© 2000, Cisco Systems, Inc. 3-1 Network Address Conservation Subnetting, VLSM, NAT & RFC1918.

© 2000, Cisco Systems, Inc. 3-1

Network Address Conservation

Subnetting, VLSM, NAT & RFC1918

Network Address Conservation

Subnetting, VLSM, NAT & RFC1918

© 2000, Cisco Systems, Inc. www.cisco.com BSCN v1.0—3-2

AgendaAgenda

Need for Address Conservation

Private Addressing and NAT

Classful Addressing

Variable-Length Subnet Masks

Route Aggregation

Summary


DefinitionsDefinitions

Regional Internet Registry (RIR)–An organization with regional responsibility for

management of Internet resources

–Responsibilities include allocation/registration services, coordination and policy development

– For example. APNIC, ARIN, RIPE-NCC

Local Internet Registry (LIR)–Otherwise known as an ARIN Member

–Usually operates as an ISP, assigns address space to its customers and registers it in the ARIN database

• Eg. NJ Edge, UUNET


Definition: Allocation and Assignment

Definition: Allocation and Assignment

RFC 2050 – Allocation Guidelines http://sunsite.dk/RFC/rfc/rfc2050.html

Allocation• A block of address space held by an IR for subsequent

allocation or assignment

• Not yet used to address any networks

Assignment• A block of address space used to address an

operational network

• May be provided to LIR customers, or used for an LIR’s infrastructure (‘self-assignment’)



Provider Independent (Portable)–Customer holds addresses independent from ISP

–Customer keeps addresses when changing ISP

–Bad for size of routing tables

–Bad for QOS: routes may be filtered, flap-dampened

Provider Aggregatable (Non-portable)–Customer uses ISP’s address space

–Customer must renumber if changing ISP

–Only way to effectively scale the Internet


Growth of Global AddressesGrowth of Global Addresses

• Growth of Global Routing Table (as of 3 May 2001)

–Unaggregated Internet would exceed 200,000 routes!

http://www.telstra.net/ops/bgptable.html

Moore’s Law and CIDRmade it work for a while

But they cannot berelied on forever

Projected routing table growth without CIDR

DeploymentPeriod of CIDR







IP Slowing IP Address DepletionIP Slowing IP Address Depletion

• Subnet masking; RFCs 950, 1812• Address allocation for private Internets,

RFC 1918

• Network Address Translation (NAT), RFC

1631

• Hierarchical addressing

• Variable-length subnet masks (VLSM), RFC

1812

• Route summarization, RFC 1518

© 2000, Cisco Systems, Inc. www.cisco.com 3-8

Private Addresses and NAT

Private Addresses and NAT


Private Addressing and Network Address Translation


One way to cope with the depletion of IP addresses is through the use of private addressing.

IP addresses used on the Internet must be globally unique, usually specified by an Internet service provider.

However, traffic that remains only on an organization's private network does not need to be globally unique, just unique across that organization's private network.


RFC1918 - Private IP Address Ranges

RFC1918 - Private IP Address Ranges

Used for networks/hosts not on Internet• Class A: 1; 10.0.0.0 ~ 10.255.255.255

• Class B: 16; 172.16.0.0 ~ 172.31.255.255

• Class C: 256; 192.168.0.0 ~ 192.168.255.255

Planning:• Determine which hosts are internal ONLY

• Routers configured with filters




RFC1918 Private Addresses are not routed on the Internet.

Host Computers using Private IP address space can still send and receive traffic to/from the Internet by using RFC 1631 network address translation (NAT).

NAT can be provided by a router, firewall, or stand‑alone NAT software running on a multi‑homed server.


Types of NATTypes of NAT

Static NAT – direct mapping of inside address to outside address, one to one correlation

Dynamic NAT – outside address pulled from pool of addresses when needed then released back to pool when no longer needed, likely different address each time

PAT (Port Address Translation) – Special type of dynamic NAT where pool consists of one address, every host appears to internet as the same address, differentiated by source port number (also called Address Overloading)


Network Address TranslationNetwork Address Translation


Some Applications Aren't NAT-Friendly

Some Applications Aren't NAT-Friendly

Some applications send IP addresses or port numbers hidden inside their datapackets, where NAT can't properly rewrite them - so those applications don't work when you try to use them on computers behind NATs.

Breaks Global Addressing – problem for peer to peer networking (like napster, netmeeting, etc)

DNS needs special handling in large environments

Additional Info:

http://sunsite.dk/RFC/rfc/rfc1631.html


DNS with NAT and RFC1918 Addresses

DNS with NAT and RFC1918 Addresses

Two DNS Servers may be needed, one to resolve internal names with Internal Addresses and the another to maintain your DNS domain to the Internet. Both DNS servers must be independent each other, so that all Internal computers must point to your Internal DNS, and your Internal DNS could be configured with a forwarder pointing to the Internet DNS server that will help you to resolve the rest of Internet names.


Classful Addressing

Classful Addressing



Classful and Classless• Classful

–Address architecture where network boundaries are fixed at 8, 16 or 24 bits (class A, B, and C)

• Classless

–Architecture in which network boundaries may occur at any bit (e.g. /12, /16, /19, /24 etc)


IPv4: Internet Protocol, Version 4

IPv4: Internet Protocol, Version 4

IP address is 32-bit, binary, 4-octets

Dotted-decimal format for human consumption

Address space divided into classes (A~E)• A: 1.h.h.h ~ 126.h.h.h, 16.7M hosts

• B: 128.1.h.h ~191.254.h.h, 65K hosts

• C: 192.0.1.h ~ 223.255.254.h, 254 hosts

• D: 224.0.0.0 ~ 239.255.255.254, Multicasting

• E: 240.0.0.0 ~ 255.255.255.255, IETF Research


• Unique addressing allows communication between end stations

• Path choice is based on locationLocation is represented by an address

Introduction to TCP/IP Addresses

Introduction to TCP/IP Addresses

172.18.0.2

172.18.0.1

172.17.0.2172.17.0.1

172.16.0.2

172.16.0.1

SADAHDR DATA10.13.0.0 192.168.1.0

10.13.0.1 192.168.1.1


IP Addressing

255 255 255 255

DottedDecimal

Maximum

Network Host

32 bits


IP AddressingIP Addressing

255 255 255 255

DottedDecimal

Maximum

Network Host

128 64 32 16 8 4 2 1

11111111 11111111 11111111 11111111Binary

32 bits

1 8 9 16 17 24 25 32

128 64 32 16 8 4 2 1

128 64 32 16 8 4 2 1

128 64 32 16 8 4 2 1


IP AddressingIP Addressing

255 255 255 255

DottedDecimal

Maximum

Network Host

128 64 32 16 8 4 2 1

11111111 11111111 11111111 11111111

10101100 00010000 01111010 11001100

Binary

32 bits

172 16 122 204ExampleDecimal

ExampleBinary

1 8 9 16 17 24 25 32

128 64 32 16 8 4 2 1

128 64 32 16 8 4 2 1

128 64 32 16 8 4 2 1


Class A:

Class B:

Class C:

Class D: Multicast

Class E: Research

IP Address ClassesIP Address Classes

NetworkNetwork HostHost HostHost HostHost

NetworkNetwork NetworkNetwork HostHost HostHost

NetworkNetwork NetworkNetwork NetworkNetwork HostHost

8 bits 8 bits 8 bits 8 bits


IP Address ClassesIP Address Classes

1

Class A:

Bits:

0NNNNNNN0NNNNNNN HostHost HostHost HostHost

8 9 16 17 24 25 32

Range (1-126)

1

Class B:

Bits:

10NNNNNN10NNNNNN NetworkNetwork HostHost HostHost

8 9 16 17 24 25 32

Range (128-191)1

Class C:

Bits:

110NNNNN110NNNNN NetworkNetwork NetworkNetwork HostHost

8 9 16 17 24 25 32

Range (192-223)1

Class D:

Bits:

1110MMMM1110MMMM Multicast GroupMulticast Group Multicast GroupMulticast Group Multicast GroupMulticast Group

8 9 16 17 2425 32

Range (224-239)


Host AddressesHost Addresses

172.16.2.1

172.16.3.10

172.16.12.12

10.1.1.1

10.250.8.11

10.180.30.118

E1

172.16 12 12

Network Host

. . Network Interface

172.16.0.0

10.0.0.0

E0

E1

Routing Table

172.16.2.1

10.6.24.2

E0


11111111

Determining Available Host Addresses

Determining Available Host Addresses

172 16 0 0

10101100 00010000 00000000 00000000

16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1

Network Host

00000000 00000001

11111111 11111111 11111111 11111110

...

... 00000000 00000011

11111101

123

655346553565536-

...

2

65534

N

2N-2 = 216-2 = 65534


Subnetting‑Why Subnet?Subnetting‑Why Subnet?

Address classes were restrictive and forced an inefficient allocation of addresses. (Class C too small but Class B too large). Class B addresses were given out to organizations that would never need the 65,534 addresses.

RFC 950, defined in 1985, provided a way to subnet or provide a third layer of organization or hierarchy between the existing network ID and the existing host ID.


Network 172.16.0.0

172.16.0.0

Addressing without SubnetsAddressing without Subnets

172.16.0.1 172.16.0.2 172.16.0.3

…...

172.16.255.253 172.16.255.254


Network 172.16.0.0

Addressing with SubnetsAddressing with Subnets

172.16.1.0 172.16.2.0

172.16.3.0

172.16.4.0


Subnet AddressingSubnet Addressing

172.16.2.200

172.16.2.2

172.16.2.160

172.16.2.1

172.16.3.5

172.16.3.100

172.16.3.150

E0

172.16

Network

Network Interface

172.16.0.0

172.16.0.0

E0

E1

New Routing Table

2 160

Host

. .

172.16.3.1E1


Subnet AddressingSubnet Addressing

172.16.2.200

172.16.2.2

172.16.2.160

172.16.2.1

172.16.3.5

172.16.3.100

172.16.3.150

172.16.3.1

E0E1

172.16 2 160

Network Host

. . Network Interface

172.16.2.0

172.16.3.0

E0

E1

New Routing Table

Subnet


Subnet MaskSubnet Mask

172172 1616 00 00

255255 255255 00 00

255255 255255 255255 00

IPAddress

DefaultSubnet

Mask

8-bitSubnet

Mask

Network Host

Network Host

Network Subnet Host

Also written as “/16” where 16 represents the number of 1s in the mask.


11111111 11111111 00000000 00000000


16

Network Host

172 0 0

10101100

11111111

10101100

00010000

11111111

00010000

00000000

00000000

10100000

00000000

00000000

Subnets not in use—the default

00000010

Subnet Mask without SubnetsSubnet Mask without Subnets

172.16.2.160172.16.2.160

255.255.0.0 255.255.0.0

NetworkNumber


Network number extended by eight bits

Subnet Mask with SubnetsSubnet Mask with Subnets

16

Network Host

172.16.2.160172.16.2.160

255.255.255.0 255.255.255.0

172 2 0

10101100

11111111

10101100

00010000

11111111

00010000

11111111

00000010

10100000

00000000

00000000

00000010

Subnet

NetworkNumber

128

192

224

240

248

252

254

255


IP Host Address: 172.16.2.121Subnet Mask: 255.255.255.0

Subnet Address = 172.16.2.0Host Addresses = 172.16.2.1–172.16.2.254Broadcast Address = 172.16.2.255Eight bits of subnetting

Network Subnet Host

10101100 00010000 00000010 11111111

172.16.2.121:

255.255.255.0:

10101100

11111111

Subnet: 10101100 00010000

00010000

11111111

00000010

00000010

11111111

01111001

00000000

00000000

Class B Subnet ExampleClass B Subnet Example

Broadcast:

Network





Variable Length Subnet Masks Variable Length Subnet Masks

Variable Length Subnet Masks (VLSM), defined in 1987 as RFP 1009. A single network ID could have different subnet masks among its subnets.

The major benefit of VLSM is that subnets can be defined to different sizes as needed under a single Network ID, thereby minimizing, if not eliminating, wasted addresses.

Second, variable length subnet masks can be used to permit route aggregation which minimizes the number of distinct routes that need to be advertised and processed by network backbone or Internet routers.


Working with Variable Length Subnet Masks‑Subnet Design Working with Variable Length Subnet Masks‑Subnet Design

Subnet design with VLSM is similar to subnet design with fixed length masks except that decisions made regarding subnets are made independently at each level in the VLSM scenario. At each level two questions must be answered:1. How many subnets are required at this level both now

and in the future?

2. What is the largest number of hosts required per subnet on this level both now and in the future?

The answers to these questions will determine how many subnets with how much host ID capacity needs to be defined at each level.


Recursive Division of a Network Prefix with VLSM

Recursive Division of a Network Prefix with VLSM


Subnet MaskSubnet Mask

172172 1616 00 00

255255 255255 00 00

255255 255255 255255 00

IPAddress

DefaultSubnet

Mask

8-bitSubnet

Mask

Network Host

Network Host

Network Subnet Host



11111111 11111111 00000000 00000000


16

Network Host

172 0 0

10101100

11111111

10101100

00010000

11111111

00010000

00000000

00000000

10100000

00000000

00000000

Subnets not in use—the default

00000010

Subnet Mask without SubnetsSubnet Mask without Subnets

172.16.2.160172.16.2.160

255.255.0.0 255.255.0.0

NetworkNumber


Network number extended by eight bits

Subnet Mask with SubnetsSubnet Mask with Subnets

16

Network Host

172.16.2.160172.16.2.160

255.255.255.0 255.255.255.0

172 2 0

10101100

11111111

10101100

00010000

11111111

00010000

11111111

00000010

10100000

00000000

00000000

00000010

Subnet

NetworkNumber

128

192

224

240

248

252

254

255


Subnet Mask with Subnets (cont.)

Subnet Mask with Subnets (cont.)

Network Host

172.16.2.160172.16.2.160

255.255.255.192 255.255.255.192

10101100

11111111

10101100

00010000

11111111

00010000

11111111

00000010

10100000

11000000

10000000

00000010

Subnet

Network number extended by ten bits

16172 2 128

NetworkNumber

128

192

224

240

248

252

254

255

128

192

224

240

248

252

254

255


Decimal Equivalents of Bit Patterns

Decimal Equivalents of Bit Patterns

1 0 0 0 0 0 0 0 = 128

1 1 0 0 0 0 0 0 = 192

1 1 1 0 0 0 0 0 = 224

1 1 1 1 0 0 0 0 = 240

1 1 1 1 1 0 0 0 = 248

1 1 1 1 1 1 0 0 = 252

1 1 1 1 1 1 1 0 = 254

1 1 1 1 1 1 1 1 = 255

128 64 32 16 8 4 2 1


VLSM Addressing ExampleVLSM Addressing Example

16172 2 160

10101100 00010000 1010000000000010 Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

4

1



10101100

11111111

00010000

11111111 11111111

10100000

11000000

00000010 Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

1

2

16172 2 160



10101100

11111111

00010000

11111111 11111111

10100000

11000000

00000010 Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

1

2

3

7

16172 2 160



10101100

11111111

00010000

11111111 11111111

10100000

11000000

10000000

00000010 Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

1

2

3

4

16172 2 160



10101100

11111111

00010000

11111111 11111111

10100000

11000000

10000000

00000010

10111111

Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

1

2

3

4

56

16172 2 160



10101100

11111111

00010000

11111111 11111111

10100000

11000000

10000000

00000010

10111111

10000001

Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

1

2

3

4

56

16172 2 160



10101100

11111111

00010000

11111111 11111111

10100000

11000000

10000000

00000010

10111111

10000001

10111110

Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

1

2

3

4

56

7

16172 2 160



10101100

11111111

10101100

00010000

11111111

00010000

11111111

00000010

10100000

11000000

10000000

00000010

10101100 00010000 00000010 10111111

10101100 00010000 00000010 10000001

10101100 00010000 00000010 10111110

Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

1

2

3

4

56

7

8

16172 2 160



10101100

11111111

10101100

00010000

11111111

00010000

11111111

00000010

10100000

11000000

10000000

00000010

10101100 00010000 00000010 10111111

10101100 00010000 00000010 10000001

10101100 00010000 00000010 10111110

Host

Mask

Subnet

Broadcast

Last

First

172.16.2.160

255.255.255.192

172.16.2.128

172.16.2.191

172.16.2.129

172.16.2.190

1

2

3

4

56

7

89

16172 2 160


IP CalculatorsIP Calculators

http://www.telusplanet.net/public/sparkman/netcalc.htm

http://www.chattanooga.net/techsupport/ipcalc/IPAddress.htm

http://ihide.virtualave.net/subnet/subnet.html

http://www.subnetonline.com/subnet/subnet.html


Address PlanningAddress Planning

• Map IP Addressing Scheme to Physical Topology or Logical Groups

• Anticipate Growth!

• Leave ‘spare’ Subnets

• Restrict Size of Subnets

• Deploy Address blocks with Summarization in mind


Route Summarization

Route Summarization


What Is Route Summarization?What Is Route Summarization?

Routing table172.16.25.0/24172.16.26.0/24172.16.27.0/24

172.16.27.0/24

172.16.26.0/24

172.16.25.0/24

AA


What Is Route Summarization?What Is Route Summarization?

• Routing protocols can summarize addresses of several networks into one address

I can route to the 172.16.0.0/16 network.

Routing Table172.16.0.0/16

BB

Routing Table172.16.25.0/24172.16.26.0/24172.16.27.0/24

172.16.27.0/24

172.16.26.0/24

172.16.25.0/24

AA


Summarizing Addresses in a VLSM-Designed Network

Summarizing Addresses in a VLSM-Designed Network

CorporateNetwork

172.16.0.0/16

172.16.64.0/20

172.16.128.0/20

172.16.32.64/26

172.16.32.0/24

172.16.128.0/20

172.16.32.128/26

AA

BB

CC

DD172.16.64.0/20


Route Summarization with VLSM

Route Summarization with VLSM


Summarizing within an OctetSummarizing within an Octet

172.16.168.0/24 = 10101100 . 00010000 . 10101 000 . 00000000

Number of Common Bits = 21Summary: 172.16.168.0/21

Noncommon Bits = 11

172.16.169.0/24 = 172 . 16 . 10101 001 . 0

172.16.170.0/24 = 172 . 16 . 10101 010 . 0

172.16.171.0/24 = 172 . 16 . 10101 011 . 0

172.16.172.0/24 = 172 . 16 . 10101 100 . 0

172.16.173.0/24 = 172 . 16 . 10101 101 . 0

172.16.174.0/24 = 172 . 16 . 10101 110 . 0

172.16.175.0/24 = 172 . 16 . 10101 111 . 0


Benefits of Route Summarization

Benefits of Route Summarization

Increased Stability – reduce route flap through network

Reduce Router Memory Req. – smaller route tables

Reduce Router Proc. Load – smaller table


Implementation ConsiderationsImplementation Considerations

•Multiple IP addresses must have the same highest-order bits

• Routing decisions are made based on the entire address

• Routing protocols must carry the prefix (subnet mask) length


Route Summarization Operation in Cisco Routers

Route Summarization Operation in Cisco Routers

• Supports host-specific routes, blocks of networks, default routes

• Routers use the longest match

172.16.5.33 /32 Host172.16.5.32 /27 Subnet172.16.5.0 /24 Network172.16.0.0 /16 Block of Networks0.0.0.0 /0 Default

172.16.5.33 /32 Host172.16.5.32 /27 Subnet172.16.5.0 /24 Network172.16.0.0 /16 Block of Networks0.0.0.0 /0 Default


172.16.5.0255.255.255.0

192.168.14.16255.255.255.240

172.16.6.0255.255.255.0

Summarizing Routes in a Discontiguous Network

Summarizing Routes in a Discontiguous Network

• RIPv1 and IGRP do not advertise subnets, and therefore cannot support discontiguous subnets

• OSPF, EIGRP, and RIPv2 can advertise subnets, and therefore can support discontiguous subnets

AA BBCC

RIPv1 Will Advertise Network 172.16.0.0 RIPv1 Will Advertise

Network 172.16.0.0


172.16.5.0/24

172.16.7.0/24

192.168.14.16255.255.255.240

Be Careful When Summarizing Routes

Be Careful When Summarizing Routes

• EIGRP on both Router A and Router B advertise a summarized route to 172.16.0.0/16

• Router C receives two routes to 172.16.0.0/16

• Router A (or B or both) should be configured to not summarize

EIGRP Advertises 172.16.0.0/16 EIGRP Advertises

172.16.0.0/16

172.16.6.0/24

172.16.9.0/24AA BBCC


Route Summarization Overview

Route Summarization Overview

•Synonymous with aggregation or supernetting

•Minimizes routing table entries

•Isolates topology changes from other routers

•Summary of MSB to LSB

•Most effective when network addresses are contiguous

•Most effective when network addressing uses VLSM and is hierarchical

•Common bits determined from MSB to LSB

•Can occur at each layer of a scalable network


Questions?Questions?

Date post:	25-Dec-2015
Category:	Documents
Upload:	theresa-blake
View:	230 times
Download:	1 times

© 2000, Cisco Systems, Inc. 3-1 Network Address Conservation Subnetting, VLSM, NAT & RFC1918.

Documents