Advanced TCP/IP Topics
From Proprofs
Advanced TCP/IP Topics
You are here: Home > Schools > Cisco > CCNA Certification > Wiki Home >CCNA Wiki
|
|
By Cbrzana |
Advanced TCP/IP Topics
Scaling the IP Address Space for the Internet
Due to rapid increase in internet use, it was feared that IP addresses would be used up by the mid-1990s.
Solutions
- Increase size of IP address (IPv6), 128 bits
- Network Address Translation (NAT) and private addressing
- Use private networks internally and still communicate w/ Internet
- Classless Interdomain Routing (CIDR) allows ISPs to reduce wasting of IPs by assigning a company a subset of a network number rather than the entire network.
CIDR
- Help scalability of internet routers (fewer routes need to exist in routing table)
- Assign subset of network numbers depending on customer needs
Private Addressing
- Private addresses defined in RFC 1918, set of networks that will never be assigned to any organization as a registered network number.
| Range of IP Addresses | Class | Number of Networks |
| 10.0.0.0 to 10.255.255.255 | A | 1 |
| 172.16.0.0 to 172.31.255.255 | B | 16 |
| 192.168.0.0 to 192.168.255.255 | C | 256 |
| NAT |
| Changes the private IP addresses to publicly registered IP address inside each IP packet |
| Static NAT: Configures a 1-1 mapping between the private address and the registered address that is used on its behalf. |
| :Inside local = private address Inside Global = public address |
| Dynamic NAT: 1-1 mapping between inside local and inside global address. However, this mapping occurs dynamically. |
| 1. Sets up pool of possible inside global addresses |
| 2. Router applies criteria to determine if NAT should be applied |
| 3. If it should be applied, add entry to NAT table |
| 4. Translate source IP address and forward the packet |
| *Dynamic mappings cleared out after set timeout expires with no activity, or you can use the command: clear ip nat translation * command |
| Port Address Translation (PAT) |
| Allows more internal IP addresses than there are Outside IP addresses. Without PAT, Nat only supports internally the number available externally. |
| -> If just NAT used, and all IPs already assigned, discard packet. User must try again until a NAT entry becomes available |
| Overloading NAT with PAT |
| Allows scaling to support many client machines, and access to the internet with only a few public addresses. |
| * NAT table retains internal IP and port, and translates to global IP and port. |
| * Since port field is 16 bits, support more than 65,000 port numbers |
| * Can also translate overlapped/inappropriately assigned network numbers. |
| * Must translate both source and destination if used |
NAT Configuration
| Command |
| ip nat [inside | outside] |
| ip nat inside source |
| ip nat outside source |
| ip nat inside destination list |
| ip nat pool |
| ip nat inside source list |
| Command | Description |
| show ip nat statistics | Lists counters for packets and NAT table entries |
| show ip nat translations | Displays the NAT table |
| clear ip nat translation | Clears some/all of the dynamic entries |
| debug ip nat | Issues a log message describing each packet whose IP address is translated with NAT |
Assume Router NAT performs the translation: config tnterface FastEthernet 0/0 ip address [address][mask] ip nat inside exit interface Serial 0/0 ip address [address][mask] ip nat outside exit ip nat inside source static 10.1.1.1 200.1.1.1 ip nat inside source static 10.1.1.2 200.1.1.2 show ip nat translations Displays inside global/inside local IP addresses show ip nat statistics Displays total active translations, outside/inside interfaces |
| Dynamic NAT Configuration Each interface still needs to be designated as either inside or outside, but static entries no longer needed. ip nat pool [pool name] [start address] [end address] netmask [subnet mask] ip nat inside source list [ACL #] pool [pool name] |
To configure NAT overloading:
ip nat inside source list [list #] interface serial 0/0 overload
Misc TCP/IP Topics
ICMP: Provides a variety of information about network’s health and operational status.
- Actual messages sit inside IP packet.
- Echo request/echo reply sent and received by ping command
- (Refer to Ultimate CCNA INTRO Guide for additional information)
IOS trace command uses Time to Live (TTL) and the Time Exceeded messages.
- Sets TTL to 1, so next hop sets it to 0 and replies with time exceeded. This is how trace learns, or "traces", the route. Next packet sent, increment the TTL to learn the next hop.
Redirect ICMP Message: If default route exists, but is later discovered to have a better route, router will send a redirect message to the host to tell it to use the better route. The host can either accept the better route or disregard it.
Secondary Addressing
If running out of subnets/addresses, you have the ability to use multiple subnets of the same interface in order to increase the number of supported devices on that subnet/segment.
If you were to issue a show running-config command:
ip address 10.1.7.252 255.255.255.0 secondary
ip address 10.1.2.252 255.255.255.0
| FTP and TFTP FTP establishes connection on port 21, transfers data on port 20. * Uses TCP * Transfer includes any get/put command. TFTP uses small amount of memory and takes little time to load. * Use UDP. * Uses application layer recovery. |
| MTU and Fragmentation TCP defines maximum length for IP packet (Maximum Transmission Unit, or MTU) * Varies based on configuration and the interface’s characteristics. * By default, calculates based on max size of the data portion of the L2 frame * 1500 for Ethernet interfaces * If packet larger than allowed MTU, fragments packet into smaller pieces * IP header contains fields that aid in reassembling the packet * To change, can use mtu interface subcommand or ip mtu * mtu sets the MTU regardless of L3 protocol * ip mtu command takes precedence if both used, unless mtu command set after ip mtu is (in which case ip mtu resets to current settings) |
| ISL and 802.1q Configuration Use multiple logical subinterfaces on 1 physical interface that connects the router to the switch. ISL interface fastethernet 0.[subinterface] ip address [address] [subnet] encapsulation isl [VLAN ID] 802.1q (note that this uses native vlan, in which no VLAN ID is used on a certain trunk, which by default is VLAN 1) interface fastethernet 0 ip address [address][subnet mask] interface fastethernet 0.2 ip address [address][subnet mask] encapsulation dot1q [VLAN ID] |
Top 5 Contributors to this article
|
|||||
