Networking as a 2nd Language

Net Surfing With IP Protocol


In the last installment of Networking as a Second Language, we examined routing protocols.

Now we're going to take a look at the routed protocol that not only ushered in a new revolution in the 1990s, but also drove the stock market wild. Now the dust has settled and the millions of dollars in hot dot com stocks have all gone away, but the IP protocol is here to stay.

The Internet Protocol

The Internet Protocol (IP) is one of the most versatile of all the routed protocols. Web content, Internet file transfers (FTP), pings (ICMP), and multicast content (IGMP), are all propagated through the physical wiring as layer 3 IP datagrams. As we learned previously, an IP datagram can be encapsulated with different layer 2 frames as it makes a hop through a router.

One interface on a firewall router could be Ethernet framing and the other interface, serial, could use frame-relay encapsulation out to the Internet. Router interface frames use layer 2 encapsulation schemes. The IP datagram and its contents are just forwarded to each interface as directed by the router's routing tables.

Unreliable transport

From installment 7 of Networking as a Second Language, we learned that IP is routed on a hop-by-hop basis from router to router until the datagram reaches its destination network segment.

The IP datagram is at the mercy of the routing algorithm to be delivered to its destination. The routing protocols attempt to transport the datagram in a best-effort manner. In the event of a router's interface "flapping," a router interface going up and down repeatedly, a datagram could be lost. An extremely busy router may drop the IP datagram if all of its memory buffers are exhausted. A datagram can also be delivered out of order. A large image download will be broken up into many fragments to be delivered to the requesterís device. There is no guarantee of the paths taken by these fragments or arriving in order. This best-effort delivery scheme where delivery is not guaranteed is called unreliable transport.

Comment on this articleIf you have questions or comments about these protocols, Michael will be glad to respond.
Post your comments

Also in Networking as a 2nd Language:

Multicast Architectures

Exploring the Transport Layer

Understanding Routing Protocols

Connectionless delivery

When downloading an image off the Internet, the image is fragmented for transport and sent to the destination device of the requesting user. The Internet is huge. There is no guarantee all the IP datagrams encapsulating the image fragments are going to traverse the same routers.

Recall from the last installment the mention of fault-tolerant networks. Fault-tolerant networks use redundant connections in a network to assist in load sharing and to minimize failure recovery. IP datagrams can and will arrive out of order as the fragments make their way through the Internet. Each datagram is handled on an individual basis under the best-effort scheme. This is known as a connectionless delivery.

Why use IP?

Because IP is a connectionless, unreliable protocol, why is it so popular in the Internet networking world? A protocol is a set of rules. IP defines how to quantize data for transport through the Internet. IP performs the routing means for the encapsulated data. The IP header provides the source and destination addresses. The header may also provide information on how to process datagrams and handle errors. Information about fragmentation and layer 4 originating protocol (TCP = 0x04 and UDP = 0x11) is also included.

IP addressing

The Internet is a large virtual network with hosts scattered everywhere therein. With our example, Sprocketsí corporate network, devices communicate with other devices by using an IP address. Within this vast logical network are many networks. Each network segment is identified by a unique network ID. Each host on a segment network is identified by an address unique to that segment. Each IP address is a pair, comprised of network segment ID and host ID, expressed as a 32-bit value.

Figure 1. 32-bit IP addresses are made up of a network ID and a host ID.

From Figure 1 we can see that the IP address is divided evenly into four 8-bit fields (8 bits is a byte). Each byte field is called an octet. An octet can hold any value between 0 and 255. (The term "octet" is a legacy coinage from an earlier era of computing.) All four octets of an IP address are expressed in a dotted decimal format.

As an example, the Sprocketís manufacturing robot controller PC had a four-octet, dotted decimal notation -- the IP address of The network ID is and the host ID is 212. The IP segment was arbitrarily assigned the address by the network administrator when the network was brought online. Now the Sprockets' network must connect to the Internet and an official IP address segment must be assigned. Our network engineer, Nanna Spacely, contacts the Network Information Center (NIC) and requests a formal address block.

Figure 2. IP addresses are separated into classes.

Classes of IP addresses

For the sake of network administration, NIC has divided the pool of IP addresses into three classes: A, B, and C. The pragmatists out there know that actually five classes exist, but D and E are reserved for multicast and experimental addressing.

Class A networks (where the high-order bit is 0, see Figure 3) include the network range of through 126.0.00. If NIC assigns your network a class A network, you will have the capacity of accommodating over 16 million devices on your network. Certainly this is overkill for most networks out there and a waste of address space.

Class B networks (where high-order bits are set binary 01, see Figure 3) have the address range of through A class B network can host over 65 thousand devices on its network -- still too many devices for the Sprockets environment. The NIC would most likely assign a class B address for Sprocket's needs.

The class C network (where high-order bits are set binary 110) can host as many as 254 devices. This is a more manageable range for the Sprockets' network but with automated manufacturing booming they will quickly out grow this address range.

Figure 3. First octet rule and IP address classes assigned by NIC.

The Sprocketsí network is using class B addressing. The Internet uses four classes of IP addressing schemes. Each class is identified by the first octet of the address. The first octet of the Sprocketsí network is 173. A class B address has a first octet range of 128 to 191, as shown in Figure 3.

Classes and IP addresses are administered by the NIC. The NIC responds with a block using the network address of Please keep in mind that this is an arbitrary address block for the sake of illustrating the use of IP addressing. With this disclaimer, let's fast-forward past Sprockets' painful IP address migration and take a look at their present network using IP addressing.

IP address subnets and classes

The Sprocketsí corporation has been formerly issued a class B addressing scheme. The network ID is as assigned by the NIC. This gives the Sprocketsí network designer and administrators an address space of through Nanna Spacely, our Sprockets' corporate network architect, knows she doesn't need 16-bit host values. Instead she chooses to carve up her network into smaller networks using subnets. She will accomplish this by using the first octet of the host value to represent a subnet ID. This will allow Sprockets to have up to 255 network subnets with approximately 254 hosts on each subnet.

Figure 4. Using the first octet of the host bits to create a subnet.

IP address subnet masks

Humans can visually identify a subnet by glancing at a network diagram or by being informed by a network administrator. Network hardware must be informed that a class B network is being divided into a smaller network. This is accomplished with the use of a network subnet mask, more commonly called a subnet mask (LAN-jargon) or a network mask (Unix-jargon).

A network mask uses the dotted decimal notation IP address. A subnet mask is a binary 32-bit representation expressed in four octets. The mask is used to express the network bits and the subnet bits.

Figure 5. Performing logical AND on default subnet and subnet masks.

A router also uses four-octet (32-bit) subnet masks to assist with routing decisions. A class B address typically has a subnet mask of Subnet masks are used to assist a router in determining where to route an IP datagram. The router performs a computation on the IP address and the subnet mask called a logical AND. A nice little subnet calculator utility for Windows is available from WildPackets.

IP network broadcast addresses

You may have already noticed that we have avoided using the IP address This is a special reserved address called a network broadcast. Unless a router is configured to filter broadcasts, these will be forwarded to every segment in your network. Every device on a segment will read a broadcast message. A directed subnet broadcast on our example Sprockets' network would use the address for the segment

Congratulations, you made it!

There are a lot of semantics to the IP protocol and its addressing. I've merely touched the tip of the iceberg. Volumes upon volumes of texts have been written on this very subject. However, this information should get you off to a good start. Next installment we'll take a look at layer 4 protocols, such as TCP and UDP, which run over IP.

Michael J. Norton is a software engineer at Cisco Systems.

Read more Networking as a 2nd Language columns.

Return to the O'Reilly Network.