FdSc Computing Technologies Wide Area Networks and Security IPv4, CIDR, VLSM Last update : 15/04/2013 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 1 Objectives This lecture aims to cover: IPv4 re-cap Limitations of IPv4 and address space depletion Extending the design of IPv4 - CIDR Optimising IPv4 - VLSM Introduction to IPv6 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 2 Introduction… Logical addressing is an OSI LAYER 3 technology: IPv4 uses a 32 bit addressing scheme e.g. 10.15.1.120 It incorporates a 32 bit subnet mask to determine the network and host portion of the address e.g. 255.0.0.0 or /8 (8 consecutive 1’s) It was ratified in the late 1970’s and therefore could not foresee the addressing needs of the global public Internet. It was “deployed on 1st Jan 1983” (source: iana.org) 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 3 Limitations of IPv4 Classful addressing: Theoretical address space is 2^32 = 4,294,967,296 individual addresses The original “Classful” addressing schemes created much wasted address apace e.g. One “class A” network allows for 16.7 million hosts 2^24 = 16,777,216 hosts per network Also, to connect to the Internet all hosts on a LAN need a unique public Internet address 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 4 LANS, NAT and PAT Obviously giving every host on a LAN a public IP address to connect to the Internet is very wasteful in IPv4 A method of sharing a single public IP address or a POOL of public IP addresses was developed This was called Network Address Translation It involved dynamically replacing the IP packet’s private address with a public address when access to the Internet was required 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 5 Address Translation, NAT and PAT Source: Cisco.com NAT is essentially a 1 to 1 mapping between private and public addresses PAT extends this to a “1 to many” mapping using dynamic port allocation 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 6 NAT Adapted from: Cisco.com NAT provides one to one mapping i.e. 192.168.1.20 to 171.69.68.10 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 7 Port Address Translation (PAT) Source: Cisco.com PAT provides “many to 1” or “many to few” Internet access for larger organisations 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 8 Address space depletion and CIDR As the need for addresses grew in the 1990’s, IPv4 address space was becoming depleted Innovative ways of extending the protocol started some 15 years ago In addition to Address Translation techniques, one method was introduced called ‘classless inter-domain routing’ or CIDR This involved using subnet bits independent of the address class e.g.172.16.8.1/22 This therefore allowed the creation of smaller networks or “subnets” from a single network 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 9 Variable Length Subnet Masks CIDR however is sometimes inefficient and wastes valuable IP address space e.g. 172.16.8.0/22 allows for 2^10-2 host addresses (1022) per subnet However some networks in a WAN environment may need far fewer than that They may only need TWO host addresses That is where VLSM can be used to produce an optimised addressing scheme 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 10 Variable Length Subnet Masking example adapted from Cisco, (2008-09) 16/03/2016 A class C (/24) address space has been sub-netted as a /27 network. This gives 2^3 networks i.e. A ,B, C, D, E and 3 unused We have used 5 but do not require the full address space in each (shown by the shading in each block) FdSc Appplied Computing with MMT - Wide Area Networks 11 Variable Length Subnet Masking example PROBLEM netA: must support 14 hosts netB: must support 28 hosts netC: must support 2 hosts netD: must support 7 hosts netE: must support 28 hosts VLSM METHOD (provides an individual scheme for each network) Determine what mask allows the required number of hosts. netA: requires a /28 (255.255.255.240) mask to support 14 hosts netB: requires a /27 (255.255.255.224) mask to support 28 hosts netC: requires a /30 (255.255.255.252) mask to support 2 hosts netD*: requires a /28 (255.255.255.240) mask to support 7 hosts netE: requires a /27 (255.255.255.224) mask to support 28 hosts (NOTE if you thought netD needs a /29 (255.255.255.248) mask. Remember this would only allow 6 usable host addresses therefore netD requires a /28 mask) 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 12 Variable Length Subnet Masking example 16/03/2016 The logical way to assign the subnets is to assign the largest first. For example, you could assign in this manner: ASSIGN NEW VLSM MASKS netB: 204.15.5.0/27 host address range 1 to 30 netE: 204.15.5.32/27 host address range 33 to 62 netA: 204.15.5.64/28 host address range 65 to 78 netD: 204.15.5.80/28 host address range 81 to 94 netC: 204.15.5.96/30 host address range 97 to 98 MORE EFFICIENT USE OF SPACE.! FdSc Appplied Computing with MMT - Wide Area Networks 13 Mixing address classes and CIDR A further method to optimise address space involves utilising two address ranges e.g. A sub-netted class B for the Local Area Networks (LANS) AND a sub-netted class C range (for example) for the point to point WAN links VLSM is not fully supported by older protocols and routers so the network manager would decide on the optimal scheme for the WAN design. 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 14 IPv6 Address depletion in the 1990’s invoked the design of a replacement protocol for IPv4 IPv6 was approved in 1995 (Elahi, 2001) However, “NAT”, “CIDR” and “VLSM” techniques have since fulfilled address space and route optimisation needs using IPv4 IPv6 has therefore been slow to mature and be accepted by ISP’s and the general networking community 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 15 IPv6 “ARIN again warns of IPv4 address depletion” [Campbell, 2009, gcn.com] However, several “scares” from the American Registry for Internet Numbers and other bodies were promoting the adoption of IPv6 by 2011 [ARIN, 2010] Despite warnings, few seem to be adopting IPv6 as IPv4 is so well known and understood Whether it be next year or well beyond that, IPv4 will not provide our addressing needs forever 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 16 Summary A brief IPv4 and sub-netting re-cap Limitations of IPv4 and address space depletion Extending the design of IPv4 – NAT and CIDR Optimising IPv4 – VLSM schemes IPv6 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 17 Lab tasks - IPv4 VLSM design In pairs, consider IPv4 VLSM and a multiple class addressing schemes for your WAN design The aim is to design the most optimised and therefore LEAST wasteful scheme You will ultimately implement your design in software and use the hardware the LAB Further study – VLSM workbook on Moodle 16/03/2016 FdSc Appplied Computing with MMT - Wide Area Networks 18