Cisco ITP in eServGlobal IN

IP Overview and Sub-netting

PS and Support Internal Training

Diegem
Imro Landveld
Implementation Practice

29 August 2006

2006 eServGlobal Ltd

Introduction to IP: History

1954: US starts SAGE program to deploy air defence system

1957: Soviets launch first satellite into orbit fears of space
based nuclear attack
President Eisenhower launches ARPA to regain tech. lead
Information Processing Techniques Office (IPTO) designs a
network to link radar sites (24 x 250 tonne AN/FSQ-7s from IBM)
Lawrence Roberts implemented vision of J.C.R. Licklider of IPTO based on packet switching discovered by Paul Baran at RAND

ARPANET live in Oct 69 with Network Control Program

In March, 1977, there were 111 computers on the ARPANET.

On Jan 1 1983, it was replaced with V4 of the TCP/IP protocol

developed by Robert Kahn and Vinton Cerf
Run since the mid 90s as the Internet by independent bodies

IPOverview|2|2006eServGlobal

Introduction to IP: What is TCP/IP? 1/5

A suite of communications protocols:

Often TCP/IP, as the two most important (and the first) protocols
defined were: Transmission Control Protocol (TCP) and Internet
Protocol (IP)

Four Layer model, rather than the (later) OSI seven layer model

Application (Telnet, FTP, SNMP, SMTP, POP3, HTTP, DNS, RTP, SSH)

Transport (TCP, UDP, SCTP, RIP?)

Network (IP, ICMP, STP, RIP?, ARP?)

Data Link (HDLC, FDDI, SLIP, Frame Relay, PPP, Token Ring, Ethernet,
Wi-Fi, ATM, X.25, PPPoE)

Brainchild of ARPA (DARPA) and earliest used on ARPANET

Packet switched and not circuit switched (based on best effort)

IPOverview|3|2006eServGlobal

Introduction to IP: What is TCP/IP? 2/5

IP uses a 32 bit source and destination address (usually written

as something like 10.243.74.32) for each interface (not node)
In many cases, IP is encapsulated in an Ethernet packet at the
data-link layer (note the MAC or Ethernet Addresses headers)

Ethernet II, Src: 00:14:4f:22:ef:c2, Dst: 00:00:0c:07:ac:14

Internet Protocol, Src: 10.20.64.40 (UAS1), Dst: 10.19.20.120 (OSS-Prov)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 48
Identification: 0x870c (34572)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x4af5 [correct]
Source: 10.20.64.40 (UAS1)
Destination: 10.19.20.120 (OSS-Prov)
Transmission Control Protocol, Src Port: 33696 (33696), Dst Port: 3099 (3099)

IPOverview|4|2006eServGlobal

Introduction to IP: What is TCP/IP? 3/5

Based on unreliable IP (packet may be corrupted, out of order,

arrive multiple times, or be lost and/or discarded)

Higher level protocols must implement the missing reliability

Each user of IP is selected by a protocol type:

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

17

Stream Control Transmission Protocol (SCTP)

132

TCP, SCTP are reliable, if using UDP, the application layer must
implement the reliability (if it needs or wants it).

IP V4 is the only deployed version up until now (over 20 years!)

Special addresses for broadcast (to all) or multicast (a subset)

A new version with 128 bit address, called IP V6 has been slow
coming, but is required in US Govt machines from 2008

IPOverview|5|2006eServGlobal

Introduction to IP: What is TCP/IP? 4/5

Each layer is encapsulated within the lower layers

Ethernet II, Src: 00:0b:db:1e:2e:e3, Dst: 00:11:95:1b:ae:e4

Internet Protocol, Src: 192.168.29.11 (mylaptop), Dst: 213.168.76.18
TCP, Src Port: 1476 (1476), Dst Port: http (80), Seq: 569284455, Len: 1260
Source port: 1476 (1476)
Destination port: http (80)
Sequence number: 569284455
Next sequence number: 569285715
Acknowledgement number: 3484661218
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 65535
Checksum: 0xbd23 [correct]
Hypertext Transfer Protocol
GET / HTTP/1.1
Request Method: GET
Request Version: HTTP/1.1
Accept-Language: en-au
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1)
Host: www.theaustralian.news.com.au

IPOverview|6|2006eServGlobal

Introduction to IP: What is TCP/IP? 5/5

Each user of the TCP (or UDP or SCTP) protocols is identified by

the use of a registered PORT number between 0-49151

File Transfer Protocol = FTP

20, 21

TCP, UDP

Secure Shell = SSH

22

TCP, UDP

Telnet

23

TCP, UDP

Simple Mail Transfer Protocol = SMTP

25

TCP, UDP

Hyper-Text Transfer Protocol = HTTP

80

TCP

Post Office Protocol = POP3

110

TCP

MTP3 User Adaptation Sigtran = M3UA

2905

SCTP, TCP

MTP2 Peer to peer Adaptation Layer = M2PA 3565

SCTP, TCP

SCCP User Adaptation Sigtran = SUA

SCTP, TCP

IPOverview|7|2006eServGlobal

14001

Introduction to IP: Hubs, Switches and Routers 1/2

Hubs:

Any packet entering any port is broadcast out on every port

Every packet is constantly being sent out to every port on the hub

Switches:

Moves packets based on MAC address in an Ethernet (or similar) LAN

network (so called Layer 2)
Packets received in one port are sent out only to the port connected to
the destination address (or another switch with that address)
micro-segments the network and sends packets only where needed

Routing:

Routes packets based on IP address between different subnets (L.3)

Divides a network into various subnets so that only traffic destined for
an IP addresses in another subnet can pass between segments

IPOverview|8|2006eServGlobal

Introduction to IP: Hubs, Switches and Routers 2/2

Switches:

Mostly understand nothing about IP agnostic to the

communications protocol they are carrying (can be anything)

Can implement multiple instances of virtual switches (VLAN)

Layer 3 switches are routers using switching techniques (for speed)

Can be cascaded together to extend the LAN

Routing:

Deliver packets to the MAC addresses in the data link header

Delivers packets from one LAN/WAN/subnet to another based on IP

address and its routing tables

Rewrites the MAC address when it goes from one subnet to another

Some addresses are NOT routed eg 10.0.0.0/8 and 192.168.0.0/16

NAT (Network Address Translation) Router

Rewrites the IP address headers

IPOverview|9|2006eServGlobal

Intro to IP: Standard Configuration

Typical ipconfig or ifconfig and arp a

Ethernet adapter Wireless Network
Connection-specific DNS Suffix
Description . . . . . . . . . .
Physical Address. . . . . . . .
Dhcp Enabled. . . . . . . . . .
Autoconfiguration Enabled . . .
IP Address. . . . . . . . . . .
Subnet Mask . . . . . . . . . .
Default Gateway . . . . . . . .
DHCP Server . . . . . . . . . .
DNS Servers . . . . . . . . . .
Lease Obtained. . . . . . . . .
Lease Expires . . . . . . . . .

Connection:
. : nsw.bigpond.net.au
. : Dell TrueMobile WLAN Card
. : 00-90-4B-24-32-51
. : Yes
. : Yes
. : 192.10.0.3
. : 255.255.255.0
. : 192.10.0.1
. : 192.10.0.1
. : 192.10.0.1
. : 4 September 2003 00:03:47
. : 7 September 2003 00:03:47

fred%> arp a
Interface: 10.10.0.3 --- 0x2
Internet Address
Physical Address
10.10.0.1
00-30-ab-0c-47-e7
10.10.0.2
00-30-ab-0c-ea-d3
Interface: 10.10.10.4 --- 0x180003
Internet Address
Physical Address
10.10.10.10
00-10-4b-0c-d3-00

IPOverview|10|2006eServGlobal

Type
dynamic
dynamic
Type
dynamic

Introduction to IP: Important Protocols: ARP 1/2

ARP (Address Resolution Protocol)

Time

Broadcast: What MAC address is IP address xxx.yyy.zzz.123?

Local LAN/subnet only, each data link has its own sort of ARP where it is
needed (not needed in a point-to-point link)
Source

Destination

Protocol

08:09:55.7304 00:0b:db:1e:2e:e3 ff:ff:ff:ff:ff:ff

Who has 192.168.29.4? Tell 192.168.29.11

ARP

08:09:55.7309 00:80:77:82:20:18 00:0b:db:1e:2e:e3

192.168.29.4 is at 00:80:77:82:20:18
fred%> arp a
Interface: 192.168.29.11 --- 0x40003
Internet Address
Physical Address
Type
192.168.29.1
00-11-95-1b-ae-e4
dynamic
192.168.29.2
00-11-95-1c-8b-85
dynamic
192.168.29.4
00-80-77-82-20-18
dynamic
Interface: 192.168.100.4 --- 0x80003
Internet Address
Physical Address
Type
192.168.100.143
00-10-4b-0c-d3-00
dynamic

ARP

IPOverview|11|2006eServGlobal

Introduction to IP: Important Protocols: ARP 2/2

Ethernet II, Src: 00:0b:db:1e:2e:e3, Dst: ff:ff:ff:ff:ff:ff

Address Resolution Protocol (request)
Protocol type: IP (0x0800)

Hardware size: 6

Protocol size: 4

Opcode: request (0x0001)

Sender MAC address: 00:0b:db:1e:2e:e3
Sender IP address: 192.168.29.11
Target MAC address: 00:00:00:00:00:00
Target IP address: 192.168.29.4
Ethernet II, Src: 00:80:77:82:20:18, Dst: 00:0b:db:1e:2e:e3
Address Resolution Protocol (reply)
Protocol type: IP (0x0800)

Hardware size: 6

Opcode: reply (0x0002)

Sender MAC address: 00:80:77:82:20:18
Sender IP address: 192.168.29.4
Target MAC address: 00:0b:db:1e:2e:e3
Target IP address: 192.168.29.11

IPOverview|12|2006eServGlobal

Protocol size: 4

Introduction to IP: Important Protocols: Routing

RIP (Routing Information Protocol) (RIP and RIP V2)

RFC 1058 and STD 56 are the Open Standard IP RIP

RFC 1723 for RIP 2 included flexible subnet

Maintains best route to destination via Routing Tables

Routers send out routing updates

BGP, OSPF, PNNI, EGP (dynamic) and OSI IS-IS (static) routing.

Cisco IGRP and EIGRP proprietary routing protocols

HSRP (Hot Standby Routing Protocol) for router failover

An address (such as the default gateway) can be redundant

Have a virtual IP (eg 192.168.29.1) shared across two routers

One physical IP on each router (eg 192.168.29.2 and .3)

There are other equivalent systems for other uses (IPMP on Solaris is
a bit different there we have one machine with two interfaces)

IPOverview|13|2006eServGlobal

Introduction to IP: Important Protocols: DNS 1/5

DNS (Distributed Name Server)

Name IP address translation (and not HOSTS.TXT or /etc/hosts)

Internet wide distributed database invented in 1983

Defined in RFC 1034 and RFC 1035 (updated from 882, 883)

Uses cached name to IP address translations entries

IPOverview|14|2006eServGlobal

Introduction to IP: Important Protocols: DNS 2/5

DNS (Distributed Name Server)

Based on a tree or pyramid structure root servers at the top

Top Level Domain Name or TLD (e.g. .com)

Domain name (e.g. eservglobal.com) & authoritative name servers

IPOverview|15|2006eServGlobal

Introduction to IP: Important Protocols: DNS 3/5

Time

Source

Destination

Proto Info

09:06:25.797 192.168.29.11 192.168.29.1

www.breshire.com

DNS

Standard query A

09:06:26.797 192.168.29.11 192.168.25.1

www.breshire.com

DNS

Standard query A

User Datagram Protocol, Src Port: 1090 (1090), Dst Port: domain (53)
Domain Name System (query)

Flags: 0x0100 (Standard query)

Questions: 1
Queries
www.breshire.com: type A, class IN
Name: www.breshire.com
Type: A (Host address)

IPOverview|16|2006eServGlobal

Introduction to IP: Important Protocols: DNS 4/5

09:06:28.849 192.168.25.1

192.168.29.11

DNS Response A 202.59.1.200

www.breshire.com: type A, class IN

Name: www.breshire.com
Type: A (Host address)
Class: IN (0x0001)
Answers
www.breshire.com: type CNAME, class IN, cname brewarrina.nsw.gov.au
brewarrina.nsw.gov.au: type CNAME, class IN, cname localeweb.nsw.gov.au
localeweb.nsw.gov.au: type A, class IN, addr 202.59.1.200
Authoritative nameservers
localeweb.nsw.gov.au: type NS, class IN, ns ns1.socialchange.net.au
localeweb.nsw.gov.au: type NS, class IN, ns ns2.socialchange.net.au
Additional records
ns1.socialchange.net.au: type A, class IN, addr 210.8.215.33
ns2.socialchange.net.au: type A, class IN, addr 203.202.1.202

IPOverview|17|2006eServGlobal

Introduction to IP: Important Protocols: DNS 5/5

www.breshire.com A record at g.root-servers.net [192.112.36.4]:
Got referral to D.GTLD-SERVERS.NET. (zone: com.) [took 39 ms]
www.breshire.com A record at D.GTLD-SERVERS.NET. [192.31.80.30]:
Got referral to ns1.tpgi.com.au. (zone: breshire.com.) [took 138 ms]
www.breshire.com A record at ns1.tpgi.com.au. [203.12.160.40]:
Got CNAME of brewarrina.nsw.gov.au. and referral to SEC3.APNIC.NET.
brewarrina.nsw.gov.au A record at m.root-servers.net [202.12.27.33]:
Got referral to AUNIC.AUNIC.NET. (zone: au.) [took 81 ms]
brewarrina.nsw.gov.au A record at AUNIC.AUNIC.NET. [203.29.5.1]:
Got referral to ns2.socialchange.net.au. (zone: nsw.gov.au.) [took 255 ms]
brewarrina.nsw.gov.au A record at ns2.socialchange.net.au. [203.202.1.202]:
Got CNAME of localeweb.nsw.gov.au. and referral to ns2.socialchange.net.au.
localeweb.nsw.gov.au A record at l.root-servers.net [198.32.64.12]:
Got referral to AUDNS.OPTUS.NET. (zone: au.) [took 75 ms]
localeweb.nsw.gov.au A record at AUDNS.OPTUS.NET. [211.29.133.32]:
Got referral to box2.aunic.net. (zone: nsw.gov.au.) [took 236 ms]
localeweb.nsw.gov.au A record at box2.aunic.net. [203.29.5.1]:
Got referral to ns2.socialchange.net.au. (zone: nsw.gov.au.) [took 252 ms]
localeweb.nsw.gov.au A record at ns2.socialchange.net.au. [203.202.1.202]:
Reports localeweb.nsw.gov.au. [took 308 ms]
And that last name server returns: 202.59.1.200

IPOverview|18|2006eServGlobal

Introduction to IP: Important Protocols: HSRP 1/1

Time

Source

14:42:33.128 10.20.64.2
14:42:33.812 10.20.64.3

Destination

Protocol

224.0.0.2
224.0.0.2

HSRP
HSRP

Info
Hello (state Standby)
Hello (state Active)

Internet Protocol, Src: 10.20.64.2, Dst: 224.0.0.2

User Datagram Protocol, Src Port: 1985 (1985), Dst Port: 1985 (1985)
Cisco Hot Standby Router Protocol
Version: 0
Op Code: Hello (0)
State: Standby (8)
Virtual IP Address: 10.20.64.1
Internet Protocol, Src: 10.20.64.3, Dst: 224.0.0.2
User Datagram Protocol, Src Port: 1985 (1985), Dst Port: 1985 (1985)
Cisco Hot Standby Router Protocol
Version: 0
Op Code: Hello (0)
State: Active (16)
Virtual IP Address: 10.20.64.1

IPOverview|19|2006eServGlobal

Intro to IP: Subnets and Private Addresses

Simply: How many bits of the address is host? or network?

Inside that is on my local LAN/subnet, so use ARP!!

Outside is not on my LAN, send via a route or the default gateway!!

The more bits for networks, the smaller the LAN can be (total = 32)

Generally accepted address ranges for 8, 16, 24 bit networks (called

Class A, B, C) but you can slice them up any way you want

Often specified with the number of bits used following the

network subnet, so 192.168.0/24 is the eServGlobal NZ office
Private addresses are never routed on the public Internet

10.0.0.0 to 10.255.255.255 (Class A)

172.16.0.0 to 172.31.255.255 (Class B)

192.168.0.0 to 192.168.255.255 (Class C)

They can be re-used over and over at other sites (with NAT)

IPOverview|20|2006eServGlobal

Intro to IP: Subnet Details

Hosts +2

Netmask

Netmask (binary)

% of a /24

/30

255.255.255.252

11111111.11111111.11111111.111111xx

1/64

/29

255.255.255.248

11111111.11111111.11111111.11111xxx

1/32

/28

16

255.255.255.240

11111111.11111111.11111111.1111xxxx

1/16

/27

32

255.255.255.224

11111111.11111111.11111111.111xxxxx

1/8

/26

64

255.255.255.192

11111111.11111111.11111111.11xxxxxx

1/4

/25

128

255.255.255.128

11111111.11111111.11111111.1xxxxxxx

1/2

/24

256

255.255.255.0

11111111.11111111.11111111.xxxxxxxx

/23

512

255.255.254.0

11111111.11111111.1111111x.xxxxxxxx

/22

1024

255.255.252.0

11111111.11111111.111111xx.xxxxxxxx

/21

2048

255.255.248.0

11111111.11111111.11111xxx.xxxxxxxx

/20

4096

255.255.240.0

11111111.11111111.1111xxxx.xxxxxxxx

16

/19

8192

255.255.224.0

11111111.11111111.111xxxxx.xxxxxxxx

32

/18

16384

255.255.192.0

11111111.11111111.11xxxxxx.xxxxxxxx

64

/17

32768

255.255.128.0

11111111.11111111.1xxxxxxx.xxxxxxxx

128

/16

65536

255.255.0.0

11111111.11111111. xxxxxxxx.xxxxxxxx

256

IPOverview|21|2006eServGlobal

Intro to IP: Subnet 27 bits

We are robbing 3 bits for a /27 subnet, therefore, 8 possible subnets

Network mask for /27 is 27 bits, so the mask is:

11111111

11111111

11111111

111 00000

Network Mask is 255.255.255.224 (224 = 128 + 64 + 32)

You do not need to learn this, just understand what is happening

Put subnet and 224 into google and stand back

0 0 0 0 0 is usually not used and called the network name

1 1 1 1 1 is usually used as broadcast to all stations on that network
Network #

IP Range

Broad

Network #

IP Range

Broad

11.1.2.0/27

.1-.30

.31

11.1.2.32/27

.33-.62

.63

11.1.2.64/27

.65-.94

.95

11.1.2.96/27

.97-.126

.127

11.1.2.128/27

.129-.158

.159

11.1.2.160/27

.161-.190

.191

11.1.2.192/27

.193-.222

.223

11.1.2.224/27

.225-.254

.255

IPOverview|22|2006eServGlobal

Intro to IP: ARP versus Routing

Simply: How many bits of the address is for network? or host?

Inside that is on my local LAN/subnet, so use ARP!!

Outside is not on my LAN, send via a route or the default gateway!!

My subnet is /25 = 255.255.255.128

11111111.11111111.11111111.10001011
Source address is 192.168.29.11

11000000.10101000.00011101.00001011
Destination address is 192.168.40.123

11000000.10101000.00101000.01111011

= ROUTE!!

Destination address is 192.168.29.13

11000000.10101000.00011101.00001101

= USE ARP!!

Destination address is 192.168.29.130

11000000.10101000.00011101.10000010

IPOverview|23|2006eServGlobal

= ROUTE!!

Intro to IP: Simple Routing

Do I have a path for a network with the same network ID?

Sets the next hop on the path to the destination address!

It can be static (i.e. configured) or dynamic (using RIP, etc)

Does NOT change the IP address, but probably the MAC (ARP!)
Source address of packet is 192.168.29.11
Route for 192.168.29.0/25

= send via 192.168.29.1

Route for 192.168.29.128/25

= send to 192.168.100.1 (must be connected)

Route for 192.168.30.0/24

= send to 192.168.200.1 (must be connected)

Route for everything else default

= send to 192.168.300.1 (must be connected)

192.168.200.x

192.168.100.y

192.168.200.1

192.168.100.1

192.168.300.1

192.168.29.11
4

192.168.300.z

192.168.29.1

IPOverview|24|2006eServGlobal

Intro to IP: Allocating Addresses in a Subnet

This is one way (by convention) of allocating addresses in a subnet.

You can lose 5 addresses (for a /27 subnet, 5 of the 32 possibilities)

.160 Subnet

.192 subnet

Address

Purpose

Address

Purpose

.160

Subnet Name

.192

Subnet Name

.161

G/W Address for the Router

.193

G/W Address for the Router

.162

Gateway Physical I/F #1

.194

Gateway Physical I/F #1

.163

Gateway Physical I/F #2

.195

Gateway Physical I/F #2

.164

Low Address

.196

Low Address

26 Total

26 Total

.190

High Address

.222

High Address

.191

Broadcast

.223

Broadcast

IPOverview|25|2006eServGlobal

Thats enough
Surely!!

IPOverview|26|2006eServGlobal