The below meme about computer addresses gives a peek into what we are going to discuss today.
It’s fascinating to have multiple addresses, but why do we need them? The first two addresses in the meme above are IP addresses, and the last one is a MAC (Media Access Control) address. If we look at the OSI layers from top to bottom (Application->Physical layer), we relate to these addresses. An IP address is a Layer 3 (Network) address, while a MAC address is a Layer 2 (Data link) address.
MAC addresses are unique to each device. A MAC address is a 48-bit address, represented by six pairs of hexadecimal (e.g., AB:23:1A:2B:78:9C). A MAC address is associated with the NIC (Network Interface Controller) of a device. The first three hexadecimal pairs are unique to the manufacturer of the NIC and can be used to identify the vendor. Using the MAC address only, devices can communicate via networks. ARP (Address Resolution Protocol) is how devices are assigned unique IP addresses when they try to connect to the world. ARP maps a MAC address to a unique IP address, enabling communication via networks. An important thing to note about MAC address: all Fs (FF:FF:FF:FF:FF: FF) designates a broadcast address.
The Layer 3 address, or IP address, is what we generally see and relate to. An IPV4 address is a 32-bit address. It means we can have 2^32 (roughly 4 billion) addresses. But, it is questionable as we have people on earth than that, and, obviously, a lot more devices than that. So, how do we manage to use this address space? Truth be told, a unique IPv4 address isn’t assigned to each of our devices, and one actually pays for the IPv4 addresses that one leases from an ISP. When networks were initially designed, it was never thought that we might actually end up using all those 2^32 addresses. But the number of internet-connected devices has exploded, and virtually everything around us is connected to the internet in one way or another or is in the process of being connected considering all of the up-and-coming smart devices and IOT devices. Recognizing this problem, IPv6 was designed, which is a 128-bit address. With IPv6, there can be 2^128 unique addresses, something which we may not end up using at all. IPv6 is generally represented in hexadecimal, and in 8 groups, where each group is made of 4 hexadecimal.
IPv4 is represented as four octets together, forming a 32-bit address. Each octet is represented in decimal form (0-255), as people are more comfortable dealing with decimals rather than binaries. IPv4 was designed in the form of classes that ranged from A-E. The table below shows the classes which are used in IPv4 addressing. Classes D and E are reserved and not used in public networks.
Each class was designed with the idea of what type of organization that each class might be used for. E.g., Class A was meant for very large scale organizations (as there are a very large number of host addresses related to a network). Class B was meant for large to mid-sized organizations. Class C was meant for small organizations. These classifications were based on the number of hosts that might be mapped to an actual network. Note that the first address is reserved as a network address, while the last address is reserved as a broadcast address for each network, so the actual number of usable addresses is going to be 2 less than what is actually available in the network. This whole idea of dividing the addresses into classes was not useful because usage for some classes, like class A, was impractical. So the concept of classless addressing or CIDR evolved. In CIDR, we specify the number of bits of the address that belong to the network, and the rest are host bits. As an example, a CIDR address of 220.127.116.11/25 means that the first 25 bits are fixed and can’t be used. There will be a total of 32-25=7 bits available for hosts in the network(which means 126 hosts). CIDR is what we commonly use for addressing computer networks for practical usage. This is where subnetting comes in, and an online course is a great place to learn to subnet.
There are a few address blocks reserved out of these address spaces that are not available for public usage. The following address blocks of each class are reserved for private networks:
- Class A: 10.0.0.0 – 10.255.255.255
- Class B: 172.16.0.0 – 172.31.255.255
- Class C: 192.168.0.0 – 192.168.255.255
These IP addresses are what we commonly see when we run IPCONFIG (in Windows for checking the networking interface) or IFCONFIG (in Linux for checking the networking interface) in our home or office networks. These addresses are reserved by the Internet Engineering Task Force (IETF) for usage in private networks. When used, these private addresses NAT to a public address at our NAT interface.
There is a particular address block, 127.x.x.x (called the loopback address, the most common one being 127.0.0.1, remember our meme at the start!), that is not used publicly. These addresses are used to check the network stack of the system by interacting locally with it. When we enter the loopback address, it is like we are sending a packet to our machine itself to validate the IP stack. It is generally used to test web applications before actual deployment. We can use our machine as a server and client using this methodology for testing purposes to simulate an actual client-server interaction.
Another block of addresses, namely 169.254.0.0-169.254.255.255, is reserved for troubleshooting a link-local address. These addresses are allocated by default in case a system is unable to fetch an IP address. So, if we see a device with this IP, it means that the device has an issue with its automatic address allocation via DHCP.
These are some important things to know about computer addresses and when to use what. Understanding the basics of computer networks is a prerequisite for learning Cybersecurity. A great course to learn the fundamentals of networking is offered here on Cybrary.
Understand Computer Networks With These Courses: