We can now see that IT networking is about using machines to communicate messages to each other. That connection requires a common language that network devices need to understand to send and receive messages that can be understood and actioned. Protocols enable machines worldwide to speak to each other in a shared language. In this topic, we will define and explain TCP/IP protocols.
In this topic, we will look into:
- TCP/IP protocol suite
- Internet Protocol and IP addressing
- Network address translation
- Virtual private networks (VPN)
- IPv6
Transmission Control Protocol/Internet Protocol (TCP/IP) is a collection of rules and procedures that allow computers to communicate on a network when implemented.8
TCP/IP was initially developed by the US department of defence but is now the standard used by most computer networks, including the Internet.
The protocols within TCP/IP are described in relation to layers defined below.9
Application Layer
The Application layer is the topmost layer. This is the layer where interactions with software, operating systems and files systems occur; this layer ensures effective communication with another application program on a network.10
The application layer works with such protocols as Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Post Office Protocol (POP), Simple Mail Transfer Protocol (SMTP), and Domain Name System (DNS).
- Transport Layer: provides communication dialogue between computers in the network. Two protocols were designed to work in this layer.
- Transmission Control Protocol (TCP): guarantees orderly transmission of packets at the transport layer. TCP can identify and recover from lost or out-of-order packets. Most TCP/IP application protocols use this as failing to receive a packet or processing it incorrectly can cause serious data errors.
- User Datagram Protocol (UDP): provides unreliable, non-guaranteed transfer of packets. UDP is an alternative way of implementing the transport layer to TCP. UDP is faster and has less transmission overhead because it does not need to send extra information to establish reliable connections.
It is used in time-sensitive applications, such as speech or video, where a few missing or out-of-order packets can be tolerated. Rather than causing the application to crash, they would just manifest as a glitch in video or a squeak in audio. 11
Internet Layer
The Network Layer is also known as the Internet layer and is responsible for the host to host communication. It provides packets of data with addressing and routing instructions. IP and VPN are examples of protocols that operate on the Internet layer.
Network Interface Layer
The Network Interface layer is also known as the Link layer and is the bottom-most layer referring to the physical hardware used to connect. Network Interface Cards (NICs), ethernet cables and wifi are examples.
For communication on a network using TCP/IP to work, each device must be uniquely addressable. Each Network Interface Card (NIC) has a unique hardware address known as a Media Access Control (MAC) address, most commonly represented as a colon-separated hexadecimal number 2C:54:91:88:C9:E3. A MAC address is a component of the Link layer of the TCP/IP protocol suite.
An IP address is used at the Internet layer to identify computers and devices on a network uniquely and is usually represented as a string of four dot-separated numbers, each between 0 and 255, and looks like 192.168.1.45 Each number in the string represents an 8-bit binary number known as an octet meaning an IP address is 32 bits long. The address 192.168.2.45 would look like this in binary notation: 11000000.10101000.00000010.00101101.
The Address Resolution Protocol (ARP) will find the MAC address associated with each IP address when IP addresses are used.
Each IP address consists of two parts:
- The Network ID – All devices on the same network will have a common Network ID.
- The Host ID – This number is unique for each device within the network.
Subnet masks
A subnet mask is used to distinguish between the network ID and host ID within the address.
Most SOHO networks are class C networks (classes are discussed in more detail below) and use the default subnet mask 255.255.255.0 — when shown in binary looks like this 11111111.11111111.11111111.00000000.12
The bits with a value of 1mask the Network ID, and the bits with a zero value are available for the Host ID.
11000000.10101000.00000010.00101101 IP Address 192.168.2.45 11111111.11111111.11111111.00000000 Subnet Mask 255.255.255.0
In our example above 192.168.2 is the Network ID, and 45 is the Host ID.
Because each octet is made of 8 bits, the devices that can connect to this network will need a Host ID between 1-254. The Host ID 0 refers to a network without specifying a host, and 255 is used to broadcast a message to every host on a network. In binary notation, Host IDs that consist of all 1s or all 0s represent broadcast and network addresses respectively and cannot be assigned to a computer host.
Each host must be configured with an IP address and subnet mask at a minimum to communicate on a network; however, this minimum configuration will only provide local network communication. Several other parameters must be configured for a host to have remote network communication.
Routing decision
A host can communicate directly on the local network segment with any other host with the same network ID. Communications with a host with a different network ID must be sent via a router.
When two hosts attempt to communicate via IPv4, the protocol compares each packet's source and destination address against a subnet mask. If the masked portions of the source and destination IP addresses match, then the destination interface is assumed to be on the same IP network. For example:
172.30.15.12 10101100 00011110 00001111 00001100 255.255.0.0 11111111 11111111 00000000 00000000 172.30.16.101 10101100 00011110 00010000 01100101
In the example, IP concludes the destination IPv4 address is on the same IP network and would try to deliver the packet locally. If the masked portion does not match, IP assumes the packet must be routed to another IP network. For example:
172.30.15.12 10101100 00011110 00001111 00001100 255.255.0.0 11111111 11111111 00000000 00000000 172.31.16.101 10101100 00011111 00010000 01100101
In this case, IP concludes the destination IPv4 address is on a different IP network and would forward the packet to a router rather than trying to deliver it locally.13
Network classes
The most common network classes are A, B, and C. Each of the address classes has a different default subnet mask. You can identify the class of an IP address by looking at its first octet. Following are the ranges of Class A, B, and C Internet addresses, each with an example address14:
- Class A networks use a default subnet mask of 255.0.0.0 and have 0-127 as their first octet. The address 10.52.36.11 is a class A address. Its first octet is 10, between 1 and 126, inclusive.
- Class B networks use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. The address 172.16.52.63 is a class B address. Its first octet is 172, between 128 and 191, inclusive.
- Class C networks use a default subnet mask of 255.255.255.0 and have 192-223 as their first octet. The address 192.168.123.132 is a class C address. Its first octet is 192, which is between 192 and 223, inclusive.15
In some scenarios, the default subnet mask values do not fit the organisation's needs for one of the following reasons:
- The physical topology of the network
- The numbers of networks (or hosts) don't fit within the default subnet mask restrictions.16
Static and dynamic IP addresses
Assigning IP addresses to hosts can be done manually, creating a static IP address, and for a network with only a few devices, it can be relatively quick and simple. However, as you can imagine, assigning and keeping track of each IP address on Larger networks could be time-consuming and prone to errors, so assigning static IP addresses to systems with dedicated functionality is more common. This may include router interfaces, network-attached printers, or servers that host applications on a network.
DHCP
A Dynamic Host Configuration Protocol (DHCP) server automatically assigns an IP address, subnet mask, and other TCP/IP settings (Default Gateway and DNS, for example) to a host when connected to a network.
It is common for in-home or SOHO networks to function as the DCHP server for the router.
DHCP reservations
It is often useful for a host to use the same IP address. Servers, routers, printers, and other network infrastructure can be easier to manage if their IP addresses are known. One option is to use static addressing for these appliances, but this is difficult to implement. Another option is to configure the DHCP server to reserve a particular IP address for that device. The DHCP server is configured with a list of the MAC addresses of hosts that should receive the same IP address. When a host contacts it with one of the listed MAC addresses, it issues a lease for the reserved IP address.17
Default Gateway
The default gateway is the IP address of a router. When a host requests data unavailable on the local network, it is passed to the default gateway enabling connection and communication between networks. A connection to the Internet from a local network is made through a default gateway.
Without setting a default gateway, connection to local hosts is still possible; however, communication outside the network is not possible.
A browser can connect to the router through the default gateway address to configure any network settings, like wifi and DHCP on a SOHO network.
Client-Side DNS
Domain Name System (DNS) servers resolve Fully Qualify Domain Names (FQDN) to IP addresses. It is common for the DNS and Default Gateway to be the same address on smaller networks. On larger networks, DNS servers can be managed locally.
Often two DNS server addresses (preferred and alternate) are specified for redundancy.
Public and private IP addresses
A host must obtain a unique public IP address to communicate on the Internet. Typically this is allocated by an Internet Service Provider. However, few companies can obtain sufficient public IP addresses for all their computers to communicate over the Internet. There are various mechanisms to work around this issue.
Private addressing
The IP address scheme defines certain ranges as private addresses. These ranges are defined by RFC 1918 and are sometimes referred to as RFC 1918 addresses. ISPs will filter all packets with private IP addresses in and out of the Internet. Use of the addresses is confined to private LANs. There are three classes of private IP address ranges:
10.0.0.0 to 10.255.255.255 (Class A private address range).
172.16.0.0 to 172.31.255.255 (Class B private address range).
192.168.0.0 to 192.168.255.255 (Class C private address range).
Internet access can be facilitated for hosts using the private addressing scheme in two ways:
- through a router configured with a single or block of valid public addresses, the router translates between the private and public addresses using Network Address Translation (NAT)
- through a proxy server that fulfils requests for Internet resources on behalf of clients.
CGNAT
Carrier-Grade Network Address Translation or CGNAT is a new way of giving out private IP addresses that 2degrees and other ISPs have started to manage the global shortage of public IP addresses. 2degrees will move all broadband connections that currently use a dynamic IP to CGNAT. However, those that use a static IP will be unaffected by this change. Unfortunately, some services will be impacted—those designed to reach you via your device's public IP address to communicate with your modem won't work. Think about what services that might mean to you.18
Check out this video for more information.
Did you think of any services that you might use that would be affected by this change? Here is a list of some:
- Multiplayer video games where you’re hosting a session/server
- Website hosting
- Services or devices that rely on port forwarding
- Torrents will only be able to establish outbound connections
- Internet-enabled devices that are reached by IP address (e.g. IP cameras/security cameras)
- Remote access to home network storage, backups and remote desktop service
- Services that rely on Dynamic DNS (DDNS)
- VPN servers19
Most hosts on private networks are not configured with IP addresses that can communicate directly to the Internet. Instead, when clients on the local network connect to the internet, the router translates the client's private IP address into a valid public address using NAT.
The group of public IP addresses in the NAT address pool supports multiple simultaneous connections but is still limited by the number of available public IP addresses. Smaller companies may only be allocated a single or small block of addresses by their ISP. In this case, a means for multiple private IP addresses to be mapped onto a single public address would be useful, and this is exactly what is provided by Network Address Port Translation (NAPT), which is also referred to as Port Address Translation (PAT) or as NAT overloading.20
You can see the public IP address provided by your ISP by searching “what's my ip” on google.
A Virtual Private Network (VPN) provides a 'tunnel' for communication between the components and resources of two (private) networks over another (public) network. The Internet provides a cost-effective way of connecting both users to networks and networks to networks. Rather than using a dedicated connection such as a leased line, which is private but expensive, the user connects to the network privately and securely via VPN, which offers a cheaper connection than a dedicated line.
A VPN uses special connection protocols and encryption technology to ensure that the tunnel is secure and the user is properly authenticated. Once the connection has been established, the remote computer becomes part of the local network (though it is still restricted by the bandwidth available over the WAN link).
VPN servers have gained in popularity recently as concerns about privacy and anonymity have increased. Using an encrypted VPN can secure data from unauthorized access.
VPNs are also used to make a computer appear to be located in a different country, bypassing geo-blocked content from providers like Netflix and Amazon Prime.
Companies like Surfshark, NordVPN, and ExpressVPN offer VPN subscription services that provide additional privacy and security at home or on public Wi-Fi.
The previous information is in relation to IPv4, which is still the most common type of IP address used in networking. Unfortunately, the number of IPv4 addresses is nearing exhaustion, meaning the number of unassigned Public IP addresses is decreasing rapidly. IPv4 was only designed to support up to 4 billion addressable devices.
IPv6 address this issue by implementing a 128-bit address, massively increasing the available address pool. IPv6 allows 3.4x1038 unique IP addresses. This is equivalent to 340 undecillion IP addresses.
IPv6 address notation
To express a 128-bit IPv6 address in hexadecimal notation, the binary address is divided into eight double-byte (16-bit) values delimited by colons. For example:
2001:0db8:0000:0000:0abc:0000:def0:1234
However, this can be quite cumbersome, so they can be ignored when a double-byte contains leading zeros. In addition, one contiguous series of zeroes can be replaced by a double colon place marker. The address above would become:
2001:0db8 : : abc: 0 :def0:1234
Each IPv6 is divided into two 64-bit parts. The first part is the Network ID equivalent to the Network ID used in IPv4. The second part is the Interface ID which is equivalent to the HOST ID used in IPv4.
Using the tools we have presented, find and document the IP addresses of several devices in and out of your home network.
- List all connected devices in your home, including any IoT devices.
- Find the IP for all of them and separate them into their two parts, indicating which part of the address is unique to the device.
- Using at least two devices, such as a smartphone or two (do this with a friend), a tablet, and a notebook, document the IP from a shared space, such as a library or café. Again, separate them into their two parts and identify their differences.
- Share all of your findings on the forum.