4: Addressing in an Enterprise Network

pigeoneggtrainsΔίκτυα και Επικοινωνίες

24 Οκτ 2013 (πριν από 3 χρόνια και 9 μήνες)

104 εμφανίσεις

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

1

Version 4.0

4: Addressing in an
Enterprise Network


Introducing Routing and Switching in the Enterprise

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

2

Objectives


Analyze the features and benefits of a hierarchical IP
addressing structure.


Plan and implement a VLSM IP addressing scheme.


Plan a network using classless routing and CIDR.


Configure and verify both static and dynamic NAT.

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

3

Flat and Hierarchical Networks


Flat networks with a single broadcast domain lose
efficiency as hosts are added








ONE Solution!
Create VLANs, each VLAN = a subnet



© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

4

Flat and Hierarchical Networks


Using routers is another solution.


© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

5

Hierarchical IP Addressing

Structure


An effective hierarchical address scheme consists of a classful network
address in the Core Layer that is subdivided into successively smaller
subnets in the Distribution and Access Layers.


The following is a non
-
hierarchical networking scheme.

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

6

Hierarchical IP Addressing

Structure


A hierarchical addressing structure
logically groups networks into
smaller subnetworks.



An effective hierarchical address scheme consists of a
classful network
address in the Core Layer that is subdivided into successively
smaller subnets in the Distribution and Access Layers.


© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

7

Using Subnetting to
Structure the Network

Some reasons for subnetting are:



Physical location (eg remote offices) or logical grouping


Application requirements


Security


Broadcast containment


Hierarchical network design




© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

8

Using Subnetting to
Structure the Network

For example:


10.0.0.0 network for the enterprise



Use an addressing scheme such as 10.X.Y.0



X represents a geographical location



Y represents a building or floor within that location


This addressing scheme allows for:


255 different geographical locations


255 buildings in each location


254 hosts within each building



© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

9

Subnet Mask


The subnet mask is a 32
-
bit value
used with the IPv4

address that specifies the
network portion of the
address to the network devices
, ie it uses
1s

and
0s

to indicate which bits of the IPv4 address are
network
bits

and which are
host bits.


A /24 prefix represents a subnet mask of 255.255.255.0
(11111111.11111111.11111111.00000000).

The first 3 octets are all 1s, the remaining bits are 0s.


Inside the network device, the IPv4 host address is
logically
ANDed with its subnet mask

to determine
the network address.

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

10

Basic Subnetting Process

Information can be determined by looking at only an IP address and slash notation (/x) subnet
mask, eg an IP address of
192.168.1.75 /26

:
-

Decimal subnet mask



The
/26

translates to a subnet mask of
255.255.255.192

Number of subnets created


Assuming we started with the default /24 subnet mask, we
borrowed 2 additional

host bits for the network.
This creates 4 subnets (2
2
= 4)

Number of usable hosts per subnet


Six bits are left on the host side creating
62 hosts per subnet (2
6

= 64
-

2 = 62)

Network address


Using the subnet mask to determine the placement of network bits, the value of the

network address is given. In this example
192.168.1.64 (256


192 = 64)

First usable host address


A host cannot have all 0s within the host bits, because that represents the

network address of the subnet.



Therefore, the first usable host address within the .64 subnet is .65

Broadcast address


A host cannot have all 1s within the host bits because that represents the

broadcast address of the subnet.

In this cast, the broadcast address is .127

192.168.1.128 is the network address of the next subnet.




© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

11

ACTIVITY 4.2.1

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

12

ACTIVITY 4.2.2.3

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

13

ACTIVITY 4.2.2.3

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

14

Basic Subnetting

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

15

VLSM

Basic subnetting is sufficient for smaller networks

Does not provide the flexibility needed in larger enterprise networks.

Benefits of Variable Length Subnet Masks (VLSM) are:


Flexibility


Efficient

use of address space


Ability to use route
summarization



© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

16

VLSM

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

17

VLSM

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

18

Activity 4.2.4.3

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

19

Implementing a VLSM Addressing Scheme


Apply masks from largest group to smallest


Avoid assigning addresses that are already allocated


Allow for some growth in numbers of hosts on each
subnet


Use tools such as Charts, etc





© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

20


Subnet of /26 is required to accommodate the largest network segment
of 58 hosts.

Using a basic subnetting scheme is not only wasteful, but creates only
four subnets.

This is not enough to address each of the required seven LAN/WAN
segments.

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

21

Implementing a VLSM Addressing Scheme

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

22

Implementing a VLSM Addressing Scheme

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

23

Implementing a VLSM Addressing Scheme

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

24

Implementing a VLSM Addressing Scheme

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

25

Implementing a VLSM Addressing Scheme

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

26

Activity 4.2.5.4

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

27

Classful and Classless Routing





Classful routing


Default subnet masks


Class determined by first octet


No subnet mask information
exchanged in routing
updates

Classless routing


Network subnet mask
determines the network portion
of the address.

Known as the network prefix,
or prefix length.

Class of the address no longer
determines the network
address.


Subnet mask information
exchanged in routing updates

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

28

Processing RIPv1 Updates





Rule 1
: if a routing update and the interface
on which it is received
belong to the same
major network
, the
subnet mask of the
interface

is applied to the network in the
routing update.










Rule 2
: if a routing update and the interface
on which it is received
belong to different
major networks
, the
classful subnet mask

of the network is applied to the network in the
routing update.

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

29

Classless Routing and CIDR



Classless Inter
-
Domain Routing (CIDR) u
ses address
space more efficiently


Used for network address aggregation or summarizing
(reducing the size of routing tables)


CIDR requires a classless routing protocol, such as
RIPv2

or
EIGRP




© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

30

CIDR and Route Summarization




Use single address to represent group of contiguous
subnets


Occurs at network boundary














Smaller routing tables, faster lookups



© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

31

Example


A border router advertises all of the networks within an enterprise to the ISP.


If there are 8 different networks, the router would have to advertise all 8.

If every enterprise followed this pattern, the routing table of the ISP would be
huge.


Using route summarization, a router groups the networks together and
advertises them as one large group.

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

32

CIDR and Summarization


Activity 4.3.2.3

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

33

CIDR and Summarization


Activity 4.3.2.3

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

34

Calculating Route Summarization

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

35

Calculating Route Summarization

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

36

Calculating Route Summarization

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

37

Calculating Route Summarization

If a contiguous hierarchical addressing scheme is
not used, it may not be possible to summarize
routes. If the network addresses do not have
common bits from left to right, a summary mask
cannot be applied.


BEWARE! Do not advertise addresses that do
not belong to you!

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

38

Example of Discontinuous Subnets


Classful

routing results in
each router advertising the
major Class C network
without a subnet mask


As a result, the middle router
receives advertisements
about the same network from
two different directions.



To avoid this condition, an
administrator can:



Modify the addressing
scheme, if possible


Use a classless routing
protocol, such as RIPv2 or
OSPF


Turn automatic
summarization off


Manually summarize at the
classful

boundary

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

39

Subnetting Best Practices


Use routing protocols that support VLSM


Disable auto
-
summarization if necessary


Ensure router IOS supports subnet zero


Use
/30

ranges for WAN links (
ie P2P links
)



Allow for future growth



© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

40

Private Addresses and NAT


RFC 1918

-

private IP address space, available for anyone to use on
their internal network


Routed internally, never on the Internet


Class A: 10.0.0.0
-

10.255.255.255 /8


Class B: 172.16.0.0
-

172.31.255.255 /12


Class C: 192.168.0.0
-

192.168.255.255 /16






Q: What is the netmask for the

172.16.x.x network shown above?


© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

41

NAT


Network Address Translation (NAT)

translates internal
private

addresses into one or more
public

addresses for routing onto the
Internet.


NAT changes the private IP source address inside each packet to
a publicly registered IP address before sending it out onto the
Internet.


Use on boundary routers



© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

42

Static and Dynamic NAT


Static NAT

maps a
single

inside local address to a
single global, or public address. This mapping ensures
that a particular inside local address always associates
with the same public address.

Static NAT ensures that outside devices consistently
reach an internal device such as a web server.


Dynamic NAT

uses an available
pool

of Internet public
addresses and assigns them to inside local addresses.

Dynamic NAT assigns the first available IP address in
the pool of public addresses to an inside device.


© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

43

Examples

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

44

PAT


Port Address Translation (PAT) is a variation on dynamic NAT


sometimes known as
NAT Overload


When a source host sends a message to a destination host, it uses a
combination of an
IP address and a port number (above 1024)
to
keep track of each individual conversation.


10.0.0.3

10.0.0.3: 1444

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

45

Question

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

46

Answer

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

47

Question

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

48

Answer

© 2006 Cisco Sy stems, Inc. All rights reserv ed.

Cisco Public

49

Summary


Hierarchical network design groups users into subnets


VLSM enables different masks for each subnet


VLSM requires classless routing protocols


CIDR network addresses are determined by prefix
length


Route summarization, route aggregation, or
supernetting, is done on a boundary router


NAT translates private addresses into public addresses
that route over the Internet ie
one
-
to
-
one, one
-
to
-
many


PAT translates multiple local addresses into a single
public address ie
many
-
to
-
one