CIDR and VLSM

For a while it was very hard for me to understand what exactly is the difference between CIDR and VLSM. And since it took time to figure it out, i decided to post about it in a way how i would understand it myself.

Classless Inter-Domain Routing is a method to allocate IP addresses into multiple logical networks. You may know CIDR for its notation, for example 192.168.0.0 with mask 255.255.255.0 would be notated as 192.168.0.0/24.

CIDR has a 33 blocks of subnets, ranging from 0 to 32. Which makes subnetting a lot more efficient than classful subnetting. CIDR doesn't cover all possible subnet masks. Check the CIDR block table from wikipedia page

What if i want to use subnet mask of 255.255.255.253, which doesn't have CIDR notation ?

This is still indeed a valid subnet mask, but using it is discouraged. There might be incompatibility with some routing hardware depending how they are parsing their bits. In CIDR bits are expected to be 1's from left to right.

Where does the /24 come from ?

24 presents the amount of "turned on" bits in subnet mask's binary format. IPv4 address is a 32bit, so every octet in the IP address has 8 bit's. Every bit in octet has a value which you can either turn on or off.

128	64	32	16	8	4	2	1
1	1	1	1	1	1	1	1

If every bit is turned on, result would be 255

Consider this IPv4 addreess:

11000000 10100000 00001010 01100101

First octet: 11000000: 128 + 64 = 192
Second octet: 10100000: 128 + 32 = 168
Third octet: 00001010: 8 + 2 = 10
Fourth octet: 01100101: 64 + 32 + 4 + 1 = 100

Subnet mask 255.255.255.0 in binary would look like this:

11111111 11111111 11111111 00000000

It has 24 "turned on" bits and 8 "turned off" bits, so thats /24

255.255.255.255.192 in the other hand would look like this:

11111111 11111111 11111111 1100000

It has 26 one's and 6 zeroes, so this would be notated as /26

Then what is VLSM ?

VLSM stand for Variable Lenght Subnetmask. Name kind of gives it away, so for example: instead of splitting your 192.168.0.0/24 network into 4 same size pieces, you can split it into multiple variable sized networks.

So if i would want to hack 192.168.0.0/24 into 4 pieces it would look like this:

Network A: 192.168.0.0/26 (64 hosts)
Network B: 192.168.0.64/26 (64 hosts)
Network C: 192.168.0.128/26 (64 hosts)
Network D: 192.168.0.192/26 (64 hosts)

So now all networks can have total of 64 hosts (minus network and broadcast).

But what if my network A would have demand for more hosts, and 192.168.0.0/24 would be the only IP block that we can spare to allocate ?

Let's pretend that B and C networks would need only half of the currently allocated IP's. So instead of 64 hosts they would have 32 hosts. We could mask these networks with 255.255.255.224 which is equivalent to /27, and has 32 hosts. And now we have 64 IP's unallocated which we can lend to network A!

Using VLSM, we split the network more logically to serve all network better for their needs, our new networks would look like this:

Network A: 192.168.0.0/25 (128 hosts)
Network B: 192.168.0.128/27 (32 hosts)
Network C: 192.168.0.160/27 (32 hosts)
Network D: 192.168.0.192/26 (64 hosts)

RIP version 1 Vs RIP version 2

RIP = Routing Information Protocol

RIP was first introduced in 1988 in RFC 1058 and was developed for exchanging routing information among gateways and other hosts. By the time RIP served it purpose well when networks were small and didn't require complex subnet allocations.

While RIPv1 is still widle used, in modern networks RIPv1 has been replaced with enchaned RIPv2. RIPv2 was developed 1993 and standardized 1998. It was developed to make RIP more effecient and secure.

How RIP works

Basic function of RIP is to send periodic updates every 30 seconds. In this update, routers will exchange their routing tables, so they can keep track how to reach different networks. They will update even when there is no changes in the routing tables.

Originally RIPv1 sent these updates trough broadcast address of 255.255.255.255. RIPv2 protocol uses 224.0.0.9 which is a multicast address, greatly saving bandwidth and increasing performance of updates.

Fastest path will be decided with Hop Count (Hops between subnets). Hop Count is limited to 15 so everything above 16 hops is considered unreachable. This way infinite loops cannot happens in RIP network.

RIPv1 Vs RIPv2

RIPv1 vs RIPv2

Classful vs Classless

RIPv1 used classful routing, it means that RIPv1 couldn't send subnet information in its periodic updates.

Classful routing protocol will look up the first octet of your IP address and determinate which class it belongs to.

For instance if your IP address belongs to Class B, it has a default subnet of  /16 (255.255.0.0). If your network would be 172.10.10.0/24, Classful routing protocol would see only 172.10.0.0/16 and ignore your /24 network.

RIPv2 is a Classless routing protocol and now routers can have subnet masks in their routing tables. Enabling you to have any kind of network and RIP doesn't have to rely on the class of the IP address anymore!

Broadcast updates has been replaced with multicast

Since broadcasting routing tables to every host in your network creates a lot of overhead. RIPv2 multicasts updates are only received by those who are interested about them. Which is a lot more efficient.

Lack of authentication creates security vulnerabilities

Since RIPv1 doesn't support authentication. Any device can send updates to your routers. If malicious device enters your network, it could advertise any networks to neighbouring routers and they would trust it fully.

RIPv2 can exchange passwords with MD5 encryption.

Lack of VLSM made IP addressing inefficient

RIPv2 can send subnetmasks in its periodic updates, which allows RIP to handle any size of subnets. This made IP addressing a lot more efficient since you can allocate smaller blocks of IP addresses for networks that didn't have many hosts.

Inodes in Linux

What is a inode, Why we need them ?

Have you ever wondered where is your access permissions located? How does your system know that you are the owner of your home folder? Is it written on the file itself ?

Answer to your questions is the Inodes also known as Index nodes.

Inode is a data structure, inodes stores all data about the file objects, except data content and file name. Unix doesn’t use the file name to refer to the file, it uses the inodes and inodes are pointing to actual block addresses where the data is located. inodes reside in Inode table (see Ext4 Disk Layout)

Windows (NTFS) equivalent is Master file table
Max OSX (HFS) equivalent is Catalog File

POSIX standard description for inode is:

• File size in bytes
• Owner and Group of the file
• Device ID (device where file is contained)
• file mode (access permissions)
• Timestamps (Content last modified (mtime), Inode last modified(ctime) and Last accessed (atime))
• Link count (how many hard links point to the inode)
• Pointers to actual disk blocks that are containing the data
• Additional system and user flags (limit its use and modification)

Unix or Linux systems doesn't usually store creation date, but ext4 has an attribute for creation date.

crtime (Create time) and also a dtime (Delete time)

inodes allows us to do linking and gives us significant performance increase, because inodes points us to the right data block when we are querying for files.

You can run out of inodes, what happens then ?

inode limit is decided at file system creation time. Its not a fixed value. You can check your current inodes usage with df -i

 Filesystem      Inodes  IUsed  IFree IUse% Mounted on  
 /dev/sda1      14983168  95016 14888152  1% /  

If you happen to run out of Inodes before you run out of disk space, you simply cannot create any more files or directories that consume Inodes, your things start to get very messy and unstable :)

stat command

stat displays file or file system status.

You can query file or file system with stat, for example for file:

 m@srv:~/symlink_test$ stat file1  
  File: `file1'  
  Size: 65         Blocks: 8     IO Block: 4096  regular file  
 Device: 801h/2049d     Inode: 5506851   Links: 1  
 Access: (0644/-rw-r--r--) Uid: ( 1000/  m)  Gid: ( 1000/  m)  
 Access: 2012-12-30 14:38:23.983590932 +0200  
 Modify: 2012-12-30 14:38:49.112092037 +0200  
 Change: 2012-12-30 14:38:49.112092037 +0200  

and for file system (use -f flag)

 m@srv:~/symlink_test$ stat -f /dev/sda1  
  File: "/dev/sda1"  
   ID: 0    Namelen: 255   Type: tmpfs  
 Block size: 4096    Fundamental block size: 4096  
 Blocks: Total: 191863   Free: 191821   Available: 191821  
 Inodes: Total: 191863   Free: 191262  

Inode data pointers, direct blocks and indirect blocks

One inode can point only to 12 blocks of data.

So if your block size is 4096, that would mean 12x4096 = 49152 bytes (48kb). This limitation would suck so that's why inode also has 3 indirect block pointers.

Indirect block pointer points to a block of block pointers, which.. again can point to indirect blocks that will point to new set of block pointers! This allows us to have very large files in our file system.

I tried to illustrate this with a picture but i ended up with a big messy pile of lines. Please check the wikipedia page for more info.