CCNP Exam Cram: Extending IP Addresses
Terms you'll need to understand:
- CIDR
- IETF
- ip helper
- ip subnet-zero
- IPv6
- Prefix length
- Route summarization
- Supernetting
- Variable-length subnet masking (VLSM)
Techniques you'll need to master:
- Reviewing the IP subnetting process
- Understanding the formulas for calculating subnets and hosts
- Implementing CIDR addressing or supernetting
- Expressing various networks and subnets with their CIDR representations
- Using VLSM to extend an IP address scheme
- Deploying route summarization techniques
- Configuring the ip helper command for controlled broadcasts
The Internet Engineering Task Force (IETF) is a governing body that consists of more than 80 groups working together to develop Internet standards. The Internet Protocol (IP) is the primary Layer 3 protocol used to encapsulate data in the Internet suite. In addition to being routable, IP provides error coverage, fragmentation, and reassembly of datagrams for transmission over networks with different maximum data unit sizes. The IETF first defined a globally unique, 32-bit number for IP addressing in 1981. These globally unique logical addresses enable IP networks to communicate with each other from anywhere in the world.
Due to the global and somewhat random allocation of this finite pool of addresses (232), the Network Information Center (InterNIC) has run out of address space. In addition, approximately 5,000 routes were using the Internet in 1990. By the end of the millennium, more than 72,000 routes existed on the Internet, and today there are easily more than 100,000. The sizes of routing tables have been growing seemingly exponentially. This chapter focuses on some of the solutions and mechanisms the Cisco professional is expected to know to help decrease the routing table size as well as create a more hierarchical addressing scheme.
Review of TCP/IP Subnetting
Because the Cisco Certified Network Associate (CCNA) should already have in-depth knowledge of IP addressing, this section is merely a brief refresher course. An IP address is divided into three sections. The first part represents the network address, the second part represents the subnet address (if applicable), and the third part is the actual host address on the major network or subnetwork. Five IP address classes are defined by the IETF. You can determine which class any IP address is in by examining the first four bits of the IP address, or you can simply memorize the values in Table 3.1. Most of the public Class A, B, and C addresses have been assigned, although some ranges are still available for a price. Class D addresses are used by many vendors and organizations, including Cisco, for multicasting. Class E addresses are reserved for future use, so these should not be used for host addresses.
Table 3.1 The Decimal Equivalents of the First Octet of Each Address Class
Address Class |
Starting Bit |
First Octet Address As Decimal |
Default Subnet Mask |
A |
0 |
1126 |
255.0.0.0 |
B |
10 |
128191 |
255.255.0.0 |
C |
110 |
192223 |
255.255.255.0 |
D |
1110 |
224239 |
255.255.255.240 |
E |
1111 |
240255 |
Reserved |
Notice that the number 127 is missing from this table. Addresses beginning with 01111111 (or decimal 127) in the first octet are reserved for loopback and internal testing on a local computer, as in the following command:
RouterA#ping 127.0.0.1
In addition, three IP network addresses are reserved for private internal networking as defined in RFC 1918. These addresses are 10.0.0.010.255. 255.255, 172.16.0.0172.16.255.255, and 192.168.0.0192.168.255.255. They are commonly used for internal IP networks, such as labs, classrooms, or home networks.
Private addresses are also used behind a network address translation service or a proxy server/router. You can safely use these addresses because routers on the Internet are configured to route these packets to the bit bucket (interface null0) and will never forward packets coming from these addresses. The main purpose of the private addressing scheme is to preserve the globally unique Internet address space by using it only where it is necessary. The immediate benefit of network address translation (NAT) is the temporary resolution of the IP address depletion problem for networks that need access to the Internet. Cisco IOS NAT eliminates issues and bureaucratic delays related to acquiring NIC-registered IP addresses by dynamically translating (mapping) hidden internal addresses to a range of Class C addresses, which are plentiful as compared to Class B addresses. A second benefit is that if a site already has registered IP addresses for its internal LAN clients, it can to hide them for security purposes. Thirdly, Cisco IOS NAT gives you total control over your internal addressing scheme, which is derived from the IANA-reserved address pool. In addition, you can use a non-routable solution on your internal LAN and hide it from the outside routable protocol solutions. A final advantage is that this mapping can take place within your organization without it being affected by address changes at the interface between your LAN and the Internet.
The NAT service functions on a router that links two networks together. One network is specified as inside and utilizes private (or obsolete) addresses that are translated into legal addresses before the packets are sent onto another network, which is designated as outside. The outside network is generally an Internet service provider (ISP) or other vendor. This translation works in parallel with the usual routing process, and NAT services can simply be enabled on the ISP customer's Internet access router as necessary. NAT can transport any TCP/UDP traffic that does not carry source and/or destination IP addresses in the application data stream. Individual interfaces are configured and tagged as to whether they are on the inside or the outside. Only the packets that arrive on the NAT tagged interface are subject to translation services. The following syntax shows the basic configuration of an interface:
Router(config-if)# ip nat { inside | outside }
For more information on NAT, refer to the "Need to Know More?" section at the end of this chapter.
Another structural addressing mechanism is the process of dividing major networks into smaller components called subnetworks, or subnets, by "borrowing" from the remaining host bits to create a subnet field. As an administrator, you can segment a network into subnetworks for the purpose of developing a multi-level, hierarchical routing design.
For example, if a network is assigned a Class B address of 172.16.0.0, the administrator can subdivide this one Class B network into smaller subnets by borrowing from the 16 remaining bits of the host portion to create a subnet field. If the network administrator decides to borrow 8 bits for subnetting, the entire third octet of a Class B IP address provides the subnet number. In our example, an address of 172.16.1.1 refers to major network 172.16, subnet 1 (of a possible 256), and a host address 1 (of a possible 254). Remember that the first available host number (0) is the actual network and the last possible host address (255) is the mandatory broadcast address for the network.
Formula for Available Subnets
For years, textbooks and courses have taught the subnetting formula of 2n 2 available subnets and 2n 2 available hosts. After you subnet a network address, the first obtained subnet is called subnet zero and the last subnet obtained is called the all-ones subnet. Historically, it was recommended that subnet zero and the all-ones subnet be avoided for addressing. According to RFC 950, "It is useful to preserve and extend the interpretation of these special (network and broadcast) addresses in subnetted networks. This means the values of all zeros and all ones in the subnet field should not be assigned to actual (physical) subnets." Technically speaking, the all-ones subnet has always been legal according to RFC 1918, and subnet zero is enabled by default on all Cisco routers and specifically declared in the configuration in a Cisco IOS release of 12.0 and later. For example, the following is an example of a configuration on the Cisco 2620XM router:
Building configuration Current configuration : 566 bytes ! version 12.0 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname RouterXM ! !
ip subnet-zero
The number of bits that can be borrowed for the subnet address varies. For instance, the subnet mask that specifies 8 additional bits of subnetting for a Class B address is 255.255.255.0 instead of the default 255.255.0.0. In similar fashion, the subnet mask that specifies 16 bits of subnetting for a Class A address is 255.255.255.0.
NOTE
To determine the total number of hosts available for your network class and subnet mask, simply multiply the number of subnets by the number of available host nodes. Also, note that, although allowed, subnet masks with noncontiguous mask bits are not recommended.
Many complete subnet tables are available for Class A, Class B, and Class C networks on the Internet. These tables show all the possible subnet masks for each class and calculations of the number of networks, nodes, and total hosts for each subnet.