Network Layer Review: IPv4 and IPv6 Protocols PDF

MODULE 8 NETWORK LAYER Network Layer (OSI Layer 3) - Provides services to allow end devices to exchange data across networks. Principle Network Layer Communication Protocols - IP version 4 (IPv4) - - IP version 6 (IPv6) Other network layer protocols: - Open Shortest Path First (OSPF): routing protocol - Internet Control Message Protocol (ICMP): messaging protocol 4 Basic Operations of Network Layer 1. Addressing end devices – end devices must be configured with a unique IP address for identification on the network. 2. Encapsulation – the network layer encapsulates the PDU from the transport layer into a packet. The encapsulation process adds IP header information, such as the IP address of the source and destination hosts. The encapsulation process is performed by the source of the IP packet. 3. Routing – the network layer provides services to direct the packets to a destination host on another network. To travel to other networks the packet must be processed by a router. a packet may cross many routers before reaching the destination host. a. Role of a router – to select the best path and direct packers toward the destination host in a process known as routing. b. Hop – each router a packet crosses to reach the destination host. 4. De-encapsulation – when the packet arrives at the network layer of the destination host, the host checks the IP header of the packet. If the destination IP address within the header matches its own IP address, the IP header is removed from the packet. After the packet is de-encapsulated by the network layer, the resulting Layer 4 PDU is passed up to the appropriate service at the transport layer. The de-encapsulation process is performed by the destination host of the IP packet. IP - Designed as a protocol with low overhead. - Provides only the functions that are necessary to deliver a packet from a source to a destination over an interconnected system of networks. 3 Basic Characteristics of IP 1. Connectionless – there is no connection with the destination established before sending data packets. 2. Best Effort – IP is inherently unreliable because packet delivery is not guaranteed. 3. Media Independent – operation is independent of the medium carrying the data. Fragmentation - Splitting up an IPv4 packet when forwarding it from one medium to another with a smaller MTU. - Causes latency. - IPv6 cannot be fragmented by the router. IPv4 - IPv4 packet header is used to ensure that this packet is delivered to its next stop on the way to its destination end device. - IPv4 packet header consists of fields containing important information about the packet. These fields contain binary numbers which are examined by the Layer 3 process. Significant Fields in the IPv4 Header 1. Version – contains a 4-bit binary value set to 0100 that identifies this as an IPv4 packet. 2. Differentiated Services or DiffServ (DS) – formerly called the type of servive (ToS) field, the DS field is an 8-bit field used to determine the priority of each packet. The six most significant bits of the DiffServ field are the differentiated services code point (DSCP) bits and the last 2 bits are the explicit congestion notification (ECN) bits. 3. Time to Live (TTL) – contains an 8-bit binary value that is used to limit the lifetime of a packet. The source device of the IPv4 packet sets the initial TTL value. It is decreased by one each time the packet is processed by a router. if the TTL field decrements to zero, the router discards the packet and sends and ICMP Time Exceeded message to the source IP address. Because the router decrements the TTL of each packet, the router must also recalculate the Header Checksum. 4. Protocol – this field is used to identify the next level protocol. This 8-bit binary value indicates the data payload type that the packet is carrying, which enables the network layer to pass the data to the appropriate upper-layer protocol. Common values includes ICMP (1), TCP (6), and UDP (17). 5. Header Checksum - used to detect corruption in the IPv4 header. 6. Source IPv4 Address – contains a 32-bit binary value that represents the source IPv4 address of the packet. The source IPv4 address is always a unicast address. 7. Destination IPv4 Address – contains a 32-bit binary value that represents the destination IPv4 address of the packet. The destination IPv4 address is a unicast, multicast, or broadcast address. Source and Destination IP Address - Two most referenced fields - These fields identify where the packet is coming from and where it is going. - These addresses do not change while travelling from the source to the destination. Limitations of IPv4 1. IPv4 address depletion – IPv4 has a limited number of unique public addresses available. Although there are approximately 4 billion IPv4 addresses, the increasing number of new IP- enabled devices, always-on connections, and the potential growth of less-developed regions have increased the need for more addresses. 2. Lack of end-to-end connectivity – Network Address Translation (NAT) is a technology commonly implemented within IPv4 networks. NAT provides a way for multiple devices to share a single public IPv4 address. However, because the public IPv4 address is shared, the IPv4 address of an internal network host is hidden. This can be problematic for technologies that require end-to-end connectivity. 3. Increased network complexity – while NAT has extended the lifespan of IPv4 it was only meant as a transition mechanism to IPv6. NAT in its various implementation creates additional complexity in the network, creating latency and making troubleshooting more difficult. Improvements that IPv6 provides: 1. Increased address space – IPv6 addresses are based on 128-bit hierarchical addressing as opposed to IPv4 with 32 bits. 2. Improved packet handling – the IPv6 header has been simplified with fewer fields. 3. Eliminates the need for NAT – with such many public IPv6 addresses, NAT between a private IPv4 address and a public IPv4 is not needed. This avoids some of the NAT-induced problems experienced by applications that require end-to-end connectivity. 32-bit IPv4 Address Space - 4 294 967 296 unique addresses. IPv6 Address Space - 340 undecillion addresses IPv6 Packet Header Fields 1. Version – this field contains a 4-bit binary value set to 0110 that identifies this as an IPv6 packet. 2. Traffic Class – this 8-bit field is equivalent to the IPv4 Differentiated Services (DS) field. 3. Flow Label - This 20-bit field suggests that all packets with the same flow label receive the same type of handling by routers. 4. Payload Length - This 16-bit field indicates the length of the data portion or payload of the IPv6 packet. This does not include the length of the IPv6 header, which is a fixed 40-byte header. 5. Next Header - This 8-bit field is equivalent to the IPv4 Protocol field. It indicates the data payload type that the packet is carrying, enabling the network layer to pass the data to the appropriate upper-layer protocol. 6. Hop Limit - This 8-bit field replaces the IPv4 TTL field. This value is decremented by a value of 1 by each router that forwards the packet. When the counter reaches 0, the packet is discarded, and an ICMPv6 Time Exceeded message is forwarded to the sending host,. This indicates that the packet did not reach its destination because the hop limit was exceeded. Unlike IPv4, IPv6 does not include an IPv6 Header Checksum, because this function is performed at both the lower and upper layers. This means the checksum does not need to be recalculated by each router when it decrements the Hop Limit field, which also improves network performance. 7. Source IPv6 Address - This 128-bit field identifies the IPv6 address of the sending host. 8. Destination IPv6 Address - This 128-bit field identifies the IPv6 address of the receiving host. A host can send a packet to the following: 1. Itself – A host can ping itself by sending a packet to a special IPv4 address of 127.0.0.1 or an IPv6 address ::1, which is referred to as the loopback interface. Pinging the loopback interface tests the TCP/IP protocol stack on the host. 2. Local host - This is a destination host that is on the same local network as the sending host. The source and destination hosts share the same network address. 3. Remote host - This is a destination host on a remote network. The source and destination hosts do not share the same network address. Method of Determining the Destination IP Address 1. In IPv4 – the source device uses its own subnet mask along with its own IPv4 address and the destination IPv4 address to make this determination. 2. In IPv6 – the local router advertises the local network address (prefix) to all devices on the network. Default Gateway - The network device that can route traffic to other networks. - It is usually a router with these features: o It has a local IP address in the same address range as other hosts on the local network. o It can accept data into the local network and forward data out of the local network. o It routes traffic to other networks. route print or netstat -r - Displays the host routing table. - Displays 3 sections related to the current TCP/IP network connections: o Interface list – lists the MAC address and assigned interface number of every network-capable interface on the host, including Ethernet, Wi-Fi, and Bluetooth adapters. o IPv4 Route Table – Lists all known IPv4 routes, including direct connections, local network, and local default routes. o IPv6 Route Table - Lists all known IPv6 routes, including direct connections, local network, and local default routes. The routing table stores 3 types of route entries: 1. Directly-connected networks - These network route entries are active router interfaces. Routers add a directly connected route when an interface is configured with an IP address and is activated. Each router interface is connected to a different network segment. In the figure, the directly-connected networks in the R1 IPv4 routing table would be 192.168.10.0/24 and 209.165.200.224/30. 2. Remote networks - These network route entries are connected to other routers. Routers learn about remote networks either by being explicitly configured by an administrator or by exchanging route information using a dynamic routing protocol. In the figure, the remote network in the R1 IPv4 routing table would be 10.1.1.0/24. 3. Default route - Like a host, most routers also include a default route entry, a gateway of last resort. The default route is used when there is no better (longer) match in the IP routing table. In the figure, the R1 IPv4 routing table would most likely include a default route to forward all packets to router R2. A router can learn about remote networks in one of two ways: 1. Manually – remote networks are manually entered into the route table using static routes. 2. Dynamically – remote routes are automatically learned using a dynamic routing protocol. Static Routes - Route entries that are manually configured. - Includes the remote network address and the IP address of the next hop router. Characteristics of Static Routing - Must be configured manually - The administrator needs to reconfigure a static route if there is a change in the topology and the static route is no longer viable. - Appropriate for a small network and when there are few or no redundant links. Dynamic Routing - Allows the router to automatically learn about remote networks, including a default route, from other routers. - Includes OSPF and Enhanced Interior Gateway Routing Protocol (EIGRP). The dynamic routing protocol will automatically do as follows: - Discover remote networks - Maintain up-to-date routing information - Choose the best path to destination networks - Attempt to find a new best path if the current path is no longer available show ip route (privileged EXEC mode) - Used to view the IPv4 routing table. Common Route Sources 1. L – directly connected local interface IP address 2. C – directly connected network 3. S – static route was manually configured by an administrator 4. O – OSPF 5. D – EIGRP Summary Network Layer Characteristics - The network layer (OSI Layer 3) provides services to allow end devices to exchange data across networks. IPv4 and IPv6 are the principle network layer communication protocols. The network layer also includes the routing protocol OSPF and messaging protocols such as ICMP. Network layer protocols perform four basic operations: addressing end devices, encapsulation, routing, and de-encapsulation. IPv4 and IPv6 specify the packet structure and processing used to carry the data from one host to another host. IP encapsulates the transport layer segment by adding an IP header, which is used to deliver the packet to the destination host. The IP header is examined by Layer 3 devices (i.e., routers) as it travels across a network to its destination. The characteristics of IP are that it is connectionless, best effort, and media independent. IP is connectionless, meaning that no dedicated end- to-end connection is created by IP before data is sent. The IP protocol does not guarantee that all packets that are delivered are, in fact, received. This is the definition of the unreliable, or best effort characteristic. IP operates independently of the media that carry the data at lower layers of the protocol stack. IPv4 Packet - An IPv4 packet header consists of fields containing information about the packet. These fields contain binary numbers which are examined by the Layer 3 process. The binary values of each field identify various settings of the IP packet. Significant fields in the IPv4 packet header include: version, DS, header checksum, TTL, protocol, and the source and destination IPv4 addresses. IPv6 Packet - IPv6 is designed to overcome the limitations of IPv4 including: IPv4 address depletion, lack of end-to-end connectivity, and increased network complexity. IPv6 increases the available address space, improves packet handling, and eliminates the need for NAT. The fields in the IPv6 packet header include: version, traffic class, flow label, payload length, next header, hop limit, and the source and destination IPv6 addresses. How a Host Routes - A host can send a packet to itself, another local host, and a remote host. In IPv4, the source device uses its own subnet mask along with its own IPv4 address and the destination IPv4 address to determine whether the destination host is on the same network. In IPv6, the local router advertises the local network address (prefix) to all devices on the network, to make this determination. The default gateway is the network device (i.e., router) that can route traffic to other networks. On a network, a default gateway is usually a router that has a local IP address in the same address range as other hosts on the local network, can accept data into the local network and forward data out of the local network, and route traffic to other networks. A host routing table will typically include a default gateway. In IPv4, the host receives the IPv4 address of the default gateway either dynamically via DHCP or it is configured manually. In IPv6, the router advertises the default gateway address, or the host can be configured manually. On a Windows host, the route print or netstat -r command can be used to display the host routing table. Introduction to Routing - When a host sends a packet to another host, it consults its routing table to determine where to send the packet. If the destination host is on a remote network, the packet is forwarded to the default gateway which is usually the local router. What happens when a packet arrives on a router interface? The router examines the packet’s destination IP address and searches its routing table to determine where to forward the packet. The routing table contains a list of all known network addresses (prefixes) and where to forward the packet. These entries are known as route entries or routes. The router will forward the packet using the best (longest) matching route entry. The routing table of a router stores three types of route entries: directly connected networks, remote networks, and a default route. Routers learn about remote networks manually, or dynamically using a dynamic routing protocol. Static routes are route entries that are manually configured. Static routes include the remote network address and the IP address of the next hop router. OSPF and EIGRP are two dynamic routing protocols. The show ip route privileged EXEC mode command is used to view the IPv4 routing table on a Cisco IOS router. At the beginning of an IPv4 routing table is a code that is used to identify the type of route or how the route was learned. Common route sources (codes) include: L, C, S, O, D MODULE 9 ADDRESS RESOLUTION 2 addresses assigned to a device on an Ethernet LAN: 1. Physical address (the MAC address) – used for NIC to NIC communications on the same Ethernet network. 2. Logical address (the IP address) – used to send the packet from the source device to the destination device. The destination IP address may be on the same IP network as the source or it may be on a remote network. When the destination IP address is on a remote network, the destination MAC address will be the address of the host default gateway. When a device sends an Ethernet Layer 2 frame, it contains these two addresses: 1. Destination MAC address - The Ethernet MAC address of the destination device on the same local network segment. If the destination host is on another network, then the destination address in the frame would be that of the default gateway (i.e., router). 2. Source MAC address - The MAC address of the Ethernet NIC on the source host. Address Resolution Protocol (ARP) - Determines the destination MAC address of a local device when it knows its IPv4 address. - Two basic functions: o Resolving IPv4 addresses to MAC addresses o Maintaining a table of IPv4 to MAC address mappings ARP table or ARP cache - A table stored temporarily in RAM to find the MAC address that is mapped to the IPv4 address. o If the packet’s destination IPv4 address is on the same network as the source IPv4 address, the device will search the ARP table for the destination IPv4 address. o If the destination IPv4 address is on a different network than the source IPv4 address, the device will search the ARP table for the IPv4 address of the default gateway. ARP request - sent when a device needs to determine the MAC address that is associated with an IPv4 address, and it does not have an entry for the IPv4 address in its ARP table. ARP messages - encapsulated directly within an Ethernet frame. There is no IPv4 header. The ARP request is encapsulated in an Ethernet frame using the following header information: o Destination MAC address - This is a broadcast address FF-FF-FF-FF-FF-FF requiring all Ethernet NICs on the LAN to accept and process the ARP request. o Source MAC address - This is MAC address of the sender of the ARP request. o Type - ARP messages have a type field of 0x806. This informs the receiving NIC that the data portion of the frame needs to be passed to the ARP process. show ip arp - Used to display the ARP table on a cisco router. arp -a - Used to display the ARP table on a windows 10 pc IPv6 Neighbor Discovery (ND or NDP) - provides address resolution, router discovery, and redirection services for IPv6 using ICMPv6. - ICMPv6 ND uses five ICMPv6 messages to perform these services: o Neighbor solicitation messages - sent using special Ethernet and IPv6 multicast addresses. This allows the Ethernet NIC of the receiving device to determine whether the Neighbor Solicitation message is for itself without having to send it to the operating system for processing. o Neighbor advertisement messages o Router solicitation messages o Router advertisement messages o Redirect message - used for better next-hop selection. Neighbor solicitation and neighbor advertisement messages - Used for device-to-device messaging such as address resolution - Devices include both host computers and routers. - Used for MAC address resolution. Router solicitation and router advertisement messages - For messaging between devices and routers. - Typically, router discovery is used for dynamic address allocation and stateless address autoconfiguration (SLAAC). Summary MAC and IP Layer 2 physical addresses (i.e., Ethernet MAC addresses) are used to deliver the data link frame with the encapsulated IP packet from one NIC to another NIC on the same network. If the destination IP address is on the same network, the destination MAC address will be that of the destination device. When the destination IP address (IPv4 or IPv6) is on a remote network, the destination MAC address will be the address of the host default gateway (i.e., the router interface). Along each link in a path, an IP packet is encapsulated in a frame. The frame is specific to the data link technology associated that is associated with that link, such as Ethernet. If the next-hop device is the final destination, the destination MAC address will be that of the device Ethernet NIC. How are the IP addresses of the IP packets in a data flow associated with the MAC addresses on each link along the path to the destination? For IPv4 packets, this is done through a process called ARP. For IPv6 packets, the process is ICMPv6 ND. ARP Every IP device on an Ethernet network has a unique Ethernet MAC address. When a device sends an Ethernet Layer 2 frame, it contains these two addresses: destination MAC address and source MAC address. A device uses ARP to determine the destination MAC address of a local device when it knows its IPv4 address. ARP provides two basic functions: resolving IPv4 addresses to MAC addresses and maintaining a table of IPv4 to MAC address mappings. The ARP request is encapsulated in an Ethernet frame using this header information: source and destination MAC addresses and type. Only one device on the LAN will have an IPv4 address that matches the target IPv4 address in the ARP request. All other devices will not reply. The ARP reply contains the same header fields as the request. Only the device that originally sent the ARP request will receive the unicast ARP reply. After the ARP reply is received, the device will add the IPv4 address and the corresponding MAC address to its ARP table. When the destination IPv4 address is not on the same network as the source IPv4 address, the source device needs to send the frame to its default gateway. This is the interface of the local router. For each device, an ARP cache timer removes ARP entries that have not been used for a specified period of time. Commands may also be used to manually remove some or all of the entries in the ARP table. As a broadcast frame, an ARP request is received and processed by every device on the local network, which could cause the network to slow down. A threat actor can use ARP spoofing to perform an ARP poisoning attack. Neighbor Discovery IPv6 does not use ARP, it uses the ND protocol to resolve MAC addresses. ND provides address resolution, router discovery, and redirection services for IPv6 using ICMPv6. ICMPv6 ND uses five ICMPv6 messages to perform these services: neighbor solicitation, neighbor advertisement, router solicitation, router advertisement, and redirect. Much like ARP for IPv4, IPv6 devices use IPv6 ND to resolve the MAC address of a device to a known IPv6 address. MODULE 10 BASIC ROUTER CONFIGURATION Basic Router Configuration Steps 1. Configure the device name a. 2. Secure privileged EXEC mode a. 3. Secure user EXEC mode a. 4. Secure remote Telnet / SSH access a. 5. Secure all password in the config file. a. 6. Provide legal notification a. 7. Save the configuration a. The following commands secure privileged EXEC mode and user EXEC mode, enable Telnet and SSH remote access, and encrypt all plaintext (i.e., user EXEC and VTY line) passwords. Configure Router Interfaces Commands used to verify interface configuration 1. show ip interface brief 2. show ipv6 interface brief show ip / ipv6 interface brief - displays all interfaces, their IP addresses, and their status. The configured and connected interfaces should display a Status of “up” and Protocol of “up”. Anything else would indicate a problem with either the configuration or the cabling. show ip / ipv6 route - displays the contents of the IP routing tables stored in RAM show interfaces - displays statistics for all interfaces on the device. However, this command will only display the IPv4 addressing information show ip interface - displays the IPv4 statistics for all interfaces on a router show ipv6 interface - displays the IPv6 statistics for all interfaces on a router. ip default-gateway - to configure an IPv4 default gateway on a switch Summary Configure Initial Router Settings The following tasks should be completed when configuring initial settings on a router. 1. Configure the device name. 2. Secure privileged EXEC mode. 3. Secure user EXEC mode. 4. Secure remote Telnet / SSH access. 5. Secure all passwords in the config file. 6. Provide legal notification. 7. Save the configuration. Configure Interfaces For routers to be reachable, the router interfaces must be configured. The Cisco ISR 4321 router is equipped with two Gigabit Ethernet interfaces: GigabitEthernet 0/0/0 (G0/0/0) and GigabitEthernet 0/0/1 (G0/0/1). The tasks to configure a router interface are very similar to a management SVI on a switch. Using the no shutdown command activates the interface. The interface must also be connected to another device, such as a switch or a router, for the physical layer to be active. There are several commands that can be used to verify interface configuration including the show ip interface brief and show ipv6 interface brief, the show ip route and show ipv6 route, as well as show interfaces, show ip interface and show ipv6 interface. Configure the Default Gateway For an end device to communicate over the network, it must be configured with the correct IP address information, including the default gateway address. The default gateway address is generally the router interface address for the router that is attached to the local network of the host. The IP address of the host device and the router interface address must be in the same network. To connect to and manage a switch over a local IP network, it must have a switch virtual interface (SVI) configured. The SVI is configured with an IPv4 address and subnet mask on the local LAN. The switch must also have a default gateway address configured to remotely manage the switch from another network. To configure an IPv4 default gateway on a switch, use the ip default-gateway ip- address global configuration command. Use the IPv4 address of the local router interface that is connected to the switch. MODULE 11 IPv4 ADDRESSIING IPv4 Address - a 32-bit hierarchical address that is made up of a network portion and a host portion. Subnet mask - used to identify the network/host portion of the IPv4 address. o IPv4 subnet mask ▪ used to differentiate the network portion from the host portion of an IPv4 address. Default gateway IPv4 address - required to reach remote networks and DNS server IPv4 addresses are required to translate domain names to IPv4 addresses. ANDing - The actual process used to identify the network portion and host portion Prefix length - the number of bits set to 1 in the subnet mask. - written in “slash notation”, which is noted by a forward slash (/) followed by the number of bits set to 1. 3 types of IP Addresses 1. network address 2. host addresses 3. broadcast addresses network address - an address that represents a specific network. - A device belongs to this network if it meets three criteria: o It has the same subnet mask as the network address. o It has the same network bits as the network address, as indicated by the subnet mask. o It is located on the same broadcast domain as other hosts with the same network address. Host addresses - addresses that can be assigned to a device such as a host computer, laptop, smart phone, web camera, printer, router, etc. - can have any combination of bits in the host portion except for all 0 bits (this would be a network address) or all 1 bits (this would be a broadcast address). o First host address - This first host within a network has all 0 bits with the last (right- most) bit as a 1 bit. o Last host address - This last host within a network has all 1 bits with the last (right- most) bit as a 0 bit. Broadcast address - an address that is used when it is required to reach all devices on the IPv4 network. Public IPv4 Addresses - addresses which are globally routed between internet service provider (ISP) routers. Private addresses - blocks of addresses that are used by most organizations to assign IPv4 addresses to internal hosts. Network Address Translation (NAT) - NAT is used to translate between private IPv4 and public IPv4 addresses. Loopback addresses - (127.0.0.0 /8 or 127.0.0.1 to 127.255.255.254) - special addresses used by a host to direct traffic to itself. - it can be used on a host to test if the TCP/IP configuration is operational link-local addresses - (169.254.0.0 /16 or 169.254.0.1 to 169.254.255.254) - more commonly known as the Automatic Private IP Addressing (APIPA) addresses or self- assigned addresses. - used by a Windows DHCP client to self-configure if there are no DHCP servers available. - Link-local addresses can be used in a peer-to-peer connection but are not commonly used for this purpose. Legacy Classful Addressing Class A (0.0.0.0/8 to 127.0.0.0/8) - Designed to support extremely large networks with more than 16 million host addresses. - Class A used a fixed /8 prefix with the first octet to indicate the network address and the remaining three octets for host addresses (more than 16 million host addresses per network). Class B (128.0.0.0 /16 - 191.255.0.0 /16) - Designed to support the needs of moderate to large size networks with up to approximately 65,000 host addresses. - Class B used a fixed /16 prefix with the two high-order octets to indicate the network address and the remaining two octets for host addresses (more than 65,000 host addresses per network). Class C (192.0.0.0 /24 - 223.255.255.0 /24) - Designed to support small networks with a maximum of 254 hosts. - Class C used a fixed /24 prefix with the first three octets to indicate the network and the remaining octet for the host addresses (only 254 host addresses per network). Class D multicast block - 224.0.0.0 to 239.0.0.0 Class E experimental address block - 240.0.0.0 - 255.0.0.0. Subnetting - reduce the size of the network to create smaller broadcast domains - a critical skill to have when administering an IPv4 network. o subnets - smaller network spaces IPv4 subnets - created by using one or more of the host bits as network bits. - done by extending the subnet mask to borrow some of the bits from the host portion of the address to create additional network bits. Summary IPv4 Addressing Structure An IPv4 address is a 32-bit hierarchical address that is made up of a network portion and a host portion. The bits within the network portion of the address must be identical for all devices that reside in the same network. The bits within the host portion of the address must be unique to identify a specific host within a network. A host requires a unique IPv4 address and a subnet mask to show the network/host portions of the address. The prefix length is the number of bits set to 1 in the subnet mask. It is written in “slash notation”, which is a “/” followed by the number of bits set to 1. Logical AND is the comparison of two bits. Only a 1 AND 1 produces a 1 and all other combination results in a 0. Any other combination results in a 0. Within each network there are network addresses, host addresses, and a broadcast address. IPv4 Unicast, Broadcast, and Multicast Unicast transmission refers to a device sending a message to one other device in one-to-one communications. A unicast packet is a packet with a destination IP address that is a unicast address which is the address of a single recipient. Broadcast transmission refers to a device sending a message to all the devices on a network in one-to-all communications. A broadcast packet has a destination IP address with all ones (1s) in the host portion, or 32 one (1) bits. Multicast transmission reduces traffic by allowing a host to send a single packet to a selected set of hosts that subscribe to a multicast group. A multicast packet is a packet with a destination IP address that is a multicast address. IPv4 has reserved the 224.0.0.0 to 239.255.255.255 addresses as a multicast range. Types of IPv4 Addresses Public IPv4 addresses are globally routed between ISP routers. Not all available IPv4 addresses can be used on the internet. There are blocks of addresses called private addresses that are used by most organizations to assign IPv4 addresses to internal hosts. Most internal networks use private IPv4 addresses for addressing all internal devices (intranet); however, these private addresses are not globally routable. Loopback addresses used by a host to direct traffic back to itself. Link-local addresses are more commonly known as APIPA addresses, or self-assigned addresses. In 1981, IPv4 addresses were assigned using classful addressing: A, B, or C. Public IPv4 addresses must be unique, and are globally routed over the internet. Both IPv4 and IPv6 addresses are managed by the IANA, which allocates blocks of IP addresses to the RIRs. Network Segmentation In an Ethernet LAN, devices broadcast to locate other devices using ARP. Switches propagate broadcasts out all interfaces except the interface on which it was received. Routers do not propagate broadcasts, instead each router interface connects a broadcast domain and broadcasts are only propagated within that specific domain. A large broadcast domain is a network that connects many hosts. A problem with a large broadcast domain is that these hosts can generate excessive broadcasts and negatively affect the network. The solution is to reduce the size of the network to create smaller broadcast domains in a process called subnetting. These smaller network spaces are called subnets. Subnetting reduces overall network traffic and improves network performance. An administrator may subnet by location, between networks, or by device type. Subnet an IPv4 Network IPv4 subnets are created by using one or more of the host bits as network bits. This is done by extending the subnet mask to borrow some of the bits from the host portion of the address to create additional network bits. The more host bits that are borrowed, the more subnets that can be defined. The more bits that are borrowed to increase the number of subnets also reduces the number of hosts per subnet. Networks are most easily subnetted at the octet boundary of /8, /16, and /24. Subnets can borrow bits from any host bit position to create other masks. Subnet a /16 and a /8 Prefix In a situation requiring a larger number of subnets, an IPv4 network is required that has more hosts bits available to borrow. To create subnets, you must borrow bits from the host portion of the IPv4 address of the existing internetwork. Starting from the left to the right with the first available host bit, borrow a single bit at a time until you reach the number of bits necessary to create the number of subnets required. When borrowing bits from a /16 address, start borrowing bits in the third octet, going from left to right. The first address is reserved for the network address and the last address is reserved for the broadcast address. Subnet to Meet Requirements A typical enterprise network contains an intranet and a DMZ. Both have subnetting requirements and challenges. The intranet uses private IPv4 addressing space. The 10.0.0.0/8 can also be subnetted using any other number of prefix lengths, such as /12, /18, /20, etc., giving the network administrator many options. Because these devices need to be publicly accessible from the internet, the devices in the DMZ require public IPv4 addresses. Organizations must maximize their own limited number of public IPv4 addresses. To reduce the number of unused host addresses per subnet, the network administrator must subnet their public address space into subnets with different subnet masks. This is known as Variable Subnet Length Masking (VLSM). Administrators must consider how many host addresses are required for each network, and how many subnets are needed. Variable Length Subnet Masking Traditional subnetting might meet an organization’s needs for its largest LAN and divide the address space into an adequate number of subnets. But it likely also results in significant waste of unused addresses. VLSM allows a network space to be divided into unequal parts. With VLSM, the subnet mask will vary depending on how many bits have been borrowed for a particular subnet (this is the “variable” part of the VLSM). VLSM is just subnetting a subnet. When using VLSM, always begin by satisfying the host requirements of the largest subnet. Continue subnetting until the host requirements of the smallest subnet are satisfied. Subnets always need to be started on an appropriate bit boundary. Structured Design A network administrator should study the network requirements to better plan how the IPv4 network subnets will be structured. This means looking at the entire network, both the intranet and the DMZ, and determining how each area will be segmented. The address plan includes determining where address conservation is needed (usually within the DMZ), and where there is more flexibility (usually within the intranet). Where address conservation is required the plan should determine how many subnets are needed and how many hosts per subnet. This is usually required for public IPv4 address space within the DMZ. This will most likely include using VLSM. The address plan includes how host addresses will be assigned, which hosts will require static IPv4 addresses, and which hosts can use DHCP for obtaining their addressing information. Within a network, there are different types of devices that require addresses: end user clients, servers and peripherals, servers that are accessible from the internet, intermediary devices, and gateways. When developing an IP addressing scheme, have a set pattern of how addresses are allocated to each type of device. This helps when adding and removing devices, filtering traffic based on IP, as well as simplifying documentation. MODULE 12 IPv6 ADDRESSING IPv6 - has a larger 128-bit address space, providing 340 undecillion (i.e., 340 followed by 36 zeroes) possible addresses. Migration Techniques Dual Stack - allows IPv4 and IPv6 to coexist on the same network segment. - devices run both IPv4 and IPv6 protocol stacks simultaneously. Tunneling - a method of transporting an IPv6 packet over an IPv4 network. - The IPv6 packet is encapsulated inside an IPv4 packet, similar to other types of data. Translation - Network Address Translation 64 (NAT64) allows IPv6-enabled devices to communicate with IPv4-enabled devices using a translation technique similar to NAT for IPv4. - An IPv6 packet is translated to an IPv4 packet and an IPv4 packet is translated to an IPv6 packet. IPv6 Addresses - 28 bits in length and written as a string of hexadecimal values. - Every four bits is represented by a single hexadecimal digit; for a total of 32 hexadecimal values - not case-sensitive - - x:x:x:x:x:x:x:x - Each “x” is a single hextet which is 16 bits or four hexadecimal digits. Hextet - the unofficial term used to refer to a segment of 16 bits, or four hexadecimal values. Preferred format - means that you write IPv6 address using all 32 hexadecimal digits. Reducing Digits in IPv6 Addresses Rule 1 – Omit Leading Zeros - 01ab to 1ab - 09f0 to 9f0 - 0000 to 0 (remove first 3) Rule 2 – Double Colon - can replace any single, contiguous string of one or more 16-bit hextets consisting of all zeros. - 2001:db8:cafe:1:0:0:0:1 to 2001:db8:cafe:1::1 - double colon (::) can only be used once within an address, otherwise there would be more than one possible resulting address. - commonly known as the compressed format. - If an address has more than one contiguous string of all-0 hextets, best practice is to use the double colon (::) on the longest string. - If the strings are equal, the first string should use the double colon (::). - - IPv6 Categories 1. Unicast - An IPv6 unicast address uniquely identifies an interface on an IPv6-enabled device. 2. Multicast - An IPv6 multicast address is used to send a single IPv6 packet to multiple destinations. 3. Anycast - An IPv6 anycast address is any IPv6 unicast address that can be assigned to multiple devices. A packet sent to an anycast address is routed to the nearest device having that address. Anycast addresses are beyond the scope of this course. IPv6 Prefix Length - IPv6 does not use the dotted-decimal subnet mask notation. - The prefix length can range from 0 to 128. - he recommended IPv6 prefix length for LANs and most other types of networks is /64 - It is strongly recommended to use a 64-bit Interface ID for most networks. This is because stateless address autoconfiguration (SLAAC) uses 64 bits for the Interface ID. It also makes subnetting easier to create and manage. IPv6 Unicast Address - uniquely identifies an interface on an IPv6-enabled device. - a source IPv6 address must be a unicast address. The destination IPv6 address can be either a unicast or a multicast address. - Two unicast addresses: o Global unicast address (GUA) - This is similar to a public IPv4 address. These are globally unique, internet-routable addresses. GUAs can be configured statically or assigned dynamically. o Link-local address (LLA) - This is required for every IPv6-enabled device. LLAs are used to communicate with other devices on the same local link. With IPv6, the term link refers to a subnet. LLAs are confined to a single link. Their uniqueness must only be confirmed on that link because they are not routable beyond the link. In other words, routers will not forward packets with a link-local source or destination address. Unique local address - Fc00::/7 to fdff::/7 - Not yet commonly implemented. - Differences from IPv4 private addresses o Unique local addresses are used for local addressing within a site or between a limited number of sites. o Unique local addresses can be used for devices that will never need to access another network. o Unique local addresses are not globally routed or translated to a global IPv6 address. IPv6 Global Unicast Addresses (GUA) - globally unique and routable on the IPv6 internet. - equivalent to public IPv4 addresses. - The Internet Committee for Assigned Names and Numbers (ICANN), the operator for IANA, allocates IPv6 address blocks to the five RIRs. - Currently, only GUAs with the first three bits of 001 or 2000::/3 are being assigned - Has 3 parts: o Global routing prefix ▪ the prefix, or network, portion of the address that is assigned by the provider o Subnet id ▪ the area between the Global Routing Prefix and the Interface ID. ▪ used by an organization to identify subnets within its site. ▪ The larger the subnet ID, the more subnets available. o Interface id ▪ equivalent to the host portion of an IPv4 address. ▪ the term Interface ID is used because a single host may have multiple interfaces, each having one or more IPv6 addresses. IPv6 Link-local Address (LLA) - enables a device to communicate with other IPv6-enabled devices on the same link and only on that link (subnet). Packets with a source or destination LLA cannot be routed beyond the link from which the packet originated. - GUA is not a requirement, but every IPv6-enabled network interface must have an LLA. - IPv6 LLAs are in the fe80::/10 range - 2 ways to obtain an LLA o Statically – manual configuration o Dynamically - the device creates its own interface ID by using randomly generated values or using the Extended Unique Identifier (EUI) method, which uses the client MAC address along with additional bits. Static GUA Configuration on a Router - Ipv6 address ipv6-address/prefix-length command - Static LLA Configuration - IMPORTANT NOTES Global unicast address range - 2000::/3 Ipv6 Loopback address - ::1 Link-local address range - Fe80::/10 Unique local address range - Fc00::/7 Summary IPv4 Issues IPv4 has a theoretical maximum of 4.3 billion addresses. Private addresses in combination with NAT have helped to slow the depletion of IPv4 address space. With an increasing internet population, a limited IPv4 address space, issues with NAT and the IoT, the time has come to begin the transition to IPv6. Both IPv4 and IPv6 will coexist in the near future and the transition will take several years. The IETF has created various protocols and tools to help network administrators migrate their networks to IPv6. The migration techniques can be divided into three categories: dual stack, tunneling, and translation. IPv6 Address Representation IPv6 addresses are 128 bits in length and written as a string of hexadecimal values. Every 4 bits is represented by a single hexadecimal digit; for a total of 32 hexadecimal values. The preferred format for writing an IPv6 address is x:x:x:x:x:x:x:x, with each “x” consisting of four hexadecimal values. For example: 2001:0db8:0000:1111:0000:0000:0000:0200. Two rules that help to reduce the number of digits needed to represent an IPv6 address. The first rule to help reduce the notation of IPv6 addresses is to omit any leading 0s (zeros) in any hextet. For example: 2001:db8:0:1111:0:0:0:200. The second rule to help reduce the notation of IPv6 addresses is that a double colon (::) can replace any single, contiguous string of one or more 16-bit hextets consisting of all zeros. For example: 2001:db8:0:1111::200. IPv6 Address Types There are three types of IPv6 addresses: unicast, multicast, and anycast. IPv6 does not use the dotted-decimal subnet mask notation. Like IPv4, the prefix length is represented in slash notation and is used to indicate the network portion of an IPv6 address. An IPv6 unicast address uniquely identifies an interface on an IPv6-enabled device. IPv6 addresses typically have two unicast addresses: GUA and LLA. IPv6 unique local addresses have the following uses: they are used for local addressing within a site or between a limited number of sites, they can be used for devices that will never need to access another network, and they are not globally routed or translated to a global IPv6 address. IPv6 global unicast addresses (GUAs) are globally unique and routable on the IPv6 internet. These addresses are equivalent to public IPv4 addresses. A GUA has three parts: a global routing prefix, a subnet ID, and an interface ID. An IPv6 link-local address (LLA) enables a device to communicate with other IPv6-enabled devices on the same link and only on that link (subnet). Devices can obtain an LLA either statically or dynamically. GUA and LLA Static Configuration The Cisco IOS command to configure an IPv4 address on an interface is ip address ip-address subnet-mask. In contrast, the command to configure an IPv6 GUA on an interface is ipv6 address ipv6-address/prefix-length. Just as with IPv4, configuring static addresses on clients does not scale to larger environments. For this reason, most network administrators in an IPv6 network will enable dynamic assignment of IPv6 addresses. Configuring the LLA manually lets you create an address that is recognizable and easier to remember. Typically, it is only necessary to create recognizable LLAs on routers. LLAs can be configured manually using the ipv6 address ipv6-link- local-address link-local command. Dynamic Addressing for IPv6 GUAs A device obtains a GUA dynamically through ICMPv6 messages. IPv6 routers periodically send out ICMPv6 RA messages, every 200 seconds, to all IPv6-enabled devices on the network. An RA message will also be sent in response to a host sending an ICMPv6 RS message, which is a request for an RA message. The ICMPv6 RA message includes: network prefix and prefix length, default gateway address, and the DNS addresses and domain name. RA messages have three methods: SLAAC, SLAAC with a stateless DHCPv6 server, and stateful DHCPv6 (no SLAAC). With SLAAC, the client device uses the information in the RA message to create its own GUA because the message contains the prefix and the interface ID. With SLAAC with stateless DHCPv6 the RA message suggests devices use SLAAC to create their own IPv6 GUA, use the router LLA as the default gateway address, and use a stateless DHCPv6 server to obtain other necessary information. With stateful DHCPv6 the RA suggests that devices use the router LLA as the default gateway address, and the stateful DHCPv6 server to obtain a GUA, a DNS server address, domain name and all other necessary information. The interface ID can be created using the EUI-64 process or a randomly generated 64-bit number. The EUIs process uses the 48-bit Ethernet MAC address of the client and inserts another 16 bits in the middle of MAC address to create a 64-bit interface ID. Depending upon the operating system, a device may use a randomly generated interface ID. Dynamic Addressing for IPv6 LLAs All IPv6 devices must have an IPv6 LLA. An LLA can be configured manually or created dynamically. Operating systems, such as Windows, will typically use the same method for both a SLAAC-created GUA and a dynamically assigned LLA. Cisco routers automatically create an IPv6 LLA whenever a GUA is assigned to the interface. By default, Cisco IOS routers use EUI-64 to generate the Interface ID for all LLAs on IPv6 interfaces. For serial interfaces, the router will use the MAC address of an Ethernet interface. To make it easier to recognize and remember these addresses on routers, it is common to statically configure IPv6 LLAs on routers. To verify IPv6 address configuration use the following three commands: show ipv6 interface brief, show ipv6 route, and ping. IPv6 Multicast Addresses There are two types of IPv6 multicast addresses: well-known multicast addresses and solicited node multicast addresses. Assigned multicast addresses are reserved multicast addresses for predefined groups of devices. Well-known multicast addresses are assigned. Two commonIPv6 assigned multicast groups are: ff02::1 All-nodes multicast group and ff02::2 All-routers multicast group. A solicited-node multicast address is similar to the all-nodes multicast address. The advantage of a solicited-node multicast address is that it is mapped to a special Ethernet multicast address. Subnet an IPv6 Network IPv6 was designed with subnetting in mind. A separate subnet ID field in the IPv6 GUA is used to create subnets. The subnet ID field is the area between the Global Routing Prefix and the interface ID. The benefit of a 128-bit address is that it can support more than enough subnets and hosts per subnet for each network. Address conservation is not an issue. For example, if the global routing prefix is a /48, and using a typical 64 bits for the interface ID, this will create a 16-bit subnet ID: 16-bit subnet ID - Creates up to 65,536 subnets. 64-bit interface ID - Supports up to 18 quintillion host IPv6 addresses per subnet (i.e., 18,000,000,000,000,000,000). With over 65,536 subnets to choose from, the task of the network administrator becomes one of designing a logical scheme to address the network. Address conservation is not a concern when using IPv6. Similar to configuring IPv4, each router interface can be configured to be on a different IPv6 subnet.

Network Layer Review: IPv4 and IPv6 Protocols PDF

Document Details

Tags

Related

Summary

Full Transcript