Week_Nine_Net_Design

advertisement
Week Nine
• Attendance
• Announcements
Happy with the midterm exam scores
Review question(s) on midterm exam
• Final exam more questions and questions specific
• Review Week Eight Information
• Current Week Information
• Upcoming Assignments
Midterm Exam Question
Question 134 The first step in the design process
should be predocumenting the design
requirements and reviewing them with the
customer for verification and approval,
obtaining direct customer input, in either oral
or written form. Identify the predocumenting
procedures.
Answer:
Sifting, translating, processing, and reordering
Week Eight Topics
1.
2.
3.
4.
5.
6.
NAT Overload
CIDR
Classful and classful
IPv6 Standard
IPv6 Transition
Routing Protocols
IP Address
Historical classful network architecture Class Leading
address bits Range of first octet Format Network ID
Format Host ID
Format Number of networks Number of addresses
Class A 0 0 - 127
a b.c.d 27 = 128
224 = 16777216
Class B 10 128 - 191
a.b c.d 214 = 16384
216 = 65536
Class C 110 192 – 223 a.b.c d 221 = 2097152 28 = 256
Fields defined below.
1. Leading address bits
2. Range of first octet
3. Network ID format
4. Host ID format
5. Number of networks
6. Number of addresses
IP Addresses Public and Private
IP Addresses Public
Fixed length: 32 bits
Initial classful structure (1981)
Total IP address size: 4 billion
Class A: 128 networks, 16M hosts
Class B: 16K networks, 64K hosts
Class C: 2M networks, 256 hosts
Network Address Translation (NAT)
What is NAT Overload?
NAT overloading (sometimes called Port Address
Translation or PAT) maps multiple private IP
addresses to a single public IP address or a few
addresses. This is what most home routers do.
With NAT overloading, multiple addresses can be
mapped to one or to a few addresses because each
private address is also tracked by a port number.
When a client opens a TCP/IP session, the NAT router
assigns a port number to its source address. NAT
overload ensures that clients use a different TCP port
number for each client session with a server on the
Interne
NAT Terminology
NAT Terminology
Classless Interdomain Routing (CIDR)
What is CIDR?
CIDR is a new addressing scheme for the Internet
which allows for more efficient allocation of IP
addresses than the old Class A, B, and C address
scheme.
Why Do We Need CIDR?
With a new network being connected to the
Internet every 30 minutes the Internet was faced
with two critical problems:
Running out of IP addresses
Running out of capacity in the global routing
tables
Classless Inter-Domain Routing (CIDR)
CIDR is pronounced “cider”
With CIDR, addresses use bit identifiers, or bit
masks, instead of an address class to determine
the network portion of an address
CIDR uses the /N notation instead of subnet
masks
CIDR allows for the more efficient allocation
of IP addresses
Classless Inter-Domain Routing (CIDR)
172.16.0.0 255.255.0.0= 172.16.0.0 /16
198.30.1.0 255.255.255.0= 198.30.1.0 /24
Note that 192.168.24.0 /22 is not a Class C
network, it has a subnet mask of 255.255.252.0
CIDR and Route Aggregation
• CIDR allows routers to summarize, or
aggregate, routing information
• One address with a mask can represent
multiple networks
• This reduces the size of routing tables
• Supernetting is another term for route
aggregation
CIDR and Route Aggregation
Given four Class C Networks (/24):
192.168.16.0 11000000 1010100000010000 00000000
192.168.17.0 11000000 1010100000010001 00000000
192.168.18.0 11000000 1010100000010010 00000000
192.168.19.0 11000000 1010100000010011 00000000
Identify which bits all these networks have in common.
192.168.16.0 /22 can represent all these networks. The
router will look at the first 22 bits of the address to make
a routing decision. Note that 192.168.16.0 /22 is not a
Class C network, it has a subnet mask of 255.255.252.0
IPv4 Address Utilization
Subnet Masks
• A major network is a Class A, B, or C network
• Fixed-Length Subnet Masking (FLSM) is
when all subnet masks in a major network
must be the same
• Variable-Length Subnet Masking (VLSM) is
when subnet masks within a major network
can be different.
• Some routing protocols require FLSM; others
allow VLSM
VLSM
• VLSM makes it possible to subnet with
different subnet masks and therefore results in
more efficient address space allocation.
• VLSM also provides a greater capability to
perform route summarization, because it allows
more hierarchical levels within an addressing
plan.
• VLSM requires prefix length information to be
explicitly sent with each address advertised in a
routing update
VLSM
Subnet Calculator
The IP Subnet Mask Calculator enables subnet network
calculations using network class, IP address, subnet mask,
subnet bits, mask bits, maximum required IP subnets and
maximum required hosts per subnet.
Results of the subnet calculation provide the hexadecimal IP
address, the wildcard mask, for use with ACL (Access Control
Lists), subnet ID, broadcast address, the subnet address range
for the resulting subnet network and a subnet bitmap.
For classless supernetting, please use the CIDR Calculator. For
classful supernetting, please use the IP Supernet Calculator.
For simple ACL (Access Control List) wildcard mask
calculations, please use the ACL Wildcard Mask Calculator.
Note:
These online network calculators may be used totally free of
charge provided their use is from this url (www.subnetcalculator.com).
IP Address with Port Number Notation
The : (colon) indicates the number following is a Port Number
- in the above case 369. This format is typically only used
where a service is available on a non-standard port number, for
instance, many web configuration systems, such as Samba
swat, will use a non-standard port to avoid clashing with the
standard web (HTTP) port number of 80. A port number is 16
bits giving a decimal range of 0 to 65535. In most systems
privileged or well-known ports lie in the range 0 - 1023 and
require special access rights, normal user ports lie in the range
1024 to 65535.
TCP and UDP use protocol port numbers to distinguish among
multiple applications that are running on a single device.
Example: 192.168.1.2:369
Classful and Classless Routing Protocols
• Classful routing protocols DO NOT send subnet
mask information in their routing updates
• When a router receives a routing update, it simply
assumes the default subnet mask (Class A, B, or
C)
• VLSM cannot be used in networks that use
Classful routing protocols
• Classless routing protocols send the subnet mask
(prefix length) in their updates
• VLSM can be used with Classless routing
protocols
IPv6 Standard
• Larger address space: IPv6 addresses are 128 bits, compared to
IPv4’s 32 bits. This larger addressing space allows more
support for addressing hierarchy levels, a much greater
number of addressable nodes, and simpler auto configuration
of addresses.
• Globally unique IP addresses: Every node can have a unique
global IPv6 address, which eliminates the need for NAT.
• Site multi-homing: IPv6 allows hosts to have multiple IPv6
addresses and allows networks to have multiple IPv6 prefixes.
Consequently, sites can have connections to multiple ISPs
without breaking the global routing table.
• Header format efficiency: A simplified header with a fixed
header size makes processing more efficient.
IPv6 Standard
• Improved privacy and security: IPsec is the IETF
standard for IP network security, available for both
IPv4 and IPv6. Although the functions are essentially
identical in both environments, IPsec is mandatory in
IPv6. IPv6 also has optional security headers.
• Flow labeling capability: A new capability enables the
labeling of packets belonging to particular traffic
flows for which the sender requests special handling,
such as non default quality of service (QoS) or realtime service.
IPv6 Standard
• Increased mobility and multicast capabilities: Mobile
IPv6 allows an IPv6 node to change its location on an
IPv6 network and still maintain its existing
connections. With Mobile IPv6, the mobile node is
always reachable through one permanent address. A
connection is established with a specific permanent
address assigned to the mobile node, and the node
remains connected no matter how many times it
changes locations and addresses.
• Improved global reach ability and flexibility.
• Better aggregation of IP prefixes announced in
routing tables.
IPv6 Standard
• Multi-homed hosts. Multi-homing is a technique to increase
the reliability of the Internet connection of an IP network. With
IPv6, a host can have multiple IP addresses over one physical
upstream link. For example, a host can connect to several
ISPs.
• Auto-configuration that can include Data Link layer addresses
in the address space.
• More plug-and-play options for more devices.
• Public-to-private, end-to-end readdressing without address
translation. This makes peer-to-peer (P2P) networking more
functional and easier to deploy.
• Simplified mechanisms for address renumbering and
modification.
IPv6 Standard
• Better routing efficiency for performance and
forwarding-rate scalability
• No broadcasts and thus no potential threat of
broadcast storms
• No requirement for processing checksums
• Simplified and more efficient extension header
mechanisms
• Flow labels for per-flow processing with no
need to open the transport inner packet to
identify the various traffic flows
IPv6 Standard
•
•
•
•
Movement to change from IPv4 to IPv6 has already
begun, particularly in Europe, Japan, and the AsiaPacific region.
These areas are exhausting their allotted IPv4
addresses, which makes IPv6 all the more attractive
and necessary.
In 2002, the European Community IPv6 Task Force
forged a strategic alliance to foster IPv6 adoption
worldwide.
The North American IPv6 Task Force has set out to
engage the North American markets to adopt IPv6.
The first significant North American advances are
coming from the U.S. Department of Defense (DoD).
IPv6 Standard
• Using the "::" notation greatly reduces the size of
most addresses as shown. An address parser identifies
the number of missing zeros by separating any two
parts of an address and entering 0s until the 128 bits
are complete
IPv6 Larger address Space
IPv4
32 bits or 4 bytes long
4,200,000,000 possible addressable nodes
IPv6
128 bits or 16 bytes: four times the bits of IPv4
3.4 * 1038possible addressable nodes
340,282,366,920,938,463,374,607,432,768,211,456
5 * 1028addresses per person
IPv6 Larger Address Space
IPv6 Representation
x:x:x:x:x:x:x:x,where x is a 16-bit hexadecimal field
Leading zeros in a field are optional:
2031:0:130F:0:0:9C0:876A:130B
Successive fields of 0 can be represented as ::, but
only once per address.
Examples:
2031:0000:130F:0000:0000:09C0:876A:130B
2031:0:130f::9c0:876a:130b
FF01:0:0:0:0:0:0:1 >>> FF01::1
0:0:0:0:0:0:0:1 >>> ::1
0:0:0:0:0:0:0:0 >>> ::
IPv6 Addressing Model
Addresses are assigned to interfaces
Change from IPv4 mode:
Interface “expected” to have multiple
addresses
Addresses have scope
Link Local
Unique Local
Global
Addresses have lifetime
Valid and preferred lifetime
IPv6 Address Types
Unicast
Address is for a single interface.
IPv6 has several types (for example, global and IPv4 mapped).
Multicast
One-to-many
Enables more efficient use of the network
Uses a larger address range
Anycast
One-to-nearest(allocated from unicast address space).
Multiple devices share the same address.
All anycast nodes should provide uniform service.
Source devices send packets to anycast address.
Routers decide on closest device to reach that destination.
Suitable for load balancing and content delivery services.
IPv6 Global Unicast Addresses
• The global unicast and the anycast share the same address
format.
• Uses a global routing prefix—a structure that enables
aggregation upward, eventually to the ISP.
• A single interface may be assigned multiple addresses of any
type (unicast, anycast, multicast).
• Every IPv6-enabled interface must contain at least one
loopback (::1/128)and one link-local address.
• Optionally, every interface can have multiple unique local and
global addresses.
• Anycast address is a global unicast address assigned to a set of
interfaces (typically on different nodes).
• IPv6 anycast is used for a network multihomed to several ISPs
that have multiple connections to each other.
IPv6 Transition Strategies
• The transition from IPv4 does not require upgrades
on all nodes at the same time. Many transition
mechanisms enable smooth integration of IPv4 and
IPv6. Other mechanisms that allow IPv4 nodes to
communicate with IPv6 nodes are available. Different
situations demand different strategies. The figure
illustrates the richness of available transition
strategies.
• Recall the advice: "Dual stack where you can, tunnel
where you must." These two methods are the most
common techniques to transition from IPv4 to IPv6.
IPv6 Transition Strategies
Dual stacking is an integration method in
which a node has implementation and
connectivity to both an IPv4 and IPv6 network.
This is the recommended option and involves
running IPv4 and IPv6 at the same time.
Router and switches are configured to support
both protocols, with IPv6 being the preferred
protocol.
IPv6 Transition Strategies
Tunneling
The second major transition technique is tunneling.
There are several tunneling techniques available,
including:
Manual IPv6-over-IPv4 tunneling -An IPv6 packet is
encapsulated within the IPv4 protocol. This method
requires dual-stack routers.
Dynamic 6to4 tunneling -Automatically establishes
the connection of IPv6 islands through an IPv4
network, typically the Internet. It dynamically applies
a valid, unique IPv6 prefix to each IPv6 island, which
enables the fast deployment of IPv6 in a corporate
network without address retrieval from the ISPs or
registries
IPv6 Standard
IPv6 Dual Stacking
Routing Protocols
• One of the primary jobs of a router is to
determine the best path to a given destination
• A router learns paths, or routes, from the static
configuration entered by an administrator or
dynamically from other routers, through
routing protocols
Routing Table Principles
Three principles regarding routing tables:
1. Every router makes its decisions alone, based on
the information it has in its routing table.
2. Different routing table may contain different
information
3. A routing table can tell how to get to a destination
but not how to get back (Asymmetric Routing)
Routing information about a path from one
network to another does not provide routing
information about the reverse, or return, path.
Routing Table Structure
•
•
•
•
PC1 sends ping to PC2
R1 has a route to PC2’s network
R2 has a route to PC2’s network
R3 is directly connected to PC2’s network
•
•
•
•
PC2 sends a reply ping to PC1
R3 has a route to PC1’s network
R2 does not have a route to PC1’s network
R2 drops the ping reply
Routing Table Structure
Routing Tables
• Routers keep a routing table in RAM
• A routing table is a list of the best known
available routes
• Routers use this table to make decisions about
how to forward a packet
• On a Cisco router, the show IP route command
is used to view the TCP/IP routing table
Routing Table
Routing Table
• A routing table maps network prefixes to an
outbound interface.
• When RTA receives a packet destined for
192.168.4.46, it looks for the prefix
192.168.4.0/24 in the routing table
• RTA then forwards the packet out an interface,
such as Ethernet0, as directed in the routing
table
Routing Loops
• A network problem in which packets continue to be
routed in an endless circle
• It is caused by a router or line failure, and the
notification of the downed link has not yet reached all
the other routers
• It can also occur over time due to normal growth or
when networks are merged together
• Routing protocols utilize various techniques to lessen
the chance of a routing loop
Routing Table Structure
• The primary function of a router is to forward a
packet toward its destination network, which is the
destination IP address of the packet.
• To do this, a router needs to search the routing
information stored in its routing table.
Routing Protocols
• Routing Table is stored in ram and contains information:
• Directly connected networks-this occurs when a device is
connected to another router interface
• Remotely connected networks-this is a network that is not
directly connected to a particular router network/next hop
associations-about the networks include source of information,
network address & subnet mask, and Ip address of next-hop
router
• The show ip route command is used to view a routing table on
a Cisco router
Routing Protocols
Routing Protocols
• Directly Connected Routes-To visit a neighbor,
you only have to go down the street on which
you already live. This path is similar to a
directly-connected route because the
"destination" is available directly through your
"connected interface," the street.
Static Routing
• Static Routes-A train uses the same railroad
tracks every time for a specified route. This
path is similar to a static route because the path
to the destination is always the same.
Static Routing
• When network only consists of a few routers
• Using a dynamic routing protocol in such a case does
not present any substantial benefit.
• Network is connected to internet only through one
ISP
• There is no need to use a dynamic routing protocol
across this link because the ISP represents the only
exit point to the Internet
Static Routing
• Hub & spoke topology is used on a large network
• A hub-and-spoke topology consists of a central
location (the hub) and multiple branch locations
(spokes), with each spoke having only one connection
to the hub.
• Using dynamic routing would be unnecessary
because each branch has only one path to a given
destination-through the central location.
• Static routing is useful in networks that have a single
path to any destination network.
Static Routing
• Static routes in the routing table
• Includes: network address and subnet mask
and IP address of next hop router or exit
interface
• Denoted with the code S in the routing table
• Routing tables must contain directly connected
networks used to connect remote networks
before static or dynamic routing can be used
Static Routing
Static Routing
Static Routing
• When an interface goes down, all static routes
mapped to that interface are removed from the IP
routing table
• Static routing is not suitable for large, complex
networks that include redundant links, multiple
protocols, and meshed topologies
• Routers in complex networks must adapt to topology
changes quickly and select the best route from
multiple candidates
Static Route Example
The corporate network router has only one path to the
network 172.24.4.0 connected to RTY
A static route is entered on RTZ
Routing Protocols
• Dynamic Routes-When driving a car, you can
"dynamically" choose a different path based on
traffic, weather, or other conditions. This path
is similar to a dynamic route because you can
choose a new path at many different points on
your way to the destination.
Dynamic Routing
• Dynamic routing protocols
• Are used to add remote networks to a routing
table
• Are used to discover networks
• Are used to update and maintain routing tables
Dynamic Routing
• Automatic network discovery
• Network discovery is the ability of a routing protocol to share
information about the networks that it knows about with other
routers that are also using the same routing protocol.
• Instead of configuring static routes to remote networks on
every router, a dynamic routing protocol allows the routers to
automatically learn about these networks from other routers.
• These networks -and the best path to each network -are added
to the router's routing table and denoted as a network learned
by a specific dynamic routing protocol.
Dynamic Routing
• Maintaining routing tables
• Dynamic routing protocols are used to share
routing information with other routers and to
maintain an up-to-date routing table.
• Dynamic routing protocols not only make a
best path determination to various networks,
they will also determine a new best path if the
initial path becomes unusable (or if the
topology changes)
Dynamic Routing
Configuring Dynamic Routing
• Dynamic routing of TCP/IP can be implemented using one or
more protocols which are often grouped according to where
they are used.
• Routing protocols designed to work inside an autonomous
system are categorized as interior gateway protocols (IGPs).
• Protocols that work between autonomous systems are
classified as exterior gateway protocols (EGPs).
• Protocols can be further categorized as either distance vector
or link-state routing protocols, depending on their method of
operation.
Autonomous Systems (AS)
An autonomous system is one network or sets of
networks under a single administrative control. An
autonomous system might be the set of all computer
networks owned by a company, or a college.
Companies and organizations might own more than
one autonomous system, but the idea is that each
autonomous system is managed independently with
respect to BGP. An autonomous system is often
referred to as an 'AS'.
A good example is UUNet, who uses one
autonomous system as their European network, and
a separate autonomous system for their domestic
networks in the Americas.
Autonomous System Number (ASN)
Autonomous System Numbers (ASNs) are
globally unique numbers that are used to
identify autonomous systems (ASes) and
which enable an AS to exchange exterior
routing information between neighboring
ASes. An AS is a connected group of IP
networks that adhere to a single and clearly
defined routing policy.
Autonomous System Numbers
Each AS has an identifying number that is assigned by an
Internet registry or a service provider.
This number is between 1 and 65,535.
AS numbers within the range of 64,512 through 65,535are
reserved for private use.
This is similar to RFC 1918 IP addresses.
Because of the finite number of available AS numbers, an
organization must present justification of its need before it will
be assigned an AS number.
An organization will usually be a part of the AS of their ISP
Autonomous System
An AS is a group of routers that share similar
routing policies and operate within a single
administrative domain.
An AS can be a collection of routers running a
single IGP, or it can be a collection of routers
running different protocols all belonging to
one organization.
In either case, the outside world views the
entire Autonomous System as a single entity.
Interior Versus Exterior Routing Protocols
An interior gateway protocol (IGP) is a routing
protocol that is used within an autonomous system
(AS). Two types of IGP.
Distance-vector routing protocols each router does
not possess information about the full network
topology. It advertises its distances to other routers
and receives similar advertisements from other
routers. Using these routing advertisements each
router populates its routing table. In the next
advertisement cycle, a router advertises updated
information from its routing table. This process
continues until the routing tables of each router
converge to stable values.
Interior Versus Exterior Routing Protocols
Distance-vector routing protocols make routing
decisions based on hop-by-hop. A distance vector
router’s understanding of the network is based on its
neighbors definition of the topology, which could be
referred to as routing by rumor.
Route flapping is caused by pathological conditions
(hardware errors, software errors, configuration
errors, intermittent errors in communications links,
unreliable connections, etc.) within the network
which cause certain reach ability information to be
repeatedly advertised and withdrawn.
Interior Versus Exterior Routing Protocols
In networks with distance vector routing
protocols flapping routes can trigger routing
updates with every state change.
Cisco trigger updates are sent when these state
changes occur. Traditionally, distance vector
protocols do not send triggered updates.
Interior Versus Exterior Routing Protocols
Link-state routing protocols, each node possesses
information about the complete network topology.
Each node then independently calculates the best next
hop from it for every possible destination in the
network using local information of the topology. The
collection of best next hops forms the routing table
for the node.
This contrasts with distance-vector routing protocols,
which work by having each node share its routing
table with its neighbors. In a link-state protocol, the
only information passed between the nodes is
information used to construct the connectivity maps.
Routing Protocols
• Interior routing protocols are designed for use
in a network that is controlled by a single
organization
• RIPv1 RIPv2, EIGRP, OSPF and IS-IS are all
Interior Gateway Protocols
Link State Analogy
• Each router has a map of the network
• However, each router looks at itself as the
center of the topology
• Compare this to a “you are here” map at the
mall
• The map is the same, but the perspective
depends on where you are at the time You
Link State Analogy
Exterior Gateway Routing Protocol
An exterior routing protocol is designed for use between
different networks that are under the control of
different organizations
• An exterior routing routes traffic between
autonomous systems
• These are typically used between ISPs or between a
company and an ISP
• BGPv4is the Exterior Gateway Protocol used by all
ISPs on the Internet
EGI and EGP Routing Protocol
IGP and EGP Routing Protocol Summary
Distant Vector
RIP (v1 and v2)
EIGRP (hybrid)
Link State
OSPF
IS-IS
Routing Protocols
EIGRP is an advanced distance vector protocol that
employs the best features of link-state routing.
What is Convergence
• Routers share information with each other, but
must individually recalculate their own routing
tables
• For individual routing tables to be accurate, all
routers must have a common view of the
network topology
• When all routers in a network agree on the
topology they are considered to have
converged
Why is Quick Convergence Important?
• When routers are in the process of
convergence, the network is susceptible to
routing problems because some routers learn
that a link is down while others incorrectly
believe that the link is still up
• It is virtually impossible for all routers in a
network to simultaneously detect a topology
change.
Convergence Issues
Factors affecting the convergence time include the
following:
• Routing protocol used
• Distance of the router, or the number of hops from the
point of change
• Number of routers in the network that use dynamic
routing protocols
• Bandwidth and traffic load on communications links
• Load on the router
• Traffic patterns in relation to the topology change
Routing Protocols
Routing Protocols
• Each AS has its own set of rules and policies.
• The AS number uniquely distinguish it from
other ASs around the world.
Upcoming Deadlines
• Assignement 1-4-2 Phase 2: WAN Network
Design question due June 20, 2011.
• Assignement 10-1 Concept Questions 7 due
July 4, 2011.
• Assignement 1-4-3 Network Design Project
Phase 2: WAN Network Design is due July 11,
2011.
• Final Exam August 1 through 6. Check the
hours of operation at the Student Learning
Center.
Download