csis 4823 data communications networking – ip addressing review
DESCRIPTION
CSIS 4823 Data Communications Networking – IP Addressing Review. Mr. Mark Welton. What is an IP address?. IPv4 address are 32-bit numbers represented in dotted decimal notation of 8 bit segments 00001010.00001000.01100100.00011000 10.8.100.24 So why 8 bit segments?. - PowerPoint PPT PresentationTRANSCRIPT
CSIS 4823Data Communications
Networking – IP Addressing Review
Mr. Mark Welton
What is an IP address?
IPv4 address are 32-bit numbers represented in dotted decimal notation of 8 bit segments
00001010.00001000.01100100.00011000 10.8.100.24 So why 8 bit segments?
We started with a classful system (Class A,B,C,etc) Each class is created by 8-bits of the binary IP 8-bit processing systems where easier and
cheaper to build (RFC 791 published in 1981)
Somewhat Useless Trivia, Maybe?
11000000 10101000 00000000 00000000
Class A Class B Class C
We are accustomed to the decimal system a base 10 system
The number 12410 is 100+20+4 or◦ 1x102+2x101+4x100
◦ 1x100+2x10+4x1
A Fast Binary Review
The binary number system is a base 2 system
011111002 is 0x27+1x26+1x25+1x24+1x23+1x22+0x21+0x20
0x128+1x64+1x32+1x16+1x8+1x4+0x2+0x1
64+32+16+8+4 or 12410
A Fast Binary Review
So each octet (8-bit binary number) goes from◦ 000000002 – 1111111112
So what is the value of 1111111112
A Fast Binary Review
128+64+32+16+8+4+2+1 = 25510 So what is the hexadecimal value? 8+4+2+1 = 15 or F16
A Fast Binary Review
11111111128 64 32 16 8 4 2 1
27 26 25 24 23 22 21 20
IP address allocation is rarely done properly First mistake I see is people not understand
what I just covered Second mistake I see is not understanding
public vs private vs reserved IP addresses Third mistake I see is not understanding
how to take a large prefix and break it down to usable network prefixes that allow for growth
Fourth mistake I see is people not understanding why we do it
IP Address Allocation
We divide the IP space to create segments that makes sense to us
Segmentation = routing Each IP address allocation is a L2 network
which needs a router to move to the next network
The better we do this the easier routing and ACLs are to do
The easier the network is to troubleshoot
IP Address Allocation
RFC 1918 “Address Allocation for Private Internets”
10.0.0.0 – 10.255.255.255 (10/8 prefix) 172.16.0.0 – 172.31.255.255 (172.16/12
prefix) 192.168.0.0 – 192.168.255.255
(192.168/16) These are the IP address spaces that can be
used internally in an enterprise
Public Versus Private IP Space
“link local” block◦ 169.254.0.0 – 169.254.255.255 (169.254.0.0/16)◦ To be used when a device can not get an IP address through
DHCP reserves lowest Class B
◦ 128.0.0.0 -128.0.255.255 (128.0.0.0/16)◦ Not able to be used under old class system but can be assigned
to someone now Also defines loop back space (RFC 1700)
◦ 127.0.0.0 – 127.255.255.255 (127.0.0.0/8)◦ Used for a machine to communicate internally
Also defines multicast address space (RFC 5771)◦ 224.0.0.0 – 239.255.255.255 (224.0.0.0/4)
So you should never use these IP address spaces!
Public Versus Private IP Space
Misuse of Public IP address space can cause network routing problems for you network
Public IP Space
Prefix 10.0.0.0/8 has what subnet mask? The 8 says the first 8 bits must be ones So the first octet would be 255 and all
others would be zero 255.0.0.0
Subnet Mask
11111111128 64 32 16 8 4 2 1
What about 172.16.0.0/16? 192.168.0.0/24? 172.16.0.0/12?
Subnet Mask
Redefined how a traditionally Classful IP network could be used and subnetted (in equal size block)
With VLSM, subnets can be any size if they follow the binary rules
VLSM allows networks to be subdivided
Variable Length Subnet Mask (VLSM)
Old Classful Netorking
Variable Length Subnet Mask (VLSM)
Variable Length Subnet Mask (VLSM)
Why is it Wrong
11000000 10101000 00000001 11000000
11111111 11111111 11111111 11111000
11111111 11111111 11111111 11110000
11000000 10101000 00000001 11001000
192.168.1.192
192.168.1.200
/29 255.255.255.248
/28 255.255.255.240
We use it all the time but do you really know what it is?
Classless Internet Domain Routing(CIDR)
CIDR is sort of the inverse of VLSM Where VLSM prescibes rules for subdividing
networks, CIDR prescribes rules for referencing groups of networks with a single route statement
Why would we want to do this?
Classless Internet Domain Routing(CIDR)
Classless Internet Domain Routing(CIDR)
Smaller routing tables are more logical, easier to understand, easier to troubleshoot, and require less CPU and memory for the routers.
IP address allocation is rarely done properly First mistake I see is people not understand
what I just covered Check Second mistake I see is not understanding
public vs private vs reserved IP addresses Check
Third mistake I see is not understanding how to take a large prefix and break it down to usable network prefixes that allow for growth Not Yet
Fourth mistake I see is people not understanding why we do it
IP Address Allocation
Allocate a block of IP addresses that can be referenced with a single access-list (filter) entry
Always allocate more IP addresses than requested
A Couple Rules First
Need 30 IP addresses for a server farm of database servers
Should we use a /27 255.255.255.224?
Always allocate more IP addresses than requested
Need 30 IP addresses for a server farm of database servers
Should we use a /27 255.255.255.224?
Always allocate more IP addresses than requested
Allowing for 30 percent growth is a good rule of thumb
Round up to the next binary boundary 64 IP addresses or a /26 255.255.255.192
Always allocate more IP addresses than requested
Now let say the server farm subnet was already allocated using 10.100.100.0/24
There are currently 10 servers in place .1 for the router and 2-11 for the servers You need to issue 30 more IP addresses on
this subnet Now what??? Just give them 12-42 right???
Allocate IP addresses that can be referenced with a single ACL
Allocate IP addresses that can be referenced with a single ACL
Allocate IP addresses that can be referenced with a single ACL Allocating groups of devices into
subnettable ranges◦ allows you to remove them from the network and
place them elsewhere without significant changes to the IP network design
You could allocate the range of 32-63◦ Access-list 101 permit ip any 10.100.100.32 255.255.255.224 eq
web So we are good right???
You should think ahead and allocate 64 IP addresses on a bit boundary
So you should allocate 64-127 Right???
◦ Access-list 101 permit ip any 10.100.100.64 255.255.255.192 eq web
Meets both rules so we are good???
What about rule 1?
Maybe
IP address allocation is rarely done properly First mistake I see is people not understand
what I just covered Check Second mistake I see is not understanding public
vs private vs reserved IP addresses Check Third mistake I see is not understanding how to
take a large prefix and break it down to usable network prefixes that allow for growth Not Yet
Fourth mistake I see is people not understanding why we do it Know why you are allocating the IP and allow for growth
IP Address Allocation
There are three methods you can use to allocate IP addresses and IP subnets
Sequential– assign the first numerical subnet and then the next and so on, most commonly used. It is easy to understand
Divide by half - every time a network is allocated, the smallest available chunk is divided by half for use while preserving a large portion of IP address space for additional growth
Reverse binary – subnets are allocated by counting in binary with the most and least significant bits reversed. Is the most logical method, but is hard to understand
Have a Method to the Madness
Sequential IP Subnet Allocation
Some of us have been doing this for so long we remember the rule of all-zeros and all-ones as it relates to subnets
RFC 1878 states, “This practice (of excluding all-zeros and all-ones subnets) is
obsolete. Modern software will be able to utilize all definable networks.” Sometimes you maybe in an environment where
legacy equipment can not do this Or the staff still think they have to follow the
rule
Note about all-zeros and all-ones
Divide by Half
Reverse Binary
Reverse Binary
For the Cisco people in the class. You will need to know Cisco’s way to pass the CCNA
or know how to get the answer to the question based on how Cisco or vendor X tests
Everyone knows (or should now) that two IP addresses are used in every subnet (one for the gateway and one for broadcast)
Unless you have done enough networking to know you can use a /31 for to routers in a point-to-point connection. DO NOT ASKING IF YOU ARE NOT GOING TO TAKE CCDP!!!
IP Subnetting Made Easy
A /24 subnet has 256 host IP addresses – 254 IP are usable by host devices
Everything is based on the subnet masks which is based on binary
Everything will be powers of 2 and will either produce 256 or be divisible by 256
The maximum value of an octet is 255 (but remember we count from 0 so 256 number)
IP Subnetting Made Easy
Subnet masks are, by their nature, inclusive There are only nine values that are possible
for any octet in a subnet mask
IP Subnetting Made Easy
IP Subnetting Made Easy
What the author is trying to say is a /24 or 255.255.255.0 would have 256 host with 16,777,216 possible subets (256*256*256*1)
IP Subnetting Made Easy
I find an expanded for of the horizontal format very useful
IP Subnetting Made Easy
IncrementNumber of hosts
128 64 32 16 8 4 2 1
CIDR /25 /26 /27 /28 /29 /30 /31 /32mask 128 192 224 240 248 252 254 255Usable Hosts
126 62 30 14 6 2 - -