With TCP/IP, information is broken up into relatively small packets. Each packet is surrounded by an "envelope" containing addressing and control information about the packet. Every machine on the internet has a unique address.
Packets are sent out through routers, which examine the destination address and determine where to send the packet next to get it on to its destination. Each packet is independent; they may not all follow the same route; they may not arrive in order. At the receiving end, the packets are re-assembled in the right order. If a packet is missing, a request for retransmission will be made.
The receiving machine can strip off the envelope information and reconstruct the original information in the packets.
IP Addresses
Every machine on the internet has to have a unique IP address. (It is possible to
have several machines sharing an IP addresses if they are all connected to a controller
that can redirect traffic properly, but they can't be connected directly to the internet. See NAT.)
An IP address is a 32-bit long binary number - that is, a string of 32 1's and 0's. It is usually represented
as four 8-bit numbers, separated by dots. This notation is called "quad-dot".
An 8-bit number has values from 0 (eight 0's) to 255
(eight 1's). So an IP address usually is represented like:
204.71.202.160
=
11001100 01000111 11001010 10100000
IP addresses are assigned in blocks by an internet group called the Internet Assigned Numbers and Names Authority. Then organizations (companies and ISPs) dole out numbers from their block to individual computers.It used to be possible for companies to go get a block of IP addresses for their own use, but that quickly led to very complex routing procedures to get a packet from one IP address to another, so now, large blocks of IP addresses are assigned to ISPs. ISP subdivide their blocks and pass smaller blocks out to their customers. The major Internet routing locations mostly just need to know what blocks of addresses each ISP has in order to send packets to the right place.
As an end user, most of the time you get an IP address "leased" to you when you connect to your ISP. When you disconnect, it is returned to the pool so someone else can use it. This is what happens when your IP settings are set to "Get IP address automatically". Then, the ISP only needs enough addresses to support the number of simultaneous users on line, not one for every customer they have.
Names, Not Numbers
But usually, when we identify a destination on the internet, it is with a name, not an IP address. A name is something like "www.yahoo.com". Names have to translated into numeric IP addresses before they can be used to send a message over the internet. Several names can share the same IP address if they are all running on the
same physical machine. For example, it is common for www.mydomain.com and ftp.mydomain.com
and mail.mydomain.com to all point to the same IP address, because all 3 services are running
on the same machine.
The link between a name, like "www.yahoo.com" and a number like "204.71.202.160" is made
using a directory lookup system called "DNS" (Domain Name Server).
N.B.: This has nothing to do with what Microsoft now calls
a Domain, or what they call "DNS". They have taken long established
terms and tried to co-opt them to mean something else. Bad Microsoft.
A DNS server is nothing more than a computer with a translation table between names and numbers, just like a phone directory. When you set up an IP connection, one of the things you specify is one or more DNS servers. They have to be specified with the quad-dot numbers, not names. Whenever you designate a named computer in an IP connection, your computer first goes to the DNS server to look up the number, then sends the required packet using the number it got, not the name you supplied. (See why your DNS servers can't be identified by name?)
You usually specify two or more DNS servers in your IP setup, in case one of them is down. Each DNS server also knows of two or more DNS servers it will go to if it is asked about a name it doesn't know. It keeps a record - a "cache" - of all the recent requests, so if it gets asked for the same host again, it already knows the answer. If it doesn't know it, then it asks it's superior, who may ask it's superior, and so forth. Ultimately, the request may go all the way to the Top Level Domain - the master nameserver for .com, .gov, .edu, or for .uk or .it or .es or .jp. At the top level, there is are two official nameservers designated for every registered domain. These are the "authoritative" sources for turning a specific host name at a domain into an IP address. These servers are usually operated by the ISP that serves the domain, even if the domain is a company.
Note that a domain is something like "yahoo.com" or "digitalmx.com" or "johnscloset.net". Each domain has two authoritative DNSs. Those DNSs must contain entries for every "host" in the domain, where a host is something like "www.yahoo.com" or "ws1.digitalmx.com" or "ftp.conxion.com". It usually represents a specific service or a specific machine. The authoritative DNS is the ultimate source of the name to number translation.
It is the "caching" property of DNS servers that makes it necessary to have fixed IP addresses for servers and other machines that must always be recognized. When the IP address of a server is changed (because it was moved to another ISP, for example) then it takes several days for the new correct address to propagate through everything.
Fixed IP Addresses
In some situations, a machine needs to have a real, permanent IP address.
Generally, this is the case
anytime you have a machine that must respond to or be recognized by a particular name.
For example, if I want to run a server, and call it "www.chuladog.com" then
that server needs to have a permanent address.
No matter when someone requests that server, they must always get the same address.
The other reason you might want a permanent address is if you connect over the internet to a company's internal network. They will have a firewall that prevents just any old joe from connecting to their network, but if they know what your IP address is, then they can permit traffic from your address only to come through the firewall.
Basically, whenever you need to be "recognized", you need a permanent IP address.
Most ISPs will let you have a small block of IP addresses on a permanent basis for
a nominal charge.
Reverse DNS
Most of the time, you are interested in translating a name into a number, so you can
create an IP packet to send off onto the Internet. But sometimes you want to go the
other way: take an IP address and find out what name is assigned to that. This is one way people
prevent their mail servers from being used for spam: they refuse to accept mail if there
is no name registered for the IP address sending the mail. It's also useful in a web
traffic report, so you can see the domain names that your visitors are coming from.
If you have fixed IP addresses, your ISP can set them up to have whatever names you want. If you don't, then your IP address will usually come back to something like: dhcp46.pdx.att.net. At least you're still identifiable.
Getting your packets to the net
Now, the first thing that has to happen with your packets is that they have to go to a router
at your ISP that is set up to receive them and pass them on to the internet. This router is
called your "Gateway". It has it's own IP address. It is the thing you connect to when you
dial in to your ISP; it is the thing that hands out an IP address to you, if you're on
automatic; and it is the thing that relays your requests onto the net and the replies back to you.
The gateway typically has on one side a number of customer links coming in. On the other side, it has a connection to the larger internet. When a packet comes in, it needs to know whether it is supposed to send that packet on to the internet or not. (Maybe the packet was sent from one machine to itself; that's perfectly legal thing to do.) It does this by knowing that there is a range of IP addresses that belong to local networks on the client side; only addresses outside that range have to be routed to the internet. This critical piece of information is contained in the Net Mask. The Net Mask defines the local group of IP addresses that don't have to be routed out to the internet. It's value is usually something like:
255.255.255.0 or 255.255.255.248
Netmasks always start with a bunch of 1's, followed by a string of 0's (remember 255= eight 1's),
so sometimes the netmask
is expressed simply as a slash followed by the number of consecutive 1's.
The first number above would be /24 (because 255.255.255 equals 24 1's)
and the second
number would be /28 using this notation. Here's more on Net Masks.
TCP/IP Settings
We've now defined most of the terms you run into when trying to set up a TCP/IP connection:
What if I'm just building a local net that doesn't connect to the internet?
There are a set of IP addresses reserved for just this purpose. The are addresses that
are always recognized as local, and will never be routed onto the internet.
The following is taken directly from RFC-1597, the relevant internet standard:
Private Address Space
The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private networks:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
...
An enterprise that decides to use IP addresses out of the address
space defined in this document can do so without any coordination
with IANA or an Internet registry. The address space can thus be
used by many enterprises. Addresses within this private address
For what it's worth, the name "localhost" and the address "127.0.0.1"
refer to yourself - the machine you're running on. Also, note that
because of the range of addresses involved, the first range above
would have a netmask of /8 (255.0.0.0); the second /16 (255.255.0.0);
and the third /24 (255.255.255.0).
DHCP and NAT
There are two very important protocols for the automated handling
of IP addresses: DHCP and NAT.
DHCP is Dynamic Host something or other. It means that the IP information for clients is handed out automatically at connect time. Instead of having to set all the TCP/IP settings in your network or TCP/IP control panel, your machine looks for a "DHCP Server", and from that it gets its own IP address, the DNS addresses, the gateway address and the netmask. This is way cool, because the client doesn't have to do anything except set himself to Get IP information Automatically.
NAT is Network Address Translation. It is a method whereby an IP address in a local LAN is translated into something else out on the internet. This is usually exactly what you want if you've got a small local network set up to connect to an ISP. The machines on your local net get the private IP addresses defined above, and your router uses NAT to on the fly translate them into IP addresses that will work over the internet. Because of how IP packets are set up, they can all have the same IP address, and still the router will be able to direct the right traffic to the right computer.
So the best deal for your local network is have a router that has DHCP and NAT built in, and most now do. The DHCP lets the router hand out IP addresses (and DNS, netmask, and gateway) to your local machines so you don't have to configure each one individually. The NAT lets the router transate local addresses supplied by the DHCP, like "10.0.0.1" into something that can go out over the internet with a legal address.
Setting up your Router
If you have a small network that you're going to connect to the Internet via DSL, ISDN,
a cable modem, or something else, then the key piece of equipment you want is a Router
for that connection method that can do DHCP and NAT. This essentially guarantees success.
Simple Configuration
In the simplest set-up, which is probably what will be the default, you router will
get it's own IP info from your ISP using DHCP. That gives it its own address, a gateway,
netmask, and DNS servers. Your router is also a DHCP server to your own internal network.
When machines come up on your network, they automatically get their own IP address (usually
10.0.0.1 - 10.0.0.255 range), a netmask (255.255.255.0), DNS addresses (the same ones the
router got when it connected) and a gateway address (the real IP address of the router, that it
got from your ISP's DHCP server.)
With this setup, you can have up to 255 machines on your local network, all working over the internet simultaneously.
Custom Configuration
If you need for some of the machines on your internal network to be "recognized" on the outside, either
as a named server or because you want to get through your company's firewall, then you need
fixed IP addresses. In this case, your ISP will probably assign you a range of 8 addresses.
For example, my address range is 63.225.95.56 to 63.225.95.63. My netmask is 255.255.255.248.
The top address (...63) is special; it
is called a "broadcast address" and should not be used for a machine. The next lower address
is typically the router; my DSL router is at 63.255.95.62.
The rest of the addresses in the range can be used
for individual client machines. My router hands them out using DHCP. I have set up my router with a
DHCP pool consisting of addresses 63.255.95.56 through 63.255.95.61. Actually 61 is permanently
assigned to my AirPort, which is another router, so there are only a few addresses left for
DHCP, but it's still better than setting up each machine individually.
Back to the Closet
Network Primer |
Wiring |
LANs |
WANs |
Glossary |
Links