UNIX System Administration Handbook - Evi Nemeth [164]
Ethernet hardware addresses should be permanently assigned and immutable; unfortunately, some network interface cards let you specify the hardware address. Wireless cards are especially bad in this respect. Don’t assign values in the multicast address range (odd second digit) or use other special values. Solaris and Red Hat let you change the hardware address of any interface, but please don’t do that.
At the next level up from the hardware, Internet addressing (more commonly known as IP addressing) is used. One 4-byte IP address is assigned to each network interface. IP addresses are globally unique4
and hardware independent. We ramble on for pages about IP addresses in the next section.
The mapping between IP addresses and hardware addresses is implemented at the link layer of the TCP/IP model. On networks that support broadcasting (i.e., networks that allow packets to be addressed to “all hosts on this physical network”), a protocol called ARP allows mappings to be discovered automatically, without assistance from a system administrator.
See page 285 for more information about ARP.
Since IP addresses are long, seemingly random numbers, they are hard for people to remember. UNIX systems allow one or more hostnames to be associated with an IP address so that users can type telnet anchor instead of telnet 128.138.242.1.
This mapping can be set up in several ways, ranging from a static file (/etc/hosts) to the NIS and NIS+ database systems to DNS, the world-wide Domain Name System. Keep in mind that hostnames are just a shorthand way of writing IP addresses.
Ports
IP addresses identify machines, or more precisely, network interfaces on a machine. They are not specific enough to address particular processes or services. TCP and UDP extend IP addresses with a concept known as a “port.” A port is 16-bit number that supplements an IP address to specify a particular communication channel. Standard UNIX services such as email, FTP, and the remote login server all associate themselves with “well-known” ports defined in the file /etc/services. To help prevent impersonation of these services, UNIX systems restrict access to port numbers under 1,024 to root.
Address types
At both the IP layer and the link layer, there are several different types of addresses:
• Unicast – addresses that refer to a single host (network interface, really)
• Multicast – addresses that identify a group of hosts
• Broadcast – addresses that include all hosts on the local network
Multicast addressing facilitates applications such as video conferencing in which the same set of packets must be sent to all participants. The Internet Group Management Protocol (IGMP) constructs and manages sets of hosts that are treated as one multicast destination. Multicasting is still somewhat experimental. However, the voice-over-IP and video-on-demand markets may speed up its deployment somewhat.
Multicast link-layer addresses have the low-order bit of their high-order byte (the first byte on the wire) set to 1; that is, any address with an odd first byte is a multicast address. These multicast addresses are used by various pieces of hardware for discovery protocols or for spanning tree algorithms. Lots of old crufty protocols also have reserved addresses in this range. The value assigned for IP multicast on the Internet is 01:00:5E.
The link-layer broadcast address is all 1s in binary or ff:ff:ff:ff:ff:ff in hexadecimal.
At the IP layer, multicast addresses begin with a byte in the range 224 to 239. Broadcast addresses have a host part that is all 1s.
13.4 IP ADDRESSES: THE GORY DETAILS
An IP address, also called an Internet address, is four bytes long and is divided into a network part and a host part. The network part identifies a logical network to which the address refers, and the host part identifies a machine on that network.
By convention, IP addresses are written as decimal numbers, one for each byte,