© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the Enterprise
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 2 Objectives Analyze the features and benefits of a hierarchical IP addressing structure. Plan and implement a VLSM IP addressing scheme. Plan a network using classless routing and CIDR. Configure and verify both static and dynamic NAT.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 3 Flat and Hierarchical Networks Flat networks with a single broadcast domain lose efficiency as hosts are added Two solutions: Create VLANs, each VLAN = a subnet Use routers in a hierarchical network design
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 4 Hierarchical IP Addressing Structure Enterprise networks are large, and benefit from a hierarchical network design and address structure. A hierarchical addressing structure logically groups networks into smaller subnetworks. An effective hierarchical address scheme consists of a classful network address in the Core Layer that is subdivided into successively smaller subnets in the Distribution and Access Layers.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 5 Using Subnetting to Structure the Network Some reasons for subnetting are: Physical location (eg remote offices) or logical grouping Application requirements Security Broadcast containment Hierarchical network design
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 6 Subnet Mask used with the IPv4 network portion of the address to the network devices1s0s network bitshost bits. The subnet mask is a 32-bit value used with the IPv4 address that specifies the network portion of the address to the network devices, ie it uses 1s and 0s to indicate which bits of the IPv4 address are network bits and which are host bits. A /24 prefix represents a subnet mask of ( ). The first 3 octets are all 1s, the remaining bits are 0s. ANDed with its subnet mask Inside the network device, the IPv4 host address is logically ANDed with its subnet mask to determine the network address.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 7 Basic Subnetting Process Information can be determined by looking at only an IP address and slash notation (/x) subnet mask, eg an IP address of /26 :- Decimal subnet mask The /26 translates to a subnet mask of Number of subnets created Assuming we started with the default /24 subnet mask, we borrowed 2 additional host bits for the network. This creates 4 subnets (2 2 = 4) Number of usable hosts per subnet Six bits are left on the host side creating 62 hosts per subnet (2 6 = = 62) Network address Using the subnet mask to determine the placement of network bits, the value of the network address is given. In this example (256 – 192 = 64) First usable host address A host cannot have all 0s within the host bits, because that represents the network address of the subnet. Therefore, the first usable host address within the.64 subnet is.65 Broadcast address A host cannot have all 1s within the host bits because that represents the broadcast address of the subnet. In this cast, the broadcast address is is the network address of the next subnet.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 8 VLSM Basic subnetting is sufficient for smaller networks but does not provide the flexibility needed in larger enterprise networks. Some benefits of Variable Length Subnet Masks (VLSM) are: Flexibility Efficient use of address space Ability to use route summarization
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 9 Implementing a VLSM Addressing Scheme Apply masks from largest group to smallest Avoid assigning addresses that are already allocated Allow for some growth in numbers of hosts on each subnet Use tools such as Charts, etc
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 10 Classful and Classless Routing Classful routing Default subnet masks Class determined by first octet No subnet mask information exchanged in routing updates Classless routing Network subnet mask determines the network portion of the address. This is also known as the network prefix, or prefix length. The class of the address no longer determines the network address. Subnet mask information exchanged in routing updates
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 11 Processing RIPv1 Updates Rule 1:- if a routing update and the interface on which it is received belong to the same major network, the subnet mask of the interface is applied to the network in the routing update. Rule 2:- if a routing update and the interface on which it is received belong to different major networks, the classful subnet mask of the network is applied to the network in the routing update.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 12 Classless Routing and CIDR Classless Inter-Domain Routing (CIDR) uses address space more efficiently Used for network address aggregation or summarizing (reducing the size of routing tables) CIDR requires a classless routing protocol, such as RIPv2 or EIGRP
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 13 CIDR and Route Summarization Use single address to represent group of contiguous subnets Occurs at network boundary Smaller routing tables, faster lookups
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 14 Example A border router advertises all of the known networks within an enterprise to the ISP. If there are eight different networks, the router would have to advertise all eight. If every enterprise followed this pattern, the routing table of the ISP would be huge. Using route summarization, a router groups the networks together and advertises them as one large group.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 15 Subnetting Best Practices Use routing protocols that support VLSM Disable auto-summarization if necessary Ensure router IOS supports subnet zero Use /30 ranges for WAN links (ie P2P links) Allow for future growth
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 16 Private Addresses and NAT RFC private IP address space, available for anyone to use on their internal network Routed internally, never on the Internet Class A: /8 Class B: /12 Class C: /16 Q: what is the netmask for the x.x network shown above?
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 17 NAT Network Address Translation (NAT) translates internal private addresses into one or more public addresses for routing onto the Internet. NAT changes the private IP source address inside each packet to a publicly registered IP address before sending it out onto the Internet. Use on boundary routers
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 18 Static and Dynamic NAT Static NAT maps a single inside local address to a single global, or public address. This mapping ensures that a particular inside local address always associates with the same public address. Static NAT ensures that outside devices consistently reach an internal device such as a web server. Dynamic NAT uses an available pool of Internet public addresses and assigns them to inside local addresses. Dynamic NAT assigns the first available IP address in the pool of public addresses to an inside device.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 19 Examples
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 20 PAT Port Address Translation (PAT) is a variation on dynamic NAT – sometimes known as NAT Overload When a source host sends a message to a destination host, it uses a combination of an IP address and a port number (above 1024) to keep track of each individual conversation : 1444
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 21 Summary Hierarchical network design groups users into subnets VLSM enables different masks for each subnet VLSM requires classless routing protocols CIDR network addresses are determined by prefix length Route summarization, route aggregation, or supernetting, is done on a boundary router NAT translates private addresses into public addresses that route over the Internet ie one-to-one, one-to-many PAT translates multiple local addresses into a single public address ie many-to-one