In what situations is the Internet protocol IP used?

IP Addressing

TCP/IP uses IP addresses to send messages to their proper destinations. Every TCP/IP host in the network requires a unique IP address on each of its NICs. IP addresses are assigned by the network administrator, either manually or through a dynamic addressing protocol such as Reverse Address Resolution Protocol (RARP), BOOTP, or DHCP. The current IP addressing scheme (IPv4) defines an IP address as a 32-bit binary number—for example:

11000111 00011010 10101100 01010011

To make it more convenient for us, the IP address is divided into four 8-bit octets (bytes):

11000111.00011010.10101100.01010011

These octets are then converted from binary to decimal numbers and written as follows (four decimal digits separated by periods):

199.26.172.83

When this number is entered into a computer, the machine automatically converts it to a 32-bit binary number, with no regard for the individual octets or the decimals.

An IP address has two portions, a network ID and a host ID. The network ID is shared amongst all the stations on a segment and must be unique across the entire network. The host ID identifies a specific device (host) within a segment and must be unique on a particular segment.

NOTE

The IP system in common use today is known as IPv4, for Internet Protocol version 4. A newer system, IPv6, or Internet Protocol version 6, has been developed and exists today in small deployments. IPv6 allows for more addresses by increasing the address size from 32 bits to 128 bits.

II.A.1. Internet Protocol (IP)

IP is a network level protocol that is responsible for transporting data in discrete chunks of bits known as packets from the source machine to the destination machine. IP is an unreliable protocol because it merely provides a best effort service and does not guarantee the delivery of packets. IP does not establish any logical connections between source and destination machines, and IP packets belonging to the same message can take different routes to reach a particular destination. IP packets are routed independently of each other and are known as datagrams. All intermediate systems such as routers and end systems such as servers and workstations that are connected to the Internet must implement IP for communication. Typically, an IP address is associated with every network interface of devices connected to the Internet. An IP packet has a header and a data portion. The IP header carries control information for routing packets through the Internet and is analogous to the address label on an envelope, whereas the data portion of an IP packet corresponds to the contents of the envelope.

The current version of the IP is still IPv4, although IPv6 has been proposed. In this article, any references to the IP would imply IPv4, unless stated otherwise. Most fields in the header of IPv4 packets have implications for security that include Source IP Address, Destination IP Address, Protocol, Fragment Offset, and Source Routing Option. Source IP Address and Destination IP Address represent the IP addresses of the source and destination, respectively. Protocol identifies the protocol whose data are stored in the data portion of the IP packets. Examples of protocols include Transmission Control Protocol, User Datagram Protocol, and Internet Control Message Protocol. Often, IP packets are fragmented to meet the maximum packet size requirements of intermediate networks on the route from source to destination. The various fragmented pieces of IP packets are then reassembled together at the destination host by using the information in the Fragment Offset field. This field indicates the relative position of the fragment data in the original IP packet. IP allows an option whereby the source can specify the route a packet should take to reach the destination. This route is stored under the Source Routing Option field.

In Brief: What Is IPv6?

IPv6 is the successor to version 4 of the Internet protocol addressing system that has supported the growth of the Internet to date. IPv4 is the addressing system that most of the current Internet uses, and a majority of internal enterprise networks also use a type of v4 known as private addressing, which was reserved within the IPv4 specification for this purpose. (There was an IPv5 for a short while, but it was a very specific sort of protocol within the family of multicast protocols and never got out of experimental stage; however, it did manage to occupy an increment in the generation of IP technologies and as a consequence, the lifeblood of the Internet [IP] skipped over to version 6).

IPv6 differs from IPv4 in a number of ways, such as enhanced security and mobility features, but the main benefit of IPv6 is virtually unlimited IP addresses to support the coming IoT. IPv6 comes with the capability of supporting many more addresses: IPv4 has a maximum of approximately 4.3 billion addresses. IPv6 supports 3.4×1038 or 340 trillion, trillion, trillion addresses.

IPsec Architectures

IPsec has three architectures: host-to-gateway, gateway-to-gateway, and host-to-host. Host-to-gateway mode (also called client mode) is used to connect one system that runs IPsec client software to an IPsec gateway. Gateway-to-gateway (also called point-to-point) connects two IPsec gateways, which form an IPsec connection that acts as a shared routable network connection, like a T1. Finally, host-to-host mode connects two systems (such as file servers) to each other via IPsec. Many modern operating systems, such as Windows 10 or Ubuntu Linux, can run IPsec natively, allowing them to form host-to-gateway or host-to-host connections.

Unnumbered

IPv6 can be enabled on an interface without assigning an explicit IPv6 address to the interface. An unnumbered interface uses the global IPv6 address of another interface as the source of the packets it sends. IPv6 is enabled on an unnumbered interface by using the ipv6 unnumbered command in interface configuration mode. The interface with the global address to be used as the source address is the interface identified in the command. The ipv6 unnumbered command works a lot like the ip unnumbered command in IPv4, just updated to support IPv6. The configuration to create an unnumbered interface is

company(config)# interface serial0/0

company(config-if)# ipv6 unnumbered Fastethernet0/0

This configuration enables IPv6 on the serial0/0 interface and identifies the Fastethernet0/0 interface's address as the one to be used as the source address for packets originating from the serial0/0 interface.

To disable IPv6 on the serial0/0 interface, execute the no ipv6 unnumbered command in interface configuration mode:

company(config-if)# no ipv6 unnumbered

IP

Internet Protocol (IP) is a connectionless protocol that manages addressing data from one point to another, and fragments large amounts of data into smaller, transmittable packets. The major components of Internet Protocol datagrams are:

IP Identification (IPID) Used to uniquely identify IP datagrams and for reassembly of fragmented packets.

Protocol Describes the higher-level protocol embedded within the datagram.

Time-to-live (TTL) Attempts to keep datagrams and packets from routing in circles. When TTL reaches 0, the datagram is dropped. The TTL allows traceroute to function, identifying each router in a network by sending out datagrams with successively increasing TTLs, and tracking when those TTLs are exceeded.

Source IP Address The IP address of the host where the datagram was created.

Destination IP Address The destination where the datagram should be sent.

Notes from the Underground …

18.2.4 Static vs. dynamic IP addresses

The IP address assigned to a device can be either static or dynamic. The difference is that once assigned, a static IP address doesn’t change. A dynamic IP address can be different each time a connection to the network is established. Dynamic IP addresses are typically assigned to devices on a LAN by a server known as the Dynamic Host Configuration Protocol (DHCP) server.

Dynamic assignments are used to conserve IP addresses, which are a finite resource. Dynamic IP addresses are typically assigned to users workstations. If your organization has a large number of users, it might not be possible to assign everyone their own static IP address. By dynamically assigning an IP address only to workstations that are connecting to the Internet, the number of unique IP addresses needed is minimized.

Your application server will almost certainly have a static IP address. This is to ensure that even if it’s rebooted its IP address will stay the same. If the IP address changed each time, the application server rebooted it would be extremely difficult for users to connect to it.

You can determine whether a Windows device’s IP address is static or dynamic by running the “ipconfig /all” command. If the line labeled “DHCP Enabled” has the value “Yes,” then the IP Address is dynamic. If the value is “No,” then the IP address is static. The screenshot in Figure 18.1 shows the “DHCP Enabled” line in the ipconfig output.

IV TCP/IP's Commercial Success Story

TCP/IP product vendors agree that the protocol's technical characteristics have little to do with its market success. When the problems of local area network (LAN) communications among dissimilar computers were becoming critical, there were fewer solutions than are available today. Further use of TCP/IP as the backbone protocols for the Internet meant that other WAN architectures such as xDSL, frame relay, ATM, etc., needed to carry TCP/IP as well. TCP/IP's acceptance at the commercial level is attributed to four significant events:

Microprocessor and memory technology advanced to the point where protocols such as TCP/IP could be implemented on nearly any type of product without crippling financial effects

DARPA funded the development and integration of TCP/IP into the UNIX operating system, ensuring that TCP/IP would be widely deployed

Proprietary protocols at a similar level in the architecture suffered from inter-working and compatibility problems across different vendors' equipment

The explosive growth of the Internet

LANs have other common elements with the Internet environment, including the need to support multiple-vendor environments. LANs are linked into internetwork environments, which is the very thing that IP was designed to do in the original APPANET. Further, TCP/IP's coding was developed with public funds—its specifications and many implementations being in the public domain. Thus licensing costs for vendors are not significant.

In many ways, TCP/IP is suffering from its own success. Currently, two critical issues face the TCP/IP industry and the resolution of these will be key to the future of TCP/IP:

The IP address space is being exhausted at a rate few would have considered possible only a few years ago

Routing tables on many routers are becoming excessively large with the result that more time is spent in route maintenance and conversely, less time forwarding packets

Recognizing these problems, the Internet Engineering Task Force (IETF) formed a group to make a recommendation on the direction of IP which includes:

Estimating the life expectancy of the IP address space of the current version of IP

Determining the features and functions that a new IP protocol must provide

Developing a migration plan for the new IP into the Internet. This activity also addressed interoperability issues and formal testing procedures

The result is IPv6 (IP version 6) which is a set of standards discussed in the following section.

IPsec Policy Agent

The IPsec Policy Agent is a service that resides on each computer running the Windows Server 2003 operating system. It is shown in the Service console as IPsec services. The IPsec Policy Agent begins when the system is started.

For all domain member computers, the IPsec policy will be retrieved by the IPsec Policy Agent when the machine boots up or at the default Winlogon polling interval, unless an IPsec policy is in place that has the interval already set. Active Directory can be manually polled by typing the command gpupdate/target:computer at the command prompt.

If the IPsec Policy Agent is unable to find or connect to the Active Directory domain, it will wait for the policy to be activated or assigned. This is also true if there are no IPsec policies in Active Directory or the Registry.

In what situations is the internet protocol IP used quizlet?

Why IP protocol is used?

What is an example of a protocol used on the internet?