Clearly, 32-bit addresses won’t
be enough for very much longer, and this is the driving reason for IPv6,
which uses 128-bit addresses, allowing a startlingly vast range of addresses:
approximately 3.402824 x 1038. Estimates vary, but this should
be rather more than enough to allow every atom in the universe a unique
IP address. Although the other changes between these versions are mostly
minor and internal, the two protocols are not directly compatible; though
they can share a network, IPv4 nodes and IPv6 nodes cannot directly communicate.
Changing from one to the other is therefore a substantial task, and the
transition will cause a comparable amount of trouble to the Y2K bug -
and will come only a few years later. Right now, however, it is IPv4 that
we must deal with, and that’s what we will look at here.
IP And Your LAN
Because the Internet is becoming so widespread as to be nearly universal,
it is also becoming more useful in business. As more companies get connected,
the viabil- ity of the Internet for business-to-business communication
increases. Similarly, as more people use the Internet for personal or
leisure purposes, its value as a way of reaching customers grows. Finally,
even if neither of these appeals, the standardisation on Internet communications
protocols and the fact that much Internet software is free means that,
even for purely internal systems, businesses can reap significant cost
savings by using Internet technologies.
As the Internet runs over IP, so do Internet-based applications. Whereas
proprie- tary email systems such as Microsoft Mail use other, protocol-independent
means of communication (such as shared file systems), Internet-based email
programs communicate over IP, so client machines need an IP-based connection
Address Class First Octet Network Mask
A 1. to 127. 255.0.0.0
B 128. to 191. 255.255.0.0
C 192. to 233. 255.255.255.0
D 224. to 239. None
Figure 1 - Summary of Internet address classes.
server. For systems which require other protocols, such as older versions
of Novell NetWare, it is possible to “tunnel” IP over other
protocols - for example, by encapsulating IP packets inside IPX packets.
If the client machine’s network stack hides this behind a standard
API, such as Windows’ WINSOCK, IP-based appli- cations can run unmodified.
As all major client and server OSes today support IP natively, even alongside
other protocols, there’s little reason to do this, although it may
be used for making secure, encrypted connections over public networks.
How It Works
The snag is that building an IP network requires significantly more planning
than when using most other protocols. IP was developed in the 1960s for
linking disparate networks - separate in both a geographical sense and
in the sense of running different, incompatible systems. Protocols such
as IPX and AppleTalk, intended for small LANs, are inherently simpler.
The first issue is IP addressing. Each device on an IP network requires
a unique address. Unlike in other protocols, this is not automatically
generated from the hardware (MAC) address; it must be manually assigned.
The word “device” here is important. It does not mean each
computer; IP addresses go by network port. For example, a server with
two Ethernet cards (such as a firewall) would need two addresses, one
per interface. Similarly, a machine with both a network card and a modem
(or terminal adapter) requires addresses for both. To make matters even
worse, it’s possible to give one port multiple addresses, a technique
called “multihoming”. For instance, this allows a single machine
to host several separate Web sites; each hostname points to a different
address, but all refer to the same machine.
The address is divided into two parts: the network number and the host
(or machine) number. All hosts on the same IP network must share the same
network number, and no two hosts may share the same host number.
Alongside the address, each port requires a subnet mask. This value is
used to split the complete address into network and host parts; in other
words, to determine whether other IP addresses are on the local network
or a remote one. These two values are the absolute minimum. Using these,
a machine will be able to communicate with others on the local network
if the other machine’s IP address is known. Additional information
is usually required, though, to be able to access nodes on other networks,
to access machines by name rather than number, and so on.
For direct access to networks beyond the current one (which isn’t
always re- quired), each machine must be told the IP address of the router
(or gateway) that connects the local network with the wider world.
For a small, server-based network with only one or two servers, access
to them by their numeric IP address may be sufficient, but usually it’s
desirable to use names instead. The most basic way of doing this is via
a local configuration file called hosts. As a minimum, this contains a
pair of entries per line, separated by spaces; first the address, then
the corresponding name. However, for all but the
Class A 8
Network Number 16
Host number 24
Host number 32
1.-127. 0.-255. 0.-255. 0.-255
Class B Network Number
128.-191. Network Number
0.-255. Host number
0.-255. Host number
Class C Network Number
192.-223. Network Number
0.-255. Network Number
0.-255. Host number
Figure 2 - Network and host numbers by class.
most trivial of networks, keeping all the local files updated rapidly
becomes a logistical nightmare, and it is desirable to set up a central
server to resolve names to addresses. For this, one or more name servers
must be set up, and each client machine configured with the name servers’
addresses. Name servers accept requests from the clients containing the
name of a machine, such as www.cix.co.uk, and return the matching IP address.
The industry standard system for this is the Domain Name Service (DNS).
Although IP was designed to be a cross-platform protocol, for many years
it was mainly used on Unix, while mainframes, minicomputers and PCs used
proprie- tary protocols (such as SNA, DECnet and NetBEUI respectively).
IP was thus sometimes perceived as the Unix protocol. On Unix, the de
facto standard package for providing DNS is the Berkeley Internet Name
Daemon (BIND). Because, on Unix, DNS and BIND go hand-in-hand, the two
abbreviations are occasionally and incorrectly used interchangeably. As
it is such a fundamental part of an IP network, both functionally and
as a performance bottleneck, most IP stacks expect to be supplied with
the addresses of at least two DNS servers - a primary and a secondary.
However, DNS configuration is complex and the full functionality is not
usually needed for a small LAN. Also, traditional DNS is static and does
not cope gracefully with addresses that may change. For this reason, in
Windows NT Server (both versions 3 and 4), Microsoft implemented its own
proprietary system to deliver basic name-resolution services: the Windows
Internet Name Service (WINS). WINS only works with Windows clients, but
is far easier to configure than BIND. It automatically builds a table
of machine names using NetBIOS broadcasts and, with a simple GUI, allows
static addresses - for instance, of Unix servers - to be added to the
database. Versions of Windows since Windows NT therefore expect WINS.
Windows for Workgroups pre-dated Windows NT, but the additional 32-bit
IP stack for Windows for Workgroups 3.11 came later; this and subsequent
versions (such as Windows 95, Windows 98 and Windows NT Workstation) have
fields in the configuration dialog for WINS servers. Windows NT even complains
if you click the OK button and these fields are left blank.