1. The TCP/IP stack does not map neatly to the Open Systems Interconnection (OSI) model, as the OSI model was devel- oped after TCP/IP. IPv4 has structure and processes developed around its address space. Information is transported in IP packets, in which the header remains con- sistent in terms of size and fields. IPv4 IP is responsible for addressing and delivery by providing a logical address scheme. The original version of IP (referred to as IPv4) consists of 32 bits spread over four 8-bit octets, expressed in dotted decimal format. For exam- ple, a 32-bit address may look like this in binary: 00001010000010110000110000001101 FIGURE 7.1 TCP/IP Stack. Note We will cover the TCP/IP stack later in more detail when we discuss TCP/IP-based pro- tocols such as Simple Mail Transfer Protocol (SMTP), Telnet, and File Transfer Protocol (FTP). This is only the beginning… there are more than 100 protocols covered in the TCP/IP suite. The Network+ exam only covers the most basic and fundamental ones – the ones more commonly seen on the job and in production environments. CHAPTER 7: TCP/IP and Routing 288 To improve readability, the 32-bit IP address splits into four blocks of 8 bits like this: 00001010 00001011 00001100 00001101 Finally, each 8-bit block is converted to decimal and the decimal values are separated with periods or dots. The converted IPv4 address, expressed as a dotted decimal address, is: 10.11.12.13 It is much easier to remember an IP address of 10.11.12.13 than to remember a string of bits such as 00001010000010110000110000001101. IP addresses and their values and uses are discussed in detail later in this chapter. All information transported over IP is carried in IP packets with the format shown in Figure 7.2. The header length can vary somewhat depend- ing on whether the options field is present and the number of bits that are used to specify these options. This variation in length adds to the pro- cessing burden, as predictability and consistency are not achieved.  Version 4-bit field. Identifies the version of IP (4 or 6). Makes IPv6 backward-com- patible with IPv4.  Header Length 4-bit field. Indicates the length of the header, as the IPv4 header is a variable between 20 and 64 bytes.  Type of Service (ToS) Identifies the prior- ity of packet.  Total Length The entire length of the IP portion of the packet. Called payload length in IPv6.  Identification, Flags, Fragment Offset Handles the fragmentation and reassembly of packets. Not necessary in the IPv6 header, as they are handled by the source.  Time To Live (TTL) Limits the number of hops the packet is allowed to transit. At each hop, a router decrements (reduces) this FIGURE 7.2 The IPv4 Header. Bits 4 4 8 16 16 3 13 8 16 8 32 32 0 – 40 Variable Version Header Length TOS (Type or Class of Service) Total Length Identification Flags Fragment Offset TTL (Time to Live) Protocol Header Checksum Source Address Destination Address Options Data IPv6 289 field, and when it reaches zero, the packet is removed from the network.  Protocol Indicates the next protocol (header) following the IPv4 header, such as TCP or User Datagram Protocol (UDP).  Header Checksum Maintains the integrity of the IPv4 header.  Source and Destination Address 32-bit addresses that identify the source and destination for this packet.  Options If enabled, each intermediate node in the path needs to examine it, which can cause inefficient router performance. Familiarity with the IP address classes, masks, and structure are essen- tial to mastering and using IP. The most fundamental aspect of IP is its addresses. IPv6 Issues such as address exhaustion that made IPv4 inadequate require robust solutions. Although 32 bits of address space were originally thought to be more than enough, time and growth have proven this to not be the case. Address space depletion will be covered later in this chapter. IPv6, if imple- mented fully in the future, will solve the depletion problem, as the newer version of the IP allows for far greater amounts of addressing to be deployed than its predecessor, IPv4. Additionally, IPv4 suffers from a lack of hierar- chical structure; while addresses may be sequentially allocated and summa- rized, they are not optimized by routing or allocation. Designers of IPv6 worked diligently to ensure that the same issues would not be encountered. Members of the Internet community who were Test Day Tip Understanding the inside of the IP packet is not crucial to passing the Network+ exam, but if you want to intimately understand TCP/IP and how it works (which is basically what the entirety of this chapter is based on), you should understand how an IP packet works, what it is made of, and some of the fields within it. In Chapters 11 and 12, when we look at network troubleshooting, having an intimate understanding of the internals of the packet will greatly help. Also, using tools such as a network sniffer, which essentially captures traffic for you to analyze and dissect, relies on your knowledge of the internals of the packet. CHAPTER 7: TCP/IP and Routing 290 responsible for developing the protocol carefully scrutinized each new Request for Comment (RFC) penned for IP. This section covers IPv6, which was developed to overcome the exhaustion of IPv4 addresses and to improve on it in general. As defined in RFC 1884 and later revised in RFC 2373, IPv6 addresses are 128-bit identifiers for interfaces and sets of interfaces, not nodes. Three general types of addresses exist within IPv6: unicast, anycast, and multicast. IP addresses are structured as follows: Expanded addressing moves us from 32-bit address to a 128-bit  addressing method. Provides newer unicast and broadcasting methods. Hexadecimal fused into the IP address format. Uses “:” instead of “.” as delimiters. To write 128-bit addresses so that they are more readable to  human eyes and not a complete chore to apply, IPv6 allows for using a hexadecimal format. IPv6 is written as 32-hex digits, with colons (:) separating the values of the eight 16-bit pieces of the address. IPv6 addresses are written in hexadecimal format: 7060:0000:0000: 0000:0006:0600:100D:315B Leading 0s in each 16-bit value can be omitted, so this address can  be expressed as follows: 7060:0:0:0:6:600:100D:315B IPv6 addresses may contain consecutive 16-bit values of 0, one  such string of 0s per address can be omitted and replaced by a double colon (::). As a result, this address can be shortened even more: 7060::6:600:100D:315B Benefits of IPv6 The following sections look at the two main problems solved by IPv6 – address depletion and routing scalability – in more detail. Some added benefits that IPv6 gives to network designers and administrators include: Increased IP address size Increased addressing hierarchy support Simplified host addressing (unified addressing: global, site, local) IPv6 291 Simplified auto-configuration of addresses (easier readdressing,  Dynamic Host Control Protocol version 6 (DHCPv6), and neighbor discovery instead of ARP broadcasts) Improved scalability of multicast routing The  anycast address A streamlined header Improved security (security extension headers, integrated data  integrity) Better performance (aggregation, neighbor discovery instead of  Address Resolution Protocol (ARP) broadcasts, no fragmentation, no header checksum, flow, priority, integrated quality of service [QoS]) IPv4 Versus IPv6 How does IPv6 compare with its predecessor, IPv4? IPv6 eases the network administrator’s burden, in that aggregatable global unicast addresses do not require address translation when used to access external networks such as the Internet. In IPv4, private address spaces are used when global addresses are unavailable. These private addresses must be translated to a limited set of global addresses when accessing external networks. IPv4 address transla- tion schemes include network address translation (NAT) and port address translation (PAT). IPv6 virtually eliminates the need for address translation as a means of accessing external networks. Table 7.1 illustrates the reduced address administration burden placed upon IPv6 network administrators. Header Comparison In IPv6, five fields are eliminated, including the variable-length IPv4 options field. Removal of the variable-length field and other fields permits the IPv6 header to have a fixed header of 40 bytes in length. A comparison of the two types of headers is summarized in Table 7.2. To provide for additional options, IPv6 defines the following extension headers, which are used to provide specific information needed for particular operations. Hop-by-Hop Options header  Destination Options header CHAPTER 7: TCP/IP and Routing 292 Routing header Fragment header Authentication header (AH) Encapsulating Security Payload header There is not much you need to master about IPv6 for the Network exam. A firm understanding of its development and its differences (such as being able to identify an IPv6 address over an IPv4 address) will be sufficient. Table 7.1 Address Administration Comparison Address Administration Issues IPv4 Private Class A Block IPv6 Aggregatable Global Unicast Address length 32 bits 128 bits Length of pre-assigned upstream fields 8 bits 48 bits Length of delegated addressing fields 24 bits 80 bits Host identifier length 24 subnet bits 64 bits Subnet identifier length 24 host bits 16 bits (SLA ID) Allocate host addresses for subnet identifiers Yes No Determine subnet identifiers Yes Yes Determine host identifiers Yes No Address translation required (NAT/PAT) Yes No Table 7.2 Header Comparison Header IPv4 IPv6 Header format Variable Fixed Header fields 13 8 Header length 20 to 60 bytes 40 bytes Address length 32 bits 128 bits Header checksum Yes No Fragmentation fields Yes No Extension headers No Yes IPv6 293 Feature Comparison The IPv6 architecture contains integrated features that are not contained in IPv4. Table 7.3 contrasts the features of IPv4 and IPv6. Table 7.3 IPv4 and IPv6 Features Feature IPv4 IPv6 Anycast address No Yes Multicast scoping No Yes Security support No Yes Mobility support No Yes Autoconfiguration No Yes Router discovery No Neighbor Discovery Multicast membership IGMP Multicast Listener Discovery Router fragmentation Yes Source only HEAD OF THE CLASS… Making the Transition, IPv4 and IPv6 Backward Compatibility IPv6 will hopefully one day become the de facto standard, but until then both will have to coexist and because of this fact you need to understand how IPv6 is backward compatible with IPv4. IPv4 addresses are embedded within IPv6 add- resses. This method takes regular IPv4 addresses and puts them in a special IPv6 format so that they are rec- ognized as being IPv4 addresses by certain IPv6 devices. IPv6 devices will know when they receive packets that have IPv4 addresses embedded within them. Test Day Tip You may or may not see a question that directly relates to IPv6 and information about it, but you may see questions where IPv4 is the focus and IPv6 is used to test your understanding of the basic differences. The more you know about IP, the easier the exam becomes, even though the exam focus is on version 4. Make sure that you know the basic differences between versions 4 and 6 so you can pick the correct answer. Note For more information on IPv6, visit www.ipv6.org. CHAPTER 7: TCP/IP and Routing 294 UNDERSTANDING IP ADDRESSING IPv4 is widely used today as the foundation of network addressing in both private networks and across the Internet. It is widely known simply as TCP/ IP. To effectively manage a network in today’s complex environment, it’s critical to understand IP addressing in depth. IP addressing is used to assign a unique logical address to a host for identification purposes. Assigning the IP address to a host is a relatively simple process, especially if the host uses DHCP to automatically acquire that address. However, most networks are divided into more efficient segments called subnets. Understanding addressing related to subnets is a bit more complex, so we’ll begin by exploring some of the mathematics underlying this pro- cess. Let’s start by dissecting the IP address and learning how to manipu- late it. IP addresses are expressed in four sets of three numbers, such as 136.14.117.5. Each of the numbers between the dots is called an octet because, when converted to binary notation, it represents eight binary digits (bits). Binary notation is covered in the next section. Every IP address has 32 bits and can be notated as www.xxx.yyy.zzz or w.x.y.z. This is called dot- ted decimal notation. When the value of any one of the octets is less than three digits, it is written without leading zeroes. Therefore, you’ll see IP addresses with one, two, or three digits in each section, such as 254.4.27.112. However, when the value of the octet is zero, it is still written as zero because each octet must be represented (for example, 129.48.0.95). The notation is often shortened to w.x.y.z to represent the four octets. The longer notation, www.xxx.yyy.zzz, is used to indicate that each position can be a maximum of three digits. In this chapter, we’ll use both notations. Each IP address contains two elements, the network address space and the host address space. Throughout this text, we’ll use address and ID inter- changeably, and we may also refer to the network ID or the host ID. Under- standing how to work with IP addressing is a fundamental skill that will be used throughout your career in Information Technology and throughout many other certification exams, not just the Network exam. Take the time to understand this information thoroughly if you want to ensure your suc- cess on the exam and on the job. Exam Warning You must understand the IP address to successfully navigate the Network+ exam. Make absolutely certain that you read the following sections until you are comfortable with the material within. Understanding IP Addressing 295 Converting from Decimal to Binary In everyday life, we use the decimal numbering system for counting. The decimal system relies on the digits 0 through 9. This is the system we use for the standard math that we do in our heads. However, this is not the only way to denote numbers. The binary system relies on only two digits: 0 and 1. It’s the language of the computer because electrical components are either on or off, and thus electrical signals (or RF signals or light impulses) can eas- ily represent 0 with an off status and 1 with an on status. Although there are some exceptions, for the purpose of this discussion, we will use this conven- tion. Each binary digit is called a bit and in IP addressing, eight bits form an octet. An IP address has four octets, or a total of 32 bits. Any whole number from our decimal system can be represented in binary. Each location, or bit position, in a binary number has a certain weight, just as in our commonly used decimal system. For example, we know that in the decimal system, a digit in the first position from the right represents ones, a digit in the second position represents tens, a digit in the third position represents hundreds, and so forth. When we see the number 384, we don’t even have to stop and think to know that it means three hundreds, eight tens (eighty) and four ones. As with decimal, the weighting in a binary number moves from low-order on the right to high-order on the left. Although our eyes are accustomed to understanding decimal numbers when we read them left to right, many people find it easier to work with binary numbers from right to left. Binary numbers typically are counted beginning with bit 0, the right-most bit. This has a value of 2 0 or 1. Each bit to the left is raised (exponentially) to the next power, which effectively doubles the number. Thus, bit 1 is 2 1 or 2, and so forth, as shown in Table 7.4. This formula is typically expressed as 2 n where n is the bit number. If you’re not familiar with binary numbers, you may be wondering why this numbering system is set up this way. If you take the right-most posi- tion, the bit 0 position, and set it to 0, the number is 0. If you set bit 0 to 1, Exam Warning It is unlikely that the exam will contain any straightforward conversion questions such as “what does the binary number 1001 0001 1111 1011 represent in decimal?” If only it was that easy! Instead, you’ll need to know how to do the conversion as part of a more complex process, usually in calculating subnet masks. It’s easy to calculate subnet masks if you understand the basic fundamentals of binary and decimal conversion. . 7060:0000:0000: 0000:0006:0600:100D :315 B Leading 0s in each 16-bit value can be omitted, so this address can  be expressed as follows: 7060:0:0:0:6:600:100D :315 B IPv6 addresses may contain consecutive. This is only the beginning… there are more than 100 protocols covered in the TCP/IP suite. The Network+ exam only covers the most basic and fundamental ones – the ones more commonly seen on. who were Test Day Tip Understanding the inside of the IP packet is not crucial to passing the Network+ exam, but if you want to intimately understand TCP/IP and how it works (which is basically