Learn Technology
Learn Technology
#whoami
Learning Cybersecurity from Scatch
Fundamentals Networking and Security Tools
The Bits and Bytes of Computer Networking
Intro to Computer Networking
Introduction to The Network Layer
Become A Power Operating System User
Week 1 - Playing with CLI
CompTIA Security+ Notes
CompTIA Security+ Exam
Section 1: Overview of Security
Threats, Attacks and Vulnerabilities
Tools and Techniques
PowerShell for Hackers
PowerShell for Hackers #1
PowerShell for Hackers #2
PowerShell for Hackers #3
Docker for Hackers
Learning Docker #1
Email Header Analysis
Basics #1
Exploitation Basics
Reverse Shell vs. Bind Shell
Stages Vs. Non-Staged Payloads
Tutorials
How to compare hashes in Windows Powershell
VirtualBox gets stuck with a black screen.
Intro to MySQL
Basics of Databases and Setup
User Accounts and Grant Privileges
Git and Github
Git and Github
Powered by GitBook

Introduction to The Network Layer

IP Address:

  • It is a 32 bit long numbers made up of 4 octets. And, each octet generally described using decimal numbers.

  • Each octet represents a decimal number between 0 to 255.

  • IP addresses belong to the networks, not to the devices attached to those networks.

Data packets at the Network layer is called a packet. A packet is usually referred to as an IP datagram.

  • IP datagram is a highly structured series of fields that are strictly defined.

  • An IP datagram header contains a lot more data than an Ethernet frame header does.

IP Datagram Header

  • Version is a 4 bit long field that defines which IP version is being used IPv4 or IPv6.

  • Header Length: A 4-bit field that declares how long the entire header is. This is almost always 20 bytes in length when dealing with IPv4.

  • Service Type Field: These 8 bits can be used to specify details about the quality of service, or QoS, technologies.

    • It lets routers decide which IP datagram may be more important than others.

  • Total Length indicated the total length of the IP datagram it's attached to.

  • Identification field is a 16-bit number that's used to group message together.

    • So the maximum size of a single datagram is the largest number you can represent with 16 bits (65,535).

    • If the total amount of data that needs to be sent is larger than what can fit in a single datagram, the IP layer needs to split this data up into many individual packets.

  • Flag field is used to indicate if a datagram is allowed to be fragmented (broken), or to indicate that the datagram has already been fragmented.

    • Fragmentation: The process of taking a single IP datagram and splitting it up into several smaller datagrams.

  • Time to Live (TTL) Field: An 8-bit field that indicates how many routers hops a datagram can traverse before it's thrown away.

    • This is used to avoid an endless loop.

  • Protocol Field: Another 8-bit field that contains data about what transport layer protocol is being used such as TCP and UDP.

  • Header Checksum field: A checksum of the contents of the entire IP datagram header. It works very much like the Ethernet checksum.

  • Source IP Address

  • Destination IP address

  • IP Options Field: An optional field and is used to set special characteristics for datagrams primarily used for testing purposes

  • Padding: IP options field is usually followed by a padding field. It is a series of zeros used to ensure the header is the correct total size.

Classful Addressing

IP addresses can be split into two sections: the network ID and the host ID.

The address class system is a way of defining how the global IP address space is split up.

  • Class A - The first octet for network ID, next 3 octets for the host ID

  • Class B - The first two octets for network ID, and the next octet for the host ID

  • Class C - The first three octets for network ID, and the final octet for the host ID.

Address Resolution Protocol (ARP)

  • A protocol used to discover the hardware address of a node with a certain IP address.

  • Once an IP datagram packet is fully formed, it needs to be encapsulated inside an ethernet frame. This means that the transmitting device needs a destination MAC address to complete the ethernet frame header.

  • ARP Table: A list of IP addresses and the MAC addresses associated with them

Subnetting with CIDR and VLSM

Splitting a large network into many individual and smaller subnetworks (or subnets).

Planning an IP addressing scheme:

How to plan an IP addressing scheme?

  • How many IP addresses do you need today?

  • How many IP addresses will you need in the future?

  • Are you dealing with a pre-existing IP scheme?

Some rules:

  • The Host ID cannot be all 0s or all 255s.

    • All 0s in the Host ID represents the Network ID

    • All 255s in the host ID represents the broadcast address

What is classful addressing and why it caused a lot of problems?

  • Originally IP addresses were divided into different "class" ranges:

    • ​

    Classful Addressing Scheme

    Class

    Range

    Broadcast ID

    Hosts

    ​Class A​

    1 - 126

    255.0.0.0

    16,777,214

    ​Class B​

    128 - 191

    255.255.0.0

    65,534

    ​Class C​

    192-223

    255.255.255.0

    254

    ​Class D​

    224-239

    Multicast

    ​

    ​Class E​

    240-243

    Experimental

    ​

Private vs. Public IP addressing

  • Private IP ranges which have been reserved from Public Internet use:

    • 10.0.0.0 - 10.255.255.255

    • 172.16.0.0 - 172.32.255.255

    • 192.168.0.0 - 192.168.255.255

    • 169.254.0.0 - 169.254.255.255 (non-routable and automatically self-assigned address)

Examples of subnetting with CIDR:

Example with the IP - 192.168.40.55/21
Example with the IP - 192.168.45.55/21
Example with the IP - 192.168.45.55/26

IP Subnetting Calculator:

Subnet calculator:

Imagine you have an IP address and a subnet mask, and you are tasked with finding the IP addresses for 2 subnets.

Or Imagine you are required to create 2 subnets on a given IP address, this tool can help you find the 2 subnets given an IP address and a subnet mask.

Routing

A router is a network device that forwards traffic depending on the destination address of that traffic.

A router has at least 2 network interfaces since it has to be connected to two networks to do its job.

In order to learn about the world around them, routers use routing protocols to share what information they might have.

Routing protocols are two types:

  1. Interior gateway protocols: used by routers to share information within a single autonomous system. Autonomous system is a collection of networks that fall under the control of a single network operator. The purpose of both protocols is almost the same.

    • Distance-vector protocols

      • Older and almost outdated

      • Takes its routing table and calculates the distance in terms of hops. Then, it sends every neighboring router connecting to it.

      • Routing Information Protocol (RIP), Enhanced Interior Gateway Routing Protocol (EIGRP)

      • Slow to react to change

  • Link-state routing protocols

    • Every router knows the details about every other router

    • It determines the best path using its routing table entries learned from every linked router.

    • Open Shortest Path First (OSPF)

    • Require more memory to hold data and much more processing

  1. Exterior gateway protocols: used to exchange information between independent autonomous systems. Routers used exterior gateway protocol when they need to share information across different organizations. These protocols are the key to how the Internet works today.

    • Border Gateway Protocol (BGP)

Previous
Intro to Computer Networking
Next - Become A Power Operating System User
Week 1 - Playing with CLI
Last updated 2 months ago
Contents
Classful Addressing
Subnetting with CIDR and VLSM
Routing