IP ADDRESSING. IP Addressing Decimal Equivalents of Bit Patterns.
Implementing IP Addressing Services
description
Transcript of Implementing IP Addressing Services
![Page 1: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/1.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1
Implementing IP Addressing Services
Accessing the WAN – Chapter 7
![Page 2: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/2.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2
Objectives
Configuring DHCP in an enterprise branch network
Configuring NAT on a Cisco router
Configure new generation RIP (RIPng) to use IPv6
![Page 3: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/3.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3
![Page 4: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/4.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4
![Page 5: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/5.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5
BOOTP and DHCP Differences
![Page 6: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/6.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6
![Page 7: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/7.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7
![Page 8: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/8.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8
![Page 9: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/9.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9
Using DHCP Relay when server and client are not on the same segment
![Page 10: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/10.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10
![Page 11: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/11.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11
Benefits of using private and public IP addressing
![Page 12: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/12.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12
![Page 13: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/13.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13
![Page 14: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/14.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14
![Page 15: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/15.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15
![Page 16: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/16.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16
![Page 17: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/17.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17
![Page 18: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/18.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18
![Page 19: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/19.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19
NAT OVERLOAD
http://www.firewall.cx/nat-overload-part1.php
![Page 20: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/20.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 20
![Page 21: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/21.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 21
Configuring port forwarding
![Page 22: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/22.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 22
Verifying and troubleshoot NAT and NAT overload configurations
![Page 23: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/23.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 23
Configure New Generation RIP (RIPng) to use IPv6
Based on figures as recent as January 2007, about 2.4 billion of the available IPv4 addresses are already assigned to end users or ISPs.
That leaves roughly 1.3 billion addresses still available from the IPv4 address space.
Despite this seemingly large number, IPv4 address space is running out.
![Page 24: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/24.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 24
Shrinking IP Address Space
![Page 25: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/25.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 25
Where Are the IP Addresses Going?
Population growth
Mobile users
Transportation
Consumer electronics
![Page 26: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/26.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 26
IPv4 and IPv6 Addresses
![Page 27: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/27.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 27
IPV6 Address Representation
![Page 28: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/28.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 28
IPsec
From Wikipedia, the free encyclopedia
Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.
IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite. It can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).[1]
Some other Internet security systems in widespread use, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers of the TCP/IP model. Hence, IPsec protects any application traffic across an IP network. Applications do not need to be specifically designed to use IPsec. The use of TLS/SSL, on the other hand, must be designed into an application to protect the application protocols.
IPsec is a successor of the ISO standard Network Layer Security Protocol (NLSP). NLSP was based on the SP3 protocol that was published by NIST, but designed by the Secure Data Network System project of the National Security Agency (NSA).
IPsec is officially specified by the Internet Engineering Task Force (IETF) in a series of Request for Comment documents addressing various components and extensions. It specifies the spelling of the protocol name to be IPsec.[2]
![Page 29: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/29.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 29
IPv4 and IPv6 Headers
![Page 30: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/30.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 30
IPv6 Address Representation
![Page 31: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/31.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 31
IPv6 Address Representation
![Page 32: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/32.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 32
IPv6 Address Representation
![Page 33: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/33.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 33
IPv6 Addresses
![Page 34: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/34.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 34
IPv6 Addressing
IPv6 Global Unicast Address
range of addresses that start with binary value 001 (2000::/3), which is 1/8 of the total IPv6 address space and is the largest block of assigned addresses.
Reserved Addresses
represent 1/256th of the total IPv6 address space.
Private AddressesSite-local addresses (these addresses start with "FEC", "FED", "FEE", or "FEF“)
Link-local addresses (these addresses start with "FE8", "FE9", "FEA", or "FEB“)
Loopback Addresses (loopback address is 0:0:0:0:0:0:0:1) or (::1)
Unspecified Address (0:0:0:0:0:0:0:0) or (“”)is named the "unspecified" address
![Page 35: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/35.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 35
Assigning IPv6 Addresses
![Page 36: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/36.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 36
EUI-64
![Page 37: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/37.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 37
Stateless Autoconfiguration
![Page 38: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/38.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 38
DHCPv6 (Stateful)
![Page 39: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/39.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 39
EUI-64 to IPv6 Interface Identifier
![Page 40: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/40.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 40
![Page 41: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/41.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 41
Tunneling
![Page 42: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/42.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 42
Tunneling (beyond scope of this class)
![Page 43: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/43.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 43
![Page 44: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/44.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 44
![Page 45: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/45.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 45
![Page 46: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/46.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 46
IPv6 Routing Considerations
![Page 47: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/47.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 47
RIPng Routing Protocol
![Page 48: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/48.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 48
Enabling IPv6 on Cisco Routers
![Page 49: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/49.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 49
IPv6 Address Configuration Example
![Page 50: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/50.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 50
Cisco IOS IPv6 Name Resolution
![Page 51: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/51.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 51
Configuring RIPng for IPv6
![Page 52: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/52.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 52
RIPng IPv6 Configuration
![Page 53: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/53.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 53
Verify and troubleshoot IPv6
![Page 54: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/54.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 54
Troubleshooting Commands
![Page 55: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/55.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 55
Summary
Dynamic Host Control Protocol (DHCP)This is a means of assigning IP address and other configuration information automatically.
DHCP operation–3 different allocation methods
•Manual
•Automatic
•Dynamic
–Steps to configure DHCP
•Define range of addresses
•Create DHCP pool
•Configure DHCP pool specifics
![Page 56: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/56.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 56
Summary
DHCP RelayConcept of using a router configured to listen for DHCP messages from DHCP clients and then forwards those messages to servers on different subnets
Troubleshooting DHCP–Most problems arise due to configuration errors
–Commands to aid troubleshooting
•Show ip dhcp
•Show run
•debug
![Page 57: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/57.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 57
Summary Private IP addresses
–Class A = 10.x.x.x
–Class B = 172.16.x.x – 172.31.x.x
–Class C = 192.168.x.x
Network Address Translation (NAT)–A means of translating private IP addresses to public IP addresses
–Type s of NAT
•Static
•Dynamic
–Some commands used for troubleshooting
•Show ip nat translations
•Show ip nat statistics
•Debug ip nat
![Page 58: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/58.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 58
Summary
IPv6–A 128 bit address that uses colons to separate entries
–Normally written as 8 groups of 4 hexadecimal digits
Cisco IOS Dual Stack–A way of permitting a node to have connectivity to an IPv4 & IP v6 network simultaneously
IPv6 Tunneling–An IPV6 packet is encapsulated within another protocol
![Page 59: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/59.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 59
Summary
Configuring RIPng with IPv61st globally enable IPv6
2nd enable IPv6 on interfaces on which IPv6 is to be enabled
3rd enable RIPng using either
ipv6 rotuer rip name
ipv6 router name enable
![Page 60: Implementing IP Addressing Services](https://reader035.fdocuments.net/reader035/viewer/2022081513/56814865550346895db574a7/html5/thumbnails/60.jpg)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 60