ad

Friday, January 29, 2016

TCP/IP Routing and Addressing(Subnetting,Gateways)

Introduction

Without question, the TCP/IP suite is the most widely implemented protocol on networks today. As such, it is an important topic on the Network+ exam. To pass the exam, you definitely need to understand the material presented in this chapter.
This chapter deals with the individual protocols within the protocol suite. It looks at the functions of the individual protocols and their purposes. It starts by discussing one of the more complex facets of TCP/IP—addressing.


IP Addressing

IP addressing is one of the most challenging aspects of TCP/IP. It can leave even the most seasoned network administrators scratching their heads. Fortunately, the Network+ exam requires only a fundamental knowledge of IP addressing. The following sections look at how IP addressing works for both IPv4 and the newest version of IP,  IPv6.
To communicate on a network using TCP/IP, each system must be assigned a unique address. The address defines both the number of the network to which the device is attached and the number of the node on that network. In other words, the IP address provides two pieces of information. It’s a bit like a street name and house number in a person’s home address.
Each device on a logical network segment must have the same network address as all the other devices on the segment. All the devices on that network segment must then have different node addresses.
In IP addressing, another set of numbers, called a subnet mask, is used to define which portion of the IP address refers to the network address and which refers to the node address.
IP addressing is different in IPv4 and IPv6. We’ll begin our discussion by look- ing at IPv4.




IPv4

An IPv4 address is composed of four sets of 8 binary bits, which are called octets. The result is that IP addresses are 32 bits long. Each bit in each octet is assigned a decimal value. The leftmost bit has a value of 128, followed by 64, 32, 16, 8,  4, 2, and 1, left to  right.
Each bit in the octet can be either a 1 or a 0. If the value is 1, it is counted as its decimal value, and if it is 0, it is ignored. If all the bits are 0, the value of the octet is 0. If all the bits in the octet are 1, the value is 255, which is 128+64+32+16+8+4+2+1.
By using the set of 8 bits and manipulating the 1s and 0s, you can obtain any value between 0 and 255 for each octet.


Decimal Value
Binary Value
Decimal  Calculation
10
00001010
8+2=10
192
11000000
128+64=192
205
11001101
128+64+8+4+1=205
223
11011111
128+64+16+8+4+2+1=223



IP Address Classes
IP addresses are grouped into logical divisions called classes. The IPv4 address space has five address classes (A through E), although only three (A, B, and C) are used to assign addresses to clients. Class D is reserved for multicast address- ing, and Class E is reserved for future development.

Of the three classes available for address assignments, each uses a fixed-length subnet mask to define the separation between the network and the node address. A Class A address uses only the first octet to represent the network portion, a Class B address uses two octets, and a Class C address uses the first three octets. The upshot of this system is that Class A has a small number of network address- es, but each Class A address has a very large number of possible host addresses. Class B has a larger number of networks, but each Class B address has a small- er number of hosts. Class C has an even larger number of networks, but each Class C address has an even smaller number of hosts. 





Address Class
Range
Number of Networks
Number of Hosts Per Network
Binary Value of First Octet
A
1 to 126
126
16,777,214
0xxxxxxx
B
128 to 191
16,384
65,534
10xxxxxx
C
192 to 223
2,097,152
254
110xxxxx
D
224 to 239
N/A
N/A
1110xxxx
E
240 to 255
N/A
N/A
1111xxxx




Subnet Mask Assignment
Like an IP address, a subnet mask is most commonly expressed in 32-bit dotted- decimal format. Unlike an IP address, though, a subnet mask performs just one function—it defines which parts of the IP address refer to the network address and which refer to the node address. Each class of IP address used for address assignment has a default subnet mask associated with it. Table 5.3 lists the default subnet masks.

Address Class
Default Subnet Mask
A
255.0.0.0
B
255.255.0.0
C
255.255.255.0




Subnetting
Now that you have looked at how IP addresses are used, you can learn the process of subnetting. Subnetting is a process by which the node portions of an IP address are used to create more networks than you would have if you used the default subnet mask.
To illustrate subnetting, let’s use an example. Suppose that you have been assigned the Class B address 150.150.0.0. Using this address and the default sub- net mask, you could have a single network (150.150) and use the rest of the address as node addresses. This would give you a large number of possible node addresses, which in reality is probably not very useful. With subnetting, you use bits from the node portion of the address to create more network addresses. This reduces the number of nodes per network, but you probably will still have more than enough.
There are two main reasons for subnetting:
. It allows you to use IP address ranges more effectively.
. It makes IP networking more secure and manageable by providing a mechanism to create multiple networks rather than having just one. Using multiple networks confines traffic to the network that it needs to be on, which reduces overall network traffic levels. Multiple subnets also create more broadcast domains, which in turn reduces network-wide broadcast traffic.





Identifying the Differences Between IPv4 Public and Private Networks

IP addressing involves many considerations, not the least of which are public and private networks. A public network is a network to which anyone can connect. The best (and perhaps only pure) example of such a network is the Internet. A private network is any network to which access is restricted. A corporate network and a network in a school are examples of private networks.
The main difference between public and private networks, apart from the fact that access to a private network is tightly controlled and access to a public net- work is not, is that the addressing of devices on a public network must be con- sidered carefully. Addressing on a private network has a little more latitude.
As already discussed, in order for hosts on a network to communicate by using TCP/IP, they must have unique addresses. This number defines the logical net- work that each host belongs to and the host’s address on that network. On a pri- vate network with, say, three logical networks and 100 nodes on each network, addressing is not a particularly difficult task. On a network on the scale of the Internet, however, addressing is complex.
If you are connecting a system to the Internet, you need to get a valid registered IP address. Most commonly, you obtain this address from your ISP. Alternatively, if you wanted a large number of addresses, for example, you could contact the organization responsible for address assignment in your area. You can determine who the regional numbers authority for your area is by visiting the  IANA website.Because of the nature of their business, ISPs have large blocks of IP addresses that they can assign to their clients. If you need a registered IP address, getting one from an ISP will almost certainly be a simpler process than going through  a regional numbers authority. Some ISPs’ plans actually include blocks of regis- tered IP addresses, working on the principle that businesses will want some kind of permanent presence on the Internet. Of course, if you discontinue your serv- ice with the ISP, you can no longer use the IP address it  provided.



Private Address Ranges

To provide flexibility in addressing and to prevent an incorrectly configured net- work from polluting the Internet, certain address ranges are set aside for private use. These address ranges are called private ranges because they are designated for use only on private networks. These addresses are special because Internet routers are configured to ignore any packets they see that use these addresses. This means that if a private network “leaks” onto the Internet, it won’t get any farther than the first router it encounters. So a private address cannot be on the Internet, because it cannot be routed to public networks.
Three ranges are defined in RFC 1918—one each from Classes A, B, and C. You can use whichever range you want, although the Class A and B address ranges offer more addressing options than Class C. Table 5.4 defines the address ranges for Class A, B, and C  addresses.

Table 5.4
Private Address Ranges

Class
Address Range
Default Subnet Mask
A
10.0.0.0 to 10.255.255.255
255.0.0.0
B
172.16.0.0 to 172.31.255.255
255.255.0.0
C
192.168.0.0 to 192.168.255.255
255.255.255.0



Classless Interdomain Routing (CIDR)

Classless interdomain routing (CIDR) is a method of assigning addresses out- side the standard Class A, B, and C structure. Specifying the number of bits in the subnet mask offers more flexibility than the three standard class definitions.
Using CIDR, addresses are assigned using a value known as the slasft. The actu- al value of the slash depends on how many bits of the subnet mask are used to express the network portion of the address. For example, a subnet mask that uses all 8 bits from the first octet and 4 from the second would be described as /12, or “slash 12.” A subnet mask that uses all the bits from the first three octets would be called /24. Why the slash? In actual addressing terms, the CIDR value is expressed after the address, using a slash. So the address 192.168.2.1/24 means that the node’s IP address is 192.168.2.1, and the subnet mask is 255.255.255.0.




Default Gateways

Default gateways are the means by which a device can access hosts on other net- works for which it does not have a specifically configured route. Most worksta- tion configurations actually default to just using default gateways rather than having any static routes configured. This allows workstations to communicate with other network segments, or with other networks, such as the InternetWhen a system wants to communicate with another device, it first determines whether the host is on the local network or a remote network. If the host is on a remote network, the system looks in the routing table to determine whether it has an entry for the network on which the remote host resides. If it does, it uses that route. If it does not, the data is sent to the default gateway.In essence, the default gateway is simply the path out of the network for a given device. Figure 5.1 shows how a default gateway fits into a network infrastructure.On the network, a default gateway could be a router, or a computer with net- work interfaces for all segments to which it is connected. These interfaces have local IP addresses for the respective segments.
If a system is not configured with any static routes or a default gateway, it is lim- ited to operating on its own network segment. On the network, the default gate- way could be a physical router or a computer with network interfaces for all seg- ments to which it is connected. These interfaces have local IP addresses for the respective segments.





IPv4 Address Types

IPv4 has three primary address types:
. Unicast: With unicast addresses, a single address is specified. Data sent with unicast addressing is delivered to a specific node identified by the address. It is a point-to-point address link.
. Broadcast: A broadcast address is at the opposite end of the spectrum from a unicast address. A broadcast address is an IP address that you can use to target all systems on a subnet or network instead of single hosts. In other words, a broadcast message goes to everyone on the network.
. Multicast: Multicasting is a mechanism by which groups of network devices can send and receive data between the members of the group at one time, instead of sending messages to each device in the group sepa- rately. The multicast grouping is established by configuring each device with the same multicast IP address.

It is important to be able to distinguish between these three types of IPv4 addresses.



IPv6 Addressing

Internet Protocol Version 4 (IPv4) has served as the Internet’s protocol for almost 30 years. When IPv4 was in development 30 years ago, it would have been impossible for its creators to imagine or predict the future demand for IP devices and therefore IP addresses.Where have all the IPv4 addresses gone?
IPv4 uses a 32-bit addressing scheme. This gives IPv4 a total of 4,294,967,296 possible unique addresses that can be assigned to IP devices. Over 4 billion addresses might sound like a lot, and it is. However, the number of IP-enabled devices increases daily at a staggering rate. It is also important to remember that


not all of these addresses can be used by public networks. Many of these address- es are reserved and are unavailable for public use. This reduces the number of addresses that can be allocated as public Internet addresses.
The IPv6 project started in the mid-1990s, well before the threat of IPv4 limi- tations was upon us. Now network hardware and software are equipped for and ready to deploy IPv6 addressing. IPv6 offers a number of improvements. The most  notable  is  its  ability  to  handle  growth  in  public  networks.  IPv6  uses a 128-bit addressing scheme, allowing a huge number of possible addresses:
340,282,366,920,938,463,463,374,607,431,768,211,456

Identifying IPv6 Addresses
As previously discussed, IPv4 uses a dotted-decimal format—8 bits converted to its decimal equivalent and separated by periods. An example of an IPv4 address is 192.168.2.1.
Because of the 128-bit structure of the IPv6 addressing scheme, it looks quite a bit different. An IPv6 address is divided along 16-bit boundaries, and each 16- bit block is converted into a four-digit hexadecimal number and separated by colons. The resulting representation is called colon-hexadecimal. Let’s look at how it works. Figure 5.2 shows the IPv6 address 2001:0:4137:9e50:2811:34ff:3f57:febc from a Windows Vista    system.




An IPv6 address can be simplified by removing the leading 0s within each 16- bit block. Not all the 0s can be removed, however, because each address block must have at least a single digit. Removing the 0 suppression, the address repre- sentation becomes
2001:0000:4137:9e50:2811:34ff:3f57:febc


Some of the IPv6 addresses you will work with have sequences of 0s. When this occurs, the number is often abbreviated to make it easier to read. In the preced- ing example you saw that a single 0 represented a number set in hexadecimal form. To further simplify the representation of IPv6 addresses, a contiguous sequence of 16-bit blocks set to 0 in colon hexadecimal format can be com- pressed to ::, known as the double colon.
For example, the link-local address of 2001:0000:0000:0000:3cde:37d1:3f57:fe93
can be compressed to 2001::3cde:37d1:3f57:fe93.
Of course, there are limits on how the IPv6 0s can be reduced. 0s within the IPv6 address cannot be eliminated when they are not first in the number sequence. For instance, 2001:4000:0000:0000:0000:0000:0000:0003 cannot be compressed as 2001:4::3. This would actually appear as 2001:4000::3.
When you look at an IPv6 address that uses a double colon, how do you know exactly what numbers are represented? The formula is to subtract the number of blocks from 8 and then multiply that number by 16. For example, the address 2001:4000::3 uses three blocks—2001, 4000, and 3. So the formula is as follows:
(8 – 3) * 16 = 80

Therefore, the total number of bits represented by the double colon in this example is 80.



IPv6 Address Types
Another difference between IPv4 and IPv6 is in the address types. IPv4 address- ing was discussed in detail earlier in this chapter. IPv6 addressing offers several types of addresses:
. Unicast IPv6 addresses: As you might deduce from the name, a unicast address specifies a single interface. Data packets sent to a unicast destina- tion travel from the sending host to the destination host. It is a direct line of communication. A few types of addresses fall under the unicast banner:


. Global unicast addresses: Global unicast addresses are the equiva- lent of IPv4 public addresses. These addresses are routable and travel throughout the network.
. Link-local addresses: Link-local addresses are designated for use on a single local network. Link-local addresses are automatically config- ured on all interfaces. This automatic configuration is comparable to the 169.254.0.0/16 APIPA automatically assigned IPv4 addressing scheme. The prefix used for a link-local address is fe80::/64. On a sin- gle-link IPv6 network with no router, link-local addresses are used to communicate between devices on the link.
. Site-local addresses: Site-local addresses are equivalent to the IPv4 private address space (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16). As with IPv4, in which private address ranges are used in private net- works, IPv6 uses site-local addresses that do not interfere with global unicast addresses. In addition, routers do not forward site-local traffic outside the site. Unlike link-local addresses, site-local addresses are not automatically configured and must be assigned through either stateless or stateful address configuration processes. The prefix used for the site-local address is FEC0::/10.
. Multicast addresses: As with IPv4 addresses, multicasting sends and receives data between groups of nodes. It sends IP messages to that group rather than to every node on the LAN (broadcast) or just one other node (unicast).
. Anycast addresses: Anycast addresses represent the middle ground between unicast addresses and multicast addresses. Anycast delivers mes- sages to any one node in the multicast group.





Comparing IPv4 and IPv6 Addressing

Table 5.5 compares IPv4 and IPv6 addressing.

Table 5.5 Comparing IPv4 and IPv6
Address Feature
IPv4 Address
IPv6 Address
Loopback address
127.0.0.1
0:0:0:0:0:0:0:1 (::1)
Network-wide addresses
IPv4 public address ranges
Global unicast IPv6 addresses
Private network addresses
10.0.0.0
Site-local address ranges

172.16.0.0
(FEC0::)

192.168.0.0

Autoconfigured addresses
IPv4 automatic private IP addressing (169.254.0.0)
Link-local addresses of the FE80:: prefix



Assigning IP Addresses
Now that you understand the need for each system on a TCP/IP-based network to have a unique address, the following sections examine how those systems receive their addresses.

Static Addressing

Static addressing refers to the manual assignment of IP addresses to a system. This approach has two main problems:
. Statically configuring one system with the correct address is simple, but in the course of configuring, say, a few hundred systems, mistakes are likely to be made. If the IP addresses are entered incorrectly, the system probably won’t be able to connect to other systems on the network.


. If the IP addressing scheme for the organization changes, each system must again be manually reconfigured. In a large organization with hun- dreds or thousands of systems, such a reconfiguration could take a con- siderable amount of time. These drawbacks of static addressing are so significant that nearly all networks use dynamic IP addressing.




Dynamic  Addressing

Dynamic addressing refers to the automatic assignment of IP addresses. On mod- ern networks, the mechanism used to do this is Dynamic Host Configuration Protocol (DHCP). DHCP, part of the TCP/IP suite, enables a central system to provide client systems with IP addresses. Assigning addresses automatically with DHCP alleviates the burden of address configuration and reconfiguration that occurs with static IP addressing.
The basic function of the DHCP service is to automatically assign IP addresses to client systems. To do this, ranges of IP addresses, known as scopes, are defined on a system that is running a DHCP server application. When another system configured as a DHCP client is initialized, it asks the server for an address. If all things are as they should be, the server assigns an address to the client for a pre- determined amount of time, which is known as the lease, from the scope.
A DHCP server typically can be configured to assign more than just IP address- es. It often is used to assign the subnet mask, the default gateway, and Domain Name System (DNS) information.
Using DHCP means that administrators do not have to manually configure each client system with a TCP/IP address. This removes the common problems asso- ciated with statically assigned addresses, such as human error. The potential problem of assigning duplicate IP addresses is also eliminated. DHCP also removes the need to reconfigure systems if they move from one subnet to anoth- er, or if you decide to make a wholesale change in the IP addressing structure.


Configuring Client Systems for TCP/IP
Configuring a client for TCP/IP can be relatively complex, or it can be simple. Any complexity involved is related to the possible need to configure TCP/IP manually. The simplicity is related to the fact that TCP/IP configuration can occur automatically via DHCP or through APIPA. At the least, a system needs an IP address and subnet mask to log on to a network. The default gateway and DNS server IP information is optional, but network functionality is limited without them. The following list briefly explains the IP-related settings used to connect to a TCP/IP network:
. IP address: Each system must be assigned a unique IP address so that it can communicate on the network.
. Subnet mask: The subnet mask allows the system to determine what portion of the IP address represents the network address and what por- tion represents the node address.
. Default gateway: The default gateway allows the system to communi- cate on a remote network, without the need for explicit routes to be defined.
. DNS server addresses: DNS servers allow dynamic hostname resolu- tion to be performed. It is common practice to have two DNS server addresses defined so that if one server becomes unavailable, the other can be used.




BOOT Protocol (BOOTP)

BOOTP was originally created so that diskless workstations could obtain infor- mation needed to connect to the network, such as the TCP/IP address, subnet mask, and default gateway. Such a system was necessary because diskless work- stations had no way to store the information.
When a system configured to use BOOTP is powered up, it broadcasts for a BOOTP server on the network. If such a server exists, it compares the MAC address of the system issuing the BOOTP request with a database of entries. From this database, it supplies the system with the appropriate information. It can also notify the workstation about a file that it must run on   BOOTP.
In the unlikely event that you find yourself using BOOTP, you should be aware that, like DHCP, it is a broadcast-based system. Therefore, routers must be con- figured to forward BOOTP  broadcasts.



APIPA

Automatic Private IP Addressing (APIPA) was introduced with Windows 98, and it has been included in all subsequent Windows versions. The function of APIPA is that a system can give itself an IP address in the event that it is inca- pable of receiving an address dynamically from a DHCP server. In such an event, APIPA assigns the system an address from the 169.254.0.0 address range and configures an appropriate subnet mask (255.255.0.0). However, it doesn’t configure the system with a default gateway address. As a result, communication is limited to the local network.

The idea behind APIPA is that systems on a segment can communicate with each other in the event of DHCP server failure. In reality, the limited usability  of APIPA makes it little more than a last resort. For example, imagine that a sys- tem is powered on while the DHCP server is operational and receives an IP address of 192.168.100.2. Then the DHCP server fails. Now, if the other sys- tems on the segment are powered on and are unable to get an address from the DHCP server because it is down, they would self-assign addresses in the 169.254.0.0 address range via APIPA. The systems with APIPA addresses would


be able to talk to each other, but they couldn’t talk to a system that received an address from the DHCP server. Likewise, any system that received an IP address via DHCP would be unable to talk to systems with APIPA-assigned addresses. This, and the absence of a default gateway, is why APIPA is of limit- ed use in real-world environments.





Identifying MAC Addresses

This book many times refers to MAC addresses and how certain devices use them. However, it has not yet discussed why MAC addresses exist, how they are assigned, and what they consist of. Let’s do that now.A MAC address is a 6-byte (48-bit) hexadecimal address that allows a NIC to be uniquely identified on the network. The MAC address forms the basis of net- work communication, regardless of the protocol used to achieve network con- nection. Because the MAC address is so fundamental to network communica- tion, mechanisms are in place to ensure that duplicate addresses cannot be used.
To combat the possibility of duplicate MAC addresses being assigned, the Institute of Electrical and Electronics Engineers (IEEE) took over the assign- ment of MAC addresses. But rather than be burdened with assigning individual addresses, the IEEE decided to assign each manufacturer an ID and then let the manufacturer further allocate IDs. The result is that in a MAC address, the first 3 bytes define the manufacturer, and the last 3 are assigned by the manufacturer.
For example, consider the MAC address of the computer on which this book is being written: 00:D0:59:09:07:51. The first 3 bytes (00:D0:59) identify the man- ufacturer of the card; because only this manufacturer can use this address, it is known as the Organizational Unique Identifier (OUI). The last 3 bytes (09:07:51) are called the Universal LAN MAC address: They make this interface unique. You can find a complete listing of organizational MAC address assignments at http://standards.ieee.org/regauth/oui/oui.txt.






NAT, PAT, and SNAT

This chapter has defined many acronyms, and we will continue with three more—NAT,   PAT,   and  SNAT.

Network Address Translation (NAT)

The basic principle of NAT is that many computers can “hide” behind a single IP address. The main reason we need to do this (as pointed out earlier, in the section “IP Addressing”) is because there simply aren’t enough IP addresses to go around. Using NAT means that only one registered IP address is needed on the system’s external interface, acting as the gateway between the internal and external networks.NAT allows you to use whatever addressing scheme you like on your internal networks, although it is common practice to use the private address ranges, which were discussed earlier in the chapter.
When a system is performing NAT, it funnels the requests given to it to the Internet. To the remote host, the request looks like it is originating from a sin- gle address. The system performing the NAT function keeps track of who asked for what and makes sure that when the data is returned, it is directed to the cor- rect system. Servers that provide NAT functionality do so in different ways. For example, it is possible to statically map a specific internal IP address to a specif- ic external one (known as the one-to-one NAT metftod) so that outgoing requests are always tagged with the same IP address. Alternatively, if you have a group of public IP addresses, you can have the NAT system assign addresses to devices on a first-come, first-served basis. Either way, the basic function of NAT is the same.

PAT and SNAT

NAT allows administrators to conserve public IP addresses and, at the same time, secure the internal network. Port Address Translation (PAT) is a variation on NAT. With PAT, all systems on the LAN are translated to the same  IP  address, but with a different port number assignment. PAT is used when multi- ple clients want to access the Internet. However, with not enough public IP addresses available, you need to map the inside clients to a single public IP address. When packets come back into the private network, they are routed to their destination with a table within PAT that tracks the public and private port numbers.
When PAT is used, there is a typically only a single IP address exposed to the public network and multiple network devices access the Internet through this exposed IP address. The sending devices, IP address, and port number are not exposed. As an example, an internal computer with the IP address of 192.168.2.2 wants to access a remote Web server at address 204.23.85.49. The request goes to the PAT router where the sender’s private IP and port number are modified and a mapping is added to the PAT table. The remote web server sees the request coming from the IP address of the PAT router and not the computer actually making the request. The web server will send the reply to the addressand port number of the router. Once received, the router will check its table to see the packets actual destination and forward it.Static NAT  is a simple form of NAT.  SNAT  maps a private IP address directly    to a static unchanging public IP address. This allows an internal system, such as a mail server, to have an unregistered (private) IP address and still be reachable over the Internet. For example, if a network uses a private address of 192.168.2.1 for a mail server, it can be statically linked to a public IP address such as 213. 23. 213.85.
.







No comments:

Post a Comment