Tema 1

CONMUTACION Y RUTEO I
Tema 1. IPv4 Addressing, ICMP

& ARP
Alberto Arellano A. Ing. Msc.
aarellano@espoch.edu.ec
CCNA CCNP - CCSP
IPv4 Address
The identifier used in the IP layer of the TCP/IP protocol
suite to identify each device connected to the Internet is
called the Internet address or IP address. An IPv4 address
is a 32-bit address that uniquely and universally defines the
connection of a host or a router to the Internet; an IP
address is the address of the interface.(Berhouz Forouzan)
HOST
TCP/IP uses the term host to refer to an end system that
attaches to the Internet.
IPv4 Address
The IPv4 addresses are unique and

universal.
An IPv4 address is 32 bits long.
The address space of IPv4 is 232
(4,294,967,296)
Notation.
Binary notation
Dotted-decimal notation
Beginning with IPv4
IPv4 (Internet Protocol

version 4)
Developed in the early
1980s
RFC 760 Jan 1980
obsoleted by RFC 791
Sep 1981
Subnet Masks
11111111111111110000000000000000
An IP address is a hierarchical address that is made up of two parts:
A network portion
A host portion.
Subnet Mask
Used to define the:
Network portion
Host portion
32 bits
Contiguous set of 1s followed by a contiguous set of 0s
1s: Network portion
0s: Host portion
6
Dividing the Network and Host
Portions
11111111.11111111.00000000.00000000
Dotted decimal: 255 . 255 . 0 . 0

Slash notation: /16
Expressed as:
Dotted decimal
Ex: 255.255.0.0
Slash notation or prefix length
/16 (the number of one bits)
Example
192 168 11 10
255 255 255 0

11111111 11111111 11111111 00000000
The subnet mask identifies which part of the IP address

refers to the network.
Network Portion Host Portion
192 168 11 0
The prefix length is the number of bits set to 1 in the subnet mask.
It is written in slash notation, a / followed by the number of
bits set to 1.
For example:
IP address: 192.168.11.10 255.255.255.0
Is the same as: 192.168.11.10 /24
Valid Subnet Mask Values
128 64 32 16 8 4 2 1 Decimal Value
1 0 0 0 0 0 0 0 128
1 1 0 0 0 0 0 0 192
1 1 1 0 0 0 0 0 224
1 1 1 1 0 0 0 0 240
1 1 1 1 1 0 0 0 248
1 1 1 1 1 1 0 0 252
1 1 1 1 1 1 1 0 254
1 1 1 1 1 1 1 1 255
Subnet Masks
So how do hosts figure out which part of the address is the network portion?
Hosts AND the IPv4 address and the subnet mask.
1 bits refer to the network portion.
0 bits refer to the host portion.
Hosts actually use a the Boolean AND operation to accomplish this task.
This tells them what network they belong to.
Destination IP Address
A B
192.168.1.100 192.168.2.101
255.255.255.0 255.255.255.0
Source IPv4 Destination IPv4

192.168.1.100 192.168.2.101
How does the host know if the destination

IPv4 address is on its network or another
network?
192.168.1.10 192.168.1.11
Same network?
AND AND
My Network = 192.168.1.0 Destination Network = 192.168.1.0

Same network? YES!
192.168.1.100 192.168.2.101
Same network?
AND AND
My Network = 192.168.1.0 Destination Network = 192.168.2.0

Same network? NO!
Network Address
Network Address, is particularly important because it is
used in routing a packet to its destination network.
The network address has all 0 bits in the host portion.
Broadcast Address
A broadcast address is used to send data to all hosts in the
network.
The broadcast address has all 1 bits in the host
portion.
Host Range
Host Addresses in binary
192.168.1.0 (net) 11000000.10101000.00000001.00000000

255.255.255.0(SM) 11111111.11111111.11111111.00000000
192.168.1.1 11000000.10101000.00000001.00000001
192.168.1.254 11000000.10101000.00000001.11111110
192.168.1.255 11000000.10101000.00000001.11111111
(broadcast)
192.168.0.0 (net) 11000000.10101000.00000000.00000000

255.255.0.0 (SM) 11111111.11111111.00000000.00000000
192.168.0.1 11000000.10101000.00000000.00000001
192.168.255.254 11000000.10101000.11111111.11111110
192.168.255.255 11000000.10101000.11111111.11111111
(broadcast)
Addresses for User Devices
Hosts are assigned IP addresses from the range of available

addresses in the network.
These IP addresses can be assigned either:

Statically
Dynamically
Static Assignment
Useful for printers, servers, and other networking devices that do

not change location often and need to be accessible to clients on
the network based on a fixed IP address.
Increased control of network resources.
However, static addressing can be time-consuming to enter on
each host.
Dynamic Assignment
Instead of manually assigning IP

addresses (subnet mask, default
gateway, DNS addresses), it is
easier to have IP addresses
assigned automatically.
This is done using Dynamic Host
Configuration Protocol (DHCP).
The DHCP server requires that a
block of addresses, called an
address pool, is used for
assigning to the DHCP clients on
a network.
How Does DHCP Work?
Client Boots
DHCP Discover
Mac Address
DHCP Request
IP, MAC Address
Client DHCP
Server
DHCP Offer
IP, Lease time
DHCP Ack
IP, Lease time
Dynamic vs. Static IP
Addressing Quiz
Desktop computer Server Router Switch
Laptop IP phone Printer RADIUS server
AP PDA iTouch Fridge
Static IP Address Dynamic (DHCP) IP Address

Destination Address Type
Source IP addresses
are always unicast
Unicasts:
Packet travels from one host to another specific host.
Multicasts:
Packet travels from one host to a select number of other hosts.
Supports voice and audio broadcasts, news feeds, distribution of
software, re-imaging clients off peak times.
Broadcasts:
Packet travels from one host to all hosts on the local network.
Destination Address Type
IPv4 Packet Format
IP Header Data (Payload)
IPv4 has been in use since 1983 when it

was deployed on the Advanced Research
Projects Agency Network (ARPANET).
An IPv4 packet has two parts:
IP Header - Identifies the packet
characteristics.
Payload - Contains the Layer 4 segment
information and the actual data.
IPv4 Header Significant
Fields
Byte 1 Byte 2 Byte 3 Byte 4
IP Header Differentiated Services

Version Total Length
Length
DSCP ECN
Identification Flag Fragment Offset
Time-To-Live Protocol Header Checksum
Source IP Address
Options (optional)
Padding
Length
DSCP ECN
Source IP Address
Options (optional) Padding

Length
DSCP ECN
Source IP Address
Version (4 bits)
Indicates the version of IP currently used.
0100 = 4 and therefore IPv4
0110 = 6 and therefore IPv6
Length
DSCP ECN
Source IP Address
IP Header Length (4 bits)

Identifies the number of 32-bit words in the header.
The IHL value varies due to the Options and Padding fields.
The minimum value for this field is 5 (i.e., 532 = 160 bits =
20 bytes) and the maximum value is 15 (i.e., 1532 = 480
bits = 60 bytes).
Length
DSCP ECN
Source IP Address
Differentiated Services (8 bits)

Formerly called the Type of Service (ToS) field.
The field is used to determine the priority of each packet.
First 6 bits identify the Differentiated Services Code Point (DSCP) value for QoS.
Last 2 bits identify the explicit congestion notification (ECN) value used to prevent
dropped packets during times of network congestion.
Length
DSCP ECN
Source IP Address
Total Length (16 bits)

Sometimes referred to as the Packet Length.
Defines the entire packet (fragment) size, including header and data, in bytes.
The minimum length packet is 20 bytes (20-byte header + 0 bytes data) and the
maximum is 65,535 bytes. .
Length
DSCP ECN
Source IP Address
Options (optional)
A router may have to fragment
Padding
a packet
when forwarding it from one medium to
another medium that has a smaller MTU.
When this happens, fragmentation
occurs and the IPv4 packet uses the
following 3 fields to keep track of the
fragments
Length
DSCP ECN
Source IP Address
Identification (16 bits)

Field uniquely identifies the fragment of an
original IP packet.
Length
DSCP ECN
Source IP Address
Flag (3 bits)
This 3-bit field identifies how the packet is fragmented.
It is used with the Fragment Offset and Identification
fields to help reconstruct the fragment into the original
packet.
Length
DSCP ECN
Source IP Address
Fragment Offset (13 bits)

Field identifies the order in which to place the packet
fragment in the reconstruction of the original
unfragmented packet.
Length
DSCP ECN
Source IP Address

Time-to-Live (TTL) (8 bits)
Used to limit the lifetime of a packet.
It is specified in seconds but is commonly referred to as hop
count.
The packet sender sets the initial TTL value and is decreased
by one each time the packet is processed by a router, or hop.
If the TTL field decrements to zero, the router discards the
packet and sends an ICMP Time Exceeded message to the
source IP address.
The traceroute command uses this field to identify the routers
used between the source and destination.
Length
DSCP ECN
Source IP Address
Protocol (8 bits)
Field indicates the data payload type that the packet is
carrying, which enables the network layer to pass the data
to the appropriate upper-layer protocol.
Common values include ICMP (1), TCP (6), and UDP (17).
Others: GRE (47), ESP (50), EIGRP (88), OSPF (89)
http://www.iana.org/assignments/protocol-numbers/
Length
DSCP ECN
Source IP Address
Header Checksum (8 bits)

Field is used for error checking of the IP header.
The checksum of the header is recalculated and
compared to the value in the checksum field.
If the values do not match, the packet is discarded.
Length
DSCP ECN
Source IP Address
Source IP Address (32 bits)

Contains a 32-bit binary value that represents the
source IP address of the packet.
Length
DSCP ECN
Source IP Address
Destination IP Address (32 bits)

Contains a 32-bit binary value that represents the
destination IP address of the packet.
Classful Addressing
In classful addressing, the IP address space is divided into

five classes: A, B, C, D, and E. Each class occupies some
part of the whole address space
Historically, RFC1700 grouped the unicast ranges into specific sizes

referred to as Classful addressing for IPv4:
Class A, B, and C addresses: 0.0.0.0 - 223.255.255.255
Multicast addresses: 224.0.0.0 - 239.255.255.255
Experimental addresses: 240.0.0.0 - 255.255.255.254
IPv4 Address Classes
Class A /8
Class B /16
Class C /24
IPv4 Address Classes
Address # of Possible # of Possible Total Possible
Class Networks Hosts Addresses
Class A 126 16,777,214

2,113,928,964
Class B 16,384 65,534 1,073,709,056
Class C 2,097,152 254 532,676,608
Class A. 255.0.0.0 or /8
Was reserved for governments and extremely large organizations.
Class B. 255.255.0.0 or /8
Was reserved for medium/large organizations.
Class C. 255.255.255.0 or /24

Was for every other organization (small organizations).
How the ranges were
determined
First First Network Host
Class Bits Octet Bits Bits
A 0 0 127 8 24
B 10 128 - 191 16 16
C 110 192 - 223 24 8
D 1110 224 239
E 1111 240 - 255

Private Addresses
Most IPv4 addresses are public IP
addresses.
These are reachable IPv4
addresses on the Internet.
However, there are blocks of
addresses that are private
addresses and are never
propagated on the Internet.
Packets with a source or destination
private IP address are not
propagated by Internet routers.
Internet routers / firewalls block or
translate these addresses.
Private addresses are usually
converted to public IP addresses using
NAT (Network Address Translation)
Private Addresses
Private addresses are defined in RFC 1918.

RFC 6598, IANA reserved 100.64.0.0/10 known as shared
address space. Similar to RFC 1918, but intended only for use
in service provider networks.
Public Addresses
Public addresses are
required on the Internet and
they must be unique.
The use of public addresses
is regulated and allocated to
each organization
separately.
RIRs (Regional Internet
Registries) typically provide
public addresses to ISPs.
Companies obtain their
IPv4 address blocks from
an ISP.
Other Special Addresses
Refer to RFC 3330
Loopback address: 127.0.0.1

127.0.0.0 127.255.255.255
Hosts use to direct traffic to themselves.
Link-Local addresses: 169.254.0.0/16

169.254.0.0 169.254.255.255
Host can automatically assign itself an address if it has
none.
TEST-NET addresses:
192.0.2.0 to 192.0.2.255 (192.0.2.0 /24)
Subnetting
Problem: Organizations
have multiple networks
which are independently University Network
managed Engineering Medical
Solution 1: Allocate a School School
separate network
address for each network Library
Difficult to manage
From the outside of
the organization, each
network must be
addressable.
Solution 2: Add another
level of hierarchy to the Subnetting
IP addressing structure
Subnetting Example
Network address 172.16.0.0 with /16 network mask
Using Subnets: subnet mask 255.255.255.0 or /24
172.16.0.0/24 172.16.10.0/24
172.16.5.0/24 172.16.25.0/24
49
Basic Idea of Subnetting
Split the host number portion of an IP address into a
subnet number and a (smaller) host number.
Result is a 3-layer hierarchy
network prefix host number
network prefix subnet number host number
extended network prefix
Then:
Subnets can be freely assigned within the organization
Internally, subnets are treated as separate networks
Subnet structure is not visible outside the organization
How your provider (ISP) sees
you.
150.50.1.0 /24
150.50.2.0 /24
150.50.0.0 /16
150.50.0.0
150.50.3/16
.0 /24
150.50.4.0 /24
150.50.5.0 /24
Subnetting does not change how the outside world sees

the network but provides additional structure within the
organization.
Calculating the number
subnets/hosts
192.168.1.0
255.255.255.0
Network Host
Network 192.168.1.0/24
Need:
As many subnets as possible, 60 hosts per
subnet
subnets/hosts
Number of hosts per subnet
192.168.1. 0 0 0 0 0 0 0 0
255.255.255. 0 0 0 0 0 0 0 0
6 host bits
Network Host
Network 192.168.1.0/24
Need:
subnet
subnets/hosts
Number of subnets
192.168.1. 0 0 0 0 0 0 0 0
255.255.255. 1 1 0 0 0 0 0 0 255.255.255.192
6 host bits
Network Host
Network 192.168.1.0/24
Need:
As many subnets as possible, 60 hosts per subnet
New Subnet Mask: 255.255.255.192 (/26)
Number of Hosts per subnet: 6 bits, 64-2 hosts, 62 hosts
Number of Subnets: 2 bits or 4 subnets
subnets/hosts
Number of subnets
192.168.1. 0 0 0 0 0 0 0 0
255.255.255. 1 1 0 0 0 0 0 0 255.255.255.192
192.168.1. 0 0 0 0 0 0 0 0 192.168.1.0/26
192.168.1. 0 1 0 0 0 0 0 0 192.168.1.64/26
192.168.1. 1 0 0 0 0 0 0 0 192.168.1.128/26
192.168.1. 1 1 0 0 0 0 0 0 192.168.1.192/26
Number of Hosts per subnet: 6 bits, 64-2 hosts, 64 TOTAL
hosts, 62 usable hosts
subnets/hosts
192.168.1.0
255.255.255.0
Network Host
Network 192.168.1.0/24
Need:
subnet
subnets/hosts
192.168.1. 0 0 0 0 0 0 0 0
255.255.255. 0 0 0 0 0 0 0 0
4 host bits
Network Host
Network 192.168.1.0/24
Need:
subnet
subnets/hosts
Number of subnets
192.168.1. 0 0 0 0 0 0 0 0
255.255.255. 1 1 1 1 0 0 0 0 255.255.255.240
4 host bits
Network Host
Network 192.168.1.0/24
Need:
As many subnets as possible, 12 hosts per subnet
New Subnet Mask: 255.255.255.240 (/28)
Number of Hosts per subnet: 4 bits, 16-2 hosts, 14 hosts
subnets/hosts
192.168.1. 0 0 0 0 0 0 0 0 192.168.1.0/28
192.168.1. 0 0 0 1 0 0 0 0 192.168.1.16/28
192.168.1. 0 0 1 0 0 0 0 0 192.168.1.32/28
192.168.1. 0 0 1 1 0 0 0 0 192.168.1.48/28
New Subnet Mask:
192.168.1. 0 1 0 0 0 0 0 0 192.168.1.64/28
255.255.255.240 (/28)
192.168.1. 0 1 0 1 0 0 0 0 192.168.1.80/28 Number of Hosts per
192.168.1. 0 1 1 0 0 0 0 0 192.168.1.96/28
subnet: 4 bits, 16-2
192.168.1. 0 1 1 1 0 0 0 0 192.168.1.112/28
hosts, 16 TOTAL hosts,
14 usable hosts
192.168.1. 1 0 0 0 0 0 0 0 192.168.1.128/28
192.168.1. 1 0 0 1 0 0 0 0 192.168.1.144/28
Number of Subnets: 4
192.168.1. 1 0 1 0 0 0 0 0 192.168.1.160/28
bits or 16 subnets
192.168.1. 1 0 1 1 0 0 0 0 192.168.1.176/28
192.168.1. 1 1 0 0 0 0 0 0 192.168.1.192/28
192.168.1. 1 1 0 1 0 0 0 0 192.168.1.208/28
192.168.1. 1 1 1 0 0 0 0 0 192.168.1.224/28
192.168.1. 1 1 1 1 0 0 0 0 192.168.1.240/28
VLSM
Variable Length Subnet

Mask
This is the process of

subnetting a subnet
More than one subnet

mask can be used
VLSM
VLSM the process of
sub-netting a subnet to fit
your needs.
Example:
Subnet 10.1.0.0/16, 8
more bits are borrowed
again, to create 256
subnets with a /24 mask.
Mask allows for 254 host
addresses per subnet
Subnets range from:
10.1.0.0 / 24 to
10.1.255.0 / 24
* Same process for Subnet
10.2.0.0/16
VLSM
Subnet 10.3.0.0/16, 12 more bits
are borrowed again, to create
4,096 subnets with a /28 mask.
Mask allows for 14 host

Subnets range from: 10.3.0.0 /
28 to 10.3.255.240 / 28
Subnet 10.4.0.0/16, 4 more bits
are borrowed again, to create 16
subnets with a /20 mask.
Mask allows for 2,046 host

Subnets range from: 10.4.0.0 /
20 to 10.4.240.0 / 20
Classless Inter-Domain Routing
(CIDR)-Supernetting
Route summarization done by CIDR
Routes are summarized with masks that are less than
that of the default classful mask (supernetting)
-Example:
172.16.0.0 / 13 is the summarized
route for the 172.16.0.0 / 16 to
172.23.0.0 / 16 classful networks
Although 172.22.0.0/16 and

172.23.0.0/16 are not shown in
the graphic, these are also
included in the summary route.
Classless Inter-Domain Routing
(CIDR)-Supernetting
Steps to calculate a route

summary:
1. List networks in binary

format
2. Count number of left
most matching bits to
determine summary
routes mask
3. Copy the matching bits
and add zero bits to
determine the
summarized network
address
Example: Calculating a
summary route
Which address can be used to
summarize networks
A:
192.168.0.0/30
11000000 10101000 00000000 00000000
192.168.0.4/30
11000000 10101000 00000000 00000100
192.168.0.8/30
11000000 10101000 00000000 00001000
192.168.0.16/29
11000000 10101000 00000000 00010000
B
192.168.4.0/30
192.168.5.0/30 11000000 10101000 00000100 00000000
192.168.6.0/30 11000000 10101000 00000101 00000000
192.168.7.0/29 11000000 10101000 00000110 00000000
11000000 10101000 00000111 00000000
Answer:????
ICMP
Internet Control Message Protocol
IP is a best effort delivery system.

No mechanism to ensure that the data is delivered
So how do we know if a packet encountered a problem
along the way?
Internet Control Message Protocol (ICMP)
ICMP
RFC 792
ICMP is available for both IPv4 and IPv6.
ICMPv4 is the messaging protocol for IPv4.
ICMPv6 provides these same services for IPv6 but
includes additional functionality.
ICMP messages common to ICMPv4 and ICMPv6 include:
Host confirmation
Destination or Service Unreachable
Route redirection
Time exceeded
ICMPv6 includes additional functionality.
ICMP
ICMP is used for:

Informational messages (ping, traceroute)
Error messages (network unreachable)
ICMP is a layer 3 protocol directly encapsulated in
another layer 3 protocol IP.
No transport header
Knowledge of ICMP control messages is an essential
part of network troubleshooting.
ICMP Message Format
Type
the type of service being provided. Theres a specific type number for each
error or informational message sent.
Code
the error code provides further information on the message type. It tells what
was the possible cause to the problem.
Checksum
the 16-bit one's complement of the one's complement sum of the ICMP
message starting with the ICMP type. Used to find problems on the ICMP
message ONLY.
ICMP Messages
Type Message Type Message

3 Destination Unreachable 8 or 0 Echo request or reply
4 Source Quench 13 or 14 Timestamp
11 Time Exceeded 17 or 18 Address Mask
12 Parameter problem 10 or 9 Router Sollicitation/Adv
5 Redirection
ICMP Types&Codes
Type Code Meaning

0 0 echo reply
3 0 network unreachable
3 1 host is unreachable
3 3 port is unreachable
4 0 source quench
5 0 redirect
8 0 echo request
9/10 0 router discovery/advertisement
11 0 time exceed
12 0 parameter problem
13/14 0 time stamp request
17/18 0 network request/reply
Host Confirmation (PING)
Ping is a utility used to verify connectivity to an IP host.
It measures the round-trip time for messages sent from the
originating host to a destination computer.
Ping uses an ICMP Echo Message to determine if a host is
reachable.
A host initiates a ping (ICMP Echo Request) and the destination
replies (ICMP Echo Reply).
ICMP only reports on the status of the delivered packet to the
source device.
ICMP: Echo Request/Reply
PING sends icmp type 8 echo request to a node

and expects an icmp type 0 echo reply
8 0
Send
0 0
Reply
Destination or Service
Unreachable
When a router cannot deliver a packet, it sends an ICMP
Destination Unreachable message to the source.
Message includes a code indicating why it could not be
delivered.
Some of the Destination Unreachable codes for ICMPv4 are:
0 - net unreachable.
1 - host unreachable.
2 - protocol unreachable.
3 - port unreachable.
4.- fragmentation needed and DF set
5.- source route failed
Note: Codes 0,1,4 and 5 may be received from a gateway
codes 2 and 3 may be received from a host
Unreachable
ICMP only reports on the status of the delivered packet to the
source device.
For example:
PC1 pings PC2.
The ping crosses R1, then R2, but R3 encounters a link error.
Since the packet only contains the source and destination IP
addresses, R3 may notify PC1 of the failure (optional).
Its unaware of the exact path the packet took
No ICMP messages are sent to R1 or R2.
R1 R2 R3 PC2
PC1
Unreachable
C:\Users\eietr> ping 192.168.2.115 Codes 0 (net
Pinging 192.168.1.115 with 32 bytes of data:
unreachable) is sent
Reply from 192.168.1.116: Destination net unreachable. when a router does not
Reply from 192.168.1.116: Destination net unreachable. have the requested
Reply from 192.168.1.116: Destination net unreachable. network.
Reply from 192.168.1.116: Destination net unreachable.
Ping statistics for 192.168.1.115:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
C:\Users\eietr>
C:\Users\eietr> ping 192.168.1.115 Code 1 (host

unreachable) is sent
Pinging 192.168.1.115 with 32 bytes of data: when a router receives
Reply from 192.168.1.116: Destination host unreachable. a packet for which it
Reply from 192.168.1.116: Destination host unreachable. has an attached route
Reply from 192.168.1.116: Destination host unreachable.
but is unable to deliver
Reply from 192.168.1.116: Destination host unreachable.
the packet to the host
Ping statistics for 192.168.1.115: on the attached
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), network.
C:\Users\eietr>
Ping Tools
www.pingtest.net
Ping Tools
Ping Tools - IPERF
Route Redirection
A router may use the ICMP

Redirect Message to notify
the hosts on a network that
a better route is available
for a particular destination.
This message may only
be used when the
source host is on the
same physical network
as both gateways.
Both ICMPv4 and ICMPv6
use route redirection
messages.
Route Redirection
Host A sends a packet to Host B on
network 10.0.0.0/8, but since they are
B not on the same network, it forwards it
to the default gateway, R1.
R1 finds the correct route to network

10.0.0.0/8 is through the same interface
and forwards out of its E0 interface to
R2.
R1 also forwards an ICMP Redirect

message to Host A telling it to use R2 as
A the gateway to forward all future
requests to network 10.0.0.0/8.
Time Exceeded
The ICMP - Time exceeded message is generated when the gateway
processing the datagram finds the Time To Live field is equal to zero
and therefore must be discarded. The same gateway may also notify the
source host via the time exceeded message.
time-exceeded
message
ICMP Type=11 Code=0 or 1 Checksum
header Rest of Header=unused (all zero)
Data IP header and first 8 bytes of original datagrams data
Code=0, TTL count exceeded
Code=1, Fragment reassembly time exceeded
Time-exceeded
Router Router
X
TTL=1
Traceroute
TTL 1
TTL 1 1 =0
ICMP Time
Exceeded
TTL 2 TTL 1
TTL 2 1 =1 TTL 1 1 =0
ICMP Time
Exceeded
TTL 3 TTL 2 TTL 1
TTL 3 1 =2 TTL 2 1 =1 TTL 2 1 =0
ICMP Time
Exceeded
Traceroute
tracert www.espol.edu.ec
Address Resolution Protocol
(ARP)
The primary purpose of ARP: (RFC 826)

1. Resolving IPv4 addresses to Ethernet MAC
addresses
2. Maintaining a cache of mappings
ARP is used to map known IP addresses to

MAC addresses on the local network.
If the device is on a remote LAN segment, the
host will send an ARP request for the MAC
address of the default gateway.
Ethernet MAC Address
A media access control address (MAC address) of a computer is a
unique identifier assigned to network interfaces for communications at
the data link layer of a network segment. MAC addresses are used as
a network address for most IEEE 802 network technologies, including
Ethernet and Wi-Fi. Logically, MAC addresses are used in the
media access control protocol sublayer of the OSI reference model.
Ethernet MAC
MAC Address
Representations
MAC Address Format
OUI unique
An Intel MAC address: 00-21-CC-BA-44-C4
0000 0000 - 0010 0001 1100 1100 - 1011 1010 0100 0100 1100 0100
IEEE OUI FAQs: http://standards.ieee.org/faqs/OUI.html
Unicast MAC Address
Broadcast MAC Address
Multicast MAC Address
Multicast MAC address is a

Range of IPV4 multicast addresses
special value that begins with
is 224.0.0.0 to 239.255.255.255
01-00-5E in hexadecimal
ARP Message Format
Ethernet II header
Destination Source Type

address address 0x8060
ARP Request or ARP Reply Padding CRC
6 6 2 28 10 4
Hardware type (2 bytes) Protocol type (2 bytes)

Hardware address Protocol address
Operation code (2 bytes)
length (1 byte) length (1 byte)
Source hardware address*
Source protocol address*
Target hardware address*
Target protocol address*
* Note: The length of the address fields is determined by the corresponding address length fields
ARP Message Format
Protocol Type: This field is the complement of the Hardware Type field,
Specifying the type of layer three addresses used in the message. For IPv4
addresses, this value is 2048 (0800 hex), which corresponds to the EtherType
code for the Internet Protocol.
Hardware Address Length: Specifies how long hardware addresses are in this
message. For Ethernet or other networks using IEEE 802 MAC addresses, the
value is 6.
ARP Message Format
Protocol Address Length: Again, the complement of the preceding field;

specifies how long protocol (layer three) addresses are in this message.
For IP(v4) addresses this value is of course 4.
Understanding IP
communications
192.168.10.0/24 A MAC MAC B 192.168.10.0/24
Subnet aa.aa bb.bb Subnet
192.168.10.10 192.168.10.11
255.255.255.0 255.255.255.0
Destination Address Source Address Type IP FCS
bb.bb aa.aa DA 192.168.10.11
Devices can only communicate with other devices on the same subnet
A knows that it is on the 192.168.10.0/24 subnet (AND operation with its IP address and
subnet mask). (Same subnet = Same subnet mask)
A knows that B (192.168.1.11) is on its same subnet (AND operation with Bs IP address
and As subnet mask)
SAME Subnet
A can reach B B 192.168.10.11
A 192.168.10.10 directly without
AND 255.255.255.0 AND 255.255.255.0
going through a --------------------
-------------------- router
192.168.10.0 192.168.10.0
Understanding IP
communications
192.168.10.0/24 A MAC MAC C 192.168.20.0/24
Subnet aa.aa cc.cc Subnet
192.168.10.10 192.168.20.12
255.255.255.0 255.255.255.0

DA 192.168.20.12
A knows that it is on the 192.168.10.0/24 subnet (AND operation with its IP address and
subnet mask) (Same subnet = Same subnet mask)
A knows that C (192.168.20.12) is on a different subnet (AND operation with Bs IP
address and As subnet mask) Cant get there directly!
DIFFERENT Subnets B 192.168.20.12

A 192.168.10.10
A can NOT reach B AND 255.255.255.0
AND 255.255.255.0
directly. Must go --------------------
--------------------
through a router 192.168.20.0
192.168.10.0
Understanding IP
communications
A MAC MAC MAC MAC C

aa.aa 11.11 22.22 cc.cc
192.168.10.10 192.168.10.1 192.168.20.1 192.168.20.12
255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
11.11 aa.aa DA 192.168.20.12

cc.cc 22.22 DA 192.168.20.12
A sends packet to devices in a DIFFERENT subnet directly to a router which is on the

same subnet as A.
The router will take care of it from there.
192.168.10.10 DIFFERENT Subnets 192.168.20.11

AND 255.255.255.0 A can NOT reach B AND 255.255.255.0
-------------------- directly. Must go --------------------
192.168.10.0 through a router 192.168.20.0
How Does ARP Work?
Destination MAC:
FF-FF-FF-FF-FF-FF
Add entry to ARP

cache
Understanding IP
communications
A B
192.168.10.10 192.168.10.11
255.255.255.0 255.255.255.0
A C
192.168.10.10 192.168.20.12
255.255.255.0 255.255.255.0
A C
192.168.10.10 192.168.10.1 192.168.20.1 192.168.20.12

255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
Otherwise, they must go through a router, that is on its same subnet
Understanding IP
communications
192.168.1.12
B 0
MAC 00-0B
A C
192.168.1.11 192.168.1.5
0 0
192.168.1.1
MAC 00-0A MAC 00-0C
MAC 00-0D
R1 Internet
Ethernet Header IP Packet

Destination
Source MAC Source IP Destination IP
MAC
00-0A 192.168.1.110 192.168.1.50
???
192.168.1.120
MAC 00-0B
B
PC-As ARP Cache
IPv4 Address MAC Address
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1

Destination MAC Source MAC Source IP Destination IP
??? 00-0A 192.168.1.110 192.168.1.50
ARP Request
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1
Ethernet Header ARP Request
Destination MAC Source MAC Target IPv4 Target MAC
FF-FF 00-0A 192.168.1.50 ???
On Destination MAC Source MAC Source IP Destination IP
Hold ??? 00-0A 192.168.1.110 192.168.1.50
ARP Request
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1
FF-FF 00-0A 192.168.1.50 ???
Hold ??? 00-0A 192.168.1.110 192.168.1.50
The target IPv4 is not me.
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1
FF-FF 00-0A 192.168.1.50 ???
Hold ??? 00-0A 192.168.1.110 192.168.1.50
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
The target IPv4 is not me. Internet

R1
FF-FF 00-0A 192.168.1.50 ???
Hold ??? 00-0A 192.168.1.110 192.168.1.50
192.168.1.120
B MAC 00-0B
PC-As ARP Cache The target IPv4 is me!
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1
FF-FF 00-0A 192.168.1.50 ???
Hold ??? 00-0A 192.168.1.110 192.168.1.50
192.168.1.120
Here is my MAC
B MAC 00-0B address for the IPv4
PC-As ARP Cache address you were
IPv4 Address MAC Address looking for!
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1
Ethernet Header ARP Reply
Destination MAC Source MAC Sender IPv4 Sender MAC
00-0A 00-0C 192.168.1.50 00-0C
Hold ??? 00-0A 192.168.1.110 192.168.1.50
192.168.1.120
Here is my MAC
B MAC 00-0B address for the IPv4
PC-As ARP Cache address you were
IPv4 Address MAC Address looking for!
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1
00-0A 00-0C 192.168.1.50 00-0C
Hold ??? 00-0A 192.168.1.110 192.168.1.50
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
192.168.1.50 00-0C
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1
00-0A 00-0C 192.168.1.50 00-0C
Hold ??? 00-0A 192.168.1.110 192.168.1.50
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
192.168.1.50 00-0C
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1

??? 00-0A 192.168.1.110 192.168.1.50
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
192.168.1.50 00-0C
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
MAC 00-0D
Internet
R1

00-0C 00-0A 192.168.1.110 192.168.1.50
192.168.1.120
MAC 00-0B ARP Request
B
Remote Communication
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Default Gateway: 192.168.1.1 MAC 00-0D
Internet
R1

??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1

??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1
FF-FF 00-0A 192.168.1.1 ???
Hold ??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1
FF-FF 00-0A 192.168.1.1 ???
Hold ??? 00-0A 192.168.1.110 10.1.1.10
The target IPv4 is not me.
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1
FF-FF 00-0A 192.168.1.1 ???
Hold ??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
IPv4 Address MAC Address The target IPv4 is not me.
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1
FF-FF 00-0A 192.168.1.1 ???
Hold ??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.110 The target IPv4 is

192.168.1.50
for me! MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1
FF-FF 00-0A 192.168.1.1 ???
Hold ??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Here is my MAC address for
the IPv4 address you were
looking for! Internet
R1
00-0A 00-0D 192.168.1.1 00-0D
Hold ??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1
00-0A 00-0D 192.168.1.1 00-0D
Hold ??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
192.168.1.1 00-0D
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1
00-00A 00-0D 192.168.1.1 00-0D
Hold ??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
192.168.1.1 00-0D
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1

??? 00-0A 192.168.1.110 10.1.1.10
192.168.1.120
B MAC 00-0B
PC-As ARP Cache
192.168.1.1 00-0D
A C
192.168.1.50
192.168.1.110
MAC 00-0C
MAC 00-0A 192.168.1.1
Internet
R1

00-0D 00-0A 192.168.1.110 10.1.1.10
Remove ARP Entry
I will remove this ARP entry if 192.168.1.120
I have not used it in 2 MAC 00-0B
minutes.
192.168.1.110 192.168.1.50
MAC 00-0A MAC 00-0C
192.168.1.1
PC-As ARP Cache MAC 00-0D
192.168.1.1 00-0D
Viewing and Clearing the
ARP Table
To view the local ARP table in Windows &
Linux: arp a
To clear the local ARP table in Windows&
Linux: arp d

Tema 1

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Tema 1

Diunggah oleh

Hak Cipta:

Format Tersedia

CONMUTACION Y RUTEO I

Tema 1. IPv4 Addressing, ICMP

The IPv4 addresses are unique and

IPv4 (Internet Protocol

Dotted decimal: 255 . 255 . 0 . 0

255 255 255 0

The subnet mask identifies which part of the IP address

128 64 32 16 8 4 2 1 Decimal Value

Source IPv4 Destination IPv4

How does the host know if the destination

My Network = 192.168.1.0 Destination Network = 192.168.1.0

My Network = 192.168.1.0 Destination Network = 192.168.2.0

192.168.1.0 (net) 11000000.10101000.00000001.00000000

192.168.0.0 (net) 11000000.10101000.00000000.00000000

Hosts are assigned IP addresses from the range of available

These IP addresses can be assigned either:

Useful for printers, servers, and other networking devices that do

Instead of manually assigning IP

Laptop IP phone Printer RADIUS server

AP PDA iTouch Fridge

Static IP Address Dynamic (DHCP) IP Address

IP Header Data (Payload)

IPv4 has been in use since 1983 when it

IP Header Differentiated Services

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

IP Header Length (4 bits)

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Differentiated Services (8 bits)

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Total Length (16 bits)

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Identification (16 bits)

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Fragment Offset (13 bits)

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Identification Flag Fragment Offset

Time-To-Live Protocol Header Checksum

Options (optional) Padding

Identification Flag Fragment Offset