Networking with TCPIP

Networking with TCP/IP

Unix networking is based on the same stack of protocols that powers the Internet (well, perhaps it's the other way around): the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. In addition to the two namesake protocols, the TCP/IP suite includes the User Datagram Protocol (UDP).

The purpose of these protocols is to move data around in packets. These are tiny little chunks of data created at the transmitting end and moving at the speed of light toward the receiving machine. Packets move faster and more accurately to their destination than one hunk of data would. Under TCP/IP, all data travels via IP packets from one IP address to another IP address.

IP packets wouldn't be able to travel very far if there was no way for two machines to connect with each other. TCP provides that connection-based protocol. When a TCP connection is made, the data stream is broken up by IP into packets, and it travels to the second machine. TCP then reassembles the packets back into a whole stream, figures out what type of data it is, and approaches the appropriate port for that data type (port 110 for POP email servers, as an example).

Where does UDP fit in the scheme of things here? It is a connectionless protocol. Applications that use UDP just choose a destination and start sending. UDP is usually used for small amounts of data or on fast and reliable networks. Some peer-to-peer networks also use UDP.

TCP/IP Addressing

One thing to get straight at the beginning: local area network (LAN) addressing is distinct from Internet addressing, even if they are based on the same protocol stack. This can lead to some level of confusion, in part because in Unix, even a standalone computer that never interacts with another machine still has a loopback IP address.

Internet IP addresses (also known as "public" IP addresses) are assigned by an addressing body like the American Registry for Internet Numbers (ARIN), which is the body for the United States. Internet Service Providers (ISPs) and other entities requiring blocks of IP addresses apply to ARIN and similar institutions. The addressing body then assigns the requested blocks, which are, in turn, assigned to the ISP's subscribers. These addressing bodies are needed because every machine on the Internet at a given moment requires a distinct IP address. You'll see later, when you learn about DHCP, that one IP address can be any number of physical machines.

LAN IP addresses are assigned by the system administrator so that each physical machine attached to the network has a distinct address. As a result, your computer can have three identities or addresses at once: its loopback address (the one-computer network), its LAN address (and if a computer can connect to several networks, it can have several LAN addresses), and its public Internet address.

• Learn more about setting up loopback connections in Chapter 12, "Connecting to the Internet."

Standard TCP/IP addressing under version 4 of the protocol is expressed as a series of 4 decimal numbers separated by dots, as in 187.0.15.255. These represent a 32-bit binary value, and each of the four sets of numbers are called an octet. Each octet includes a number range from 0 to 255. The first octet usually signifies what class the network belongs to. There are three classes of networks:

• Class A networks have a first octet in the range of 1 126, and the last three octets define the host. Each Class A network has up to 16,777,214 hosts. Of these, the 10 octet is reserved for local networks (127.0.0.0 is reserved for the loopback range).

• Class B networks have a first octet in the range of 128 191. In this range, the 128 octet is also reserved for local networks. The first two octets belong to the network, the last two to the host. There are 16,382 Class B networks, with 65,534 possible hosts.

• Class C networks have a first octet in the range of 192 223. In this range, the 192 octet is also reserved for local networks. The first three octets belong to the network, with only the last octet belonging to the host. Thus, there are 2,097,150 possible Class C networks, but each network can have only 254 hosts.

Two other network classes are irrelevant to this discussion. Class D network addresses are reserved for multicast addresses, and Class E addresses are experimental.

These classes are standard, but a netmask also defines your network class. The netmask shows what part of an IP address represents the network and which represents the host. Common netmasks for the different classes are the following:

• Class A 255.0.0.0

• Class B 255.255.0.0

• Class C 255.255.255.0

There's more information on netmasks in the "Network Organization" section later in the chapter.

The allocation of IPv4 addresses is reaching the breaking point. Class A networks are full. Class B is nearly there, and you can guess where Class C is, too. Something needed to be done, and it was. Welcome Internet Protocol, version 6.

Note

Many years ago, it was thought that we would run out of IP addresses in a very short time. This led to the need and demand for IPv6. What was not anticipated or foreseen, though, was the creation and widespread adoption of technologies such as Network Address Translation, which enable multiple clients to share the same IP address. Because of their extensive use, the transition to IPv6 has moved much slower than it otherwise would have.

The Next Step: Internet Protocol, Version 6 (IPv6) Addressing

It's easy to see the need for IPv6. Just think of how many different machines you use to access the Internet today: desktop PC, laptop, personal digital assistant, or cell phone with email and Web access. Thinking about getting a Voice over IP (VoIP) phone? Now consider the prospect of widespread Internet use in the global South: Brazil, China, India, South Africa. All these devices need addresses, not to mention the "smart houses" and web-enabled refrigerators the dreamers have speculated about.

IPv6 fixes this problem by using 128-bit addresses using hexadecimal numbers, producing a truly mammoth number, equaling 3.4x10³⁸ potential addresses. Instead of four octets, IPv6 addresses has eight hexadecimal groups. Four groups belong to the network and four groups to the host.

Like the global transition to the metric system, moving to IPv6 has been a long process. The initial standard was adopted in 1994, but the vast majority of Internet connections still use the old standard. Many networking utilities, firmware, and parts of some (non-Linux) operating systems will need rewriting to fully support IPv6.

You can use IPv6 to set up your internal network. SUSE Linux supports IPv6 and includes many utilities to use the new network. Consult the Linux+IPv6 HOWTO at http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO for more information.

Ports

Network servers rarely have just one dedicated task. For example, web servers handle standard pages and secure pages, and perhaps an FTP volume as well. For this reason, applications are assigned ports by the Internet Assigned Numbers Authority (IANA) to make "direct" connections for specific services. These ports help TCP/IP distinguish services so data gets to the right application. You've seen references to these ports elsewhere in this book: Web browsers access port 80, POP email clients look for port 110 to get mail, FTP servers use port 21, and BitTorrent uses port 6881. You can see these common ports in the /etc/services file and online at http://www.iana.org/assignments/port-numbers.

As a system administrator, you can assign ports on your server to different applications by editing its configuration file. This can occasionally thwart remote attacks on a common port, but it requires you to notify your legitimate remote users to connect to the new port instead of the common port.