Next Previous Contents

4. This IP Thing

So the role of the IP layer is to figure out how to `route' packets to their final destination. To make this possible, every interface on the network needs an `IP address'. An IP address consists of four numbers separated by periods, like `167.216.245.249'. Each number is between zero and 255.

Interfaces in the same network tend to have neighboring IP addresses. For example, `167.216.245.250' sits right next to the machine with the IP address `167.216.245.249'. Remember also that a router is a node with interfaces on more than one network, so the router will have one IP address for each interface.

So the Linux Kernel's IP layer keeps a table of different `routes', describing how to get to various groups of IP addresses. The simplest of these is called a `default route': if the IP layer doesn't know better, this is where it will send a packet onwards to. You can see a list of routes using `/sbin/route'.

Routes can either point to a link, or a particular node which is connected to another network. For example, when you dial up to the ISP, your default route will point to the modem link, because that's where the entire world is.

  Rusty's              ISP's  ~~~~~~~ 
   Modem               Modem {       }
       o------------------o { The Net }
                             {       }
                              ~~~~~~~  

But if you have a permanent machine on your network which connects to the outside world, it's a bit more complicated. In the diagram below, my machine can talk directly to Tridge and Paul's machines, and to the firewall, but it needs to know that packets heading the rest of the world need to go to the firewall, which will pass them on. This means that you have two routes: one which says `if it's on my network, just send it straight there' and then a default route which says `otherwise, send it to the firewall'.

                         o  Tridge's
                         |    Work Machine      ~~~~~~~  
  Rusty's                |                     {       } 
   Work Machine o--------+-----------------o--{ The Net }
                         |            Firewall {       } 
                         |                      ~~~~~~~
                         o  Paul's
                              Work Machine

4.1 Groups of IP Addresses: Network Masks

There is one last detail: there is a standard notation for groups of IP addresses, sometimes called a `network address'. Just like a phone number can be broken up into an area prefix and the rest, we can divide an IP address into a network prefix and the rest.

It used to be that people would talk about `the 1.2.3 network', meaning all 256 addresses from 1.2.3.0 to 1.2.3.255. Or if that wasn't a big enough network, they might talk about the `1.2 network' which meant all addresses from 1.2.0.0 to 1.2.255.255.

We usually don't write `1.2.0.0 - 1.2.255.255'. Instead, we shorten it to `1.2.0.0/16'. This weird `/16' notation (it's called a `netmask') requires a little explanation.

Each number between the dots in an IP address is actually 8 binary digits (00000000 to 11111111): we write them in decimal form to make it more readable for humans. The `/16' means that the first 16 binary digits is the network address, in other words, the `1.2.' part is the the network (remember: each digit represents 8 binary digits). This means any IP address beginning with `1.2.' is part of the network: `1.2.3.4' and `1.2.3.50' are, and `1.3.1.1' is not.

To make life easier, we usually use networks ending in `/8', `/16' and `/24'. For example, `10.0.0.0/8' is a big network containing any address from 10.0.0.0 to 10.255.255.255 (over 16 million addresses!). 10.0.0.0/16 is smaller, containing only IP addresses from 10.0.0.0 to 10.0.255.255. 10.0.0.0/24 is smaller still, containing addresses 10.0.0.0 to 10.0.0.255.

To make things confusing, there is another way of writing netmasks. We can write them like IP addresses:

10.0.0.0/255.0.0.0

Finally, it's worth noting that the very highest IP address in any network is reserved as the `broadcast address', which can be used to send a message to everyone on the network at once.

Here is a table of network masks:

Short   Full                    Maximum         Comment
  Form    Form                    #Machines

/8      /255.0.0.0              16,777,215      Used to be called an `A-class'
/16     /255.255.0.0            65,535          Used to be called an `B-class'
/17     /255.255.128.0          32,767
/18     /255.255.192.0          16,383
/19     /255.255.224.0          8,191
/20     /255.255.240.0          4,095
/21     /255.255.248.0          2,047
/22     /255.255.252.0          1,023
/23     /255.255.254.0          511
/24     /255.255.255.0          255             Used to be called a `C-class'
/25     /255.255.255.128        127
/26     /255.255.255.192        63
/27     /255.255.255.224        31
/28     /255.255.255.240        15
/29     /255.255.255.248        7
/30     /255.255.255.252        3


Next Previous Contents