Variable length subnetting

Variable length subnetting or variable length subnet masks (VLSM) → allocated subnets within the same network can use different subnet masks.

Advantage: conserves the network addresses.

An existing subnet can be split into two parts by adding another bit to the subnet

2.1.2.2.2 Variable length subnetting

Exemple of a class B network division into variable length subnets.

 the class B network 141.85.0.0/16.

 the requirement to split this address range into five separate networks each with the following number of hosts: subnet 1, subnet 2, subnet 3, subnet 4, and subnet 5 – 6000 hosts each, while subnet 6 and subnet 7 - 4000 hosts each.

 This cannot be achieved with static subnetting. For this example, static subnetting

2.1.2.2.2 Variable length subnetting (contin.)

 This cannot be achieved with static subnetting. For this example, static subnetting divides the network into 6 subnets each with 8190 hosts or 14 subnets each with 4094 hosts.

 Using a mask of 255.255.224.0 (or ‘/19’), the network can be divided into 6 subnets each with 8190 hosts.

Exemple of a class B network division into variable length subnets (contin).

2.1.2.2.2 Variable length subnetting (contin.)

The majority of IP addresses refer to a single recipient, this is called a unicast address.

Additionally, there are three special types of IP addresses used for addressing multiple recipients: broadcast addresses, multicast addresses, and anycast addresses.

Broadcast addresses are never valid as a source address. They must specify the destination address. The different types of broadcast addresses include:

 Limited broadcast address: This uses the address 255.255.255.255 (all bits 1 in all parts of the IP address). It refers to all hosts on the local subnet. This is recognized by every host. The hosts do not need any IP configuration information. Routers do not forward this packet.

 Network-directed broadcast address: This is used in an unsubnetted environment. The network number is a valid network number and the host number is all ones (for

2.1.3.1 Broadcasting

The network number is a valid network number and the host number is all ones (for example, 141.85.255.255). This address refers to all hosts on the specified network. Routers should forward these broadcast messages.

 All-subnets-directed broadcast address: If the network number is a valid network number, the network is subnetted, and the local part is all ones (for example, 141.85.255.255), the address refers to all hosts on all subnets in the specified network. In principle, routers can propagate broadcasts for all subnets but are not required to do so.

The multiple destination transmission (multicast) method is based on the definition of destination groups.

Each group is represented by a Class D IP address.

For each multicast address, a set of zero or more hosts are listening for packets addressed to the address. This set of hosts is called the host group. Packets sent to

2.1.3.2 Multicasting

Sometimes, the same IP services are provided by different hosts. For example, a user wants to download a file using FTP and the file is available on multiple FTP servers.

Hosts that implement the same service provide an anycast address to other hosts that require the service.

2.1.3.3 Anycasting

An approach to conserve the IP address space is to relax the rule that IP addresses must be globally unique. It reserves part of the global address space for use in networks that do not require connectivity to the Internet.

Three ranges of addresses have been reserved for this purpose:

 10.0.0.0: A single Class A network,

 172.16.0.0 through 172.31.0.0: 16 contiguous Class B networks,

2.1.4 Intranets: Private IP addresses

 172.16.0.0 through 172.31.0.0: 16 contiguous Class B networks,

 192.168.0.0 through 192.168.255.0: 256 contiguous Class C networks.

Routers in an organization using private addresses are expected to limit all references to private addresses to internal links. They should neither externally advertise routes to private addresses nor forward IP datagrams containing private addresses to external routers.

Hosts having only a private IP address do not have direct IP layer connectivity to the Internet. All connectivity to external Internet hosts must be provided with

2.1.4 Intranets: Private IP addresses (contin.)

to the Internet. All connectivity to external Internet hosts must be provided with

Versions of NAT (Network Address Translation):  basic NAT,

 Network Address Port Translation (NAPT).

NAT provides a mapping between internal IP addresses and officially assigned external addresses.

The idea of Traditional NAT (hereafter referred to as NAT) is based on the fact that only a small number of the hosts in a private network are communicating outside of that network.

If each host is assigned an IP address from the official IP address pool only when they need to communicate, only a small number of official addresses are required.

2.1.5.1 NAT Principle

Consider an internal network that is based on the private IP address space, and the users want to use an application protocol for which there is no application gateway.

The only option: to establish IP-level connectivity between hosts in the internal network and hosts on the Internet.

2.1.5.2 Basic NAT

Because the routers in the Internet would not know how to route IP packets back to a private IP address, there is no point in sending IP packets with private IP addresses as source IP addresses through a router into the Internet.

For each outgoing IP packet, the source address is checked by the NAT configuration rules. If a rule matches the source address, the address is translated to a global address from the address pool.

For each incoming packet, the destination address is checked if it is used by NAT. When this is true, the address is translated to the original internal address.
The assigned addresses need to be reserved in a pool in order to use them when

2.1.5.2.1 Basic NAT translation mechanism

When the NAT service assigns IP addresses on a demand basis, it needs to know when to return the external IP address to the pool of available IP addresses.

Network administrators also need to instruct NAT whether all the internal hosts are allowed to use NAT or not.

The difference between Basic NAT and NAPT is that Basic NAT is limited to only translating IP addresses, while NAPT is extended to include IP address and transport identifier (such as TCP/UDP port).

NAPT maps private addresses to a single globally unique address. Therefore, the binding is from the private address and private port to the assigned external address and assigned port.

NAPT permits multiple nodes in a local network to simultaneously access remote

2.1.5.3 Network Address Port Translation

(NAPT)

NAT is computing intensive even with the assistance of a sophisticated checksum adjustment algorithm, because each data packet is subject to NAT lookup and modifications.

Standard IP routing understands only class A, B, and C network addresses. Within each of these networks, subnetting can be used to provide better granularity. However, there is no way to specify that multiple class C networks are related. The result of this is termed the routing table explosion problem.

The solution to this problem is called Classless Inter-Domain Routing (CIDR).

2.1.6 Classless Inter-Domain Routing (CIDR)

CIDR does not route according to the class of the network number (thus the term classless). It is based solely on the high order bits of the IP address. These bits are called the IP prefix.

For example, to address a block of eight class C addresses with one single routing table entry, the following representation suffices: <192.32.136.0 255.255.248.0>.

This process of combining multiple networks into a single entry is referred to as

supernetting. Routing is based on network masks that are shorter than the natural network mask of an IP address. This contrasts with subnetting where the subnet

2.1.6 Classless Inter-Domain Routing (contin.)

network mask of an IP address. This contrasts with subnetting where the subnet masks are longer than the natural network mask.

11000000 . 01010101 . 10001000 . 00000000 = 192.32.136.0 (class C address)

AND 11111111 . 11111111 . 11111000 . 00000000 = 255.255.248.0 (network mask) 11000000 . 01010101 . 10001000 . 00000000 = 192.32.136.0 (IP prefix)

11000000 . 01010101 . 10001111 . 00000000 = 192.32.143.0 (class C address)