Network Configuration Concepts | CompTIA A+ 220-1001 | 2.6

In this video you will learn about common network configuration concepts such as: IP addressing, dynamic vs. static IP addresses, APIPA IP addresses, vs. link-local addresses, IPv4 vs. IPv6, VPN, VLAN, NAT, and gateways.

IP Addressing

An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. An IP address serves 2 main functions: host or network interface identification and location addressing. The two current versions of IP addressing that are in common use today are IPv4 and IPv6.

Dynamic vs. Static IP Addresses

By definition, the word dynamic means a process or system characterized by change, activity, or progress. By definition, the word static means lacking in movement, action, or change. These two terms are used to describe the two most common ways to configure a computer’s IP address settings.

  • Dynamic IP Address (DHCP server-assigned IP): A dynamic IP address is an IP address that can change from time to time as dictated by the assignment of an IP address from that of a DHCP server due to devices leaving and rejoining a network or when the address expires due to its least time running out.
  • Static IP Address: A static IP address is an address that doesn’t change. Once you device is assigned a static IP address, that number typically stays the same until the device is decommissioned or your network configurations change. Servers are typically assigned static IP addresses. The configuration of static IP addresses also included the configuration of the subnet mask, gateway, & DNS.
Static vs. Dynamic IP Addressing

Windows, macOS, and Linux default to using dynamic IP addresses which is the preferable method for configuring a TCP/IP network.  Manually assign IP addresses if a DHCP server is not available on the network. DHCP reservations is a static IP address option that is available which allows for the management of specific addresses from a DHCP pool of addresses to give out to clients. This is considered a permanent lease that is assigned to a DHCP client.

To configure an IP address in Windows, access the Internet Protocol Properties window.  Open the General tab of the Internet Protocol Properties window, open Network Connections, right-click the network connection, select Properties, click Internet Protocol v4 (TCP/IPv4) or TCP/IPv6 in the list of protocols and features, and click Properties.

IP configuration in Linux is performed by editing the /etc/network/interfaces file.  If you use a GUI that features a Network configuration panel, you can use it to make changes for you.

To configure TCP/IP in macOS, go to System Preferences, open the Network panel, and select the appropriate tab.

APIPA IP Addresses & Link Local Addresses

APIPA stands for Automatic Private IP Addressing was originally developed by Microsoft, but is now a standard with macOS & Linux. With APIPA, DHCP clients can automatically self-configure an IP address and subnet mask when a DHCP server isn’t available. When a DHCP client boots up, it first looks for a DHCP server in order to obtain an IP address and subnet mask. If the client is unable to find the information, it uses APIPA to automatically configure itself with an IP address. The IPv4 address range is 169.254.0.1 through 169.254.255.254 (with the subnet mask 255.255.0.0). The IPv6 address range is called a link local address and has the FE80::/64 prefix. A client using an APIPA address will utilize this address until a DHCP server becomes available to lease an IP address from. An APIPA address will allow for the device to communicate within the LAN but will not allow for connection to the internet.

Potential APIPA/link local address problems can be resolved by checking the device’s network connection using the commands ipconfig/release and ipconfig/renew at the command prompt.  This will cause the DHCP server to issue a new IP address to the computer.  If these actions don’t solve the problem, the DHCP server (often located in the router on a SOHO network) should be restarted, if necessary.

IPv4

Internet Protocol version 4 is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the internet and other packet-switched networks. IPv4 uses a 32-bit address space which provides 4,294,967,296 (2^32) unique addresses, but large blocks are reserved for special networking methods. IPv4 addresses consist of a group of four members that each range from 0 to 255 (ex: 172.16.254.1). An IP address is divided into two sections:  the network portion, which is the number of the network the computer is on, and the host portion, which is the individual number of the computer. In the example of 172.16.254.1, the first 3 octets (172.16.254) would typically be the network number, and the .1 would be the host number. An octet is an 8-bit byte. This means that in the binary numbering system, the number can range from 00000000 to 11111111. For example, 255 is actually 11111111 when converted to the binary numbering system. As another example, 192 decimal equals 11000000 binary.  Because there are four octets in an IPv4 address, it is a 32-bit address. A subnet mask separates the IP address into the network and host addresses (<network><host>). For example, a typical subnet mask for the IP address just used would be 255.255.255.0.  The 255s correspond to the network portion of the IP address.  The 0s correspond to the host portion, as shown below. Subnetting further divides the host part of an IP address into a subnet and host address (<network><subnet<>host>) if additional subnetwork is needed.

An IPv4 Address & Corresponding Subnet Mask

Computers and other networked devices have IP addresses, and in some cases a device can have more than one IP address.  For example, a router typically has two IP addresses:  one to connect the router to a LAN and the other that connects it to the internet, enabling it to route traffic from the LAN to the internet and back.

IPv6

Internet Protocol version 6 is the most recent version of the Internet Protocol, the communications protocol that provides an identification and location system for computers on networks and routes traffic across the internet. IPv6 uses 128-bit source and destination IP addresses (compared to 32-bit for IPv4), theoretically enabling up to 340 undecillion addresses (3.4×10^38). IPv6 also features built-in security and provides better support for quality of service (QoS) routing, which is important to achieve high-quality streaming audio and video traffic.  Windows, macOS, and Linux all support IPv6.

IPv6 Addressing

IPv6 addresses are 128-bit addresses that are each then divided into eight 16-bit blocks.  The blocks are converted into hexadecimal, and each block is separated from the following block by a colon.  Leading zeros are typically suppressed, but each block must contain at least one digit.

Here is a typical IPv6 address:

Hexadecimal (Default) Representation of the IPv6 Address
IPv6 Address (Binary)

Leading zeroes in any 16-bit field can be dropped, but each block you do this with must have at least one number remaining. If the block is all zeroes, you have to leave one zero. This is known as leading zero compression. Leading compression can be represented by :: (double colon). An address can include only one zero-compressed block. To determine the number of zero bits represented by the double colon, count the number of blocks in the compressed address, subtract the result from 8, and multiply the result by 16.

Here is an IPv6 address that uses the double colon:

  • FF02::2

There are two blocks here:  FF02 and 2.  So how many zero bits are represented by the double colon?  Subtract 2 from 8 (8 – 2 = 6 and then multiply 6 by 16 ( 6 x 16 = 96).  This address includes a block of 96 zero bits.

The loopback address on an IPv6 system is 0:0:0:0:0:0:0:1, which is abbreviated as ::1.  If you want to test your network interface in Windows where IPv6 is enabled by default, you can type ping ::1 in a command prompt.

IPv6 Address Types

IPv6 supports three types of addresses:  unicast, multicast, and anycast.

  • Unicast: an address that identifies a unique node on a network. Unicast addressing is available in IPv4 & IPv6 and typically refers to a single sender or a single receiver, although it can be used in both sending and receiving. Unicast is the most common form of IP addressing.
  • Multicast: a specific type of IP address labeling a network location that is used to multicast data packets within a network. It stands in contrast to other IP addresses that only allow for unicast models. Both IPv4 and IPv6 support multicasting. Multicast enables distribution of content such as internet TV and other types of streaming media. IPv6 multicast addresses begin with FF.
  • Anycast: a network addressing & routing methodology in which a single destination address has multiple routing paths to two or more endpoint destinations. This is also known as one-to-one-to-many association. Anycast can be used for distributed services, such as DNS or other situations in which automatic failover is desirable.  IPv6 uses anycast addresses as destination addresses that are assigned only to routers.  Anycast addresses are assigned from the unicast address space.

Viewing IP Address Information

To see the IPv4 or IPv6 addresses for a Windows device, use the command-line ipconfig utility at the command prompt.

Example of ipconfig in Windows Command Prompt

macOS provides IPv4 and IPv6 address information through the TCP/IP tab of the Network utility.

mac TCP/IP Network Utility Tab

Many Linux distros include a GUI-based network utility similar to the one used in macOS, but with any Linux distro (as well as with macOS), you can open Terminal and use the command ifconfig -a to view this information.

Linux ifconfig Example

VPN

A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.  A VPN connection requires a VPN server at the remote site and a VPN client at the client site. VPN traffic between client and server is encrypted and encapsulated into packets suitable for transmission over the network. VPN connections are often referred to as “tunnels” and the process of setting up a VPN as “tunneling”. A VPN connection has several benefits compared with a standard connection:

  • A VPN connection enables insecure public Wi-Fi to provide a secure private connection to a website that supports VPNs.
  • A VPN connection enables the user to bypass blocks on websites in certain areas.  By using a VPN, a user can access social networks or search tools in countries where access is restricted or can use media subscription sites for areas other than where they live, such as a different country’s Netflix or other streaming service.
  • A VPN connection hides activity from the user’s normal ISP because their internet traffic (including P2P torrents) is tunneling through the ISPs connections and is therefore invisible.

VLAN

Virtual LANs are logical grouping of devices in the same broadcast domain that are configured to behave as if they have their own separate LAN. Because the LAN exists in software configuration rather than in hardware, it is considered a VLAN. VLANs are usually configured on switches by placing some interfaces into one broadcast domain and some interfaces into another. Each VLAN acts as a subgroup of the switch ports in an Ethernet LAN. Usually LANs are separated by a router, but a switch may have the capability of grouping ports together to behave like a LAN inside the switch. If a LAN of 6 computers is divided evenly into 3 separate VLANs inside of the switch to where VLAN 1, VLAN 2, & VLAN 3 exist each with 2 computers a piece, each computer within its respective VLAN will only be able to communicate with the other computer inside of that VLAN only and each host in each VLAN will have IP addresses on different networks. To communicate with computers in the other VLANs, the services of a router would have to be introduced since routers connect LANs to LANs.

Example of a VLAN

NAT

Network address translation is a method of remapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. In layman’s terms, NAT is the process where a network device (usually a firewall) assigns a public address to a computer (or group of computers) inside a private network. The main use of NAT is to limit or hide an entire IP address space on a LAN for both economic and security purposes. This functionality is typically built into a router. When NAT is implemented, before an IP address on the LAN can communicate with the internet, the IP address has to be converted to the public IP address of the router. This allows for the router to appear as if it is the only device making a connection to remote computers on the internet, which provides safety for the computers on the LAN. It also allows a single IP address to do the work for many other IP addresses in the LAN. NAT is performed automatically on SOHO routers when connected to an IPv4 network.  NAT is not necessary on an IPv6 network because IPv6 is much more secure and has no shortage of IP addresses.

Gateway

A gateway is a network node that serves as an access point to another network, often involving not only a change of addressing, but also a different networking technology. More narrowly defined, a router merely forwards packets between networks with different network prefixes. The term gateway can also loosely refer to a computer program configured to perform the tasks of a gateway, such as a default gateway router.