Understanding Internet Protocol (IP)

I remember the first time I learned about the global Internet, I wondered what it was really like. When people told me there was a computer network covering almost all of the United States and many places around the world, the first image that came to my mind was a thick cable running along telephone poles and underground, with a big sign saying “Internet”. I still clearly remember my shock when I learned that the Internet connects large data centers in different cities using several high-capacity networks (called backbone networks) — the “magic” of the Internet is not in any specific cable or connection. What truly makes the Internet so extensive and accessible is a protocol that allows different systems to freely exchange data. This “protocol” encapsulates digital data in a specific way, enabling transmission over almost any type of communication link (from copper wires to fiber optics to radio waves) — and multiple paths can exist between the same two points — while ensuring that the data arrives intact at its destination. Therefore, the Internet is like a randomly assembled network of existing communication paths, coordinated to serve these paths by sharing a common “language”. In this section, we will explore the protocol behind the Internet — the Internet Protocol (IP).

Physical network standards like Ethernet only define aspects related to the lower layers of the OSI reference model. While these details are critical for communication, they are not sufficient to support a broad communication system on their own. Therefore, network standards like EIA/TIA-485 and Ethernet almost always serve as the lower layers (or levels) of more complex communication protocols that can manage higher-level addressing, message integrity, “sessions” between computers, and many other details.

The Internet Protocol (IP) manages a broader range of network addresses and data transmission than Ethernet. The basic principle of IP is to break down large digital messages into smaller parts, each with additional data bits, forming packets that specify (including) how to direct these parts to their correct destinations. The completed packets are then transmitted individually and received separately, where they are recombined at the receiving end to restore the original complete message. An analogy is: imagine a writer has a printed manuscript that she needs to send to a printing house across town. Unfortunately, the postal service in this city cannot deliver such a large manuscript all at once, so the writer divides the manuscript into bundles of 10 pages each, and then sends each bundle as a package to the printing house. Each package may not arrive at the printing house on the same day, or even in the correct order, but the address on each package guides the postal service to deliver them to the right location.

This strategy of transmitting large amounts of data is at the core of the Internet: data from one computer to another is first split into packets and then transmitted through multiple paths. The packets do not have to take the same route to reach their destination, nor do they have to be transmitted over the same type of network. The receiving computer must then recombine these packets in the correct order to restore the original data. This “packetization” allows multiple messages to share network bandwidth alternately (i.e., the network bandwidth is alternately used to transmit different parts of completely different messages, rather than transmitting only one complete message at a time), while also allowing messages to take different paths when traversing large physical distances. In a mesh-like network, there are multiple paths between any two points, and the ability to guide packets through alternative paths enhances network reliability: the failure of any routing node or communication path does not necessarily prevent data from reaching its final destination. This fault tolerance was a key standard from the very beginning of the Internet’s design — developed by the U.S. Department of Defense.

Interestingly, the task of breaking down large amounts of digital data into packets, as well as the task of reassembling these packets in the correct order into the original data block, is not the responsibility of IP, but rather of a higher-level protocol, such as TCP (Transmission Control Protocol). The Internet Protocol (IP) merely specifies how to label and route these packets to their correct destinations. Using the manuscript analogy, IP is like the postal service, responsible for the system of mailing addresses, stamps, and labels, while TCP (or other higher-level protocols) is like the author and publisher, responsible for breaking the manuscript into smaller parts and reassembling those parts into the original manuscript. Therefore, IP itself is not a complete solution for large network communications. This is also why the core protocol of the Internet is referred to as TCP/IP, as these two protocols work together to ensure coordinated and reliable communication of packets over a wide area.

IP Address

IP is a “Layer 3” technology primarily concerned with routing information between two different locations. IP does not care about the communication details on any specific cable or fiber. It does not “know” how data is electrically represented or what connectors are used between cables. IP only cares about the “network”, which broadly refers to the collection of computers that are interconnected in some way (IP does not care what that way is).

To solve routing issues, specialized network devices that focus on IP addresses (DCE) are called routers. Their task is to guide packets to the appropriate destination as quickly as possible.

For the Internet Protocol to determine the source and destination of packets, each source and target must have a unique IP address. IP version 4 (IPv4) uses a 32-bit address, typically represented as four decimal numbers, written as four bytes. For example:

IP address 00000000 00000000 00000000 00000000 is written as 0.0.0.0

IP address 11111111 11111111 11111111 11111111 is written as 255.255.255.255

IP address 10101001 11111010 00101101 00000011 is written as 169.250.45.3

For two interconnected computers to exchange data using the Internet Protocol, each computer must have a unique IP address.

At first, this may seem a little redundant. Doesn’t each Ethernet device already have its own unique 48-bit “MAC address” to distinguish it from all other Ethernet devices? If so, why add another set of identifying addresses for the system?

This is indeed true — Ethernet devices already have unique addresses — but these MAC addresses and IP addresses serve different purposes. Remember that Ethernet is only a standard at Layer 1 and Layer 2, and it does not “care” about higher-level issues. Ethernet MAC addresses are very useful for Ethernet DCE devices responsible for managing Ethernet data frames, but these MAC addresses — while unique — do not play a significant role in larger IP networks because we need to fragment and reassemble messages in such large-scale networks. More importantly, the reason we need IP addresses is to be able to use other interconnected networks beyond Ethernet. For example, two computers may be connected via a simple EIA/TIA-232 cable (or even using a radio transceiver for “wireless” connections) rather than Ethernet, yet they can still use the Internet Protocol (IP) to route packets to their destination. By having a separate addressing scheme, IP ensures that computers can send and receive packets without needing to worry about the details of physical connections, channel arbitration methods, or any other intermediary factors. In a sense, IP is the “glue” that connects different networks together, enabling the vast system of the global Internet, which connects digital devices of various network types. If we tried to achieve the same functionality using Ethernet MAC addresses, the entire Internet would have to consist solely of Ethernet networks!

A useful analogy is to think of Ethernet MAC addresses as the Social Security Number of a U.S. citizen, while IP addresses are like the street address used for mailing. Every U.S. citizen has a unique Social Security Number that is not shared with anyone else. This number is used for many purposes, including identification in federal tax documents, helping to send specific information (like income records and Social Security payments) to the right person. Although these numbers are unique, people still need different mailing addresses to send and receive mail through postal services and other package distribution agencies. Mailing addresses and Social Security “addresses” serve different purposes. Furthermore, having different mailing addresses ensures that even non-citizens without Social Security Numbers (like foreign students, ambassadors, etc.) can still send and receive mail through the postal system. The mapping between a device’s MAC address and IP address is handled by a protocol called ARP (Address Resolution Protocol), which we will discuss later.

“Ping” Tool

Computers enabled with Internet Protocol (IP) come equipped with a tool called ping, used to detect whether other IP-enabled computers on the same network exist. The classic format of this program is to enter the “ping” command in the command line interface of the computer, followed by the IP address of the computer you want to check. For example, if I want to check if the computer with IP address 133.82.201.5 exists on the network, I would enter the following command in the command line and press “Enter”:

ping 133.82.201.5

The ping tool sends a very short digital message to the specified IP address, requesting that the computer reply (usually trying several times). In Microsoft Windows (XP) operating systems, the implemented ping command typically tries four times before exiting. Some other operating systems’ implementations of ping may continue to try until the user interrupts it with the “Ctrl-C” key combination.

When diagnosing IP-enabled network devices, few tools are as immediately useful as ping. Network professionals often use “ping” as a verb, such as “I tried to ping that computer but didn’t get a response.” A computer may fail to respond to a ping request for various reasons, but a successful ping operation can prove a few things:

The target device is powered on and its IP functionality is working properly
All network devices (DCE) between your computer and the target device are communicating normally
All cables used for data communication between the computer and the target device are functioning correctly
Your computer and the target device are on the same subnet (which we will discuss in detail later)

Because the ping operation requires the first three layers of the OSI model (physical layer, data link layer, and network layer) to function correctly, using it as a diagnostic test can clearly help identify the layer where the problem exists. If two computers cannot communicate properly, but the ping tool works correctly, then the communication failure must lie in the upper layers of the OSI model (such as transport layer, session layer, presentation layer, or application layer). Therefore, we consider the ping tool as a “divide and conquer” troubleshooting tool, allowing us to verify whether the connection between certain devices is normal, thereby narrowing down the scope of the problem through elimination.

IPv4 Address Range

Given the address functionality of the Internet Protocol (IP) (i.e., designating addresses for a vast collection of digital communication devices), the selection of addresses must be done carefully. IP version 4 (IPv4) uses a 32-bit field to specify addresses, limiting its address capacity to a unique 4,294,967,296 addresses. Although this number is quite large, it is still insufficient to uniquely identify all internet-connected devices globally. The inventors of IP did not anticipate the Internet growing to the scale it is today. This provides a lesson for everyone involved in computing: the future is often larger than you expect! To address the shortage of IP addresses, various clever techniques have been developed. One of them is to dynamically assign IP addresses to computers connected to the Internet only when they are powered on. This is how most personal Internet connections work: when you turn on and connect to the Internet, your service provider assigns you a temporary IP address via a protocol called DHCP (Dynamic Host Configuration Protocol). Then, when you shut down, the service provider allows you to relinquish this temporary IP address for other users to use.

The Internet Corporation for Assigned Names and Numbers (ICANN) is the organization responsible for globally assigning IP addresses to Internet users (among other tasks). This organization has designated specific ranges of IP addresses for internal (i.e., Local Area Network, LAN) network devices that will never be “publicly” used for communication with devices on the global Internet. Below are the designated “private” LAN address ranges:

10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255

Additionally, all computers have their own special loopback IP address for sending IP message packets to themselves (including for diagnostic purposes): 127.0.0.1. This IP address is entirely virtual and has no relation to any network hardware. Therefore, when executing the ping command on any computer, it should be able to detect the address 127.0.0.1, regardless of whether the actual network hardware (card or interface) on that computer exists or is functioning. If the ping command cannot detect the loopback address, it indicates that the computer’s operating system is not configured to use the Internet Protocol.

The loopback address of a computer has other uses beyond diagnostics. Some computer applications inherently rely on the network, even if the application performs a local function rather than a function between computers on an actual network. For example, the X Window graphical user interface (GUI) system commonly used in UNIX operating systems is a classic example that references the loopback address to establish connections between client and server applications on the same computer.

Subnets and Subnet Masks

IP (version 4) addresses are used in conjunction with a tool called subnet mask to divide an IP network into “subnets”. A “subnet” refers to a group of IP address devices that can communicate with each other. You can think of a subnet mask as a “filter” that identifies which IP addresses belong to the correct range.

The subnet mask serves as a bitwise filter, identifying the bits in the IP address that define the subnet. For example, if a computer’s subnet mask is set to 255.0.0.0 (binary 11111111 00000000 00000000 00000000), it means that the first 8 bits of the IP address define the subnet, so the computer can only communicate with other computers on the same subnet (i.e., those with the same first byte of their IP address).

The following examples illustrate two interconnected computers that have different IP addresses (and in some cases, different masks), demonstrating how subnets work. In the first example, the two computers have different last two bytes in their IP addresses, but they share the same subnet (169.254), so they can communicate:

We can use the ping command to check whether the IP address and subnet mask are correct. Below is a screenshot of a personal computer running the ping command on Microsoft Windows XP:

In the next example, we see that the two computers have the same mask value, but their IP addresses differ in the bytes specified by the mask. In other words, the two computers belong to different subnets: one belongs to 167.254, and the other to 169.254, so they cannot communicate with each other using the Internet Protocol. The error message generated by the ping tool is shown in the following image:

In the last example, we see that the two computers have different mask values and different IP addresses. The subnet of the left computer is 169.254.10, while the subnet of the right computer is 169.254:

The left computer can only communicate with computers that have the same first three bytes of their IP address (169.254.10). Upon seeing that the target address of the second computer does not match in the third byte, when executing the ping command from the left computer, it will return an error message stating that the “destination host is unreachable”.

When the right computer attempts to communicate (“ping”) with the left computer, it can transmit data because its mask only restricts consistency in the first two bytes (169.254), which matches perfectly. However, the left computer cannot send data to the right computer because its subnet is more strictly defined, so executing ping on the right computer will return a “request timed out” error message, as it did not receive any reply from the left computer.

For two computers connected only by a cable, the concept of subnets and masks may seem useless; in fact, it is indeed not very useful in such small-scale situations. However, “subnetting” is a useful technique for managing high traffic in large-scale network systems, and is therefore quite common in many Local Area Networks (LANs), such as those in industrial and commercial settings.

While many IPv4-compliant computers represent IP addresses and subnet mask values as a set of “dotted decimal” numbers, each decimal number (0-255) representing a “byte” of the 32-bit IP address space (e.g., IP = 169.254.5.1, mask = 255.255.0.0), a more modern representation of subnets is to append a slash character and a decimal number to the device’s IP address, specifying the number of bits used to define the subnet.

For example, suppose a computer’s IP address is 169.254.5.1 and its subnet mask is 255.255.0.0 (indicating it belongs to subnet 169.254), we can rewrite this computer’s IP address as 169.254.5.1/16. Here, the “16” indicates that the first 16 bits of its IP address define its subnet. Another example is a computer with an IP address of 192.168.35.100 and a subnet mask of 255.255.255.0, which can be rewritten as 192.168.35.100/24. The “24” indicates that the first 24 bits (i.e., the first three bytes) define its subnet: this computer belongs to subnet 192.168.35.

The ping diagnostic tool can be used to search for unknown IP addresses on a known subnet. This can be achieved by “pinging” the broadcast address of that subnet: a specific IP address composed of the known subnet address followed by all binary 1s filling the unknown bits. For example, you can use the ping command to search for devices on subnet 156.71 (subnet mask 255.255.0.0) with the command:

ping 156.71.255.255

Routing Table

In networks compliant with the IP protocol, devices need to know how to best route IP packets from one location to another. On the Internet, specialized router devices determine the best packet paths based on multiple different criteria (e.g., congestion levels of paths, the fewest “hops” from one router to another, geographical distance, etc.), and these paths are continuously updated by complex algorithms within the routers. The data about these optimal routes is stored in a list known as the routing table.

Personal computers also have routing tables that users can modify. A common scenario where a user might need to modify their personal computer’s routing table is when they need to communicate with a new device installed on an industrial network that has a different subnet ID than other devices on that network. Many network devices come with a default subnet of 192.168.1. You might plan to connect the device to an industrial network whose subnet differs from that default configuration. This in itself may not be a problem, as the IP address and subnet mask values can be configured by the user. However, if the only way to configure the new device is through an IP network connection to communicate with it, then you face a dilemma: how to communicate with it to change its subnet when its subnet prevents you from doing so?

One solution to this dilemma is to temporarily use a personal computer with a subnet that matches the new device to configure it; after configuration, disconnect that device from the personal computer and connect it to the industrial network to let it start working.

Another solution is to use a computer already connected to the industrial network to configure the new device, specifically enabling that computer to communicate with the device’s default subnet. This way, the new device can be plugged into the industrial network, configure its new IP address and subnet, and then communicate with other devices on the correct subnet. This can be accomplished using the command line tool route. At the command prompt (just like when using the ping command), you enter “route” followed by the instructions to tell it to add the device’s default address and subnet mask to the computer’s routing table. Suppose our new device’s default IP address is 192.168.1.10 and its default mask is 255.255.255.0, our route command should be like this:

route add 192.168.1.10 mask 255.255.255.0

After issuing this command to the personal computer, it can communicate with the new device to change its IP address and subnet mask to match those of other devices on the industrial network.

IP Version 6 (IPv6)

The next version of IP (version 6, or IPv6) uses a 128-bit address, offering 2^128 address possibilities (over 3.4 x 10^38), which is significantly larger than the 2^32 address space of IPv4. To put this massive number into a comprehensible context, an IPv6 address is sufficient to designate about 57 billion addresses for every gram of mass on Earth. IPv4 addresses are typically written in the form of four decimal bytes (e.g., 169.254.10.5), but for IPv6 addresses, this representation becomes cumbersome. Therefore, IPv6 addresses use a set of eight hexadecimal numbers (each number can be up to four characters), separated by colons, e.g., 4ffd:522:c441:d2:93b2:f5a:8:101f. The transition to IPv6 has already begun in certain parts of the Internet, but a full transition to IPv6 is expected to take many more years. The loopback virtual address for IPv6 is 0:0:0:0:0:0:0:1, which can be simplified to ::1.

Note that the IPv6 addresses given above use “shorthand” notation to omit unnecessary characters: certain 16-bit segments are abbreviated to fewer than four hexadecimal characters if the preceding (higher-order) characters are zero. For example, you will see :522: instead of :0522:, and :d2: instead of :00d2:. The loopback address ::1 is the most extreme shorthand form, collapsing all previously zero segments into a pair of consecutive colons.

IPv6 supports subnets just like IPv4, but unlike IPv4 addresses that use dot-separated forms to represent subnet masks, IPv6 subnet masks are represented by specifying the number of “1” bits starting from the leftmost (most significant bit, MSB). The rationale behind this is that the bits of the subnet mask should be contiguous, with no zero bits separating the “1” bits. In this case, any actual IP range’s subnet mask can simply be specified by a series of “1” from MSB to LSB.

It is important to note that an updated version of the ping command (called ping6) is available to help diagnose IPv6 systems.

ARP

While the Internet Protocol (IP) provides a universal addressing standard for devices operating over large-scale digital networks, each device typically has a unique MAC address. As mentioned earlier, the relationship between IP addresses and MAC addresses is like the relationship between mailing addresses and Social Security Numbers: IP addresses are used for routing information sent across the network, while MAC addresses identify the devices themselves. Any digital network system handling both types of addresses must map each MAC address to its corresponding IP address in some way, and this is handled by a protocol called the Address Resolution Protocol (ARP).

Each network node running the ARP protocol maintains an equivalent address table, i.e., a mapping table from MAC to IP. This table is called the ARP cache, and you can view its contents by running the following command on the device’s command line interface:

arp -a

arp -a command will print all (-a) ARP cache entries for you to review. Of course, this will only show what the current computer knows. If the ARP cache has not been recently updated, the address data within it may be outdated or even missing. Below is a partial screenshot of running the arp -a command on a Microsoft Windows computer, showing each IP (“network”) address and its corresponding MAC (“physical”) address in the ARP cache:

One way to update the ARP cache is to first issue a broadcast ping request. The responses from active nodes on the network will fill the computer’s ARP cache with address information, after which you can run the arp -a command to view these cache entries.

DNS

The abbreviation DNS actually has two related meanings: Domain Name System and Domain Name Server. The first refers to a system that exchanges digital IP addresses for more easily memorable alphanumeric Uniform Resource Locators (URLs). When you use web browser software to browse Internet sites, you can choose to enter the URL name of the site (e.g., www.google.com) or the numerical IP address (e.g., 75.125.53.104). Special computers connected to the Internet, called Domain Name Servers (DNS), and Domain Name Resolvers (DNRs), use the Address Resolution Protocol (ARP) to convert the website name you enter into its actual IP address, establishing a connection between your computer and the target computer.

The organization responsible for assigning IP addresses, ICANN, also maintains a database of all registered domain names.

Command Line Diagnostic Tools

In addition to ping and arp, another command line tool that helps troubleshoot network connection issues on Microsoft Windows computers is ipconfig. When this command is executed, ipconfig lists all available (configured and running) network interfaces on the computer:

The equivalent command in UNIX operating systems is ifconfig, as shown in the screenshot below:

From the ifconfig output, you can see some interesting details, including IPv6 addresses (in addition to IPv4 addresses), Ethernet MAC addresses (listed as “hardware addresses” or HWaddr), Ethernet performance data (such as collision counts), IP performance data (such as the number of IP packets received and sent), and details about the “loopback” address (IPv4 127.0.0.1 or IPv6 ::1).

A tool designed to query a computer’s DNS name based on its IP address is nslookup, which is also available for Microsoft Windows and UNIX operating systems. Below is the UNIX version of using nslookup to find four IP addresses of the popular Google search engine website, followed by the Microsoft Windows version:

Another tool for exploring network connections is traceroute (called tracert in Microsoft Windows operating systems). This tool sends a test data packet to a specified target address and returns information showing all the “hops” the IP packet takes through the network and the time taken to reach the destination. The following shows the execution of traceroute on UNIX computers and tracert on Microsoft Windows computers:

This article is translated from a free industrial automation textbook written by Tony R. Kuphaldt and published under the Creative Commons Attribution 4.0 International Public License. It covers advanced feedback and modern system interconnect control system architectures from open-loop relay networks, basic PLCs to PID process control and motion control. This book is a great resource for students and professionals to refresh or expand their control engineering knowledge.

I translated and shared its content, and if you are interested in the original text, I recommend visiting the original book link: https://control.com/textbook/

The article header image was created by “Zhiyu Qingyan”.

(End)

More Highlights:

Yan Shi│The Impact of Generative AI on Computer Education and Countermeasures

Principal Interview｜Rooted in Border Minority Areas, Focusing on Teacher Education to Cultivate High-Quality Applied Talents — Interview with Principal Chen Benhui of Lijiang Normal University

Yan Shi│A Review and Prospect of Computer System Capability Cultivation

Discussion on the Concept of “Student-Centered” Teaching and Its Implementation Path

Principal Interview｜Promoting Interdisciplinary Integration to Cultivate Innovative Talents in the New Era — Interview with Professor Ni Mingxuan, Founding President of Hong Kong University of Science and Technology (Guangzhou)

New Year Message from the 7th Editorial Committee

Guidelines for Ideological and Political Teaching in Computer Courses

Academician Chen Guoliang｜Cultural Construction of Virtual Teaching and Research Room for Computer Courses in Ideological and Political Education

Professor Chen Daoqu of Nanjing University｜Change and Constancy: The Dialectics in the Learning Process

Yan Shi│Reflections and Suggestions on the “Dilemma” of Young Teachers in Colleges and Universities

Xu Xiaofei et al.｜Metaverse Education and Its Service Ecosystem

[Directory] Computer Education, Issue 11, 2024

[Directory] Computer Education, Issue 10, 2024

[Directory] Computer Education, Issue 9, 2024

[Directory] Computer Education, Issue 8, 2024

[Editorial Message] Professor Li Xiaoming of Peking University: Reflections from the “Year of Classroom Teaching Improvement”…

Professor Chen Daoqu of Nanjing University: Which is more important, teaching students to ask questions or teaching students to answer questions?

[Yan Shi Series]: Trends in the Development of Computer Disciplines and Their Impact on Computer Education

Professor Li Xiaoming of Peking University: From Fun Math to Fun Algorithms to Fun Programming — A Path for Non-Majors to Experience Computational Thinking?

Reflections on Several Issues in Building a First-Class Computer Discipline

New Engineering and Big Data Major Construction

Lessons from Other Mountains Can Be Used to Attack Jade — A Compilation of Research Articles on Computer Education at Home and Abroad