Call Girls Near The Suryaa Hotel New Delhi 9873777170
Clase 1 Direccionamiento IPv4.pdf
1. IPv4 Address
“The identifier used in the IP layer of the TCP/IP protocol
suite to identify each device connected to the Internet is
called the Internet address or IP address. An IPv4 address
is a 32-bit address that uniquely and universally defines the
connection of a host or a router to the Internet; an IP
address is the address of the interface”.(Berhouz Forouzan)
2. HOST
TCP/IP uses the term host to refer to an end system that
attaches to the Internet.
3. IPv4 Address
The IPv4 addresses are unique and
universal.
An IPv4 address is 32 bits long.
The address space of IPv4 is 232
(4,294,967,296)
Notation.
Binary notation
Dotted-decimal notation
4. • IPv4 (Internet Protocol
version 4)
• Developed in the early
1980s
• RFC 760 Jan 1980
obsoleted by RFC 791
Sep 1981
Beginning with IPv4
5. Subnet Masks
An IP address is a hierarchical address that is made up of two parts:
A network portion
A host portion.
Subnet Mask
Used to define the:
Network portion
Host portion
32 bits
Contiguous set of 1’s followed by a contiguous set of 0’s
1’s: Network portion
0’s: Host portion
11111111111111110000000000000000
6
6. Dividing the Network and Host
Portions
Expressed as:
Dotted decimal
Ex: 255.255.0.0
Slash notation or prefix length
/16 (the number of one bits)
11111111.11111111.00000000.00000000
Dotted decimal: 255 . 255 . 0 . 0
Slash notation: /16
7. Example
The subnet mask identifies which part of the IP address
refers to the network.
11111111 11111111 11111111 00000000
255 255 255 0
192 168 11 10
192 168 11 0
Network Portion Host Portion
The prefix length is the number of bits set to 1 in the subnet mask.
It is written in “slash notation”, a “/” followed by the number of
bits set to 1.
For example:
IP address: 192.168.11.10 255.255.255.0
Is the same as: 192.168.11.10 /24
9. Subnet Masks
So how do hosts figure out which part of the address is the network portion?
Hosts AND the IPv4 address and the subnet mask.
“1” bits refer to the network portion.
“0” bits refer to the host portion.
Hosts actually use a the Boolean “AND” operation to accomplish this task.
This tells them what network they belong to.
10. How does the host know if the destination
IPv4 address is on it’s network or another
network?
192.168.1.100
255.255.255.0
192.168.2.101
255.255.255.0
A B
Destination IPv4
192.168.2.101
Source IPv4
192.168.1.100
Destination IP Address
11. Same network?
Destination Network = 192.168.1.0
AND
My Network = 192.168.1.0
AND
Same network? YES!
192.168.1.10 192.168.1.11
Destination IP Address
12. Same network?
Same network? NO!
My Network = 192.168.1.0
AND
192.168.1.100
Destination Network = 192.168.2.0
AND
192.168.2.101
Destination IP Address
13. Network Address
Network Address, is particularly important because it is
used in routing a packet to its destination network.
The network address has all 0 bits in the host portion.
14. Broadcast Address
A broadcast address is used to send data to all hosts in the
network.
The broadcast address has all 1 bits in the host
portion.
16. Addresses for User Devices
These IP addresses can be assigned either:
Statically
Dynamically
Hosts are assigned IP addresses from the range of available
addresses in the network.
17. Static Assignment
Useful for printers, servers, and other networking devices that do
not change location often and need to be accessible to clients on
the network based on a fixed IP address.
Increased control of network resources.
However, static addressing can be time-consuming to enter on
each host.
18. Dynamic Assignment
Instead of manually assigning IP
addresses (subnet mask, default
gateway, DNS addresses), it is
easier to have IP addresses
assigned automatically.
This is done using Dynamic Host
Configuration Protocol (DHCP).
The DHCP server requires that a
block of addresses, called an
address pool, is used for
assigning to the DHCP clients on
a network.
19. How Does DHCP Work?
Client Boots
Client DHCP
Server
DHCP Request
IP, MAC Address
DHCP Discover
Mac Address
DHCP Offer
IP, Lease time
DHCP Ack
IP, Lease time
20. Dynamic vs. Static IP
Addressing Quiz
Static IP Address Dynamic (DHCP) IP Address
Fridge
iTouch
PDA
AP
RADIUS server
Printer
IP phone
Laptop
Switch
Router
Server
Desktop computer
21. Destination Address Type
Unicasts:
Packet travels from one host to another specific host.
Multicasts:
Packet travels from one host to a select number of other hosts.
Supports voice and audio broadcasts, news feeds, distribution of
software, re-imaging clients off peak times.
Broadcasts:
Packet travels from one host to all hosts on the local network.
Source IP addresses
are always unicast
23. IPv4 Packet Format
IPv4 has been in use since 1983 when it
was deployed on the Advanced Research
Projects Agency Network (ARPANET).
An IPv4 packet has two parts:
IP Header - Identifies the packet
characteristics.
Payload - Contains the Layer 4 segment
information and the actual data.
IP Header Data (Payload)
24. IPv4 Header – Significant
Fields
Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional)
Padding
Byte 1 Byte 2 Byte 3 Byte 4
26. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Version (4 bits)
– Indicates the version of IP currently used.
– 0100 = 4 and therefore IPv4
– 0110 = 6 and therefore IPv6
27. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
IP Header Length (4 bits)
– Identifies the number of 32-bit words in the header.
– The IHL value varies due to the Options and Padding fields.
– The minimum value for this field is 5 (i.e., 5×32 = 160 bits =
20 bytes) and the maximum value is 15 (i.e., 15×32 = 480
bits = 60 bytes).
28. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Differentiated Services (8 bits)
– Formerly called the Type of Service (ToS) field.
– The field is used to determine the priority of each packet.
– First 6 bits identify the Differentiated Services Code Point (DSCP) value for QoS.
– Last 2 bits identify the explicit congestion notification (ECN) value used to prevent
dropped packets during times of network congestion.
29. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Total Length (16 bits)
– Sometimes referred to as the Packet Length.
– Defines the entire packet (fragment) size, including header and data, in bytes.
– The minimum length packet is 20 bytes (20-byte header + 0 bytes data) and the
maximum is 65,535 bytes. .
30. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
A router may have to fragment a packet
when forwarding it from one medium to
another medium that has a smaller MTU.
When this happens, fragmentation
occurs and the IPv4 packet uses the
following 3 fields to keep track of the
fragments
31. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Identification (16 bits)
– Field uniquely identifies the fragment of an
original IP packet.
32. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Flag (3 bits)
– This 3-bit field identifies how the packet is fragmented.
– It is used with the Fragment Offset and Identification
fields to help reconstruct the fragment into the original
packet.
33. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Fragment Offset (13 bits)
– Field identifies the order in which to place the packet
fragment in the reconstruction of the original
unfragmented packet.
34. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Time-to-Live (TTL) (8 bits)
– Used to limit the lifetime of a packet.
– It is specified in seconds but is commonly referred to as hop
count.
– The packet sender sets the initial TTL value and is decreased
by one each time the packet is processed by a router, or hop.
– If the TTL field decrements to zero, the router discards the
packet and sends an ICMP Time Exceeded message to the
source IP address.
– The traceroute command uses this field to identify the routers
used between the source and destination.
35. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Protocol (8 bits)
– Field indicates the data payload type that the packet is
carrying, which enables the network layer to pass the data
to the appropriate upper-layer protocol.
– Common values include ICMP (1), TCP (6), and UDP (17).
– Others: GRE (47), ESP (50), EIGRP (88), OSPF (89)
– http://www.iana.org/assignments/protocol-numbers/
36. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Header Checksum (8 bits)
– Field is used for error checking of the IP header.
– The checksum of the header is recalculated and
compared to the value in the checksum field.
– If the values do not match, the packet is discarded.
37. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Source IP Address (32 bits)
– Contains a 32-bit binary value that represents the
source IP address of the packet.
38. Version
IP Header
Length
Differentiated Services
Total Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (optional) Padding
Destination IP Address (32 bits)
– Contains a 32-bit binary value that represents the
destination IP address of the packet.
39. Classful Addressing
Historically, RFC1700 grouped the unicast ranges into specific sizes
referred to as Classful addressing for IPv4:
Class A, B, and C addresses: 0.0.0.0 - 223.255.255.255
Multicast addresses: 224.0.0.0 - 239.255.255.255
Experimental addresses: 240.0.0.0 - 255.255.255.254
In classful addressing, the IP address space is divided into
five classes: A, B, C, D, and E. Each class occupies some
part of the whole address space
41. Class A. 255.0.0.0 or /8
Was reserved for governments and extremely large organizations.
Class B. 255.255.0.0 or /8
Was reserved for medium/large organizations.
Class C. 255.255.255.0 or /24
Was for every other organization (small organizations).
IPv4 Address Classes
Address
Class
# of Possible
Networks
# of Possible
Hosts
Total Possible
Addresses
Class A
Class B
Class C 254
2,097,152
65,534
16,384
16,777,214
532,676,608
1,073,709,056
2,113,928,964
126
42. How the ranges were
determined
First First Network Host
Class Bits Octet Bits Bits
A 0 0 – 127 8 24
B 10 128 - 191 16 16
C 110 192 - 223 24 8
D 1110 224 – 239
E 1111 240 - 255
43. Private Addresses
Most IPv4 addresses are public IP
addresses.
These are reachable IPv4
addresses on the Internet.
However, there are blocks of
addresses that are private
addresses and are never
propagated on the Internet.
Packets with a source or destination
private IP address are not
propagated by Internet routers.
Internet routers / firewalls block or
translate these addresses.
Private addresses are usually
converted to public IP addresses using
NAT (Network Address Translation)
44. Private Addresses
Private addresses are defined in RFC 1918.
RFC 6598, IANA reserved 100.64.0.0/10 known as shared
address space. Similar to RFC 1918, but intended only for use
in service provider networks.
45. Public Addresses
Public addresses are
required on the Internet and
they must be unique.
The use of public addresses
is regulated and allocated to
each organization
separately.
RIRs (Regional Internet
Registries) typically provide
public addresses to ISPs.
Companies obtain their
IPv4 address blocks from
an ISP.
46. Other Special Addresses
Refer to RFC 3330
Loopback address:127.0.0.1
127.0.0.0 – 127.255.255.255
Hosts use to direct traffic to themselves.
Link-Local addresses: 169.254.0.0/16
169.254.0.0 – 169.254.255.255
Host can automatically assign itself an address if it has
none.
TEST-NET addresses:
192.0.2.0 to 192.0.2.255 (192.0.2.0 /24)
47. Subnetting
Problem: Organizations
have multiple networks
which are independently
managed
Solution 1: Allocate a
separate network
address for each network
Difficult to manage
From the outside of
the organization, each
network must be
addressable.
Solution 2: Add another
level of hierarchy to the
IP addressing structure
University Network
Medical
School
Library
Engineering
School
Subnetting
48. Subnetting Example
49
Network address 172.16.0.0 with /16 network mask
Using Subnets: subnet mask 255.255.255.0 or /24
172.16.5.0/24 172.16.25.0/24
172.16.0.0/24 172.16.10.0/24
49. Basic Idea of Subnetting
Split the host number portion of an IP address into a
subnet number and a (smaller) host number.
Result is a 3-layer hierarchy
Then:
Subnets can be freely assigned within the organization
Internally, subnets are treated as separate networks
Subnet structure is not visible outside the organization
network prefix host number
subnet number
network prefix host number
extended network prefix
50. How your provider (ISP) sees
you….
150.50.0.0 /16
150.50.0.0 /16
150.50.0.0 /16
150.50.0.0 /16
150.50.1.0 /24
150.50.2.0 /24
150.50.3.0 /24
150.50.4.0 /24
150.50.5.0 /24
Subnetting does not change how the outside world sees
the network but provides additional structure within the
organization.
52. Network 192.168.1.0/24
Need:
As many subnets as possible, 60 hosts per
subnet
192.168.1. 0 0 0 0 0 0 0 0
Network Host
6 host bits
255.255.255. 0 0 0 0 0 0 0 0
Number of hosts per subnet
Calculating the number
subnets/hosts
53. 192.168.1. 0 0 0 0 0 0 0 0
Network Host
6 host bits
255.255.255. 1 1 0 0 0 0 0 0 255.255.255.192
Number of subnets
Calculating the number
subnets/hosts
Network 192.168.1.0/24
Need:
As many subnets as possible, 60 hosts per subnet
New Subnet Mask: 255.255.255.192 (/26)
Number of Hosts per subnet: 6 bits, 64-2 hosts, 62 hosts
Number of Subnets: 2 bits or 4 subnets
54. 192.168.1. 0 0 0 0 0 0 0 0
255.255.255. 1 1 0 0 0 0 0 0 255.255.255.192
Number of subnets
192.168.1. 0 0 0 0 0 0 0 0 192.168.1.0/26
192.168.1. 0 1 0 0 0 0 0 0 192.168.1.64/26
192.168.1. 1 0 0 0 0 0 0 0 192.168.1.128/26
192.168.1. 1 1 0 0 0 0 0 0 192.168.1.192/26
Calculating the number
subnets/hosts
Number of Hosts per subnet: 6 bits, 64-2 hosts, 64 TOTAL
hosts, 62 usable hosts
Number of Subnets: 2 bits or 4 subnets
56. Network 192.168.1.0/24
Need:
As many subnets as possible, 12 hosts per
subnet
192.168.1. 0 0 0 0 0 0 0 0
Network Host
4 host bits
255.255.255. 0 0 0 0 0 0 0 0
Number of hosts per subnet
Calculating the number
subnets/hosts
57. Network 192.168.1.0/24
Need:
As many subnets as possible, 12 hosts per subnet
New Subnet Mask: 255.255.255.240 (/28)
Number of Hosts per subnet: 4 bits, 16-2 hosts, 14 hosts
Number of Subnets: 4 bits or 16 subnets
192.168.1. 0 0 0 0 0 0 0 0
Network Host
4 host bits
255.255.255. 1 1 1 1 0 0 0 0 255.255.255.240
Number of subnets
Number of hosts per subnet
Calculating the number
subnets/hosts
60. VLSM
VLSM – the process of
sub-netting a subnet to fit
your needs.
Example:
Subnet 10.1.0.0/16, 8
more bits are borrowed
again, to create 256
subnets with a /24 mask.
Mask allows for 254 host
addresses per subnet
Subnets range from:
10.1.0.0 / 24 to
10.1.255.0 / 24
* Same process for Subnet
10.2.0.0/16
61. VLSM
Subnet 10.3.0.0/16, 12 more bits
are borrowed again, to create
4,096 subnets with a /28 mask.
– Mask allows for 14 host
addresses per subnet
– Subnets range from: 10.3.0.0 /
28 to 10.3.255.240 / 28
Subnet 10.4.0.0/16, 4 more bits
are borrowed again, to create 16
subnets with a /20 mask.
– Mask allows for 2,046 host
addresses per subnet
– Subnets range from: 10.4.0.0 /
20 to 10.4.240.0 / 20
62. Classless Inter-Domain Routing
(CIDR)-Supernetting
Route summarization done by CIDR
Routes are summarized with masks that are less than
that of the default classful mask (supernetting)
-Example:
172.16.0.0 / 13 is the summarized
route for the 172.16.0.0 / 16 to
172.23.0.0 / 16 classful networks
Although 172.22.0.0/16 and
172.23.0.0/16 are not shown in
the graphic, these are also
included in the summary route.
63. Steps to calculate a route
summary:
1. List networks in binary
format
2. Count number of left
most matching bits to
determine summary
route’s mask
3. Copy the matching bits
and add zero bits to
determine the
summarized network
address
Classless Inter-Domain Routing
(CIDR)-Supernetting
64. Example: Calculating a
summary route
Which address can be used to
summarize networks
A:
• 192.168.0.0/30
• 192.168.0.4/30
• 192.168.0.8/30
• 192.168.0.16/29
• B
• 192.168.4.0/30
• 192.168.5.0/30
• 192.168.6.0/30
• 192.168.7.0/29
11000000 10101000 00000000 00000000
11000000 10101000 00000000 00000100
11000000 10101000 00000000 00001000
11000000 10101000 00000000 00010000
11000000 10101000 00000100 00000000
11000000 10101000 00000101 00000000
11000000 10101000 00000110 00000000
11000000 10101000 00000111 00000000
Answer:????
65. IP is a best effort delivery system.
No mechanism to ensure that the data is delivered
So how do we know if a packet encountered a problem
along the way?
Internet Control Message Protocol (ICMP)
ICMP
Internet Control Message Protocol
66. RFC 792
ICMP is available for both IPv4 and IPv6.
ICMPv4 is the messaging protocol for IPv4.
ICMPv6 provides these same services for IPv6 but
includes additional functionality.
ICMP messages common to ICMPv4 and ICMPv6 include:
Host confirmation
Destination or Service Unreachable
Route redirection
Time exceeded
ICMPv6 includes additional functionality.
ICMP
Internet Control Message Protocol
67. ICMP is used for:
Informational messages (ping, traceroute)
Error messages (network unreachable)
ICMP is a layer 3 protocol directly encapsulated in
another layer 3 protocol IP.
No transport header
Knowledge of ICMP control messages is an essential
part of network troubleshooting.
ICMP
Internet Control Message Protocol
68. ICMP Message Format
Type
the type of service being provided. There’s a specific type number for each
error or informational message sent.
Code
the error code provides further information on the message type. It tells what
was the possible cause to the problem.
Checksum
the 16-bit one's complement of the one's complement sum of the ICMP
message starting with the ICMP type. Used to find problems on the ICMP
message ONLY.
69. ICMP Messages
Type Message
3 Destination Unreachable
4 Source Quench
11 Time Exceeded
12 Parameter problem
5 Redirection
Type Mes
s
age
8 or 0 Echo request or reply
13 or 14 Timestamp
17 or 18 Address Mask
10 or 9 Router Sollicitation/Adv
70. Type Code Meaning
0 0 echo reply
3 0 network unreachable
3 1 host is unreachable
3 3 port is unreachable
4 0 source quench
5 0 redirect
8 0 echo request
9/10 0 router discovery/advertisement
11 0 time exceed
12 0 parameter problem
13/14 0 time stamp request
17/18 0 network request/reply
ICMP Types&Codes
71. Host Confirmation (PING)
Ping is a utility used to verify connectivity to an IP host.
It measures the round-trip time for messages sent from the
originating host to a destination computer.
Ping uses an ICMP Echo Message to determine if a host is
reachable.
A host initiates a ping (ICMP Echo Request) and the destination
replies (ICMP Echo Reply).
ICMP only reports on the status of the delivered packet to the
source device.
72. PING sends icmp type 8 echo request to a node
and expects an icmp type 0 echo reply
ICMP: Echo Request/Reply
Send
Reply
8
0
0
0
75. Destination or Service
Unreachable
When a router cannot deliver a packet, it sends an ICMP
Destination Unreachable message to the source.
Message includes a code indicating why it could not be
delivered.
Some of the Destination Unreachable codes for ICMPv4 are:
0 - net unreachable.
1 - host unreachable.
2 - protocol unreachable.
3 - port unreachable.
4.- fragmentation needed and DF set
5.- source route failed
Note: Codes 0,1,4 and 5 may be received from a gateway
codes 2 and 3 may be received from a host
76. Destination or Service
Unreachable
ICMP only reports on the status of the delivered packet to the
source device.
For example:
PC1 pings PC2.
The ping crosses R1, then R2, but R3 encounters a link error.
Since the packet only contains the source and destination IP
addresses, R3 may notify PC1 of the failure (optional).
It’s unaware of the exact path the packet took
No ICMP messages are sent to R1 or R2.
PC1
PC2
R1 R2 R3
77. Destination or Service
Unreachable
C:Userseietr> ping 192.168.1.115
Pinging 192.168.1.115 with 32 bytes of data:
Reply from 192.168.1.116: Destination host unreachable.
Reply from 192.168.1.116: Destination host unreachable.
Reply from 192.168.1.116: Destination host unreachable.
Reply from 192.168.1.116: Destination host unreachable.
Ping statistics for 192.168.1.115:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
C:Userseietr>
C:Userseietr> ping 192.168.2.115
Pinging 192.168.1.115 with 32 bytes of data:
Reply from 192.168.1.116: Destination net unreachable.
Reply from 192.168.1.116: Destination net unreachable.
Reply from 192.168.1.116: Destination net unreachable.
Reply from 192.168.1.116: Destination net unreachable.
Ping statistics for 192.168.1.115:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
C:Userseietr>
Codes 0 (net
unreachable) is sent
when a router does not
have the requested
network.
Code 1 (host
unreachable) is sent
when a router receives
a packet for which it
has an attached route
but is unable to deliver
the packet to the host
on the attached
network.
81. Route Redirection
A router may use the ICMP
Redirect Message to notify
the hosts on a network that
a better route is available
for a particular destination.
This message may only
be used when the
source host is on the
same physical network
as both gateways.
Both ICMPv4 and ICMPv6
use route redirection
messages.
82. Route Redirection
Host A sends a packet to Host B on
network 10.0.0.0/8, but since they are
not on the same network, it forwards it
to the default gateway, R1.
R1 finds the correct route to network
10.0.0.0/8 is through the same interface
and forwards out of its E0 interface to
R2.
R1 also forwards an ICMP Redirect
message to Host A telling it to use R2 as
the gateway to forward all future
requests to network 10.0.0.0/8.
B
A
83. time-exceeded
message
ICMP
header
Type=11 Code=0 or 1 Checksum
Rest of Header=unused (all zero)
Data IP header and first 8 bytes of original datagram’s data
• Code=0, TTL count exceeded
• Code=1, Fragment reassembly time exceeded
Router Router
TTL=1
X
Time-exceeded
Time Exceeded
The ICMP - Time exceeded message is generated when the gateway
processing the datagram finds the Time To Live field is equal to zero
and therefore must be discarded. The same gateway may also notify the
source host via the time exceeded message.
86. Address Resolution Protocol
(ARP)
The primary purpose of ARP: (RFC 826)
1. Resolving IPv4 addresses to Ethernet MAC
addresses
2. Maintaining a cache of mappings
ARP is used to map known IP addresses to
MAC addresses on the local network.
If the device is on a remote LAN segment, the
host will send an ARP request for the MAC
address of the default gateway.
87. Ethernet MAC Address
A media access control address (MAC address) of a computer is a
unique identifier assigned to network interfaces for communications at
the data link layer of a network segment. MAC addresses are used as
a network address for most IEEE 802 network technologies, including
Ethernet and Wi-Fi. Logically, MAC addresses are used in the
media access control protocol sublayer of the OSI reference model.
92. Multicast MAC Address
Multicast MAC address is a
special value that begins with
01-00-5E in hexadecimal
Range of IPV4 multicast addresses
is 224.0.0.0 to 239.255.255.255
93. ARP Message Format
Destination
address
6
ARP Request or ARP Reply
28
Source
address
6 2
CRC
4
Type
0x8060
Padding
10
Ethernet II header
Hardware type (2 bytes)
Hardware address
length (1 byte)
Protocol address
length (1 byte)
Operation code (2 bytes)
Target hardware address*
Protocol type (2 bytes)
Source hardware address*
Source protocol address*
Target protocol address*
* Note: The length of the address fields is determined by the corresponding address length fields
94. ARP Message Format
Protocol Type: This field is the complement of the Hardware Type field,
Specifying the type of layer three addresses used in the message. For IPv4
addresses, this value is 2048 (0800 hex), which corresponds to the EtherType
code for the Internet Protocol.
Hardware Address Length: Specifies how long hardware addresses are in this
message. For Ethernet or other networks using IEEE 802 MAC addresses, the
value is 6.
95. ARP Message Format
Protocol Address Length: Again, the complement of the preceding field;
specifies how long protocol (layer three) addresses are in this message.
For IP(v4) addresses this value is of course 4.
96. Devices can only communicate with other devices on the same subnet
A knows that it is on the 192.168.10.0/24 subnet (AND operation with its IP address and
subnet mask). (Same subnet = Same subnet mask)
A knows that B (192.168.1.11) is on its same subnet (AND operation with B’s IP address
and A’s subnet mask)
Destination Address
bb.bb
Source Address
aa.aa
Type FCS
IP
DA 192.168.10.11
A 192.168.10.10
AND 255.255.255.0
--------------------
192.168.10.0
B 192.168.10.11
AND 255.255.255.0
--------------------
192.168.10.0
SAME Subnet
A can reach B
directly without
going through a
router
192.168.10.10
255.255.255.0
192.168.10.11
255.255.255.0
A B
MAC
aa.aa
MAC
bb.bb
192.168.10.0/24
Subnet
192.168.10.0/24
Subnet
Understanding IP
communications
97. 192.168.20.12
255.255.255.0
C
Devices can only communicate with other devices on the same subnet
A knows that it is on the 192.168.10.0/24 subnet (AND operation with its IP address and
subnet mask) (Same subnet = Same subnet mask)
A knows that C (192.168.20.12) is on a different subnet (AND operation with B’s IP
address and A’s subnet mask) – Can’t get there directly!
192.168.10.10
255.255.255.0
A
Destination Address Source Address Type FCS
IP
DA 192.168.20.12
MAC
aa.aa
MAC
cc.cc
A 192.168.10.10
AND 255.255.255.0
--------------------
192.168.10.0
B 192.168.20.12
AND 255.255.255.0
--------------------
192.168.20.0
DIFFERENT Subnets
A can NOT reach B
directly. Must go
through a router
192.168.10.0/24
Subnet
192.168.20.0/24
Subnet
Understanding IP
communications
98. A sends packet to devices in a DIFFERENT subnet directly to a router which is on the
same subnet as A.
The router will take care of it from there.
Destination Address
11.11
Source Address
aa.aa
Type FCS
IP
DA 192.168.20.12
192.168.10.10
AND 255.255.255.0
--------------------
192.168.10.0
192.168.20.11
AND 255.255.255.0
--------------------
192.168.20.0
192.168.10.10
255.255.255.0
A
192.168.20.12
255.255.255.0
C
192.168.10.1
255.255.255.0
192.168.20.1
255.255.255.0
MAC
aa.aa
MAC
cc.cc
MAC
11.11
MAC
22.22
DIFFERENT Subnets
A can NOT reach B
directly. Must go
through a router
Destination Address
cc.cc
Source Address
22.22
Type FCS
IP
DA 192.168.20.12
Understanding IP
communications
99. How Does ARP Work?
Destination MAC:
FF-FF-FF-FF-FF-FF
Add entry to ARP
cache
100. Devices can only communicate with other devices on the same subnet
Otherwise, they must go through a router, that is on its same subnet
192.168.10.10
255.255.255.0
192.168.10.11
255.255.255.0
192.168.20.12
255.255.255.0
A B
C
192.168.10.10
255.255.255.0
A
192.168.10.10
255.255.255.0
A
192.168.20.12
255.255.255.0
C
192.168.10.1
255.255.255.0
192.168.20.1
255.255.255.0
Understanding IP
communications
101. Source IP
192.168.1.110
Destination IP
192.168.1.50
Source MAC
00-0A
Destination
???
Destination
MAC
???
B
A C
Internet
R1
192.168.1.12
0
MAC 00-0B
192.168.1.11
0
MAC 00-0A
192.168.1.5
0
MAC 00-0C
192.168.1.1
MAC 00-0D
IP Packet
Ethernet Header
Understanding IP
communications
102. PC-A’s ARP Cache
IPv4 Address MAC Address
Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
192.168.1.1
MAC 00-0D
103. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
Target IPv4
192.168.1.50
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
ARP Request
104. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
Target IPv4
192.168.1.50
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
ARP Request
105. The target IPv4 is not me.
Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
Target IPv4
192.168.1.50
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
106. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
Target IPv4
192.168.1.50
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
The target IPv4 is not me.
107. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
Target IPv4
192.168.1.50
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
The target IPv4 is me!
108. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
On
Hold
Sender IPv4
192.168.1.50
Sender MAC
00-0C
Source MAC
00-0C
Destination MAC
00-0A
ARP Reply
Ethernet Header
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
Here is my MAC
address for the IPv4
address you were
looking for!
109. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
On
Hold
Sender IPv4
192.168.1.50
Sender MAC
00-0C
Source MAC
00-0C
Destination MAC
00-0A
ARP Reply
Ethernet Header
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
Here is my MAC
address for the IPv4
address you were
looking for!
110. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
On
Hold
Sender IPv4
192.168.1.50
Sender MAC
00-0C
Source MAC
00-0C
Destination MAC
00-0A
ARP Reply
Ethernet Header
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
192.168.1.50 00-0C
111. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.50 00-0C
192.168.1.1
MAC 00-0D
112. Source IP
192.168.1.110
Destination IP
192.168.1.50
IP Packet
Source MAC
00-0A
Destination MAC
00-0C
Ethernet Header
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.50 00-0C
192.168.1.1
MAC 00-0D
113. Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
192.168.1.1
MAC 00-0D
ARP Request
Remote Communication
114. Default Gateway: 192.168.1.1
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
115. Target IPv4
192.168.1.1
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
116. Target IPv4
192.168.1.1
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
117. The target IPv4 is not me.
Target IPv4
192.168.1.1
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
118. The target IPv4 is not me.
Default Gateway: 192.168.1.1
B
A C
Internet
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
Target IPv4
192.168.1.1
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
119. Target IPv4
192.168.1.1
Target MAC
???
ARP Request
Source MAC
00-0A
Destination MAC
FF-FF
Ethernet Header
On
Hold
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
Internet
The target IPv4 is
for me!
120. Target IPv4
192.168.1.1
Target MAC
00-0D
ARP Reply
Source MAC
00-0D
Destination MAC
00-0A
Ethernet Header
On
Hold
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
Internet
Here is my MAC address for
the IPv4 address you were
looking for!
121. Target IPv4
192.168.1.1
Target MAC
00-0D
ARP Reply
Source MAC
00-0D
Destination MAC
00-0A
Ethernet Header
On
Hold
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
Internet
122. Target IPv4
192.168.1.1
Target MAC
00-0D
ARP Reply
Source MAC
00-0D
Destination MAC
00-00A
Ethernet Header
On
Hold
Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1
MAC 00-0D
Internet
192.168.1.1 00-0D
123. Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
???
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1 00-0D
192.168.1.1
MAC 00-0D
Internet
124. Source IP
192.168.1.110
Destination IP
10.1.1.10
IP Packet
Source MAC
00-0A
Destination MAC
00-0D
Ethernet Header
Default Gateway: 192.168.1.1
B
A C
R1
192.168.1.120
MAC 00-0B
192.168.1.110
MAC 00-0A
192.168.1.50
MAC 00-0C
PC-A’s ARP Cache
IPv4 Address MAC Address
192.168.1.1 00-0D
192.168.1.1
MAC 00-0D
Internet