Before studying network tunneling in details, it is highly recommended to understand first how IP networks work. But what is an IP network? IP stands for "Internet Protocol", and is the network protocol at the heart of the whole internet, but also of most private networks out there. For instance at home you probably own a computer connected to the internet via an ADSL modem; if your modem is configured to be a "router" (this is probably the case if you own a recent one), then your computer communicates with the modem using the IP protocol, inside a private IP network (which only contains the modem and your computers - you may have several ones).
Each "host" of an IP network (an host could be a computer, a router, a phone, etc.) is identified by a unique "IP address", which is a 32-bit number (at least with the version 4 of the IP protocol, which is the most commonly used). It is common to represent an IP address with its decimal form, i.e. with 4 numbers separated by dots, each number having a value between 0 and 255. For instance, 192.168.1.2 or 74.125.77.104 or 255.255.255.255 are valid IP addresses, but 312.0.15.10 is not.
Though an IP address is usually written in its decimal form (to be human-readable), it is important to remember that it is just a 32-bit number; for instance the address 192.168.1.2 can actually be written "11000000 10101000 00000001 00000010" in binary. This is important to understand this representation, because an IP address is actually made of two parts: the network part and the host part. The network part corresponds to the n first bits of the address, and the remaining bits are the host part. For instance, if n=24 (24 bits, i.e. 3 bytes), the network part of the address 192.168.1.2 is "192.168.1", and the host part is ".2".
In the early days of internet, the number n had to be a multiple of 8, which corresponded to so-called "network classes"; there are 3 main classes:
But now you wonder: "Where does this value of n comes from? Why did he choose 24 in his example??" Good question ;-) Actually the choice of n is up to the network administrator, and will determine how many hosts can be connected to an IP network. For instance if n=24, there are 8 remaining bits for the host part of the IP address, which means there can be 256 hosts in the network, which will share the same network part in their IP address. For instance 192.168.1.2, 192.168.1.5, 192.168.1.115 are all hosts of a same IP network, noted "192.168.1.0/24". In this notation (called CIDR notation, for "Classless Inter Domain Routing"), the first part is the decimal representation of the n bits of the network, and the second part (after the slash) is precisely the number n. So "192.168.1.0/24" represents an IP network containing addresses within the range 192.168.1.0 -> 192.168.1.255. Another example: the network "172.16.110.0/23" contains addresses within the range 172.16.110.0 -> 172.16.111.255 (this network can have 512 hosts).
Now comes the interesting part: an IP network can be divided into smaller IP networks, usually called subnets. For instance, the networks 192.168.1.0/24 and 192.168.15.0/24 are both subnets of the bigger network 192.168.0.0/16, as their addresses are within the range of this bigger network (the range 192.168.1.0 -> 192.168.1.255 is included in the range 192.168.0.0 -> 192.168.255.255). The administrator of a given IP network can chose to divide it into several subnets the way he wants, by choosing the appropriate value of n for the subnets. For instance the network 192.168.0.0/16 could be divided into 256 subnets (192.168.0.0/24, 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24, etc.), or into 2 subnets (192.168.0.0/17 and 192.168.128.0/17), or anything else.
And the good news is, that you are the administrator of this 192.168.0.0/16 network ;-) Indeed, this range of IPs (192.168.0.0 -> 192.168.255.255) is reserved for private networks, which means everyone can use it to create its own IP network. However it is forbidden to connect such a network to the internet, as someone else in the world could use the same addresses as you, and this is not possible as IP addresses have to be unique in an IP network. Actually there is a way to connect a private network to the internet, by using a mechanism called Network Address Translation (NAT), but this will be discussed later.
There are 3 networks reserved for private usage:
The subnet 192.168.0.0/24 is commonly used by default on ADSL or WiFi routers, so there are many chances that your computer at home is already configured to use this network.
Each "host" of an IP network (an host could be a computer, a router, a phone, etc.) is identified by a unique "IP address", which is a 32-bit number (at least with the version 4 of the IP protocol, which is the most commonly used). It is common to represent an IP address with its decimal form, i.e. with 4 numbers separated by dots, each number having a value between 0 and 255. For instance, 192.168.1.2 or 74.125.77.104 or 255.255.255.255 are valid IP addresses, but 312.0.15.10 is not.
Though an IP address is usually written in its decimal form (to be human-readable), it is important to remember that it is just a 32-bit number; for instance the address 192.168.1.2 can actually be written "11000000 10101000 00000001 00000010" in binary. This is important to understand this representation, because an IP address is actually made of two parts: the network part and the host part. The network part corresponds to the n first bits of the address, and the remaining bits are the host part. For instance, if n=24 (24 bits, i.e. 3 bytes), the network part of the address 192.168.1.2 is "192.168.1", and the host part is ".2".
In the early days of internet, the number n had to be a multiple of 8, which corresponded to so-called "network classes"; there are 3 main classes:
- Class A: n=8
- Class B: n=16
- Class C: n=24
But now you wonder: "Where does this value of n comes from? Why did he choose 24 in his example??" Good question ;-) Actually the choice of n is up to the network administrator, and will determine how many hosts can be connected to an IP network. For instance if n=24, there are 8 remaining bits for the host part of the IP address, which means there can be 256 hosts in the network, which will share the same network part in their IP address. For instance 192.168.1.2, 192.168.1.5, 192.168.1.115 are all hosts of a same IP network, noted "192.168.1.0/24". In this notation (called CIDR notation, for "Classless Inter Domain Routing"), the first part is the decimal representation of the n bits of the network, and the second part (after the slash) is precisely the number n. So "192.168.1.0/24" represents an IP network containing addresses within the range 192.168.1.0 -> 192.168.1.255. Another example: the network "172.16.110.0/23" contains addresses within the range 172.16.110.0 -> 172.16.111.255 (this network can have 512 hosts).
Now comes the interesting part: an IP network can be divided into smaller IP networks, usually called subnets. For instance, the networks 192.168.1.0/24 and 192.168.15.0/24 are both subnets of the bigger network 192.168.0.0/16, as their addresses are within the range of this bigger network (the range 192.168.1.0 -> 192.168.1.255 is included in the range 192.168.0.0 -> 192.168.255.255). The administrator of a given IP network can chose to divide it into several subnets the way he wants, by choosing the appropriate value of n for the subnets. For instance the network 192.168.0.0/16 could be divided into 256 subnets (192.168.0.0/24, 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24, etc.), or into 2 subnets (192.168.0.0/17 and 192.168.128.0/17), or anything else.
And the good news is, that you are the administrator of this 192.168.0.0/16 network ;-) Indeed, this range of IPs (192.168.0.0 -> 192.168.255.255) is reserved for private networks, which means everyone can use it to create its own IP network. However it is forbidden to connect such a network to the internet, as someone else in the world could use the same addresses as you, and this is not possible as IP addresses have to be unique in an IP network. Actually there is a way to connect a private network to the internet, by using a mechanism called Network Address Translation (NAT), but this will be discussed later.
There are 3 networks reserved for private usage:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
The subnet 192.168.0.0/24 is commonly used by default on ADSL or WiFi routers, so there are many chances that your computer at home is already configured to use this network.
Aucun commentaire:
Enregistrer un commentaire