Friday, September 10, 2010

TCP/IP Network Protocol and Subnetting

The Michael Meyers CompTIA Network+ All-in-One Exam Guide, featured on the left, is study guide I am using to prepare myself for the CompTIA Network+ Exam.  It is an excellent study guide, and easy to understand.

I will attempt to summarize some points that may be helpful to you in understanding TCP/IP.  And, more importantly, will be here as a reference guide.

In the beginning, there were several different networking protocols:  Novell Netware IPX/SPX, Microsoft NetBIOS/NetBEUI, Apple's AppleTalk, and UNIX's TCP/IP.  We all know now that UNIX's TCP/IP is the standard protocol that is predominately used in today's networks.

How does the computer know where to send its data?  Data is contained in frames.  In a small network, a computer sends a frame by broadcasting to MAC address FF-FF-FF-FF-FF-FF.  This is the universal MAC address for broadcast.  This broadcast goes out to all of the computers in the network.  You can't do that on the Internet.  It's too much.  This is where IP addressing comes into play.  Just as every computer has a unique MAC address, every computer has a unique IP address, and they are grouped together for each network logically, so you can distinguish individual networks.

IPV4 is a 32-bit value of ones and zeros. This is binary which is the base-2 number system.
An example is:


These ones and zeros are converted to decimal numbers to make it easier for us to remember.  The computer and router have no problem reading this binary address, but, we humans do have a problem.  So we need to convert it to decimal.  To do this, first you break up the 32-bit value into 8 bits.

11000000 10101000 00000100 00000010

Each of the 8 bits are then converted into a decimal number separated by dots.

Binary is the base-2 number system, so an easy way to convert to decimal is to write out the decimal value for each bit:

128   64   32   16   8   4   2   1

Let's take the first set of eight binary bits, 11000000.  For each bit that has a 1, write down the corresponding decimal value.  In this case, it is 128.  The next 1 that you see is in the 64 position.  Add that to the 128, and you get 192.

Now let's take the next set of binary bits, 10101000.  The first 1 is 128.  The second 1 is 32.  The third 1 is 8.  Notice how I simply lined the binary digits up under the corresponding decimal, from left to right.  Now add the 128+32+8.  You get 168.

So far we have 192.168.  Next take the next set of 8 bits, 00000100.  The 1 is i the 4 position.  So, we have 192.169.4.  The next set of 8 bits is 00000010.  That 1 is in the 2 position.

So the IP address is

Every Operating System comes with a utility to determine both the MAC address and the IP address of your computer.  In Windows, the command line utility is IPCONFIG /ALL.  In the MAC/UNIX/LINUX world, the command line utility is IFCONFIG.  You can also find out the IP address on the MAC by going to the Network utility, click on the Advanced tab, then the TCP/IP tab.

Each computer in a Local Area Network must have some way to indicate it is a member of that particular network.  For instance, if you have a Class C network address and an IP address, 192.168.4 is the network id and 2 is the host id.  The subnet mask is

When a TCP/IP LAN needs to connect to another TCP/IP LAN, it has to have a router.  The router has to have an IP address on the network.  The router's IP address is known as the default gateway.
Most ISPs give the router the lowest host IP address for the network.  In this example, that is  Each router has a routing table that tells it where to send incoming packets.  The method a router uses to determine if the packet needs to go on the LAN, or, to a computer on the WAN, is the subnet mask.

If a computer needs to get a packet on the LAN, it simply sends out a broadcast address to get the other computer's MAC address.  If the computer needs to get a packet on the WAN, in other words outside of your local area network, it sends the packet to the default gateway.  How does the computer know whether the packet goes on the LAN or the WAN?  The subnet mask tells the computer what portion of the of the IP address is the network id.  255 converts to 11111111 in binary.  If the subnet mask is, then that tells you the first three nodes of the ip address is the network id.  The computer compares the destination id to its own IP address using the subnet mask.  If the network ids match, it knows the packet is local.  If not, the packet is on the WAN.

If it is a local call, the computer (we will call it COMPA) sends out an ARP broadcast, to determine the MAC address of COMPB.  COMPA sends out an ARP packet that contains its own IP address (in this case,  the IP broadcast address (in this case, it's own MAC address, and the Ethernet broadcast address of FF:FF:FF:FF:FF:FF).  COMPB's MAC address responds to the ARP by sending an ARP response containing COMPB's MAC address.

When COMPA has COMPB's MAC address, it starts sending packets.  To show Windows's current ARP table, open a command line and type:  arp -a

When a computer wants to send a packet to an IP address on an outside LAN, it sends the packet to the default gateway, in this case  It still sends out an ARP, but to the default gateway.  Once the computer gets the default gateway's MAC address, it starts to send out the packets.

Usually subnet masks are represented by using a / character followed by the number of ones in the subnet mask.  An example is

An organization called the Internet Assigned Numbers Authority (IANA) assigns IP addresses in contiguous chunks called class licenses.  The IANA presides over a number of Regional Internet Registries (RIRs) and the RIRs distribute IP addresses to large ISPs.  Most end users get IP addresses from their ISP.

A Class A license has a subnet mask of and the first octet that defines the network id starts between 1-126.  The first binary octet of a Class A license always begins with 0 (0xxxxxxx).  Potential number of hosts 16,277,214.

A Class B license has a subnet mask of and the first and second id define the network id.  The first octet decimal value is 128-191.  The first binary octet of a Class B license always begins with 10 (10xxxxxx).  Potential number of hosts 65,534.

A Class C license has a subnet mask of and the first three octets define the network id.
The first octet decimal value is from 192-223.  The first binary octet of a Class C license is always 110 (110xxxxx).  Potential number of hosts 254.

Class D is reserved for Multicast.  The first octet decimal values are from 224-239.  The first binary octet of a Class D license is always 1110 (1110xxxx).

Class E is a Reserved license.  The first octet decimal values are from 240-255.  The first binary octet for a Class E license is always 1111 (11110000).

IP Class licenses eventually ran out and didn't work well for most organizations because the number of hosts needed varies for each organization.  A new method was developed called Classless Inter-Domain Routing (CIDR).  This is where subnetting comes into play.  CIDR is done by the ISP.  IANA assigns a block of addresses to the ISP, and the ISP subnets the block into multiple subnets, and then passes out the smaller subnets to customers.

To subnet, you take the existing /8, /16/, and /24 subnet mask and extend it one bit at a time until you have the number of subnets you need.  First, convert the subnet mask to binary and remove the dots.  For example, say you have a subnet mask of  Convert it to binary.


Change a 0 to a 1 so that you have 25 ones instead of 24.


The subnet mask becomes /25

The videos below do a great job of explaining subnetting based on the Magic Number Theory and how to determine the number of subnets needed, hosts, broadcast ids.  They are the best I've seen!

Understanding TCP/IP addressing and subnetting basics

Enhanced by Zemanta