IP Addresses

Specification

  • Explain the use of IP addresses in the transmission of data over the internet

    • including:

      • format of an IP address including IPv4 and IPv6

      • use of subnetting in a network

      • how an IP address is associated with a device on a network

      • difference between a public IP address and a private IP address and the implications for security

      • difference between a static IP address and a dynamic IP address

  • Explain how a Uniform Resource Locator (URL) is used to locate a resource on the World Wide Web (WWW) and the role of the Domain Name Service (DNS)

An introduction to packets, protocols, IP addressing and MAC addressing

The video below gives some overview of IP address, including sub-netting (which is an A2 topic)

Terms

There are a number of common terms used when discussing networks. These include packets, protocols, IP addressing and MAC addressing.

Packets (aka. datagrams)

When you send or receive information across a computer network, for example, when your computer downloads a web page from the Internet or you when you send an email to someone in another country, that information is broken up into fixed-sized 'packets' of information before being sent. Each packet contains:

      • a little bit of the actual information you want to send or receive

      • extra 'helping' information, such as the address of the destination, some information used to check for errors and some information to help control the reassembly of the packets once they have all reached their destination.

How do packets help communication across networks

After a message has been broken up into packets, they are sent across the Internet using the cables in the standard telephone network. If you were sending an email from the UK to someone who lives in Australia:

      • The email would be broken up into packets.

      • Each of the packets would then be sent by different routes to get to Australia.

      • It is only when all of the packets have been received that the message can be reassembled and read.

      • If there are lots of different routes you can use to send a packet then it doesn't matter if one route is not working (perhaps because a cable is broken or a computer or server is not working) or is very busy. The packet can automatically be redirected via another route.

      • Of course, there might still be a delay in a computer receiving all of the packets for one message.

      • Because of the potential delay, communication is not always instant.

Protocols

Devices need to communicate. For example, a printer needs to send messages to a computer telling it that it has run out of paper or that it is ready to print while a computer needs to send the data it wants to print to the printer. Computers need to send data between themselves so that, for example, email can be exchanged and the Internet can function. When two devices want to successfully communicate, they must agree to follow some rules about the way they will do it. These are known as ‘protocols’.

A 'communications protocol' is the phrase used to describe a set of rules that communication equipment adhere to when they send data to each other. If two devices are sending and receiving data but using different rules then the receiving device will not understand what was sent! Because communications protocols are so important, a special organisation known as the ITU, or International Telecommunications Union, exists to lay down the exact detail in the standards that everyone will use. They define the protocols.

TCP/IP

The two basic protocols used on the Internet are IP (Internet Protocol) and TCP (Transmission Control Protocol). Together, they are referred to as the TCP/IP. There is another protocol used with IP called UDP, but this is not discussed. TCP, while a separate protocol, is actually one of many protocols defined and used under the Internet Protocol Suite of protocols (including HTTP, HTTPS and FTP).

TCP/IP controls how information is successfully transferred between computers on the Internet. When web pages are requested and then sent over the Internet, another protocol used in addition to TCP/IP is the http protocol, or Hyper Text Transfer Protocol. When files are transferred over the Internet, the FTP protocol, or File Transfer Protocol, is used. Sending email can be done using the SMTP, or Simple Mail Transfer Protocol.

IP (Internet Protocol) addressing

Each computer on a network has an IP address. Routers know the IP address of each computer in its part of a network. When you want to send a message from one computer on a large network to another computer on the network (e.g. the Internet), the IP address is used. The message is passed on from one router to the next router using the IP address. This allows the message to reach the right part of the network. Then the MAC address (see below) can be used to identify the actual computer. Some computers are connected to the Internet permanently and therefore have a ‘static’ IP address. Other computers access the Internet via an Internet Service Provider (ISP) and so are given a new, ‘dynamic’ public IP address each time they log in.

MAC addressing

A Media Access Control address, or (MAC address) is a number fixed into a Network Interface Card (NIC). When the card is being used in a piece of equipment on a network, such as in a computer or in a printer, that piece of equipment can then be uniquely identified on the network. This is important because it means that packets of data (see earlier in this section) can use the MAC address as a way of making sure that the packet gets directed to the right piece of equipment.

An IP address is used by routers to get a message to the right part of a network. The MAC address is then used to identify the actual piece of equipment the message needs to go to.

MAC addressing and security

Another use of MAC addresses is for security. For example, consider a network being set up with an Internet connection using a wireless router (the router is the piece of equipment that connects the network to the Internet). This is a very common scenario used in homes. The MAC address of each piece of equipment allowed to access the network is added to a table of MAC addresses in the wireless router, Now when a computer (it might be a laptop or a phone with wireless capability, or a gaming device with wireless, for example) wants to use the network and the Internet in particular, the router checks the MAC address of that computer. If its MAC address is in its table, it is allowed to use the network. If not, it will be denied access.

How is a MAC address used in an IP network?

As explained above, the IP and MAC address is needed when routing between devices. The following video gives a LOT more information that you will ever need for the exam, but does give a detailed overview of how IP and MAC addresses are used in tandem. Why do we need both? Simply because that's how it was built back in the day when the Internet Protocol was being designed. The MAC address and IP address operate on different networking layers and thus the IP address data requires the MAC to route around packets on the local network. In fact, as the IP packet is being forwarded to each successive network on the way to the destination, the source MAC address is constantly being re-written.

In summary, a MAC address could be made the sole address for the network, but works in a different way to IP (and at a different network layer). Because IP addresses are allocated by the network, different devices can be associated with a network through the IP address (and subnet mask), The whole ability to subnet is what prevents different networks being inundated with network traffic it doesn't need to see. The MAC address gets the information from hop to hop, while the IP address contains the sender and final destination address.

So why not use IP addresses only? Again, because it was not designed to work like this. If the IP protocol were to change (like it has from v4 to v6), the whole system would collapse, but through the use of a MAC address, we can implement different protocols which work side by side. More importantly, we would hit a problem with unique addresses. Only relying on the IP address would mean that every device would need a unique address, something which we are already running out of.

IP Addresses in Detail

NOTE: IP v4 and IP v6 are different in terms of capacity, bit size and format. The latter exams (2018 onward) could give IP v6 or ip v4 examples, so be aware.

This Microsoft website also explains the content below, if you want an alternative description.

Introduction

Every computer on the Internet is given an IP addresses which is unique. This IP address is different to other computers on the Internet. How is an IP address formatted and how is it used? Computers on networks connected to the Internet use a protocol (a set of rules for communication) called TCP/IP to send and receive packets of information. Information such as a web page is broken down into packets of data, each of which is a fixed size and contains the IP address of the target computer (as well as other information). Because the IP address is unique, the packets will constantly be forwarded from the sending computer ever closer to the target computer by routers, going from network to network, until eventually, all the packets arrive, are reassembled and displayed.

The format of an IP version 4 address

An IP address using a system called IPv4 is made up of 4 bytes separated by dots, a total of 32 bits. A typical IP might look like this: 01110000.11010100.11111111.11111111 which is slightly problematic for humans to work with! We therefore usually display the IP address as 4 numbers between 0 and 255. The example just given would therefore be expressed as 112.212.255.255 which is much easier for us to talk about. Each number can range from 0 to 255.

Two parts to an IPv4 address

An IP address has two parts. The first part identifies the network. The second part identifies the computer on the network. There are five kinds of networks, called 'classes'.

Class A

Class A addresses are assigned to networks with a very large number of hosts. The high-order bit in a class A address is always set to zero. The next seven bits (completing the first octet) complete the network ID. The remaining 24 bits (the last three octets) represent the host ID. This allows for 126 networks and 16,777,214 hosts per network. Figure 1.4 illustrates the structure of class A addresses.

Class B

Class B addresses are assigned to medium-sized to large-sized networks. The two high-order bits in a class B address are always set to binary 1 0. The next 14 bits (completing the first two octets) complete the network ID. The remaining 16 bits (last two octets) represent the host ID. This allows for 16,384 networks and 65,534 hosts per network. Figure 1.5 illustrates the structure of class B addresses.

Class C

Class C addresses are used for small networks. The three high-order bits in a class C address are always set to binary 1 1 0. The next 21 bits (completing the first three octets) complete the network ID. The remaining 8 bits (last octet) represent the host ID. This allows for 2,097,152 networks and 254 hosts per network. Figure 1.6 illustrates the structure of class C addresses.

Examples of IP address

When you write down an IP address, you are allowed to use hyphens and wildcards in a range. There are also a number of different ways you can write the same range of IP addresses. Here are some examples:

Who hands out the public IP addresses?

ISPs (Internet Service Providers), for example, are assigned public IP addresses by organisations set-up to distribute and manage public IP addresses. The Network Information Center (NIC) and the Internet Assigned Numbers Authority (IANA) are two such orgnaisations.

IPv6

Most computer networks use the IPv4 system but because of the growth of the Internet, available network addresses are running out. A newer system called IPv6 is being introduced. This has 128 bits and is typically written using hexaecimal. Typically as 8 lots of four hex digits separated by colons, for example:

22A3 : 4338 : FA23 : 324D : AC4B : 76DC : 0145 : FF5A

In case you are wondering, IP v6 gives 340,282,366,20,938,463,463,374,607,431,768,211,456 different values. Every grain of sand on earth could have thousands of trillions of unique addresses and still leave spare. WE WILL NOT RUN OUT OF IP v6 ADDRESSES any time soon.

IPv6 Formatting Anomalies

There is some odd notation that you need to be aware of when using IPv6 addresses.

The IPv6 protocol is the next generation of large-scale IP networks by supporting addresses that are 128 bits long. This allows 2128 possible addresses (versus 232 possible IPv4 addresses).

Typically, the IP address assigned on an IPv6 host consists of a 64-bit subnet identifier and a 64-bit interface identifier. IPv6 addresses are represented as eight colon-separated fields of up to four hexadecimal digits each. The following are examples of IPv6 addresses:

2001:0000:0eab:DEAD:0000:00A0:ABCD:004E

The use of the “::” symbol is a special syntax that you can use to compress one or more group of zeros or to compress leading or trailing zeros in an address. The “::” can appear only once in an address.

For example, the address, 2001:0000:0dea:C1AB:0000:00D0:ABCD:004E can also be represented as:

2001:0:eab:DEAD:0:A0:ABCD:4E – leading zeros can be omitted

2001:0:0eab:dead:0:a0:abcd:4e – not case sensitive

2001:0:0eab:dead::a0:abcd:4e - valid

2001::eab:dead::a0:abcd:4e - Invalid as cannot have two double colons, one one set of :: is allowed

IPv6 uses a “/” notation which describes the no: of bits in the network portion, similar to IPv4 (which is obtained using a subnet mask). This means that IPv6 is also split between network and host.

2001:eab::/64 – Network (64 bits used for the network, 64 bits for the host)

Finally, there is a backwards compatibility built into IPv6 that allows a translation between the older IPv4 address. Basically, it is valid to have a standard hexadecimal notation, followed (AT THE END) by an IPv4 address. e.g. 64:ff9b:0:250.200.160.0

What is your IP address?

If you type 'What is my IP address' into Google, it will tell you. You can also go into a terminal window in Windows (click on the start button and then in the search area, type in Command prompt). Then type in ipconfig and see what you get

Public and Private IP addresses

There are both public and private IP addresses. They have an impact on security, as explained below.

Public IP addresses

A public IP address is any valid address which can be accessed over the Internet. ISPs (Internet Service Providers), for example, are assigned public IP addresses by organisations set-up to distribute and manage public IP addresses. The Network Information Center (NIC) and the Internet Assigned Numbers Authority (IANA) are two such organisations. Each public IP address must be unique, no two devices on the Internet can have the same address.

Private IP addresses

Many companies and other organisations e.g. schools run a private TCP/IP-based Local Area Network that is accessible only within the Local Area Network. Each networked computer, printer etc is allocated its own unique private IP address. When a computer or any other device inside the Local Area Network needs to access the Internet, then the LAN must be connected to the Internet using a piece of equipment called a 'gateway'. A gateway's job is to connect the LAN to the Internet using a public IP address. Private IP addresses can only be routed within a netowork, not over the Internet.

This WikiBook article explains IP addressing.

Network Address Translation (NAT)

Because the Internet has grown larger than anyone ever imagined it could be we are quickly running out of public IP addresses. So what does the size of the Internet have to do with NAT? Everything!

When IP addressing first came out, everyone thought that there were plenty of addresses to cover any need. Theoretically, you could have 4,294,967,296 unique addresses (232). The actual number of available addresses is smaller (somewhere between 3.2 and 3.3 billion) because of the way that the addresses are separated into classes, and because some addresses are set aside for multicasting, testing or other special uses.

With the explosion of the Internet and the increase in home networks and business networks, the number of available IP addresses is simply not enough. The obvious solution is to redesign the address format to allow for more possible addresses. This is being developed (called IPv6), but will take several years to implement because it requires modification of the entire infrastructure of the Internet.

This is where NAT comes to the rescue. Network Address Translation allows a single device, such as a router, to act as an agent between the Internet (or "public network") and a local (or "private") network. This means that only a single, unique IP address is required to represent an entire group of computers. It is often the job of a gateway/router to provide a NAT service.

vpn

Implications for security

Computers that have a private IP address on a LAN cannot be seen and cannot communicate with computers outside of the LAN. That means that employees cannot accidentally introduce malware (viruses, trojan horses, worms, spyware and so on) into the organisation's network. This helps protect the network from hackers, data corruption, theft of data and so on. It also means that the organisation's network is not subject to any external technical problems. for example, if an ISP's servers fail or have a problem, that won't affect the private LAN. However, if employees cannot connect to external networks via the Internet, they can communicate with each other, but cannot send email to customers, do research on behalf of their employer and check their competitors prices, for example. Companies cannot make use of very powerful tools available only if you can connect to other networks. for example, an organisation couldn't make use of cloud storage for storing sensitive data. It couldn't make use of collaborative working from locations all over the world.

Virtual Private Networks (VPNs)

Many business these days need constant access to the Internet. This presents a real and serious security risk so what can they do. The best solution by far is to ensure that all communications between the organisation and outside the organisation is encrypted. The way to achieve this is to rent a Virtual Private Network service. What happens when an organisation signs up is that they download and install some client software. When someone on the LAN goes on the Internet, the client software makes contact with the VPN service and your computer and the VPN exchange security keys, to verify to each other that they are authentic and authorised. Once this has been done, all of the person's communications are encrypted and go via the VPN service. Apart from encrypting everything, the VPN service also masks the IP address.

Static and Dynamic IP Addresses

Video on left gives a more in depth explanation of DHCP and how Dynamic IP addresses work.
Video on right summaries the differences between Dynamic and Static IP addresses.

URLs and DNS

Introduction

With millions of computers connected to the Internet and billions of web sites, they all need to be organised. The Internet achieves this by a system of IP addressing and DNS servers.

IP addresses and domain names

Each computer on the Internet has got its own unique IP address, or Internet Protocol address. 204.75.342.16 is an example of what an IP address looks like. It is attached to packets so that they know where to go! You can only send information if you know the IP address! However, people prefer to use words rather than numbers so many computers are called by a domain name. For example, Microsoft.net is the domain name of the Microsoft Corporation. Thinkuknow.co.uk is thinkuknow's website (a website about eSafety). However, behind these domain names, there is an IP address.

Domain Name Servers (DNS)

When you want to go to the web page for thinkusknow, you type the domain name into the URL search area on your web browser and press 'Enter' on your keyboard. The domain name is intercepted by a 'Domain Name Server' or DNS. The job of the domain name server is to look up in its database the domain name you have typed and find the matching IP address. It then forwards the request onwards, using this address. If it cannot find the IP address in its own database, it then contacts other Domain Name Servers until it finds it, or if it can't find it anywhere, it displays a 'web site not found' message to you. When the request reaches the destination, the pages are sent back.

Uniform Resource Locator (URL)

The 'URL' is the unique address for a website. An example of a URL is http://www.theteacher.info Three pieces of information are contained in a URL, the protocol, the domain name and optionally, the file to display. For example, the URL http://www.bbc.co.uk/news would take you to the news web page, at the domain name www.bbc.co.uk using the communications transfer protocol http.

Registering Domain Names

Each domain name is unique. To use a domain name that is still available, you must register it with a company set up for that purpose. You then effectively rent that domain name for as long as you want it. It is not particularly expensive - you can register your own .co.uk domain name for a few pounds per year (or a domain name with any other ending, such as .biz or .com for example). Many of the easily remembered domain names have already been taken but you can try searching e.g. www.reg-123.co.uk This is a typical website that sells domain names. You can search for domain names to see what is available, see how much they cost and register those that you want. Try searching for a domain name associated with your own name or for an imaginary business.

The process begins when you ask your computer to resolve a hostname, such as http://bbc.co.uk. Steps involved in DNS resolution of IP address:

    1. Your computer will look in its local DNS cache, which stores IP addresses for recently visited sites. If your computer does not have this cached, it moves to step 2/

    2. Your computer will send a request (or query) to a recursive nameserver. If the recursive server does not have the answer cached it moves to step three.

      • A recursive nameserver is usually hosted by your ISP. These specialised computers perform the legwork of a DNS query on your behalf. Recursive servers have their own caches, so the process usually ends here and the information is returned to the user.

    3. The recursive nameserver sends a query to the root nameservers to resolve the address for the top-level domain (TLD). The root nameservers for the top-level domain then return a referral to the recursive nameserver.

      • A nameserver is a computer that answers questions about domain names, such as IP addresses. The thirteen root nameservers act as a kind of telephone switchboard for DNS. They don’t know the answer, but they can direct our query to another DNS server that knows where to find it.

    4. The recursive nameserver then sends a query to the top level nameservers (in this example, .CA) which then returns a referral to the second-level nameservers.

      • Examples of TLDs are: .COM ; .UK ; .ORG ; .FR, etc.

    5. The recursive nameserver then sends a query to the second-level nameservers (in this example, gc.ca) which then returns a referral to the third-level nameservers. Other examples are co.uk, org.fr

    6. The recursive name server then sends a query to the third-level nameservers (in this example, ic.gc.ca) which then returns an authoritative answer to the recursive nameservers. A common example in the UK would be bbc.co.uk, with BBC being the third level domain.

      • Not all domain names use three levels, for example: Microsoft.com

This website has more detail regarding DNS lookup, as well as the informative videos below. You should Google DNS Hierarchy to see examples of how DNS is configured.

The following video explains DNS extremely well.

Or, more quickly here: