Upload
donna-smith
View
219
Download
0
Embed Size (px)
Citation preview
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 1
FdSc Computing TechnologiesWide Area Networks and Security IPv4, CIDR, VLSM
Last update : 15/04/2013
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 2
Objectives
This lecture aims to cover:- IPv4 re-cap Limitations of IPv4 and address space depletion Extending the design of IPv4 - CIDR Optimising IPv4 - VLSM Introduction to IPv6
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 3
Introduction…
Logical addressing is an OSI LAYER 3 technology:- IPv4 uses a 32 bit addressing scheme e.g. 10.15.1.120 It incorporates a 32 bit subnet mask to determine
the network and host portion of the address e.g. 255.0.0.0 or /8 (8 consecutive 1’s) It was ratified in the late 1970’s and therefore could
not foresee the addressing needs of the global public Internet. It was “deployed on 1st Jan 1983”(source: iana.org)
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 4
Limitations of IPv4
Classful addressing: Theoretical address space is 2^32 = 4,294,967,296
individual addresses The original “Classful” addressing schemes
created much wasted address apace e.g. One “class A” network allows for 16.7 million
hosts 2^24 = 16,777,216 hosts per network Also, to connect to the Internet all hosts on a
LAN need a unique public Internet address
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 5
LANS, NAT and PAT
Obviously giving every host on a LAN a public IP address to connect to the Internet is very wasteful in IPv4
A method of sharing a single public IP address or a POOL of public IP addresses was developed
This was called Network Address Translation It involved dynamically replacing the IP
packet’s private address with a public address when access to the Internet was required
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 6
Address Translation, NAT and PAT
Source: Cisco.com
NAT is essentially a 1 to 1 mapping between private and public addressesPAT extends this to a “1 to many” mapping using dynamic port allocation
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 7
NAT
Adapted from: Cisco.com
NAT provides one to one mapping i.e. 192.168.1.20 to 171.69.68.10
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 8
Port Address Translation (PAT)
PAT provides “many to 1” or “many to few” Internet access for larger organisations
Source: Cisco.com
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 9
Address space depletion and CIDR As the need for addresses grew in the 1990’s,
IPv4 address space was becoming depleted Innovative ways of extending the protocol
started some 15 years ago In addition to Address Translation techniques,
one method was introduced called ‘classless inter-domain routing’ or CIDR
This involved using subnet bits independent of the address class e.g.172.16.8.1/22
This therefore allowed the creation of smaller networks or “subnets” from a single network
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 10
Variable Length Subnet Masks CIDR however is sometimes inefficient and
wastes valuable IP address space e.g. 172.16.8.0/22 allows for 2^10-2 host
addresses (1022) per subnet However some networks in a WAN
environment may need far fewer than that They may only need TWO host addresses That is where VLSM can be used to produce
an optimised addressing scheme
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 11
Variable Length Subnet Masking exampleadapted from Cisco, (2008-09) A class C (/24) address
space has been sub-netted as a /27 network.
This gives 2^3 networks i.e. A ,B, C, D, E and 3 unused
We have used 5 but do not require the full address space in each (shown by the
shading in each block)
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 12
Variable Length Subnet Masking examplePROBLEM
netA: must support 14 hostsnetB: must support 28 hostsnetC: must support 2 hostsnetD: must support 7 hostsnetE: must support 28 hosts
VLSM METHOD (provides an individual scheme for each network) Determine what mask allows the required number of hosts.
netA: requires a /28 (255.255.255.240) mask to support 14 hosts netB: requires a /27 (255.255.255.224) mask to support 28 hosts netC: requires a /30 (255.255.255.252) mask to support 2 hosts netD*: requires a /28 (255.255.255.240) mask to support 7 hosts netE: requires a /27 (255.255.255.224) mask to support 28 hosts
(NOTE if you thought netD needs a /29 (255.255.255.248) mask. Remember this would only allow 6 usable host addresses therefore netD requires a /28 mask)
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 13
Variable Length Subnet Masking example The logical way to assign the subnets
is to assign the largest first. For example, you could assign in this manner:
ASSIGN NEW VLSM MASKS netB: 204.15.5.0/27 host address
range 1 to 30 netE: 204.15.5.32/27 host address
range 33 to 62 netA: 204.15.5.64/28 host address
range 65 to 78 netD: 204.15.5.80/28 host address
range 81 to 94 netC: 204.15.5.96/30 host address
range 97 to 98 MORE EFFICIENT USE OF SPACE.!
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 14
Mixing address classes and CIDR A further method to optimise address space
involves utilising two address ranges e.g. A sub-netted class B for the Local Area
Networks (LANS) AND a sub-netted class C range (for
example) for the point to point WAN links VLSM is not fully supported by older
protocols and routers so the network manager would decide on the optimal scheme for the WAN design.
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 15
IPv6
Address depletion in the 1990’s invoked the design of a replacement protocol for IPv4
IPv6 was approved in 1995 (Elahi, 2001) However, “NAT”, “CIDR” and “VLSM”
techniques have since fulfilled address space and route optimisation needs using IPv4
IPv6 has therefore been slow to mature and be accepted by ISP’s and the general networking community
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 16
IPv6
“ARIN again warns of IPv4 address depletion” [Campbell, 2009, gcn.com]
However, several “scares” from the American Registry for Internet Numbers and other bodies were promoting the adoption of IPv6 by 2011 [ARIN, 2010]
Despite warnings, few seem to be adopting IPv6 as IPv4 is so well known and understood
Whether it be next year or well beyond that, IPv4 will not provide our addressing needs forever
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 17
Summary
A brief IPv4 and sub-netting re-cap Limitations of IPv4 and address space
depletion Extending the design of IPv4 – NAT and CIDR Optimising IPv4 – VLSM schemes IPv6
21/04/23FdSc Appplied Computing with
MMT - Wide Area Networks 18
Lab tasks - IPv4 VLSM design In pairs, consider IPv4 VLSM and a multiple
class addressing schemes for your WAN design
The aim is to design the most optimised and therefore LEAST wasteful scheme
You will ultimately implement your design in software and use the hardware the LAB
Further study – VLSM workbook on Moodle