2.1.2.2.2 Variable length subnetting Variable length subnetting or variable length subnet masks (VLSM) allocated subnets within the same network can use different subnet masks. Advantage: conserves the network addresses. An existing subnet can be split into two parts by adding another bit to the subnet portion of the subnet mask. Other subnets in the network are unaffected by the change.
2.1.2.2.2 Variable length subnetting (contin.) Exemple of a class B network division into variable length subnets. the class B network 141.85.0.0/16. the requirement to split this address range into five separate networks each with the following number of hosts: subnet 1, subnet 2, subnet 3, subnet 4, and subnet 5 6000 hosts each, while subnet 6 and subnet 7-4000 hosts each. This cannot be achieved with static subnetting. For this example, static subnetting divides the network into 6 subnets each with 8190 hosts or 14 subnets each with 4094 hosts. Using a mask of 255.255.224.0 (or /19 ), the network can be divided into 6 subnets each with 8190 hosts. The sixth subnet can be further divided into two subnets each with 4094 hosts by using a mask of 255.255.240.0 (or /20 ).
2.1.2.2.2 Variable length subnetting (contin.) Exemple of a class B network division into variable length subnets (contin). 10001101. 01010101. 00000000. 00000000 = 141.85.0.0/16 (class B network) 11111111. 11111111. 11100000. 00000000 = 255.255.224.0 (subnets 1-5 mask, or /19 ) 10001101. 01010101. 00100000. 00000000 = 141.85.32.0/19 (subnet 1) 10001101. 01010101. 01000000. 00000000 = 141.85.64.0/19 (subnet 2) 10001101. 01010101. 01100000. 00000000 = 141.85.96.0/19 (subnet 3) 10001101. 01010101. 10000000. 00000000 = 141.85.128.0/19 (subnet 4) 10001101. 01010101. 10100000. 00000000 = 141.85.160.0/19 (subnet 5) 10001101. 01010101. 11000000. 00000000 = 141.85.192.0/19 (non-divided) 11111111. 11111111. 11110000. 00000000 = 255.255.40.0 (subnets 6,7 mask, or /20 ) 10001101. 01010101. 11000000. 00000000 = 141.85.192.0/20 (subnet 6) 10001101. 01010101. 11010000. 00000000 = 141.85.192.0/20 (subnet 7)
2.1.3 Methods of packet delivery The majority of IP addresses refer to a single recipient, this is called a unicast address. Additionally, there are three special types of IP addresses used for addressing multiple recipients: broadcast addresses, multicast addresses, and anycast addresses.
2.1.3.1 Broadcasting Broadcast addresses are never valid as a source address. They must specify the destination address. The different types of broadcast addresses include: Limited broadcast address: This uses the address 255.255.255.255 (all bits 1 in all parts of the IP address). It refers to all hosts on the local subnet. This is recognized by every host. The hosts do not need any IP configuration information. Routers do not forward this packet. Network-directed broadcast address: This is used in an unsubnetted environment. The network number is a valid network number and the host number is all ones (for example, 141.85.255.255). This address refers to all hosts on the specified network. Routers should forward these broadcast messages. Subnet-directed broadcast address: If the network number is a valid network number, the subnet number is a valid subnet number, and the host number is all ones, the address refers to all hosts on the specified subnet. Because the sender's subnet and the target subnet might have a different subnet mask, the sender must somehow determine the subnet mask in use at the target. The broadcast is performed by the router that receives the datagram into the subnet.
2.1.3.1 Broadcasting (contin.) All-subnets-directed broadcast address: If the network number is a valid network number, the network is subnetted, and the local part is all ones (for example, 141.85.255.255), the address refers to all hosts on all subnets in the specified network. In principle, routers can propagate broadcasts for all subnets but are not required to do so.
2.1.3.2 Multicasting The multiple destination transmission (multicast) method is based on the definition of destination groups. Each group is represented by a Class D IP address. For each multicast address, a set of zero or more hosts are listening for packets addressed to the address. This set of hosts is called the host group. Packets sent to a multicast address are forwarded only to the members of the corresponding host group. Multicast enables one-to-many connections.
2.1.3.3 Anycasting Sometimes, the same IP services are provided by different hosts. For example, a user wants to download a file using FTP and the file is available on multiple FTP servers. Hosts that implement the same service provide an anycast address to other hosts that require the service. Connections are made to the first host in the anycast address group to respond. This process is used to guarantee the service is provided by the host with the best connection to the receiver.
2.1.4 Intranets: Private IP addresses An approach to conserve the IP address space is to relax the rule that IP addresses must be globally unique. It reserves part of the global address space for use in networks that do not require connectivity to the Internet. Three ranges of addresses have been reserved for this purpose: 10.0.0.0: A single Class A network, 172.16.0.0 through 172.31.0.0: 16 contiguous Class B networks, 192.168.0.0 through 192.168.255.0: 256 contiguous Class C networks. These addresses are not globally unique they are not defined to any external routers.
2.1.4 Intranets: Private IP addresses (contin.) Routers in an organization using private addresses are expected to limit all references to private addresses to internal links. They should neither externally advertise routes to private addresses nor forward IP datagrams containing private addresses to external routers. Hosts having only a private IP address do not have direct IP layer connectivity to the Internet. All connectivity to external Internet hosts must be provided with application gateways. An example of such an application gateway = NAT (Network Address Translation).
2.1.5 Network Address Translation (NAT) Versions of NAT (Network Address Translation): basic NAT, Network Address Port Translation (NAPT). NAT provides a mapping between internal IP addresses and officially assigned external addresses.
2.1.5.1 NAT Principle The idea of Traditional NAT (hereafter referred to as NAT) is based on the fact that only a small number of the hosts in a private network are communicating outside of that network. If each host is assigned an IP address from the official IP address pool only when they need to communicate, only a small number of official addresses are required.
2.1.5.2 Basic NAT Consider an internal network that is based on the private IP address space, and the users want to use an application protocol for which there is no application gateway. The only option: to establish IP-level connectivity between hosts in the internal network and hosts on the Internet. Because the routers in the Internet would not know how to route IP packets back to a private IP address, there is no point in sending IP packets with private IP addresses as source IP addresses through a router into the Internet. Basic NAT takes the IP address of an outgoing packet and dynamically translates it to an officially assigned global address. For incoming packets, it translates the assigned address to an internal address.
2.1.5.2 Basic NAT (contin.)
2.1.5.2.1 Basic NAT translation mechanism For each outgoing IP packet, the source address is checked by the NAT configuration rules. If a rule matches the source address, the address is translated to a global address from the address pool. For each incoming packet, the destination address is checked if it is used by NAT. When this is true, the address is translated to the original internal address. The assigned addresses need to be reserved in a pool in order to use them when needed. If connections are established from the internal network, NAT can just pick the next free public address in the NAT pool and assign that to the requesting internal host. The NAT service keeps track of which internal IP addresses are mapped to which external IP addresses at any given point in time, so it will be able to map a response it receives from the external network into the corresponding secure IP address.
2.1.5.2.1 Basic NAT translation mechanism (contin.) When the NAT service assigns IP addresses on a demand basis, it needs to know when to return the external IP address to the pool of available IP addresses. Network administrators also need to instruct NAT whether all the internal hosts are allowed to use NAT or not.
2.1.5.3 Network Address Port Translation (NAPT) The difference between Basic NAT and NAPT is that Basic NAT is limited to only translating IP addresses, while NAPT is extended to include IP address and transport identifier (such as TCP/UDP port). NAPT maps private addresses to a single globally unique address. Therefore, the binding is from the private address and private port to the assigned external address and assigned port. NAPT permits multiple nodes in a local network to simultaneously access remote networks using the single IP address assigned to their router.
2.1.5.4 NAT limitations NAT is computing intensive even with the assistance of a sophisticated checksum adjustment algorithm, because each data packet is subject to NAT lookup and modifications.
2.1.6 Classless Inter-Domain Routing (CIDR) Standard IP routing understands only class A, B, and C network addresses. Within each of these networks, subnetting can be used to provide better granularity. However, there is no way to specify that multiple class C networks are related. The result of this is termed the routing table explosion problem. The solution to this problem is called Classless Inter-Domain Routing (CIDR). CIDR does not route according to the class of the network number (thus the term classless). It is based solely on the high order bits of the IP address. These bits are called the IP prefix. Each CIDR routing table entry contains a 32-bit IP address and a 32-bit network mask, which together give the length and value of the IP prefix. This is represented as the tuple <IP_address, network_mask>.
2.1.6 Classless Inter-Domain Routing (contin.) For example, to address a block of eight class C addresses with one single routing table entry, the following representation suffices: <192.32.136.0 255.255.248.0>. This process of combining multiple networks into a single entry is referred to as supernetting. Routing is based on network masks that are shorter than the natural network mask of an IP address. This contrasts with subnetting where the subnet masks are longer than the natural network mask. 11000000. 01010101. 10001000. 00000000 = 192.32.136.0 (class C address) AND 11111111. 11111111. 11111000. 00000000 = 255.255.248.0 (network mask) 11000000. 01010101. 10001000. 00000000 = 192.32.136.0 (IP prefix) 11000000. 01010101. 10001111. 00000000 = 192.32.143.0 (class C address) AND 11111111. 11111111. 11111000. 00000000 = 255.255.248.0 (network mask) 11000000. 01010101. 10001000. 00000000 = 192.32.136.0 (same IP prefix)