Semester 4 v3'1'1: WAN Technologies

1
Semester 4 v3.1.1WAN Technologies

• MODULE 1
• Scaling IP Addresses

2
IPv4 Address Classes

• Class A network.host.host.host notation, where
  first octet is 0 to 126.
• 127.x.x.x used for internal NIC loopback testing.
• Class B network.network.host.host notation,
  where first octet is 128 to 191.
• Class C network.network.network.host notation,
  where first octet is 192 to 223.
• Class D addresses where first octet is 224 to
  239 are used for multicasting.
• Class E addresses are solely for Internet
  Engineering Task Force (IETF) research.

3
IPv4 Networks for All!

• Global public IP address space regulated by
  Internet Assigned Numbers Authority (IANA).
• IANA allocates blocks of IP addresses to Regional
  Internet Registries (RIRs), who deal with
  distribution and management of IP addresses and
  network addresses at a regional level.
• ARIN American Registry of Internet Numbers
• APNIC Asia Pacific Network Information Centre
• LACNIC Latin American and Caribbean Network Info
  Centre
• RIPE NCC Réseaux IP Européens Network
  Coordination Centre
• AfriNIC African Network Information Centre
• Members of RIRs are generally ISPs, who then
  assign IP host or network addresses to end-users.

4
IPv4 Addresses for You!

• Unique public IPv4 addresses are running out
  use private IPv4 addressing instead.
• Private address ranges are set aside.
• Cannot be used on public networks, routers drop
  packets with IP addresses that fall within the
  private address space.
• To connect a privately-addressed network to a
  public network (eg. the Internet), use Network
  Address Translation (NAT).

5
Network Address Translation

• Routers with NAT enabled translate
• FROM private internal IPv4 addresses...
• TO to public external IPv4 addresses.
• ... and vice-versa, on a 11 basis.
• This is NOT routing why not? RFC 1918!

6
Port Address Translation

• Routers with PAT (NAT overload) enabled
  translate
• FROM private internal IPv4 address ports ...
• TO public external IPv4 address ports.
• ... and vice-versa, on a 11 basis.
• Usually used to translate from several inside
  private addresses to one outside public address.
• Map several ports on several IPv4 addresses to
  several ports on a single outside public IPv4
  address.

7
How do I enable NAT?

• Decide if the address translations are to be
  static or dynamic.
• For dynamic NAT, define a pool of outside public
  addresses available for translation.
• Router(config) ip nat pool name start-ip end-ip
  netmask netmaskprefix-length prefix-length
• For dynamic NAT, define a standard ACL to
  determine inside private addresses eligible for
  translation.
• Router(config) access-list list-number permit
  remark source source-wildcard log

8
How do I enable NAT?

• Configure NAT statements.
• Static NAT Router(config) ip nat inside source
  static local-ip global-ip
• Dynamic NAT Router(config) ip nat inside source
  list access-list-number access-list-name pool
  pool-name overload
• .

9
How do I enable NAT?

• Select interfaces to be used for NAT
• Router(config) interface type slot/port
  port.subinterface-number
• Router(config-if) ip nat inside outside

10
IP Address Allocation

• Static IP assignment
• Host IP address is manually configured by system
  administrator or user.
• Best suited for devices that host
  frequently-accessed services, eg. routers, file
  servers, network printers etc.
• Dynamic IP assignment
• RARP (Reverse Address Resolution Protocol)
• BootP (Bootstrap Protocol)
• DHCP (Dynamic Host Configuration Protocol)

11
Getting Dynamic with DHCP

• Client broadcasts a DHCPDISCOVER message Are
  there any DHCP servers out there?
• Available servers respond with a DHCPOFFER Im
  a DHCP server!
• Client responds to first offer with a DHCPREQUEST
  message May I have a DHCP lease?
• Server sends DHCPACK with configuration for IP
  address, subnet mask, default gateway, DNS server
  addresses, DNS suffix, WINS server addresses
  Heres the info of the lease.

12
DHCP in Action

• Client sends DHCPREQUEST using Layer 2 broadcast
  on UDP 67.
• Servers responds with DHCPACK on UDP 68.
• How does DHCP work without a client IP?
• DHCP servers work best in same subnet as clients.
• ... or enable DHCP Relay on intervening Layer 3
  devices.

13
How do I enable DHCP?

• Further configuration includes
• Excluding IP addresses to be leased out
• Specifying default gateway
• Specifying name services
• .

14
DHCP Relay A helping hand

• Layer 3 devices wont forward broadcasts
• Affected services include TACACS authentication,
  TFTP, name services, and DCHP.
• Configure an IP Helper address to forward key UDP
  service requests to a destination server.
• Router(config-if) ip helper-address address

15
DHCP Relay Layer 3 ...?

• DHCP Relay relies on broadcasts being passed by
  Layer 3 devices
• Routers, Layer 3 switches, firewalls
• How do we control which hosts are allowed to use
  DHCP Relay service?
• Like NAT, create ACLs to restrict use of DHCP
  Relay to certain hosts.
• Router(config) access-list 101 permit udp host
  0.0.0.0 host 255.255.255.255 eq bootps
• DHCP uses UDP over ports 67 and 68
• Allow broadcast traffic from hosts with no IP
  address
• Router(config) access-list 102 permit udp host
  10.0.1.1 eq bootps any eq bootps
• Allow UDP 67/68 traffic from the DHCP server
• Allow traffic to any destination on UDP ports 67
  and 68

16
Welcome to my world )

• Daniel Comarmond
• CCNP, CCDP, CCSP, CCAI
• Cisco Networking Academy Instructor
• Systems Engineer Cisco Systems
• E-Mail dcom_at_it.uts.edu.au
• MSN dcom82_at_dcom82.com
• Phone 61 2 8446-5037
• Website http//www-staff.it.uts.edu.au/dcom
• Take care, and SMILE!!! )