DeSiaMore 1 CIT 742: Network Administration and Security DeSiaMore Powered by DeSiaMore

IP version 4 2 Every host on a TCP/IP network needs to have a unique address It is then possible to send data from host to host Every packet contains addressing information in the header the IP address in the header is used to route packets IP addressing is simply configuring each TCP/IP host with a valid IP address. The current version of Internet Protocol (IP) in wide deployment is version 4. IPv4 is soon becoming depleted and will ultimately be replaced by version 6 [IPv6] DeSiaMore Powered by DeSiaMore

Cont … 3 IPv4 uses four octets in a group to create an IP address and each octet is made up of eight bits or 1 byte. Therefore every IP address is 32 binary bits (4 x 8 = 32) or 4 bytes. Designed so that there would be enough IP addresses for the foreseeable future. No one predicted the huge growth in IT An example of how an IPv4 address appears in binary: Each grouping of eight numbers is an octet and the four octets gives us a 32 bit IP address st octet2 nd octet3 rd octet4 th octet DeSiaMore Powered by DeSiaMore

Cont … 4 Powers of Two Important if you want to understand IP addressing What is happening to the answers? The ^ character represents ‘to the power of’ IN THE REAL WORLD: It is worth remembering that routers and PCs do not see an IPv4 address as four octets, they just see 32 bits. Octets just make things easier for us to see. 2^1 =2 2^2 =4 2^3 =8 2^4 =1616 DeSiaMore Powered by DeSiaMore

IP Addressing 5 The reason for having a 32-bit address is because it was determined that this amount would be more than enough for many years to come. Unfortunately, the huge growth of home and business computing was never anticipated. IPv6 has several trillion available addresses that should last a few years into the future. IP (version 4) addresses are broken into classes. Depending upon how large your organization was, dictated which class of IP address you were given. IP addresses are assigned by a group called the IANA (Internet Assigned Number Authority). You can also buy one from an ISP who has in turn bought a block form the IANA DeSiaMore Powered by DeSiaMore

Class A Addresses 6 These were given to the very largest organizations tremendous number of IP addresses since they owned more computers than everyone else. Only use the first octet to identify the network number. The remaining three octets are left for identifying the hosts on the network. So the network is 10 and is a host on that network. In binary it would look like: nnnnnnnn.hhhhhhhh.hhhhhhhh.hhhhhhhh Network.Host.Host.Host DeSiaMore Powered by DeSiaMore

Cont … 7 Class A addresses are numbered from 1 to 126 in the first octet. Network equipment identifies a class A address because the very first bit on the first octet has to be a 0. It cannot have a 1 in this bit position. So the first network number is 1. You would pronounce the above IP address as ten dot two dot five dot four DeSiaMore Powered by DeSiaMore

Cont … 8 The last possible network number is 127. Use the powers of two rule: The first octet can have a possible 256 (2^8 = 256) networks. However, not allowed to use the first bit of the first octet, it is reserved for showing the 0 (binary) value. So this leaves us with 7 digits. 2^7–(1)gives us 127 networks. The full three octets to use for hosts so bits gives us 2^24-(2) = 16,777,214 hosts per class A network DeSiaMore Powered by DeSiaMore

Cont … 9 Network number 127 cannot actually be used because the value is reserved for troubleshooting is known as a loopback address You can ping the loopback address to check if TCP/IP is working on your host. We are not permitted to use 0 as a network number or the 127 which leaves us 126 available networks for class A addresses. For the hosts we can start at number one until every single possible value is used up. DeSiaMore Powered by DeSiaMore

Cont … 10 Example: is the first host, or in binary is the second host, or in binary: DeSiaMore Powered by DeSiaMore

Cont … is the last host, or in binary: Decimal notations are used so that it can be easy to write out the IP addresses and easy to remember. Why can’t we have as a host? Because when all the binary values have a 1 on the host part of the address this tells the network that it is a broadcast packet DeSiaMore Powered by DeSiaMore

Class B Addresses 12 They were reserved for large organizations that needed a lot of host numbers but not as many as the largest ones. When a class B address was assigned to an organization it resulted in thousands of wasted host numbers. They have to have the first two binary values on the first octet reserved with a 1 and a 0 next to it. So the first network number is 128 all the available network bits on the first octet turned off DeSiaMore Powered by DeSiaMore

Cont … 13 The last available class B network number is 191 network bits have been turned on (on the first octet). The first two octets for the network address the other two identify the hosts on the network. For example, the address is the network number 5.2 is a host on that network The range of class B IP addresses is between 128 and DeSiaMore Powered by DeSiaMore

Cont … 14 Use the powers of two rule: The first two octets can have a possible (2^16 = 65536) networks. however, not allowed to use the first two bits of the first octet, they are reserved for showing the 10 (binary) value. So this leaves us with 6+8 digits. 2^14 gives us networks. The full two octets to use for hosts so 8+8 bits gives us 2^16 –(2) = hosts per class B network. DeSiaMore Powered by DeSiaMore

Class C Addresses 15 Reserved for any other organization that was not large enough to warrant having a class A or B address. It has the first three bits reserved so the network device can recognize it as such. The first three bits must show as 110. The first network number is 192. All the other network bits are off (0) DeSiaMore Powered by DeSiaMore

Cont … 16 And the last is 223. This time all the network bits are on (on the first octet). An example of a class C address is is the network address.4 is a host on that network There are lots of available network numbers to assign to companies Limited amount of numbers free to use for the hosts on our networks DeSiaMore Powered by DeSiaMore

Cont … 17 For networks we have to take the first three bits (011) from the first octet giving us 5+8+8= 21 (network bits). 2^21 = For the hosts we have 2^8 giving us 256 (only 254 are usable though). DeSiaMore Powered by DeSiaMore

Class D and E Addresses 18 Class D addresses are reserved for multicast traffic and cannot be used on your network. Multicast traffic is traffic sent to multiple hosts using one IP A live web cast of a rock concert would be an example of multicasting. Class E addresses are reserved for experimental use only. Addresses Reserved for Private Use InterNIC has set aside certain addresses and have been reserved for private use only. For example, is reserved for testing purposes only Other include a list of addresses that are used only on private networks, not the Internet DeSiaMore Powered by DeSiaMore

Cont … 19 If you would like to use TCP/IP on your internal network (intranet) and not use the Internet, the following addresses are suggested: Class A through Class B through Class C through Routers on the Internet will not route data from or to these addresses; they are for internal, private use only. To use these addresses on an intranet and have access to the Internet, you must use a proxy server or Network Address Translation (NAT). DeSiaMore Powered by DeSiaMore

Summary 20 Class A – first bit set to 0. Address range (127 is reserved for testing) Network.Host.Host.Host Class B – first bits set to 10. Address range Network.Network.Host.Host Class C – first bits set to 110. Address range Network.Network.Network.Host Class D – first bits set to Address range from Class E – first bits set to Address range from To recognize the address class of an IP, look at the first octet = Class A, = Class B, = Class C DeSiaMore Powered by DeSiaMore

IP Address Classes 21 DeSiaMore Powered by DeSiaMore

Subnetting 22 Subnetting can be one of the most difficult subjects to master for many IT people. There is a long way to subnet and a very short and easy way Address Depletion IPv4 were not enough addresses to meet demand. Example: A company is given a Class A address. Class A addresses can only be given to 126 companies. The first octet is used for the network and the other three octets are free for use on the network. DeSiaMore Powered by DeSiaMore

How to Subnet 23 Problem The initial way of using IP addresses was that we were fixed with having certain parts of the address for the network and certain parts for the hosts. Class A addresses were fixed with 8 bits for the network and 24 for the hosts. Class B addresses were fixed with 16 bits for the network and 16 for the hosts. Class C addresses were fixed with 24 bits for the network and 8 for the hosts. There had to be some way for host addresses to not be wasted. The answer came with the introduction of Subnetting. Subnetting allowed bits that were normally used for the host part to be used for the subnet part of the address. In order to let the routers or PCs know that subnetting was being used another number had to be applied. This number is known as the subnet mask and is also a binary number. DeSiaMore Powered by DeSiaMore

Cont … 24 Each bit on the subnet mask is compared with the bits on the IP address to determine: which parts belong to the network which belong to the host A default subnet mask is allocated to each class of address. If you do not want to use subnetting simply add the subnet mask to the end of the IP address. It is not possible to enter an IP address onto a PC or router without also entering the subnet mask. DeSiaMore Powered by DeSiaMore

Cont … 25 Default subnet masks. Class A – or in binary Class B – or in binary Class C – or in binary A rule for subnet masks is that the 1 and 0 network and host bits must be contiguous i.e. connect without a break You can have You cannot have DeSiaMore Powered by DeSiaMore

Cont … 26 Example: The router performs something called logical ANDing Class B Subnet mask Network Address DeSiaMore Powered by DeSiaMore

Cont … is your network address in binary has all of the host bits turned off: > Every host bit is turned off Network. Network. Host.Host can be used for your first host can be used for your second host You can keep adding hosts until both the 3rd and 4th octet are (almost) full is still a valid host number is still okay is the last host number you can use. DeSiaMore Powered by DeSiaMore

Cont … in binary has all the host bits turned on: > Every host bit is turned on Network. Network. Host.Host It is not permitted to use all 0’s for the hosts since this is the network and we cannot use all 1’s because this is reserved for broadcast for our example of we can see we that we have the last two octets free (the 0.0) to allocate to hosts on the network The formula is 2^n-2 DeSiaMore Powered by DeSiaMore

Cont … in binary has all the host bits turned on: > Every host bit is turned on Network. Network. Host.Host It is not permitted to use all 0’s for the hosts since this is the network and we cannot use all 1’s because this is reserved for broadcast for our example of we can see we that we have the last two octets free (the 0.0) to allocate to hosts on the network The formula is 2^n-2 Total number of hosts would be 2^16 -(2) =65, 534 DeSiaMore Powered by DeSiaMore

Cont … 30 Do you think it would be practical to have a network with over hosts on? The solution to this is to create smaller sub-networks so that you do not end up wasting host IP addresses. To create subnets using any IP address classes you are supposed to ‘steal’ the host bits. Five of the host bits have been stolen to use to create the subnet [16 bits] [5 bits] [11 bits] [network][subnet][host bits] DeSiaMore Powered by DeSiaMore

Cont … 31 The advantage is that we have more than one subnet There are less hosts per subnet Calculate the number of subnets and the number of hosts per subnet. Use the powers of two formula. Number of subnets 2^5 = 32 subnets Number of hosts per subnet 2^11 = 2046 hosts per subnet DeSiaMore Powered by DeSiaMore

Cont … 32 Why would you want to do this? fewer hosts using the bandwidth on your network segment far easier to administer smaller subnets rather than one huge network it is desirable to limit the number of broadcasts excessive number of hosts, will increase the number of broadcasts, this broadcast traffic will lower the overall performance of all of the networked systems Remember: the more host bits you steal the more subnets you get but each of those subnets is capable of supporting a lesser number of hosts Deciding how many hosts you need and how many hosts per subnet is part of the network design phase DeSiaMore Powered by DeSiaMore

Class B Subnetting Summaries 33 DeSiaMore Powered by DeSiaMore

How to write subnet masks 34 If we steal five host bits from the third octet we have to add the binary values together So we have = 248 Since we are working with class B We are not allowed to alter the first two octets, they are fixed Subnet mask will be In order for the router to know if a host is on a certain subnet it looks to the masked bits DeSiaMore Powered by DeSiaMore

Cont … 35 Suppose we have IP address Answer the following: 1. In what IP address class does it belong to? 2. How many bits have been borrowed for subnetting? 3. Represent the subnet mask in binary 4. Does the IP address belong to the same subnet as ? DeSiaMore Powered by DeSiaMore

Cont … 36 Subnet bits in this example above both match For the above IP address the subnet masks do not match, this shows that they are in different subnets. So the router or PC can see it is a different subnet. It is not this easy for us to see it DeSiaMore Powered by DeSiaMore

Cont … 37 Values available to use as a subnet masks: DeSiaMore Powered by DeSiaMore

Variable Length Subnet Mask (VLSM) 38 Although subnetting provides a useful mechanism to improve the IP addressing issue Network admins were only able to use one subnet mask for an entire network They could have a Class B address with a mask but further break that subnet down into smaller units with masks such as With VLSM subnets can be written as slash addresses Writing out how many bits are used for subnetting. DeSiaMore Powered by DeSiaMore

Cont … 39 Examples: can be expressed as /16 because there are 16 binary bits masked = 16 on or masked bits can be expressed as /18 because there are 18 binary bits masked = 18 on or masked bits can be expressed as /20 because there are 20 binary bits masked = 20 on or masked bits. DeSiaMore Powered by DeSiaMore

Cont … 40 Represent with the subnet mask as a slash address. Cisco IOS 12.0 and later will recognize VLSM automatically. Prior to this you will need to use the ‘ip subnet-zero command’ if you want to use VLSM. DeSiaMore Powered by DeSiaMore

Classless Inter Domain Routing (CIDR) 41 CIDR removed the need for classes of IP address. Yet another solution to the problem of depletion of IP addresses allows for something known as route aggregation single route in a routing table can represent several network addresses saving space and routing table size CIDR also allows for supernetting Supernetting enables you to advertise a summary of your network addresses providing you have a contiguous block DeSiaMore Powered by DeSiaMore

Cont … 42 For example, if you owned the networks /24 up to /24 Then you could advertise a single network out to the internet of /22. The advantage is a saving on bandwidth and greater efficiency This is also knows as route summarization. Route summarization only works if you work out the addresses in binary first = 24 bit mask = = = = DeSiaMore Powered by DeSiaMore

Cont … 43 All of the bold parts of the address are common and can be aggregated with one subnet mask to advertise them all. There are 22 common bits so we can use the mask or /22 to advertise the entire block of addresses. Supernetting reduces the amount of routes advertised CIDR allows the use of the slash system for representing subnet masks /26 instead of DeSiaMore Powered by DeSiaMore

Cont … 44 DeSiaMore Powered by DeSiaMore

Class C Subnetting Chart 45 DeSiaMore Powered by DeSiaMore

How many subnets how many hosts? 46 Given a network ID and subnet mask, how many subnets can we form and how many hosts are there per subnet? It all boils down to the powers of two. When planning a network addressing scheme always ask the client what their expected growth for the next few years is and account for that. Never design a network addressing scheme for what they have now [16 bits ] [3 bits][13 bits] [Network] [Subnet] [Host] DeSiaMore Powered by DeSiaMore

Cont … 47 What can we deduce from this? This is a class B address Three subnet bits have been borrowed The total number of subnets is 2^3 = 8, 2 of which are not normally used 1. The first subnet – known as the subnet zero 2. The last subnet – broadcast subnet The number of usable subnets are then 2^subnet bits (-2) How many hosts? 13 bits left for the host addresses. 2^13-2 = So for this subnet mask we can see we have eight subnets and each subnet has 8190 hosts available for use. DeSiaMore Powered by DeSiaMore

Another Example 48 A class B address and are taking three bits from the host bits three binary bits is which is or (Network Address) (Subnet Mask) DeSiaMore Powered by DeSiaMore

Cont … 49 Hosts are to (8190 in total) * = subnet and = broadcast address The IP address changed from 32.1 then all the way up to , it is easy to look at it and mistake them for different subnets. Using subnets means that all the hosts on the same subnet (for example the subnet) will have to be attached to one router interface. You cannot decide to put half of your addresses on one side of the router and half on the other DeSiaMore Powered by DeSiaMore

Cont … 50 Shortcut Method Follow five simple steps. Step 1. How many subnets? 2 to the power of masked bits or 2^x Step 2. How many hosts per subnet 2 to the power of unmasked bits minus 2 (shown as -2) Step 3. What are the valid subnets? 256 – the rightmost non-zero subnet to give us the subnet increment Step 4. What are number of hosts per subnet? Step 5. What is the broadcast address of the subnet? INSPIRATION: If it doesn’t sink in the first or even the tenth time, just keep following the examples and re-reading. DeSiaMore Powered by DeSiaMore

Example 51 Which subnet is in? is in binary. slash mask of /19 1. How many subnets? We have stolen three bits, 2^3= 8 subnets 2. How many hosts per subnet? We have 13 bits left for hosts so: 2^13-2= What are the valid subnets? Take the right most non-zero subnet (224) away from = 32 DeSiaMore Powered by DeSiaMore

Cont … 52 We have eight valid subnets Each subnet will be an increment of 32 Start at 0 if subnet zero is permitted 0, 32, 64, 96, 128,160,192, What are the valid hosts per subnet? 1st Subnet <- This is the zero subnet 2nd Subnet * < is in this subnet 3rd Subnet th Subnet th Subnet th Subnet th Subnet th Subnet DeSiaMore Powered by DeSiaMore

Cont … 53 To get the broadcast address of each subnet, take one away from the network address of the next subnet Subnet (take one away to get the broadcast for the.32 subnet) 1st host Last host Broadcast DeSiaMore Powered by DeSiaMore

Writing out the subnets 54 Subnet 1: to Subnet 2: to * (you can see host 32.1 is in this subnet) Subnet 3: to Subnet 4: to Subnet 5: to Subnet 6: to Subnet 7: to Subnet 8: DeSiaMore Powered by DeSiaMore

Work this out 55 Which subnet is host in? DeSiaMore Powered by DeSiaMore

Questions DeSiaMore Powered by DeSiaMore