Professional Diploma in Cyber Security

Logical addressing
Module 1 Lesson 4

Summary Notes
 2 www.shawacademy.com

Contents

3 Introduction

Lesson outcomes

Private and public IP (internet

protocol) addresses

6 Exploring Network Address

Translation (NAT)

7 Exploring IP addressing

11 Exploring Mac addressing

14 Conclusion

15 References

PROFESSIONAL DIPLOMA IN CYBER SECURITY

3 www.shawacademy.com

Lesson outcomes
By the end of this lesson, you should be able to:

• Understand the difference between private and public IP addresses.

• Explore Network Address Translation (NAT).
• Explore IP addresses.
• Explore Mac addresses.

Introduction
Today’s lesson, we will be exploring private and public IP address, highlighting some Common IP address terminology,
Recognizing the differences between private and public IP addresses. Examine Network Address Translation (NAT),
Highlighting the types of NAT, functions and benefits. And lastly, we will be exploring IP addressing, highlight Logical
division of an IP address and also Mac addressing.

Private and public IP (Internet protocol) addresses

What is an IP address?

The addresses generated by the CPU when a program is initialised in a system are referred to as logical addresses
They are not physical but are created for management purposes. That’s why they are also often referred to as
virtual addresses. These logical addresses are linked to physical addresses by hardware embedded on the
motherboard, which is also known as the memory management unit.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

4 www.shawacademy.com

What is a private IP address?

A private IP address can be viewed as the use of private IP address space in a network where the IP contains a unique
number or numerical representation that identifies specific devices on the network. The IP address is usually assigned to a
specific interface on the network device. The are certain specifications that are defined in the private IP address ranges
and often used in LAN (Local Area Network) these are known as the IPv4 and the IPv6. We’ll talk more about these in a
while when we get into exploring IP addressing a bit further.

What is a public IP address?

A public IP address is a unique identity that is used to communicate outside the LAN (local area network). This address
space is managed globally by the Internet Assigned Numbers Authority (IANA) and regional Internet Registries (RIRs)
responsible for different regions.
The Regional Internet Registry (RIR) consists of five regions:
• One for the Asia/Pacific Region
• Another for Canada, USA, and some Caribbean Islands
• The third region covers Europe, the Middle East, and Central Asia
• LACNIC is responsible for Latin America and some Caribbean Islands, an
• AFRINIC handles the Africa Region

Common IP address terminology

When discussing IP configuration and IP addressing, there is common terminology that is used. We thought it would be
useful to look at the some of these terms.
• A Static IP address: Static often means constant. This means the IP address never changes; it stays fixed to the
end-device except if configured otherwise. An example would be the public IP been assigned to a WAN by the ISP.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

5 www.shawacademy.com

• Dynamic IP address: The IP address is bound to change from time-to-time, particularly when an IP address has
been issued by a DHCP server with a lease time. When this expires a new IP address will be issued to the end-
devices.
• Shared IP is like a pool of connected devices in a network where they all use one IP address for their connection. A
good example will be hosting of webpages on a server. Website owners are able to host their site on a shared IP
without ever being affected by another site hosted on the same server.
• Dedicated IP address is when only one user is able to use the IP and it cannot be shared. A good example will be
large websites or e-commerce sites that often use a dedicated IP address to have full control over the IP.
• Port number is a number that is assigned to different processes run over the internet. It is used to identify
different protocol traffic on a network. A good example will be port Number 80 for HTTP (Hypertext Transfer
Protocol), 23 for Telnet and 25 for SMTP (Simple Mail Transfer Protocol).
• You also get Classes of IP addresses that are used to identify the range of IP address that can be assigned to an
end-devices.

For interest, here is the range of classes of IP:

• A class - 0 to 127 with default mask of 255.0.0.0

• B class - 128 to 191 with default mask of 255.255.0.0
• C class - 192 to 223 with default mask of 255.255.255.0
• D class - 224 to 247 (not currently used)
• E class - 248 to 255 (not currently used)

Differences between private and public IP addresses

This table highlighting the main differences between private and public IP addresses in terms of Scope, Cost and
Structure.
Factor Private IP address Public IP address
Scope • Operates only within the LAN • Operates on a global scale
• Can only be accessed within • Can be accessed from any
the network geographical location
outside the LAN
Cost • Available for any end-devices • Comes with a cost as usually
• Absolutely free obtained from IANA and RIRs
• End device connected to the
internet
Structure Range from: • Controlled by ISP
• 10.0.0.0 – 10.255.255.255, • Can be changed when virtual
• 172.16.0.0 – 172.31.255.255, private network is connected
• 192.168.0.0 – to end-device OR end-device
192.168.255.255 is connected to relay
network through ISP

PROFESSIONAL DIPLOMA IN CYBER SECURITY

6 www.shawacademy.com

Functions of a logical address

We started this lesson by explaining that the virtual addresses generated by the CPU when a program is initialised in a
system are referred to as logical. A logical address is vital for computing in networking - without logical addresses
computing would impossible. Let’s explore the functions of a logical address a bit further to understand why we say this.
There are many functions of logical address but right now we are going to look at the two major functions of a logical
address:
That’s as
• Address mapping
• Address translation

Address mapping: Address mapping (also known as the mapping function) is the process that makes the addressing easily
accessible by the system. The ability to access an address and have it retain its identity over the course of the access is to
this access method and it facilitates good communication in a network. It also helps to increase efficiency and reduce
complexity.

Address translator: Address translator refers to the manipulation of IP addresses to identify devices over the internet. It
helps to map private IP addresses within networks to public addresses that are routable over the internet. The system is
often referred to as Network Address Translator (NAT).

Exploring Network Address Translation (NAT)

What is NAT?
Network Address Translation is a logical process that maps multiple local private addresses to a public IP address and vice
versa before transferring the data from the local hosts.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

7 www.shawacademy.com

Types of NAT
There are three different types of NAT used for different reasons. These are:

• Static NAT: Similar to static IP addresses mentioned earlier, every time connectivity is needed outside the LAN,
the NAT is configured to use the same public IP address. This IP address is manually configured to the router.
• Dynamic NAT: The public IP address changes every time a connection from the LAN to the WAN occurs. These are
usually practised in big organisations where security is vital.
• Port Address Translation (PAT): This is a form of dynamic NAT, but a port number is associated with the IP address
for identification reasons.

Exploring IP addressing
Types of IP addresses
We mentioned certain standards for IP addresses when we were looking at private IP addresses. There are two types of IP
addresses that are used to identify machines connected to a network. They are:

• IP Version 4 (IPv4)
• IP Version 6 (IPv6)

The IPv4 standard is made up of 32 binary bits to create a single unique address on the network. It is represented by four
integers (in computing, integers are data types) separated by dots.

The IPv6 was created to provide more unique IP addressing within the original TCP/IP protocol over the internet. This
standard is made up of 128 binary bits to create a single unique address, It is represented by eight groups of hexadecimal
numbers separated by colons.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

8 www.shawacademy.com

Note that the groups of numbers with zeros use a colon separator to save space and mark the gap.

Logical division of an IP address

Let’s now look at how to create a logical division of an IP address. This is commonly referred to as subnet and is basically a
network inside a network. A subnet can practically divide any network into two or more parts. Subnets clearly make
networks more efficient through subnetting network traffic can travel shorter distances without passing through
unnecessary routers to reach their destination.

To create a subnet, you change the IPv4 addresses from binary notation to decimal notation.

Example of subnet of an IP address

Let's look at some applications of a subnet of an IP address in a network.

IP address 192.168.1.100=11000000.10101000.00000001.01100100

Subnet mask 255.255.255.0=11111111.11111111.11111111.00000000

• From the subnet mask we can see that: It has three octets which has 24 bits
• From the IP address we see: The first three octets (192.168.1) refer to the network address and the last octets(0)
refer to the host address

The network address identifies the particular network the IP address is on while the host address identifies the number of
host or connected device on that particular network. In this particular example, any IP address with the IP 192.168.1.0 would
fall under the same network.

Example of subnet mask in the IPv4 standard

• 255.0.0.0.0=11111111.00000000.00000000.00000000 = 8 bits for networks(octets),CIDR (Classless Inter-Domain

Routing) Notation of /8
• 255.255.0.0.0=11111111.11111111.00000000.00000000 = 16 bits for networks(octets),CIDR (Classless Inter-Domain
Routing) Notation of /16
• 255.255.255.0.0=11111111.11111111.11111111.00000000 = 24 bits for networks(octets),CIDR (Classless Inter-
Domain Routing) Notation of /24

PROFESSIONAL DIPLOMA IN CYBER SECURITY

9 www.shawacademy.com

From this example of a subnet mask in the IPv4 standard, we can see that:
• A subnet mask consists of a series of bits.
• Every bit is mapped to the IP address
• In the IPv4 standard, the most commonly used subnet masks have complete octets of 1s and 0s

Common addressing with IP

Let’s now look at how IP addressing is used for communication over the Internet. There are four methods of addressing
that we will look at now. They are:
• Unicast addressing
• Broadcast addressing
• Multicast addressing
• Anycast addressing

Unicast addressing: Unicast addressing is the process of a single host sending data to a single destination IPv6 includes two
different unicast addresses:
• Global unicast address
• Link-local address

A global unicast address that is globally unique on the Internet.

A link-local address is used only on the local network link and is not valid nor recognised outside the enterprise.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

10 www.shawacademy.com

Example of unicast addressing

ARP

Quickly look at an example of unicast addressing called ARP (Address Resolution Protocol), You will notice that ARP actually
also uses broadcast addressing, it’s an address resolution protocol used to discover the link layer address. It maps IP
addresses to hardware addresses, which is the mac address.
An ARP is a good example of a unicast request and during the course of lesson 8 we will analyse some ARP requests sent by
network devices. Because these mac addresses are unique to the physical component of the devices the so ARP request will
be able to identify these devices on the network.

Let's explore how ARP messages works:

There is an ARP-Request which is a broadcast message containing the source IP address, destination IP address, and request
for the mac address of the destination and the ARP-Reply a unicast contains the reply from the destination IP address and
mac address that is sent to the initial sender.

Internet Control Message Protocol (ICMP)

When we look at the ARP message in Lesson 8, we will use the Internet Control Message Protocol ping echo request
generated by traffic between two connections.

So, what is the ICMP (Internet Control Message Protocol)?

The ICMP is a protocol that is used by the ping utility to verify connectivity between two devices. The ICMP ping echo
request contains the following messages from echo: Response/Request such as Destination Unreachable when the
machine(laptop) is not on a network. ICMP provides feedback for diagnostics or to report logical errors between
connected devices.

Broadcast addressing: Broadcast addressing enables transmission to every connected device in a LAN using switches. The
address is the highest numeric value of the IP address. For example:
The broadcast address of a Class C 192.168.1.0 network is 192.168.1.255.

Multicast addressing: Multicast addressing is Used to deliver a package to a group of destinations Any packet sent to a
multicast address will be delivered to every host connected on that network. For example:

• A good example of multicast addressing is emailing in big companies where there are a lot of employees within
the company’s domain. One employee in the company can easily send a message to every employee within the
company by adding every address to the company email-list.
• Another good example of multicast addressing is conference calls where one user can communicate with
multiple users simultaneously over the internet, using applications like Zoom and Skype.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

11 www.shawacademy.com

Anycast addressing: Anycast addressing is similar to multicast addressing, but in this case, packets will be delivered to
only one random host in the whole of the network. These addresses don’t have a specific range, as they are exactly the
same as regular unicast addresses. This means that a host has no way of distinguishing a unicast from an anycast address
when it sends a packet. For example:

A good example of anycast will be in the use of DNS queries. You may recall that DNS stands for Domain Name System and
it helps translate IP addresses into domain names, which are more readable and easier to understand.

When a network device searches for a webpage hosted on a webserver, that device is connecting to a particular webserver.
If you think about it for a second, there are billions of different webservers on the internet and more being created every
day. So, DNS is configured on a connected device to help choose a routing path out to the internet, which is basically
anycast addressing.

Exploring Mac addressing

What is a Mac address?
We notice that the terms "IP address" and "MAC address" are often misused. A MAC (Media Access Control) address is an
identifier for a particular network interface in an end-device. Mac addresses are usually configured and tied to the physical
interface on the end-device by the manufacturer of the device.

Example of Mac address on interface

Do you remember this from when we looked at wireless adapters in the previous lesson?

We can clearly see from the circles that the top and bottom interfaces not the loopback interface refer to the mac address
in the device.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

12 www.shawacademy.com

The interfaces present in this particular device are:

• An ethernet interface (for wired connection) with a MAC address/

• A loopback interface with no MAC address because it is virtual.
• A wireless interface used for wirelessly connection with a MAC address

Structure of a Mac address

So, there were Mac addresses in two of the interfaces on the example we have just looked at.

Let’s unpack a Mac address by looking at this illustration.

• A MAC address often comes as a string of 12 digits separated by semi-columns.

• The digits range between 0 to 9 and A to F.
• Since MAC address are unique identifiers, every MAC address is unique.
• The first six digits of a MAC address represent the adapter's manufacturer.
• The last six digits represent the identification number for that model of adapter.

MAC address uses

There are several uses of MAC addresses. Two very important uses are that they:

• Aid connectivity: Do you recall us learning that switches are network devices with the ability to transmit data within
the same subnet? This is done using Mac addresses.
• For security: Because of their uniqueness, they can be used for MAC address filtering and blocking traffic that comes
from machines or devices.

In the OSI model, the Datalink layer comprises two sub-layers which are MAC (media access control) and the LLC (Logical
link control). MAC addresses provide a means for exchanging data frames using switches.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

13 www.shawacademy.com

Differences between MAC address and IP address

To make sure we are all clear about the differences between Mac and IP addresses. let’s look at quick summary of each
one.

A MAC address is a:

• Physical identifier (addresses) on networking devices

• It operates in the layer2 of the OSI model (data-link layer)
• It often comes as a string of 12 digits separated by semi-columns (and the digits range between 0 to 9 and A to F)
• It is managed by the manufacturer of the device. The manufacturer burns-in the address in the device hardware
component to identify the device on a network.
• And finally, it is often pre-configured in a device if the device has a network card interface installed. Examples of
such devices include routers, switches, network repeaters, Wi-Fi extenders and network printers

Whereas an IP address is a :

• Logical addresses of connected end-devices in a network

• It often comes a 32-bit numeric address for IPV4 and 128-bit numeric address for IPV6
• It is managed and changeable by the ISP.
• It is used to identify the device in a network.
• And is not pre-configured in an end-device if the device has a network card interface installed.

Routing with IP and Mac addresses

We are going to finish up this lesson by looking at how IP addresses and Mac address affect routing, starting from a
sender’s end-device (Laptop A) to a receiver (Laptop B).

But before we go into how IP and MAC addresses affect routing, let’s quickly stop to make sure we all understand the term
‘routing’.

Routing in computing is the process of selecting a path for traffic in a network or between or across multiple networks.

Laptop A Laptop B

So, let’s take it step by step to see how IP and Mac addresses affect routing:

Laptop A connects to a network through the use of a network interface card, either through the wired or wireless interface.

If a DHCP server has been configured on the network, the DHCP server will assign an IP address to Laptop A so that it can
talk to Laptop B. A data frame is created from Laptop A – that’s a packet containing the source IP, destination IP and other
information. When the packet reaches the switches, the switch checks to see if the final destination of the packet is to any
device on its own LAN. The switches do this using a mac-address-table. If the intended destination is on the same LAN, the
packet is sent directly to Laptop B. If the intended destination is on a different network, the packet is sent to the router.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

14 www.shawacademy.com

The router inspects the packet to get the relevant information and then sends it out to the internet through the ISP.The
entire process is reversed to talk to Laptop B on another network.

From the above scenario, we can clearly see how important the role of MAC addresses and IP addresses are in networking.

Conclusion
In this lesson we looked at the differences between private and public IP addresses. We also looked at Network Address
Translation how private addresses are converted to public IP Addresses. We then jumped into common functions of logical
addresses. We spent quite a bit of time exploring IP addresses, our last section of the lesson focused on Mac addresses and
the difference between Mac and IP addresses and routing using the two addresses.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

15 www.shawacademy.com

References

docs.netgate.com. (n.d.). Networking Concepts — Understanding Public and Private IP Addresses | sense
Documentation. [online] Available at: https://docs.netgate.com/pfsense/en/latest/network/addresses.html.

www.faqs.org. (n.d.). RFC 1918 - Address Allocation for Private Internets (RFC1918). [online] Available at:
http://www.faqs.org/rfcs/rfc1918.html.

www.apnic.net. (n.d.). History of the Regional Internet Registries | APNIC. [online] Available at:
https://www.apnic.net/about-apnic/organization/history-of-apnic/history-of-the-regional-internet-registries/.

www.iana.org. (n.d.). IANA — Number Resources. [online] Available at: https://www.iana.org/numbers.

Desforges. (2019). Difference Between Network Address Translation (NAT) and Port Address Translation (PAT).
[online] Available at: https://www.geeksforgeeks.org/difference-between-network-address-translation-nat-and-
port-address-translation-pat/?ref=rp.

Shorturl.at. (2012). Differences Between Shared and Dedicated IP Addresses. [online] Available at:
https://shorturl.at/BDQS2.

Default. (n.d.). Network Address Translation Definition | How NAT Works | Computer Networks | CompTIA. [online]
Available at: https://www.comptia.org/content/guides/what-is-network-address-translation.

Barry, P. and Patrick Crowley (2012). Modern embedded computing : designing connected, pervasive, media-rich
systems. Waltham, Ma: Morgan Kaufmann.

PROFESSIONAL DIPLOMA IN CYBER SECURITY

16 www.shawacademy.com

Mackeson (2017). IP and MAC Address: What Are They Good For? [online] Mackeson. Available at:
https://www.makeuseof.com/tag/ip-mac-address/.

Fitzpatrick, J. (n.d.). What Exactly Is a MAC Address Used For? [online] How-To Geek. Available at:
https://www.howtogeek.com/169540/what-exactly-is-a-mac-address-used-for/.

Editor (n.d.). MAC Address. [online] Network Encyclopedia. Available at: https://networkencyclopedia.com/mac-
address/.

https://www.howstuffworks.com/about-author.htm and https://www.howstuffworks.com/hsw-contact.htm

(2001). What is an IP address? [online] HowStuffWorks. Available at:
https://computer.howstuffworks.com/internet/basics/what-is-an-ip-address.htm.

Geniar, M. (2010). Address Types: Unicast, Multicast & Anycast. [online] ma.ttias.be. Available at:
https://ma.ttias.be/address-types-unicast-multicast-anycast/.

docs.oracle.com. (n.d.). Unicast Addresses (System Administration Guide: IP Services). [online] Available at:
https://docs.oracle.com/cd/E19120-01/open.solaris/819-3000/ipv6-overview-190/index.html.

PROFESSIONAL DIPLOMA IN CYBER SECURITY