7.6 Introduction to Classless IP Addressing

advertisement
7.1 Introduction
The IP addressing scheme discussed in Chapter 2 are classful and can be
summarised as:
Class A Networks: 8 bit network-number and 24 bit host number, (/8,
slash eight or eights), 126 networks can be defined (0.0.0.0 is reserved
for the use as default route, 127.0.0.0 is loopback address). Each with
224-2 (16,777,214) hosts maximum. Why minus two? Class A consists
of half of IPv4 unicast addresses.
Class B Networks: (/16 prefixes) 214 (16,384) networks can be defined,
each with 65,534 (216-2) hosts maximum. Class B is 25% of total IPv4
unicast addresses.
CSE5803 Advanced Internet Protocols and Applications (7)
1
Class C Networks: (/24 prefixes) 221 (2,097,152) networks can be defined,
each with 254 (28-2) hosts maximum. Class C is 12.5% (1/8th) of
total IPv4 unicast addresses.
Other Classes: D (1110) is used to support IP multicasting. E (1111) is
reserved for experimental use.
•
Problems: Lack of support for medium sized organisations. /16 is too
large while /24 is too small. The allocation of a /16 to several
hundred or thousand hosts is a big waste and leads to quick depletion
of /16 address space.
•
Fixed size of subnet mask as discussed in Chapters 2 and 6 is also a
waste of number resource since all subnet must be of the same size,
which is that of the largest subnet.
This chapter discusses more addressing issues including subneting,
superneting and private connectivity.
CSE5803 Advanced Internet Protocols and Applications (7)
2
7.2 Variable Length Subnet Masks (VLSM)
• The concept of subnet and subnet masks was discussed in Chapter 2.
• RIP-1 supports fixed length subnet mask, which means all the subnets
are of the same size.
• VLSM (RFC1878) combines the network prefix and a variable number
of subnet number bits to form a slash n, /n, type of subnet, where n
does not have to be a fixed number for an organisation. It is the
extended network prefix.
• VLSM does not have to allocate subnet bits according to the largest
physical network, as before.
Example:
130.194.0.0/22 network =10000010.11000010.00000000.00000000
Extended network prefix
CSE5803 Advanced Internet Protocols and Applications (7)
3
Also,
130.194.0.0/26 network =10000010.11000010.00000000.00000000
Extended network prefix
7.3 VLSM and Route Aggregation
• VLSM allows the recursive division of an address space so it can be
reassembled and aggregated to reduce the amount of routing
information at the top level.
CSE5803 Advanced Internet Protocols and Applications (7)
4
• The practice of subnet, sub-subnet, etc. reduces the sizes of routing
tables.
CSE5803 Advanced Internet Protocols and Applications (7)
5
7.4 VLSM – Design and Deployment Considerations
• The number of subnets required currently and in the future.
• The number of hosts in the largest subnet currently and in the future
• The routing protocol used should carry extended-network-prefix
information with each route advertisement. RIP-1 does not. The IGP
need to be RIP-2 or OSPF.
• Addresses must be assigned with topological significance in order to
reduce the size of routing table.
• Routers need to run the “longest” match algorithm, discussed next
section.
CSE5803 Advanced Internet Protocols and Applications (7)
6
7.5 VLSM and “Longest Match” Forwarding
• Under VLSM environment, there may be more than one route that
seem to match the IP’s network address. The rule is to send the
datagram to a route with the “longest match”.
• This means if an IP address can completely match the network
addresses of more routes than one, the longest matching network
address is selected for packet forwarding.
Example:
• Route 1 is selected based on “longest match”.
It should be noted that all 11.1.2.x hosts should be attached to this
subnet in order to be reachable.
CSE5803 Advanced Internet Protocols and Applications (7)
7
7.6 Introduction to Classless IP Addressing – CIDR
• CIDR stands for Classless Inter-Domain Routing (RFC1519).
• CIDR was developed in 1992/3 to solve the following problems:
– The near-term exhaustion of the Class B network address space
– The rapid growth in the size of the global Internet’s routing tables
– The eventual exhaustion of the 32-bit IPv4 address space.
7.7 Basic CIDR Concepts
• Eliminates the traditional Classes A, B, C, and replace the network
address with a generalised concept of “network-prefix”.
• Inter-Domain Routers use this arbitrary size network-prefix, to
determine the dividing point of network and host addresses, not just
the first 3 bits.
CSE5803 Advanced Internet Protocols and Applications (7)
8
• Similar to VLSM subnet mask in autonomous systems. Each route is
advertised with a bit mask (net mask? vs subnet mask).
• CIDR and VLSM are essentially the same thing. One allows the
recursive address assignment within an organisation and is invisible to
the global Internet. While the other permits the recursive allocation of
an address block by an Internet Registry to an ISP, or a private
organisation.
• CIDR provides route aggregation like VLSM. This has very positive
effects on global routing schemes and tables. CIDR reduced the global
internet routing table by more than half. Details will be discussed later
in Section 7.9.
CSE5803 Advanced Internet Protocols and Applications (7)
9
7.8 Block Address Allocation and Superneting
• The following table shows commonly deployed CIDR address blocks.
• It can be seen that from /13 to /23, the allocation blocks are supernets
of traditional class B or C.
CSE5803 Advanced Internet Protocols and Applications (7)
10
7.9 CIDR and Internet Routing
• The reduction of routing table through aggregation. The following
diagram is from “Internet Routing Architectures” by Bassam Halabi.
CSE5803 Advanced Internet Protocols and Applications (7)
11
• Classless routing, single homing through an ISP. If changes ISP, either
the IP address changes or injects a more-specific route into the internet.
IP change
CSE5803 Advanced Internet Protocols and Applications (7)
12
Injection of extra route
• Multi-homing to the internet can be complex, this may result in routing
“black-hole” if the aggregation is not carried out carefully. As
illustrated in the example next page, adapted from “Internet Routing
Architectures” by Bassam Halabi.
• The connection to the Internet can also be achieved via private/public
IP address translation using Network Address Translation (NAT)
protocol discussed later in Section 7.10.
CSE5803 Advanced Internet Protocols and Applications (7)
13
• We have something wrong in Fig 1, if 198.24.17.1 is the destination.
The packet is routed to ISP2 following the longest match algorithm.
Fig.1 Wrong Aggregation
Fig.2 Correct Route Advertisement
CSE5803 Advanced Internet Protocols and Applications (7)
14
IP address for 198.24.17.1 is: 198.00011000.00010001.00000001.
Longest match will be performed on network address of routes.
• With the wrong aggregation, three routes to choose from:
Route 198.32.0.0/13 has a network address of 198.00100000.0.0 (no
match from the 11th bit, which means no match at all)
Route 198.24.0.0/13 has a network address of 198.00011000.0.0 (13 bit
match, but not longest)
 Route 198.24.0.0/18 has a network address of
198.00011000.00000000.0 (18 bit match), selected but wrong.
• With the correct aggregation, four routes to choose from:
Route 198.32.0.0/13 has no match again.
Route 198.24.56.0/21 has a net. address of 198.00011000.00111000.0(no
match from 19th bit, which means no match at all).
Route 198.24.0.0/20 has a net. address of 198.00011000.00000000.0(no
match from the 20th bit, which means no match at all).
 Route 198.24.0.0/13 has 13 bit match and the only match, correctly
selected for packet forwarding.
CSE5803 Advanced Internet Protocols and Applications (7)
15
7.10 Private Addressing and Network Address Translation
(NAT: RFC1613)
• IANA has reserved the following IP address for private connectivity
only (RFC1918). Organisations do not need to get permission to use
these IP addresses, and they do not appear at global Internet.
10.x.x.x (a single class A)
172.16.0.0 to 172.31.255.255 (16 contiguous class B)
192.168.0.0 to 192.168.255.255 (256 contiguous class C)
• These host addresses cannot communicate directly to the global
internet and should not be leaked outside the organisation.
• If privately connected hosts wish to communicate with the global
internet, the IP address has to be reassigned or a NAT server is used.
• Static re-assignment of IP numbers can be complex. The introduction
of Dynamic Host Configuration Protocol (DHCP) makes the task a lot
easier.
CSE5803 Advanced Internet Protocols and Applications (7)
16
• NAT enables private network to connect the Internet without
renumbering. It uses a NAT router which is placed at the border of a
domain to convert a private IP to an appropriate Internet IP.
10.1.1.1
130.192.x.y
A 10.1.1.1
NAT router
10.2.2.2
130.192.x.w
B 10.2.2.2
• NAT can have a pool of global IP (<< private IP addresses), and can
map many private IP addresses into one global address. This is referred
to as NAT overloading.
CSE5803 Advanced Internet Protocols and Applications (7)
17
• NAT overloading is achieved by using TCP/UDP ports, known as Port
Address Translation (PAT).
• The NAT router must maintain a lookup table like the one below
(source: http://computer.howstuffworks.com)
Source
Computer
Source
Computer's
IP Address
Source
Computer's
Port
NAT Router's
IP Address
NAT Router's
Assigned
Port Number
A
192.168.32.10
400
215.37.32.203
1
B
192.168.32.13
50
215.37.32.203
2
C
192.168.32.15
3750
215.37.32.203
3
D
192.168.32.18
206
215.37.32.203
4
• Each table entry can timeout itself and get deleted if not refreshed in a
fixed period of time.
• NAT automatically creates a firewall and hosts behind a NAT router
cannot normally be accessed from outside unless an inbound mapping
such as Port Forwarding is available.
CSE5803 Advanced Internet Protocols and Applications (7)
18
Download