The Communications Layer
As strange as it may seem, your Web browser and your email program on your computer don’t speak Ethernet. Programs on a computer require a far more sophisticated language than Ethernet to meet their needs. Macintoshes typically use one of two different languages, or protocols: AppleTalk and TCP/IP. These two protocols, in addition to several other less common protocols, are central to the communications layer.
In our layered approach to understanding networks, each layer uses the layer below it to achieve its goal. The communications layer, therefore, depends on the physical layer to do its work. In this case, Ethernet frames are responsible for ferrying TCP/IP and AppleTalk packets from place to place.
AppleTalk
AppleTalk has been used on the Macintosh for a long time. Designed in the early 1980s, AppleTalk was intended to allow small workgroups of computers to exchange files, share printers, and remote access. Often called LocalTalk, this early protocol was actually a combination of both the Physical and Communications layers of the network. These networks used LocalTalk cables rather than Ethernet cables to connect devices. Due to limitations built into this early version of AppleTalk, early AppleTalk networks could have no more than 254 devices on them.
In 1989, with the growing prevalence of Ethernet and Token Ring networks, Apple introduced AppleTalk Phase 2. This new version of AppleTalk supported more sophisticated service discovery and a far greater address range of over 16 million possible network devices.
AppleTalk is by far the easiest network protocol to use on a small or medium-sized Macintosh-based network because it is completely autoconfiguring. There is literally nothing to do. Simply connect your devices, make sure that AppleTalk is active, and they will automatically configure themselves to use AppleTalk. But that’s not all. When it’s time to find a printer or file server on the network, there is no need to remember some ID number or strange name. AppleTalk supports automatic and dynamic discovery of these services on a network. The only way to make AppleTalk any easier to use on a small to medium-sized network would be if the cables plugged themselves in.
As easy as AppleTalk is to use, however, it has its limitations. Windows-based PCs don’t talk AppleTalk without additional software. In addition, some of the more sophisticated networking equipment no longer supports AppleTalk. And while AppleTalk supports up to 16 million network devices on a network, it doesn’t scale well to very large networks. AppleTalk networks often run into problems far before they reach the 16 million-device barrier.
TCP/IP
TCP/IP is the king of network protocols. It is the most widely used network protocol in use today. It is the language of the Internet. Web pages, email servers, FTP servers, the iTunes Music Store, Instant Messenger programs, and so much more all use TCP/IP. The very name has the word Internet in it; IP actually stands for Internet Protocol.
What’s in a name?
TCP/IP stands for Transport Control Protocol/Internet Protocol. If that sounds like two protocols instead of just one, you’re right. Both TCP and IP are actually subprotocols of the Internet Protocol Suite. Most people, however, refer to the Internet protocols as TCP/IP. So we will, too.
TCP/IP has many strengths. It can handle incredibly large networks. (AppleTalk cannot handle the vast number of computers on the Internet.) TCP/IP was designed from the ground up to handle a virtually unlimited number of computers. This ability to handle incredibly large networks turns out to be good and makes possible TCP/IP’s second strength: it’s everywhere. Whether it’s a Macintosh, a Linux workstation, a network printer, a Windows-based PC, or a cell phone, chances are it uses TCP/IP.
TCP/IP’s weakness, however, is usability. It requires configuration and lots of cooperation. Not surprisingly, however, Apple has been hard at work turning TCP/IP into as friendly a protocol as AppleTalk ever was. By working closely with the IETF (Internet Engineering Task Force) on projects such as SLP and ZeroConf, Apple is bringing easy-to-use networking to the rest of us.
How TCP/IP works
Every device on a TCP/IP network needs a unique IP address. The standard form for noting an IP address is in the standard dotted decimal number format, which looks like this:
192.168.216.105
Each IP address has two parts: a network address and a host address. Every address on a single network must have the same network address. Then, each address has a unique host address. Together, these two parts make up a unique address.
But which part of this address is the network address and which is the host address? Well, that depends on the needs of your network. Because the network address and the host address both come from the same number, the longer one is, the shorter the other one is. Remember, too, that the longer a binary number is, the more possible unique numbers it can make. If your network address consists only of the first few bits, then your host address is very long. In this case, you have a smaller number of possible network addresses but a huge number of possible host addresses for each one of those network address. This would be useful for a huge, international corporation with a gigantic network. They will need a lot of addresses all on one network.
 |
Ethernet networks support multiple protocols simultaneously. So, you can print to your printer using AppleTalk while you surf the Web using TCP/IP. Modern AppleTalk and TCP/IP can coexist very peacefully. In fact, for several years now Macintoshes have supported AFP over IP, which is the AppleTalk protocol for file sharing (Apple File Protocol) using TCP/IP instead of AppleTalk.
TCP/IP is at the heart of Mac OS X and is tightly integrated. Although AppleTalk is well supported in Mac OS X, many of the services it performs are being replaced by similar functions in TCP/IP. Given its central role in Mac OS X, the following section takes an in-depth look at TCP/IP and how it works.
|
For example, if you define the first octet as being the network address, then the remaining three octets are used to define the host addresses for each network address. Because the first octet cannot be 0, the theoretical maximum number of network addresses is 255. For technical reasons, this number is actually much smaller, only 126. The host address, then, consists of three octets. So while the total number of possible network addresses is tiny, the possible number of host addresses for each of those network addresses is staggering: over 16 million addresses each!
On the other hand, if your network address consists of most of the first bits of the IP address, then the host address is very short. In this case, you have a very large number of possible network addresses but a small number of possible host addresses for each network address. This would be perfect, for example, for an Internet Service Provider (ISP) with hundreds of customers who each have very small networks. Each customer needs only a few host addresses for their small networks (at home or in a small office). But the ISP needs a very large number of network addresses, one for each customer.
For example, if the network address consists of the first three octets, then the remaining octet is used to define the host addresses for each network address. This means that there are millions of possible network addresses but only 255 possible host addresses for each network address.
Subnets and the subnet mask
Each device on a TCP/IP network needs a unique IP address. This address consists of two parts: the network address and the host address. If all you have is an IP address, however, there is no way to know which part is the network address and which is the host address. So, you need a way of specifying which bits of the address are for what. To do this, you use a setting called the subnet mask. The subnet mask is a 32 bit binary number broken down into four 8-bit octets, very similar to the IP address. The subnet mask defines the network address part of the IP address by masking it out. For every bit in the IP address that is used for the network address, the subnet mask’s corresponding bit is set to 1. For every bit that is used for the host address, the subnet mask’s corresponding bit is set to 0.
For example, if your IP address is 192.168.216.105 and your subnet mask is 255.255.255.0, this is what they look like in their native binary:
| Subnet Mask: | 11111111.11111111.11111111.00000000 |
| IP Address: | 11000000.10101000.11011000.01101001 |
Table 15-2 shows the subnet mask and IP address broken into network address and host address components.
| Network Address | Host Address | |
|---|---|---|
| Subnet mask: | 11111111.11111111.11111111. | 00000000 |
| IP address: | 11000000.10101000.11011000. | 01101001 |
Translated back into dotted decimal form:
| Network Address | Host Address | |
|---|---|---|
| Subnet mask: | 255.255.255. | 0 |
| IP address: | 192.168.216. | 105 |
Now you can determine the network address and the host address of your own IP address. Your network address is 192.168.216 and your host address is 105. More importantly, however, you can also determine which other host addresses are on the same range of addresses as you are. A range of host addresses that all share the same network address is called a subnet.
For technical reasons, both first and last addresses in a range are not useable. So, the possible host addresses for your network address are from 1 to 254. So knowing the IP address and the subnet mask of your computer, you can determine which IP addresses are on your subnet and which are outside of your subnet. This determination is central to delivering information from one computer to another regardless of whether they are right next to each other or across the entire planet.
When your computer wants to send data via IP to another device, it must make only one decision: is the destination address on the local network or not. If the destination address is on the local subnet, then your computer delivers the information directly to that destination. If the destination address is not on the local network, however, your computer delivers the information to a special device on your network called a router.
Routers
Routers route. Whether you are from New York City, Los Angeles, or anywhere in between, regardless of how you would otherwise pronounce the word “route,” on a network it always rhymes with the word “shout” not “boot.” (For those of you from Australia, this makes it much less fun than it might otherwise be.) In a sense, routers are very uncomplicated devices. A simple router has two network ports. These ports are often called the LAN (or Local Area Network) port and WAN (or Wide Area Network) port. The LAN port is connected to your network and has an IP address within the range of your network’s subnet. The WAN network port is connected to a second network and has an IP address within the range of that other network’s subnet. In the router is a table of information telling the router exactly which addresses are on which side of the router. All this router has to do is direct traffic in the appropriate direction.
When your computer determines that a destination address is not on the local subnet, it passes that data, in the form of an IP packet, to the router. Your computer knows the address of the router from the TCP/IP settings on your computer. This setting is called the router or gateway address. The router then makes the same decision: is the destination address of this packet on the local subnet of this second network or not. If so, the packet is delivered. If not, the packet is forwarded to the next router.
IP addresses
In order for a device to work on the Internet, it needs an IP address that has been assigned from a pool of available addresses. IP addresses are usually assigned by your ISP or your local network administrator. Whatever the case, however, IP addresses are not arbitrary.
Public and private
There are two classes of IP addresses: public and private. Public IP addresses are standard, fully functional addresses. If there were enough of them, there would be little need for private IP addresses. As it is, however, we are running out of public addresses. So to conserve addresses, private addresses were created.
Private IP addresses are not fully functional addresses. Without any help, in fact, a private IP address could never communicate with any device out on the Internet at all. This is because private IP addresses are not routable. In order to use a private IP address on the Internet, your router has to be configured to do so. This feature of a router to route private IP addresses is called Network Address Translation, or NAT. With NAT, your router’s WAN port gets one real IP address. Your network, however, gets private IP addresses. When a device on your network wants to get information from the Internet, it asks the router for help. The router pretends to be that device for a moment and makes the request for you. When the router receives a reply, it then forwards that reply back to that device. From the outside world, then, the only device that ever makes a request for information is the router. For the purposes of a transaction, your private IP address is translated into a public address and then back again on the return trip. Through this method, you can have thousands or even millions of devices all accessing the Internet without using more than a single real IP address.
From the Internet’s point of view, however, your network is mostly invisible. The only part of your network that anyone else can see is the WAN port of your router. This is both a blessing and a curse. The blessing is that this makes your network very difficult to hack. The curse is that some network services don’t work very well with private addresses. If you had a server, for example, such as a Web server, FTP server, or even a hosted network game such as Quake or Unreal Tournament, no one from the Internet would ever see your computer.
Private IP addresses are easily identified because they fall into one of three different ranges:
10.0.0.0 through 10.255.255.255
172.16.0.0 through 172.31.255.255
192.168.0.0 through 192.168.255.255
There is a fourth range of addresses that is not a public set of addresses. While it is not classified as a private range either, it is private in effect. Here it is:
169.254.0.0 through 169.254.255.255
This range is special and is discussed in the following section.
TCP/IP configuration
Devices can be configured to use TCP/IP in many different ways. In this section we will cover the reasons for each method. At the end of the Chapter, we will walk you through actually setting up the method you choose.
Manual configuration
The most obvious method for configuring a device is to do it by hand. This is called manual configuration. In this method, you are prompted to enter all the pertinent information in appropriate places. Each device that needs to be configured in this manner needs to be done individually.
DHCP and BootP configuration
While this would be a simple matter for a small network, configuring a large network this way would be too time consuming. Fortunately, there is a more automated way to configure a device to use TCP/IP. A device may be able to obtain its TCP/IP configuration from a special server on a network called a DHCP server. DHCP stands for Dynamic Host Configuration Protocol and is often used to configure the TCP/IP settings of a whole network of computers automatically. Some DHCP servers require that the client have a DHCP Client ID specified in order to obtain the configuration settings. BootP servers are also capable of automatically configuring devices on a network.
When a computer that is set up to receive its TCP/IP configuration from a DHCP server cannot contact that server, it configures itself by choosing a random IP address from the range:
169.254.0.0 through 169.254.255.255
In theory, an entire network of computers set to use DHCP to configure themselves would work together perfectly in the absence of a DHCP server. This, however, could cause problems depending on the different services your network provides, such as Internet Access and file servers.
PPP and PPPoE configuration
Dial-up modem communications are also able to automatically configure the connecting device with the appropriate TCP/IP settings. Standard modem connections to the Internet use a protocol called PPP, or Point-to-Point Protocol, to establish the connection. The PPP connection is responsible for configuring the TCP/IP settings of your computer in this case.
Many DSL providers use a protocol called PPPoE for connecting you to the Internet. PPPoE stands for PPP over Ethernet. In this case, your DSL connection creates an Ethernet network over the telephone line all the way to your ISP. PPPoE is a version of PPP for Ethernet networks. Just as with a dial-up modem connection, PPPoE is responsible for configuring the TCP/IP settings of your computer.
Lastly, AOL modem connections have their own proprietary method for configuring TCP/IP.
Static versus dynamic IP addresses
If your computer is configured to obtain its TCP/IP configuration from a DHCP server, it does so automatically whenever you need to connect to the Internet. When it contacts the DHCP server it asks for a lease on an IP address. If the DHCP server grants the lease, that lease is good for a certain predefined time. At the end of that time, your computer will have to get a new lease. This happens automatically whenever it needs to happen. There is no guarantee, however, that you will always get the same address each time your computer asks for an address. This is called a dynamic IP address because it can change.
Not all DHCP servers give out dynamic IP addresses, although it is very common. It is possible for a DHCP server to be set up so that it always gives the same address to the same device. In this case, the DHCP server would be giving out static IP addresses, even though it would be doing so automatically whenever they were needed. But typical DHCP servers give out dynamic IP addresses. So do most BootP servers and PPP servers. The only kind of TCP/IP configuration that is always static is a manually assigned IP address.
Domain name service servers
Every device on the Internet is identified by a unique IP address. But when you open your Web browser and go to a Web site, you don’t type in the IP address of the Web site you want to go to. Who could remember all those numbers? To make it easier to get around, the Internet has a naming scheme to help. Now instead of having to remember that Apple’s Web site is at the IP address 17.112.152.32, all we have to remember is www.apple.com.
But how does your browser (or your email software or your FTP client) know that www.apple.com equals 17.112.152.32? The answer is that your computer asks a domain name service server, also called a DNS server. DNS servers are responsible for keeping a comprehensive list of which names go with which addresses. In order to function properly then, every computer must know the address of at least one DNS server. If your computer cannot contact a DNS server to resolve a name into an address, you will not be able to contact the destination. To prevent this kind of problem, most computers will hold a list of several DNS servers if you want them to. If the first DNS server in the list does not respond, the computer automatically asks the next server in the list.
Rendezvous
Rendezvous is a collection of technologies that work together to provide automatic network configuration and service discovery. In particular, Rendezvous uses three core technologies: link-local addressing, Multicast DNS, and DNS service discovery. All these technologies are open projects of the Internet Engineering Task Force. Apple’s code for Rendezvous is open source.
Rendezvous can automatically configure a device to use TCP/IP without a DHCP or BootP server. When a device is added to a network without any means of automatic configuration, such as a DHCP or BootP server, Rendezvous automatically configures the device link-local addressing. In link-local addressing, the device randomly chooses an address from a range of addresses set aside by the Internet Assigned Numbers Authority (IANA) for link-local addressing and assigns that address to itself. It then broadcasts a message over the network to determine if that address is in use. If it is, then it randomly chooses another address and tries again until it finds an address that is not in use. After the device has assigned itself an unused address, it is ready to send and receive IP traffic.
Rendezvous can also automatically and dynamically discover new services on a network, such as printers and servers. To do this, Rendezvous uses a combination of Multicast DNS and DNS service discovery to advertise servers on a network and then to find those services when needed.
The two functions of Rendezvous, automatic network configuration and service discovery, may sound familiar. This isn’t the first time us Macintosh folk have been able to just turn on a computer, plug in into a network and find all the servers on a network without having to configure anything. That’s because AppleTalk can already do these things. But AppleTalk didn’t do it as well as Rendezvous does.
First, Rendezvous is far more efficient about it. Whether it is AppleTalk or Rendezvous doing the work, all of this automatic configuration and service discovery generates network traffic. Rendezvous is much more intelligent, however. Rendezvous is also very extensible. AppleTalk really worked only for finding printers and file servers. Adding completely different kinds of services would have been daunting. Rendezvous supports just about any service you can imagine. But most importantly, Rendezvous manages to do what AppleTalk did using TCP/IP instead.
IPv6
The IP address range that we’ve discussed so far is called IPv4. IP addresses in this range are 32-bit addresses. There are approximately 4.2 billion possible addresses in this range, although many of those addresses are not useable. While this may sound nearly infinite, it is barely enough. Some estimates suggest that we are using about 65% of the useable addresses already. Consider how quickly the remaining 35% will go when every cell phone, every T.V., every refrigerator, and every air conditioner also have their own IP addresses. Or, more importantly, imagine what will happen when all of China goes online in the next decade. Suddenly 4.2 billion doesn’t sound so big any more.
To alleviate this problem, the people that brought you IPv4 have been hard at work designing an upgrade. This upgrade is called IPv6. Among the many benefits incorporated into IPv6, the most obvious is the size of the new IP addresses. Instead of using 32-bit addresses, each address is now 128-bits long. A 128-bit long binary number as a lot of possible combinations: 2128 possible combinations. This works out to be: 340,282,366,920,938,463,463,374,607,431,768, 211,456.
Understanding the size of that number really isn’t possible by just looking at that string of numbers. So consider this: according to the U.S. Census Bureau, the population of this planet as of mid-year 2003 is approximately 6,302,486,693. If we were to divide up the IPv6 addresses giving each person on the face of the Earth an equal number of addresses, each person would get 53,991,762,854,316,031,771,016,167,424! Each of us could have our own IPv4 Internet to ourselves without having to share a single IP address with anybody else on the planet. Even then, each of us would still have more than 12 million billion entire Internets we aren’t using!
For years now, manufacturers of network devices such as routers have been working to add support for IPv6 into their products. Apple added support for IPv6 into Mac OS X quite some time ago. But Mac OS X 10.3 adds an easy-to-use graphical user interface for configuring those settings. Currently, most networks do not use IPv6. Getting an IPv6 network to work with the rest of the Internet requires some configuration on the network level. If your network uses IPv6, your network administrator will be able to tell you what settings to make on your computer. But whenever the rest of the world decides to move to IPv6, Mac OS X will be ready.
EAN: 2147483647
Pages: 290