Modules 11-13 IP Addressing Flashcards
How is the IPv4 address built up?
32 bits
A netowrk portion and a host portion
What is a subnet mask used for? And what is prefix length?
To seperate net and host with an AND operator
Prefix length is the number of bits set to 1.
Difference between public and private Ipv4 addresses?
Public IPv4 addresses are addresses which are globally routed between internet service provider (ISP) routers. These are special.
Private address blocks used by orgs for internal
hosts; can be re-used by different orgs and not
unique; not globally routable!
What is network address translation (NAT)
Translating private IPv4 addresses to public IPv4 addresses
Typically, at the edge router with internet connectivity.
What is a link local address? How do we write it?
Link-local addresses are known as Automatic Private IP addressing (APIPA) or self assigned addresses. They are used by a windows DHCP client to self-configure in the event that there are no DHCP servers available.
Ipv6 fe80::/10
Ipv4 169.254.0.0/16
Link Local FE80::/10
Communicate with other Ipv6 enabled devices on the same subnet.
Not routable
Classful vs Classless IPv4 addressing
Classful addressing: Customers were allocated a network address based on one of three classes, A(BIG),B(MEDIUM), or C(SMALL). networks.
Classless addressing ignores the rules of A,B,C. Public Ipv4 netowork addresses (network addresses and subnet masks) are allocated based on the number of addresses that can be justified.
How do we assign internet addresses around the world?Who?
The internet Assigned Numbers Authority (IANA) (PART OF ICANN) manages the allocation of IPv4 and IPv6 address blocks using five regional Internet Registries (RIRs)
RIRs allocate IPv4 addresses to Internet Service Providers(ISPs) which in turn assign them to smaller ISPs and orgs
Why do we subnet? (Segmentation of networks)
a) Reduce overall net traffic
b)Implement security policies between nets
c) reduce number of devices affected by abnormal broadcast traffic (broadcast in smaller areas)
What is Intranet and DMZ
Intranet - This is the internal part of a company’s network, accessible only within the organization. Devices in the intranet use private IPv4 addresses.
DMZ - This is part of the company’s network containing resources available to the internet such as a web server. Devices in the DMZ use public IPv4 addresses.
How is Ipv6 built up? And what rules come with writing the addres?
128-bits address written in HEX with 8 hextetes
example:
x:x:x:x:x:x:x:x
Omit leading zeroes
Preferred 2001 : 0db8 : 0000 : 1111 : 0000 : 0000 : 0000 : 0200
No leading zeros 2001 : db8 : 0 : 1111 : 0 : 0 : 0 : 200
: double colon (::) can replace any single, contiguous string of one or more 16-bit
hextets consisting of all zeros; can only be used once within an address else ambigious!
Preferred 2001 : 0db8 : 0000 : 1111 : 0000 : 0000 : 0000 : 0200
Compressed 2001:db8:0:1111::200
Which two unicast IPv6 addresses do we have?
Global Unicast Address (GUA): like a public IPv4 address; globally unique,
internet-routable addresses.
Link-local Address (LLA): required for every IPv6-enabled device and used to
communicate with other devices on the same local link.
LLAs are not
routable and are confined to a single link – e.g., for automatic address config
or net discovery
Explain how Dynamic Addressing for Ipv6 GUAs work
First a host sends out a Router Solicidiation message (RS) to discover Ipv6 routers.
Then Router Advertisement(RA) messages are sent by the router to inform hosts on how to obtain an IPv6 Global Unicast Address (GUA) and provide:
Network prefix length
DGW address
DNS addresses and domain name
Which three methods does the RA provide for configuring an Ipv6 GUA:How
SLAAC: Stateless, no central server allocating GUAs and keeping a list of devices and their addresses. With SLAAC the client device uses the information in the RA message to create its own GUA.
SLAAC with stateless DHCPv6 server:
SLAAC still creates its own IPv6 GUA, then uses the RA source IPv6 address (router link-local address) as default gateway and then uses a stateless DHCPv6 server to obtain DNS server address and a domain name.
Stateful DHCPv6 only (NO SLAAC) : Stateful DHCPv6 is similar to DHCP for IPv4. A device can automatically receive its addressing information including a GUA, prefix length, and the addresses of DNS servers from a stateful DHCPv6 server.
Explain the process of SLAAC
First the router sends an RA message with the prefix for the local link, then the PC uses SLAAC to obtain a prefix from the RA message and creates its own interface ID.
Explain the process of SLAAC and Stateless DHCpv6
First the PC sends an RS to all IPv6 routers “I need addressing information”
Secondly the router sends an RA message to all Ipv6 nodes (SLAAC and DHCPv6) specified, this will only give: prefix, prefix-length and default gateway information.
And at last the PC sends a DHCPv6 message to all DHCPv6 servers that says: it used SLAAC to create IPv6 address and default gateway, but it still needs to get the DNS information.
Explain the method of Stateful DHCPv6
- Send RS to all Ipv6 routers (I need addressing information)
- The router then responds with an RA message to all Ipv6 nodes with (Stateful DHCPv6) specified that says: This is the default gateway, but ask a stateful DHCPv6 server for Ipv6 address and other addressing info.
- The PC gets the message from the router and proceeds to send a DHPv6 Solicit message to all DHCPv6 servers where it says that is has received default gateway from the RA message, but it needs an Ipv6 address and all other addressing information from a stateful DHCPv6 server.
What is Internet Control Message Protocol’s job? ICMP
To provide feedback about isses related to the processing of IP packets under certain conditions.
What is ICMpv6 and ICMPv4, what is common between them? Which one is required and why?
ICMPv6 and ICMPv4 are the Interner Control Message Protocol for Ipv6 and Ipv4
Host reachability: ICMP Echo Request and ICMP Echo reply.
Destination or Service Unreachable: Used to notify the source that a destination/service is unreachable; includes a code indiciating why packet couldn’t be delivered
Time exceeded/ Hop field limit: When TTL field is decremented to 0, an ICMPv4 Time exceeded message is sent to the source. ICMpv6 uses Hop Limit Field
Ipv6 is required, Ipv4 is not required and often blocked for security reasons?
What 4 protocols are new in ICMPv6
RS (Router Solicidation) and RA (Router advertisement) messages
NS (Neighour solicidation) and NA( Neighbour advertisement) messages
DAD Duplicate address detection
ND (Neighbour discovery)
What does the RS and RA messages do?
They make it so we can send messages between Ipv6 router and Ipv6 device, including dynamic address allocation.
What does the NS and NA messages do?
Messaging between Ipv6 devices, including duplicate address detection and address resolution with NS and NA messages.
What is DAD? How does it work?
DAD: A device assigned a global IPv6 unicast or link-local unicast address, may perform duplicate address detection(DAD) to ensure that the IPv6 is unique
Send a Neighbour Solicidation (NS) message with its own Ipv6 address as the targeted IPv6 address
If another device on the network has this address, it will respons with a Neighbour Advertisement message (NA) notifying it to the sending device that the address is in use.
What is ND (Neighbour Discovery)? How does it work?
ND: To determine the MAC address for the destination
The device sends an NS message to the solicited node address
This message will includ the known(targeted) IPv6 address. The device with target IPv6 address will respons with an NA message containing its Ethernet MAC address.
What is ping? Which commands and outputs does it have?
Ping is an utility that uses ICMP Echo Request and Echo Reply messages to test connectivity and report min/av/max RTT.
Ping time-out indicates lack of connectivity, but first ping might sometimes timeout due to potentially time-consuming address.
Pinging loopback interface (127.0.0.1 or 1) to test internal config.
Ping DGW for checking network access
Ping remote host for internet connectivity or routing check (ICMP can be blocked)