Network+

Explore

1.0 Networking Fundamentals

1.4 Given a Scenario, configure a subnet and use appropriate IP addressing schemes

Makiel [Muh-Keel]

Last edited 413 days ago by Makiel [Muh-Keel]

Public vs Private

Public IP addresses are often layered over private IP addresses in an attempt to add some security; by not including the actual internal private ip address.

It does this by using NAT (Network Address Translation); which takes the private IP address and converts them into usable visible public ip addresses

IPv4

IPv4 is the current protocol standard currently being used

Every IPv4 version network has an IP address; it’s a set of 4-octet numbers that uniquely identifies the location of a device on a network

Ex. 192.168.40.10

Every IPv4 version network will have a Subnet Mask; a number used in conjunction with an IP address so your device knows what IP subnet it’s on.

Important when you have to route data outside of your local network and need to send info to your default gateway; if your PC doesn’t know what subnet it’s on, it doesn’t know what information to communicate locally or what information to be sent to your default gateway (outside of your LAN → External WAN)

Ex. 255.255.255.0

Every IPv4 version network will have a Default Gateway; an IP address that is used to identify the router for when you need to send data outside of your local network (subnet).

Used for sending data outside of your local LAN (network)(subnet) and into a bigger WAN.

Default Gateway must have an IP address that’s on the local subnet. This is why you’ll see the Default Gateway being almost identical to a normal IP address that’s on the network; always ending in (.1).

Ex. IP address: 192.168.12.3 — Subnet Mask: 255.255.255.0 — Default Gateway: 192.168.12.1

IP Address Diagram

⁠

Special IP addresses

Some IP addresses are reserved for special purposes, so network administrators can’t ever assign them to hosts.

Loopback Address

127.0.0.1 is reserved for loopback tests, which sends a traffic back to your local machine to verify the TCP/IP stack still works; it does this all without generating network traffic

Getting a response back means that your TCP/IP stack is working locally, while not response means there’s something wrong with your TCP/IP stack.

Reserved

240.0.0.1 through 254.255.255.254 ; block of Class E addresses that have been reserved for future use or testing

No one will use any address in this range on anything production.

Private IP Address

These addresses can be used on a private internal network, but they’re not routable through the Internet; This is designed for the purpose of creating a measure of much-needed security, but it also saves some IP address space.

If every host on a network had to have real routable IP addresses, we would have run out of available IP addresses to hand out years ago.

This is accomplished by using NAT (Network Address Translation) to convert private IP addresses to public IP addresses; in fact multiple devices in the same private network can use the same public IP address!

The Router does all of the heavy work when it comes to NAT, it does all of the IP address conversions and reconversions.

SNAT (Source Network Address Translation) is a type of Network Address Translation that allows traffic from a private network to go out to the internet.

it allows traffic from a private network to go out to the internet. Virtual machines launched on a private network can get to the internet by going through a gateway capable of performing SNAT

Image of NAT

⁠

Image of Multiple NATs happening simultaneously

⁠

Port Address Translation uses a table in the router to keep track of all the conversions

⁠

Classes of Private IP Addresses

⁠

Public IP Address

Public IP Addresses are used in NAT to to convert private IP addresses to public IP addresses. Multiple private IPs can be masked under one Public IP address.

Image of Public IP address ranges

⁠

Virtual IP Address (VIP)

When a public IP address is substituted for the actual private IP address that has been assigned to the network by the network admin/engineer, the public IP address becomes an example of what is called a Virtual IP address

Always used with Network Address Translation

Meaning a Virtual IP doesn’t actually have a physical network interface; commonly used with VMs, and sometimes used for assigning an IP address to routers so there’s always a static IP address that you can reference for a certain Router.

Ex. Network Address Translation uses VIPs, VIPs are also used by servers. For example, multiple web servers may share the same IP address, allowing them to distribute requests across multiple machines. This is useful for load balancing and redundancy, A "high availability" server, for instance, may have a single IP address shared by two separate computers.

Image

⁠

APIPA

APIPA, or Automatic Private IP Addressing can automatically self-configure an IP address and subnet mask, which is the minimum information needed for hosts to communicate when a DHCP server isn’t available; It can be thought of as a DHCP Failover scheme or DHCP Backup.

Becomes problematic because only APIPA addresses can communicate with other APIPA addresses. They can’t communicate with any IP address that are statically configured (Like Default Gateways!). Basically, APIPA addresses can’t communicate with the internet.

If you’re in a corporate network that uses a DHCP server and see one of your devices have an APIPA address, then that means that your DHCP information assigned to a host is not working or the DHCP server itself is down or can’t be reached.

Can’t connect to the internet with an APIPA address either; If you users cannot communicate to the internet and their IP address falls into the APIPA range, the DHCP server is likely the issue.

Range

⁠

Network Addressing

The Network Address — also called the network number — uniquely identifies each network.

Every machine on the same network shares that network address as apart of its IP address.

In the IP address 172.16.30.56, the numbers 172.16 identifies what network it’s on.

The Host Address is assigned to each host on the network and uniquely identifies each device on a network.

This part of the address must be unique because it identifies a particular device — an individual host — as opposed to a network, which is a group.

In the IP address 172.16.30.56, the 30.56 is the unique host address for a particular device.

The designers of the network decided to also create classes of networks based on network size.

Class A Network

For a small number of networks that have a very large number of hosts connected.

Class B Network

Right in the middle for networks that have a medium number of networks and a medium number of hosts connecting.

Class C Network

The other end of the spectrum for a large number of networks that have a small number of hosts connected.

Image

⁠

IPv4 Address Types

Unicast

Unicast means that one device is sending information directly to one device; it represents one-to-one conversation or data being sent from a single device to another device

Horrible at video streaming due to the obvious nature of multiple watching a single video

Image

⁠

Image#2

⁠

Broadcast

communication type that’s meant to reach all hosts on a domain all at once; One device sends one packet to everyone on the network (domain).

Limited to a local broadcast domain; used in IPv4 extensively.

Image

⁠

Image#2

⁠

Multicast

Communication method that enables multiple recipients to receive messages without flooding the messages to all hosts on a broadcast domain, copies of data are sent only to hosts that are interested in receiving one.

One-to-Many; most of the used for multimedia applications

This doesn’t scale well when increasing the size of the network.

Image

⁠

Image#2

⁠

Anycast

Communication method that will deliver the data packet to the closet host it can find; determines the destination of a packet based on routing distance.

One-to-One-Many; Any cast only delivers to one host, the host that’s closet in proximity.

Great for when you have to make a routing decision based on geographic location; used in IPv4 & IPv6

Image

⁠

Image#2

⁠

EUI-64 (Extended Unique Identifier-64)

A method we can use to automatically configure IPv6 host addresses. An IPv6 device will use the MAC address of its interface to generate a unique 64-bit interface ID.

IPv4 Subnetting

What is subnetting?

Subnetting is used to take one network range and create six networks from it; basically you are taking one larger network and breaking it into a bunch of smaller networks.

Why use Subnetting?

Reduced Network Traffic.

Subnetting divides broadcast domains so traffic is routed efficiently, thus improving speed and network performance.

Subnet mask makes sure traffic stays within its designated subnet, reducing major congestion and reduces the load across the network.

Optimized Network Performance.

Reducing network traffic will cause the whole network to run more efficiently and smoothly.

Instead of everything being all bogged up, subnetting divides broadcast domains so traffic can be routed efficiently.

Simplified Management.

It’s easier to identify and isolate network problems in a group of smaller connected networks than within one gigantic network.

Facilitated Spanning of Large Geographical Distances.

Because WAN links are considerably slower and more expensive than LAN links, a single network that spans long distances can create problems in every area imaginable.

Connecting multiple smaller networks makes the system more efficient.

The creation of a Subnet?

Construction of a subnet

⁠

Example.

⁠

What is a Subnet Mask?

32-bit value that allows the recipient of IP packets to distinguish the network ID portion of the IP address from the host ID portion of the IP address.

Subnet Mask will always be a continuous set of 1s on the left, and a continuous set of 0s on the right.

Image of Binary

⁠

Classful Subnetting

Image

⁠

Not very efficient

IPv6

The number of people and devices that connect to networks is increasing day-by-day! Because of this, IPv4 will eventually run out of ip addresses to use. No more ip addresses means no more internet connectivity!

Incoming.... IPv6 to the rescue!

IPv6 addresses uses DNS to recognize a device because the number notations are so long.

“The Next-Generation Internet Protocol”, originally created to be a valid replacement for IPv4 due to the ever looming IPv4 IP address shortage.

IPv6 Address

⁠

IPv6 Address Breakdown

Building an IPv6 address to a EUI-64 address.

The 1st part of your IPv6 address is associated with your IPv6 subnet prefix.

The 2nd part of your IPv6 address is the section of the MAC address, also called the first 3-bytes.

The 3rd part of your IPv6 address is the characters ff:fe.

The 4th & Final part of your IPv6 address is the last part of the MAC address, also called the last 3-bytes.

Building IPv6 addresses this way makes sure the address is uniquely identical thanks to the inclusion of the MAC address.

Flipping the 7th Bit

Method that makes converting a MAC address to an EUI-64 a lot faster; you can use a number/letter chart to make the conversions.

Image

⁠

Image#2

⁠

Image#3

⁠

IPv6 addresses are written in Hexadecimal

⁠

IPv6 Address Compression

Groups of zeros can be abbreviated with a double colon (::)

Only one of these abbreviations allowed per address.

Leading Zeros are optimal.

Ex.

⁠

IPv6 Configurations

Tunneling Configurations

6to4 Tunneling

Really useful for carrying IPv6 packets over a network that’s still running IPv4; It’s quite possible that you’ll have IPv6 subnets or other portions of your network that are all IPv6 and they’ll have to communicate with IPv4.

Using 6to4 tunneling will allow you to carry IPv6 traffic across a IPv4 network, but if there is a NAT translation point, this would absolutely break the tunnel encapsulation because NAT does not support 6to4 tunneling or 4to6 tunneling.

Image

⁠

4to6 Tunneling

Opposite of 6to4 tunneling, meaning your whole business network is IPv4 but you’re traveling across an IPv6-only Internet to get to another IPv4 network. Honestly, not too common on today’s networks. Yet!

Teredo

A work around created so any 6to4 tunneling or 4to6 tunneling can still occur even though there is a NAT translation point on the network; It’s Windows-Based.

It allows all the tunnel traffic to be placed in UDP packets because NAT recognizes UDP packets.

You don’t need any special router or relay system and is designed to be a temporary form of communication

Miredo

Same thing as Teredo, but Miredo is open source meaning it can be used on MAC, Linux, and BSD Unix.

Dual Stacking

The most common type of migration strategy because it’s the most easiest. It allows our devices to communicate using either IPv4 or IPv6; Transition method from IPv4 to IPv6 that runs both of them at the same time.

Dual stacking lets you upgrade your devices and applications on the network one at a time. As more and more hosts and devices on the network are upgraded, more of your communication will happen over IPv6.

Once the migration is complete, everything’s running on IPv6 and you get to remove all the old IPv4 protocol stacks you no longer need.

Image

⁠

Finding Neighboring Device MAC addresses + Routers, while autoconfiguring the Network

IPv6 does not have ARP (Address Resolution Protocol), so it needs to uses Neighbor Discovery Protocol (NDP) to do so.

Neighbor Discovering Protocol (NDP) uses neighbor solicitation and neighbor advertisements to learn the MAC address of devices on the network; after learning the MAC address of the nearby device it will store it in a table.

It replaces IPv4’s ARP

It does the same thing to find Routers on a network. It does this by sending out RS (Router Solicitations) and RAs (Router Advertisements) to discover them.

Image of NDP being used to discover a MAC address

⁠

Image of NDP being used to discover a Router

⁠

SLAAC, or (Stateless Address Autoconfiguration) is used to automatically assign static IP addresses without the use of a DHCP server.

Duplicate Address Detection, or DAD is used to make sure there is no duplicate IPv6 addresses. It’s used in conjunction with SLAAC to make sure they’re aren’t any duplicate IP addresses being automatically assigned on the network.

Built-In Features

IPSec

Mobility

Unicast or Anycast

IPv6 Subnetting

⁠

Classless Inter-Domain Routing (CIDR) Notation

Virtual IP (VIP)

Subinterfaces

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.