JeffTP

Squandering a perfectly good opportunity to shut up and listen.

IP Addresses

Published: 2023-10-29 • Reading time: 7 min

#history #networking

If you've grown up in a world where TCP/IP is the only network protocol then your understanding of the basic network interface configuration elements: IP address, subnet mask, default gateway might be purely functional. You know you need to configure these elements, but you might not understand why.

As the older generation of technologists age out of the profession, some of the technical history gets lost in the shuffle. The reasons behind why we do things is forgotten and we just do those things the way it's always been done. Don't mistake me for a cranky old man yelling at the cloud; this convenience is wonderful as we all get to stand upon the shoulders of giants and see a more distant horizon.

Let's climb back down from the giants' shoulders and look at what an IP address is and a bit about why subnet masks are necessary.

Comparative Networking

It was common in the 1990s to have multiple network protocol stacks in use. Just like learning a second language strengthens your understanding of your native tongue, having to learn about multiple network protocols strengthens your knowledge of each of them.

Ignoring dial-up Internet and focusing on business networks, there were a couple of network protocols in common use around 1990:

  • Novell IPX/SPX over Ethernet
  • AppleTalk over PhoneNET
  • IBM SNA over Token Ring

We're going to take a closer look at network addressing in TCP/IP and compare it with Novell IPX/SPX.

IP Address Presentation

You are likely familiar with IP addresses represented as 4 numbers from 0 to 255 with dots separating the numbers, for example 192.2.0.1. I would read this IP address aloud as: one-ninety-two, dot two, dot zero, dot one. This format for representing an IP address is called dotted-quad notation.

It’s possible to represent that same IP address (192.2.0.1) in other formats such as hexadecimal 0xC0020001, or decimal 201,457,665. I’ve never seen IP addresses represented in a format other than dotted-quad notation, however your web browser will accept decimal numbers in a URL. If you attempt to visit https://16843009/ or https://0x01010101/ you will arrive at https://1.1.1.1 as the three URLs are all equivalent.

The reason these different representations are equivalent is because an IP address is just a 32-bit number. A 32-bit number can store decimal values from 0 to 4,294,967,295. If you’ve ever heard someone say there are only 4.3 billion IP addresses, that’s from where that number comes. The dotted-quad notation splits that 32-bit number into four 8-bit numbers. With 8-bits you can store decimal values from 0 to 255. We use dotted-quad notation probably because it’s much easier to remember 4 numbers from 0 to 255 than it is to remember one number from 0 to 4.3 billion.

Novell IPX Addressing

In Novell IPX, the address has three components:

  • A 32-bit network number, 8 hexadecimal digits
  • A 48-bit node number, 12 hexadecimal digits
  • A 16-bit socket number, 4 hexadecimal digits

The network number is used to route packets between networks. Each network segment needs to have a unique network number. Leading zeros in the network number can be omitted. Here's a few valid network numbers:

  • 0xDEADBEEF (a personal favorite of mine)
  • 0x31337 (short hand for 0x00031337)
  • 0x1 (short hand for 0x00000001)

The node number identifies the host on it's local area network. While in theory it is possible to change the node number, in practice the node number is always the same as the NIC MAC Address. The node number must be unique on the network segment.

Finally there is the socket number. This number identifies the destination process on the host. Some common examples of socket numbers and their processes:

  • 0x453 RIP routing
  • 0x455 Novell NetBIOS
  • 0X456 Diagnostics

A complete IPX network address might look like: DEADBEEF 005056A102B3 0455.

IP Address Components

While an IP address is just a 32-bit number, the number has two parts. The first part is the network address, the second part is the node address. As with Novell IPX, the network address identifies to which network your host is connected, while the node address identifies you within the network. Unlike Novell IPX, where the network and node addresses are a fixed length, the network and node components in an IP address have a variable length. The subnet mask is used to identify which bits in the IP address represent the network number and which bits represent the node number.

Let's examine the subnet mask of 255.255.255.0. 255.255.255.0 in binary is 11111111.11111111.11111111.00000000. Feel free to count all 24 1s, I'll wait. The 1s in the subnet mask indicate which bits are the network number. The 0s in the subnet mask indicate which bits are the node number.

Rather than specifying the subnet mask, you can also use Classless Inter-Domain Routing (CIDR) notation. With CIDR notation, you can present an IP address followed by a slash (/) and the decimal bit-length of the network number. For example, the subnet mask 255.255.255.0 becomes /24 in CIDR notation. Therefore, 192.0.2.1 with a subnet mask of 255.255.255.0 can be represented as 192.0.2.1/24.

Just what does Classless Inter-Domain Routing mean, though? Oh let me tell you about Classful Addressing! The things we used to memorize for certification exams is mind-boggling.

Classful Addressing

Originally, IP addresses used something called classful addressing. In classful addressing, the leading bits in the IP address determined which class that address belonged to.

  • Class A
    • Leading bits: 0
    • Network/Node bits: first 8/last 24
    • Address range: 0.0.0.0 - 127.255.255.255
    • Subnet mask: 255.0.0.0
    • Hosts per network: 224 = 16,777,216
    • Number of networks: 27 = 128
  • Class B
    • Leading bits: 10
    • Network/Node bits: first 16/last 16
    • Address range: 128.0.0.0 - 191.255.255.255
    • Subnet mask: 255.255.0.0
    • Hosts per network: 216 = 65,536
    • Number of networks: 214 = 16,384
  • Class C
    • Leading bits: 110
    • Network/Node bits: first 24/last 8
    • Address range: 192.0.0.0 - 223.255.255.255
    • Subnet mask: 255.255.255.0
    • Hosts per network: 28 = 256
    • Number of networks: 221 = 2,097,152
  • Class D
    • Leading bits: 1110
    • Address range: 224.0.0.0 - 239.255.255.255
  • Class E
    • Leading bits: 1111
    • Address range: 240.0.0.0 - 255.255.255.255

Class D and E addresses were reserved for multicast addresses and experimental purposes respectively.

With classful addressing, your subnet mask was determined by the first three bits of the address. You were limited to three subnet masks: 255.0.0.0, 255.255.0.0, and 255.255.255.0. The class A and B networks are too large to be practical, and the Class C networks are frequently too small. Worse, half the entire IP address space was consumed by Class A networks.

Fortunately, we moved away from classful networking in the early 1990s as network routing protocols grew to accept variable length subnet masks and classless IP networks. Some people still erringly refer to a /24 network as a class C network. As classful networking ceases to be used, that's technically incorrect, the worst kind of incorrectness. But we know what they mean, and pointing it out is best done in private so as not to needlessly embarrass anyone.

Summary

Imagine what IP could have been with a 32-bit network and 48-bit node number! I've always read that IPX wasn't able to scale to Internet scale and that led to it's downfall. Whatever scaling issues it had certainly wasn't related to how IPX handled addressing.

It's no mistake that the 128-bit IPv6 addresses are commonly split into a 64-bit network and a 64-bit node numbers. Having a network protocol that supports a variable length network and node number sounds powerful, but in practice it tends to just add unnecessarily complications as well as leave room open for configuration mistakes.

Where other computer network protocols, which have all but vanished over the years, recorded the network and node address as two distinct numbers. The Internet Protocol (IP) just crams them both together and requires another number, the subnet mask, to identify where you split the IP address into network and node addresses.