CCST Networking 100-150 Official Cert Guide PDF

Chat with Document Download

Document Details

WellEstablishedInspiration

Uploaded by WellEstablishedInspiration

Tags

ccst networking IPv6 IP addressing computer networks

Related

Summary

This is a chapter from the Cisco Certified Support Technician (CCST) Networking 100-150 Official Cert Guide. It covers topics such as IPv6 addresses, IP address space, address assignments, and network address translation (NAT). It includes multiple choice practice questions.

Full Transcript

24 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide 6. What is the size and format of an IPv6 address? a. 32 bits, written as four decimal numbers b. 64 bits, written as four hexadecimal numbers...

24 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide 6. What is the size and format of an IPv6 address? a. 32 bits, written as four decimal numbers b. 64 bits, written as four hexadecimal numbers c. 48 bits, written in groups of hexadecimal numbers d. 128 bits, written in groups of hexadecimal numbers 7. What is publicly routable IP address space? a. Addresses that can be used by any network b. Well-known addresses c. Addresses that can be routed on the global Internet d. Addresses used by public entities, like governments 8. What is a well-known port? a. A physical port on a host or network device that is easy to identify b. Port assigned through standardization to an individual application c. The most commonly used port on a network device d. The primary service port through which a host is connected 9. What do most Network Address Translation implementations modify? a. The source address b. The destination address c. The source address and source port number d. The destination address and destination port number Foundation Topics Address Scope An address has two different kinds of scope: Who should receive and process the packet Where the packet should be sent Each of these will be considered in the following sections. Receiver Set The first kind of scope might be called the audience or receiver set. The recipients of a packet can be Unicast: One individual host should receive and process this packet. Multicast: A group of hosts should receive and process this packet. Broadcast: Every host within a given part of the network should receive and process this packet. Anycast: The closest host with a given service should receive and process this packet. Chapter 2: Addresses 25 Each of these four scopes can be illustrated using a room full of people. Starting a conversation with one person is unicast: you are talking to one other person. It does not matter if a lot of people can hear the conversation. Even if you are sitting on a stage at the front of the room so everyone can hear the conversation, your words are intended for the one person you are talking to. 2 Telling a story to a group of friends within the larger group, you are using multicast. Every- one in the room might be able to hear you, but your story is intended for a small group within the larger group. If you stand on a stage or yell “fire,” you probably mean for everyone in the room to hear what you have to say. This is a broadcast; everyone in the room should hear and act on what you are saying. Broadcast does not mean “everyone in the world.” It means “everyone who is in this local area.” The scope of a broadcast could be an entire city, region, or even the entire world, but information intended for everyone within a single room is still a broadcast. While unicast, multicast, and broadcast are generally intuitive, anycast is a bit harder. If your friend collapses while you are talking to them, you might shout out: “My friend needs help! Is anyone a doctor?” The anycast is like a broadcast in this situation because everyone in the room can hear your cry for help. Once someone answers your cry, however, the conversation between you and that person is unicast, or the conversation between the various people trying to help your friend is multicast. Anycast always has these two attributes: You are looking for a service instead of a specific person (or host in the case of a net- work). You are looking for a doctor rather than a specific person. Once you have found the service, person, or host, the conversation becomes unicast. Anycast in networks operates a little differently than in the real world because of the physi- cal nature of the network in this one way: the initial packet that sets up the following unicast conversation is sometimes directed to the closest instance of a service rather than being broadcast. We’ll discuss this difference more fully when we discuss routing in the next chapter. The format of the address does not always determine its scope; sometimes you can tell the differences between unicast, multicast, broadcast, and anycast addresses; sometimes you cannot. Topological Reach The second kind of scope is topological. The network topology is like the geography of the real world, but they don’t always match. Figure 2-1 illustrates. Houses A, B, and C are located on two different islands. A and B use the same service pro- vider, which has an underwater cable connecting the two islands; when A sends a packet to B, it travels through this underwater cable. On the other hand, B and C have chosen to use different service providers. These two service providers do not have a physical cable con- necting them because of a chain of mountains running down the center of the island, but rather only communicate via a satellite connection. 26 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide A B C Figure 2-1 Topological Distance A and B can be said to be physically distant but topologically close; B and C can be said to be physically close but topologically distant. Topological distance relates to the distance packets travel rather than the distance between two points. Just as with physical addresses, network addresses can describe anything from a host to a topological region. Returning to the shipping example from the previous chapter, a package follows a portion of the address rather than the entire address during any part of its journey. Figure 2-2 illustrates. Delivery Person Truck Item (A Single Person) Region (Hundreds of thousands Street and Number to millions) Commercial (A few people) Package City (or less) (A few hundred to hundreds of thousands of people) Figure 2-2 Address Scope Moving from the gift tag to a street (or house) address means moving from one person to a small group of people. A city represents many street addresses, and a region might represent a few cities. We can say the street address is an abstraction of the people who live there—it isn’t the real people; it just tells you where to find those people. In the same way, the city is an abstraction of all the street addresses within the city, and the region is an abstraction of the cities within the region. Abstraction is one of the most difficult concepts in computer networking to understand, but it is also one of the most important. An abstraction represents a collection of things. Figure 2-3 illustrates abstraction in relation to network addresses. Chapter 2: Addresses 27 Z C G A B D E 2 Figure 2-3 Topological Reach Hosts A, B, D, and E all have individual (interface) addresses. The network C represents, or abstracts, hosts A and B. The network G represents, or abstracts, hosts D and E. The net- work Z represents, or abstracts, networks C and G. Computer networks can have as many layers of abstraction of this kind as you like; the only logical limit is the size of the address. In practice, most computer networks have just two or three layers of abstraction. When A sends a packet toward E, the packet follows a path determined by routing to reach E. Routing will be discussed in more detail in the next chapter; for now you just need to know A’s path to E is called a route or a reachable destination. This route can be aggregated just like physical addresses can be. A may only know how to reach Z, and Z may only know how to reach G. The specific route to E may only exist within G. In other words, Z may only know of an aggregate route that contains E, but any details about E itself. This example is like knowing which city your friend lives in but not their street address. When you get into their city, you can call them so they can give you their actual physical address. There is one special reachable destination in computer networks, as well—the default route. Host A may not know how to reach E; it just knows E is somehow reachable through the network. Because A has no specific information, it can just send packets out into the net- work following the default route. When a network device sends traffic along the default route, it assumes some other device will know more about how to reach the destination. This explanation all sounds very complicated; let’s simplify by classifying addresses into four groups based on their topological reach: Within this segment or broadcast domain: The segment is sometimes also called on this wire. Any host that receives a broadcast packet sent by this host is considered “on the same wire” as the local host. In real-world terms, this is like everyone in the room where you are speaking loudly enough for everyone to hear. People in other rooms are not going to hear you, so they are not within your broadcast domain. On this network: This address belongs to a host that is not physically connected to the same wire but is connected someplace within the same network I am connected to. On another network: This address belongs to a group of addresses representing some other physical network. I am not connected to that network, but I do know what 28 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide direction to go to reach that group of networks, and I assume some device within that group of networks will know how to deliver my packets to the destination host. Out there “somewhere”: This is the default route. This host exists, but I have no idea what network it is connected to or how to reach it. Physical Addresses As the first chapter noted, physical addresses originally represented a single physical interface on a host or other network device. As computing power increased, developers built several virtual computers, or virtual machines (VMs), on top of a single physical computer. These VMs needed their own physical addresses so they could send and receive network frames, so virtual interfaces were created. The idea of a virtual interface, once invented, was applied to many other problems; virtual interfaces are now ubiquitous in computer networks. NOTE VMs were originally developed to allow many different users to time-share on a single large-scale computer, such as a mainframe or minicomputer. Developers transferred the idea of VMs from these larger computers to smaller computers (microcomputers, which we call desktop computers today) to build sandboxes and emulators. To play an arcade game on a computer, you need an emulator, which is essentially a VM. If you want to test code to make certain it does not contain a virus, running it in a sandbox, another kind of VM, is a good idea. The term mainframe originated in the telephone industry. Engineers constructed large frames to hold the massive wiring, crossbar switches, and Strowger switches, required to build a telephone exchange. The frame at the center of a region was called the main frame and housed in the central office. Smaller frames called building distribution frames (BDFs) might be placed in larger buildings as well. The first large-scale computers relied on massive wiring and hence were built using frames like those used in building telephone networks; hence, the term mainframe bled over from the telephone to the computing world. There are many kinds of physical hardware addresses, but the most common is the Institute of Electrical and Electronics Engineers (IEEE) EUI-48 format, illustrated in Figure 2-4. OUI interface specific octet 1 octet 2 octet 3 o ctet 4 octet 5 octet 6 0: globally unique 0: unicast 1: locally unique 1: multicast Figure 2-4 The EUI-48 Address Format NOTE You might see the term MAC-48 address from time to time. MAC-48 is an older name for EUI-48; the IEEE has declared MAC-48 obsolete. Chapter 2: Addresses 29 The EUI-48 address is 48 bits or 6 octets. Each octet is encoded as a pair of hexadecimal digits and often (though not always) displayed in sections divided by dashes. NOTE Octet and byte are often used interchangeably in information technology, but they are not always the same thing. A byte is the number of bits a given processor can hold in 2 internal registers or can process at one time. In an 8-bit processor, a byte is 8 bits; in a 32-bit processor, a byte is 32 bits. An octet, on the other hand, is always exactly 8 bits. Byte, how- ever, is often used to mean exactly 8 bits, regardless of the processor. Because these terms have overlapping meaning, you might need to verify which meaning is intended. Byte almost always means a set of 8 bits in networking documentation and standards. A physical shipping address has multiple parts: recipient, house number, street name, city, region, and state. As noted in the first chapter, part describes a different geographic region. The EUI-48 address format is broken up in the same way, but rather than describing different geographic regions, each part describes something about the address. The eighth bit of the first octet is called the I/G bit. The I/G bit tells you what the scope of this address is. If the I/G bit is set to 0, this is a unicast address—an address of a single physi- cal interface. If the I/G bit is set to 1, this is the address of a group of physical interfaces, or a multicast group. Interfaces are never assigned an EUI-48 multicast address. Interfaces are programmed to lis- ten to these addresses by software; any individual host might or might not be listening to a particular multicast address. The seventh bit of the first octet is called the U/L bit. The U/L bit tells you if the address is globally or locally unique. Globally unique means just what it sounds like: no other device in existence, even in space, should have this same address. Locally unique addresses were often assigned by network administrators way back in the mists of time. The first half, or three octets, of the address, is the organizationally unique identifier (OUI). While the OUI is divided into a few different registries, the main thing you need to know is the OUI tells you who—the organization—assigned the address. If the U/L bit is set to 0, this address was assigned by the device’s manufacturer. Globally unique numbers are globally unique because each manufacturer is given a block of addresses. Manufacturers assign a number from their pool of addresses to each device they build. So long as these manufacturers assign each number in their pool to precisely one device, every device made will have a unique address. NOTE Could we run out of EUI-48 addresses? In theory, yes, but it does not seem likely any time soon. Even with the two reserved—U/L and I/G—bits removed from the calcula- tion, the EUI-48 address space has some 70 trillion possible addresses. If we do reach the end of the EUI-48 address space, it is possible to recycle older addresses, because devices generally have some expected lifetime. Most devices will be thrown away within 10 or 15 years of being manufactured. 30 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide Because the I/G and U/L bits are placed at the end of the first octet, you can always tell what kind of EUI-48 address you are working with by looking at the last digit of the first octet: If the first octet ends in a 0, 4, 8, or C, this is a globally unique unicast address. If the first octet ends in 1, 5, 9, or D, this is a globally unique multicast address. There is a longer version of the EUI-48 address called, naturally enough, EUI-64. The EUI-64 address has the same format as an EUI-48 address, only two octets longer—or 64 bits. Internet Protocol Version 4 The physical address is just the first of (at least) three layers of addresses used in networking. The next layer up is the interface address, which describes the topological location of the host on the network. There are many kinds of interface addresses, but the two most common are Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). This section considers IPv4; the following section will consider IPv6. Back in 1966, when computer networks were just being developed, Vinton Cerf and Robert E. Kahn started working on the Transmission Control Program to transfer data. They soon realized having a single protocol to control errors, control data flow, provide the information needed to carry data through the network, and insulate host-to-host data transmission from the physical medium would be too large and inflexible. To resolve this problem, they divided the protocol into two protocols called the Transmission Control Protocol (TCP) and the Internet Protocol (IP). NOTE Chapter 14, “Network Transport,” considers IP and TCP in more detail; this section just considers IP addresses. An IPv4 address is 32 bits and is split into four decimal sections for ease of writing and reading, as shown in Figure 2-5. 198.51.100.xx octet 1 octet 2 octet 3 octet 4 11000110 00110011 01100100 xxxxxxxx Figure 2-5 IPv4 Address The IPv4 address is divided into two parts: the prefix and the subnet. The division between these two parts was originally set by the first octet of the address itself: If the first octet was between 0 and 127, the address was in the class A range. For class A addresses, the prefix is one octet (the first section of the address), and the subnet part is the remaining three octets of the address. Chapter 2: Addresses 31 If the first octet was between 128 and 191, the address was in the class B range. For class B addresses, the prefix is two octets, and the subnet part is the two remaining octets. If the first octet was between 192 and 223, the address was in the class C range. For class C addresses, the prefix is three octets, and the subnet part is the remaining octet. 2 In 1993 these address classes were replaced with Classless Interdomain Routing (CIDR). Individual IPv4 addresses are always given with a prefix length indicating the dividing point between the prefix and the subnet. NOTE You will hear the parts of the IPv4 address called many different things. The prefix is often called the network or reachable destination, and the subnet is often called the sub- network, network, or host. The host address can mean the subnet, or the individual address assigned to an interface. Some of these terms have meaning within specific historical con- texts that generally do not apply to classless IPv4 addresses. Others have overlapping—and hence confusing—meanings. To avoid confusion, the two parts of both IPv4 and IPv6 addresses will be called the prefix and subnet throughout this book. To understand the difference between the prefix and subnet, let’s go back to the four groups of addresses based on their topological reach: An interface (or host) with the same IPv4 prefix and prefix length is within the same segment or broadcast domain. An interface (host) with a different IPv4 prefix or prefix length is not in the same segment. These hosts are someplace else on this network or they are in a group of networks outside this network. From the perspective of the host, there is no way to tell the difference between addresses someplace else on this network and addresses outside this network because of aggregation, discussed in a later section of this chapter. We can define the prefix and subnet as The prefix indicates which subnet. The subnet is a group of interfaces, hosts, or subnets. The prefix length is just what it sounds like—the number of bits in the prefix. For IPv4 addresses, the prefix length can only be between 1 and 32 because there are only 32 bits in an IPv4 address. For example: 10.0.0.0/8: The first 8 bits, or the first octet, are the prefix; the remaining three octets are addresses within the subnet. The first address in the subnet is 10.0.0.0; the last address in the subnet is 10.255.255.255. 32 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide 10.1.0.0/16: The first 16 bits, or the first two octets, are the prefix; the remaining two octets are the subnet. The first address in the subnet is 10.1.0.0; the last address in the subnet is 10.1.255.255. 10.1.1.0/24: The first 24 bits, or the first three octets, are the prefix; the remaining octet is an address within the subnet. The first address in the network is 10.1.1.0; the last address in the network is 10.1.1.255. The prefix and subnet parts of the address are not always conveniently divided at a dot like the ones in these examples. For example: 192.0.2.64/27: The first 27 bits, or the first three octets and 3 of the bits in the fourth octet, are the prefix; the remaining 6 bits are addresses in the subnet. The first address in the subnet is 192.0.2.64; the last address in the subnet is 192.0.2.91. 10.128.192.0/18: The first 18 bits, or the first octet and 2 bits of the third octet, are the prefix; the remaining 14 bits are addresses in the subnet. The first address in the subnet is 10.128.192.0; the last address in the subnet is 10.128.192.255. As shown in the example of 192.0.2.64/27, an IPv4 prefix can contain 0s. In the subnet por- tion of the address, however, all 0s and all 1s addresses are considered broadcast addresses or subnet broadcast addresses. Sending a packet to either of these broadcast addresses means every host within the segment or broadcast domain should receive and process the packet. The broadcast addresses for these examples are 10.0.0.0/8: 10.0.0.0 and 10.255.255.255 10.1.0.0/16: 10.1.0.0 and 10.1.255.255 10.1.1.0/24: 10.1.1.0 and 10.1.1.255 192.0.2.64/27: 192.0.2.64 and 192.0.2.91 10.128.192.0/18: 10.128.192.0 and 10.128.255.255 The broadcast addresses are the first and last addresses in the prefix. NOTE The all 0s address, or the subnet address itself, is almost never used as a broadcast address. While you should be aware this broadcast address exists, and how to calculate it, when you see “broadcast address,” you should almost always interpret this to mean the all 1s address, or the last address in the prefix. The all 0s and all 1s addresses, 0.0.0.0 and 255.255.255.255, are also broadcast addresses. There are at least three ways to find the prefix and subnet addresses. Each section explains one of these three methods, starting from the most difficult to calculate and easiest to understand. Why Two Addresses? If every host, camera, television, and toaster already has unique physical addresses, why should we assign interface addresses as well? Chapter 2: Addresses 33 The physical address identifies the host, while the interface address describes the topologi- cal location of the host. The physical address is a permanent, fixed address every other host attached to the same physical network can use to communicate with it. The interface address, on the other hand, tells other devices where the host is connected to the network or where to send packets if they are not attached to the same physical link. Another way this might be expressed is the physical address is the address on this wire, 2 while the interface address is the host’s location on this network. The meanings of on this wire and on this network have, as with most terms in the computer network, broadened over time. Yet another way to express the difference between the physical and interface addresses is using the idea of network stack layers, a topic that will be considered in more detail in Chapter 6, “Network Models.” The physical address is commonly called a Layer 2 address, and the interface address is often called a Layer 3 address. Why not make the physical interface match the interface address? There are network systems where both the physical and interface address are the same. The Open Systems Interconnec- tion network protocol suite, which includes Connectionless Network Protocol (CLNP) and the Intermediate System to Intermediate System (IS-IS) protocols, is designed so a single manually assigned address is used for all the interface and physical addresses. On the other hand, most network protocols, such as IP, assume a host will need to discover interface addresses once it is attached to the network. If the interface address must be con- figured to create the physical address, the interface address must be configured before the host can communicate at all—not even with an automatic configuration system. Figure 2-6 illustrates the problem. Automatic configuration system must communicate with host to assign an interface address Interface address must be configured to Physical address assign physical address must exist for automatic configuration system to communicate with host Figure 2-6 Address Assignment Bootstrap Problem There are many ways to solve this bootstrap problem, but the simplest is to make certain the physical address of each device attached to a network is globally unique. Why not make the interface address match the physical address? Because the interface address is topological, it must also be hierarchical. Rather than being a single flat address 34 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide space, there must be something like the equivalent of a street number, street name, city, etc., so the address can be aggregated or summarized. Without some form of aggregation, the address of every host in the world would need to be known to every other host in the world—a completely unworkable situation. Instead, just like in physical shipping, a packet is carried toward its destination in stages, with different parts of the interface address used at different places. What an IP Address Represents Throughout most of the computer networking world, the host and interface addresses are used interchangeably, but they are not really the same thing. In fact, host addresses do not exist in IP networks: Each host on an interface has an independent IP address. Each interface is (generally) on a separate segment or in a different broadcast domain. Many protocols and applications will use one of the available IP addresses as a unique iden- tifier. Hosts with only one interface will have only one interface address, and that interface address may be used to identify the host. When you read or hear the term host address in an IP networking context, it is probably describing an interface address. Calculating Prefixes and Subnets Using Subnet Masks The earliest use of IPv4 addresses relied on the subnet mask rather than the prefix length to differentiate the prefix from the subnet address. Figure 2-7 illustrates. A 198.51.100.70/26 B 11000110 00110011 01100100 01000110 C 11111111 11111111 11111111 11000000 logical AND D 11000110 00110011 01100100 01000000 E 198.51.100.64 Figure 2-7 The Subnet Mask An IPv4 address and prefix length are shown on A in Figure 2-7. B is this same IPv4 address translated to four binary octets. C is 32 binary digits laid out as four octets, just like A. In C, the number of 1s, starting at the left, is given by the prefix length, so there are twenty-six 1s, leaving six 0s. The 1s are the network part of the address or prefix; the 0s are the subnet part of the address. Chapter 2: Addresses 35 To find the prefix, use a Boolean logical AND, setting the digit in the result, D, to 1 when the digits in both B and C are 1, and setting the digit in D to 0 if the two digits do not match. The resulting four octets in D are converted to a standard decimal IPv4 address. The prefix—and the network address—in this example is 198.51.100.64. Seeing the address laid out in binary helps make more sense of the meaning of all the 1s and 2 all the 0s broadcast addresses. If we set the entire subnet portion of the address to 0s, the resulting IPv4 address is 198.51.100.64. This is not only the prefix but also the first of the two broadcast addresses. Setting the subnet portion to 1s results in the last octet translating to 127, so the second broadcast address is 198.51.100.127. Calculating Prefixes and Subnets Using a Skip Chart Converting numbers to binary, running Boolean operations, and then converting them back to decimal is time-consuming; using a skip chart to calculate the prefix and broadcast addresses is much faster. Table 2-2 will be used to illustrate the process. Table 2-2 IPv4 Networks by Prefix Length Prefix Length Skip Working Octet 8 1 First 9 128 Second 10 64 Second 11 32 Second 12 16 Second 13 8 Second 14 4 Second 15 2 Second 16 1 Second 17 128 Third 18 64 Third 19 32 Third 20 16 Third 21 8 Third 22 4 Third 23 2 Third 24 1 Third 25 128 Fourth 26 64 Fourth 27 32 Fourth 28 16 Fourth 29 8 Fourth 30 4 Fourth 31 2 Fourth 36 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide Let’s use the same address—198.51.100.70/26—to calculate the prefix and broadcast address: 1. Find the prefix length by going down the left column. 2. Divide the number in the skip column next to the prefix length into the number in the working octet indicated in the third column. In this case, the skip is 64, and we are working in the fourth octet, so we divide 70 by 64. 3. Ignoring any remainder, multiply the result by the number in the skip column. In this case, 64 goes into 70 once, so we multiply 64 by 1, with a result of 64. 4. Make the working octet the result; this is the network address. In this case, the net- work address is 198.51.100.64. 5. Add the skip to the resulting number and subtract 1; this is the broadcast address. In this case, the skip minus 1 is 63, so we add 63 to 64. The result is 127, so the broad- cast address is 198.51.100.127. Using a skip chart requires a little practice, but it is much faster. If you memorize the chart, you can probably calculate IPv4 prefixes and broadcast addresses without any paper, pen, or computer. Calculating Prefixes Using Skips You do not need to memorize the chart, however, if you add one more bit of math to the process we used to calculate the prefix and broadcast address in the preceding section. To understand this method, you need to understand why the skip chart works. Figure 2-8 illustrates. A 198.51.100.70/26 B 1 1 1 1 2 2 2 4 4 4 8 8 8 16 16 16 32 32 32 64 64 64 128 128 128 Figure 2-8 Binary Places in the IPv4 Address Notice the numbers below each bit; these are the binary places, which are just like the 1s, 10s, 100s, etc., in the decimal number system everyone learns in school. If any of these change to either a 0 or 1, the entire number changes value by the amount shown below: These numbers are the powers of two from 20 to 27. Counting over the number of bits in the prefix length—26—we come to the second bit in the fourth octet, which is a 1. If this bit changes to a 0, the value of the number changes by Chapter 2: Addresses 37 64, so 64 is the skip value. Networks with a 26-bit prefix length can exist only on boundar- ies of 64—0, 64, 128, and 192—with a 26-bit prefix length. Because the 26th bit is in the fourth octet, the networks will count by 64s in the fourth octet. If you can find the correct octet from the prefix length and then figure out what the skip is, you can calculate the prefix and broadcast address without the chart. Using 198.51.100.70/26 as an example again: 2 1. Divide 8 into the prefix length; ignore the remainder and add 1. In this case, 26/8 is 3; we add 1 and find we are working in the fourth octet of the IPv4 address. 2. Multiply the working octet by 8; subtract the prefix length. In this case, 8*4 is 32, and subtracting 26 from 32 gives us 6. 3. Find the power of 2 of this number; in this case, 2^6 is 64. Find the prefix. In this case, 64 will go into 70 once, and we’re working in the fourth octet, so the prefix is 198.51.100.64. 4. Subtract 1 from the skip and add it to the prefix to find the broadcast address. In this case, the skip is 64. Subtracting 1, we get 63, and adding to 64, we get 127, so the broadcast address is 198.51.100.127. Again, this method takes some practice to remember all the steps, but it reduces the entire problem to some simple division (without remainders), multiplication, addition, and subtrac- tion. With some practice, you can use this technique to quickly find prefixes and broadcast addresses. Internet Protocol Version 6 By the 1980s, the global Internet was growing quickly enough that it became obvious more IP address space would be needed. While several schemes to resolve this problem were proposed, only two are widely deployed today: IPv6 and Network Address Translation (NAT). NOTE IPv6 is completely different than IPv4, but we are only concerned with the changes in addressing here. Other changes between IPv4 and IPv6 will be considered in Chapter 14. The term IP is used when both IPv4 and IPv6 are intended throughout this book. IPv6 was initially accepted as a draft standard by the Internet Engineering Task Force (IETF) in December 1998, and the first IPv6 addresses were allocated in July of 1999. IPv4 and IPv6 will likely co-exist in most networks for a long time. In designing IPv6, the IETF quadrupled the address space. Rather than 32 bits divided into four one octet sections, the IPv6 address is 128 bits divided into 16 sections. Each section, sometimes called a quartet, represents two octets of the address using four hexadecimal dig- its. Figure 2-9 illustrates an IPv6 address. 38 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide 2001:0db8:03e8:0000:0000:0000:0000:0101 0010 0000 0000 0001 0000 1101 1011 1000 0000 0011 1110 1000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001 0000 0001 Figure 2-9 An IPv6 Address IPv6 addresses include a prefix length to differentiate between the prefix and subnet addresses—just like IPv4—but the maximum prefix length is now /128 rather than /32. Longer addresses are more difficult to work with, but IPv6 addressing is also simplified in some ways: Individual hosts always receive a /64 address, and links between network devices normally receive a /128 address. Prefix lengths between /64 and /128 are extremely uncommon. The shortest prefix most networks will be allocated will be a /48. Larger companies and service providers may have access to address space with a prefix length as short as a /29, but most of the addresses you will be working with daily will have prefix lengths longer than /48. Any single long string of 0s can be replaced with a double colon or :: (you can use the :: only once in an address). All leading 0s are omitted. These simplifications mean you will mostly work with addresses with prefix lengths between a /48 and a /64, or about 16 possible lengths. Much like IPv4 addresses, the simplest way to work with IPv6 prefix lengths—if you insist on working with IPv6 addresses by hand—is by using skips, as shown in Table 2-3. Table 2-3 IPv6 Address Skips PL Skips in the Fourth Section Examples 49 By eights in the first digit 0, 8 50 By fours in the first digit 0, 4, 8, c 51 By twos in the first digit 0, 2, 4, 6, 8, a, c, e 52 By ones in the first digit 0, 1, 2 … c, d, e, f 53 By eights in the second digit 00, 08, 10, 18 … e0, e8, f0, f8 54 By fours in the second digit 00, 04, 08, 0c … f0, f4, f8, fc 55 By twos in the second digit 00, 02, 04, 06, 08, 0a, 0c … f0, f2, f4, f6, f8, fa, fc 56 By ones in the second digit 00, 01, 02, 03, 04 … f0, f1, f2, f3, f4 … Chapter 2: Addresses 39 PL Skips in the Fourth Section Examples 57 By eights in the third digit 000, 008, 010, 018 … f00, f08, f10, f18, f20 … 58 By fours in the third digit 000, 004, 008, 00c, 010, 014, 018 … 59 By twos in the third digit 000, 002, 004, 006, 008, 00a, 00c, 010, 012 … 60 By ones in the third digit 000, 001, 002, 003 … 2 61 By eights in the fourth digit 0000, 0008, 0010, 0018 … 62 By fours in the fourth digit 0000, 0004, 0008, 000c, 0010, 0014, 0018, 001c … 63 By twos in the fourth digit 0000, 0002, 0004, 0006, 0008, 000a, 000c, 0010 … 64 By ones in the fourth digit 0000, 0001, 0002, 0003, 0004, 0005, 0006 … For instance, for 2001:db8:3e8::/48 prefix: You can create two /49 subnets, 2001:db8:3e8::/49 and 2001:db8:3e8:8000::/49. You can create four /50 subnets, 2001:db8:3e8::/50, 2001:db8:3e8:4000::/50, 2001:db8:3e8:8000::/50, and 2001:db8:3e8:c000::/50. 2001:db8:3e8:500::/54 is not a valid prefix; you count by fours in the second digit for /54s, and 5 is not a multiple of 4. Just like in IPv4, the first and last address of the subnet are broadcast addresses. Three further points: After working with IPv6 addresses for a while, you will probably recognize common prefix lengths and where their prefixes begin and end. Most network operators carefully plan their addressing so only a few prefix lengths are used; this simplifies becoming familiar with them and makes spotting mistakes easy. While working with IPv6 addresses, you should use a subnet calculator and/or cheat sheet to prevent mistakes. Aggregation A physical address has different amounts of detail in its different parts: the street number indicates an individual house, the street indicates a street with many houses, and the city indicates a geographic area with hundreds (or thousands) of streets and thousands (or mil- lions) of individuals. Each level of detail is used at different points in shipping a package from a sender to a receiver. IP addresses can also represent different levels of detail; just as a city contains or represents many streets, streets contain or represent many houses (each with its own number), and each house can contain or represent many residents, an IP address can represent many different topological regions of a network. Figure 2-10 illustrates. 40 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide 2001:db8:3e8:100::1/64 2001:db8:3e8:100::/6 0 2001:db8:3e8:101::1/64 2001:db8:3e8:100::/56 2001:db8:3e8:110::1/64 2001:db8:3e8:110::/6 0 2001:db8:3e8:111::1/64 Figure 2-10 Aggregation The four hosts in Figure 2-10 have been assigned /64 IPv6 addresses. Each host is connected to a single segment (broadcast domain); these segments are assigned /60 IPv6 addresses. The segment address is much like a street address in the physical world: it contains a group of houses. If you want to find a specific house, you must first find the street; if you want to find a specific host, you must first find the segment. The two /60 segments are contained within a larger network with a shorter prefix length, /56. This is like the city in a physical address, representing or containing many different streets. Shortening the prefix length to describe a larger part of the network is called aggregation. We can say 2001:db8:3e8:100::1/64 and 2001:db8:3e8:101::1/64 are components or subnets of 2001:db8:3e8:100::/60. 2001:db8:3e8:100::/60 is an aggregate containing 2001:db8:3e8:100::1/64 and 2001:db8:3e8:101::1/64. 2001:db8:3e8:110::1/64 and 2001:db8:3e8:111::1/64 are components or subnets of 2001:db8:3e8:110::/60. 2001:db8:3e8:110::/60 is an aggregate containing 2001:db8:3e8:110::1/64 and 2001:db8:3e8:111::1/64. 2001:db8:3e8:100::/60 and 2001:db8:3e8:110::/60 are components or subnets of 2001:db8:3e8:100::/56. 2001:db8:3e8:100::/56 is an aggregate containing 2001:db8:3e8:100::/64 and 2001:db8:3e8:110::/64. When addresses are aggregated, an address can be reachable even though no host is attached to the network with that address. For instance, suppose some host wanted to send a packet to 2001:db8:3e8:100::2. Outside of the 2001:db8:3e8:100::/60 network, it might seem as though the ::2 address is a valid reachable destination, but the host does not exist. What happens in Chapter 2: Addresses 41 this situation? Packets destined to a nonexistent address will be carried as close to the destina- tion as possible and then dropped. NOTE Aggregation is used interchangeably with summarization in the field of computer networking. To avoid confusion, this book will use aggregation throughout, and avoid using 2 the term summarization. Chapter 3, “Routing and Switching,” will consider how aggregation relates to packet forward- ing. Using aggregation in network design is outside the scope of this book. NOTE You might see the term supernet from time to time. The term originated in classful IPv4 addresses, and meant a prefix with a length larger than its class; for instance, 203.0.13.0 is a class C address, so the classful prefix length is /24. If an operator used 203.0.00/16 in their network, this would be considered a supernet. Over time, the meaning of supernet has been extended to mean the same thing as an aggregate. To avoid confusion, this book will not use the term supernet. Network Prefixes You need an IP prefix to build a network. There are two sources for these addresses, described in the following sections. Private Address Space Several ranges of addresses are set aside as private for IPv4: 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 These addresses are considered bogons by service providers, and therefore not routable on the public internet. You can use these addresses to build any kind of network that will not be connected to the global internet (unless the connection is through network address trans- lation, described in a later section). There is no explicit private address space set aside for ipv6; the ip community generally assumes ipv6 addresses are so readily available that there is no point in using an address that is not globally routable. However, many people use the 2001:db8::/32 address space set aside for documentation and examples to build private networks. NOTE The fc007::/7 IPv6 address space is reserved for unique local addressing (ULA). In some situations, these addresses can be used to build a private network so long as it is a pure IPv6 network. The interaction between IPv4 addresses and IPv6 ULA addresses can be surprising. 42 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide Publicly Routable Address Space Publicly routable addresses are obtained through a service provider or a Regional Internet Registry (RIR). Figure 2-11 illustrates the flow of IP addresses on the global Internet. IETF IANA AFRINIC provider directives ARIN reserved IP address space APNIC operator RIPE LACNIC Figure 2-11 IP Address Assignment Flow in the Global Internet The Internet Assigned Numbers Authority (IANA), an international nonprofit, controls the distribution of all number and name resources used on the Internet. One part of IANA’s job is to control the distribution of IP addresses. IANA can receive requests for address space from the IETF to reserve blocks of addresses, such as the private addresses discussed in the previous section. IANA can also receive requests for publicly routable address space from a Regional Internet Registry. There are currently five RIRs, each of which assigns addresses within a region: The African Network Information Center (AFRINIC) serves Africa. The American Registry for Internet Numbers (ARIN) serves the United States, Canada, parts of the Caribbean, and Antarctica. The Asia-Pacific Network Information Center (APNIC) serves East, South, and Southeast Asia. The Latin American and Caribbean Network Information Center (LACNIC) serves most of the Caribbean and all of Latin America, including South America and North America up to Mexico. The Réseaux IP Européens Network Coordination Centre (RIPE) serves Europe, Central Asia, and West Asia. Large organizations can request addresses directly from one of these RIRs; however, it is almost impossible to get IPv4 address space. Most of the RIRs have run out of free IPv4 space. Organizations can also purchase IPv4 addresses from specialized resellers. RIRs are more willing to assign IPv6 addresses to organizations. Requirements vary by RIR, so it is best to check the RIR for your region to find out how to obtain an IPv6 network address. Chapter 2: Addresses 43 Operators and end users can also get addresses from their service provider when they pur- chase Internet access; this is the most common way to obtain IP addresses. Reserved Addresses Some addresses should never be used either for private networks or for connecting to the global Internet. These are called reserved addresses, and they are considered unroutable 2 bogons by service providers. Table 2-4 lists some of these addresses. Table 2-4 Reserved IP Addresses Address Space Usage 10.0.0.0/8 Private networks 100.64.0.0/10 Assigned by service providers using Carrier Grade Network Address Translation (CGNAT) 127.0.0.0/8::1/128 Loopback; most host network software implementations will send any packets sent to an address in this address range back to the host itself 169.254.0.0/16 Link local addresses; not widely used 172.16.0.0/12 Private networks 192.0.2.0/24 Documentation 192.88.99.0/24 No longer used, but still reserved 192.168.0.0/16 Private networks 198.18.0.0/15 Benchmarking 198.51.100.0/24 Documentation 203.0.113.0/24 Documentation 224.0.0.0/4 Multicast distribution 233.252.0.0/24 Documentation 240.0.0.0/4 Reserved ::ffff:0:0/96 IPv4 to IPv6 translation services; not widely used and/or deprecated ::ffff:0:0:0/96 64:ff9b::/96 64:ff9b:1::/48 2002::/16 100::/64 Discard prefix; any packets sent to this address will be discarded 2001:0000::/32 Special applications like Toredo 2001:20::/28 2001:db8::/32 Documentation fe80::/64 Link local addresses ff00::/8 Multicast You should always check on the Internet for the most recent list of reserved addresses when you are setting up a network. 44 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide Ports and Sockets The final kind of address in a network is a port (or socket) number. Port numbers are not normally considered their own kind of address, but they are often included in the five-tuple, which uniquely identifies a communication session between two applications (running on two hosts). NOTE The five-tuple is described more fully in Chapter 14. Figure 2-12 illustrates the network stack, and the place of port numbers in the stack. Host A Host B App W App X App Y App Z port port port port Interface (IP) Interface (IP) interface address interface address Physical Interface Physical Interface physical address physical address network Figure 2-12 Communication Path Between Two Applications In Figure 2-12: The physical address, at the bottom, is used to identify the interface (or host) on a single segment. The interface address will normally be an IP address. This address identifies the inter- face on the network. The port number identifies the application among all the applications running on the host. NOTE We add another layer to this diagram for transport protocols when we discuss mod- els in Chapter 6. Chapter 14 discusses transport protocols in more detail. The port number is a simple 16-bit number that translates to a decimal number between 0 and 65,536. There are two classes of port numbers: Well-known or registered: These ports are registered to particular applications by IANA or are so widely used by an application that they have become well known. Ephemeral: These ports are not assigned to any application. Chapter 2: Addresses 45 When app W wants to communicate with app Y, it will Build a packet with the data it wants to send to app Y. Set the destination address in the packet to host B’s interface (IP) address. Set the destination port to the well-known port for app Y. 2 Set the source address to host A’s interface (IP) address. Set the source port to an ephemeral port number. When app Y wants to reply to app W, it will Build a packet with the data it wants to send to app W. Set the destination address in the packet to host A’s interface (IP) address. Set the destination port to the ephemeral port that app W used as its source port. Set the source address to host B’s interface (IP) address. Set the source port to the well-known port number for app Y. The combination of source address, ephemeral source port, destination address, and well- known destination port is an (almost) unique identifier for the session between the two applications. The port is sometimes called a service or service access point (SAP). These terms are not as common as they once were, but they are still used from time to time. Network Address Translation When IPv4 addresses started becoming scarce, John Mayes and Paul Tsuchiya—independently— designed a way to extend the IPv4 address space into the port number space through Network Address Translation (NAT). NOTE NAT and Port Address Translation (PAT) are slightly different technologies, but the terms are used interchangeably. Most NAT implementations and deployments are PAT. To reflect current usage, this book uses NAT for both. Figure 2-13 illustrates the way NAT extends the IPv4 address space. In Figure 2-13: App W sends a packet from host A toward app Y on host B. This packet is transmit- ted by host A with a source address of 192.0.2.1 and a source port of 49170. App X sends a packet from host C toward app Y on host B. This packet is transmitted by host C with a source address of 192.0.2.2 and a source port of 49170. 46 Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide Host A Host B App W App Y 49170 80 Network Stack Network Stack S:192.0.2.1,49170 S:203.0.13.1,49170 D:198.51.100.1,80 D:198.51.100.1,80 NAT S:192.0.2.2,49170 S:203.0.13.1,50210 D:198.51.100.1,80 D:198.51.100.1,80 Network Stack 49170 App X Host C Figure 2-13 NAT Translation There is, however, only one source address available on host B’s side of the NAT. How will these two different packets, sourced from two different hosts, be separated? The NAT translates the source address on both packets to 203.0.13.1, giving each packet a different source port (49170 versus 50210). Now when app Y responds to these two packets, host B will send Packets for host A to 203.0.13.1 with a destination port of 49170 Packets for host C to 203.0.13.1 with a destination port of 50210 When the NAT device receives these packets, it can translate the destination address and port host B used to the correct ports, and the packets will be delivered to the correct hosts. Chapter Review This chapter dove deeply into the three most common kinds of addresses you will encoun- ter in a network: physical, Internet Protocol, and ports. Each one of these addresses has different semantics, or ways of formatting and representing information. Unlike physical addresses, these kinds of addresses represent a topological location on a network with a single number, using different parts of the address to indicate different kinds of information. Learning and understanding what these addresses look like, where they come from, and how to work with them, are all critical to learning how to build, design, operate, and troubleshoot computer networks. Addresses are only part of getting a package or packet from one place to another. There also needs to be some way to decide where the packet needs to go next in its journey. Directing