One of the most common ways computers communicate with each other is through the use of the Internet Protocol, or IP. It is the standard which outlines the basis of the internet. There are two major versions of the internet protocol, which are IPv4 and IPv6.
By understanding the IP, it is possible to manage communication between most computers, which is a very powerful tool.
When your computer sends a data packet, it must address that packet to the correct destination over the internet. Hence, all computers are assigned an IP address.
An IPv4 address is 32 bits long, and is generally in the form
xxx.xxx.xxx.xxx, where each
xxx is an 8-bit number between 0 and 255. For example. a machine might have the ip address
Before talking about the entire internet, let us discuss the simpler case of the Local-Area-Network, or LAN. This is a small network of computers in a local area.
The center of this LAN network is a device known as a router. All computers in the LAN have a direct connection to the router. This router then "routes" data to its appropriate location on the network.
Conventionally, the router on your home network assigns itself the IP address
192.168.1.1 or something similar. Now, suppose computer A has the IP address
192.168.1.20 and computer B has the IP address
Computer A will send a message to the router, stating that it would like to send information to the IP address
192.168.1.40. The router receives this information and relays the information to computer B. Computer A must know the IP address of computer B to successfully communicate.
Now, how did these computers get their IP addresses in the first place?
When a computer joins a network, it communicates with the router. It must ask the router for an IP address. The router will then assign your computer an address using the Dynamic Host Configuration Protocol, or DHCP.
As the name implies, the router will dynamically adust IP addresses as it sees fit. If your computer leaves the network at a later date, the address could later be assigned to a new computer. This is analogous to you moving out of your house, and someone else moving in. This new individual now takes your old address.
This leaves a big problem - if I have the address, how do I actually know the right computer is receiving them?
The easiest way to solve this problem on a LAN is with a static IP address. You manually select an IP address for your computer, and the router will in-turn "fix" that address to your computer permanently.
If computer A and computer B have statically-assigned addresses instead of DHCP-assigned addresses, then the user can be sure that the right computer is receiving the address.
We will later see that it's possible for your computer to be connected to multiple networks at the same time. So how do we ensure our message goes to the correct network?
The IPv4 address is actually divided into two sections: the "network" portion and the "host" portion. For example, for an IPv4 address
192.168.1.40, the first portion
192.168.1 identifies the network. The second portion
.40 identifies which device on this specific network the address refers to.
In the above example, the full network address is formally
192.168.1.0 and the host address is
Now, what if a network needs more or less computers on it to function? We can adjust the "portion" size with a subnet mask.
In the above example, the leading 24 bits indicated the network address, and the last 8 bits indicated the host address. This leads to a subnet mask of
255.255.255.0, often notated with a
/24. If we want 23 bits to indicate the network address instead, we use
/23 as a subnet mask.
In binary, the
/23 subnet mask looks like:
Which is the origin of the
255.255.254.0 extended notation. A bitwise-AND operation between the subnet mask and the IPv4 address will return the network address (hence the name subnet mask).
It is possible to establish a LAN network without a proper router, instead making a direct connection between two computers. This is convenient when a simple method of transmitting data packets over long distances is necessary.
To establish a P2P network, first you can directly connect two computers over ethernet. On the corresponding network interface (typically called
eth0 on Linux machines), you can manually configure an IP address and subnet mask on each machine.
ifconfig tool on Linux can be used to very easily accomplish this task:
sudo ifconfig <interface_name> <IP_address> netmask <subnet_mask>
Once both machines are configured, simply plugging in the computers and using the
ping command will allow you to immediately determine a successful connection with no further configuration.
When using the internet, you will attempt to connect to computers where the IP address is often unknown.
To avoid having to remember IP addressess (often addresses which change frequently), the internet utilizes the Domain Name System, or DNS. We "name" different computers with an alias, such as "google.com". When you click on the link, your computer will first connect to a Domain Name Server, which already has a known IP address.
Your computer tells the Domain Name Server the website address you wish to go to. The server then retrieves the corresponding IP address and passes it back to your computer. Now, you can establish a direct connection over the wider internet.
If you ask Google for your IP address, you will find that it gives you a different address than your home router indicates. This is because the address Google gives you is your public IP address.
When Google (or other computer) servers attempt to connect to your computer, they only know a single IP address corresponding to your router.
The router is responsible for receiving the connections, and then forwarding them to your computer specifically. This allows any computer on your network to communicate on the open internet, while giving away little information on specifically which computer in the network is making the connection.
So, how does the router know which computer, say, Google is trying to reach?
To manage connections from many different computers on a single network, your network card also has 65,535 ports which can be specified during a connection.
An SSH session, for example, usually operates on port 22. So if you're making an SSH request to another computer on your network, such as
192.168.1.40, you will notate it as
When you make a connection to a public website, your router makes that connection from a specific port. The connection is then received on the same port. Different computers on your network get different ports, allowing distinctions between different computers even with a single IPv4 address.
If another computer needs to connect to a specific port on your computer (e.g. you want to run a public SSH server), you can use port forwarding on your router. This means that any connection on your router which is destined for port 22 will be directly routed to port 22 on your computer.
Port forwarding is a security risk, since it removes a potential layer of protection from attackers trying to reach your specific machine. Only ports which are absolutely necessary should be forwarded.