Week Eight
•
•
•
•
•
Attendance
Announcements
Review Week Seven Information
Current Week Information
Upcoming Assignments
Week Eight Topics
1.
2.
3.
4.
Shortage of IP addresses with IPv4
Private, public, and NAT addressing
Static or Dynamic IP Address Assignment
Hierarchical Addressing, route
summarization, CIDR
5. Static and dynamic Domain Name Server
(DNS)
6. IPv6 Standard
IPv4 Private Addresses
The IPv4 Standard created a problem that was
temporarily solved by assigning private addresses
within a local network and translating the private
addresses to public addresses when Internet
connectivity is required.
IP Address Design Strategy
Are there public, private, or both types of addressing
required?
How many end systems will need access to the public
network? This includes email, file transfer, or web
browsing.
How many end systems require access to visible public
network(s). This includes e-commerce, such as web
servers, database servers, application servers, and
public servers. These end systems require globally
unambiguous IP addresses.
Where will the boundaries be between private and
public IP addresses and how will they be
implemented?
Private Addresses
• RFC 1918 sets aside three blocks of private IP
addresses:
• One (1) Class A address
• Sixteen (16) Class B addresses
• Two hundred and fifty six (256) Class C addresses
• These addresses are for private, internal network use
only
• Packets containing private addresses are not routed
over the Internet
• A router should never route RFC 1918 addresses,
because ISPs typically configure the border routers to
prevent privately addressed traffic from being
forwarded
Private Addressing
172.16.0.0 –172.31.255.255: 172.16.0.0/12
Where does the /12 come from?
12 bits in common
10101100 . 00010000 . 00000000 . 00000000 –172.16.0.0
10101100 . 00011111 . 11111111 . 11111111 –172.31.255.255
------------------------------------------------------------10101100 . 0001000 00000000 . 00000000 –172.16.0.0/12
Network Address Translation (NAT)
• NAT is defined by RFC 1631. It is the process of
swapping one address for another in the IP packet
header.
• NAT is a mechanism for conserving registered IP
addresses in large networks and simplifying IP
addressing management tasks.
• In practice, NAT is used to allow hosts that are
privately addressed, using RFC 1918 addresses, to
access the Internet
• NAT allows many hosts on an inside network to
communicate on the Internet with one valid, assigned
IP address
Network Address Translation (NAT)
What is NAT Overload?
NAT overloading (sometimes called Port Address
Translation or PAT) maps multiple private IP
addresses to a single public IP address or a few
addresses. This is what most home routers do.
With NAT overloading, multiple addresses can be
mapped to one or to a few addresses because each
private address is also tracked by a port number.
When a client opens a TCP/IP session, the NAT router
assigns a port number to its source address. NAT
overload ensures that clients use a different TCP port
number for each client session with a server on the
Interne
Network Address Translation (NAT)
• Static NAT –an inside address is always translated to
the same outside address. Useful when hosts may be
enterprise servers or networking devices
• Dynamic NAT –an inside address is translated to an
address from a pool of addresses
• PAT (One-to-Many NAT, Overloading) –many inside
addresses are translated to the same outside address.
Different conversations are identified by port
numbers
Network Address Translation (NAT)
• NAT provides a level of security for your inside
network from the outside world
NAT Terminology
• Inside local IP address: The IP address assigned to a
host on the inside network. The address is typically
an RFC 1918 address.
• Inside global IP address: A globally unique IP address
(typically assigned by an ISP) that represents one or
more inside local IP addresses to the outside world.
• Outside global IP address: The IP address assigned to
a host on the outside network by its owner. The
address is globally unique.
NAT Terminology
Static IP Address Assignment
• An IP address is manually assigned to a device or
host
• The network administrator configures the IP address,
default gateway, and name servers manually by
entering them into a special file or files on the end
system with either a graphical or text interface
• Static address assignment is an extra burden for the
administrator—especially on large-scale networks—
who must configure the address on every end system
in the network
• Typically, routers, switches, servers, and printers have
IP addresses statically assigned
Dynamic IP Address Assignment
• IP addresses are automatically assigned to the devices
• Dynamic address assignment relieves the administrator of
manually assigning an address to every network device
• Instead, the administrator must set up a server to assign the
addresses.
• On that server, the administrator defines the address pools and
additional parameters that should be sent to the host (default
gateway, name servers, time servers, and so forth)
• On the host, the administrator enables the host to acquire the
address dynamically; this is often the default.
• When IP address reconfiguration is needed, the administrator
reconfigures the server, which then performs the hostrenumbering task
• DHCP is the protocol used
Dynamic Host Configuration Protocol (DHCP)
Is a protocol for assigning dynamic IP addresses to
devices on a network . With dynamic addressing, a
device can have a different IP address every time it
connects to the network.
In some systems, the device's IP address can even
change while it is still connected. DHCP also
supports a mix of static and dynamic IP addresses.
Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol (DHCP)
A DHCP Server can provide the following to a
client:
IP address
Gateway address
Subnet mask
DNS server address
Router
Domain Name
Domain Name Server(s)
Windows Server(s)
IP Address Assignments in an Enterprise Network
Classless Interdomain Routing (CIDR)
What is CIDR?
CIDR is a new addressing scheme for the Internet
which allows for more efficient allocation of IP
addresses than the old Class A, B, and C address
scheme.
Why Do We Need CIDR?
With a new network being connected to the
Internet every 30 minutes the Internet was faced
with two critical problems:
Running out of IP addresses
Running out of capacity in the global routing
tables
Classless Interdomain Routing (CIDR)
Running Out of IP Addresses
There is a maximum number of networks and hosts
that can be assigned unique addresses using the
Internet's 32-bit long addresses.
Traditionally, the Internet assigned "classes" of
addresses: Class A, Class B and Class C were the
most common. Each address had two parts: one part
to identify a unique network and the second part to
identify a unique host in that network.
Another way the old Class A, B, and C addresses
were identified was by looking at the first 8 bits of
the address and converting it to its decimal
equivalent.
Classless Interdomain Routing (CIDR)
CIDR is pronounced “cider”
With CIDR, addresses use bit identifiers, or bit
masks, instead of an address class to determine
the network portion of an address
CIDR uses the /N notation instead of subnet
masks
CIDR allows for the more efficient allocation
of IP addresses
Classless Interdomain Routing (CIDR)
172.16.0.0 255.255.0.0= 172.16.0.0 /16
198.30.1.0 255.255.255.0= 198.30.1.0 /24
Note that 192.168.24.0 /22 is not a Class C
network, it has a subnet mask of 255.255.252.0
Classless Interdomain Routing (CIDR)
CIDR Block Prefix Equivalent Class C
/24
/23
/22
/21
/20
/19
/18
/17
/16
1 Class C
2 Class C
4 Class C
8 Class C
16 Class C
32 Class C
64 Class C
128 Class C
256 Class C
of Host Addresses
256 hosts
512 hosts
1,024 hosts
2,048 hosts
4,096 hosts
8,192 hosts
16,384 hosts
32,768 hosts
65,536 hosts
CIDR and Route Aggregation
• CIDR allows routers to summarize, or
aggregate, routing information
• One address with a mask can represent
multiple networks
• This reduces the size of routing tables
• Supernetting is another term for route
aggregation
CIDR and Route Aggregation
Given four Class C Networks (/24):
192.168.16.0 11000000 1010100000010000 00000000
192.168.17.0 11000000 1010100000010001 00000000
192.168.18.0 11000000 1010100000010010 00000000
192.168.19.0 11000000 1010100000010011 00000000
Identify which bits all these networks have in common.
192.168.16.0 /22 can represent all these networks. The
router will look at the first 22 bits of the address to make
a routing decision. Note that 192.168.16.0 /22 is not a
Class C network, it has a subnet mask of 255.255.252.0
Route Summarization
Importance of Hierarchical Addressing
Without summarization, every small change in
the network will be propagated (spread)
throughout the entire network
Importance of Hierarchical Addressing
With summarization, small changes in the network
aren’t propagated (spread) throughout the entire
network
Benefits of Summarization
Subnet Masks
• A major network is a Class A, B, or C network
• Fixed-Length Subnet Masking (FLSM) is
when all subnet masks in a major network
must be the same
• Variable-Length Subnet Masking (VLSM) is
when subnet masks within a major network
can be different.
• Some routing protocols require FLSM; others
allow VLSM
FLSM
VLSM
• VLSM makes it possible to subnet with
different subnet masks and therefore results in
more efficient address space allocation.
• VLSM also provides a greater capability to
perform route summarization, because it allows
more hierarchical levels within an addressing
plan.
• VLSM requires prefix length information to be
explicitly sent with each address advertised in a
routing update
VLSM
Classful and Classless Routing Protocols
• Classful routing protocols DO NOT send subnet
mask information in their routing updates
• When a router receives a routing update, it simply
assumes the default subnet mask (Class A, B, or
C)
• VLSM cannot be used in networks that use
Classful routing protocols
• Classless routing protocols send the subnet mask
(prefix length) in their updates
• VLSM can be used with Classless routing
protocols
Classful versus Classless
Classful Versus Classless
• When subnet masks aren’t sent in updates, routing problems
can occur
• Subnet masks should be sent in updates, otherwise routing
problems can occur. The two 172.16.x.x /24 networks are
separated by another network making the two networks
discontinuous
• The network is not hierarchical and appears to be a poor
network design.
Classful and Classless Routing Protocols
Classful protocols use address classes (A,B,C)
to determine networks because subnet masks
are not sent in routing updates.
Domain Name Server (DNS)
Name Resolution with DNS
DNS Components
• Resolver – The DNS client that sends queries
to a Name Server
• Name Servers –The DNS component that
responds to queries and has the name to IP
address mappings
• Domain Name Space –The hierarchical system
of names used on the Internet
There is static and dynamic (DNS) name
resolution.
Domain Name Space
Root Level Domain
(.)
Top Level Domain and Countries
(Australia com edu gov net org )
Second Level Domain
( microsoft franklin cisco )
(Seattle student)
IPv6 Standard
• Larger address space: IPv6 addresses are 128 bits, compared to
IPv4’s 32 bits. This larger addressing space allows more
support for addressing hierarchy levels, a much greater
number of addressable nodes, and simpler auto configuration
of addresses.
• Globally unique IP addresses: Every node can have a unique
global IPv6 address, which eliminates the need for NAT.
• Site multi-homing: IPv6 allows hosts to have multiple IPv6
addresses and allows networks to have multiple IPv6 prefixes.
Consequently, sites can have connections to multiple ISPs
without breaking the global routing table.
• Header format efficiency: A simplified header with a fixed
header size makes processing more efficient.
IPv6 Standard
• Improved privacy and security: IPsec is the IETF
standard for IP network security, available for both
IPv4 and IPv6. Although the functions are essentially
identical in both environments, IPsec is mandatory in
IPv6. IPv6 also has optional security headers.
• Flow labeling capability: A new capability enables the
labeling of packets belonging to particular traffic
flows for which the sender requests special handling,
such as non default quality of service (QoS) or realtime service.
IPv6 Standard
• Increased mobility and multicast capabilities: Mobile
IPv6 allows an IPv6 node to change its location on an
IPv6 network and still maintain its existing
connections. With Mobile IPv6, the mobile node is
always reachable through one permanent address. A
connection is established with a specific permanent
address assigned to the mobile node, and the node
remains connected no matter how many times it
changes locations and addresses.
• Improved global reach ability and flexibility.
• Better aggregation of IP prefixes announced in
routing tables.
IPv6 Standard
• Multi-homed hosts. Multi-homing is a technique to increase
the reliability of the Internet connection of an IP network. With
IPv6, a host can have multiple IP addresses over one physical
upstream link. For example, a host can connect to several
ISPs.
• Auto-configuration that can include Data Link layer addresses
in the address space.
• More plug-and-play options for more devices.
• Public-to-private, end-to-end readdressing without address
translation. This makes peer-to-peer (P2P) networking more
functional and easier to deploy.
• Simplified mechanisms for address renumbering and
modification.
IPv6 Standard
• Better routing efficiency for performance and
forwarding-rate scalability
• No broadcasts and thus no potential threat of
broadcast storms
• No requirement for processing checksums
• Simplified and more efficient extension header
mechanisms
• Flow labels for per-flow processing with no
need to open the transport inner packet to
identify the various traffic flows
IPv6 Standard
IPv6 Standard
•
•
•
•
Movement to change from IPv4 to IPv6 has already
begun, particularly in Europe, Japan, and the AsiaPacific region.
These areas are exhausting their allotted IPv4
addresses, which makes IPv6 all the more attractive
and necessary.
In 2002, the European Community IPv6 Task Force
forged a strategic alliance to foster IPv6 adoption
worldwide.
The North American IPv6 Task Force has set out to
engage the North American markets to adopt IPv6.
The first significant North American advances are
coming from the U.S. Department of Defense (DoD).
IPv6 Address Representation
You know the 32-bit IPv4 address as a series of four
8-bit fields, separated by dots. However, larger 128bit IPv6 addresses need a different representation
because of their size. IPv6 addresses use colons to
separate entries in a series of 16-bit hexadecimal
IPv6 Standard
IPv6 Standard
• Using the "::" notation greatly reduces the size of
most addresses as shown. An address parser identifies
the number of missing zeros by separating any two
parts of an address and entering 0s until the 128 bits
are complete
IPv6 Standard
IPv6 Larger Address Space
Benefits
Global reach ability and flexibility
Aggregation
Multi-homing
Auto configuration
Plug-and-play
End to end without NAT
Renumbering
IPv6 Standard
Simpler header
Routing efficiency
Performance and forwarding rate scalability
No broadcasts
No checksums
Extension headers
Flow labels
IPv6 Standard
Mobility and security
Mobile IP RFC-compliant
IPSec mandatory(or native) for IPv6
Transition richness
Dual stack
6to4 tunnels
Translation
IPv6 Larger address Space
IPv4
32 bits or 4 bytes long
4,200,000,000 possible addressable nodes
IPv6
128 bits or 16 bytes: four times the bits of IPv4
3.4 * 1038possible addressable nodes
340,282,366,920,938,463,374,607,432,768,211,456
5 * 1028addresses per person
IPv6 Larger Address Space
IPv6 Larger Address space
Aggregation of prefixes announced in the global routing table
Efficient and scalable routing
Improved bandwidth and functionality for user traffic
IPv6 Simpler and Efficient Header
A simpler and more efficient header means:
64-bit aligned fields and fewer fields
Hardware-based, efficient processing
Improved routing efficiency and performance
faster forwarding rate with better scalability
IPv6 Representation
x:x:x:x:x:x:x:x,where x is a 16-bit hexadecimal field
Leading zeros in a field are optional:
2031:0:130F:0:0:9C0:876A:130B
Successive fields of 0 can be represented as ::, but
only once per address.
Examples:
2031:0000:130F:0000:0000:09C0:876A:130B
2031:0:130f::9c0:876a:130b
FF01:0:0:0:0:0:0:1 >>> FF01::1
0:0:0:0:0:0:0:1 >>> ::1
0:0:0:0:0:0:0:0 >>> ::
IPv6 Addressing Model
Addresses are assigned to interfaces
Change from IPv4 mode:
Interface “expected” to have multiple
addresses
Addresses have scope
Link Local
Unique Local
Global
Addresses have lifetime
Valid and preferred lifetime
IPv6 Address Types
Unicast
Address is for a single interface.
IPv6 has several types (for example, global and IPv4 mapped).
Multicast
One-to-many
Enables more efficient use of the network
Uses a larger address range
Anycast
One-to-nearest(allocated from unicast address space).
Multiple devices share the same address.
All anycast nodes should provide uniform service.
Source devices send packets to anycast address.
Routers decide on closest device to reach that destination.
Suitable for load balancing and content delivery services.
IPv6 Global Unicast Addresses
• The global unicast and the anycast share the same address
format.
• Uses a global routing prefix—a structure that enables
aggregation upward, eventually to the ISP.
• A single interface may be assigned multiple addresses of any
type (unicast, anycast, multicast).
• Every IPv6-enabled interface must contain at least one
loopback (::1/128)and one link-local address.
• Optionally, every interface can have multiple unique local and
global addresses.
• Anycast address is a global unicast address assigned to a set of
interfaces (typically on different nodes).
• IPv6 anycast is used for a network multihomed to several ISPs
that have multiple connections to each other.
IPv6Global Unicast Addresses
Global unicast and anycast addresses are defined by a
global routing prefix, a subnet ID, and an interface ID.
IPv6 Interface ID
• Cisco uses the extended universal identifier
(EUI)-64 format to do stateless
autoconfiguration.
• This format expands the 48-bit MAC address
to 64 bits by inserting “FFFE” into the middle
16 bits.
• To make sure that the chosen address is from
a unique Ethernet MAC address, the
universal/local (U/L bit) is set to 1 for global
scope (0 for local scope).
IPv6 Standard
Cisco uses the extended universal identifier (EUI)-64 format to do
stateless autoconfiguration.
This format expands the 48-bit MAC address to 64 bits by inserting
“FFFE” into the middle 16 bits
IPv6 Unicast Addressing
IPv6 addressing rules are covered by multiple
RFCs.
Architecture defined by RFC 4291.
Unicast: One to one
Global
Link local (FE80::/10)
A single interface may be assigned multiple
IPv6 addresses of any type: unicast, anycast,
or multicast.
IPv6 Multicasting
Multicast is frequently used in IPv6 and replaces
broadcast
IPv6 Standard
An IPv6 anycast address is a global unicast address that is
assigned to more than one interface.
IPv6 Static Assignment
•
•
•
•
Similar to IPv4
Administrator assigns address to each device
Static assignment using a manual interface ID
Static assignment using an EUI-64 interface ID
IPv6 Dynamic Address Assignment
Link-local address: The host configures its
own link-local address autonomously, using
the link-local prefix FE80::0/10 and a 64-bit
identifier for the interface, in an EUI-64
format.
Stateless auto configuration: A router on the
link advertises—either periodically or at the
host’s request—network information, such as
the 64-bit prefix of the local network and its
willingness to function as a default router for
the link.
IPv6 Standard
Mandatory address for communication between two IPv6 devices (similar to ARP
but at Layer 3)
Automatically assigned by router as soon as IPv6 is enabled
Also used for next-hop calculation in routing protocols
Only link specific scope
Remaining 54 bits could be zero or any manual configured value
Remaining 54 bits
IPv6 Stateless Autoconfiguration
• A router sends network information to all the
nodes on the local link.
• A host can auto configure itself by appending
its IPv6 interface identifier (64-bit format) to
the local link prefix (64 bits).
• The result is a full 128-bit address that is
usable and guaranteed to be globally unique.
IPv6 Standard Stateless Autoconfiguration
Stage 1: The PC sends a router solicitation to
request a prefix for stateless auto configuration
Stage 2: The router replies with a router
advertisement.
IPv6 Standard
• Stateful using DHCP for IPv6 (DHCPv6)
• DHCPv6 is an updated version of DHCP for
IPv4. DHCPv6 gives the network
administrator more control than stateless
autoconfiguration and can be used to distribute
other information, including the address of the
DNS server.
• DHCPv6 can also be used for automatic
domain name registration of hosts using a
dynamic DNS server. DHCPv6 uses multicast
addresses
IPv6 Global Unicast Addressing
• IPv6 has an address format that enables
aggregation upward eventually to the ISP.
Global unicast addresses typically consists of a
48-bit global routing prefix and a 16-bit subnet
ID. Individual organizations can use a 16-bit
subnet field to create their own local
addressing hierarchy. This field allows an
organization to use up to 65,535 individual
subnets
IPv6 Global Unicast Addressing
IPv6 Transition Strategies
• The transition from IPv4 does not require upgrades
on all nodes at the same time. Many transition
mechanisms enable smooth integration of IPv4 and
IPv6. Other mechanisms that allow IPv4 nodes to
communicate with IPv6 nodes are available. Different
situations demand different strategies. The figure
illustrates the richness of available transition
strategies.
• Recall the advice: "Dual stack where you can, tunnel
where you must." These two methods are the most
common techniques to transition from IPv4 to IPv6.
IPv6 Transition Strategies
Dual stacking is an integration method in
which a node has implementation and
connectivity to both an IPv4 and IPv6 network.
This is the recommended option and involves
running IPv4 and IPv6 at the same time.
Router and switches are configured to support
both protocols, with IPv6 being the preferred
protocol.
IPv6 Transition Strategies
• Tunneling
The second major transition technique is tunneling.
There are several tunneling techniques available,
including:
Manual IPv6-over-IPv4 tunneling -An IPv6 packet is
encapsulated within the IPv4 protocol. This method
requires dual-stack routers.
Dynamic 6to4 tunneling -Automatically establishes
the connection of IPv6 islands through an IPv4
network, typically the Internet. It dynamically applies
a valid, unique IPv6 prefix to each IPv6 island, which
enables the fast deployment of IPv6 in a corporate
network without address retrieval from the ISPs or
IPv6 Standard
IPv6 Dual Stacking
Upcoming Deadlines
• Assignement 8-2, Concept Questions 6 is due
June 21.
• Assignment 1-4-2 Network Design Project
Phase 2: WAN Network Design is due June 21
• Assignement 10-1 Concept Questions 7 is due
July 5