Major Nets and Subnet Masks
Every major net has two fields the network field, which uniquely identities the major net, and the host field, which uniquely identifies hosts within the major net. Figure 1-1 illustrates the number of bits in the network and host fields for each class. As mentioned in the previous section, subnetting is the process of dividing a major net into smaller and generally more useful subnets. This is accomplished by stealing some bits from the host field of the major net and using those bits to...
Classful Subnetting An Example
The best way to get familiar with subnetting is to practice. Consider the following example that subnets major net 192.168.1.0 by stealing three bits from the host field to make a three-bit subnet field as shown in Example 1-1. Example 1-1 Subnetting a Class C. Major Net with a Three-Bit Subnet Mask Length of original host field 8 bits from Figure 1-1 Number of host bits to steal for subnet field 3 bits Number of host bits remaining after subnetting 8-3 5 bits Major net in binary 1100 0000.1010...
Calculating the Number of Host Addresses in a Subnet
Calculating the number of hosts that can be addressed per subnet is not difficult. Each bit position can be either a one or a zero, so starting with one bit, there are two possible combinations. The number of possible combinations doubles each time you add an additional bit. Two bits yields four combinations, three bits yields eight combinations, four bits yields 16 combinations, and so on. The formula for the number of combinations is 2, where n is the number of bits in the field. Example I -1...
Finding Subnet Information Given a Host Address and the Mask
Given a host address and the subnet mask, you can determine the subnet on which that host lives. This is another common exercise and is useful anytime you need to track the subnet number for a host in a routing table, for example . Suppose you are given the following host address and subnet mask To start the process, convert the host address and mask to binary and write the mask below the host address for clarity, the host field bits are printed in boldface here 172.16.9.136...
Using SubnetZero to Get Around the Rules
Keeping in mind the caveats listed in the preceding section, you can configure Cisco routers to use the bottom subnet so that you gain one more subnet out of your subnetting efforts. To enable the use of the bottom subnet, use the ip subnet-zero global command If you forget to configure this, the router will complain when it comes time to assign an address to an interface. The following is an attempt to configure an interface with an address from a bottom subnet on a router without the ip...
Subnetting with Variable Length Subnet Masks
With Variable Length Subnet Masks VLSMs , you carve an address space such as a major net with masks of varying lengths to design subnets of different sizes. This allows you to deploy subnets that are appropriate in size to the number of hosts you need to support in a given part of the network. As a result, you can gain efficient consumption of your address space and depending on how you deploy the addresses flexibility in the future as you adjust the size of each subnet to handle growth. NOTE...
Using VLSM for Address Space Efficiency An Example
Suppose Widget, Inc., asks you to subnet one of its class C major nets and tells you it needs the following Two subnets that can support at least 60 hosts Four subnets that can support at least 10 hosts As many subnets as possible that can support two hosts The subnets are needed to support some new additions to its network, as summarized in Table 1-3. Table 1 -3 Subnets Needed by Widget, Inc. Table 1 -3 Subnets Needed by Widget, Inc. As many us possible use the remaining space First, you...
Final VLSM Results for Widget Inc
After the third round of subnetting, you cannot use VLSM to subnet any further a two-host subnet is the smallest you can make. The totals from all three rounds are listed in Table 1-9. Table 1 -9 Final Results of Subnetting for Widget, Inc. Table 1 -9 Final Results of Subnetting for Widget, Inc. The VLSM process yields a total of 20 deployable subnets of three different sizes and meets the NOTE RFC 1219 describes a VLSM subnetting strategyjhat allows subnets to grow in size after they are...
Overview of Classless Addressing
Classless addressing described in RFC 1519 abolishes the idea of traditional classes A, B. and C major nets and the notion of a subnet field. Subnets and major nets do not exist in a classless world instead, there is only a network prefix and a host field. Figure I-7 describes the difference between classful and classless addressing. Figure 1-7 Classful Versus Classless Addressing The length of the network prefix is determined by a prefix mask. The prefix mask is a contiguous series of ones...
Using VLSM Techniques with Classless Addressing
Classless addressing doesn't stop there. You can also break up the space any way you choose by using the same techniques of VLSM. It's now called variable length network prefixes however, the term VLSM is still commonly used, semantics aside . Remember, there are no more subnets by the true definition of the word because there is no subnet field only a network prefix and its prefix mask. This means there's 110 such thing as a top or bottom subnet, so in using the techniques of VLSM, you can use...
Routing Protocols and Classless Addressing
Having waded through all the theory and binary, consider routing protocols for a moment. To reap the benefits of classless addressing such as supernetting , you must use a routing protocol that supports classless addressing perhaps OSPF, EIGRP, or Border Gateway Protocol BGP . These classless protocols carry both network prefixes and their corresponding prefix masks in routing updates. RIP and 1GRP, on the other hand, do not support classless addressing. RIP and 1GRP also do not support...
Planning for Address Summarization
In a classless world, address summarization also called aggregation allows a router to consolidate multiple network prefixes into a single, less specific prefix. Example 1-2 in this chapter uses a single prefix 192.168.4.0 22 to summarize the address space of four prefixes that resemble class C addresses 192.168.4.0 24, 192.168.5.0 24, 192.168.6.0 24, and 192.168.7.0 24 . A router can view the address block as the four 24 prefixes or as the single HI prefix it's the same address space, but...
Conserving Subnets with IP Unnumbered
typically, a link between two routers requires a subnet. With classful routing protocols, such as RIP, this is problematic because you waste a multihost subnet for just two routers. Better solutions are to use VLSM and create small, two-host subnets 255.255.255.252 or 30 subnet mask or to use the IOS unnumbered feature. With IP unnumbered, you can save substantial address space by deploying router links without assigned subnets. This feature is applicable to point-to-point networks between...
Scaling the Address Space with Network Address Translation
With Network Address Translation NAT , you can expand your IP address space by deploying so-called private addresses and translating them into publicly registered addresses. NAT can be a viable option in slowing address space depletion, and using it might be more feasible than redesigning the network with VLSM or obtaining new public addresses with your ISP or Internet registry American Registry for Internet Numbers, if you are in North or South Ajnerica . Private addresses are blocks of the IP...
Translating Private Addresses into Public Addresses
Cisco routers can dynamically translate private addresses into public addresses, allowing hosts with private addresses to communicate with hosts on the Internet without modification. That is, the privately addressed hosts can function as if they are connected to the Internet. You can configure a router to maintain a pool of public addresses that is smaller than the population of privately addressed hosts. The router then manages the pool and dynamically translates private addresses into public...
Configuring NAT
Consider the following NAT configuration for Router C of Figure 1-11 for brevity, only the NAT-specific lines are listed ip nat pool mypool 171.69.10.1 171.69.10.254 prefix-length 24 ip nat inside source list 2 pool mypool overload I interface Ethernet ip nat inside 1 access-list 2 permit 192.168.1.0 0.0.0.255 The line ip nat pool mypool 171.69.10.1 171.69.10.254 pretix-length 24 creates the pool of addresses for NAT the inside global addresses. This pool contains 254 addresses, from...
Creating a Pool of Discontiguous Addresses
You might need to exclude some addresses from a pool of inside global addresses for static addresses assigned to hosts or routers, for example . The following example configuration creates a pool of discontiguous addresses 2509 config ip nat pool testpool prefix-length 24 2509 config ipnat-pool address 171.69.1.1 171.69.1.4 2509 conf ig ipnat- pool address 171.69.1.6 171.69.1.10 2509 config ipnat- pool exit The preceding commands create a pool called tcstpool that contains addresses 171.69.1.1...
Configuring Static NAT
You can configure some private addresses for static translation, such that they are always translated by using the same public IF address. This could be useful for a privately addressed host that has to be reachable from the Internet with a public address that remains constant. Here is an example configuration of static translation 2509 config ip nat inside source static 192.168.1.2 171.69.5.2 The preceding command configures a static translation for a private host 192.168.1.2 . NAT will...
Applications and NAT
For most traffic. NAT only changes the source and destination addresses in the IP header and does not inspect or modify the data payload contained in the packet. Therefore, applications that carry source or destination IP addresses in the payload of the packet might fail to work because the IP header will be changed by NAT but the payload will be left unchanged. Aware that this could be a problem, Cisco has made and continues to make enhancements to NAT so it can inspect data payloads and...
More Important Points on NAT
The following are some additional notes on NAT of which you should be aware If no available addresses exist in the NAT pool because all are in use, NAT is not able to support any more translations, in this situation, the router drops fill packets it cannot transjate and sends an Internet Control Message Protocol ICMP Host Unreachable message back to the privately addressed host. To remedy this, you can try one or more of the following measures Increase the size of the NAT pool. Decrease the NAT...
Filtering Routing Updates
Route filters give you granular control over the routes sent and received by your router. Unlike the passive-interface command that blocks all routes sent out an interface, a route filter can selectively block some updates and let others through. Route filters can also block incoming routes something the passive-interface command cannot do. Filtering incoming routes is like filtering e-mail spam. It rejects routes that are unwanted or unnecessary for example, improperly sourced default routes...
Managing Redistribution
Ideally, all routers in your organization should run the same routing protocol. In reality, however, doing so can be difficult, especially when you are faced with any of the following situations Various groups are managing their own routers and must use different routing protocols for one reason or another. Yet everyone must be internet worked together. You are migrating a large network of routers to a new routing protocol but you don't want to convert all routers at once. Instead, you want to...
Configuring RedistributionRIP and OSPF
Redistribution requires you to configure a router with the redistribute router mode command and the two protocols between which you want to redistribute. Consider the example network in Figure 3-4. Figure 3-4 A Network for Configuring Mutual Redistribution Figure 3-4 A Network for Configuring Mutual Redistribution In the example, Router II is a RTP-only router with RIP routes 192.168.X.0 where x ranges from 1 to 3 . Router G is the redistribution router It must run both RIP and OSPF. The...
Redistributing into IGRP and EIGRP
Redistributing into IGRP and EIGRP is similar to redistributing into RIP and OSPF except you must define each variable of the composite metric to arrive at the default metric router eigrp 100 redistribute rip metric 1544 100 255 1 1500 network 172.16.0.0 where the numbers in the redistribute command after the keyword metric specify Bandwidth In kilobits per second. Delay In tens of microseconds. That is, 100 equals a hundred tens or 1,000 microseconds. Reliability A number from 0 to 255, where...
Understanding Administrative Distance
When you use more than one routing protocol for example, when you redistribute you need to be aware of administrative distances. An administrative distance is a priority assigned to a route based on its routing protocol. When a router receives the same route from more than one protocol, which one should it use Should it, for example, use the route heard from RIP or the one heard from OSPF Because RIP and OSPF have completely different metrics, the router cannot decide by comparing metrics, so...
Controlling Redistribution Loops with Route Filters
When you combine redundant paths with mutual redistribution, you can encounter problems with redistribution loops. Take for example, the situation in Figure 3-7. Figure 3-7 A Redistribution Loop Route Feedback Figure 3-7 A Redistribution Loop Route Feedback Figure 3-7 shows two points along the IGRP-RIP boundary where redistribution is occurring. Both Router J and Router K are performing mutual redistribution between RIP and 1GRP. Care must be taken to ensure that a route redistributed from RIP...
Resolving Issues with VLSM and Classful Routing Protocols
As mentioned in Chapter 1, Managing Your IP Address Space, classful routing protocols such as RIP and IGRP do not support VLSM, but sometimes you are forced to resolve VLSM and classful routing incompatibilities in a real-world network. Especially when you redistribute, routes might get lost between the parts of your network that use VLSM and the other parts that are classful. Figure 3-8 illustrates a typical scenario. Resolving Issues with VLSM and Classful Routing Protocols 79 Figure 3-8...
Leveraging Default Routing
Default routing scales the network, conserves resources, and simplifies routing information. A default route is a special route that tells the router how to reach unknown destinations that is, destinations that arc absent from the routing table because they are neither learned through a routing protocol nor manually configured with static routes. A default route is a catchall When the router doesn't know how to forward a packet because the packet is destined for an unknown network , the router...
Propagation of Default Routes
Usually, it is not enough to configure a default route on one router and be done with it. The default route must be shared with other routers, as depicted in Figure 3-10. Figure 3-10 Propagation of a Default Route In Figure 3-10, Router E is the exit point for traffic leaving the corporate network and heading out to the Internet. Router E is configured with a default route so that it doesn't have to hold the entire Internet routing table. This satisfies Router E's requirement to reach points on...
Originating a Default Route with RIP
It's easy, sometimes dangerously easy, to eonfigure a router to originate a default route with RIP. All you need to do is configure the default route itself and RIP takes care of the rest. RIP automatically advertises the default out all RIP-enabled interfaces. Consider the example network depicted in Figure 3-11. Gateway of last resort 192.168.202.1 In the network in Figure 3-11, Router F has a default route to the Internet. The following is Router F's RIP configuration ip route 0.0.0.0...
Originating a Default Route with IGRP
As with RIP, you can configure a default route on an IGRP router like this ip route 0.0.0.0 0.0.0.0 192.168.202.1 The default route 0.0.0.0 is used locally by the router however, it cannot be advertised to any other router with IGRP. IGRP does not propagate 0.0.0.0 even if you redistribute it into IGRP with the redistribute static command. To make IGRP originate a default route and advertise it to others, configure IGRP as follows this also works for EIGRP router igrp ICC redistribute static...
Originating a Default Route with EIGRP
To originate a default route with EIGRP, you can use the same method described in Originating a Default Route with IGRP. Alternatively, you can configure 0.0.0.0 and redistribute it into EIGRP like this router eigrp 100 redistribute static network 172.18.0.0 default-metric 1544 2000 255 1 1500 ip route 0.0.0.0 0.0.0.0 192.168.202.1 The command ip route 0.0.0.0 0.0.0.0 192.168.202.1 creates a default route, with 192.168.202.1 as the gateway of last resort. The command redistribute static...
Originating a Default Route with OSPF
Like IGRP and EIGRP, OSPF does not automatically propagate a default route. To originate a default route with OSPF, configure OSPF with the default-information originate command router ospf 10 network 172.18.43.0 0.0.0.255 area 0 lt other network commands gt default-information originate metric 20 metric-type 1 ip route 0.0.0.0 0.0.0.0 172.18.44.2 where ip route 0.0.0.0 0.0.0.0 172.18.44.2 configures the default route and gateway of last resort. The command default-information originate metric...
Default Routing and Classful Behavior
When you use a default route to reach a subnet of a connected major net, you must ensure that the router is configured with the ip classless global config command. Without ip classless, the router takes a classful posture and problems might surface. Consider the scenario depicted in Figure 3-12. In the network pictured in Figure 3-12, Router A is classful configured with no ip classless and has a default route pointing to Router B as the gateway of last resort. Everything in Router A's routing...
Configuring Route Summarization
As mentioned in Chapter 1, route summarization also called aggregation is the consolidation of multiple, contiguous routes into a single generalized route. It is recommended that you use summarization whenever you can, as your network addressing allows, to promote efficient and stable routing. If you are deploying a network from scratch, definitely plan your addressing so you can leverage summarization. Summarization typically applies to classless routing protocols such as EIGRP and OSPF. RTP...
Understanding EIGRP AutoSummarization
By default, EIGRP automatically summarizes across major net boundaries. Often, this is nothing to worry about however, when you deploy discontiguous subnets, as EIGRP supports, you might have to disable EIGRP auto-summarization. Consider the following scenario with auto-summarization enabled see Figure 3-13 . Assume EIGRP is the only routing protocol. Fig u re 3-13 EIGRP Auto-Summarization In the network depicted in Figure 3-13, major net 172.20.0.0 is broken up and separated by major net...
Configuring EIGRP Summarization
EIGRP allows you to manually summarize multiple contiguous routes into a more simplified and generalized route. Summarization is key for network scalability, routing efficiency, and router resource conservation. Consider the application for route summarization shown in Figure 3-14. Figure3-14 Applying EK Rl Route Summarization Figure3-14 Applying EK Rl Route Summarization Region Z 172.20.16.0 24 172.20.17.0 24 172.20.18.0 24 Region Z 172.20.16.0 24 172.20.17.0 24 172.20.18.0 24 In Figure 3-14,...
Configuring OSPF Summarization Between Areas
OSPF also supports manual summarization of routes on area border routers ABRs . Consider the following topology Figure 3-15 . FigU re 3-15 Summarizing OSPF Routes Betw een A reas FigU re 3-15 Summarizing OSPF Routes Betw een A reas In Figure 3-15, Router G is an ABR betw een area 0 and area 100 and is responsible for advertising the 16 routes in area 100 to area 0 the backbone area . Normally, it does not summarize but simply injects 16 routes into area 0. This is another opportunity to...
Configuring OSPF Summarization During Redistribution
Unlike EIGRP, OSPF maintains a separate process for summarizing redistributed routes. This is called external route summarization. Consider the scenario depicted in Figure 3-16. Fig u re 3-16 OSPE External Route Sutnmarization Fig u re 3-16 OSPE External Route Sutnmarization Router A redistributes RIP into OSPF. Normally, the redistribution injects 16 routes, each with a 24 mask, into area 0. Instead of doing that. Router A can summarize the 16 routes and inject just a single route 172.20.16.0...
Deploying Policy Routing with Route Maps
Policy routing enables you to direct traffic over user-defined paths based on the flexible syntax of access lists. With policy routing, you use enhanced filters called route maps to override normal forwarding decisions like those based on dynamic routing protocols. Route maps contain your criteria for identifying traffic and your instructions on how that traffic should be forwarded. You might want to do this to support certain routing policies, such as these You want different applications Web,...
Forwarding Traffic with Route Maps
Route maps define criteria for matching packets and instructions for what to do with them, in the case of packet forwarding, the instructions define the next hop router to which the packet should be sent or the interface by which the packet should exit. This function is similar to static routing see Configuring a Static Route in Appendix E , but with more control You can control exactly which packets get forwarded and which do not by using the flexible syntax of access lists. Route maps are...
The RSVP Signaling Process
Prior to any RSVP signaling, the sender and receiver might have identified each other through their application and agreed to start a session. A conferencing application, for example, might offer a directory service that Client A can use to check if Client B is online and available for a call. The steps before RSVP signaling might look something like this When Client A calls Client B, Client A simply selects Client B's name in the directory list and clicks a button to initiale the call. Client...
RSVP and Weighted Fair Queuing
Just as RSVP is a signaling protocol that does not transport data for a session, RSVP itself is not responsible for queuing and dispatching packets for a session after the reservation is made. RSVP in a Cisco router depends on weighted fair queuing WFQ , as discussed in Chapter 4, to carry out the queuing and dispatching of packets at the link layer Layer 2 that ultimately delivers the QoS for a session. NOTE You can think of RSVP as the decision-maker for reservations and WFQ as the workhorse...
Configuring RSVP
Configuring RSVP is simple so simple, in fact, that the temptation is to enable RSVP without fully understanding how it works. This is not a good idea, which is why this chapter covers the mechanics before it discusses the configuration. RSVP is enabled on router interfaces, not on the router as a whole. This gives you the flexibility to enable RSVP on some interfaces but leave other interfaces alone. Figure 5-7 WFQ on Outbound Interfaces Ensures Data Is Delivered at the Desired QoS To...
Verifying RSVP Configuration
To verify that RSVP is enabled on the interface, issue the command show ip rsvp interface, which presents the following output interfac allocate i f max flow max per 255 UDP IP UDP_IP UDP M C Et0 50K 7500K 7500K 1 255 0 1 0 0 Se0 0M 400K 200K 0 255 0 1 0 0 This output is read like a simple table The first column indicates that two interfaces have RSVP enabled EthernetO and SerialO. The allocate column shows that EthernetO has one or more active reservations, totaling 50 kbps of bandwidth. This...
Configuring IOS as a Proxy for Path and Resv Messages
Cisco ICS can send Path and Resv messages on behalf of clients. This proxy capability is useful for testing RSVP when you don't have any RSVP-enabled clients available. Figure 5-8 depicts such a scenario. Figure 5-8 Router A Can Proxy Path Messages for a Non-RSVP Client Client A Client A sender 192.168.20.1 non-RSVP Client A sender 192.168.20.1 non-RSVP Client B receiver 192.168.10.2 non-RSVP Client B receiver 192.168.10.2 non-RSVP Client A does nol support RSVP, so it cannot generate any Path...
RSVP Scaling Considerations
A consideration for your RSVP deployment is the issue of scaling RSVP in large networks. As mentioned earlier, routers keep track of information contained in Path and Resv messages and maintain stateful information for each reservation. It is possible in large networks for a high number of active reservations to adversely affect router resources such as memory and the CPU. As such, consider the current capacity of your routers as you plan deployments of RSVP applications. As with so much in...
Random Early Detection
Chapter 4 discussed various queuing strategies you can use to manage traffic when the network is congested. Random Early Detection RED on a router also helps manage traffic, but takes the approach of avoiding congestion by taking advantage of flow control features in the TCP protocol. Thus, RED's strategy is congestion avoidance rather than congestion management queuing, discussed in Chapter 4, is an example of congestion management . Dynamics of Network Congestion and Tail Drops 111 Effects of...
Dynamics of Network Congestion and Tail Drops
As traffic increases on a router's output interface, the queues on that interface start to fill with packets. As mentioned in Chapter 4, the interface fills because the bandwidth of the output link cannot keep up with the amount of traffic scheduled to go out that link. If the traffic continues to pass through the router at a rate that exceeds the speed of the output link, it is possible for the queue system to fill to its maximum capacity. When this happens, the router has no choice but to...
Global Synchronization
It's common for an IP network to have many TCP flows so many flows that the TCP flows make up the majority of the traffic on the network. Web, FTP, Telnet, and many other client-server applications transport their data with the TCP protocol. When these TCP flows experience a tail drop, all of the senders associated with the flows trigger retransmission at the same time. This global sy nchronization of retransmissions is an undesirable situation that can wreak havoc on the network see 111...