= (CCIE Professional Development Routing TCPIP, Volume I, Second Edition By Jetf Doyle ~ CCIE No. 1919 Jennifer Carrll- CCIE No. 1402 Publisher: Cisco Press e Pub Date: October 19, 2005 ISBN: 1-58705-202-4 Pages: 996 able of Content rae] Overview ‘Adalled examination of interior routing protocols ~ completely updated ina new edton © A complete revision of the bestseling first extion-widely considered a premier text on TOPAIP routing protocols, © A core textbook for CCIE preparation and a practical reference for network designers, administrators, and engineers * Includes configuration and troubleshooting lessons that would cost thousands to learn ina classroom and numerous real-world examples and case studies Praised ints ist elton forts approachable style and wealth of information, this new edition provides readers a deep understanding ot IP routing protocols, teaches how to implement these protocols using Cisco routers, and brings readers upto date protocol and implementation enhancements. Routing TCP/IP, Volume 1, Second Eaton, includes protocol changes and Cisco features that enhance routing integrity, secure outers trom attack intiated through routing protocols, and provide greater control aver the propagation ot routing information forall the IP interior routing protocols. Routing TCP/IP, Volume 1, Second Edition, provides a detailed analysis of ‘each ofthe IP interior gateway protocols (IGP). is stucture remains the same as the best-selling fist edition, though information within ‘each section is enhanced and modified to include the new developments in routing protocols and Cisco implementations. Whats New In This Edition? The first ealion covers routing protocols as they existed in 1998. The new book updates all covered routing protocols, and discusses new features integrated in the latest version of Cisco IOS Sofware. Pv, its use with ntetior routing protocols, and is interoperabity and integration with [Pvd are also integrated into this book. Approximately 200 pages of new information are added to the main text, with some od text removed. Adaltonal exercise and solutions are also included.= (CCIE Professional Development Routing TCPIP, Volume I, Second Edition By Jetf Doyle ~ CCIE No. 1919 Jennifer Carrll- CCIE No. 1402 Publisher: Cisco Press Pub Date: October 19, 2005 ISBN: 1-58705-202-4 Pages: 996 abe of Contenid foe pyri bout the Author bout the Technical Reviewers cknowledament [ris Book Is Safari Enabled] Icons Used in This Boo mand Syntax Convention Foreword) [ntroductio bjectives dienes iadress Resolution Protocol (ARP] Gummary Table: Chapter 1 Command Revie Pecommended Readin leview Question onfiguration Exercises oubleshoating Bers hapler 2. IPv6 Overv Pevs Aderesses Jeve Packet Header Fora Eixension Heace fowev cghibor Discovery Prtocaroubleshootng Static Routes ooking Ahea jummary Table: Chapter 3 Command Revi Peview Question onfiguration Exercises roubleshooting Exercised hapter 4. Dynamic Routing Protocol Piss Pras a Protoook Ink State Routing Protocol ecommended Reading Review Question Bart interior Routing Protocot hapter 5. Routing Information Protocol (RIP] peration of Bl onfiguring roubleshoatng Bi Eummary Table: Chapter 5 Command Revi onfguaion Bere reubeshoatng Exerc page 6_ PV, iP, and asda Rain] eration of APY perio of iP onfiguration Exercises roubleshooting Exercis hapter 7. Enhanced Interior Gateway Routing Protocol (EIGRP) he Roots of EIGRP: An Overview of IGA fom IGRP 10 EIGE peration of EIGR onfiguring EIG roubleshooting EIGR! ooking Ahea jummary Table: Chapter 7 Command Revi Peview Question onfiguration Exercises roubleshooting Exercis Brapiers osPe peration of OSPF onfiguring OSPIroubleshooting OSPF ooking Ahea fbummary Table: Chapter & Command Revie oniguration Exercise oubleshoating Exercs hapler &. OSPF: peration of OSPF oniguing OSPF oubleshoating OSPF oiiguation Exercise hapter 10, Integrated 1S peration of ntearated 1S orfigurng Integrated IS oubleshoating integrated fbummary Table: Chapter 10 Command Revi Peview Question oiiguation Exercise oubleshoating Bers Bar i: Route Control and Ineroperabily hapter 11. Route Redistroutin] Peincples of Redistribution onfiguring Redistributor poking Ahea 7 Table: Chapter 11 Command Revie Peviow Question onfiguration Exercises roubleshooting Exercis hapter 12. Default Routes and On-Demand Routing undamentals of Default Rout onfiguring Default Routes and ODA] ooking Ahea jummary Table: Chapter 12 Command Revi Beview Question aper 13. Route Filterin configuring Route Fite ooking Ahea jummary Table: Chapter 13 Command Rev onfiguration Exercises roubleshooting Exercis Shaper 14. Route Mag asic Uses of Route May configuring Route Mag Eummary Table: Chapter 14 Command Reviievew Question eniguration Exercise oubleshooting Exerc Bartv: Apsendixed i A, Toil Working wih Bina Process List Basic Petlexive Access Lists fervor Atratr Aired Ast Iiccess List Monitoring and Accountin fins on Emer Eissos oo hapten Poopendix F. Solutions to Troubleshooting Exercs Numberdhapier | hapter hapter chapter hapter napterd hapten hapten 14 hapter hapten (ose claCopyright CCIE Professional Development Routing TCP/IP Volume | Second Edition Jef Doyle, CCIE No, 1919, Jenifer Carl, COIE No. 1402 Copyright © 2008 Cisco Systems, Inc Published by: Cisco Press 200 East 96th Street Indianapolis, IN 48240 USA Al ght reserved, No pat ofthis book may be reproduced or ransmited in any form or by any means, electronic or mechanical, including photocopying, recording, or by ary information storage and retrieval system, without writen permission from the publisher, except forthe inclusion of bret quotations ina review. Printed in the United States of America 1234567890 First Printing October 2005 Library of Congress Cataloging-n-Publication Number: 2004104963 Trademark Acknowledgments All terms mentioned inthis book that are known tobe trademarks or service marks have been appropriately capitalized, Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of his information. Use of aterm in tis book should not be regarded as affecting the validity of any trademark or service mark. Warning and Disclaimer ‘This book is designed to provide information abou outing TCP. Every ert has been made to make this book as complete and as accurate as possible, but no warranty or ines is implied ‘The information is provided on an ‘as is" basis. The authors, Cisco Press, and Cisco Systems, nc. shall have nether ailty nor responsi to any person or enty wit respect to any los or damages arsing from te information contained in tis book a rom the Use ofthe discs or programs that may accompany it The opinions expressed inthis book belong tothe author and are not necessarily those of Cisco Systems, Inc. Corporate and Government Sales Cisco Press offers excellent iscounts on this book when ordered in quantity fr bulk purchases or special sales. For mare information please contact: U.S. Corporate and Government Sales 1-800-382-3419 forpsales@pearsantecharoup con] For sales outside the U.S. please contact: International Sales [ternationsl@pearsoned con]Feedback Information {At Cisco Press, our goals to create in-depth technical books ofthe highest qualiy and value. Each book's crafted with care and Precision, undergoing rigorous development that involves the unique expertise of members ftom the professional technical community. Readers’ feedback is a natural continuation ofthis process. If you have any comments ove the qualty ofthis book, or otherwise alter it to better suit your needs, you can contac us through e-mail atfeedback@ciscopress.com| Please make sure to include the book ile and ISBN in your message. We greatly appreciate your assistance. Publisher Jot Weit Edtorin-Chiet Jot Kane Executive Ector Brett Bartow Cisco Representative Anthony Wolfenden Cisco Press Program Manager Jet Brady Prodtion Manager Patick Kanouse Development Editor ‘Andrew Cupp Senior Project Edtor San Dee Philips (Copy Edtor Interactive Composton Corporation Technical Ectors Frank Knox, Steven Edvard Moore, Rena Vang Editorial Assistant Tammi Barnett ‘Book and Gover Designer Louisa Adair CComposton Interactive Composton Corporation Indexer Tim Wright Cisco Systems Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive ‘San Jose, CA 95134-1706 Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100,European Headquarters Cisco Systems international BV Heatlerbergpark Haatlerbergweg 13-19 1101 CH Amsterdam Tel: 31 0.20357 1000, Fax: 31.0 20357 1100, ‘Americas Headquarters, Cisco Systems, Inc. 170 West Tasman Drive ‘San Jose, CA 95134-1706 Tel: 408 526-7660 Fax: 408 527-0883, Asia Pacific Headquarters Cisco Systems, Inc. Capital Tower 168 Robinson Road 22-01 10 829-01 Tel: 4656317 7777 Fax: 485 6317 7799 Cisco Systems has more than on the Cisco.com Web site at nvies and regions. Addresses, phone numbers, and fax numbers are listed ‘Argentina + Australia + Austra Belgium + Brazil Bulgaria + Canada + Chile « China PRC + Colombia + Costa Rica + Croatia Czech Republic « Denmark + Dubai, UAE - Finland » France + Germany + Greece » Hong Kang SAR « Hungary «India» Indonesia «Ireland + Israel haly + Japan « Korea» Luxembourg = Malaysia» Mexico « The Netherlands » New Zealand « Norway « Peru » Phipines « Poland + Portugal « Puerto Rica « Romania « Russia» Saudi Arabia » Scotland « Singapore « Slovakia» Sioveria » South Aca» Spain Sweden + Switzeriand + Taiwan + Thalland + Turkey + Ukraine « United Kingdom « United States « Venezuela + Vietnam + Zimbabwe Copyright © 2008 Cisco Systems, Inc.All rights reserved. CCIP, CCSP, the Cisco Arrow logo, the Cisco Powered Network matk, the Cisco Systems Verified logo, Cisco Unity, Follow Me Browsing, FormShare, iQ Net Readiness Scorecard, Networking Academy, and ScriptShare are trademarks of Cisco Systems, Inc; Changing the Way We Work, Live, Play, and Learn, The Fastest Way to Increase Your ntemet Quotient, and iQuick Study ate service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CDA, CDP, CCIE, CCNA, CONP, Cisco the Cisco Cerifid interetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital the Cisco Systems lago, Empowering the Internet Generation, Enteprise/Solver, EtherChannel, EtherSwitc, Fast Step, GigaStack, Internet Quotient, IOS, IPTV, iO Expertise, the i logo, LightStream, MGX, MICA, the Networkers ogo, Network Registrar, Packet PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SldeCast, SMARTnet, StalaView Plus, Stratm, SwitchProbe, TeleRouter, TransPath, and VCO ate registered trademarks of Cisco Systems, Inc. andor its alates inthe U.S. and certain other counties. Al other trademarks mentioned in this document or Web site re the property oftheir espectve owners. The use ofthe word partner does not imply a partnership relationship between Cisco and any other company. (0303R) Printed in the USA Dedications | would lke to dedicate this book to my wife, Sara, and my children, Anna, Carol, James, and Katherine.Jett | would ike to dedicate this book to my husband, Mike, and sons, Mitchell and Jonathan. Their patience and ‘support helped me complete this book. Jennifer KIE=aAbout the Authors Jeff Doyle (CCIE No. 1919) specializes in IP routing protocols, MPLS, and IPV6 He has designed or assisted inthe design of large-scale IP service provider networks throughout North America, Europe, Japan, Korea, and the People's Republic of China. Jeff has Presented numerous corporate seminars, and has also spoken at NANOG, JANOG, APRICOT, and at IPvé Forum conferences. Jett holds a BA trom Memphis State University, and studied Electrical Engineering at Colorado, the University of New Mexico. Jef lives in Denver, “Jennifer Carroll (CCIE No. 1402) is an independent network consultant in Redmond, Washington. She has designed, implemented, and optimized many TCP/IP networks, and has developed and taught a variety of net jing courses on routing Jennifer carrol@iece of protocols and Cisco routers over the past 15 years. Jennifer can be contacted atAbout the Technical Reviewers Frank Knox, Chiel Technical Oficer, has been wih Skyline Computer for a litle over six years. He isa dual CCIE (CCIE No. 3698: ‘SNAIP and Routing/Switching) as well as @ CCS. In addition ta his CTO responsibilies, Frank teaches several advanced Cisco-elated courses, including a one-week CCIE Lab Preparation Workshop. He is considered tobe an expert in mainframe attached router technologies and inthe technologies and issues associated with integrated networking (for example, SNAVIP and Voice/Data). He has ‘more than 37 years of networking experience with IBM, GTE (Verizon) Directories, and Skyline Computer Corp. This experience includes field service, feld suppor, produc planning, management, and al facets of networking education. In addon, he developed and taught several courses forthe University of Dallas Telecommunications MBA program. Frank also has an MS degree in Telecommunications trom Pace University (4.0 GPA\, After working in various roles as an engineer within Cisco forthe past 6.5 years, Steven Edward Moore transitioned to the IP Routing Protocol Scalability Team. There his focus encompasses all aspects of extending network and protocol scalabilty: considering new features and optimizations tothe protocol architecture, designing tests to measure current protocol scalabilty, working with customers to implement scaling functionality in their network, and participating in events such as Networkers to educate others on how to enhance their networks performance and scalaiity from the routing perspective. Rena Yang isa software engineer at Cisco Systems. She has more than six years of experience implementing code in Cisco !OS. She currently works on ISIS. Before this, she focused on IPv4, UDP, access lists, policy routing, and routing infrastructure. Rena holds @ bachelors of science and masters of engineering in computer science trom MIT. adKc’ Acknowledgments Mary thanks to Brett Bartow, Chris Cleveland, Andrew Cupp, San Dee Philips, and allo he staf of Cisco Press who made this book possible. ‘The technical editors, Steven Moore, Rena Yang and Frank Knox, dia fantastic job. We want to thank them far thelr outstanding advice and recommendations. \We want to thank Frank Knox, Cat Pike, Chris Tin, and the rest ofthe employees of Skylabs networks. Skylabs' ab setup and access to the lab is easy to use and had everything we needed to complet al the configurations and case studies inthis book. KoyKc’ =n This Book Is Safari Enabled BOOKS ONLINE The Safar® Enabled icon onthe cover of your favorite technology book means the book is available through Safari Bookshel. When you buy this book, you get free access to the online edition for 45 days. Salari Bookshelt is an electronic reference library that lets you easily search thousands of technical books, find code samples, downoad chapters, and aocess technical information whenever and wherever you need i. To gain 45-day Safari Enabled access to this book: 60 to ftp: ivinn ciscopres.comsatarenabled (© Enter the ISBN ofthis book (shown on the back cover, above the bar code) © Login or Signup site membership is required to register your book) (© Enter the coupon code MSJJ-PPVL-4EMT-TVKE-7JDF suet seum evince se mn imi Kc’ nexTIcons Used in This Book HY§IRg0gg Bs Communication PC with Sun Macintosh Branch Server Software Workstation Office Ogos Terminal File ee Cisco Works Server Workstation House, Regular Headquarters Cisco i ONS 15540 MDS 9500 Natuarl Clase | ines Ethernet | ines Serial Fina Quittehert SarialKIKc’ Command Syntax Conventions ‘The conventions used to present command syntax in this book ae the same conventions used inthe IOS Command Reference. The Command Reference describes these conventions as fllows: © Boldtace incicates commands and keywords that are entered literally as shown. In actual configuration examples and output (not general command syntax), boldface incicates commands that are manually input by the user (such as a show command) © ralcsindicate arguments for which you supply actual values. © Vertical bars) separate alternative, mutually exclusive elements. © square brackets [indicate optional elements. © Braces (indicate a required choice. © Braces within brackets [()] indicate a required choice within an optional element. KIE=aForeword {in 1976, when | saw my fist Arpanet IMP at Digital Equipment Corporation, networks as we know them today were in thei infancy. SNA, XNS, and DECnet were under early development, and packet suitchng versus circuit switching was the hot topic ofthe day. Those of us involved in the design ofthe switching and routing algorithms were dealing with routers (although we didn cal them that) that had 64 kKiobytes of memory, data ink of $6 Klobits were considered bndingly fast, and networks with 256 nodes were big enough tha if you were the salesman who sold those 256 computers, you would ret fabulously wealthy. Thiy years is along time, and today the individual networks that make up the Internet contain thousands or tens of thousands of nodes, while the ntemet as a whole contains hundreds of milions of computers. Most striking in the evolution over this human generations that the foundations ofthe Internet laid down in the TCPIP protocol suite have survived mostly intact through four or more generations of computing architectures, three complete generations of operating system technology, and an increase of five orders of magnitude in transmission speeds. Yet, we stil reat routing in packet-switched networks as a black art. Why is that? First, designing robust, scalable dstbuted algorms is hard. Despite our best intentions to make them simple, complexly creeps in to eal withthe inevitable special cases, optimizations, peculiar topologies, and link technologies one encounters. Because a "York it Upgrade" ofan entre network is rarely feasible, we have multiple generations of technology present simultaneously, and we must maintain backward-compatiilty with essentially no disruption to deployed services. As policies governing the routing of packets become ‘mare sophisticated, our abilty to devise automated discovery and configutation procedures gels overwhelmed, and we fall back on ‘manual configuration and performance tuning techniques. Finally, as the environment in which these networks are operated has evolved trom a cooperative ane where trust was implicit to ane in which the network is subject to both inside and outside attack, designing and eploying routing systems that can be made secure has become an urgent priory outing TCP/Ptackles tis black at comprehensively. The present Volume 1 covers all the needed fundamentals of TCP/IP networks and gives you all the tools needed to understand how routing is accomplished within a single administrative region ofthe Internet. Straightforward ideas o packet-switched routing are presented frst in the chapters on addressing and statio routing. The most popular IGPSRIP, EGRP, OSPF, and ISISare covered in depth. Advanced topics in route redistribution, route fitering, and polcy routing round ut Volume 1. This second edition also adds essential material on IPv as well as bringing all the material upto date with examples and configurations forthe latest releases of Cisco 10S. For anyone wanting a comprehensive understanding of how routing in TCP/IP networks really works, from the design principles of routing algorithms, tothe evolution of addressing schemes, tothe practical aspects of designing and configuring the routing of large autonomous systems, his isthe book for you. David Oran Cisco Fellow adKc’ Introduction Routing isan essential element ofall but the smallest data communications networks. At one level, routing andthe configuration of routers are quite simple. But as networks grow in size and complexity, rouing issues can become at once both large and sub. Pervetsely, perhaps, we are grateful forthe dificult problems large-scale routing can presentas network systems consultants, these problems are our bread and butter. Without them, the phrase "You want ries wit that?" could be an unfortunate pat of our daly Vocabulary. Cisco Certed Internetwork Experts are widely recognized for their ably to desig, troubleshoot, and manage large networks. This recognition comes from the fat that you cannot become a CCIE by attending afew classes and then reguaitating some memorized facts onto a written tet. A CCIE has proven expertise in an intense, famously cifiult hands-on lab exam. KIE=aKc’ Objectives This bookis the frst of two volumes that focuses on TCPIIP routing issues. Early inthe wring ofthe fst ection, Kim Lew, former Cisco ‘Systems program manager, said, "Our objective i to make CIES, not to make people who can pass the CCIE lab.” We entirely agree with that statement and have used it as a guiding principle throughout the wrting ofthis book. Although the book includes many case studies and exercises to ep you prepare for the CCIE lab, my primary objective is o increase your understanding of IP routingboth on a (generic evel and as itis implemented on Cisco router. KIE=aKc’ Audience ‘The audience for this book s any network designer, administrator, or engineer who needs a fll understanding of the interior routing protacols of TCPIIP. Although the practical aspects ofthe book focus onthe Cisco 10S, the information is applicable to any routing Platform, he book isnot only for readers who plan to become CCIEs, bu for people who wish o advance thelr knowledge of TOPAP routing. ‘These readers wil falnto one of three categories: (© The beginners" who have some basic networking knowledge and wish o begin a deep study of networking, (© The intermediate-fevel networking professionals who have experience with routers, Cisco or otherwise, and plan to advance that experience tothe expert level © The highly experienced networking experts. These individuals have extensive hands-on expertise with Cisco routers and are ready to take the CCIE lab; however, they wanta structured review and series of exercises for veritcaion and validation. CCIE Professional Development: Routing TCPIP, Volume I focuses primarly on intermediate-level networking professionals while offering to beginners a structured outne of fundamental information and to experts the require challenges to hane their sil. Kc’Changes from First Edi ‘There are several factors influencing the changes contained in ths second edition. The first factors the CCIE itself. When | (Jeff) wrote the fist ection of this book, the CClEspectcaly what is now called the Routing and Switching specialty ofthe CCIEwas the only cetiication Cisco Systems offered. Now, there is a series of cetiications creating a path tothe CCIE atthe pinnacle. Moreover, the 'ypical networking professionals more knowledgeable than in 1997. Given this, we have eliminated te fst chapter of the orignal book, hich covered such very basic concepts as the defntion of bridges and routers and network addresses. (When was the lat time you leven saw a bridge in a network?) ‘The second factor influencing the changes inthis edtion is the changes in the Cisco Systems 10S. IGRP, which was trequently used wen the first edion was writen, is naw a legacy protocol whose main significance is as the ancestor of EIGRP. Therefore the IGRP. chante of the first elton has been eliminated and IGRP is covered for historical perspective earl in the EIGRP chapter. The IOS command suite itself has expanded to accommodate new functions and options; we have made every etfortto include the commands ‘and protocol extensions that didnot exis inthe late 1990s. Last, a protocl that existed mestly only in propasal form in 19971Pv6is naw inthe early stages of worldwide deployment. You can expect to need a detailed knowledge ofthis protocol andthe extensions to IP routing protocols that support tin the near future, if not already, so this secand edtion delves deeply ito routing IPv6, (Other changes in this ection are semantic. For example, in the first edition, | (Jef) made a point o ferentiting between a "network" as 2 dala lnk and an “interetwork” as a set of networks connected by outers. though that terminology is certainly accurate, itis clumsy, ‘and “inernetwox’is seldom used these days. Instead, "network" usualy refers to everyting from a local ink to worldwide autonomous systems operated by the likes of Level 3, NTT, and Sprint, We have attempted to bring the terminology inthis edition up to modern, common usage.Kc’ Organization The 14 chapters ofthe book are divided into three pars. Bat], "Routing Basics,” examines the basics of vs and IP skip the first chapter, we recommend that they ales sk And of course, you are nt yet fair with Pv, Phapter 4 fe advanced readers may wish to ‘Dynamic Routing Protocols.” Bart interior Routing Protocols," covers the IP Interior Gateway Protocols Each protocol specific chapter begins witha discussion of the theory, mechanics, and parameters ofthe protocol. This general overview is folowed by case studies on configuring and troubleshooting the protocol using Cisco Systems’ IOS in various network topologies. ‘The Exterior Gateway Protocol, BGP, and topics such as multicast routing, Quality ot Service, router security and management, and Network Address Translation, are covered in “Routing TCPIIP, Volume IL” ari] “toute Cone and mtropeabiy examines eo vate fr eaing and manag lropealy wth mute P Tulng proce ana ain as Sela oes anda trig Assen, chee ist part ron fetus neceseay lr bling the complex ctig pes toaicen Volume I These capo, kee re vin covep endconus ican suse,Kc’ Book Features Most chapters conclude with a set of review questions, configuration exercises, and troubleshooting exercises. The review questions focus on the theoretical aspects o the chapter topic, whereas the configuration and troubleshooting exercises address Cisoo-specific aspects ofthe chapter topic. ‘Aso at the end of each chapier isa table with a brief description of all important Cisco IOS commands used in that chapter. The conventions used to present these commands are the same conventions used inthe IOS Command Relerence and presented earlier in this introduction KaKI Part I: Routing Basics hapter ITCPHP Review hapter JlPvs Overview hapter {Static RoutingKc’ Chapter 1. TCP/IP Review This chapter covers the following subjects © [EcPnP Protocal Layers © [P Packet Header © [evs Adsresse: © [xcciess Resolution Protocol (ABP © [oternet Control Message Protocol ICMP] © Flostio-Host aye Given that the tile ofthis book isRouting TCP/IP its ting to begin witha review of TCPIIP betore geting into how to route it Presumably i you are preparing fora Cisco Certified Intemetwotk Expert (CCIE) examination, or have just bought this book as a routing reference, you already know most or alo the information inthis chapter. But reviews never hurt and sometimes help, so here you have it ‘The purpose ofthis chapter isto review the protocols that enable, control, or contribute to the routing of TCPNP, not to do an in-depth ‘study of the TOPIIP protocol suite. Several books onthe recommended reading lst at the end ofthe chapter cover the subject in depth ead at east one. Conceived in the early 1970s by Vint Cert and Bob Kahn, TCP/IP and is layered protocol architecture predates the ISO's Open System Interconnection (OSI) reference model. A bret review of TCPIIP’s layers willbe useful in understanding how the various functions and services examined inthis chapter interrelate. Kc’TCP/IP Protocol Layers Eaae tone te ToP1 pt autein tanto te Ost trence model Tre ntmokintaeae, wih coresponds iis GSlafyseal add erat actly atte specteat, However, thas become ad tye eo 2 how sr ores spate phys addline ie evotbed ne secon tet he S| yea an eta nk yer The OS! protocol suite itself has become, with some rare exceptions, a relic of early Internet history. Its current contribution to networking technology seems to be maily limited tothe usefuiness of is reference model in illystrating modular protocol suites to networking studentsand, of course, the IS-IS routing protocol stil widely used in large service provider and carter networks. Figure 1-1. TCP/IP protocol suite. Os! TCP/IP APPLICATION PRESENTATION | APPLICATION SESSION TRANSPORT HOST-TO-HOST NETWORK INTERNET DATA LINK ienoee PHYSICAL INTERFACE “The physical layercontains the protocols relating tothe physical medium on which TCPIIP willbe communicating. Ocal, the protocols of this layer fall within four categories that together describe all aspects f physical media Electrca/opicl protocols describe signal characteristics such as voltage or photonic levels, bit iming, encoding, and signal shape. (© Mechanicalprotecols ate specications such asthe dimensions of a connector or the metalic makeup of a wire. ‘Functional protocols describe what something does. For example, "Request to Send" is the functional description of pin 4 of an ElA-232-D connector.© Procedural protocols describe how something is done. For example, a binary 1 Is represented on an EIA-252-0 lead as @ voltage more negative than 3 volts. The data link ayercontains the protocols that conzo the physical ayer: how the medium is accessed and shared, how devioes on the ‘medium ar identiied, and how datas framed before being transmited on the medium. Examples of data‘ink protocols are IEEE 802.9/Etheret, Frame Relay, ATM, and SONET. ‘The internet ayer, corresponding tothe OSI network layer, is primarily responsible for enabling the routing of data across logical network paths by defining a packet format and an addressing format. This layers, ofcourse, the one with which this book is most concemed. ‘The host-o-host layer, corresponding tothe OSI transport layer, specifies the protocols that contol the intemet layer, much as the data. link layer controls the physical layer. Both the host-o-host and data lnk layers can define such mechanisms as flow and error conta The aitference is that while data-nk protacols contro afi onthe data linkthe physical medium connecting two devicesthe transport layer contals trafic onthe logical inkthe end-o-end connection of two devices whose lagical connection traverses a series of data inks. ‘The application ayer corresponds tothe OSI session, presentation, and application youn some routing protocols such as Border Gateway Protocol (BGP) and routing Information Protocol (RIP) reside at this layerL“the most common services of the ‘application layer provide the interfaces by which user applications access the network \BGp is an application layer protocol because it uses TOP to transport its messages, and RIP because it uses UDP tor the same purposes. Other routing protocols such as OSPF are sald to operate atthe intemet layer because they encapsulate their messages directly into IP packets. ‘A function commen tothe protocol suite of Figure 1-jJand any other protocol suite is muliplexing between layers, Many applications might use a service a the host-o-host layer, and many services atthe host-to-host ayer might use the internet layer. Multiple protocol suites (IP, IPX, and AppleTalk, for example) can share a physical ink via common data-tink protocols.IP Packet Header igure 1-d shows the format ofthe IP packet header, specified in RFC 791. Most fields in this packet have some importance to routing Figure 1-2. IP packet protocol. k 32 Bits: >| 8 8 8 | 8 Header | Type of Service Version | | ength or DiffServ ‘Total Length Identifier Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options Padding varie eso) apes one nay th vt, wees apr “Pv vee eesTable 1-1. IP version numbers. Number Version RFC ° Reserved 13 Unassigned 4 Intemet Protocol version 4 (1Pv4) 71 5 ST Datagram Mode 1190 6 Simple Interet Protocol (SIP) 6 Intemet Protocol version 6 (1Pv6) 1883 7 PIM 1475 8 P Inte Protocol (PIP) 1621 8 ‘TOP and UDP over Boger Addresses (TUBA) 1347 1014 Unassigned 8 Reserved ‘Header Lengths afour-bit field that tls, as the name implies, the length ofthe IP header in 32-bit words. Ths fled is included because the Options fel (described later inthis section) can var in size, The minimum length ofthe IP header is 20 octets, andthe options might increase ths siz up to a maximum of 60 octtsthe maximum length in 92-bit words that can be described by this fed "ype Sam TOS ang ed aan be wed or spying spec handing of he pack Tis eta can be ken Gown sues Pesce nd TOS. Peden ets apy re pace he vay page mig bes over, tory eee gna pos TOS avs socion eve sefsin as tough ely, lay, ad moray Cot Atoigh is fot coronal ts wi say Be st 00) cay pecan the pen Shot ah Pa 1001 called for TOS routing. Also, the Precedence bits are occasionally used in quality of service (QoS) applications. Part (a) Sigae founmerzes he eg 10S bs one oman, ss PPC 00 an i 3 Figure 1-3. Type of Service (a) or DiffServ and ECN (b) field. View fullsize image}Bt oOo 4 2 3 4 5 6 7 DiffServ Code Points (OSCP) (b) inreer years TS fed as been edsned a par o hie Sores sen) tamewot Tis amor cats a mich moe xl hang ol packets an wae alowed te eave fg 0Scefns Wh Ose, you can den sence Gases na ouerand hen sot aces oor srs The scr henqpeue andar pads wi fete ef pron, ancdig st cstiaton Each veg andar Year ale a Prop Bhar PH), Whe Sen Ssines he tanewrkor hier, te mectanin et caledleested Css ot Sarvs or sil ss of Soc (COS) Ik. Nichols, S. Blake, F. Baker, and D. Black, "Definition ofthe Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers,” RFC 2474, Decemiver 1998 Part (b) of igure 1-shows how the ToS field has been redefined, so that the ist six bits now compose theDiffServ Code Point (SCP) \With these six bits you can define, either arbitrarily or according to service classes predefined in the DifServ architecture, up to 64 itferent service classes that can then be sorted ino PHB. Note that the field inthe IP header remains & bts; the DiffServ architecture just Fedefines how a router interprets the value in tat fed Explicit Congestion Notiication(ECN), in part (b)offigure 1-9 is used by some. “er to signal support for Explicit Congestion Notification and, when tis supported, the bits can be used to signal congestion (ECN = 11) ‘41k. Ramakrishnan, “The Addition of Explicit Congestion Notification (ECN) to IP," RFC 3168, September 2001. Total Lengthis a 16-bit field spectying the total length ofthe packet, including the header, in octets. By subtracting the header length, a receiver might determine the size o the packet's data payload. Because the largest decimal number that can be described with 16 bts is 65,595, the maximum possibie size ofan IP packet is 65.535 octets. ‘dentier isa 16-bit fed used in conjunction with theFlags and Fragment Offset fields for fragmentation of a packet Packets must be fragmented into smaller packets ithe orginal length exceeds the Maximum Transmission Unit (MTU) of a data lnk trough which theypass. For example, consider a 5000-byte packet traveling through a network. It encounters a data lnk wih a 1500 byte MTU. That i, the frame can contain @ maximum packet size of 1500 bytes. The router that places the packet onto this data link must fist fragment the packet into chunks of no more than 1500 octets each. The coer ‘marks each fragment wth the same number inthe Identifier feld so that a receiving device can identiy the fragments that go together ‘51 fragmented packet is not reassembled at the other end of the data link; the packet stays fragmented until it reaches is final destination, FFiagsis a three-bitfeld in which the fist bit is unused. The seconds the Don’ Fragment (DF) bt. When the DF bitis set to one, a router cannot Fragment the packet. I the packet cannot be forwarded without fragmenting, the router drops the packet and sends an error message tothe 5 nction enables the testing of MTUs in a network. The DF bit can be set using the Extended Ping utity in 108, as shown in Example 1-1 Example 1-1. The IOS Extended Ping utility allows the setting of the DF bit to test MTUs across a network. In this ping Output, the largest MTU of the path to destination 172.16.113.17 is 1478 octets. Handydping Protocol il: Target IP address: 172.16.113.17 Repeat count [5:4 Datagram size {100} Timeout in seconds [2 Extended commands [nk y Source address: Type of service [0} Set DF bitin IP header? [nay Validate reply data? {no}: Data pattern [0xABCD}: Loose, Strict, Record, Timestamp, Verbese(nonel:r "Numiser of hops [2 Loose, Srct, Record, Timestamp, Verbose(RV ‘Sweep range of sizes inl: y ‘Sweep min size [76]: 500 ‘Sweep max size [18024]: 2000 ‘Sweep interval [1]: 00 Type escape sequence to abor. ‘Sencing 4, [500..2000}-byte ICMP Echos to 172.16.113.17, imeout is 2 seconds: Packet has IP options: Total option bytes= 39, padded lengthn=40 Record route: <"> 0.0.0.00.0.0.00.00.00.0.00 0.0.000.00.0000000000000 Reply to request 0 (16 ms) (size 500). Received packet has options ‘Total option bytes= 40, padded length=40 Record route: 172.18.192.5 172.16.113.18 172.16.113.17 172.16.113.17 172.16.192.6 172.16.192.5 <*> 0.0.0.00.00.00000 End of st Reply to request 1 (24 ms) (size 1000). Received packet has options ‘Total option bytes= 40, padded length=40 Record route: 172.18.192.5 172.16.113.18 172.16.113.17 172.16.113.17 172.16.192.6 172.16.192.5 <*> 0.0.0.00.00.00000 End of stReply to request 2 (28 ms) (size 1800). Received packet has options ‘Total option bytes= 40, padded length=40 Record route: 172.18.192.5 172.16.113.18 172.16.113.17 172.16.113.17 172.16.192.6 172.16.192.5 <*> 0.0.0.00.00.00000 End of st Unreachable from 172.16.192.6, maximum MTU 1478 (size 2000) Received packet has options “Total option bytes= 39, padded length=40 Record route: <"> 0.0.0.00.0.0.00.00.00.0.00 0.0.000.00.0000000000000 ‘Suocess rate is 75 percent (3/4), round-trip minlavgimax = 16:22/28 ms Handy ‘The third bitis the More Fragments (MF) bit. When a router fragments a packet, it sets the MF bit to one in all but the las fragment so that the receiver knows to Keep expecting fragments unt it encounters a fragment with MF = 0. Paonia is a 19-bit fild that specifies the offset, n units of eight octets, rom the beginning ofthe header to the beginning ofthe fragment Because fragments might not always ative in sequence, the Fragment Ose field allows the pieces tobe reassembled in the corect order. ‘81 Units of eight octets are used so that a maximum-size packet of 65,535 bytes might be described with 13 bits. Note that a single fragment i lost during a transmission, the entre packet must be resent and reagmented at the same pont inthe network. Thetefore, error-prone data inks could cause a disproportionate delay. Andi a fragment i lost because of congestion, the retransmission of the entre series of ragments might increase the congestion, Time to Live(TTL, isan eigh-b field that will be set witha certain number when the packets frst generated. As the packet is passed from router to router, each router will decrement tis number. I the number reaches zero, the packet will be discarded and an error ‘message wil be sent othe source. This process prevents "lst" packes from wandering endlessly through a network. As originally conceived, the TTL was specified in seconds; ia packet was delayed more than a second in a router, the router would adjust the TTL accordingly. However, this approach is dificult to implement and has never been ep supported, Modern routers simply decrement the TTL by one, no matter what the actual delay, so the TTL is really ahop count the recommended detault TL is 64, though values such as 15 and 32 are not uncommon. ls you wil read irfohapter d the equivalent fed in the IPv6 header has been renamed Hop Limit to mare accurately reflect its rue usage. Sone vce tes sch se 0S tee oma, make we he Tet heuer sted tce het a fst aes suonas 011218 ero vilendve pets whe TL seo rte tw doer ts a, ope paces ardvundbucorornessnes ote cour, Bede sue aes ole oor mesa, oso be ah sow Inown Te est ec aces bes haf. Te ur denen oar, send ozo on an er meses ected on fe eon oeT 2 Tole, ardent te ton and. ltrs og Benehor ah where keltes hensewes sano tdchovs thou fon an Stace Example 1-2. The trace utility uses the TTL field to identify routers along a route. Asterisks indicate timed-out packets. Ehisttraceroute www.cisco.comType escape sequence to abor. Tracing the route to cio-sys.Cisco.COM (192.31.7.130) 1172.18.197.17 4 msec 4mseo4 msec 2 ivichard-s1-13.hy5t.com (172.18.197.1) 36 msec 44 msec 2536 msec 3 cperkins-tr-2.hwrySt.com (10.168.204.3) 104 msec 64 msec * 4 cherry hwy5t.com (10.168.199.1) 92 msec * 5 jlewis-innerhwy5.com (10.168.207.59) 44 msec * 44 msec 6 bholly-{w-outer-hmy5t.com (10.168.207.94) 44 msec* 48 msec 7 se-stk-14-1010:6-512k sprintink.net (144.228.214.107) 92 msec * 8 ststk-2-F1/0/0 sprininknet (144.228.40.2) 52 msec 1156 msec * 9 stmae-w-H1/0-T3 sprinlink net (144.208.10.48) 100 msec 124 msec 2340 msec 10 sanjose'-bri.bonplanet net (196.92.136.19) 2264 msec 164 msec* 11 paloalto-br2.bbnpianet.net (4.0.1.10) 64 msec 60 msec * 12 supr2.bonplanet.net (131.119,0.218) 76 msec 76 msec 76 msec 13 cisco bonplanetnet (131.119.28.10) 2560 msec 76 msec 998 msec 14 sty.cisca.com (192.31.7.39) 84 msec 72 msec * 15 ciosys.Cisco.COM (192.31.7.130) 60 msec * 64 msec Enist ‘Protocols an eight-it field that “address” or protocol number, of the host-o-host or transport layer protocol for which the information in the packet is destined. shows a few ofthe more common ofthe 100 or so diferent protocol numbers curently assigned, Table 4-2. A few well-known protocol numbers. Protocol Number Hostto-Host Layer Protocol 1 Intemet Contol Message Protocol (ICMP) 2 Intemet Group Management Protocol (GMP) 4 IP in (encapsuiation 6 ‘Transmission Contl Protocol (TOP) 7 User Datagram Protocol (UDP) 4 Inter Domain Routing Protocol (IDRP) 48 Resource Reservation Protocol (RSVP) a7 Generic Routing Encapsulation (GRE) 54 BMA Next Hop Resolution Protocol (NHAP) 88 Cisco Internet Gateway Roving Protocol (IGRP) 89 pen Shortest Path First (OSPF) Header Checksumis the error detection fed forthe IP header. The checksum isnot calculated forthe encapsulated data; UDP, TCP, and ICMP have their own checksums for doing tis. The field contains a 16-bit one's complement checksum, calculated by the aiginator ofthe packet. The receiver wil again calculate a 16-bit one's complement sum, including the original checksum. Ino errors have occutred during the packet's travels, the resuting checksum will be all ones. Remember that each router decrements the TTL; therefore, the checksum ‘must be recalculated at each router. RFC 1141 discusses some strategies for implying this calculation‘Source and Destination Adoresses are the 32-bit P format of IP addresses is covered in the next section ‘originator ofthe packet and the destination ofthe packet. The ‘Optionsis a variable-length field and, as the name say, s optional. Space is added tothe packet header to contain either source-generated information or for other routers to enter information; the options are used primar for testing. The mos frequently used options are © Loose source routing, in which a series of IP addresses for router interfaces Is ised. The packet must pass through each of these addresses, although multiple hops might be taken between the addresses. © -stict source routing, where again a series of router addresses is listed. Unlike loose source routing, the packet must follow the route exact. I the next hop isnot the next address onthe lst, an eror occurs. © Record route provides room for each router to enter the address ofits outgoing interlace as the packet transits co that a record is kept of all outers the packet encounters. Record route provides a function similar to trace except thatthe outgoing interfaces, both on the path tothe destination and onthe reum path, are recorded, © Timestampis an option similar to recard route except each router also enters a timestamp: the packet not only Keeps track of here ithas been but also records when it was there. All these options might be invoked, Extended Ping on Cisco routers. Ri used in Example 1- loose source routing and timestamp are used in Example 1-3] and strict source routing is used ifExample Example 1-3. The Cisco Extended Ping can be used to set parameters in the Options field of the IP header. In this example, loose source routing and timestamp are used. Handydping Protocol il: Target IP adcress: 172.16.113.9 Repeat count [5 Datagram size {100} Timeout in seconds [2 Extended commands [nk y Source address: Type of service [0} Set DF bitin IP header? [nal Validate reply data? {no}: Data pattern [0xABCD}: Loose, Strict, Recard, Timestamp, Verbeselnone}:1 Source route: 172.16.113.14 172.16.113.10 Loose, Strict, Record, Timestamp, Verbese(LVI: t [Numi of timestamps [6 ]:2 Loose, Strict, Record, Timestamp, VerboselLTV ‘Sweep range of sizes [nl Type escape sequence to abor. ‘Sending 5, 100-byte ICMP Echos to 172.16.113.9, imeoutis 2 seconds: Packet has IP options: Total option bytes 29, padded length=24 Loose source route: <> 172.16.113.14 172.16.113.10, Timestamp: Type 0. Overtlows: 0 length 12, ptr 5 >>Curtent pointere< Request 0 timed out Reply to request 1 (76 ms). Received packet has options ‘Total option bytes= 24, padded lentLoose source route: 172.16.113.13 172.16.192.6 <"> Timestamp: Type 0. Overtlows: 6 length 12, ptr 13 Time= 80FF4798 Time= 80FF4750 >>Curtent pointeree End o st Request 2 timed out Reply to request 3 (76 ms). Received packet has options ‘Total option bytes= 24, padded lengtn=24 Loose source route: 172.16.113.13 172.16.192.6 <> Timestamp: Type 0. Overtlows: 6 length 12, ptr 13 Time= 80FFAFCO Time= 80FFAF78 >>Current pointere< End oflst Request 4 timed out ‘Success rate is 40 percent (25), round-trip min/avgim. Handy Example 1-4. Extended Ping is used here to set strict source rou Handydping Protocol il: Target IP address: 172.16.113.10 Repeat count [5}:2 Datagram size {100} Timeout in seconds [2 Extended commands [nk y Source address: Type of service [0} ‘Set DF bitin IP header? [nal Validate reply data? [no} Data pattern [0xABCD}: Loose, Srct, Record, Timestamp, Verbese(nonel: © Source route: 172.16.192.6 172.16:113.17 172.16.113.10 Loose, Src, Record, Timestamp, Verbose(SVI ‘Sweep range of sizes [nl Type escape sequence to abor. Sending 2, 100-byte ICMP Ectos to 172.16.113.10, timeout is 2 seconds: Packet has IP options: Total option byles= 15, padded lengt Stict source route: <> 172.16.192.6 172.16.113.17 172.16.113.10 Reply to request 0 (80 ms). Received packet has options ‘Total option bytes= 16, padded lengtn=16 Stict source route: 172.16.113.10 172.16.118.17 172.16.192.6 <"> End o st Reply to request 1 (76 ms). Received packet has options ‘Total option bytes= 16, padded lengtn=16 Stet source route: 172.16.113,10 172.16.118.17 172.16.192.6 <"> End o st ‘Suocess rate is 100 percent (2/2), rounde-tip min'avg/max = 76/78/80 msHandy Padding ensures thatthe header ends on a 32-bit boundary by adding zeros afte the option field unt a multiple of $2 is reached. ‘A protocol analyzer capture of an IP header is shown Example 1-3] Compare the information shown witfigure 1 Example 1-5. You can see the fields of an IP packet's header and the values contained in field in this protocol analyzer display. Internet Protocol, Sc Addr: 172.16.1.102 (172.16.1.102), Dst Addr: 224.0.0.5 (2240.05) Version: 4 Header length: 20 bytes Differentiated Services Field: 0xc0 (OSCP 0x30: Class Selector 6; ECN: 0x00) Total Length: 64 Identification: Oxée61 (28257) Flags: 0x00 Fragment offset: 0 Time tive: 1 Protocol: OSPF IGP (0x5) Header checksum: Oxbco8 (correct) Source: 172.16.1.102 (172.16.1.102) Destination: 224.0.05 (224.0.05) recyIPv4 Addresses IPv4 addresses are 32 bits long; ke all network-level addresses, they have a network portion and a host portion. The network portion Uniquely identities a physical or logical lnk and is common to all devices attached to that irk. The host potion uniquely identifies a particular device attached to the tink. “There are several ways to represent the 32 bts of an IP address. For instance, the 32-bit IP address ‘00010101101011001010111 10000011 cam be represented in decimal as 181,819,287, Figure 1-4. The dotted-decimal format is a convenient way to write IPv4 addresses, but it should not be confused with what the router (or host) sees: a 32-bit string. a 10.214.87.1 eczema ine be 2 beeen te decimal eresratns.nPgue te 32-0 adeoas mapped oa dtd ecinaleresettn | Dotted decimals used only with IPv# aderesses. As you wil read iPhapter J IPv6 addresses are represented entirely dtferenty. [An important distinction to rememiber when working with IPv4 addresses is that dotted decimal s just an easy way for humans to read and we IP addresses. Always remember that the router isnot reading an ackiress in terms of four octets; rather, the router sees a 32-bit binary string, Many pitas can be avoided by Keeping tis fact rly in ming, ‘ot worked with binary numiverspaticularly converting between binary and decimalyou might want to read the tutorial in feed “Tutorial: Working with Binary and Hex,” before continuing on with this chapter. Probably the most distinctive characteristic of IPv4 adresses s that unike other network-evel addresses, the network and hast portions can vary in size within the 32-bit boundaries. That i, the network portion might take up most of the 22 bits, or the host portion might, of they might divide the bits equally. Protocols such as NetWare and AppleTalk were designed for use in relatively small networks, and as a result thelr nelworklevel addresses have fired-ength network and host portions. This arrangement certainly makes ite easier; a receiving vice knows to read a certain numberof bits info the address to find the network par, and the restis host address, TTOPIP, however, was designed trom the frst tobe flexible enough to be used in any network, from the tny tothe colossal. This flexibly ‘makes IP addresses more dificult to manage. The basics of administering IP addresses are presented inthis section, and thensome more advanced techniques are troduced in Bhapter d "RiPv2, Png, and Classless Routing” First Octet Rule \without putting too fine a point on iti can be said that there are three sizes of networks as measured by the number of hosts: big, ‘medium, and smal © Big networks, by definition, have @ huge number of hosts. Relatively few big networks exist ‘© small networks are just the opposite. Each one is small because it has a small number of hosts; a huge numberof small networks exist © Mecium networks are just that: a medium number of them (in relation to big and small ones) and @ medium number of hosts in each one. This high level of addressing focus requires three typesclassesol network address forthe three sizes of networks. Addresses for big networks need o be capable of addressing mary hosts, but because so few big networks exis, only a few big-network addresses are required ‘The situation is reversed fo small networks. Because there are many smal networks, a large number of smal-network addresses are needed, But because a small network has a small number of hosts, each ofthe many network adresses only requires a few host addresses, For medium-sized networks, a medium number of network addresses and a medium number of host addresses will be avallable for each network address. shows how the network and hast portions of IPv4 addresses are divided up for these three classes. Figure 1-5. Class A, B, and C IPv4 address formats. Class A: |N]H|H|H ClassB: | N|N|H|H Classc: |N|N|N|H ‘The big, medium, and small networks described thus far map to address classes as follows: © Class AIPV4 addresses are fr big networks. The fist octets the network portion, and the lst three octets are the host potion. Only 256 numbers are avaiable in the eight bit network part, but 2° or 16,777,216 numbers are available in the host part ofeach of those network addresses. © Class Baddresses are for medium-size networks. The fis two octets are the network portion, and the last two octets are the host portion. There are 2'® or 65,538 available numbers in the network part and an equal number inthe host part© lass C addresses are just the opposite of Class A, The frst three octets are the network portion, and the last actet isthe host portion. Because all Pv4 addresses are 32-pit binary strings, a way of cistinguishing the class to which a particular address belongs is necessary The first octet rule, demonstrated inffable 1-3 provides the means to make such a distinction and can be descrived as folows: © For Class A addresses, the fist bit ofthe fst acttthat is, the left mast bit ofthe entire 32-bit stringis always set to zero. “Therelore, we can find the minimum and maximum numbers inthe Class A range by seting al the remaining bits inthe fist octet to zero (forthe minimum) and one (forthe maximum), This acon results inthe decimal numbers O and 127 wth afew exceptions: 0s reserved as part ofthe a adress (Rhapter 14 "Default Routes and On-Demand Routing’), and 127 is reserved for internal loopback adresses El That leaves 1 through 126; any IP address whose fist octets between 1 and 126 inousve is a Class A address. I Devices use loopback addresses (typically 127.0.0.1) to send traffic to themselves. Data might be sent to this address and returned to the transiting process without ever leaving the device. © Class B addresses always have their leftmost it set to one and the second bt set to zero. Again ‘maximum number of te first octet by setting all remaining bits to zero and then to one, you see in ‘whose fist octet i in the decimal range 128 through 191 isa Class B address. © inciassc through 223) ©] Notice that 223 does not exhaust all available numbers in the first octet. See Configuratiof&xercise 1 atthe end ofthis chapter. minimum and that any address, 5986, the frst two bls are set to one, and the tir bitis set to zero, The resltisa first octet range of 192 Table 1-3. st octet rule. Cia Feta 0 crot0-0 all "lo and 127 are reserved So far IPv4 ackiressing doesnt seem so dificult. A router or host could easly determine the network part of an IP address by using the first octet rule. If the frst bits 0, then read the first eight bts to find the network address. I the it two bits are 10, then read the fst 16 bits; andi the first tree bits are 110, then read 24 bits in to ge the network address. Unfortunately, things are not that easy. Address Masks‘The address for an entre data inka non-host-specii network adressis represented by the network portion of anP address, with all host bits set to zero. For instance, an addressing autnoriyL4 might assign to an applicant an adress of 172.21.0,0421 this adcressis a Class B address because 172 is between 128 and 191, so the last two octets make up the host bits. Notice that they are all set to zero, The frst 16 bts (172.21) are assigned, but address owners are tre to do whatever they please wih the hast bis. "| The high-level organizations responsible for managing and assigning IP addresses are APNIC in Asia, ARIN in North America, LACNIC in Central and South America, and RIPE in EMEA. {21 actually, this address would never be assigned. Itis from a group of addresses reserved for private use; most of the addresses used in this book ae ftom this reserved pool, described in RFC 1918, Reserved addresses are 10.0..010.256.255.255, 172.16.0.0172.81.255 255, and 192.168,0,0192. 168.255 256. Each device or intertace willbe assigned a unique, host-spectc address such as 172.21.35.17. The device, whether a host or a router, ‘bviously needs to know its own adress, butt also needs to be able to determine the network to which it belongsin ths case, 172.21.0.9. This task is accomplished by means of an address mask, The adress mask is a 32-i sting, one bit fr each bitof the IPv4 address. As a {32-bit string, the mask can be represented in dotted-decimal format just ke an IPv4 address. This represenjalion tends tobe a stumbling block for some beginners: Although the address mask can be written in dotted decimal, itis not an address Table 1-4 shows the standard address masks forthe three classes of IPv4 address, Table 1-4. Address masks for Class A, B, and C IPv4 addresses. Class Mask Dotted Decimal a 111111 11000000000000000000000000 2550.00 8 11111111111111119000000000000000 255 255.0.0 ° suntantttitttittitt1 111100000000 255 255,255.0 For each bt ofthe IPv4 address, the device performs a Boolean (lopial) AND function with the corresponding bit of the address mask. ‘The AND function can be stated as follows: Compare two bits and derive a result. The result willbe one, it and only it, both bits are ane. I either or both bts are zero, the result ill be 22. Figure 1-4 shows now, fora given IPv4 address, the address maski used to determine the network adéress. The mask has @ one in very Bi position corresponding toa network bit ofthe address and a zero in every bit postion corresponding to a hast bit. Because 172.21.35 1Zisa Glass B address, the mask must have the fist two octets set to all nes and the last two octets, the host part, set to all zeros. As[fable 1-4 shows, this mask can be represented in dotted decimal as 255,255.00. Figure 1-6. Each bit of this Class B address is ANDed with the corresponding bit of the address mask to derive the network address. Truth Table for Boolean AND \otOANDU=0 1ANDO=0 1AND1=1 10101100000101010010001100010001 = 172.21.35.17 AND | 11111111111111110000000000000000 = 255.255.0.0 10101100000101010000000000000000 = 172.21.0.0 ‘logical AND ts performed on the IPvt address and its mask for every bt position; the result is shown inFigure 1-4 Inthe result, every network bit is repeated, and all the host bits become Os. So by assigning an address of 172.21.35.17 and a mask of 255.255.0.0 to an interface, the device wil know tha the interface belongs to network 172.21.0.0. Applying the AND operator to an IPv4 address and its address mask always reveals the network address. ‘An address and mask are assigned to an interface ofa Cisco router inthis example, the EO interface) by means ofthe following commands: ‘Smokey(config)# interface ethernet 0 ‘Smokey(config-it ip address 172.21.95.17 256.255.0.0 But why use address masks a all? So fa, using the fst octet rule seems much simpler. Subnets and Subnet Masks Never lose sight of why networkevel addresses are necessary inte frst place. For touting to be accomplished, each and every data link (network) must have a unique adress; in addition, each and every host on that data ink must have an address that both identifies it as a member ofthe network and cstinguishes it ftom any other host on that network. {As defined so far, a single Class A, Bor C address can be used only on a single data ink. To buld a network, separate addresses must be used for eact data lnk so tha those networks are uniquely identiiable. Ia separate Class A, B, or C address were assigned to each lata link, fear than 17 milion data inks could be addressed before all IPv4 addresses were depleted, This approach is obviously impractical. isthe tact that to make fll use ofthe host address space in the previous example, more than 65,000 devices would have to reside on data lnk 172.21.0.0! Seventeen milion data links might seem tke a lot uni you consider that even a single moderate-size business might have dozens or hundreds of data inks. The only way to make Class A, B, or C addresses practical i by dividing each major address, such as 172.21.0.0 into subnetwork addresses. Recall two facts: (© The host portion of an IPv4 adress can be used as desired © The network portion ofan IPv4 address is determined by the address mask assigned to that interface. Figure 1] shows a network to which the major Class B address 172.21.0.0 has been assigned. Five data inks are interconnecting the hosts and routers, each one of which requires a network address. As it stands, 172.21.0.0 would have tobe assigned to a single data link,‘and then four mare addresses would have tobe requested forthe other four data inks. Figure 1-7. Subnet masks allow a single network address to be used on multiple data links by “borrowing” some of the host bits for use as subnet bits. View fullsize image} Network: 172.21.0.0 55.255.255.0 Subnet 172.21; - oe treats yaaa wreai2s Weer 255.286.265.0 2552552550 288-255 2550 seat cee) 255.255.2550 ‘Subnet 172.21.3.0 172.21.1.5 255.255.255.0 ‘Sub 172.21 22112 255.255.265.0 ye2132 285.255 285.0 172.21.1.10 255.255,.255.0 iaatae 255.258.2850 rae 172.21.3.75 285.255.255.0 255.255.255.0 ‘Subnet 172.21.5.0 172,21.5.100 172,21.6.200 255,255.255.0 255,255.255.0 Notice what was done in Figure 1-9 The address mask is nota standard 16-bit mask for Class B addresses; the mask has been extended another eight bits so thatthe fist 24 bits ofthe IP address are interpreted as network bts. In other words, the routers and hosts have been (ven a mask that causes them to read the frst eight host bits as part ofthe network address. The result i that the major network address applies tothe entire network, and each data ink has become a subnetwork, or subnet. A subnetis a subset of a major Class A, B, or C address space. ‘The IPv4 address now has three parts: the network pat, the subnet part, and the host pat. The address mask is now a subnet mask or a ‘mask that is longer than the standard address mask. The frst two octets ofthe a always be 172.21, but the third octetwhose bits ate now subnet bts instead of host btsmight range from 0 to 255. The network wna has subnets 1, 2,3, 4, and 5 (172.2110 through 172.21.60). Up to 256 subnets might be assigned under the single Class B address, using the mask shown, Two words of caution are in order. First, not ll outing protocols can support subnet addresses in which the subnet bits are all zeros or all ones. The reason s that these pro fed classful protocol, cannot difereniate between an all-zero subnet and the major network umber. For instance, trator would be 172.21.0.0; the major IP address is also 172.21.0.0. The two cannot be tinguished without furtner information.koe cts on poops can eres abraas one ones ne om nabs roast ates lr trang eab-nes subnet ngs wld 172212550 Fara eset ea ots bade ads woud be {7221 258255, bats as erates al oes on exits of mar eter 17221 08. Ap, eras cant be dings wo are norton ab wen 1 adIGRP we ch cash tig penn Eiharod ter Gateway Rong Prorl IGRP)"intedce sss pol, wih et ned use hea eo ard stores stn {141 The all-hosts IP broadcast address is all ones: 255.255.255.255. An all-hosts broadcast for a particular subnet ‘would set al host bits to one; for instance, an al-hosts broadcast for subnet 17221.1.0 would be 172.21.1.255. Final a broadcast fr all hosts on all subnets sets the subnet bits and the host bits to all ones: 172.21.256.255. ‘The second cautign has to do with the verbal description of subnets and their masks. Subnetting the third octet of a Class B address, a is cone is Figure 1-7 is very common; also common is hearing people describe such a subnet design as “using a Class C mask wih a Class B address," or“subnetting a Class B address into a Class." Bath descriptions are wrong]! Such descriptions Irequertly lead to rmisunderstandings about the subnet design or toa poor understanding of subnettng ise. The proper way to describe the subnetting scheme of igure 1-is ether as “a Class B address with 8 bit of subneltng," or as "a Cass B address with a 24-bit mask.” “The subnet mask might be represented in any ofthe folowing thre formas: Dotted decimal: 255.255.255.0 Bitcount: 172.21.0.0'24 Hexadecimal: OxFFFFFFOO Dotted decimal is commonly used in software that has been around for a while, although the bitcount format is becoming increasingly Pteferted. Compated to dotted decimal, the bitcount format is easier to write. (The address is folowed by a forward slash and the number ofits that are masked forthe network part) In adlton, the bitount format is mare descriptive of what the mask is really doing and therefore avoids the type ot semantic misunderstandings described inthe previous paragraph. Some UNIX systems use the hexadecimal format. Although the address mask must be specified to Cisco routers in dtted decimal, using the command shown previously, the mask might be splayed by various show commands in any f the tree formats by using the commandp netmask-format [decimal] hexadecimal, bit-count] in line configuration made. For example, to configure a router to display is masks in bitcount format, use Glacys(configit line vty 0.4 Gladys(config-ine)# Ip netmask-format bit-count Designing Subnets {As established inthe previous section, subnet bits cannot be all zeros or all ones in classful environments. Likewise, an IPv4 host address cannot have allt host bits set to zerotis setting is reserved forthe adress that routes use to represent the network or suone tse. {And the host bits cannot be set to all ones, as ths setting isthe broadcast address. These restrictions apply tothe host bts with no exceptions and are starting points for designing subnets. Beyond these starting points, network designers need to choose the most ‘appropriate subnetting scheme in terms of matching the address space to the particulars of a network. \When designing subnets and their masks, the number of available subnets under a major network address and the numberof available hosts on each subnet are both calculated with the same formula: 2”2, where nis the number of bits in the subnet or host space and 2 is subtracted to aocount forthe unavailable all-zeros and al-ones addresses. For example, given a Class A address of 10.0.0.0, a subnet ‘mask of 10.0.0.0/16 (255.255.0.0] means that the &-bit subnet space wil yield 2° 2 = 254 available subnets and 3° 2 = 65,594 host addresses available on each of those subnels. On the other hand, a mask of 10.0,0.0/24 (255.256,255.0) means that a 16-bit subnet space is yielding 65,534 subnets and an 8-bt host space is yielding 254 host addresses foreach subnet.‘The following steps are used to subnet an IPvé address: Step 1 Determine how many subnets are requted and how many hosts per subnet are requited, a Use the 22 formula to determine the number of subnet bits and the number of host bits that wll satis the requirements established in Step 1 I multiple subnet masks can salsty the requirements, choose the one tha wil best scale to future needs. For example, ithe network is mast Ikely to grow by adding subnets, choose more subnet bts ifthe network is most kel to grow by adding hosts to existing subnets, choose more host bits. Avoid ‘choosing a scheme in which either all subnets or ll ost addresses within the subnets will be used up immediately, leaving no room for future growth. Step 3. ‘Working in binary, determine all available bit combinations inthe subnet space; in each instance, set ll the host bis to zero, Conver the resulting subnet addresses to doted decimal. These are the subnet addresses. Step 4 For each subnet adress, again working in binary, write all possible bit combination for the host space without ‘changing the subnet bits. Convert the results to dotted decimal: these are the host addresses available for each subnet. The importance of doing the last two steps in binary cannot be overemphasized. The single greatest source of mistakes when working with subnets i trying to work with them in dotted decimal without understanding what is happening at the binary level. Again, dotted decimal is for convenience in reading and wrting IPv4 addresses. Routers and hosts see the addresses as 32-bit binary stings; to successfully work with these addresses, they must be seen the way the outers and hosts see them. ‘The previous paragraph might seem a bit overzealous in light ofthe examples given sofa; the pattems of subnet and host addresses have been quite apparent without having to see the addresses and masks in binary. The next section uses the four design stens to derive «a subnet design in which the dotted decimal representations are not so obvious. Breaking the Octet Boundary In the examples given sofa, the subnet spaces have fallen on octet boundaries. This arrangement is not always the most practical or ecient choice. What i fornstance, you need to subnet a Class B address across 600 data links, each wih a maximum of 100 hosts? This requirement i easly met, but only by using rine bits inthe subnet fel: 2°2 = 510 available subnets, leaving seven bits forthe host field, and 2” 26 available hosts per subnet. No other bit combination wil satisty tis requirement. Notice, aso, that there is no way to subnet a class C adress on an octet boundarydoing so would use up al f the last byte, leaving no room for host bits. The subnet bis and host bits must share the last octet, asthe following example shows. Fre sno he network figs bu wi lass C ders ot 182. 18.1000 assionea Figure 1-8. The network from but with a Class C prefix assigned. Subnetting an entire octet will not work here; there would be no space left for host bits. {View fullsize image}Network: 192.168.100.0 ‘Subnet Mask: 22? 2 Host Addresses Needed 25 Host Addresses Needed There ae five data links; therefore, the address must be subnettedto provide for at leat five subnet addresses. The illustration also indicates the number of hosts (including router interfaces) that need to be addressed on each subnet. The maximum host address requirement is 25 for the two Etherets. Therefore, the full subneting requirements are atleast five subnets and at least 25 hast addresses per subnet. Applying the 22 formula, three subnet bits and five ost its wll sats the requirements: 22 = 6 and 3 2 =30.A Class C mask with three bits of subnettng is represented as 255.255.255.224 in datted decimal. igure 1-q] shows the derivation ofthe subnet bits. The subnet mask derived in Step 2s writen in binary, and the IP address is written below it. Vertical ines are drawn as markers forthe subnet space, and within tis space all possible bit combinations are writen by counting up from zero in binary. Figure 1-9. The subnet bits are derived by marking the masked subnet bit space and then writing all possible bit combinations in the space by counting up from zero in binary. 99999999999999111111111111100000 = 255.255.255.224 11000000101010000110010900000000 = 192.168.100.0 NETWORK (000) HOST ADDRESS 101} ADDRESS SPACE 10| SPACE 011 100]. SUBNET101) <@™ ADDRESS Ve SPACE Infiguee 1-10] the unchanged network bits are filed into the let ofthe subnet space and the host bits, which are al zeros inthe subnet addresses, are filed into the right ofthe subnet space. The results are converted to dotted decimal, and these ae the six subnet addresses (remembering thatthe first and last addresses, which have 000 and 111 in the subnet space, cannot be used Figure 1-10. The subnet addresses are derived by filling in the network address to the left of the subnet space, setting all host bits to zero to the right of the subnet space, and converting the results to dotted decimal. VAGGTTT1T900000000909901 110000001010100001 100100! 110000001010100001 100100! 110000001010100001 100100! 110000001010100001 100100) 110000001010100001 100100) 110000001010100001 100000; 110000001010100001 100000; 110000001010100001 100000} = 1 0000000 0100000 = ‘The last steps to calculate the host addresses available to each subnet. This step is dane by choosing a suf and subnet bits unchanged, wring al bt combinations inthe host space by counting up trom zero in binary. for subnet 192.168.100.32. Figure 1-11. The host addresses for a subnet in the host space. These are the host bits for subnet 192.168. NETWORK HOST BITS BITS 0000000 = 192.168.100.0 0100000 = 192.168,100.32 1000000 = 192.168.100.64 1100000 = 192.168. 100.96 92.168.100.128 92.168.100.160 1000000 = 192.168.100.192 11100000 = 192.168.100.224 1 Fes i 100.32. 1 100000 = 255.255.255.224 ping the network shows this step lerived by writing all possible bit combinations 11000000101010000110010000100000 = 192.168.100.32 +— SUBNET 41000000101010000110010000100001 = 192.168.100.338 \. 110000001010100001 1001000010010 = 192.168.100.34 11000000101010000110010000100011 = 192.168.100.35 110000001010100001 1001000010100 = 192.168.100.36119000001010100007 190100001 110000001010100001100100001 110000001010100001 100100001 110000001010100001 100100001 11000000101 0100001100100001 110000001010100001 100100001 4140000001010100001 100100001 110000001010100001100100001 11000000101010000110010000101101 = 192.168.100.45 11000000101010000110010000101110 = 192.168.100.46 110000001010100001 1001000010111 = 192.168.100.47 110000001010100001 100100001/10000 = 192.168.100.48 11000000101010000110010000110001 = 192.168.100.49 101 = 192,168.100.37 110 = 192.168.100.38 111 = 192.168.100.39 1000 = 192.168.100.40 1001 = 192.168.100.41 1010 = 192.168.100.42 1014 = 192.168.100.43 1100 = 192.168.100.44 110000001010100001 100100001 10010 = 192.168.100.50 VALID 110000001010100001100100001\10011 = 192.168.100.51 HOST 440000001010100001 100100001}10100 = 192.168.100.562 | apprEsses 110000001010100001 100100001 10101 = 192.168.100.53 11000000101010000110010000110110 = 192.168.100.54 11000000101010000110010000110111 = 192.168.100.55 110000001010100001100100001/11000 = 192.168.100.56 11000000101010000110010000111001 = 192.168.100.57 110000001010100001 100100001/11010 = 192.168.100.58 11000000101 0100001 100100001/11011 = 192.168.100.59 110000001010100001100100001)11100 = 192.168.100.60 110000001010100001 100100001/11101 = 192.168.100.61 110000001010100001100100001111110 = 192.168.100.62 110000001010100001100100001/11111 = 192.168.100.63 «— BROADCAST Notice the pattems in the results: The ist address, in which the host bits are all zero, is the subnet address. The lat address, in which the host bis ae all one, isthe broadcast address for subnet 192.168. 100.32. The host addresses count up trom the subnet address to the broadcast address, andi the sequence were to continue, the next address would be the second subnet, 192.168. 100.64 ‘The importance of understanding subnetting a the binary level should now be clear. Presented with an address such as 192.168.100.160, you cannot be sure whether itis host address, a subnet address, or a broadcast address. Even when the subnet mask i known, things ate not aways readily apparent Readers are encouraged to calculate all host addresses for all the remaining subnets inthe example and to observe the patterns that resul in the addresses. Understanding these pattems wil help in situations such asthe one presented in the next section. Troubleshooting a Subnet Mask The necessity frequently arses to "sissect’ a given host address and mask, usually to identiy the subnet to which it belongs. For instance, it an address is to be configured on an interface, a good practice isto fis vey thatthe address is valid forthe subnet to which the subnet is connected Use the following steps to reverse-engineer an IP addres:Step 1 ‘Write the given subnet mask in binary Step 2. ‘Write the IPv4 hast address in binary. Step 3. knowing the class ofthe host adcress, the subnet bits ofthe mask should be apparent. Using the mask bts as a ‘uide, draw ane between the last network bit and te fist subnet bit of the address. Draw another line between the last subnet bit andthe first host i. Step 4 ‘Write the network and subnet bits of the address, seting all host bits to zero. The result isthe address ofthe subnet ta which the host address belongs. Step s. ‘Again write the network and subnet its ofthe address, this time setting all host bits to one. The resul isthe broadcast address ofthe subnet Step 6. knowing thatthe subnet address isthe frst address in the sequence and thatthe broadcast addres i the last address in the sequence, you also know that all addresses between these two are valid host addresses. snows these steps applied to 17230.0.141/25, Figure 1-12. Given an IPv4 address and a subnet mask, follow these steps to find the subnet, the broadcast, and the host addresses. 172,30.0.141/25 (1) Write subnet mask; 11191911111111111111111110000000 = 255,255,255.128 (2) Write IP address: 101011000001 11 100000000010001 101 = 172.30.0.141 } (3) Mark the subnet SERRDRRRRRRERRARIBER OD 1110000000 = 255.255.255.128 space. 101011000001 11 10000000001/0001 101 = 172.30.0.141 Derive the... 1411911111911111111111111110000000 = 255.255.255.128 101011000001 1 1100000000010001101 = 172.30.0.141 (4) subnet address: 101011000001 111000000000 110000000 = 172.30.0.128 (5) broadcast address: 10101100000111100000000011111111 = 172.30.0.255 (6) Valid host addresses for this subnet are 172.30.0.129 - 172.30.0.254, The address isa Class B, so itis known that the first 16 bts are the network bis; therefore, the last nie bits of the 25-bit mask mark the subnet space. The subnet address is found tobe 172.80.0.128, andthe broadcast address is 172.30.0.255. Knowing thatthe valid host addresses for the subnet are bounded by these two addresses, itis determined thatthe host addresses for subnet 172.90.0.128 are 172,30.0.129 through 172.90.0.254 ‘Several things about ths example tend to bother folks who are new to subnetting. Some are bothered by the third octet of the address, wich is all zeras. Some are bothered by the single subnet bitin the last octet. Some think that the broadeast adress looks suspiciously invalid. All ofthese uneasy feelings arise from reading the addresses in dotted decimal. When the addresses and the mask are seen inbinary, these suspicions are assuaged and everything is seen to be legitimate; the mask sets a nine-bit subnet spaceal ofthe third octet and the frst bit ofthe fourth octet. The moral ofthe story is that if everything is known tobe correct in binary, don't worry ifthe otted-decimal representation looks funny. KIAddress Resolution Protocol (ARP) Routers pass packets across a logical path, composed of multiple data links, by reading and acting onthe network addresses in the packets. The packets are passed across the individual data inks by encapsulating the packets in frames, which use data-nk identtiers (MAC addresses, for example) to get the frame from source to destination on the link. One ofthe major topic ofthis book concer the ‘mechanisms by which routers discaver and share information about network adresses so that routing might take place. Similarly, devices (on 2 data lnk need a way to discover ther neighbors’ data-tnkidenters so that frames might be transmitted othe correct destination ral mechanisms can provide ths information Apy4 uses the Address Resolution Protocol (ARP), described in RFC 826Figure [-1q]snows how ARP works. A device needing to discover the datavink identifier of another device will create an ARP Request packet This request will contain the IPv4 address ofthe device in question (the target) andthe source IPv4 address and data-tnk identi (MAC address) ofthe device making the request (the sender). The ARP Request packet is hen encapsulated in a frame with the sender's MAC address as the source and a broadcast address for the destination (see Example 1-4. {151 NetWare, for example, makes the MAC address of the device the host portion of the network-level addressa very sensible thing to do, "8 Like an IP broadcast, the MAG broadcast isan address ofall ones: ff. Figure 1-13. ARP is used to map a device's data-link identifier to its IP address. View full size image} 172.16.1.21 172.16.1.33 0030.652c.09a6 0010.5ae5.0ee3 Sender's IP Address: 172.16.1.21 Target MAC Address: (0000.0000.0000 Target IP Address: 172.16.1.33 Sender's IP Address: 172.16.1.33 Target MAG Addross: 0030.682.09a6 Target IP Address: 172.16.1.21 MAC Address: 0010.5a05.0e63 Example 1-6. An analyzer capture of the ARP Request depicted in Figure 1-13) wit encapsulating frame.Ethernet Il, Src: 00:30:65:2¢:09:26, Dstt Destination: ffttsta (Broadcast) ‘Source: 00:30:65:2c:08:a8 (AppleCom_2c:09:26) Type: ARP (00808) ‘Address Resolution Protocol request) Hardware type: Ethernet (0x0001) Protocol ype: IP (0x0800) Hardware size: 6 Protocol size: 4 (Opcode: request (0x0001) ‘Sender MAC address: 00:30:65:2c:09:26 (AnpleCom_2¢:09:26) Sender IP adress: 172.16.1.21 (172.16.1.21) ‘Target MAC address: 0:00:00:00:00:00 (00:00:00 _00:00:00) Target IP address: 172.16.1.93 (172.16.1.83) ‘The broadcast address means that al devices on the data lnk wll receive the frame and examine the encapsulated packet. All devices except the target will ecognize that the p 3 them and wil drop the packet. The target will send an ARP Reply to the source address, supplying iis MAC address (see Example 1 An analyzer capture of the ARP Reply depicted in Ethernet Il, Src: 00:10:5a:e6:0ere3, Ost: 00:90:65:2c:08:26 Destination: 00:30:65:2c:09:26 (AppleCom_2c:08:26) ‘Source: 00:10:5a:e6:0e:e9 (Scom 5:02:63) ‘Type: ARP (00808) Trailer: 15151515151518151515151515151815, ‘Address Resolution Protocol reply) Hardware type: Ethernet (0x0001) Protocol ype: IP (0x0800) Hardware size: 6 Protocol size:4 (Opcode: reply (0x0002) ‘Sender MAC address: 00:10:Sa:25:0e:69 (Scom_e5:0e:63) ‘Sender IP adress: 172.16.1.33 (172.16.1.33) Target MAC address: 00:30:85:2c:09:6 (AppleCom_20:09:26) Target IP address: 172.16.1.21 (172.16.1.21) Example 4- Cisco roves wi splay ARP acy when the debu unconebug aps invoked, s shown kang Router Aretha (172.21.5.1) responds to an ARP request from host 172.19.35.2. Example 4- Arethatdebug arp IP ARP: rovd req sre 172.19.35.2 0002.6779,014c, dst 172.21.5.1 EthernetO IP ARP: sent rep sre 172.21.5.1 0000.0c0a.2aa8, dst 172,19.35.2 0002.6779.0H4c Etheret0 Aretha‘1d snows the ARP packet format. As the fields are descrbed, compare them with the ARP packets Bxample and Example Figure 1-14. ARP packet format. 32 BITS 8 8 8 t 1 t HARDWARE TYPE 8 PROTOCOL TYPE HARDWARE PROTOCOL ADDRESS ADDRESS | LENGTH LENGTH SENDER HARDWARE ADDRESS (OCTETS 0 - 3) OPERATION SENDER HARDWARE ADDRESS SENDER IP ADDRESS (OCTETS 4-5) (OCTETS 0-1) SENDER IP ADDRESS TARGET HARDWARE ADDRESS. (OCTETS 2-3) {OCTETS 0-1) TARGET HARDWARE ADDRESS (OCTETS 2-5) TARGET IP ADDRESS: Hardware Type specifies the type of hardware, as speciied by the IE common type numbers. [fable +-Jshows some examples of some ofthe more {171 all numbers in use in various felds throughout the TCP/IP protocol suite were originally listed in: J. Postel and J. Reynolds, "Assigned Numbers," AFC 1700, October 1994. This large document (230 pi q fable reference, but is now abit outdated. A current lst of assigned numbers can be found SenseTable 1-5. Common hardware type codes. Number Hardware Type 1 Ethernet 3 X25 4 Proteon ProNET Token Ring 6 IEEE 802 Newores 7 AACret 1" ‘Apple LocalTalk 4 MDs 15 Frame Relay 16 ATM 17 HOLC 8 bce Channel 19 aT 20 Serial Link ‘Protocol Type specifies the type of networklevel protocol the sender is mapping to the data ink identi; IPv4 is 0x0800. Hardware Adoress Length species the length, octets, othe data link identifiers. MAC addresses would be 6. ‘Protocol Adoress Length spectes the length, in octets, ofthe network-level address. IPv4 would be 4 Operation specifies whether the packet is an ARP Request (1) or an ARP Reply (2). Other values might ais be found here, indicating other uses forthe ARP packet. Examples are Reverse ARP Request (3), Reverse ARP Reply (4), Inverse ARP Request (8), and Inverse AARP Reply (9) The final 20 octets are theflelds for the sender's and target's data-lnk identifiers and IPv4 addresses, Example 1-9. The ARP table for three devices connected to the same network: a Cisco router, a Microsoft Windows host, and a Linux host. Marthashow arp Protocol Adress Age (min) Hardware Addr Type Interface Intemet 10.158.43.34 2 0002.6779.0He ARPA Ethemetd Intemet 10.158.43.1 -0000.0c0a.2aa9 ARPA EthemetO Internet 10.198.43.25 18 00a0.24a8.a1a5 ARPA Ethernet0 Internet 10.158.43.100 6 0000.0c0a.2c51 ARPA Ethemet0 Martha CAWINDOWS>arp -aInterface: 148,188.43.25 Intemet Address Physical Address Type 10.188.43.1 00-00-00-0a-22-29 dynamic 10.188.4334 —00-02-67-79-0I-4e aynamic 10.188.43.100 00-00-00-0a-2051 dynamic Linuxc~# arp -a Address HWtype —-HWaddress Flags Mask 10.15849.1 10Mbps Ethernet 00.00.0:082AA9 Co * 10.158.49.100 10Mbps Ethemet 00:00:00.0K2C51 C * 10.158-49.25 10Mbps Ethernet OO-AD2EABATAS Co * inux:-# Notice the Age column. As this column would indicate, ARP information is removed from the table after a certain time to prevent the table trom becoming congested with od information, Cisco routers hold ARP entries for four hours (14,400 seconds); this default can be changed. The folowing example changes the ARP timeout to 30 minutes (1800 seconds): Martha(configit interface ethernet 0 Martha(config-i# arp timeout 1800 ‘The middle seen ot Examaie 1 shows the ARP table of a Microsoft Windows PC, and he battom shows the ARP table froma Linux machine. Although the format is diferent trom the IOS display, the essential information i the same in all three tables. [ARP entries might also be permanently placed inthe table. To statically map 172.21.5.131 to hardware address 0000.00a4.b74e, with a ‘SNAP (Subnetwork Access Protocol) encapsulation type, use the folowing: Martha(configh# arp 172.21.5.131 0000.00a4.b74e snap ‘The command clear arp-cache forces a deletion ofall dynamic entries from the ARP table. It also clears the fast-swtching cache and the IP route cache. ‘Several variations of ARP exist; at least one, proxy ARP, is important to routing, Proxy ARP ‘Sometimes called promiscuous ARP and descrived in RFCs 925 and 1027, proxy ARP is a method by wich outers might make themselves available to hosts. For example, a host 192.168.12.5/24 needs to send a packet to 192.168.20.101/24, butt isnot configured with detault gateway information and therefore does not know how to reach a router. It might issue an ARP Request for 192.168.2010 the local router, receiving the request and knowing how to reach network 192.168.20.0, wil issue an ARP Reply with its own data ink denier n the hardware address field n effect, the router has ticked the local host nto thinking thatthe router interface isthe interlace of 192.168.20.101. All packeis destined for that adress are then sent tothe router. Feu 1 snove artes oc rony ARP Of arcu rest hraethe acess make. The seis cofgied wh 283 Ta Taub of urate Clase Caden bl be hss aa conigredwih U1, dat Cas © mas Aaah hoot il note aware hal sues ext Ho! 182 168.208 wanting te sevda peck! 192 6820.28 wl sve an ARP Reavest The ule eogtag that te age dts son acer sre wl empnd waht own Rrdvareaess. Proxy ARP mao te Sete vetvon pce tanspaet te hsFigure 1-15. Proxy ARP enables the use of transparent subnets. 192.168.20.66/24 192.168.20.70/24 SUBNET 192,168.20.64 192.168,20.65/28 eS 192.168.20.17/28 SUBNET 192.168,20.16 192.168.20.20/24 192.168.20.25/24 ‘The ARP cache inxample 1-1 gives a hint that proxy ARP isin use. Notice that multiple IPv4 addresses are mapped to single MAC identier, the addresses are for hosts, bu the hardware MAC identi belongs to the router interface. Example 1-10. This ARP table from host 192.168.20.66 in Figure 1-15 shows multiple IPv4 addresses mapped to one MAC identifier, indicating that proxy ARP is in use. CAWINDOWS>arp -a Intertace: 192.168.20.68 Intemet Address Physical Address Type 192.168.20.17 00-00-0¢-0-2a-89 dynamic 192.168.2020 00-00-0¢-02-2a-89 dynamic 192.168.2025 00-00-0¢-0a-2a-89 dynamic 192.168.2065 00-00-00-0a2051 eynamic 192.168.2070 00-02-67-79-0"-4e dynamic Proxy ARP is enabled by detaultin IOS and might be disabled ona per interface basis withthe command no ip proxy-arp.Gratuitous ARP ‘Athost might accasionally issue an ARP Request wit its own IPv4 address asthe target address. These ARP Requests, known as gratuitous ARPs, have several uses: © A gratuitous ARP might be used for duplicate address checks. A device that issues an ARP Request with is own IPv4 address as the target and reosives an ARP Reply from another device wil know thatthe address isa duplicate © A gratuitous ARP might be used to advertise a new datalnk identifier. This use takes advantage ofthe fact that when a device receives an ARP Request for an IPv4 address thats already in its ARP cache, the cache will be undated withthe sender's new hardware address, © A router running Hot Standby Fouter Protocol (HSRP) that has just taken over asthe active router rm another rauter on a subnet issues a gratuitous ARP to update the ARP caches of the subnets hosts. Mary IP implementations do not use gratuitous ARP, but you should be aware o its existence. Its disabled by default in IOS but can be enabled with the command ip gratuitous-arps. Reverse ARP Instead of mapping a hardware address to @ Known IPv4 address, Reverse ARP (RARP) maps an IPv4 adress to a known hardware address. Some devices, such as ciskless workstations, might not know ther IPv4 address a startup. RARP might be programmed nto firmware on these devices, allowing them to issue an ARP Request that has their bumedsn hardware address. The reply from a RARP server will supply the appropriate IPv4 address. [RARP has been largely supplanted by Dynamic Host Configuration Protocol (DHCP), an extension ofthe Bootstrap Protocol (BootP), both of which can provide more information than the IPv4 address, and which, unike RARP, can be routed off the local data ink.Kc’ Internet Control Message Protocol (ICMP) The Internet Control Message Protocol, or ICMP, described in RFC 792, specifies a variety of messages whose common purpose is to ‘manage the network. ICMP messages might be classified as either errar messages or queries and responses. Figure 1-14 shows the general ICMP packet forms els are identified by ype: many ofthe packet types have more specific types, and these are Tented bytecode ls fate tists he vous NP pace ype ad er codes, as Gescbed n EC. 1700 Figure 1-16. The ICMP packet header includes a type field, a code field that further identifies some types, and a checksum. The rest of the fields depend on the type and code. —_————— _ 32 Bits —_____#+ 8 8 | 8 ; 8 TYPE CODE CHECKSUM VARIABLE FIELDS, DEPENDING ON ICMP TYPETable 1-6. ICMP packet types and code fields. Type Code Name ° ° ECHO REPLY 3 DESTINATION UNREACHABLE 0 Network Unreachable 1 Host Unreachable 2 Protocal Unreachable 3 Port Uneachable 4 Fragmentation Needed and Dantt Fragment Flag Set 3 Source Route Failed 6 Destination Network Unknown 7 Destination Host Unknown 8 Source Hos islated 9 Destination Network Adminstatvely Prohibited 10 Destination Host Administravely Prohibited 1" Destination Network Unreachable for Type of Service 12 Destination Host Unreachable for Type of Service 4 0 SOURCE QUENGH (deprecated) 5 REDIRECT ° esirect Datagram forthe Network (or Subnet) 1 Resirect Datagram forthe Host 2 Resirect Datagram forthe Network and Type of Service 3 esirect Datagram forthe Host and Type at Senice 6 0 ALTERNATE HOST ADDRESS 8 ° ECHO 9 ° ROUTER ADVERTISEMENT 10 ° ROUTER SELECTION 1" TIME EXCEEDED ° Time to Live Exceeded in Transit 1 Fragment Reassembiy Time Exceeded 12 PARAMETER PROBLEM ° Pointer nciates the Ear 1 Missing a Reauired Option 2 ad LengthType Code Name 13 ° TIMESTAMP 14 ° TIMESTAMP REPLY 15 ° INFORMATION REQUEST (Obsolete) 6 ° INFORMATION REPLY (Obsolete) 7 ° ADDRESS MASK REQUEST (Near- obsolete) 8 ° ADDRESS MASK REPLY (Near-cbsolete) 30 - TRACEROUTE Ezanpie 11] anafiampie 1-1 snow analyzer captures of wo ofthe most wel-known 1OMP messagesEcho Request and Echo Reply, which are used by the ping function, Example 1-11. ICMP Echo message, shown with its IPv4 header. Internet Protocol, Sc Ad: 172.16.1.21 (172.16.1.21), Dst Addr: 198.193.219,25 (198.193.219.25) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) Total Length: 84 Identification: Oxabe3 (43971) Flags: 0x00 Fragment offset: 0 Time to lve: 64 Protocol: CMP (0x01) Header checksum: Ox8021 (correct) Source: 172.16.1.21 (172,161.21) Destination: 198,193.219.25 (198.193.219.25) Internet Control Message Protocol ‘Type: 8 (Echo (ping) request) Code: 0 (Checksum: 0x2297 (correct) Identifier Ox0a40 ‘Sequence number: 0x0000 Data (56 bytes) (0000 40 fd a 2.00 0e 73 57 08 08 0a Ob Oc Od Oe OF @....sW. oto 1011 1213 14 15 1617 18 19 1a tb te 1d te (0020 20.21 22.23.24 25 25.27 28 29 2a 2p 2c 2d 26 21 '#S%A8')"+-/ (0030 30:31 32 33 34 35 38 37 01234567 Example 1-12. ICMP Echo Reply.Internet Protocol, Sc Addr: 198.133.219.25 (198.133.219.25), Dst Addr: 172.16.1.21 (172.16.121) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) Total Length: 84 Identification: Oxabe3 (43971) Flags: 0x00 Fragment offset: 0 Time to lve: 242 Protocol: CMP (0x01) Header checksum: Oxce20 (correct) Source: 198.133.219.25 (198.193.219.25) Destination: 172.16.1.21 (172.16.1.21) Internet Control Message Protocol ‘Type: 0 (Echo (ping) reply) Code: 0 (Checksum: Oxaa97 (correct) Identifier: Ox0a40 ‘Sequence number: 0x0000 Data (56 bytes) (0000 40 fd ab c2 00 Oe 73 57 08 09 0a Ob Oc Od Oe OF @....sW. 0010 1011 1213 14 15 1617 1819 1a tb ted te 11 (0020 2021 22 23 24 25 26 27 28 29 2a 2p 2c 2d 20.21 HSAs! (0030 30:31 32 33 34 35 38 37 01234567 ‘Although most ICMP types have some bearing on routing functionality, three types are of particular importance: © outer Advertisement and Router Selection, types 9 and 10, respectively, are used by the ICMP Router Discovery Protocol UIRDP), a protocol used by some operating systems (such as most versions of Microsoft Windows) to eiscaver local router. aides te ates via our 8 ate Pats A moma he pac cu esa aso ih ‘ahi pata Gatnton Xe ward ne pote Pate © sara feo over sed ree, Example 1-13. Using the debugging function debug ip icmp, this router can be seen sending a redirect to host 10.158.43.25, informing it that the correct router for reaching destination 10.158.40.1 is reachable via gateway (gw) 10.158.43.10. Piptdebug ip temp ICMP packet debugging is on ICMP: redirect sent to 10.158.43.25 for dest 10.158.40.1, use gw 10.188.43.10 ° Pipi [An occasionally used trick to avoid redirects on data inks with muliple attached gateways is to set each host's default gateway as its‘own IPv4 address. The hosts wil en ARP for any addres, andi the adress is nt onthe data lnk, the correct router should respond via proxy ARP. The benefits of using this tactic merely to avoid redirects are debatable; redirects are decreased or eliminated, but at the expense of increased ARP trafic. Redirects are enabled by default in OS and might be disabled on a per interface basis with the commando ip redirects, Kc’Host-to-Host Layer ‘The hosto-host layer ofthe TCP/IP protocol is aptly named, Whereas the interme layer is responsible for ica paths between networks, the hostto-host layer is responsible forthe ful logical path between two hosts on disparate networkst“2t From another viewpoint, the hos-o-host layers an interface tothe ower layers ofthe protocol sue, reeing applications trom any concer about how their data is actually being delivered. {81 similarly, it can be said that the equivalent functions of the OSI session layer, residing above the transport layer, provide logical, end-to-end path between two applications across a network ‘An analogy to this service is a corporate malroom. A package might be given to the mairoom with requirements stated for its delivery (general devery, ovemight). The person making the delivery request does not need to know, and is probably no interested in, the actual ‘mechanics of delivering the package. The mairoom people will arrange for the proper service (postal, FedEx, cross-town bicycle courier) to fufllthe delivery requirements. ‘The two primary services offered by the host-o-host layer are TCP and UDP. TCP ‘The Transmission Control Protocol, or TOP, described in RFC 793, provides applications with a reliable, connection-oriented service. In other words, TCP provides the appearance of a point-to-point connection Point-o-point connections have two characteristics: '® They have only one path tothe destination. A packet entering one end ofthe connection cannot become lst, because the only place to gos the other end. (© Packets ave in the same order in which they are sent TOP provides the appearance of a point-to-point connection, although in really there is no such connection. The internet layer TOP uses a connectioniess, best-etfort packet delvery service. The analogy of this is the Postal Service. Ia stack of eters is given to the mail carrier for delivery, there is no guarantee that the letters will arve stacked inthe same order, that they wil all arive on the same day, or indeed that they wil ave tall The Postal Service merely commits to making its best effort to dever the letters. Likewise, the intemet layer does not guarantee that all packets wil take the same route, and therefore there is no guarantee that they wl ative in the same sequence and time intervals as they were sent, or hat they wl rive at al On the other hand, a telephone calls connection-arented service. Data must arrive sequential and reliably, orit is useless. Like @ telephone call, [CP must ist establish a connection, then transfer data, and then perform a disconnect when the data transfer is complete, ‘TOP uses three fundamental mechanisms to accomplish @ connection-riented service ontop of a connectionless service: (© Packets are labeled with sequence numbers so that the receiving TCP service can put outof-sequence packets into the corect sequence before delivering them tothe destination application, © TCP uses a system of acknowledgments, checksums, and timers to provde reliably. A receiver might notiy a sender when it recognizes that a packet in 2 sequence has fale to arve or has ertors, ora sender might assume that a packet has notave it the receiver does not send an acknowledgment within a certain amount of time after transmission. In both cases, the sender wil resend the packet in question ‘© TCP uses a mechanism called windowing io regulate the flow of packets; windowing decreases the chances of packets being ‘dropped because of fll buffers in the receiver. TOP attaches a header to the application layer data; the header contains fields forthe sequence numbers and other information necessary for these mechanisms, and fields for adresses called port numbers, which identity the source and dest ations ofthe data, The application data :d TCP header is then encapsulated within an IP packet for delivery. fee 1-17]shows the felds of the TOP reader andExame -1fshows an anaijeor cape of TOP header Figure 1-17. TCP header format. < 32 Bits >| 8 | 8 8 | 8 Source Port Destination Port Sequence Number ‘Acknowledgment Number Reserved Flags HLEN | Te bits) (ebas) Window Size Checksum Urgent Pointer Options and Padding Example 1-14. Analyzer display of a TCP header. Ethemet Il, Sc: 00:00:41 3¢:2b-18, Ds: 00:90:65:20:09:26 Internet Protocol, Sc Addr: 66.218.71.112 (68.218.71.112), Dst Addr: 172.16.1.21 (172.16.121) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) Total Length: 52 Identification: Oxc0b7 (49335) Flags: 0x04 Fragment oftset:0 Time to live: 50 Protocol: TCP (0x06)Header checksum: 0x808d (correct) Source: 66.218.71.112 (66.218.71.112) Destination: 172.16.1.21 (172.16.1.21) Transmission Control Protocol, Sre Port: tp (80), st Port: 60190 (60190), Seq: 288, Ack: 811, Len: 0 ‘Source port itp (80) Destination port: 60190 (60190) ‘Sequence number: 288 ‘Acknowledgement number: €11 Header length: 32 bytes Flags: 0x0010 (ACK) Window size: 66608 (Checksum: Oxb32a (correct) Options: (12 bytes) Nop Nop ‘Time stamp: sval 587733966, tsecr 1425164062 SEQIACK analysis, This is an ACK tothe segment in frame: 17, ‘The ATT to ACK the segment was: 0.047504000 seconds Source and Destination Port are 16-bit fields that specify the source and destination applications forthe encapsulated data. Like other numbers used by TCPIP, RFC 1700 describes all port numbers in common and not-so-common use. A port number for an application, when coupled with the IP address ofthe host the application resides on is called a socket. A socket uniquely identies every application in a network. ‘Sequence Number s a 32-bit number that identifies where the encapsulated data fits within a data stream from the sender. For example, it the sequence number ofa segments 1343 and the segment contains 512 octets of data, the next segment should have a sequence numberof 1343 + 512+ 1 = 1856, ‘Acknowledgment Numberis a 32-i field that identities the sequence number the source next expects to receive from the destination. fa host receives an acknowledgment number that does not match the next sequence number it intends fo send (or has sen), it knows that packets have been lost ‘Header Length, sometimes caled Data Ose, isa four-bit fed indicating the length ofthe header in 92-bit words. This field is necessary to identity the beginning ofthe data because the length of the Options field is variable. ‘The Reservediield is four bits, which are always set to 2er0. Flags are eight 1-bit lags that are used for data flow and connection contol. The flags, rom lt to right, are Congestion Window Reduced (CWA), ECN-Echo (ECE), Urgent (URG), Acknowledgment (ACK), Push (PSH), Reset (RST), Synchronize (SYN), and Final FIN, Window Sizeis a 16-bit fied used fr flow control. It specifies the numberof octets, starting withthe octet indicated by the Acknowledgment Number, thal the sender ofthe segment will accept from is peer atthe ther end ofthe connection before the peer must stop transmiting and wat for an acknowedgment. Cchecksumis 16 bts, covering both the header and the encapsulated data, allowing errr detection. Urgent Pointris used only when the URG flag is set. The 16-bit number is added to the Sequence Number to incicate the end of the Urgent data. (Options a the name implies, species options required by the senders TCP process. The most commonly used option is Maximum ‘Segment Size, which informs the receive of the largest segment the sender is wing to accept. The remainder of the fields padded with zet0s to ensure thal the header length i a multiple of 32 octets UDPUser Datagram Protocol, or UDP, described in RFC 768, provides a connectionless, best-effort packet delivery service. At ist take it might seem questionable that any application would prefer an unreliable delivery over the connection-aiented TCP. The advantage of UDP, however, is that no time is spent setting up a connectonthe datas just sent. Applications that send short bursts of data wil realize a performance advantage by using UDP instead of TCP. Figure 1-1 snows another advantage of UDP: a much smaller header than TOP. The Source and Destination Por fields are the same as they are in the TCP header; tne UDP length indicates the length of the entre segment in octets. The ct but unike TCP, the checksum here is optional; when no checksum is used, the fields seo all zeros. capture of a UDP header. Figure 1-18. UDP header format. Ears the entire segment, shows an analyzer SOURCE PORT DESTINATION PORT UDP LENGTH CHECKSUM, Example 1-15. Analyzer display of a UDP header Ethemet Il, Sc: 00:30:85:2¢:08:26, Ds: 00:0e:410:20:18 Internet Protocol, Sc Addr: 172.16.1.21 (172.16.1.21), Dst Addr: 198.193.219,25 (198.193.219.25) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) Total Length: 40 Identification: xBadd (35405) Flags: 0x00 Fragment oftset:0 Time tive: 1 Protocol: UDP (0x11) Header checksum: 0x20 (correct) Source: 172.16.1.21 (172.16.1.21) Destination: 198.193.219.25 (198.193.219.25) User Datagram Protocal, Src Por: 35404 (35404), Dst Por: 33435 (83436) ‘Source port: 36404 (36404) Destination pot: 33495 (33435) Length: 20, (Checksum: 0x0000 (none) Data (12 bytes) (0000 01 01 00 00 40 fd ac 74.00 00 d2 45 OLEKc’ Looking Ahead “The focus o this chapter has largely been on the mechanisms by which a device's itemet layer (or OSI network layer) identities itself and how it maps tothe network interface (or OSI data ink) layer. ntemet layer protocols such as ARP and ICMP, that are important to routing, were also examined. The folowing chapter examines a newer version of IP, IP version 6, how it fers from IPv4, and why a ‘ew version of IP is needed Kc’Summary Tabl Chapter 1 Command Review ‘Command Description Pip-address hardware-address type (alias) Staticaly maps an IP address to a hardware address arp timeout seconds Sets the amount of ime a Cisco router holds ARP entries clear arp-cache Forces the deletion of all dynamic enries from the ARP table debug ip icmp Displays IOMP events as they occur on the router ipaddress jp-adcress mask ‘Assigns an IP address and mask to an interface [secondary] Ip gratultous-arp Enables gratuitous ARP Ipnetmask-format {bit-countidecimallhexadecimal) Configures a router to display IP (address, mask) pairs in itcaunt, dotted-ecimal, or hexadecimal format Ip proxy-arp Enables proxy ARP Ipredirects, Enables ICMP redirectsKc’ Recommended Reading Baker, Fed. Requitements for IP Version 4 Routers," RFC 1812, June 1995. This paper documents both requitements and recommendations for routers that wil un IP. Braden, R., ed. “Requirements for Intemet HostsCommunication Layers," RFC 1122, October 1989. The host-centrc companion paper to RFC 1812, Comer, D. E. Internetworking with TCP/IP, Vol. 1. Englewood Citi, New Jersey: Prentice-Hall 1991. This book, tke Periman's is @ classic. Although you don’ need to read both Comer and Stevens, doing so certainly couldn't hurt. Stevens, W.R. TOPIP ilustrated, Vol. 1. Reading, Massachusetts: Addison-Wesley: 1994. This is an excellent book on TCPIIP. Along with an in-depth introduction to the protocols, Stevens offers a wealth of captures from alive network that is diagramed inside te front Kc’Review Questions B BH GF# Ob Ba sai a aoeaoes & What are the five layers ofthe TCPIP protocol suite? Whats the purpose ofeach layer? ‘Whats the most common IP version present in use? ‘Whats ragmentaton? What fields of the IP header are used for fragmentation? ‘Whats the purpose ofthe TTL tld in the IP header? How does the TTL process work? ‘Whats the rst octet rule? How are Cass A,B, and CIP addresses recognized in dotted decimal? How are they recognized in binary? ‘Whats an address mask, and how does it work? ‘Whats a subnet? Why are subnets used in IP environments? ‘Why canta subnet of ll zeros a all nes be used in acassfl routing environment? Whats ARP? ‘What is proxy ARP? Whatis a redirect? ‘Whats the essential diference between TOP and UDP? ‘What mechanisms does TCP use to provide connection rented service? Instead of ARP, Novell NetWare uses @ network address tha includes a device's MAC address as the host Porton. Why can’ IP do this? |What purpose does UDP serve by providing a connectionless service on top of wiatis already a ‘connectonless service?in Exercises “The firs octet rule says that the highest Ciass C address is 223, but i is known that freight bts the highest {decimal number is 255. There are two more classes: Class D adresses are for multicast, and Class E addresses are for experimental usage. Class D addresses have, as their fist four bits, 1110. What is the decimal range ofthe first octet of Class D addresses? Select a subnet mask for 10.0.0.0 so that there willbe at least 16,000 subnets witha least 700 host addresses available on each subnet. Selecta subnet mask for 172.27.0.0 so that there are at least 500 subnets with at least 100 host addresses available on each subnet. How many subnets are available i Class C adress has six bits of subneting? Haw many host adgresses ate available per subnet” Is there a practical use for such a subneting scheme? Use a 28-bit mask to derive the available subnets of 192.168.147.0, Derive the available host addresses of each subnet Use a 29-bit mask to derive the available subnets of 192.168.147.0, Derive the availabe host addresses of each subnet, Use a 20-bit mask to derive the available subnets of 172.16..0, Write the range (thats, the numerically lowest tothe numerically highest address) of avalable host addresses for each subnet.Kc’ Troubleshooting Exercises Forte towing not adresses and subnet masks, tind what subnet each adress belongs to, the broadcast adress of hat subnet, andthe range of host aesses fr thal subnet 10.14.87.60/19 172.25.0285127 172.25.16.87125 A Younave bent ona 12216818178 on anitrac wha mask 255255 288.240 Is tere a pertincersii KoyChapter 2. IPv6 Overview ‘This chapter covers the folowing subjects: © Dsacass vs Packet Header Formal Exenson eased) loved [gto Darovey Prooal When the networks that eventually evolved into what we now call the Intemet were first launched, they were the exclusive realm of academics and researchers. And when Vint Cer and Bob Kahn invented TCP/IP for these networks, no one envisioned the Internet as it row is. At the time a 32-bit address space, yielding almost 4. billion addresses, seemed inexhaustible, BButas the kids who worked with these networks in college went out into the “real worl,” they took with them an appreciation ofthe possiblties for what could be dane with @ peer-to-peer network bul on open standards. Inreasingly useful network applications began cropping up, and recognition ofthe value of corporate connections to a public network began the push for a commercial Internet. At the ‘same ime that all this was happening, desktop computers were becoming common not only in the office but, most significantly, inthe home. Yet modems were not a common accessory on those early home computers because few home users saw the value of being connected to a public network That changed withthe advent of the World Wide Web. Suddenly, easy acquistion and sharing of information exponential increased the value of desktop computers as a too for nontechnical users. As a result, in less than 20 years the Intemet has changed the way We communicate, do business, and leam. It has made the world a much smaller place, and has had profound impact on world economics and polis. Bu this explosion inthe size and diversity ofthe “internet population” has introduced, along with dally nuisances such as spam and viruses, a serious technical concer: The once inexhaustible supply of IPv4 adresses has become distinely finite ‘The problem of IPv4 address exhaustion was recognized inthe early 1990s, when various experts made projections showing that ifthe increasing rate ofthe allotment of IPv4 addresses continued, the entire address space could be depleted in just afew short years. A new version of IPknown inthe development stage as IP Next Generation ar IPng, and which is now IPvBwas the proposed solution, Butit was recognized that developing the new standards would take time, and that a shorterm solution to IPv4 address depletion also was needed, That short-term solution was Network Adress Translation (NAT), which allows mutiple hosts to share one or a few public IP addresses. Behind the NAT device, private IP addresses as specified in RFC 1918, and which you see in most examples in tis book, are used, NAT. has been so successful in slowing IPv4 address depletion, and has become such a standard pat of mast networks, that to tis day many sil question the need for a new version of IP. But the widespread use of NAT has changed the open, transparent, peer-to-peer Internet info something much more ike a huge collection of clent-server networks. Users are seen as being connected ‘around the “edge” ofthe ntemet, and services flow out to them. Seldom do users contribute tothe overall wealth of he Internet. Seen trom a more economic perspective Intemet users have become consumers only, not produces. Although most ofthe IPv6 standards were completed years ago, itis ony recently that serious interest in migrating from IPv to IPv6 has been shown. There are two fundamental drivers behind the growing recognition ofthe need fr IPv6. The fist is widespread vision of ‘new applications using core concepts such as mobile IP, service quality guarantees, end-to-end secur, gtd computing, and peer-to-peer networking. NAT stiles ovation in these areas, and the only way to get NAT out of the way i to make public IP addresses abundant and readily available, ‘The second fundamental diver for IPv6 isthe rapid modernization of heavily populated countries such as India and China. A competingstatistic is that the numberof remaining unallocated IPv4 addresses is almost the same as the population of China: about 1.3 bilion, Wit its aggressive expansion ofits Internet infrastructure, China alone inthe near future will represent an unsupportable pressure on an alteady strained IPv4 address pol. In Incia, with a population size close to China's, 4- and Slayer NAT hierarchies exist just to support, the present demands for IP addresses. IPv6 replaces the 32-bit IPv4 address with a 128-bit address, making $40 trliontilfiontilion IP addresses avaiable. That number will meet te Sena public IP addresses, and answer the needs ofthe two fundamental divers discussed here, well into the foreseeable future "Given what was unforeseen when IPv4's 4.3 billion addresses were thought to be limitless forall practical purposes, the almost inconcelvably vast IPv6 address space will never be considered inexhaustible.IPv6 Addresses IPv6 addresses are different rom IPv4 adresses in far more ways than jus their length. The “shorthand” for writing them is diferent, they have significant diferent formats, and ther functional organization is diferent. This section introduces you to those diferences. Address Representation You certainly already know that 32-bit IPv4 addresses are represented by breaking them into four 8-bit segments and wing each of those ‘segments in decimal between 0 and 255, separating them with periods; hence the term dotted decimal 128-bit Pv6 addresses are represented by breaking them up into eight 16-bit segments. Each segment s writen in hexadecimal between 00000 and OxFFFF, separated by colons. An example ofa written IPvé address is ‘tfe:1944:0100:0002:0000:00be:2500:0400 Remembering more than a few such adresses is practically impossible, and wring them is not much fun either. Fortunately there are two rules for reducing the size of witen IPv6 addresses. The fst rule is The leading zeroes in any 16-bit segment do not have to be writen if any 16-bit segment has fewer than four hexadecimal digs, tis assumed thatthe missing digits are leading zeroes. Inthe example adcress, the third, fourth, ith, sith, and eighth segments have leading zeroes. Using the first address compression rule, the address can be writen as ‘tle:1944:100'2:0:b0-2500:d0 Notice that only leading zeroes can be omitted trailing zeroes cannot, because doing so would make the segment ambiguous. You would rot be able to tell whether the missing zeroes belonged bere or after the writen digits. Notice also that the fith segment in the example address i all zeroes, and is writen witha single zero. Many IPv6 addresses have long strings of zeroes in them, Take, for example, the folowing address: #f02:0000:0000:0000:0000:0000:0000:0008 This address can be reduced as folows: Mm2000:0005 However, using the second rule can reduce this address even further: Any single, contiguous sting of one or more 16-bit segments consisting of al zeroes can be represented witha double colon. Using this ule, the example address can be represented as the following 02:5 ‘The increased convenience in wring such an adress is obvious. But notice tha the rule says only a single contiguous sting ot all-zerosegments can be represented with @ double colon, Using the double colon mare than once in an IPv6 address can create ambiguity. Take, for example, the folowing address: :2001:0402:0000:0000:001 4:0000:0000:0085 Etther of the folowing reductions of the addres is correct because they use a double colon only once: 2001:302:14:0:0:95 2001:302:090:14:95 Bul the following reduction i legal because it uses the double colon twice: 200133021495 Its legal because the length of the two altzero strings is ambiguous; it could represent any ofthe following IPv6 addresses: :2001:0402:0000:0000:001 4:0000:0000:0085 :2001:0402:0000:0000:0000:001 4:0000:0085 2001:0402:0000:0014:0000:0000:0000:0085 Unlike Pv in which the prefithe network portion ofthe addesscan be identified by a dotted decimal or hexadecimal address mask or a bitcount,IPv6 prefixes are always identi by btcount. Thats, the address is flowed by a forward slash and a decimal number indicating how many ofthe ist bits ofthe address are the prefix bits. For example, the prefix ofthe folowing address isthe fist 64 bit: Stle:1944:100:a:be:2500:d0064 \When you are writing just an IPvS prefix, you seta the host bits to 0 the same way you do with IPvs addresses. For example Ste:1944:100:8:264 ‘An IPv6 address consisting ofall zeroes can be yitan simaly with a double colon. There are two cases where an al-zeroes address is Used. The frst s a default address, discussed in Dhapter 1 “Default Routes and On-Demand Routing,” in which the address is all zeroes and the prefix length is ze: 0 ‘The second allzeroes IPv6 address is an unspectied addres, which is used in some Neighbor Discovery Protocol procedures described later in this chapter. An unspecified address isa lr, indicating the absence of a real IPv6 address. When wring an unspecified address, its ciferentated trom a detault address by its prefix length: “128 IPv6 Address Types The three types of IPv6 address fallow: © Unicast © Anycast © MuticastUnlike Pv, there is no IPv6 broadcast address. There is, however, an “all nades” multicast address, which serves essentially the same purpose as a broadcast address. Global Unicast Addresses ‘A.nicast address is an address that identities a sing bal unicast address is a unicast address that is globally unique. ‘The genera format ofthe IPv6 unicast address is shown infigure 2-4 This fommat, specified in RFC 3587, obsoletes and simplifies an earlier format that vided the IPvé unicast address into Top Level Aggregator (TLA), Next-Level Aggregator (NLA), and other feds. However, you should be aware that this obsolescence is relatively recent and you ate Ikely to encounter some books and documents that show the old IPv6 address format, Figure 2-1. The IPv6 general unicast address format. Kk Network Portion >< Host Portion: > Global Routing Prefix ‘Subnet ID Interface ID The host portion ofthe address is called the Interface ID. The reason fortis name is that a host can have more than one IPv6 interface, {and so the adress more correctly identifies an interlace on a host than a host tel. But that subtlety only goes so far single interface cam have multiple IPv6 addresses, and can have an IPv4 address in adion in which case the Interface ID is only one ofthat intertace's several identifiers. Perhaps the most striking ference between IPv4 addresses and IPV6 addresses, aside from their lengths, isthe location ofthe Subnet Identifier as a part ofthe network porton of the address rather than the host portion. A legacy ofthe IPv4 address class architecture is that the subnet portion of an IPv4 address is taken from the host portion of the address. Asa result, the host portion ofthe IPv4 address varies rot only with its class, but also withthe number of bits you use for subnet identification. ‘The immediate benefit of making the IPVE Subnet ID fleld a part of the network portion ofthe address is tha the interface ID can be a consistent size fr al IPv6 addresses, simplying the parsing ofthe address. And making the Suonet ID apart ofthe network portion creates a clear separation of functions: The network portion provides the location of a device down to the specific data lnk and the host Portion provides the identity of the device on the data ink The Int the global IPv6 address is, with very few exceptions, 64 bits long. Also with very few exceptions, the Subnet ID field is TBbis Figue 24a Tobit Sibel Dfld provies 68,585 separa subnets seems that sg a ned Subnet D size sch as is wien in most cases the capacity will not be nearly fully used, is wasteful. But gen the overall size o the IPv6 address space, and given the benefits of easy address assignment, design, management, and parsing that comes from using afked size, the waste is juste. Figure 2-2. The standard field sizes of the global unicast IPv6 address. 128 Bits 48 Bits: >< 16 Bits >< 64 Bits(glopal Noung Frenx | ‘pupnet Iv | imerace 1 ‘he IANA ade Regn tenet gates ARS Easn Iv pees 25 lego Lc tee Repti (URS). The LIRs, which are usually large Intemet Service Providers, then allocate longer prefixes to their customers. In the majoiy of cases, the prefites assigned by the LIRs are /48. There ae, however, as mentioned in the previous paragraph, a few exceptions in which the LIR might assign a prefix ofa diferent length: "1 As of this writing there are five RIRs: Réseaux IP Européens (RIPE) serves Europe, the Middle East, and Central Asia: Latin American and Caribbean Internet Address Registry (LACNIC) serves Central and South America and the Caribbean; American Registry for Internet Numbers (ARIN) serves North America and parts ofthe Caribbean: AtriNIC serves Arica; and Asia Pactic Network Information Centre serves Asia and the Pacific Ocean nation. (© ‘Ir the customers very large, a prefix shorter than /48 might be assigned. ‘© ‘tone and only one subnets to be addressed, a /64 might be assigned. ‘© tone and only one device is to be addressed, a/128 might be assigned. Identifying IPv6 Address Types The frst few bts ofthe address specify the address type. For example, the first three bits of al lobal unicast addresses currently are 001 As a resll, recognizing the hexadecimal representations of global unicast addresses is fairly easy: They al start with either 2 or 3, depending onthe value of the fourth bitin the global routing prefix. So for instance, curren allocated prefixes used by the 6Bone (the public IPv6 research network) begin with Ste, and IPv6 addresses currently allocated by the RFs begin with 2001, Binary 001 is expected to sutice for global unicast addresses for some time to co ‘ther bit combinations are assigned to other defined addres types, and the majority of leading bit combinations are reserved. [fable 2-ists the current allocated leading bit combinations andthe following subsections describe the other major IPv6 adress types Table 2-1. High-order bits of IPV6 address types. ‘Address Type High-Order Bits (binary) High-Order Bits (Hex) Unspecitied| 00.0 128 Loopback 00.1 11128 Multicast anni F008 Link-Local Unicast stit11010 FFB0:/10 ‘Site-Local Unicast (Deprecated) stitio1s FFCO:/10 Global Unicast (Curent allocated) 01 Deer I4 or Ses Reserved (Future global unicast allocations) | Everything elseLocal Unicast Addresses When we tak of global unicast addresses, we mean an address with globatcope. Thats, an address thats globally unique and can therefore be routed globally with no modification, IPv6 also has a ink-localunicas address, which san address whose scope is confined toa single link. Its uniqueness i, cone lnk, and an identical adress might exist on another nk, so the address is na routale ofits ink. As you can see infable 2 frst 10 bso the ink-local unicast address are always 1111111010 (FF80:/10 [As subsequent sections in tis chapter demonstrat, link-local aderesses have great ullity for functions such as the Neighbor Discovery Protocol that communicates only ana single link. It also allows devices that are on links that do nat have assigned global prefixes, or Cevices that do not yet know the link, to create IPv6 addresses that alow them to communicate with other evioes on the lnk. The section shaws how link-local prefixes are used inthis situation, |Pv6 orginally defined a siteocal unicast address in adltion tothe link-local address. A site-ocal address is unique only within a given site; devices in other sites can use the same address. Therefore a stelocal address is routabe only within the site to which tis assigned. Site-local IPv6 addresses are, then, functionally similar to private IPv4 addresses as defined in RFC 1918, [Advocates of site-ocal addresses cite several applications. One prominent application is for network operators that wish to use NAT, even with IPv6 addresses, to maintain independence oftheir address architecture trom that oftheir service providers. Site-local addresses are also key to several proposed IPvé multhoming mechanisms. However, the IETF IPv6 Working Group determined that ste4ocal unicast addresses introduced a number of dficuties. Not the least of the dificutes isthe fact that the defniion ofa site” is vague and can mean diferent things to diferent network administrators. Another problem is concern over, ike RFC 1918 IPv4 addresses, the administrative diiculies intoduced when such addresses are mistakenly Teaked” outside of their intended site boundaries. Other potential problems cited include increased complexity for applications and routers that must recognize and cope wih st-local addresses. Asa result ofthese concerns, and after some heated debate the IPv Working Group deprecated site-ocal addresses in AFC 3879. An assurance has been given to those wo see advantages insite-ocal addresses to introduce another scheme with similar "bigger scope than ink but smaller scope than global’ benefits, but as ofthis writing such a replacement scheme has yet to be seen, The frst 10 bts of steocal unicast addresses, as shown in [fable 2-1] is 1111111011 (FFCO:/10), Anycast Addresses An mas ip cap avec aber hana deo, alte mes ca reid an one mre ves oy te sare sec InEgu 2d some serve oferty ee snes, allatversng he sone eh ve aden e051 100:157he router, receiving advertisements forthe address, does not know that tis being advertised by devices; instead, the router ‘assumes that it has thee rautes tothe same destination and chooses the owest-cost route. In this is the route to server C with a cost of 20 Figure 2-3. An anycast address represents a service that might appear on multiple devices. Server A ‘ife:205:1100::15 Cost to A= 25 20 Is the Lowest Cost to Sffe:205:1100::15, ‘so I'l Use that Path:Destination 3te:205:1100::15 Server B SHfe:205:1100::15 Server C ‘fe:208:1100::15 Cost to C = 20 Tahara of ayes atest isa oe anys oes the "Soe or "omesoe seve Toa savers pov some Cormoriy use soe can be spend aves alae network and af cnbe zal or somed's the rere cae, patemsinheneworknore dice, rif oe saver branes unaial,eoerve the e eares soe frotanpl sow ecomes aati asta helo sora, eu oss phaser hase rowenta Fem eros viewport, is it chonon te eters Ne sane desi ‘SI The methods by which a router chooses among multiple routes to the same destination is covered | “Dynamic Routing Protocals. ‘Anyeast addresses are defined by their service function only, not by formal, and theoretically might be any IPvS unicast address of any scope. However, there is a format for reserved anycast addresses, defined in RFC 2526, Anycast adresses have been used for some time in IPv4 networks, but ae formalized in their defniton in IPv6, Multicast Addresses ‘A multicast address identities not one device but a set of devicesa mulcast group. A packet being sent to a multicast group is originated bya single device; therefore a multicast packet normally has a unicast address as is source address and a multicast address as is destination address. A multicast address never appears ina packet as a source address. “The members ofa multicast group might include only a single device, or even all devices in a network. Infact, IPv6 does not have a reserved broadcast address lke IPv4, butt does have a reserved all-nodes multicast group, which is essentially the same thing: a ‘multicast group to which al receiving devices belong “Muticasing is essential tothe basic operation of IPv6, particularly some ofits plug-and-play features such as router discovery and address autoconfiguration, These functions are a part ofthe Neighbor Discavery Protocol, discussed later inthis chanter. “The formato the IPv6 multicast adcess is shown in igure 2-4 The firs eight bits ofthe aderess are always all ones, and the next four bits are designated as lags. Curent the frst tree of these bis are unused and always set to 0. The fourth bitindicates whether the address isa permanent, or an administratively assigned tansiont adress (1). The net four bts incicate the scope cite adn ea sho waa isomer ered wet conn Pe rn! arn at wa ecco scope. Because a multicast group is always a set of ndvidual nodes, there is no needor sensefr having a subnet fd inthe muticast address. So the last 112 bits are used asthe Group-1D, ientyng individual mutcat groups. Curent usage sets the fist 80 bis to O and just uses the lst 22 bts.Figure 2-4. The IPv6 multicast address format. }<—— 8 Bits ——>l«- 4 Bits >< 4 Bits >< 112 Bits ——————>} Multicast Pretix (OxFF) Flags | Scope Group ID Table 2-2. Multicast address scopes. Scope Field Value Scope ox0 Reserved on Node-Local oe Link-Local xs SteLoca ors Organization Local one Global oF Reserved Table 2-3. Examples of well-known IPv6 multicast addresses. Address Multicast Group FFO2 AlINodes FF02:2 All Routers F025 (OSPF8 Routers F028 (OSPF8 Designated Routers F029 Png Routers FFOR-A EIGAP Routers FF02:B Mobile Agents FFO2=0 DHCP ServersRelay Agents FFO2:D Al PIM outersEmbedded IPv4 Addresses ‘There are several transition technologiesmeans of helping to transition a network fram IPv4 to IPv6 or otherwise help IPv4 and IPv6 to coexisthat require an IPv4 address to be communicated within an \Pv6 address, The individual technology specifies how the IPvs address is to be embedded inthe IPv6 address, and the implementation ofthe technology knows where among the 128 bits ofthe IPV6 address to find the 92 bits ofthe IPv4 address. But you wil also find that many ofthese technologies have unique formats for their address representations that allow you to identily the embedded IPvd address. Examples of IPv6 addresses with an embedded IPv4 address of 10.23.1.5 are FFE80:SETE:10.23.1.5 (An ISATAP address) -FFFF210.28.1.5 and :FFFF0:10.23.1.5 (SIT addresses) FECO.0.0:1:10.23.1.5 (TRT address) Ineach of these examples, the IPv4 adress isthe last 32 bis ofthe IPv6 address ands represented in dotted decimal (Other transition technologies using embedded IPv4 addresses do not use dotted decimal but encode the IPv4 address ino hexadecimal 6104, for example, does this. 10.28.15 in hexadecimal is 0A17:0105. A 6lo4 prefix with 10.23.1.5 embedded is then 2002:0817:0108:148 Transition technologies are not covered inthis volume, and so you are not likely to see one ofthese address representations again in this book. They ate shown here only because you ae ikely to encounter addresses like these if you work with IPV6 fiesIPv6 Packet Header Format The format of the IPv8 packet header is shay ‘There are some distinct similares and some diferencessome distinct, some ubtenth he Pvt pace! hear shown in gute dat he proviuschater Figure 2-5. The IPV6 packet header. \e 32 Bits >| 8 | 8 8 8 lVersion= 6 Traffic Class Flow Label Payload Length Next Header Hop Limit ed Source Address - [- Destination Address = Versionis, as with the IPv4 header, a four-bit fed indicating the IP version. Here, ofcourse itis set to binary 0110 to indicate version 6. Tate Classis an eight-bit field that corresponds to the eight-bit IPv4 ToS field. But given the evolution of the ToS fleld over the years, both are now used for Dtferentiated Class of Service (DifSer). So even though there is a correspondence of this field wit the old ToS: field its name mote accurately reflects the curent usage ofthe values carted here. Flow Labelis afield unique to IPv6. The intention ofthis 20-bit fields to allow labeling of particular lows of trafic; thats, packets that are ‘ot just originated by the same source and going to the same destination but that belong tothe same applications atthe source and estination. There are several advantages to diflrentiating flows, rom providing a fine-grained diferentiated class-f-servce treatment to ensuring, when balancing ratfic loads across multiple paths, that packets belonging to the same flow are aways forwarded over the same path to prevent possible reordering of packes. Flows (or mare accurately, microfows) typically are dented by a combination of source ‘and destination address plus source and destination port. But to identity the source and destination port, arouter must look beyond the IP header and into the TCP or UDP (or other transport-ayer protacal header, adding tothe complexity of the forwarding process and possibly affecting router performance. Finding the transpor layer header in an IPvS packet can be especially problematic because of extension headers, described inthe next section. An IPv6 router must step through possibly many extension headers to find the transpor-layer header. By marking the Flow Labe eld appropriately when the packet is originated, routers can identity a flow by looking no further than the packet header. As of this wing, however, the complete spectication of how to use the flow abel field is sil being debated, and routerscurrently ignore the fed. It nevertheless holds promise of allowing IPV6 to provide better ually of Service (QoS) features than IPv for applications such as Voice over IP (VoIP), Payload Length spectes the length ofthe payload, in byes, thatthe packet is encapsulating. Recall rofBhapier 1] "TCPIP Review that IPvd headers, because of the Options and Padding fields, can vary in length. Therelore, to find the payload lengthin an IPv4 packet, the value ofthe Header Length field must be subtracted from the Tota Length eld. The IPv6 packet header, onthe other hand, is always, 2 fxed length of 40 bytes, and so the single Payload Length field is enough to find the beginning and end of the payload. Notice also that whereas the IPvs Total Length field is 16 bits, the IPv6 Payload Length il is 20 bits, The implication here is that because a much longer payload (1,048,575 bytes, versus 65,835 in IPv4) can be specified in ths field, the IPvS packet iseltis theoretically capable of carrying fa larger payload. [Next Header speciies which header follows the IPv packet header. Inti, itis very similar tothe Protocol field in the IPv4 header and, in fact, is used forthe same purpose when the next header is an upper-layer protocol header. Like that IPv4 field, this fed is also eight bts. But in Pv6, the header folowing the packet header might nat be an upper-layerprotacol header, but an extension header (again, described in the next section). So the Next Header field is named to reflect this wider range of responsibly. ‘Hop Limit corresponds exactly bath in length (eight bits) and function, othe IPv4 Time to Live (TTL) field. As you read iBhapterj the ctiginal intention ofthe TTL field was that it would be decremented by the number of seconds a packet is queued in a router during forwarding, but tha this function was never implemented, Instead, routers decrement the TTL by one no matter how long the packet is ‘queued (and in modern networks itis highly unusual fora packet to be queued anywhere near as long as one second). Therefore the TTL has always been a measure ofthe maximum router hops a packet can take on its way 1 a destination Ifthe TTL decrements to 0, the packet is discarded. Hop Limits used for exact the same, buts named more appropriately for his function ‘Source and Destination Adress correspond tothe IPv4 Source and Destination fields, except of course these fields are 128 bits each to ‘accommadate IPv6 addresses, Noticeably missing rom the IPv6 header is a Checksum field Ike that ofthe [Pv4 header. Given the overall increase in reliability of modem transport mediawireless perhaps being a notable exceptonalong withthe fact that upper-layer protocols usually cary their wn errr-checking and recovery mechanisms, checksumming ofthe PvE header itself adds litle value, and is therefore eliminatedExten: n Headers Comparing te Pv header niga wih he Pv neaderinfigus Tl you can seta though he Source and Destin Aateas hes reach turner etong in he ve header ne ve nae sls a hat much ager an an Pv eager 0 es for vs vers ernmum ol 2)hesr Pv ener ef mate of Ped Opis ltaugh nua be Pe Rede can scaly be ger han eS ent Also notice that in adeition tothe Options field, other fields that are not always used, such as those associated with fragmentation, are eliminated from the IPv6 header. So given is fixed length an exclusion o ll elds that do not cary information necessary forthe forwarding of every packet, the IPv6 header is bath compact and efficient. ‘But what if you do want to use one ofthese optional IP features, such as fragmentation or saurce routing or authentication? When an optional function is used in IPv6, an extension header appropiate fr the function is added after the packet header. I, for example, source routing, fragmentation, and authentication opt. 3 used, thtee extension headers formatted to carry the information needed for act of hse tunctons ae ade as shown input 2-4 Because of thse headers eon) fade o IPS pacts ino ways (© The packet carries only the information requied by that individual packet. No unused felds are carted. © New optional functions can be added to the IPv packet by defining new extension headers. Figure 2-6. Extension headers allow IPV6 packets to carry all the information required for that packet, but only the information required for that packet. View fullsize image} — Routing | Fragmentation | Authentication! Upper-Layer Header | Extension | Extension | Extension Protocol Data Header Header Header Header Each extension header, ike the IPv6 header, has a Next Header field. So each head hr header follows it [rable 2-4 shows the curently dened exterion header avd the next header values. So, lr exane. Fig 2] te Next Heder vauein re PS header indicates thatthe next header is a Routing extension header (43), that header's Next Header field incicates that the next header is 2 Fragmentation extension header (44), and so on. The last extension header, AH, indicates that the next header isa TCP header (Protocol Number 6)Table 2-4. Next Header values. Header Next Header Value Hop-By-Hop Options ° Routing 43 Fragment 4 encapsulating Secutty Payload (ESP) 50 ‘Authentication Header (AH) 31 Destination Options 60 TOPIP Protocols Protocol number value defined for that protocol (such as TOP = 6, No Next Header . The Next Header field in the IPv6 header and each extension header specifies which header follows it. View ful size image! pve Routing | Fragment AH Header | Extension | Extension | Extension Header Header Header TCP Data Header Noxt Next Next Next Header = 43 Header=51 | Header =6 ‘The format of each ofthe extension headers is described in RFC 1883. But brity, the function of each extension header is as follows: (© Hop-By-Hop Optionscartes information that must be examined by every node along the forwarding path, such as Router Alert and Jumbo Payload options. "© Routingprovides source routing functionality by listing nodes thatthe packet must pass through on the way to its destination © Fragmentis used when a packet is fragmented, to provide the information necessary forthe receiving node to reassemble the Packet. A significant cltference between IPv and IPv6 is that only originating nodes can fragment packets; IPV8 routers do not fragment the packets. So originating nodes must either use Path MTU Discovery (PMD) to find the lowest MTU along a path to the destination, or never produce packets larger than 1280 bytes. PMD is described inthe next section, IPV6 specifies that all links on wich itruns must be able to support packet sizes ofa least 1280 bytes so that originators can use the minimumsize option rather than PMD if they so choose. © Encapsulating Security Payload (ESP) is used wien the payload is encrypted, (© Authentication Header (AH) is used when the packet must be authenticated between the source and destination. © Destination Options cartes information to be examined only by the destination node or possibly by nodes listed in the Routing header.RFC 1889 also species the order in which extension header, i they are used, should appear. The only hard-and-fas ule here is that it the Hop-By-Hop Options header is used, it must directly follow the IPvé header so that it can be easily found bythe transit nodes that must ‘examine it, The recommended extension header order is as flows: IPvé Header 2. Hop-By-Hop Options 3. Destination Options (oni intermediate routers specied inthe Routing header must examine this header) 4 Routing 5. Fragment 6 Authentication Encapsulating Security Payload {8 Destination Options (i only the final destination must examine this header) 9. Upper-Layer Header KIICMPv6 |PV6 requires a control protocol for exchanging and processing error and informational messages, just as IPv4 does. And ike IPv4,ituses ICMP to do this. But the ICMP used by IPv6 is not the same ICMP as used by IPvs, though ICMP for IPv4 has @ Protocol Numer of 1, ICMP for IPv6 has a Next Header value of 58, ICMPvé is specified in RFC 2463. Many ofthe functions defined in this RFC are the same ones defined for ICMP for IPv4; bu there are ‘many ICMP messages, such as Source Quench and Timestamp, that have no equivalent in ICMPv6 Comparing the ICMPv6 header shown infigure 2-dto the ICMP header shown in Figure 1.28, you can see that they are identical. And ike ICMP, ICMPv6 uses a gombinatio of type and code values to identi genera ypes and then subtypes under them. The values defined in RFC 1886 are listed in fable 2 Figure 2-8. The ICMPVé header format. {* 32 Bits > 8 8 8 l 8 Type Code Checksum Variable Fields, Depending on ICMPVv6 TypeTable 2-5. ICMPv6 Message Type and Code fields. Type Code Message 1 DESTINATION UNREACHABLE ° No route to destination 1 ‘Communication with destination administratively prohibited 2 Not a neighbor 3 ‘Address unreachable 4 Port unreachable 2 ° PACKET TOO BIG 3 TIME EXCEEDED ° Hop limit exceeded in transit 1 Fragment reassembly time exceeded 4 PARAMETER PROBLEM ° Erroneous header fied encountered 1 Unrecognized Next Header type encountered 2 Unrecognized IPv6 option encountered 128 ° ECHO REQUEST 129 ° ECHO REPLY 130 ° (GROUP MEMBERSHIP QUERY 131 0 (GROUP MEMBERSHIP REPORT 132 ° (GROUP MEMBERSHIP REDUCTION In adition tothe basic errr and informational functions of ICMP, there are mechanisms that use the ICMPv6 messages. For example, the Path MTU Discovery mechanism mentioned in the previous section sends packets of increasing size toa destination. When the smallest NTU of the inks on the path to the destination is exceeded by a given packet size, the packet is dropped and a Packet Too Big ‘message is sent to the source address; the source then knows the smallest MTU on the path. And, as with IPv4, Echo and Echo Reply messages are used by the Ping function. But in addition to basic error and information messages, there is a separate set of ICMPv6 messages defined that are used by an essential IPV6 protocol: the Neighbor Discovery Protocol, described in the next section.Neighbor Discovery Protocol The most distinc characteristics of IP after its increased address space ar its plug-and-play features. Neighbor Discovery Protocol (NDP) is the enabler ofthese plug-and-play features, using the folowing functions: (© Router Discovery A node can ciscover, when itis connected to an PV6 lnk, the local routers without the aid of Dynamic Host Configuration Protocol (DHCP). (© Prefix Discovery A node can discover, when itis connected to an IPV6 link, the prefix or prefixes assigned to that lnk © Parameter Discovery A nade can discover parameters such as the ink MTU and hop limits forts connected ink. (© Address Autocontiguration A node can determine its full address, again without the ald of DHCP. © Address Resolution A node can discover the inklayer addresses of other nodes onthe link without the use of Address Resolution Protocol (ARP), (© Next-Hop Determination A node on a ink can determine the ink-layer next hop for a destination, either as a local destination ora router tothe destination, © Neighbor Unreachabilty Detection nade can determine when a neighbor on alink, ether another hes ora router, is no longer reachable. © Duplicate Address Detection A nade can determine i an address it wants to use is already being used by another node on the lnk © Redirect A router can not a host ofa better next-hop than itself to an of-ink destination. The redirect function is a part of basic ICMP functionality in IPv4, buts redefined as part of NDP in IPv6. [NOP messages should always be link-local in scope, and therefore the packets encapsulating them always use either link-local IPvé addresses or multicast addresses with a inkJocal scope. To add a futher layer of secutty, the Hop Limit ofthe IPv6 packet caryng all NOP messages is 255. I one ofthese packels is received with a Hop Limit less than that value, it means the packet has passed through at least one router, andthe packet s dropped. This prevents NDP from being attacked or spoofed trom a source not attached tothe local ink. NDP Messages [NDP is defined in RFC 2461. It uses ICMPV6 to exchange the messages necessary fr is functions; specifically, ve new ICMPv6 messages are specified in RFC 2461 © Router Advertisement (2A) messages are originated by routers to advertise their presence and ink-specfc parameters such as link prefixes, lnk NTU, and hop limits. These messages are sent periodically, and also in response to Router Solicitation messages. "© Router Solicitation (RS) messages are originated by hosts to request that a router send an RA. ‘© Neighbor Solicitation (NS) messages are originated by nodes to request another node's ik layer address and also for functions such as duplicate address detection and neighbor unreachabiliy detection, © Neighbor Advertisement (NA) messages are sent in response to NS messages. I anode changes is lnk-layer address, it ‘can send an unsolicited NA to advertise the new address.© Redirect messages are used the same way that redirects are used in ICMP for IPv4; they have merely been moved from being apart of the base ICMPv6 protocol to being apart of NDP. Figure 2chows the torat of the Router Advertsement message. Its IOMPv6 type 198 andthe codes 0. The source address ofthe |PV6 packet encapsulating the RA is always the IPV6 inkocal adress of the intertace from which the packet originates. The destination address is ether the al-nodes multicast address (FFO2:*1) if the RAs a periodic transmit, or the inkocal address ofthe solicting node it the RA is sent in response to a Router Solicitation. Figure 2-9. The Router Advertisement message format. le 32 Bits "| 8 8 8 | 8 Type Code Checksum Hop Limit MJO| Reserved Router Lifetime Reachabie Time Retransmit Timer Options Hop Limit incicates the value ofthe Hop Limit field that nodes attached othe ink should give to any packets they originate on th link. I no Hop Limits speced by this router, the felis set to al zeroes. Mis the Managed Address Configuration fag. Ithis bits set, the originating routers teling hosts onthe ink to use stateful adress autoconfiguaton via DHCPv6. I the flag is cleared, hosts on th lnk should use stateless address autoconfiguation. Address ‘autocontguratonis described later in this chapter. (iis the Other Statetul Configuration flag. When se, the originating router is teling hosts on the link to use DHCPv6 for the acquisition of other ink information, The M and © flags can be used together. For example, by clearing the M flag but seting the O fag, the router is teling hosts to use stateless address autoconiguraton but then consul a DHCPV server for other configuration parameters. Router Lifetime is set toa value other than 0 onli the originating route is default outer. In that case, tis fed spectis the lifetime of the defauit router in seconds, up to a maximum value of 18.2 hours. Reachable Time is used by the Neighbor Unreachabiity Detection function of NDP. It spectes the time, in milliseconds, that a node should assume a neighbor is reachable after the node has confimed reachability ofthe neighbor. Retransmit Timer is used by the Address Resolution and Neighbor Unreachabilly Detection functions of NDP. It specifies the minimum time, in milliseconds, between retransmitted Neighbor Solicitation messages. Possible options that can be carried inthe Options fed ofthe RA include the following:(© The lnk-layer address ofthe interface trom which the RA is originated. (© ANMTU spectcation forthe ink ‘© one or more prefixes assigned to the link. This information is essential to stateless adress autocontiguration, eling hosts on the link what te lnk prefixes ae. snows the format of the Router Solicitation message. is ICMPV6 type is 183 and the code is 0. The source address of the IPV6 packet encapsulating the RS is either the IPv6 address assigned tothe originating interface o,itno address has been assigned (as, would be the case ithe originating hosts beginning adress autoconfiguration), an unspecified address of: (all zeroes). The destination address isthe allouters multicast address (FFO2:2). Figure 2-10. The Router Sol itation message format. i 32 Bits > 8 8 8 | 8 Type Code Checksum Reserved Options ‘The Options field can contain te ikclayer address of the originating interace, iit is known. However, the source lnk-layer address must rot be included the source address of the encapsulation packet is unspecified, such as when the originator is soliciting a router during address autocontiguration Figure 217] snows the format ofthe Neighbor Salctaion message. ls CMPV6 ype is 195 andthe code is 0. The source address ofthe IPv6 packet encapsulating the NS is either the IPV8 address assigned tothe originating interface or, ithe NS is sent for Duplicate Address Detection, the unspecified address of: (ll zeroes). The destination address is ether a solited-node multicast address corresponding to the target address, or the target address. Figure 2-11. The Neighbor Solicitation message format. Is 32 Bits >| Type Code ChecksumReserved - Target Address 4 Options Target Address's the IPV6 address of the target ofthe soctation. The target address is never a multicast address. ‘The Options field of the NS can contain the link-layer adress ofthe originating interface Faison te mal he Neighbor Adersement messages CMPVE ype 198 andthe codes The source aes of TelPV pace! ercaalaing he Ns avays te Pv ates assed (or aucortutdahe orgiaing eae The desinton suers uofter he sue ates cle paca conaing te NST wich he NA‘ at eapoan e-em aan (F021 Figure 2-12. The Neighbor Advertisement message format. ie 32 Bits > 8 8 8 | 8 Type Code Checksum R|s|o Reserved — Target Address 4 Options Ris the Router fag. When set, itindicates thatthe originators a router. This bits used during Neighbor Reachabilty Detection to detect ‘router that has changed toa hostSis the Soliitedlag. This bitis set when the NA is sent in response to an NS. iis the Overrice tag. When set, indicates thatthe information inthe NA should overide any existing neighbor cache entry and update the cached link-layer address. When the O itis cleared the NA will not override an existing neighbor cache entry. ‘Target Address is, when the NAis sent in response to a NS, the address in the Target Address fled ofthe NS. If the NA is unsolicited (thats, sent to advertise a change ofthe originator’ link-layer address), the Target Address is the originato's address. ‘The Options field ofthe NA can contain the target lnk-layeraddressthat is, the n-layer adress ofthe NA's originator. shows the format ofthe Redirect message. Its ICMP type is 17 andthe code is 0. The source adress ofthe IPV6 packet ‘encapsulating the Redirect is always the link-local IPvS address of the interface from which the message is originated. The destination address is always the source address ofthe packet that triggered the redirect. Figure 2-13. The Redirect message format. i 32 Bits: >| 8 8 8 | 8 Type Code Checksum Reserved — Target Address — t Destination Address + Options ‘Target Address is the address of the better ist-hopusually the inkiocal address of another router on the ink, Destination Address isthe IPv6 address of the destination tat is redirected tothe target address “The Options fied of the Redirect message can contain the inklayer address of the target, and as much of the header ofthe packet that triggered the recirect, without making the redirect packet exceed 1280 bytes. The Options field of all ofthese five mest it contains any information, consists of ane or more TypelLength/Value (TLV) triplets. Each TLV consists, as shown in Figure 2-14 of an 8-bit Type field specifying the typeof information carted in the value fel, an -bit Length field specitying the length in units of 8 octets ofthe value field, and the variable length Vale fedFigure 2-14. The format of the TLVs used in the Options fields of the NDP messages. k——— 8 Bits ——>| Type Length Value [Fatie 2] snows the possible values and their associated ype numbers. Te format of he individual value fields snot provided inthis chapter consult RFC 2461 forthe details on the value fel. Table 2-6. Value Type Value ields and their types. 1 Source Link-Layer Address 2 Target Link-Layer Address 3 Prefix Intrmation 4 Redirected Header 5 qu Router Discovery ‘router makes its presence known, along with any parameters ithas been configured to advertise, by periodically sending RAs onits attached links. Presumably the links on which the RA do te most good are broadcast inks such as Ethene, where hosts can receive the RAs and thus leam necessary information about the ink RFC 2461 specites that the period between transmissions of RAs should be between 4 and 1800 seconds, witha default of 600 seconds. Italso specifies a minimum period between advertisements of RAs with a default of 200 seconds. The advertisements arejttered between the maximum and minimum values to prevent synchronization on alnk.‘These unsolicited RAs are sent with their source address set othe linkocal IPv6 address ofthe router's interlace. The destination address isthe allnodes multicast address (FFO21). Cisco routers automatically send RAs on Eternet and FDD! interfaces witeneverIPV6 is enabled onthe router with the command ipv6 lunicast-routing, The default intervals 200 seconds, and can be changed with the commandpv6 nd rainterval. The Router Lifetime of the transmitted RAs is 1800 seconds by default, and can be changed withthe command ipv6 nd ravlfetime. I you do not want a router to be a default router on a lnk, you can use this command to set the Router Lifetime value o 0. The default Reachable Time ofthe RAS is 0 (hich means unspected), and can be changed withthe command ipv6 nd reachable-time. The Retransmit Timer felis set to a detault ‘of ms (unspecified) and can be changed with the command ipv6 nd ns-interval. The Ml and O flags can be set withthe commandsipv 1nd managed-config-lag andipv6 nd other-config-lag, respectively. f you do not want an interface to transmit RAS at al, you can sabe them withthe command ipv6 nd suppress-ra By defauit, Cisco routes include in the RAs all Pv6 prefixes configured on the originating intetace. You can control the prefixes advertised, and parameters associated with those prefixes, with the command ipv nd prefix. Cf course, 200 seconds isa long tie fora host that has just attached o an interface to wait for an RA so that i can find the routers and eam he link parameters. So when a host fist becomes active on a lnk, it can send an RS to solic the immediate transmission of an RA. The source ofthe RS can either be the unspecified adress (:) or the hosts inkical IPv6 address. The destination is always the al-routers multicast (FFO2:2), When a router receives an RS, it sends (ater a delay of 5 seconds) an RA in response. I the source address ofthe RS that triggered the RAs a hos’ link-local adcress, the RA is unicast to the host using its ink-local address. I the source address ofthe RS was unspecified, the solicited RA is multicast othe al-nodes address. \When a host receives an RA, it adds the router to its default router list (unless the RA indicates by a Router Lifetime value of 0 that it cannot be used as a default. there is more than one router on the default router ist, ow the host selects a default router is implementation-specfic. It could elther rotate through the list, or select and keep a single router as detaul.n either instance, the Redirect function is essential for updating the host when a different default than the one it selected should be used. Address Autoconfiguration \When an IPv6 host fist becomes active on alink, it can sel-configureits own interface address. The frst step inthis process isthe Getermination of the 64-bit Intertace ID portion of the address. On broadcast interfaces (where hests are most ikely to appear), a ‘mechanism called MAC-to-EUI64 conversion is used. Quite simply, this mechanism takes the 48-bit Media Access Control (MAC) adress of the itertacewhich can normally be assumed to be globally uniqueand convert into a 64-bit Interface ID by inserting a reserved 16-bit value of OxFFFE ino the middle of the MAC address and "Tippin the UniversallLocal (UIL) bt ofthe MAC address to 1 (Universal). Figure 2-15. MAC-to-EUI64 conversion is used to create a 64-bit Interface ID from an interface's 48-bit MAC address. MAC Address: 0000:0B0A:2D51 MAC Address 00:00:0B:0A:2D:51 in Binary: 00000000 00000000 00001011 00001010 00101101 01010001t U/L Bit OxFFFE Inserted in Middle: 00000000 00000000 00001011 11111111 11111110 00001010 00101101 01010001 eet OxFFFE U/L Bit Flipped: 00000010 00000000 00001014 11111141 11411110 00001010 00101101 01010001 U/L Bit Resulting EUI64 Interface ID: 0200:0BFF:FEOA:2D51 Cf course, the interface ID is only half ofthe IPv6 address; a 64-bit prefixis also required. Recall romffable 2-1] hat the lnklocal prefix is, 2a reserved, wel-known value of OxFF80:/10. Using this as a fll 64-bit prefix (OxFF80:/64), it can be added onto the derived Intertace ID, and the host now has a complete IPv6 address that can be u nication with other devices on the same lnk. For example, combining the link-local prefix with the interface ID derived in igute 2-15] gives a link-local address of FF80::0200:0BFF-FEOA.2051 2-The folowing shows an example ofa link-local address, in this case from an Ethernet interface “ent” on a Macintosh OS X host Using the link-local prefix FF80:/10 and a MAC-0-EUI64 conversion, an IPv6 interface derives its link-local address with no help trom any other sevice: [Weft-Doyles-Computer:~jdoyle% ifconfig ent ent: fags=8863 mtu 1300 inet 10.10.24.13 netmask Oxf00 broadcast 10.10.24.255 ether 00:11:28:23:33:4e ‘media: autoselec satus: active supported media: autoselect [Weft-Doyies-Computer:-jdoyle% Ifthe host only needs to communicate with devices onthe ink, autoconfiguring its ink-local address is sufficient. But i it needs to communicate with devices of-nk, needs an address with @ wider scopenormally a global IPVS address. There are two ways it can ‘acquire this address: stateful or stateless address autocontiguration. la host uses stateful address autoconfiguration, it consuls @ DHCPV6 server for the necessary address information. Itmight ether be preconfigured to ind @ DHCPV6 server, ora received RA might have its M flag set telng it to use DHCPv8. DHCP v6, described in AFC 3815, Is not much diferent in is end results than DHCP for Pv ‘Much more interesting is stateless autoconfiguation. With ths very simple process, the host acquires one or more link prefixes trom the As itreceives. It then a tots previously determined Interface ID, and itnow has a globally unique IPv6 address. For example ifthe host from| received an RA advertising a prefix of SFFE: 1104:404:1:/64, it would add that prefix to its Interface ID fora global address of 3FFE:1 104: 404:1:0200:08FF:FEOA:2D51 Duplicate Address Detection Although the use of MAC adresses to derive an Interface ID almost always guarantees a unique address of any scape, itis wise toensure that the address is unique. So whenever a device acquires a unicast address, it must perform Duplicate Address Detection before Using the address. It does not matter whether the address was acquired via stateful or stateless configuration, ori the address was staticaly configured. The only exception tothe rule is an anycast address, because anycast addresses by definition can appear on more than one device. There is also an assumption that fa Duplicate Address Detection has been performed on a link-local address that has an Interface ID that was derived from MAC-to-EUI64 conversion, andi the address passes, oer addresses using the same Interface ID wil also be unique, and so the Duplicate Address Detection does not need tobe repeated. ‘Anode that has acquired a new address classes the address as tentative, The address cannot be used until the Duplicate Address Detection operation has been completed with verification that no other node onthe ink uses that address. The node sends an NS with the Target Address field set tothe address to be verified, The source address ofthe NS is the unspecified address, and the destination of the NS isa solictedtnode multicast address. Statt cree has cord mee tanonoeTte es, este bse! alts cess seco Soe Ia node receives an NS and the target address matches one ofits assigned addresses, it sends an NA withthe Target Address and the Cestination address sett the tentative address. The node that had originated the NS, on receipt ofthe NA, knows that the tentative address is duplicate and cannot be used. Neighbor Address Resolution You know trom[Gnapter that when an IPv4 node wants to communicate wih another IPvé node on a local lnk, it must rst discover the estinations lnk layer (ar data lnk) address. This address is then used as the destination address in the frame that encapsulates the IP packets to that node. For example, a node might want to send a packet to examplehost.com. A DNS quety etums the address ‘FFE:521:2400:15:211:24FF-FEZR.394E. The sending node must now discover the link-layer address to use as a destination address of the frame forthe local nk. As the previous chapter discussed, IPvé uses ARP for his discovery. IPv6, however, uses NDP. When the node examines the prefix ofthe IPv6 address returned by DNS, it ether concludes thatthe destination is neighbor on the local link ofthat itis ofFlink and therefore reachable through the default router. If the latter is the case, the node should already know the link-layer address ofthe detaul router from the RAs. But ifthe destination ison the local link, the nade ist looks in its neighbor cache to see ifthe address is known, The neighbor cache in IPv8 is very similar tothe ARP cache in IPvg it records known networkclayer addresses and the inklayer addresses associated with them. The folowing shows a neigibor cache from a Microsoft Windows XP host ‘The neighbor cache stores known IPv6 addresses and ther associated link-ayer addresses: ‘CADocuments and Settings\Jetf Doyle>ipv6 ne 5: fe80::202:2dfe25:Sedc 00-02-24-25-5e-4c permanent 4: fe80::260:83tfe70:20t9 00-60-88-7o-2d13 stale (router) 4: f280:210:a4tfea0:bo7 00-10-a4-a0-bo-97 permanent 4: Stle:3700:1100:1:210:a4tfea0:be87 00-10-a4-a0-be97 permanent 4: Stle:3700:1100:1:d9e6:8d:14c6:45ee 00-10-a4-a0-bo-97 permanent 4 2001:468:1100:1:210:adtfea0:be97 00-10-a4-a0-bo 97 permanent 4 2001:468:1100:1:d9e6;8d:14c6:45ee 00-10-a4-a0-bo-97 permanent 3: 2002:0068:6301:1088:6901 192.88.99.1 permanent 3: 2002:8360:213e:'8366:2130 131.107.33.60 permanent 3: 2002:4172:a85b:4172:2850 127.0.0.1 permanent 3: 2002:8360:213e:1:e0:8106020:6 131.107.3360 permanent 3: 2001:708:0:1:624 incomplete 2: "85.114.188.91 127.0.0.1_ permanent 2: feB0:Sefe:65.114.168.91 127.001 permanent 2: feB0:Sefe:169.254.113.125 127.001 permanent 1 e804 permanent 1 4 permanentthe adress isnot inthe neighbor cache, itis entered but tagged Incomplete, indicating that address resolution isin progress. The rode then sends an NS to the salted-node mulcast address associated wit the target node. The NS should include the Source LinkcLayer option type 1), so thatthe solicited node would have the lnk-layer address othe soliciting node, and therefore would know were to send the responding NA. Ifa value other than Os included n the RAs, mulple NSs can be sent at that specified interval. the Retransmit Timer value inthe RAS is unspecified (0), the NS is retransmitted every 1000 ms until an NA is received. Ito NAis received from the solicted node after three NS transmissions, the neighbor address resolution has failed and an ICMP message of type t/code 3 (Destination Unreachable/Address Unreachable) is returned for each packet queued for transmission tothe now unknown destination, I the solicited nade exists and the NS is valid it responds with an NA. The Target Address field ofthe NA is set tothe value of he Target [Address field of the NS that triggered it The soliciting node, upon receipt ofthe NA, can add the target node's inklayer address tothe neighbor cache entry and change the enty trom Incomplete to Reachable, The neighbor cache ofa Gisco router can be cbserved with the command show ipv6 neighbors, as shown inExampie 2 Example 2-1. The neighbor cache of a Cisco router can be displayed with the command show ipvé neighbors. Confucius show ipv6 neighbors Ive Address ‘Age Link-layer Addr State Interface 2001:201:1502:1-210:a4tifead:be87 0 O010.a4a0.be97 REACH Ethemetd 80:210:n0tfea0:bc97 0 0010.24a0.be87 REACH Ethernetd 80: 260:83tfe4e:Sdt2 0 0060,834e.5dl2 REACH Ethernet Sife:1300:247:20:d9e6:bd:14c6:45e0 0 0002.2425.5e4c REACH Ethernet! Privacy Addresses ‘The stateless address autoconfiguration has raised a securily concer for some: Even if@ device moves from subnet to subnet or even ‘major network to major networ, its Interface ID always remains the same; and ifthe Interface ID remains the same, itcan be tracked. At the leas, this becomes a privacy issue. For example, suppose you are using IPvS to connect to your company network. Recording and ‘analyzing packets coming into some part ofthe network can identiy you by your unchanging Interface ID. And by further analyzing the itferent prefixes prepended to that Interface ID, your employer can infer where you are ata imes: at work, at home, traveling, or winatever. More insidious uses can also be made of such tracking, Keeping record of your location and activities for everything from ‘marketing to criminal exploitation. RFC 3041 addresses this security concer by defining IPv6 privacy addresses. A privacy address is one in which the Interface ID is (generated by an algorithm using a pseudo-random number. Whats signtiant about it, and makes itreasonably private, is that the Interface ID changes approximately once a day (or on some configurable period) and also whenever the node acquites a new IPV6 prefix CO course, a constantly changing address is not practical for reachabilty. Nades that want to communicate with you, and hence DNS servers, must know you by only one ora few static addresses. So the standard statelessly configured IPv6 address remains your public address. Anyone wanting to send packets to you uses this address asthe destination. But when you send packets back, you use the private address. Ths is a bit ike having Caller ID in your ome but blocking your number from appearing on anyone else's Caller ID. You can see whois caling you, but athers cannot see your number when you call hem, ‘The folowing shows the addresses assigned toa Microsoft Windows XP machine. There are two public IPv6 addresses assigned to the interface, and you can see that although the prefixes are diferent, the MAC-to-EUl64generated Interface IDs are the same. You can easlly Identity the public Intertace IDs by the OxFFFE inserted in the midle, But fr both ofthese public addresses there is also a private address (which Windows labels as “anonymous’). These private addresses are created by prepending the RA-invé it 4 Interface 4: Ethemet Local Area Connection 2 uses Neighbor Discovery uses Router Discovery link-layer address: 00-10-a4-a0-bo-97 prefered global 2001:484:1200:1:d9e6:b9d:14c8:45ee, le 6d21n14m26s/21h12mds (anonymous) prefered global 2001:468:1200:1:210 att fea0:bes7, le 29d2ansem25s/6d23h5em25s (public) pteferted global 3e:3705:1200-1:d9e6:b80:14c8:45ee, le d21n14ma6s/21h12mds (anonymous) pteferted global 3e:3705:1200:1:210 att fea0:bes7, le 29d28nsem25s/6d23h5em25s (public) prefered link-local fe80:-210:a4tfea0:bed7, ie infinite ‘muticast interface-ocal 01:1, 1 refs, nt reportable maticast link-local 1021, 1 refs, not reportable ‘muticast link-local 1021 sfa0:be97, 3 refs, last reporter ‘muticast link-local 1021 so6:45ee, 2 refs, last reporter link MTU 1500 (rue link MTU 1500) current hop limit 64 reachable time 22000ms (base 30000ms) retransmission interval 1000ms DAD transmits 1 Neighbor Unreachability Detection ‘The discussion of neighbor address resolution in @ previous section made mention of neighbor cache entries being labeled as Incomplete or Reachable. In fac, a neighbor cache entry can be in one of fve states: ‘© Incomplete Neighbor address resolution isn progress. An NS has been sent tothe soiitec-node multicast address for the entry, but no NA has yet been received. (© Reachable The address has been recently confirmed as reachable. “Recently confirmed” means that some indication ofits reachabilly has been received within the ime specified in the Reachable Time field ofthe FAs. Ito Reachable Time has been specified in RAS, a defauit Reachable Time of 30 seconds is used. (© Stale The Reachable Time has elapsed since the last postive confirmation of reachability wih the destination has been received. © robe A confirmation of reachability is being sought by sending NS tothe destination every Retransmit Time or (i no Retransmit Time has been spectied) every 1000 ms. © Delay An address is put nto this state wnen a packet is sent to destination that was inthe Stale state. It stays in the Delay slate for 5 seconds, and if no confirmation of reachabilt is received within that ime, the state is changed to Probe. This slate is an optimization to give upper-layer protocols a chance to confirm reachabily before a prabe NS is sent Reachability of a neighbor s confirmed in one of two ways: (© Hints" trom an upper-iayer protocol, such as an ACK of a TCP message. © A cesponse to a probe ofthe destination address by soliciting an RA or NA. This is necessary because some upper-iayer protacols, such as UDP, do not actively acknowledge the receipt o transmitted messages.Neighbor Unreachabilty Detection confirms not ust reachabilty from the neighbor's perspective, but cons two-way reachabily trom the local node's perspective. For this reason, an unsolicited NA or RA cannot change the state ofa neighbor cache entry to Reachable; the received message only indicates one-way teachabiity from the originating node tothe local node. Two-way reachabilly is confirmed only by either a remote response to a transmitted message (such as an ACK of a TCP packel) or an RA or NA sent in response to a solicitation KIKc’ Looking Ahead ‘The purpose ofthis and the previous chapter was to examine the basics of IP in both ofits versions. Understanding the basis of IP addressing and the fundamental processes of IP provides the foundation for understanding IP routing. The next chapter delves ino the information a router needs to successfully and accurately forward a packet toward its destination. KoyReview Questions a q 4 a q a a q q id a a a a a | a a | ‘What isthe length ofan IPv6 address? How are IPv6 addresses represented? ‘What are the two rules for compacting Pv addresses? ‘Why is itilegal to use more than one double colon in an IPv6 adress? ‘What isthe diference between the IPv6 addresses :0 and 128? ‘What isthe part ofthe unicast IPv6 address that specifies the host, and what sits length? ‘What isthe length ofthe Subnet ID potion ofthe unicast IPv6 address? the first 10 bits of an IPvB address are FFBO:/10, what type of address ist? ‘What type of address is SFFE:204:100:90:17 ‘What is an anycast address? ‘What is a multicast address? ‘What isthe length of the IPv8 header? "What isthe purpose ofthe Flow Label field inthe IPv6 header? “To what field inthe Pv4 header does the IPv6 Next Header ld correspond? “To what field inthe IPv4 header does the IPv6 Hop Limit fed correspond? In what way is the IPvé Next Header field Ike the IPv4 Protocol Number fila, and in what way i it eitferent? How do extension headers make IPv6 packets more efficient? ‘What isthe Next Header value of ICMPv6? ‘What isthe significant ctference between IPv fragmentation and IPv6 fragmentation? |What are the five ICMPv6 messages used by the Neighbor Discovery Protocol? ‘What isthe purpose of the M and O flags in the RA?‘What isthe purpose of the Reachable Time fleld ofthe RA? ‘What isthe purpose ofthe Retransmit Timer fed in the RA? |Whatis indicated if the Route Lifetime fed in the PAs set to 0? ‘What isthe purpose and effect ofthe S flag in the NA? 'What isthe diference between stateful and stateless address autoconfiguration? ‘What two steps does MAC-1o-EUI64 conversion use to derive an Interface 1D? ‘When a device acquires a unicast IPvé address it must perform Duplicate Address Delecton, with one exception. What is that exception? ‘What does the prefix FF02:0:0:0:0:1:FFO0:/104 signify? ‘What does IPv6 use in place of ARP and an ARP cache? ‘What isa privacy address? ‘What does an Incomplete state of an entry in the neighbor cache signify? ‘What does a Probe state ofan entry inthe neighbor cache signify? ‘What two ways does Neighbor Unreachabilty Detection use to verily two-way reachabilly ofa neighbor?Kc’ Chapter 3. Static Routing This chapter covers the folowing subjects © Boute Tabi © Bontiguing Static Routes © [roubieshooting Static Routes {An important observation tromohapter "TCP/IP Fleview,is thatthe data link/physical layers andthe transportnetwork layers, as efined by the OS! model, perform very similar duties: They provide the means for conveying data from a source to a destination across some path. The diference is thatthe data inkpysical layers provide communications across a physical path, whereas the transportinetwork layers provide communications across a logical or virtual path made up of series of data links. Further Bhapier showed that for communications to tke place across @ physical path, certain information about dataink idetiters ‘and encapsulations must be acquired and stored in a database such as the ARP cache. Similarly, information thatthe transportinetwork layers require to do their job must also be acquired and stored. This information is stored in the route fable, also known as therouting information database (FIB). This chapter examines what sort of information is required to route a packet, how that information is stored in the route table, how to enter the information ino the database, and some techniques for tulding a routed netwark by entering the proper information int the Proper routers’ route tables. Kc’Route Table To understand the kind of information that exists inthe rout table it is useful to begin wth an examination of what happens when a framed packet arives at one ofa route’ interfaces. The data-ink identi inthe frame's destination address field is examined, iit contains either the identifier ofthe router's interface ora broadcast identi, the router strips off the frame and passes the enclosed packet tothe network layer. At the network layer, the destination address ofthe packet is examined. I the destination adress is ether the IP address ofthe router's interace or a hosts broadcast address, the protocol field ofthe packet is examined and the encosed data is sent othe appropriate internal process! "I There is also the special case of a multicast address, which is destined for a group of devices, but nat forall Gevices. An example ofa multicast adress isthe class D address 224.0.05, reserved for all OSPF-speaking routers ‘Any other destination address cals for routing. The address might be for a host on another network to which the router is attached (including the router interface attached to that network) or fora host on a network not crecly connected to the router. The address might also be a directed broadcast, in which there isa distinct network or subnet address, and the remaining host bis are all ones. These addresses are also routable I the packets to be routed, the router will do a route table lookup to acquire the corect route. Ata minimum, each route entry inthe database must contain wo items: (© Destination address This isthe address ofthe network the router can reach. As this chapter explains, the router might have ‘more than one route tothe same address, ofa group of subnets ofthe same or of varying lengths, grouped under the same major IP network adress. © Pointer to the destination Ths pointer either wll indicate thatthe destination networks directly connected to the router ort will ingicate the address of another router on adirecty connected link or the local interface to tha ink. Tha router, which will be one router hop closer tothe destination, is a next-hop router. Theatr nh te mos sei attest ann ascend od of sei, acess maybe oe felon ‘21 There are two basic procedures for finding the best match, depending upor ie router is behaving classtuly or classessly.Classfl table lookups are explained i more detail in Phapter “Routing Information Protocol (RIP),” and classless table lookups are explained in Phapter "RIPv2, RlPng, and Classless Routing Host address (a host rout Subnet Major network number . ° (© Group of subnets (a summary route) ° (© Group of major network numbers (a supemer) ° Default address This chapter provides examples ofthe fis four types. Supernets are covered in Bhapter "RIPv2, RiPng, and Classless Routing "A oe sis considered a leas-spectic address and is matched only ifno other match can be found. Detault addressing isthe topic, offphapter 14 "Detault Routes and On-Demand Routing.”If the destination address ofthe packet cannot be matched to any route table entry, the packet is cropped and a Destination Unreachable ICMP message is sent to the source address. Figure 5] shows a simple network andthe route table entries required by each router. Of primary importance heres the “big picture, ‘Seeing haw the rout tables work as a whale to transport packels correctly and efficiently The destination addresses that the router can reach are listed inthe Network column of the route tables. The pointers tothe destinations are in the Next Hop column. Figure 3-1. The minimum information needed for each route table entry consists of the destination networks and the pointers to those networks. View fullsize image] ts woh fo a so st mas wiz ay Shae wanes Carel ia 0 S182 Eo < Sir voree erat Dest Baum NETWORK NEXT HOP NETWORK NEXT HOP 10110 rect conectst 1o110 1014s 10120 reccomend e120 feat jataowoaze orzo teat oreo yorza NETHORE NETO || 10120. drev cored || NETHORE NEXT HOP e130 yoiae 10120 Grctyamneded || 10150 deectveewesed || 10210 10283 wep yoga ine Geat/ommest|[Inten Seaman |lieiie nic) aro wiz? ots graverneaed ||10470 tatae wise tora o1so tones forse totes fo1eoworaa forse woe yoize tana 10180 rec ometed 10170 heclhconmcted «rer Caro gue Soceves a pocket wih asouce adress o! 101.197 anda desinalon atest 101735, rou tate \oskp tomes le Bes ate re gestnatn adress sue 10.70 octal exthpaatess 104.22. on Iroc 5. The pct! sero at exter (aN, wich aoe aleoup nts om ae and ses tat nwork 070i eacae Manos hop aden 042 oumaace Si-Thepocer enrtun the pat ects roa Baum. Thal tr, caving fe post once S, does a lakp, ar seen ha he exiaton on one Ieee enenesed ub, E, Ron's Compl adie pect Severs ha 101.738 one Eel ik ‘The routing process, as explained, assumes that the router can match is listed next-hop addresses to its interaces. For example, router Dahl must know that Lewis's address 10.1.4.2 reachable va interface St. Dahl wll know from the IP address and subnet mask assigned to St that St is directly connected to subnet 10.1.4.0 It then knows that 10.1.4.2, a member of the same subnet, must be connected tothe same data link. Notice that every router must have consistent and accurate information for correct packet switching to occur. For example, in Figure an entry for network 10.1.1.0s missing from Dah’ route table. A packet from 10.1.1.97 to 10.17.35 wil be delivered, but when a reply is sent from 10.17.35 to 10.1.1.97, the packet is passed from Baum to Lewis to Dahl. Then, Dahl does a lookup and finds that ithas no entry for subnet 10.1.1.0, so the packet is dropped, and an ICMP Destination Unreachable message is sent to host 10.17.36 Flange] tows ne rose abl tom oe Lows ofg6 37] The 05 command examining Pou able of a Caco rosters Show i routeExample 3-1. The route table for router Lewis of Figure Lewistshow ip route Codes: C - connected, S static, |-IGRP, R- RIP, M- mobile, B- BGP, D-EIGRP, EX EIGAP external, O - OSPF, IA - OSPF inter area, NI - OSPF NSSA extemal ype 1, N2 - OSPF NSSA external ype 2 1 - OSPF extemal type 1, E2 OSPF external type 2, E-EGP, i-ISAS, Lt -ISAS level, L2- ISS level2,*- candidate default, U- peruser static route, o- ODR Gateway of las resort is not set 10.0.0.024is subnetted, 7 subnets, S$ 10:1.30[10] via 10.141 S$ 101.20[10] via 10.141 S 10:1.1.0[00] via 10.1.4 S 101.7.0[00) via 10.162 © 10.160 is rectly connected, Serialt © 10.150 is drecty connected, Ethemet0 © 10.140 is cirecty connected, Serialo Lewist ‘Examine the contents ofthis database and compare it with the generic table shown for Lenis Figure $-] yess the table sxample 3 explains the letters down the let side ofthe table. These letters indicate how each route entry was learned; (or an S for static entry." The slatement “gateway of last resort isnot se refers toa default tagged with ether a C for “directly connected,” route. all routes are [A the top ofthe table isa statement indicating that the route table Knows of seven subnets ofthe major network address 10.0.0.0, subnetted with a 24-bit mask. For each of the seven route entries, the destination subnet is shown; forthe ents that are not drectly connectedrautes for which the packet must be forwarded to @ next-hop routera bracketed tunle inca ee distanceimetic] er for that route. Administrative distances ae introduced later inthis chapter and are covered i detail in Dh Metrics, discussed in greater detail in Papier Route Redistriouton “Dynamic Routing Protocols,” are a vay fr multiple routes to the same destination to be [have a metic of 0. Finally, ether the address of the drecty connected interface of the next-hop router or the interface to eyo lower the metric, the “shorter the path and so the mote desirable the route. Noioe that the static routes shown in xample 3. wich the destination is connected is shown,Configuring Static Routes The route table acquires information in one of three ways: (© The information can be entered based on what the router knows about its directly connected subnets. © The information can be entered manually, by means of a static route entry © The information can be entered automatically by one of several systems of automatic information discovery and sharing known as dynamic routing protocols. The bulk of his book concerns dynamic IP routing protocols, but this discussion of static route configuration will prepare you for Understanding the subsequent chapters. More to the point, static routing is preferred over dynamic routing in certain circumstances. As with any process, the more automatic tis, the less control you have over it. hough dynamic (automatic) routing requires much less human intervention, static routing allows very precise control over the routing betavior of a network. The price tobe pald for his precision isthe necessity of manual reconfiguration any time the topology of the network changes. Case Study: Simple IPv4 Static Routes igure 3-4 shows a network with four routers and six data links. Notice thatthe subnets of network 10.0.0.0 ariscontiguousthere is a Giferent major network subnet (192.168.1.192, in the Tigger-o-Piglet ink) separating 10.1.0. from the other 10.0.0.0 subnets. The subnets o 10.00.0 ae also variably subnettedte subnet masks are not consistent throughout the network: Subnet 10.1.0.0 has a 16-bit mask, while 104.0.0 has a 24-it mask. Final, the subnet address of Pooh's Ethernet link isan al-zero subnet. Later chapters demonstrate that an addressing scheme with these characteristics causes problems for simpler, classful routing protocols such as RIP and GRP: but static routes work fine here. . Routing protocols such as RIP and IGRP cannot easily route this discontiguous, variably subnetted network, but static routing will work. View full size image}192.168.1.1/27 192.168.1.65/27 192.168.1.199/27 Noga’ 80 fe 7 EO st 192.168.1,66/27 N 192.168.1.194/27 Piglet 10.4.6.1/24 Pooh 10.4.6.2/24 \ ore 10.4.7.1/24 ‘The procedure for statically routing a network has three steps: 4. Foreach data lnk within the network, identity all subnet or network addresses. 2. Foreach router, identity al data links not directly connected to that router. For each router, wite a route statement for each address not directly connected to it \Wrting route statements fora routers directly connected data links is unnecessary, because the addresses and masks configured on the router's interfaces cause those networks to be recorded ints raute table, For example, the networkin Figure 3-Jhas sx subnets: © 1010016 10460224 10.47.0724 192.168.1.19227 192.168.1.68127 192.168.1.0227 To contigute static routes fo Piglet, the subnets that are not directly connected are identiied as follows: 10460224 10.47.0724 192.168.1.68127 192.168.1.0227 These te sitet or wich slat reves mus be wien Ezanls Fstons te commands ening Pet sae oul‘91 For the static routes in this example and the subsequent examples in this chapter to work properly, two global commands must be added o the routes: ip clas et z0r0. In IOS 11:3 and later ip classless is enabled by delet These commands ate oduct Papler dard ate mertoned here readers whe wish o ty the configuration examples ina lab Example 3-2. Configuring Piglet's static routes. Piglet(config}# Ip route 192.168.4.0 255.255.255.224 192.168.1.193 Piplet(config}# Ip route 192.168.1.64 256.255.255.224 192.168.1.193, Piglet(config}# Ip route 10.4.6.0 255.255.255.0 192.168.1.193, Piglet(config}# Ip route 10.4.7.0 255.255.255.0 192.168.1.193, Flowing the same stops, Examoie shows the route entries forthe oer three routers. Example 3-3. Route entries for Routers Pooh, Tigger, and Eeyore. ooh(confg)# ip route 192.168.1.192 256.255.255.224 192.168.1.66 Poohjconfg)# ip route 10.1.0.0 255.256.0.0 192.168.1.66 oohjconfg)# ip route 10.4.6.0 255.256.255.0 192.168.1.66 oohjconfg)# ip route 10.4.7.0 255.256.255.0 192.168.1.66 Tigger(config# ip route 192.168.1.0 256.255.255.224 192.168.1.65 Tigger(config)# ip route 10.1.0.0 255.255.0.0 192.168.1.194 Tigger(config)# ip route 10.4.7.0 255.255.255.0 10.4.6.2 Eeyore(contig)# ip route 192.168.1.0 255.255.256.224 10.4.6.1, Eeyore(contig)# ip route 192.168.1.64 255.255.255.224 10.4.6.1 Eeyore(contig}# ip route 192.168.1.192 255.255.255.224 10. Eeyore{contig)# ip route 10.1.0.0 255.256.0.0 10.4.6.1 ‘The routing commands themselves are easly read ifthe reader remembers that each command desorbes a route table enty. The command for IPv4 is ip route, followed by the adress to be entered into the table, a mask for determining the network portion ofthe address, andthe address ofthe directly connected interface ofthe next-hop router. {An alternative configuration command for IPv4 static 3s the interface out of which an address is reached instead ofthe interface address of the next-hop router. For example, shows the possible route entries for Tigger. Example 3-4, Alternative route entries for Ip route 192.168.1.0 255.255.255.224 SO Ip route 10.1.0.0 255.255.0.0 £0Ip route 10.4.7.0 255.255.255.0 $1 Crain conditions must be met before a static route is written into the route table. IP routing must be enabled, the next-hop address, i Used, must be reachable, the ext interface must have an IP adress configured on it, and the ext interface must be up. Ezampie 3]compares the rout table resuting trom this coniguration withthe route table resulting from ents poetng to anext-hop router. Note that a certain inaccuracy is inttoduced: All adresses specified with a static route refering o an ext interface are enered into the table asi they are relly connected to tha interface. The implications fr route redistribution are discussed in[Chaptr 1 A point of nterestin Example 3-4] thatthe header forthe 10.0.0.0 subnets indicates the Jonet masks used inthe network \Variable-ength subnet masking (VLSM) can be @ useful tool and is discussed at length in Phas Example 3-5. The top route table is the result of static route entries pointing to the next-hop router. The bottom route table is the result of static routes that point to the interface a packet must exit to reach the destination network! Tiggertshow ip route Gateway of las resorts not set 10.0.0.0is variably subnetted, 3 subnets, 2 masks © 1046.0 255.255.255.0 is directly connected, Serial! S 10.4,7.0 255.255 256.0 1/0] via 10.462 S 10:1.0.0255.255.0.0 1/0] via 192.168.1.194 192.168.1.0 255.255 255.224 is subnetted, 3 subnets © 192.168.1.64 is directly connected, SerialO S 192.168.1.0 [1/0] via 192.168.1.65 © 192.168.1.192s directly connected, Ethemet0 Tigger Tiggertshow ip route Gateway of las resorts not set 10.0.0.0is variably subnetted, 3 subnets, 2 masks © 10.4.0 255.255.255.0is directly connected, Serial! S 10.4,7.0.285.255.285.0 crectly connected, Serialt S 10:1.0.0255.255.0.0 is dreclly connected, Ethemet0 192.168.1.0 255.255 255.224 is subnetted, 3 subnets © 192.168.1.64 is directly connected, SerialO S 192.168.1.0 is directly connected, Serial © 192.168.1.192s directly connected, Ethemet0 Tigger Fira has ben moved or ty A third option for static routes i to use a combination ofthe outgoing interface and the next-hop address. The next-hop address is coupled with the spected ext interface. ithe exit interface goes down, the route is removed tram the route table, even if the next-hop address is recursively reachable via an altemate route. This minimizes table lookups associated with finding the outgoing interface associated with 2 rext-hop address and the entry in the table appears as a route with a distance of 1, not a dieclly connected network. ‘41 The key normally seen at the top of the route table Directing a static route to an ext broadcast intertace without speclyng the nex-hop address can cause an excessive amount o traffic on the broadeast network, and also might eat up the router's memory. For example, look at Tigger’ ip route 10.4.0.0 255.255.0.0 EO command. The router assumes 10.1.0.0's directly connected, as we have seen from the oute table. Therefore, when attempting to route to any address on the 10.1.0.0/16 subnet, the outer sends an ARP request to find the MAC address to wiich to forward the packet. Eachattempt to reach an address onthe 10.1.0.0 network, whether the destination is valid or not, wll result in an ARP request, an ARP response ita router on the broadcast network is responding on behalf ofthe 10.1.0.0 netwotk (proxy ARP), and a potentially large ARP cache on the router. By appencing the next-hop adres tothe static route entry, ip route 10.1.0.0 255.255.0.0 E0 192.168.1.194, the rauter no longer assumes thatthe destination is directly connected, The only ARP trafic forthe next-hop adress, which only occurs for the fist packet destined toa host on network 10.1.0.0, rather than for every packet destined toa new host on network 10.1.0 ‘Speciy the exitinterface and the next-hop address to minimize table lookups associated with finding the exit interface for a specified rext-hop address, and to minimize traffic on the broadcast network. lange stows dtrece inte ste oe etn erate tees went exthop ates is se wh te ext tae, Example 3-6. Specifying an exit interface rather than the next-hop router address with static routing could generate excessive traffic on a broadcast network. Tiggertshow ip route static 10.0.0.016 is subnetted, 1 subnets S 10.1000 directly connected, Ethemet0 Tiggertshow arp Protocol Address Age (min) Hardware Addr Type Interface Intemet 192.168.1.193 - 0004.c150.1c0 ARPA. Ethemet0 Intemet 10.1.8.1 0 0010.788.37d5 ARPA. Ethernet0 Intemet 192.168.1.194 24 0010.7b38.3745 ARPA Ethernet0 Intemet 10.155 0 0010.7b38.3745 ARPA. Ethernet0 Intemet 10.1.1.1 0 0010.7b98.3745 ARPA Ethernet0 Tigger Tiggertshow ip route static 10.0.0.06 is subnetted, 1 subnets S 10-.0.0 [10] via 192.168.1.194, Etheret0 Tigger#show arp Protocol Address ‘Age (min) Hardware Addr Type Intertace Internet 192.168.1.198 = 0004.c180.11e0 ARPA Ethernetd Internet 192.168.1.194 22 0010.7638.3745 ARPA EthernetO The frst route table and ARP cache show thatthe static route entry was created with an ext intertace and no nest-hop address. The route is drecty connected and there are multiple AAP cache entries fr destinations on the 1010.0 network. The MAC address for each entry is the same. itis the hardware addcass af the router with IP address 192.168.1.194, The router is sending ARP replies forall hosts onthe 10.1.0. network. As eiscussed in Phapter this proxy ARP is enabled by default in 10S, ‘The second set of tables shows the route table and ARP cache when the nex\-hop address is specified in aditon tothe extintertace, Notice the route is no longer directly connected. It is known via 192.168.1194 and the ext interlace is Ethemet 0. The ARP cache has no entries for the 10.1.0.0 network, only forthe addresses that actually exist on the directly connected network, including 192.168.1.194. Case Study: Simple IPv6 Static Routes IPV6 static routes are configured the same way as IPv4 static routs. The only ctference is thatthe IPV8 prefix length of the estination networks entered rather than the dated decimal form ofthe IPv4 network mask. Unlike IPv4, however, IPV6 routing is natenabled by default, Belore entering a static route, IPv6 must be enabled using the ipv6 unicast-outing command, As with IPv4, an IPv6 ‘address must be configured onthe exit interface and the interface must be up before the static entry wil be added tothe route table. The command used ta create a static route is ipv6 route followed by the netwark tobe entered into the route table, the length, in bits ofthe Prefix, and the aderess of the next-hop router, or the exit interface to be used to reach ths destination. To specty the next-hop address inthe static route entry, ou need to know what that address is. A detalled network drawing wil hel, but it ay be out of date because of the dynamic nature ofthe Interface ID portion of the addresses. When addressing the IPvB network, f you specly interface IDs manually rather than using the automaticaly constructed EUL64 format adresses, the next-nop adoress wil be Predictable. However, the interfaces on the data lnk are configured to use EUI-64 interface IDs, you only spect the fist 64 bits ofthe address. The router determines the final 64 bits based on a MAC address. I a router is replaced, the new router will have ferent [Pv addresses. (The frst 64 bits wil main the same, but the final 64 bits wil be dtfeent) One way to identi the full 28-bit IPv6 address of ‘a neighbor router isto use the Cisco Discovery Protocol (CDP) statistics. CDP displays information pring routers, such asthe router's hostname, router type, IOS, and the IP addresses configured on the remote end of the link. Example 3-7 splays one form ofthe show edp command Example 3-7. Cisco Discovery Protocol can tell you a lot of information about a device's neighbors. Honeybeetshow edp neighbor detail Device ID: Honeytree Enity address(es): IP address: 10:4.6.2 IPv6 address: FE8D:2B0:64FF:FESO:1DEO link-local) IPv6 address: FECO::1:280:54FF:FES0:1DEO (slteoca) Platform: cisco 2610, Capabities: Router Intertace: Serial0/0.2, Port ID (outgoing port): Seriali0.2 Holme : 146 sec Version Cisco Internetwork Operating System Software 108 (tm) C2600 Software (C2600-J1S3-M), Version 12:3(6), RELEASE SOFTWARE ([c3) Copyright(c) 1986-2004 by cisco Systems, Inc. Compiled Wed 11-Feb-04 19:24 by kelythw adverisement version:2 Exampie 3 displays a tot intrmation abou he neighbor router, including the router type, 10S, hostname and IP addresses. Theta keywords required to obtain al he information that is csplayed Another way to determine the IPv6. ks to issue the show ipv6 interface command. This command cisplays the [PvE information relevant to an interface. Examole 3-4 shows the output from the command issued on Honeybee, Example 3-8. show ipv6 interface displays IPv6 information relevant to an interface, including the IPv6 EUI-64 formatted addresses. Honeybeetshow ipv6 interface serial00.1 SerialI0.1 is up, ine protocol is up IPvBis enabled, inklocal address is FESD:204:01FF-FESO:F ICO Description: Link to PigletGlobal unicast address(es) FECD:3:204:01 FF-FESO:F1O0, subnet is FECO0.0:3:164 Joined group adress(es F021 FFO2:2 FF02:1:FF30:1DE0 Flazd ston snp evar Pv ates] ‘1 The intertace addresses are configured with EUL-64 addresses. The addresses, therefore, are unique to each router based on MAC address. To reproduce the configuration, you'd have to determine your router's interface addresses to use asthe next hop. Figure 3-3. Static routing also works with IPv6. View fullsize image] FECO-3:204.C1FF-FESOFICO FECO:-3:230-94FF-FE24:B780 Honeybee FECO::8:0:0:0:0/64 FECO:-5:0:0:0:0/64 FECO:1:204:C1FF:FESOFICO Honeypot FECO::1:280-64FF-FE30:tDE0 | S002 FECO-A00-0.064 Honeytree Exampie sd] shows the commands fr entering Honeypot’ IPv6 static routes. Example 3-9. Cor juring Honeypot's IPV6 static routes. Ipv6 unicast-routing Interface serial 0(0.2 point-to-pointExample 3-10 anaExamole 3-11 show the route ents forthe other two routers, Honeytree and Honeybee, respectivly. Example 3-10. Configuring IPV6 static routes for Honeytree. Example 3-11. Configuring IPV6 static routes for Honeybee. Look at the next-hop address used for Honeypo's routes, and the next-nop address used for Honeytree's routes. Honeypat'snext-hop address for eacn route is fec0::3:204:c1fe50‘1c0, The next-hop address used for Honeytree's routes is fec0:1:204:citffe60f100. These addresses are those of Honeybee's interfaces to Honeypot and Honeytree, respectively. Notice thal he last 64 bis of each of Honeybee's, interface addresses are the same. The router uses its rst encountered MAC address to form the last 64 bits ofthe EUI-64 formatted IPV6 addresses on each ofits serial interfaces. ‘As with Pv, IPv6 static routes can use the outbound interface rather than nest-hop address. There isan option to enter an address after the interface as there is with IPv4, You can put either the link-local address here or a configured address. This nex-hop address should be Used when the ext interface is a broadcast interface, such as Ethernet. Exampie 31d displays Honeypats IPvé route tabi wth onl the next-hop adsress spectied in thépv6 route statement. The command show ipv6 route displays the IPv6 route table. Prefies, prefix lengths, andthe next-nop adress or outgoing interlace are displayed, as are the administrative distance and route metric. Example 3-12. As with IPv4, the IPv6 static route table displays the destination network and the next-hop address used to reach the destination. Honeypot#show ipv6 route Codes: C - Connected, L- Local, $- Static, R-RIP, B - BGP U- Peruser Static route 1 -ISISLt, 12 ISIS L2, 1A ISIS iterarea IS -1SIS summary (© - OSPF intra, O1- OSPF inter, OE1 - OSPF ext 1, OE2- OSPF ext 2 ONt - OSPF NSSA ext 1, ON2 “ OSPF NSSA ext 2 LFE80::10 (010) via =, Null © FECO.0:3:168 (0/0) via =, Seralo02 L_ FEC0:3:290:94FF:FE24:8780/128 [010]via =, Seriaioo2 S FECO:0:0:4:64 [10] via FECO:3:204:C1FF-FESO:F1CO S FECO:0:03:64 [1/0] via FECO:3:204:C1FF-FESO:F1CO SS. FECO:0:0:12164 [1/0] Via FECO:3:204:C1FF-FESO:F1CO © FECO0:0:5:164 (0/0) via :, Ethemet010 L_ FEC0:5:290:94FF:FE24:8780/128 [010] via :, Ethemet010 LFF00:/8 (0/0) via: Null “The static routes csplayed in Bxample 31d were entered using an IPv6next-hap address. The router must determine the ext interace associated with ths IPV6 address recursively, as it does with Pv, The enry for FECO:0:0:A:/64 has a next-hop address of FECO:9:204:C1FF:FESO:F1C0. Looking further ito the route table, FECO.0:0:3:/64 is connected on Serial0I0.2. Notice that the administrative distance of the static routes entered wit the nex-hop IPv6 address is 1 and the route metic is O the same as IPv4 static. route entered inthis way. Routes can also be entered wih te autgaing interface toward the destination network. The outgoing interface andthe next-hop adtress can be entered together, too. Example 3-14)shows what Honeypot satc route configuration could be changed to. Example 3-13. Alternative static route configuration for Honeypot. 0:0/64 serial 010.2 ‘The last enty, using th guitinterlars and the next-hop address wil help to ilustrate the difference in the route table between the two forms ofthe command. Examole 3-14cispiays Honeypots new route table, Example 3-14. Honeypot route table after changing the next hop to the exit interface. Honeypot#show ipv6 route static S FECO:0-0:4:164 [10] Via :, Seraloo2 S FECO:0:038:/64 [1/0] via =, Seralo02 SS FECO.0-0:12/64 [1/0] Via, Seraio02 8. FECO:0:0:20:162 [110] via FE8D:280:64FF-FES0:1DE0, Ethemet010(One thing to notice in the route table isthe administrative astance of the static route configured with an ext interface. The distance is 1 Unlike IPv4 static routes configured the same way. The route does not anpear to be directly connected as it does with IPv4 ‘The next-hop address is undetermined when you er nd interface unless you specify the ex inertace and the nex-hop actress. You can se tis nthe route tab shown nanple 14 The st statomen fr ntance say het PEGDA Ass kro via, Serial 010.2. The ":" means that the next hop is unspeced, but the outgoing intertaceis Serial 00.2. Ona point-to-point serial interface, an unspecified next-hop address is nat problem. There is only one other device on that poin-o-point network, and all packets are forwarded out the interface and reach the other device. (Ona broadcast interface, the router must find a neighbor to which to send the packet. The router muiticasts a neighbor solicitation ‘message on the Ethernet and wails fr a neighbor adverisement from the nex-hop devi. There is no defined proxy address resolution ‘mechanism with IPv6, other than for mobile Pv8 nodes. A router onthe Ethernet that has a route tothe destination will nat respond to @ ‘neighbor solicitation on behalf of another device. For this reason, when using an exit interface to configure a static route on a broadcast network, a nest-hop address must also be specified. The recommended adress to use asthe next-hop address isthe link-local address of the next-hop router. One reason to use the link-local address i that itis not likely to change. A inklocal address will nly change ifthe interface card, or the entire router, is. replaced. Even ifthe site fs renumbered with a ctferent IPv6 global prefix, the link-local address onthe interface does not change. Another reason to use the link-local address as the next hop is to remain consistent withthe addresses routes advertise inthe router advertisement messages and so that processes using those addresses, such as ICMPv6 Redirec, wil operate as expected, Routers advertise their presence, along with their link-local addresses, to allIPv6 devices on broadcast networks. Hosts use the router ist created from the router advertisement to determine how to forward packets off he network. I a host forwards a packet toa router, and that router knows that a second router onthe network isa better choice forthe host to use, the first router will senda recrect tothe host. The redirect includes the link-local IPvS address ofthe better choice router. When the host processes the redirect, if the beter router isin its router lit, the hast will begin to forward packets tothe beter router. Ifthe better router is not inthe list (or is listed by a diferent IPv6 adress), the host will discard the redirect Case Study: Summary Routes ‘A summary routes an address that encompasses several more specific addresses in a route table. Its the address mask used with a route entry that makes static routes as flexible as they are; by using an appropriate address mask, itis sometimes possible to create a single summary rout for several destination addresses. For example, the preceding two case studies use a separate entry for each data sk of each entry corresponds to the address ‘mask used on the device interfaces connected to that data link. Looking again ob xe 3,4 you can see that subnets 10.4.6.0/24 and 10.4,7.0124 could be specified to Piglet wth a single entry of 10.40.0/16, reachable via Tigger. Likewise, subnets 192.168.1.0/27 and 192.168.1.64/27 could be accounted forin ts route table with a single enty pointing to 192.168.1.0/24, also reachable via Tigger. These two route entries, 10.4.0.0/16 and 192.16.1.0/24, are summary routes. Using summary routes, Piglet’ static route entries are displayed in Example 31 Example 3-15. Piglet's static route entries are summarized into only two entries. Ip route 192.168.1.0 255.255.255.0 192.168. Ip route 10.4.0.0 255.255.0.0 192.168.1.193, 193 Al subnets of network 10.0.0, ym Pooh via Tigger, s0 a single entry to that major network address and a corresponding mask are all that is needed (see [Example 3-1Example 3-16. Pooh's static route entries for all of network 10.0.0.0 subnets are summarized into a single entry. Ip route 192.168.4.192 255.255.255.224 192.168.1.66 Ip route 10.0.0.0 255.0.0.0 192.168.1.66 From Eeyore all destination ica beginning with 192 are reachable via Tigger. The single raute entry does not even have to specty 2s displayed Example 31 5 This method of summarizing a group of major network addresses wit ‘mask for that class is known as superneting. This is introduced in ohapter allofthe Class C address bit Example 3-17. Eeyore summarizes all routes beginning with 192 into a single entry. Ip route 192.0.0.0 256.0.0.0 10.4.6.1 Ip route 10.1.0.0 255.255.0.0 10.4.6. Honeypot’ two sta from 64 to 62, as in Example 3-1 summarized into a group consisting of fec0:0:0.8: through fec0:00:b: by changing the prefix length Example 3-18. Honeypot summarizes IPV6 static routes. By summarizing group of subnets or even major networks, the numberof static route entries may be reduced drasticalyn this example, by more than one-third. He summarizing addresses; when done incorrectly, unexpected routing behavior may occur (see “Base Study Tracing a Failed Rout laterin this chapter). Summarizaton and the problems that can devel tom need summarzaton ae exarinedn more depth m apes "Emanced her Gateway Rong Proc (IGRP) an ‘OSPFv2 Case Study: Alternative Routespath wit the exception of packets destined forthe host 10.4.7.25: ace stating tha traffic o this host must go through Tigger. The static route commands at Pooh willbe as displayed infExample 3-1 Figure 3-4. A more direct path from Pooh to the 10.4.0.0 subnets is added to the network. {View fullsize image] 192,168.1.1/27 192,168.1.65/27 192.168.1.19927 10.1.5.116 Tigger YK ssomaisher 10.4.6,1/24 — 192.168.1.3927 10.46.2124 Example 3-19. Pooh's static route commands help implement a policy directing traffic through specific routers. ip route 192.168.1.192 255.255.255.224 192.168.1.68 ip route 1.0.0.0 255.0.00 192.168.1.34 ip route 10.4,7:25 256.255 256.255 192.168.1.66 ‘The frst two route entries are the same as before except that the second path naw points tothe new interface 192.168.1.34 at Eeyore The third enty isa hast route, pointing tothe single hast 10.4.7.28 and made possible by seting the address mask to all ones. Notice that Unlike the entry forthe other 10.0.0.0 subnets, this host route points to Tigger’ interface 192.168.1.6. “The debugging function debug ip packets turned on in Pooh (seefexample -20 to observe the path packets take trom the router as a result ofthe new route envies. A packet is sent from a host 192.168.1.15 to host 10.47.25. The first two debug rap messages show that the packet is routed trom interface E0 to the nex-hop router 192.168.1.68 (Tigger) aut interface SO, as required, and that the reply packet was received on SO and routed tothe host 192.168.1.18 out Ed Example 3-20. Debugging verifies that the new route entries at Pooh are working correctly. Poohitdebug ip packetIP packet debugging is on Poohi IP: s=192.168.1.15 (Ethernet0), d=10.47.25 (Serial), IP: s=104.7.25 (Serial), d=192.168.1.15 (Ethernet), Pooh IP: 5=192.168.1.15 (Ethernet0), d=10.47.100 (Serilt), IP: s=10.47.100 (Seril0), d=192.168.1.15 (Etheret0) Poohi 92.168.1.34, forward 92.168.1.15, forward "Next, a packet is sent from host 192.168.1.15 to host 10.4.7.100. Packets destined for any hast on 10.0.0.0 subnets, other than host 10.4.725, should be routed across the new link to Eeyore's interface 192.186.1.34. The third debug message verties that ths is indeed happening. However, the fouth message shows something that a rst might be surprising. The response trom 10.4,7.100 to 192.168.1.15, arrived on Pooh's interface $0 from Tigger. Remember that the route enti inthe other routers have not changed ftom the original example, Tis result might or might not be desired, butt does ilustrate two characteristics of static routes: (© Firs, if the network topology changes, the outers thal are required to know about those changes must be reconfigured, ‘© Second, static routes can be used to create very specific routing behavior. n this example, perhaps itis desirable to have traffic taking one path in one direction and anther path inthe opposite direction. A final observation about this example is that packets ro to subnet 10.1.5.0 take a less-har-optimal route, rom Pooh to Eeyore to Tigger instead of direct from Pooh to Tigger. Example 3-24] shows a more efficient configuration for Router Pooh, Example 3-21. Configuring a more efficient static route on Router Pooh. Ip route 192.168.1.192 255.255.255.224 192.168.1.66 Ip route 10.0.0.0 255.0.0.0 192.168.1.94 Ip route 10.1.0.0 255.255.0.0 192.168.1.66 Ip route 10.4.7.25 255.255.255.255 192.16 The thd enty wil now send all packets for subnet 1015.0 directy to Tigger. Case Study: Floating Static Routes Unlike other static routes, a floating static route is less preferred than other routes in the route table. It appears inthe table only under the special circumstance ofthe failure of a more-prefered route. InFigure $4 a new router (Rabbit is connected to Piglet with two parallel links. One lnk connects their respective Serial 0 intertaces, and the second connection has been added between the two Serial 1 interfaces. This second ink has been added for redundancy: I the primary link 10.1.10.0 fal, floating static routes wil crec traffic across the backup lnk 101.2000. Figure 3-5. A new router has been connected to Piglet. Two serialprimary link and one for the backup link. View fullsize image] 192,168.1,1/27 192.168.1.85/07 192.168.1.19327 10.15.1248 YS ee Teor Piglet vf 192.168,1.19427 ~ moa 317 10.1.20.1024 \ 192.168.1.66/27 rors0.128 80) 190.168.1.33197 fase saacaon; “ttiaet 13024 gl | gy so1z0206 warves Lf a 7 Rabbit 10.1.30.1724 J 192.168.1.9427 Eeyore ‘Adaltional, the mask on Piglet’ Ethernet interface has changed trom 10.1.5.1/16 o 10.1.5.1/24. This change allows the single route entry at Tigger |p route 10.1.0.0 255.255.0.0 192.168.1.194 to point not only to 10.1.5.0 but also to al ofthe new subnets used in association with the new router. To create the floating static route, Example 3:24 and[Example 3.2dshow the route enres for both Piglet and Rabbit, respectively. Example 3-22. Route entries for Piglet to create a floating static route. Ip route 192.168.1.0 255.255.255.0 192.168.1.193, Ip route 10.4.0.0 255.255.0.0 192.168.1.193 Example 3-23. Route entries for Rabbit to create a floating static route. Ip route 10.4.0.0 255.255.0.0 10.1.10.1 Ip route 10.1.5.0 255.255.256.0 10.1.10-1 Ip route 192.168.0.0 255.255.0.0 10.4.10.1Two enivies at Piglet point to Rabbit's network 10.1.30.0; oe specttes a next-hop address of Rabbits SO interface, and the other specifies ‘a next-hop address of Rabbi's St interface. Rabbit has similar double entis for every route. Notice that al static routes using subnet 10.1.20.0 are folowed by a 60. This number species an administrative distance, which is a ‘measure of preferabilly: when dupicate paths tothe same network are known, the route wil refer the path with the lower administrative distance. At ist ths idea sounds ike a metic; however, a metic specifies the preferably of a route, whereas an administrative distance specifies the preferably of the means by which the route was discovered, For example, IPv4 static routes pointing to a next-hop address have an administrative clstance of 1, and static routes referencing an ext interface have an administrative cistance of 0. I two static routs point tothe same destination, but one references a next-hop adores and one references an exit interace, the latterwith the lower administrative distancewil be preferred. By increasing the administrative cis atic routes traversing subnet 10.1.20.0 to 50, they become less preferred than the routes traversing subnet 10.1.10.0. Ero -24 snows three iterations of Rabbits route table. In the fits table, all routes to ronconnected networks use a next-nop address of 10.110.1. The bracketed numbers associated wih each route indicate an administrative distance of t and a metric of 0 (because no metrics are associated with static routes) Example 3-24. When the primary link 10.1.10.0 fails, the backup link 10.1.20.0 is used. When the primary link is restored, it is again the preferred path. Rabbittshow ip route 10.0.0.0is variably subnetted, 5 subnets, 2 masks 10.1.10.0 255.256,255.0 is directly connected, SeralO 10.1.90.0 255.255.255.0is drecty connected, EthernetO 10.1.20.0 255.256,255.0is directly connected, Seralt $$ 192.168.0.0 255,255.00 [1/0] va 10.1.10.1 Rabbitt °KLINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down ‘RLINK-3-UPDOWN: Interface Serial0, changed state to down Rabbittshow ip route 10.0.0.0is variably subnetted 4 subnets, 2 masks '§ 192.168.0.0 255,255.00 [500] via 10.1.20.1 Rabbitt ‘RLINK-3-UPDOWN: Interface Serial0, changed state to up *KLINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Rabbilishow ip route 10.0.0.0is variably subnetted, 5 subnets, 2 masks 10.1.10.0 255.256.255.0 is directly connected, SeralO C 10.1.90.0 255.255,255.0 is drecty connected, EthernetO 10.1.20.0 255.256,255.0is directly connected, Seralt | Next rap messages announce that the state of the primary link connected to Serial O has changed to "down," indicating a failure. Alook atthe second iteration ofthe route table shows that all nonconnected routes now point to a nex-hop address of 10.1.20.1. Because the more-prefered entyis na longer availabe, the router has switched tothe less-preterred backup lnk, wth the administrative distance (0150 indicated in the brackets. And because subnet 10.1.10.0 has failed, itno longer shows up in the route table as a directly connected network. Before the third eration of the route table, trap messages indicate that the state ofthe primary ink has changed to "up." The route table then shows that subnet 10.1.10.0 is again in the table, and the router is again using the next-hop adress of 10.1.10.1 hapter 1|dscusses the administrative distances associated withthe various dynamic routing protocol, but it can be said here thatthe ‘adminisative distances ofall dynamic routing protocols are substantially higher than 1. Therefore, by default, a static route to a network wil alays be prefered over a dynamically discovered route to the same network. Case Study: IPv6 Floating Static Routes |Pv6 foatng static route statements wok the same way as IPv4. A seco been added to the IPvé network offigue $between Honeypot and Honeybee, to route Pv6 rac the primary lnk ais (see igure 34 Figure 3-6. Backup link added between two IPV6 routers can be used to recover from a primary link failure with floating static routes. View full size image} FECO-3:206:C1FF-FESO:-FICO FECO:3:230-94FF:FE24-8780 FECO:8:0.0.0:0/64 FECO:1-204:C1FF-FESOFICO FECO-A.0:0.0:064 Honeytree Example 3:24 shows Honeypat's configuration with fe enti, which have an administrative distance greater than 1. Similar sample $2 static rules are entered on Honeybee, as shown in Example 3-25. Honeypot is configured with floating static routes to be used over the new redundant parallel link to Honeybee.