Network+ Guide to Networks, 6th ed. PDF

Summary

This textbook, "Network+ Guide to Networks, 6th ed.", details TCP/IP protocols, providing practical examples and an on-the-job type scenario. It covers topics such as core TCP/IP functions, the TCP/IP model, addressing schemes (IPv4 and IPv6), DHCP, DNS, and common application layer protocols. Suitable for network professionals.

Full Transcript

cchapter
hapter 4

Introduction to TCP/IP Protocols

After reading this chapter and completing
the exercises, you will be able to:
Identify and explain the functions of the core TCP/IP protocols
Explain the TCP/IP model and how it corresponds to the OSI model
Discuss addressing schemes for TCP/IP in IPv4 and IPv6 and explain
how addresses are assigned automatically using DHCP (Dynamic
Host Configuration Protocol)
Describe the purpose and implementation of DNS
(Domain Name System)
Identify the well-known ports for key TCP/IP services
Describe how common Application layer TCP/IP protocols are used

139
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 140 Chapter 4 Introduction to TCP/IP Protocols

O
Onn the Job

I woke up to a message from an on-call engineer, Bill, saying, “Help, I am out of
ideas for DNS troubleshooting!” Twenty minutes later, as I walked into the office,
he recited a chaotic list of all the troubleshooting steps he took and every possible
problem that could have caused the issue at hand. We took a walk to the vending
machines so I could get caffeine and the story.
Dying server hardware forced Bill to move a number of services to new hardware.
DNS was scheduled to be last, as the configuration was simple, and moving it was
supposed to be a quick and easy task. Everything seemed to work fine, but queries
for all of the Internet and a test internal domain were not being answered. The OS
configuration and DNS server settings all seemed fine, but no matter what we
tweaked, the service did not work right.
Because Bill knew more about DNS than I did, there was little reason for a detailed
walk-through of the configurations. I took a quick look, in hope of finding some-
thing obvious that he had missed, but the configuration was sound. Since no trivial
fix was available, I reverted to basic troubleshooting mode and started to work
through a simple list of items to check: “ping localhost, ping the interface, ping the
router, and a host beyond it….”
The last check returned “connect: Network is unreachable.” A quick glance at the
route table explained the issue: There was no default route. Without a way to
forward traffic, no host outside of a few statically defined internal networks were
reachable, including all of the root DNS servers.
The fix was simple and, once the service was restored, I helped a bit with moving
other services. Another set of eyes is an invaluable asset during late-night work, and
I had to work off all that caffeine.
Marcin Antkiewicz

In Chapter 1, you learned that a protocol is a rule that governs how computers on a network
exchange data and instructions. Without protocols, devices could not interpret the signals sent
by other devices, and data would go nowhere. In Chapter 2, you learned about the tasks
associated with each layer of the OSI model, such as formatting, addressing, and error correc-
tion. You also learned that these tasks are performed by protocols. In this chapter, you will
learn about the most commonly used networking protocols, their components, and their func-
tions. This chapter is not an exhaustive study of protocols, but rather a practical guide to
applying them. At the end of the chapter, you will have the opportunity to customize how
your networked computer uses protocols. You will also analyze realistic networking scenarios
pertaining to protocols and devise your own solutions. Because protocols form the foundation
of network communications, you must fully understand them to manage a network effectively.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 The TCP/IP Model 141

In the networking industry, the term protocol is sometimes used to refer to a group, or suite,
of individual protocols that work together. In the sections that follow, you will learn about
the protocol suite that is used on virtually all networks today—TCP/IP. As a network profes-
sional, you may occasionally encounter obsolete protocol suites that are not detailed in this
chapter. But you will definitely encounter TCP/IP both on the job and in the Network+
certification exam. To be successful, you need to understand TCP/IP in depth.

Characteristics of TCP/IP (Transmission Control Protocol/ 4
Internet Protocol)
TCP/IP (Transmission Control Protocol/Internet Protocol) is not simply one protocol, but
rather a suite of specialized protocols—including TCP, IP, UDP, ARP, and many others—
1.6
called subprotocols. Most network administrators refer to the entire group as “TCP/IP,” or
sometimes simply “IP.” For example, a network administrator might say, “Our network
only runs IP” when she means that all of the network’s services rely on TCP/IP
subprotocols.
TCP/IP’s roots lie with the United States Department of Defense, which developed TCP/IP
for its Advanced Research Projects Agency network (ARPANET, the precursor to today’s
Internet) in the late 1960s. UNIX and Linux have always relied on TCP/IP. The most recent
versions of all other network operating systems also use TCP/IP as their default protocol.
Though other protocol suites exist, TCP/IP has become the standard thanks to several
advantages:
It is open, rather than proprietary—TCP/IP is not owned by a company, which means
you do not need to purchase a license to use it. It costs nothing and its code can be
edited and modified by any programmer.
It is flexible—The TCP/IP suite of protocols can run on virtually any platform and
connect dissimilar operating systems and devices.
It is routable—TCP/IP transmissions carry Network layer addressing information that
can be interpreted by routers to determine the best path for directing data over a
network. Not all protocols are routable. Only routable protocols are suitable for large
networks.

TCP/IP is a broad topic with numerous technical, historical, and
practical aspects. Advanced TCP/IP topics are covered in Chapter 9.
If you want to become an expert on TCP/IP, consider investing in a
book or study guide solely devoted to this suite of protocols.

The TCP/IP Model
The TCP/IP suite of protocols can be divided into four layers that roughly correspond
1.1 to the seven layers of the OSI model, as depicted in Figure 4-1 and described in the
1.6 following list.

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 142 Chapter 4 Introduction to TCP/IP Protocols

TCP/IP model Protocols and services OSI model

1.1 Application
HTTP, FTP,
1.6
Application Telnet, NTP, Presentation
DHCP, PING
Session

Transport TCP, UDP Transport

Internet IP, ARP, ICMP, IGMP Network

Data Link
Network Interface Ethernet
Physical

Figure 4-1 The TCP/IP model compared with the OSI model
© Cengage Learning 2013

Application layer—Roughly equivalent to the Application, Presentation, and Session
layers of the OSI model. Applications gain access to the network through this layer,
via protocols such as HTTP (Hypertext Transfer Protocol), FTP (File Transfer
Protocol), Telnet, NTP (Network Time Protocol), DHCP (Dynamic Host
Configuration Protocol), and PING (Packet Internet Groper), to name only some.
Transport layer—Roughly corresponds to the Transport layer of the OSI model. This
layer holds the Transmission Control Protocol (TCP) and User Datagram Protocol
(UDP), which provide flow control, error checking, and sequencing.
Internet layer—Equivalent to the Network layer of the OSI model. This layer holds
the Internet Protocol (IP), Internet Control Message Protocol (ICMP), Internet Group
Management Protocol (IGMP), and Address Resolution Protocol (ARP). These
protocols handle routing and address resolution.
Network Interface layer (or Link layer)—Roughly equivalent to the Data Link and
Physical layers of the OSI model. Functions in this layer handle formatting of data
and transmission to the network interface.
Unlike the OSI model, the TCP/IP model grew to describe how protocols work after the pro-
tocols were widely in use. For this reason, it is sometimes considered more practical than the
OSI model, which is considered more theoretical. Understanding what functions belong to
each layer of the models will come in handy when you’re troubleshooting problems. For
example, a simple test might indicate that a transmission is breaking down at the Transport
layer. Although you might not know the cause of the problem, narrowing down its scope in
this way will lead you and your colleagues to the next step in assessing and fixing the
problem.

The TCP/IP Core Protocols
Certain subprotocols of the TCP/IP suite, called TCP/IP core protocols, operate in the Trans-
port or Network layers of the OSI model and provide basic services to protocols in other
1.6
layers. As you might guess, TCP and IP are the most significant protocols in the TCP/IP
suite. These and other core protocols are introduced in the following sections.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 The TCP/IP Core Protocols 143

TCP (Transmission Control Protocol)
1.6 TCP (Transmission Control Protocol) operates in the Transport layer of the TCP/IP and OSI
models and provides reliable data delivery services. TCP is a connection-oriented subproto-
col, which means that a connection must be established between communicating nodes before
this protocol will transmit data. As an analogy, suppose you were standing by a lake trying
to communicate with a friend in a boat floating 100 yards offshore on a foggy afternoon.
You need to give her an urgent message about a storm that’s fast approaching. You could
shout at her, but you might not know whether she heard you correctly, if at all. To be certain
she gets your message, it would be better to call her cell phone and talk. Similar to complet- 4
ing a phone call and making sure your friend answers and can hear you before you tell her
about the storm, in data communications, TCP is the protocol that ensures a connection has
been made before it allows the message to continue.
TCP further ensures reliable data delivery through sequencing and checksums. In the
analogy of communicating with a friend offshore, this would be similar to asking her to
confirm that she understood your warning. Without TCP’s connection and its sequencing
and checksum measures, data would be transmitted indiscriminately. If not for TCP, a
host would issue data without knowing whether the destination node was offline, for
example, or whether the data became corrupt during transmission. This would be like
shouting a lot of warnings to your offshore friend without making sure she understood—
and then walking away.
Finally, TCP provides flow control to ensure that a node is not flooded with data. In the case
of communicating with a friend in a boat, this would be like speaking slowly enough over
the phone so that she can hear every word and understand your message.
Figure 4-2 depicts the format of a TCP segment, the entity that becomes encapsulated by the
IP packet in the Network layer (and, thus, becomes the IP packet’s data). Fields belonging to
a TCP segment are defined in Table 4-1.

Bit number: 0 16 31

Source port Destination port

Sequence number

Acknowledgment
TCP
header Header U A P R S F
Reserved R C S S Y I Sliding-window size
length G K H T N N

Checksum Urgent pointer

Options Padding

Data

Figure 4-2 A TCP segment
© Cengage Learning 2013

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 144 Chapter 4 Introduction to TCP/IP Protocols

Table 4-1 Fields in a TCP segment

1.6 Field Length Function
Source port 16 bits Indicates the port number at the source node. A port number is the address on a
host where an application makes itself available to incoming or outgoing data.

Destination port 16 bits Indicates the port number at the destination node.

Sequence number 32 bits Identifies the data segment’s position in the stream of data segments already sent.

Acknowledgment 32 bits Confirms receipt of the data via a return message to the sender.
number (ACK)

TCP header length 4 bits Indicates the length of the TCP header.

Reserved 6 bits A field reserved for later use.

Flags 6 bits A collection of six 1-bit fields that signal special conditions through flags.
The following flags are available for the sender’s use:
URG—If set to 1, the Urgent pointer field contains information for the receiver.
ACK—If set to 1, the Acknowledgment field contains information for the
receiver. (If set to 0, the receiver will ignore the Acknowledgment field.)
PSH—If set to 1, it indicates that data should be sent to an application
without buffering.
RST—If set to 1, the sender is requesting that the connection be reset.
SYN—If set to 1, the sender is requesting a synchronization of the sequence
numbers between the two nodes. This code is used when TCP requests a
connection to set the initial sequence number.
FIN—If set to 1, the segment is the last in a sequence and the connection
should be closed.

Sliding-window size 16 bits Indicates how many bytes the sender can issue to a receiver while
(or window) acknowledgment for this segment is outstanding. This field performs flow
control, preventing the receiver from being deluged with bytes. For example,
suppose a server indicates a sliding window size of 4000 bytes. Also suppose
the client has already issued 1000 bytes, 250 of which have been received
and acknowledged by the server. That means that the server is still buffering
750 bytes. Therefore, the client can only issue 3250 additional bytes before it
receives acknowledgment from the server for the 750 bytes.

Checksum 16 bits Allows the receiving node to determine whether the TCP segment became
corrupted during transmission.

Urgent pointer 16 bits Indicates a location in the data field where urgent data resides.

Options 0–32 bits Specifies special options, such as the maximum segment size a network can
handle.

Padding Variable Contains filler information to ensure that the size of the TCP header is a
multiple of 32 bits.

Data Variable Contains data originally sent by the source node. The size of the Data field
depends on how much data need to be transmitted, the constraints on the
TCP segment size imposed by the network type, and the limitation that the
segment must fit within an IP packet.

© Cengage Learning 2013

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 The TCP/IP Core Protocols 145

In the Chapter 2 discussion of Transport layer functions, you learned how TCP establishes
connections for HTTP requests. You also saw an example of TCP segment data from an
1.6
actual HTTP request. However, you might not have understood what all of the data meant.
Now that you know the function of each TCP segment field, you can interpret its contents.
Figure 4-3 offers another look at the TCP segment.

Transmission Control Protocol, Src Port: http (80), Dst Port: 1958 (1958), Seq: 3043958669, Ack: 937013559, Len: 0
Source port : http (80)
Destination port: 1958 (1958)
Sequence number: 3043958669 4
Acknowledgment number: 937013559
Header length: 24 bytes
- Flags:_ 0xx0012 (SYN, ACK)
0....... = Congestion Window Reduced (CWR): Not set.0...... = ECN-Echo: Not set..0..... = Urgent: Not set...1.... = Acknowledgment: Set.... 0... = Push: Not set.....0.. = Reset: Not set......1. = Syn: Set.......0 = Fin: not set
window size: 5840
Checksum: 0x206a (correct)
- Options: (4bytes)
Maximum segment size: 1460 bytes

Figure 4-3 TCP segment data
© Cengage Learning 2013

Suppose the segment in Figure 4-3 was sent from computer B to computer A. Begin
interpreting the segment at the Source port line. Notice the segment was issued from com-
puter B’s port 80, the port assigned to HTTP by default. It was addressed to port 1958 on
computer A. The sequence number for this segment is 3043958669. The next segment that
computer B expects to receive from computer A will have the sequence number of
937013559 because this is what computer B has entered in the Acknowledgment field. By
simply having a value, the Acknowledgment field performs its duty of letting a node know
that its last communication was received. By indicating a sequence number, the Acknowledg-
ment field does double-duty. Next, look at the Header length field. It indicates that the TCP
header is 24 bytes long—4 bytes larger than its minimum size—which means that some of
the available options were specified or the padding space was used.
In the flags category, notice that there are two unfamiliar flags: Congestion Window Reduced
and ECN-Echo. These are optional flags that can be used to help TCP react to and reduce
traffic congestion. They are only available when TCP is establishing a connection. However,
in this segment, they are not set. Of all the possible flags in the Figure 4-3 segment, only the
ACK and SYN flags are set. This means that computer B is acknowledging the last segment
it received from computer A and also negotiating a synchronization scheme for sequencing.
The window size is 5840, meaning that computer B can accept 5840 more bytes of data
from computer A even while this segment remains unacknowledged. The Checksum field
indicates the valid outcome of the error-checking algorithm used to verify the segment’s
header. In this case, the checksum is 0x206a. When computer A receives this segment, it will

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 146 Chapter 4 Introduction to TCP/IP Protocols

perform the same algorithm, and if the result is 0x206a, it will know the TCP header arrived
without damage. Finally, this segment uses its option field to specify a maximum TCP seg-
1.6
ment size of 1460 bytes.
Note that a computer doesn’t “see” the TCP segment as it’s shown in Figure 4-3. This figure
was obtained by using a data analyzer program that translates each packet into a user-
friendly form. From the computer’s standpoint, the TCP segment is encoded as hexadecimal
characters. The computer does not need any labels to identify the fields because as long as
TCP/IP protocol standards are followed, it knows exactly where each byte of data is located.
The TCP segment pictured in Figure 4-3 is part of the process of establishing a connection
between computer B and computer A. In fact, it is the second segment of three used to estab-
lish a TCP connection. In the first step of establishing this connection, computer A issues
a message to computer B with its SYN bit set, indicating the desire to communicate and
synchronize sequence numbers. In its message, it sends a random number that will be used
to synchronize the communication. In Figure 4-4, for example, this number is 937013558.
(Its ACK bit is usually set to 0.) After computer B receives this message, it responds with a
segment whose ACK and SYN flags are both set. In computer B’s transmission, the ACK
field contains a number that equals the sequence number computer A originally sent plus 1.
As Figure 4-4 illustrates, computer B sends the number 937013559. In this manner, com-
puter B signals to computer A that it has received the request for communication and further,
it expects computer A to respond with the sequence number 937013559. In its SYN field,
computer B sends its own random number (in Figure 4-4, this number is 3043958669),
which computer A will use to acknowledge that it received computer B’s transmission. Next,
computer A issues a segment whose sequence number is 937013559 (because this is what

Computer A Computer B

1
SYN with SEQ(A) = 937013558
Request for
connection

2
SYN-ACK with SEQ(B) = 3043958669
Response
ACK(A) = 937013559

3 ACK with SEQ(A) = 937013559
Connection ACK(B) = 3043958670
established
Figure 4-4 Establishing a TCP connection
© Cengage Learning 2013

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 The TCP/IP Core Protocols 147

computer B indicated it expects to receive). In the same segment, computer A also communi-
cates a sequence number via its Acknowledgment field. This number equals the sequence
1.6
number that computer B sent plus 1. In the example shown in Figure 4-4, computer A
expects 3043958670 to be the sequence number of the next segment it receives from com-
puter B. Thus, in its next communication (not shown in Figure 4-4), computer B will respond
with a segment whose sequence number is 937013560. The two nodes continue communicat-
ing this way until computer A issues a segment whose FIN flag is set, indicating the end of
the transmission.
TCP is not the only core protocol at the Transport layer. A similar but less complex protocol, 4
UDP, is discussed next.

UDP (User Datagram Protocol)
UDP (User Datagram Protocol), like TCP, belongs to the Transport layer of the TCP/IP and
OSI models. Unlike TCP, however, UDP is a connectionless transport service. In other words,
UDP offers no assurance that packets will be received in the correct sequence. In fact, this
protocol does not guarantee that the packets will be received at all. Furthermore, it provides
no error checking or sequencing. In the analogy of trying to communicate from shore to a
friend on a boat, this would be like shouting into the fog without making sure she heard
you correctly, if at all.
UDP’s lack of sophistication makes it more efficient than TCP. It can be useful in situations
in which a great volume of data must be transferred quickly, such as live audio or video
transmissions over the Internet. In these cases, TCP—with its acknowledgments, checksums,
and flow-control mechanisms—would only add more overhead to the transmission. UDP is
also more efficient for carrying messages that fit within one data packet.
In contrast to a TCP header’s 10 fields, the UDP header contains only four fields: Source
port, Destination port, Length, and Checksum. Use of the Checksum field in UDP is optional.
Figure 4-5 depicts a UDP segment. Contrast its header with the much larger TCP segment
header shown in Figure 4-2.

Bit number: 0 16 31

Source port Destination port
UDP
header
Length Checksum

Data

Data

Figure 4-5 A UDP segment
© Cengage Learning 2013

Now that you understand the functions of and differences between TCP and UDP, you are
ready to learn more about IP (Internet Protocol).

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 148 Chapter 4 Introduction to TCP/IP Protocols

IP (Internet Protocol)
1.6 IP (Internet Protocol) belongs to the Internet layer of the TCP/IP model and the Network
layer of the OSI model. It provides information about how and where data should be deliv-
ered, including the data’s source and destination addresses. IP is the subprotocol that enables
TCP/IP to internetwork—that is, to traverse more than one LAN segment and more than one
type of network through a router.
As you know, at the Network layer of the OSI model, data are formed into packets, also
known as datagrams. The IP packet acts as an envelope for data and contains information
necessary for routers to transfer data between different LAN segments.
Two versions of the IP protocol are used on networks today. IPv4, which was introduced
over 30 years ago, is still the standard on most networks. IPv4 is an unreliable, connection-
less protocol, which means that it does not guarantee delivery of data. However, higher-level
protocols of the TCP/IP suite, such as TCP, use IPv4 to ensure that data packets are delivered
to the right addresses.
The newer version of IP, IPv6, also known as IP next generation, or IPng, was released in
1998. Most new applications, servers, clients, and network devices support IPv6. However,
due to the cost of upgrading infrastructure, many organizations have hesitated to upgrade
from IPv4. Switching to IPv6 has advantages. IPv6 offers better security and better prioritiza-
tion provisions than IPv4, plus automatic IP address configuration. But perhaps the most
valuable advantage IPv6 offers is its promise of billions and billions of additional IP
addresses through its new addressing scheme.

IPv4 Packets Due to the added information it carries, IPv6 uses different packets than
IPv4. The following sections describe both types of packets in detail. Figure 4-6 depicts an
IPv4 packet. Its fields are explained in Table 4-2.

Bit number: 0 16 31

Differentiated
Version IHL Total length
Services

Identification Flags Fragment offset

Time to Live Protocol Header checksum
IP
header
Source IP address

Destination IP address

Options Padding

Data (TCP
segment) Data

Figure 4-6 An IPv4 packet
© Cengage Learning 2013

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 The TCP/IP Core Protocols 149

Table 4-2 Fields in an IPv4 packet

1.6 Field Length Function
Version 4 bits Identifies the version number of the protocol—for example, IPv4 or IPv6. The
receiving workstation looks at this field first to determine whether it can read
the incoming data. If it cannot, it will reject the packet.

Internet header 4 bits Identifies the number of 4-byte (or 32-bit) blocks in the IPv4 header. The most
length (IHL) common header length is composed of five groupings, as the minimum length
of an IPv4 header is 20 4-byte blocks. This field indicates to the receiving node
where data will begin (immediately after the header ends). 4
Differentiated 8 bits Informs routers the level of precedence they should apply when processing the
Services (DiffServ) incoming packet. Differentiated Services allows up to 64 values and a wide
range of priority handling options.

Total length 16 bits Identifies the total length of the IP packet, including the header and data, in
bytes. An IP packet, including its header and data, cannot exceed 65,535 bytes.

Identification 16 bits Identifies the message to which a packet belongs and enables the receiving
node to reassemble fragmented messages. This field and the following two
fields, Flags and Fragment offset, assist in reassembly of fragmented packets.

Flags 3 bits Indicates whether a message is fragmented and, if it is fragmented, whether
this packet is the last in the fragment.

Fragment offset 13 bits Identifies where the packet fragment belongs in the incoming set of fragments.

Time to Live (TTL) 8 bits Indicates the maximum duration that the packet can remain on the network
before it is discarded. Although this field was originally meant to represent units
of time, on modern networks it represents the number of times a packet has been
forwarded by a router, or the number of router hops it has endured. Therefore,
TTL is often called the hop limit. The TTL for packets is variable and configurable,
but is usually set at 32 or 64. Each time a packet passes through a router, its TTL is
reduced by 1. When a router receives a datagram with a TTL equal to 1, it discards
that packet (or more precisely, the frame to which it belongs).

Protocol 8 bits Identifies the type of Transport layer protocol that will receive the datagram
(for example, TCP or UDP).

Header checksum 16 bits Allows the receiving node to calculate whether the IP header has been
corrupted during transmission. If the checksum accompanying the message
does not have the proper value when the packet is received, the packet is
presumed to be corrupt and is discarded.

Source IP address 32 bits Identifies the full IP address of the source node.

Destination IP address 32 bits Indicates the full IP address of the destination node.

Options Variable May contain optional routing and timing information.

Padding Variable Contains filler bits to ensure that the header is a multiple of 32 bits.

Data Variable Includes the data originally sent by the source node, plus information added
by TCP in the Transport layer.

© Cengage Learning 2013

In the Chapter 2 discussion of the OSI model’s Network layer functions, you were intro-
duced to IP and the data contained in its packets. You also saw an example of IPv4 packet
data from an actual HTTP request. However, you might not have understood what all of
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 150 Chapter 4 Introduction to TCP/IP Protocols

the data meant. Now that you are familiar with the fields of an IPv4 packet, you can inter-
pret its contents. Figure 4-7 offers another look at the IPv4 packet.
1.6

- Internet Protocol, Src Addr: 140.147.249.7 (140.147.249.7), Dst Addr: 10.11.11.51 (10.11.11.51)
Version: 4
Header length: 20 bytes
+ Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN 0x00)
Total Length: 44
Identification: 0x0000 (0)
- Flags: 0x04.1.. = Don’t fragment: Set..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x9ff3 (correct)
Source: 140.147.249.7 (140.147.249.7)
Destination: 10.11.11.51 (10.11.11.51)

Figure 4-7 IPv4 packet data
© Cengage Learning 2013

Begin interpreting the datagram in Figure 4-7 with the Version field, which indicates that
this transmission relies on version 4 of the Internet Protocol. Next, notice that the datagram
has a header length of 20 bytes. Because this is the minimum size for an IP header, you can
deduce that the datagram contains no options or padding. In the Differentiated Services
field, no options for priority handling are set, which is not unusual in routine data
exchanges such as retrieving a Web page. The total length of the datagram is given as 44
bytes. This makes sense when you consider that its header is 20 bytes and the TCP segment
that it encapsulates is 24 bytes. Considering that the maximum size of an IP packet is
65,535 bytes, this is a very small packet.
Next in the IP datagram is the Identification field, which uniquely identifies the packet. This
packet, the first one issued from computer B to computer A in the TCP connection
exchange, is identified in hexadecimal notation as 0x0000. In the Flags field, which indicates
whether this packet is fragmented, the Don’t fragment option is set with a value of 1. So you
know that this packet is not fragmented. And because it’s not fragmented, the fragment
offset field does not apply and is set to 0.
This datagram’s TTL (Time to Live) is set to 64. That means that if the packet were to keep
traveling across a network, it would be allowed 64 more hops before it was discarded. The
Protocol field is next. It indicates that encapsulated within the packet is a TCP segment.
TCP is always indicated by the hexadecimal string of 0x06. The next field provides the cor-
rect header checksum answer, which is used by the recipient of this packet to determine
whether the header was damaged in transit. Finally, the last two fields in the packet show
the logical addresses for its source and destination.

IPv6 Packets As you have learned, IPv6 was designed to offer better prioritization,
better security, and a much larger range of IP addresses than IPv4. The fields in an
IPv6 packet header, explained in Table 4-3 and shown in Figure 4-8, reflect those
enhancements.

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 The TCP/IP Core Protocols 151

0 16 31
Bit number:
1.6 Version Traffic class Flow label

Payload length Next header Hop limit

Source address

4

Destination address

Figure 4-8 An IPv6 packet header
© Cengage Learning 2013

Table 4-3 Fields in an IPv6 packet

Field Length Function
Version 4 bits Indicates what IP version the packet uses.

Traffic class 8 bits Identifies the packet’s priority. It is similar, but not the same as the Type
of service field in IPv4 packets.

Flow label 20 bits Indicates which flow, or sequence of packets issued from one source to one
or multiple destinations, the datagram belongs to. Routers interpret flow
information to ensure that packets belonging to the same transmission
arrive together. Flow information may also help with traffic prioritization.

Payload length 16 bits Indicates the size of the payload, or data carried by the packet. Unlike
the Total length field in IPv4 packets, the Payload length in IPv6 packets
does not refer to the size of the whole packet.

Next header 8 bits Identifies the type of header that immediately follows the IP packet
header, usually TCP or UDP.

Hop limit 8 bits Indicates the number of times that the packet can be forwarded by
routers on the network, similar to the TTL field in IPv4 packets. When
the hop limit reaches 0, the packet is discarded.

Source address 128 bits Identifies the full IP address of the transmitting node.

Destination address 128 bits Identifies the full IP address of the receiving node.

© Cengage Learning 2013

If you compare the fields and functions listed in Table 4-3 with those listed for the IPv4
packet in Table 4-2, you’ll notice some similarities and some differences. For example, both
packets begin with a 4-bit Version field. Other fields, such as the TTL in IPv4 and the Hop
limit in IPv6, are similar, but slightly different. One striking difference between the two ver-
sions is that IPv6 packets accommodate the much longer IPv6 addresses.

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 152 Chapter 4 Introduction to TCP/IP Protocols

Figure 4-9 shows the contents of an actual IPv6 packet header. This packet formed part of a
message issued by PING, a common diagnostic tool that is described in detail later in this chapter.
1.6
First in the header comes the Version field, which indicates that this transmission relies on version
6 of the Internet Protocol, expressed in binary format as 0110. (Recall from Chapter 2’s discussion
of binary conversion that 0110 would be 0 x 8 + 1 x 4 + 1 x 2 + 0 x 1, or 6, in decimal format.)

Figure 4-9 IPv6 packet data
© Cengage Learning 2013

Next, notice that the Traffic class and Flow label field are both set to 0x0000000. That means
values for these fields have not been specified. Without Traffic class or Flow label information,
routers receiving this packet will not prioritize it or make any guarantees that it will reach its desti-
nation at the same time as any other packets. For many types of traffic, this is perfectly acceptable.
Next in the IPv6 header comes the Payload field, with a value of 64, which means the
packet carries 64 bits of data. Considering that IPv6 packets may carry payloads as large
as 64 KB, this is a very small packet. The Next header field in this packet indicates that the
data in the payload belongs to an ICMP transmission. (ICMP is also described later in this
chapter.) The IPv6 datagram’s Hop limit is set to 64. That means that if the packet were to
keep traveling across a network, it could be forwarded by routers 64 times before it was dis-
carded. Finally, the last two fields in the packet show the IP addresses for the packet’s
source and destination, 2001:470:1f10:1a6::2 and 2001:470:1f10:1a6::1, respectively.
It’s useful to understand the differences between IPv4 and IPv6 transmissions before learning
about other TCP/IP protocols. For example, the protocols described in the next two sections,
IGMP and ARP, are used only on IPv4 networks. The functions they provide have become part
of the IPv6 protocol and no longer need to be provided by separate Network layer protocols.

IGMP (Internet Group Management Protocol)
Another core TCP/IP protocol is IGMP (Internet Group Management Protocol or Internet
Group Multicast Protocol). IGMP operates at the Network layer of the OSI model and manages
multicasting on networks running IPv4. Multicasting is a transmission method that allows one
node to send data to a defined group of nodes. Whereas most data transmission occurs on a point-
to-point basis, multicasting is a point-to-multipoint method. And unlike a broadcast transmission, a
multicast transmission does not necessarily issue transmissions to every node on a segment. Multi-
casting can be used for teleconferencing or videoconferencing over the Internet, for example. Rou-
ters use IGMP to determine which nodes belong to a certain multicast group and to transmit data
to all nodes in that group. Network nodes use IGMP to join or leave multicast groups at any time.

ARP (Address Resolution Protocol)
ARP (Address Resolution Protocol) is a Network layer protocol used with IPv4 that obtains
the MAC (physical) address of a host, or node, and then creates a database that maps the MAC
address to the host’s IP address. If one node needs to know the MAC address of another node on
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 IPv4 Addressing 153

the same network, the first node issues a broadcast message to the network, using ARP, that
essentially says, “Will the computer with the IP address 1.2.3.4 please send me its MAC
1.6
address?” In the context of networking, a broadcast is a transmission that is simultaneously
sent to all nodes on a particular network segment. The node that has the IP address 1.2.3.4
then broadcasts a reply that contains the physical address of the destination host.
To make ARP more efficient, computers save recognized MAC-to-IP address mappings on their
hard disks in a database known as an ARP table (also called an ARP cache). After a computer
has saved this information, the next time it needs the MAC address for another device, it finds
the address in its ARP table and does not need to broadcast another request. Although the precise 4
format of ARP tables may vary from one operating system to another, the essential contents of
the table and its purpose remain the same. A sample ARP table is shown in Figure 4-10.

Figure 4-10 Sample ARP table
© Cengage Learning 2013

An ARP table can contain two types of entries: dynamic and static. Dynamic ARP table entries
are created when a client makes an ARP request that cannot be satisfied by data already in the
ARP table. Static ARP table entries are those that someone has entered manually using the
ARP utility. The ARP utility, accessed via the arp command from a Windows command prompt
or a UNIX or Linux shell prompt, provides a way of obtaining information from and manipu-
lating a device’s ARP table. For example, you can view a Windows workstation’s ARP table by
typing arp -a at the command line and pressing Enter. ARP can be a valuable troubleshooting
tool for discovering the identity of a machine whose IP address you know, or for identifying the
problem of two machines trying to use the same IP address.

ICMP (Internet Control Message Protocol)
Whereas IP helps direct data to its correct destination, ICMP (Internet Control Message Pro-
tocol) is a Network layer core protocol that reports on the success or failure of data delivery.
It can indicate when part of a network is congested, when data fails to reach its destination,
and when data has been discarded because the allotted time for its delivery (its TTL) expired.
ICMP announces these transmission failures to the sender, but ICMP cannot correct any of
the errors it detects; those functions are left to higher-layer protocols, such as TCP. However,
ICMP’s announcements provide critical information for troubleshooting network problems.
IPv6 relies on ICMPv6 (Internet Control Message Protocol version 6) to perform the functions
that ICMP, IGMP, and ARP perform in IPv4. In other words, ICMPv6 detects and reports data
transmission errors, discovers other nodes on a network, and manages multicasting.

IPv4 Addressing
You have learned that networks recognize two kinds of addresses: logical (or Network layer)
1.2 and physical (or MAC, or hardware) addresses. Physical addresses are assigned to a device’s
1.3 NIC at the factory by its manufacturer. Logical addresses can be manually or automatically
1.6 assigned and must follow rules set by the protocol standards. In the TCP/IP protocol suite, IP
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 154 Chapter 4 Introduction to TCP/IP Protocols

is the protocol responsible for logical addressing. For this reason, addresses on TCP/IP-based
networks are often called IP addresses. IP addresses are assigned and used according to very
1.3
specific parameters.
1.6
Each IP address is a unique 32-bit number, divided into four octets, or sets of 8 bits, that are
separated by periods. Because 8 bits equals 1 byte, each octet is a byte, and an IP address is
thus composed of 4 bytes. An example of a valid IP address is 144.92.43.178.
An IP address contains two types of information: network and host. From the first octet, you
can determine the network class. In traditional IP addressing, three types of network classes
are used for LANs: Class A, Class B, and Class C. (In Chapter 9, however, you’ll learn about
developments that allow networks to circumvent such class designations.) Table 4-4 sum-
marizes characteristics of the three commonly used classes of TCP/IP-based networks.
In addition, Class D and Class E addresses do exist, but are rarely used. Class D addresses,
which begin with an octet whose value is between 224 and 239, are reserved for multicasting.
IETF (Internet Engineering Task Force) reserves Class E addresses, which begin with an octet
whose value is between 240 and 254, for experimental use. You should never assign Class D
or Class E addresses to devices on your network.
Certain octets in an IP address are reserved for special functions. The number 0 is reserved to
act as a placeholder when referring to an entire group of computers on a network—for exam-
ple, 10.0.0.0 represents all of the devices whose first octet is 10. The number 255, when used
in the host portion of an address, indicates a broadcast transmission. Sending a message to the
address 147.82.255.255, for example, sends a message to all devices connected to the
147.82.0.0 network.

Table 4-4 Commonly used TCP/IP classes

Maximum addressable
Network class Beginning octet Number of networks hosts per network
A 1–126 126 16,777,214

B 128–191 > 16,000 65,534

C 192–223 > 2,000,000 254

© Cengage Learning 2013

A portion of each IP address contains clues about the network class. An IP address whose first octet
is in the range of 1–126 belongs to a Class A network. All IP addresses for devices on a Class A
segment share the same first octet, or bits 0 through 7, as shown in Figure 4-11. For example,
nodes with the following IP addresses may belong to the same Class A network: 23.78.110.109,
23.164.32.97, 23.48.112.43, and 23.108.37.22. In this example, 23 is the network ID. The second
through fourth octets (bits 8 through 31) in a Class A address identify the host.
An IP whose first octet is in the range of 128–191 belongs to a Class B network. All IP
addresses for devices on a Class B segment share the first two octets, or bits 0 through 15.
For example, nodes with the following IP addresses may belong to the same Class B network:
168.34.88.29, 168.34.55.41, 168.34.73.49, and 168.34.205.113. In this example, 168.34 is
the network ID. The third and fourth octets (bits 16 through 31) on a Class B network
identify the host, as shown in Figure 4-11.

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 IPv4 Addressing 155

Bit
1.3 #0 78 Class A 31
1.6
Network Host information
information
Bit Class B
#0 15 16 31

Network information Host information
4
Bit
#0 Class C 23 24 31

Network information Host
information
Figure 4-11 IPv4 addresses and their classes
© Cengage Learning 2013

An IP address whose first octet is in the range of 192–223 belongs to a Class C network. All
IP addresses for devices on a Class C segment share the first three octets, or bits 0 through 23.
For example, nodes with the following addresses may belong to the same Class C network:
204.139.118.7, 204.139.118.54, 204.139.118.14, and 204.139.118.31. In this example,
204.139.118 is the network ID. The fourth octet (bits 24 through 31) on a Class C network
identifies the host, as shown in Figure 4-11.
Internet founders intended the use of network classes to provide easy organization and a
sufficient quantity of IP addresses on the Internet. However, their goals haven’t necessarily
been met. Class A addresses were distributed liberally to large companies and government
organizations who were early users of the Internet, such as IBM. Some organizations reserved
many more addresses than they had devices. Class B addresses were distributed to midsized
organizations and Class C addresses to smaller organizations, such as colleges. Today, many
Internet addresses go unused, but cannot be reassigned because an organization has reserved
them. Although potentially more than 4.3 billion Internet addresses are available, the demand
for such addresses grows exponentially every year. To respond to this demand, a new addres-
sing scheme was developed that can supply the world with enough addresses to last well into
this century. IP version 6 (IPv6) incorporates this new addressing scheme. You will learn more
about IPv6 addressing later in this chapter.
In addition, some IP addresses are reserved for special functions, like broadcasts, and cannot
be assigned to machines or devices. Notice that 127 is not a valid first octet for any IPv4
address. The range of addresses beginning with 127 is reserved for a device communicating
with itself, or performing loopback communication. Thus, the IP address 127.0.0.1 is called a
loopback address. Attempting to contact this IP number—in other words, attempting to con-
tact your own machine—is known as a loopback test. (In fact, when you transmit to any IP
address beginning with the 127 octet, you are communicating with your own machine.) A
loopback test can prove useful when troubleshooting problems with a workstation’s TCP/IP
communications. If you receive a positive response from a loopback test, you know that the
TCP/IP core protocols are installed and in use on your workstation.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 156 Chapter 4 Introduction to TCP/IP Protocols

The command used to view IP information on a Windows workstation is ipconfig. To view
your current IP information on a Windows workstation:
1.3
1.6 1. Click the Start button, select All Programs, select Accessories, and then select Command
4.3 Prompt. The Command Prompt window opens.
2. At the command prompt, type ipconfig /all and press Enter. Your workstation’s
IP address information is displayed, similar to the information shown in Figure 4-12.

Figure 4-12 Results of the ipconfig /all command on a Windows workstation
© Cengage Learning 2013

3. Type exit and press Enter to close the Command Prompt window.
To view and edit IP information on a computer running a version of the UNIX or Linux oper-
ating system, use the ifconfig command. (Note that ipconfig and ifconfig differ by
only one letter.) Simply type ifconfig -a at the shell prompt to view all the information
about your TCP/IP connections and addresses, as shown in Figure 4-13. In this figure, the
IP address is labeled inet addr.

Figure 4-13 Results of the ifconfig -a command on a UNIX workstation
© Cengage Learning 2013

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 IPv4 Addressing 157

Now that you have learned the most important characteristics of IP addresses, you are ready
to learn more about how computers interpret these addresses.

Binary and Dotted Decimal Notation
1.3 So far, all of the IP addresses in this section have been represented in dotted decimal nota-
1.6 tion. Dotted decimal notation, the most common way of expressing IP addresses, refers to
the “shorthand” convention used to represent IP addresses and make them easy for people
to read. In dotted decimal notation, a decimal number between 0 and 255 represents each
binary octet, for a total of 256 possibilities. A period, or dot, separates each decimal. An 4
example of a dotted decimal IP address is 131.65.10.18.
Each number in a dotted decimal address has a binary equivalent. In Chapter 3, you learned
how to convert decimal numbers to their binary equivalents. Converting a dotted decimal
address to its binary equivalent is simply a matter of converting each octet and removing the
decimal points. For example, in the dotted decimal address 131.65.10.36, the binary equiva-
lent of the first octet, 131, is 10000011; the binary equivalent of the second octet, 65, is
01000001; the binary equivalent of the third octet, 10, is 00001010; and the binary equiva-
lent of the fourth octet, 36, is 00100100. Therefore, the binary value for 131.65.10.36 is
10000011 01000001 00001010 00100100.

Subnet Mask
In addition to an IP address, every device on a network running IPv4 is assigned a sub-
net mask. A subnet mask is a special 32-bit number that, when combined with a device’s
IP address, informs the rest of the network about the segment or network to which the
device is attached. That is, it identifies the device’s subnet. Like IP addresses, subnet
masks are composed of four octets (32 bits) and can be expressed in either binary or
dotted decimal notation. Subnet masks are assigned in the same way that IP addresses
are assigned—either manually, within a device’s TCP/IP configuration, or automatically,
through a service such as DHCP (described in detail later in this chapter). A more com-
mon term for subnet mask is net mask, and sometimes simply mask, as in “a device’s
mask.”
You might wonder why a network node even needs a subnet mask, given that the first
octet of its IP address indicates its network class. The answer lies with subnetting, a pro-
cess of subdividing a single class of networks into multiple, smaller logical networks, or
segments.
Network managers create subnets to manage and separate network traffic and to make the
best use of a limited number of IP addresses. Methods of subnetting are discussed in detail
in Chapter 9. For now, it is enough to know that regardless of whether a network is sub-
netted, its devices are assigned a subnet mask.
On networks that use subnetting, the subnet mask varies depending on the way the
network is subnetted. On networks that do not use subnetting, however, the subnet
masks take on a default value, as shown in Table 4-5. To qualify for Network+ certifi-
cation, you should be familiar with the default subnet masks associated with each
network class.

Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 158 Chapter 4 Introduction to TCP/IP Protocols

Table 4-5 Default subnet masks

1.3 Network class Default subnet mask
1.6
A 1–126 255.0.0.0

B 128–191 255.255.0.0

C 192–223 255.255.255.0

© Cengage Learning 2013

IPv6 Addressing
Up to this point, you have learned about IP addressing according to the IPv4 scheme. This
section introduces you to addressing in IPv6 and explains the differences between addressing
1.3
1.6
in IPv4 and addressing in IPv6. For Network+ certification, you will need to understand both
addressing schemes.
The most notable difference between IP addresses in IPv4 and IPv6 is their size. Whereas IPv4
addresses are composed of 32 bits, IPv6 addresses are composed of eight 16-bit fields, for a
total of 128 bits. The added fields and the larger address size result in an increase of 296
(or 4 billion times 4 billion times 4 billion) available IP addresses in the IPv6 addressing
scheme. The addition of more IP addresses not only allows every interface on every Internet-
connected device to have a unique number, but also eliminates the need for IP address conser-
vation. With the increasing number of network-enabled devices, including handheld computers,
telephones, home security systems, traffic cameras, and even pet-tracking systems, the limited
quantity of IPv4 addresses posed a serious bottleneck.
A second difference between IPv4 and IPv6 addresses is the way they are represented.
Whereas each octet in an IPv4 address contains decimal numbers separated by a period (for
example, 123.45.67.89), each field in an IPv6 address is typically represented in hexadecimal
numbers separated by a colon. (Keep in mind that the computer still reads the binary version
of this address, and if you wanted, you could also write an IPv6 address in binary format.) An
example of a valid IPv6 address is FE22:00FF:002D:0000:0000:0000:3012:CCE3.
Because many IPv6 addresses will contain multiple fields that have values of 0, two methods of
shorthand for representing these fields have been established. One method eliminates all leading
zeros—that is, zeros that precede another hexadecimal digit—within a field. For example, the
field 00FF could also be written FF and the field 0000 could be written 0. Thus,
FE22:00FF:002D:0000:0000:0000:3012:CCE3 can be written as FE22:FF:2D:0:0:0:3012:
CCE3. A second type of shorthand substitutes :: for any number of multiple, zero-value
fields. Thus, FE22:00FF:002D:0000:0000:0000:3012:CCE3 can also be written as FE22:
FF:2D::3012:CCE3.
The substitution of multiple zero-value fields can only be performed once within an address;
otherwise, you cannot tell how many fields the :: symbol represents. For example, the IPv6
address 2001:0:0:34D0:0:0:9F77:2854 could not be abbreviated 2001::34D0::9F77:2854. It
could instead be abbreviated 2001::34D0:0:0:9F77:2854 or 2001:0:0:34D0::9F77:2854.
An important address to memorize is the IPv6 loopback address. Recall that in IPv4 the loop-
back address has a value of 127.0.0.1. In IPv6, however, the loopback address has a value of
0:0:0:0:0:0:0:1. Abbreviated, the IPv6 loopback address becomes ::1.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
 Assigning IP Addresses 159

A third difference between the two types of IP addresses is that in IPv6, addresses can reflect the
scope of a transmission’s recipients—for example, a single node, a group, or a special kind of
1.3
group. One type of IPv6 address is a unicast address, or an address that represents a single
1.6
interface on a device. A unicast address is the type of address that would be assigned, for exam-
ple, to a workstation’s network adapter. If you wanted to save a file from your laptop onto your
company’s server using IPv6, that transmission would call for a unicast address. Also, the loop-
back address is a unicast address.
A multicast address represents multiple interfaces (often on multiple devices). Multicast
addresses are useful for transmitting the same data to many different devices simultaneously, 4
as in point-to-multipoint communications. IPv6 allows for the specification of several types of
multicast groups. For example, the global multicast group, which directs data to all reachable
nodes, is akin to the broadcast transmission in IPv4. The link-local multicast group includes
computers that share the same link as the transmitting node.
An anycast address represents any one interface from a group of interfaces, any one of which
can accept a transmission. Anycast addresses could be useful for identifying all of the routers
that belong to one ISP, for example. In this instance, an Internet transmission destined for one
of that ISP’s servers could be accepted by the first available router in the anycast group. The
result is that the transmission finishes faster than if it had to wait for one specific router inter-
face to become available. At this time, anycast addresses are not designed to be assigned to
hosts, such as servers or workstations.
A fourth significant difference between IPv4 and IPv6 addressing is that in IPv6, each address
contains a Format Prefix, or a variable-length field at the beginning of the address that indi-
cates what type