Post

Understanding IP Protocol and Subnetting for Beginners

A beginner-friendly guide to understanding IP protocols and subnetting, essential for anyone starting out in networking or cybersecurity.

Understanding IP Protocol and Subnetting for Beginners

What is IP?

  • IP (Internet Protocol) is a foundational protocol at the Network layer (Layer 3) of the OSI model.
  • It is responsible for addressing, routing, and delivering data packets across interconnected networks, forming the backbone of the Internet.
  • As data traverses the network stack, each protocol layer adds its own header—a structured block of metadata that guides the packet’s journey.
  • The IP header transforms data into a packet (the Protocol Data Unit, or PDU, for IP), containing all the information needed for delivery.

IP Versions

  • IPv4: The most widely deployed version, IPv4 uses 32 bits (4 octets) to represent addresses, supporting about 4.3 billion unique addresses.
    • IPv4 addresses are typically written in dotted decimal notation (e.g., 192.168.1.1).
    • Due to the rapid growth of the Internet, IPv4 address exhaustion became a concern.
  • IPv6: Developed to overcome IPv4 limitations, IPv6 uses 128 bits (16 bytes), enabling an almost limitless pool of addresses.
    • IPv6 addresses are written in hexadecimal and separated by colons (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).
    • IPv6 also introduces features like simplified headers, improved security, and better support for mobile devices.

IP Headers

IP Headers

  • Every IP packet contains a header with fields that describe, manage, and route packets across networks.
  • The structure and standards for IP headers are defined by the Internet Engineering Task Force (IETF) in documents called RFCs (Requests for Comments).
  • Key IPv4 header fields:
    • Version: 4 bits, specifies the IP version (IPv4 or IPv6).
    • Header Length: 4 bits, indicates the length of the header in 32-bit words.
    • Type of Service (ToS): 8 bits, used for Quality of Service (QoS) to prioritize certain types of traffic.
    • Total Length: 16 bits, specifies the entire packet size (header + data).
    • Identification, Flags, Fragment Offset: Used for packet fragmentation and reassembly when packets are too large for the underlying network.
    • Time to Live (TTL): 8 bits, limits the number of hops a packet can take before being discarded, preventing infinite loops.
    • Protocol: 8 bits, identifies the next protocol (e.g., TCP, UDP, ICMP).
    • Header Checksum: 16 bits, used for error-checking the header.
    • Source Address: 32 bits, the sender’s IP address.
    • Destination Address: 32 bits, the receiver’s IP address.
  • IPv6 headers are simpler, with fewer fields, but include extension headers for additional features.

Note: The term octet (8 bits) is used instead of byte for clarity, as not all systems historically used 8-bit bytes.

IP Addressing

  • IPv4 addresses consist of 4 octets, each ranging from 0 to 255, separated by dots.
  • Special IPv4 address ranges:
    • Loopback: 127.0.0.0–127.255.255.255 (commonly 127.0.0.1), used for testing and diagnostics on the local machine.
    • Private networks (RFC 1918):
      • 10.0.0.0–10.255.255.255
      • 172.16.0.0–172.31.255.255
      • 192.168.0.0–192.168.255.255
    • Multicast: 224.0.0.0–239.255.255.255, used for one-to-many communication.
    • Reserved: 240.0.0.0 and above, set aside for future or experimental use.
  • Public addresses are globally routable, while private addresses are used within local networks and require NAT (Network Address Translation) for Internet access.

IPv6 Addressing

  • IPv6 addresses are 128 bits (16 bytes) long, written in hexadecimal and separated by colons.
    • Example: fe80::62e3:5ec3:3e06:daa2
  • Types of IPv6 addresses:
    • Unicast: Identifies a single unique interface.
    • Anycast: Sent to the nearest member of a group of interfaces, based on routing distance.
    • Multicast: Sent to multiple interfaces simultaneously, replacing IPv4 broadcast.
  • No broadcast addresses exist in IPv6; multicast is used instead.
  • IPv6 supports stateless address autoconfiguration (SLAAC), allowing devices to self-assign addresses.

Subnetting

  • Subnetting divides a larger IP address space into smaller, more manageable networks (subnets), improving organization, security, and efficiency.
  • A subnet mask is a 32-bit number that indicates which part of an IP address refers to the network and which part refers to the host.
    • Example: 255.255.255.128 in binary is 11111111.11111111.11111111.10000000
    • The number of 1s in the mask = network bits; the 0s = host bits.
  • CIDR Notation (Classless Inter-Domain Routing) uses a slash and a prefix length to specify the network portion (e.g., /25 means 25 bits for the network).
    • Example: 172.20.30.42/25 means the first 25 bits are the network, and the remaining bits are for hosts.
  • Calculating hosts per subnet:
    • /24 = 256 addresses (254 usable for hosts)
    • /25 = 128 addresses (126 usable)
    • /23 = 512 addresses (510 usable)
  • Network and broadcast addresses: The first (network) and last (broadcast) addresses in each subnet cannot be assigned to hosts.
  • Subnetting benefits:
    • Reduces broadcast domains, improving network performance.
    • Enhances security by isolating network segments.
    • Allows for efficient IP address allocation.

Subnetting in IPv6

  • IPv6 does not use subnet masks; only CIDR notation is used (e.g., /50).
  • The prefix length defines the network portion, and the remaining bits are available for hosts, allowing for extremely large subnets.
  • IPv6 subnets are typically much larger than IPv4, simplifying network design and management.

Key Takeaways

  • IP is the backbone of all networking, with IPv4 and IPv6 as the main versions in use today.
  • Headers and addressing are crucial for routing, delivery, and management of network traffic.
  • Subnetting allows for efficient organization, security, and control of network resources.
  • Mastering these concepts is essential for pentesting, network troubleshooting, and effective network management.
  • Understanding how IP works, how addresses are structured, and how subnetting operates will help you design, secure, and troubleshoot modern networks with confidence.
This post is licensed under CC BY 4.0 by the author.