DCU's block of addresses DCU topology DCU subnets

Network tools DNS Lookup How to find your IP address

Hosts and IP addresses

Machines have numbers that describe their place within the actual network topology:

  106.132.204.106

Four 8 bit numbers.
256⁴ = 2³² = 4 billion.

Humans could never work with these. Since earliest days of networks, machines have text names, which describe their place within the logical hierarchy:

  www.mit.edu
  compsci.mit.edu
  techpapers.compsci.mit.edu

Numeric - 4 parts.
Text - Can have variable number of parts. Text syntax: "In theory, this subdivision can go down to 127 levels deep, and each label can contain up to 63 characters, as long as the whole domain name does not exceed a total length of 254 characters. But in practice some domain registries have shorter limits than that."

• ICANN manages addressing.
  It assigns chunks of the address space to regional (e.g. international) authorities, who then assign addresses in those regions.

---

Host or machine name

 
	www.computing.dcu.ie 

	(actual machine).(organisation subdomains).(international subdomains)

	fileserver.salesdivision.regionaloffice.company.co.uk

Case of machine name is irrelevant.
(Case of the machine name part of a URL is irrelevant.)
e.g. Using the ping tool at Unix command-line:

$ ping www.biscuits.com
www.biscuits.com is alive

$ ping WWW.BISCUITS.COM
WWW.BISCUITS.COM is alive

$ ping WWW.Biscuits.cOM
WWW.Biscuits.cOM is alive

$ ping www.biscuitss.com
ping: unknown host www.biscuitss.com

$ PING www.biscuits.com
PING: Command not found

The organisation can divide up its subdomains any way it likes. The organisation gets allocated a certain number of addresses, i.e. a subspace of the address space, such as:

   126.121.*.*

and can assign these any names it likes. It doesn't have to tell outside world (until an actual request is made).
See DNS Lookup.

Domain name space.

• List of Internet top-level domains

• Top-level domain
  • Generic top-level domain
  • country codes (and official list)
  • Internationalized domain names (host names in non-Latin alphabets)

• The future:
  • Proposed top-level domains
  • ICANN process to generate new top-level domains on an ongoing basis. e.g. A company will get its name as a TLD.
    • Applied-for strings

---

DCU's block of addresses

DCU has the following block of addresses:

Dublin City University (NET-DCU-NET)
   Glasnevin
   Dublin, 9
   IE

   Netname: DCU-NET
   Netblock: 136.206.0.0 - 136.206.255.255

i.e. room for 256² = 65,536 addresses.

DCU addresses run from:
136.206.0.0     to:
136.206.255.255
In binary, from:
1000 1000 1100 1110 0000 0000 0000 0000     to:
1000 1000 1100 1110 1111 1111 1111 1111
See IP decimal-binary table

First 16 bits are the DCU network number 136.206.
This is in binary:
1000 1000 1100 1110
Second 16 bits are the host number on that network.

This is a Class B network.
To be precise, the leading 10 indicates Class B, then the network number is the 14 bit:
00 1000 1100 1110
So a DCU address is:
Class B identifier, DCU network, machine number n:
10 00 1000 1100 1110 nnnn nnnn nnnn nnnn

• CCNA Tutorial
  • IP decimal-binary table

• Network classes
  • List of Class A networks allocated (and here and here)
  • List of Class B networks allocated

IP address shows network class.

Special IP addresses.
See Reserved IP addresses and Private network.

---

Map of IPv4 address space

From xkcd by Randall Munroe.

---

Complications - CIDR, NAT, IPv6

• IPv4 address exhaustion

• CIDR
  • Assigning blocks has become more complex.
  • DCU got its block under the old system (before CIDR in 1993).

• NAT
  • On-the-fly translation from "internal" address spaces inside an ISP/organisation to externally-viewable IP addresses.
  • Proxies - Check what other sites see as your IP address and it may show you using one of the DCU proxies rather than your actual IP address. Yet the data goes back to you only, and not to all other users of the proxy.
  • DCU uses real IP addresses internally, but in fact your actual IP address need not be externally visible, and hence could be anything. With NAT, networks that previously required a reserved block of addresses can be connected to the Internet with as little as a single IP address.

• IPv6
  • IPv6 has 128-bit addresses = 2¹²⁸ = 340 trillion trillion trillion.
  • Recall current IPv4 has 32-bit addresses = 2³² = 4 billion.

---

Subnets

Typically on a campus, each dept. might have its own LAN:

Above, each Ethernet is called a subnet.
Whole campus just appears as one network to outside world.
Campus main router has to route to correct Ethernet.

Subnet mask

Some bits are taken away from the host number and used as the subnet number. e.g. A 6 bit subnet number would allow for 64 Ethernets.
Main router is simple - It doesn't need to know about every host in system. It just needs to forward to the correct Ethernet.
Subnet mask is used to indicate the split in the host number bits:

Above: 6 bit subnet number. 10 bit host number on subnet.
Subnet mask: 1111 1111 1111 1111 1111 1100 0000 0000
= 255.255.252.0

• Subnet Calculator

Outside the organisation (the campus), the subnetting is not visible. So the organisation can change its subnet organisation without informing anyone.

Example

Organisation owns 130.50.*.*
6 bit subnet number (64 subnets). 10 bit host number on subnet (1024 hosts on each subnet).
(As in diagram above)

Address of Subnet 1 = 130.50.4.0 = 1000 0010 0011 0010 0000 0100 0000 0000 = (network address) (subnet 1) (0)
Subnet 1 starts at 130.50.4.1 = 1000 0010 0011 0010 0000 0100 0000 0001 = (network address) (subnet 1) (host 1)
runs up to 130.50.7.255 = 1000 0010 0011 0010 0000 0111 1111 1111 = (network address) (subnet 1) (host 1023)

Address of Subnet 2 = 130.50.8.0 = 1000 0010 0011 0010 0000 1000 0000 0000 = (network address) (subnet 2) (0)
Subnet 2 starts at 130.50.8.1 = 1000 0010 0011 0010 0000 1000 0000 0001 = (network address) (subnet 2) (host 1)
runs up to 130.50.11.255 = 1000 0010 0011 0010 0000 1011 1111 1111 = (network address) (subnet 2) (host 1023)

Address of Subnet 3 = 130.50.12.0 = 1000 0010 0011 0010 0000 1100 0000 0000 = (network address) (subnet 3) (0)
Subnet 3 starts at 130.50.12.1 = 1000 0010 0011 0010 0000 1100 0000 0001 = (network address) (subnet 3) (host 1)
runs up to 130.50.15.255 = 1000 0010 0011 0010 0000 1111 1111 1111 = (network address) (subnet 3) (host 1023)

Address of Subnet 4 = 130.50.16.0 = 1000 0010 0011 0010 0001 0000 0000 0000 = (network address) (subnet 4) (0)
Subnet 4 starts at 130.50.16.1 = 1000 0010 0011 0010 0001 0000 0000 0001 = (network address) (subnet 4) (host 1)
and so on ....

(Note on some older protocols subnet all 0's and subnet all 1's were reserved. On newer protocols they are not.)

A router on subnet k knows about hosts on local subnet k and about routers for other subnets (it does not know about hosts on other subnets).
It has a table of addresses: (network address) (subnet k) (host) telling how to get to a host on the local subnet
and: (network address) (other subnets) (0 only) telling how to get to that other subnet. No info about hosts on other subnets is held.

Example: Packet addressed to: 130.50.15.6 = 1000 0010 0011 0010 0000 1111 0000 0110 = (network address) (subnet 3) (host 774)
If this is subnet 3, the IP address will be in the routing table and the packet will be sent directly to the host.
Else we need to send to another router:
AND with subnet mask (above): 1111 1111 1111 1111 1111 1100 0000 0000
= 1000 0010 0011 0010 0000 1100 0000 0000 = (network address) (subnet 3) (host 0)
i.e. just change last 10 bits to 0
= 130.50.12.0
This is found in routing table as address for subnet 3. Packet is sent on to that subnet, for eventual forwarding to host.

In general:
(IP Address) AND (Subnet Mask) = (Subnet Address)

---

DCU topology

• DCU has simple topology:
  • CA, EE have their own networks - each has one router linked direct to ISS router
  • everyone else in DCU links direct off ISS
  • ISS has n external links, all to Heanet (see Heanet dynamic map)

---

DCU subnets

First 16 bits are the DCU network number 136.206.
The Windows command:

$ ipconfig

shows:

Subnet Mask ... 255.255.255.0

i.e. 8 bit subnet number.
i.e. 256 possible subnets here, each with maximum 256 machines:
136 . 206 . (subnet) . (host)

Check your IP address. You'll find different subnets being used from room to room in CA.
i.e. Multiple Ethernets within CA alone.

Each node is a full Internet node (IP address). Doesn't really matter which Ethernet you are on.
Though may be useful to divide organisation into fixed groups so can easily restrict access to web page based on IP address, etc.

e.g. at time of writing:

Subnet	Use	Users
10	LG01, L101, L128, L201	undergrads
11	www, mailhost Linux Solaris	all undergrads staff, postgrads
17	L114, L129, L130	undergrads
18	LG25, LG26, LG27, LG28, L125	undergrads
19	postgrad machines	postgrads
115	staff machines	staff
218	wireless LAN	all

Apart from the users, there is also one file server machine on every subnet.

• These subnets are actually Virtual LANs:
  • These subnets are actually all (except wireless) on the same hardware LAN. They are divided into separate software LANs (Virtual LANs) by router software.
  • i.e. You cannot see packets on a different Virtual LAN - but this is enforced by software, not hardware.

• ISS has wireless LAN(s) also.

---

Network tools

• Network utilities. Some may be disabled on your setup.

• How to find your IP address

• DNS Lookup

Linux / UNIX

• To see your IP address:
  1. ifconfig
  2. ip

• Other tools:
  1. dig (domain or host)
  2. host
  3. netstat
  4. nslookup (hostname)
  5. ping
  6. traceroute
  7. whois (domain)
     • whois dcu.ie reveals DCU nameservers (for external users):

       nserver:     ns1-ext.dcu.ie 136.206.1.1
       nserver:     ns2-ext.dcu.ie 136.206.1.2
       nserver:     ns1.tcd.ie 134.226.1.114
       nserver:     auth-ns1.ucd.ie 137.43.1.13
       nserver:     ns5.univie.ac.at 
       

       Note backup nameservers outside DCU.

Windows

• To see your IP address:
  1. ipconfig
     • ipconfig /all
       shows something like the following for DNS servers:
       136.206.11.247 (in CA)
       and 136.206.1.3 (in DCU)

• Other tools:
  1. netstat
  2. nslookup
     • nslookup 136.206.11.247
       shows the primary DNS server for CA is the same machine as the mailserver Mailhost.Computing.DCU.IE
       which serves POP and IMAP email clients and also provides web mail, on top of its DNS duties
     • nslookup 136.206.1.3
       shows the secondary DNS server for CA is a DCU machine ns1-int.dcu.ie
  3. pathping
  4. ping
  5. tracert

---

Traceroute

• traceroute.org is a list of traceroute online tools.

• Comms from DCU to UCD go thru HEAnet:

  $ traceroute www.ucd.ie
  traceroute to www.ucd.ie (193.1.172.140), 30 hops max, 40 byte packets
   1  router-11.computing.dcu.ie (136.206.11.254)  0.383 ms  0.247 ms  0.330 ms
   2  136.206.13.254 (136.206.13.254)  0.369 ms  0.303 ms  0.344 ms
   3  cisdcu.dcu.ie (136.206.3.1)  0.813 ms  0.670 ms  0.362 ms
   4  kuiper-gige2-1.dcu.access.hea.net (193.1.196.189)  1.356 ms  1.098 ms  1.508 ms
   5  hyperion-gige4-2.cwt.core.hea.net (193.1.194.68)  1.558 ms  1.602 ms  0.990 ms
   6  ar1-cwt-gige6-1.hea.net (193.1.195.177)  1.824 ms  1.466 ms  1.918 ms
   7  * * *
   8  nore-r2-vlan-13.ucd.ie (193.1.145.10)  2.667 ms  2.737 ms  2.647 ms
   9  clarion.ucd.ie (193.1.172.140)  2.299 ms  2.573 ms  2.339 ms
  

• traceroute from USA to DCU
  - shows all comms to DCU go thru HEAnet
  - also trans-Atlantic comms go through the massive Level 3 telecommunications company.

• Visual TraceRoute from USA, using Google Maps

---

Different forms of URL

My address is:

http://www.computing.dcu.ie/~humphrys/

or:

http://computing.dcu.ie/~humphrys/

or the old:

http://www.compapp.dcu.ie/~humphrys/

These are currently aliases for the machine:

http://elbrus.computing.dcu.ie/~humphrys/

or the old:

http://elbrus.compapp.dcu.ie/~humphrys/

What all these translate to is:

http://136.206.11.240/~humphrys/

---

URL obscuring

• URL obscuring - Spammers, frauds and phishers often do this.

Decimal IP address notation

Strangely enough, the above is also the same as:

http://2295204848/~humphrys/

This may or may not work:

• It may not work if you go through the DCU proxy.
• The Google Chrome browser may translate it to the normal IP before even making the request.

See:

• IPv4 address representations
• IP 2 DWord converter

Embed password in URL

For a page that needs a password, you can embed the password in the URL:

http://username:password@server

This is perfectly valid, but also gives us a new way of obscuring URLs.

Try these on different Linux and Windows browsers:

http://www.paypal.com@2295204848/

http://www.paypal.com:login@2295204848/

Or these:

http://www.paypal.com@136.206.11.240/

http://www.paypal.com:login@136.206.11.240/

These could all lead to a numeric URL which fakes the look of a PayPal login page.

Q. How to be safe?
A. Never click on links in unsolicited email.

---

Domain name = Host name

This is a domain:

	ibm.com

and these are hosts in the domain:

	www.ibm.com
	ftp.ibm.com
	researchlab.ibm.com
	sales.texas.mainframedivision.ibm.com

But as the Web developed, people wanted to be able to drop the "www" part, so it is common to set up this:

	http://ibm.com

as an alias for this:

	http://www.ibm.com

This alias is done at DNS level.
If no DNS alias exists, the browser may or may not do it for you.

• http://www.computing.dcu.ie works
• http://computing.dcu.ie works

• http://www.compapp.dcu.ie works (old name)
• http://compapp.dcu.ie does not work (no alias set up)

---

• DNS