Académique Documents
Professionnel Documents
Culture Documents
CT037-3-2
Advanced TCP/IP
Degree – Level 2
Solution
We replace each decimal number with its binary equivalent:
a. 01101111 00111000 00101101 01001110
b. 11011101 00100010 00000111 01010010
c. 11110001 00001000 00111000 00001100
d. 01001011 00101101 00100010 01001110
Solution
a. There are no leading zeroes in dotted-decimal notation (045).
b. We may not have more than four numbers in an IP address.
c. In dotted-decimal notation, each number is less than or equal
to 255; 301 is outside this range.
d. A mixture of binary notation and dotted-decimal notation is not
allowed.
CT037-3-2 Network Security Advanced TCP-IP
Example 4
Solution
In class A, only 1 bit defines the class. The remaining 31 bits are
available for the address. With 31 bits, we can have 231
or 2,147,483,648 addresses.
Solution
See the procedure in Figure 4.4.
a. The first bit is 0. This is a class A address.
b. The first 2 bits are 1; the third bit is 0. This is a class C address.
c. The first bit is 0; the second bit is 1. This is a class B address.
d. The first 4 bits are 1s. This is a class E address..
CT037-3-2 Network Security Advanced TCP-IP
Finding the class in decimal notation
Solution
a. The first byte is 227 (between 224 and 239); the class is D.
b. The first byte is 193 (between 192 and 223); the class is C.
c. The first byte is 14 (between 0 and 127); the class is A.
d. The first byte is 252 (between 240 and 255); the class is E.
e. The first byte is 134 (between 128 and 191); the class is B.
Given the network address 17.0.0.0, find the class, the block, and
the range of the addresses.
Solution
The class is A because the first byte is between 0 and 127. The
block has a netid of 17. The addresses range from 17.0.0.0 to
17.255.255.255.
Given the network address 132.21.0.0, find the class, the block,
and the range of the addresses.
Solution
The class is B because the first byte is between 128 and 191. The
block has a netid of 132.21. The addresses range from
132.21.0.0 to 132.21.255.255.
Given the network address 220.34.76.0, find the class, the block,
and the range of the addresses.
Solution
The class is C because the first byte is between 192 and
223. The block has a netid of 220.34.76. The addresses
range from 220.34.76.0 to 220.34.76.255.
Solution
The default mask is 255.0.0.0, which means that only the first
byte is preserved and the other 3 bytes are set to 0s. The network
address is 23.0.0.0.
Solution
The default mask is 255.255.0.0, which means that the first 2
bytes are preserved and the other 2 bytes are set to 0s. The
network address is 132.6.0.0.
Solution
The default mask is 255.255.255.0, which means that the first 3
bytes are preserved and the last byte is set to 0. The network
address is 201.180.56.0.
Class B subnetting
• Subnetting
– Select mask that most meets your needs
• Find usable IP addresses for host address and
broadcast: convert last masking octet to binary
• Determine block size from binary place value of
last masking digit
– Assign the mask to your network
Subnetting example
Solution
We apply the AND operation on the address and the subnet
mask.
Address ➡ 11001000 00101101 00100010 00111000
Subnet Mask ➡ 11111111 11111111 11110000 00000000
Subnetwork Address ➡ 11001000 00101101 00100000 00000000.
Solution
Only two are eligible (a and c). The address
205.16.37.32 is eligible because 32 is divisible by 16.
The address 17.17.33.80 is eligible because 80 is
divisible by 16.
CT037-3-2 Network Security Advanced TCP-IP
Example 2
Solution
In this case, we need to check two bytes because
1024 = 4 × 256. The right-most byte must be divisible
by 256. The second byte (from the right) must be
divisible by 4. Only one address is eligible (c).
Solution
Solution
The first address is 140.120.80.0/20.
Solution
The prefix length is 20. The number of addresses in the
block is 232−20 or 212 or 4096. Note that
this is a large block with 4096 addresses.
Solution
• TCP/IP is packet-based
– Packets are called datagrams
• Attackers may intercept packets and falsify
or manipulate information
– Can disable servers and make network
vulnerable
ICMP types
IPv6
IPv6
IPv4 IPv6
32 bits addresses 128 bits
4.2 billion addresses 340 undecillion addresses
No authentication Provides authentication of
endpoints
Encryption provided by Support for encryption in protocol
applications
Best effort transport Quality of service (QOS) features
provided in the protocol
• Autoconfiguration support
• Support for IPv6 over IPv4 (tunneling)
• Support for IPv4 over IPv6 (translating)
• Flexible embedded protocol support
• Support for authentication of endpoints
• Support for encryption
CT037-3-2 Network Security Advanced TCP-IP
IPv6 Addressing
Solution
Figure 7.7 shows the ARP request and reply packets.
Note that the ARP data field in this case is 28 bytes,
and that the individual addresses do not fit in the 4-byte
boundary. That is why we do not show the regular 4-
byte boundaries for these addresses. Also note that the
IP addresses are shown in hexadecimal. For
information on binary or hexadecimal notation see
Appendix B.