day15 ip space/setup. ip suite of protocols –tcp –udp –icmp –gre… gives us many benefits...
TRANSCRIPT
IP• Suite of protocols
– TCP– UDP– ICMP– GRE…
• Gives us many benefits– Routing of packets over internet– Fragmentation/Reassembly of packets– IP Address System
• Netmasks
What is a network address?• In every range of IP addresses, 2
addresses are reserved for special purposes:– The lowest address in the range:
• The Network Address– This identifies the network– Example:
» 200.200.200.55 / 255.255.255.0 has a network address of 200.200.200.0
– The highest address in the range:• The Broadcast Address
– An address in the network which everyone listens to:
– Example» 200.200.200.55 / 255.255.255.0 has a
broadcast address of 200.200.200.255
Unusable Addresses• In every network, the upper and
lower addresses in your range, cannot be assigned to a workstation.– Broadcast & Network addresses.
• Example:– 199.120.197.128 / 255.255.255.128– You cannot use:
• 199.120.197.128• 199.120.197.255
So how many?• How many COMPUTERS can you
put into the network:– 10.2.3.64 /255.255.255.224 ?
• 255-224 = 32– Hence, there are 32 IPs in that range– Neither the first nor last can be used
• 10.2.3.64 network• 10.2.3.95 broadcast
– First available: 10.2.3.65– Last available: 10.2.3.94
Use of IP addresses• Given a 32 bit IP address, there
are 4,294,967,296 possible IP addresses. (In theory)
• IP addresses are running out quickly
• Not all computers NEED an IP address.– With a smart router, or firewall, you
can save IP addresses by using Network Address Translation
– Servers still need unique IP addresses
Network Address Translation (NAT)
Computer
Computer
Computer
10.0.0.2
10.0.0.3
10.0.0.4
NAT Router10.0.0.1 I209.2.3.4
Computer
Router123.2.3.4
• Computers send traffic with one address• NAT router converts connection to new address and forwards it on• NAT router receives reply and converts back to original address
What are private addresses?• 3 ranges of addresses were
defined as being “private”– These addresses are specifically
dropped by routers on the internet– Millions of computers in the world can
have the same private address, but they are not DIRECTLY connected to the internet, something (Firewall, Router) is translating their address to a real one.
The “Private” Addresses
•10.0.0.0 - 10.255.255.255
•192.168.0.0 - 192.168.255.255
•172.16.0.0 - 172.31.255.255172.16.0.0 - 172.31.255.255
Private AddressesBenefits•Economic
–Conserve registered IP addresses
•Convenient–Won’t have to renumber your internal network if you change ISP
•Some Security–Since nobody can connect to them directly, they must go through a firewall. Thus you can control who can have access
Drawbacks•Public servers need a “routable address”, which must be converted to a private address
–Less intuitive
•Problem with trusted office to office VPN.
–Each office must be using DIFFERENT private addresses, otherwise you will run into address conflicts.
Long term solution• In the long run we need to change
to using IP V6– 128 bit addresses– 340,282,366,920,938,463,463,374,60
7,431,768,211,456 addresses– 1 IP per 1/10 square inch earth
• Slow progress on adaptation– Equipment/software replacement– Some of the best parts already back
ported to IPV4 (ipsec)
Configuring a workstation• All workstations should be configured
with:– IP address
• Must be unique in the world unless behind a NAT router
– Either way must be unique in LAN
– Netmask• This tells your computer what other computers it
can talk directly to on the LAN– Default Gateway
• This tells your computer the IP address of a router to which it can send traffic that isn’t for your lan
– DNS settings• This allows your computer to find out the IP of
machines on the internet by name.
• You may optionally have static routes and WINS settings also.
Auto Configuring Workstations• You don’t need to configure every
workstation in your company by hand • DHCP “Dynamic Host Configuration
Protocol” can be used to do it for you– Each client has to be set up for DHCP
• It is the default TCP/IP setting in all versions of Windows
– Your DHCP server should be configured to distribute:
• IP addresses from a free range• The default gateway address• DNS & WINS server information
Let’s see our DHCP info• In windows type:
– Ipconfig /all
Physical Address. . . . . . . . . : 00-02-2D-A6-01-FB Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.0.1.10 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 10.0.1.1 DHCP Server . . . . . . . . . . . : 10.0.1.1 DNS Servers . . . . . . . . . . . : 10.0.1.2 Lease Obtained. . . . . . . . . . : Saturday,
September 30, 2004 12:35:11 PM Lease Expires . . . . . . . . . . : Tuesday, October
03, 2004 12:35:11 PM
When to use/not use DHCP• DHCP perfect for:
– Mobile environments• Laptops come and go, don’t want to assign
a permanent IP to a computer which you’ll only see every 2 months.
– Desktops in a corporation• Saves you from having to keep track of
which IPs you’ve assigned. • Allows end users set up computers without
network admin help
• It’s bad for:– Servers
• You don’t want a web server to change address, since DNS needs to track it
Static Routes• Necessary if you have more than 1
router in network.• Either the routers need to know
how to get to each others networks– Or the workstations need to know
• Route print• Route add 10.0.0.0 mask 255.0.0.0 168.28.48.1• Route delete 10.0.0.0 mask 255.0.0.0
Which route wins• When a route table is read the
most specific route wins:– Network Netmask GW– 10.0.0.0 255.0.0.0 1.1.1.1– 10.0.0.0 255.255.0.0 1.1.1.2– 10.0.0.0 255.255.255.0
1.1.1.3– 10.0.0.0 255.255.255.252 1.1.1.4– 0.0.0.0 0.0.0.0 1.1.1.5
• If this is the routing table a packet to 10.0.0.1 would be routed to 1.1.1.4 because it is the most specific route in the table.