TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.

Slides:



Advertisements
Similar presentations
DMZ (De-Militarized Zone)
Advertisements

The subnet /28 has been selected to be further subnetted to support point-to-point serial links. What is the maximum number of serial links.
Addressing the Network IPv4
Week Seven Attendance Announcements Current Week Information Upcoming Assignments Review multiple question midterm exam.
IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Security Firewall Firewall design principle. Firewall Characteristics.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.
IP Addressing IP Subnetting Static Subnet Variable Length Subnet Masks(VLSMs)
1 CCNA 3 v3.1 Module 1. 2 CCNA 3 Module 1 Introduction to Classless Routing.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Introduction to TCP/IP
Subnetting.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
4: Addressing Working At A Small-to-Medium Business or ISP.
ECE 4110 – Internetwork Programming Subnetting, Supernetting, and Classless Addressing.
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Chapter 8 Advanced TCP/IP Network Design. Classful IP Addressing There are three basic classes of addresses known as class A, B, or C networks.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—3-1 Determining IP Routes Implementing Variable-Length Subnet Masks.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—3-1 Medium-Sized Routed Network Construction Implementing VLSM.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Intranet, Extranet, Firewall. Intranet and Extranet.
TCOM 515 Lecture 6.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing in an Enterprise Network Introducing Routing and Switching in the.
Cisco 1 - Networking Basics Perrine. J Page 19/17/2015 Chapter 9 What transport layer protocol does TFTP use? 1.TCP 2.IP 3.UDP 4.CFTP.
CIM 2465 Intro to TCP/IP1 Introduction to TCP/IP (Topic 5) Textbook: Networking Basics, CCNA 1 Companion Guide, Cisco Press Cisco Networking Academy Program,
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Introduction to Classless Routing
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.
CIS 3360: Internet: Network Layer Introduction Cliff Zou Spring 2012.
© 2007 Cisco Systems, Inc. All rights reserved. 1 Network Addressing Networking for Home and Small Businesses – Chapter 5 Darren Shaver – Modified Fall.
111 What Is VLSM and Why Is It Used?. 222 Classful and Classless Routing Classful (basic subnetting) Classful routing protocols require that a single.
Communication Between Networks How the Internet Got Its Name.
© 2002, Cisco Systems, Inc. All rights reserved..
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing in an Enterprise Network Introducing Routing and Switching in the.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
UNIT 5 SEMINAR Unit 5 Chapter 6, plus Lab 10 for next week Course Name – IT482 Network Design Instructor – David Roberts Contact Information:
Page 1 TCP/IP Networking and Remote Access Lecture 9 Hassan Shuja 11/23/2004.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Planning the Addressing Structure Working at a Small-to-Medium Business.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.1 Module 9 TCP/IP Protocol Suite and IP Addressing.
© 2002, Cisco Systems, Inc. All rights reserved..
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
1/28/2010 Network Plus IP Addressing Review. IP Address Classes.
Security fundamentals Topic 10 Securing the network perimeter.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—3-1 Lesson 3 Cisco PIX Firewall Technology and Features.
IP Addressing.
Using IP Addressing in the Network Design
“ is not to be used to pass on information or data. It should used only for company business!” – Memo from IBM Executive The Languages, Methods &
 Router Configurations part2 2 nd semester
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the network IPv4 CCNA Exploration Semester 1 – Chapter 6.
11 MAINTAINING A NETWORK INFRASTRUCTURE Chapter 9.
Network Overview. Protocol Protocol (network protocols) - a special set of rules that define communication between two or more devices on a network.
Planning the Addressing Structure
Security fundamentals
Examcollection VCE Download
Planning the Addressing Structure
Planning the Addressing Structure
Planning the Addressing Structure
Planning the Addressing Structure
Presentation transcript:

TCP/IP Addressing Design

Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems and describe strategies for resolving them Describe different address management tools -Secondary addressing -DHCP/DNS -Address translation Describe methods for implementing TCP/IP security features

Hierarcical Addressing

Prefix Length Determined from Context Variable-length prefixes are not a new invention – Prefix field identifies a network number – Host field identifies a device number 32 bits Prefix length = 8Host Prefix length = 16Host Prefix length = 24Host Class A Class B Class C

Prefix Length for classful & classless Routing “Classful” routers accept only a few prefix lengths / / /24 Class A Class B Class C /21Class C “Classless” routers accept any prefix length Prefix length is carried with an IP address

Subnetting Extends Prefix to the Right 32 bits Prefix Prefix length Host Assigned network address Subnetmask Hosts126 Subnets Need 510 Hosts Need 2 Hosts Good address utilization Poor address utilization RIP and IGRP require the same subnet mask on all interfaces

Classful Routing Protocols Do Not Advertise Prefix Length Subnetsmust be contiguous when using classful routing protocols / / /24 A advertises B advertises A C B Router C: Where is network ?

Classless Routing Protocols Allow Flexible Addressing

VLSM Saves Subnets in the WAN / / / / /

Route Summarization (Aggregation) Subnetting extends prefix to the right Prefix Prefix length Host Summarization collapses prefix to the left Prefix Prefix length Host

Classless Routing and Prefix Routing I will just tell you about a summary route to /21. CIDR used by BGP4 Prefix routing used by EIGRP and OSPF

A Classless Routing Protocol Looks for the Longest Match /32host /27subnet /24network /16block of networks /0default IP routers support host-specific routes, blocks of networks, default routes

Secondary Addressing Useful in switched networks – Router may relay packets, acting as a default gateway – Host may communicate directly, using ARP for learning

Host Address Assignment Static Dynamic – BOOTP – DHCP Address request Address response

Name-to-Address Translation Cisco DNS/DHCP Manager – Manages domain names – Synchronizes IP addresses – Supports secondary addressing Client_1Client_2 DNS/DHCP Server Client_ Client_ : : : : : : : Next avail DNS Table DHCP Table

Private versus Registered Addresses Three address blocks reserved for private networks – (1 Class A) – to (16 Class B) – to (256 Class C) Address translation must occur to reach the Internet Private network (for example, ) Public network (for example, Internet) Address translation gateway

Network Address Translation Cisco router provides – Network address translation only Private network (for example, ) Public network (for example, Internet)

Cisco Private Internet Exchange Private Internet Exchange platform provides – Address translation – Firewall service Private network (for example, ) Public network (for example, Internet) PIX Private servers Public servers

IP Security Considerations Private Network Public Network Policy Establish a security policy Implement firewall features Control access –Local –Remote

Implementing IP Security Policy drives implementation choices Private network (for example, ) Public network (for example, Internet) Firewall System Policy

Policy Considerations for Security Determine how much security you need Trade off ease of use and configuration with security demands Determine what data outsiders need to reach Quantify the cost of the proposed security system Implement a simple, robust design

Many Aspects of Security Authorization, authentication, data integrity, privacy issues Firewalls are just one piece of the puzzle Firewalls Access Management Host Security Encryption Policy

Firewall System with Isolated LANs prevent unauthorized and improper access from external networks Public servers on outside LAN I cannot access the private network. Untrusted User Public Firewall System Private servers Public servers Private

Additional Firewall Functionality Network address translation Application proxy Packet filter Audit trail Login protection InternetFirewall System InterNIC registered address

Disable All Unnecessary Features Disable Telnet, TFTP, and proxy services Outside filter FTP, WWW, Internet No VTYs No TFTP No finger Physical console port Public server Firewall System

Be Specific About Access Allowed Allow specific services to specific hosts on DMZ LAN only HTTP to host B only FTP to host A only DNS to host C only

Block Traffic from Firewall Routers, Hosts I have cracked the firewall!Where can I get to from here? Do not trust Telnet from firewall systems I am getting aTelnet from the firewall! I guess that’s OK! Telnet Untrusted User

Avoid IP Spoofing Deny packets from outside your network that claim to have a source address inside your network Filter source X.X Untrusted User

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.