Page186
Classful Networks
The original IPv4 networks (before 1993) were “classful,” classified into classes A through E. Classes A through C were used for normal network use. Class D was multicast, and Class E was reserved. Table 5.4 shows the IP address range of each.
| Class | IP Range |
|---|---|
| Class A | 0.0.0.0–127.255.255.255 |
| Class B | 128.0.0.0–191.255.255.255 |
| Class C | 192.0.0.0–223.255.255.255 |
| Class D (multicast) | 224.0.0.0–239.255.255.255 |
| Class E (reserved) | 240.0.0.0–255.255.255.255 |
Classful networks are inflexible: networks used for normal end hosts come in three sizes: 16,777,216 addresses (Class A), 65,536 addresses (Class B), and 256 addresses (Class C). The smallest routable classful network is a Class C network with 256 addresses: a routable point-to-point link using classful networks requires a network between the two points, wasting over 250 IP addresses.
Classless Inter-Domain Routing
Classless Inter-Domain Routing (CIDR) allows far more flexible network sizes than those allowed by classful addresses. CIDR allows for any network sizes beyond the arbitrary classful network sizes.
The Class A network 10.0.0.0 contains IP addresses that begin with 10: 10.1.2.3.4, 10.187.24.8, 10.3.96.223, etc. In other words, 10.* is a Class A address. The first 8 bits of the dotted-quad IPv4 address is the network (10); the remaining 24 bits are the host address: 3.96.223, the last IP address in the previous example. The CIDR notation for a Class A network is /8 for this reason: 10.0.0.0/8. The “/8” is the netmask, which means the network portion is 8 bits long, leaving 24 bits for the host.
Similarly, the Class C network of 192.0.2.0 contains any IP address that begins with 192.0.2: 192.0.2.177, 192.0.2.253, etc. That Class C network is 192.0.2.0/24 in CIDR format: the first 24 bits (192.0.2) describe the network; the remaining 8 bits (177 or 253 in the previous example) describe the host.
Once networks are described in CIDR notation, additional routable network sizes are possible. Need 128 IP addresses? Chop a Class C (/24) in half, resulting in two /25 networks. Need 64 IP addresses? Chop a /24 network into quarters, resulting in four /26 networks with 64 IP addresses each.
RFC 1918 Addressing
RFC 1918 addresses are private IPv4 addresses that may be used for internal traffic that does not route via the Internet. This allows for conservation of scarce IPv4 addresses: countless Intranets can use the same overlapping RFC 1918 addresses. Three blocks of IPv4 addresses are set aside for this purpose:
- 10.0.0.0–10.255.255.255 (10.0.0.0/8)
- 172.16.0.0–172.31.255.255 (172.16.0.0/12)
- 192.168.0.0–192.168.255.255 (192.168.0.0/16)
Any public Internet connection using un-translated RFC 1918 addresses as a destination will fail: there are no public routes for these networks. Internet traffic sent with an un-translated RFC 1918 source address will never return. Using the classful terminology, the 10.0.0.0/8 network is a Class A network, the 172.16.0.0./12 network is 16 continuous Class B networks, and 192.168.0.0/16 is 256 Class C networks.
RFC 1918 addresses are used to conserve public IPv4 addresses, which are in short supply. RFC stands for “Request for Comments,” a way to discuss and publish standards on the Internet. More information about RFC 1918 is available at https://www.rfc-editor.org/rfc/rfc1918.txt.
Note Memorizing RFC numbers is not generally required for the exam; RFC 1918 addresses are an exception to that rule. The exam is designed to test knowledge of the universal language of information security. The term “RFC 1918 address” is commonly used among network professionals and should be understood by information security professionals.