Computer Networking Quetions and Answers (Advanced)

Will CIDR completely eliminate IP address crunch problem?

No. Even using CIDR, all the available IP addresses will get used at some point in time. The final solution to this problem is to use the next version of IP (IPv6).

How CIDR reduces the number of entries in a routing table?

Using classful IP addressing, a separate entry is needed in the routing table of a router for each network. This results in a routing table with a large number of entries due to the existence of a large number of networks. As each router has its own limitation, this large routing table will lead to reduced performance and eventual breakdown of the router. If CIDR addressing is used, a single entry can be used to represent a group of networks. This will reduce the number of entries in the router. This is known as route aggregation. The routes for the individual networks will be present in another router down the path. Each entry in the router will have a network prefix associated with it. The network prefix is used to identify the correct network from the given IP address.

How CIDR can be used to effectively manage the IP address space?

Using CIDR IP addressing, any number of contiguous bits can be assigned to identify networks, depending on the number of hosts it needs to support. This will greatly reduce the number of wasted IP addresses. For example, let us say a network has 900 hosts. If classful IP addressing is used, this network needs 4 class C IP addresses or one class B IP address. If a class B IP address is used, as the maximum number of hosts in a class B network is 65534, a very large number (65534 - 900) of host IP addresses will be wasted. As the number of class C IP networks is limited (2097152), it is not preferable to assign 4 class C IP addresses to this network. On the other hand, if CIDR is used, then this network can be assigned an IP address with a network prefix of 22 (i.e. /22). This means, 10 bits are available for hosts, resulting in 1024 available host IP addresses, satisfying the exact requirements of the network. So CIDR the IP address space can be effectively used.

What are the advantages of CIDR?

The advantages of CIDR over the classful IP addressing are:

1. CIDR can be used to effectively manage the available IP address space.

2. CIDR can reduce the number of routing table entries.

How is an IP address represented in CIDR notation?

In CIDR notation, an IP address is represented as A.B.C.D /n, where "/n" is called the IP prefix or network prefix. The IP prefix identifies the number of significant bits used to identify a network. For example, 192.9.205.22 /18 means, the first 18 bits are used to represent the network and the remaining 14 bits are used to identify hosts.

How is a network ID assigned in a CIDR IP address?

In CIDR IP addressing, the first 'n' bits of an IP address are assigned to identify the network and the remaining bits are used to identify the host, where the value of 'n' may be between 1 to 31. The value of 'n' depends on the number of hosts in the network.

What is the difference between classful IP addressing and classless IP addressing?

The difference between classful IP addressing and classless IP addressing is in selecting the number of bits used for the network ID portion of an IP address. In classful IP addressing, the network ID portion can take only the predefined number of bits 8, 16, or 24. In classless addressing, any number of bits can be assigned to the network ID.

Which RFCs discuss about CIDR?

RFCs 1517, 1518, and 1519 discusses about CIDR.

What is CIDR?

Classless Inter Domain Routing (CIDR) is a method for assigning IP addresses without using the standard IP address classes like Class A, Class B or Class C. In CIDR, depending on the number of hosts present in a network, IP addresses are assigned.

What are the possible solutions to the limitations of IP addressing?

The possible solutions to the limitation of IPv4 addressing are:

1. IP version 6 (IPv6) or IP next generation (IPng). This is the latest version of IP. This solves a lot of problems in IPv4. This document doesn't discuss about IPv6.

2. Classless Inter Domain Routing (CIDR)

How a large number of IP addresses are wasted using IPv4 address classes?

If a network has slightly more number of hosts than a particular class, then it needs either two IP addresses of that class or the next class of IP address. For example, let use say a network has 300 hosts, this network needs either a single class B IP address or two class C IP addresses. If class B address is allocated to this network, as the number of hosts that can be defined in a class B network is (2^16 - 2), a large number of host IP addresses are wasted. If two class C IP addresses are allocated, as the number of networks that can be defined using a class C address is only (2^21), the number of available class C networks will quickly exhaust. Because of the above two reasons, a lot of IP addresses are wasted and also the available IP address space is rapidly reduced.

What are the limitations of IPv4 address classes?

The limitations of IPv4 address classes are:

1. A large number of IP addresses are wasted because of using IP address classes.

2. The routing tables will become large. A separate routing table entry is needed for each network resulting in a large number of routing table entries.

What is RFC 1918?

RFC 1918, published in 1996, describe the reservation of Private IP address. . Private networks are segments of IP address space reserved by IANA for use within an organization. These addresses can be used by anyone without being officially assigned by a registry or an ISP. The three most popular blocks among RFC1918 addresses are 192.168/16, 10/8 and 172.16/12. That is 10.0.0.0 – 10.255.25.255, 172.16.0.0 – 172.31.255.255 and 192.168.0.0. – 192.168.255.255 The addresses in these blocks are called "private IP addresses" in the Internet vernacular.

What is an RFC?

Short for Request for Comments, a series of notes about the Internet, started in 1969 (when the Internet was the ARPANET). An Internet Document can be submitted to the IETF by anyone, but the IETF decides if the document becomes an RFC. Eventually, if it gains enough interest, it may evolve into an Internet standard.

Each RFC is designated by an RFC number. Once published, an RFC never changes. Modifications to an original RFC are assigned a new RFC number.

What is APIPA?

APIPA stands for Automatic Private IP Addressing. When you configure your computer to obtain IP Address automatically and a DHCP server cannot be contacted, then the computer will automatically assign an IP address from a specific range (169.254.0.1 to 169.254.255.254). Then this network will be isolated from all networks. Because it has no a default gateway and any other configuration parameters.

What is a subnet?

A subnet is a portion of a network that is logically isolated from other parts of the network. Usually it’s divided by a router.

Can a workstation computer be configured to browse the Internet and yet NOT have a default gateway?

No. Never. A work station computer can brows the Internet only if it has a default gateway.

What is a default gateway? What happens if I don't have one?

In general, a gateway is a device on a network that acts as an entrance to another network. In more technical terms, a gateway is a routing device that knows how to pass traffic between different subnets and networks. A computer will know some routes (a route is the address of each node a packet must go through on the Internet to reach a specific destination), but not the routes to every address on the Internet. It won't even know all the routes on the nearest subnets. A gateway will not have this information either, but will at least know the addresses of other gateways it can hand the traffic off to. Your default gateway is on the same subnet as your computer, and is the gateway your computer relies on when it doesn't know how to route traffic.

If you don’t have a gateway your network communication have no problem. But you cannot communicate with other networks. That means your packet will not reach other networks.

• What is the ANDing process?

When a source host attempts to communicate with a destination host, the source host uses its subnet mask to determine whether the destination host is on the local network or a remote network. This is known as the ANDing process.

The AND function has the following properties:

· If the two compared values are both 1, the result is 1.

· If one of the values is 0 and the other is 1, the result is 0.

· If both of the compared values are 0, the result is 0.

The source and destination IP addresses are compared to the source's subnet mask using the ANDing process. An AND result is created for each of the addresses. If the result is the same, the hosts are on the same network. If the result is different, the destination host is on a remote network. All traffic destined for that remote host should be directed to the router indicated in the source host's routing table. If no explicit route is defined in the routing table, the traffic is directed to the source host's default gateway.

For example two hosts that want to communicate. Host A (with IP address 172.16.2.4) wants to communicate with Host B (with IP address 172.16.3.5). If the subnet mask for Host A is 255.255.0.0, will the hosts communicate using local transmissions or will they send information to the default gateway?

Using the ANDing process.

When converted to binary, the address 172.16.2.4 is as follows:

10101100 00010000 00000010 00000100

When converted to binary, the address 172.16.3.5 is as follows:

10101100 00010000 00000011 00000101

If the ANDing process is performed, the result for Host A using its subnet mask of 255.255.0.0 is

HOST A's IP Address 10101100 00010000 00000010 00000100

Host A's Subnet Mask 11111111 11111111 00000000 00000000

ANDING Result   10101100 00010000 00000000 00000000

The result for Host B is

HOST B's IP Address 10101100 00010000 00000011 00000101

Host A's Subnet Mask 11111111 11111111 00000000 00000000

ANDing Result   10101100 00010000 00000000 00000000

As you can see, the two results match. This indicates that, as far as Host A is concerned, the two hosts are on the same physical network. Communication can occur directly between the two hosts. In fact, the same holds true because host B would have the same subnet mask since the hosts are on the same network.

Day 5, "The Art of Subnet Masking," further examines the art of subnet masking. It also examines the use of nonstandard subnet masking to further segment a group of IP addresses into smaller segments. This process, which ignores the default subnet masks used by address classes, is commonly referred to as Classless Internet Domain Routing (CIDR).

What is the use of gratuitous ARP?

Gratuitous ARP is used for the following:

In a properly configured network, there will not be an ARP reply for a gratuitous ARP request. But if another host in the network is also configured with the same IP address as the source host, then the source host will get an ARP reply. In this way, a host can determine whether another host is also configured with its IP address.

When the network interface card in a system is changed, the MAC address to its IP address mapping is changed. In this case, when the host is rebooted, it will send an ARP request packet for its own IP address. As this is a broadcast packet, all the hosts in the network will receive and process this packet. They will update their old mapping in the ARP cache with this new mapping.

What is gratuitous ARP?

When a host sends an ARP request to resolve its own IP address, it is called gratuitous ARP. In the ARP request packet, the source IP address and destination IP address are filled with the same source IP address itself. The destination MAC address is the Ethernet broadcast address (FF:FF:FF:FF:FF:FF).

What is the use of proxy ARP?

When routers receive ARP requests from one network for hosts on the network, they will respond with a ARP reply packet with their MAC address. For example, let us say host A is in one network, host B is in another network and router C connects these two networks. When host A sends an ARP request to resolve the IP address of host B, the router C receives this packet. The router C sends an ARP reply with its MAC address. So host A will send all the packets destined for host B to the router C. Router C will then forward those packets to host B. Proxy ARP is also used if a host in a network is not able to understand subnet addressing. For example, if host A and host B are actually in two different subnets, but host A cannot understand subnet addressing. So host A assumes that host B is present in the same network. In this case a router, host C, can use proxy ARP to route packets between host A and host B.

What is proxy ARP?

Proxy ARP is the process in which one system responds to the ARP request for another system. For example, host A sends an ARP request to resolve the IP address of host B. Instead of Host B, Host C responds to this ARP request.

Why is the hardware MAC address present in both the Ethernet header and the ARP packet (request and reply)?

The Ethernet header is processed by the data link driver and removed from the packet. When the ARP layer gets the packet, it needs to know the hardware and protocol addresses in order to update the table. That is why the hardware MAC address is present in both the Ethernet header and the ARP packet.

How to differentiate between a ARP request packet and a ARP reply packet, as the Ethernet type field is same on both the packets?

An ARP request packet can be differentiated from an ARP reply packet using the 'operation' field in the ARP packet. For a ARP request it is 1 and for an ARP reply it is 2.

What is the size of an ARP request and reply packet?

The size of an ARP request or reply packet is 28 bytes.

What is the format of an ARP packet?

The various fields of a ARP request/reply packet and their length are shown below:

    +--------+

    |Hardware| 2 bytes

    |MAC     |

    |Address |

    |Type    |

    +--------+

    |Protocol| 2 bytes

    |Address |

    |Type    |

    +--------+

    |Hardware| 1 byte

    |MAC     |

    |Address |

    |Size    |

    +--------+

    |Protocol| 1 byte

    |Address |

    |Size    |

    +--------+

    |Op      | 2 bytes

    +--------+

    |Sender  | 6 bytes (depends on the above size field)

    |MAC     |

    |Address |

    +--------+

    |Sender  | 4 bytes (depends on the above size field)

    |IP      |

    |Address |

    +--------+

    |Target  | 6 bytes (depends on the above size field)

    |MAC     |

    |Address |

    +--------+

    |Target  | 4 bytes (depends on the above size field)

    |IP      |

    |Address |

    +--------+

The fields are further explained below:

+---------+-------------------------------------------------------+

|Ethernet |For a ARP request, source MAC address is the MAC       |

|Header   |address of the host sending the ARP request,           |

|         |destination MAC address is the Ethernet broadcast      |

|         |address (FF:FF:FF:FF:FF:FF), frame type field is 0x806.|

|         |For ARP reply, source MAC address is the MAC address of|

|         |the host replying to the ARP request, destination MAC  |

|         |address is the MAC address of the host that sent the   |

|         |ARP request, and the frame type field is 0x806.        |

+---------+-------------------------------------------------------+

|Hardware |Type of the hardware MAC address which is being mapped.|

|Address  |For Ethernet the value of this field is 1.             |

|Type     |                                                       |

+---------+-------------------------------------------------------+

|Protocol |Type of the protocol address to which the MAC address  |

|Address  |is mapped.  For IP address the value of this field is  |

|Type     |0x800.                                                 |

+---------+-------------------------------------------------------+

|Hardware |Size of the hardware MAC address.  For Ethernet, the   |

|Address  |value of this field is 6.                              |

|Size     |                                                       |

+---------+-------------------------------------------------------+

|Protocol |Size of the protocol address.  For IP, the value of    |

|Address  |this field is 4.                                       |

|Size     |                                                       |

+---------+-------------------------------------------------------+

|Operation|Type of operation being performed.  The value of this  |

|         |field can be 1 (ARP request), 2 (ARP reply)            |

+---------+-------------------------------------------------------+

|Source   |The hardware MAC address of the host sending the ARP   |

|MAC      |request or reply.  This is same as the source MAC      |

|address  |address present in the Ethernet header.                |

+---------+-------------------------------------------------------+

|Source   |The IP address of the host sending the ARP request or  |

|IP       |reply.                                                 |

|address  |                                                       |

+---------+-------------------------------------------------------+

|Target   |The hardware MAC address of the host receiving the ARP |

|MAC      |request or reply.  This is same as the destination MAC |

|address  |address present in the Ethernet header.                |

+---------+-------------------------------------------------------+

|Target   |The IP address of the host receiving the ARP request   |

|IP       |or reply.                                              |

|address  |                                                       |

+---------+-------------------------------------------------------+

When is an entry removed from an ARP cache?

An entry in an ARP cache is removed after a pre-determined timeout period (e.g. 20 minutes).

What will happen if a new ARP request packet is received, but the MAC address to IP address is already present in the ARP cache?

If a ARP request packet is received and the mapping already exists in the ARP cache, it will be overwritten with the values present in the request.

When is an entry added to the ARP cache?

A new entry is added to the ARP cache when an IP address is successfully mapped to a MAC address. Usually, entries are added dynamically to the ARP cache. Static entries can also be added.

What will happen if an ARP reply is not received for an ARP request?

If an ARP reply is not received, then that IP address cannot be resolved to an Ethernet address. Without a Ethernet address, the packets cannot be transmitted.

If a host is not able to get the MAC address of a host, how it knows about its IP address?

A host will either use a static file like /etc/hosts or DNS protocol to get the IP address of another host.

To which MAC address is an ARP reply packet directed to?

ARP reply packet is directed to the host, which transmitted the ARP request packet.

Which MAC address is an ARP request directed to?

All ARP request packets are transmitted with the Ethernet broadcast address, so that all hosts in the network will receive the request.

Is there a separate packet format for ARP request and ARP reply?

No. Both the ARP request and ARP reply packets use the same format.

What happens when a host receives an ARP reply packet?

The ARP reply packet is received only by the host, which transmitted the ARP request packet. The ARP module adds the Ethernet hardware address to IP address mapping present in the ARP reply packet to the ARP cache.

What is the disadvantage if a host updates its ARP cache upon receiving any ARP

The host will exhaust the ARP cache with a lot of unused ARP entries, if it updates the ARP cache for any ARP request.

Will a host update its ARP cache upon receiving any ARP request?

A host will update its ARP cache, only if the ARP request is for its IP address. Otherwise, it will discard the ARP request.

What happens when a host receives an ARP request packet?

The ARP request is received and processed by all the hosts in the network, since it is a broadcast packet. The following steps are carried out when a ARP request packet is received by a host:

If the IP address to be resolved is for this host, then the ARP module sends an ARP reply packet with its Ethernet MAC address.

If the IP address to be resolved is for this host, then the ARP module updates its ARP cache with the source Ethernet MAC address to source IP address mapping present in the ARP request packet. If the entry is already present in the cache, it is overwritten. If it is not present, it is added.

If the IP address to be resolved is not for this host, then the ARP module discards the ARP request packet.

When is an ARP request packet generated?

The following steps results in the generation of an ARP request packet:

The IP module sends a packet, destined for another host in the network, to the ARP module.

The ARP module looks up the ARP table (cache) to resolve the IP address.

If the supplied IP address is present in the ARP cache, it is resolved into its Ethernet address.

If the ARP module is not able to find an entry for this IP address in the ARP cache, then it sends an ARP request packet to the Ethernet driver, to resolve the IP address to the Ethernet address.

After the IP address is resolved by the ARP module, the packet is sent to the Ethernet driver for transmission.

What is an ARP cache?

ARP maintains the mapping between IP address and MAC address in a table in memory called ARP cache. The entries in this table are dynamically added and removed.

How does ARP resolve an IP address to an Ethernet MAC address?

When ARP needs to resolve a given IP address to Ethernet address, it broadcasts an ARP request packet. The ARP request packet contains the source MAC address and the source IP address and the destination IP address. Each host in the local network receives this packet. The host with the specified destination IP address, sends an ARP reply packet to the originating host with its IP address.

Can ARP be used in a network other than Ethernet?

ARP is a general protocol, which can be used in any type of broadcast network. The fields in the ARP packet specifies the type of the MAC address and the type of the protocol address. ARP is used with most IEEE 802.x LAN media. In particular, it is also used with FDDI, Token Ring, and Fast Ethernet, in precisely the same way as it is with Ethernet.

Why a IP address needs to be mapped to a MAC address, why can't the MAC address itself is represented using the IP address?

The length of a MAC address is 6 bytes and the length of an IP address is 4 bytes. Obviously, the MAC address cannot be represented using the IP address. So an IP address must be mapped to the corresponding MAC address.

What is the use of ARP?

A host in an Ethernet network can communicate with another host, only if it knows the Ethernet address (MAC address) of that host. The higher level protocols like IP use a different kind of addressing scheme (like IP address) from the lower level hardware addressing scheme like MAC address. ARP is used to get the Ethernet address of a host from its IP address. ARP is extensively used by all the hosts in an Ethernet network

Which RFC specify the requirements for ARP?

RFC 826 specifies the ARP packet format and other details

To which OSI layer does ARP belong?

ARP belongs to the OSI data link layer (Layer 2). ARP protocol is implemented by the network protocol driver. ARP packets are encapsulated by Ethernet headers and transmitted.

What is ARP?

Address Resolution Protocol (ARP) is a network protocol, which maps a network layer protocol address to a data link layer hardware address. For example, ARP is used to resolve IP address to the corresponding Ethernet address.

• What is a subnet mask?

A mask used to determine what subnet an IP address belongs to. An IP address has two components, the network address and the host address. For example, consider the IP address 150.215.017.009. Assuming this is part of a Class B network, the first two numbers (150.215) represent the Class B network address, and the second two numbers (017.009) identify a particular host on this network.

what is an IP Address

An IP address (or Internet Protocol address) is a unique address that certain electronic devices use in order to identify and communicate with each other on a computer network using Internet protocol. It is a logical address assigned to a device in the network. Current version of IP address is Ipversion6. it is a 128 bit address. But it is not largely implemented. Current popular version in Ipv4. it is a 32 bit address. For example 61.11.124.160. IP addresses are managed and created by the Internet Assigned Numbers Authority (IANA). The IANA generally allocates super-blocks to Regional Internet Registries, who in turn allocate smaller blocks to Internet Service Providers (ISP) and enterprises.

Contents