IPv4
IPv4 address are 4 octets separated by a period, where each octet is 1 byte / 8 bits. As a result, each IPv4 address is 32 bits / 4 bytes.
Since each byte is 8 bits, the maximum decimal value for each byte is 255.
IPv6
IPv6 addresses allow for 128-bit addresses, for a total of 16 bytes. Each segment of the IPv6 standard is 16 bits (2 bytes / 2 octets).
They are often displayed in hexadecimal format, all of which make IPv6 much more difficult to read (and DNS that much more important to maintain).
Often times we see IPv6 with a 64 bit subnet mask - meaning that the first 64 bits are the network prefix and the last 64 bits are the network address.
Subnet masks
A host’s IP address is divided into a network portion and a host portion, where the subnet masks defines where the boundary is. For example, if we assign an IPv4 address of 192.168.1.165, the subnet mask might be 255.255.255.0 → meaning that the device is on the 192.168.1.x network with a specific address of 165.
We use subnets to set the logical boundary between different networks using 32 bit long, 4 octet values (same as IPv4 values). This is because a host can send traffic directly to another host on the same subnet via switches. It that host wants to reach a different host on a different subnet, the packet must be forwarded by a router.
As a result, the host must understand whether the destination is on the same or a different subnet - this is what subnet masks are used for - so that it can figure out whether to reach out to destination directly or to route via the default gateway.
To understand the subnet mask we must convert it to binary notation and compare it to the IP address. Another way to think about this is to see the IP address “masked” with the subnet mask.
Important
A “1” in the subnet mask indicates that bit in the IP address is part of the network address. A “0” indicates the bit is part of the host address
Thus suppose we have the following IP / subnet mask: 192.168.10.15 / 255.255.255.0. In binary, these two read as the following:
11000000.10101000.00001010.0000111 (IP Address)
11111111.11111111.11111111.0000000 (subnet mask)
This shows us that the first 3 octets are part of the network portion, while the last octet is the host portion. In other words, machines in the 192.168.10 network are all in the same subnet, and each host will have its own address composed of the last octet (15 in this case).
This means that if the host at 192.168.10.15 wants to communicate with another machine whose IP address begins with 192.168.10. it knows its on the same subnet and can send traffic directly; on the other hand, if it wants to communicate with, say, a machine on 192.168.11.20, then it must send traffic via a router.
Note
A subnet mask must always begin with contiguous “1”s. For example,
11111111.11110000.00000000.0000000is a valid mask, while11101101.11110000.11000000.00001111is not.In other words, subnet masks are always a block of “1”s then a block of “0”s
The host portion of the address can be allocated to any host on the subnet, and it must be unique on that subnet. Note that they do not have to be sequential. As a result we can have a single host with an address of 10.10.10.10. If we want two hosts with the same host portion address (10 in this case) we can put them into separate networks, such as 10.10.20.10 and 10.10.10.10.
Note
All “0”s in the host portion designates the network address (or network ID), and thus cannot be assigned to a specific host. This means that
192.168.1.0is the address of that network as a whole.
Note
We cannot use all “1”s in the host portion either. All “1”s indicates a directed broacast for all hosts in that subnet. Thus, if we send a message to
192.168.1.255we will be broadcasting to all hosts in the192.168.1.0network.
The available host network allocations in a network with a subnet mask of 255.255.255.0 are 1 through 254.
Slash Notation
Subnet masks can also be written in “slash notation”. For example, 255.255.255.0 can be written as /24. This is simply counting the 1s in the subnet mask.
This is because a legal subnet mask always begins with contigious 1s. If we write 255.255.255.0 in binary we get 11111111.11111111.11111111.0000000. In this case, the first three octets are all 1, so 8 + 8 + 8 = 24.
Another example: 255.255.0.0 is equivalent to /16, because there are 16 1s in the mask when converted to binary.
Put the other way, an address of 10.10.10.15 / 255.0.0.0 is the same as 10.10.10.15/8. The network address is 10.0.0.0/8.
DHCP
The DHCP process is a four-step adventure known as DORA
- Discover - clients discover the DHCP server on the network
- Offer - clients get an offer with an IP assignment
- Request - the client looks at the IP offers, chooses one and requests
- Acknowledge - DHCP server confirms the request
T1 timer:
A T1 timer starts when an IP address is allocated. The client will, at 50% of the lease time remaining, check-in again with the DHCP server to renew the IP address for another duration.
T2 timer:
If the original DHCP server is down and the T1 timer process is unsuccessful, the client will, at 87.5% of the lease time (7/8ths), try rebinding with any other DHCP server on the network.
APIPA
Automatic Private IP Addressing.
Used when a device is configured to automatically get an IP address but the network doesn’t have a DHCP server. In this scenario a link-local address will be created, where devices can only communicate with other devices in the LAN.
The IETF has reserved 169.254.0.0 through 169.254.255.255 for APIPA, although the first and last addresses are reserved as well.
The way this works is the local devices will randomly select one of these IP addresses and then use an ARP (Address Resolution Protocol) broadcast to check if the address is in use already.