Upload
roger
View
56
Download
0
Embed Size (px)
DESCRIPTION
4: Addressing in an Enterprise Network. Introducing Routing and Switching in the Enterprise. Objectives. Analyze the features and benefits of a hierarchical IP addressing structure. Plan and implement a VLSM IP addressing scheme. Plan a network using classless routing and CIDR. - PowerPoint PPT Presentation
Citation preview
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1Version 4.0
4: Addressing in an Enterprise Network
Introducing Routing and Switching in the Enterprise
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Objectives
Analyze the features and benefits of a hierarchical IP addressing structure.
Plan and implement a VLSM IP addressing scheme.
Plan a network using classless routing and CIDR.
Configure and verify both static and dynamic NAT.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Flat and Hierarchical Networks
Flat networks with a single broadcast domain lose efficiency as hosts are added
ONE Solution! Create VLANs, each VLAN = a subnet
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Flat and Hierarchical Networks
Using routers is another solution.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Hierarchical IP Addressing Structure An effective hierarchical address scheme consists of a classful network
address in the Core Layer that is subdivided into successively smaller subnets in the Distribution and Access Layers.
The following is a non-hierarchical networking scheme.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Hierarchical IP Addressing Structure A hierarchical addressing structure logically groups networks into
smaller subnetworks.
An effective hierarchical address scheme consists of a classful network address in the Core Layer that is subdivided into successively smaller subnets in the Distribution and Access Layers.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Using Subnetting to Structure the Network
Some reasons for subnetting are:
Physical location (eg remote offices) or logical grouping
Application requirements
Security
Broadcast containment
Hierarchical network design
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Using Subnetting to Structure the Network
For example:
• 10.0.0.0 network for the enterprise
• Use an addressing scheme such as 10.X.Y.0
• X represents a geographical location
• Y represents a building or floor within that location
This addressing scheme allows for:
• 255 different geographical locations
• 255 buildings in each location
• 254 hosts within each building
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Subnet Mask
The subnet mask is a 32-bit value used with the IPv4used with the IPv4 address that specifies the network portion of the network portion of the address to the network devicesaddress to the network devices, ie it uses 1s1s and 0s0s to indicate which bits of the IPv4 address are network network bitsbits and which are host bits.host bits.
A /24 prefix represents a subnet mask of 255.255.255.0 (11111111.11111111.11111111.00000000).The first 3 octets are all 1s, the remaining bits are 0s.
Inside the network device, the IPv4 host address is logically ANDed with its subnet maskANDed with its subnet mask to determine the network address.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Basic Subnetting ProcessInformation can be determined by looking at only an IP address and slash notation (/x) subnet mask, eg an IP address of 192.168.1.75 /26 :-
Decimal subnet mask
The /26 translates to a subnet mask of 255.255.255.192
Number of subnets created
Assuming we started with the default /24 subnet mask, we borrowed 2 additional host bits for the network. This creates 4 subnets (22 = 4)
Number of usable hosts per subnet
Six bits are left on the host side creating 62 hosts per subnet (26 = 64 - 2 = 62)
Network address
Using the subnet mask to determine the placement of network bits, the value of the network address is given. In this example 192.168.1.64 (256 – 192 = 64)
First usable host address
A host cannot have all 0s within the host bits, because that represents the network address of the subnet.
Therefore, the first usable host address within the .64 subnet is .65
Broadcast address
A host cannot have all 1s within the host bits because that represents the broadcast address of the subnet. In this cast, the broadcast address is .127 192.168.1.128 is the network address of the next subnet.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
ACTIVITY 4.2.1
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
ACTIVITY 4.2.2.3
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
ACTIVITY 4.2.2.3
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Basic Subnetting
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
VLSMBasic subnetting is sufficient for smaller networks
Does not provide the flexibility needed in larger enterprise networks.
Benefits of Variable Length Subnet Masks (VLSM) are:
Flexibility
Efficient use of address space
Ability to use route summarization
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
VLSM
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
VLSM
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Activity 4.2.4.3
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Implementing a VLSM Addressing Scheme Apply masks from largest group to smallest
Avoid assigning addresses that are already allocated
Allow for some growth in numbers of hosts on each subnet
Use tools such as Charts, etc
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
• Subnet of /26 is required to accommodate the largest network segment of 58 hosts. Using a basic subnetting scheme is not only wasteful, but creates only four subnets. This is not enough to address each of the required seven LAN/WAN segments.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Implementing a VLSM Addressing Scheme
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Implementing a VLSM Addressing Scheme
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Implementing a VLSM Addressing Scheme
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Implementing a VLSM Addressing Scheme
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
Implementing a VLSM Addressing Scheme
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
Activity 4.2.5.4
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
Classful and Classless Routing Classful routing Default subnet masks
Class determined by first octet
No subnet mask information exchanged in routing updates
Classless routing Network subnet mask
determines the network portion of the address. Known as the network prefix, or prefix length. Class of the address no longer determines the network address.
Subnet mask information exchanged in routing updates
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
Processing RIPv1 Updates
Rule 1: if a routing update and the interface on which it is received belong to the same major network, the subnet mask of the interface is applied to the network in the routing update.
Rule 2: if a routing update and the interface on which it is received belong to different major networks, the classful subnet mask of the network is applied to the network in the routing update.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29
Classless Routing and CIDR Classless Inter-Domain Routing (CIDR) uses address
space more efficiently
Used for network address aggregation or summarizing (reducing the size of routing tables)
CIDR requires a classless routing protocol, such as RIPv2 or EIGRP
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30
CIDR and Route Summarization
Use single address to represent group of contiguous subnets
Occurs at network boundary
Smaller routing tables, faster lookups
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 31
Example A border router advertises all of the networks within an enterprise to the ISP.
If there are 8 different networks, the router would have to advertise all 8. If every enterprise followed this pattern, the routing table of the ISP would be huge.
Using route summarization, a router groups the networks together and advertises them as one large group.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 32
CIDR and Summarization – Activity 4.3.2.3
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 33
CIDR and Summarization – Activity 4.3.2.3
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 34
Calculating Route Summarization
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 35
Calculating Route Summarization
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 36
Calculating Route Summarization
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 37
Calculating Route Summarization
If a contiguous hierarchical addressing scheme is not used, it may not be possible to summarize routes. If the network addresses do not have common bits from left to right, a summary mask cannot be applied.
BEWARE! Do not advertise addresses that do not belong to you!
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 38
Example of Discontinuous Subnets• Classful routing results in each router advertising the major Class C network without a subnet mask
• As a result, the middle router receives advertisements about the same network from two different directions.
• To avoid this condition, an administrator can:
• Modify the addressing scheme, if possible
• Use a classless routing protocol, such as RIPv2 or OSPF
• Turn automatic summarization off
• Manually summarize at the classful boundary
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 39
Subnetting Best Practices Use routing protocols that support VLSM
Disable auto-summarization if necessary
Ensure router IOS supports subnet zero
Use /30 ranges for WAN links (ie P2P links)
Allow for future growth
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 40
Private Addresses and NAT RFC 1918 - private IP address space, available for anyone to use on
their internal network
Routed internally, never on the Internet
Class A: 10.0.0.0 - 10.255.255.255 /8
Class B: 172.16.0.0 - 172.31.255.255 /12
Class C: 192.168.0.0 - 192.168.255.255 /16
Q: What is the netmask for the 172.16.x.x network shown above?
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 41
NAT Network Address Translation (NAT) translates internal private
addresses into one or more public addresses for routing onto the Internet.
NAT changes the private IP source address inside each packet to a publicly registered IP address before sending it out onto the Internet.
Use on boundary routers
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 42
Static and Dynamic NAT
Static NAT maps a single inside local address to a single global, or public address. This mapping ensures that a particular inside local address always associates with the same public address. Static NAT ensures that outside devices consistently reach an internal device such as a web server.
Dynamic NAT uses an available pool of Internet public addresses and assigns them to inside local addresses. Dynamic NAT assigns the first available IP address in the pool of public addresses to an inside device.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 43
Examples
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 44
PAT Port Address Translation (PAT) is a variation on dynamic NAT –
sometimes known as NAT Overload
When a source host sends a message to a destination host, it uses a combination of an IP address and a port number (above 1024) to keep track of each individual conversation.
10.0.0.3
10.0.0.3: 1444
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 45
Question
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 46
Answer
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 47
Question
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 48
Answer
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 49
Summary Hierarchical network design groups users into subnets
VLSM enables different masks for each subnet
VLSM requires classless routing protocols
CIDR network addresses are determined by prefix length
Route summarization, route aggregation, or supernetting, is done on a boundary router
NAT translates private addresses into public addresses that route over the Internet ie one-to-one, one-to-many
PAT translates multiple local addresses into a single public address ie many-to-one