Using HOSTS

Using HOSTS

Several automatic conversion systems are available to translate an IP address into a host name, and HOSTS is one of the simplest. You create a file called HOSTS, located in a particular folder or directory based on the requirements of the operating system, and enter a line in the file for every system. Here’s an example:

198.34.56.25 myserver.com #My server’s information
198.34.57.03 yourserver.com

Now comes the nasty part. You must store this ASCII file on every single workstation on your network; when you make a change, you must change the contents of the HOSTS file on every single workstation on your network. This is a simple but painful process inside a network. But what happens if you want to go outside of this network to other networks or to the Internet? The file size would be simply enormous. Fortunately, there are better solutions, as you will see in the next two sections.

Note:

 Any information entered to the right of a pound sign in a HOSTS file is ignored, so you can use this space for comments.

Read More

Internet Domain Organization

Internet Domain Organization

On the Internet, domains are arranged in a hierarchical tree structure. The following list includes some of the top-level domains currently in use:
com: A commercial organization. Most companies will end up as part of this domain.
edu: An educational establishment, such as a university.
gov: A branch of the U.S. government.
int: An international organization, such as NATO or the United Nations.
mil: A branch of the U.S. military.
net: A network organization.
org: A nonprofit organization.

Warning:
Unfortunately, the word domain is used in several ways, depending on the context. In talking about the Internet, a domain refers to a collection of network host computers. See Chapter 4, “TCP/IP Utilities,” for a discussion of how Microsoft Windows Server products define a domain.



Your local ISP is probably a member of the .net domain, and your company is probably part of the .com domain. The .gov and .mil domains are reserved strictly for use by the government
and the military within the United States. In other parts of the world, the final part of a domain name represents the country in which the server is located (.ca for Canada, .jp for Japan, .uk
for Great Britain, and .ru for Russia, for example). Well over 130 countries are represented on the Internet. The .com domain is by far the largest, followed by the .edu domain.
If you want to contact someone within one of these domains by e-mail, you just add that person’s e-mail name to their domain name, separated by an at (@) sign. Generically, it looks like this:

name@company.com 

To increase the number of domain names available for use—after all, there is only one mcdonalds.com domain name available—several alternative top-level domains have been suggested. 
These include .firm for businesses and companies, .store for businesses selling goods rather than services, .arts for cultural and entertainment organizations, and .info for informational services. The domains .cc, .biz, .travel, and .post are also in use on the Internet.
      ICANN assigns all Internet domain names and makes sure that a name is not duplicated. Names are assigned on a first come, first served basis, but if you try to register a name that
infringes on someone else’s registered trademark, your use of that name will be rescinded if the trademark holder objects.

Read More

Name Resolution Methods

Name Resolution Methods

Internet host names are used because they are easier to remember than the long dotted decimal IP addresses. A host name is typically the name of a device that has a specific IP address and on the
Internet is part of what is known as a Fully Qualified Domain Name (FQDN). An FQDN consists of a host name and a domain name. An example of an FQDN is hostname.company.com.

      Although we have phone numbers and can remember them when we need to, life would be difficult if we had to remember the phone numbers of all our friends and associates. We might be able to remember the numbers of as many as 10 friends and relatives, but after that, things would get a bit difficult. Therefore, we remember their names and have directories of names and the phone numbers. Likewise, it’s easier to remember www.microsoft.com than it is to remember 198.105.232.6 and look up the name to associate the IP address with it.

      The process of finding the IP address for any given host name is known as name resolution, and it can be performed in several ways: a HOSTS file, a request broadcast on the local network, DNS, and WINS. But before you read about that, you need to first understand Internet domains and how they are organized.

Read More

IP Proxy Servers

IP Proxy Servers

A proxy server is one of several solutions to the problems associated with connecting your intranet or corporate network to the Internet. A proxy server is a program that handles traffic to
external host systems on behalf of the client software running on the protected network; this means that clients access the Internet through the proxy server. It’s a bit like those one-way mirrors—
you can see out, but a potential intruder cannot see in.

Note:

Another mechanism used to monitor and control traffic between the Internet and an internal network is a firewall. Although the functions performed by proxy servers and firewalls are related and appear in combination products, they’ll be presented in different chapters here. You will find more information on firewalls in Chapter 9, “Fault Tolerance and Disaster Recovery,” while additional coverage of various proxies can be found in Chapter 8, “Network Access and Security.”

A proxy server sits between a user on your network and a server out on the Internet. Instead of communicating with each other directly, each talks to the proxy (in other words, to a “standin”).
From the user’s point of view, the proxy server presents the illusion that the user is dealing with a genuine Internet server. To the real server on the Internet, the proxy server gives the illusion that the real server is dealing directly with the user on the internal network. So a proxy server can be both a client and a server; it depends on which way you are facing. The point to remember here is that the user is never in direct contact with the Internet server, as Figure 3.6 illustrates.
       The proxy server does more than just forward requests from your users to the Internet and back. Because it examines and makes decisions about the requests that it processes, it can control
what your users can do. Depending on the details of your security policy, client requests can be approved and forwarded, or they can be denied. And rather than requiring that the same restrictions be enforced for all users, many advanced proxy server packages can offer different capabilities to different users. 

FIGURE 3 . 6 How a proxy server works

Warning:

A proxy server can be effective only if it is the only type of connection between an internal network and the Internet. As soon as you allow a connection that does not go through a proxy server, your network is at risk.

Proxy Server Caching

Many proxy servers can cache documents, which is particularly useful if a number of clients request the same document independently. With caching, the client request is filled more

quickly and Internet traffic is reduced. The types of caching are as follows: 

      Active Caching The proxy server uses periods of low activity to go out and retrieve documents that it thinks will be requested by clients in the near future.

      Passive Caching The proxy server waits for a client to make a request, retrieves the document, and then decides whether or not to cache the document.

Note:

Some documents, such as those from a paid subscription service or those that are subject to constant change (for example, documents from financial institutions, documents relating to stock ticker records, and those requiring specific authentication) cannot be cached.

Large companies may have multiple proxy servers, and two caching standards have emerged:

Internet Cache Protocol (ICP) Internet Cache Protocol (ICP) specifies a message format to be used for communications between proxy servers; these messages are used to exchange information

about the presence or absence of a specific web page in the proxy server cache. Unfortunately, ICP is not scalable, and the number of ICP messages exchanged between proxy servers climbs rapidly as the number of proxy servers increases.

Cache Array Routing Protocol (CARP) Cache Array Routing Protocol (CARP) offers a solution to the ICP problem by using multiple proxy servers with a single large cache. CARP removes the need for proxy server–to–proxy server communications and also prevents the information in the cache from becoming redundant over time. CARP is referred to as queryless distributed caching and is supported in Netscape and Microsoft proxy server products.

Read More

Classless Inter-Domain Routing (CIDR)

Classless Inter-Domain Routing (CIDR)

InterNIC no longer gives out addresses under the Class A, B, or C designations. Instead, it uses a method called Classless Inter-Domain Routing (or CIDR, which is usually pronounced “cider”).
CIDR networks are described as “slash x (/x)” networks; the x represents the number of bits in the IP address range that InterNIC controls, more easily seen as the number of bits in the subnet mask
set to 1. This allows InterNIC to define networks that fall between the old classifications, which means that you can get a range of addresses much better suited to your needs than in times past. In
CIDR terms, a network classified as a Class C network under the old scheme becomes a /24 network because InterNIC controls the leftmost 24 bits and you control the rightmost 8 bits. Table 3.5 shows some examples of /x network types.

Note:

You can also combine multiple classful networks into a single network using
this same designation system. This process is known as supernetting.

TABLE 3 . 5 Table 3.5Examples of CIDR Network Types

Read More

Subnetting a Class C Network

Subnetting a Class C Network

How do you find out the values that you can use for a Class C network subnet mask? Remember from a previous discussion that InterNIC defines the leftmost three octets in a Class C address,
leaving you with the rightmost octet for your own host and subnetting use. If your network consists of a single segment, you have the following subnet mask:

11111111 11111111 11111111 00000000
When expressed as a decimal number, this is

255.255.255.0

Because all of your addresses must match these leftmost 24 bits, you can do what you’d like with the last 8 bits, given a couple of exceptions that we’ll look at in a moment.
       You might decide to divide your network into two equally sized segments, with, for example, the numbers 0 through 127 as the first subnet (00000000 through 01111111 in binary) and the
numbers 128 through 255 as the second subnet (10000000 through 11111111 in binary).
Notice how the numbers within each subnet can vary only in the last seven places. So, placing 1s in the mask where the bits should be identical for all hosts in a subnet, the subnet mask becomes

Because all of your addresses must match these leftmost 24 bits, you can do what you’d like with the last 8 bits, given a couple of exceptions that we’ll look at in a moment.
       You might decide to divide your network into two equally sized segments, with, for example, the numbers 0 through 127 as the first subnet (00000000 through 01111111 in binary) and the numbers 128 through 255 as the second subnet (10000000 through 1111111 in binary).

Notice how the numbers within each subnet can vary only in the last seven places. So, placing 1s in the mask where the bits should be identical for all hosts in a subnet, the subnet mask becomes

255.255.255.128
In binary this is

11111111.11111111.11111111.10000000

Note:

Use the Windows Calculator in scientific mode (choose View Scientific) to look at binary-to-decimal and decimal-to-binary conversions. Click the Bin (binary) button and then type the bit pattern that you want to convert. Click the Dec (decimal) button to display its decimal value. You can also go the other way and display a decimal number in binary form. This works great for hexadecimal and octal numbering systems, as well.

Now let’s get back to the exceptions mentioned earlier. The network number is the first number in each range, so the first subnet’s network number is X.Y.Z.0 and the second is X.Y.Z.128
(X, Y, and Z are the octets assigned by InterNIC). The default router address is commonly the second number in each range—X.Y.Z.1 and X.Y.Z.129—and the broadcast address is the last
address, or X.Y.Z.127 and X.Y.Z.255. You can use all the other addresses within the range as you see fit on your network.
Table 3.3 describes how you can divide a Class C network into four equally sized subnets with a subnet mask of 255.255.255.192. This gives you 62 IP addresses on each subnet once you have accounted for the network and broadcast addresses.

TABLE 3 . 3 Class C Network Divided into Four Subnets

Table 3.4 describes how you can divide a Class C network into eight equally sized subnets with a subnet mask of 255.255.255.224. This gives you 30 IP addresses on each subnet once you have accounted for the network and broadcast addresses. You can continue this trend for subnet masks with fourth-octet values of 240, 248, and 252. A fourth-octet value of 254 is widely regarded as unusable because the only possible values in each subnet have only 0s or 1s in the host portion, which are illegal for assignment to hosts.

TABLE 3 . 4 Class C Network Divided into Eight Subnets

Read More

Overview of IP Addresses

Overview of IP Addresses

TCP/IP requires that each interface on a TCP/IP network have its own unique IP address. There are two addressing schemes for TCP/IP: IPv4 and IPv6. You should know how these schemes differ.

IPv4
An IPv4 address is a 32-bit number, usually represented as a four-part decimal number with each of the four parts separated by a period or decimal point. You may also hear this method
of representation called dotted decimal or dotted quad decimal. In the IPv4 address, each individual byte, or octet as it is sometimes called, can have a value in the range of 0 through 255.

Note:

The term octet is the Internet community’s own term for an 8-bit byte. It came into common use because some of the early computers attached to the Internet had bytes of more than 8 bits; for example, DEC’s systems had blocks of 18 bits.

The way these addresses are used varies according to the class of the network, so all you can say with certainty is that the 32-bit IPv4 address is divided in some way to create an identifier for
the network, which all hosts on that network share, and an identifier for each host, which is unique among all hosts on that network. In general, though, the higher-order bits of the address make up the network part of the address and the rest constitutes the host part of the address. In addition, the host part of the address can be divided further to allow for a subnetwork address.
For more detail on this addressing scheme, see the sections “IPv4 Address Classifications” and “Understanding Subnets” later in this chapter. Some host addresses are reserved for special use. For example, in all network addresses, host numbers of all 0s and all 1s are reserved. An IPv4 host address with all host bits set to 0 in binary identifies the network itself, so 10.0.0.0 refers to network 10. An IP address with all host bits set to 1 in binary is known as a broadcast address. The broadcast address for network 172.16
is 172.16.255.255. A datagram sent to this address is automatically sent to every individual host on the 172.16 network.
American Registry for Internet Numbers (ARIN) assigns and regulates IP addresses on the Internet; you can get one directly from ARIN, or you can ask your Internet service provider (ISP)
to secure an IP address on your behalf. Another strategy is to obtain your address from ARIN and only use it internally until you are ready to connect to the Internet.


Note:

If you are setting up an intranet and you don’t want to connect to the outside world through the Internet, you don’t need to obtain a registered IP address from ARIN. Obtaining registered addresses from ARIN simply ensures that the addresses you use are unique over the entire Internet. If you are never going to connect to the Internet, there's no reason to worry about whether those addresses are the same as an address of a computer that isn't even on your network. Nowadays, however, it is rare to find an individual or organization that implements an IP-based internetwork that does not intend to connect to the Internet. More realistically, you might choose to use private address space (the 10.0.0.0 network, for example) internally while translating to a small pool of ARIN-registered addresses, using NAT, in order to communicate with the Internet, thus conserving public registered address space.

IPv4 Address Classifications
In an IPv4 address, the default number of bits used to identify the network and the host vary according to the network class of the address. While other methods, such as Classless Inter- Domain Routing, are currently more popular for specifying address space boundaries for entities of various sizes, the following classes of IP addresses originally offered a default set of

boundaries for varying sizes of address space and still provide a fallback mechanism for end and intermediate devices in the absence of ample subnetting information:

1. Class A was designed for very large networks only. The default network portion for Class A networks is the first 8 bits, leaving 24 bits for host identification. The high-order bit is always binary 0, which leaves 7 bits available for IANA to define 127 networks. The remaining 24 bits of the address allow each Class A network to hold as many as 16,777,214 hosts. Examples of Class A networks include General Electric, IBM, Hewlett-Packard, Apple, Xerox,Compaq, Columbia University, MIT, and the private network 10.0.0.0. All possible Class A networks are in use; no more are available.
2. Class B was designed for medium-sized networks. The default network portion for Class B networks is the first 16 bits, leaving 16 bits for host identification. The 2 high-order bits are always binary 10, and the remaining 14 bits are used for IANA to define 16,384 networks, each with as many as 65,534 hosts attached. Examples of Class B networks include Microsoft, Exxon, and the 16 private networks ranging from 172.16.0.0 to 172.31.0.0, inclusive. Class B networks are generally regarded as unavailable, but address conservation techniques have made some of these addresses become available from time to time over the years.
3. Class C was designed for smaller networks. The default network portion for Class C networks is the first 24 bits, leaving 8 bits for host identification. The 3 high-order bits are always binary 110, and the remaining 21 bits are used by IANA to define 2,097,152 networks, but each network can have a maximum of only 254 hosts. Examples of Class C networks are the 256 private networks ranging from 192.168.0.0 to 192.168.255.0. Class C networks are still available.
4. Class D is the multicast address range and cannot be used for networks. There is no network/ host structure to these addresses. They are taken as a complete address and used as destination addresses only, just like broadcast addresses. The 4 high-order bits are always 1110, and the remaining 28 bits allow access to more than 268 million possible addresses.
5. Class E is reserved for experimental purposes. The first 4 bits in the address are always 1111.

Note:

One trick that works well, when faced with determining the class of an IP address written entirely in binary, is to assign the letters A through D to the first 4 bits, in alphabetical order. Wherever the first 0 falls signifies the class  of address with which you are dealing. If none of the first 4 bits are set to 0, then you have a Class E address.

Figure 3.5 illustrates the relationships among these classes and shows how the bits are allocated by the Internet Network Information Center (InterNIC), an Internet Corporation for
Assigned Names and Numbers (ICANN) licensed service mark. 

 FIGURE 3 . 5 The IP address structure

Because the bits used to identify the class are combined with the bits that define the network address, we can draw the following conclusions from the size of the first octet, or byte, of the address:

• A value of 126 or less indicates a Class A address. The first octet is the network number; the next three, the host ID.
• A value of exactly 127, while technically in the Class A range, is reserved as a software loopback test address. If you send an echo request to 127.0.0.1, the ping doesn’t actually generate any network traffic. It does, however, test that TCP/IP is installed correctly. Using this number as a special test address has the unfortunate effect of wasting almost 17 million possible IP addresses, a case of early-70s short-sightedness, much like the theory that 64KB of RAM should be enough for PCs.
• A value of 128 through 191 is a Class B address. The first two octets are the network number, and the last two are the host address.
• A value of 192 through 223 is a Class C address. The first three octets are the network address, and the last octet is the host address.
• A value of 224 through 239 is a Class D multicast address. Again, there are no network or host portions to multicast addresses.
• A value greater than 239 indicates a reserved Class E address.

IPv6

IPv6 was originally designed because the number of available unregistered IPv4 addresses was running low. Because IPv6 uses a 128-bit addressing scheme, it has more than 79 octillion

(that’s 79,000,000,000,000,000,000,000,000,000 to you and me) times as many available addresses as IPv4. Also, instead of representing the binary digits as decimal digits, IPv6 uses eight sets of four hexadecimal digits, like so:

3FFE:0B00:0800:0002:0000:0000:0000:000C

In addition, you can abbreviate these very long addresses by dropping leading 0s (zeros) (like the 0 before the B in “0B00”). You can also drop any single grouping of zero octets (as in the number above) between numbers as long as you replace them with a double colon (::) and they are complete octets (you can’t drop the three 0s in the second octet to make it just “B” instead of

“0B00,” for example). If you apply this rule (known as the zero compression rule) to the above address, it would make the example address look like so:

3FFE:0B00:0800:0002::000C

Note:

The private address spaces listed with each class description are specified in RFC 1918 as being available to anyone who wants to use IP addressing on a private network but does not want to connect these networks directly to the Internet. Private addresses are those addresses that are not permitted to be routed by Internet routers. In fact, ISPs can be fined for passing traffic with these addresses as source or destination. Conversely, public addresses are those IP addresses that are allowed to be passed by Internet routers. You can use the private address space without the risk of compromising someone else’s registered network address space. If you use a private address and decide to interconnect your intranet with the Internet, you may use NAT to do so.

As with IPv4, there are several addresses that are reserved for special uses. For example, the IPv6 address ::/0 is the default address for a host that has yet to be assigned an address (like

0.0.0.0 in IPv4). The address ::1/128 is reserved for the local loopback (like 127.0.0.1 in IPv4). IPv6 also includes provisions for the old IPv4 hosts so they can be migrated to the new addressing

scheme. This is accomplished by using the address ::xxx.xxx.xxx.xxx, where the last four sets of digits refer to the old IPv4 address.

      The way a host is configured is one very unique aspect of the IPv6 addressing scheme. Instead of an IP address, subnet mask, and default gateway, each station is required to have three different

addresses. First of all, the host has an address from each upstream supplier, a local address, and a link-local address. The local address is a number like ::1/128 that defines the local host. The link-local address is the address for the local subnet.

      Finally, IPv6 has some other unique addressing concepts, like autoconfiguration (similar to DHCP, but extended further) and neighbor discovery, whereby the IPv6 host discovers its network

surroundings.

Warning:

 You can’t use the zero compression rule to drop more than one grouping of zero octets. For example, you can’t make 3FFE:0000:0000:0002:0000:0000:0000:000C 

into 

3FFE::0002::000C. 

This is also part of the zero compression rule: There can be

only one set of double colons! Otherwise, receiving devices would not be able to reverse-engineer the number of missing zeros. Therefore, since it’s up to the human entering the address, compress the longer series of zeros.

Note:

For more information on IPv6, check out RFC 2373 at www.ietf.org.

Read More