Google IT Cert Week 8 – The Network Layer

Large radio telescope antenna dish in a field
Photo by Marat Gilyadzinov on Unsplash

This is week 8 of the Google Professional IT Certification course on coursera.org.

.   .   .

Continuing on in my googling adventure, as I am introduced to networking, I am now starting week 8 of the Google IT Professional Certificate Program on Coursera. This is Week 2 of Course II. Last week I started into this further exploration of the fundamentals of computer networking. This week it looks like it will be further study of networking concepts as they appear in the “network” layer of the 5-layer model we went over last week, when we went through the “physical” layer and the ‘data-link” layer. Okay, here we go.

Introduction to the Network Layer

This week’s lessons cover computer networking over longer distances, and the communication technologies that make that possible. We’re going to cover IP addressing, subnetting, the binary to create subnets, routing, and how that all works.

The Network Layer

On a LAN (local area network) nodes communicate with each other using MAC addresses. This is fine for small networks where a switch can easily learn each device’s MAC address, but the MAC system does not scale well. ARP (Address Resolution Protocol) will help explain this, later on in the course. The Network Layer contains IP (Internet Protocol) that allows computers across different networks to communicate with each other.

IP Addresses

An IP address is made of 32-bit numbers in four, 8-bit octets. Each octet is “normally described” in decimal numbers, and any octet can represent any decimal number from 0 to 255. (The largest number that can be represented by 8 bits is 255.) An example of an IP address is 123.01.123.01, or 172.16.254.1. That is what is meant by “normally described” in decimal numbers. Each of these octets (172, 16, 254, 1) represents a binary number, made up of 8 bits of data. 172=10101100; 16=00010000; 254=11111110; 1=00000001. Feel free to be utterly confused by this. I think it is finally kind of making sense, at least after re-reading it for the tenth time. (I have been reading about this every couple of months for a year or so.)

IP addresses are distributed to organizations in big chunks, unlike MAC addresses which are determined by hardware vendors. This makes an IP address more “hierarchical,” and can be easier to create and store data about. This means that, for example, IBM has every IP address that begins with 9. Therefore, any time a router gets a packet addressed to anywhere starting with 9, it need only know to send it to the finite number of routers controlled by IBM, as opposed to every other organization in the world. An important thing to remember is that “IP addresses are attached to the network, not the devices connected to that network.” Your laptop will always have the same MAC address, but its IP address will change any time it is connected to a new network. That address will usually be assigned by the device on that network that has been designated to hand out IP addresses, such as a router, through a technology called Dynamic Host Configuration Protocol, or DHCP. This is called a “dynamic IP address.” There is also something called “static” IP addressing, where the IP address is configured manually on the node.

“In most cases, static IP addresses are reserved for servers and network devices, while dynamic IP addresses are reserved for clients.”

But sometimes this isn’t true.

IP Datagrams and Encapsulation

Remember that all the packets in the Ethernet layer are called “frames?” No? Well, just pretend that this sounds familiar. Just like data packets being called frames, using the IP protocol, data packets in the network layer are called “IP datagrams.” An IP datagram is a “highly structured series of fields that are strictly defined.”

The two main sections of a datagram are the “header” and the “payload.” An IP datagram header contains a lot more information that an Ethernet frame.

The IP datagram Header Fields:

Version: The first field is 4 bits and shows what version of Internet Protocol is being used, the most common being IPv4. IPv6 is gaining popularity, but we’ll get to that later.

Header Length: also 4 bits. Shows how long the entire header is. IPv4 headers are almost always 20 bytes, which is the minimum length for an IP header.

Service Type Field: 8 bits used to transmit details about quality of service, (QoS) technologies. This is data that allows routers to prioritize some traffic, creating better quality of service.

Total Length Field: 16 bits indicates the total length of the datagram.

Identification Field: 16 bit number that is used to keep messages grouped together. Because the largest number you can represent with 16 bits is 65,535 (of what, I am not sure) that means the maximum size of a datagram is 65,535 somethings… Are they going to explain this? If the total size of the data is more than that, the Network Layer will break it up into multiple packets. When that happens, the identification field is used to indicate that any packet with that value is part of a larger group.

Flag Field: The flag field shows if a datagram can be fragmented or if it has already been fragmented. “Fragmentation” is when datagrams are broken up into several smaller datagrams. Sometimes networks have different size restrictions for datagrams, and the larger ones may need to be fragmented to be allowed onto the more restrictive network.

Fragmentation Offset Field: This field contains values used by the receiving device to take all the parts of a fragmented packet and put it together again in the correct order.

Time To Live Field (TTL): 8 bits indicating how many “hops” a packet may make before it is thrown away. Every time a packet reaches a router the router subtracts 1 from this field. When a datagram arrives at a router with a TTL = 0, the router will not forward it. This is a way of making sure the internet is not clogged with packets going nowhere because of a misconfiguration.

Protocol Field: 8 bits that indicate which transport layer protocol is being used. The most common being TCP and UDP.

Header Checksum Field: This is a checksum of the entire IP datagram header. It is very similar to the Ethernet checksum field discussed last week. Remember that because the TTL field is re-calculated after every hop, the Header Checksum Field is, as well.

Source IP Address Field: 32 bits

Destination IP Address Field: 32 bits

IP Options Field: an optional field used to set special values for datagrams, often used for testing purposes.

Padding Field: This is just a series of zeroes used to ensure that the header is the correct total size.

If you recall last week we learned that Ethernet frames have a “data payload” section. “This is exactly what the IP datagram is, and this process is known as encapsulation. The entire contents of an IP datagram are encapsulated as the payload of an Ethernet frame.” This, to me, is a little hard to understand the first few times I read it. I think what they mean is that payload of an Ethernet frame is the IP datagram, which, in turn, encapsulates other data as its payload. That’s why we keep hearing that each layer is needed for the one “above” it.

But we’re going to learn that pretty soon, I suspect.

IP Address Classes

IP addresses are divided into two parts, the Network ID and the Host ID. The Network ID is the first octet, and the Host ID are the second, third, and fourth octets.

The Address Class System is how the global IP address space is divided. There are three types of address classes: A, B, and C.

Class A addresses are those where the first octet is used as the network ID, and the last three are used as the host ID.

Class B addresses are those where the first two octets are the network ID, and the last two are the host ID.

Class C addresses are those where the first three is used as the network ID and the last octed is the host ID.

Because each class determines the number of possible host IDs, these are obviously different sized networks. A class A network has 16 million+ possible hosts,(24 bits of host ID space)s class B has 64,000, and class C has 254 (8bits).

If you want to figure out what class an IP address falls into, just look at the first bit: A = 0; B=1,0; C=110. While thinking in binary should certainly be a goal, we can fairly easily adapt this to the dotted decimal notation we are used to thinking in for IP addressing:

Class A = 0-127; Class B = 128-191; class C 192 – 223.

This doesn’t quite cover all possible IP addresses. There are two other classes, which, according to this course, are not quite as important. Class D addresses always begin with the bits 1110 and are used for “multicasting,” which is how a single IP datagram is sent to an entire network at once. The class D decimal range is 224-239. Finally, class E addresses make up the last of the range, from 240-254, and are “only used for testing purposes. Also, here in the video, the presenter says, I believe, “Class E,” but the transcript says “class C.” There is a slide showing a fifth row labeled “class e” so I think this is correct.

Apparently, this whole system has been replaced in many ways with something called “Classless Inter-Domain Routing,” or CIDR.

Address Resolution Protocol

ARP is the protocol “used to discover the hardware address of a node with a certain IP address.” When an IP datagram is created is encapsulated in an Ethernet frame. That means that the transmitting device needs a destination MAC address to incorporate in the Ethernet frame header. “Almost all” network-connected devices record an ARP table, which is just a list of IP addresses and the MAC addresses associated with them.

If one machine is trying to send data (an Ethernet frame) to 10.20.30.40, but this IP address is not in the ARP table, it broadcasts out an “ARP message” to the MAC broadcast address (FF:FF:FF:etc etc). When the device on that local network with the IP address 10.20.30.40 receives the ARP message it will return an “ARP response,” which contains the MAC address. Now the sending computer knows the destination MAC address to put in the Ethernet frame’s destination hardware address field and the frame is ready to be sent to 10.20.30,40. The sending interface will also add that IP and MAC address to the ARP table so that it won’t have to send the ARP message next time.

Now we come to this week’s forum discussion prompt. It is a little bit vague!

Your IP address is no secret.

A lot of people worry that their IP address might reveal their name, home address, age, what they look at online and more. That’s just not the case. Sure, they might find out some interesting information, but nothing revealing.

Let’s explore what you can discover by running a real IP address through an IP Lookup website like this one.

There are a handful of practical reasons people use IP Lookup, even with its limitations:

  • Law enforcement and fraud investigators use online tools to see what ISP is hosting a spammer.
  • Blacklist databases use it to find spammers or other violators and block their access to email servers.
  • Retailers often use IP Lookup to make sure someone charging thousands of dollars is at the mailing address linked to the card…and not actually overseas with a stolen credit account.
  • You can use it to verify that someone who tells you in an email that they’re across town isn’t really in an abandoned warehouse in another country.

Now here is my smart ass response:

These are all legitimate reasons that someone may have to look up an IP address. I’m not sure what this discussion prompt is really prompting me to discuss. I guess it is worth adding that governments and law enforcement CAN get you name, address, etc, by issuing subpoenas to ISPs and other companies for personal information associated with an IP address.

Let’s see if I pass the discussion this week…

iOS app error message saying "Sorry, we could not publish your question. Please try again later."
The discussion prompt error message

I would like to note that because I was visiting people without WiFi this weekend I was trying to do this week’s assignment through the app on my phone. It was acceptable until I came to this discussion prompt. Every time I tried to submit my response I got an error. (see pic)

It seems kind of sad that the coursera app, used for this class built by Google, fails on a really basic function (with no error code or information) during a course about troubleshooting. This failure caused me to drive to a global coffee place to use the free WiFi, sponsored by, that’s correct, my friends at Google. S

Then comes a short video about “Sergio,” a Google employee who explains his path to becoming a guy that works at Google. He likes problem solving.

Subnetting

Subnetting is, quite simply, taking a large network and splitting it up into many smaller subnetworks, or subnets. This is a very important part of learning IT, and problems with incorrectly configured subnets are a common occurrence.

Remember that a core router on the internet knows that, for example 9.100.100.100 is part of the class A network “9.0.0.0,” and will route traffic to the gateway router associated with that traffic by looking at the network ID, or 9, in this case. A gateway router is “the entry and exit path” to a network.

Once that packet arrives at the proper gateway router, the router is going to send it to the proper node by reading the host ID. In this case, the class A network designation means there are 16 million + possible host IP addresses, which is way too many to connect to one router. This is where subnets come in. Each subnet will also have its own gateway router serving as the ingress and egress to the subnet.

Subnet Masks

An IP address is a 32-bit number. Depending on the class, some of these bits are the network ID and some are the host ID. Subnetting allows some of the bits used for the host ID to be used for the subnet ID. These three IDs represented in the same IP address allow traffic to move across multiple networks.

Core routers only use the network ID to send traffic, the datagram, to the appropriate gateway router. That gateway router then sends it along to the next router, or, using the host ID, to the destination machine if it is on that router’s network.

A subnet ID is calculated by using what is called a subnet mask. This is another 32-bit number that is written as four octets in decimal notation.

Warning: dense material ahead.” Hey, thanks a lot, video guy! I am having a really hard time being sure that I understand what is going on here – I think I understand it but writing it back out in a way that makes sense is proving quite hard to do. So I probably don’t understand it that well.

The “easiest” way to think about subnets masks is to compare on to an IP address.subnetting graphicIf the IP address is 9.100.100.100 and the subnet mask is 255.255.255.0, we have two 32-bit numbers in 4 octets, written in decimal notation. Each decimal is representing an octet of ones and zeroes (9 in binary is 1001, for example, so the octet is “00001001”). 255.255.255.0 is a string of 24 ones follows by eight 0s, making 32 bits. The mask itself, all the ones, is just telling the router what to ignore when it is computing a host ID. The part with all the zeroes tells the router what to keep. So all those ones “below” the IP address octets are indicating that the ones and zeroes above them are the Subnet ID, and because this is a class A network, we know that the “9” is the network ID. Finally, any number in the IP binary that has a 1 “under” it in the mask binary is used to calculate the subnet ID, and the numbers that have a corresponding 0 are the host ID. Because the last octet is all zeroes, that indicates that the entire octet can be used for host IDs.

(Here is where I am confused. Or, more confused. If the 1’s in the subnet mask create the subnet ID, and the 0’s create the host ID, why is that last octet also host ID’s? I understand that the 0 in the subnet mask corresponds to 0’s in binary, so it is saying “no information,” or something like “do not mask these,” right? I would love some comments in the post here, everybody. I spent a whole day during my internship reading about this subject, and I am much closer to understanding it today than I was 6 months ago, but this is still confusing.)

SO if the subnet mask ends in “.0,” that means there are 256 possibilities for host IDs, but in reality “0” is not used as a host ID and 255 is used for broadcast traffic, meaning there are really only 1 through 254 available. This doesn’t mean that 0 and 255 are not IP addresses, so you would not say that there are only 254 available host IDs.

If you have a subnet mask that does not have a 0 for the last octet, you may need an alternate form of notation. 255.255.255.224 is the same 24 1’s but with an additional three in the last octet:

11111111.11111111.11111111.11100000

This can be easily referenced by adding “/27” to the IP address – meaning that 9.100.100.100/27 implies the subnet mask of 27 1’s followed by 5 0’s.

Yikes.

Basic Binary Math

If that wasn’t hard enough, here—do some binary calculations!

Numbers are universal. Notations are what change, and binary is just another form of numerical notation. Our commonly-used Arabic numerals, 0 – 9, can be combined to express any number. This is called a base 10 system, because there are 10 numerals.

Biniary illustrationIn decimal notation, when you “run out” of numerals, (after 9) you continue by adding another column with “more significance” than the first column. Pretty simple. Counting in binary is the same, except there are only two numerals to use, 1 and 0. This means binary is a base 2 system. This system is used in computers because the logical mechanics of a computer processor work in an “on” or “off” scheme, where 1 and 0 can easily represent those states. Counting in binary is just like counting in decimal, its just that the numbers get bigger faster.

All these 1’s and 0’s are called bits. There is a simple trick to figuring out how many decimal numbers can be represented by a certain number of bits:

An 8-bit number is just 2^8, or 256. This means that an 8 bit number can represent the decimal numbers 0—255.

A 4-bit number can be calculated by doing 2^4, or 16 total numbers.

A 16-bit number is 2^16, or 65,536 numbers.

Addition in binary is also fairly simple, as there are only four possible scenarios:

0 + 0 = 0

0 + 1 = 1

1 + 0 = 1

1 + 1 = 10

Addition is what is known as an operator. I remember operators from my brief slog through intro to JavaScript (I’m going to try again someday, I promise) but this video doesn’t really discuss the logical functions of any other operators, just that “AND” and “OR” are important operators in computer systems. Computer logic is based on the concept that a 1 = “true” and a 0 = “false.”

The OR operator means that if either digit is true then the result is true. For example

X OR Y = Z

“If either X or Y is true, then Z is true; otherwise, it is false.”

This is expressed here: 1 OR 0 = 1 and 0 OR 0 = 0

The operator AND returns true when both values are true:

1 AND 1 = 1

1 AND 0 = 0

The point of all this instruction binary math has, in fact, been to help us understand subnetting a bit better. The subnet mask is “a way for a computer to use AND operators to determine if an IP address exists on the same network.” That means that the host ID is also know, as it is whatever is left out of this Network ID calculation.

We are then shown a graphic with our trusty old IP address, 9.100.100.100 and subnet mask 255.255.255.0. By adding the operator AND between the binary representations of these numbers, we can logically calculate the network ID as 9.100.100.

Okay, that’s enough binary for 1 day. Maybe even 10 days.

CIDR

As the internet was built the introduction of network classes divided up the IP address space. Then, as it quickly became clear that there was not going to be enough network space the concept of subnetting further expanded the network space.

Class A networks have an 8 bit Network ID (9.x.x.x) Class B have a 16-bit Network ID (9.100.x.x) and Class C have a 24-bit Network ID (9.100.100.x).

In the early days many organizations needed a network with more than the 256 addresses available in a class C network, but did not need the 65,534 available in a class B network. This meant that many built several interconnected class C networks, which meant that routing tables needed a lot of entries even to handle minimal traffic.

This is where CIDR comes in: Classless Inter-Domain Routing is an even more flexible way of describing blocks of IP addresses. “It expands on the concept of subnetting by using subnet masks to demarcate networks.” In computer networking, a demarcation point describes where one network ends and another begins.

Using the traditional model we needed a network ID, subnet ID, and host ID to deliver an IP datagram. Using CIDR, the network ID and subnet ID are combined. So by using the subnet mask 255.255.255.0 we can apply CIDR notation to an IP address, say, 9.100.100.100/24 and calculate the network ID knowing that the first 24 bits of the IP address are the network ID, or 9.100.100.

A /24 network has 8 host bits, or 254 (256 minus 2) . A /23 network has 9 host bits. Or 510 (512 minus 2).

Then there’s a quiz. That was a slog, but why are the ungraded quizzes so easy? I want the ungraded material to be the hard part…

Routing

Basic Routing Concepts

The internet is a vast collection of machines, all connected in an enormous landscape of interconnected networks. None of this would be possible without proper and efficient routing. A successful IT career will depend heavily on understanding how data is routed across and between networks.

A router is just a device that forwards traffic, and has at least two network interfaces, as it must be connected to a minimum of two networks.

A router receives a packet of data on one of its interfaces, it examines the destination IP address, looks it up in its routing table, and forwards the packet out through whichever interface is “closest” to the remote network as determined by the routing table.

There follows a very long-winded explanation of packet routing through three networks. Just remember that as a packet passes through a router, the MAC address of the destination is looked up in the ARP table and when it is found to be “behind” another router the packet is sent to that router. Every hop the packet makes results in its TTL field being decremented by 1.

Routing Tables

Routing is a simple concept. Routing Tables are also pretty simple. Depending on the make and class of the router there may be different features and capabilities, but all routing tables share some characteristics.

Destination Network: A row for each network that the router knows about, containing the network ID and net mask in either in CIDR notation or in traditional IP address/subnet mask notation.

Next Hop: This is the IP address of the router that should receive data for the destination IP address.

Total Hops: (No, not a disgusting new IPA that is just a wad of hops crammed in a jar.) This is how a router keeps track of how far away a destination is. That way, over time as the router receives more updated information from other routers, it can determine the shortest path to a certain destination IP.

Interface: The router needs to know which interface to forward traffic out when sending to a certain IP address.

Interior Gateway Protocols

Routers use routing protocols to “learn” about the world around them. These protocols are used to share information between routers, so they can continually send and receive data as efficiently as possible.

Interior Gateway Protocols are of two categories: Link State Routing Protocols and distance-vector protocols.

Interior Gateway Protocols are “used by routers to share information within a single autonomous system.” An autonomous system is a collection of networks that are under the control of a single network operator.

A router using distance-vector protocol basically sends out its routing table to every other router connected to it. This is an older standard. Routers will know about adjoining routers and hops, but not that much about the entire autonomous system. This means that, for example, when Router A wants to send data to Router X, which appears in its own routing table as two hops beyond Router C. When Router A and B trade distance-vectors, however, Router A learns that Router B and Router X are connected, so Router A can send to Router B, and on to X, which saves one hop. This is helpful but the networks are slow to respond.

That’s where Link State Protocols come in. A router will advertise each of its interfaces and what those interfaces are connected to – other routers or directly to networks. All this information is propagated through the autonomous system, making it much more responsive to change. Link state protocols require a lot more computing power and memory, and as hardware has become cheaper link state protocols have mostly taken over interior gateway protocols.

Exterior Gateway Protocols

Exterior Gateway Protocols are used to share information between routers at the edges of autonomous systems. These are the protocols used when, say, the IBM networks needs to interact with the hosting platform of your half-assed blog. For example. These are important protocols!

Core internet routers’ (the ones your ISP runs) main goal is to get data to exterior gateway routers. There is a single authority that manages IP address allocation known as the Internet Assigned Numbers Authority (IANA). It is also responsible for Autonomous System Number (ASN) allocation. These are numbers, yes, assigned to autonomous systems. Not a very creative name! This is a 32-bit number just like an IP address, but is not broken down into decimal notation. The video doesn’t really explain this.

 Routing Protocol Examples               

Now we get some exciting reading about routing protocols. Oh man, these look exciting… I’m really going to try to read these…

RIP | EIGRP| OSPF| BGP

Non-Routable Address Space

With over 7 billion people on the planet, we have already exceeded the number of IP addresses available. An agreement known as RFC (Request for Comments) 1918 outlined what is known as Non-routable address space, or IP ranges that are set aside for use by anyone that  “cannot be routed to.”

Nodes on a non-routable address can communicate with each other, but gateway routers will not communicate with them. Using what is called Network Address Translation nodes on non-routable addresses can communicate with the outside internet, but we’ll cover that later, supposedly.

The primary non-routable ranges are

10.0.0.0/8

172.16.0.0/12

192.168.0.0/16

These ranges are free for anyone to use for internal networks. Interior gateway routers will work with these address ranges, but exterior routers will not.

Okay, quiz time.

RFCs and Standards

Here we have a couple readings on RFCs and the Internet Engineering Task Force, or IETF.

Alex Good Story

And another video about a guy that works at google, telling a real good story about a line-break character ruining some software when they moved from Windows to Linux.

And another quiz. Took me two tries but I weaseled my way through it. Things are getting a little more technical around here.

This week’s graded assignment is significantly more difficult than those that have come previously. This exercise involves about a dozen pairs of IP addresses, and an arrangement of 6 clouds underneath, each showing a range of addresses in CIDR notation. The student must select a pair of addresses and then correctly trace the route of a packet through these networks, landing on the appropriate cloud. Very tricky. Somehow, after only a couple screw-ups, I managed to do it correctly. It is especially hard because each time you make a mistake you have to start over from the beginning.

Well, I asked to learn subnetting!

See you in Week 9, the Transport and Application Layers.


The Hapless Rube's Apocalypse Survival Guide | Jack Barker | Paperback Edition

Step-By-Step WordPress for Beginners: How to Build a Beautiful Website on Your Own Domain from Scratch

Lenovo 320 Business Premium Laptop PC 15.6" FHD(1920x1080) Display Intel i7-7500U 2.7GHz Processor 12GB DDR4 RAM 256GB SSD

 

 

 

 

 

 

 

Advertisements

One thought on “Google IT Cert Week 8 – The Network Layer”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s