Day15

IP Space/Setup

IP• Suite of protocols

– TCP– UDP– ICMP– GRE…

• Gives us many benefits– Routing of packets over internet– Fragmentation/Reassembly of packets– IP Address System

• Netmasks

What is a network address?• In every range of IP addresses, 2

addresses are reserved for special purposes:– The lowest address in the range:

• The Network Address– This identifies the network– Example:

» 200.200.200.55 / 255.255.255.0 has a network address of 200.200.200.0

– The highest address in the range:• The Broadcast Address

– An address in the network which everyone listens to:

– Example» 200.200.200.55 / 255.255.255.0 has a

broadcast address of 200.200.200.255

Unusable Addresses• In every network, the upper and

lower addresses in your range, cannot be assigned to a workstation.– Broadcast & Network addresses.

• Example:– 199.120.197.128 / 255.255.255.128– You cannot use:

• 199.120.197.128• 199.120.197.255

So how many?• How many COMPUTERS can you

put into the network:– 10.2.3.64 /255.255.255.224 ?

• 255-224 = 32– Hence, there are 32 IPs in that range– Neither the first nor last can be used

• 10.2.3.64 network• 10.2.3.95 broadcast

– First available: 10.2.3.65– Last available: 10.2.3.94

Use of IP addresses• Given a 32 bit IP address, there

are 4,294,967,296 possible IP addresses. (In theory)

• IP addresses are running out quickly

• Not all computers NEED an IP address.– With a smart router, or firewall, you

can save IP addresses by using Network Address Translation

– Servers still need unique IP addresses

Network Address Translation (NAT)

Computer

Computer

Computer

10.0.0.2

10.0.0.3

10.0.0.4

NAT Router10.0.0.1 I209.2.3.4

Computer

Router123.2.3.4

• Computers send traffic with one address• NAT router converts connection to new address and forwards it on• NAT router receives reply and converts back to original address

What are private addresses?• 3 ranges of addresses were

defined as being “private”– These addresses are specifically

dropped by routers on the internet– Millions of computers in the world can

have the same private address, but they are not DIRECTLY connected to the internet, something (Firewall, Router) is translating their address to a real one.

The “Private” Addresses

•10.0.0.0 - 10.255.255.255

•192.168.0.0 - 192.168.255.255

•172.16.0.0 - 172.31.255.255172.16.0.0 - 172.31.255.255

Private AddressesBenefits•Economic

–Conserve registered IP addresses

•Convenient–Won’t have to renumber your internal network if you change ISP

•Some Security–Since nobody can connect to them directly, they must go through a firewall. Thus you can control who can have access

Drawbacks•Public servers need a “routable address”, which must be converted to a private address

–Less intuitive

•Problem with trusted office to office VPN.

–Each office must be using DIFFERENT private addresses, otherwise you will run into address conflicts.

Long term solution• In the long run we need to change

to using IP V6– 128 bit addresses– 340,282,366,920,938,463,463,374,60

7,431,768,211,456 addresses– 1 IP per 1/10 square inch earth

• Slow progress on adaptation– Equipment/software replacement– Some of the best parts already back

ported to IPV4 (ipsec)

Configuring a workstation• All workstations should be configured

with:– IP address

• Must be unique in the world unless behind a NAT router

– Either way must be unique in LAN

– Netmask• This tells your computer what other computers it

can talk directly to on the LAN– Default Gateway

• This tells your computer the IP address of a router to which it can send traffic that isn’t for your lan

– DNS settings• This allows your computer to find out the IP of

machines on the internet by name.

• You may optionally have static routes and WINS settings also.

Auto Configuring Workstations• You don’t need to configure every

workstation in your company by hand • DHCP “Dynamic Host Configuration

Protocol” can be used to do it for you– Each client has to be set up for DHCP

• It is the default TCP/IP setting in all versions of Windows

– Your DHCP server should be configured to distribute:

• IP addresses from a free range• The default gateway address• DNS & WINS server information

Let’s see our DHCP info• In windows type:

– Ipconfig /all

Physical Address. . . . . . . . . : 00-02-2D-A6-01-FB Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.0.1.10 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 10.0.1.1 DHCP Server . . . . . . . . . . . : 10.0.1.1 DNS Servers . . . . . . . . . . . : 10.0.1.2 Lease Obtained. . . . . . . . . . : Saturday,

September 30, 2004 12:35:11 PM Lease Expires . . . . . . . . . . : Tuesday, October

03, 2004 12:35:11 PM

When to use/not use DHCP• DHCP perfect for:

– Mobile environments• Laptops come and go, don’t want to assign

a permanent IP to a computer which you’ll only see every 2 months.

– Desktops in a corporation• Saves you from having to keep track of

which IPs you’ve assigned. • Allows end users set up computers without

network admin help

• It’s bad for:– Servers

• You don’t want a web server to change address, since DNS needs to track it

Static Routes• Necessary if you have more than 1

router in network.• Either the routers need to know

how to get to each others networks– Or the workstations need to know

• Route print• Route add 10.0.0.0 mask 255.0.0.0 168.28.48.1• Route delete 10.0.0.0 mask 255.0.0.0

Which route wins• When a route table is read the

most specific route wins:– Network Netmask GW– 10.0.0.0 255.0.0.0 1.1.1.1– 10.0.0.0 255.255.0.0 1.1.1.2– 10.0.0.0 255.255.255.0

1.1.1.3– 10.0.0.0 255.255.255.252 1.1.1.4– 0.0.0.0 0.0.0.0 1.1.1.5

• If this is the routing table a packet to 10.0.0.1 would be routed to 1.1.1.4 because it is the most specific route in the table.