Cis81 E1 6 IPv4Addresses Part3

Chapter 6
IPv4 Addresses Part 3

CIS 81 Networking Fundamentals
Rick Graziani
Cabrillo College
graziani@cabrillo.edu
Last Updated: 4/13/2008
Topics
Calculating the number subnets/hosts needed

VLSM (Variable Length Subnet Masks)
Classful Subnetting
IPv6
ICMP: Ping and Traceroute
Calculating the number subnets/hosts

needed
172.16.1.0
255.255.255.0
Network
Host
Network 172.16.1.0/24
Need:
As many subnets as possible, 60 hosts per subnet
4
Number of hosts per subnet
172.16.1. 0 0 0 0 0 0 0 0
255.255.255. 0 0 0 0 0 0 0 0
Network
Host
6 host bits
Network 172.16.1.0/24
Need:
5
Number of subnets
172.16.1. 0 0 0 0 0 0 0 0
255.255.255. 1 1 0 0 0 0 0 0
Network
Host
255.255.255.192
6 host bits
Network 172.16.1.0/24
Need:
New Subnet Mask: 255.255.255.192 (/26)
Number of Hosts per subnet: 6 bits, 64-2 hosts, 62 hosts
Number of Subnets: 2 bits or 4 subnets
172.16.1.0
255.255.255.0
Network
Host
Network 172.16.1.0/24
Need:
7
172.16.1. 0 0 0 0 0 0 0 0
255.255.255. 0 0 0 0 0 0 0 0
Network
Host
4 host bits
Network 172.16.1.0/24
Need:
8

Number of subnets
172.16.1. 0 0 0 0 0 0 0 0
255.255.255. 1 1 1 1 0 0 0 0
Network
Host
255.255.255.240
4 host bits
Network 172.16.1.0/24
Need:
New Subnet Mask: 255.255.255.240 (/28)
172.16.1.0
255.255.255.0
Network
Host
Network 172.16.1.0/24
Need:
Need 6 subnets, as many hosts per subnet as possible
10
Number of subnets
172.16.1. 0 0 0 0 0 0 0 0
255.255.255. 0 0 0 0 0 0 0 0
3 subnet bits
Network
Host
Network 172.16.1.0/24
Need:
11
Number of subnets
172.16.1. 0 0 0 0 0 0 0 0
255.255.255. 1 1 1 0 0 0 0 0
3 subnet bits
Network
255.255.255.224
Host
Network 172.16.1.0/24
Need:
New Subnet Mask: 255.255.255.224 (/27)
12
VLSM (Variable Length Subnet Masks)
VLSM
If you know how to subnet, you can do VLSM.
Example: 10.0.0.0/8
Subnet in /16 subnets:
10.0.0.0/16
10.1.0.0/16
10.2.0.0/16
10.3.0.0/16
Etc.
Subnet one of the subnets (10.1.0.0/16)
10.1.0.0/24
10.1.1.0/24
10.1.2.0/24
10.1.3.0/24
etc
14
VLSM
Host can only be a member

of the subnet. Host can NOT
be a member of the network
that was subnetted.
YES!
10.2.1.55/24
10.2.1.55/16
All other /16

subnets are still
available for use
as /16 networks or
to be subnetted.
NO!
15
VLSM Using the chart

This chart can be used to help
determine subnet addresses.
This can any octet.
Well keep it simple and make it the
fourth octet.
Network: 172.16.1.0/24
What if we needed 4 subnets?
What would the Mask be?
What would the addresses of each
subnet be?
What would the range of hosts be for
each subnet?
16

Network: 172.16.1.0/24
What if we needed 4 subnets?
What would the Mask be?
255.255.255.192 (/26)
What would the addresses of each subnet be?
172.16.1.0/26
172.16.1.64/26
172.16.1.128/26
172.16.1.192/26
What would the range of hosts be for each
subnet?
172.16.1.0/26: 172.16.1.1-172.16.1.62
172.16.1.64/26: 172.16.1.65-172.16.1.126
172.16.1.128/26: 172.16.1.129-172.16.1.191
172.16.1.192/26: 172.16.1.193-172.16.1.254
17
16 /30 subnets

What if we needed several (four) /30 subnets for our
serial links?
Take one of the /26 subnets and subnet it again
into /30 subnets.
Still have
3 /26
subnets
16 /30 subnets
18
Classful Subnetting
Classful IP Addressing
In the early days of the Internet, IP addresses were allocated to

organizations based on request rather than actual need.
When an organization received an IP network address, that address was
associated with a Class, A, B, or C.
This is known as Classful IP Addressing
The first octet of the address determined what class the network belonged
to and which bits were the network bits and which bits were the host bits.
There were no subnet masks.
It was not until 1992 when the IETF introduced CIDR (Classless Interdomain
Routing), making the address class meaning less.
This is known as Classless IP Addressing.
For now, all you need to know is that todays networks are classless, except
for some things like the structure of Ciscos IP routing table and for those
networks that still use Classful routing protocols.
You will learn more about this is CIS 82, CIS 83 and CIS 185.
20
IPv4 Address Classes
21
Address Classes
1st octet
2nd octet
3rd octet
4th octet
Class A
Network
Host
Host
Host
Class B
Network Network
Host
Host
Class C
Network Network Network
Host
N = Network number assigned by ARIN

(American Registry for Internet Numbers)
H = Host number assigned by administrator
22
Class A addresses
Default Mask: 255.0.0.0 (/8)
First octet is between 0 127, begins with 0

Network
Number
between 0 - 127
Host
Host
Host
8 bits
8 bits
8 bits
With 24 bits available for hosts,

there a 224 possible addresses.
Thats 16,777,216 nodes!
There are 126 class A addresses.

0 and 127 have special meaning and are not used.
16,777,214 host addresses, one for network address and one for broadcast address.
Only large organizations such as the military, government agencies, universities, and
large corporations have class A addresses.
For example ISPs have 24.0.0.0 and 63.0.0.0
Class A addresses account for 2,147,483,648 of the possible IPv4 addresses.
Thats 50 % of the total unicast address space, if classful was still used in the Internet!
23
Class B addresses
Default Mask: 255.255.0.0 (/16)

Network Network
Number
between
128 - 191
Host
Host
8 bits
8 bits

Thats 65,536 nodes!
There are 16,384 (214) class B networks.

65,534 host addresses, one for network address and one for broadcast
address.
Class B addresses represent 25% of the total IPv4 unicast address space.
Class B addresses are assigned to large organizations including corporations
(such as Cisco, government agencies, and school districts).
24
Class C addresses
Default Mask: 255.255.255.0 (/24)

Network Network Network
Host
8 bits
Number
between
192 - 223

Thats 256 nodes!
There are 2,097,152 possible class C networks.

254 host addresses, one for network address and one for broadcast
address.
Class C addresses represent 12.5% of the total IPv4 unicast address
space.
25
No medium size host networks

In the early days of the Internet, IP addresses were allocated to
organizations based on request rather than actual need.
26
Network based on first octet
The network portion of the IP address was dependent upon the first octet.
There was no Base Network Mask provided by the ISP.
The network mask was inherent in the address itself.
27
Class D Addresses
A Class D address begins with binary 1110 in the first octet.
First octet range 224 to 239.
Class D address can be used to represent a group of hosts called a host
group, or multicast group.
Class E Addresses
First octet of an IP address begins with 1111
Class E addresses are reserved for experimental purposes and should not
be used for addressing hosts or multicast groups.
28
Fill in the information

1. 192.168.1.3
Class _____
Default Mask:______________
Network: _________________
Broadcast: ________________
Hosts: _________________ through ___________________
2. 1.12.100.31
Class ______ Default Mask:______________
Network: _________________
Broadcast: ________________
Hosts: _________________ through _____________________
3. 172.30.77.5
Class ______ Default Mask:______________
Network: _________________
Broadcast: ________________
Hosts: _________________ through _____________________
29
Fill in the information

1. 192.168.1.3
Class C
Default Mask: 255.255.255.0
Network: 192.168.1.0
Broadcast: 192.168.1.255
Hosts: 192.168.1.1 through 192.168.1.254
2. 1.12.100.31
Network: 1.0.0.0
Hosts: 1.0.0.1
Class A
through

Broadcast: 1.255.255.255
1.255.255.254
3. 172.30.77.5
Class B
Network: 172.30.0.0
Broadcast: 172.30.255.255
Hosts: 172.30.0.1. through 172.30.255.254
30
Class separates network from host bits

The Class determines the Base Network Mask!
1. 192.168.1.3 Class CDefault Mask: 255.255.255.0
Network: 192.168.1.0
2. 1.12.100.31 Class A
Network: 1.0.0.0
3. 172.30.77.5 Class B
Network: 172.30.0.0
31
Know the classes!

Class
First
Bits
First
Octet
Network
Bits
Host
Bits
0 127
24
10
128 - 191
16
16
110
192 - 223
24
1110
224 239
1111
240 - 255
32
IP addressing crisis
Address Depletion
Internet Routing Table Explosion
33
IPv4 Addressing
Subnet Mask
One solution to the IP address shortage was thought to be the subnet mask.
Formalized in 1985 (RFC 950), the subnet mask breaks a single class A, B
or C network in to smaller pieces.
This does allow a network administrator to divide their network into subnets.
Routers still associated an network address with the first octet of the IP
address.
34
All Zeros and All Ones Subnets

Using the All Ones Subnet
There is no command to enable or disable the use of the all-ones subnet,
it is enabled by default.
Router(config)#ip subnet-zero
The use of the all-ones subnet has always been explicitly allowed and
the use of subnet zero is explicitly allowed since Cisco IOS version 12.0.
RFC 1878 states, "This practice (of excluding all-zeros and all-ones
subnets) is obsolete! Modern software will be able to utilize all definable
networks." Today, the use of subnet zero and the all-ones subnet is
generally accepted and most vendors support their use, though, on
certain networks, particularly the ones using legacy software, the use of
subnet zero and the all-ones subnet can lead to problems.
CCO: Subnet Zero and the All-Ones Subnet
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note091
86a0080093f18.shtml
35
Long Term Solution: IPv6 (coming)

IPv6, or IPng (IP the Next Generation) uses a 128-bit address
space, yielding
340,282,366,920,938,463,463,374,607,431,768,211,456
possible addresses.
IPv6 has been slow to arrive
IPv6 requires new software; IT staffs must be retrained
IPv6 will most likely coexist with IPv4 for years to come.
Some experts believe IPv4 will remain for more than 10 years.
36
Short Term Solutions: IPv4 Enhancements
Discussed in CIS 83 and CIS 185

CIDR (Classless Inter-Domain Routing) RFCs 1517, 1518, 1519, 1520
VLSM (Variable Length Subnet Mask) RFC 1009
Private Addressing - RFC 1918
NAT/PAT (Network Address Translation / Port Address Translation) RFC
More later when we discuss TCP
37
11111111.00000000.00000000.00000000 /8 (255.0.0.0)
16,777,216 host addresses
11111111.10000000.00000000.00000000 /9 (255.128.0.0)
ISPs
no longer restricted to
11111111.11000000.00000000.00000000
/10 (255.192.0.0)
three
classes. Can now
11111111.11100000.00000000.00000000
/11 (255.224.0.0)
allocate
a large range of
11111111.11110000.00000000.00000000
/12 (255.240.0.0)
network
addresses based
11111111.11111000.00000000.00000000
/13 (255.248.0.0)
524,288 host addresses
on11111111.11111100.00000000.00000000
customer requirements
/14 (255.252.0.0)262,144 host addresses
11111111.11111110.00000000.00000000 /15 (255.254.0.0) 131,072 host addresses
11111111.11111111.00000000.00000000 /16 (255.255.0.0) 65,536 host addresses
11111111.11111111.10000000.00000000 /17 (255.255.128.0)
11111111.11111111.11000000.00000000 /18 (255.255.192.0)
11111111.11111111.11100000.00000000 /19 (255.255.224.0)
11111111.11111111.11110000.00000000 /20 (255.255.240.0)
11111111.11111111.11111000.00000000 /21 (255.255.248.0)
11111111.11111111.11111100.00000000 /22 (255.255.252.0)
11111111.11111111.11111110.00000000 /23 (255.255.254.0)
512 host addresses
11111111.11111111.11111111.00000000 /24 (255.255.255.0)
256 host addresses
11111111.11111111.11111111.10000000 /25 (255.255.255.128)
128 host addresses
11111111.11111111.11111111.11000000 /26 (255.255.255.192)
64 host addresses
11111111.11111111.11111111.11100000 /27 (255.255.255.224)
32 host addresses
11111111.11111111.11111111.11110000 /28 (255.255.255.240)
16 host addresses
11111111.11111111.11111111.11111000 /29 (255.255.255.248)
8 host addresses
11111111.11111111.11111111.11111100 /30 (255.255.255.252)
4 host addresses
11111111.11111111.11111111.11111110 /31 (255.255.255.254)
2 host addresses
38
11111111.11111111.11111111.11111111 /32 (255.255.255.255)
Host Route
Active BGP entries March, 2006
http://bgp.potaroo.net/
39
ISP/NAP Hierarchy - The Internet: Still hierarchical after all

these years. Jeff Doyle (Tries to be anyways!)
N A P ( N e t w o r k A c c e s s P o in t )
N e tw o rk
S e r v ic e
P r o v id e r
R e g io n a l
S e r v ic e
P r o v id e r
IS P
S u b s c r ib e r s
IS P
IS P
N e tw o rk
S e r v ic e
P r o v id e r
R e g io n a l
S e r v ic e
P r o v id e r
R e g io n a l
S e r v ic e
P r o v id e r
IS P
IS P
R e g io n a l
S e r v ic e
P r o v id e r
IS P
IS P
IS P
40
IPv6
Background
That short-term solution was Network Address Translation (NAT) and RFC
1918.
There are two fundamental drivers behind the growing recognition of the need
for IPv6. (NAT stifles innovation in these areas.)
New applications using core concepts such as:
mobile IP
service quality guarantees
end-to-end security
peer-to-peer networking.
Rapid modernization of heavily populated countries such as India and
China.
A compelling statistic is that the number of remaining unallocated IPv4
addresses is almost the same as the population of China: about 1.3
billion.
42
IPv6
IPv6 replaces the 32-bit IPv4 address with a 128-bit address, making 340
trillion trillion trillion IP addresses available.
340,282,366,920,938,463,463,374,607,431,768,211,456 addresses
Represented by breaking them up into eight 16-bit segments.
Each segment is written in hexadecimal between 0x0000 and 0xFFFF,
separated by colons.
An example of a written IPv6 address is
3ffe:1944:0100:000a:0000:00bc:2500:0d0b
43
Global Unicast Addresses

Replaced
with
Note: This format, specified in RFC 3587, obsoletes and simplifies

an earlier format that divided the IPv6 unicast address into Top
Level Aggregator (TLA), Next-Level Aggregator (NLA), and other
fields. However, you should be aware that this obsolescence is
relatively recent and you are likely to encounter some books and
documents that show the old IPv6 address format.
44
The host portion of the address is called the Interface ID.

The reason for this name is that a host can have more than one IPv6
interface, and so the address more correctly identifies an interface on a
host than a host itself.
But that subtlety only goes so far:
A single interface can have:
multiple IPv6 addresses, and
an IPv4 address in addition.
45
Subnet Identifier is part of the network portion of the address rather than the
host portion.
A big benefit is that the Interface ID can be a consistent size for all IPv6
addresses.
And making the Subnet ID a part of the network portion creates a clear
separation of functions:
The network portion provides the location of a device down to the specific
data link
and
the host portion provides the identity of the device on the data link.
46
With very few exceptions:

Interface ID is 64 bits
Subnet ID field is 16 bits
provides for 65,536 separate subnets
The IANA and the Regional Internet Registries (RIRs) assign IPv6 prefixes
normally /32 or /35 in lengthto the Local Internet Registries (LIRs).
The LIRs, which are usually large Internet Service Providers, then allocate
longer prefixes to their customers. In the majority of cases, the prefixes
assigned by the LIRs are /48.
47
Background
IPv4 will exist for some time, as the transition begins to IPv6.
Other new protocols have been developed in support of IPv6:
Routing protocols (OSPFv3) so routers can learn about IPv6
network addresses.
ICMPv6
48
49
ICMP: Ping and Trace
Ethernet Header
(Layer 2)
Ethernet
Destination
Address
(MAC)
Ethernet
Source
Address
(MAC)
Frame
Type
IP Header
(Layer 3)
ICMP Message
(Layer 3)
Source IP Add.
Dest. IP Add.
Protocol field
Type
0 or 8
Code
0
Ether.
Tr.
Checksum
ID
Seq.
Num.
Data
FCS
Partial list
ICMP (Internet Control Message Protocol)

ICMP: A Layer 3 protocol
Used for sending messages
Encapsulated in a Layer 3, IP packet
Uses Type and Code fields for various messages
51
ICMP
Ethernet Header
(Layer 2)
Ethernet
Destination
Address
(MAC)
Ethernet
Source
Address
(MAC)
Frame
Type
IP Header
(Layer 3)
ICMP Message
(Layer 3)
Source IP Add.
Dest. IP Add.
Protocol field
Type
0 or 8
Code
0
Ether.
Tr.
Checksum
ID
Seq.
Num.
Data
FCS
Unreachable Destination or Service

Used to notify a host that the destination or service is unreachable.
When a host or router receives a packet that it cannot deliver, it may send
an ICMP Destination Unreachable packet to the host originating the
packet.
The Destination Unreachable packet will contain codes that indicate why
the packet could not be delivered.
From a router:
0 = network unreachable Does not have a route in the routing table
1 = host unreachable Has a route but cant find host. (end router)
From a host:
2 = protocol unreachable
3 = port unreachable
Service is not available because no daemon is running providing
the service or because security on the host is not allowing access
to the service.
52
172.30.1.20
172.30.1.25
53
Ethernet Header
(Layer 2)
Ethernet
Destination
Address
(MAC)
Ethernet
Source
Address
(MAC)
Frame
Type
IP Header
(Layer 3)
ICMP Message
(Layer 3)
Source IP Add.
Dest. IP Add.
Protocol field
Type
0 or 8
Code
0
Ether.
Tr.
Checksum
ID
Seq.
Num.
Data
FCS
Ping
Uses ICMP message encapsulated within an IP Packet
Protocol field = 1
Does not use TCP or UDP
Format
ping ip address (or ping <cr> for extended ping)
ping 172.30.1.25
54
Ethernet Header
(Layer 2)
Ethernet
Destination
Address
(MAC)
Ethernet
Source
Address
(MAC)
Frame
Type
IP Header
(Layer 3)
ICMP Message - Echo Request

(Layer 3)
Source IP
Add.
172.30.1.20
Dest. IP Add.
172.30.1.25
Protocol field
1
Type
8
Code
0
Checksum
ID
Seq.
Num.
Ether.
Tr.
Data
FCS
Echo Request
The sender of the ping, transmits an ICMP message, Echo Request
Echo Request - Within ICMP Message
Type = 8
Code = 0
55
Ethernet Header
(Layer 2)
Ethernet
Destination
Address
(MAC)
Ethernet
Source
Address
(MAC)
Frame
Type
IP Header
(Layer 3)
ICMP Message - Echo Reply

(Layer 3)
Source IP
Add.
172.30.1.25
Dest. IP Add.
172.30.1.20
Protocol field
1
Type
0
Code
0
Checksum
ID
Ether.
Tr.
Seq.
Num.
Data
FCS
Echo Reply
The IP address (destination) of the ping, receives the ICMP message,
Echo Request
The ip address (destination) of the ping, returns the ICMP message, Echo
Reply
Echo Reply - Within ICMP Message
Type = 0
Code = 0
56
Ping example
57
Pings
may fail
Q: Are pings forwarded by routers?

A: Yes! This is why you can ping devices all over the Internet.
Q: Do all devices forward or respond to pings?
A: No, this is up to the network administrator of the device. Devices, including
routers, can be configured not to reply to pings (ICMP echo requests).
This is why you may not always be able to ping a device. Also, routers can
be configured not to forward pings destined for other devices.
58
Traceroute
Traceroute is a utility that records the route (router IP addresses) between two devices on different networks.
59
Tracroute
http://en.wikipedia.org/wiki/Traceroute
On modern Unix and Linux-based operating systems, the traceroute utility
by default uses UDP datagrams with a destination port number starting at
33434.
The traceroute utility usually has an option to specify use of ICMP echo
request (type 8) instead.
The Windows utility uses ICMP echo request, better known as ping
packets.
Some firewalls on the path being investigated may block UDP probes but
allow the ICMP echo request traffic to pass through.
There are also traceroute implementations sending out TCP packets, such
as tcptraceroute or Layer Four Trace.
In Microsoft Windows, traceroute is named tracert.
A new utility, pathping, was introduced with Windows NT, combining ping
and traceroute functionality. All these traceroutes rely on ICMP (type 11)
packets coming back.
60
Trace (Traceroute)
Trace ( Cisco = traceroute, tracert,) is used to trace the probable path a

packet takes between source and destination.
Probable, because IP is a connectionless protocol, and different packets may
take different paths between the same source and destination networks,
although this is not usually the case.
Trace will show the path the packet takes to the destination, but the return path
may be different.
This is more likely the case in the Internet, and less likely within your own
autonomous system.
Linux/Unix Systems
Uses ICMP message within an IP Packet
Both are layer 3 protocols.
Uses UDP as a the transport layer.
We will see why this is important in a moment.
61
Trace
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
Format (trace, traceroute, tracert)

RTA# traceroute ip address
RTA# traceroute 192.168.10.2
62
Trace
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
1
ICMP Message - Echo Request (trace)

Type
8
Chk
sum
ID
Seq.
Num
Data
UDP
(Layer 4)
DestPort
35,000
DataLink
Tr.
FCS
Code
0
How it works (using UDP) - Fooling the routers & host!

Traceroute uses ping (echo requests)
Traceroute sets the TTL (Time To Live) field in the IP Header, initially to 1
63
Trace
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
ICMP Time Exceeded, SA = 10.0.0.2
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.2
Dest. IP Add.
10.0.0.1
Protocol field
1
ICMP Message - Time Exceeded

Type
11
Code
0
Chk
sum
ID
Seq
.
Nu
m.
Data
DataLink
Tr.
FCS
RTB - TTL:
When a router receives an IP Packet, it decrements the TTL by 1.
If the TTL is 0, it will not forward the IP Packet, and send back to the source
an ICMP time exceeded message.
ICMP Message: Type = 11, Code = 0
64
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.2
Dest. IP Add.
10.0.0.1
Protocol field
1

Type
11
Code
0
Chk
sum
ID
Seq
.
Nu
m.
Data
DataLink
Tr.
FCS
RTB
After the traceroute is received by the first router, it decrements the TTL by 1
to 0.
Noticing the TTL is 0, it sends back a ICMP Time Exceeded message back
to the source, using its IP address for the source IP address.
Router Bs IP header includes its own IP address (source IP) and the sending
hosts IP address (dest. IP).
65
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.2
Dest. IP Add.
10.0.0.1
Protocol field
1

Type
11
Chk
sum
Code
0
ID
Seq
.
Nu
m.
Data
DataLink
Tr.
FCS
RTA, Sending Host

The traceroute program of the sending host (RTA) will use the source IP
address of this ICMP Time Exceeded packet to display at the first hop.
Type escape sequence to abort.
Tracing the route to 192.168.10.2
1 10.0.0.2 4 msec 4 msec 4 msec
66
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
2

Type
8
Chk
sum
ID
Seq.
Num
Data
UDP
(Layer 4)
DestPort
35,000
DataLink
Tr.
FCS
Code
0
RTA
The traceroute program increments the TTL by 1 (now 2 ) and resends the
ICMP Echo Request packet.
67
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
RTB
This time RTB decrements the TTL by 1 and it is NOT 0. (It is 1.)
So it looks up the destination ip address in its routing table and forwards it on to
the next router.
RTC
RTC however decrements the TTL by 1 and it is 0.
RTC notices the TTL is 0 and sends back the ICMP Time Exceeded message
back to the source.
RTCs IP header includes its own IP address (source IP) and the sending hosts
IP address (destination IP address of RTA).
The sending host, RTA, will use the source IP address of this ICMP Time
Exceeded message to display at the second hop.
68
10.0.0.0/8
172.16.0.0/16
RTA
192.168.10.0/24
RTB
.1
.2
RTC
.1
RTD
.2
.1
.2
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
RTA to RTB
Data Link Header
(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
2

Type
8
Chk
sum
ID
Seq.
Num
Data
UDP
(Layer 4)
DestPort
35,000
DataLink
Tr.
FCS
Code
0
RTB to RTC
Data Link Header
(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
.
Data Link Header
(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
1
IP Header
(Layer 3)
Source IP
Add.
172.16.0.2
Dest. IP Add.
10.0.0.1
Protocol field
1

Type
8
Chk
sum
ID
Seq.
Num
Data
UDP
(Layer 4)
DestPort
35,000
DataLink
Tr.
FCS
Code
0

Type
11
Code
0
Chk
sum
ID
Seq
.
Nu
m.
Data
DataLink
Tr.
FCS
69
10.0.0.0/8
172.16.0.0/16
RTA
192.168.10.0/24
RTB
.1
.2
RTC
.1
.2
RTD
.1
.2
DataLink
Tr.
FCS
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
172.16.0.2
Dest. IP Add.
10.0.0.1
Protocol field
1
Type
11
Code
0
Chk
sum
ID
Seq
.
Nu
m.
Data
The sending host, RTA:

The traceroute program uses this information (Source IP Address) and
displays the second hop.
1 10.0.0.2 4 msec 4 msec 4 msec
2 172.16.0.2 20 msec 16 msec 16 msec
70
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
RTD
.2
.1
.2
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
DA = 192.168.10.2, TTL = 3
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
3

Type
8
Chk
sum
ID
Seq.
Num
Data
UDP
(Layer 4)
DestPort
35,000
DataLink
Tr.
FCS
Code
0
The sending host, RTA:

The traceroute program increments the TTL by 1 (now 3 ) and resends the
Packet.
71
10.0.0.0/8
172.16.0.0/16
RTA
192.168.10.0/24
RTB
.1
RTC
.2
.1
RTD
.2
.1
.2
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
DA = 192.168.10.2, TTL = 3
RTA to RTB
Data Link Header
(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
3
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address

Type
8
Chk
sum
Seq.
Num
Data
DataLink
Tr.
FCS
Code
0
RTB to RTC
ID
UDP
(Layer 4)
DestPort
35,000
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
2

Type
8
Chk
sum
ID
Seq.
Num
Data
UDP
(Layer 4)
DestPort
35,000
DataLink
Tr.
FCS
Code
0
RTC to RTD
Data Link Header
(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
1

Type
8
Chk
sum
ID
Seq.
Num
Data
UDP
(Layer 4)
DestPort
35,000
DataLink
Tr.
FCS
Code
0
72
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
DA = 192.168.10.2, TTL = 3
RTB
This time RTB decrements the TTL by 1 and it is NOT 0. (It is 2.)
So it looks up the destination ip address in its routing table and forwards it on to the next
router.
RTC
This time RTC decrements the TTL by 1 and it is NOT 0. (It is 1.)
So it looks up the destination ip address in its routing table and forwards it on to the next
router.
RTD
RTD however decrements the TTL by 1 and it is 0.
However, RTD notices that the Destination IP Address of 192.168.0.2 is its own interface.
Since it does not need to forward the packet, the TTL of 0 has no affect.
73
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
10.0.0.1
Dest. IP Add.
192.168.10.2
Protocol field
1
TTL
1

Type
8
Chk
sum
ID
Seq.
Num
Data
UDP
(Layer 4)
DestPort
35,000
DataLink
Tr.
FCS
Code
0
IP Header
(Layer 3)
Source IP
Add.
192.168.10.2
Dest. IP Add.
10.0.0.1
Protocol field
1
ICMP Message Port Unreachable

Type
3
Code
3
Chk
sum
ID
Seq
.
Nu
m.
Data
DataLink
Tr.
FCS
RTD
RTD sends the packet to the UDP process.
UDP examines the unrecognizable port number of 35,000 and sends back an
ICMP Port Unreachable message to the sender, RTA, using Type 3 and
Code 3.
74
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
DA = 192.168.10.2, TTL = 3
ICMP Port Unreachable, SA = 192.168.10.2
Data Link Header

(Layer 2)
Data Link
Data Link
Destination
Source
Address
Address
IP Header
(Layer 3)
Source IP
Add.
192.168.10.2
Dest. IP Add.
10.0.0.1
Protocol field
1
ICMP Message Port Unreachable

Type
3
Code
3
Chk
sum
ID
Seq
.
Nu
m.
Data
DataLink
Tr.
FCS
Sending host, RTA

RTA receives the ICMP Port Unreachable message.
The traceroute program uses this information (Source IP Address) and displays
the third hop.
The traceroute program also recognizes this Port Unreachable message as
meaning this is the destination it was tracing.
75
10.0.0.0/8
172.16.0.0/16
RTA
RTB
.1
.2
192.168.10.0/24
RTC
.1
.2
RTD
.1
.2
DA = 192.168.10.2, TTL = 1
DA = 192.168.10.2, TTL = 2
DA = 192.168.10.2, TTL = 3
ICMP Port Unreachable, SA = 192.168.10.2
Sending host, RTA

RTA, the sending host, now displays the third hop.
Getting the ICMP Port Unreachable message, it knows this is the final hop
and does not send any more traces (echo requests).
1 10.0.0.2 4 msec 4 msec 4 msec
2 172.16.0.2 20 msec 16 msec 16 msec
3 192.168.10.2 16 msec 16 msec 16 msec
76
Recommended Reading
For more information on ICMP and other TCP/IP topics, I recommend:

TCP/IP Illustrated, Volume I R.W. Stevens
77
Chapter 6
IPv4 Addresses Part 3
CIS 81 Networking Fundamentals
Rick Graziani
Cabrillo College
graziani@cabrillo.edu
Last Updated: 4/13/2008

Cis81 E1 6 IPv4Addresses Part3

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cis81 E1 6 IPv4Addresses Part3

Uploaded by

Copyright:

Available Formats

Chapter 6

IPv4 Addresses Part 3

Calculating the number subnets/hosts needed

Calculating the number subnets/hosts

Calculating the number subnets/hosts needed

Calculating the number subnets/hosts needed

Number of hosts per subnet

Calculating the number subnets/hosts needed

Calculating the number subnets/hosts needed

Calculating the number subnets/hosts needed

Number of hosts per subnet

Calculating the number subnets/hosts needed

Number of hosts per subnet

Calculating the number subnets/hosts needed

Calculating the number subnets/hosts needed

Calculating the number subnets/hosts needed

Number of hosts per subnet

VLSM (Variable Length Subnet Masks)

Host can only be a member

All other /16

VLSM Using the chart

VLSM Using the chart

VLSM Using the chart

In the early days of the Internet, IP addresses were allocated to

IPv4 Address Classes

Network Network Network

N = Network number assigned by ARIN

Default Mask: 255.0.0.0 (/8)

First octet is between 0 127, begins with 0

With 24 bits available for hosts,

There are 126 class A addresses.

Default Mask: 255.255.0.0 (/16)

First octet is between 128 191, begins with 10

With 16 bits available for hosts,

There are 16,384 (214) class B networks.

Default Mask: 255.255.255.0 (/24)

First octet is between 192 223, begins with 110

With 8 bits available for hosts,

There are 2,097,152 possible class C networks.

IPv4 Address Classes

No medium size host networks

Network based on first octet

IPv4 Address Classes

Fill in the information

Fill in the information

Default Mask: 255.0.0.0

Class separates network from host bits

Default Mask: 255.0.0.0

Default Mask: 255.255.0.0

Know the classes!

All Zeros and All Ones Subnets

Long Term Solution: IPv6 (coming)

Short Term Solutions: IPv4 Enhancements

Discussed in CIS 83 and CIS 185

Active BGP entries March, 2006

ISP/NAP Hierarchy - The Internet: Still hierarchical after all

Global Unicast Addresses

Note: This format, specified in RFC 3587, obsoletes and simplifies

Global Unicast Addresses

The host portion of the address is called the Interface ID.

Global Unicast Addresses

Global Unicast Addresses

With very few exceptions:

ICMP: Ping and Trace