Saturday, April 26, 2008

10 things to consider when choosing a Linux distribution

  • Date: April 9th, 2008
  • Author: Jack Wallen

I can’t begin to tell you how many people over the years I have consulted with about choosing a Linux distribution. And even with my own personal loyalties to one distribution or another, it always amazes me how certain distributions are better suited to various users and needs. So when I set out to write a 10 Things article, it only made sense that my first one be related to choosing a Linux distribution.

Of course, times and opinions change. For nearly 10 years I road the Red Hat/Fedora wagon. And then, after considerable thought, I jumped over to Ubuntu. Why? Because it fit my evolving needs. Many will argue that one Linux distribution is just like another — and I agree, on fundamentals. But when it comes down to everyday use, each distribution is different from the next. So why would you want to use Debian vs. Fedora or Ubuntu vs. Mandriva? Let’s dive into this and find out.

Note: This information is also available as a PDF download.

#1: 100 % open or not?

Many people don’t seem to know this question even exists. Average users may think that all Linux distributions are created equal, since they are released under the GPL. They are not. Some distributions are being released with proprietary drivers. In some instances, these are necessary. For example, for many laptops, getting wireless to work often requires the use of a proprietary driver. Because of this, some Linux distributions are opting to make the inclusion of proprietary drivers the user’s choice. And many of these distributions are even offering downloads of free and non-free (with regards to licenses, not cost) drivers.

If you champion 100% free software, you’ll want to look at the following:

Those are the only distributions that don’t offer any releases with non-free software. You can also get versions of distributions like Mandriva Free, which are bereft of non-free applications. This choice will be dictated by two things: the “politics” of Linux and the need for proprietary drivers.

#2: Package management

This is one of those areas where people begin to leap up on their soapboxes. RPM vs. Apt vs. dpkg vs. urpmi. Some would say that they are all fundamentally the same: Each has a command-line tool as well as a GUI front end, and each has a configurable repository system that can be edited by hand (via text editor) or through the GUI front end. I will argue (not that I have become a Ubuntu convert) that the Apt system is much better as a package management system. I say this because RPM has a tendency to be unable to resolve dependencies, as well as to muck up a system over time. But for the average user, the biggest (and probably most crucial) difference lies in the GUI front ends. Between managers like Synaptic and GnoRPM, there is no comparison. Even after nearly 10 years of working with Linux, I have never found a stable front end for RPM. Apt front ends, on the other hand, have enjoyed stability for a long time.

So if you prefer one package management system over another, your choice will already be narrowed down. Of course, it can get a little murky with crossovers, like apt-rpm. But if you want Apt, you will be using a Debian-based system. If you want RPM, you will be using a Red Hat/Fedora-based distribution (or, in the case of urpmi, Mandriva.)

#3: Directory hierarchy

This is one of those issues that has always befuddled me. There should be a standard that all distributions stick to. But as it stands, there is not. Take the init system (the initialization system). In Fedora-based systems, you will find this in /etc/rc.d/init.d. In Debian-based systems, you will find this in /etc/init.d. Even the Linux Standards Base does not define where the initialization system should lie. But you will still have your own personal standard. When moving from Fedora to Ubuntu, it took me a while to keep from typing /etc/rc.d/init.d/mysql start and typing /etc/init.d/mysql start. If you’re used to one, either stick with it or anticipate a few “command not found” errors.

#4. Desktop environment

Although you can install your desktop of choice, some users just want to install the OS and go. In that case, you will want to make sure you choose a distribution that focuses on the desktop environment you like. If you want GNOME, go with Fedora. You can check out this listing of distributions shipping with GNOME as the default. If you want KDE, check out this listing of distributions shipping KDE as the default. Of course, you are not limited to either GNOME or KDE. My preference is for Enlightenment. Some distributions ship with Enlightenment as the default, such as Elive and gOS.

Even though it’s possible to install the desktop of your choice, it’s not always as simple as it might seem. If you don’t want to spend time resolving dependencies or figuring out what repository to add to install KDE4, go with a distribution that ships your preferred desktop by default.

#5: Security

Linux is a much more secure OS than most, although not all distributions are equally secure. In fact, there are distributions aimed primarily at security, such as Trustix, which claims to be the most secure of all Linux distributions. But truth be told, the most secure Linux distribution is the one that is properly configured. But if you want security “out of the box,” the short list of distributions would include Trustix, Engarde Linux, and Bastille Linux.

#6: Intended use

Let’s face it: We don’t all use our computers for the same thing. Some need multimedia. Some need servers. Some need development. Some need a simple workstation to write and surf the Web. And there are Linux distributions for every need. Need a headless server? Give Ubuntu Server Edition <http://www.ubuntu.com/products/whatisubuntu/serveredition> a try. Is multimedia your game? If so, take a look at StartCom Multimedia Edition. If you’re an average user (office suite, e-mail, Web), you can go with any of the distributions.

#7: Hardware

This one is tricky. As I said earlier, your hardware will sometimes dictate what drivers you will use. But it goes beyond that. There are distributions that are known for their hardware friendliness. For instance, PCLinuxOS is one of the best choices for overall hardware detection and setup (as well as being one of the simplest to install). For wireless, your best choices are Ubuntu, Mepis, and SuSE.

#8: Laptop use

Another tricky spot. On top of having to deal with wireless and graphics (see #7), you also have to hope that your laptop will support hibernation. This is one of the rougher spots for modern Linux. Getting a laptop to suspend or hibernate is a matter of hoping your particular laptop will play well with your distribution. Your best bet is to simply Google your make and model of laptop along with “linux suspend” to find out which distribution is best suited for your machine.

Wireless on your laptop will be an interesting journey. But here’s a good tip to help you out: Forget tools like Exalt and go directly to WICD. This tool is much better at handling various forms of wireless authentication.

#9: Installation

If you are really considering Linux, you know you have two choices: Find a vendor that will sell you a machine with a pre-installed distribution or install a distribution yourself. If you have never installed an operating system, don’t fret; it’s not hard. It will take some time, but rest assured that all modern Linux distributions (with the rare exception) are point-and-click GUI installations. And Linux one-ups its competition by giving you the Live CD. You can pop it into the machine, boot from it, and give Linux a try without having to install anything. A Live CD instance of Linux will run considerably slower than the installed version (and that will depend upon how much RAM your machine has), but you can get a good idea how well it is going to react to your hardware (and how you are going to react to the OS).

I would like to say that one distribution’s installation routine is better than another (to help you weed out possible hurdles in your adoption of Linux). But that is not so much the case now. Personally, I prefer the installations of Ubuntu (in its many incarnations) and Fedora to any other. I find their installations to be far more intuitive and user friendly.

If installation isn’t your game, just find a vendor that sells Linux pre-installed. You can go to online dealers like Hewlett Packard, Dell, Zonbu, Everex, and many others. This will keep you from having to dance around distributions to figure out which will support your hardware.

#10: Community

This aspect is a bit esoteric, but it should be addressed. Linux is more than an operating system. Linux, akin to Apple, is a community. Linux is about freedom and its communities embrace that — some more than others. So if community (feeling like you belong to something special) is important to you, Ubuntu is the distribution for you. If not, you could go with the more enterprise-level Red Hat, where you’ll enjoy a more traditional model of both customer service and support.

Which brings up a related issue: Support. Along with Linux comes many forms of support. Each distribution has its own mailing list, where you can enjoy hundreds (or thousands) of users who range from every level of experience. If you’re a DIY kind of person, this type of support will be right up your alley. And it’s free! If you’re not the DIY type, you should stick with SuSE (which benefits from Novell’s backing) or Red Hat, where you can buy a solid support package for your installations. If you do opt for the more community-drive distribution, you’ll be in good hands. On many occasions I have enjoyed speaking directly to the developer(s) of the application in question. Finding such a communication line with, say, a Microsoft or an Apple wouldn’t be so easy. With Linux — you never know. You might wind up chatting up the Linux kernel with Linux creator Linus Torvalds himself. I have a few times.

So there you have it. Ten things to consider when choosing a Linux distribution. But ultimately, it all boils down to choice. And that’s where Linux really shines. With Linux, you can choose on nearly every level. You aren’t locked down to any one thing.

Original Post : http://blogs.techrepublic.com.com/10things/?p=334

Wednesday, April 23, 2008

Linux Firewall : iptables - Basic

Introductions

IPTABLES is an applications for linux in configuring netfiters, chains and rules. This command must be executed by the root privilege user. Normally this command is located at /usr/sbin/iptables or /sbin/iptables.

 

How iptables works ?

Every packet inspected by the iptables will be passing through a sequence of built in tables or queues for processing.

Basically the iptables is built up with THREE(3) tables which are MANGLE table which responsible for altering the TCP header, FILTER table for packet filtering and NAT table which responsible for network address translation(NAT).

FILTER Table

Filter table can be divided into 3 different chains, which are :-

INPUT Chain

This chain will filter all the packets which destinated to the firewall or the device itself.

FORWARD Chain

This chain responsible to filter all packets which passing through from one interface to another interface in firewall.

OUTPUT Chain

This chain filters all the packets which originated from the firewall or the device itself.

NAT Table

There are also 3 different chains in the NAT table, which are : -

PREROUTING Chain

This chain will translate the address before routing. Normally it is used with destination NAT or DNAT. Normally this chain be used when doing port forwarding.

POSTROUTING Chain

This chain will translate the address after routing. Normally it is used to change source NAT or SNAT IP.

OUTPUT Chain

Used to network address translate the firewall outgoing packets but it is rarely being used.

MANGLE Table

This table responsible in modify the TCP header to provide quality of service (QoS) before routing. It might be rarely used in a small SOHO network.

There are five chains in this table which are PREROUTING, POSTROUTING, INPUT, OUTPUT and FORWARD.

 

Everytime you create/remove/alter the iptables rules, you need to specify the TABLE and CHAIN. If there is no TABLE is being specify, the system will assume it is the default table, which is FILTER table as most rules are related to the FILTER table.

You will understand more when it comes to the command syntax, where I will touch on later.

 

How a packet flow through the iptables tables/chains ?

tables_traverse

When a packet hits the WAN to create a data connection, it will flow as accordingly as below :

  1. It will examined by MANGLE table's PREROUTING chain, if any.
  2. Followed by the NAT table's PREROUTING chain if it's required DNAT.
  3. Then it is routed.
  4. If the packet is destinated to the LAN network, it will be examined by the MANGLE table's FORWARD chain for QoS if any  followed by the FILTER table's FORWARD chain. Then it will examined by the MANGLE table's POSTROUTING chain for QoS if any followed by the FILTER table's POSTROUTING chain if any SNAT is needed.
  5. Then the packet will arrive to the LAN station. If the destinated LAN station is decided to reply, then it will go thru the same TABLES and CHAINS reversely.
  6. If the packet is destinated to the firewall itself, then it will be examined by the MANGLE table's INPUT chain followed by the FILTER table's INPUT chain. If it is success, then the packet will be reaching the firewall.
  7. If the firewall decided to reply then it will be examing through the MANGLE, NAT and FILTER table's OUTPUT sequencely. Then followed by the MANGLE and NAT table's POSTROUTING before the replying packet back to the WAN side.

 

What is iptables TARGET and JUMP ?

When each and every iptables rules examine the packet, it will tries to identify the user-defined target or jump for some sort of operations.

Basically there are few TARGET where we are commonly used as :

ACCEPT

As named, it is to accept and will pass it to the destinated applications or IP/network.

DROP

The packet will be blocked and will not be passing through/to. No notifications will be provided to the SENDER.

REJECT

There is slightly different between REJECT target and DROP target, reject will blocked the packet but will also provide an ERROR message to the SENDER.

DNAT

This is use to do destination network address translation whereby it will change the destination IP address of the packet.

SNAT

This is use to do source network address translation whereby it will rewrite the source IP address of the packet.

MASQUERADE

This is considered the dynamic way to do source network address translation whereby the source IP address will be rewrite as the firewall's WAN interface IP address.

 

Common iptables command switch operations

Before you able to create/remove/alter the iptables firewall rules, you need to understand the subnetting(CIDR), routing and TCP/IP concept very well. Else, you might be MESSED UP the firewall !!!

               *** Play and try at your own risk ***

- t  <table>

To specify the TABLE ( MANGLE, NAT or FILTER )

-j <target>

To jump to the specified target chain when the packet matches the current rule.

-A

To append a rule to the end of the chain.

-I

To add a rule to the top of the chain.

-D

To delete a specify rule in the chain.

-F

To flush the whole rules.   *** Dangerous command ***

-p <protocol type>

To match a protocol like udp, tcp, icmp etc.

-p udp/tcp --dport <destination port>

To match a protocol like udp/tcp with destination port number.

-p udp/tcp --sport <source port>

To match a protocol like udp/tcp with source port number.

-s <source address>

To match the source address / network.

-d <destination address>

To match the destination address / network.

-i <incoming interface>

To match the incoming interface like eth0, eth2 etc.

-o <outgoing interface>

To match the outgoing interface like eth0, eth2 etc.

Example command

/usr/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 -s 192.168.0.0/24 -j ACCEPT

This command will add a rule at the bottom of the FILTER table's INPUT chain to accept the TCP packet from 192.168.0.0/24 network thru eth0 interface which destinated to the firewall port 22.

There are still more advanced ways to create firewall rules using iptables. I will continue discuss it in the coming post.

Have a nice try and still the same advise....

                     *** Try at your own risk !!! ***

Tuesday, April 22, 2008

Putty Connection Manager

Headache with putty ? comparing to SecureCRT which able to save your SSH sessions nicely?

Now, you can integrate your putty with this application! Furthermore, it is FREEWARE!!

puttycm

Download here

OSI Model Standard

Basically all the networks todays are based on the OSI ( Open Systems Interconnection ) seven-layers Model which was developed by the International Organization for Standardization (ISO).

OSI Reference Model is a set of seven (7) layers that defines the staged that data must go through from one device to another over a network.

osi_model

Layer 7 : Application Layer

This  layer is actually interacting with the Operating Systems. It is totally all applications and all related network protocols.

Protocols : DNS, FTP, HTTP, SNMP, SMTP, TELNET, SMB etc.

Layer 6 : Presentation Layer

This layer only responsible to translate/convert the data from Layer 7 to Layer 5 or vice versa into a standard format where the other layer can understand.

Layer 5 : Session Layer

This layer manages the data flow from higher layer to the lower by managing the data transmission timing. It also actually establishes the connections with another nodes.

Protocols : NETBios etc.

Layer 4 : Transport Layer

This layer would control the data flows control and provide error checking and recovery of data between devices.

Protocols : NETBios, TCP, UDP, RSVP etc.

Layer 3 : Network Layer

This layer determine the way that the data will be sent to the recipient device. Logical protocols, routing and addressing are handled here.

Protocols : IP, OSPF, BGP, IPSec, IS-IS, RIP, ICMP etc.

Layer 2 : Data Layer

In this layer, the appropriate physical protocols is assigned to the data. The type of network and the packet sequencing is defined here.

Protocols : WiMAX, Ethernet, PPP, L2TP, 802.11, FDDI etc.

Layer 1 : Physical Layer

This layer is actually the actual hardware with physical characteristics of the network such as connections, voltage etc.

Protocols : Modems, Optical Fiber, Twisted Pair etc.

Monday, April 21, 2008

Windows Commands 1

ping - a computer network tool used to test whether a particular host is reachable across an IP network.

usage : ping ${IPADDR}

example : ping 192.168.0.1

The sample results showns will be as :

Pinging 192.168.0.1 with 32 bytes of data:

Reply from 192.168.0.1: bytes=32 time=2ms TTL=60
Reply from 192.168.0.1: bytes=32 time=1ms TTL=60
Reply from 192.168.0.1: bytes=32 time=1ms TTL=60
Reply from 192.168.0.1: bytes=32 time=1ms TTL=60

Ping statistics for 192.168.0.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 2ms, Average = 1ms

tracert - a command used to determine the route taken by packets across an IP network.

usage : tracert ${IPADDR}

example : tracert yahoo.com

 

ipconfig - a command to display the network settings currently assigned and given by a network.

usage : ipconfig

example : ipconfig

Additional options : ipconfig/all, ipconfig/renew, ipconfig/release

 

arp - a command to show/remove the ARP informations

usage : arp -a

example : arp -d

sample result :

Interface: 192.168.0.188 --- 0x3
  Internet Address      Physical Address      Type
  192.168.0.254         00-02-44-73-ed-64     dynamic

Additional options : arp -d ( to remove and refresh the ARP table )

 

route - a command to display/add/remove routing table

To show the routing table

usage : route PRINT

example : route PRINT

To add a static route

usage : route ADD ${NETWORK} MASK ${NETMASK}  ${GATEWAY} METRIC ${METRIC} IF ${INTERFACE}

example : route ADD 10.100.132.0 MASK 255.255.255.0 192.168.0.2 METRIC 3 IF 2

To remove a route

usage : route DELETE ${NETWORK} MASK ${NETMASK}  ${GATEWAY} METRIC ${METRIC} IF ${INTERFACE}

example : route DELETE 10.100.132.0

To change a route

usage : route CHANGE ${NETWORK} MASK ${NETMASK}  ${GATEWAY} METRIC ${METRIC} IF ${INTERFACE}

example : route CHANGE 10.100.132.0 MASK 255.255.255.0 192.168.0.2 METRIC 3 IF 2

 

pathping - a command with combinations of ping and tracert.

This command have more advantages comparing to tracert and ping as it provides statistics between each nodes from end-to-end but it has disadvantage whereby it would takes up more than 5 minutes to accumulate the results.

usage : pathping ${IPADDR}

example : pathping yahoo.com

The results showns will be as :

Tracing route to yahoo.com [216.109.112.135]
over a maximum of 30 hops:
  0  joseph [192.168.0.54]
  1  192.168.0.1
  2  .....
  3  .....
  4  .....
  5  .....
  6  gi0-1.gw1.kul1.asianetcom.net [202.147.48.193]
  7  gi2-0-0.gw3.kul1.asianetcom.net [202.147.48.146]
  8  po12-3.gw2.sin1.asianetcom.net [202.147.48.210]
  9  po15-0-1.cr1.nrt1.asianetcom.net [202.147.32.90]
10  po1-0.gw1.sjc1.asianetcom.net [202.147.50.133]
11  PAT2.SJC.yahoo.com [206.223.116.16]
12  so-0-0-0.pat2.da3.yahoo.com [216.115.101.139]
13  so-1-0-0.pat2.dcp.yahoo.com [216.115.101.154]
14  ge-1-0-0-p121.msr1.dcn.yahoo.com [216.115.108.51]
15  ge2-2.bas1-m.dcn.yahoo.com [216.109.120.142]
16  w2.rc.vip.dcn.yahoo.com [216.109.112.135]

Computing statistics for 400 seconds...
Source to Here   This Node/Link Hop  RTT    Lost/Sent = Pct  Lost/Sent = Pct  Address
  0  joseph [192.168.0.54]    0/ 100 =  0%   |
  1   14ms     0/ 100 =  0%     0/ 100 =  0%  192.168.0.1     0/ 100 =  0%   |
  2   35ms     0/ 100 =  0%     0/ 100 =  0%  ....

  3   25ms     1/ 100 =  1%     1/ 100 =  1%  ....                              

....and so on...

By using this command, you can have better analysis on the "lost" may have along the paths with how many packets are loss over 100 samples ping.

 

netsh dump - Dump all the network information as a script to the screen.

usage : netsh dump

With this command you can gather all the informations for your network devices. You may also dump all the informations into a text file for easier references.

usage : netsh dump > dump.txt

netsh interface ip - Configure the IP settings

To show IP config

Besides using the conventional "ipconfig/all", you may also use this command for all the IP settings informations .

usage : netsh interface ip show config

example : netsh interface ip show config

Sample result as below :

Configuration for interface "Local Area Connection"
    DHCP enabled:                         No
    IP Address:                           192.168.0.188
    SubnetMask:                           255.255.255.0
    Default Gateway:                      192.168.0.1
    GatewayMetric:                        1
    InterfaceMetric:                      0
    Statically Configured DNS Servers:    203.158.24.18
                                          203.158.28.18
    Statically Configured WINS Servers:   None
    Register with which suffix:           Both primary and connection-specific

Configuration for interface "Wireless Network Connection"
    DHCP enabled:                         Yes
    InterfaceMetric:                      0
    Statically Configured DNS Servers:    203.158.28.18
    WINS servers configured through DHCP: None
    Register with which suffix:           Primary only

To configure static IP address

usage : netsh interface ip set address "${ETHERNETADAPTOR}" static ${IPADDRE} ${SUBNETMASK} ${GATEWAY} ${METRIC}

example : netsh interface ip set address "Local Area Connection" static 192.168.0.188 255.255.255.0 192.168.0.1 1

To configure dhcp IP address

usage : netsh interface ip set address "${ETHERNETADAPTOR}" dhcp

example : netsh interface ip set address "Wireless Network Connection" dhcp

Sunday, April 20, 2008

Basic Linux IP Networking Command 1

Ifconfig - configures interface devices for use. It provides each device with its (IP) address, netmask, and broadcast address.

usage : ifconfig ${DEVICE} ${IPADDR} netmask ${NMASK} broadcast ${BCAST}

example : ifconfig eth0 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255

eth0  Link encap:Ethernet  HWaddr 00:C1:4E:7D:9E:25
      inet addr:172.16.1.1  Bcast:172.16.1.255  Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:389016 errors:16534 dropped:0 overruns:0 rame:24522
      TX packets:400845 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:100
      Interrupt:11 Base address:0xcc00

You  may also use this command as :

ifconfig -a - view all the interfaces either active or inactive.
ifconfig eth0 down - shut down eth0
ifconfig eth1 up - activate eth1
ifconfig eth0 arp - enable ARP on eth0
ifconfig eth0 -arp - disable ARP on eth0
ifconfig eth0 netmask 255.255.255.0 - set the eth0 netmask
ifconfig lo mtu 2000 - set the loopback maximum transfer unit
ifconfig eth1 172.16.0.7 - set the eth1 IP address

 

route - adds predefined routes for interface devices to the Forwarding Information Base (FIB).

usage : route add -net ${NETWORK} netmask ${NMASK} dev ${DEVICE}

example : route add -net 192.168.1.0 netmask 255.255.255.0 dev eth1

usage : route add -host ${IPADDR} ${DEVICE}

example : route add -host 192.168.2.2 eth2

This displays the Kernel IP routing table by using "route -n" :

Kernel IP routing table
Destination   Gateway     Genmask         Flags Metric Ref Use Iface
172.16.1.4    *           255.255.255.255 UH    0      0     0 eth0
172.16.1.0    *           255.255.255.0   U     0      0     0 eth0
127.0.0.0     *           255.0.0.0       U     0      0     0 lo
default       172.16.1.1  0.0.0.0         UG    0      0     0 eth0

You may also use this command to change your default gateway :

usage : route add default gw ${IPADDR}

example : route add default gw 172.16.1.2

Saturday, April 19, 2008

C.I.D.R.

This topic may be something new to certain people but it might be something that you may see or heard it quite often ( if you are a IT guy ). Anyway, let me start up with some introductions.

C.I.D.R. is Classless Inter-Domain Routing and also know as supernetting ( pronounced as "cider" ). It was actually introduced about 15 years ago on the year 1993. CIDR is a new addressing scheme for the Internet which it is actually more efficient on allocating the IP address / subnet comparing to the old standard Class A, B and C addressing scheme.

Why CIDR is introduced ?

Running out of IP address

In the original state, IP addresses were separated into 2 parts which are the NETWORK and the HOST. This division is used to control how traffic was routed.

With this tradisional dividing subnet to Class A, B and C, we would actually divide the network into :

cidr01

Using the old Classfull IP addressing ( Class A, B, and C addressing )scheme the Internet could ONLY support the following:

  • 126 Class A networks that could include up to 16,777,214 hosts each
  • Plus 65,000 Class B networks that could include up to 65,534 hosts each
  • Plus over 2 million Class C networks that could include up to 254 hosts each
  • Some addresses are reserved for broadcast messages, etc

Because Internet addresses were generally only assigned in these three sizes, there was a lot of wasted addresses.

For example, if you needed 100 addresses you would be assigned the smallest address (Class C), but that still meant 154 unused addresses.

The overall result was that while the Internet was running out of unassigned addresses, only 3% of the assigned addresses were actually being used. CIDR was developed to be a much more efficient method of assigning addresses.

The "appearance" of NAT ( Network Address Translation ) has actually solved partially of this problem. Thus, a new scheme namely CIDR was developed to solve it.

How actually CIDR work and solve the problem ?

The class system is being replaced with a prefix anywhere from 13 to 27 bits which serves as a generalized network prefix. Thus a new IP address might look like this 192.168.0.48/25. The first 25 bit in the address are used to identify the network, while the remaining  7 bits are used to identify the host.

In the other words, it means that the old class system FORCED us to use either the last 8, 16 or 24 bits as HOST while the introduction of the CIDR, we may use like the last 7 bits ( /25 ) or even last 4 bits ( /28 ) as a network.

CIDR blocks and number of Host IDs per segment:

cidr02

With this, it should actually allows the owner especially the ISP(s) to be allocated with a pool of IP addresses ( e.g.  /21 = 2048 IP addresses ). Then the ISP is able to re-allocate to its user by a smaller block from /30, /29, /28 etc.

Example, 203.158.24.0/21 is being allocated to an ISP then the ISP can re-assign to its A user, 203.158.30.0/29 and to its B user, 203.158.30.8/29.

How can I calculate and get the CIDR ?

You must be thinking, calculations again?! Don't worry, it is actually far more easier than you think!

Example, Network : 192.168.26.0/29

Put all the 29 bits in binary format, 29 (1) bits and 3 (0) bits:

11111111111111111111111111111000   = Total must be 32 bits

Divide them into 4 octets:

1111 1111.1111 1111.1111 1111.1111 1000

Convert them to decimal ( refer :

255.255.255.248

Doesn't it sounds EASY ? What you need to remember is actually only :

  • Class A ( 255.0.0.0 ) = /8
  • Class B ( 255.255.0.0 ) = /16
  • Class C ( 255.255.255.0 ) = /24

Shall you be given a subnet of 255.255.255.192, then you may just need to do the reverse calculations :

255.255.255.192 = 1111 1111.1111 1111.1111 1111.1100 0000

Then, the prefix for this network = /26 ( Number of bit (1) )

For those who actually want to do some practice and verify, you get refers the below for the charts.

CIDR Conversion Table

Online IP Subnet Calculator

Download this PDF ---> Network and Subnet Helper

Friday, April 18, 2008

IP Addressing/Subnetting : Chapter 3

After the tutorial and discussions in Chapter 1 and Chapter 2, I believe most of you should have an better idea on the IP addressing/subnetting. Now it's the time to apply the knowledge on some problems analyzing and designing.

Q : If you are given the situation below, and you should "separate" your network as accordingly. What should you do and how is the IP assignment?

Network ID : 203.158.30.0

Subnet Mask : 255.255.255.0

Number of networks needed : 4 different separated network

First of all, you need to know the total number of hosts available in the network given. Total number of IP address available

= ( 2 ^ unmasked bits ) - 2

= ( 2 ^ 8 ) - 2 = 256 - 2 = 254 hosts if default Class C is used

Divide the network into 4 different network, each network should have ( Including every network ID and broadcast IP )

= 256 / 4 = 64 hosts each

Thus, your subnet mask for each network

= 255.255.255. [ 254 hosts - 64 hosts each ]

= 255.255.255.192

Now, it is the time for you to "chop" your 203.158.30.x network. Your may get your Network ID for each network by adding 64 hosts each started from .0

The Broadcast IP for each network will be next Network ID minus 1 as shown in the "chop" diagram below. What remaining in between the Network ID and Broadcast IP are the available IP addresses can be used.

=== 1st Network ======================================

203.158.30.0 --------------------------- Network ID

203.158.30.1 ~ 203.158.30.62           Available IP addresses

203.158.30.63 --------------------------- Broadcast IP

=== 2nd Network ======================================

203.158.30.64 --------------------------- Network ID

203.158.30.65 ~ 203.158.30.126         Available IP addresses

203.158.30.127 --------------------------- Broadcast IP

=== 3rd Network ======================================

203.158.30.128 --------------------------- Network ID

203.158.30.129 ~ 203.158.30.190         Available IP addresses

203.158.30.191 --------------------------- Broadcast IP

=== 4th Network ======================================

203.158.30.192 --------------------------- Network ID

203.158.30.193 ~ 203.158.30.254         Available IP addresses

203.158.30.255 --------------------------- Broadcast IP

Now, you may try yourself on solving the question below.

Q : If you are given the situation below, and you should "separate" your network as accordingly. What should you do and how is the IP assignment?

Network ID : 192.168.4.0

Subnet Mask : 255.255.254.0

Number of networks needed : 16 different separated network

In the next post, I will continue in the C.I.D.R. Have a nice day~

IP Addressing/Subnetting : Chapter 2

Further to the previous post ( IP Address/Subnetting : Chapter 1 ), before I go into the topic, let's me get some FAQs.

Q: What is Network ID?

A: Network ID is an "identifier" of a network when you are trying to tell others what network/subnet are you ( sounds profesionally?! ) rather than telling the whole story, IP address, subnet....blahhhh...

Q: What is broadcast IP ?

A: Broadcast IP is normally the "last" IP of a subnet addresses. For example, 192.168.1.255 is the broadcast IP for default Class C ( 255.255.255.0 ) 192.168.1.x network. If a packet is addressed to the broadcast IP, then it will be targeted to EVERY stations in this particular network. That's why it's called broadcast IP.

Q: Why should I know IP addressing/subnetting ?

A: It is very important someday when you need to design and implement a network, you may need to know how to consider the appropiate subnet mask to be used and numbers of hosts you may have when a subnet mask is used. In addition, it is also very important and useful when you do the network routing and NAT-ing as well as firewall ruling.

Q: How many hosts in a Default Class C ( 255.255.255.0 ) network ?

A: A Class C network have 254 hosts. It can be simply calculated using a formula by considering the subnet mask and number of binary bits.

Default Class C would have binary of

1111 1111. 1111 1111. 1111 1111. 0000 0000 = 255.255.255.0

We can just consider the number of 0s in the subnet mask ( It is known as UNMASKED BITS or SUBNET BITS ) and convert it to 1s which are 0000 0000 = 1111 1111, by refering to the chart below :

IP03

The SUM of unmasked bits

( 1111 1111 )

= 128 + 64 + 32 + 16 + 8 + 4 + 2 +1

= 255

Because of the first number of an octet is started from 0 instead 1, therefore the total available IP address would be :

= ( SUM of Unmasked bits ) + 1

= 255 + 1 = 256 IP Addresses

By using the formula Total Available IPs minus 2, the result will be the total number of hosts in default Class C network :

= 256 - 2 = 254 hosts.

EXAMPLE 1

Network ID : 10.10.10.0 / Subnet Mask : 255.255.255.192

1111 1111. 1111 1111. 1111 1111. 1100 0000 = 255.255.255.192

Total Available IPs = ( 32 + 16 + 8 + 4 + 2 + 1 ) + 1 = 64

Thus, the total number of hosts = 64 -2 = 62 hosts

For Network ID : 10.10.10.0 ,

Thus, the broadcast IP = x.x.x.0 + 64 IPs = x.x.x.64 = 10.10.10.63

EXAMPLE 2

Network : 10.133.80.32 / Subnet Mask : 255.255.255.224

1111 1111. 1111 1111. 1111 1111. 1110 0000 = 255.255.255.224

Total Available IPs = ( 16 + 8 + 4 + 2 + 1 ) + 1 = 32

Thus, the total number of hosts = 32 -2 = 30 hosts

For Network ID : 10.133.80.32 ,

Thus, the broadcast IP = x.x.x.32 + 32 IPs = x.x.x.64 = 10.133.80.63

Anyway, besides using the standard formula above ( which you may need to know but not neccessary to remember it :p ) There is another CHEAT FORMULA as below :

Referring to Example 1 again :

Network ID : 10.10.10.0 / Subnet Mask : 255.255.255.192

Then use the formula :

Total IP available = 256 - last subnet mask portion

= 256 - 192 = 64

Then continue to the other formulas to get the Network ID, number of hosts and the broadcast IP as above.

ALTERNATIVELY:

You can use to calculate the number of hosts is = 2 power of ( unmasked bit )-2, in this case :

Total number of hosts = (2 ^ 5 )-2 = 62 hosts

As reminder again, please always remember that :

  1. The FIRST IP in a subnet = Network ID
  2. The LAST IP in a subnet = Broadcast IP
  3. Remaining IPs between item (1) and (2) are the available IPs can be used in the network devices e.g. PC, router etc.

As reference, the graphical charts below shows the number of hosts for 10.0.x.x network with different subnet mask & unmasked bits.

IP04

Let me discuss on another example, this time we are given an IP address and subnet mask instead of Network ID is given :

EXAMPLE 3 :

IP : 10.20.237.15 / Subnet Mask : 255.255.248.0

In the case to get the Network ID, 0s in the subnet mask will convert whichever number from IP address into 0.

0000 1010. 0001 0100. 1110 1101. 0000 1111 = 10.20.237.15

1111 1111. 1111 1111. 1111 1000. 0000 0000 = 255.255.248.0

---------------------------------------------------------------------------------------------

0000 1010. 0001 0100. 1110 1000. 0000 0000 = 10.20.232.0

Network ID = 10.20.232.0

The FIRST IP : 10.20.232.1

The LAST IP

= 10.20.[232 + (8 unmasked bits in subnet mask portion 3) - 1].255

= 10.20.232.255

IP06

Number of hosts = (2 ^ unmasked bits) - 2 = (2 ^ 11) -2 = 2048 hosts

( which equivalent to 4x default Class C network )

Try it out yourself....and I think I should stop here, as I am damm sleepy now. Will continue tomorrow in the next post.

IP Addressing/Subnetting : Chapter 1

Charter 1 : IP Address

1.0 Introduction

IP, Internet Protocol, address is a unique identifier for a host or host connection on an IP Network. IPv4 is a combination of a 32-bits numbers usually presented in a 4 decimal values. Each decimal value representing 8 bits from range 0 to 255 ( known as octet ) separated by decimal points.

EXAMPLE 1

IP Address : 192.168.0.1

This number is also view the values in binary form as below : IP01

Q : How to "translate" the 192.168.0.1 ( decimal IP ) value into binary format ?

Referring to the table shown below, we can "separate" the individual decimal value into :

  • 192 = 128 + 64 which is 1100 0000
  • 168 = 128 + 32 + 8 which is 1010 1000
  • 0 = 0 which is 0000 0000
  • 1 = 1 which is 0000 0001

IP02

Every IP address consists of two parts, one is identifying the node and the other one is identifying the network. The class of the address and the subnet mask determine which part belongs to the network address and which part belongs to the host address.

1.1 Address Classes for IPv4

For IPv4, there are 5 different address classes, in which you may identify it thru the first 4 bits of the first portion of decimal IP address.

  • Class A addresses begin with 0xxx, or 1 to 126 decimal.
  • Class B addresses begin with 10xx, or 128 to 191 decimal.
  • Class C addresses begin with 110x, or 192 to 223 decimal.
  • Class D addresses begin with 1110, or 224 to 239 decimal.
  • Class E addresses begin with 1111, or 240 to 254 decimal.

classes

Please also note that addresses beginning with 0111 1111, or 127 decimal, are reserved for loopback and internal testing for local machine ( a.k.a. 127.0.0.1 or also known as localhost ). Class D and class E are also not used as addresses as Class D addresses are reserved for multicasting and Class E is reserved for future use.

All the IP addresses from Class A, B and C are unique assignment in the public network. Anyhow, there are three IP network are reserved for private network :

  1. 10.0.0.0, Subnet Mask 255.0.0.0 ( 10/8 prefix )
  2. 172.16.0.0, Subnet Mask 255.240.0.0 ( 172.16/12 prefix )
  3. 192.168.0.0, Subnet Mask 255.255.0.0 ( 192.168/16 prefix )

These group of private network can be used in the private internal address anywhere in the network, in which it will not be route-able in the Public Network as it will not be forwarded in router by default as define in RFC1918.

1.2 Subnet Masking

When you apply a subnet mask to an IP address, it would allows you to identify the network address and the host part of the addresses by using the bitwise logical AND operation between IP address and subnet mask.

  • The network bits are represented by 1s in the mask.
  • The host bits are represented by 0s in the mask.

EXAMPLE 2

192.168.1.20 with subnet mask 255.255.255.0. 192.168.1 is representing the network while 20 is representing the host uniquely.

1100 0000. 1010 1000. 0000 0001. 0001 0100 = 192.168.1.20

1111 1111. 1111 1111. 1111 1111. 0000 0000 = 255.255.255.0

-----------------------------------------------------------------------------------------

1100 0000. 1010 1000. 0000 0001. 0000 0000 = 192.168.1.0

Therefore, 192.168.1.0 is the network address.

EXAMPLE 3

10.133.0.188 with subnet mask 255.255.224.0. 10.133.0 is representing the network while 0.188 is representing the host uniquely.

0000 1010. 1000 0101. 0000 0000. 1011 1100 = 10.133.0.188

1111 1111. 1111 1111. 1110 0000. 0000 0000 = 255.255.224.0

-----------------------------------------------------------------------------------------

0000 1010. 1000 0101. 0000 0000. 0000 0000 = 10.133.0.0

0000 1010. 1000 0101. 0001 1111. 1111 1111 = 10.133.31.255

Thus, the network address is 10.133.0.0.

In the case to get the broadcast address, you may change the subnet mask hosts bit to 1 and perform the bitwise logical AND operation between IP address and subnet mask. Thus, you may get the broadcast address of 10.133.31.255.

1.3 How logical AND works ?

The logical AND compares 2 digits, if both "1" then results "1", otherwise it is "0".

If you really still confusing on the logical AND, there is a simple trick to bypass the binary calculations but it is highly not advisable. :p

  1. Open your calculator. ( Click START->Accessories->Calculator )
  2. Select "Dec" ( decimal ).
  3. Punch in "133" and followed by "AND" ( as shown in the picture )
  4. Punch the netmask "133" and ENTER.
  5. You will get the result "133" as per Example 3 above.

calc

In the IP Addressing : Chapter 2, I will continue with more details' calculations to determine :

  1. Number of hosts for a network based on subnet mask or host bit length.
  2. How to "chop" a network based on subnet mask.