Friday, April 2, 2010


The OSI model was never known to be just a model. In the 70's, it was a competing protocol. TCP/IP eventually won, even though the OSI model was technically better. OSI lost because of its addressing, which used hexadecimal and was long. No one predicted that IP would actually run out. IPv6 was made to fix the problem and it sports similar characteristics to the old OSI model.
In the TCP/IP model, the upper layers are squashed into one Application layer (which consists of Application, Presentation and Session). Data Link and Physical are squashed into a Network Access Layer. This results in the following model:

-Network Access

Every layer has its own protocol suites. In the TCP/IP application layer, you have protocols like Telnet, FTP, SMTP, DNS, RIP, SNMP. In the transport layer, the two main protocols are TCP and UDP. In the network layer, we have IP, ARP, IGMP, ICMP. Finally, in the Data Link and Physical Layer, we have protocols like Ethernet, Token Ring, FDDI, Frame Relay and ATM.

The IP address comes in a dotted-decimal format. There are four decimal numbers ranging from 0-255 separated by dots. An example of an IP address is:

Each decimal number can also be referred to as an octet. An IP address is always combined with a subnet mask. The subnet mask allows a device to determine whether a device is inside or outside its subnet. If a device is inside its subnet, it can do local communication. If it's outside, it must go through its default gateway.

The subnet mask splits an IP into its network and host portion. The 1's in a subnet mask are contiguous. As a result, you would only see these numbers:

An AND operation between the IP and the subnet mask would result in the subnet address.

Assuming that you have two hosts in the same subnet configured as:
Host A -
Host B -

When Host A tries to reach Host B, it first tries to see if they are in the same subnet. To do this, Host A compares his subnet address (IP AND Subnet Mask) and Host B's subnet address (it takes Host B's IP and AND with its OWN Subnet Mask). Since they are both in the same subnet, Host A would conclude that he can do local communication.

Local communication begins with an ARP request containing Host A's MAC and IP address asking for Host B's IP's MAC address. The reason why he wants Host B's MAC address is because devices cannot communicate directly using IP. They must always be supported by a Layer 2 address. Host B then gives an ARP reply with his MAC address. From here on, Host A would be able to communicate with Host B through the MAC address.

Suppose that Host A now wants to communicate with Host C with the IP of A comparison of the subnet address shows that Host C is not in the same subnet. Therefore, Host A concludes that he cannot do local communication. If he does an ARP for, Host C would not be able to see the ARP request and reply with his MAC since they're not on the same subnet. Even if Host A did have Host C's MAC address, he would not be able to communicate since they're not on the same subnet.

For remote communications, Host A would have to ARP for his default gateway's MAC address. Next, the packet is made with source of Host A's IP, and destination of Host C's IP. However, the MAC address would have the source of Host A, and the destination of its default gateway! This way, the packet would go to the default gateway and continue hopping point-to-point (changing the MAC in each hop) all the way till it reaches Host C.

There are three default address classes:
Class A - First octet of IP is 1-126. For example, It has a mask of
Class B - The first octet of IP address is 128-191 (notice that 127 is left out. This is because it is reserved for loopback addresses). An example is It has the subnet mask of
Class C - The first octet of IP is 192-223. An example is The subnet mask is

There are other classes of IP which cannot be assigned to a host. Notably, Class D addresses are reserved for Multicast traffic, and the first octet ranges from 224-247. Class E are for experimental purposes, and ranges from 248-254.

There are two types of IP addresses: Public and Private. Public addresses are routable addresses in the internet. Public addresses are obtainable only from service providers, who purchased them in blocks from the government. Private addresses, however, can be used freely. They are dictated by RFC1918, which dictates these three ranges as private:
Class A: -
Class B: -
Class C: -

If a client fails to get an IP from a DHCP server, he will get an auto-configured IP address that starts with 169.254. This is so that they can still communicate locally. For private addresses to become routable, it must be translated into a public address through NAT. NAT maps internal private addresses with public addresses and keeps a table of translations.

No comments :

Post a Comment