CIDR house rules: IP network classes

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

good morning everybody and welcome back to next door netadmin today I'm planning on talking about IP addresses most specifically I'd like to get into what we would talk about these days as subnets but it didn't start as subnets so I'm going to start by going way back to when IP version 4 what we now recognize as version 4 was a brand new protocol how was it organized okay so the first thing to remember is that this is before Nat this is before private IPS were a thing so the expectation from the very beginning with IP was that every device's IP address would be publicly accessible this was a long time back before we had computer viruses worms spam all the ETC so the original way of thinking about this didn't require any sort of private addressing or anything like that if you needed a firewall you would get a firewall but it was only there to scan the traffic Andor block ports the devices behind the firewall still had publicly accessible IP addresses so how are these IP addresses broken up and allocated originally this was based on the class of network and the rules that determined this were Class A was any IP address that started with a zero period And this is in IP version 4 like I said so there's 32 bits available all of which can either be a zero or a one and then you break that into your dotted decimal format where each dotted portion is 8 Bits that we then convert to decimal for human readability but we're going to be looking at binary here for a bunch of this because this is how computers think about it so a Class A network is anything that starts anything with an IP address that starts with a zero a Class B network is anything that starts with one z a Class C network is anything that starts with one one z a Class D network is anything that starts with one one one Z are we seeing a pattern here and a Class E network is anything that starts with one one one one that means that everything that has a first octet in your IP address of zero through 127 is a class A Network anything from 128 to 191 is a Class B Network anything from 192 to 223 is a Class C Network anything from 224 to 239 is a Class D Network and anything from 240 down to 255 is a Class E network now originally originally speaking class A networks were all the same all of the networks in fact were all the same based on their class your subnet mask was more correctly understood as your network mask because every single class a network had the same network mask every class B Network had the same network mask it was only determined by the class so your class A networks was anything from 0 to 127 in the first octet and the rest of those bits because your class a sub your class a network mask excuse me was 255.0.0.0 which meant that you have the first eight bits as your network identif to fire which we know only goes from 0 to 127 and then the other 24 bits were your available hosts that meant that you had a grand total of 128 Class A networks you didn't use zero because zero was special and 127.0.0.1 which was dramatic Overkill but we'll get to that in a second having 24 bits available meant that each one of these 126 Class A networks had 24 bits for device addressing per Network which works out to something on the order of 16.7 some number million IP addresses for each one of these Class A networks and so when you assigned a Class A Network to an organization because remember this was intended that every device had a unique a globally unique IP address publicly accessible you only gave Class A networks to very large organizations for example the US Department of Defense has a Class A Network all its own General Electric I'm pretty sure it was General Electric it might have been General Dynamics but I'm pretty sure it was General Electric General Electric got an entire class a network just for itself because it was a big Corporation it was expected to have lots of devices worldwide that would need IP addresses all of which would be assigned by General Electric's technology department it Department these days but there were only 126 of these Class A networks so that was a lot of ips in a very small number of networks so to alleviate this you had have the class B networks they had a default Network mask of 255.255.0.0 which meant the first 16 bits are your network identifier and your last 16 bits are the device identifier now this means that you had 64 at 64 available possibilities in the first octet multiplied by 256 possibilities in the second octet I don't remember what that works out to but essentially you're talking about 64 * 256 was your total number of Class B networks each one of these class Class B networks had a full 16 bits available for its devices which meant that each class B Network could do 65,536 devices IP addresses actually because you can't use zero and you can't use 255 again we'll come to that later in probably another video because of that you always have to subtract two to get your usable IP addresses in a network so that would be 65534 usable IP addresses one of which will be your router fine that was fewer devices per network but you had more networks available and so these went to the midsize organizations Class C networks had a default Network mask of 255.255.255.0 which meant that you had 256 * 256 * the next one down is 32 available Network identifiers and then you had 8 Bits 256 IP addresses within each Network minus the two for the zero and the 255 so you'd get 254 available usable IP addresses per class c network and this was all good class D networks were reserved for multicast which is something we'll talk about also in a future video and Class E networks were reserved just reserved for research purposes or for future assignment whatever this was how it all started and for a while this worked out okay but then you start getting more and more devices connecting to the network and maybe originally your organization sprang for a class C Network and you were assigned a Class C Network and that was probably fine cuz you didn't have a lot of computers there they're big expensive things and so you don't need to connect them to the network but now they're starting to appear on people's desks and now you might have other devices like printers that also need to connect to the network and maybe where you used to have 250 devices and you thought that's more than enough we're never going to have more than like five main frames in this entire organization because that's five big offices but now each office might have 100 devices and you don't have enough IPS anymore so the number of networks that were assigned started to grow quickly and if you think about it consider that your first octet half fully half of that IP space is for class A networks the biggest ones and sure anybody who has a Class A network is probably never going to run out of ips at least not for a long time given that they have 16.7 million IPS available but they weren't using all of those but they weren't available to be assigned to anybody else either because they were part of a Class A Network they belonged to that Network so you couldn't assign them anywhere else there were a few things that were brought in a few technologies that were brought in to help alleviate the situation the first one was private IP space and network address translation private IP space was set aside and it was one class a network 10.0.0.0 class a network there's 16.7 million IPS in there and it's available to be reused by multiple organizations Class B networks there's several there's 17216 all the way through to 17231 and each one of those Class B networks has 65,500 IP addresses that can be used Again by anybody and there's 16 of those networks so you can mix and match a little bit Class C networks were anything starting with 192.168 and so you had the third octet 8 Bits you had 256 of these 192.168 networks each one of which could have 250 addresses on it roundly and so these could be reused mixed and matched Etc and they were set aside for private use and then you have Network address translation which when you are exiting onto the globally accessible internet it would be translated from an internal private IP address to an external public IP address and there were many ways that you could do that you could just reuse the one address that's being used by the router you might might have a pool of available external IP addresses that could be shared amongst different machines you might even have a static onetoone mapping where one specific machine always gets one specific external IP address there's lots of ways that you can set it up and it's up to a network admin to make sure that it works but even then we were still running out of public IPS because each one of these public IP addresses is in a Network that has to be assigned as a full block so if you think about an ISP what is your isp's choice your ISP choice is for your internet service provider to either have a class C network with a total of 256 sites in their block or they have to purchase multiple blocks which if everybody's buying a Class C Network means that the class C networks's run out or you have a class B Network which has 65,000 devices what if you are an ISP that has I don't know let's say a th000 customers you either have to purchase and secure four different class C Networks or for the sake of keeping everything uh summarized appropriately in the routing tables you purchase a Class B Network and you've got 65,000 addresses but you only needed a th000 or maybe you originally got a class B Network because you needed more than a Class C could give you and now you've got all of this wasted IP space so to counter this we introduced cider sometimes it's pronounced Cedar but it's cidr classless interdomain routing with cider you're not bound by Network classes anymore and so each network has its subnet mask because you're now taking a classful network and you are making subet networks out of it and so your network mask now becomes your subnet mask you've got your main Network this is still determined by the class of the network but then within each one of those networks you might have a sub Network and then you'll have a section set aside still for your host for your device IP address device identifier whatever so how's this work in practice well your 10.0.0.0 class a private IP space you can do it as 10.0.0.0 and then have a subnet mask of 255.0.0.0 but for many reasons that's a really poor design you should not use that as is on your network because that's 16.7 million IPS you don't have 16.7 million IPS on the same network that's wasteful so what you can do as an organization is say hey for this office this office is going to use a subnet mask of 255.255.255.0 it's the same network mask as a Class C network but you're still in a class a network because the first bit of that address is still a zero in order to create 10 your your first bit is still going to be zero so you're in a class a network but you're using a different network mask a different subnet mask so your subnet mask is what's actually determining this section is in use by the network and subnetwork and this section is still set aside for the host which means you can have 250 devices on this subnetwork the process of figuring all of this out means that in order to efficiently represent the network and subnetwork we've introduced something called slash notation and in SL notation you're just indicating the number of bits in the subnet mask that that are one so in our example where we have 10.0.0.0 as our network but we're using a subnet mask of 255.255.255.0 you can represent this as saying it's 10.0.0.0 sl24 and that tells everybody okay you're using this network it's a Class A network but the subnet mask indicates that your full network ID is 10.0.0 because that's the part covered by the subnet mask and then the last octet the last eight bits is what's the actual Dei device identifier within that subn Network cider allows us to break up these big networks into smaller subn networks and so you can do things like remember how I said that the class B private networks are 17216 through 17231 that can be summarized as Cedar would do it by saying it's 172.16.0.0 SL2 it just means that your network plus subnetwork identifier is the first 12 bits of the address 172 dot whatever the first four bits are there and that'll be everything from actually that part won't change because 16 through 31 ah one bit is the same one bit the 16 bit is the same so 16 all the way through 31 is summarized in that sl12 subnet mask and then the device portion of it can be anything but if you're looking at it from a Class B Network you've just summarized the 16 different class B networks into a single block and you can represent that block as a single identifier using cider and then you could take one of those Class B Networks and say I'm using 17216 do 23.0 sl24 now with this mask you can see that 17216 d223 excuse me I'm talking too fast is now your network plus subnet identifier and here your device identifier is the last eight bits again this can go down as far down as you want you can have a sl30 subnet indicated which gives you two usable IP addresses you will have one address which is the zero address for that Network you'll have one address which is the 255 for that for that Network and then you have two usable IPS and that's perfect for a pointto point Point link where you only need two IP addresses that has to be its own network segment and it has to be unique but this way you can say here's a subnet that's just big enough for what I need and I can use the rest of the network as different subnetworks without wasting the whole network on a single little link like that I honestly feel like I'm not doing this topic Justice but it's an overview subnetting is a tricky subject for a lot of people to get their heads around largely because you have to really be able to think in binary you have to understand how the computers and network devices actually see these addresses and realize you're just branching every time you go from this address you either add a zero or a one and then from either of these you add another zero or you add a one and it's like this all the way down and this is just for IP version 4 a 32-bit address multiply this by four again and you get the 128bit addresses that are used in IP version 6 it's the same principles but it's a massive increase in the number of networks and devices that you have to wrap your head around so it it's it's a pretty deep subject quite honestly but I've kind of walked you through here how it started and how these additional Concepts were added to the network over time in order to try and maximize the use of what turned out to be a pretty limited resource and then IPv6 is the newer version that was brought in to to help alleviate this shortage because Network address translation turned out to be a complication a big complication as it turned out because you could no longer guarantee that you can send traffic and it will reach the correct destination you had to introduce Concepts like port forwarding you had to say okay well if I'm trying to have one device talk to another device and they're both behind firewalls that are doing Network address translation how do I get the two devices to be able to open their ports to be able to talk to each other and you've had to bring in other Technologies like stun or turn or any of these other acronyms that all have to try and attack this problem IP version 6 said let's we we've got these Technologies but they're difficult for a lot of people to work with because they're not how the network was originally intended to function so IP version 6 has a massively expanded number of IP addresses such that every device should be able to have a public IP address again that doesn't mean that it's open season because you've still got firewalls in the path to filter the traffic to block it and say you're allowed to talk to this port or you're not allowed to talk to these ports firewalls are still there to protect the devices but when you have a device with a public IP address you don't have to go through all the rig roll of figuring out how to get these two translated addresses to talk to each other on ports that can go through their respective firewalls you just leave it up to the admin to say hey this port should be accessible to inbound traffic let it through or if it's outbound traffic it's fine let the out B traffic talk through it okay there's reasons for how we got to where we are and why we got to where we are now but now that I've explained cider this also lays the foundation for what I want to talk about next week which is different types of Ip traffic we're going to talk about unicast we're going to talk about multicast remember those class D networks I talked about multicast we're going to talk about it we're going to talk about broadcast I've been talking about zero addresses in 255 addresses that's just my slang for it that's personal to me and most Network ads will probably have a good idea of what I'm talking about but I'm going to explain that as well and then I'm going to talk about any cast which is its own thing so yeah but I couldn't talk about any of that stuff without giving you an understanding of how the networks are were originally set up and then subdivided so that we can effectively talk about that going forward so something to look forward to for next week hopefully but for now that's all I've got so thank you very much for watching I am your next door nedman and we'll see you next time

Info

Channel: NextDoorNetAdmin

Views: 20

Rating: undefined out of 5

Keywords:

Id: RYp69NS_oII

Channel Id: undefined

Length: 27min 27sec (1647 seconds)

Published: Mon Jul 08 2024