Sunday, 23 December 2012

IPv6 Addressing and Expressions

Just as understanding how IP addresses are structured and used is critical with IPv4 addressing, it’s also vital when it comes to IPv6. You’ve already read about the fact that at 128 bits, an IPv6 address is much larger than an IPv4 address. Because of this, as well as the new ways the addresses can be used, you’ve probably guessed that IPv6 will be more complicated to manage. But no worries! As I said, I’ll break down the basics and show you what the address looks like, how you can write it, and what many of its common uses are. It’s going to be a little weird at first, but before you know it, you’ll have it nailed!

So let’s take a look at Figure 1.1, which has a sample IPv6 address broken down into sections.





Remember where you can find this subnet ID because we’ll use it in “Configuring IPv6 on Our internetwork”

So as you can now see, the address is truly much larger—but what else is different? Well, first, notice that it has eight groups of numbers instead of four and also that those groups are separated by colons instead of periods. And hey wait a second… there are letters in that address! Yep, the address is expressed in hexadecimal just like a MAC address is, so you could say this address has eight 16-bit hexadecimal colon-delimited blocks. That’s already quite a mouthful, and you probably haven’t even tried to say the address out loud yet!

One other thing I want to point out is for when you set up your test network to play with IPv6, because I know you’re going to want to do that. When you use a web browser to make an HTTP connection to an IPv6 device, you have to type the address into the browser with brackets around the literal address. Why? Well, a colon is already being used by the browser for specifying a port number. So basically, if you don’t enclose the address in brackets, the browser will have no way to identify the information.

Here’s an example of how this looks:

http://[2001:0db8:3c4d:0012:0000:0000:1234:56ab]/default.html

Now obviously if you can, you would rather use names to specify a destination (like www.lammle.com), but even though it’s definitely going to be a pain in the rear, we just have to accept the fact that sometimes we have to bite the bullet and type in the address number. So it should be pretty clear that DNS is going to become extremely important when implementing IPv6.

Shortened Expression

The good news is there are a few tricks to help rescue us when writing these monster addresses. For
one thing, you can actually leave out parts of the address to abbreviate it, but to get away with doing that you have to follow a couple of rules. First, you can drop any leading zeros in each of the individual blocks. After you do that, the sample address from earlier would then look like this:

2001:db8:3c4d:12:0:0:1234:56ab

Okay, that’s a definite improvement—at least we don’t have to write all of those extra zeros!
But what about whole blocks that don’t have anything in them except zeros? Well, we can kind
of lose those too—at least some of them. Again referring to our sample address, we can remove
the two blocks of zeros by replacing them with double colons, like this:

2001:db8:3c4d:12::1234:56ab

Cool—we replaced the blocks of all zeros with double colons. The rule you have to follow
to get away with this is that you can only replace one contiguous block of zeros in an address.
So if my address has four blocks of zeros and each of them were separated, I just don't get to
replace them all; remember the rule is that you can only replace one contiguous block with a
double colon. Check out this example:

2001:0000:0000:0012:0000:0000:1234:56ab

And just know that you
can’t
do this:

2001::12::1234:56ab

Instead, this is the best that you can do:

2001::12:0:0:1234:56ab

The reason why the above example is our best shot is that if we remove two sets of zeros,
the device looking at the address will have no way of knowing where the zeros go back in.
Basically, the router would look at the incorrect address and say, “Well, do I place two blocks
into the first set of double colons and two into the second set, or do I place three blocks into
the first set and one block into the second set?” And on and on it would go because the information
the router needs just isn’t there.

Address Types

We’re all familiar with IPv4’s unicast, broadcast, and multicast addresses that basically define
who or at least how many other devices we’re talking to. But as I mentioned, IPv6 adds to that
trio and introduces the anycast. Broadcasts, as we know them, have been eliminated in IPv6
because of their cumbersome inefficiency.

So let’s find out what each of these types of IPv6 addressing and communication methods do for us.

Unicast

Packets addressed to a unicast address are delivered to a single interface. For load balancing, multiple interfaces can use the same address. There are a few different types of unicast addresses, but we don’t need to get into that here.

Global unicast addresses

These are your typical publicly routable addresses, and they’re the same as they are in IPv4. Link-local addresses These are like the private addresses in IPv4 in that they’re not meant to be routed. Think of them as a handy tool that gives you the ability to throw a temporary LAN together for meetings or for creating a small LAN that’s not going to be routed but still needs to share and access files and services locally.

Unique local addresses

These addresses are also intended for non-routing purposes, but they are nearly globally unique, so it’s unlikely you’ll ever have one of them overlap. Unique local addresses were designed to replace site-local addresses, so they basically do almost exactly what IPv4 private addresses do—allow communication throughout a site while being routable to multiple local networks. Site-local addresses were denounced as of September 2004.

Multicast

Again, same as in IPv4, packets addressed to a multicast address are delivered to all interfaces identified by the multicast address. Sometimes people call them one-to-many addresses. It’s really easy to spot a multicast address in IPv6 because they always start with FF.

I’ll get into greater detail about multicast operation in the section “How IPv6 Works in an Internetwork.” Anycast Like multicast addresses, an anycast address identifies multiple interfaces, but there’s a big difference: the anycast packet is only delivered to one address—actually, to the first one it finds defined in terms of routing distance. And again, this address is special because you can apply a single address to more than one interface. You could call them one-to-one-ofmany addresses, but just saying “anycast” is a lot easier.

You’re probably wondering if there are any special, reserved addresses in IPv6 because you know they’re there in IPv4. Well there are—plenty of them! Let’s go over them now.


Special Addresses

I’m going to list some of the addresses and address ranges that you should definitely make a point to remember because you’ll eventually use them. They’re all special or reserved for specific use, but unlike IPv4, IPv6 gives us a galaxy of addresses, so reserving a few here and there doesn’t hurt a thing!

0:0:0:0:0:0:0:0
Equals ::. This is the equivalent of IPv4’s 0.0.0.0, and is typically the source
address of a host when you’re using stateful configuration.
0:0:0:0:0:0:0:1
Equals ::1. The equivalent of 127.0.0.1 in IPv4.
0:0:0:0:0:0:192.168.100.1
This is how an IPv4 address would be written in a mixed
IPv6/IPv4 network environment.
2000::/3
The global unicast address range.
FC00::/7
The unique local unicast range.
FE80::/10
The link-local unicast range.
FF00::/8
The multicast range.
3FFF:FFFF::/32
Reserved for examples and documentation.
2001:0DB8::/32
Also reserved for examples and documentation.
2002::/16

Used with 6to4, which is the transition system—the structure that allows IPv6 packets to be transmitted over an IPv4 network without the need to configure explicit tunnels. We’ll get more into this later in “Migrating to IPv6,” but for now let me show you how IPv6 actually works in an internetwork. We all know how IPv4 works, so let’s see what’s new.


Enhanced by Zemanta

Benefits and Uses of IPv6

So what’s so fabulous about IPv6? Is it really the answer to our coming dilemma? Is it really worth it to upgrade from IPv4? All good questions—you may even think of a few more. Of course, there’s going to be that group of people with the time-tested and well-known “resistance to change syndrome,” but don’t listen to them. If we had done that years ago, we’d still be waiting weeks, even months for our mail to arrive via horseback. Instead, just know that the answer is a resounding YES!

Not only does IPv6 give us lots of addresses (3.4×10^38 = definitely enough), but there are many other features built into this version that make it well worth the cost, time, and effort required to migrate to it. Later in the chapter I’ll talk about all that effort in the section called “Migrating to IPv6.” In it, I’ll cover some of the transition types required to move from version 4 to version 6, and I promise you’ll discover that the huge benefits of migrating will vastly outweigh any associated cons.

Today’s networks, as well as the Internet, have a ton of unforeseen requirements that simply were not considerations when IPv4 was created. We’ve tried to compensate with a collection of add-ons that can actually make implementing them more difficult than they would be if they were required by a standard. By default, IPv6 has improved upon and included many of those features as standard and mandatory. One of these sweet new standards is IPSec—a feature that provides end-to-end security  “Wide Area Networks.” Another little beauty is known as mobility, and as its name suggests, it allows a device to roam from one network to another without dropping connections. But it’s the efficiency features that are really going to rock the house! For starters, the header in an IPv6 packet have half the fields, and they are aligned to 64 bits, which gives us some seriously souped-up processing speed—compared to IPv4, lookups happen at light speed!

Most of the information that used to be bound into the IPv4 header was taken out, and now you can choose to put it, or parts of it, back into the header in the form of optional extension headers that follow the basic header fields.

And of course there’s that whole new universe of addresses (3.4 x 10^38) we talked about already. But where did we get them? Did that Criss Angel–Mindfreak dude just show up and, Blammo? I mean, that huge proliferation of addresses had to come from somewhere! Well it just so happens that IPv6 gives us a substantially larger address space, meaning the address is a whole lot bigger—four times bigger as a matter of fact!

An IPv6 address is actually 128 bits in length, and no worries—I’m going to break down the address piece by piece and show you exactly what it looks like coming up in the section “IPv6 Addressing and Expressions.” For now, let me just say that all that additional room permits more levels of hierarchy inside the address space and a more flexible address architecture. It also makes routing much more efficient and scalable because the addresses can be aggregated a lot more effectively. And IPv6 also allows multiple addresses for hosts and networks. This is especially important for enterprises jonesing for availability. Plus, the new version of IP now includes an expanded use of multicast communication (one device sending to many hosts or to a select group), which will also join in to boost efficiency on networks because communications will be more specific.

IPv4 uses broadcasts very prolifically, causing a bunch of problems, the worst of which is of course the dreaded broadcast storm—an uncontrolled deluge of forwarded broadcast traffic that can bring an entire network to its knees and devour every last bit of bandwidth. Another nasty thing about broadcast traffic is that it interrupts each and every device on the network. When a broadcast is sent out, every machine has to stop what it’s doing and respond to the traffic whether the broadcast is meant for it or not.

But smile everyone: There is no such thing as a broadcast in IPv6 because it uses multicast traffic instead. And there are two other types of communication as well: unicast, which is the same as it is in IPv4, and a new type called anycast. Anycast communication allows the same address to be placed on more than one device so that when traffic is sent to one device addressed in this way, it is routed to the nearest host that shares the same address. This is just the beginning—we’ll get more into the various types of communication in the section called “Address Types.”

Why Do We Need IPv6?

It’s reality—the number of people and devices that connect to networks increases each and every day. That’s not a bad thing at all—we’re finding new and exciting ways to communicate to more people all the time, and that’s a good thing. In fact, it’s a basic human need. But the forecast isn’t exactly blue skies and sunshine because, as I alluded to in this chapter’s introduction, IPv4, upon which our ability to communicate is presently dependent, is going to run out of addresses for us to use.

IPv4 has only about 4.3 billion addresses available—in theory, and we know that we don’t even get to use all of those. There really are only about 250 million addresses that can be assigned to devices. Sure, the use of Classless Inter-Domain Routing (CIDR) and Network Address Translation (NAT) has helped to extend the inevitable dearth of addresses, but we will run out of them, and it’s going to happen within a few years. China is barely online, and we know there’s a huge population of people and corporations there that surely want to be.

There are a lot of reports that give us all kinds of numbers, but all you really need to think about to convince yourself that I’m not just being an alarmist is the fact that there are about 6.5 billion people in the world today, and it’s estimated that just over 10 percent of that population is connected to the Internet—wow!

That statistic is basically screaming at us the ugly truth that based on IPv4’s capacity, every person can’t even have a computer—let alone all the other devices we use with them. I have more than one computer, and it’s pretty likely you do too. And I’m not even including in the mix phones, laptops, game consoles, fax machines, routers, switches, and a mother lode of other devices we use every day!

So I think I’ve made it pretty clear that we’ve got to do something before we run out of addresses and lose the ability to connect with each other as we know it. And that “something” just happens to be implementing IPv6.

Sunday, 9 December 2012

The network associate is configuring OSPF on the Core router shown below. All the connections to the branches should be participating in OSPF. The link to the ISP should NOT participate in OSPF and should only be advertised as the default route. What set of commands will properly configure the Core router?

The network associate is configuring OSPF on the Core router shown below:






A. Core(config-router)# default-information originate
Core(config-router)# network 10.0.0.00.255.255.255 area 0
Core(config-router)# exit
Core(config)# ip route 0.0.0.00.0.0.010.10.2.14
B. Core(config-router)# default-information originate
Core(config-router)# network 10.10.2.32 0.0.0.31 area 0
Core(config-router)# exit
Core(config)# ip route 0.0.0.00.0.0.0 10.10.2.14
C. Core(config-router)# default-information originate
Core(config-router)# network 10.10.2.13 0.0.0.242 area 0
Core(config-router)# exit
Core(config)# ip route 0.0.0.00.0.0.010.10.2.14
D. Core(config-router)# default-information originate
Core(config-router)# network 10.10.2.16 0.0.0.15 area 0
Core(config-router)# exit
Core(config)# ip route 0.0.0.00.0.0.010.10.2.14

Answer: D

Explanation:

There are two ways to inject a default route into a normal area.
1. If the ASBR already has the default route in its routing table, you can advertise the
existing 0.0.0.0/0 into the OSPF domain with the default-information originate router
configuration command.

2. If the ASBR doesn't have a default route, you can add the keyword always to the
default-information originate command (default-information originate always).

This command will advertise a default route into the OSPF domain, regardless of whether
it has a route to 0.0.0.0. Another benefit of adding always keyword is that it can add
stability to the internetwork. For example, if the ASBR is learning a default route from
another routing domain such as RIP and this route is flapping, then without the always
keyword, each time the route flaps, the ASBR will send a new Type 5 LSA into the OSPF
domain causing some instability inside the OSPF domain. With the always keyword, the
ASBR will advertise the default inside the OSPF domain always, and thus the flapping of
the default route from the RIP domain will not cause any instability inside the OSPF
domain.

In the example shown here, only choice D is correct as the wildcard mask correctly
specifies the 10.10.2.16 0.0.0.15 networks, which include all IP addresses in the
10.10.2.16-10.10.2.31 range.



Users at Testking 1 wish to utilize the existing Internet connection at Testking 2. To do this, a gateway of last resort needs to be set. What is the command to do this?

A new point to point circuit is installed, connecting Testking 1 to Testking 2 as
shown below:





A. TestKing1(config)# ip route 172.16.4.2 0.0.0.0 0.0.0.0
B. TestKing1(config)# ip route 0.0.0.0 0.0.0.0 S1
C. TestKing1(config)# ip route 172.16.4.1 0.0.0.0 0.0.0.0
D. TestKing1(config)# ip route S0 0.0.0.0 0.0.0.0
E. TestKing1(config)# ip route 0.0.0.0 0.0.0.0 172.16.4.2
F. None of the above

Answer: E

Explanation:

Setting the default gateway is done by issuing either the "ip route 0.0.0.0 0.0.0.0 serial 0"
or the "ip route 0.0.0.0 0.0.0.0 172.16.4.2" command. The following excerpt provides
some additional information:





Incorrect Answers:

A, C. The IP address of the next hop needs to go after the route, not before.
B. This would have been acceptable if the interface specified was S0, not S1.
C. The interface used to forward packets for the route should be placed after the route, not
before.

The TestKing network consists of a small office with twenty-five employees that has one connection to the Internet through the TK1 router. What routing configurations are recommended on the TK1 and ISP routers?

The TestKing network is displayed in the diagram shown below:


A. BGP on both the routers.
B. RIP on both the routers.
C. Default routes on both routers.
D. BGP on the ISP router and a static route on TK1.
E. A default route on TK1 and a static route on the ISP router.
F. None of the above

Answer: E

Explanation:

Since private network use RFC 1918 IP address ranges internally, and because of security
reasons, it is generally not possible to use an interior routing protocol with the ISP. This
eliminates choice B. When connecting to an ISP, usually only BGP or static routes are
supported. In this case, since there is only one connection to the Internet, BGP is not
needed so choices A and D can be eliminated. A static default route would be needed on
router TK1 to route to the Internet. In turn, the ISP only needs a specific static route to
reach the LAN of the TestKing network.

Incorrect Answers:

A, D: BGP is not needed on networks that contain only a single link to the Internet.
B. Interior routing protocols are generally not supported with an ISP.
C. A default route on the ISP router would send all of their customers Internet traffic to
the TestKing network, and not the Internet.

Monday, 3 December 2012

Host TestKing1 needs to communicate with the email server shown. What address will be placed in the destination address field of the frame when it leaves Host TestKing1?

Part of the TestKing network is shown below:






A. The MAC address of Host TestKing1
B. The MAC address of E0 of the router TestKingC
C. The MAC address of Switch TestKingB
D. The MAC address of E1 of the router TestKingC
E. The MAC address of Switch TestKingA
F. The MAC address of the email server TestKingD
G. None of the above

Answer: B

Explanation:

Since the email server resides on a different IP subnet than the host TestKing1, the host
will send the frame to its default gateway. In this case, the router TestKingC is acting as
the default gateway for all hosts on the LAN, so the frame will be sent to its Ethernet
interface so that it can be routed to the email server.

In the network below, host TestKingA is transferring a file to the FTP server. Point A represents the frame as it goes toward the TestKing1 router. What will the Layer 2 destination address be at this point?






A. 192.168.7.17
B. abcd.1123.0045
C. aabb.555.2222
D. 192.168.1.1
E. abcd.2246.0035

Answer: E

Explanation:

For packets destined to a host on another IP network, the destination MAC address will
be the LAN interface of the router. Since the FTP server lies on a different network, the
host will know to send the frame to it's default gateway, which is TestKing1.

Please study the exhibit carefully. If host TestKingA sends an IP packet to host TestKingB, what will the source physical (MAC) address be in the frame when it reaches host TestKingB?

Exhibit:



A. A1:A1:A1:A1:A1:A1
B. D4:D4:D4:D4:D4:D4
C. B2:B2:B2:B2:B2:B2
D. 10.168.11.88
E. 10.168.10.99
F. C3:C3:C3:C3:C3:C3

Answer: F

Explanation:

When packets transfer from one host to another across a routed segment, the source IP
address always remains the same source IP address, and the source physical (MAC)
address will be the existing router's interface address. Similarly, the destination IP address
always remains the same and the destination physical (MAC) address is the destination
router's interface address.

Please study the exhibit below carefully. If host TestKingA sends an IP packet to host TestKingB, what will the OSI Layer 3 source address be in the packet when it reaches host B?

Exhibit:







A. B2:B2:B2:B2:B2:B2
B. A1:A1:A1:A1:A1:A1
C. 10.168.10.99
D. 10.168.11.65
E. C3:C3:C3:C3:C3:C3
F. 10.168.11.88
G. None of the above

Answer: C

Explanation:

When packets transfer from one host to another across a routed segment, the source IP
address always remains the same source IP address, and the physical (MAC) address will
be the existing router's interface address. Similarly, the destination IP address always
remains the same and the destination physical (MAC) address is the destination router's
interface address.

Refer to the exhibit below. Host A is communicating with host B. How will the data be addressed when it leaves host A?

Two TestKing hosts are shown below:


A. Source MAC=000A.8A47.E612
Destination MAC=000B.DC04.12F4
Source IP=192.168.23.4
Destination IP=192.168.23.1

B. Source MAC=000A.8A47.E612
Destination MAC=0010.7BE7.FAEF
Source IP=192.168.23.4
Destination IP=192.168.127.7

C. Source MAC=000A.8A47.E612
Destination MAC=000B.DC04.12F4
Source IP=192.168.23.4
Destination IP=192.168.127.7

D. Source MAC=000A.8A47.E612
Destination MAC=0010.7BE7.FAEF
Source IP=192.168.23.4
Destination IP=192.168.23.1

E. None of the above

Answer: B

Explanation:

When packets leave from the host, the packets contains the source MAC and IP of the
host address. The source and destination IP address will not change (if it did, the router
devices would not know where to send the data). Because the host knows that the
destination is on another subnet, it will forward the packet to the default gateway device,
so the destination MAC address will be of the default gateway, which is the LAN
interface of router TestKing1.