module 4 ip addressing and routing - nands.comnands.com/courseware/7306sm.pdf · ccna module 4: ip...

CCNA

© 2007 N+S training!

Module 4

IP Addressing and Routing

Review

CCNA Module 4: IP Addressing and Routing

Page 4.2 7306–0101–SM–D © 2007 N+S training!

Objectives After completing this module you should be able to:

♦ Describe the form and function of IP addresses;

♦ Identify the five classes of IP address;

♦ Understand the need for subnet masks and how they are used;

♦ Determine the effect of a subnet mask on a network address;

♦ Derive subnet masks suitable for given network requirements;

♦ Understand basic IP routing processes and the importance of the correct configuration of default gateways, subnet masks and routing tables;

♦ Describe simple network routing troubleshooting procedures;

♦ Express IP addresses using prefix notation;

♦ Understand some of the limitations of IP Version 4 (IPv4) and describe some of the techniques currently used to handle them;

♦ Explain the need for Variable Length Subnet Masks (VLSMs);

♦ Identify private IP addresses and understand how they are used;

♦ Define Network Address Translation (NAT) and describe the circumstances in which the various types of NAT should be considered;

♦ Understand the need for IP Version 6 (IPv6) and list its main features;

♦ Recognise IPv6 addresses.

Review


© 2007 N+S training! 7306–0101–SM–D Page 4.3

Introduction You have already learnt that in order to be able to route packets to remote destinations, we need a global addressing scheme with the following properties:

♦ Unique addresses for every network device;

♦ Independence of the Physical and Data Link layers;

♦ Addresses which contain a network identifier, allowing routing decisions to be made on the basis of the destination network, rather than the entire address.

The last condition is important, as it means that the size of routing tables can be kept (relatively) small.

The Internet Protocol Version 4 (IPv4) addressing scheme is, at present, the most widely used. It is the basis of the Internet and the World Wide Web.

In this module we look at the IPv4 addressing in detail, particularly at how it affects the way that packets are routed through a network. You will then learn some of the shortcomings of the current scheme and how these are addressed at present. We finish by looking briefly at the main features of the next version of IP, IP Version 6 (IPv6).

Review


.4 7306–0101–SM–D © 2007 N+S training!

IP Addressing An IP address is a 32-bit number used to identify a network interface. This means that there are potentially 232 = 4,294,967,296 (ie over 4 billion) different addresses.

The IP address is usually represented in dotted decimal notation, as follows:

w.x.y.z

where w, x, y and z are decimal integers which can take any value from 0 to 255, although there are some restrictions, as you will see presently.

Each of these numbers represents an octet, ie 8 bits of the address, as the following example shows.

The IP address

10000010000000110000010100001000

in binary form, can be shown as 4 octets

10000010.00000011.00000101.00001000

The dots have no numeric significance; they are just there to make the number easier to read.

Each octet can then be represented by its decimal equivalent

130.3.5.8

Example 4.1 – Dotted Decimal and Binary Notation

This is clearly much easier to work with than its binary equivalent.

Remember that an IP address is the address of a network interface; if a network node (ie a computer or router) has more than one network interface, it will have more than one IP address. PCs often have only one network interface, so you will often refer to the IP address of the PC; strictly speaking, it is the IP address of the PC’s network adapter.

Each network interface with an IP address is also referred to as a host and the associated IP address is referred to as its host address.

Review



To convert a binary octet into its decimal equivalent, simply put the binary octet into a binary power grid and add together all the powers of 2 which have a binary 1 underneath, as shown in Example 4.2.

Binary Power Grid

27 26 25 24 23 22 21 20 Powers of 2

128 64 32 16 8 4 2 1

Binary = 1 0 0 0 0 0 1 0

Decimal = 128 + 0 + 0 + 0 + 0 + 0 + 2 + 0

=130

Example 4.2 - Converting Binary Octets to Decimal

Note – If you are not familiar with converting binary to decimal numbers, you should read through Appendix A – Notes on Number Systems, and work through the examples in it. You will find it much easier to understand the rest of this module.

Classes of IP Address A router needs to be able to forward a packet, based on the destination IP address in the packet header. It does this by referring to a routing table.

To keep the routing table to a manageable size, the address is divided into a network portion (the prefix) and a host portion (the suffix), and only the network portion is used to make routing decisions.

Note – Although we refer to the host portion of the IP address, remember that the term host address refers to the entire IP address of the network interface (or host).

Once the packet arrives at a router connected to the destination network, the host portion is used to ensure delivery to the correct network interface on the destination network.

You can think of the IP address as being split into two parts:

< Network | Host >

Review



Clearly, it is important to know which part is which. If the network portion is bigger, potentially there will be more networks than there are hosts in each network. If the host portion is bigger, there will be fewer networks, each capable of containing more hosts. However, networks come in many different sizes, so a ‘one size fits all’ approach would be unsuitable.

One way round this problem is to use a (fairly crude) classification scheme which divides networks into 3 classes, and reserves certain addresses for each class:

♦ Class A – a small number of very large networks;

♦ Class B – a larger number of medium-sized networks;

♦ Class C – an even larger number of small networks.

Table 4.1 shows how the IP address is split into its network and host portions for each class of address.

Table 4.1 - Classes of IP Address

w x y z

Class A network host host host

Class B network network host host

Class C network network network host

The class of an address is determined by its first octet (w number) as shown in Table 4.2.

Table 4.2 - Class Address Ranges

Class 1st Octet (w)

A 1 - 126

B 128 - 191

C 192 - 223

As you can see, there are some addresses missing from this list: addresses beginning with 0, 127 and 224 to 255. To understand why

Review



this is the case, we shall need to look at the restrictions on assigning IP addresses to hosts.

IP Address Restrictions Some IP addresses cannot be used to configure individual hosts because they are used for other purposes, for example:

♦ Network Addresses

♦ Broadcast Addresses

♦ Multicast Addresses

♦ Loopback Addresses

♦ Reserved Addresses

♦ Network Zero

Network Addresses A router decides how to forward an IP packet using the network portion of the packet’s destination IP address. It does this by checking its routing table. This contains a list of known destination networks, together with instructions on how to forward the packet to each network. You will learn more about routing tables later.

Each network is identified by its network address, an IP address with all the host bits set to 0. You can see some examples in Table 4.3.

Table 4.3 - Network Addresses

Network Address Class Contains Hosts with Addresses

64.0.0.0 A 64.x.y.z

130.3.0.0 B 130.3.y.z

200.2.2.0 C 200.2.2.z

These addresses refer to the network as a whole and cannot be assigned to an individual host.

Review



Broadcast and Multicast Addresses A host address is used when sending a packet to a particular network interface. This type of packet is referred to as a unicast packet. However, it is also possible to send a packet to multiple hosts.

These packets are known as:

♦ Broadcast packets – if they are sent to every host on a network;

♦ Multicast packets – if they are sent to a selection of hosts, typically to a specific kind of network device, to all routers for example.

The destination addresses of broadcast packets have all their host bits set to 1. You can see some examples in Table 4.4.

Table 4.4 - Broadcast Addresses

Broadcast Address Destination

64.255.255.255 Every host in class A network 64.0.0.0

130.3.255.255 Every host in class B network 130.3.0.0

200.2.2.255 Every host in class C network 200.2.2.0

There is also a general broadcast address, 255.255.255.255. This can be interpreted as a broadcast to every host in every network.

However (by default) routers do not forward broadcasts to other networks, so packets with this destination address are sent to all systems on the local network, ie the same network as the host sending the packet.

Multicast addresses are automatically assigned to the hosts of certain types of network devices. They are of the form

w.x.y.z

where the first octet is in the range 224 to 239. You can see some examples in Table 4.5. They are known as Class D addresses.

Review



Table 4.5 - Multicast Addresses

Multicast Address Destination

224.0.0.1 All hosts (effectively a broadcast to the local network)

224.0.0.2 All IP routers

oopback Addresses All addresses of the form 127.x.y.z are loopback addresses. They are used for testing that the TCP/IP protocols have been correctly installed on a system. The ping utility is used to check that a destination IP address is reachable. The command

ping destination_IP_address

tests that IP packets can be sent to, and received from, the destination host.

If you issue the command

ping 127.0.0.1

a successful result means that your system’s TCP/IP installation is capable of generating and receiving IP packets. The IP address 127.0.0.1 is often referred to as the loopback address. Strictly speaking, it is one of over 2 million loopback addresses, each of the form 127.x.y.z, with the exception of 127.0.0.0, the address of the entire loopback network itself.

When you ping a loopback address, no packets are actually sent over any of your system’s network interfaces. The command simply checks that TCP/IP has been installed correctly on your system, and that the network adapter is working.

Reserved Addresses These are addresses of the form

w.x.y.z

where the first octet is in the range 240 to 255. These are known as Class E addresses and they are reserved, mainly for experimental use. The general broadcast address, 255.255.255.255, is a reserved address.

Review



Network Zero Host IP addresses, cannot have all the bits of their network portion set to 0, as some protocols use network 0 to refer to the local network, and routers use the address 0.0.0.0 to indicate all other networks not explicitly mentioned in their routing tables. The route to network 0.0.0.0 is known as the default route.

IP Address Classes Revisited You have seen that there are three classes of IP address which can be assigned to hosts, subject to some restrictions. There are two other classes, D and E, which cannot be assigned. Each of these classes can be identified by the range of values that the first octet can take.

These values are determined by the bit pattern of the first octet, as shown in Table 4.6

Table 4.6 - Address Classes and the 1st Octet

Class Type 1st Octet

Range 1st Octet Bit Pattern

A N.H.H.H 1 – 126 0 x x x x x x x

B N.N.H.H 128 – 191 1 0 x x x x x x

C N.N.N.H 192 – 223 1 1 0 x x x x x

D multicast 224 – 239 1 1 1 0 x x x x

E reserved 240 – 255 1 1 1 1 x x x x

128 64 32 16 8 4 2 1

An x in the table means that the bit is free to be set to either 1 or 0.

Numbers of Hosts per Network for each Class The number of addresses in each type of network is easy to work out from the number of bits in the host portion.

NA = 2h

Equation 4.1

Review



where NA is the total number of addresses, including the network address and the broadcast address, and h is the number of host bits available.

To work out the actual number of addresses (NH) that can be assigned to individual hosts, simply subtract 2, to take account of the fact that the network and broadcast addresses cannot be assigned to hosts.

NH = 2h - 2

Equation 4.2

Number of Networks in each Class You can use a similar procedure to work out the numbers of networks in each class. You will have to subtract 2, in the case of Class A networks, to take into account the fact that the free network bits cannot all be set to 0 (network 0) or all be set to 1 (the loopback network, 127.0.0.0).

You must not count those bits in the first octet that have been set to 1 or 0, as those bits have been fixed.

In this case, the formula is

NN = 2n - 2 (for Class A)

NN = 2n (for Classes B and C)

Equation 4.3

where NN is the number of networks in the class, and n is the number network bits which are free, ie have not been fixed.

The results can be summarised in Table 4.7.

Table 4.7 - Numbers of Networks and Hosts by Class

Class h n No of Host per Network No of Networks

A 24 7 16,777,214 126

B 16 14 65,534 16,384

C 8 21 254 2,097,152

Review



You should work through the calculations and satisfy yourself that these numbers are correct.

The Subnet Mask The existence of three different classes of host address means that you can assign different types of network address to large, medium and small networks. Even so, this breakdown is fairly crude and does not adequately describe many of the networks currently in use.

However, each IP host address also has an associated subnet mask. This actually defines which part of the address is the network portion and which is the host portion.

Like an IP address, a subnet mask is also a 32-bit number. Its most significant (leftmost) bits are all set to 1, while the least significant (rightmost) bits are all set to 0, as shown in Example 4.3. The number has been divided into four octets for convenience.

11111111.11111111.00000000.00000000

Or, in dotted decimal notation

255.255.0.0

Example 4.3 - A Subnet Mask

The boundary between the ones and the zeros defines the split in the IP address between the network and host portions. In this case, the subnet mask corresponds to a Class B address – the first two octets of the associated IP address are the network portion, while the last two are the host portion.

To work out the effect of a subnet mask on its associated IP address, you can use the following rule.

Wherever a bit is set to 1 in the subnet mask, treat the corresponding bit in the IP address as being in the network portion (prefix).

Wherever a bit is set to 0 in the subnet mask, treat the corresponding bit in the IP address as being in the host portion (suffix).

Subnet Mask Rule

Review



When configuring an IP address on a network interface, you must specify both the IP address and its subnet mask. Most operating systems (including Cisco’s IOS) will automatically suggest that you use the default subnet mask for the class of the IP address specified.

Examples are listed in Table 4.8.

Table 4.8 - Default Subnet Masks

IP Address Class Default Subnet Mask

64.78.5.23 A 255.0.0.0

130.3.45.7 B 255.255.0.0

200.2.2.103 C 255.255.255.0

The default subnet masks by themselves would not add much to our existing system of Class A, B and C addresses. However, when configuring a network interface, you are not obliged to accept the default.

You can choose a different subnet mask, which will sub-divide your single Class A, B or C network, into a number of smaller networks called subnets. This gives you the ability to tailor your IP addressing scheme to match the requirements of your network.

Review



Subnetting You can use subnet masks to create subnets which make efficient use of your organisation’s IP addresses and support its internal network structure. To illustrate this, we shall start with a simple example.

Your company, ACME Holdings, is fortunate enough to have been allocated an entire Class B network address, 191.9.0.0. Until recently, the company premises were based on a single site, which contained a single network, consisting of a single Ethernet LAN with approximately 100 PCs, servers and network printers attached. In reality, given the size of your company, it would be very unlikely to have an entire Class B address.

A new branch office is going to be opened. This will have its own Ethernet LAN, and will be connected to the company’s HQ via a leased line, as shown in Figure 4.1.

Figure 4.1 - The ACME Network

Review



Subnetting a Class B Network The Class B network, 191.9.0.0, is capable of supporting over 65,000 hosts – many more than the company actually has. However, as it stands, network 191.9.0.0 is incapable of supporting the new network structure. This will need at least 3 network addresses, one for the HQ LAN, one for the Branch Office LAN and one for the WAN link between the sites. Remember that the routers will only be able to forward packets to the correct network segments if each of the segments has a unique network address.

One solution to this problem is to assign the third octet of each IP address as part of the network portion of the address. This can be done by using the subnet mask 255.255.255.0 instead of the default Class B subnet mask, 255.255.0.0. The resulting network is shown in Figure 4.2.

Figure 4.2 - The ACME Network Subnetted

Every host in the HQ Ethernet LAN is in subnet 191.9.1.0; the two hosts at either end of the WAN link are in subnet 191.9.2.0, and the hosts in the Branch Office LAN are in subnet 191.9.3.0. You should note that the subnet addresses (like network addresses in general) have all their host bits set to 0.

This subnetting scheme has effectively divided your single Class B network into a number of smaller networks, which are like Class C

Review



networks; each subnet can support up to 254 host addresses. This is summarised in Table 4.9.

Table 4.9 - ACME Subnets and Address Ranges

Subnet Subnet Address

Broadcast Address

Available Host Addresses

HQ 191.9.1.0 191.9.1.255 191.9.1.1 – 191.9.1.254

WAN 191.9.2.0 191.9.2.255 191.9.2.1 – 191.9.2.254

Branch 191.9.3.0 191.9.3.255 191.9.3.1 – 191.9.3.254

Although we have only used three subnets, the subnet mask 255.255.255.0 when applied to addresses in Class B network 191.9.0.0 (or any other class B network) creates 256 subnets, each supporting 254 hosts. These range from 191.9.0.0 to 191.9.255.0. Notice that in our example we have not used subnet 191.9.0.0. This is the subnet with all the subnet bits, ie the bits in the 3rd octet, set to 0. This is known as Subnet Zero.

Subnet Zero The use of Subnet Zero was originally discouraged by RFC 950. This is because it is identical to the address of the entire Class B network (in this case 190.9.0.0), and it was felt that this could cause confusion.

Even though the use of Subnet Zero was permitted, earlier releases of the Cisco IOS (prior to Release 12.0) disabled Subnet Zero by default, while allowing it to be enabled if required. Similarly, some earlier non-Cisco routers also prohibited its use.

In Cisco IOS Release 12.0 and subsequent releases, Subnet Zero is enabled by default though it can be disabled if required. This is because RFC 1878 declared that the practice of not using Subnet Zero was obsolete and most modern router implementations support it.

Before deciding whether to use addresses in Subnet Zero, you should bear in mind that to do so, requires that all routers in your network must support Subnet Zero and have it enabled. This may not be the case in networks which include legacy routers.

Review



If in doubt, the safe option is not to use Subnet Zero. However, if you are pressed for IP address space and need to use all available subnets, it is essential that you ensure that all your routers are configured to use it. In some cases this may mean upgrading or replacing existing routers.

Subnet All-Ones The last subnet in the range, 191.9.255.0, is known as Subnet All-Ones, because all of the subnet bits are set to 1. As in the case of Subnet Zero, although permitted, the use of this subnet was originally discouraged in RFC 950. This is because the broadcast address of Subnet All-Ones, 191.9.255.255 in this case, is identical to the broadcast address for the entire Class B network 191.9.0.0.

Cisco’s IOS has always automatically allowed the use of Subnet All-Ones, and RFC 1878 no longer discourages its use. However, under certain circumstances, the use of Subnet All-Ones can lead to the creation of routing loops, where packets are sent backwards and forwards between routers, until their TTL counters expire. You will learn more about routing loops in the next module.

Although the problem of routing loops caused by Subnet All-Ones can be avoided by careful configuration, the safe option is not to use Subnet All-Ones unless you need to make use of all available subnets.

Subnetting without Subnet Zero and Subnet All-Ones If you avoid using these subnets when assigning IP addresses in the Class B network 191.9.0.0, you get up to 254 available subnets, each supporting up to 254 hosts. They will be in the range 191.9.1.0 to 191.254.0.

In the rest of this Course, when calculating subnets, we have taken the cautious approach of not using Subnet Zero or Subnet All-Ones, unless explicitly stated. You should bear this in mind, and adjust your calculations accordingly, if you decide to use these subnets.

Subnetting a Class A Network The default Class A subnet mask is 255.0.0.0. There are two very straightforward ways of subnetting a Class A network – use the subnet masks 255.255.0.0 or 255.255.255.0. These are, respectively, the Class B and Class C default subnet masks.

Review



Class A Network with Subnet Mask 255.255.0.0 In this case, the 8 bits of the 2nd octet are used to distinguish different subnets. This means that there can be up to 256 (28) subnets, each with up to 65,534 hosts. Each of these subnets is like an entire Class B network.

Class A Network with Subnet Mask 255.255.255.0 In this case, the 16 bits of the 2nd and 3rd octets are used to distinguish different subnets. This means that there can be up to 65,536 (216) subnets, each with up to 254 hosts. Each of these subnets is like an entire Class C network.

Subnetting on a Non-Octet Boundary All the examples that we have seen so far have used subnet masks in which each octet was composed either entirely of bits set to 1, or entirely of bits set to 0. IP addresses using these subnet masks are easy to interpret; the network portion of the address can be determined by simply reading the octets masked by the number 255 in the subnet mask.

However, with this approach there are only a few possibilities, as shown in Table 4.10.

Table 4.10 - Subnetting on an Octet Boundary

Address Subnet Mask Subnets Hosts per Subnet

Class A 255.0.0.0 (default) 1 * 16,777,214

Class A 255.255.0.0 256 65,534

Class A 255.255.255.0 65,536 254

Class B 255.255.0.0 (default) 1* 65,534

Class B 255.255.255.0 256 254

Class C 255.255.255.0 (default) 1* 254

Review



* Strictly speaking, with the default subnet mask there are no subnets, just the single Class A, B or C network.

Using this method there are only two ways of subnetting a Class A address and one way of subnetting a Class B address. You could not subnet a Class C address at all, nor could you subnet a Class B address into subnets capable of supporting more than 254 hosts.

To overcome these limitations, you will need to use subnet masks in which one of the octets is split, with the higher-value bits (to the left) set to 1, and the lower-value bits (to the right) set to 0. An example of such a subnet mask is

255.255.255.240

or in binary form

11111111.11111111.11111111.11110000

Interpreting IP addresses with subnet masks like this is not so straightforward, because the octet where the split occurs (ie the octet which is not 255 or 0) does not simply represent a subnet or a host. Part of it represents the subnet; part of it represents the host.

In the case of a simple subnet mask, such as 255.255.255.0, applied to the Class B network 130.3.0.0, the subnet addresses are 130.3.1.0, 130.3.2.0, 130.3.3.0 etc. These are easily identified by the 0 in last octet (the host portion). Likewise the broadcast addresses 130.3.1.255, 130.3.2.255, 130.3.3.255 etc, all have 255 in the host portion.

As you will see, when using subnet masks like 255.255.255.240, each subnet will comprise a range of addresses. The first address in each range will be the address of the subnet itself, and the last address in the range will be the broadcast address for the subnet.

Review



Subnetting a Class C Network We start by looking at how to subnet a Class C Network on a non-octet boundary, as this is the only way of subnetting Class C networks. In the example that follows, you will see what subnets are created when you apply the subnet mask 255.255.255.240 to the Class C network 200.2.2.0.

Each IP address in network 200.2.2.0 can be written as 200.2.2.x, where x can take any value from 0 to 255. We can represent this in (dotted) binary form as

11000010.00000010.00000010.????????

The subnet mask can also be written in dotted binary form as

11111111.11111111.11111111.11110000

By comparing the subnet mask to the address, you can see that:

The first three octets of the address are always part of the network portion of the address;

The first 4 bits of the last octet are also part of the network portion of the address; they define the subnet;

The last 4 bits are the host portion.

Review



The effect of the subnet mask on the last octet is shown in Table 4.11.

Table 4.11 - Subnetting a Class C Network

128 64 32 16 8 4 2 1

1 1 1 1 0 0 0 0

Subnet Host x

0 0 0 0 0 0 0 0 0 Sub Add

0 0 0 0 0 0 0 1 1 1st Host

. . . . . . . . . .

0 0 0 0 1 1 1 0 14 Last Host

0 0 0 0 1 1 1 1 15 B’cast

0 0 0 1 0 0 0 0 16 Sub Add

0 0 0 1 0 0 0 1 17 1st Host

. . . . . . . . . .

0 0 0 1 1 1 1 0 30 Last Host

0 0 0 1 1 1 1 1 31 B’cast

. . . . . . . . . .

. . . . . . . . . .

1 1 1 1 0 0 0 0 240 Sub Add

1 1 1 1 0 0 0 1 241 1st Host

. . . . . . . . . .

1 1 1 1 1 1 1 0 254 Last Host

1 1 1 1 1 1 1 1 255 B’cast

The first block of entries shows the values of x for the lowest subnet, Subnet Zero. In this case, the all the bits in the subnet portion are set to 0.

Review



Remember that you can only assign addresses in Subnet Zero if your router is configured to support it.

The first entry (with all the host bits set to 0) shows the address of the subnet itself.

The next entry shows the first address which can be assigned to a host in Subnet Zero; it has the host bits set to 0001.

The last address which can be assigned to a host in Subnet 0, has the host bits set to 1110.

The address with host bits all set to 1 is the broadcast address for Subnet Zero.

From this, you can see that there are 16 addresses in Subnet Zero, in the range 200.2.2.0 to 200.2.2.15. The first address in the range is the subnet address, and the last address is the broadcast address for the subnet. The remaining 14 addresses, from 200.2.2.1 to 200.2.2.14, can be assigned as host addresses in Subnet Zero.

The next block of entries shows the values of x for the addresses in the first subnet after Subnet Zero. In this case, the bits in the subnet portion are set to 0001.

The first entry (with all the host bits set to 0) shows the address of the subnet - 200.2.2.16.

The remaining entries show the first and last addresses which can be assigned to hosts in subnet 200.2.2.16, followed by the broadcast address for the subnet.

Again, you can see that there are 16 addresses in the subnet, ranging from 200.2.2.16, the address of the subnet itself, to 200.2.2.31, the broadcast address for the subnet. The remaining 14 addresses, from 200.2.2.17 to 200.2.2.30, can be assigned as host addresses in subnet 200.2.2.16.

Finally, the last block shows the addresses in the last available subnet, Subnet All-Ones. In this case, the bits in the subnet portion are set to 1111 so that there are 16 addresses in the subnet, from 200.2.2.240 to 200.2.2.255.

Review



Subnetting reduces the Number of Available Host Addresses In Table 4.12, you can see all the subnets created when the subnet mask 255.255.255.240 is applied to network 200.2.2.0.

Table 4.12 - Subnets of 200.2.2.0 with Subnet Mask 255.255.255.240

Subnet Address Broadcast Address Host Addresses

200.2.2.0 200.2.2.15 200.2.2.1 to 200.2.2.14

200.2.2.16 200.2.2.31 200.2.2.17 to 200.2.2.30

200.2.2.32 200.2.2.47 200.2.2.33 to 200.2.2.46

200.2.2.48 200.2.2.63 200.2.2.49 to 200.2.2.62

200.2.2.64 200.2.2.79 200.2.2.65 to 200.2.2.78

200.2.2.80 200.2.2.95 200.2.2.81 to 200.2.2.94

200.2.2.96 200.2.2.111 200.2.2.97 to 200.2.2.110

200.2.2.112 200.2.2.127 200.2.2.113 to 200.2.2.126

200.2.2.128 200.2.2.143 200.2.2.129 to 200.2.2.142

200.2.2.144 200.2.2.159 200.2.2.147 to 200.2.2.158

200.2.2.160 200.2.2.175 200.2.2.161 to 200.2.2.174

200.2.2.176 200.2.2.191 200.2.2.175 to 200.2.2.190

200.2.2.192 200.2.2.207 200.2.2.193 to 200.2.2.206

200.2.2.208 200.2.2.223 200.2.2.209 to 200.2.2.222

200.2.2.224 200.2.2.239 200.2.2.225 to 200.2.2.238

200.2.2.240 200.2.2.255 200.2.2.241 to 200.2.2.254

Subnet 200.2.2.0 is Subnet Zero, and subnet 200.2.2.240 is Subnet All-Ones.

If you are going to make use of these two features, it is important to be sure that all devices in your network are configured to support them consistently.

Review



In the worst case, assuming that you do not use subnets 200.2.2.0 and 200.2.2.240, you will have 14 subnets each with 14 host addresses. This gives a total of 14x14 = 196 IP addresses which can be assigned to hosts, compared to the 254 host addresses available in the single Class C network.

In the best case, using all 16 subnets, you will have 16 subnets each with 14 host addresses. This gives a total of 16x14 = 224 host addresses.

The reduction in the total number of available host addresses is the price paid for the flexibility that subnetting provides.

Working with Subnet Masks By now, you should be aware of some patterns emerging in the way that subnet masks result in subnets comprising ranges of addresses. There are a number of shortcuts which can help you handle subnet mask calculations speedily. First, you should be aware of the kinds of subnet mask problems that you may face, both at work and in the exam.

Typical problems are shown in Table 4.13.

Table 4.13 - Typical Subnet Problems

You are given: You need to determine:

The range(s) of IP addresses in one (or more) subnet(s)

The number of subnets

The number of hosts per subnet

Whether a given IP address is a valid host address

A network address and a subnet mask

Whether a given IP address is in a particular subnet

A network address and the number of subnets into which it must be divided

The subnet mask which will achieve this

Review



You are given: You need to determine:

A network address and the minimum number of hosts which must be supported in each subnet

The subnet mask which will achieve this

Calculating the Effect of a Subnet Mask In Table 4.14, you can see the number of bits which are usually treated as host bits in each class of IP address.

Table 4.14 - Host Bits

Class Host Bits

A B C

24 16 8

Any subnet mask (other than the default subnet mask for the class) will convert some of the usual host bits to subnet bits, leaving the remaining bits as host bits. You need to be able to work out how many subnets will be created and how many IP addresses there will be in each subnet. In the sections that follow, we shall use the following symbols:

s = the number of subnet bits;

h = the number of remaining host bits;

How many IP Addresses in each Subnet? This is probably the easiest figure to calculate and it is the same regardless of the class of the IP address.

Number of IP Addresses in the Subnet = 2h

Equation 4.4

In the previous example, we applied the subnet mask 255.255.255.240 to the Class C network 200.2.2.0. You saw that the last 4 bits of each address were treated as host bits. So, the number of IP addresses in each subnet is given by

24 = 16

Review



This is the same result as we got by working through Table 4.11, but with much less effort. Remember that the number of IP addresses which can be assigned as valid host addresses is always 2 fewer than the total number of addresses, because the first address in the range is the subnet address and the last is the broadcast address for the subnet.

The subnet mask 255.255.255.240 would also create subnets containing 16 IP addresses when applied to a Class A or a Class B network. The difference in these cases is that there would be more subnets.

To speed up the calculation, you could use a grid, like the one in Table 4.15.

Table 4.15 - Host Bits and IP Addresses per Subnet

h 1 2 3 4 5 6 7 8 9 10 11 12

2h 2 4 8 16 32 64 128 256 512 1024 2048 4096

2h-2 0 2 6 14 30 62 126 254 510 1022 2046 4094

The first row shows the number of host bits remaining.

The second row shows the total number of IP addresses in each subnet.

The last row shows the number of IP addresses which can be assigned.

Exam Tip

Once you enter the exam room, you will have up to 15 minutes prior to the start of the exam proper. You can use this time to prepare yourself for the exam. The testing centre will have given you some writing materials (usually an A4 plastic writing sheet and a felt tip pen) for rough working. You may find it useful to write down Table 4.15 on this sheet before you start the exam, as it will save precious time during the exam itself.

Writing on the sheet before the start of the exam is acceptable as long as you do it from memory. You risk disqualification from the exam, and loss of existing certifications, if you take any prohibited materials into the exam room.

Review



Another Shortcut You can use this method when working with subnet masks which do not break on an octet boundary. In these cases, you can easily identify the octet where the break occurs; it has number which is not 255 or 0.

Staying with our earlier example, 255.255.255.240, you can see that the break occurs in the last octet.

We shall use the symbol B for the decimal value of the octet where the break occurs. In this case, B is 240.

Now, we can use the formula

Number of IP Addresses in the Subnet = 256 - B

Equation 4.5

This gives

256 - 240 = 16

which agrees with our earlier results.

How many Subnets? The number of subnets created by a subnet mask is given by a formula similar to Equation 4.4.

Number of Subnets = 2s

Equation 4.6

where s is the number of host bits converted to subnet bits by the subnet mask.

Remember that this is the best case, in which both Subnet Zero and the Subnet All-Ones are in use. If neither of these is used, then the number of subnets is 2 fewer.

You can use Table 4.15 to calculate the number of subnets by using s instead h.

In our example, the subnet mask 255.255.255.240 uses 4 bits in the last octet as subnet bits, so there are a maximum of

24 = 16

subnets in the best case, and 14 in the worst case.

Review



Written Lab 4.1 In this Lab you will work out the effect of two more subnet masks on network 200.2.2.0.

Exercise 1

For each of the following subnet masks:

a) 255.255.255.248

b) 255.255.255.224

determine the subnet address, the IP address of the first host in the subnet, the IP address of the last host in the subnet and the broadcast address for each of the following:

1 Subnet Zero

2 The first subnet following Subnet Zero

3 The last subnet before Subnet All-Ones

4 Subnet All-Ones

Exercise 2

For each subnet mask in the previous exercise, determine the following:

1 The number of subnets (in the best and worst cases)

2 The number of IP addresses assignable to hosts in each subnet

3 The total number of host addresses available (in the best and worst cases)

Review



Subnetting Scenarios In this section we shall work through a number of subnetting scenarios, using Class A, B and C networks.

Scenario 1 You are checking some IP addresses that have been assigned to hosts in the Class C network 198.6.5.0 with subnet mask 255.255.255.248.

Determine which of the following are valid host addresses: 198.6.5.60; 198.6.5.61; 198.6.5.62; 198.6.5.63; 198.6.5.64; 198.6.5.65; 198.6.5.66.

Also, determine which of the valid host addresses are in the same subnet.

Subtract 248 from 256 to find the number of IP addresses in each subnet. There are 8 IP addresses per subnet. So, the subnet addresses will be 198.6.5.x, where x is a multiple of 8, ie 0, 8, 16, 24 etc.

The address 198.6.5.64 is clearly a subnet address, as 64 is a multiple of 8. So, 198.6.5.64 is not a valid host address. The address 198.6.5.63 is the last address in the previous subnet (198.6.5.56), ie the broadcast address for that subnet. So, 198.6.5.63 is not a valid host address.

The addresses 198.6.5.60 to 198.6.5.62 are valid host addresses in subnet 198.6.5.56, while 198.6.5.65 and 198.6.5.66 are valid host addresses in subnet 198.6.5.64.

Scenario 2 You have been asked to choose a subnet mask for the Class B network, 191.9.0.0, with the following conditions:

Each subnet should be able support up to 500 hosts;

Subnet Zero and Subnet All-Ones will not be used;

There should be as many subnets as possible, given the first condition.

Also, determine the range of valid host addresses in the first usable subnet.

Review



Look at Table 4.15; you can see that a minimum of 9 host bits are required to support 500 hosts. This is the number you should use, as a larger number would result in fewer subnets.

Setting the 9 rightmost bits in the subnet mask to 0 and the rest to 1, results in a subnet mask of 255.255.254.0.

Subtracting 254 from 256 gives 2, which means that the 3rd octet increases by multiples of 2 with each subnet address.

So, the subnet addresses are 191.9.0.0, 191.9.2.0, 191.9.4.0 etc. The address of Subnet Zero is 191.9.0.0, so the first usable subnet is 191.9.2.0. This subnet contains 512 IP addresses, from 191.9.2.0 to 191.9.3.255. These two addresses cannot be assigned as host addresses as they are the subnet and broadcast addresses respectively.

That leaves 510 addresses, in the range 191.9.2.1 to 191.9.3.254, as available host addresses.

Scenario 3 You have been asked to choose a subnet mask for the Class A network, 64.0.0.0, with the following conditions:

There will be up to 1000 subnets;

Subnet Zero and Subnet All-Ones will be used;

There should be as many hosts per subnet as possible, given the first condition.

Also, determine the range of valid host addresses in the first usable subnet.

Look at Table 4.15; you can see that a minimum of 10 subnet bits are required to support 1000 subnets. This is the number you should use, as a larger number would result in fewer hosts per subnet.

You will need to set the first 18 leftmost bits of the subnet mask to 1, the first 8 already set to 1 by default for a Class A address, followed by 10 to implement the 1000 subnets. The remaining 14 bits should be set to 0. This results in a subnet mask of 255.255.192.0.

Subtracting 192 from 256 gives 64. This means that the 3rd octet increases by multiples of 64 with each subnet address.

Review



The first usable subnet is Subnet Zero, 64.0.0.0. The next subnet is 64.0.64.0. Subnet Zero contains 214 (16,384) IP addresses, in the range 64.0.0.0 to 64.0.63.255. These two addresses themselves cannot be assigned as host addresses as they are the subnet and broadcast addresses respectively.

That leaves 16,382 addresses, in the range 64.0.0.1 to 64.0.63.254, as available host addresses.

Review



Lists of Subnet Masks The following tables list all the subnet masks for Class A, B and C networks, with Subnet 0 and Subnet All-Ones included.

Table 4.16 - Class A Subnet Masks

Subnet Mask No of Subnets No of Hosts per Subnet

255.0.0.0 1 (Default) 16,777,214255.128.0.0 1 2 8,388,606255.192.0.0 4 4,194,302255.224.0.0 8 2,097,150255.240.0.0 16 1,048,574255.248.0.0 32 524,286255.252.0.0 64 262,142255.254.0.0 128 131,070255.255.0.0 256 65,534255.255.128.0 512 32,766255.255.192.0 1024 16,382255.255.224.0 2048 8190255.255.240.0 4096 4094255.255.248.0 8192 2046255.255.252.0 16,384 1022255.255.254.0 32,768 510255.255.255.0 65,536 254255.255.255.128 131,072 126255.255.255.192 262,144 62255.255.255.224 524,288 30255.255.255.240 1,048,576 14255.255.255.248 2,097,152 6255.255.255.252 4,194,304 2255.255.255.254 2 8,388,608 0 (not valid)

1 Only to be used if Subnet Zero and Subnet All-Ones are both used. 2 The only two addresses are the subnet and broadcast addresses.

Review



Table 4.17 - Class B Subnet Masks


255.255.0.0 1 (Default) 65,534255.255.128.0 1 2 32,766255.255.192.0 4 16,382255.255.224.0 8 8190255.255.240.0 16 4094255.255.248.0 32 2046255.255.252.0 64 1022255.255.254.0 128 510255.255.255.0 256 254255.255.255.128 512 126255.255.255.192 1024 62255.255.255.224 2048 30255.255.255.240 4096 14255.255.255.248 8192 6255.255.255.252 16,384 2255.255.255.254 2 32,768 0 (not valid)

Table 4.18 - Class C Subnet Masks


255.255.255.0 1 (Default) 254255.255.255.128 1 2 126255.255.255.192 4 62255.255.255.224 8 30255.255.255.240 16 14255.255.255.248 32 6255.255.255.252 64 2255.255.255.254 2 128 0 (not valid)

1 Only to be used if Subnet Zero and Subnet All-Ones are both used. 2 The only two addresses are the subnet and broadcast addresses.

Review



Classless IP Addressing All of the examples of subnet masks that we have seen so far have been based on the default subnet mask for the particular class of network address being used. This kind of addressing is often referred to as classful IP addressing, because it relies on the concept of classes of IP addresses.

However, a subnet mask could be enough by itself to specify how an IP address is to be interpreted, ie which bits represent the network portion and which bits represent the host portion. We could dispense with the concept of class altogether and simply use a subnet mask in conjunction with the IP address. This kind of IP addressing is referred to as classless IP addressing.

Classless IP addressing has some advantages when representing network addresses in the routing tables of routers. It can make the routing tables smaller and more efficient. You will learn more about routing using classless IP addresses, Classless Inter-Domain Routing (CIDR), in the next module.

Classless IP Address Notation In order to configure an IP address on a network interface, we need two numbers, the IP address itself and its associated subnet mask, as shown in Example 4.4.

IP Address = 191.9.35.7 Subnet Mask = 255.255.255.0

Example 4.4 – Classful Address Notation

An alternative notation, introduced with classless IP addressing, is simply to specify the IP address followed by the number of bits set to 1 in the subnet mask, in the following form.

IP_address/No_of_bits_set_to_1

The address in Example 4.4 can now be expressed as follows.

191.9.35.7/24

Example 4.5 - Classless Address Notation

Review



This is a more economical way of specifying addresses and subnet masks and is now widely used, even when not referring specifically to classless IP addresses. It is also known Prefix Notation, because it specifies the number of bits in the prefix, ie the network portion of the address.

Review



Written Lab 4.2 In this Lab you will work out which subnet masks are needed to support the requirements specified for the given networks.

Exercise 1

You need to create up to 2048 subnets for the Class A network, 10.0.0.0, in such a way as to maximise the number of hosts in each subnet.

1 Determine the subnet mask you would use if Subnet Zero is permitted. Give your answer both as an ordinary subnet mask and in prefix notation.

2 Repeat this for the case that Subnet Zero is not to be used.

3 For each of the subnet masks, specify the range of IP addresses which can be assigned as host addresses in the third available subnet.

Exercise 2

Network 170.16.0.0 is to be subdivided into subnets, each of which needs to support up to 100 host addresses, in such a way as to maximise the number of subnets available.

1 Determine the subnet mask you would use. Give your answer both as an ordinary subnet mask and in prefix notation.

2 Work out how many subnets could be created if Subnet Zero and Subnet ALL-Ones are not used.

3 Specify the range of IP address which can be assigned as host addresses in the first available subnet.

4 For each of the addresses in the following range, specify which can be assigned as host addresses.

170.16.5.125 to 170.16.5.131

5 For each of the valid host addresses in 4, specify the address of the subnet to which it belongs.

Review



Exercise 3

One of your routers needs to support up to 64 incoming serial connections. Each serial connection will have its own subnet with two host addresses. You have decided to use the Class C network 192.168.100.0 for this. Subnet Zero and Subnet All-Ones will be used.

1 Determine the subnet mask you would use. Give your answer both as an ordinary subnet mask and in prefix notation.

2 Specify the two host addresses available in Subnet All-Ones.

Review



IP Routing Now that we have seen how IP addresses and subnet masks can be used to divide a network into subnets, we can see how routing occurs in an IP network. We shall look again at the earlier example of the ACME network, with a network address of 191.9.0.0/24. In Figure 4.3, you can see the network with some of the host IP addresses shown. The Ethernet and Serial interfaces on the routers have also been labelled.

Figure 4.3 - Routing in the ACME Network

If Workstation1, in the Branch Office subnet needs to send a packet to HQServer in the HQ subnet, the packet must first be sent to the Branch Office router, the Branch Office router must forward it to the HQ Router, which must then forward it to HQServer.

For this to happen, the computers and the routers must be configured with the appropriate routing information. On the computers, this involves configuring a default gateway. The routers will use the contents of their routing tables to decide how to forward packets.

The Default Gateway Each computer that needs to send packets to another network (or subnet) needs to have the IP address of a locally connected router to which it can send packets for forwarding to remote networks. This is known as the Default Gateway. Strictly speaking, the default gateway is the IP address of the local router’s network interface which is in the same subnet as the computer.

Review



In the case of computers in the HQ LAN the default gateway is 191.9.1.9, while for computers on the Branch Office LAN the default gateway is 191.9.3.9.

The default gateway of a computer can be assigned manually or dynamically through DHCP.

The IP configurations for Workstation1, Workstation2 and HQServer are shown in Table 4.19.

Table 4.19 - ACME Host Configurations

Computer IP Address Subnet Mask Default Gateway

Workstation1 191.9.3.1 255.255.255.0 191.9.3.9

Workstation2 191.9.3.2 255.255.255.0 191.9.3.9

HQServer 191.9.1.10 255.255.255.0 191.9.1.9

Routing Tables Each router has a routing table. This consists of an entry for each known destination network with information on how to forward packets to it. Each entry is known as a route.

These routes can be manually configured (static routes) or, more usually, they are dynamic routes, learnt automatically by routers exchanging information with each other using one (or more) routing protocols. You will learn more about routing protocols in the next module.

Each route will contain the following information at least.

Table 4.20 - Typical Routing Table Contents

Destination The IP address of the network (or subnet).

Subnet Mask The subnet mask to be used with the network address.

Distance

The distance to the network. The shorter the distance, the better the route. Different routing protocols will have different ways of calculating this distance.

Review



Next-Hop Router The IP address of a neighbouring router to which packets for the destination should be forwarded.

Interface The network interface via which packets to the destination should be forwarded.

Most routing tables will contain further information about the routes, and this will differ according to the routing protocol used.

In Table 4.21, you can see the routing tables for the routers in the ACME network. In this simplified example, we have used a simple hop count as the distance to the destination network, ie the number of other routers between the router and the destination network. This is the measure of distance (or metric) used by one of the earliest IP routing protocols, RIP (Routing Information Protocol).

Table 4.21 - ACME Routing Tables

HQ Router

Destination Subnet Mask Distance Next Hop Interface

191.9.1.0 255.255.255.0 0 none eth 0/0

191.9.2.0 255.255.255.0 0 none ser 0/0

191.9.3.0 255.255.255.0 1 191.9.2.2 ser 0/0

Branch Office Router

Destination Subnet Mask Distance Next Hop Interface

191.9.3.0 255.255.255.0 0 none eth 0/0

191.9.2.0 255.255.255.0 0 none ser 0/0

191.9.1.0 255.255.255.0 1 191.9.2.1 ser 0/0

Each router has routes to three networks, the two to which it is directly connected, and the remote LAN reached via the other router. The directly connected networks are shown with a distance of 0.

Review



Subnet Masks and Routing The routing process starts on the host sending a packet to another host. The sender has two choices:

♦ Send the packet directly to the destination host

OR

♦ Send the packet to a local router for forwarding

This means that the sender has to decide whether the destination host is in the same network (or subnet) as itself. It does this by comparing the network portion of its own address to the network portion of the destination address. If they are the same, the packet is sent directly; if they are different, the packet is sent to the default gateway (or next-hop router).

The network portion of an IP address is calculated by performing a bitwise logical AND operation on the address and its subnet mask.

The logical AND operator takes two binary digits and produces a binary digit as a result, according to the following table.

Table 4.22 - Logical AND Operator

0 AND 0 = 0

0 AND 1 = 0

1 AND 0 = 0

1 AND 1 = 1

To see how this works, we shall AND the IP address of Workstation1, 191.9.3.2, with its subnet mask 255.255.255.0. This involves ANDing each bit of the subnet mask with its corresponding bit in the IP address, as shown in Example 4.6.

Review



191.9.3.2 10111111.00001001.00000011.00000010 AND 255.255.255.0 11111111.11111111.11111111.00000000 = 191.9.3.0 10111111.00001001.00000011.00000000

Example 4.6 - Using the AND Operation to calculate the Network Address

The result of the operation is the IP address, 191.9.3.0, which is the subnet address of the Branch Office LAN, the subnet of Workstation1.

How a Host sends a Packet to a Host on the Local Subnet When Workstation1 needs to send a packet to Workstation2, it uses its subnet mask to determine its own network address and the network address of Workstation2. As the network addresses are the same, the packet will be sent directly to Workstation2.

In order to do this, Workstation1 will use ARP to determine the MAC address of Workstation2. It then encapsulates the packet inside a frame with Workstation2’s MAC address as the destination MAC address.

How a Host sends a Packet to a Host on a Remote Subnet When Workstation1 needs to send a packet to HQServer, it uses its subnet mask to determine its own network address and the network address of HQServer. As the network addresses are different, the packet will be sent to its default gateway (the Branch Office router) for forwarding.

In order to do this, Workstation1 will use ARP to determine the MAC address of the default gateway. It then encapsulates the packet inside a frame with the default gateway’s MAC address as the destination MAC address.

In this case, you should note that the destination IP address of the packet is the IP address of the destination host, but the destination MAC address of the frame is the MAC address of the default gateway.

Review



How a Router handles an Incoming Packet When a router receives a packet on one of its interfaces, it can take one of the following actions.

Drop the packet 1

A router will drop a packet if its TTL becomes 0. In this case the router sends an ICMP message back to the Source IP Address, informing it that the TTL has expired.

Packets can also be dropped if they are rejected by the router on security grounds, for example because of packet filtering rules. In these cases, the source host is not informed that the packet has been dropped. You will learn more about packet filtering later in this course.

Accept the contents of packet 2

If the packet’s destination address is an IP address of one of the router’s interfaces, the router will forward the contents of the packet to one of its higher layer protocols for further processing.

This is also true of broadcast packets, as well as of packets addressed to any of the router’s multicast addresses.

Forward the packet to a local host 3

If the packet is not dropped or addressed to the router itself, the network address of the packet is compared to the network addresses of the router’s network interfaces. If there is a match, the router will attempt to forward the packet directly to the destination host via the appropriate network interface.

To do this, it will use ARP to find the MAC address corresponding to the destination host IP address. If it fails to find the MAC address, it will drop the packet and send an ICMP Destination Unreachable message with the code, Host Unreachable, to the sending host.

Forward the packet to a local router 4

If the packet’s network address matches the network address of a known route in the router’s routing table, the packet will be forwarded to the appropriate next-hop router. To do this, the router will use ARP to find the MAC address of the next-hop router.

Review



If it fails to find the MAC address, it will drop the packet and send an ICMP Destination Unreachable message with the code, Network Unreachable, to the sending host.

If the packet’s network address does not match any of the network address in the router’s routing table, it will drop the packet and send an ICMP Destination Unreachable message with the code, Network Unreachable, to the sending host.

Routers may hold a default route, specifying a next-hop router to which to forward packets which do not match any of the known routes.

Routers might also fragment a packet, but this does not affect the basic routing decision processes.

In the ACME example, the Branch Office router will forward the packet to the HQ router because the network address of the packet’s destination IP address is 191.9.1.0 and a route to this network, via 191.9.2.1, exists in the routing table.

The HQ router will forward the packet directly to HQServer, via its network interface Eth 0/0, because this interface is in the same network as the destination IP address of the packet, 191.9.1.10.

Routing Configuration Problems For routing to work properly, you must configure all the hosts and routers correctly and consistently. This means configuring the correct IP address, subnet mask and interface on each network interface, as well as setting the correct default gateway information on each end station.

Routing table entries will also need to be correct. This should occur automatically when using a routing protocol such as RIP.

Incorrect network configurations can sometimes be hard to spot as they can depend on a number of factors; some typical problems are listed below.

Incorrect Default Gateway If a PC’s default gateway is configured incorrectly, you will usually experience problems when trying to access hosts on a remote network. In Figure 4.4, you can see that the default gateway of Workstation1 has

Review



been incorrectly set to 191.9.2.1. Workstation1 will be able to ping Workstation2 but it will not be able to ping HQServer.

Figure 4.4 - Routing Problems - Incorrect Default Gateway

However, the same behaviour could be caused by the default gateway on HQServer being incorrectly set. In this case, the ping ECHO REQUEST packet from Workstation1 would reach HQServer but the ECHO RESPONSE packet from HQServer would not be sent to the HQ router for forwarding.

If Workstation1 can ping other hosts in the HQ network, the problem is likely to lie with the configuration of HQServer.

Incorrect Subnet Mask An incorrect subnet mask can also give rise to similar problems. In Figure 4.5, you can see that the subnet mask of Workstation1 has been set to 255.255.0.0. Workstation1 will be able to ping Workstation2. Using its subnet mask, it will determine its own network address, and that of Workstation2, as 191.9.0.0. So it will send the ECHO REQUEST packet directly to Workstation2.

Review



Figure 4.5 - Routing Problems - Incorrect Subnet Mask

However, if it tries to ping HQServer it will determine HQServer’s IP address as being in the same network as itself, 191.9.0.0, and try to send the ECHO REQUEST packet directly to 191.9.1.10. It will not forward the packet to its default gateway, even when this is correctly set, so the ping will fail.

As in the previous example, the same behaviour could arise if HQServer’s subnet mask were set incorrectly

Incorrect Routing Table Information If a host cannot reach any hosts in a remote network, you should check the host’s subnet mask and default gateway. If these are correctly set, the problem is likely to lie with the routing tables of one or more routers in the path. You can discover which router is failing to forward the packets by using the traceroute command, or tracert on Microsoft systems.

Troubleshooting Network Problems If you are experiencing problems in communicating with another host on the network, you should first check that the host is reachable, ie that your host can send IP packets to the other host and receive IP packets from it. If the host is reachable, then the cause of the problem is likely to be at the Application level, for example the security settings of the

Review



application on the other host may prevent access. In this Course, we shall only be considering network reachability problems.

Testing Network Reachability In Table 4.23, you can see some of the tests that you should apply when checking whether another host is reachable.

Table 4.23 - Testing Network Reachability

1 ping the target’s IP address

If this succeeds, the target is reachable and the problem lies elsewhere.

2 ping 127.0.0.1

This verifies that the sending host’s TCP/IP installation is working properly and that the network adapter is functioning.

3 Check that the IP address, subnet mask and default gateway (if any) are correctly configured on the source host.

4 Check that the source host is connected to the local network.

If the target is local:

5 ping other hosts on the local network

If other hosts on the local network are reachable, check that the target host is correctly configured and connected to the local network.

6 ping other hosts on the local network from a different host on the local network

If the other hosts are still unreachable, there is probably a problem with the local network, possibly with the switch or hub.

If the target is remote:

7 ping the default gateway

If it is not reachable, use Steps 5 and 6 to check whether the local network is working. If it is, check the IP configuration of the default gateway, and that the router is connected to the local network.

Review



8 ping other hosts on the target host’s remote network.

If they are reachable, the target host may be correctly configured or not connected to its local network.

9 If no hosts on the target network are reachable, use the traceroute utility to determine which router is not forwarding the packets.

Review



Written Lab 4.3 In this Lab you are going to troubleshoot the problems with the network shown in Figure 4.6.

Figure 4.6 - Network Troubleshooting

You have already carried out some tests and the results are shown in Table 4.24.

Table 4.24 - Results of Reachability Tests

a PC1 can ping other systems in its local network but cannot ping ServerB or PC2.

b ServerB can ping ServerA.

c PC2 cannot ping PC1 or ServerA

d All of the hosts in LAN C can ping each other.

e None of the hosts in LAN C can ping any of the hosts in LAN A or LAN B.

The IP configuration for each PC and server is shown in Table 4.25. The routers have all been manually configured with static routes, but you do not have access to their routing tables.

Review



Table 4.25 - Configurations of PCs and Servers

Computer IP Address Subnet Mask Default Gateway

PC1 192.168.10.18 255.255.255.248 192.168.10.13

PC2 192.168.10.34 255.255.255.240 192.168.10.33

PC3 192.168.10.50 255.255.255.248 192.168.10.49

ServerA 192.168.10.22 255.255.255.248 192.168.10.17

ServerB 192.168.10.38 255.255.255.248 192.168.10.33

ServerC 192.168.10.54 255.255.255.248 192.168.10.49

1 What changes would you make to the configurations shown in Table 4.25 to fix the problems indicated by Results a and c in Table 4.24?

2 What other tests would you carry out to identify the source of the problems indicated in Result e? What do you think that the source of the problem is likely to be?

Review



Problems with IP Version 4 Addressing Ideally, each organisation connected to the Internet would have its own network address, and each host in the organisation would have a unique IP address. In fact, if the organisation had a number of internal networks, connected together by routers (as many do) it would have a unique network address for each of its internal networks.

However, as we mentioned in the Introduction, there is a shortage of IP addresses, as the current version of IP is IP Version 4 (IPv4) which only supports 32-bit addresses. The shortage has been aggravated by the inefficient way that the existing address space has been used, in part, a result of the way network addresses were allocated in the early days of the Internet.

You have already seen one approach to this problem – making more efficient use of the existing address space by using subnet masks to split networks into smaller subnets.

The long term solution is the implementation of a new version of IP with a much larger address space, capable of meeting current and foreseeable future demands. The next version of IP is IP Version 6 (IPv6); with its 128-bit address space, it should be able to do this. However, it is some way from being widely deployed.

In the meantime, a number of temporary fixes have been adopted in order to extend the useful life of the current version of IP, while meeting the increasing demand for access to the Internet. These include the following.

♦ Variable Length Subnet Masks (VLSMs)

♦ Private IP Addresses and Network Address Translation (NAT)

♦ Classless Inter Domain Routing (CIDR)

In this Module we shall look at VLSMs, Private IP Addresses, NAT and IPv6, while CIDR will be covered in the next Module.

Review



Variable Length Subnet Masks (VLSMs) In the earlier example of subnetting the Class B network 191.9.0.0 (see Figure 4.3) the ACME network was split into 3 subnets by the use of the subnet mask 255.255.255.0. This would allow you to have up to 256 subnets each containing up to 254 hosts.

In this case, there is no shortage of addresses as the ACME network is so small. However, if the network were much larger, you might run into difficulties by having to use the same subnet mask throughout your organisation.

Look at the WAN subnet 191.9.2.0/24. There are only two hosts in this network, which is just the serial link connecting the two routers. So, only 2 of the possible 254 host addresses will be used – a waste of 252 IP addresses.

This is a common problem wherever a fixed length subnet mask is used throughout a network. If you were able to assign different subnet masks to different subnets, you would be able to make much more efficient use of the available address space.

For example, the WAN subnet could be given a subnet mask of 255.255.255.252 (191.9.2.0/30 in classless notation). This subnet would support just 2 hosts, exactly the number needed. The LAN subnets could be given different subnet masks to support the larger number of hosts in them.

Unfortunately, it is not always possible to implement VLSMs in a network – it depends on the routing protocol in use. Some protocols only allow one subnet mask for each Class A, B or C network, while others support VLSMs. You will learn more about this in the next module.

Private IP Addresses A private IP address is an IP address in a private network. Private networks are designed to be used within an intranet and are not advertised by routers to other routers outside the intranet, ie they are not advertised to the Internet.

There are class A, B and C private addresses, defined in RFC 1918. They are listed in Table 4.26.

Review



Table 4.26 - Private IP Address Ranges

Class Private Addresses Prefix Notation

A 10.0.0.0 to 10.255.255.255 10.0.0.0/8

B 172.16.0.0 to 172.31.255.255 172.16.0.0/12

C 192.168.0.0 to 192.168.255.255 192.168.0.0/16

A router within an intranet will advertise private networks to other routers within the intranet (using interior routing protocols like RIP, IGRP, OSPF etc), but will not forward traffic sent those networks to routers outside the intranet. Exterior gateway protocols (like EGP and BGP) will also not advertise private networks.

One reason for using private IP addresses is to set up an intranet which does not connect to the Internet. Of course, in this case you might use any IP network address, as there is no connection to the rest of the Internet. However, you should still use private addressing, as this will make it easier to connect your intranet to the Internet in future, if it becomes necessary.

The most common use for private IP addresses is in connecting an intranet to the Internet via a router providing Network Address Translation (NAT). The two main reasons for doing this are:

♦ Enhanced security – Computers with private addresses are not directly accessible from anywhere outside their intranet.

♦ Limited number of IP addresses – If your organisation has been assigned fewer public IP addresses than it needs, then computers can be assigned private IP addresses and still access the Internet via a router providing NAT.

Automatic Private IP Addressing (APIPA) The Class B network 169.254.0.0 has been reserved (see RFC 3330) for autoconfiguration of private IP addresses. This is designed for private networks which use Dynamic Host Configuration Protocol (DHCP) to configure the IP addresses of client computers.

If a DHCP client computer is unable to obtain an IP address from a DHCP server, perhaps because the server is down, it may be able to

Review



assign itself an IP address in the range 169.254.0.1 to 169.254.255.254. For this to happen, the computer must support IP address autoconfiguration.

The most widely used autoconfiguration mechanism is Automatic Private IP Addressing (APIPA), which was developed by Microsoft. When an APIPA-enabled computer is unable to obtain an IP address via DHCP, it will select a host address in network 169.254.0.0/16. It will then broadcast that address to the network to which it is connected.

If another host has already given itself the same address, that host will challenge the assignment, and the new assignment will not be accepted. The computer will then try to assign itself another address in the same range.

This process is repeated until the selected IP address is not challenged; that address then becomes the assigned IP address.

APIPA is intended for use in small, single-LANs intranets. It does not support routing to the Internet or to other subnets within the intranet.

Review



Network Address Translation (NAT) Network address translation is the process of substituting one address for another in an IP packet header; it is defined in RFC 1631.

Figure 4.7 - NAT Public and Private Addresses

A router running NAT can be configured with a pool of valid public IP addresses. These public addresses can then be mapped to private addresses on the intranet.

There are different ways of configuring a NAT router:

♦ Static NAT

♦ Dynamic NAT

♦ Overloaded NAT (Port Address Translation)

Sometimes a combination of these methods is used. You will learn how to configure a NAT router later in the course.

Static NAT In this case the NAT router maintains a permanent list of external public IP addresses which are mapped to internal private IP addresses. The private addresses need to be assigned statically, rather than by DHCP. This is used when it is necessary to allow access from the Internet to an internal host, for example a Web server.

Review



In Figure 4.8, the NAT router has two public IP addresses, 199.1.1.9, for its serial connection to the Internet and 199.1.1.10, which is mapped to the internal address of the Web server, 10.0.0.99.

Figure 4.8 - Static NAT

Any external host which needs to access the Web server will use the IP address 199.1.1.10.

When the Web server needs to send a packet to an external host, it sends it to the router, using the router’s private address 10.0.0.1. Before the router forwards the packet to the Internet, it changes the packet’s source address from 10.0.0.99 to 199.1.1.10. The router will forward any replies to 199.1.1.10 to the Web server’s private address 10.0.0.99.

All the internal addresses are in the private IP network 10.0.0.0. In this scenario, none of the computers on the intranet, except the Web Server, can access the Internet or be accessed from it.

Dynamic NAT For security reasons, you may not wish ordinary workstations to be accessed from the Internet. However, it is usually desirable to let them access the Internet. Nowadays, most workstations will have dynamically assigned IP addresses; these may be public or private addresses.

Review



For workstations which have private IP addresses assigned dynamically by DHCP, it is not possible to map public IP addresses permanently to their internal, private addresses. In this case the router can be configured with a pool of public addresses which can be mapped to private addresses as required. This is done when an internal host sends a packet to an external host.

When the router receives a packet from an internal host, it substitutes the dynamically mapped address for the private address in the source IP address field, before forwarding the packet to the Internet. Incoming reply packets will be forwarded to the mapped private address.

The mapping lasts as long as the session. The next time that the internal host attempts to start a session with an external host, its private address may be mapped to another public address.

Hosts which use dynamic NAT addresses cannot be accessed directly by external hosts. This improves security by hiding the internal hosts from the Internet.

Figure 4.9 - Dynamic NAT

If all the internal computers need access the Internet at the same time, the pool of external addresses on the router needs to have as many public addresses as there are internal hosts.

Review



In Figure 4.9, the router holds a static NAT mapping for the Web server, (to allow access to and from the Internet), while providing a pool of 4 public addresses which can be mapped dynamically to the workstations.

Although this does not reduce the number of public IP addresses needed, it does have the benefit of added security. A smaller pool of addresses could be used if the internal workstations did not all need simultaneous access to the Internet.

Overloaded NAT – Port Address Translation (PAT) If your organisation has been assigned fewer public addresses than it has internal hosts, then one of the public addresses can be used for all of the internal hosts that need to initiate sessions with external hosts.

The router will maintain information about the private source IP address and public destination IP address, together with details of the port and protocol used. This information will be used to identify the target of any packet received in reply.

Figure 4.10 Overloaded NAT – PAT

In Figure 4.10 there are only two public addresses; 199.1.1.10 is mapped statically to the Web server’s private address, 10.0.0.99, while

Review



all other internal private addresses are mapped use the router’s public IP address, 199.1.1.9.

Disadvantages of NAT Although NAT can provide added security and better use of public IP address space, it has the disadvantages of placing extra processing overheads on NAT routers, as well as making their configuration more complex.

Review



IP Version 6 (IPv6) We have already seen that the need for IPv6 arises from the small address space of IPv4, combined with its inefficient use. IPv6 is designed to overcome these difficulties, as well as tackling other requirements of modern networks, such as the ability to specify Quality of Service (QoS) and cope with future changes in networking technologies. Some of the main features of IPv6 are listed below:

♦ Large Address Space

♦ Hierarchical Addressing and Routing

♦ Support for Automatic IP Configuration

♦ Extensible Headers

Large Address Space IPv6 uses 128-bit addresses. This means that there are 2128 (approximately 3.4x1038) possible IPv6 addresses, compared to approximately 4.3x109 IPv4 addresses. To put this number in perspective, the surface area of the earth is approximately 5x1014 m2, which means that there will be about 6.7x1023 (670,000 billion billion) IPv6 addresses for every square metre of the surface of the planet.

Of course, not all of these addresses will be available for public unicast addresses. Some will be used to support hierarchical routing (see below), as well multicast and other special addresses. Nevertheless, IPv6 should meet the need for addresses in the foreseeable future.

IPv6 Addresses IPv6 addresses are written in dotted hexadecimal notation – in up to 8 groups of 4 hex digits, each group of hex digits representing 16 bits, for example

21DA:00D3:0000:0000:02AA:00FF:FE28:87C2

To make the numbers more readable, leading zeros can be suppressed as follows:

21DA:D3:0:0:2AA:FF:FE28:87C2

Review



Further compression can be achieved by simply leaving out entire groups all of whose bits are set to zero, leading to:

21DA:D3::2AA:FF:FE28:87C2

Even with compression, these numbers would be very cumbersome to configure manually. Under normal circumstances, they will be assigned automatically by DHCP or mechanisms similar to APIPA, and then mapped automatically to more user-friendly DNS names.

Exam Tip

You are unlikely to be asked detailed questions about IPv6 in the exam. However, you should be aware of the main features of IPv6. Additionally, you should be able to recognise IPv6 addresses both in their full 32-hex digit representation as well as in their compressed form, and be able to convert between them.

Aggregatable Global Unicast Addresses IPv4 addresses have just two parts, the network portion (used for routing) and the host portion to ensure delivery to the end host on the target network. As there are over two million network addresses, this makes for very large routing tables, particularly on core Internet routers. There are a number of fixes in IPv4 designed to reduce the size of routing tables, including CIDR (Classless Inter Domain Routing) and route aggregation, which are covered in the next module.

IPv6 tackles this problem by including multi-level network addresses within its structure. In IPv6, an Aggregatable Global Unicast Address (or simply Global Address) corresponds to a unique public IPv4 address. It has the following structure.

001 TLA ID Res NLA ID SLA ID Interface ID 3 13 8 24 16 64

IPv6 Aggregatable Global Unicast Address Structure

The number of bits in each field is shown under the field name. The meanings of the fields are shown in Table 4.27.

Review



Table 4.27 - IPv6 Global Address Fields

001 The first 3 bits set to 001 identify the address as a global address.

TLA ID Top-Level Aggregation Identifier – the highest level in the routing hierarchy, assigned to large, long-haul ISPs.

Res Reserved – for future expansion of the TLA ID or NLA ID (or both).

NLA ID

Next-Level Aggregation Identifier – Used by ISPs to assign unique IDs to organisations and blocks of IDs to downstream ISPs. The first 48 bits of a global address, including the NLA ID, uniquely define the network address of an organisation in the IPv6 Internet.

SLA ID

Site-Level Aggregation Identifier – Used by an organisation to create up to 216 (65,536) internal subnets. With IPv4, only organisations with Class A addresses can have so many subnets.

Interface ID

This is the host portion of the address. Typically, this will be the EUI-64 (Extended Unique Identifier - 64 bit), a new type of MAC address.

The first 24 bits of an EUI-64 address comprise the Manufacturer ID, as with current MAC addresses. The remaining 40 bits are the Extension ID, assigned to the interface board by the manufacturer.

Existing 48-bit MAC addresses will be mapped automatically to EUI-64 addresses.

Other Types of IPv6 Addresses As well as the fully-routable and public, global addresses, there are other types of IPv6 addresses. Some of these are listed in Table 4.28.

Review



Table 4.28 - Other IPv6 Address Types

Link-Local Addresses

Designed for auto-configuration, these addresses are never routed. They always have the prefix FE80::/64, and are the equivalent of APIPA addresses in IPv4.

Site-Local Addresses

These are private addresses for use within an intranet. Packets with these addresses can be routed within the intranet but cannot be routed to or from the Internet. They always have the prefix FEC0::/48, are the equivalent of the IPv4 private addresses

Unspecified Address This is 0:0:0:0:0:0:0:0 (or ::). It is the equivalent of 0.0.0.0 in IPv4, and is never assigned to a network interface.

Loopback Address This is 0:0:0:0:0:0:0:1 (or ::1). It is the equivalent of 127.0.0.1 in IPv4, and is never assigned to a network interface.

Compatibility Addresses

These are designed to be used in the migration from IPv4 to IPv6.

There are several types, for example 0:0:0:0:0:0:w.x.y.z, where w.x.y.z is the IPv4 address in the usual dotted decimal notation.

Multicast Addresses These always begin FF, and are the equivalent of IPv4 addresses with the first octet in the range 224 to 239.

Hierarchical Addressing Global IPv6 addresses provide for at least three levels of routing information.

Top-level routers will only need to maintain routes based on TLA IDs, a maximum of 213 (8096) routes. This makes for smaller routing tables in top-level Internet routers.

Review



The NLA IDs are used to route packets to organisations. They can be subdivided further by ISPs to allow for hierarchical routing to downstream ISPs.

The SLA IDs are only used within organisations, and can be subdivided to implement subnets.

In both cases, the subdivision is achieved by specifying the number of bits to be used for routing, as in the case of prefix notation in IPv4. For example, the address

21DA:D3::2AA:FF:FE28:87C2/48

tells us that there are no subnets in use within the organisation, as only the first 48 bits are being used for routing.

The address

21DA:D3::2AA:FF:FE28:87C2/52

could be used if the organisation’s network were divided into 16 subnets.

By using different prefixes, it is possible to implement further levels of hierarchical routing.

In IPv6, subnet masks are never specified as 128-bit numbers; only the prefix notation is used.

Support for Automatic IP Configuration IPv6 supports a number of different forms of automatic IP configuration:

♦ Stateful – Requires the presence of one or more DHCPv6 servers;

♦ Stateless – In the absence of a DHCPv6 server, hosts can automatically configure themselves with Link-Local Addresses and IPv4 Compatibility Addresses; if a router is present on the local network, hosts can autoconfigure themselves using the network prefix(es) advertised by the router.

Review



Extensible Headers The headers of IPv4 packets have a fixed maximum length. This restricts their ability to contain future information which might be required to support new developments in networking protocols.

IPv6 packet headers contain fields for pointing to, as yet undeveloped, further blocks of header information which may be needed in the future.

Review



Review After completing this module you should be able to:

♦ Describe the form and function of IP addresses;

♦ Identify the five classes of IP address;

♦ Understand the need for subnet masks and how they are used;

♦ Determine the effect of a subnet mask on a network address;

♦ Derive subnet masks suitable for given network requirements;

♦ Understand basic IP routing processes and the importance of the correct configuration of default gateways, subnet masks and routing tables;

♦ Describe simple network routing troubleshooting procedures;

♦ Express IP addresses using prefix notation;

♦ Understand some of the limitations of IP Version 4 (IPv4) and describe some of the techniques currently used to handle them;

♦ Explain the need for Variable Length Subnet Masks (VLSMs);

♦ Identify private IP addresses and understand how they are used;

♦ Define Network Address Translation (NAT) and identify the circumstances in which the various types of NAT should be considered;

♦ Understand the need for IP Version 6 (IPv6) and list its main features;

♦ Recognise IPv6 addresses.

Exam Tip

It is essential that you thoroughly understand how to calculate appropriate subnet masks and determine their effects. You should make sure that you work through the written labs carefully. You will encounter numerous questions in the exam requiring you to work quickly and accurately with subnet masks. Unlike some other exams, the CCNA does not provide access to an on-screen calculator.

Review



Review Questions 1 Identify the class of each of the following IP addresses and specify

their default subnet masks where appropriate: 224.0.0.1; 126.3.56.6; 193.6.9.0; 145.78.0.255; 255.255.255.255.

224.0.0.1 – Class D 126.3.56.6 – Class A, 255.0.0.0 193.6.9.0 – Class C, 255.255.255.0 145.78.0.255 – Class B, 255.255.0.0 255.255.255.255 – Class E

2 Which of the above addresses can be assigned as valid host addresses?

Only 145.78.0.255 and 126.3.56.6. 193.6.9.0 is a network address an cannot be assigned to a host, neither can Class D or E addresses.

3 What is the largest number of subnets that can be supported by the network 220.89.56.0/27? How many addresses can be assigned to hosts in each subnet?

8 subnets, including Subnet Zero and Subnet All-Ones. 30 hosts per subnet.

4 Which command would you use to verify that your computer’s TCP/IP installation was functional?

ping 127.0.0.1

5 From your PC you are able to ping other hosts on your local subnet, including the local interface of your router. However, you cannot ping the server on a remote subnet within your organisation’s network. You telephone a colleague at the remote site, who verifies that they can ping the server from another PC on the same subnet. List the possible causes of this behaviour?

Incorrect default gateway or subnet mask on your PC. Incorrect default gateway or subnet mask on the remote server. Incorrect routing information on an intermediate router. Physical network fault between the local and remote subnets.

Review



6 In the previous example, you verify that your PC is correctly configured and then wish check whether there is a problem routing packets between the local and remote networks. Which command would you use?

traceroute IP_address_of_remote_server

7 Give two possible advantages of using private IP addresses.

Increased security. The ability to support more hosts than you have public addresses.

8 List the private IP network ranges (excluding APIPA addresses), using Prefix notation.

10.0.0.0/8. 172.16.0.0/12. 192.168.0.0/16.

9 Which of these is not a valid APIPA address: 169.254.255.254; 169.255.254.255; 169.254.255.255?

169.255.254.255 is not in the APIPA network 169.254.0.0. 169.254.255.255 is the broadcast address for 169.254.0.0.

10 List three new features of IPv6.

128-bit addresses space. Extensible headers. Built-in support for hierarchical routing.

11 Write the following IPv6 address out in full, ie as 32 hex digits in colon-separated blocks of 4 – 21A3:C4::D00:2AA:FF:56B:312A.

21A3:00C4:0000:0D00:02AA:00FF:056B:312A.

Review

module 4 ip addressing and routing - nands.comnands.com/courseware/7306sm.pdf · ccna module 4: ip...

Documents