Advanced IP Addressing

Basic IPv4 over Ethernet is the main staple of the network today. However, for growth, Mac OS X allows for other forms of networking.

Using IP Over FireWire

You can set up your computer to connect to other computers over FireWire using IP. Because FireWire allows data transfer speeds of 400 Mbit/s and 800 Mbit/s that are faster than what most networks offer (most IP networks run at 10 or 100 Mbit/s), IP over FireWire is suitable for networking and clustering solutions that involve the transfer of large files, as well as temporary connections to the Internet using Internet Sharing.

If you run the ifconfig command in Terminal after enabling an IP over FireWire configuration, you should see an entry like this:

fw0: flags=8863UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST mtu 2030      lladdr 00:03:93:ff:fe:44:75:00      media: autoselect full-duplexstatus: inactive      supported media: autoselect full-duplex

Also, if you run the netstat -nr command in Terminal, you'll notice that the routing table forwards packets to the FireWire interface (fw0).

Using IPv6

IPv6 is short for Internet Protocol Version 6. IPv6 is the Internet's next-generation protocol designed to replace the current Internet Protocol, IP Version 4 (IPv4, or just IP). The current IP is beginning to have problems coping with the growth and popularity of the Internet, so here are some of the drawbacks to IPv4:

• Limited IP addressing: IPv4 addresses are 32 bits, meaning there can be only around 4,300,000,000 network addresses.

• Increased routing and configuration burden: The amount of network overhead, memory, and time to route IPv4 information is rapidly increasing with each new computer connected to the Internet.

• End-to-end communication is routinely circumvented: This point is actually an outgrowth from the IPv4 addressing problem. As the number of computers increases and the address shortages become more acute, another addressing and routing service has been developed, NAT, which mediates and separates the two network end points. This limits a number of network services.

IPv6 fixes some of these problems and helps others. It adds improvements in areas such as routing and network auto-configuration. It has increased the number of network addresses to a maximum of 4 billion x 4 billion x 4 billion x 4 billion, which is an astronomical number, and eliminates the need for NAT. IPv6 is expected to gradually replace IPv4 over a number of years, with the two coexisting during the transition.

Note

At present, IPv6 is used primarily by some research institutions. Most computers do not need to set up or use IPv6.

IPv6 Addressing Model

IPv6 addresses are assigned to interfaces (for example, your Ethernet card), and not nodes (for example, your computer). A single interface can be assigned multiple IPv6 addresses. Also, a single IPv6 address can be assigned to several interfaces for load balancing. Finally, routers don't need an IPv6 address, eliminating the need to configure the routers for point to point unicast transmission. Additionally, IPv6 doesn't use IPv4 address classes.

IPv6 Address Architecture

An IPv6 address consists of two main parts:

• Prefix: The prefix consists of a network address and a subnet address where the target device is located. Network routers use the information in the prefix to route packets to the subnet in which the target device (for example, a computer or a printer) is located.

• Interface ID: The interface ID consists of the address of the target device's network interface. Once a packet reaches the subnet in which the target device is located, the device's network interface picks up the packet addressed to it using the information in the interface ID.

IPv6 Address Notation

IPv4 addresses are 4 bytes long and expressed in decimals. IPv6 addresses are 16 bytes long and can be expressed a number of ways. Pairs of IPv6 bytes are separated by a colon and each byte is represented as a pair of hexadecimal numbers, as in the following example:

E3C5:0000:0000:0000:0000:4AC8:C0A8:6420

or

E3C5:0:0:0:0:4AC8:C0A8:6420

IPv6 addresses often contain many bytes with a zero value, so a shorthand notation is available that removes the zero values from the text representation and puts the colons next to each other, as follows:

E3C5::4AC8:C0A8:6420

Note

Double colons (::) can be used only once per string.

The final notation type includes IPv4 addresses. Because many IPv6 addresses are extensions of IPv4 addresses, the far right 4 bytes of an IPv6 address (the far right 2-byte pairs) can be rewritten in the IPv4 notation. This mixed notation (from the previous example) could be expressed as

E3C5::4AC8:192.168.100.32

Using IPv6, a computer can assign itself a unique address to communicate with other computers on the local subnet or with other networks. In automatic address mode, a computer's interface can assign itself a unique address in two ways:

• Define prefix: If the computer is connected to other networks through a router, the computer starts by querying the router to determine its address and whether to use automatic configuration or DHCP. In the case of automatic configuration, the network interface creates a routable network address based on the router's address.

• Define interface ID: The network interface creates a unique address that consists of an IPv6 link-local address prefix, a link-local address valid in the local subnet, and a unique address (possibly the Ethernet ID of the network interface).

Not only has Apple placed IPv6 into the Mac OS X infrastructure, but file sharing over AFP (whether the share point is on Mac OS X or Mac OS X Server) will attempt to connect over IPv6 before it tries IPv4. If you do not want Mac OS X or Mac OS X Server to attempt IPv6 connections, you can turn off IPv6 in the Network preferences pane or in the Server Assistant during initial setup on Mac OS X Server.

More Info

For more technical details about the structure of an IPv6 address, go to www.ipv6.org.

Using 6 to 4

The 6 to 4 port configuration allows you to connect to IPv6 networks if you have access to only an IPv4 connection, such as a modem. The 6 to 4 port configuration assigns your computer an IPv6 address based on your current IPv4 address, encapsulates IPv6 traffic in IPv4 packets, and routes them to a 6 to 4 gateway that is connected to an IPv6 network.

You can connect to an IPv6 address from a computer using IPv4 by setting up a 6 to 4 network port configuration:

More Info

For more information about 6 to 4 addressing, refer to the man page of the ip6config command (man ip6config).

Advanced Ethernet Options

You can configure advanced Ethernet settings if you have specific requirements for the network you are connected to. Usually, the settings that are configured automatically are correct. In some network environments, you may need to set advanced options. For example, you might need to change the Duplex setting to match a switch that has been set to half-duplex. Also you may discover that changing MTU to 1491 improves performance for some DSL providers.

Your network administrator or ISP can give you the settings specific to the network and help you determine if you need to adjust them. The following figure shows the options available when manually choosing the speed of your network connection.

Note

These advanced settings affect the way your computer interacts with your network. Unless your network administrator has given you specific settings, use the automatic settings. Entering the wrong settings can adversely affect network performance.

To set advanced Ethernet options:

Working With DHCP in Mac OS X

The following describes the DHCP process Mac OS X uses to obtain a valid IP address from a DHCP server:

1. The client sends a DHCPDISCOVER broadcast message to locate available servers and let the servers know that the client is looking for configuration information.

   Any DHCP server can receive the message and prepare to lease the client an IP address.

2. The DHCP server prepares an offer message, which contains:

   • The IP address that the server is offering to lease

   • Additional DHCP options requested by the client, such as the subnet mask

   • The IP address of the server

   • The time period of the lease

   The offered address is marked as reserved. The DHCP server then broadcasts the DHCPOFFER message over the network. If there are multiple DHCP servers, the client will receive multiple messages.

3. After receiving the DHCPOFFER messages, the client chooses one server from which to request configuration parameters. The client then broadcasts a DHCPREQUEST message that includes the selected server's IP address and the client's leased IP address. Other options specifying various configuration parameters might also be included. This broadcast message is received by all DHCP servers. This message lets those servers not selected by the client know that the client has declined their offers.

4. The server selected in the DHCPREQUEST message responds with a DHCPACK message containing the configuration parameters for the requesting client. These parameters include some of the same information that was provided in the DHCPOFFER:

   • The IP address of the selected server

   • The committed IP address for the client

   The DHCPACK message might include other options specifying additional configuration parameters.

   Note

   If there is a problem (such as the client has moved to a different subnet or the requested address has been allocated) and the selected server is unable to satisfy the DHCPREQUEST, the server sends a DHCPNAK message.

   
   

5. When the client receives the DHCPACK message, it uses Address Resolution Protocol (ARP) to perform a final check on the parameters. The client notes the duration of the lease specified in the DHCPACK message. The client is configured at this time.

   Note

   If the client detects that the address is currently in use, the client then sends a DHCPDECLINE message to the server and restarts the configuration process.

   
   

6. Mac OS X sends a release only if the user de-configures the DHCP service, such as by turning off the IP settings in the Network pane of System Preferences or by performing a graceful shutdown.

Renewing DHCP With an Existing Lease

A computer configured to acquire a DHCP address always attempts to reuse its last assigned IP address on subsequent connections. When a computer reconnects to a network with a DHCP server, because it has already received an address, it uses the following abbreviated lease renewal process (which takes half of the lease time):

1. The Mac OS X computer reconnects to the network and broadcasts a DHCPREQUEST message. This message includes the computer's last assigned IP address in the "requested IP address" field. The request asks for an extension of that DHCP lease. A DHCP lease is the process by which a DHCP server guarantees, within a specific lease time, not to reallocate that address.

   Note

   The computer broadcasts the DHCPREQUEST message on the network until it receives a DHCPACK response from a server. Your network may have one or more DHCP servers providing addresses.

   
   

2. The DHCP server verifies that the computer is located on the correct network and is eligible to receive an address. If the client's network address is verified, a DHCP server responds with a DHCPACK message and renews the lease.

   If the client's network address is not verified, the server will either generate a new lease or deny an IP address to the client.

   The computer also stops sending DHCPREQUEST messages when it receives a DHCPNAK (not acknowledged) message from a server. This DHCP server feature is designed to eliminate undesirable network traffic from unverified requestors. To start a new DHCPREQUEST cycle, you can click Renew DHCP Lease in the Network pane of System Preferences.

3. When the client receives the DHCPACK message, it performs a final conflict check on the parameters using ARP. If the address is not in use by another machine, the client notes the duration of the lease specified in the DHCPACK message. The client is configured at this time.

Finding DHCP Servers on a Subnet

Mac OS X includes the ipconfig and arp commands, which you can use to locate a DHCP server on your local subnet. These commands are useful when trying to track a rogue DHCP server that is wreaking havoc in your network.

To find a rogue DHCP server, do the following:

1.

Use the getpacket option with ipconfig to get the last DHCP or BOOTP offer packet received on a given interface. For example, to get the last DHCP received on the interface en0, enter the following command: ipconfig getpacket en0 In the output, the following fields display basic information from the DHCP server: server_identifier: The IP address of the DHCP server yiaddr: The IP address the DHCP server assigns to your computer subnet_mask: The subnet mask the DHCP server assigns to your computer router: The IP address of the default gateway lease_time: The amount of time before the DHCP server can reclaim the IP address it assigned to the computer In addition, the DHCP server can provide additional information such as LDAP information, DNS servers, and search domains. Although some of the output generated by ipconfig can be gathered elsewhere, it is the only command that shows the IP address of the DHCP server that your computer uses.

2.	Use the arp command to discover the MAC address associated with the DHCP server you found in the previous step. arp ip_address where ip_address is the IP address of the DHCP server. This command displays the MAC address and interface of the specified IP address.

3.	Find the port that is connected to that MAC address and disconnect the cable connected to the port. Alternatively you could look up the vendor prefix for the MAC address and look for equipment made by that manufacturer to discover the rogue DHCP server.

Using Mac OS X as a DNS Client

There are a variety of processes on Mac OS X that require DNS services. These processes communicate with the DNS resolver on the DNS client computer via the gethostby() routine (standard C library routine modified to resolve addresses via lookupd).

In Mac OS X, the DNS resolver is a process called lookupd. This process also performs other lookup functions for Mac OS X. In Mac OS X the name of the current domain and the IP address or addresses of the DNS server or servers are stored in /etc/resolv.conf. This configuration file is provided by Mac OS X for processes that depend on the information in the file, but is not used to configure the DNS server, as is the case in other UNIX-based systems.

The DNS client configuration is either entered manually or derived automatically via DHCP. When DNS client configuration is modified, the configd daemon (described in more detail in Lesson 24, "Mac OS X Network Architecture") modifies the resolv.conf file accordingly.

If the name server has the authority (names and IP addresses are stored on it for the resolution requested) it responds to the request by the DNS client. If it does not have the authority, it checks its cache to see whether the name was resolved recently. If the name was resolved recently, the server reports the caching information to the client. If the resolver does not have the authority for the name or have it stored in its cache, it directs the request to the root server of the global DNS system for a top-down search.

The file /etc/resolv.conf is a symbolic link to /var/run/resolv.conf. If this link gets broken, the system behaves in unexpected ways. The configd daemon creates and maintains /var/run/resolv.conf, the contents of which are dynamic. If your network or location changes, the IP Configuration Agent might rewrite this file with new contents.

In Mac OS X, processes like Apache and sendmail also use DNS name resolution. If some functionssuch as logging in, Internet communication, and direct Web accessseem to take an unusually long time to complete or don't work at all, check the domain and subdomain name servers for correct configuration. An excessive delay logging in when using Mac OS X Server administration applications can also indicate invalid DNS settings.