Chapter 6

TCP/IP
1. Introduction

Although there are a large number of different protocols that operate at different
layers of the OSI model, one protocol has assumed primary importance for
communicating both within and between networks. This protocol is known as the
Transmission Control Protocol/Internet Protocol (TCP/IP). As its name suggests,
TCP/IP is the protocol that makes communication via the Internet possible, hence its
importance.

TCP/IP has become the standard protocol used for interoperability among many
different types of computers. (Interoperability simply means different types of
computers being able to communicate with each other.) This interoperability is a
primary advantage of TCP/IP. Most networks support TCP/IP as a protocol.

2. TCP/IP and OSI

TCP/IP is not actually a single protocol, but a set of protocols that operate at different
levels. The levels involved in TCP/IP do not exactly match those of the OSI reference
model. Instead of seven layers, TCP/IP specifies only four:
 Network interface layer
 Internet layer
 Transport layer
 Application layer

Each of these layers corresponds to one or more layers of the OSI reference model.
The table below shows the correspondence between OSI layers and TCP/IP layers.

OSI Layers TCP/IP Layers

Application Application
Presentation Application
Session Application
Transport Transport
Network Internet
Data-link Network interface
Physical Network interface

TCP/IP is an industry standard and is an open protocol. This means it is not controlled
by a single company, and is less subject to compatibility issues.

3. Overview of TCP/IP

As was stated above, TCP/IP consists of a number of different protocols that perform
a variety of functions and operate at a number of different levels. An overview of the
protocols included in TCP/IP is shown below.

1
 OSI Layer TCP/IP Protocols
7=Application Telnet DHCP
6=Presentation FTP SNMP
5=Session SMTP DNS
4=Transport TCP UDP
3=Network IP ARP RARP
2=Datalink Hardware oriented
1=Physical Hardware oriented

We will now consider some of these protocols in more detail.

4. The TCP/IP protocols

4.1 The IP protocol and IP addresses

One of the most important protocols in the TCP/IP suite is the IP protocol. This is
used at the Internet layer of TCP/IP (i.e. the Network layer in the OSI model) and is
used to attach network addresses to packets. The IP protocol provides best effort
delivery between network stations.

IP routes packets on the network by using IP addresses. An IP address consists of 4

numbers between 0 and 255 separated by dots. For example, 146.23.0.194 is a valid
IP address. When you surf the Internet and type a URL into your browser (e.g.
www.yahoo.com) you are actually using IP addresses. Every Internet domain such as
Yahoo or Google has at least one IP address on the Internet.

4.1.1 Class A, B and C networks

Clearly there is not one single network administrator responsible for the whole of the
Internet, so breaking it down into smaller subnets makes sense. Using the 4 number
(or 32 bit) IP addresses makes it relatively easy to segment the task of managing
computer networks. This is done by splitting the address into two parts: the network
ID (or prefix), and the computer ID (or suffix). As an example, we will first consider
the largest type of subnet: class A networks.

Subnets are defined by fixing a certain number of the 32 bits in the IP address, and
allowing the others to vary. In class A networks, the first 8 bits of the IP address are
fixed (i.e. the first of the four numbers), allowing network administrators to assign the
other 24 bits (three numbers) as computer addresses. As 24 bits are available for use
in the subnet, class A networks can contain up to 2 24 different computers. There are
only a very small number of class A networks, and all have already been assigned to
large companies. For example, IBM have the class A network 9.*.*.* and Apple
have 17.*.*.*.

In a class B network the first 16 bits of the IP address are fixed. They can have up to
216 different computers on their network (65,536). All class B networks have also
already been assigned. Microsoft is an example of a company with a class B network.

2
Class C networks have the first 24 bits of the IP address fixed, allowing only 255 (2 8)
different computer addresses. This is the only type of subnet that it is still possible to
buy.

Using this class-based system, it is possible to tell that an IP address is in a class A

network because the first bit of the 32 is set to a 0. This means that only 7 bits are
available for storing the network ID, making a total of 2 7 (=128) different class A
networks. A class B network is indicated by setting the first 2 bits to 10, leaving 14
bits for the network ID (so there are 16,384 different class B networks). Class C
networks have the first 3 bits set to 110, leaving 21 bits for the network ID. Therefore
there can be total of 221 (2,097,157) different class C networks (see table below).

Maximum Maximum
Network
Prefix bits number of Suffix bits computers
class
networks per network
A 7 128 24 16777216
B 14 16384 16 65536
C 21 2097152 8 256

For example, given the IP address 128.255.10.1, we know immediately that this
is on a class B network. We can tell this because if we rewrite the address in binary
form (10000000.11111111.00001010.00000001), the first two bits are 10,
which always indicate a class B network. So the first 16 bits represent the network ID
(128.255) and the last 16 bits are the computer ID (10.1).

To tell what class of network an IP address is on, we do not need to always rewrite the
address in binary form. Any address beginning with a number between 0 and 127 is
on a class A network, between 128 and 191 is on a class B network, and between 192
and 223 is on a class C network. Any IP address starting with any number greater than
223 is reserved for special uses.

4.1.2 Exercise 1

For example, using the class-based system of IP addressing, what can you deduce
from the following IP addresses?
i.e. What class network are they on, and what are the network ID and computer ID?
i. 223.1.0.129
ii. 2.255.15.254
iii. 131.192.161.1
(go to the end of this handout for the answers)

4.1.3 Reserved IP addresses

You cannot use every IP address. There are some addresses, or sets of addresses, that
are reserved for special uses. The table below summarises these.

3
 Network ID Computer ID Description Use
All 0’s All 0’s This computer Used during system boot
All 0’s Computer ID A computer on this
subnet
Network ID All 0’s Network number Used to refer to an entire
subnet
All 1’s All 1’s Limited broadcast Broadcasts message to all
computers on this subnet
Network ID All 1’s Directed broadcast Broadcasts message to all
computers on specified
network
127 Any Loopback address Used for testing
Any number Any Multicast &
greater than experimental
223 address

We can see that any IP address that has a valid network ID, but all binary 0’s for the
computer ID, is the network number. The network number is a way of referring to an
entire subnet. Therefore this address cannot be assigned to a computer. Similarly if
the computer ID is all binary 1’s it is a broadcast address. The broadcast address is
used if you want to send a packet to every computer on a subnet. Therefore this
address can also not be assigned to a computer on the network. For example, a class C
network provides 256 different values for the computer ID, but only 254 of these can
be assigned to computers.

Most subnets have at least one router. If it didn’t have a router it would be isolated
and could not communicate with any other networks. A router must also have an IP
address on the subnet, and by convention the first IP address after the network number
is assigned to the default router. Note that this is not a rule, just a convention (it is
usually done but you do not have to do it).

4.1.4 Non-routable IP addresses

In addition to these there are a number of ranges of IP addresses that are specified as
‘non-routable’ addresses. This means that routers on the Internet will never forward
them. This is because they are reserved for local network use. If every computer in the
world that was on a network connected to the Internet had to have a unique IP address
we would have run out of IP addresses many years ago. But many of these computers
are on networks that only connect to the Internet through a single router, gateway
computer or dial-up connection. Therefore, on networks like this we only need a
single routable IP address; the rest of the computers can be given non-routable
addresses. A number of computers on networks in different parts of the world can
share the same non-routable IP address provided they are not directly connected on
the same network. Internet routers are programmed to ignore these addresses so there
can be no address conflict.

The ranges of non-routable IP addresses are specified by RFC 1918. (RFC stands for
Request for Comments. RFCs are electronic documents that are used for publishing
Internet standards. Anybody can submit or comment on an RFC.) The addresses are:

4
 10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
The third range (192.168.*.*) is the range used on the FBE network.

See Figure 1 for an illustration. Here we have two LANs, called A and B. Both
contain 3 PCs with the same IP addresses (192.168.0.2 to 192.168.0.4).
Similarly the routers that connect the LANs to the Internet have the same IP address
on the LAN (192.168.0.1). However, the Internet IP addresses of each of these
routers are different (200.111.23.12 and 197.210.33.12). Since all routers
are programmed to ignore addresses in the range 192.168.0.0 –
192.168.255.255 there is no address conflict. Note also that these computers can
never receive packets from the Internet, because their router would ignore them. All
packets for these subnets must be addressed to the routable IP address of the router.
Therefore every network connected to the Internet must have at least 1 routable IP
address.

4.1.5 Exercise 2

Which of the following IP addresses are invalid addresses for computers on the
Internet? If they are invalid, explain why.
i. 130.22.256.22
ii. 222.222.255.222
iii. 240.12.3.24
iv. 128.128.0.128
v. 200.128.0.255
vi. 255.255.255.255
vii. 127.0.0.1
viii. 13.13.0.13
ix. 10.240.12.11
(go to the end of this handout for the answers)

5
 Figure 1 – Use of non-routable IP addresses in local networks

4.1.6 Classless Inter-domain routing

When this class-based system was introduced, it was thought that it would easily
provide enough IP addresses for the Internet. However, due to the rapid increase in
the number of Internet users worldwide, IP addresses eventually came to be in short
supply. Because of this, in 1994 a new system was introduced: classless inter-domain
routing, or CIDR.

CIDR uses subnet masks to subdivide networks. The 32 bits in a subnet mask indicate
which of the bits in an IP address are a part of the prefix (network ID), and which are
a part of the suffix (computer ID). If a bit in the subnet mask is a 1, that bit is in the
prefix and so must be fixed in the IP addresses of a subnet. If a bit in the subnet mask
is a 0 then it is part of the suffix and it is allowed to vary within a subnet. For
example, in a class C network only the last 8 bits can vary, so the subnet mask is
255.255.255.0 (or 11111111.11111111.11111111.00000000). For class A
and B networks the subnets masks are 255.0.0.0 and 255.255.0.0 respectively.

However, subnet masks allow much more flexibility than the class-based system. For
example, suppose we wish to have a subnet with 1000 IP addresses. Under the class-
based system we would have to allocate a class B network, which has a total of
65,534 addresses, approximately 64,000 of which would be unused. Using CIDR we
can specify the following subnet mask:

11111111 11111111 11111100 00000000

255 255 252 0

Now we are using 22 bits to specify the network ID, and 10 bits for the computer ID.
This allows a total of 210, or 1024, different IP addresses in the subnet, which
minimises the number of unused addresses.
Because we can now have any number of bits in the network ID part of the IP address,
the IP address is generally written with a slash at the end followed by the number of
bits in the network ID, e.g. 200.123.192.2/22. Because of this notation a subnet
with 22 bits for the network ID is known as a “slash 22 network”.

The CIDR system has temporarily alleviated the shortage of IP addresses on the
Internet, but still we will run out of addresses one day. Because of this a new system
is being devised that uses 128 bit addresses.

4.1.7 Exercise 3

For example, if we have a subnet with the network number 21.100.19.0, and a
subnet mask of 255.255.255.192 (i.e. a slash 26 network) which of the
following IP addresses would be on the subnet?
i. 21.100.19.1
ii. 21.101.19.1
iii. 21.100.19.128

6
 iv. 21.100.19.62
(go to the end of this handout for the answers)

4.1.8 Exercise 4

Look at the network diagram in Figure 2 and answer the following questions:
i. What class network are the computers A, B, D and E on? What about
computer C?
ii. If computer E wanted to send a packet to computer C, what IP address would
it send that packet to?
iii. Can you identify any problems with the assignment of IP addresses and
default gateways in this network?
(go to the end of this handout for the answers)

Figure 2 – Network diagram

4.2 UDP and TCP

UDP (User Datagram Protocol) and TCP (Transmission Control Protocol) are both
higher-level protocols than IP (they operate at level 4 of the OSI model), and provide
the communication link between the application program and IP.

TCP provides connection-oriented transmission through the use of predefined ports.

A port is simply a number that identifies the communicating application on each
computer. Applications using TCP will acknowledge received packets, and if a sent

7
packet is not acknowledged it will be resent. Therefore TCP provides completely
reliable delivery. The Telnet and FTP applications both use TCP.

UDP provides connectionless transmission. There is no acknowledgement of received

packets so UDP uses best effort delivery. Because of the lack of acknowledgement
packets there are fewer overheads in UDP compared to TCP, so communication is
more efficient, but less reliable. The DHCP and DNS protocols use UDP.

4.3 ARP and RARP

Every network device (e.g. NIC, router, bridge, etc.) has a unique hardware address.
This address is known as the MAC (media access control) address. MAC addresses
are different to IP addresses: they are a 48-bit binary code and they never change –
they are permanently assigned to the device at manufacturing time. IP addresses, on
the other hand, are assigned by software and so they can change during the lifetime of
a device. In low-level protocols, all addressing is performed using MAC addresses.

ARP stands for the address resolution protocol. It operates at the Network layer of
OSI, and the Internet layer of TCP/IP. ARP is responsible for translating from IP
addresses to MAC addresses. RARP stands for the reverse address resolution
protocol, and is responsible for translating from MAC addresses to IP addresses.
Because of the service provided by ARP and RARP, all protocols above them in the
OSI model are able to use IP addresses only when referring to network devices.
For example, suppose that a computer COM1 with IP address 10.0.0.2 wanted to send
a message to a computer COMSERVER with IP address 10.0.0.1. Before any
communication is possible COM1 must know the MAC address of COMSERVER.
Stored in the RAM of COM1 will be an ARP cache. This cache will contain a list of all
IP-MAC translations that COM1 knows about. If there is no entry for COMSERVER in
the ARP cache on COM1, COM1 will broadcast an ARP Request packet to the network.
COMSERVER will receive this broadcast and notice that the target IP address in the
message is the same as its own. Therefore it will send a unicast ARP Reply back to
COM1 with the required MAC address (see Figure 3). Notice that the ARP Request
must be broadcast to the whole network, as COM1 does not yet know the MAC
address to send it to. But the ARP reply from COMSERVER can be unicast because
COMSERVER knows the MAC address of COM1 from the ARP Request packet. After
COM1 receives the ARP Reply it can communicate directly with COMSERVER. It will
also add the IP-MAC translation for COMSERVER to its ARP cache.

8
 Figure 3 – Using the ARP protocol to translate from IP to MAC addresses

4.4 ICMP

ICMP is the Internet Message Control Protocol. ICMP is used to transmit status and
error messages between network stations. For example, whenever you type a URL
into Internet Explorer and you get the message “Page cannot be displayed”, it is an
ICMP packet that is responsible.

4.5 DHCP

Every computer on a network must have a unique address. This address is attached to
any packets of data that are intended for transmission to the computer. If the network
is using the TCP/IP protocol, these addresses will be IP addresses (i.e. they will
consist of 4 numbers between 0 and 255 separated by dots). If two computers have the
same address it causes an address conflict, and network problems will result. There
are two ways of ensuring that all computers have unique addresses: static IP
addressing and dynamic IP addressing. In static IP addressing each computer is
assigned a unique address by the network administrator. It will keep this address until
the network administrator assigns a different one. It is the administrator’s
responsibility to ensure that the same address is not assigned twice. In dynamic IP
addressing the assignment of addresses is handled automatically by a program
running on the server. This program is responsible for ensuring that every computer
has a unique address. Addresses are leased to clients for a limited period of time, after
which the client must request a new lease.

DHCP stands for the Dynamic Host Configuration Protocol, and is the protocol used
for requesting and assigning dynamic IP addresses. A DHCP application will typically
run on the network server. Clients then use the DHCP protocol to obtain their IP
address lease from this application. Figure 4 illustrates the communication that occurs
during dynamic IP address leasing. If a computer COM1 wanted to obtain a dynamic
IP address, it would first broadcast a DHCP Discover packet to the network to find

9
out if there was a DHCP server available. The DHCP service running on
COMSERVER will receive this message and broadcast a DHCP Offer packet offering a
particular address. It cannot use a unicast transmission, as COM1 does not yet have an
IP address. COM1 receives the DHCP Offer and decides to accept, so it sends a DHCP
Request packet back to COMSERVER. Finally COMSERVER sends an
acknowledgement back to COM1 to confirm that the IP address has been assigned (a
DHCP ACK packet).

Figure 4 – Obtaining an IP address lease using the DHCP protocol

4.6 DNS

DNS stands for the Domain Name Service. Although high-level protocols in TCP/IP
use IP addresses to communicate, it is easier for people using the computers to
identify them by names, such as COM1 and COMSERVER. These names are known as
host names. DNS is the protocol used to obtain host name to IP address translation
information between computers on the network. Typically every network will have at
least one DNS server. Clients needing to know translations will contact the DNS
server using the DNS protocol to obtain the required information. On a local network,
the host name can just be a single word, for example COM1 or COMSERVER. On the
Internet the name will consist of a sequence of words separated by dots, for example
www.yahoo.com or www.bbc.co.uk. There is a one-to-one mapping between these
computer names and IP addresses: every IP address corresponds to a single computer
name and vice versa.

The DNS server will maintain a list of which IP address maps to which computer
name, so that it can translate between the two. For instance, if a user requests a
directory listing from the computer COM1 then the NOS must first find out the IP
address that corresponds to the name COM1, and then send a request for the directory

10
listing to that IP address. The process of translating a computer name into an IP
address is known as name resolution.

4.6.1 Naming hierarchies

Although there is a one-to-one correspondence between URLs and IP addresses on the

Internet, it is important to remember that the positions of the dots in each of them are
not significant. For example, if www.bbc.co.uk corresponds to the IP address
27.21.225.129, then it does not follow that 129 represents ‘.uk’, and 225 represents
‘.co’, and so on. The naming hierarchy is decided on by the local network
administrator, based normally upon the structure of the organisation it represents. For
example, Figure 5 shows a sample naming hierarchy for the ‘.et’ domain. If there
were a computer called fbe-server in the fbe subdivision of the domain, it would have
the name fbe-server.fbe.mekelle.edu.et. The number of different segments to a
computer name (in this example it is 5) is determined by the naming hierarchy. There
is no global standard. Each organisation can choose how to structure names in its
hierarchy.

Figure 5 – A sample naming hierarchy for the ‘.et’ domain

4.6.2 Distributed lookup

The Internet contains a number of DNS servers. None of these servers knows the
names and addresses of every computer on the Internet. DNS uses a system known as
distributed lookup to enable every DNS server to be able to translate any address.
This means that each DNS server is responsible for providing a translation service for
a certain subset of computers only. If it receives a request that it cannot answer, it will
forward the request to another DNS server that will know the answer. For example, in
Figure 5 the DNS server at mekelle.edu.et provides a translation service for the
‘.edu.et’ subdivision. If it receives a request for an address that it does not end in
‘edu.et’ it will forward it to the root DNS server for the ‘et’ domain.

11
4.7 SNMP

SNMP stands for the Simple Network Management Protocol. It was developed as a
network management tool for networks running TCP/IP. Using SNMP, network
administrators can administer servers and other network devices from remote
workstations.

4.8 SMTP

The Simple Mail Transfer Protocol (SMTP) was defined by RFC 821 and is the
standard protocol for transferring emails between hosts. The way in which emails are
transferred on computer networks will be discussed in more detail in Handout 7
(Network Operating Systems and Applications).

4.9 FTP

The file transport protocol (FTP) uses the TCP protocol as the underlying transport
protocol. The purpose of FTP is to safely and efficiently transport files over computer
networks.

4.10 Telnet

The TELNET protocol is used for providing remote terminal access over a network.
For example, using TELNET a user can log in to another computer somewhere else
on the network and take part in an interactive session on that computer. TELNET also
uses TCP as its underlying basis for communications.

4.11 TCP/IP Utilities

TCP/IP also provides a number of command-line utilities that can be useful when
troubleshooting networks. You can use any of these utilities at the DOS command
prompt in Windows.

4.11.1 Ping

To test if your network connection is complete between two computers, you can use
the Packet Internet Groper, better known as ping. The ping utility works by sending a
message to a remote computer. If the remote computer receives the message, it
responds with a reply message (see Figure 6). The reply consists of the remote
workstation's IP address, the number of bytes in the message, how long it took to
reply - given in milliseconds (ms) - and the time-to-live (TTL) in seconds. If you
receive back the message "Request timed out," this means that the remote workstation
did not respond before the TTL time expired. This might be the result of heavy
network traffic or it might indicate a physical disconnection in the path to the remote

12
workstation. An example of using the ping utility to check the connection to a
computer called AWASA is shown in Figure 7.

4.11.2 Tracert

Another utility that documents network performance is called tracert. While the ping
utility merely lets us know that the connection from A to B is complete, tracert
informs us of the route and number of hops the packet of data took to arrive at its
destination. An example of using the tracert utility to trace the route to a computer
called AWASA is shown in Figure 7.

Figure 6 – The ping utility

4.11.3 Ipconfig

Another useful software troubleshooting tool is ipconfig. This diagnostic command

displays all current TCP/IP network-configuration values. This command is useful on
systems running DHCP, allowing users to determine which TCP/IP configuration
values have been configured by DHCP.

An example of using the ipconfig utility is shown in Figure 7. The output lists the
current IP address of the computer, the subnet mask, and the default gateway. The
subnet mask indicates which class of network the computer is a part of. Because the
first three numbers in the subnet mask are 255 this means that the computer is on a
class C network (i.e. the first 24 bits of the IP address are fixed). If this computer
needs to send a packet of data to a computer outside of this subnet, it must first send it
to the default gateway. The default gateway is a computer or router on the subnet that
is responsible for forwarding packets to addresses outside the subnet.

4.11.4 Route

Every computer and network routing device stores a routing table in its RAM. A
routing table stores information about which routers to send network packets to. The
route command can be used to display and modify the routing table of a computer.

4.11.5 Nslookup

13
Nslookup is a utility that can be used to manually query the DNS database. It can be a
useful troubleshooting tool if the DNS server is not working correctly.

4.11.6 Netstat

The netstat command can be used to display the currently active TCP connections on
a computer.

Figure 7 – The ping, tracert and ipconfig utilities

14
Summary of Key Points

 TCP/IP is an industry-standard suite of protocols

 The four layers of TCP/IP are the network-interface layer, Internet layer,
transport layer, and application layer
 The IP protocol uses IP addresses to send data over a network. IP addresses
consist of four numbers between 0 and 255 separated by dots (e.g.
146.23.0.194).
 To simplify the task of managing the Internet, it is divided up into a number of
different subnets. Subnets are defined by dividing the IP address into a
network ID and a computer ID.
 In class A subnets, the network ID consists of the first 8 bits of the IP address
(the first number), allowing a total of 224 different computer IDs in the subnet
 In class B subnets, the network ID consists of the first 16 bits of the IP address
(the first two numbers), allowing a total of 216 different computer IDs
 In class C subnets, the network ID consists of the first 24 bits of the IP address
(the first three numbers), allowing a total of 28 different addresses
 If the computer ID of an IP address is all binary zeros, then this is the network
number, and cannot be used for a network host
 If the computer ID is all binary ones, then this represents a broadcast address,
and the address cannot be used for a network host
 The following IP addresses are specified as non-routable:
o 10.0.0.0 to 10.255.255.255
o 172.16.0.0 to 172.31.255.255
o 192.168.0.0 to 192.168.255.255
Internet routers will ignore packets addressed to non-routable addresses, so
these addresses can be used on local area networks without the danger of an
address conflict.
 Using classless inter-domain routing (CIDR), a variable number of bits can be
used to specify the network ID. The subnet mask specifies which bits in an IP
address are permitted to vary within a subnet
 The TCP/IP protocol UDP (User Datagram Protocol) provides connectionless
best effort delivery transmission.
 TCP (Transmission Control Protocol) provides connection-oriented
completely reliable delivery.
 The address resolution protocol (ARP) and the reverse address resolution
protocol (RARP) are responsible for translating between the 48-bit hardware
MAC address and IP addresses.
 ICMP (Internet Message Control Protocol) is used to transmit status and error
messages.
 Every computer on a network must have a unique address. If two computers
have the same address an address conflict occurs.
 There are two ways of assigning addresses to computers on a network: static
and dynamic addressing.
 In static IP addressing, IP addresses are assigned manually by the network
administrator. In dynamic IP addressing they are leased automatically by the
program running on the network server.
 The process of translating between computer names and IP addresses is called
name resolution.

15
 DHCP (Dynamic Host Configuration Protocol) is the protocol used in
assigning dynamic IP addresses.
 DNS (Domain Name Service) is the protocol used in translating between host
names and IP addresses.
 SNMP (Simple Network Management Protocol) can be used by network
administrators to remotely administer network devices.
 SMTP (Simple Mail Transfer Protocol) is used for transferring email
messages.
 FTP (File Transfer Protocol) is used for simple file transfers.
 Telnet is used for running remote sessions over a network.
 Ping, tracert, ipconfig, route, nslookup and netstat are useful TCP/IP
troubleshooting tools

16
Exercise 1 - Answers

i. Because the first number in the IP address is between 192 and 223 we know
that this is a class C network. Therefore the first 24 bits specify the network ID
(223.1.0), and the final 8 bits represent the computer ID (129).
ii. Because the first number in the IP address is between 0 and 127 we know that
this is a class A network. Therefore the first 8 bits specify the network ID (2),
and the next 24 bits represent the computer ID (255.15.254).
iii. Because the first number in the IP address is between 128 and 191 we know
that this is a class B network. Therefore the first 16 bits specify the network ID
(131.192), and the final 16 bits represent the computer ID (161.1).

Exercise 2 - Answers

i. This address is invalid as the third number is 256 – the highest possible value
is 255.
ii. Valid address.
iii. This address is invalid as the first number is above 223, so it is reserved and
cannot be assigned to computers.
iv. Valid address.
v. This is not a valid address as the last number is 255, which represents the
directed broadcast address, and cannot be assigned to computers.
vi. This is not a valid address as it represents the limited broadcast address – it
will broadcast to all computers on the subnet.
vii. This is not a valid address as it represents the loopback address and cannot be
assigned to computers. This is used for troubleshooting purposes, and will
send a message to the local computer.
viii. Valid address.
ix. Not a valid address as this is a non-routable address – it will be ignored by
Internet routers so the computer will never receive any packets.

Exercise 3 – Answers

First we should note that the subnet mask indicates that the first 26 bits represent the
network ID, and the last 6 bits the computer ID. Now we write the network ID in
binary form: 21.100.19.0 corresponds to
00010101.01100100.00010011.00000000
(network ID is normal text, computer ID in italics). Therefore, so long as the first 26
bits of an IP address are the same as indicated above, it will be on the subnet. If any
are different it will not be. Therefore the range of IP addresses for this subnet are
21.100.19.0 to 21.100.19.63.
i. This is on the same subnet as it is in the range specified above.
ii. This is not on the same subnet as it is not in the range specified. You can
check this by writing the address in binary form – you will find that one of the
first 26 bits is different.
iii. Again, this is not on the same subnet because it is not in the range specified. In
this case the 25th bit is different to the network number of the subnet.
iv. This is on the same subnet as it is in the range specified.

17
Exercise 4 - Answers

i. Computers A, B, D and E are on a class A network, as the first number in the

IP address is between 0 and 127. Computer C is on a class B network as the
first number is between 128 and 191.
ii. Computer E would recognize that the target IP address (147.103.73.73) is
on a different subnet to itself, so it would send the packet to the default
gateway (109.128.0.1).
iii. Computer B has an incorrect default gateway address, so it would not be able
to communicate with any computer outside its own subnet.
Computer D has no default gateway defined, so again communications would
be limited to its own subnet
The router ports F and I have the same IP address. This will cause problems if
any network station tries to access the address 147.103.0.1.

18