The combination of IP and netmask defines a subnet, a group of hosts that can be reached directly. This document is a quick and dirty crash course in networking basics. To understand what's going on, you'll need to know how to read numbers in binary, the following sections should help with that - Section 1: BINARY ==== 1.1 binary to decimal ==== The only trick is knowing the meaning of each column -- the right most column is "1" and each column to the left multipled by 2. Normally binary numbers are shown as 8 bits, but you can extend the pattern to any length. The example here shows the meanings for only 8 bits. All you need to do is add up the meaning of the columns that have a binary "1" in them. ex: convert 00001011 to decimal meaning: 128 64 32 16 8 4 2 1 binary: 0 0 0 0 1 0 1 1 ----------------------------- value: 11 (8 +2 +1) ==== 1.2 decimal to binary ==== This is pretty much the same as above. The trick here is to write down powers of 2 until you get to a value higher than what you're converting, then start at the left column and work your way to the right. (Always write down atleast 8 bits or columns) ex: convert 123 to binary meaning: 128 64 32 16 8 4 2 1 binary: 0 _ _ _ _ _ _ _ (123 < 128 .. put "0" in the 128 column) binary: 0 1 _ _ _ _ _ _ (123 > 64, put a "1", subtract 64 = 59) binary: 0 1 1 _ _ _ _ _ ( 59 > 32, "1" .. subtract 32 = 27) binary: 0 1 1 1 _ _ _ _ ( 27 > 16, "1" .. subtract 16 = 11) binary: 0 1 1 1 1 _ _ _ ( 11 > 8, "1" .. subtract 8 = 3) binary: 0 1 1 1 1 0 _ _ ( 3 < 4, "0") binary: 0 1 1 1 1 0 1 _ ( 3 > 2, "1" .. subtract 2 = 1) binary: 0 1 1 1 1 0 1 1 ( 1 = 1, "1") Section 2: Logic Ok, with some practice you should hopefully have a minimal grasp on binary. Now we introduce some logic elements - ==== 2.1 AND ==== The "AND" operation - this returns 1 when both inputs are 1 0 AND 0 = 0 0 AND 1 = 0 1 AND 0 = 0 1 AND 1 = 1 ==== 2.2 OR ==== The "OR" operation - this will return 1 when either input is 1 0 OR 0 = 0 0 OR 1 = 1 1 OR 0 = 1 1 OR 1 = 1 ==== 2.3 NOT ==== The "NOT" operation - returns the opposite of the input NOT 0 = 1 NOT 1 = 0 Wow, that's a lot of information condensed into a few lines.. Let's try putting that information to use - Section 3: IPs and netmasks if we take the ip and netmask and do an AND: (hint, AND the columns) 11000000 10101000 00000001 00001011 = 192.168.1.11 (some ip address) 11111111 11111111 11111111 11110000 = 255.255.255.240 (netmask) AND: 11000000 10101000 00000001 00000000 = 192.168.1.0 (network address) This gives our network address, the lowest address in the subnet Now, flip the netmask: (hint, NOT the columns) 11111111 11111111 11111111 11110000 = 255.255.255.240 (netmask) NOT: 00000000 00000000 00000000 00001111 = 0.0.0.15 (NOT 255.255.255.240) then OR this with the network address: (hint, OR the columns) 11000000 10101000 00000001 00000000 = 192.168.1.0 (network address) 00000000 00000000 00000000 00001111 = 0.0.0.15 (NOT 255.255.255.240) OR: 11000000 10101000 00000001 00001111 = 192.168.1.15 (broadcast address) Now we have the highest address in the subnet, the broadcast address We now have the range of machines which can be reached directly on the current network. In this example - 192.168.1.11 - the ip address of the machine 255.255.255.240 - the netmask 192.168.1.0 - the network address (this be shown in the routing table) 192.168.1.1 - first usable IP address 192.168.1.14 - last usable IP address 192.168.1.15 - broadcast Which means that for that machine to reach anything outside that range, it needs a gateway. What the hell is a gateway? A gateway is nothing more than a machine or device which is connected to multiple networks, taking data from one network and sending it to another network. Section 4: Routing Let's take a look at an example routing table - Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.240 U 0 0 0 eth0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 Each line contains an IP, a netmask (genmask) and a gateway. Using the sections above you should be able to figure out what ip addresses each line refers to. The lines in the table will be shown in the exact same order that they're parsed. The first line of the table (192.168.1.0 ...) was automatically added by the kernel using the IP and netmask of eth0. It tells us what we already know - that 192.168.1.0-192.168.1.15 is reachable directly over eth0 without using a gateway (0.0.0.0) The second line (0.0.0.0 ...) is called the "default gateway", looking at the destination IP and the netmask you should be able to figure out why -- it's a wildcard which will match any address. This tells us that for any addresses not already matched by an earlier line, to send the packet to 192.168.1.1, the gateway address for this example network. If for example our client machine at 192.168.1.11 tries to ping google.com, it won't be able to directly reach google (72.14.207.99) because the address is outside of the subnet, so instead it sends the packet to the default gateway address, 192.168.1.1. That machine still doesn't know what to do with the packet, so it sends it to it's default gateway. The process continues until eventually the packet reaches it's destination. Looking at traceroute, you can see all the hops (translation - gateways) the packet went through to reach the destination - traceroute to 72.14.207.99 (72.14.207.99), 30 hops max, 38 byte packets 1 192.168.1.11 (192.168.1.11) 62.726 ms 1.021 ms 4.888 ms 2 * * * ... 16 66.249.94.73 (66.249.94.73) 98.873 ms 81.862 ms 105.168 ms 17 72.14.236.134 (72.14.236.134) 85.943 ms 75.986 ms 81.116 ms How does traceroute work, and why does #2 say "*" instead of giving a real ip address? Aren't you going to be sorry you asked - To avoid getting into an endless loop, all packets have a "ttl" (time to live). The ttl starts at a predefined value (typically 64 or 128) and is decreased each hop (again, hop means a gateway), when the ttl reaches 0, the packet is nolonger transmitted to the next hop and instead an icmp error message is sent back to the source (the client at 192.168.1.11) Traceroute purposely starts at a low ttl (1), knowing that this will generate an error message. When the error message shows up, traceroute shows the source of the error message as a hop, and the ttl is increased and the whole process starts over for displaying the next hop. If no reponse is recieved, traceroute will time out and display a "*" for that hop. Interesting trivia: You can determine if a port is being firewalled at the ISP or at the destination by playing with the ttl. Figure out how many hops it is to the destination (or in other words the ttl value you need to reach the destination) and then send a packet with a lower ttl to the suspected firewalled port. If you get a port rejection (port closed) error on the lower ttl you'll know that it was firewalled before actually reaching the destination host. You can figure out which host has firewalled the packet by continuing to lower the ttl until you don't get the port rejection -- this new ttl value tells you which hop firewalled the packet. Section 5: FAQ Q: What happens if I've misconfigured the gateway or the gateway doesn't respond? A: Your computer will constantly send out arp requests trying to get the mac address of the gateway; communication with networks beyond the default gateway will be impossible. Q: What happens if I setup a route to a remote host but there's no route from the remote host back? A: The remote host will recieve the packet but will be unable to send a response, making communication impossible. (The remote host will send the packet to it's default gateway and that pattern will continue until there's no more gateways or the ttl of the packet expires.)