Download Week_Six_Network - Computing Sciences

ITEC 275
Computer Networks – Switching,
Routing, and WANs
Week 6
Robert D’Andrea
2015
Administrative
• Midterm Exam
The midterm exam will be administered the
eighth week of the term, October 26 through 31, 2015.
Agenda
• Learning Activities
– IP Addressing
– Hierarchical structure
– Static and Dynamic Assignment
– IPv6
– IPv4 to IPv6 Transition Methods
– SNMP Monitoring
Guidelines for Addressing and Naming
• Use a structured model for addressing and
naming. A topology may be useful for viewing
the hierarchy in the network and recognize
address boundaries.
• Assign addresses and names hierarchically
• Decide in advance if you will use
– Central or distributed authority for addressing and
naming. Determine who is in charge of delegating
addresses and naming conventions.
– Public or private addressing (IANA or RFC 1918)
– Static or dynamic addressing and naming (DHCP
Dynamic Host Configuration Protocol)
Advantages of Structured Models for
Addressing & Naming
Easier to understand by
– Reading network maps
– Operating network management software
– Recognize devices in protocol analyzer traces
– Meeting goals for usability
– Designing filters on firewalls and routers
– Implementing route summarization
The Structured Model for addressing provides the IP
address with meaning and hierarchical organization.
Public IP Addresses
• Managed by the Internet Assigned Numbers
Authority (IANA)
• Users are assigned IP addresses by Internet
service providers (ISPs).
• ISPs obtain allocations of IP addresses from
their appropriate Regional Internet Registry
(RIR)
Internet Assigned Numbers Authority (IANA).
IANA allocates IP addresses to the Regional
Internet Registries (RIRs)
Regional Internet Registries (RIR)
• American Registry for Internet Numbers (ARIN) serves
North America and parts of the Caribbean.
• RIPE Network Coordination Centre (RIPE NCC) serves
Europe, the Middle East, and Central Asia.
• Asia-Pacific Network Information Centre (APNIC) serves
Asia and the Pacific region.
• Latin American and Caribbean Internet Addresses
Registry (LACNIC) serves Latin America and parts of the
Caribbean.
• African Network Information Centre (AfriNIC) serves
Africa.
Static Vs. Dynamic Addressing
Bases for addressing criteria
– The number of end systems
– The likelihood of needing to renumber
– The need for high availability
– Security requirements
– The importance of tracking addresses
– Whether end systems need additional
information
– (DHCP can provide more than just an
address)
IPv4 Address Classes
Classes
Range
CIDR
Subnet Mask
A
1 – 126
/8
255.0.0.0
B
128 - 191
/16
255.255.0.0
C
192 - 223
/24
255.255.255.0
D
224 – 239
N/A
Multicast
E
240 – 255
N/A
Private IPv4 Addresses
Start
End
No. of addresses
24-bit block (/8 prefix, 1
× A)
10.0.0.0
10.255.255.255
16777216
20-bit block (/12 prefix,
16 × B)
172.16.0.0
172.31.255.255
1048576
16-bit block (/16 prefix,
256 × C)
192.168.0.0
192.168.255.255
65536
IPv4 Addresses Class Bits
Traditional routing, also known as classful
routing. No information is transmitted about the
prefix length. The hosts and router examine the
first three bits of the IP address to determine its
class.
Class A
00000000 = 0
01111111 = 127
IPv4 Addresses Class Bits
Class B
10000000 = 128
10111111 = 191
Class C
11000000 = 192
11011111 = 223
IPv4 Addresses Caveats
1. Network ID zero is always reserved as the
universal gateway
2. IP addresses 127.0.0.0 – 127.255.255.255 is
considered loopback. IP address 127.0.0.1
address is most commonly used address for
loopback.
3. Private IP addresses are not routable on the
Internet.
Parts of an IPv4 Address
32 Bits
Prefix
Prefix Length
Host
Prefix Length
An IPv4 address is accompanied by an
indication of the prefix length
Classful dotted-decimal notation subnet mask
192.168.55.1
255.255.255.0
Classless Inter Domain Routing (CIDR) / Length
192.168.55.1/24
IPv4 Address Subnet Notations
• Subnet size 32 bits long (4 octets)
• Specifies which part of an IP address is the
network/subnet field and which part is the host field
– The network/subnet portion of the mask is all 1s in binary.
– The host portion of the mask is all 0s in binary.
– Convert the binary expression back to dotted-decimal notation
for entering into configurations.
• Alternative IPv4 address representation
– Use slash notation (for example /24)
– Specifies the number of 1s
IPv4 Address Subnet Notation
Classless Inter Domain Routing (CIDR)
notation identifies the prefix length with a length
field, followed by a slash.
Example: 10.1.0.1/16
The prefix length is 16 bits long. The
subnet mask would be 255.255.0.0.
Shorthand Subnet Mask
Binary
10000000
11000000
11100000
11110000
11111000
11111100
11111110
11111111
DecimalShorthand
128
192
224
240
248
252
254
255
CIDR
/25
/26
/27
/28
/29
/30
/31
/32
The shorthand notations represent how many bits are used in the subnet mask.
The minimum subnet mask for a Class C address must be 255.255.255.0, which is
24 bits (8 bits in each octet), or CIDR notation /24.
Shorthand Subnet Mask
Prefix size
Network mask
Available
subnets
Usable hosts
per subnet
Total
usable hosts
/24
255.255.255.0
1
254
254
/25
255.255.255.128
2
126
252
/26
255.255.255.192
4
62
248
/27
255.255.255.224
8
30
240
/28
255.255.255.240
16
14
224
/29
255.255.255.248
32
6
192
/30
255.255.255.252
64
2
128
/31
255.255.255.254
128
2*
256
Shorthand Subnet Mask
* The prefix size /31, is only achievable when
using a point-to-point type network connection.
Shorthand Subnet Mask
2^0 = 1
2^1 = 2
2^2 = 4
2^3 = 8
2^4 = 16
2^5 = 32
2^6 = 64
2^7 = 128
2^8 = 256
Subnet Mask Example
• 11111111 11111111 11111111 00000000
• What is this in slash notation?
• What is this in dotted-decimal notation?
Subnet Mask Example
• 11111111 11111111 11111111 00000000
• What is this in slash notation?
/24
• What is this in dotted-decimal notation?
255.255.255.0
Subnet Mask Example
• 11111111 11111111 11110000 00000000
• What is this in slash notation?
• What is this in dotted-decimal notation?
Subnet Mask Example
• 11111111 11111111 11110000 00000000
• What is this in slash notation?
/20
• What is this in dotted-decimal notation?
255.255.240.0
One More Subnet Mask Example
• 11111111 11111111 11111000 00000000
• What is this in slash notation?
• What is this in dotted-decimal notation?
One More Subnet Mask Example
• 11111111 11111111 11111000 00000000
• What is this in slash notation?
21
• What is this in dotted-decimal notation?
255.255.248.0
Private and Public Addresses
Private IPv4 Addresses
Caveat with Private Addressing
Outsourcing network management responsibilities to an
outside vendor. With private addressing, the internal networks are
not advertised to the outside. NAT problems would occur
handling network management protocols like Simple Network
Management Protocol (SNMP).
Advantages with Private Addressing
Any user may use any of the reserved blocks. Typically, a
network administrator will divide a block into subnets; for
example, many home routers automatically use a default address
range of
192.168.0.0 through 192.168.0.255 (192.168.0.0/24 block).
Network Address Translation (NAT)
Static translations
– One private address to one public address
– Used for servers that must be visible to the public
network
Dynamic translations
– Many unregistered addresses to one registered address
from a pool of addresses (similar to PBX)
– Used for workstations that only connect to the public
network when required
Combination of both translations
– Used by most organizations
Network Address Translation (NAT)
Network Address Translation (NAT) is
a methodology of modifying network
address information in Internet
Protocol (IP) datagram packet headers
while they are in transit across a
traffic routing device for the purpose of
remapping one IP address space into
another.
Address Usage in the Enterprise
Figure 6-3
Classful IP Addressing
Class
First
Few Bits
First Byte
Prefix
Length
Intent
A
B
C
D
E
0
10
110
1110
1111
1-126*
128-191
192-223
224-239
240-255
8
16
24
NA
NA
Very large networks
Large networks
Small networks
IP multicast
Experimental
*Addresses starting with 127 are reserved for IP traffic local to a host.
Division of the Classful Address Space
Class
Prefix
Length
Number of Addresses
per Network
A
B
C
8
16
24
224-2 = 16,777,214
216-2 = 65,534
28-2 = 254
Classless Addressing
• Prefix/host boundary can be anywhere
• Less wasteful
• Supports route summarization
Also known as
• Aggregation
• Super netting
• Classless routing
• Classless inter-domain routing (CIDR)
• Prefix routing
Classless Addressing
Classless routing protocols transmit a
prefix length with the IP address. This
allows classless routing protocols to group
networks into one entry and use the prefix
length to specify which networks are
grouped.
Classless routing protocols include
RIPv2, EIGRP, OSPF, BGP, and IS-IS.
Definitions
Sub-netting is when you take one large
network and break it into a bunch of smaller
networks.
A subnet mask is a 32-bit value that
allows the recipient of IP packets to
distinguish the network ID portion of the IP
address from the host ID portion of the IP
address.
The 1s in the subnet mask represent the
position referred to as the network or subnet
addresses.
Routing Protocols
Distance vector finds the best path to a
remote network by judging distance. Each
time the packet goes through a router, that’s
called or considered a hop.
Link State, also called shortest path first
protocols, the routers each create three
separate tables. One to keep track of directly
attached neighbors. A second table to
determine the topology of the entire
internetwork. The third table is used as a
routing table.
Routing Protocols
With a Distance Vector protocol, the path or 'route' chosen would
be from A to B directly over the ISDN serial link, even though that link is
about 10 times slower than the indirect route from A to C to D to B.
A Link State protocol would choose the A to C to D to B path
because it's using a faster medium (100 Mb Ethernet). In this example, it
would be better to run a Link State routing protocol, but if all the links in
the network are the same speed, then a Distance Vector protocol would be
the best choice.
Supernetting
172.16.0.0
172.17.0.0
172.18.0.0
Branch-Office Router
172.19.0.0
Branch-Office Networks
•
•
Move prefix boundary to the left
Branch office advertises 172.16.0.0/14
Enterprise Core
Network
Addressing Hierarchy
Figure 6-6 – Page 387
Route summarization
• Summary 192.168.0/21
Figure 6-5 – Page 386
172.16.0.0/14 Summarization
First Octet in Decimal
172
First Octet in binary
10101100
Second Octet in Decimal
Second Octet in
Binary
16
00010000
17
00010001
18
00010010
19
00010011
172.16.0.0/14 Summarization
First Octet in Decimal
172
First Octet in binary
10101100
Second Octet in Decimal
Second Octet in
Binary
16
00010000
17
00010001
18
00010010
19
00010011
Dis-Continuous Subnets
In traditional classful IP addressing it was
assumed that subnets would be contiguous.
What that means is basically that to get from
one subnet of some major network to any
other subnet of that network, you would go
through only subnets of that network. For
example if you were in subnet 10.10.10.0 and
you were going to 10.30.30.0 you might go
through 10.20.20.0. That would be
contiguous.
Dis-Continuous Subnets
Discontiguous subnets means that to go
from one subnet of a network to another
subnet of that network you must go through
subnets of a different network. For example if
you are in subnet 10.10.10.0 and to get to
10.30.30.0 you must go through 172.16.10.0
then that would be discontiguous.
Dis-contiguous Subnets
Area 0
Network
192.168.49.0
Router A
Area 1
Subnets 10.108.16.0 10.108.31.0
Router B
Area 2
Subnets 10.108.32.0 10.108.47.0
Dis-contiguous Subnets
Router A advertises access to network
10.0.0.0. Router B ignores the advertisement
because it can already get to network 10.0.0.0.
This occurs in both directions with the routers.
Classless routing protocol is one method
for solving this problem.
Dis-contiguous Subnets
A Mobile Host
Mobile Host is a host that moves from one
network to another and has a statically defined IP
address. The administrator can move a mobile
host to another and configure a router with a
host-specific route to specify that traffic for the
host should be routed through that router.
Classless routing protocols match the longest
prefix.
Example: 10.108.16.0/20 and 10.108.16.1/32
A Mobile Host
Router A
Router B
Subnets 10.108.16.0 10.108.31.0
Host 10.108.16.1
IPv6 Addressing
• Is a new technology developed to overcome
the limitations of the current standard, IPv4
• Combines expanded addressing with a more
efficient and feature-rich header to improve
scaling
• Satisfies the increasingly complex
requirements of hierarchical addressing that
IPv4 does not support
IPv6 Address Features
• Larger address space:
–
–
–
–
IPv6 addresses are 128 bits, compared to IPv4's 32 bits
Allows more support for addressing hierarchy levels
A much greater number of addressable nodes
Simpler auto-configuration of addresses
• Globally unique IP addresses:
– Every node can have a unique global IPv6 address
– Eliminates the need for NAT.
• Site multi-homing:
– IPv6 allows hosts to have multiple IPv6 addresses
– Allows networks to have multiple IPv6 prefixes
– Sites can have connections to multiple ISPs without
breaking the global routing table
IPv6 Features (continued)
• Header format efficiency:
– A simplified header with a fixed header size
makes processing more efficient.
• Improved privacy and security:
– IPsec is the IETF standard for IP network
security, available for both IPv4 and IPv6.
Although the functions are essentially
identical in both environments, IPsec is
mandatory in IPv6. IPv6 also has optional
security headers.
IPv6 Features (continued)
• Flow labeling capability:
– A new capability enables the labeling of packets belonging
to particular traffic flows for which the sender requests
special handling, such as non default quality of service
(QoS) or real-time service.
• Increased mobility and multicast capabilities:
– Mobile IPv6 allows an IPv6 node to change its location on
an IPv6 network and still maintain its existing connections.
With Mobile IPv6, the mobile node is always reachable
through one permanent address. A connection is established
with a specific permanent address assigned to the mobile
node, and the node remains connected no matter how many
times it changes locations and addresses
IPv6 Features (continued)
IPv6 Dynamic addressing supports both static and
dynamic addressing
Dynamic addressing is referred to as auto-configuration
and is made up of two components.
Part 1: Stateful auto-configuration method, hosts retrieve
addresses and other information from a server set up with a
database.
Part 2: Stateless auto-configuration method, a hosts
generates it’s own address using locally available information.
This includes advertised information from routers. The
process starts by generating a link-local address for an interface.
This involves combining the well-known link-local prefix
(fe80::/10) with a 64 bit interface identifier.
IPv6 Address Format
• The format is x:x:x:x:x:x:x:x, where x is a 16-bit
hexadecimal field
– 2035:0001:2BC5:0000:0000:087C:0000:000A
• Leading 0s within each set of four hexadecimal digits
can be omitted, and replaced with a pair of colons (::),
once within an address, to represent any number of
successive 0s.
– 2035:1:2BC5::87C:0:A
IPv6 Addresses
Link-local address: The host configures its
own link-local address autonomously, using the
link-local prefix fe80::0/10 and a 64-bit identifier
for the interface, in an EUI-64 format.
A link-local address is a
network address that is valid only for
communications within the network segment
(link) or the broadcast domain that the host is
connected to. Link-local addresses are usually
not guaranteed to be unique beyond a single
network segment.
IPv6 Addresses Link Local Prefix
IPv6 Addresses
A link-local address is a network
address that is valid only for communications
within the network segment (link) or
the broadcast domain that the host is connected
to.
Link-local addresses are usually not
guaranteed to be unique beyond a single network
segment. Routers therefore do not
forward packets with link-local addresses.
IPv6 Addresses
For protocols that have only link-local
addresses, such as Ethernet, hardware addresses
that the manufacturer delivers in network circuits
are unique, consisting of a vendor identification
and a serial identifier.
Link-local addresses for IPv4 are defined
in the address block 169.254.0.0/16, in CIDR
notation. In IPv6, they are assigned with the
fe80::/10 prefix.
IPv6 Addresses
The link-local address is useful in the
context of a single link or network. IPv6 linklocal addresses can be configured automatically
on an interface.
Link-local addresses serve as a way for
connecting devices on the same local network
without the need for globally unique addresses.
A router utilizing IPv6 must not forward
packets that have either link-local source or
destination address.
IPv6 Addresses
Link-local addresses are used in neighbor
discovery and in stateless auto-configuration
process.
Media access control (MAC) addresses are
used in local broadcast networks, such
as Ethernet which are link-local addresses. Such
devices are configured with an address in
hardware by the manufacturer.
IPv6 Addresses
IPv6 Addresses
Stateless auto-configuration: A router on
the link advertises—either periodically or at the
host's request—network information, such as the
64-bit prefix of the local network and its
willingness to function as a default router for the
link. Hosts can automatically generate their
global IPv6 addresses by using the prefix in
these router messages; the hosts do not need
manual configuration or the help of a device
such as a DHCP server.
IPv6 Addresses
Stateful using DHCP for IPv6 (DHCPv6):
DHCPv6 is an updated version of DHCP for
IPv4. DHCPv6 gives the network administrator
more control than stateless auto-configuration
and can be used to distribute other information,
including the address of the DNS server.
DHCPv6 can also be used for automatic domain
name registration of hosts using a dynamic DNS
server. DHCPv6 uses multicast addresses.
IPv6 Aggregatable Global Unicast
Address Format
3
13
8
FP
TLA
ID
RES
24
NLA
ID
Public topology
•
•
•
•
•
•
FP
TLA ID
RES
NLA ID
SLA ID
Interface ID
16
SLA
ID
64 bits
Interface ID
Site
Topology
Format Prefix (001)
Top-Level Aggregation Identifier
Reserved for future use
Next-Level Aggregation Identifier
Site-Level Aggregation Identifier
Interface Identifier
Upgrading to IPv6
• Dual stack
• Tunneling
• Translation
Dual-Stack
A dual-stack node enables both IPv4 and
IPv6 stacks. Applications communicate with
both IPv4 and IPv6 stacks; the IP version
choice is based on name lookup and
application preference. This is the most
appropriate method for campus and access
networks during the transition period, and it
is the preferred technique for transitioning
to IPv6. A dual-stack approach supports the
maximum number of applications.
Tunneling
Figure 2-25
Translation
Dual-stack and tunneling techniques
manage the interconnection of IPv6
domains. For legacy equipment that
will not be upgraded to IPv6 and for
some deployment scenarios,
techniques are available for
connecting IPv4-only nodes to
IPv6-only nodes, using translation,
an extension of NAT techniques.
Guidelines for Assigning Names
• Names should be
– Short
– Meaningful
– Unambiguous
– Distinct
– Case insensitive
• Avoid names with unusual characters
– Hyphens, underscores, asterisks, and so on
Domain Name System (DNS)
• Map names to IP addresses
• Supports hierarchical naming
– example: frodo.rivendell.middle-earth.com
• A DNS server has a database of resource records
(RRs) that maps names to addresses in the
server’s “zone of authority”
• Client queries server
– Uses UDP port 53 for name queries and replies
– Uses TCP port 53 for zone transfers
DNS Details
• Client/server model
• Client is configured with the IP address of a
DNS server
– Manually or DHCP can provide the address
• DNS resolver software on the client machine
sends a query to the DNS server. Client may
ask for recursive lookup.
DNS Recursion
• A DNS server may offer recursion, which allows the
server to ask other servers
– Each server is configured with the IP address of one or
more root DNS servers.
• When a DNS server receives a response from another
server, it replies to the resolver client software. The
server also caches the information for future
requests.
– The network administrator of the authoritative DNS server
for a name defines the length of time that a nonauthoritative server may cache information.
DNS Root Zone
The DNS root zone is the top-level DNS zone in
the hierarchical namespace of the Domain Name
System (DNS) of the Internet.
DNS Root Servers
The authoritative name servers that serve the
DNS root zone, commonly known as the “root servers”,
are a network of hundreds of servers in many countries
around the world. They are configured in the DNS root
zone as 13 named authorities.
List of Root Servers
a.root-servers.net
198.41.0.4, 2001:503:ba3e::2:30
VeriSign, Inc.
b.root-servers.net
192.228.79.201
University of Southern California (ISI)
c.root-servers.net
192.33.4.12, 2001:500:2::c
Cogent Communications
d.root-servers.net
199.7.91.13, 2001:500:2d::d
University of Maryland
e.root-servers.net
192.203.230.10
NASA (Ames Research Center)
f.root-servers.net
192.5.5.241, 2001:500:2f::f
Internet Systems Consortium, Inc.
g.root-servers.net
192.112.36.4
US Department of Defence (NIC)
h.root-servers.net
128.63.2.53, 2001:500:1::803f:235
US Army (Research Lab)
i.root-servers.net
192.36.148.17, 2001:7fe::53
Netnod
j.root-servers.net
192.58.128.30, 2001:503:c27::2:30
VeriSign, Inc.
k.root-servers.net
193.0.14.129, 2001:7fd::1
RIPE NCC
l.root-servers.net
199.7.83.42, 2001:500:3::42
ICANN
m.root-servers.net
202.12.27.33, 2001:dc3::35
WIDE Project
Root Server Website
Who owns root?
View: http://www.root-servers.org
Simple Network Management Protocol
(SNMP)
Enterprise networks are heterogeneous. In
addition to multi-tiered applications, a critical
part of the infrastructure consists of network
devices and other applications that are vendor
specific. However, these devices normally
have a Simple Network Management Protocol
(SNMP) agent (interface) and this facilitates
SNMP monitoring.
Simple Network Management Protocol
(SNMP)
What is SNMP?
SNMP stands for Simple Network Management
Protocol and is an industry standard for the
communication among devices in your IT
infrastructure. It is used for collecting information from
and sending configuration to devices such as servers,
printers, hubs, switches, and routers in your network.
SNMP lets you keep an eye on network and bandwidth
usage and track important issues such as uptime and
traffic levels.
SNMP Agent
Summary
• Use a systematic, structured, top-down
approach to addressing and naming
• Assign addresses in a hierarchical fashion
• Distribute authority for addressing and naming
where appropriate
• IPv6 looms in our future
Review Questions
• Why is it important to use a structured model
for addressing and naming?
• When is it appropriate to use IP private
addressing versus public addressing?
• When is it appropriate to use static versus
dynamic addressing?
• What are some approaches to upgrading to
IPv6?
This Week’s Outcomes
•
•
•
•
•
•
IP Addressing
Static and Dynamic Assignment
IPv4
IPv6
IPv4 to IPv6 Transition Methods
SNMP
Due this week
• 5-1 – Concept questions 4
• 1-5-1 – Network design project
– Switches
Next week
• Read chapters 7 in
Top-Down Network Design
• 6-1 – Concept questions 5
• FranklinLive session 7
Q&A
• Questions, comments, concerns?