Network+ Guide to Networks, 6th ed. PDF
Document Details
Uploaded by Deleted User
Marcin Antkiewicz
Tags
Summary
This textbook, "Network+ Guide to Networks, 6th ed.", details TCP/IP protocols, providing practical examples and an on-the-job type scenario. It covers topics such as core TCP/IP functions, the TCP/IP model, addressing schemes (IPv4 and IPv6), DHCP, DNS, and common application layer protocols. Suitable for network professionals.
Full Transcript
cchapter hapter 4 Introduction to TCP/IP Protocols After reading t...
cchapter hapter 4 Introduction to TCP/IP Protocols After reading this chapter and completing the exercises, you will be able to: Identify and explain the functions of the core TCP/IP protocols Explain the TCP/IP model and how it corresponds to the OSI model Discuss addressing schemes for TCP/IP in IPv4 and IPv6 and explain how addresses are assigned automatically using DHCP (Dynamic Host Configuration Protocol) Describe the purpose and implementation of DNS (Domain Name System) Identify the well-known ports for key TCP/IP services Describe how common Application layer TCP/IP protocols are used 139 Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 140 Chapter 4 Introduction to TCP/IP Protocols O Onn the Job I woke up to a message from an on-call engineer, Bill, saying, “Help, I am out of ideas for DNS troubleshooting!” Twenty minutes later, as I walked into the office, he recited a chaotic list of all the troubleshooting steps he took and every possible problem that could have caused the issue at hand. We took a walk to the vending machines so I could get caffeine and the story. Dying server hardware forced Bill to move a number of services to new hardware. DNS was scheduled to be last, as the configuration was simple, and moving it was supposed to be a quick and easy task. Everything seemed to work fine, but queries for all of the Internet and a test internal domain were not being answered. The OS configuration and DNS server settings all seemed fine, but no matter what we tweaked, the service did not work right. Because Bill knew more about DNS than I did, there was little reason for a detailed walk-through of the configurations. I took a quick look, in hope of finding some- thing obvious that he had missed, but the configuration was sound. Since no trivial fix was available, I reverted to basic troubleshooting mode and started to work through a simple list of items to check: “ping localhost, ping the interface, ping the router, and a host beyond it….” The last check returned “connect: Network is unreachable.” A quick glance at the route table explained the issue: There was no default route. Without a way to forward traffic, no host outside of a few statically defined internal networks were reachable, including all of the root DNS servers. The fix was simple and, once the service was restored, I helped a bit with moving other services. Another set of eyes is an invaluable asset during late-night work, and I had to work off all that caffeine. Marcin Antkiewicz In Chapter 1, you learned that a protocol is a rule that governs how computers on a network exchange data and instructions. Without protocols, devices could not interpret the signals sent by other devices, and data would go nowhere. In Chapter 2, you learned about the tasks associated with each layer of the OSI model, such as formatting, addressing, and error correc- tion. You also learned that these tasks are performed by protocols. In this chapter, you will learn about the most commonly used networking protocols, their components, and their func- tions. This chapter is not an exhaustive study of protocols, but rather a practical guide to applying them. At the end of the chapter, you will have the opportunity to customize how your networked computer uses protocols. You will also analyze realistic networking scenarios pertaining to protocols and devise your own solutions. Because protocols form the foundation of network communications, you must fully understand them to manage a network effectively. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. The TCP/IP Model 141 In the networking industry, the term protocol is sometimes used to refer to a group, or suite, of individual protocols that work together. In the sections that follow, you will learn about the protocol suite that is used on virtually all networks today—TCP/IP. As a network profes- sional, you may occasionally encounter obsolete protocol suites that are not detailed in this chapter. But you will definitely encounter TCP/IP both on the job and in the Network+ certification exam. To be successful, you need to understand TCP/IP in depth. Characteristics of TCP/IP (Transmission Control Protocol/ 4 Internet Protocol) TCP/IP (Transmission Control Protocol/Internet Protocol) is not simply one protocol, but rather a suite of specialized protocols—including TCP, IP, UDP, ARP, and many others— 1.6 called subprotocols. Most network administrators refer to the entire group as “TCP/IP,” or sometimes simply “IP.” For example, a network administrator might say, “Our network only runs IP” when she means that all of the network’s services rely on TCP/IP subprotocols. TCP/IP’s roots lie with the United States Department of Defense, which developed TCP/IP for its Advanced Research Projects Agency network (ARPANET, the precursor to today’s Internet) in the late 1960s. UNIX and Linux have always relied on TCP/IP. The most recent versions of all other network operating systems also use TCP/IP as their default protocol. Though other protocol suites exist, TCP/IP has become the standard thanks to several advantages: It is open, rather than proprietary—TCP/IP is not owned by a company, which means you do not need to purchase a license to use it. It costs nothing and its code can be edited and modified by any programmer. It is flexible—The TCP/IP suite of protocols can run on virtually any platform and connect dissimilar operating systems and devices. It is routable—TCP/IP transmissions carry Network layer addressing information that can be interpreted by routers to determine the best path for directing data over a network. Not all protocols are routable. Only routable protocols are suitable for large networks. TCP/IP is a broad topic with numerous technical, historical, and practical aspects. Advanced TCP/IP topics are covered in Chapter 9. If you want to become an expert on TCP/IP, consider investing in a book or study guide solely devoted to this suite of protocols. The TCP/IP Model The TCP/IP suite of protocols can be divided into four layers that roughly correspond 1.1 to the seven layers of the OSI model, as depicted in Figure 4-1 and described in the 1.6 following list. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 142 Chapter 4 Introduction to TCP/IP Protocols TCP/IP model Protocols and services OSI model 1.1 Application HTTP, FTP, 1.6 Application Telnet, NTP, Presentation DHCP, PING Session Transport TCP, UDP Transport Internet IP, ARP, ICMP, IGMP Network Data Link Network Interface Ethernet Physical Figure 4-1 The TCP/IP model compared with the OSI model © Cengage Learning 2013 Application layer—Roughly equivalent to the Application, Presentation, and Session layers of the OSI model. Applications gain access to the network through this layer, via protocols such as HTTP (Hypertext Transfer Protocol), FTP (File Transfer Protocol), Telnet, NTP (Network Time Protocol), DHCP (Dynamic Host Configuration Protocol), and PING (Packet Internet Groper), to name only some. Transport layer—Roughly corresponds to the Transport layer of the OSI model. This layer holds the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), which provide flow control, error checking, and sequencing. Internet layer—Equivalent to the Network layer of the OSI model. This layer holds the Internet Protocol (IP), Internet Control Message Protocol (ICMP), Internet Group Management Protocol (IGMP), and Address Resolution Protocol (ARP). These protocols handle routing and address resolution. Network Interface layer (or Link layer)—Roughly equivalent to the Data Link and Physical layers of the OSI model. Functions in this layer handle formatting of data and transmission to the network interface. Unlike the OSI model, the TCP/IP model grew to describe how protocols work after the pro- tocols were widely in use. For this reason, it is sometimes considered more practical than the OSI model, which is considered more theoretical. Understanding what functions belong to each layer of the models will come in handy when you’re troubleshooting problems. For example, a simple test might indicate that a transmission is breaking down at the Transport layer. Although you might not know the cause of the problem, narrowing down its scope in this way will lead you and your colleagues to the next step in assessing and fixing the problem. The TCP/IP Core Protocols Certain subprotocols of the TCP/IP suite, called TCP/IP core protocols, operate in the Trans- port or Network layers of the OSI model and provide basic services to protocols in other 1.6 layers. As you might guess, TCP and IP are the most significant protocols in the TCP/IP suite. These and other core protocols are introduced in the following sections. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. The TCP/IP Core Protocols 143 TCP (Transmission Control Protocol) 1.6 TCP (Transmission Control Protocol) operates in the Transport layer of the TCP/IP and OSI models and provides reliable data delivery services. TCP is a connection-oriented subproto- col, which means that a connection must be established between communicating nodes before this protocol will transmit data. As an analogy, suppose you were standing by a lake trying to communicate with a friend in a boat floating 100 yards offshore on a foggy afternoon. You need to give her an urgent message about a storm that’s fast approaching. You could shout at her, but you might not know whether she heard you correctly, if at all. To be certain she gets your message, it would be better to call her cell phone and talk. Similar to complet- 4 ing a phone call and making sure your friend answers and can hear you before you tell her about the storm, in data communications, TCP is the protocol that ensures a connection has been made before it allows the message to continue. TCP further ensures reliable data delivery through sequencing and checksums. In the analogy of communicating with a friend offshore, this would be similar to asking her to confirm that she understood your warning. Without TCP’s connection and its sequencing and checksum measures, data would be transmitted indiscriminately. If not for TCP, a host would issue data without knowing whether the destination node was offline, for example, or whether the data became corrupt during transmission. This would be like shouting a lot of warnings to your offshore friend without making sure she understood— and then walking away. Finally, TCP provides flow control to ensure that a node is not flooded with data. In the case of communicating with a friend in a boat, this would be like speaking slowly enough over the phone so that she can hear every word and understand your message. Figure 4-2 depicts the format of a TCP segment, the entity that becomes encapsulated by the IP packet in the Network layer (and, thus, becomes the IP packet’s data). Fields belonging to a TCP segment are defined in Table 4-1. Bit number: 0 16 31 Source port Destination port Sequence number Acknowledgment TCP header Header U A P R S F Reserved R C S S Y I Sliding-window size length G K H T N N Checksum Urgent pointer Options Padding Data Figure 4-2 A TCP segment © Cengage Learning 2013 Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 144 Chapter 4 Introduction to TCP/IP Protocols Table 4-1 Fields in a TCP segment 1.6 Field Length Function Source port 16 bits Indicates the port number at the source node. A port number is the address on a host where an application makes itself available to incoming or outgoing data. Destination port 16 bits Indicates the port number at the destination node. Sequence number 32 bits Identifies the data segment’s position in the stream of data segments already sent. Acknowledgment 32 bits Confirms receipt of the data via a return message to the sender. number (ACK) TCP header length 4 bits Indicates the length of the TCP header. Reserved 6 bits A field reserved for later use. Flags 6 bits A collection of six 1-bit fields that signal special conditions through flags. The following flags are available for the sender’s use: URG—If set to 1, the Urgent pointer field contains information for the receiver. ACK—If set to 1, the Acknowledgment field contains information for the receiver. (If set to 0, the receiver will ignore the Acknowledgment field.) PSH—If set to 1, it indicates that data should be sent to an application without buffering. RST—If set to 1, the sender is requesting that the connection be reset. SYN—If set to 1, the sender is requesting a synchronization of the sequence numbers between the two nodes. This code is used when TCP requests a connection to set the initial sequence number. FIN—If set to 1, the segment is the last in a sequence and the connection should be closed. Sliding-window size 16 bits Indicates how many bytes the sender can issue to a receiver while (or window) acknowledgment for this segment is outstanding. This field performs flow control, preventing the receiver from being deluged with bytes. For example, suppose a server indicates a sliding window size of 4000 bytes. Also suppose the client has already issued 1000 bytes, 250 of which have been received and acknowledged by the server. That means that the server is still buffering 750 bytes. Therefore, the client can only issue 3250 additional bytes before it receives acknowledgment from the server for the 750 bytes. Checksum 16 bits Allows the receiving node to determine whether the TCP segment became corrupted during transmission. Urgent pointer 16 bits Indicates a location in the data field where urgent data resides. Options 0–32 bits Specifies special options, such as the maximum segment size a network can handle. Padding Variable Contains filler information to ensure that the size of the TCP header is a multiple of 32 bits. Data Variable Contains data originally sent by the source node. The size of the Data field depends on how much data need to be transmitted, the constraints on the TCP segment size imposed by the network type, and the limitation that the segment must fit within an IP packet. © Cengage Learning 2013 Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. The TCP/IP Core Protocols 145 In the Chapter 2 discussion of Transport layer functions, you learned how TCP establishes connections for HTTP requests. You also saw an example of TCP segment data from an 1.6 actual HTTP request. However, you might not have understood what all of the data meant. Now that you know the function of each TCP segment field, you can interpret its contents. Figure 4-3 offers another look at the TCP segment. Transmission Control Protocol, Src Port: http (80), Dst Port: 1958 (1958), Seq: 3043958669, Ack: 937013559, Len: 0 Source port : http (80) Destination port: 1958 (1958) Sequence number: 3043958669 4 Acknowledgment number: 937013559 Header length: 24 bytes - Flags:_ 0xx0012 (SYN, ACK) 0....... = Congestion Window Reduced (CWR): Not set.0...... = ECN-Echo: Not set..0..... = Urgent: Not set...1.... = Acknowledgment: Set.... 0... = Push: Not set.....0.. = Reset: Not set......1. = Syn: Set.......0 = Fin: not set window size: 5840 Checksum: 0x206a (correct) - Options: (4bytes) Maximum segment size: 1460 bytes Figure 4-3 TCP segment data © Cengage Learning 2013 Suppose the segment in Figure 4-3 was sent from computer B to computer A. Begin interpreting the segment at the Source port line. Notice the segment was issued from com- puter B’s port 80, the port assigned to HTTP by default. It was addressed to port 1958 on computer A. The sequence number for this segment is 3043958669. The next segment that computer B expects to receive from computer A will have the sequence number of 937013559 because this is what computer B has entered in the Acknowledgment field. By simply having a value, the Acknowledgment field performs its duty of letting a node know that its last communication was received. By indicating a sequence number, the Acknowledg- ment field does double-duty. Next, look at the Header length field. It indicates that the TCP header is 24 bytes long—4 bytes larger than its minimum size—which means that some of the available options were specified or the padding space was used. In the flags category, notice that there are two unfamiliar flags: Congestion Window Reduced and ECN-Echo. These are optional flags that can be used to help TCP react to and reduce traffic congestion. They are only available when TCP is establishing a connection. However, in this segment, they are not set. Of all the possible flags in the Figure 4-3 segment, only the ACK and SYN flags are set. This means that computer B is acknowledging the last segment it received from computer A and also negotiating a synchronization scheme for sequencing. The window size is 5840, meaning that computer B can accept 5840 more bytes of data from computer A even while this segment remains unacknowledged. The Checksum field indicates the valid outcome of the error-checking algorithm used to verify the segment’s header. In this case, the checksum is 0x206a. When computer A receives this segment, it will Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 146 Chapter 4 Introduction to TCP/IP Protocols perform the same algorithm, and if the result is 0x206a, it will know the TCP header arrived without damage. Finally, this segment uses its option field to specify a maximum TCP seg- 1.6 ment size of 1460 bytes. Note that a computer doesn’t “see” the TCP segment as it’s shown in Figure 4-3. This figure was obtained by using a data analyzer program that translates each packet into a user- friendly form. From the computer’s standpoint, the TCP segment is encoded as hexadecimal characters. The computer does not need any labels to identify the fields because as long as TCP/IP protocol standards are followed, it knows exactly where each byte of data is located. The TCP segment pictured in Figure 4-3 is part of the process of establishing a connection between computer B and computer A. In fact, it is the second segment of three used to estab- lish a TCP connection. In the first step of establishing this connection, computer A issues a message to computer B with its SYN bit set, indicating the desire to communicate and synchronize sequence numbers. In its message, it sends a random number that will be used to synchronize the communication. In Figure 4-4, for example, this number is 937013558. (Its ACK bit is usually set to 0.) After computer B receives this message, it responds with a segment whose ACK and SYN flags are both set. In computer B’s transmission, the ACK field contains a number that equals the sequence number computer A originally sent plus 1. As Figure 4-4 illustrates, computer B sends the number 937013559. In this manner, com- puter B signals to computer A that it has received the request for communication and further, it expects computer A to respond with the sequence number 937013559. In its SYN field, computer B sends its own random number (in Figure 4-4, this number is 3043958669), which computer A will use to acknowledge that it received computer B’s transmission. Next, computer A issues a segment whose sequence number is 937013559 (because this is what Computer A Computer B 1 SYN with SEQ(A) = 937013558 Request for connection 2 SYN-ACK with SEQ(B) = 3043958669 Response ACK(A) = 937013559 3 ACK with SEQ(A) = 937013559 Connection ACK(B) = 3043958670 established Figure 4-4 Establishing a TCP connection © Cengage Learning 2013 Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. The TCP/IP Core Protocols 147 computer B indicated it expects to receive). In the same segment, computer A also communi- cates a sequence number via its Acknowledgment field. This number equals the sequence 1.6 number that computer B sent plus 1. In the example shown in Figure 4-4, computer A expects 3043958670 to be the sequence number of the next segment it receives from com- puter B. Thus, in its next communication (not shown in Figure 4-4), computer B will respond with a segment whose sequence number is 937013560. The two nodes continue communicat- ing this way until computer A issues a segment whose FIN flag is set, indicating the end of the transmission. TCP is not the only core protocol at the Transport layer. A similar but less complex protocol, 4 UDP, is discussed next. UDP (User Datagram Protocol) UDP (User Datagram Protocol), like TCP, belongs to the Transport layer of the TCP/IP and OSI models. Unlike TCP, however, UDP is a connectionless transport service. In other words, UDP offers no assurance that packets will be received in the correct sequence. In fact, this protocol does not guarantee that the packets will be received at all. Furthermore, it provides no error checking or sequencing. In the analogy of trying to communicate from shore to a friend on a boat, this would be like shouting into the fog without making sure she heard you correctly, if at all. UDP’s lack of sophistication makes it more efficient than TCP. It can be useful in situations in which a great volume of data must be transferred quickly, such as live audio or video transmissions over the Internet. In these cases, TCP—with its acknowledgments, checksums, and flow-control mechanisms—would only add more overhead to the transmission. UDP is also more efficient for carrying messages that fit within one data packet. In contrast to a TCP header’s 10 fields, the UDP header contains only four fields: Source port, Destination port, Length, and Checksum. Use of the Checksum field in UDP is optional. Figure 4-5 depicts a UDP segment. Contrast its header with the much larger TCP segment header shown in Figure 4-2. Bit number: 0 16 31 Source port Destination port UDP header Length Checksum Data Data Figure 4-5 A UDP segment © Cengage Learning 2013 Now that you understand the functions of and differences between TCP and UDP, you are ready to learn more about IP (Internet Protocol). Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 148 Chapter 4 Introduction to TCP/IP Protocols IP (Internet Protocol) 1.6 IP (Internet Protocol) belongs to the Internet layer of the TCP/IP model and the Network layer of the OSI model. It provides information about how and where data should be deliv- ered, including the data’s source and destination addresses. IP is the subprotocol that enables TCP/IP to internetwork—that is, to traverse more than one LAN segment and more than one type of network through a router. As you know, at the Network layer of the OSI model, data are formed into packets, also known as datagrams. The IP packet acts as an envelope for data and contains information necessary for routers to transfer data between different LAN segments. Two versions of the IP protocol are used on networks today. IPv4, which was introduced over 30 years ago, is still the standard on most networks. IPv4 is an unreliable, connection- less protocol, which means that it does not guarantee delivery of data. However, higher-level protocols of the TCP/IP suite, such as TCP, use IPv4 to ensure that data packets are delivered to the right addresses. The newer version of IP, IPv6, also known as IP next generation, or IPng, was released in 1998. Most new applications, servers, clients, and network devices support IPv6. However, due to the cost of upgrading infrastructure, many organizations have hesitated to upgrade from IPv4. Switching to IPv6 has advantages. IPv6 offers better security and better prioritiza- tion provisions than IPv4, plus automatic IP address configuration. But perhaps the most valuable advantage IPv6 offers is its promise of billions and billions of additional IP addresses through its new addressing scheme. IPv4 Packets Due to the added information it carries, IPv6 uses different packets than IPv4. The following sections describe both types of packets in detail. Figure 4-6 depicts an IPv4 packet. Its fields are explained in Table 4-2. Bit number: 0 16 31 Differentiated Version IHL Total length Services Identification Flags Fragment offset Time to Live Protocol Header checksum IP header Source IP address Destination IP address Options Padding Data (TCP segment) Data Figure 4-6 An IPv4 packet © Cengage Learning 2013 Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. The TCP/IP Core Protocols 149 Table 4-2 Fields in an IPv4 packet 1.6 Field Length Function Version 4 bits Identifies the version number of the protocol—for example, IPv4 or IPv6. The receiving workstation looks at this field first to determine whether it can read the incoming data. If it cannot, it will reject the packet. Internet header 4 bits Identifies the number of 4-byte (or 32-bit) blocks in the IPv4 header. The most length (IHL) common header length is composed of five groupings, as the minimum length of an IPv4 header is 20 4-byte blocks. This field indicates to the receiving node where data will begin (immediately after the header ends). 4 Differentiated 8 bits Informs routers the level of precedence they should apply when processing the Services (DiffServ) incoming packet. Differentiated Services allows up to 64 values and a wide range of priority handling options. Total length 16 bits Identifies the total length of the IP packet, including the header and data, in bytes. An IP packet, including its header and data, cannot exceed 65,535 bytes. Identification 16 bits Identifies the message to which a packet belongs and enables the receiving node to reassemble fragmented messages. This field and the following two fields, Flags and Fragment offset, assist in reassembly of fragmented packets. Flags 3 bits Indicates whether a message is fragmented and, if it is fragmented, whether this packet is the last in the fragment. Fragment offset 13 bits Identifies where the packet fragment belongs in the incoming set of fragments. Time to Live (TTL) 8 bits Indicates the maximum duration that the packet can remain on the network before it is discarded. Although this field was originally meant to represent units of time, on modern networks it represents the number of times a packet has been forwarded by a router, or the number of router hops it has endured. Therefore, TTL is often called the hop limit. The TTL for packets is variable and configurable, but is usually set at 32 or 64. Each time a packet passes through a router, its TTL is reduced by 1. When a router receives a datagram with a TTL equal to 1, it discards that packet (or more precisely, the frame to which it belongs). Protocol 8 bits Identifies the type of Transport layer protocol that will receive the datagram (for example, TCP or UDP). Header checksum 16 bits Allows the receiving node to calculate whether the IP header has been corrupted during transmission. If the checksum accompanying the message does not have the proper value when the packet is received, the packet is presumed to be corrupt and is discarded. Source IP address 32 bits Identifies the full IP address of the source node. Destination IP address 32 bits Indicates the full IP address of the destination node. Options Variable May contain optional routing and timing information. Padding Variable Contains filler bits to ensure that the header is a multiple of 32 bits. Data Variable Includes the data originally sent by the source node, plus information added by TCP in the Transport layer. © Cengage Learning 2013 In the Chapter 2 discussion of the OSI model’s Network layer functions, you were intro- duced to IP and the data contained in its packets. You also saw an example of IPv4 packet data from an actual HTTP request. However, you might not have understood what all of Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 150 Chapter 4 Introduction to TCP/IP Protocols the data meant. Now that you are familiar with the fields of an IPv4 packet, you can inter- pret its contents. Figure 4-7 offers another look at the IPv4 packet. 1.6 - Internet Protocol, Src Addr: 140.147.249.7 (140.147.249.7), Dst Addr: 10.11.11.51 (10.11.11.51) Version: 4 Header length: 20 bytes + Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN 0x00) Total Length: 44 Identification: 0x0000 (0) - Flags: 0x04.1.. = Don’t fragment: Set..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0x9ff3 (correct) Source: 140.147.249.7 (140.147.249.7) Destination: 10.11.11.51 (10.11.11.51) Figure 4-7 IPv4 packet data © Cengage Learning 2013 Begin interpreting the datagram in Figure 4-7 with the Version field, which indicates that this transmission relies on version 4 of the Internet Protocol. Next, notice that the datagram has a header length of 20 bytes. Because this is the minimum size for an IP header, you can deduce that the datagram contains no options or padding. In the Differentiated Services field, no options for priority handling are set, which is not unusual in routine data exchanges such as retrieving a Web page. The total length of the datagram is given as 44 bytes. This makes sense when you consider that its header is 20 bytes and the TCP segment that it encapsulates is 24 bytes. Considering that the maximum size of an IP packet is 65,535 bytes, this is a very small packet. Next in the IP datagram is the Identification field, which uniquely identifies the packet. This packet, the first one issued from computer B to computer A in the TCP connection exchange, is identified in hexadecimal notation as 0x0000. In the Flags field, which indicates whether this packet is fragmented, the Don’t fragment option is set with a value of 1. So you know that this packet is not fragmented. And because it’s not fragmented, the fragment offset field does not apply and is set to 0. This datagram’s TTL (Time to Live) is set to 64. That means that if the packet were to keep traveling across a network, it would be allowed 64 more hops before it was discarded. The Protocol field is next. It indicates that encapsulated within the packet is a TCP segment. TCP is always indicated by the hexadecimal string of 0x06. The next field provides the cor- rect header checksum answer, which is used by the recipient of this packet to determine whether the header was damaged in transit. Finally, the last two fields in the packet show the logical addresses for its source and destination. IPv6 Packets As you have learned, IPv6 was designed to offer better prioritization, better security, and a much larger range of IP addresses than IPv4. The fields in an IPv6 packet header, explained in Table 4-3 and shown in Figure 4-8, reflect those enhancements. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. The TCP/IP Core Protocols 151 0 16 31 Bit number: 1.6 Version Traffic class Flow label Payload length Next header Hop limit Source address 4 Destination address Figure 4-8 An IPv6 packet header © Cengage Learning 2013 Table 4-3 Fields in an IPv6 packet Field Length Function Version 4 bits Indicates what IP version the packet uses. Traffic class 8 bits Identifies the packet’s priority. It is similar, but not the same as the Type of service field in IPv4 packets. Flow label 20 bits Indicates which flow, or sequence of packets issued from one source to one or multiple destinations, the datagram belongs to. Routers interpret flow information to ensure that packets belonging to the same transmission arrive together. Flow information may also help with traffic prioritization. Payload length 16 bits Indicates the size of the payload, or data carried by the packet. Unlike the Total length field in IPv4 packets, the Payload length in IPv6 packets does not refer to the size of the whole packet. Next header 8 bits Identifies the type of header that immediately follows the IP packet header, usually TCP or UDP. Hop limit 8 bits Indicates the number of times that the packet can be forwarded by routers on the network, similar to the TTL field in IPv4 packets. When the hop limit reaches 0, the packet is discarded. Source address 128 bits Identifies the full IP address of the transmitting node. Destination address 128 bits Identifies the full IP address of the receiving node. © Cengage Learning 2013 If you compare the fields and functions listed in Table 4-3 with those listed for the IPv4 packet in Table 4-2, you’ll notice some similarities and some differences. For example, both packets begin with a 4-bit Version field. Other fields, such as the TTL in IPv4 and the Hop limit in IPv6, are similar, but slightly different. One striking difference between the two ver- sions is that IPv6 packets accommodate the much longer IPv6 addresses. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 152 Chapter 4 Introduction to TCP/IP Protocols Figure 4-9 shows the contents of an actual IPv6 packet header. This packet formed part of a message issued by PING, a common diagnostic tool that is described in detail later in this chapter. 1.6 First in the header comes the Version field, which indicates that this transmission relies on version 6 of the Internet Protocol, expressed in binary format as 0110. (Recall from Chapter 2’s discussion of binary conversion that 0110 would be 0 x 8 + 1 x 4 + 1 x 2 + 0 x 1, or 6, in decimal format.) Figure 4-9 IPv6 packet data © Cengage Learning 2013 Next, notice that the Traffic class and Flow label field are both set to 0x0000000. That means values for these fields have not been specified. Without Traffic class or Flow label information, routers receiving this packet will not prioritize it or make any guarantees that it will reach its desti- nation at the same time as any other packets. For many types of traffic, this is perfectly acceptable. Next in the IPv6 header comes the Payload field, with a value of 64, which means the packet carries 64 bits of data. Considering that IPv6 packets may carry payloads as large as 64 KB, this is a very small packet. The Next header field in this packet indicates that the data in the payload belongs to an ICMP transmission. (ICMP is also described later in this chapter.) The IPv6 datagram’s Hop limit is set to 64. That means that if the packet were to keep traveling across a network, it could be forwarded by routers 64 times before it was dis- carded. Finally, the last two fields in the packet show the IP addresses for the packet’s source and destination, 2001:470:1f10:1a6::2 and 2001:470:1f10:1a6::1, respectively. It’s useful to understand the differences between IPv4 and IPv6 transmissions before learning about other TCP/IP protocols. For example, the protocols described in the next two sections, IGMP and ARP, are used only on IPv4 networks. The functions they provide have become part of the IPv6 protocol and no longer need to be provided by separate Network layer protocols. IGMP (Internet Group Management Protocol) Another core TCP/IP protocol is IGMP (Internet Group Management Protocol or Internet Group Multicast Protocol). IGMP operates at the Network layer of the OSI model and manages multicasting on networks running IPv4. Multicasting is a transmission method that allows one node to send data to a defined group of nodes. Whereas most data transmission occurs on a point- to-point basis, multicasting is a point-to-multipoint method. And unlike a broadcast transmission, a multicast transmission does not necessarily issue transmissions to every node on a segment. Multi- casting can be used for teleconferencing or videoconferencing over the Internet, for example. Rou- ters use IGMP to determine which nodes belong to a certain multicast group and to transmit data to all nodes in that group. Network nodes use IGMP to join or leave multicast groups at any time. ARP (Address Resolution Protocol) ARP (Address Resolution Protocol) is a Network layer protocol used with IPv4 that obtains the MAC (physical) address of a host, or node, and then creates a database that maps the MAC address to the host’s IP address. If one node needs to know the MAC address of another node on Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. IPv4 Addressing 153 the same network, the first node issues a broadcast message to the network, using ARP, that essentially says, “Will the computer with the IP address 1.2.3.4 please send me its MAC 1.6 address?” In the context of networking, a broadcast is a transmission that is simultaneously sent to all nodes on a particular network segment. The node that has the IP address 1.2.3.4 then broadcasts a reply that contains the physical address of the destination host. To make ARP more efficient, computers save recognized MAC-to-IP address mappings on their hard disks in a database known as an ARP table (also called an ARP cache). After a computer has saved this information, the next time it needs the MAC address for another device, it finds the address in its ARP table and does not need to broadcast another request. Although the precise 4 format of ARP tables may vary from one operating system to another, the essential contents of the table and its purpose remain the same. A sample ARP table is shown in Figure 4-10. Figure 4-10 Sample ARP table © Cengage Learning 2013 An ARP table can contain two types of entries: dynamic and static. Dynamic ARP table entries are created when a client makes an ARP request that cannot be satisfied by data already in the ARP table. Static ARP table entries are those that someone has entered manually using the ARP utility. The ARP utility, accessed via the arp command from a Windows command prompt or a UNIX or Linux shell prompt, provides a way of obtaining information from and manipu- lating a device’s ARP table. For example, you can view a Windows workstation’s ARP table by typing arp -a at the command line and pressing Enter. ARP can be a valuable troubleshooting tool for discovering the identity of a machine whose IP address you know, or for identifying the problem of two machines trying to use the same IP address. ICMP (Internet Control Message Protocol) Whereas IP helps direct data to its correct destination, ICMP (Internet Control Message Pro- tocol) is a Network layer core protocol that reports on the success or failure of data delivery. It can indicate when part of a network is congested, when data fails to reach its destination, and when data has been discarded because the allotted time for its delivery (its TTL) expired. ICMP announces these transmission failures to the sender, but ICMP cannot correct any of the errors it detects; those functions are left to higher-layer protocols, such as TCP. However, ICMP’s announcements provide critical information for troubleshooting network problems. IPv6 relies on ICMPv6 (Internet Control Message Protocol version 6) to perform the functions that ICMP, IGMP, and ARP perform in IPv4. In other words, ICMPv6 detects and reports data transmission errors, discovers other nodes on a network, and manages multicasting. IPv4 Addressing You have learned that networks recognize two kinds of addresses: logical (or Network layer) 1.2 and physical (or MAC, or hardware) addresses. Physical addresses are assigned to a device’s 1.3 NIC at the factory by its manufacturer. Logical addresses can be manually or automatically 1.6 assigned and must follow rules set by the protocol standards. In the TCP/IP protocol suite, IP Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 154 Chapter 4 Introduction to TCP/IP Protocols is the protocol responsible for logical addressing. For this reason, addresses on TCP/IP-based networks are often called IP addresses. IP addresses are assigned and used according to very 1.3 specific parameters. 1.6 Each IP address is a unique 32-bit number, divided into four octets, or sets of 8 bits, that are separated by periods. Because 8 bits equals 1 byte, each octet is a byte, and an IP address is thus composed of 4 bytes. An example of a valid IP address is 144.92.43.178. An IP address contains two types of information: network and host. From the first octet, you can determine the network class. In traditional IP addressing, three types of network classes are used for LANs: Class A, Class B, and Class C. (In Chapter 9, however, you’ll learn about developments that allow networks to circumvent such class designations.) Table 4-4 sum- marizes characteristics of the three commonly used classes of TCP/IP-based networks. In addition, Class D and Class E addresses do exist, but are rarely used. Class D addresses, which begin with an octet whose value is between 224 and 239, are reserved for multicasting. IETF (Internet Engineering Task Force) reserves Class E addresses, which begin with an octet whose value is between 240 and 254, for experimental use. You should never assign Class D or Class E addresses to devices on your network. Certain octets in an IP address are reserved for special functions. The number 0 is reserved to act as a placeholder when referring to an entire group of computers on a network—for exam- ple, 10.0.0.0 represents all of the devices whose first octet is 10. The number 255, when used in the host portion of an address, indicates a broadcast transmission. Sending a message to the address 147.82.255.255, for example, sends a message to all devices connected to the 147.82.0.0 network. Table 4-4 Commonly used TCP/IP classes Maximum addressable Network class Beginning octet Number of networks hosts per network A 1–126 126 16,777,214 B 128–191 > 16,000 65,534 C 192–223 > 2,000,000 254 © Cengage Learning 2013 A portion of each IP address contains clues about the network class. An IP address whose first octet is in the range of 1–126 belongs to a Class A network. All IP addresses for devices on a Class A segment share the same first octet, or bits 0 through 7, as shown in Figure 4-11. For example, nodes with the following IP addresses may belong to the same Class A network: 23.78.110.109, 23.164.32.97, 23.48.112.43, and 23.108.37.22. In this example, 23 is the network ID. The second through fourth octets (bits 8 through 31) in a Class A address identify the host. An IP whose first octet is in the range of 128–191 belongs to a Class B network. All IP addresses for devices on a Class B segment share the first two octets, or bits 0 through 15. For example, nodes with the following IP addresses may belong to the same Class B network: 168.34.88.29, 168.34.55.41, 168.34.73.49, and 168.34.205.113. In this example, 168.34 is the network ID. The third and fourth octets (bits 16 through 31) on a Class B network identify the host, as shown in Figure 4-11. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. IPv4 Addressing 155 Bit 1.3 #0 78 Class A 31 1.6 Network Host information information Bit Class B #0 15 16 31 Network information Host information 4 Bit #0 Class C 23 24 31 Network information Host information Figure 4-11 IPv4 addresses and their classes © Cengage Learning 2013 An IP address whose first octet is in the range of 192–223 belongs to a Class C network. All IP addresses for devices on a Class C segment share the first three octets, or bits 0 through 23. For example, nodes with the following addresses may belong to the same Class C network: 204.139.118.7, 204.139.118.54, 204.139.118.14, and 204.139.118.31. In this example, 204.139.118 is the network ID. The fourth octet (bits 24 through 31) on a Class C network identifies the host, as shown in Figure 4-11. Internet founders intended the use of network classes to provide easy organization and a sufficient quantity of IP addresses on the Internet. However, their goals haven’t necessarily been met. Class A addresses were distributed liberally to large companies and government organizations who were early users of the Internet, such as IBM. Some organizations reserved many more addresses than they had devices. Class B addresses were distributed to midsized organizations and Class C addresses to smaller organizations, such as colleges. Today, many Internet addresses go unused, but cannot be reassigned because an organization has reserved them. Although potentially more than 4.3 billion Internet addresses are available, the demand for such addresses grows exponentially every year. To respond to this demand, a new addres- sing scheme was developed that can supply the world with enough addresses to last well into this century. IP version 6 (IPv6) incorporates this new addressing scheme. You will learn more about IPv6 addressing later in this chapter. In addition, some IP addresses are reserved for special functions, like broadcasts, and cannot be assigned to machines or devices. Notice that 127 is not a valid first octet for any IPv4 address. The range of addresses beginning with 127 is reserved for a device communicating with itself, or performing loopback communication. Thus, the IP address 127.0.0.1 is called a loopback address. Attempting to contact this IP number—in other words, attempting to con- tact your own machine—is known as a loopback test. (In fact, when you transmit to any IP address beginning with the 127 octet, you are communicating with your own machine.) A loopback test can prove useful when troubleshooting problems with a workstation’s TCP/IP communications. If you receive a positive response from a loopback test, you know that the TCP/IP core protocols are installed and in use on your workstation. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 156 Chapter 4 Introduction to TCP/IP Protocols The command used to view IP information on a Windows workstation is ipconfig. To view your current IP information on a Windows workstation: 1.3 1.6 1. Click the Start button, select All Programs, select Accessories, and then select Command 4.3 Prompt. The Command Prompt window opens. 2. At the command prompt, type ipconfig /all and press Enter. Your workstation’s IP address information is displayed, similar to the information shown in Figure 4-12. Figure 4-12 Results of the ipconfig /all command on a Windows workstation © Cengage Learning 2013 3. Type exit and press Enter to close the Command Prompt window. To view and edit IP information on a computer running a version of the UNIX or Linux oper- ating system, use the ifconfig command. (Note that ipconfig and ifconfig differ by only one letter.) Simply type ifconfig -a at the shell prompt to view all the information about your TCP/IP connections and addresses, as shown in Figure 4-13. In this figure, the IP address is labeled inet addr. Figure 4-13 Results of the ifconfig -a command on a UNIX workstation © Cengage Learning 2013 Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. IPv4 Addressing 157 Now that you have learned the most important characteristics of IP addresses, you are ready to learn more about how computers interpret these addresses. Binary and Dotted Decimal Notation 1.3 So far, all of the IP addresses in this section have been represented in dotted decimal nota- 1.6 tion. Dotted decimal notation, the most common way of expressing IP addresses, refers to the “shorthand” convention used to represent IP addresses and make them easy for people to read. In dotted decimal notation, a decimal number between 0 and 255 represents each binary octet, for a total of 256 possibilities. A period, or dot, separates each decimal. An 4 example of a dotted decimal IP address is 131.65.10.18. Each number in a dotted decimal address has a binary equivalent. In Chapter 3, you learned how to convert decimal numbers to their binary equivalents. Converting a dotted decimal address to its binary equivalent is simply a matter of converting each octet and removing the decimal points. For example, in the dotted decimal address 131.65.10.36, the binary equiva- lent of the first octet, 131, is 10000011; the binary equivalent of the second octet, 65, is 01000001; the binary equivalent of the third octet, 10, is 00001010; and the binary equiva- lent of the fourth octet, 36, is 00100100. Therefore, the binary value for 131.65.10.36 is 10000011 01000001 00001010 00100100. Subnet Mask In addition to an IP address, every device on a network running IPv4 is assigned a sub- net mask. A subnet mask is a special 32-bit number that, when combined with a device’s IP address, informs the rest of the network about the segment or network to which the device is attached. That is, it identifies the device’s subnet. Like IP addresses, subnet masks are composed of four octets (32 bits) and can be expressed in either binary or dotted decimal notation. Subnet masks are assigned in the same way that IP addresses are assigned—either manually, within a device’s TCP/IP configuration, or automatically, through a service such as DHCP (described in detail later in this chapter). A more com- mon term for subnet mask is net mask, and sometimes simply mask, as in “a device’s mask.” You might wonder why a network node even needs a subnet mask, given that the first octet of its IP address indicates its network class. The answer lies with subnetting, a pro- cess of subdividing a single class of networks into multiple, smaller logical networks, or segments. Network managers create subnets to manage and separate network traffic and to make the best use of a limited number of IP addresses. Methods of subnetting are discussed in detail in Chapter 9. For now, it is enough to know that regardless of whether a network is sub- netted, its devices are assigned a subnet mask. On networks that use subnetting, the subnet mask varies depending on the way the network is subnetted. On networks that do not use subnetting, however, the subnet masks take on a default value, as shown in Table 4-5. To qualify for Network+ certifi- cation, you should be familiar with the default subnet masks associated with each network class. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. 158 Chapter 4 Introduction to TCP/IP Protocols Table 4-5 Default subnet masks 1.3 Network class Default subnet mask 1.6 A 1–126 255.0.0.0 B 128–191 255.255.0.0 C 192–223 255.255.255.0 © Cengage Learning 2013 IPv6 Addressing Up to this point, you have learned about IP addressing according to the IPv4 scheme. This section introduces you to addressing in IPv6 and explains the differences between addressing 1.3 1.6 in IPv4 and addressing in IPv6. For Network+ certification, you will need to understand both addressing schemes. The most notable difference between IP addresses in IPv4 and IPv6 is their size. Whereas IPv4 addresses are composed of 32 bits, IPv6 addresses are composed of eight 16-bit fields, for a total of 128 bits. The added fields and the larger address size result in an increase of 296 (or 4 billion times 4 billion times 4 billion) available IP addresses in the IPv6 addressing scheme. The addition of more IP addresses not only allows every interface on every Internet- connected device to have a unique number, but also eliminates the need for IP address conser- vation. With the increasing number of network-enabled devices, including handheld computers, telephones, home security systems, traffic cameras, and even pet-tracking systems, the limited quantity of IPv4 addresses posed a serious bottleneck. A second difference between IPv4 and IPv6 addresses is the way they are represented. Whereas each octet in an IPv4 address contains decimal numbers separated by a period (for example, 123.45.67.89), each field in an IPv6 address is typically represented in hexadecimal numbers separated by a colon. (Keep in mind that the computer still reads the binary version of this address, and if you wanted, you could also write an IPv6 address in binary format.) An example of a valid IPv6 address is FE22:00FF:002D:0000:0000:0000:3012:CCE3. Because many IPv6 addresses will contain multiple fields that have values of 0, two methods of shorthand for representing these fields have been established. One method eliminates all leading zeros—that is, zeros that precede another hexadecimal digit—within a field. For example, the field 00FF could also be written FF and the field 0000 could be written 0. Thus, FE22:00FF:002D:0000:0000:0000:3012:CCE3 can be written as FE22:FF:2D:0:0:0:3012: CCE3. A second type of shorthand substitutes :: for any number of multiple, zero-value fields. Thus, FE22:00FF:002D:0000:0000:0000:3012:CCE3 can also be written as FE22: FF:2D::3012:CCE3. The substitution of multiple zero-value fields can only be performed once within an address; otherwise, you cannot tell how many fields the :: symbol represents. For example, the IPv6 address 2001:0:0:34D0:0:0:9F77:2854 could not be abbreviated 2001::34D0::9F77:2854. It could instead be abbreviated 2001::34D0:0:0:9F77:2854 or 2001:0:0:34D0::9F77:2854. An important address to memorize is the IPv6 loopback address. Recall that in IPv4 the loop- back address has a value of 127.0.0.1. In IPv6, however, the loopback address has a value of 0:0:0:0:0:0:0:1. Abbreviated, the IPv6 loopback address becomes ::1. Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Assigning IP Addresses 159 A third difference between the two types of IP addresses is that in IPv6, addresses can reflect the scope of a transmission’s recipients—for example, a single node, a group, or a special kind of 1.3 group. One type of IPv6 address is a unicast address, or an address that represents a single 1.6 interface on a device. A unicast address is the type of address that would be assigned, for exam- ple, to a workstation’s network adapter. If you wanted to save a file from your laptop onto your company’s server using IPv6, that transmission would call for a unicast address. Also, the loop- back address is a unicast address. A multicast address represents multiple interfaces (often on multiple devices). Multicast addresses are useful for transmitting the same data to many different devices simultaneously, 4 as in point-to-multipoint communications. IPv6 allows for the specification of several types of multicast groups. For example, the global multicast group, which directs data to all reachable nodes, is akin to the broadcast transmission in IPv4. The link-local multicast group includes computers that share the same link as the transmitting node. An anycast address represents any one interface from a group of interfaces, any one of which can accept a transmission. Anycast addresses could be useful for identifying all of the routers that belong to one ISP, for example. In this instance, an Internet transmission destined for one of that ISP’s servers could be accepted by the first available router in the anycast group. The result is that the transmission finishes faster than if it had to wait for one specific router inter- face to become available. At this time, anycast addresses are not designed to be assigned to hosts, such as servers or workstations. A fourth significant difference between IPv4 and IPv6 addressing is that in IPv6, each address contains a Format Prefix, or a variable-length field at the beginning of the address that indi- cates what type