-
Notifications
You must be signed in to change notification settings - Fork 1
/
mod1-07-p1.html
461 lines (427 loc) · 22.2 KB
/
mod1-07-p1.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Advanced Networking - Module 1 Chapter 7, Part 1 - IPv4 Addressing</title>
<meta name="description" content="Abilitante alle certificazioni Cisco CCENT e CCNA">
<meta name="author" content="Hacklab Cosenza">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<link rel="stylesheet" href="css/reveal.css">
<link rel="stylesheet" href="css/theme/hlcs.css" id="theme">
<!-- Code syntax highlighting -->
<link rel="stylesheet" href="lib/css/zenburn.css">
<!-- Printing and PDF exports -->
<script>
var link = document.createElement( 'link' );
var link = document.createElement( 'link' );
link.rel = 'stylesheet';
link.type = 'text/css';
link.href = window.location.search.match( /print-pdf/gi ) ? 'css/print/pdf.css' : 'css/print/paper.css';
document.getElementsByTagName( 'head' )[0].appendChild( link );
</script>
<!--[if lt IE 9]>
<script src="lib/js/html5shiv.js"></script>
<![endif]-->
</head>
<body>
<div class="reveal">
<!-- Any section element inside of this container is displayed as a slide -->
<div class="slides">
<section>
<h1>Advanced Networking</h1>
<h2>Routing & Switching:</h2>
<h2>Introduction to Networks</h2>
<h3>Chapter 7, Part 1: IPv4 Addressing</h3>
<small><a href="http://hlcs.it">Hacklab Cosenza</a> / Centro di Ricerca su Tecnologia e Innovazione</small>
</section>
<section>
<h2>Network & Host Part</h2>
<p>An <strong>IP address is hierarchical</strong>, and made by 2 parts: the <strong>network</strong> and the <strong>host</strong> part. The network part is <strong>used by each host to decide</strong> if the destination is in their local network or if it's remote.</p>
<p>So far we've simplified, by assuming that the first 3 decimals were the network part and the last one was the host part.</p>
<p>It could very well be that 172.16.2.4 and 172.18.58.9 belong in the same network (same network part)!</p>
<p>So how does the host know which is the network part of an address? Thanks to the <strong>binary representation</strong> of the address and the <strong>subnet mask</strong>.</p>
</section>
<section>
<h2>Subnet Mask</h2>
<p>The <em>network part</em> is the portion of the address <u>32-bit stream</u> that represents the network the address belongs to.</p>
<p>This leads to being <u>more difficult</u> trying to identify the network part <u>just by looking</u> at the decimal dotted notation.</p>
<p>To separate the bits belonging to the two parts in the 32 bits, we use the <strong>subnet mask</strong>, which is also 32 bit long and made of <strong>consecutive 1s, followed by consecutive 0s</strong>.
<p><u>The 1s represent the network part, the 0s the host part</u>.</p>
<p>An IP address always <strong>needs a subnet mask associated to it</strong>. The host does an operation called <em>bitwise AND</em> between the two to determine what the (sub)network is.</p>
</section>
<section>
<h2>Subnet Mask: Examples</h2>
<pre>
Address: 192.168.1.200 11000000.10101000.00000001. 11001000
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111. 00000000
=>
[---------NETWORK---------] [-HOST-]
Address: 192.168.1.200 11000000.10101000.00000001. 11001000</pre>
<hr>
<pre>
Address: 172.16.2.4 10101100.0001 0000.00000010.00000100
Netmask: 255.240.0.0 = 12 11111111.1111 0000.00000000.00000000
=>
[--NETWORK--] [--------HOST--------]
Address: 172.16.2.4 10101100.0001 0000.00000010.00000100</pre>
<hr>
<pre>
Address: 172.18.58.9 10101100.0001 0010.00111010.00001001
Netmask: 255.240.0.0 = 12 11111111.1111 0000.00000000.00000000
=>
[--NETWORK--] [--------HOST--------]
Address: 172.18.58.9 10101100.0001 0010.00111010.00001001</pre>
</section>
<section>
<section>
<h2>Subnet Mask Representations</h2>
<p>For convenience, <strong>the subnet mask can also be represented as dotted decimal</strong> and therefore looks like an IPv4 address.</p>
<p>The subnet mask <strong>doesn't contain the network park itself</strong>. It just provides the host with a way to figure it out.</p>
<p>Another, more compact way to express the subnet mask is through the <strong>prefix length</strong> (or <strong>network prefix</strong>) and the <em>slash notation</em>.</p>
<p><strong>Prefix length is the number of 1s in the subnet mask</strong>. We write the IP address, followed by a slash ("/") and then by the prefix length, as in 192.168.1.200/24.</p>
</section>
<section>
<small style="font-size: 0.43em;">
<table>
<tr>
<td><strong>Binary Mask</strong></td>
<td><strong>Prefix Length</strong></td>
<td><strong>Subnet Mask</strong></td>
</tr>
<tr>
<td><code>11111111 00000000 00000000 00000000</code></td>
<td><code>/8</code></td>
<td><code>255.0.0.0</code></td>
</tr>
<tr>
<td><code>11111111 10000000 00000000 00000000</code></td>
<td><code>/9</code></td>
<td><code>255.128.0.0</code></td>
</tr>
<tr>
<td><code>11111111 11000000 00000000 00000000</code></td>
<td><code>/10</code></td>
<td><code>255.192.0.0</code></td>
</tr>
<tr>
<td><code>11111111 11100000 00000000 00000000</code></td>
<td><code>/11</code></td>
<td><code>255.224.0.0</code></td>
</tr>
<tr>
<td><code>11111111 11110000 00000000 00000000</code></td>
<td><code>/12</code></td>
<td><code>255.240.0.0</code></td>
</tr>
<tr>
<td><code>11111111 11111000 00000000 00000000</code></td>
<td><code>/13</code></td>
<td><code>255.248.0.0</code></td>
</tr>
<tr>
<td><code>11111111 11111100 00000000 00000000</code></td>
<td><code>/14</code></td>
<td><code>255.252.0.0</code></td>
</tr>
<tr>
<td><code>11111111 11111110 00000000 00000000</code></td>
<td><code>/15</code></td>
<td><code>255.254.0.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 00000000 00000000</code></td>
<td><code>/16</code></td>
<td><code>255.255.0.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 10000000 00000000</code></td>
<td><code>/17</code></td>
<td><code>255.255.128.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11000000 00000000</code></td>
<td><code>/18</code></td>
<td><code>255.255.192.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11100000 00000000</code></td>
<td><code>/19</code></td>
<td><code>255.255.224.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11110000 00000000</code></td>
<td><code>/20</code></td>
<td><code>255.255.240.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111000 00000000</code></td>
<td><code>/21</code></td>
<td><code>255.255.248.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111100 00000000</code></td>
<td><code>/22</code></td>
<td><code>255.255.252.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111110 00000000</code></td>
<td><code>/23</code></td>
<td><code>255.255.254.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 00000000</code></td>
<td><code>/24</code></td>
<td><code>255.255.255.0</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 10000000</code></td>
<td><code>/25</code></td>
<td><code>255.255.255.128</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 11000000</code></td>
<td><code>/26</code></td>
<td><code>255.255.255.192</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 11100000</code></td>
<td><code>/27</code></td>
<td><code>255.255.255.224</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 11110000</code></td>
<td><code>/28</code></td>
<td><code>255.255.255.240</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 11111000</code></td>
<td><code>/29</code></td>
<td><code>255.255.255.248</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 11111100</code></td>
<td><code>/30</code></td>
<td><code>255.255.255.252</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 11111110</code></td>
<td><code>/31</code></td>
<td><code>255.255.255.254</code></td>
</tr>
<tr>
<td><code>11111111 11111111 11111111 11111111</code></td>
<td><code>/32</code></td>
<td><code>255.255.255.255</code></td>
</tr>
</table>
</small>
<!-- previously this table was an image
<img src="http://i.imgur.com/uOjEuMH.jpg">
-->
</section>
</section>
<section>
<section>
<h2>Network, Host, Broadcast Addresses</h2>
<p>Within the range of addresses belonging to an IPv4 (sub)network, we can identify 3 types:</p>
<ul>
<li><strong>Network Address</strong>: It's the first address in the range, because it's the one having all 0s in the host portion. It consists only of the network part, so <u>it's a standard way to refer to a network</u>.</li>
<li><strong>Broadcast Address</strong>: It's a special address that allows to reach every host in the network. It's the higher address in the range, because it consists of all 1s in the host portion.</li>
<li><strong>Host Address</strong>: It's any address between the network and the broadcast addresses. They can be assigned to hosts and must be unique. They contain any combination of 0 and 1 in the host portion, except for all-0s and all-1s.</li>
</ul>
</section>
<section>
<h2>Network, Host, Broadcast</h2>
<pre><code class="no-highlight" style="max-height: 350px;">:~$ # EXAMPLE 1
:~$ ipcalc 10.1.1.0/24
Address: 10.1.1.0 00001010.00000001.00000001. 00000000
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111. 00000000
=>
Network: 10.1.1.0/24 00001010.00000001.00000001. 00000000
HostMin: 10.1.1.1 00001010.00000001.00000001. 00000001
HostMax: 10.1.1.254 00001010.00000001.00000001. 11111110
Broadcast: 10.1.1.255 00001010.00000001.00000001. 11111111
Hosts/Net: 254
:~$ # EXAMPLE 2
:~$ ipcalc 172.18.0.0/16
Address: 172.18.0.0 10101100.00010010. 00000000.00000000
Netmask: 255.255.0.0 = 16 11111111.11111111. 00000000.00000000
=>
Network: 172.18.0.0/16 10101100.00010010. 00000000.00000000
HostMin: 172.18.0.1 10101100.00010010. 00000000.00000001
HostMax: 172.18.255.254 10101100.00010010. 11111111.11111110
Broadcast: 172.18.255.255 10101100.00010010. 11111111.11111111
Hosts/Net: 65534
:~$ # EXAMPLE 3
:~$ ipcalc 192.168.2.16/28
Address: 192.168.2.16 11000000.10101000.00000010.0001 0000
Netmask: 255.255.255.240 = 28 11111111.11111111.11111111.1111 0000
=>
Network: 192.168.2.16/28 11000000.10101000.00000010.0001 0000
HostMin: 192.168.2.17 11000000.10101000.00000010.0001 0001
HostMax: 192.168.2.30 11000000.10101000.00000010.0001 1110
Broadcast: 192.168.2.31 11000000.10101000.00000010.0001 1111
Hosts/Net: 14
:~$ # EXAMPLE 4
:~$ ipcalc 10.87.23.123/24
Address: 10.87.23.123 00001010.01010111.00010111. 01111011
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111. 00000000
=>
Network: 10.87.23.0/24 00001010.01010111.00010111. 00000000
HostMin: 10.87.23.1 00001010.01010111.00010111. 00000001
HostMax: 10.87.23.254 00001010.01010111.00010111. 11111110
Broadcast: 10.87.23.255 00001010.01010111.00010111. 11111111
Hosts/Net: 254</code></pre>
<ul>
<li><strong>First Host</strong>: all-0 in the host portion except for 1 at the far right.</li>
<li><strong>Last Host</strong>: all-1 in the host portion except for 0 at the far right.</li>
</ul>
</section>
</section>
<section>
<section>
<h2>IPv4 Address Assignment</h2>
<p>Any host on a IPv4 network needs <u>an IPv4 Address, a Subnet Mask and a default gateway</u> to fully operate. These parameters could be obtained <u>manually</u> or automatically.</p>
<ul>
<li><strong>Static Assignment</strong>: the network administrator manually enters the above parameters on a host. A <em>static</em> or <em>fixed</em> IPv4 address is useful when a host must be accessible on a known address, and can increase control on resources, but it really doesn't scale on big networks.</li>
</ul>
</section>
<section>
<h2>IPv4 Address Assignment</h2>
<p>Any host on a IPv4 network needs <u>an IPv4 Address, a Subnet Mask and a default gateway</u> to fully operate. These parameters could be obtained manually or <u>automatically</u>.</p>
<ul>
<li><strong>Dynamic Assignment</strong>: the host requests the above network parameters using the <strong>Dynamic Host Configuration Protocol (DHCP)</strong>. The address is <em>leased</em> to the host for a certain period of time, taken from a <em>pool</em> available on the DHCP server. It's the most used assignment method on large networks and those full of temporary users.</li>
</ul>
</section>
</section>
<section>
<h2>Unicast</h2>
<p>As we've seen, transmissions can be <strong>unicast, multicast or broadcast</strong> depending on those who will receive and process the content. IPv4 networks have all these 3 types.</p>
<p><strong>Unicast</strong> is used for normal host-to-host communication in a client/server of P2P fashion.</p>
<p>Host addresses that are source and destination addresses of a unicast transmission are considered <em>unicast addresses</em>.</p>
<p>The IPv4 range for unicast addresses is 0.0.0.0 - 223.255.255.255, but inside there are many reserved subranges.</p>
<p><strong>Unicast packets can be routed</strong> throughout networks.</p>
</section>
<section>
<section>
<h2>Broadcast</h2>
<p>Using the broadcast address of the network, it is possibile to send packets to all its hosts (the <strong><em>broadcast domain</em></strong>).</p>
<p>Each hosts will process the packet like it was sent to its unicast address, so <strong>the broadcast address is an address that is "common" to every host on the network</strong>.</p>
<p><strong>Broadcast packets are not routed by default</strong>, and stay confined in the local network. This means routers define the boundaries of the <em>broadcast domain</em>.</p>
</section>
<section>
<h2>Directed vs Limited Broadcast</h2>
<ul>
<li><strong>Directed Broadcast</strong>: a broadcast sent to <u>all hosts on a specific network</u>, either local or remote.</li>
<ul>
<li>It's dangerous to allow sending broadcast to any remote network.</li>
<li>Cisco routers don't enable directed broadcast forwarding by default. Linux doesn't support it.</li>
<li>The destination address used for directed broadcast is the <strong>network's broadcast address</strong>.</li>
</ul>
<li><strong>Limited Broadcast</strong>: intended for communication with every host on the local network only. <u>Routers never forward them</u>. </li>
<ul>
<li>It uses the special broadcast address <strong>255.255.255.255</strong> as destination address.</li>
</ul>
</ul>
</section>
</section>
<section>
<section>
<h2>Multicast</h2>
<p>With multicast transmission, <strong>an host can communicate with any subset of hosts</strong> without having to send multiple unicast packets or overreaching with a broadcast packet.</p>
<p>Hosts interested in participating in a multicast communications joins the <strong>multicast group</strong>, and then the multicast protocols will ensure packet flows to all subscribing hosts.</p>
<p>Multicast groups are represented by IPv4 addresses.</p>
</section>
<section>
<h2>Multicast</h2>
<ul>
<li><strong>Link-Local multicast</strong> [224.0.0.0/24]: to be used for multicast in a local network, never to be forwarded by routers.</li>
<li><strong>Globally scoped multicast</strong> [224.0.1.0 - 238.255.255.255]: to be used for multicasting across the Internet.</li>
<li><strong>Administratively scoped multicast</strong> [239.0.0.0/8]: for multicasting within a certain organization's boundaries.</li>
</ul>
</section>
</section>
<section>
<section>
<h2>Public vs Private IPv4 Addresses</h2>
<p>A <strong>public IPv4 address</strong> is a unicast address that is <strong>routable on the Internet</strong>. This means it can be a source or destination address of a packet appearing on the public Internet and can be included in the routing table of Internet routers.</p>
<p><strong>RFC 1918</strong> defines 3 ranges of IPv4 addresses that are not meant to be Internet routable, and are therefore referred to as <strong>private</strong>.</p>
<ul>
<li><strong>10.0.0.0/8</strong> - from 10.0.0.0 to 10.255.255.255</li>
<li><strong>172.16.0.0/12</strong> - from 172.16.0.0 to 172.31.255.255</li>
<li><strong>192.168.0.0/16</strong> - from 192.168.0.0 to 192.168.255.255</li>
</ul>
</section>
<section>
<h2>Private IPv4 Addresses</h2>
<p>Unlike public addresses, these are <strong>not meant to be globally unique</strong>, but they must be within each private networks.</p>
<p>Packets from private networks <strong>must be blocked or NATted</strong> by perimeter routers before reaching the Internet.</p>
</section>
</section>
<section>
<section>
<h2>Classful Addressing</h2>
<img src="http://i.imgur.com/fQAqxLy.jpg">
</section>
<section>
<h2>Classful Addressing</h2>
<p>The RFC 1700 divides the unicast ranges into classes, specified in terms of network size and assigned specific IP blocks. </p>
<p><strong>Classful addressing</strong> refers to the (legacy) practice of assigning an entire network from one of this pre-defined classes.</p>
</section>
<section>
<h2>Classful Addressing</h2>
<ul>
<li><strong>Class A</strong> [0.0.0.0/8 to 127.0.0.0/8]: designed for enormous networks, it divided 50% of the IPv4 space into 128 /8 networks supporting up to 16 mln hosts.</li>
<li><strong>Class B</strong> [128.0.0.0/16 to 191.255.0.0/16]: designed for medium and large networks, 25% of the space was divided into 16000 /16 networks supporting up to 65000 hosts.</li>
<li><strong>Class C</strong> [192.0.0.0/24 to 233.255.255.0/24]: designed for small networks, 12.5% of the total IPv4 space splitted into 2+ mln networks of up 254 hosts.</li>
</ul>
</section>
</section>
<section>
<h2>Classless Addressing</h2>
<p>Classful addressing was <strong>highly inefficient</strong>, leading to many wasted addresses, so it was progressively abandoned.</p>
<p><strong>Classless addressing</strong>, also known as <strong>Classless Inter-Domain Routing (CIDR)</strong>, allows to allocate address ranges from the public space with prefix lengths other than /8, /16 or /24.</p>
<p>The various blocks of <strong>available public IPv4 addresses are assigned by the IANA, who delegates Regional Internet Registries</strong> to manage assignments in different areas.</p>
<p>IP addresses are allocated to ISPs by the RIRs. Most "final users" (companies, organizations, inviduals) <em>borrow</em> their Internet addresses from the ISP as part of some service.</p>
</section>
<section>
<h2>Special IPv4 Addresses</h2>
<ul>
<li><strong>Network</strong> and <strong>Broadcast</strong> addresses</li>
<li><strong>Loopback</strong> - Useful for TCP/IP testing. Every 127.0.0.0/8 address will loop back to the local host Network Layer.</li>
<li><strong>Link-Local</strong> - Addresses in the 169.254.0.0/16 could be <strong>automatically assigned when no IPv4 configuration is available</strong> (e.g. when a DHCP server doesn't respond).</li>
<li><strong>TEST-NET</strong> - Block 192.0.2.0/24 is reserved for use in documentation, classes, etc, to provide examples.</li>
<li><strong>Experimental</strong> - Reserved address block from 240.0.0.0 to 255.255.255.254, listed by RFC3330 for <strong>future use</strong>.</li>
</ul>
<p>All these addresses <u>must never appear on the public Internet</u>.</p>
</section>
<section>
<h1>End of Lesson</h1>
</section>
</div>
</div>
<script src="lib/js/head.min.js"></script>
<script src="js/reveal.js"></script>
<script>
// More info https://github.com/hakimel/reveal.js#configuration
Reveal.initialize({
controls: true,
progress: true,
history: true,
center: true,
transition: 'slide', // none/fade/slide/convex/concave/zoom
// More info https://github.com/hakimel/reveal.js#dependencies
dependencies: [
{ src: 'lib/js/classList.js', condition: function() { return !document.body.classList; } },
{ src: 'plugin/markdown/marked.js', condition: function() { return !!document.querySelector( '[data-markdown]' ); } },
{ src: 'plugin/markdown/markdown.js', condition: function() { return !!document.querySelector( '[data-markdown]' ); } },
{ src: 'plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } },
{ src: 'plugin/zoom-js/zoom.js', async: true },
{ src: 'plugin/notes/notes.js', async: true }
]
});
</script>
</body>
</html>