This article is for members only. If you register as a member (free), you can see everything.
Nowadays when the cloud and wireless LAN have become commonplace, it is becoming difficult to be conscious of the "IP network", which was previously understood physically with LAN cables, appliances, servers, etc. On the other hand, when using clouds such as IaaS (Infrastructure as a Service) and PaaS (Platform as a Service), it is necessary to understand the basics of networks, but it is still used vaguely, and failures and security It is probably related to the accident.
In this series, we will use "Amazon Web Services" (AWS) as an example of a cloud service, targeting SEs, server administrators, information systems, etc. who have not touched physical networks so far. I will explain the basic knowledge.
A total of 7 sessions are planned, and each session will have a theme, and you will deepen your understanding while operating AWS managed services that match that theme.
In this first article in the series, we will explain the basic IP network concept and show the operation procedure of "Amazon Virtual Private Cloud" (VPC). Finally, the procedure for building the environment is also described as an "Appendix", so please refer to it if you need it.
In order to communicate on the network, it is necessary to decide on the rules. Such rules are called "protocols" in the network world. Various protocols have been created so far, but the one that is now widely used is "Internet Protocol", which is abbreviated as "IP". Currently, this IP is mainly "IPv4" of Version 4, but "IPv6", which is the updated version of Version 6, is also used.
I think that you usually specify the name and address of the person you are sending the item to. Even in the computer world, information that specifies the name and location of the other party is necessary when communicating with each other. "IP address" is the specific information assigned to communication terminals such as computers in order to communicate with IPv4 and IPv6.
IP address notation method (cited from the article "6th TCP/IP overview: Windows network basics")This IP address consists of 32 bits for IPv4 and 128 bits for IPv6. increase. Therefore, there are 232 = 4,294,967,296 IPv4 addresses, and 2128 = approximately 3.4 x 1038 addresses for IPv6 addresses. exists. However, since bit (binary) numbers are difficult for humans to handle, IPv4 addresses are formed by converting four numbers (0 to 255) into decimal numbers for each 8 bits and separating them with a "." (period). Expressed as 8 numbers (0 to FFFF) converted to hexadecimal for each 16 bits and separated by a colon (:). Since the IPv6 address is very long, you can omit the place where 0 continues with "::" (two colons), although there is only one place.
From this point on, IPv4 will be explained in this paper, but the basic concept is the same for IPv6.
In the IPv4 address, each of the four decimal numbers is called an "octet", and from front to back they are called "1st octet", "2nd octet", "3rd octet" and "4th octet". For "192.168.1.10", "1st octet is 192, 4th octet is 10".
By assigning different IP addresses to multiple communication terminals, each terminal can specify the communication partner and communicate. If you have a network where terminals are directly connected to each other or a very small network that only connects a few units with a concentrator such as a "hub" or "switch" in between, communication is possible with this, but for networks beyond that Identifying the location of the other party is difficult and not realistic.
Example of a switch with a lot of cables plugged in (Article "What is this machine used in a LAN? (Physical Layer) - Now you can read an introductory book! How the Internet Works for Beginners -: Internet (2)”)Construct a network with a relay device called a "router" between them, and perform "routing" processing to enable communication between terminals Become.
Concentrator connection image (quoted from the article "How to learn the basics of networking: Aim to be a network engineer!")In routing, IP addresses are not simply treated as one address , the first half is the "network part" and the second half is the "host part". In addition, a value called "subnet mask" is used to specify the part to be divided.
The subnet mask is a 32-bit value like the IP address, and in binary notation it is a value followed by 0 after 1 (*1). The part corresponding to 1 in the subnet mask of the IP address is the network part, and the part corresponding to 0 is the host part.
*1: Initially, networks were classified as classes A to E based on the value of the first 3 bits of the IP address (classful), but currently, networks are classified according to any size using subnet masks. (classless) is used.
A router is required to communicate with IP addresses on different subnets Quoted from "Resolving (4)")Only the address of this network part is extracted, and the address with all bits in the host part set to 0 is the "network address", and the address with all bits in the host part set to 1 is the "broadcast address". "It's called. Each of these values is an address indicating a network (subnet), an address used for communication sent to all terminals in the network, and not an address assigned to each terminal.
For example, there is an IP address "192.168.1.10", and this subnet mask is "255.255.255.0". In this case, the first to third octets are the network part (the network address is "192.168.1.0"), and the fourth octet is the host part (10). The broadcast address is "192.168.1.255".
In addition to the subnet mask, there is a value called "prefix" that indicates the boundary between the network part and the host part. The prefix is the number of 1s in the subnet mask as it is, and is written in the form of "/" (slash) and the prefix following the IP address. If the subnet mask of the IP address "10.0.0.1" is "255.0.0.0", 255 is a binary number with eight 1's, so it is written as "10.0.0.1/8".
In an environment where each terminal is located far away, a router is introduced as a relay device, and the destination network is specified and communicated through routing processing. For this reason, routers are used to determine which port (interface) each network (subnet) is to go to, or which next hop (the next router to send to the destination terminal to communicate, learned by IP address). Is it ahead" is statically (static = manually) registered.
Alternatively, collect dynamically (dynamically = automatically) using a function called "routing protocol" and create a list of route information called "routing table".
Routing table example (quoted from the article "Routing configuration and verification of static routes (static routes) or default routes corresponding to given routing requirements: CCENT/CCNA exam preparation 2015 edition (17)")When communication information called "IP packet", which combines communication information such as IP address and communication content, is transferred to the router, the destination IP address is confirmed and the transfer destination is determined based on the routing table. Decide and transfer. In a large network environment, this processing by many routers allows terminals that are not directly connected to communicate with each other.
However, in a large-scale network, it becomes necessary to learn a large amount of route information, and its management is extremely difficult. Therefore, we use a mechanism called "CIDR (Classless Inter-Domain Routing)" to aggregate route information and enable routing with less route information. Specifically, if the subnets "192.168.1.0/24" and "192.168.2.0/24" exist, it is possible to aggregate them into one route, for example "192.168.0.0/16" (*2). ).
*2: Other subnets such as 192.168.3.0/24 and 192.168.128.0/17 will also be included, so care must be taken when aggregating routes to handle such nonexistent subnets. I have.
As a result, for example, communication addressed to "192.168.1.1" will match both "192.168.0.0/16" and "192.168.1.0/24" route information. Therefore, it is necessary to be able to uniquely decide "which route to use". The election rule is very simple, the route with the highest number of prefixes (192.168.1.0/24 in this case) is chosen. Packets are thrown to the next router = next hop based on the destination associated with this route. This rule is called "longest match".
A route with a prefix of 0 has all bits set to 0 and becomes a route "0.0.0.0/0". This is the route that will be used if it matches all addresses but no other route matches due to the longest match rule. It's called the "default route".
An example of using the default route is the "default gateway", which is the first transfer destination when the terminal communicates with a destination terminal that does not belong to its own network. A default route will be written in the terminal itself so that all communication from the terminal will be forwarded to this default gateway. A default gateway is also a router.
From here, we will look at the content so far in the AWS environment.
On AWS, you can use an IaaS environment called Amazon VPC as a computing environment that is separated from other environments and can be used privately. You can freely create a network in this, set up an instance of "Amazon EC2" etc. there and let it communicate. Therefore, in the following environment, communicate between EC2 instances.
The environment used in the explanation of this article is as shown in the diagram below.
Two subnets named "Subnet01" and "Subnet02" are created in the VPC named "VPC01", and one EC2 instance is set up in each subnet. The network address (CIDR) to be assigned is "192.168.0.0/24" for VPC "VPC01", and "192.168.0.0/24" for two subnets in it, and "192.168.0.0/24" for "Subnet01" as the range included in the CIDR of the VPC. 26” and “192.168.0.64/26” to “Subnet02”.
The following is the setting information for "VPC01". The segment "192.168.0.0/24" is specified in the item "IPv4 CIDR".
Next is the setting information for the subnets "Subnet01" and "Subnet02". Both are created as subnets in "VPC01", and their "IPv4 CIDR" is set to "192.168.0.0/26" and "192.168.0.64/26".
In both cases, the number of available IPv4 addresses is "58". The reason for this is that the host part has 32 - 26 = 6 bits, that is, 26 = 64 addresses for the "/26" segment, but the network address and broadcast address and AWS 5 of the 3 IPs reserved in , plus 1 address assigned to the EC2 instance.
The settings for the EC2 instances created in these subnets are shown in the screen below.
Both are instances on "VPC01", and you can confirm that they have been deployed to "Subnet01" and "Subnet02" respectively. In AWS, IP addresses are automatically numbered by linking them to subnets. ” (Numbering from CIDR 192.168.0.64/26 of Subnet02) is assigned.
To view more, you need to enable JavaScript in your browser settings.Copyright © ITmedia, Inc. All Rights Reserved.
![A workaround that can be used immediately after the iPhone 13 freezes (Lifehacker [Japan version]) --Yahoo! News](https://website-google-hk.oss-cn-hongkong.aliyuncs.com/drawing/article_results_7/2022/3/3/45e4bce7ecbeb696b3a7fb4669c70965_1.jpeg)
