Embed Size (px)
Citation preview
15-441 Communications and Networking
Lecture 8Lecture 8Gregory KesdenGregory Kesden
Subnetting It might be useful for the same administrative domain to contain It might be useful for the same administrative domain to contain
several different networks:several different networks: Different link layer protocols without complex bridgesDifferent link layer protocols without complex bridges Different administrative subdomainsDifferent administrative subdomains Smaller tables on routersSmaller tables on routers
But Class-B network addresses are running out, so we can’t waste But Class-B network addresses are running out, so we can’t waste them by assigning them where they won’t be densely populatedthem by assigning them where they won’t be densely populated
And Class-C network addresses can only accommodate networks off And Class-C network addresses can only accommodate networks off 255 machines, which is too small for even modest networks.255 machines, which is too small for even modest networks.
The solution is to carve sub-networks (“subnets”) out of The solution is to carve sub-networks (“subnets”) out of larger Class-B networkslarger Class-B networks
Subnetting, cont. If all routers needed to be aware of subnets, this would If all routers needed to be aware of subnets, this would
drastically increase the size of routing tables. drastically increase the size of routing tables.
To avoid this problem, routers outside of a network only To avoid this problem, routers outside of a network only know about whole networksknow about whole networks
Routers within a network however, need to know about the Routers within a network however, need to know about the subnets of their network.subnets of their network.
This is achieved by having routers inside and outside of a This is achieved by having routers inside and outside of a network interpret the IP address differently. network interpret the IP address differently.
Subnetting, cont.
For compatibility, routers outside of a particular network must operate For compatibility, routers outside of a particular network must operate “exactly as before” – they make routing decisions based only on the “exactly as before” – they make routing decisions based only on the network number. network number.
But, once within a network, the routers are all within the same But, once within a network, the routers are all within the same administrative domain, and can be configured to operate a little administrative domain, and can be configured to operate a little differentlydifferently
The portion of the address space that is normally used to identify the The portion of the address space that is normally used to identify the host number is partitioned into a subnet number and host number. This host number is partitioned into a subnet number and host number. This is done in much the same way as the IP address itself was partitioned is done in much the same way as the IP address itself was partitioned into a network number and host number.into a network number and host number.
But, unlike the IP address as a whole, the number of bits used for each But, unlike the IP address as a whole, the number of bits used for each is not fixed. Instead it is determined by the is not fixed. Instead it is determined by the subnet masksubnet mask..
Subnetting, cont.
Each host can be part of one subnet. This subnet has a subnet number and a Each host can be part of one subnet. This subnet has a subnet number and a subnet mask.subnet mask.
For example 128.96.64.0 is a subnet of network 128.96For example 128.96.64.0 is a subnet of network 128.96
The network number is parsed exactly as it is before, based on the packet’s The network number is parsed exactly as it is before, based on the packet’s prefix and the class of the address.prefix and the class of the address.
Within a particular address, the subnet mask is used to separate the subnet Within a particular address, the subnet mask is used to separate the subnet number from the host number. number from the host number.
The subnet mask is the same length as an IP address and contains a 1 in every The subnet mask is the same length as an IP address and contains a 1 in every position that is part of the subnet number (including network number) and a 0 position that is part of the subnet number (including network number) and a 0 everywhere else. It might also need to contain additional 1s to distinguish it everywhere else. It might also need to contain additional 1s to distinguish it from other subnets. from other subnets.
By ANDing the subnet mask with the IP address, the host number is By ANDing the subnet mask with the IP address, the host number is eliminated, leaving only the subnet number. In this way a host knows if a eliminated, leaving only the subnet number. In this way a host knows if a destination is on its own network.destination is on its own network.
Subnetting, cont.
Subnet Num: 128. 96. 0. 0 10000000.01100000.00000000.00000000Subnet Mask: 255.255.255. 128 11111111.11111111.11111111.10000000~127 hosts
Subnets and subnet masks
Notice that the network mask hides host numbers:
IP Address: 128. 96. 0. 82 10000000.01100000.00000000.01010010Subnet Mask: 255.255.255. 128 11111111.11111111.11111111.10000000 Subnet Num: 128. 96. 0. 128 10000000.01100000.00000000.0d0000000
Subnetting, cont.
When a router within a network gets a hold of a packet, it When a router within a network gets a hold of a packet, it knows that the packet belongs within its network because of knows that the packet belongs within its network because of the network number.the network number.
It then walks through its forwarding table and masks the It then walks through its forwarding table and masks the packet’s IP address with each of the subnet masks. If the packet’s IP address with each of the subnet masks. If the subnet address match, the packet is forward to the subnet. subnet address match, the packet is forward to the subnet.
Note that this means that the forwarding tables must contain Note that this means that the forwarding tables must contain not only the subnet numbers, but also the subnet masks. not only the subnet numbers, but also the subnet masks.
Subnetting, cont.
Subnet Num: 128. 96. 10. 0 10000000.01100000.00001010.00000000
IP Address: 128. 96. 10. 15 10000000.01100000.00001010.00001111Subnet Mask: 255.255.255. 0 11111111.11111111.11111111.00000000
--AND-- 128. 96. 10. 0 10000000.01100000.00001010.00000000
Subnet Num: 128. 96. 10. 0 10000000.01100000.00001010.00000000
IP Address: 128. 96. 11. 15 10000000.01100000.00001011.00001111Subnet Mask: 255.255.255. 0 11111111.11111111.11111111.00000000
--AND-- 128. 96. 11. 0 10000000.01100000.00001011.00000000
Packet destined for same subnet as source (send directly)
Packet destined for different subnet than source (send to router)
Subnetting, cont.
MaskMask Subnet numberSubnet number Next HopNext Hop255.255.255.128255.255.255.128 128.196.34.0128.196.34.0 Interface 0Interface 0
255.255.255.128255.255.255.128 128.96.34.128128.96.34.128 Interface 1Interface 1255.255.255.0255.255.255.0 128.96.33.0128.96.33.0 Some_RouterSome_Router
(Not on attached LAN)(Not on attached LAN)
Subnetting, cont
Bottom Lines:Bottom Lines: Subnetting increases the utilization of the IP address Subnetting increases the utilization of the IP address
space by reducing the demand for networks, making space by reducing the demand for networks, making existing networks more densely populatedexisting networks more densely populated
Unnecessary subnetting decreases the utilization of the Unnecessary subnetting decreases the utilization of the IP address space by fragmenting a network, creating IP address space by fragmenting a network, creating more unusable “pockets” of addresses. more unusable “pockets” of addresses.
Without subnetting, either more networks would be Without subnetting, either more networks would be required or more bridges would be used (which can be required or more bridges would be used (which can be difficult with large or heterogeneous systems)difficult with large or heterogeneous systems)
Fragmentation and Reassembly One more real world detail: different link layers have different One more real world detail: different link layers have different
maximum payload sizes. The maximum size is known as the maximum payload sizes. The maximum size is known as the Maximum Transmission Unit (MTU)Maximum Transmission Unit (MTU)..
The network layer is responsible for ensuring that packets fit The network layer is responsible for ensuring that packets fit into the datagrams. into the datagrams.
This gets a bit complicated, because a sender is limited by not This gets a bit complicated, because a sender is limited by not only the attached LANS, but also intermediate LANs – which only the attached LANS, but also intermediate LANs – which may or may not be known or constant. may or may not be known or constant.
The sender must either send packets small enough to fit into The sender must either send packets small enough to fit into the frame of the smallest network along the way, or the packet the frame of the smallest network along the way, or the packet must be broken up along the way and then reassembled. must be broken up along the way and then reassembled.
Fragmentation and Reassembly IPv4 uses fragmentation and reassembly. IPv4 uses fragmentation and reassembly.
If a router cannot place a packet “whole” onto a LAN, because of the If a router cannot place a packet “whole” onto a LAN, because of the MTU, it breaks it into pieces that will fit.MTU, it breaks it into pieces that will fit.
Each piece is flagged as being a fragment and numbered with its byte Each piece is flagged as being a fragment and numbered with its byte offset into the original.offset into the original.
Fragment sequence numbers cannot be used, because fragments might Fragment sequence numbers cannot be used, because fragments might need to be re-fragmented again later. need to be re-fragmented again later.
Fragmentation and Reassembly The recipient collects the fragments, reassembles The recipient collects the fragments, reassembles
them using the offsets, and the passes the packet up them using the offsets, and the passes the packet up the stack.the stack.
If all of the pieces do not arrive within a certain time If all of the pieces do not arrive within a certain time period, the partially assembled packet is dropped and period, the partially assembled packet is dropped and any future pieces will also be dropped. any future pieces will also be dropped.
Packets can be flagged as non-fragmentable. These Packets can be flagged as non-fragmentable. These are dropped if they are too large. When this happens, are dropped if they are too large. When this happens, an ICMP message is dispatched to the original sender. an ICMP message is dispatched to the original sender.
Fragmentation and Reassembly, cont.
IPv6 does not fragment packets. If they are too large, it IPv6 does not fragment packets. If they are too large, it simply drops them.simply drops them.
This is because fragmentation and reassembly takes time This is because fragmentation and reassembly takes time and resources at the router – this is too expensive. In and resources at the router – this is too expensive. In modern, high-speed networks, routers are way to busy for modern, high-speed networks, routers are way to busy for this time consuming task. this time consuming task.
As before, if a packet is dropped, an ICMP message is As before, if a packet is dropped, an ICMP message is dispatched to the sender. This will allow the sender to try dispatched to the sender. This will allow the sender to try again with a smaller packet size, if desired. again with a smaller packet size, if desired.
Supernetting: CIDR Whereas Class-B network addresses are scarce, there are plenty of Whereas Class-B network addresses are scarce, there are plenty of
Class-C addresses, but no one wants themClass-C addresses, but no one wants them It is much easier to manage one Class-B network, with It is much easier to manage one Class-B network, with
subnets, as needed, than a collection of Class-C subnets, as needed, than a collection of Class-C networks, that cannot be combined. networks, that cannot be combined.
To solve this problem, To solve this problem, Classless Interdomain Routing (CIDR)Classless Interdomain Routing (CIDR) was was created.created.
It allows the aggregation of contiguous blocks of Class-C addresses It allows the aggregation of contiguous blocks of Class-C addresses into larger networks.into larger networks.
Whereas subnetting is the division of networks into smaller units, Whereas subnetting is the division of networks into smaller units, supernetting is the combination of smaller networks into larger ones. supernetting is the combination of smaller networks into larger ones.
It is important to remember that only contiguous blocks of Class-C It is important to remember that only contiguous blocks of Class-C addresses can be supernetted. addresses can be supernetted.
Supernetting: CIDR
Typically, a router knows how to interpret an IP address by Typically, a router knows how to interpret an IP address by looking at the prefix (first two bits). This indicates whether it is looking at the prefix (first two bits). This indicates whether it is Class-A, Class-B, or Class-C. Class-A, Class-B, or Class-C.
In turn, the class of the network determines how many of the In turn, the class of the network determines how many of the bits are network number bits and how many of the bits are host bits are network number bits and how many of the bits are host number bits. number bits.
CIDR-capable routers do not use this system. Instead they CIDR-capable routers do not use this system. Instead they explicitly store the number of bits used to name the network in explicitly store the number of bits used to name the network in the router. the router.
This enables them to view several contiguous Class-C This enables them to view several contiguous Class-C networks as a single network. networks as a single network.
Supernetting: CIDR For example, if we consider the 16 Class-C networks in the range of For example, if we consider the 16 Class-C networks in the range of
192.4.16 through 192.4.31, we will find that they share the same 20-192.4.16 through 192.4.31, we will find that they share the same 20-bit prefix:bit prefix:
1100 0000.0000 0100.00011100 0000.0000 0100.0001
So, if we know that we are using CIDR routing, we AND the IP So, if we know that we are using CIDR routing, we AND the IP address with a mask that has 20 1’s, followed by 0s. If the result address with a mask that has 20 1’s, followed by 0s. If the result matches the network number, the packet gets forwarded to that matches the network number, the packet gets forwarded to that address.address.
It is important to note that it is possible for some network numbers to It is important to note that it is possible for some network numbers to be substrings of others. To avoid ambiguities, the largest matching be substrings of others. To avoid ambiguities, the largest matching network number is used. network number is used.
Once the backbone gets the packet to the right network, it can be Once the backbone gets the packet to the right network, it can be subnetted and handled by the intra-domain routers as usual. (Thus, subnetted and handled by the intra-domain routers as usual. (Thus, Classless Classless InterDomainInterDomain Routing Routing
Supernetting: CIDR
WidthWidth Network NumberNetwork Number Next HopNext Hop2020 11000000.00000100.000111000000.00000100.0001 Interface 0Interface 02323 11000000.00001000.000011111000000.00001000.0000111 Interface 1Interface 11717 11000000.00001000.111000000.00001000.1 Interface 2Interface 2
Supernetting: CIDR
CIDR was actually intended as a quick fix to solve the CIDR was actually intended as a quick fix to solve the addressing crisis until IPv6 was finalized and deployed. addressing crisis until IPv6 was finalized and deployed.
IPv6 increases the address size form 32-bits to 128-bits and IPv6 increases the address size form 32-bits to 128-bits and streamlined some other issues (such as eliminated fragmentation streamlined some other issues (such as eliminated fragmentation and reassembly) and reassembly)
Unfortunately, CIDR has been widely adopted – and IPv6 Unfortunately, CIDR has been widely adopted – and IPv6 deployment has proven to be very, very slow. deployment has proven to be very, very slow.
CIDR “is here and now” – but IPv6 is not compatible with IPv4 CIDR “is here and now” – but IPv6 is not compatible with IPv4 which generates a which generates a bigbig migration problem. migration problem.
How Does a Router Know Where to Send a Packet? So, a router sees an IP packet with a particular address. It So, a router sees an IP packet with a particular address. It
can parse this address and determine what network it can parse this address and determine what network it should go to. How does it know where to send this packet?should go to. How does it know where to send this packet?
In thinking about this question, please remember that the In thinking about this question, please remember that the two networks may not be directly attached – there may be two networks may not be directly attached – there may be one or more intermediate networks.one or more intermediate networks.
Please also remember that there might be more than one Please also remember that there might be more than one possible path between the two – and they may be of possible path between the two – and they may be of different qualities. different qualities.
Answer: It Consults a Table The superficial answer to this question is that it consults a special table, called a The superficial answer to this question is that it consults a special table, called a
forwarding tableforwarding table..
This table contains a mapping from network number to outgoing interface This table contains a mapping from network number to outgoing interface (network card) and MAC address of the “next hop” (next router along the way). (network card) and MAC address of the “next hop” (next router along the way).
The router simply looks up the network number in the packet’s destination address The router simply looks up the network number in the packet’s destination address and sends it on its way. and sends it on its way.
Once there, the next router will do the same thing, until it arrives at the right Once there, the next router will do the same thing, until it arrives at the right network, where it will be passed down to the data link layer and ultimately the network, where it will be passed down to the data link layer and ultimately the physical layer for delivery. physical layer for delivery.
But, this answer just begs the question, But, this answer just begs the question, “Where does the forwarding table come “Where does the forwarding table come from?”from?”
Answer: From Another Table The forwarding table is a subset of another table called the The forwarding table is a subset of another table called the
routing tablerouting table. .
The routing table is a super-set of the forwarding table. In The routing table is a super-set of the forwarding table. In addition to the network numbers and MAC addresses of addition to the network numbers and MAC addresses of other routers, the routing table contains other “accounting” other routers, the routing table contains other “accounting” information that is used to determine the “best route” and information that is used to determine the “best route” and build the forwarding table. build the forwarding table.
The two tables are separate, because the forwarding table The two tables are separate, because the forwarding table needs to be very fast. As a consequence, it needs to be as needs to be very fast. As a consequence, it needs to be as small as possible.small as possible.
Okay, so again, we find ourselves asking the question, Okay, so again, we find ourselves asking the question, “Where does this [routing] table come from?”“Where does this [routing] table come from?”
Answer: By Talking With Other Routers The routing table is built by exchanging information with The routing table is built by exchanging information with
other routers.other routers.
The goal of this exchange is to “map out” the network. The goal of this exchange is to “map out” the network.
Each router wants to know who it can talk to directly, and Each router wants to know who it can talk to directly, and who those routers can talk to.who those routers can talk to.
In the end, it can get a packet to any host that it can talk to In the end, it can get a packet to any host that it can talk to directly and, it can get to other networks by asking other directly and, it can get to other networks by asking other routers to act as “middle men” and deliver packets for it. routers to act as “middle men” and deliver packets for it.
By talking with other routers it can build the routing table By talking with other routers it can build the routing table – the collection of routes, including those through other – the collection of routes, including those through other routers, to different networks.routers, to different networks.
![1-IPAddressing-Martignon [modalità compatibilità] · 2011-09-05 · IP Addressing-Internetworking (with TCP/IP)-Classful addressing-Subnetting and Supernetting-Classless addressing](https://img.pdfslide.net/doc/110x75/5f94a2e3c95bf47f6c72b96f/1-ipaddressing-martignon-modalit-compatibilit-2011-09-05-ip-addressing-internetworking.jpg)
