IP addresses are words everyone has heard, what they are and how they work are universally the same thing across all operating systems. But what exactly are they and why are they is really the big question. How can knowing how they work or at least how to work them help you out? Well IP addresses are the starting off point for networking, point A to point B can't be established without IP addresses in place. Before I dive into their functions and benefits, I'm going to break down some IP address math. For those out there who hate math, I'm going to try and make this as simple as possible.
Binary Math Pt.1
THERE IS MATH INVOLVED?!?! Yes there is math involved, but not just any math, oh no we have binary math, which for those who are unaware binary is a string of 1's and 0's. Instead of getting complicated we're going to use light bulbs to explain 1 being on and 0 being off. Now with IP addresses, they are comprised of a four octets, four bytes of information. Each octet is eight bits that make up a single number in an IP address. For example 192.168.1.1, which is your basic run of the mill default gateway IP address (more on this later). How can eight 1's and 0's give us a number like 192 or 168?
Each bit in (1 or 0) in the set of eight is assigned a value. From left to right they are as follows.
128, 64, 32, 16, 8, 4, 2, 1. Lets put them into light bulbs real quick to make it simpler.
There we go eight light bulbs, eight bits, one quarter of an IP address. So we know we'll have four sets of eight, separated by a tiny dot that make up the whole thing. Now using the light bulbs above you have can add all the numbers together and achieve the number 255, which means all the lights are on, OR you can have all the lights turned off and get the number 0. Meaning the combinations of potential lights on and off is 256 (0 counts as a number, don't forget that).
Using the above set of light bulbs lets recreate 192, which is the first portion of our ip address 192.168.1.1
As you can see we only need to have the first two lights turned on, 128 + 64 = 192, the remaining lights can become turned off. Which means the first octet looks like this. 11000000. If we continue along with the math we find that the entire IP address looks like this.
11000000.10101000.00000001.00000001
There we have it some pretty simple binary conversion, how to turn an IP address into binary.
Switching and Routing
This is where IP addresses really make a difference within a physical piece of hardware that functions at either a physical layer, a datalink layer, or a network layer. Lets break each level down first before really focusing on any one in particular.
Physical layer- Also known as layer one, the physical layer of a network the network interface card, a network cable, and a hub. Physical layer devices work only in binary, they don't think, they don't prepare, they just do. If Computer A is sending a data, all the physical layer devices do is send the data. Which can be a problem for devices such as hubs, which you will rarely see in any modern network. As a hub consists of multiple inbound and outbound ports it can only work in one direction at a time, and has no memory of where items are located.
As displayed in the image above the inbound traffic does not get filtered by the hub, since just like a cable its told to send data, it does it out of every port. Therefore information destined for 192.168.0.8 will be sent out of every single port, every device on that network will receive the information destined for 192.168.0.8 and if they realize that isn't them, they'll just drop the information. Problem here though is when an attacker gains access to a hub, or hacks a hub in any way, all information sent to it can be grabbed and saved for further analysis. This includes passwords, pictures, Facebook login's, everything. Not only is it a security risk, it also sacrifices speed drastically since the cable can only send information in one given direction at any time, sending all the information to everyone means no-one else can send until a protocol known as CSMA/CD resets (carrier sense multiple access with collision domains).
Physical layer is one gigantic collision domain, data will run into data non stop, causing packets to get lost, resulting in information needing to be resent. CSMA/CD uses a randomized backoff timer and will send data in random intervals if a collision is detected, this happens so quickly we could never comprehend; but due to packet loss, network speeds, and security risks we don't see many hubs ever used anymore. If you do find one, get rid of it immediately.
Datalink layer - Also known as layer two, the datalink layer is where we start getting node to node based connections. All information on the datalink layer travels over the physical layer. But instead of hub's we have switches. Physical cables and network interface cards are still in the physical layer, but at this point we are tossing out the hub, and here is why.
Where as a hub forces all traffic out every single port that's enabled, a switch will only do that scarcely, the way it functions instead would be like this. Using the image that says "ethernet switch or hub" let's assume Computer 3 wants to send a file to Computer 2. It'll send the data to the switch stating its intentions, and the switch will then forward the information out every port and wait for a response. When computer 2 reply's "I'm here on port 3" all future traffic will be forwarded only out port 3. The collision domains are now stuck on the physical layer due to the traffic mediation brought in by the ethernet switch that means only the cable. Traffic now gets monitored and maintained by the switch with a certain history limit.
The history is how long the MAC address information. Which this is a very interesting bit of information, the MAC address is the physical address of the network interface card. The IP address is irrelevant at this point, surprising isn't it?
Network layer- Also known as layer three is where networking really starts to take control and TCP/IP becomes relevant, this is where routers become involved and start to separate networks. At the networking layer this is where you gain the ability to access the internet or other networks that aren't a part of your own. At the network layer traffic goes from being framed up bits to completely managed packets The source IP address and the destination IP address travel through a labyrinth of internet tubes before it reaches its destination.
There is more information I will provide about the above layers in later parts of the "What Is A IP Address" series.
Network layer- Also known as layer three is where networking really starts to take control and TCP/IP becomes relevant, this is where routers become involved and start to separate networks. At the networking layer this is where you gain the ability to access the internet or other networks that aren't a part of your own. At the network layer traffic goes from being framed up bits to completely managed packets The source IP address and the destination IP address travel through a labyrinth of internet tubes before it reaches its destination.
There is more information I will provide about the above layers in later parts of the "What Is A IP Address" series.
Don't forget to click that +1 button, share and let me know what you think in the comment section below. And as always be safe my goblins.
0 comments:
Post a Comment