by Corey Nachreiner, CISSP, Director of Security Strategy and Research
Anyone who's used a networked computer probably has a functional understanding of Internet Protocol addresses (referred to as IP for short). An IP is a numeric identifier that represents a computer or device on a network. Your computer's IP is like your home's mailing address.
End-users really don't need to know much more about IPs than that. However, a mailman has to know more about a mailing address than the person sending a letter does. For similar reasons, a network administrator, or anyone configuring WatchGuard’s XTM and Firebox appliances needs to know the technical details behind IP addresses in order to recognize wider possibilities in managing a network.
The Security Fundamentals article, "Internet Protocol for Beginners," describes what IP addresses are, non-technically. In contrast, this article concentrates on describing the mathematics behind an IP address, down to the last binary detail. If you're already familiar with the technical details behind IP addresses, feel free to skip this article. However, if you're curious about how computers see IPs, or if you need a quick brush-up on binary math, read on.
You know that an IP address is numbers that represent a device on a network, as a mailing address represents your home's location. But in order to actually assign and use IP addresses, you must understand the format of these "numerical identifiers" and the rules that pertain to them.
Let's first concentrate on how humans read and write IP addresses. To us, an IP address appears as four decimal numbers separated by periods. For example, you might use 204.132.40.155 as an IP for some device in your network. You probably noticed that the four numbers making up an IP are always between 0 to 255. Have you ever wondered why?
You may also have heard people referring to the four numerical values in an IP address as "octets". Octet is, in fact, the correct term for describing the four individual numbers that make up an IP address. But doesn't it seem odd that a word whose root means "eight" describes a number from 0 to 255? What does "eight" have to do with those values? To understand the answers to these questions, you have to look at an IP address from your computer's viewpoint.
Computers see everything in terms of binary. In binary systems, everything is described using two values or states: on or off, true or false, yes or no, 1 or 0. A light switch could be regarded as a binary system, since it is always either on or off.
As complex as they may seem, on a conceptual level computers are nothing more than boxes full of millions of "light switches." Each of the switches in a computer is called a bit, short for binary digit. A computer can turn each bit either on or off. Your computer likes to describe on as 1 and off as 0.
By itself, a single bit is kind of useless, as it can only represent one of two things. Imagine if you could only count using either zero or one. Alone, you could never count past one. On the other hand, if you got a bunch of buddies together who could also count using zero or one and you added all your buddies' ones together, your group of buddies could count as high as they wanted, dependent only on how many friends you had. Computers work in the same way. By arranging bits in groups, the computer is able to describe more complex ideas than just on or off. The most common arrangement of bits in a group is called a byte, which is a group of eight bits.
The act of creating large numbers from groups of binary units or bits is called binary arithmetic. Learning binary arithmetic helps you understand how your computer sees IPs (or any numbers greater than one).
In binary arithmetic, each bit within a group represents a power of two. Specifically, the first bit in a group represents 2^{0} [Editor's note for non-math majors: mathematicians stipulate that any number raised to the power of zero equals 1], the second bit represents 2^{1}, the third bit represents 2^{2}, and so on. It's easy to understand binary because each successive bit in a group is exactly twice the value of the previous bit.
The following table represents the value for each bit in a byte (remember, a byte is 8 bits). In binary math, the values for the bits ascend from right to left, just as in the decimal system you're accustomed to:
8^{th} bit | 7^{th} bit | 6^{th} bit | 5^{th} bit | 4^{th} bit | 3^{rd} bit | 2^{nd} bit | 1^{st} bit |
128 (2^{7}) | 64 (2^{6}) | 32 (2^{5}) | 16 (2^{4}) | 8 (2^{3}) | 4 (2^{2}) | 2 (2^{1}) | 1 (2^{0}) |
Now that we know how to calculate the value for each bit in a byte, creating large numbers in binary is simply a matter of turning on certain bits and then adding together the values of those bits. So what does an 8-bit binary number like 01101110 represent? The following table dissects this number. Remember, a computer uses 1 to signify "on" and 0 to signify "off":
128 (2^{7}) | 64 (2^{6}) | 32 (2^{5}) | 16 (2^{4}) | 8 (2^{3}) | 4 (2^{2}) | 2 (2^{1}) | 1 (2^{0}) |
0 | 1 | 1 | 0 | 1 | 1 | 1 | 0 |
In the table above, you can see that the bits with the values 64, 32, 8, 4 and 2 are all turned on. As mentioned before, calculating the value of a binary number means totaling all the values for the "on" bits. So for the binary value in the table, 01101110, we add together 64+32+8+4+2 to get the number 110. Binary arithmetic is pretty easy once you know what's going on.
So now that you understand a bit about binary (pun intended), you can understand the technical definition of an IP address. To your computer, an IP address is a 32-bit number subdivided into four bytes.
Remember the example of an IP above, 204.132.40.155? Using binary arithmetic, we can convert that IP address to its binary equivalent. This is how your computer sees that IP:
11001100.10000100.00101000.10011011
Understanding binary also provides you with some of the rules pertaining to IPs. We wondered why the four segments of an IP were called octets. Well, now that you know that each octet is actually a byte, or eight bits, it makes a lot more sense to call it an octet. And remember how the values for each octet in an IP were within the range of 0 to 255, but we didn't know why? Using binary arithmetic, it's easy to calculate the highest number that a byte can represent. If you turn on all the bits in a byte (11111111) and then convert that byte to a decimal number (128 + 64 + 32 + 16 + 8 + 4 + 2 + 1), those bits total 255.
Now that you understand binary and how computers see IP addresses, you might think, "That's interesting, but what's the point?" End users really don't need to understand the binary representation of an IP. In fact, we purposely write IPs in decimal so that it is easier for humans to understand and remember them. However, network administrators must know technically what's going on in order to implement anything but the simplest network.
In the two-part article "Understanding Subnetting," Rik Farrow describes one of the most important concepts necessary for creating TCP/IP networks, the subnet. As you will see, understanding binary is a fundamental requirement for subnetting. Just as a mailman must understand the postal delivery system in order to make sure every message reaches its destination, you'll find that being able to look at IP addresses the way your computer does will help you do a better job as a network administrator -- and more easily, too.
Read More Security Fundamentals »
Weltweit sind nahezu eine Million integrierter multifunktionaler Threat Management Appliances von WatchGuard implementiert. Die roten Gehäuse, die so etwas wie ein Markenzeichen unserer Produkte geworden sind, sind aufgrund ihrer Architektur die intelligentesten, schnellsten und effektivsten Sicherheitsgaranten auf dem Markt, wenn alle Scanmodule mit maximaler Leistung laufen. Warum sollten Sie sich für WatchGuard entscheiden? Hier erfahren Sie es.