Using Table 6.16, we know that we need to set to 1 any bits used for the network ID portion of the IP address.. This tells us we need three bits from the host address space to add to the
Trang 1Creating the Subnet Mask
We’ve determined our subnets, and now we need to create a subnet mask that will work with each subnet ID we created Recall that we use bitwise ANDing to compare the bits of the IP address and the subnet mask The result of the comparison is the network ID Using Table 6.16, we know that
we need to set to 1 any bits used for the network ID portion of the IP address
In this case, the subnet mask would be set to: 11111111.11111111.11100
000.000000000
Notice that we have set the left-most 19 bits to 1 Thus, our subnet masks can be written in dotted decimal notation as 255.255.224.0 Let’s compare this subnet mask to a sample IP address from within our subnetted addresses to see how this works
146.64.193.14 IP address 10010001.01000000.11000001.00001110 255.255.224.0 subnet mask 11111111.11111111.11100000.00000000 Result of bitwise ANDing 10010001.01000000.11000000.00000000 Underlying network ID 146.64.192.0
ExErcisE 7.3 defining Subnet Masks
In this exercise, we’ll practice defining subnets and subnet masks Use the following scenario: Your brand new start-up company has been assigned a Class C address
You have only six computers, one router, and three printers attached
to your network You’d like to subnet your network before your company’s planned expansion and you’ll need a maximum of six to seven networks in the future
How many host address bits will you need to take from the host
1
address space to create seven subnets? To solve this problem,
we need to think in terms of the bit value of the binary bits in
an octet Which bit values, when added together, equal 7? The answer is the right-most three bits, or 00000111 This tells us we need three bits from the host address space to add to the network address space However, it’s important to remember that we don’t
use the right-most bits This may be confusing, but we used the bit
Trang 2values simply to determine how many bits we’ll need We use the
bits closest to the octet used for the network ID
What is the binary representation of the subnet mask used for
2
this configuration? Class C uses the w.x.y octets for network ID
Therefore, we know that the default subnet mask is 255.255.255.0
We’ve determined that we need to take three bits from the host ID
space We take the three left-most bits from the fourth octet so they
remain contiguous with the network address space The result is a
subnet mask with the 1s in 27 of the 32 bits, moving left to right,
as shown: 11111111.11111111.11111111.11100000
What is the dotted decimal value of the binary configuration shown
3
in Problem 2? 255.255.255.224
What is one way of representing this network configuration,
4
given that we are using three bits from the host address space for
network IDs? As you may recall, a common notation for showing
how many bits represent the network ID (and therefore the subnet
mask) is w.x.y.z /27 where w.x.y.z are the dotted decimal values of
the four octets that comprise an IP address and the /27 denotes the
number of bits used for the network address
If we use three bits from the host space for network IDs, what is
5
the maximum number of hosts we can have per subnet? We know
that an IP address has 32 bits and that we’re using 27 of those bits
for network addresses 32 – 27 leaves 5 bits for host addresses If
we use the formula 2n, we have 25, or 32 addresses However, this
includes an address of all 0s and all 1s, both of which cannot be
used, resulting in 30 possible host addresses per subnet
This exercise should help you to find out if you have any areas of
confu-sion If so, go back and work on the specific area that is giving you trouble
The Network exam is not likely to have questions that rely upon this
knowledge to make you figure out a subnet, create one, or otherwise You
need to understand the concept behind subnetting, and the subnet mask,
and understand the differences between the host ID and the network ID as
well as their relationship Understanding the process of subnetting can help
to drive that home for you
Trang 3Table 7.17 Class A Subnet Table
Subnets hosts Mask Subnet Bits host Bits
Continued
hEAd oF ThE ClASS…
Creating Subnet Masks
This topic always causes some confusion in the
class-room because it requires us to work left to right and right
to left As we work through examples, some people get
it immediately and some people don’t Usually the area
of most confusion deals with taking bits from the host
address space This is because we use the bits with the
lowest bit values first However, when we’re using those
bits, they shift over to the left because we always want to
use the bits contiguous with the network address space.
We emphasize that the bits retain their weighted
binary values within the octets, regardless of their use
In the preceding exercise, we saw that there were both
network and host bits in the fourth octet (the z octet)
Although the bits are used for two different purposes, they
must be calculated into a single dotted decimal number
The first thing we always calculate is how many subnets
we’re going to need We convert that number to weighted
binary, to determine how many bits we need This
essen-tially tells us how many possible bit combinations there
are and therefore how many subnets we can delineate.
One example we use to make this point clear is a
simple one If we need one network ID, we don’t need
any bits from the host address space There is only one
combination If we need two networks, we need one
bit Why? Because that one bit can be either 0 or 1,
and that’s two different combinations.
If we need one bit, we take that bit and use it on
the left side of the octet That’s where some people get
confused After we figure out how many bits we need,
we extend the network address space by that number
of bits, which is the reason they shift to the left while retaining their weighted value based on their place-ment within the octet.
You should work through lots of examples so that you can fully understand both the concepts and the practical applications of subnetting Work through the examples in this chapter and make up some of your own If you have a study buddy, you can help each other by testing your knowledge of this crucial topic Tables 7.17, 7.18, and 7.19 show the possible subnet masks that can be used in Class A, Class B, and Class
C networks, respectively These tables are useful for quickly determining the amount of hosts per subnet that would be achieved with a particular mask These subnet mask tables make it easier to deter-mine which subnet mask to use for any given situation
As the table shows, the number of subnets increases
as the number of hosts in each subnet decreases As the number of subnet bits increases, the number of host bits decreases As there are a fixed number of bits
to work with in each class of network address, each bit can be used in only one way as specified by the mask Each bit must be either a subnet bit or a host bit An increase in the number of subnet bits causes a reduc-tion in the number of host bits, and vice versa Use these tables to help you memorize placement.
Trang 4Table 7.18 Class B Subnet Table
Subnets hosts Mask Subnet Bits host Bits
Continued
Table 7.17 Class A Subnet Table continued
Subnets hosts Mask Subnet Bits host Bits
Trang 5STrATEGIES To CoNSErvE AddrESSES
Several strategies have been developed and implemented to help the Internet community cope with the exhaustion of IP addresses These strategies help
to reduce the load on Internet routers and also help administrators use glob-ally unique IP addresses more efficiently The following three strategies were mentioned in previous sections and are discussed in more detail in the fol-lowing paragraphs:
Classless InterDomain Routing (CIDR)
■
■
Variable-Length Subnet Mask
■
■
Private Addressing
■
■
Classless Interdomain routing
CIDR (RFCs 1517, 1518, and 1519) reduces route table sizes as well as IP address waste Instead of full Class A, B, or C addresses, organizations can be allocated subnet blocks For example, if a network needed 3,000 addresses,
Table 7.18 Class B Subnet Table continued
Subnets hosts Mask Subnet Bits host Bits
Table 7.19 Class C Subnet Table
Subnets hosts Mask Subnet Bits host Bits
Trang 6a single Class C network (256 addresses) would be insufficient However,
if a Class B network was assigned (65,536 addresses), 62,000 addresses
would be wasted With CIDR, a block of 4096 addresses can be allocated
– the equivalence of 16 Class C networks This block of addresses covers
the immediate addressing needs, allows room for growth, and uses global
addresses efficiently
variable-length Subnet Masks
VLSMs conserve IP addresses by tailoring the mask to each subnet Subnet
masks are appropriated to meet the amount of addresses required The idea
is to assign just the right amount of addresses to each subnet Many
orga-nizations have point-to-point wide area network (WAN) links Normally,
these links comprise a subnet with only the two addresses required By using
a routing protocol that supports VLSM, administrators can use a block of
addresses much more efficiently An example of a VLSM used on a WAN
link can be seen in Figure 7.4
FIGurE 7.4
A VLSM in Use.
Trang 7private Addresses
The most effective strategy for conserving globally unique (public) IP addresses
is not using any If an enterprise network is using TCP/IP, but is not com-municating with hosts in the global Internet, public IP addresses are not needed If the internetwork is limited to one organization, the IP addresses need only be unique within that organization Only networks that interface with public networks such as the Internet need public addresses Using pub-lic addresses on the outside and private addresses for inside networks is very effective NAT is used to convert those private (inside) addresses to public (outside) addresses
Public Versus Private Address Spaces
The IP requires that each interface on a network have a unique address
If the scope of a network is global, the addresses must be globally unique Because global uniqueness must be assured, a centralized authority must be responsible for making sure IP address assignments are made correctly and fairly
To meet the demands of a growing Internet community, the Internet Assigned Numbers Authority (IANA) was replaced by the Internet Corpora-tion for Assigned Names and Numbers (ICANN) If an organizaCorpora-tion wants
to use IP protocols and applications in its network, but is not connecting its network to the global Internet, the IP addresses used do not have to be
globally unique A network of this type is called a private network, and the addresses used are called private addresses.
prIvATE NETworK AddrESSES
RFC 1918 conserves globally unique IP addresses by providing three blocks of addresses that are never officially allocated to any organization These blocks can then be used in private networks without fear of duplicating any officially assigned IP addresses in other organizations With the explosive growth of the Internet, the InterNIC realized that some devices may never connect directly to the Internet A good example of this is that many computers
Exam warning
Using VLSMs on WAN links on your network is very common You don’t need to know how to do this for the Network+ exam, but you should understand it so when you see it
in use, you understand that this is a common use of VLSMs You will learn more about WAN technologies in the next chapter.
Trang 8in a company connect to the Internet via an intermediate device such as
a firewall, proxy server, or router Consequently, those devices behind the
firewall or other intermediate device don’t need globally unique IP addresses
Three address blocks are defined as private address blocks, for situations in
which the host does not connect directly to the Internet
■
■ 10.0.0.0/8 This is a private Class A network address with the host
ID range of 10.0.0.1 through 10.255.255.254 This private network
has 24 bits that can be used for any subnetting configuration
desired by the company
■
■ 172.16.0.0/12 This scheme uses Class B addresses and allows for
up to 16 Class B networks, or 20 bits can be used for host IDs The
range of valid addresses on this private network is from 172.16.0.1
through 172.31.255.254
■
■ 192.168.0.0/16 This configuration can provide up to 256 Class
C networks, or 16 bits can be used for host addresses The value
range of IP addresses in this private network is 192.168.0.1 through
192.168.255.254
These private addresses are not assigned publicly and therefore will never
exist in Internet routing tables This makes these private addresses
unreach-able via the Internet If a host using a private network IP address requires
access to the Internet, it must use the services of an application layer
gate-way such as a proxy server, or it must have its address translated into a
legal, public address A process called NAT performs this translation before
sending data out to the Internet from a private address host ID NAT will be
covered in more depth later in this chapter
Another use of private addressing is called automatic private IP
address-ing (APIPA) If a computer (Windows 98 or later) is configured to obtain its
address automatically from a DHCP server and it cannot locate a DHCP
server, it will configure itself using APIPA The computer randomly selects
an address from the 169.254.0.0/16 address range and then checks the
net-work for uniqueness If the address is unique, it will use that address until it
can reach a DHCP server If the address is not unique, it will randomly select
another address from that range
Exam warning
You must know the private address ranges as well as the APIPA IP address range for the
Network+ exam Also, do not forget the reserved loopback Class A address of 127.0.0.0.
Trang 9Table 7.20 summarizes the private address blocks defined by RFC 1918 Notice the CIDR shorthand for the mask As a reminder, /8 would be equal
to 255.0.0.0
Considerations
The address blocks in Table 7.20 can be used in any network at any time However, devices using these addresses will not be able to communicate with other hosts on the Internet without some kind of address translation Some benefits of using private addresses are:
■
■ Number of Addresses There are plenty of addresses for most
inter-nal networking needs
■
■ Security Private addresses are not routable on the Internet The
translation from private to public addresses further obscures inter-nal network information
Table 7.20 Private IP Address Blocks
Address Block Classful Equivalent prefix length Number of Addresses
10.0.0.0 to 10.255.255.255 1 Class A 256 Class B
65,536 Class C
172.16.0.0 to 172.31.255.255 16 Class B 4,096 Class C /12 1,048,576 192.168.0.0 to
192.168.255.255 1 Class B 256 Class C /16 65,536
Test day Tip
Consider the following type of question on your Network+ exam You may see a situ-ation where you cannot get on the network because every node on the subnet is in the 10.0.0.0 to 255.255.255.0 range, and one node is having a problem because it has an APIPA address, so it won’t be on the same subnet Either that or the DHCP server is down and because of this the nodes on the network revert their addressing
to the APIPA range Think about this chapter and what you have learned so far and how it all ties together All nodes on a subnet have to be in the same IP address range
to communicate There will be problems that arise where APIPA comes into play and you will need to know how to handle that situation Make sure you consider this for the Network+ exam.
Trang 10■ Renumbering If using NAT, no readdressing of privately addressed
networks is necessary to access public networks
■
■ Networks Treating private addresses as public addresses when
allo-cating ensures that efficiency and design are maximized
CoNFIGurING ANd
IMplEMENTING…
Is private Ip Addressing really a Free-For-All?
One would think that with that much IP address
space available to them, network engineers,
manag-ers, administrators, and technicians would have a
lackadaisical attitude when assigning IP space Quite
the contrary (as was learned earlier when we
cov-ered VLSMs); this is not the case One of the
great-est challenges that you will face when working within
any network is that it’s always designed to grow As
more technology develops, and as newer technologies
emerge and more and more of a need is placed on the
network, the more logical addressing you will need to
provide it You should always work to conserve your
address space, never wasting it You never know what
you will need in the future The tighter you lock down
the procedures early on, the less of a chance you will
have to go back and fix it later In networking, this is
always a problem because you never have the time
to go back In the networking world, if you do man-age to have the time, depending on the size and use
of your network, you may have to schedule an out-age to change things over An IP addressing change
on a local area network (LAN)-sized or larger scale is always a lot of work and is somewhat time-consuming
Design it right the first time and do not go back if you
do not have to, as it will be more difficult later to redo
it Make sure you get into a good habit of conserving (and documenting) your address space Use DHCP whenever possible and when it is not a security risk
Always ensure that you consider future growth in the way of acquisitions and mergers, which will bring up the issues of duplicate IP addressing, as most of the space used is in the same private range This is why NAT is so prevalent, and why you need to know it for the Network+ exam NAT will be covered later in this chapter.
Static and Dynamic Assignments
On the Network exam, you will be responsible for not only knowing APIPA,
but knowing the whole concept behind dynamic and static assignments
As mentioned earlier, DHCP is responsible for handing out a subset of IP
addresses that an administrator configures into what is called a scope The
scope contains the leaseable address space that has been preconfigured If
your network uses TCP/IP as its network protocol, the nodes will, of course,
need an IP address to communicate once they are up and running on the
network To configure each node statically (to go to the node itself, its
physi-cal location, or connect via remote administration) and configure an actual
usable IP address on that node can become very unwieldy and it is highly
discouraged if your network is large enough to warrant the use of DHCP