Cisco®CCDA Exam Cram Notes : Addressing and Routing Protocols in an Existing Network

2. Addressing and Routing Protocols in an Existing Network

2.1 Design an effective IP addressing scheme

VLSM (Variable Length Subnet Masking): VLSM allows efficient use of IP addresses. Networks implemented with VLSM can be summarized more efficiently due to manual control. With a distance vector protocol such as RIP or IGRP, only one subnet mask value can be used on a network, as subnet mask values are not sent in routing updates. Variable-Length Subnet Masking : Variable-Length Subnet Masking (VLSM) means implementing more than one mask on the same major class of a network. It allows for a more efficient use of IP address space both in terms of hosts and subnets, and can be essential on a network that does not have an abundance of IP address space. Policy based routing is applied to incoming packets.

The following routing protocols support VLSM:

1. RIPv2

2. EIGRP

3. IS-IS

4. OSPF

5. BGP

EIGRP, and OSPF use Autonomous System (AS) numbers. An EIGRP AS is a complex network that has diverse bandwidth and delay characteristics.

The following protocols support automatic route summarization at major network boundaries.

1. RIPv1

2. RIPv2

3. IGRP/EIGRP

Note that OSPF does not support auto-summarization of routes.

Convergence is the term used to describe the state at which all the internetworking devices, running specific routing protocol, are having the same information about the internetwork in their routing tables. The time it takes to arrive at common view of the internetwork is called Convergence Time.

Given below are some important features of classful and classless routing protocols:

Classful routing protocols: RIPv1, IGRP are examples of classful routing protocols. It is important to know that classful routing protocols do not exchange subnet information during routing information exchanges. The summarization is always done automatically at major network boundaries.

Classless routing protocols: RIPv2, EIGRP, OSPF, BGPv4, and IS-IS are examples of classless routing protocols. In classless routing protocols, subnet information is exchanged during routing updates. This results in more efficient utilization of IP addresses. The summarization in classless networks is manually controlled.

The following are distance vector protocols:

RIPv1, RIPv2, IGRP, and EIGRP are distance vector protocols. However, EIGRP supports classless routing. IS-IS (Intermediate System-to-Intermediate System) is an OSI link-state hierarchical routing protocol uses link-state information to build routing tables.

The following are some of the important characteristics of an autonomous system:

1. An autonomous system consists of routers that present a consistent view of routing to the external world.

2. Exterior routing protocols are used between autonomous systems.

3. Interior routing protocols are used within a single autonomous system.

IPv6 Addressing: The IPv6 addressing scheme supports 128 bits. Flow label is a new field in the IPv6 header.

The IPv6 header fields are as follows:

1. version (4 bit): Indicates the protocol version, and will thus contain the number 6.

2. DS byte (8 bit): This field is used by the source and routers to identify the packets belonging to the same traffic class and thus distinguish between packets with different priorities.

3. flow label (20 bit): Label for a data flow

4. payload length (16 bit): Indicates the length of the packet data field.

5. next header (8 bit): ): Identifies the type of header immediately following the IPv6 header.

6. hop limit (8 bit): Decremented by one by each node that forwards the packet. When the hop limit field reaches zero, the packet is discarded.

7. source address (128 bit): The address of the originator of the packet.

8. destination address ( 128 bit) : The address of the intended recipient of the packet.

The following figure shows the fields that appear in the IPv6 header and the order in which the fields appear.

Ipv6 Header Format

"Next header field" in IPv6 packet is similar to the "Protocol Type" field in Ipv4 header, with more number of available options.

IPv6 packet is 128 bits long. It will have basic packet header, and optional extension header. The next header field within an extension header points to the next header in the chain. In an IPv6 network, a host can auto configure its IP address without the help of a DHCP server.

The extension header may include the following:

  • Hop-by-Hop options
  • Destination options
  • Routing (specifies intermediate routers that the route must include forcing an administratively defined path)
  • Fragment (Used to divide packets that are too large for the maximum unit (MTU) )
  • Authentication and Encapsulating Security Payload (ESP)

IPv6 hosts supports the following:

  • Loopback address (::::1/128)
  • All-nodes multicast addresses (FF01::1 and FF02::1)
  • Link-local address (FE80::/10), autoconfigured.

3 types of addresses are supported in IPv6:

  • Unicast: one-to-one with various scopes (i.e.: Global, Link, Unique Local, Compatible)
  • Anycast: one-to-nearest (allocated from unicast)3. Multicast: one-to-many

ISATAP (Intrasite Automatic Tunnel Addressing Protocol ): an automatic overlay tunneling mechanism that uses the underlying IPv4 network as a NBMA link layer for Ipv6. With ISATAP, the link-local address is generated by concatenating FE80::5EFE with IPv4 address expressed in hexadecimal. For example, with IPv4 192.168.20.20, the link-local address is FE80::5EFE:C0A8:1414

1.Dual Stock Model (DSM) is completely based on the dual-stack transition mechanism. A device or network on which two protocol stacks have been enabled at the same time operates in dual-stack mode. Examples of previous uses of dual-stack include IPv4 and IPX, or IPv4 and Apple Talk co-existing on the same device.

Dual-stack is the preferred, most versatile way to deploy IPv6 in existing IPv4 environments. IPv6 can be enabled wherever IPv4 is enabled along with the associated features required to make IPv6 routable, highly available, and secure. The primary drawback to DSM is that network equipment upgrades might be required when the existing network devices are not Ipv6-capable.

2. Hybrid Model: The hybrid model strategy is to employ two or more independent transition mechanisms with the same deployment design goals. Flexibility is the key aspect of the hybrid approach in which any combination of transition mechanisms can be leveraged to best fit a given network environment.

The following are the three main IPv6 transition mechanisms leveraged by this model:

Dual-stack-Deployment of two protocol stacks: IPv4 and IPv6

ISATAP-Host-to-router tunneling mechanism that relies on an existing IPv4-enabled infrastructure

Manually-configured tunnels- Router-to-router tunneling mechanism that relies on an existing IPv4-enabled infrastructure

HM provides hosts with access to IPv6 services even when the underlying network infrastructure may not support IPv6 natively.

3. Service Block Model: The ISATAP deployment on the Service Block Model (SBM) is nearly identical to that of Hybrid Model (HM). The only difference between the SBM and HM is that the SBM is using a new set of switches that are dedicated to terminating connections (ISATAP, configured tunnels, or dual-stack) while the HM uses the existing core layer switches for termination.

Compound model is a fictitious model and does not exist in the Ipv6 to Ipv4 transition domain.

The Neighbor Discovery Protocol (NDP, ND) - NDP is a protocol in the Internet protocol suite used with Internet Protocol Version 6 (IPv6). It operates in the Link Layer of the Internet model, and is responsible for address autoconfiguration of nodes, discovery of other nodes on the link, determining the addresses of other nodes, duplicate address detection, finding available routers and Domain Name System (DNS) servers, address prefix discovery, and maintaining reachability information of other active neighbor nodes. Note that ARP (Address Resolution Protocol) is used in Ipv4 network to resolve IP to physical address.

IPv6 SLAAC and DHCP: An IPv6 host can configure its complete or part of the address automatically, which depends on the type and method it uses for autoconfiguration. The method types include:

  • Stateful autoconfiguration
  • Stateless autoconfiguration using EUI-64 addressing process (SLAAC)

Stateful autoconfiguration is a method in which a host or router is assigned its entire 128-bit IPv6 address with the help of DHCP.

Stateless autoconfiguration or SLAAC is another method in which the host or router interface is assigned a 64-bit prefix, and then the last 64 bits of its address are derived by the host or router with help of EUI-64 process

AAAA record in IPV6 is similar to the A record in IPv4 network. Note that IPv6 address consists of 128 bits where as Ipv4 address consists of only 32 bits.

Methods used for IPv4 to IPv6 transition

main transition mechanisms are Manual, Teredo, 6 to 4, ISATAP Tunnelling, and NAT-PT. GRE is another tunnelling technology that is similar to the other tunnelling technologies, and used for IPv4 to IPv6 tunnelling and vice versa.

GRE : IPv6 traffic can be carried over IPv4 GRE tunnels using the standard GRE tunneling technique. The tunnels are not tied to a specific passenger or transport protocol, but in this case, carry IPv6 as the passenger protocol with the GRE as the carrier protocol and IPv4 or IPv6 as the transport protocol. The primary use of GRE tunnels is for stable connections that require regular secure communication between two edge routers or between an edge router and an end system. The edge routers and the end systems must be dual-stack implementations.

NAT-PT : The term NAT-PT stands for Network Address Translation and Protocol Translation. NAT refers to translation of an IPv4 address into an IPv6 address and vice-versa and PT stands for the translation of the IPv4 packet into a semantically equivalent IPv6 packet and vice-versa. NAT-PT allows native IPv6 hosts and applications to communicate with native IPv4 hosts and applications, and vice-versa. A NAT-PT device resides at the boundary between an IPv6 and IPv4 network. IPv6 NAT-PT is to be used with IPv4 to IPv6 migration scenarios and it's purpose is to provide bi-directional connectivity between IPv4 and IPv6 domains. Cisco points out that many other transition techniques are possible, and NAT-PT (Network Address Translation Protocol Translation) should not be used when other, more "native" options exist, such as having dual stack hosts communicate directly through dual stack routers. Another example provided of when NAT-PT is not needed is when two islands of IPv6 want to communicate over an IPv4-only backbone.

For the job of NAT-PT, a dual-stack router with interfaces in both IPv4 and IPv6 networks is capable of performing this task. The difference from classic IPv4 NAT is that translations should be done both ways: IPv6 packets routed towards IPv4 hosts should have their src/dst addresses changed to some IPv4 equivalents and vice versa, while IPv4 packets sent toward IPv6 hosts should get both src and dst addresses replaced with IPv6 addresses.

Note that:

IPv6 NAT-PT translates addresses both ways
IPv6 NAT-PT requires an IPv6 NAT /96 prefix
IPv6 NAT-PT could be configured using static bi-directional entries
IPv6 NAT-PT dynamic translations use IPv4 address pool to map many IPv6 addresses to a small group of IPv4 addresses
IPv6 NAT-PT allows IPv4 address mapping inside IPv6 NAT prefix

6 to 4 : 6to4 enables dual-stack devices to transmit IPv6 traffic across an IPv4 backbone via 6to4 relay servers without the need to manually configure tunnels. Similar to ISATAP, the tunneled IPv6 traffic is encapsulated in IP protocol 41 packets on the IPv4 network. 6to4 may be used by an individual host, or by a local IPv6 network, but does require the use of a public IPv4 address. A 6-to-4 tunnel works similarly to a manual tunnel, except that the tunnel is set up automatically. It uses IPv6 addresses that concatenate 2002::/16 with the 32-bit IPv4 address of the edge router, creating a 48-bit prefix. The EUI-64 format interface ID is derived from the 48-bit MAC address by inserting the hex FFFE between the organizationally unique identifier (OUI) field (the upper three bytes) and the vendor code (the lower three bytes) of the MAC address. The seventh bit in the first byte of the resulting interface ID, corresponding to the Universal/Local (U/L) bit, is set to binary 1.

ISATAP : ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) is an IPv6 transition mechanism meant to transmit IPv6 packets between dual-stack nodes on top of an IPv4 network. Unlike 6over4 (an older similar protocol using IPv4 multicast), ISATAP uses IPv4 as a virtual nonbroadcast multiple-access network (NBMA) data link layer, so that it does not require the underlying IPv4 network infrastructure to support multicast.

Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts which are on the IPv4 Internet but which have no direct native connection to an IPv6 network. Compared to other similar protocols its distinguishing feature is that it is able to perform its function even from behind network address translation (NAT) devices such as home routers.

Unicast 6to4 addresses (2002::/16): IPv6 uses 6to4 addresses to communicate between two IPv6/IPv4 nodes over the IPv4 Internet. A 6to4 address combines the prefix 2002::/16 with the 32 bits of the public IPv4 address of the node to create a 48-bit prefix - 2002:WWXX:YYZZ::/48, where WWXX:YYZZ is the colon-hexadecimal representation of w.x.y.z, a public IPv4 address. Therefore, the IPv4 address 157.60.91.123 translates into a 6to4 address prefix of 2002:9D3C:5B7B::/48.

Unicast site-local addresses : IPv6 unicast site-local addresses are similar to IPv4 private addresses. The scope of a site-local address is the internetwork of an organization's site. (You can use both global addresses and site-local addresses in your network.) The prefix for site-local addresses is FEC0::/48.

Unicast unspecified address : The IPv6 unicast unspecified address is equivalent to the IPv4 unspecified address of 0.0.0.0. The IPv6 unspecified address is 0:0:0:0:0:0:0:0:, or a double colon (::).

Unicast loopback address : The IPv6 unicast loopback address is equivalent to the IPv4 loopback address, 127.0.0.1. The IPv6 loopback address is 0:0:0:0:0:0:0:1, or ::1

IPv6 router solicitaion is a request made by a node for the IP address of the local router.

Previous   Contents   Next


CCDA Cram Notes Contents
certexams ad

simulationexams ad