2. Ambo University
2
Internet Architecture
• Two computers, anywhere in
the world, following certain
hardware, software, protocol
specifications, can
communicate, reliably even
when not directly connected.
• LANs are no longer scalable
beyond a certain number of
stations or geographic
separation.
6. Ambo University
6
Hosts for Classes of
IP Addresses
Class A (24 bits for hosts) 224 - 2* = 16,777,214 maximum hosts
Class B (16 bits for hosts) 216 - 2* = 65,534 maximum hosts
Class C (8 bits for hosts) 28 - 2* = 254 maximum hosts
* Subtracting the network and broadcast reserved address
7. Ambo University
7
IPv4 Address Classes
Class D Addresses
• A Class D address begins with binary 1110 in the first octet.
• First octet range 224 to 239.
• Class D address can be used to represent a group of hosts called a
host group, or multicast group.
Class E Addresses
• First octet of an IP address begins with 1111
• First octet range 240 to 255.
• Class E addresses are reserved for experimental purposes and should
not be used for addressing hosts or multicast groups.
9. Ambo University
9
An IP address such as 176.10.255.255 that has all binary 1s
in the host bit positions is reserved for the broadcast
address.
An IP address such as 176.10.0.0 that has all binary 0s in
the host bit positions is reserved for the network address.
Network IDs and Broadcast Addresses
11. Ambo University
11
Reserved Address Space
• Network ID
• Broadcast address
• Hosts for classes of IP addresses
• For Example: For the IP Address 192.168.0.1 with
Subnet mask 255.255.255.0
– Network ID: 192.168.0.0
– Broadcast Address: 192.168.0.255
– Addresses for Hosts: 192.168.0.1 –
192.168.0.254
12. Ambo University
12
Subnetworks
To create a subnet address, a network administrator
borrows bits from the original host portion and
designates them as the subnet field.
14. Ambo University
14
Subnet Mask
• Determines which part of an IP address is the network field and which
part is the host field
• Follow these steps to determine the subnet mask:
– 1. Express the subnetwork IP address in binary form.
– 2. Replace the network and subnet portion of the address with all
1s.
– 3. Replace the host portion of the address with all 0s.
– 4. Convert the binary expression back to dotted-decimal notation.
• These days classless Inter Domain Routing (CIDR) is used because
subnetting with ordinary Class A, B, C is not adequate.
18. Ambo University
18
Class B address with 8 bits borrowed for the subnet
130.5.2.144 (8 bits borrowed for subnetting) routes to subnet
130.5.2.0 rather than just to network 130.5.0.0.
Determining Subnet Mask Size
19. Ambo University
19
The address 197.15.22.131 would be on the
subnet 197.15.22.128.
11000101 00001111 00010110 100 00011
Network Field SN Host Field
Class C address 197.15.22.131 with a subnet
mask of 255.255.255.224 (3 bits borrowed)
Determining Subnet Mask Size
22. Ambo University
22
Using /24
subnet...
190.52.1.2
190.52.2.2
190.52.3.2
Network Network Subnet Host
But internal routers think all
these addresses are on different
networks, called subnetworks
Internet routers still “see” this net as 190.52.0.0
Class B Network Network Host Host
Given the Class B address 190.52.0.0
Subnet Example
23. Ambo University
23
Using the 3rd octet, 190.52.0.0 was divided into:
190.52.1.0 190.52.2.0 190.52.3.0 190.52.4.0
190.52.5.0 190.52.6.0 190.52.7.0 190.52.8.0
190.52.9.0 190.52.10.0 190.52.11.0 190.52.12.0
190.52.13.0 190.52.14.0 190.52.15.0 190.52.16.0
190.52.17.0 190.52.18.0 190.52.19.0 and so on ...
Network Network Subnet Host
Subnet Example
24. Ambo University
24
Subnet Example
Network Network Subnet Host
Network address 190.52.0.0 with /16 network mask
190 52 0 Host
190 52 1 Host
190 52 2 Host
Using Subnets: subnet mask 255.255.255.0 or /24
190 52 3 Host
190 52 Etc. Host
190 52 254 Host
190 52 255 Host
255
Subnets
28 - 1
Cannot use last
subnet as it
contains broadcast
address
Subnets
25. Ambo University
25
Subnet Example
Network Network Subnet Host
Subnet 0 (all 0’s subnet) issue: The address of the subnet,
190.52.0.0/24 is the same address as the major network,
190.52.0.0/16.
190 52 0 Host
190 52 1 Host
190 52 Etc. Host
190 52 254 Host
190 52 255 Host
255
Subnets
28 - 1
Subnets
Last subnet (all 1’s subnet) issue: The broadcast address for
the subnet, 190.52.255.255 is the same as the broadcast
address as the major network, 190.52.255.255.
26. Ambo University
26
The number of lost IP addresses with a Class C network
depends on the number of bits borrowed for subnetting.
Host Subnet Schemes
28. Ambo University
28
IPv4 Addressing
Subnet Mask
• One solution to the IP address shortage was thought to be the
subnet mask.
• Formalized in 1985 (RFC 950), the subnet mask breaks a single
class A, B or C network in to smaller pieces.
29. Ambo University
29
Short Term Solutions: IPv4 Enhancements
• CIDR (Classless Inter-Domain Routing) – RFCs 1517,
1518, 1519, 1520
• VLSM (Variable Length Subnet Mask) – RFC 1009
• Private Addressing - RFC 1918
• NAT/PAT (Network Address Translation / Port Address
Translation) – RFC
30. Ambo University
30
IPv4 versus IPv6
• IP version 6 (IPv6) has been defined and developed.
• IPv6 uses 128 bits rather than the 32 bits currently used in IPv4.
• IPv6 uses hexadecimal numbers to represent the 128 bits.
IPv4
31. Ambo University
31
Long Term Solution: IPv6 (coming)
• IPv6, or IPng (IP – the Next Generation) uses a 128-bit address
space, yielding
340,282,366,920,938,463,463,374,607,431,768,211,456
possible addresses.
• IPv6 has been slow to arrive
• IPv4 revitalized by new features, making IPv6 a luxury, and not
a desperately needed fix
• IPv6 requires new software; IT staffs must be retrained
• IPv6 will most likely coexist with IPv4 for years to come.
• Some experts believe IPv4 will remain for more than 10 years.
32. Ambo University
Firewall and Its configuration (Linux)
• A firewall helps screen out malicious users, viruses, and
worms that try to access your network from the Internet.
• Firewalls can be hardware or software, and they help
prevent unauthorized access to your local area network
(LAN) from the Internet by blocking incoming network
traffic that is attempting to use a port that is not open.
• A firewall hides information on your LAN from the Internet,
such as computer names, network topology, and network
device types.
• A firewall can also log traffic to and from the LAN.
32
33. Ambo University
Firewall configuration….
• Firewall can be provided in three forms:
– Hardware firewall
– Server Software Firewall
– Client Software Firewall
• The Linux kernel includes the Netfilter subsystem, which is
used to manipulate or decide the fate of network traffic
headed into or through your server.
• Uncomplicated Firewall (ufw)
– The default firewall configuration tool for Ubuntu is ufw.
– ufw by default is initially disabled.
33
34. Ambo University
Firewall configuration…
• The following are some examples of how to use ufw:
– First, ufw needs to be enabled. From a terminal prompt
enter:
• sudo ufw enable
– To open a port (ssh in this example):
• sudo ufw allow 22
– Rules can also be added using a numbered format:
• sudo ufw insert 1 allow 80
– Similarly, to close an opened port:
• sudo ufw deny 22
– To remove a rule, use delete followed by the rule:
• sudo ufw delete deny 22
34
35. Ambo University
Firewall configuration…
• It is also possible to allow access from specific hosts or
networks to a port.
– The following example allows ssh access from host
192.168.0.2 to any ip address on this host:
• sudo ufw allow proto tcp from 192.168.0.2 to any port
22
– Replace 192.168.0.2 with 192.168.0.0/24 to allow ssh
access from the entire subnet.
– ufw can be disabled by:
• sudo ufw disable
– To see the firewall status, enter:
• sudo ufw status
35
36. Ambo University
Firewall configuration….
– And for more verbose status information use:
• sudo ufw status verbose
– To view the numbered format:
• sudo ufw status numbered
36
37. Ambo University
Network Interface Configuration (Linux)
• A linux box should have its NIC configured to
communicated on the network.
• This can be supplied by the DHCP Server dynamically or
supplied statically by the administrator
• For providing the static address the file
/etc/network/interfaces needs to edited:
– auto eth0
– iface eth0 inet static
– address 192.168.0.10
– netmask 255.255.255.0
– gateway 192.168.0.1
– network 192.168.0.0
– broadcast 192.168.0.255
37
38. Ambo University
NIC Configuration….
• The name resolution information needs to be provided on
the /etc/resolv.conf file
– nameserver 192.168.0.5
– nameserver 192.168.0.6
• Finally, the network service has to be started using one of
the following commands:
– service networking restart
– /etc/init.d/networking restart
– ifdown eth0 && ifup eth0
38
39. Ambo University
Network troubleshooting commands(Linux)
• ifconfig
– ifconfig (interface configurator) command is use to
initialize an interface, assign IP Address to interface
and enable or disable interface on demand.
– With this command you can view IP
Address and Hardware / MAC address assign to
interface and also MTU (Maximum transmission unit)
size.
– Example: ifconfig eth0
• ifconfig with interface (eth0) command only shows
specific interface details like IP Address, MAC
Address etc
39
40. Ambo University
Network troubleshooting…..
• Enable or Disable Specific Interface
– To enable or disable specific interfaces we use the
following commands respectively.
• ifup eth0 – enables eth0 interface
• ifdown eth0 – disables eth0 interface
• PING Command
– PING (Packet INternet Groper) command is the best
way to test connectivity between two nodes.
– Whether it is Local Area Network (LAN) or Wide Area
Network (WAN).
– Ping use ICMP (Internet Control Message Protocol) to
communicate to other devices.
40
41. Ambo University
Network troubleshooting…..
– You can ping host name of ip address using below
command.
• ping 192.168.0.1 – tests connectivity of the current
machine to machine 192.168.0.1
• traceroute command
– traceroute is a network troubleshooting utility which
shows number of hops taken to reach destination also
determine packets traveling path.
– Below we are tracing route to global DNS server IP
Address and able to reach destination also shows path
of that packet is traveling
41
43. Ambo University
Network troubleshooting…..
• netstat command
– Netstat (Network Statistic) command display connection
info, routing table information etc.
– To displays routing table information use option as -r.
43
44. Ambo University
Network troubleshooting…
• dig command
– Dig (domain information groper) query DNS related
information like A Record, CNAME, MX Record etc.
– This command mainly use to troubleshoot DNS related
query.
• nslookup command
– nslookup command also use to find out DNS related
query. The following examples shows A Record (IP
Address) of tecmint.com.
44
45. Ambo University
Network troubleshooting…..
• host command
– host command helps to find name to IP or IP to name
in IPv4 or IPv6 and also query DNS records.
• hostname command
– hostname is to identify in a network.
– Execute hostname command to see the hostname of
your box.
– One can configure hostname on /etc/hostname file.
45