“Fundamentals of IP Networking 2017 Webinar Series”
Part 3 IP Routing and Internetworking Fundamentals
Wayne M. Pecena, CPBE, CBNE Texas A&M University
Educational Broadcast Services – KAMU Public Broadcasting
June_2017 IP_Net_Fundamentals-Part-3
“Fundamentals of IP Networking 2017 Webinar Series” Advertised Presentation Scope
Part 1- Introduction to IP Networking Standards & the Physical Layer Part 2 - Ethernet Switching Fundamentals and Implementation Part 3 - IP Routing and Internetworking Fundamentals Continuing The Fundamentals of IP Networking Series, Part 3 of the webinar series focuses upon understanding IP routing and applying concepts in practical inter-networking by exploring the foundation and protocols of Layer 3 of the OSI model. Specific topics to be covered include understanding the role of routed protocols, IP addressing (subnetting), IP routing protocol section, and the role of layer 3 protocols such as ICMP and ARP. Part 4 - Building a Segmented IP Network Focused On Performance & Security - July 25 Part 5 - Cybersecurity Fundamentals & Securing the Network - August 29
2
Today’s Outline:
• Takeaway Review From Part 2
• The Network Layer
• Layer 3 Protocols – Overview
– ICMP Focus
• Routing and the Routing Protocol – Overview
– Selection
• The IP Address – IPv4 Focus
– IPv6 Introduction
• Takeaways, References, Questions, and Maybe Some Answers
3
Part 2 - Takeaway Point Review • The Ethernet Switch is the Fundamental LAN Building Block
• VLANs Allow a Common Physical Infrastructure to Support Multiple Isolated Networks or Subnets
• Each Network, Subnet, or VLAN is a Broadcast Domain With a Unique IP Address Scheme
• Ethernet Switches Eliminate (minimize) Collision Domains
• IP Routing Must Be Used for Communications Between VLANs
• Network Traffic May Be Isolated Because of:
– Policy
– Regulations
– Security
– Performance
• An Ethernet Frame is “Tagged” to Denote VLAN Membership on a “Trunk” or “Tagged” Interface
4
Types of IP Packets on an IPv4 Network
• Unicast
– One Send Host TO One Receive Host
• Broadcast
– One Send Host TO ALL Hosts Within the Broadcast Domain (Network Subnet)
• Multicast
– One Send Host TO Specific Hosts
7
The Broadcast Domain
Red
VLAN
Green
VLANBlue
VLAN
Broadcast Domains
No Connectivity Exists Between Broadcast Domain, Networks, or Subnets!
8
Add Connectivity Between Broadcast Domains
Red
VLAN
Green
VLANBlue
VLAN
Network #1 Network #3
Network #2
GE0
FE0
GE1
GE2
Add Router
9
10
Application
Session
Presentation
Transport
Physical
Data Link
Network
Application
Session
Presentation
Transport
Physical
Data Link
Network
Physical
Data Link
Physical
Data Link
Physical
Data Link
Physical
Data Link
Physical
Data Link
Physical
Data Link
Network Network
Layer 2
Device
Layer 2
Device Layer 3
Device
IPv4 Packet – Layer 3 RFC 791
12
Version
(4)
Header
(4)
Precedence / Type
(8)
Length
(16)
Identification
(16)
Flag
(3)
Offset
(13)
Time to Live
(8)
Protocol
(8)
Header Checksum
(16)
Source IP Address
(32)
Options & Padding
(0 or 32)
Destination IP Address
(32)
Packet Payload
(Transport Layer Data)
32 bits
20
Bytes
IP Protocols (snapshot)
13
https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
ICMP Internet Control Message Protocol
• The “Tattle Tale” Protocol
• Used by Network Hosts – No User “Payload”
• Common Messages: – Destination Unreachable
– Buffer Full
– Hops or Time Exceeded (TTL)
• Common Uses: – Ping
– Traceroute
“ping” Packet Internet Groper
16
Send Host Sends ICMP “echo request”
Destination Host Receives - Replies ICMP “echo reply”
Round-Trip Times Returned
Routing • Routing is Simply the Moving Packets Between Different
Networks (Subnets or Broadcast Domains) by A “Routing” Protocol Utilizing a “Routed” Protocol by Determining the “Best Route” to the Destination Network.
• OSI Model Layer 3 Defined Inter-Networking Process
• Routing Types: – Static Routing
– Dynamic Routing
• Routing Protocol Classes: – Interior Gateway Protocol (IGP)
– Exterior Gateway Protocols (EGP)
18
Routing • Simply Sending Packets from One Network to A Destination
Network via the Best Route
• Protocol Based Operation: – Routed Protocol – Packet Structure Supporting Logical Addressing
(IPv4/6)
– Routing Protocol – Learns Routes & Routing Info Exchange (RIP, OSPF, EIGRP)
• Best Route Determined by: – IP Address Prefix Length
– Metric
– Administrative Distance
19
The Router • Router Functions:
– Learn Available Networks
– Maintain Accurate Routing Information Based (RIB) or “Routing Table”
– Translate Layer 2 Headers (where different network types)
– Prevent Loops (where redundant paths)
– Determine “Best” Packet Forwarding Path (destination network)
• Destination-Based Routing: – Packet Header Decoded – Get Destination Address
– Destination Address Lookup in Routing Table (RIB)
– Determine Egress Interface to Forward Packet To
– Re-Encapsulates Layer 2 Header Information
20
Routing Types • Static Routing
– Appropriate for Small & Simple Networks – Minimal Router CPU/Memory – No Routing Update Overhead – Appropriate for Stable Networks – Often Used in “Stub” Networks – Human Intervention / Administration Required Yy
• Dynamic Routing – Appropriate for Changing Topology Environments
– Automatically Adapts to Changes
– Desirable When Multiple Paths Exist
– More Scalable
– Hardware More Complex
– Less Configuration Error Prone
21
Dynamic Routing Categories
• Distance Vector Routing Protocol
– Periodic Routing Table Updates
– Each Router Receives Updates Neighbors (Trust)
– “Distance” Used as a Metric
• Link State Routing Protocol
– Routing Table Updates As Changes Occur
– Each Router Receives Updates From All Others
– Maintains Neighbor, Topology, & Shortest-Path Tables
– “Cost” Used as a Metric
22
Routing Metrics & Administrative Distance Determines The Best Path to Target Host
• Cost Metrics:
– Hop Count The Number of Routers in a Path
– Bandwidth Throughput (bps)
– Load Traffic Flowing Through a Router
– Delay Network Latency (distance or congestion)
– Reliability Amount of Downtime of a Network Path
• Administrative Distance
– Indicates Believability of the Route
– Utilized When Multiple Protocols Are Used
– Cab Be Used to Prefer A Certain Path When Multiple Paths Exist
– Each Routing Protocol Has a Default Administrative Distances
Smaller Metrics = Best Route
Lower Administrative Distance = More Believed
23
Hop Count May Not Be The Best Metric!
Ethernet
100 Mbps
DS-3
45 Mbps
T1
1.54 Mbps
DS-3
45 Mbps
T1
1.54 Mbps
24
The Routing Table • Each Router Maintains It’s Own Routing Information Database
(RIB) or “Routing Table”
• Routing Table Contents: – Destination Network (IP/mask)
– Next Hop Address to Destination (interface)
– Metric (+ administrative distance) • Prefix-Length
• Metric (protocol specific)
• Administrative Distance
• Route Types: – Direct Connected
– Remote Routes Destination
Network
Next Hop
AddressMetric
Simplified Routing Table
Example
25
IGP and EGP Protocols Exterior
Gateway
Protocol
Interior
Gateway
Protocol
Interior
Gateway
Protocol
IS-IS
BGP
RIP
IGRP
EIGRP
OSPF
RIP
IGRP
EIGRP
OSPF
26
Routing Protocol Choices IMHO - “Most Popular”
Interior Distance Vector
Interior Link State Exterior Path Vector
Classful RIP IGRP EGP
Classless RIP v2 EIGRP OSPF v2 IS-IS BGP v4
IPv6 RIPng EIGRP v6 OSPF v3 IS-IS v6 BGP v4
Our Focus
27
Practical Routing Protocol Choices “Common” IGP Protocols – VLSM Support
RIP v2 EIGRP (Cisco) OSPF v2
Type: Distance Vector Hybird Link-State
Metric: Hop Count Bandwidth/Delay Cost
Administrative Distance:
120 90 110
Hop Count Limit: 15 224 None
Convergence: Slow Fast Fast
Updates:
Full Table Sent Every 30 Seconds
Sent Only When Change Occurs
Sent Only When Change Occurs, But Refreshed Every 30m +Paranoia Update”
RFC Reference: RFC 1388 Proprietary RFC 2328
28
IP Addressing “Rules”
• Each Network MUST Have a Unique Network ID
• Each Host MUST Have a Unique Host ID
• Every IP Address MUST Have a Subnet Mask – Implied for a Classful Network
– Explicit Stated for Classless Network
• The First & Last IP Address of a Network is Not Useable!
• Public Address Space: – Routable Over Global Internet
– Allocation Governed By IANA – Internet Assigned Number Authority
• Private Address Space: – Freely Assignable (network, organization)
– Can Never Be Routed Over Global Internet
30
The IPv4 Address • 32 Bit Binary Address and 32 Bit Binary Mask
• 232 Yields 4,294,967,296 Addresses
• 32 Bits Divided Into Four (4) Octets or Bytes
• Expressed in “Dotted Decimal” Notation
192
32 bit IP Address
1100000010101000110010011111110
168 100 254
11000000 10101000 1100100 11111110
Octet 1 Octet 2 Octet 3 Octet 4
4 Bytes
192.168.100.25431
2-Part IPv4 Address
32
192
32 bit IP Address
1100000010101000110010011111110
168 100 254
11000000 10101000 1100100 11111110
Subnet
Mask
Determines
Network
Address
Host
Address
Octet 1 Octet 2 Octet 3 Octet 4
4 Bytes
IPv4 Address Classes
33
NETWORK HOST HOST HOST
NETWORKNETWORK
NETWORKNETWORKNETWORK
HOSTHOST
HOST
Class A
Class D
Class C
Class E
Class B
Experimental
Multicast
32 bits
8 bits 8 bits8 bits8 bits
IPv4 “Default” Mask
34
NETWORK HOST HOST HOST
NETWORKNETWORK
NETWORKNETWORKNETWORK
HOSTHOST
HOST
Class A
Class C
Class B
8 bits
16 bits
Default Mask: 255.0.0.0
Default Mask: 255.255.255.0
Default Mask: 255.255.0.0
24 bits
16 bits
8 bits24 bits
Classful IPv4 Addressing 1 - 127 128 - 191 192 - 223First Octet Range
Default Mask
Host Bits
Network Bits
Available Hosts/Network
Available Networks
Network Range
Class B Class C
1.0.0.0 – 127.0.0.0
126
16,777,214
8
24
255.0.0.0
128.0.0.0 – 191.255.0.0
16,384
65,534
16
16
255.255.0.0
192.0.0.0 – 223.255.255.0
2,097,152
254
24
8
255.255.255.0
35
VLSM RFC 1009
• Variable Length Subnet Masking (VLSM)
– Host Addressing & Routing Inside a Routing Domain
– Allowed “Classless” Subnetting • Mask Information is Explicit – Must Be Specified
– Allows More Efficient Use of Address Space – Taylor Address Space to Fit Network Needs
– Allows You to Subnet a Subnet • Subnetting “Borrows” Host Bits to Create More Networks
VLSM
Allows Mask
To Be Moved 36
VLSM • Allows Mask to Be Determined on a “Bit Basis”
– Remember: Classful Addressing Specified Network/Host Boundary
– Classless Addressing Allows Network/Host Boundary to Be Specified at an Individual Bit
Octet 1 Octet 2 Octet 3 Octet 4
Octet 1 Octet 2 Octet 3 Octet 4
A B C
19 Subnet Mask Bits = 255.255.224.0
Network Host
Network Host
37
CIDR
RFC 1517, 1518, 1519, 1520
• Classless Interdomain Routing (CIDR)
– Class System No Longer Applies
– Routing Between Routing Domains
– Allows “Supernets” To Be Created
• Combining a Group of Class C Addresses Into a Single Block
– CIDR Notation (slanted notation): 192.168.100.254 /19
Mask:
11111111.11111111.11100000.00000000
255.255.224.0
38
IPv4 Address Mask Possible Formats
39
Classful Addressing: 192.168.100.254 (Implied Mask 255.255.255.0) VLSM Addressing: 192.168.100.254 255.255.224.0 (Explicit Mask 255.255.224.0 CIDR Notation : 192.168.100.254 /19
Number of Mask Bits
1 1 1
IPv4 Address Subnet Mask Example “VLSM” - Each IP Address Must Have a Subnet Mask to Define the Network and the Host
32 Bit Subnet Mask
Expressed in Decimal as (4) 8-bit Octets using “Doted Decimal Notation”
IP Address: 192.168.100.254 /19
192.168.100.254 /19 or 255.255.224.0
11000000.10101000.00000001.01100100
11111111.11111111.11100000.00000000Network Host
40
The First & Last IP Address of a Network is Not Useable! • The First Address = Network Address
• The Last Address = Broadcast Address
126 “Useable”
Hosts
/25
62 “Useable”
Hosts
30 “Useable”
Hosts
/26 /27
Network Address
Broadcast Address
Network Address Network Address
Broadcast Address
Broadcast Address
12
8 IP
Ad
dre
sses
32
IP A
dd
ress
es
64
IP A
dd
ress
es
Gateway Address
Gateway Address
43
Private IPv4 Address Space • RFC 1918 Established “Private” Address Space
– Class A: 10.0.0.0 to 10.255.255.255
– Class B: 172.16.0.0 to 172.31.255.255
– Class C: 192.168.0.0 to 192.168.255.255
• Private Address Space or “1918 Space”: – Private IP Address Space Is NOT Routable to the Global Internet
– Widely Used: • Hide Host IP Address “Security by Obscurity”
• Minimize Public IP Use
– May Be Translated With Network Address Translation (NAT) Techniques: • One-One Network Address Translation (NAT) – Static & Dynamic
• Many-One Port Address Translation (PAT)
44
Network Address Translation – NAT RFC 3022
Inside
Network
(private)
Outside
Network
RFC 1918
Addressed Hosts
Public
Address
Space
(Usually)
Gateway Router
w/ NAT Services
• NAT Allows a Host Without a Valid Public IP Address to Communicate With a Host That Has a Public IP Address by Simply Changing the IP Addresses as Packet Passes Through the NAT Device
• Why Use?
– Conserve Public IPv4 Address Space
– Security by Obscurity (hide actual host IP address) - “Questionable Value”
• NAT Types:
– Static – One-to-One Translation
– Dynamic – Pool of Public Addresses Made Available to Outbound Traffic Client Traffic
– NAT Overloading or Port Address Translation (PAT) – Translates to a Single Public IP by Use of a Unique Port Number
45
Special Use “Reserved” IPv4 Address Space RFC 5735
• 0.0.0.0/8 Network Address “This Network or Wire Address”
• 10.0.0.0/8 Private IP Address Space (RFC 1918)
• 127.0.0.0/8 Loopback Address
• 169.254.0.0/16 IETF Zero Configuration Address Space (RFC 3927) Automatic Private IP Addressing (APIPA)
• 172.16.0.0/16 Private IP Address Space (RFC 1918)
• 192.168.0.0/16 Private IP Address Space (RFC 1918)
• 224.0.0.0/4 Multicast Address Space
• 240.0.0.0/4 Experimental Address Space
• 255.255.255.255/32 Broadcast Address
Yields About 3.7 Billion “Useable” IPv4 Addresses
46
The IPv4 “Loop Back” Address
• What is Special About 127.0.0.1 ?
– Known as a “Loop-Back” Address
– Actually Any 127.0.0.0/8 Address Works OR the Range of 127.0.0.1 to 127.255.255.255
• Useful For to Test Local IP Stack and Network Adapter
47
IPv4 Address Depletion • As of February 2011 ALL ICANN IPv4 Address Space Assigned!
• Regional Registries Now Have Their Last Allocation!
http://www.potaroo.net/tools/ipv4/plotend.png
Updated:
7/18/17
49
“An Opportunity to Re-Engineer IPv4”
• Increased IP Address Space
• Header Simplification for Performance Increase
• Improved Authentication and Security
• Host Auto-Configuration
• Mobility Incorporated
50
IPv6 Address Space IETF - RFC 2460
IPv6 Provides Expanded IP Address Space
2128 =
340,282,366,920,938,463,463,374,607,431,768,211,456 (>three hundred forty UNDECILLION addresses)
3.4 x 1038
51
The IPv6 Address
128-Bit Address Binary Format: 001001100000011110111000000000001111101010100000000000110010000110010101100110001000011110111100010010000010100011110001
52
Remember, a subnet mask is needed: CIDR format utilized:
2607:b800:faa:3:2195:9887:bc48:28f1 /64
Convert Each 16-bit Group to Hexadecimal: (separate with a colon)
2607:b800:0faa:0003:2195:9887:bc48:28f1
Subdivide Into Eight (8) 16-bit Groups: 0010011000000111 1011100000000000 0000111110101010 0000000000000011 0010000110010101 1001100010000111 1011110001001000 0010100011110001
Address Summarization 128-Bit Address Represented as a 32 Hexadecimal Digits
Subdivided Into Eight Groups (Fields, Chunks, Quads, Quartets) of Four Hexadecimal Digits
(separated by colon)
2001:0000:0000:0000:0DB8:8000:200C:417A or
2001:0:0:0:DB8:8000:200C:417A or
2001::DB8:8000:200C:417A
53 53
IPv6 Summarization Rules:
Delete Leading Zeros in Each Quad (or chunk or quartet) Replace Consecutive Zeros with “::” (but only once)
Version
(4)
Traffic Class
(8)
Flow Label
(20)
Payload Length
(16)
Source IP Address
(128)
Destination IP Address
(128)
Packet Payload
(Transport Layer Data)
32 bits
40
Bytes
Ipv6
Hop Limit
(8)
Next Header
(8)
Version
(4)
Header
(4)
Precedence / Type
(8)
Length
(16)
Identification
(16)
Flag
(3)
Offset
(13)
Time to Live
(8)
Protocol
(8)
Header Checksum
(16)
Source IP Address
(32)
Options & Padding
(0 or 32)
Destination IP Address
(32)
Packet Payload
(Transport Layer Data)
32 bits
20
Bytes
Ipv4
IPv6 Header Simplification
Fewer Fields & Fixed Header Size Result in Faster Packet Processing Providing Enhanced Routing Efficiency
54
IPv6 Address Types
• Unicast – Single Interface – Global Unicast Address – Unique-Local Unicast Address (non-Routable or Private) – Link-Local Unicast
• Multicast – One-to Many Mapping – Multicast Groups Established
• Anycast – One-to-Nearest Mapping – Interface Exists on Multiple Hosts – Packets Are Delivered to the “Closest, Nearest, or Lowest-Cost” Interface
• Global Anycast • Site-Local Anycast • Link-Local Anycast
• No Broadcast Address
• Special Addresses: – 0:0:0:0:0:0:0:0 – Unspecified Address – 0:0:0:0:0:0:0:1 – Loopback Address
55
IPv6 Address Assignment
• Service Provider: /32 232 /64 subnets
• Large End User: /48 65,536 /64 subnets
• Small End User: /56 256 /64 subnets
• SOHO: /64 1 /64 subnet
Recognize:
a /64 IPv6 subnet = 18,446,744,073,709,552,000
hosts 56
Implementing IPv6?
IPv4
User
IPv4
only
IPv4
Based
Router
IPv4
Based
Router
IPv4
Ba
se
d N
etw
ork
NATIVE
Approach
IPv6
Ba
se
d N
etw
ork
IPv6
User
IPv6
only
IPv6
Based
Router
IPv6
Based
Router
IPv4
User
IPv4
only
IPv4
Ba
se
d N
etw
ork
IPv6 TUNNLED OVER IPv4
Approach
IPv6
User
IPv6
only
IPv4
& IP
v6
Ba
se
d N
etw
ork
DUAL - STACK
Approach
IPv6
UserIPv4
User
IPv4 & IPv6
IPv6
IPv6
IPv4 & IPv6
Based Router
IPv4 & IPv6
Based Router
IPv6 Packets
Tunneled Over
IPv4 Network
57
Want to Learn More?
IPv6 Enable Your Home Network or “Sandbox” Network
But, My Provider is Not IPv6
Enabled!
Then “Tunnel” to an IPv6 Provider:
http://www.tunnelbroker.net
59
Some Final IPv6 Trivia
What Happened to Version 5 or IPv5 of the Internet Protocol?
“IPv5 Simply Does Not Exist!” Version 5 was intentionally skipped to avoid confusion, or at least to rectify it. The problem with version 5 relates to an experimental TCP/IP protocol called the Internet Stream Protocol, Version 2, originally defined in RFC 1190. This protocol was originally seen by some as being a peer of IP at the Internet Layer in the TCP/IP architecture and these packets were assigned IP version 5 to differentiate them from “normal” IPv4 packets. This protocol never went anywhere, but to be absolutely sure that there would be no confusion, version 5 was skipped over in favor of version 6.”
62
64
https://www.google.com/intl/en/ipv6/statistics.html
Vinton Cerf “One of the Fathers of the Internet”
"Who the hell knew how much address space we needed for an experiment?“ “The experiment has not ended”
“Vint” Cerf comments on his & colleagues 1977 decision to use 32-bit IP Numbers
65
Takeaway Points
• The Network Layer – Focus Upon Packet Delivery to a Network – IP Routing Protocol – IP Address Contains Network Address
• IP Routing Protocols – Internal – External – Best Protocol = Best Fit for Your Network Environment
• IP Addressing Rules Must Be Obeyed: – Each Network MUST Have a Unique Network ID – Each Host MUST Have a Unique Host ID – Every IP Address MUST Have a Subnet Mask – An IP Address Must Be Unique Globally If Host on the Public Internet – The First & Last IP Address of a Network is Not Useable!
• VLSM Widely Used Today – Subnet Mask Explicated Stated (CIDR notation) • “Public” IPv4 Address Space is Limited • IPv6 Provides Expanded Address Space + IP Re-Engineering • IPv6 is NOT Backward Compatible With IPv4 (but Migration Friendly) • Future - IPv6: A Must to Add Hosts to the Internet – Restores Host-Host
Communications That IP is Based Upon
67
Packet Flow Through Network
00:06:5B:01:02:03
192.168.1.101
00:06:5B:11:22:33
192.168.1.104
00:00:0C:C1:00:01
192.168.1.102
00:00:0C:C1:00:30
192.168.1.103
00:00:0C:C1:00:20
192.168.100.102
00:00:0C:C1:00:10
192.168.100.101
Destination MAC
00:00:0C:C1:00:20
Source MAC
00:00:0C:C1:00:10
Source IP
192.168.1.101
Destination IP
192.168.1.104 DATAP
R
E
C
R
C
T
Y
P
E
Destination MAC
00:00:0C:C1:00:01
Source MAC
00:06:5B:01:02:03
Source IP
192.168.1.101
Destination IP
192.168.1.104 DATAP
R
E
C
R
C
T
Y
P
E
Destination MAC
00:06:5B:11:22:33
Source MAC
00:00:0C:C1:00:30
Source IP
192.168.1.101
Destination IP
192.168.1.104 DATAP
R
E
C
R
C
T
Y
P
E
HOST A HOST B
IP Address Does Not Change As Packet
Passes Through the Network (except if NAT is involved)
68
Thank You for Attending!
Wayne M. Pecena [email protected]
979.845.5662
72
Don’t Miss: Part 4 - Building a Segmented IP Network Focused On Performance & Security-
July 25, 2017