计算机网络课件：TCP IP

1TCP/IP2OutlineInternetAddressTCP/IPProtocols3InternetAddressApplicationLayerDNSTransportLayerPortInternetLayerIPNetworkAccessLayerMAC4MACAdressInalocalareanetworkorothernetwork,theMAC(MediaAccessControl)addressisyourcomputer'suniquehardwarenumber.Whenyou'reconnectedtotheInternetfromyourcomputer,acorrespondencetablerelatesyourIPaddresstoyourcomputer'sphysical(MAC)addressontheLAN.5MACAddressMACaddressis6bytesor2bytesThefirstthreebytesisallocatedbyIEEEOthersisallocatedbymanufactoryMacusehexadecimalnotationtowrite00:01:02:03:04:0500:a0:24:71:e4:44厂商CISCO3ComHPSunIBMIntel厂商代号00000C02608C08000908002008005A00AA006MACAddressFindingMACAddressonPCRunningWindowsNT,2000,orXPMakesurethatthenetworkcableispluggedintotheethernetportonthewallandthebackofthePC.Click"Start"onthetaskbarandselect"Run".Inthe"Open"dialogbox,typethefollowing(withoutquotes)andclick"OK"(orjustpressenter):"cmd"ThiswilllaunchanMS-DOSwindow.Attheprompt(C:\>),typethefollowing(withoutquotes)andpress"Enter":"ipconfig/all"Youshouldnowseescreenoutputsimilartothefollowing:TheMACaddresscanalsobereferredtoasHW(hardware),LAN(localareanetwork),ethernet,adapter,orphysicaladdress.Noticethehighlightedportioncalledphysicaladdress.TheMACaddressforthenetworkcardinthiscomputeris:00:01:03:25:12:11.TheMACaddresstypicallybeginswithtwozeros.78IPaddressEveryhostontheInternethasanIPaddressIPaddressisdividedintotwoparts:NetworkHostAllIPaddressare32bitslongIPaddressesaredividedintofivecategories239IPAddressesIPaddressformats.10IPaddressThenumberofeachclass

categoriesNetworknumberhostsnumber

A27224B214216C2212811IPaddressSomeinter-networkaddressA类：~55B类：~55C类：~12IPAddresses(2)SpecialIPaddresses.13IPAddresssubnetAsubnetallowstheflowofnetworktrafficbetweenhoststobesegregatedbasedonanetworkconfiguration.Byorganizinghostsintologicalgroups,subnettingcanimprovenetworksecurityandperformance.14IPAddresssubnetAnIPaddresshastwocomponents,thenetworkaddressandthehostaddress.IP=network+HostSublettingenablesthenetworkadministratortofurtherdividethehostpartoftheaddressintotwoormoresubnets.Inthiscase,apartofthehostaddressisreservedtoidentifytheparticularsubnet.IP=network+subnet+host15IPAddresssubnetForexample,considertheIPaddress150.215.017.009.AssumingthisispartofaClassBnetwork,thefirsttwonumbers(150.215)representtheClassBnetworkaddress,andthesecondtwonumbers(017.009)identifyaparticularhostonthisnetwork.16IPAddresssubnetExampleasbefore:10010110.11010111.00010001.00001001TheClassBnetworkpartis:10010110.11010111andthehostaddressis00010001.0000100117IPAddresssubnetIfthisnetworkisdividedinto14subnets,however,thenthefirst4bitsofthehostaddress(0001)arereservedforidentifyingthesubnet18IPAddresssubnetmaskAmaskusedtodeterminewhatsubnetanIPaddressbelongstoThesubnetmaskisthenetworkaddressplusthebitsreservedforidentifyingthesub-network.19IPAddresssubnetmaskWithoutsubnettingAllnetworkbitssetto1Allhostbitssetto0CategoriesBinarysubnetmaskAlgorismA1111111100000000

0000

0000

0000

0000B11111111

1111

111100000000

0000

0000C11111111

1111

1111

1111

11110000000020IPAddresssubnetmaskWithsubnettingNetworkbitssetto1subnetbitssetto1Hostbitssetto0CategoriesBinarysubnetmaskAlgorismA11111111

111100000000

0000

0000

0000B11111111

1111

1111

111100000000

000021IPAddresssubnetmaskThepurposeofsubnetmaskQuicklyconfirmadatagrambelongtolocalareaorremoteIfitbelongstolocalarea,notSendtoarouterOtherwise,sendthedatagramtoaroutertoremotearea22IPAddresssubnetmaskThewaytoidentifyTCP/IPprocess:SourceIPaddress&subnetmaskDestinationIPaddress&subnetmaskComparethetworesultsIftheresultsaresame,thentheybelongstothesamenetwork,sothedatagramwillnotbesenttoarouterOtherwisethedatagramwillbesenttoarouter23IPAddresssubnetmaskExampleAdatagramwillbesentfrom01to2，required4bitssubnet,trytoestimatethesource&destinationbelongstothesamenetwork?24IPAddresssubnetmaskHostOctetBinarysource0110000000011111110111111001100101destination210000000011111110000001000100000octetBinary11111111

1111

1111

111100000000

000025IPAddresssubnetmaskSource10000000011111110111111001100101Subnetmask11111111

1111

1111

111100000000

0000&result1000000001111111011100000000

000026IPAddresssubnetmaskDestination10000000011101010000001000100000Subnetmask11111111

1111

1111

111100000000

0000destination&result100000000111010100000000

0000

0000Source&result1000000001111111011100000000

0000Comparethetworesults,getThedatagramwillbesenttoarouterconnecttoremotearea27IPAddress-Exampleofsubnetting28PortAportrepresentsanendpointor"channel"fornetworkcommunications.Portnumbersallowdifferentapplicationsonthesamecomputertoutilizenetworkresourceswithoutinterferingwitheachother.29Port0-1023forsystem>1023forcustomerSocket=IP+port30DNS-WhyDNS?ComputerslikenumbersEachcomputerontheInternetisidentifiedbyitsIPaddresse.g.7PeoplelikenamesEachcomputerontheInternethasaname.e.g.hadawatha.cmb.ac.lk

31TheFunctionoftheDNSTheDNStranslatesbetweenNamesandIPaddressesabc.lk =>26Namesandotherinformationfoolish.lk=>thesocietyoffoolishpeopleIPaddressesandnames5=>32ThestructureofDNS33HowdoestheDNSwork?NameServersClientsApplicationsoftwareNameresolversClientslookupnamesfromthenearestserverServersrecursivelylookupnames34NameResolutionLocalnameserverCacheDBRemotenameserverCacheDBThishostCacheClientrequestfeedbackrequestFeedback/addFeedback/addFeedback/addFeedback/addFeedback/addrequestrequestrequestrequest35WhatiftheDNSdoesn’twork?Internetwillstill“work”Cannotsend/receivee-mailCannotuseURLsorhyperlinksInternetbecomesuselessMakesureyournameserversarealwaysupandreachable36TypesofnameserversPrimaryserverscontainthedatabaseforeachdomainupdatesaredoneatprimaryserverSecondaryserverscontainacopyoftheprimaryserver’sdataupdatedperiodicallyfromprimaryservereachdomainshouldhaveatleastonesec.atleastonesecondaryshouldbeoutsideSriLanka37Typesofnameservers(cont...)CachingserverskeeprecentlyaccesseddomainsforspeedRootnameservers13serversdistributedroundtheworldcontaininfoonthetop-leveldomains38DomainnamesConsistofasetofnames,separatedbydotse.g.,cse.mrt.ac.lk,Top-leveldomainontherightHostnameontheleftWebserversareoftennamedbeginningwithwww39TCP/IPProtocolApplicationSMTP,Telnet,HTTP,SNMP,NFS,,TransportTCPUDPInternetICMPIPARP/RARPRouterProtocolNetworkAccessSLIP/PPP40NetworkAccessSerialLineInternetProtocol(SLIP)notrecommendedPoint-to-PointProtocol(PPP)basedonHDLCsyncandasyncvariants41SLIP/PPPAwaytoconnectpersonalcomputerstotheInternetCommunicationsprotocolSoftwareSupportforTCP/IP(TransmissionControlProtocol/InternetProtocol)Accesstographicsandotherfileformats42SLIP/PPPSLIPandPPPareprotocols,orsetsofrules,thatsupportTCP/IPoverserialcablessuchastelephonelines.Therefore,SLIPandPPParetwowaystoconnecttotheInternet.SLIPstandsforSerialLineInternetProtocolandPPPstandsforPoint-to-PointProtocol.SLIPistheearliertechnology;PPPisnewerandhasmorecapabilities.However,theyaresimilarinhowtheywork,andthetwoprotocolsareoftenreferredtotogether-SLIP/PPP-wherethe"/"impliesan"or".43SLIP/PPPSLIP/PPPallowsauserwithapersonalcomputer,suchaMacintoshoraPC,andamodemtoconnecttotheInternet,withouthavingtofirstlogontoaremotemachine.ThiscapabilityenablestheusertomakeuseofInternetapplicationsandtoolssuchastelnet,filetransfer(ftp),electronicmail,andgraphicalwebbrowsersdirectlyonhisorherpersonalcomputer44SLIP/PPPAcomputerwithaSLIPorPPPconnectionisabletosimulateadirectconnectiontotheInternet.Toaccomplishthis,theuserneeds:acomputerandmodemaSLIP/PPPaccountwithhisorherInternetServiceProviderbothSLIP/PPPsoftwareandTCP/IPsoftwareinstalledontheuser'scomputer.anIPaddress-thismaybepermanentlyassignedtotheuser'scomputerbytheproviderorassigned"onthefly"atthetimeoftheconnection.The"onthefly"methodallowsserviceproviderstosupportalargenumberofuserswithalimitedpoolofIPnumbers.45NetworkLayerInternetProtocol(IP)IPv4IPv6OneofthemainreasonsforthesuccessoftheInternetistheuseofasinglenetworklayerprotocolUbiquitousconnectivity46TransportLayerTCP(TransmissionControlProtocol)connection-oriented,bytestream,reliableUDP(UserDatagramProtocol)connectionless,datagram,notreliable47ApplicationLayerManyProtocolsSMTP,HTTP,RTSP,etc.48InternetLayerDatatransmission(IP)Dataresolution(ARP/RARP)InternetControl(ICMP)Routing(allkindsofrouteprotocol)49ARPAllsystemsconnectedtotheInternethaveauniqueIPaddressSystemsknow(orcanfindout)theirIPaddressSystemsknowtheIPaddressofthedestinationSystemsknowtheirownMACaddressThereisnoobviouswayofdeterminingthedestinationMACaddressTheaddressresolutionprotocol(arp)isaprotocoltomapIPnetworkaddressestothehardwareaddresses50ARPAnetworkadministratorcreatesatableinalocalareanetwork'sgatewayrouterthatInternetProtocoladdresses(IPaddress)mapsthetocorrespondingphysicalmachine(orMediaAccessControl-MACaddress)addresses.51ARP52ARPThearprequestmessage("whoisX.X.X.XtellY.Y.Y.Y",whereX.X.X.XandY.Y.Y.YareIPaddresses)issentusingtheEthernetbroadcastaddress,andanEthernetprotocoltypeofvalue0x806.Thisisensuresthatisthetargetofthequeryisconnectedtothenetwork,itwillreceiveacopyofthequery.Onlythissystemresponds.Theothersystemsdiscardthepacketsilently.53ARPThetargetsystemformsanarpresponse("X.X.X.Xishh:hh:hh:hh:hh:hh",wherehh:hh:hh:hh:hh:hhistheEthernetsourceaddressofthecomputerwiththeIPaddressofX.X.X.X).Thispacketisunicasttotheaddressofthecomputersendingthequery(inthiscaseY.Y.Y.Y).Sincetheoriginalrequestalsoincludedthehardwareaddressoftherequestingcomputer,thisisalreadyknown,anddoesn'trequireanotherarpmessagetofindthisout.54ARP55ARPHardwaretype-Specifiesahardwareinterfacetypeforwhichthesenderrequiresaresponse.Protocoltype-Specifiesthetypeofhigh-levelprotocoladdressthesenderhassupplied.Hlen-Hardwareaddresslength.Plen-Protocoladdresslength.Operation-Thevaluesareasfollows:ARPrequest.ARPresponse.RARPrequest.RARPresponse.DynamicRARPrequest.DynamicRARPreply.DynamicRARPerror.InARPrequest.InARPreply.Senderhardwareaddress-HLenbytesinlength.Senderprotocoladdress-PLenbytesinlength.Targethardwareaddress-HLenbytesinlength.Targetprotocoladdress-PLenbytesinlength.56RARPReverseAddressResolutionProtocol,aTCP/IPprotocolthatpermitsaphysicaladdress,suchasanEthernetaddress,tobetranslatedintoanIPaddress.Anetworkadministratorcreatesatableinalocalareanetwork'sgatewayrouterthatmapsthephysicalmachine(orMediaAccessControl-MACaddress)addressestocorrespondingInternetProtocoladdresses(IPaddress).57RARPWhenanewmachineissetup,itsRARPclientprogramrequestsfromtheRARPserverontheroutertobesentitsIPaddress.Assumingthatanentryhasbeensetupintheroutertable,theRARPserverwillreturntheIPaddresstothemachinewhichcanstoreitforfutureuse.58IPAddress-NATTheClassAnetworkaddressrangeto55(/8)isdesignatedforprivateuseonly.ThisaddressrangecannotbeusedontheInternetaseveryISPwillautomaticallydroptheaddress.ThisaddressisbecomingverypopularasitsuseinconjunctionwithNetworkAddressTranslation(NAT)hasmeantthatlargecorporationscanmakeuseoftheClassAaddressspaceavailablewithinfortheirownprivateuseinternallyandjustuseNATforthoserelativelyfewaddressesthatdoneedtooperateontheInternet.ThisisonereasonwhytheimmediateneedforIPversion6hasbeendiminished.59IPAddress-NATThereisalsotheprivateaddressrangeto55(/12)whichistheCIDRblockof16xClassBaddresses,,,.60IPAddress-NAT

Thenetworkaddressrangeto55(/16)isalsoforprivateuseandisaCIDRblockof256xClassCaddresses,,,.61IPAddress-NATHowNATWorksWhenaclientontheinternalnetworkcontactsamachineontheInternet,itsendsoutIPpacketsdestinedforthatmachine.Thesepacketscontainalltheaddressinginformationnecessarytogetthemtotheirdestination.NATisconcernedwiththesepiecesofinformation:SourceIPaddress(forexample,5)SourceTCPorUDPport(forexample,2132)62IPAddress-NATWhenthepacketspassthroughtheNATgatewaytheywillbemodifiedsothattheyappeartobecomingfromtheNATgatewayitself.TheNATgatewaywillrecordthechangesitmakesinitsstatetablesothatitcana)reversethechangesonreturnpacketsandb)ensurethatreturnpacketsarepassedthroughthefirewallandarenotblocked.63IPAddress-NATForexample,thefollowingchangesmightbemade:SourceIP:replacedwiththeexternaladdressofthegateway(forexample,)Sourceport:replacedwitharandomlychosen,unusedportonthegateway(forexample,53136)64IPAddress-NATNeithertheinternalmachinenortheInternethostisawareofthesetranslationsteps.Totheinternalmachine,theNATsystemissimplyanInternetgateway.TotheInternethost,thepacketsappeartocomedirectlyfromtheNATsystem;itiscompletelyunawarethattheinternalworkstationevenexists.65IPAddress-NATNATmethodsStaticNATDynamicNATPortNAT66IPAddress-NATStaticNAT:privateaddresspublicaddressonetooneDynamicNATprivateaddress=>chooseonefrompublicaddressPortNATPrivateaddress->publicIPport67DHCPTheDynamicHostConfigurationProtocol(DHCP)isasetofrulesusedbyacommunicationsdevice(suchasacomputer,routerornetworkingadapter)toallowthedevicetorequestandobtainanInternetaddressfromaserverwhichhasalistofaddressesavailableforassignment.68DHCPDHCPisaprotocolusedbynetworkedcomputers(clients)toobtainuniqueIPaddresses,andotherparameterssuchasdefaultrouter,subnetmask,andIPaddressesforDNSserversfromaDHCPserver.Thisprotocolisusedwhencomputersareaddedtoanetworkbecausethesesettingsarenecessaryforthehosttoparticipateinthenetwork.Thissettingisperiodicallyrefreshedwithtypicalintervalsrangingfromonehourtoseveralmonths,andcan,ifdesired,besettoinfinite(neverexpire).Thelengthoftimetheaddressisavailabletothedeviceitwasassignedtoiscalledalease,andisdeterminedbytheserver.69DHCPDHCPconsistsoftwocomponents:Aprotocolthatdelivershost-specificconfigurationparametersfromaDHCPservertoahostAmechanismfortheallocationoftemporaryorpermanentnetworkaddressestohosts70DHCPTheDHCPserverensuresthatallIPaddressesareunique,thatis,noIPaddressisassignedtoasecondclientwhilethefirstclient'sassignmentisvalid.ThusIPaddresspoolmanagementisdonebytheserverandnotbyahumannetworkadministrator.71DHCPDHCPsupportsthreemechanismsforIPaddressallocation:Automaticallocation:DHCPassignsapermanentIPaddresstothehost.Dynamicallocation:DHCPassignsanIPaddressforalimitedperiodoftime.Suchanetworkaddressiscalledalease.Thisistheonlymechanismthatallowsautomaticreuseofaddressesthatarenolongerneededbythehosttowhichitwasassigned.Manualallocation:Thehost'saddressisassignedbyanetworkadministrator.72DHCP工作过程:第一次登陆:用户发出DHCPDISCOVERY数据报,其中源地址全0.目的地址:55。若第一次无反馈，等待1秒，重新广播，共5次，延时可加长。提供IP地址：DHCP服务器收到数据包后，从未分配的IP地址中选取一个，分配给该主机接受地址：若主机收到多台机器的IP地址，选取最先到达的地址，同时发确认信号服务器收到主机确认信号后，给出回应，IP分配正式生效73DHCP74IPTheIP(InternetProtocol)isaprotocolwhichusesdatagramstocommunicateoverapacket-switched

network.TheIPprotocoloperatesatthenetworklayerprotocoloftheOSIreferencemodelandisapartofasuiteofprotocolsknownasTCP/IP.75TheIPProtocol(page433)TheIPv4(InternetProtocol)header.76FieldsoftheIPHeaderVersion(4bits):currentversionis4,nextversionwillbe6.Headerlength(4bits):lengthofIPheader,inmultiplesof4bytesDS/ECNfield(1byte)ThisfieldwaspreviouslycalledasType-of-Service(TOS)field.Theroleofthisfieldhasbeenre-defined,butis“backwardscompatible”toTOSinterpretationDifferentiatedService(DS)(6bits):

Usedtospecifyservicelevel(currentlynotsupportedintheInternet)ExplicitCongestionNotification(ECN)(2bits):NewfeedbackmechanismusedbyTCP77FieldsoftheIPHeaderIdentification(16bits):Uniqueidentificationofadatagramfromahost.IncrementedwheneveradatagramistransmittedFlags(3bits):Firstbitalwayssetto0DFbit(Donotfragment)MFbit(Morefragments)WillbeexplainedlaterFragmentation78FieldsoftheIPHeaderTimeToLive(TTL)(1byte):

Specifieslongestpathsbeforedatagram isdroppedRoleofTTLfield:EnsurethatpacketiseventuallydroppedwhenaroutingloopoccursUsedasfollows:Sendersetsthevalue(e.g.,64)Eachrouterdecrementsthevalueby1Whenthevaluereaches0,thedatagramisdropped79FieldsoftheIPHeaderProtocol(1byte):

Specifiesthehigher-layerprotocol.Usedfordemultiplexingtohigherlayers.Headerchecksum(2bytes):Asimple16-bitlongchecksumwhichiscomputedfortheheaderofthedatagram.80FieldsoftheIPHeaderOptions:

SecurityrestrictionsRecordRoute:eachrouterthatprocessesthepacketaddsitsIPaddresstotheheader.

Timestamp:eachrouterthatprocessesthepacketaddsitsIPaddressandtimetotheheader.

(loose)SourceRouting:specifiesalistofroutersthatmustbetraversed.(strict)SourceRouting:specifiesalistoftheonlyroutersthatcanbetraversed.Padding:Paddingbytesareaddedtoensurethatheaderendsona4-byteboundary81MaximumTransmissionUnitMaximumsizeofIPdatagramis65535,butthedatalinklayerprotocolgenerallyimposesalimitthatismuchsmallerExample:Ethernetframeshaveamaximumpayloadof1500bytes

IPdatagramsencapsulatedinEthernetframecannotbelongerthan1500bytesThelimitonthemaximumIPdatagramsize,imposedbythedatalinkprotocoliscalledmaximumtransmissionunit(MTU)82IP-MTUMTUsforvariousdatalinkprotocols: Ethernet: 1500FDDI: 4352802.3: 1492ATMAAL5:9180802.5: 4464 PPP: negotiated83IPFragmentationMTUs:

FDDI:4352

Ethernet:1500

Fragmentation:IProutersplitsthedatagramintoseveraldatagramFragmentsarereassembledatreceiverWhatifthesizeofanIPdatagramexceedstheMTU? IPdatagramisfragmentedintosmallerunits.WhatiftheroutecontainsnetworkswithdifferentMTUs?84WhereisFragmentationdone?FragmentationcanbedoneatthesenderoratintermediateroutersThesamedatagramcanbefragmentedseveraltimes.Reassemblyoforiginaldatagramisonlydoneatdestinationhosts!!85What’sinvolvedinFragmentation?ThefollowingfieldsintheIPheaderareinvolved:Identification Whenadatagramisfragmented,the identificationisthesameinallfragmentsFlags

DFbitisset: Datagramcannotbefragmentedandmust bediscardedifMTUistoosmall MFbitset: Thisdatagramispartofafragmentandan additionalfragmentfollowsthisone86What’sinvolvedinFragmentation?ThefollowingfieldsintheIPheaderareinvolved:Fragmentoffset

Offsetofthepayloadofthecurrent fragmentintheoriginaldatagramTotallength Totallengthofthecurrentfragment87IPfragmentsID=12345M=0OS=0Tl=1500ID=12345M=1OS=0TL=5121500512256ID=12345M=1OS=64TL=51288IPreassemblyID=12345M=1OS=32Tl=256ID=12345M=1OS=0Tl=256ID=12345M=1OS=96Tl=256ID=12345M=1OS=64Tl=256ID=12345M=0OS=160Tl=220ID=12345M=1OS=128Tl=25612345689IP数据报转发四个网络和三个路由器组成的一个Internet

每个路由器接口分配一个IP地址90IP数据报转发中间那个路由器的路由表

表中每一项列出一个目的地、一个掩码和到达目的地的下一跳

91CIDRCIDRisanewaddressingschemefortheInternetwhichallowsformoreefficientallocationofIPaddressesthantheoldClassA,B,andCaddressscheme.92ProblemswithClassfulIPAddressesBytheearly1990s,theoriginalclassfuladdressschemehadanumberofproblemsFlataddressspace.RoutingtablesonthebackboneInternetneedtohaveanentryforeachnetworkaddress.WhenClassCnetworkswerewidelyused,thiscreatedaproblem.Bythe1993,thesizeoftheroutingtablesstartedtooutgrowthecapacityofrouters.Otherproblems:Toofewnetworkaddressesforlargenetworks

ClassAandClassBaddressesweregoneLimitedflexibilityfornetworkaddresses:ClassAandBaddressesareoverkill(>64,000addresses)ClassCaddressisinsufficient(requires40ClassCaddresses)93AllocationofClassfulAddresses94CIDR-ClasslessInterdomainRoutingIPbackboneroutershaveoneroutingtableentryforeachnetworkaddress:Withsubnetting,abackbonerouteronlyneedstoknowoneentryforeachClassA,B,orCnetworksThisisacceptableforClassAandClassBnetworks27=128ClassAnetworks214=16,384ClassBnetworksButthisisnotacceptableforClassCnetworks221=2,097,152ClassCnetworksIn1993,thesizeoftheroutingtablesstartedtooutgrowthecapacityofroutersConsequence:TheClass-basedassignmentofIPaddresseshadtobeabandoned95CIDR-ClasslessInterdomainRoutingGoals:NewinterpretationoftheIPaddressspaceRestructureIPaddressassignmentstoincreaseefficiencyPermitsrouteaggregationtominimizeroutetableentriesCIDR(ClasslessInterdomainrouting)

abandonsthenotionofclassesKeyConcept:ThelengthofthenetworkprefixintheIPaddressesiskeptarbitraryConsequence:SizeofthenetworkprefixmustbeprovidedwithanIPaddress96CIDRNotationCIDRnotationofanIPaddress:

/18"18"istheprefixlength.Itstatesthatthefirst18bitsarethenetworkprefixoftheaddress(and14bitsareavailableforspecifichostaddresses)CIDRnotationcanreplacetheuseofsubnetmasks(butismoregeneral)IPaddress44andsubnetmaskbecomes44/24CIDRnotationallowstodroptralingzerosofnetworkaddresses:

/18canbewrittenas192.0.2/1897WhydopeoplestilltalkaboutCIDReliminatestheconceptofclassA,B,andCnetworksandreplacesitwithanetworkprefixExistingclassfulnetworkaddressesareconvertedtoCIDRaddresses:

/16Thechangehasnotaffectedmany(previouslyexisting)enterprisenetworksManynetworkadministrators(especiallyonuniversitycampuses)havenotnoticedthechange(andstilltalkabout (Note:CIDRwasintroducedwiththerole-outofBGPv4asinterdomainroutingprotocol.)98CIDRaddressblocksCIDRnotationcannicelyexpressblocksofaddressesBlocksareusedwhenallocatingIPaddressesforacompanyandforroutingtables(routeaggregation)CIDRBlockPrefix#ofHostAddresses/27 32/26 64/25 128/24 256/23 512/22 1,024/21 2,048/20 4,096/19 8,192/18 16,384/17 32,768/16 65,536/15 131,072/14 262,144/13 524,28899CIDRAgroupclassC:-，useCIDRtoaggregatetoonenetwork,thennetworkaddressandsubnetmask:A:/21B：/20C：/24D：5/24100（CIDR）OctetBinary192.168.00001000.0192.168.00001001.0192.168.00001010.0192.168.00001011.0192.168.00001100.0192.168.00001101.0192.168.00001110.0192.168.00001111.0101CIDRChooseA102CIDRCIDRroutingprocessPacketandwithsubnetmask,lookupformatchingitemIfgetsseveralmatchingitems,chooseonewithlongestmasklength103CIDRAroutergetstheitemsasfollows:(1)IfthedestinationIPaddressare0，and，howwilltherouterdo?(2)iftherouterusethesameoutputpathasrouter3to/21、/21、/21,howtoaddroutingitem?Cantheybeaggregatedasonerouting?104CIDRaddress/maskNexthop/22Interface1/22Interface22/23Router1/0Router2105无类域间路由选择（CIDR）CalculatetheIPaddressintable:===》10100001，00101000，00111100，00000000===》10100001，00101000，00111000，00000000===》11000000，00111010，00101000，00000000ThencalculatethearrivingIPaddressinpacket：0===》10100001，00101000，00111111，00001010106无类域间路由选择（CIDR）Andwith22bitsmask：11111111，11111111，11111100，00000000result：10100001，00101000，00111100，000000000TheresultisthesameasthefirstbaseIPaddress,sothepacketwillbesentthroughinterface1107无类域间路由选择（CIDR）ⅱ，===》10100001，00101000，00110100，00000010Andwith22bitsmask：11111111，11111111，11111100，00000000result：10100001，00101000，00110100，00000000,theresultisdifferentfromthefirsttwoitems,thencalculatewith23bitsmask:11111111，11111111，11111110，00000000result：10100001，00101000，00110100，00000000,isdifferentfromthethirditem,sogotodefaultrou