1 / 84

Week Eight

Week Eight. Attendance Announcements Review Week Seven Information Current Week Information Upcoming Assignments. Week Eight Topics. Shortage of IP addresses with IPv4 Private, public, and NAT addressing Static or Dynamic IP Address Assignment

zanthe
Download Presentation

Week Eight

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Week Eight • Attendance • Announcements • Review Week Seven Information • Current Week Information • Upcoming Assignments

  2. Week Eight Topics • Shortage of IP addresses with IPv4 • Private, public, and NAT addressing • Static or Dynamic IP Address Assignment • Hierarchical Addressing, route summarization, CIDR • Static and dynamic Domain Name Server (DNS) • IPv6 Standard

  3. IPv4 Private Addresses The IPv4 Standard created a problem that was temporarily solved by assigning private addresses within a local network and translating the private addresses to public addresses when Internet connectivity is required.

  4. IP Address Design Strategy Are there public, private, or both types of addressing required? How many end systems will need access to the public network? This includes email, file transfer, or web browsing. How many end systems require access to visible public network(s). This includes e-commerce, such as web servers, database servers, application servers, and public servers. These end systems require globally unambiguous IP addresses. Where will the boundaries be between private and public IP addresses and how will they be implemented?

  5. Private Addresses • RFC 1918 sets aside three blocks of private IP addresses: • One (1) Class A address • Sixteen (16) Class B addresses • Two hundred and fifty six (256) Class C addresses • These addresses are for private, internal network use only • Packets containing private addresses are not routed over the Internet • A router should never route RFC 1918 addresses, because ISPs typically configure the border routers to prevent privately addressed traffic from being forwarded

  6. Private Addressing 172.16.0.0 –172.31.255.255: 172.16.0.0/12 Where does the /12 come from? 12 bits in common 10101100 . 00010000 . 00000000 . 00000000 –172.16.0.0 10101100 . 00011111 . 11111111 . 11111111 –172.31.255.255 ------------------------------------------------------------- 10101100 . 0001000 00000000 . 00000000 –172.16.0.0/12

  7. Network Address Translation (NAT) • NAT is defined by RFC 1631. It is the process of swapping one address for another in the IP packet header. • NAT is a mechanism for conserving registered IP addresses in large networks and simplifying IP addressing management tasks. • In practice, NAT is used to allow hosts that are privately addressed, using RFC 1918 addresses, to access the Internet • NAT allows many hosts on an inside network to communicate on the Internet with one valid, assigned IP address

  8. Network Address Translation (NAT) What is NAT Overload? NAT overloading (sometimes called Port Address Translation or PAT) maps multiple private IP addresses to a single public IP address or a few addresses.This is what most home routers do. With NAT overloading, multiple addresses can be mapped to one or to a few addresses because each private address is also tracked by a port number. When a client opens a TCP/IP session, the NAT router assigns a port number to its source address. NAT overload ensures that clients use a different TCP port number for each client session with a server on the Interne

  9. Network Address Translation (NAT) • Static NAT –an inside address is always translated to the same outside address. Useful when hosts may be enterprise servers or networking devices • Dynamic NAT –an inside address is translated to an address from a pool of addresses • PAT (One-to-Many NAT, Overloading) –many inside addresses are translated to the same outside address. Different conversations are identified by port numbers

  10. Network Address Translation (NAT) • NAT provides a level of security for your inside network from the outside world

  11. NAT Terminology • Inside local IP address: The IP address assigned to a host on the inside network. The address is typically an RFC 1918 address. • Inside global IP address: A globally unique IP address (typically assigned by an ISP) that represents one or more inside local IP addresses to the outside world. • Outside global IP address: The IP address assigned to a host on the outside network by its owner. The address is globally unique.

  12. NAT Terminology

  13. Static IP Address Assignment • An IP address is manually assigned to a device or host • The network administrator configures the IP address, default gateway, and name servers manually by entering them into a special file or files on the end system with either a graphical or text interface • Static address assignment is an extra burden for the administrator—especially on large-scale networks—who must configure the address on every end system in the network • Typically, routers, switches, servers, and printers have IP addresses statically assigned

  14. Dynamic IP Address Assignment • IP addresses are automatically assigned to the devices • Dynamic address assignment relieves the administrator of manually assigning an address to every network device • Instead, the administrator must set up a server to assign the addresses. • On that server, the administrator defines the address pools and additional parameters that should be sent to the host (default gateway, name servers, time servers, and so forth) • On the host, the administrator enables the host to acquire the address dynamically; this is often the default. • When IP address reconfiguration is needed, the administrator reconfigures the server, which then performs the host-renumbering task • DHCP is the protocol used

  15. Dynamic Host Configuration Protocol (DHCP) Is a protocol for assigning dynamic IP addresses to devices on a network . With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.

  16. Dynamic Host Configuration Protocol

  17. Dynamic Host Configuration Protocol (DHCP) A DHCP Server can provide the following to a client: IP address Gateway address Subnet mask DNS server address Router Domain Name Domain Name Server(s) Windows Server(s)

  18. IP Address Assignments in an Enterprise Network

  19. Classless Interdomain Routing (CIDR) What is CIDR? CIDR is a new addressing scheme for the Internet which allows for more efficient allocation of IP addresses than the old Class A, B, and C address scheme. Why Do We Need CIDR? With a new network being connected to the Internet every 30 minutes the Internet was faced with two critical problems: Running out of IP addresses Running out of capacity in the global routing tables

  20. Classless Interdomain Routing (CIDR) Running Out of IP Addresses There is a maximum number of networks and hosts that can be assigned unique addresses using the Internet's 32-bit long addresses. Traditionally, the Internet assigned "classes" of addresses: Class A, Class B and Class C were the most common. Each address had two parts: one part to identify a unique network and the second part to identify a unique host in that network. Another way the old Class A, B, and C addresses were identified was by looking at the first 8 bits of the address and converting it to its decimal equivalent.

  21. Classless Interdomain Routing (CIDR) CIDR is pronounced “cider” With CIDR, addresses use bit identifiers, or bit masks, instead of an address class to determine the network portion of an address CIDR uses the /N notation instead of subnet masks CIDR allows for the more efficient allocation of IP addresses

  22. Classless Interdomain Routing (CIDR) 172.16.0.0 255.255.0.0= 172.16.0.0 /16 198.30.1.0 255.255.255.0= 198.30.1.0 /24 Note that 192.168.24.0 /22 is not a Class C network, it has a subnet mask of 255.255.252.0

  23. Classless Interdomain Routing (CIDR) CIDR Block Prefix Equivalent Class C of Host Addresses /24 1 Class C 256 hosts /23 2 Class C 512 hosts /22 4 Class C 1,024 hosts /21 8 Class C 2,048 hosts /20 16 Class C 4,096 hosts/19 32 Class C 8,192 hosts /18 64 Class C 16,384 hosts/17 128 Class C 32,768 hosts/16 256 Class C 65,536 hosts

  24. CIDR and Route Aggregation • CIDR allows routers to summarize, or aggregate, routing information • One address with a mask can represent multiple networks • This reduces the size of routing tables • Supernetting is another term for route aggregation

  25. CIDR and Route Aggregation Given four Class C Networks (/24): 192.168.16.0 11000000 1010100000010000 00000000 192.168.17.0 11000000 1010100000010001 00000000 192.168.18.0 11000000 1010100000010010 00000000 192.168.19.0 11000000 1010100000010011 00000000 Identify which bits all these networks have in common. 192.168.16.0 /22 can represent all these networks. The router will look at the first 22 bits of the address to make a routing decision. Note that 192.168.16.0 /22 is not a Class C network, it has a subnet mask of 255.255.252.0

  26. Route Summarization

  27. Importance of Hierarchical Addressing Without summarization, every small change in the network will be propagated (spread) throughout the entire network

  28. Importance of Hierarchical Addressing With summarization, small changes in the network aren’t propagated (spread) throughout the entire network

  29. Benefits of Summarization

  30. Subnet Masks • A major network is a Class A, B, or C network • Fixed-Length Subnet Masking (FLSM) is when all subnet masks in a major network must be the same • Variable-Length Subnet Masking (VLSM) is when subnet masks within a major network can be different. • Some routing protocols require FLSM; others allow VLSM

  31. FLSM

  32. VLSM • VLSM makes it possible to subnet with different subnet masks and therefore results in more efficient address space allocation. • VLSM also provides a greater capability to perform route summarization, because it allows more hierarchical levels within an addressing plan. • VLSM requires prefix length information to be explicitly sent with each address advertised in a routing update

  33. VLSM

  34. Classful and Classless Routing Protocols • Classful routing protocols DO NOT send subnet mask information in their routing updates • When a router receives a routing update, it simply assumes the default subnet mask (Class A, B, or C) • VLSM cannot be used in networks that use Classfulrouting protocols • Classless routing protocols send the subnet mask (prefix length) in their updates • VLSM can be used with Classless routing protocols

  35. Classful versus Classless

  36. Classful Versus Classless • When subnet masks aren’t sent in updates, routing problems can occur • Subnet masks should be sent in updates, otherwise routing problems can occur. The two 172.16.x.x /24 networks are separated by another network making the two networks discontinuous • The network is not hierarchical and appears to be a poor network design.

  37. Classful and Classless Routing Protocols Classful protocols use address classes (A,B,C) to determine networks because subnet masks are not sent in routing updates.

  38. Domain Name Server (DNS)

  39. Name Resolution with DNS

  40. DNS Components • Resolver – The DNS client that sends queries to a Name Server • Name Servers –The DNS component that responds to queries and has the name to IP address mappings • Domain Name Space –The hierarchical system of names used on the Internet There is static and dynamic (DNS) name resolution.

  41. Domain Name Space Root Level Domain (.) Top Level Domain and Countries (Australia com edu gov net org ) Second Level Domain ( microsoft franklin cisco ) (Seattle student)

  42. IPv6 Standard • Larger address space: IPv6 addresses are 128 bits, compared to IPv4’s 32 bits. This larger addressing space allows more support for addressing hierarchy levels, a much greater number of addressable nodes, and simpler auto configuration of addresses. • Globally unique IP addresses: Every node can have a unique global IPv6 address, which eliminates the need for NAT. • Site multi-homing: IPv6 allows hosts to have multiple IPv6 addresses and allows networks to have multiple IPv6 prefixes. Consequently, sites can have connections to multiple ISPs without breaking the global routing table. • Header format efficiency: A simplified header with a fixed header size makes processing more efficient.

  43. IPv6 Standard • Improved privacy and security: IPsec is the IETF standard for IP network security, available for both IPv4 and IPv6. Although the functions are essentially identical in both environments, IPsec is mandatory in IPv6. IPv6 also has optional security headers. • Flow labeling capability: A new capability enables the labeling of packets belonging to particular traffic flows for which the sender requests special handling, such as non default quality of service (QoS) or real-time service.

  44. IPv6 Standard • Increased mobility and multicast capabilities: Mobile IPv6 allows an IPv6 node to change its location on an IPv6 network and still maintain its existing connections. With Mobile IPv6, the mobile node is always reachable through one permanent address. A connection is established with a specific permanent address assigned to the mobile node, and the node remains connected no matter how many times it changes locations and addresses. • Improved global reach ability and flexibility. • Better aggregation of IP prefixes announced in routing tables.

  45. IPv6 Standard • Multi-homed hosts. Multi-homing is a technique to increase the reliability of the Internet connection of an IP network. With IPv6, a host can have multiple IP addresses over one physical upstream link. For example, a host can connect to several ISPs. • Auto-configuration that can include Data Link layer addresses in the address space. • More plug-and-play options for more devices. • Public-to-private, end-to-end readdressing without address translation. This makes peer-to-peer (P2P) networking more functional and easier to deploy. • Simplified mechanisms for address renumbering and modification.

  46. IPv6 Standard • Better routing efficiency for performance and forwarding-rate scalability • No broadcasts and thus no potential threat of broadcast storms • No requirement for processing checksums • Simplified and more efficient extension header mechanisms • Flow labels for per-flow processing with no need to open the transport inner packet to identify the various traffic flows

  47. IPv6 Standard

  48. IPv6 Standard Movement to change from IPv4 to IPv6 has already begun, particularly in Europe, Japan, and the Asia-Pacific region. • These areas are exhausting their allotted IPv4 addresses, which makes IPv6 all the more attractive and necessary. • In 2002, the European Community IPv6 Task Force forged a strategic alliance to foster IPv6 adoption worldwide. • The North American IPv6 Task Force has set out to engage the North American markets to adopt IPv6. • The first significant North American advances are coming from the U.S. Department of Defense (DoD).

  49. IPv6 Address Representation You know the 32-bit IPv4 address as a series of four 8-bit fields, separated by dots. However, larger 128-bit IPv6 addresses need a different representation because of their size. IPv6 addresses use colons to separate entries in a series of 16-bit hexadecimal

More Related