History has evolved into a present as wild as the West of old. There aren't any wagons, but there are quite a few cowboys, some lawmakers and some lawbreakers, and some posses (though most aren't half as cool as Jesse and the gang, I'll admit), and there are even some screaming villagers to muck things up in the middle of a showdown.
How does this work? If Jesse James wanted to break into a house, he would just walk up to it and shoot the lock. Today things really aren't all that different, if you only take into account the workings and layout of TCP/IP (Transfer Control Protocol/Internet Protocol). These protocols allow computers to "talk" to each other and to send one another a variety of happy and sometimes not so happy "gifts." Here's how it works.
The Internet is held together like a cabin is held together with nails and a certain amount of ingenuity. Each nail connects one board to another and each board connects to another board to form the entire house. The nails are called TCP/IP. In order to understand how to set up a home network, you will need to understand a bit about TCP/IP. So let's start off with an analogy. There is a street in your neighborhood, a nice, clean street. On this street there are two houses. One house will be the sender house and the other house will be the receiver house. We want to send a piece of mail from one house to the other. Now we are talking about postal mail, or "snail" mail. In reality, the postal person will pick up the mail, take it to the post office, and then return it back to the same street. We will suspend reality for a moment and believe that the postal person will pick up the mail and deliver it directly to the destination house. What components are required for this postal mail to be picked up and then delivered?
A postal person
A source house (with a source address)
A destination house (with a target address)
A letter or a package
Some type of address information on the letter or package
A street (with a list of addresses and a street name)
Figure 1.1 shows the process.
Figure 1.1
You are at 123 Bubba Street. You want to send a message to 124 Bubba Street. You create a message and place it into an envelope, address the envelope, and send it to 124 Bubba Street. OK, not bad, this works.
Let's see how the computer does it. In Figure 1.2, the source computer, Computer 123, sends a packet of data on a network. This network is called Network A. The data packet travels over the network looking for Computer 124. Once found, it delivers the packet to the computer.
Figure 1.2
TCP/IP address works much like the postal mail analogy. Every computer has a source address, and if you want to send data to another computer, you need to know its "target" address.
The Transmission Control Protocol/Internet Protocol provides connectivity between equipment from many vendors over a variety of networking technologies. The Transmission Control Protocol (TCP) is intended for use as a highly reliable host-to-host protocol between hosts in packet-switched computer communication networks.
The Internet Protocol (IP) is specifically limited in scope to provide the functions necessary to deliver an envelope of data from one computer system to another. Actually, we are not limited to PCs. This can be any networkconnected device, a computer, a printer, a cell phone (see WAP in the glossary). Each computer or device on a network will have some type of address that denotes where it is on the network. Every device will have one of these addresses, assigned via a permanent mechanism or a temporary addressing scheme. You will notice that we are referencing a network; IP and TCP are used on the Internet but also can be used on any network. Many networks use TCP/IP as their primary protocol.
When data is sent via a network (e-mail note or a web page), the data (or message) is carved into little chunks called packets. The packets contain the information required to determine who sent the message as well as the reception of the message.
An Ethernet LAN typically uses some type of cable or special grades of twisted pair wires. Basically, the computer is connected to the cable via a card (or NIC, Network Interface Card) and that NIC card puts the data onto the cable. In our examples for your home network we will be discussing the Ethernet LAN. This is a complex system, known as Carrier Sense Multiple Access with Collision Detection (CSMA/CD), that keeps data from running into each other. Every NIC card will have some type of address. This address is known as a MAC address and is typically a 48-bit address that is unique for every card. All Ethernet data is crafted into packets with each packet having the information needed to find its target computer and knowing where it came from. Figure 1.3 shows an example of an Ethernet Packet:
6 Bytes
6 Bytes
2 Bytes
46 1500 Bytes
4 Bytes
Target Address
Source Address
Protocol Type
Data
CRC
Figure 1.3
As you can see, there is a "target address" and a "source address." Each byte shown is an 8-bit byte, so we end up with 48 bits for each address. See the IEEE 802.3 for a description of the address assignments (http://www.ieee.org/). The protocol type tells the computer that is receiving the data what the packet is, e.g., 0800 = IP4 or Internet packet, 0806 = ARP packet (APR used by TCP to determine what other computers are on the network). The 1500 bytes of data is where TCP/IP live. The CRC is a checksum to make sure the packet did not get corrupted in transmission.
We have just described the first layer in the TCP/IP model. This is similar to the OSI (Open Systems Interconnection) model. OSI is a standard reference mode for how network data is transmitted between any two points in a computer network. TCP/IP supports the Defense Advanced Research Projects Agency (DARPA) model of internetworking and its network defined layers: Network Interface, Internet, Hosts-to-Host, and Process/ Application. This model was developed in the early 1970s; it preceded the Open Systems Interconnection reference model (OSI). Much like the DARPA model, the OSI was designed to connect dissimilar computer network systems. The OSI reference model defines seven layers of functions that take place at each end of a network communication. OSI divides the communication into seven layers:
Table 1.1: OSI
Application
Application layer: This is the layer at which programs are identified, user authentication and privacy are implemented.
Presentation
Presentation layer: This is a layer, usually part of an operating system, that converts incoming and outgoing data from one presentation format to another.
Session
Session layer: This layer sets up, coordinates, and ends conversations, exchanges, and dialogs between the applications at each end of the dialog.
Transport
Transport layer: This layer manages the end-to-end control and errorchecking.
Network
Network layer: This layer handles the routing of the data. The network layer does routing and forwarding.
Data Link
Data link layer: This layer provides error control and synchronization for the physical level.
Physical
Physical layer: This layer transmits the bit stream through the network at the electrical and mechanical level. Cables, Cards,...
TCP/IP also has a much simpler protocol model:
Table 1.2
Process Layer
Process Layer: This is the layer where each process is defined and communicates. FTP, Telent,...
Host-to-Host Layer
Host-to-Host: This is where TCP lives. This is the mechanism that actually ports the data to the correct application. TCP ports are defined here.
Internet Layer
Internet Layer: IP address are used to direct the packet to the correct destination. Routing protocols live here along with ARP and ICMP.
Network Interface Layer
Network Interface Layer: This is the physical connection to the network. Ethernet, Token Ring, etc. The packets are placed onto the network at this point. Also, the CRC is done here.
There is no direct correlation between the TCP protocol model and the OSI model, but they are roughly equivalent in the services provided. The following diagram shows a comparison between the models:
Table 1.3: Protocol Implementation
DARPA Layer
OSI
Process/ Application
FTP
TFTP
Application
SMTP
NFS
Presentation
TELNET
SNMP
Session
RFC 959,821,854
RFC 783,1094
.Transport
Transmission Control Protocol (TCP)
RFC 793
User Datagram Protocol (UDP)
RFC 768
Transport
Internet
(ARP) Address Resolution
RFC 826,903
(IP) Internet Protocol
RFC 791
Internet Control Message Protocol
RFC 792
Network
Network Interface
Network Interface Cards: Ethernet, Token Ring
RFC 894 RFC 1042
Data Link
Transmission Media: Twisted Pair, Coax, Fiber, Wireless, etc.
Physical
The first layer of the DARPA model is the Network Interface Layer; it links the local host to the local network hardware. This loosely maps to the Physical and Data Link layers of the OSI reference model. The Network Interface Layer makes the physical connection to the network cable, be it Ethernet or Token Ring. In each case, a frame is generated with data from the upper layers. The Internet Layer transfers the packets from a host to a host. Each packet will contain address information relating to the source and destination of the packet. The third level of the Internet software is called the Transport Layer. It is responsible for providing communication between applications residing on different hosts. This can also be called the host-to-host layer. Depending on the application, the Transport Layer will provide a reliable service (TCP) or an unreliable service (UDP). In a reliable service, the receiving station acknowledges the receipt of a datagram. The top layer of the DARPA model is the Application Layer. This is where actual applications like TFTP and Telnet reside.
So we have seen the Ethernet Packet and where it lives in the TCP/IP model. Next, let's look at the IP packet. The IP packet is how the TCP packet finds which computer it is destined for. The Internet Protocol is defined in RFC 791[26]. IP provides the most basic level of service in the Internet. It is the basis upon which the other protocols stand. IP provides the protocol above it with a basic service model and is really similar to the postal service. Using its address scheme, a packet is routed from a source to a destination much like a letter having a street address. Overall, IP does not promise the best service, hence it is known as a "Best Effort Service." If you send a postal message from your house, you rely on "best effort" that the message will arrive to its destination. Without special handling you will not know if the letter (i.e., message) has been delivered to its destination. IP routing is outside the scope of this document; see this URL for a basic overview http://www.sangoma.com/fguide.htm.
Figure 1.4 shows the Ethernet Packet carrying TCP/IP. Notice that IP is first, then TCP.
6 Bytes
6 Bytes
2 Bytes
46 1500 Bytes
4 Bytes
Target Address
Source Address
Protocol Type
IP
TCP
Data
CRC
Figure 1.4
Figure 1.5 shows how it looks in each section.
Figure 1.5
This is how an address is accomplished on the Internet. As we mentioned before, all network-connected devices will have an address. Keep in mind that every NIC card has a 48-bit address, but this is how the packet finds its way to a specific NIC card. Addressing between applications happens using the IP address.
Figure 1.6 is an example.
Figure 1.6
The laptop computer is sending an IP packet to the server. The source address is 192.9.200.21 and the target address is 192.9.200.23. Using this nomenclature, the server now knows how to respond back to the laptop computer, assuming the application needs to do that. This address scheme is how computers talk to each other on the Internet or any IP network. Returning to the postal analogy: The IP address is much like the address on the letter, or the address on your house. The letter (packet) is dropped into the postal box and it is sent via a network of postal employees, with one finally dropping the letter at your house or mailbox.
Part of the IP architecture is the address methodology. Out of the 32 bits of which it is composed, there are approximately 4 billion possible addresses. The addresses are categorized into five different classes of addresses: A, B, C, D, and E. IP addresses are broken down into octets. Each octet represents a part of the address. Example: "192.168.0.1." This address, as with all IP addresses, contains 4 octets. Each portion of the address is separated with a dot (.). This is known as Dotted-Decimal IP addressing. The address range for any octet is 0 255. Also each address, via octet, can be displayed in binary:
Binary
Dotted-Decimal IP Address
11000000
10101000
00000000
00000001
192.168.0.1
Each octet is 8 bits with a maximum decimal value of 255.
An important part of TCP/IP is subnetting. This is so important that we will not be covering it in this book. Now you are really confused. A subnet is a network that is created by using, or borrowing, bits from the host portion of an IP address. This is needed to split out the address from the various classes. Why is this so important? Subnetting can be utilized to get full use of an assigned address from an ISP.
1.2.1 IP address classes
Class A addresses are used with large networks with many hosts. The leading bit in the address is 0 (Bit 0 = 0). Mathematically, 128 networks are available, but the architecture reserves address 0 and 127. Bits 8 31 will make 16 million (16,777,214) addresses available to assign as hosts.
Figure 1.7
Class B addresses are used with medium sized networks with many hosts. The leading bit in the address is 1 (Bits 0,1 = 10). Mathematically, 16,384 networks are available from bits 2 15. Bits 16 31 will make 65,000 (65,534) address available to assign as hosts.
Figure 1.8
Class C addresses are used with small networks with few hosts. The leading bit in the address is 1 (Bits 0,1,2 = 110). Mathematically, 2 million (2,097,152) networks are available from bits 3 24. Bits 25 31 will make 254 addresses available to assign as hosts.
Figure 1.9
Classes D and E are not used for addressing. Class D, leading bits 1110, is used for multicasting and Class E, leading bits 1111, is reserved.
Example and uses of the addressing classes:
Class A
By definition, a class address of 9.2.3.4 is on a different network than an address of 11.2.3.4. The reason is by definition of the class. If computer A is on 9.2.3.4 and computer B is on 9.3.4.5, then they are considered to be on the same network. If that is the case, then they can communicate without the need of a gateway (router).
Class B
By definition, a class address of 130.2.3.4 is on a different network than an address of 131.2.3.4. Again, if computer A is on 130.2.3.4 and computer B is on 130.2.4.5, then they are considered to be on the same network. But 130.2.3.4 is on a different network than 130.3.4.5. See the difference? Look at the host component of the address to understand the address of an IP address in the table below.
Class C
By definition, a class address of 193.2.3.4 is on a different network than an address of 194.2.3.4. Again, if computer A is on 193.2.3.4 and computer B is on 193.2.3.5, then they are considered to be on the same network. But 193.2.3.4 is on a different network than 193.2.4.5. See the difference? Look at the host component of the address to understand the address of an IP address in the table below.
Address Components, based on the following format w.x.y.z with each letter representing an octet.
Table 1.4
Address Class
IP Address Range
Network Component
Host Component
Example Network.Host
Class A
0 126
w
.x.y.z
9.2.3.4
Class B
128 191
w.x
.y.z
131.2.3.4
Class C
192.223
w.x.y
.z
193.2.3.4
So far in our review of TCP/IP, we have discussed Ethernet and IP. Our new stop down the network trail is Transmission Control Protocol. TCP is a connection-oriented, end-to-end reliable protocol designed to work within a hierarchy of protocols that support networked applications. The TCP provides for reliable communication between pairs of processes (applications) in host computers attached to separate but interconnected computer networks. TCP is designed for error-free bulk data movement and provides error detection and recovery. This can make up for IP's "best effort" delivery service. TCP will setup a connection between two hosts before the actual data transmission begins. It will break the data into chunks, add some sequencing information, and then place these chunks into IP packets. IP then will actually route the data through the Internet to its destination.
6 Bytes
6 Bytes
2 Bytes
46 1500 Bytes
4 Bytes
Target Address
Source Address
Protocol Type
IP
TCP
Data
CRC
Figure 1.10
TCP rides in the Ethernet packet after the IP packet. The TCP packet contains information about the application. Although IP routes packets through the Internet using the destination address, more information is needed to identify which application on the destination host should receive the data once it arrives. This is accomplished via ports. Both sending and receiving applications are assigned port numbers to send and receive data. Coupled with the source and destination IP address, the source and destination port number, a small integer number, identifies which application is associated with any given data transfer. As mentioned before, the IP address is like the addressing scheme of the postal service. Once the postal service delivers the letter to your house, further addressing on the letter determines who actually gets the letter. This is where TCP helps out.
2 Bytes
2 Bytes
4 Bytes
4 Bytes
4 Bits
4 Bits
1 Byte
2 Bytes
2 Bytes
2 Bytes
TCP Source Port
TCP Target Port
Seq Number
ACK Seq Number
TCP Header Length
Res
Flags
Win Size
Check Sum
Urgent Data Size
Figure 1.11
The TCP port addresses, source and target, provide a mechanism to direct data to a specific application. Once the IP packet arrives at the host then the port determines which application receives the data. With two bytes of data you can have up to 65,000 different addresses. These addresses are defined by RFC 1700, http://info.internet.isi.edu/in-notes/rfc/files/rfc1700.txt. In this RFC, the ports are categorized. The TCP/IP port numbers below 1024 are special in that normal users are not allowed to run servers on them. These ports are called "well known ports." There are a number of commonly used "well known ports" that include: the SMTP mail service (25), the network news (NNTP, port 119), Telnet (23) and the FTP service (21). The normal port number for web access and server is port 80.
The sequence number and ACK sequence number are used as part of the TCP handshake process. The header length is used to tell the target computer the size of the current TCP header in 32 bit words. The session flags are used to control the various data elements sent to the target computer. For example: Urgent points, Valid Ack, Push Request, and Sync sequent number. The Window size is the number of bytes that the sending computer will accept from the target computer without requirement or acknowledgement. The checksum is an error check for the TCP header fields. The urgent data size can be used if the target computer is congested and it will clear the buffer space as needed to receive and process the data.
So far, so good. Now, how can I access a web site? Let's say you want to go to a site. You will need an address. Let's use 207.69.200.100. Easy to use and remember, but what about remembering numbers for 20 or 30 sites. A process known as DNS solves this problem. Today we access web sites via domain names. Domain names are a method of looking up addresses without having to remember some long number. Remembering a 32-bit number (that really maps to a 48-bit number) can be difficult. Thankfully, the Domain Name System was created. The following extract describes how domains work.
1.2.2 Domains
Getting where you want to go can often be one of the more difficult aspects of using networks. The variety of ways that places are named will probably leave a blank stare on your face at first. Don't fret; there is a method to this apparent madness.
If someone were to ask for a home address, they would probably expect a street, apartment, city, state, and zip code. That's all the information the post office needs to deliver mail in a reasonably speedy fashion. Likewise, computer addresses have a structure to them. The general form is:
a person's email address on a computer: user@somewhere.domain
a computer's name: somewhere.domain
The user portion is usually the person's account name on the system, though it doesn't have to be. For example, somewhere.domain tells you the name of a system or location, and what kind of organization it is. The trailing domain is often one of the following:
com
Usually a company or other commercial institution or organization, like Convex Computers (convex.com).
edu
An educational institution, e.g., New York University, named "nyu.edu."
gov
A government site; NASA is "nasa.gov."
mil
A military site; the Air Force is "af.mil."
net
Gateways and other administrative hosts for a network (it does not mean all of the hosts in a network). One such gateway is "near.net."
org
This is a domain reserved for private organizations that don't comfortably fit in the other classes of domains. One example is the Electronic Frontier Foundation named "eff.org."
Each country also has its own top-level domain. For example, the U.S. domain includes each of the fifty states. Other countries represented with domains include:
au
Australia
ca
Canada
fr
France
uk
The United Kingdom. These also have sub-domains of things, like "ac.uk" for academic sites and "co.uk" for commercial ones.
The proper terminology for a site's domain name (somewhere.domain above) is its Fully Qualified Domain Name (FQDN). It is usually selected to give a clear indication of the site's organization or sponsoring agent. For example, the Massachusetts Institute of Technology's FQDN is "mit.edu"; similarly, Apple Computer's domain name is "apple.com." While such obvious names are usually the norm, there are the occasional exceptions that are ambiguous enough to mislead, like "vt.edu," which, on first impulse, one might surmise is an educational institution of some sort in Vermont; not so. It's actually the domain name for Virginia Tech. In most cases, it's relatively easy to glean the meaning of a domain name. Such confusion is far from the norm.[27]
The DNS is a distributed database of name-to-IP address mappings. Give the DNS the name of a computer and it returns the address, e.g., www.lotus.com is 198.114.68.10. To look up a name, the computer sends a request to a remote domain server. This server will answer the query and return an actual 32-bit IP address. This address is then used by the application to access the resource and return the data.
1.2.3 ARP and routing
ARP stands for Address Resolution Protocol. This is the mechanism that IP uses to get the Ethernet address for a packet. ARP resolves IP addresses to hardware addresses also known as a MAC address. Each network adapter has a unique hardware address that it uses for identification on the network. When there is a need to locate a computer/peripheral on the TCP/IP network, ARP first checks its local cache to see if it contains the hardware address for the computer/peripheral it is trying to connect to. If the address is not in the ARP cache, ARP broadcasts a message to the known IP address for its hardware address. The computer it's trying to locate will receive the broadcast and send a reply with its IP and hardware addresses. Once the hardware address has been attained, ARP stores the resolved IP and hardware addresses in cache, then proceeds with communication. But this is only part of the story. IP really only communicates on its own network. Remember, we talk about the various classes of networks, A, B, and C. Figure 1.12 shows some examples for a Class C Network:
Computer
Address
Computer A
192.9.200.2
Computer B
192.9.200.3
Computer C
192.9.201.5
Figure 1.12
Computer A and Computer B are in the same IP network. Computer C is on a different IP Network. Also, in our example, all computers are connected to the same physical network. So from an IP perspective, Computer A and Computer B can communicate. Computer C cannot communicate with Computer A or Computer B. Why? The answer is routing. Routing in IP is based entirely upon the network number of the destination address. Each computer has a table of IP network numbers. If these IP numbers show that the destination computer is in the same network, then the computers can establish a point-to-point communication. If the computers are not in the same network, then a "gateway" will be needed. A gateway is an IP communication facilitator.
In Figure 1.13, we have two IP networks, 192.9.200.x and 192.9.201.x. How can Computer A (192.9.200.2) establish a connection with Computer D (192.9.201.5)?
Figure 1.13
Let's follow the steps:
When a computer wants to send a packet of data, it first checks to see if the destination address is on the system's own local network.
If yes, then the data is sent point-to-point.
Our example has computers that are not in the same IP network so the data will be sent to a gateway that is on the source network.
In our example, the gateway (aka the "default gateway") is at IP address 192.9.200.5. So if the target computer is not on the local network, then all "unknown" traffic will be sent to the gateway. All traffic for 192.9.201.x will be sent to 192.9.200.5. Then the computer will route the data (traffic) to 192.9.201.x network. This concept is very important. If you are going to set up your own private network, you will be using these simple routing concepts.
Now, at this point, you may be thinking this routing stuff is easy. It is easy as long as you have a small network. There are books, courses, and companies that are dedicated to routing implementation, software, and hardware. IP routing can get very complicated very quickly. Remember, this book is trying to give you the concepts to set up and protect your home network. If you need to set up a business, then you need a different book or a consulting service.
1.2.4 Ports
At this point we need to return to our postal analogy. Remember that when you want to send a message from one house to another you will use an addressing scheme. You have a source address and a target address. In the IP world, this is managed by the IP address. In our example you sent that message to your friend at the end of the block. But in our analogy the address was not complete. You put the house address on the message but you did not put "who" the message was going to. The "who" part of the message is very similar to a concept known as "ports." The port in TCP/IP (actually just the TCP part) tells the computer what application needs this data (or message).
Table 1.5: Protocol Implementation
DARPA Layer
OSI
Process/Application
FTP
TFTP
Application
SMTP
NFS
Presentation
TELNET
SNMP
Session
RFC 959,821,854
RFC 783,1094
Transport
Transmission Control Protocol (TCP)
RFC 793
User Datagram Protocol (UDP)
RFC 768
Transport
Who (App)
Internet
(ARP)Address Resolution
RFC 826,903
(IP) Internet Protocol
RFC 791
Internet Control Message Protocol
RFC 792
Network
Street Address (IP Addr.)
Network Interface
Network Interface Cards: Ethernet, Token Ring
RFC 894 RFC 1042
Data Link
Street Name (NIC Card)
Transmission Media: Twisted Pair, Coax, Fiber, Wireless, etc.
Physical
The Street (Cable)
In our analogy we can compare each feature to the OSI reference mode.
At the physical layer, which is the cables, wires, etc., the street is how the message gets from house to house.
The data link layer would be the same as the street name, e.g., the MAC address lives here.
The street address of the house would be the same as the IP address at the network layer.
The transport layer would have the person's name on the letter (or the message). At the TCP layer, the port would point to the application receiving the message.
TCP port numbers are divided into three basic ranges: the well known ports, the registered ports, and the dynamic private ports. The well known ports are those from 0 through 1023. The registered ports are those from 1024 through 49151. The dynamic private ports are those from 49152 through 65535. The well known ports are controlled and assigned by the IANA and on most systems can only be used by predefined system processes or by programs executed by privileged users. The registered ports are not controlled by the IANA and on most systems can be used by any program or processes.
Following are examples of well known ports:
ftp-data 20/tcp File Transfer [Default Data]
ftp 21/tcp File Transfer [Control]
telnet 23/tcp Telnet
smtp 25/tcp Simple Mail Transfer
http 80/tcp World Wide Web HTTP
www-http 80/tcp World Wide Web HTTP
pop3 110/tcp Post Office Protocol Version 3
nntp 119/tcp Network News Transfer Protocol
imap2 143/tcp Interactive Mail Access Protocol v2
https 443/tcp https
So why all this fuss about ports? Hacking into computers can include port scanning or surfing. The essence of port surfing is to pick out a target computer and explore it to see what ports are open and what a hacker can do with them. If you understand ports then you can understand what hackers can do to you and/or your systems.
Scanning, as a method for discovering exploitable communication channels, has been around for ages. Over time, a number of techniques have been developed for surveying the protocols and ports on which a target machine is listening. They all offer different benefits and problems. TCP port scanning is used to find any TCP ports that are "listening." If the port is listening then the scan will succeed; otherwise, the port isn't reachable. Later you will learn how to block ports from the modern-day Jesse James.
1.2.5 DHCP
DHCP (Dynamic Host Configuration Protocol) is a network protocol that enables a DHCP server to automatically assign an IP address to an individual computer. This process is controlled by a server but initiated by a client computer. The DHCP server assigns a number dynamically from a predefined range of numbers. In DHCP terms, this is called a "scope." If the DHCP is configured properly, then the IP address and DNS address can be assigned at the same time.
Following is the transaction that a server and client will implement:
The client is started.
The client computer sends a broadcast request out on the network looking for a DHCP server to answer its request.
A DHCP server returns a DHCP OFFER packet.
The DHCP client sends a DHCP REQUEST packet back to the server.
The client then sends out a DHCP ACK packet.
The DHCP server then assigns an IP number according to the scope range defined in its DHCP configuration.
As part of the process the DHCP server may also send the DNS information.
Figure 1.14 shows the configuration for a DHCP client on Windows 98. Open the control panel in Windows 98 and select Network.
Figure 1.14
Once in the Network configuration (see Figure 1.15), select the Configuration tab. Select TCP/IP. If you do not see TCP/IP listed then you will need to add it to the list. A big assumption is that you have a network card (NIC) in your system at this time.
Figure 1.15
Select the TCP/IP binding, as shown in Figure 1.16, and select the Properties button.
Figure 1.16
The next screen shows the TCP/IP Properties dialog box. Select IP Address, then select "Obtain an IP Address automatically." Press "OK" and reboot your system.
When your system restarts, you should have an address that was assigned to you. But what if you wanted to check out the IP address that was assigned to you? Again, if you are using Windows 98, here are the steps:
At the Start button select "Run" and type "Winipcfg." [28]
The Winipcfg utility allows a user to view the current IP address and other useful information about his or her network configuration. The user can reset one or more IP addresses. The "Release" or "Renew" buttons can release or renew the assigned IP address. The user can also release or renew all IP addresses by just clicking "Release All" or "Renew All."
Once you press "OK" on the "Run" dialog box, you will see the dialog box shown in Figure 1.18.
Select your network card in the drop-down list as shown in Figure 1.19. This card will display the following:
Adapter Address: This address is the address of the card, in this case the MAC address.
IP Address: The IP address is one of the addresses in the "scope" of available addresses
Subnet Mask: This is the mask used for subnetting (not covered in this book).
Default Gateway: The gateway address to other networks.
Figure 1.17
Figure 1.18
Figure 1.19
Select "More Info >>". This will display more detailed information about the address that was assigned and any DNS names and addresses that have been assigned to your computer.
Why all this talk about IP addresses? As we mentioned, every computer on the Internet has an IP address. Of the 32 bits of an IP address, there are just a limited number of addresses (the potential is 4 billion, but true registered addresses are much less than that). If you want more information about the registration process then check out http://www.arin.net/regserv.html. At this point, we are running out of what is known as IP4 addresses. How can we deal with this issue? One answer is known as IPV6. This is a new IP addressing scheme that will have 128 addressable bits. As we say in Texas, that is a truckload of addresses. But for now IPV6 is not as widespread as IPV4. One method is to use a system known as 10-net [29]. RFC 1918 discusses the 10-net address allocation. The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private Internets:
10.0.0.0
10.255.255.255
172.16.0.0
172.31.255.255
192.168.0.0
192.168.255.255
These addresses are not registered and cannot be allocated to anyone on the Internet. But we can use these address for our internal networks. So how do we communicate with addresses that cannot be registered? The answer is NAT. Network Address Translation is the technique that we will discuss in Chapter 4.
