1.internet fundamentals nr
TRANSCRIPT
![Page 1: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/1.jpg)
8/13/19
1
1
INTERNET FUNDAMENTALS
Nauru12 August 2019
22
Agenda• Internet Operations
• Internet Protocols and Operations• Internet Resource Management
• IP Addressing
• DNS & Reverse DNS
![Page 2: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/2.jpg)
8/13/19
2
3
INTERNET OPERATIONS FUNDAMENTALS
44
In the beginning…• 1968 - DARPA
– (Defense Advanced Research Projects Agency) contracts with BBN to create ARPAnet
• 1969 – First four nodes
![Page 3: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/3.jpg)
8/13/19
3
55
The Internet is born… • 1970 - Five nodes:
– UCLA – Stanford - UC Santa Barbara - U of Utah – BBN
• 1971 – 15 nodes, 23 hosts connected
• 1974 – TCP specification by Vint Cerf & Bob Kahn• 1983 – TCP/IP
– On January 1, the Internet with its 1000 hosts converts en masse to using TCP/IP for its messaging
6
Pre 1992
RFC 10201987
RFC 12611991
“The assignment of numbers is also handled by Jon. If you are developing a protocol or application that will require the use of a link, socket, port, protocol, or network number please contact Jon to receive a number assignment.”
RFC 7901981
![Page 4: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/4.jpg)
8/13/19
4
77
Address Architecture - History• Initially, only 256 networks in the Internet!
• Then, network “classes” introduced:– Class A (128 networks x 16M hosts)– Class B (16,384 x 65K hosts)– Class C (2M x 254 hosts)
8
Address Architecture - Classful
A (7 bits) Host address (24 bits)
Class A: 128 networks x 16M hosts (50% of all address space)
0
B (14 bits) Host (16 bits)10
Class B: 16K networks x 64K hosts (25%)
C (21 bits) Host (8 bits)110
Class C: 2M networks x 254 hosts (12.5%)
0-127
128-191
192-223
![Page 5: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/5.jpg)
8/13/19
5
99
Internet Challenges 1992 • Address space depletion
– IPv4 address space is finite– Historically, many wasteful allocations
• Routing chaos– Legacy routing structure, router overload– CIDR & aggregation are now vital
• Inequitable management– Unstructured and wasteful address space distribution
10
• Network boundaries may occur at any bit
Classless & Classful addressing
16K networks x 64K hosts
128 networks x 16M hostsA
B2M networks x 256 hosts
C
Obsolete• inefficient• depletion of B space• too many routes from C space
Classful ClasslessBest Current
Practice
Addresses Prefix Classful Net Mask... ... ... ...8 /29 255.255.255.248
16 /28 255.255.255.24032 /27 255.255.255.22464 /26 255.255.255.192
128 /25 255.255.255.128256 /24 1 C 255.255.255.0... ... ... ...4096 /20 16 C’s 255.255.240.08192 /19 32 C’s 255.255.224
163843276865536
/18/17/16
64 C’s128 C’s
1 B
255.255.192255.255.128255.255.0.0
... ... ... ... *
Classful addressing
is dead!
![Page 6: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/6.jpg)
8/13/19
6
1111
Evolution of Internet Resource Management• 1993: Development of “CIDR”
– addressed both technical problems
RFC1519
RFC1518
RFC1517
Address depletionà Through more accurate
assignment• variable-length network
address
Routing table overloadà Through address space
aggregation• “ supernetting”
1212
Evolution of Internet Resource Management• Administrative problems remained
– Increasing complexity of CIDR-based allocations– Increasing awareness of conservation and aggregation – Need for fairness and consistency
• RFC 1366 (1992)– Described the “growth of the Internet and its increasing globalization”– Additional complexity of address management– Set out the basis for a regionally distributed Internet registry system
RFC1366
![Page 7: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/7.jpg)
8/13/19
7
1313
Evolution of Address Policy• Establishment of RIRs
– Regional open processes– Cooperative policy development– Industry self-regulatory model
• bottom up
AFRINIC APNIC ARIN LACNIC
AFRINICcommunity
APNICcommunity
ARINcommunity
LACNIC community
RIPENCC
RIPENCCcommunity
1414
How does the Internet work• Physical connectivity and reachability
– Packet switching
• Protocols – common communication and rules– TCP/IP
• Addressing – global accessibility– IPv4, AS numbers, IPv6
• IANA - RIRs
![Page 8: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/8.jpg)
8/13/19
8
15
Internet Routing
The Internet
Net
Net
Net
NetNet
NetNet
Net
Net
Net
Net
Global Routing Table
4.128/960.100/1660.100.0/20135.22/16…
15
1616
Internet Routing
The Internet
Traffic202.12.29.0/24
Announce202.12.29.0/24
Global Routing Table
4.128/960.100/1660.100.0/20135.22/16…
Global Routing Table
4.128/960.100/1660.100.0/20135.22/16
202.12.29.0/24…
202.12.29.0/24
![Page 9: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/9.jpg)
8/13/19
9
1717
Internet Routing
Local Routing Table
202.12.29.0/25202.12.29.128/25
Traffic202.12.29.142
202.12.29.0/24
18
IP Addresses vs Domain Names
The Internet
2001:0C00:8888::My Computer www.apnic.net2001:0400::
www.apnic.net202.112.0.462001:0400::
DNS
![Page 10: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/10.jpg)
8/13/19
10
1919
Who Runs the Internet?• No one
• (Not ICANN, not the RIRs, not the governments…)• It is decentralized
2020
How does it keep on working?• Inter-provider business relationships and the need for
customer reachability ensures that the Internet by and large functions for the common good
• Driven by commerce – free market
• Engineers and the Internet community talk to each other
![Page 11: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/11.jpg)
8/13/19
11
21
22
INTERNET PROTOCOLS AND OPERATIONS
![Page 12: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/12.jpg)
8/13/19
12
2323
What is a Protocol?• Set of rules that define the communications process
• defines the structure or pattern for the data transferred – functions or processes that need to be carried out in order to
implement the data exchange– information required by processes in order for them to accomplish
this
• All data is transmitted in the same way irrespective of what the data refers to, whether it is clear or encrypted.
24
The OSI Model
Access to the network
Manipulate data (Translate, encrypt)
Manage sessions (connections)
Provide reliable delivery
Internetwork - move packets fromsource to destinationConfigure data for direct delivery by physical layer
Physical delivery - electrical specs etc
Application
Presentation
Session
Transport
Network
Data Link
Physical
![Page 13: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/13.jpg)
8/13/19
13
25
OSI and TCP/IP Model
Application
Presentation
Session
Transport
Network
Data Link
Physical
Application
Transport
Internet
Network Access
26
Transport
Data Link
Physical
Network
Upper Layer Data
Upper Layer DataTCP Header
DataIP Header
0101110101001000010
DataMAC Header
Presentation
Application
Session
Segment
Packet
Bits
Frame
PDU
FCS
Source: www.cisco.com (ICND v1.0a—1-11)
Encapsulating Data
![Page 14: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/14.jpg)
8/13/19
14
27
Upper Layer Data
IP + TCP + Upper Layer Data
MAC Header
TCP+ Upper Layer DataIP Header
Upper Layer Data
TCP Header
0101110101001000010
Transport
Data Link
Physical
Network
PresentationApplication
Session
Source: www.cisco.com (ICND v1.0a—1-11)
De-encapsulating Data
2828
Internet Protocol (IP)• IP is an unreliable, connectionless delivery protocol
– A best-effort delivery service– No error checking or tracking (no guarantees – Post Office)– Every packet treated independently– IP leaves higher level protocols to provide reliability services (if
needed)
• IP provides three important definitions:– basic unit of data transfer– routing function– rules about delivery
![Page 15: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/15.jpg)
8/13/19
15
2929
TCP/IP Protocol Structure
ICMP
UDP
SMTP FTP Telnet
IGMP
ARP RARP
DATA LINK
PHYSICAL
DNS ……… HTTP
TCP
IP
From Forouzan
3030
What does a router do?• ?
![Page 16: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/16.jpg)
8/13/19
16
3131
A day in a life of a router• find path
• forward packet, forward packet, forward packet, forward packet...
• find alternate path
• forward packet, forward packet, forward packet, forward packet…
• repeat until powered off
32
Routing versus Forwarding
Routing = building maps and giving directions
Forwarding = moving packets between interfaces according to the “directions”
![Page 17: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/17.jpg)
8/13/19
17
3333
IP Routing – finding the path• Path derived from information received from a routing
protocol
• Several alternative paths may exist– best path stored in forwarding table
• Decisions are updated periodically or as topology changes (event driven)
• Decisions are based on:– topology, policies and metrics (hop count, filtering, delay, bandwidth,
etc.)
3434
Metric field• To determine which path to use if there are multiple paths to
the remote network
• Provide the value to select the best path
• But take note of the administrative distance selection process J
Routing Protocol MetricRIPv2 Hop countEIGRP Bandwidth, delay, load, reliability,
MTUOSPF Cost (the higher the bandwidth
indicates a lower cost)IS-IS Cost
![Page 18: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/18.jpg)
8/13/19
18
3535
IP route lookup• Based on destination IP address
• “longest match” routing– More specific prefix preferred over less specific prefix– Example: packet with destination of 10.1.1.1/32 is sent to the router
announcing 10.1/16 rather than the router announcing 10/8.
3636
IP route lookup• Based on destination IP address
10/8 announced from here
10.1/16 announced from here
Packet: DestinationIP address: 10.1.1.1
10/8 ® R310.1/16 ® R420/8 ® R530/8 ® R6…..
R2’s IP routing table
R1 R2
R3
R4
![Page 19: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/19.jpg)
8/13/19
19
3737
IP route lookup:Longest match routing• Based on destination IP address
R2’s IP routing table
10.1.1.1 && FF.0.0.0vs.
10.0.0.0 && FF.0.0.0Match!
10/8 ® R310.1/16 ® R420/8 ® R530/8 ® R6…..
10/8 announced from here
10.1/16 announced from here
R1 R2
R3
R4
Packet: DestinationIP address: 10.1.1.1
3838
IP route lookup:Longest match routing• Based on destination IP address
10.1.1.1 && FF.FF.0.0vs.
10.1.0.0 && FF.FF.0.0Match as well!
10/8 ® R310.1/16 ® R420/8 ® R530/8 ® R6…..
R2’s IP routing table
10/8 announced from here
10.1/16 announced from here
R1 R2
R3
R4
Packet: DestinationIP address: 10.1.1.1
![Page 20: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/20.jpg)
8/13/19
20
3939
IP route lookup:Longest match routing• Based on destination IP address
10.1.1.1 && FF.0.0.0vs.
20.0.0.0 && FF.0.0.0Does not match!
10/8 ® R310.1/16 ® R420/8 ® R530/8 ® R6…..
R2’s IP routing table
10/8 announced from here
10.1/16 announced from here
R1 R2
R3
R4
Packet: DestinationIP address: 10.1.1.1
4040
IP route lookup:Longest match routing• Based on destination IP address
10.1.1.1 && FF.0.0.0vs.
30.0.0.0 && FF.0.0.0Does not match!
10/8 ® R310.1/16 ® R420/8 ® R530/8 ® R6…..
R2’s IP routing table
10/8 announced from here
10.1/16 announced from here
R1 R2
R3
R4
Packet: DestinationIP address: 10.1.1.1
![Page 21: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/21.jpg)
8/13/19
21
4141
IP route lookup:Longest match routing• Based on destination IP address
10/8 ® R310.1/16 ® R420/8 ® R530/8 ® R6…..
R2’s IP routing table
Longest match, 16 bit netmask
10/8 announced from here
10.1/16 announced from here
R1 R2
R3
R4
Packet: DestinationIP address: 10.1.1.1
4242
RIBs and FIBs• FIB is the Forwarding Table
– It contains destinations and the interfaces to get to those destinations– Used by the router to figure out where to send the packet– Careful! Some people still call this a route!
• RIB is the Routing Table– It contains a list of all the destinations and the various next hops used
to get to those destinations – and lots of other information too!– One destination can have lots of possible next-hops – only the best
next-hop goes into the FIB
![Page 22: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/22.jpg)
8/13/19
22
4343
Explicit versus Default Routing• Default:
– simple, cheap (cycles, memory, bandwidth)– low granularity (metric games)
• Explicit (default free zone)– high overhead, complex, high cost, high granularity
• Hybrid– minimise overhead– provide useful granularity– requires some filtering knowledge
4444
Routing Policy• Used to control traffic flow in and out of an ISP network
• ISP makes decisions on what routing information to accept and discard from its neighbours– Individual routes– Routes originated by specific ASes– Routes traversing specific ASes– Routes belonging to other groupings
• Groupings which you define as you see fit
![Page 23: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/23.jpg)
8/13/19
23
4545
Representation of Routing Policy• Routing and packet flows
AS 1 AS 2routing flow
packet flow
packet flow
accepts
announces
announces
accepts
For AS1 and AS2 networks to communicate• AS1 must announce to AS2• AS2 must accept from AS1• AS2 must announce to AS1• AS1 must accept from AS2
46
Representation of Routing Policy
AS 1 AS 2
aut-num: AS1…import: from AS2
action pref=100;accept AS2
export: to AS2 announce AS1
aut-num: AS2…import: from AS1
action pref=100;accept AS1
export: to AS1 announce AS2
Basic concept
“action pref” - the lower the value, the more preferred the route
![Page 24: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/24.jpg)
8/13/19
24
4747
Routing flow and Traffic flow• Traffic flow is always in the opposite direction of the flow of
Routing information– Filtering outgoing routing information inhibits traffic flow inbound– Filtering inbound routing information inhibits traffic flow outbound
4848
Routing Flow/Packet Flow:With multiple ASes
• For net N1 in AS1 to send traffic to net N16 in AS16:– AS16 must originate and announce N16 to AS8.– AS8 must accept N16 from AS16.– AS8 must forward announcement of N16 to AS1 or AS34.– AS1 must accept N16 from AS8 or AS34.
• For two-way packet flow, similar policies must exist for N1
AS 1
AS 8
AS 34
AS16
N16
N1
![Page 25: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/25.jpg)
8/13/19
25
4949
Routing Flow/Packet Flow:With multiple ASes
• As multiple paths between sites are implemented it is easy to see how policies can become quite complex.
AS 1
AS 8
AS 34
AS16
N16
N1
5050
Routing Protocols• Routers use “routing protocols” to exchange routing
information with each other– IGP is used to refer to the process running on routers inside an ISP’s
network– EGP is used to refer to the process running between routers
bordering directly connected ISP networks
![Page 26: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/26.jpg)
8/13/19
26
5151
What is an IGP?• Interior Gateway Protocol
• Within an Autonomous System• Carries information about internal infrastructure prefixes
• Two widely used IGPs in service provider network:– OSPF– ISIS
5252
Why Do We Need an IGP?• ISP backbone scaling
– Hierarchy– Limiting scope of failure– Only used for ISP’s infrastructure addresses, not customers or
anything else– Design goal is to minimise number of prefixes in IGP to aid scalability
and rapid convergence
![Page 27: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/27.jpg)
8/13/19
27
5353
What is an EGP?• Exterior Gateway Protocol
• Used to convey routing information between Autonomous Systems
• De-coupled from the IGP
• Current EGP is BGP
5454
Why Do We Need an EGP?• Scaling to large network
– Hierarchy– Limit scope of failure
• Define Administrative Boundary
• Policy– Control reachability of prefixes– Merge separate organisations– Connect multiple IGPs
![Page 28: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/28.jpg)
8/13/19
28
5555
Administrative Distance• method used for selection of route priority of IP routing
protocol, the lowest administrative distance is preferred– Manually entered routes are preferred from dynamically learned
routes• Static routes• Default routes
– Dynamically learned routes depend on the routing protocol metric calculation algorithm and default metrics values the smallest metric value are preferred
56
Administrative Distance Chart (Cisco)
Routed Sources Default DistanceConnected interface 0Static route out an interface 0Static route to a next hop 1External BGP 20IGRP 100OSPF 110IS-IS 115RIP v1, v2 120EGP 140Internal BGP 200Unknown 255
![Page 29: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/29.jpg)
8/13/19
29
57
58
IP ADDRESSING
![Page 30: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/30.jpg)
8/13/19
30
59
Where do IP Addresses come from?
Standards
Allocation
Allocation
Assignment
End user
RIRs
LIR/ISP
6060
IPv4 Addresses• 32-bits long
232 or 4,294,967,296 possible addresses
• written in dotted-decimal format0.0.0.0 – 255.255.255.255
• Some are used for public, and some for private networks– Public IP addresses MUST be unique
11000000 10110000 00001111 00110010
192. 168. 15. 50
![Page 31: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/31.jpg)
8/13/19
31
6161
Examples• Change from binary notation to dotted-decimal format:
1. 10000001 00001011 00001011 111011112. 11000001 10000011 00011011 111111113. 11100111 11011011 10001011 01101111
• Are these valid IPv4 addresses?1. 203.176.111.252. 297.0.67.1293. 4.100.5.2314. 100.00.10110.1111
6262
IP Addressing issues• Exhaustion of IPv4 addresses
– Wasted address space in traditional subnetting– Limited availability of /8 subnets address
• Internet routing table growth– Size of the routing table due to higher number prefix announcement
• Tremendous growth of the Internet– Management issues– Unstructured and wasteful distribution
![Page 32: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/32.jpg)
8/13/19
32
6363
IP Addressing Solutions• Subnet masking and summarization
– Variable-length subnet mask definition– Hierarchical addressing– Classless Inter-domain Routing (CIDR)– Routes summarization (RFC 1518)
• Private address usage (RFC 1918)– Network address translation (NAT)
• Development of IPv6 address
6464
Variable Length Subnet Mask (VLSM)• Allows the ability to have more than one subnet mask within
a network
• Allows re-subnetting– create sub-subnet network address
• Increase the routes capability– Addressing hierarchy– Summarisation
![Page 33: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/33.jpg)
8/13/19
33
6565
Subnetting Example• Subnet 192.168.0.0/24 into smaller subnet
– Subnet mask with /27 and /30 (point-to-point)
192.168.1.0/24
192.168.0.32/27
192.168.0.64/27
192.168.0.96/27
192.168.0.1/30
192.168.0.5/30
192.168.0.9/30
192.168.2.0/24
192.168.0.0/16
6666
Subnetting Example
• Subnet 192.168.0.0/24 into smaller subnet– Subnet mask with /30 (point-to-point)Description Decimal Binary
Network Address
192.168.0.0/30 x.x.x.00000000
1st valid IP 192.168.0.1/30 x.x.x.00000001
2nd valid IP 192.168.0.2/30 x.x.x.00000010
Broadcast address
192.168.0.3/30 x.x.x.00000011
![Page 34: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/34.jpg)
8/13/19
34
6767
Subnetting Example
• Subnet 192.168.0.0/24 into smaller subnet– Subnet mask with /27Description Decimal Binary
Network Address
192.168.0.32/27 x.x.x.00000000
Valid IP range 192.168.0.33 - 192.168.0.62
x.x.x.00000001
x.x.x.00000010
Broadcast address
192.168.0.63/30 x.x.x.00011111
6868
Subnetting Example
• Subnet 192.168.0.0/24 into smaller subnet– Subnet mask with /27
Description Decimal VLSM Host Host range
1st subnet 192.168.0.0/27 x.x.x.000
00000
0-31
2nd subnet 192.168.0.32/27 x.x.x.001 31-63
3rd subnet 192.168.0.64/27 x.x.x.010 64-95
4th subnet 192.168.0.96/27 x.x.x.011 96-127
n = 5 (n is the remaining subnet bits )2n – 5 = 30 host per subnet
![Page 35: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/35.jpg)
8/13/19
35
6969
Subnetting Example1. You have an IP range of 192.168.5.0/24. You need 20
subnets with 5 hosts per subnet. Find the host addresses for each subnet.
a) _________________b) _________________c) _________________
7070
Subnetting Example2. Given the IP address 172.16.10.22 with netmask
255.255.255.240a) What is the subnet IP range?b) What is the broadcast IP address?c) Find all valid IP addresses for this range
![Page 36: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/36.jpg)
8/13/19
36
7171
Addressing Hierarchy
Core192.168.32.0/19
Network Number192.168.0.0/16
Distribution/Core192.168.32.0/21
Access/Distribution192.168.48.0/21
UpstreamA
IXPA
IXPB
UpstreamB
POPPOP
Core
Border
Distribution
Access Access
7272
Prefix routing / CIDR • Prefix routing commonly known as classless inter domain routing
(CIDR)– It allows prefix routing and summarisation with the routing tables of the
Internet
• RFCs that talks about CIDR– RFC 1517 Applicability statement for the implementation of CIDR– RFC 1518 Architecture for IP address allocation with CIDR– RFC 1519 CIDR : an address assignment and aggregation strategy– RFC 1520 Exchanging routing information access provider boundaries in
a CIDR environment
![Page 37: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/37.jpg)
8/13/19
37
7373
CIDR solution advantage• CIDR offers the advantage of reducing the routing table size of the
network by summarising the ISP announcement in a single /22 advertisement
192.168.3.0/24
192.168.0.0/24
192.168.1.0/24 192.168.0.0/22
192.168.0.0/24
192.168.1.0/24
192.168.3.0/24
192.168.2.0/24Internet
A
B
C
D
192.168.2.0/24
7474
Summarisation example• Router C summarises its networks (2 x/24) before announcing to its
neighbors (routers B and D)
• Router A combined the networks received from B, C, D and announce it as single /16 routing to Internet
192.168.64.0/20
192.168.128.0/20
192.168.0.0/24 192.168.0.0/16
192.168.128.0/20
192.168.0.0/23
192.168.64.0/20
192.168.1.0/24Internet
A
B
C
D
![Page 38: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/38.jpg)
8/13/19
38
7575
Route summarisation• Subnet 192.168.0.0/24 and 192.168.1.0/24 combining then
to become a bigger block of address “/23”
Network Subnet Mask Binary
192.168.0.0 255.255.255.0 x.x.00000000.x
192.168.1.0 255.255.255.0 x.x.00000001.x
Summary 192.168.0.0/23 x.x.00000000.x
192.168.0.0 255.255.254.0 x.x.00000000.x
7676
Route Summarisation• Allows the presentation of a series of networks in a single
summary address.
• Advantages:– Faster convergence– Reducing the size of the routing table– Simplification– Hiding Network Changes– Isolate topology changes
![Page 39: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/39.jpg)
8/13/19
39
77
78
IP ADDRESS MANAGEMENT
![Page 40: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/40.jpg)
8/13/19
40
7979
Internet Registry Structure
8080
• Asia-Pacific Network Information Centre
• One of five Regional Internet Registry (RIRs) charged with ensuring the fair distribution and responsible management of IP addresses and related resources
• A membership-based, not-for-profit organization
• Industry self-regulatory body– Open– Consensus-based– Transparent
![Page 41: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/41.jpg)
8/13/19
41
8181
Where is the APNIC Region?
82
Resource distribution- IP addresses- AS numbers
Registration services- reverse DNS- Internet routing
registry- resource certification- whois registry
What does APNIC do?APNIC servicesMembers
![Page 42: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/42.jpg)
8/13/19
42
83
Policy development
Capacity building- training- workshops- conferences- fellowships- grants
Infrastructure- root servers- IXPs- engineering
assistance
What does APNIC do?APNIC supportsthe Asia Pacific region
84
Original research
Data collection and measurements
Publications
Local/regional/global events
Government outreach
Intergovernmental & technical organizations collaboration
Internet security
What does APNIC do?APNIC collaborateswith the Internetcommunity
![Page 43: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/43.jpg)
8/13/19
43
85
APNIC in the Internet Ecosystem
Industryassociations
NGOs
Nameregistries
Access
Standardsbodies
Governments/Regulators
At-largecommunities
INTERNETUSERS
Applications
ContentENABLERS
PROVIDERSOperator
groups
Numberregistries
APNIC is one of five RIRs
ASIA PACIFIC REGION
Support
APNIC MEM
BERS
INTE
RNET
COM
MUNITY
Service
Colla
bora
tio
n
Resource distribution- IP addresses- AS numbers
Registration services- reverse DNS- Internet routing
registry- resource certification- whois registry Policy development
Capacity building- training- workshops- conferences- fellowships- grants
Infrastructure- root servers- IXPs- engineering
assistance
Original research
Data collection and measurements
Publications
Local/regional/global events
Government outreach
Intergovernmental & technical organizations collaboration
Internet security
8686
APNIC from a Global Perspective
![Page 44: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/44.jpg)
8/13/19
44
8787
APNIC in the Asia Pacific
ISOC chapters
88
Global Policy Coordination
The NRO is a coordinating body for the five regional Internet registries (RIRs)
www.nro.net
![Page 45: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/45.jpg)
8/13/19
45
89
Global Policy Coordination
The purpose of the Address Supporting Organization (ASO) is to review and develop recommendations on Internet Protocol (IP) address policy
and to advise the ICANN Board.
ASOICANN Address Supporting Organization
https://aso.icann.org/
90
IRM Objectives
- Efficient use of resources- Based on demonstrated need
Conservation
- Limit routing table growth- Support provider-based routing
Aggregation
- Ensure uniqueness- Facilitate trouble shooting
Registration
Uniqueness, fairness and consistency
![Page 46: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/46.jpg)
8/13/19
46
9191
How IP Addresses are Delegated
Member (LIR)
LIR customer
Regi
stry
Rea
lm
Ope
rato
rs R
ealm
Customer / End User
delegates to customers
delegates to APNIC member
Member Allocation
/26 /27 /25
Customer Assignments
Sub Allocation
/26 /27
APNIC Allocation
/8
/24
APNIC
92
Customer Assignments
ISPAllocation
Customer Assignments
ISP
Portable and Non-Portable• Portable Address
– Provider-Independent (PI)– Assigned by RIR to end-user– Keeps addresses when changing
ISP– Increases the size of routing tables
• Non-portable Address– Provider-aggregatable (PA)– End-user gets address space from
LIR– Must renumber if changing upstream
provider– Can be aggregated for improved
routing efficiency
![Page 47: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/47.jpg)
8/13/19
47
93
IPv6 Address Management Hierarchy
Describes “portability” of the address space
/12 APNIC Allocation
Portable
Portable
/48 Assignment /48 - /64 Assignment
APNIC Allocation
/48 - /64Assignment
Non-Portable Non-Portable
/40
/32 Member Allocation
Non-Portable
/12
Sub-allocation
94
Aggregation and Portability Aggregation No Aggregation
(non-portable assignments)
(4 routes) (21 routes)
(portable assignments)
INTERNET INTERNET
ISP A ISP B ISP B
ISP C ISP D
ISP A
ISP C ISP D
![Page 48: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/48.jpg)
8/13/19
48
9595
Policy Development• Creating a policy environment that supports the region’s
Internet development
• Developed by the membership and broader Internet community
96
You are part of the APNIC community!
APNIC Internet Community
Global Internet Community
Open forum in the Asia Pacific
APNICMembers
A voice in regional Internet operations through participation in APNIC
IETF Individuals
NationalNOG
RegionalNOGAPAN
ISOC
ISPAssociations
![Page 49: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/49.jpg)
8/13/19
49
97
Policy Development Process
All decisions & policies documented & freely available to anyone
Internet community proposes and approves policy
Open
TransparentBottom up
Anyone can participate
98
![Page 50: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/50.jpg)
8/13/19
50
99
DNS & REVERSE DNS
100100
Domain Name System• A lookup mechanism for translating objects into other
objects– Mapping names to numbers and vice versa
• A globally distributed, loosely coherent, scalable, reliable, dynamic database
• Comprised of three components– A “name space”– Servers making that name space available– Resolvers (clients) query the servers about the name space
• A critical piece of the Internet infrastructure
![Page 51: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/51.jpg)
8/13/19
51
101
IP Addresses vs Domain Names
The Internet
2001:0C00:8888::My Computer www.apnic.net2001:0400::
www.apnic.net202.112.0.462001:0400::
DNS
102102
This feature still exists:[Unix] /etc/hosts
[Windows] c:\windows\hosts
Old Solution: hosts.txt• A centrally-maintained file, distributed to all hosts on the
Internet
• Issues with having just one file– Becomes huge after some time– Needs frequent copying to ALL hosts– Consistency– Always out-of-date– Name uniqueness– Single point of administration
// hosts.txtSERVER1
128.4.13.9WEBMAIL
4.98.133.7FTPHOST
200.10.194.33
![Page 52: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/52.jpg)
8/13/19
52
103103
DNS Features• Global distribution
– Shares the load and administration
• Loose Coherency– Geographically distributed, but still coherent
• Scalability – can add DNS servers without affecting the entire DNS
• Reliability• Dynamicity
– Modify and update data dynamically
104104
DNS Features• DNS is a client-server application
• Requests and responses are normally sent in UDP packets, port 53
• Occasionally uses TCP, port 53– for very large requests, e.g. zone transfer from master to slave
![Page 53: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/53.jpg)
8/13/19
53
105
Root.
.org .net .com .au
.edu.au
example.edu.au
.gov
.jp
.tv
.inx.y.z.a
www.example.edu.au
a.b.c.d
e.f.g.h
i.j.k.l
m.n.o.pw.x.y.z.
p.q.r.s
“Ask a.b.c.d”“Ask e.f.g.h”
“Ask i.j.k.l”
“Go to m.n.o.p”
localdns
www.example.edu.au?“go tom.n.o.p”
www.example.edu.au?
www.example.edu.au?
www.example.edu.au?
www.example.edu.au?
Querying the DNS – It’s all about IP!
106
The DNS Tree HierarchyRoot.
net jporg com arpa au
whois
edu
bnu
iana
www www
…
www wasabi
ws1 ws2
edu comnet
abc
www
apnicgu
www
FQDN = Fully Qualified Domain Name
![Page 54: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/54.jpg)
8/13/19
54
107107
Domains• Domains are “namespaces”
• Everything below .com is in the com domain• Everything below apnic.net is in the apnic.net domain and
in the net domain
108
NET Domain
APNIC.NET Domain
AU Domain
www.def.edu.au?
Root.
net org com arpa au
whois
iana
wwwwww wasabi
ws1 ws2
edu comnet
abc
www
apnic
def
www
Domains
![Page 55: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/55.jpg)
8/13/19
55
109109
Delegation• Administrators can create subdomains to group hosts
– According to geography, organizational affiliation or any other criterion
• An administrator of a domain can delegate responsibility for managing a subdomain to someone else– But this isn’t required
• The parent domain retains links to the delegated subdomain– The parent domain “remembers” to whom the subdomain is
delegated
110110
Zones and Delegations• Zones are “administrative spaces”
• Zone administrators are responsible for a portion of a domain’s name space
• Authority is delegated from parent to child
![Page 56: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/56.jpg)
8/13/19
56
111
NET Domain
APNIC.NETDomain
NET Zone
TRAINING.APNIC.NET Zone
APNIC.NET Zone doesn’t include TRAINING.APNIC.NETsince it has been “delegated”
APNIC.NET Zone
Root.
net org com arpa
whois
iana
wwwwww training
ns1 ns2
apnic
Zones
112112
Name Servers• Name servers answer ‘DNS’ questions
• Several types of name servers– Authoritative servers
• master (primary)• slave (secondary)
– Caching or recursive servers• also caching forwarders
• Mixture of functions
Primary
Secondary
![Page 57: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/57.jpg)
8/13/19
57
113113
Root Servers• The top of the DNS hierarchy
• There are 13 root name servers operated around the world– [a-m].root-servers.net
• There are more than 13 physical root name servers– Each rootserver has an instance deployed via anycast
114114
Root Servers
http://root-servers.org/
![Page 58: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/58.jpg)
8/13/19
58
115115
Root Server Deployment at APNIC• Started in 2002, APNIC is committed to establish new root
server sites in the AP region
• APNIC assists in the deployment providing technical support.
• Deployments of F, K and I-root servers in – Singapore, Hong Kong, China, Korea, Thailand, Malaysia, Indonesia,
Philippines, Fiji, Pakistan, Bangladesh, Taiwan, Cambodia, Bhutan, and Mongolia
116116
What is Reverse DNS?• Forward DNS maps names to numbers
server.apnic.net è203.0.113.1
• Reverse DNS maps numbers to names203.0.113.1 è server.apnic.net
![Page 59: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/59.jpg)
8/13/19
59
117117
Uses of Reverse DNS• Service denial
– That only allow access when fully reverse delegated eg. anonymous ftp
• Diagnostics– Assisting in network troubleshooting (ex: traceroute)
• Spam identifications– Reverse lookup to confirm the source of the email– Failed lookup adds to an email’s spam score
118
Reverse DNS TreeMapping numbers to names - ‘reverse DNS’
22.64.202.in-addr.arpa.
apnic
whois www wwwtraining
ws1 ws2
202
64
22
203 204 210
iana in-addr
ROOT
net org com arpa
![Page 60: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/60.jpg)
8/13/19
60
119
Reverse DNS Tree – with IPv6
apnic
202
64
22
203
ip6
IPv6 addresses
iana in-addr
ROOT
net org com arpa int
RFC3152
120
Reverse Zone Example$ORIGIN 1.168.192.in-addr.arpa.@ 3600 IN SOA test.company.org. ( sys.admin.company.org.
2002021301 ; serial1h ; refresh30M ; retry1W ; expiry3600 ) ; neg. answ. ttl
NS ns.company.org.NS ns2.company.org.
1 PTR gw.company.org.router.company.org.
2 PTR ns.company.org.;auto generate: 65 PTR host65.company.org$GENERATE 65-127 $ PTR host$.company.org.
![Page 61: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/61.jpg)
8/13/19
61
121121
Managing Reverse DNS• APNIC manages reverse delegation for both IPv4 and IPv6
• Before you register your domain objects, you need to ensure that your reverse zones have been configured and loaded in your name servers
• APNIC does not host your name servers or configure your reverse zone files
• APNIC only delegates the authority of your reverse zones to the name servers you provide through your domain objects
www.apnic.net/dns
122122
Reverse Delegation for IPv4• Reverse delegation for IPv4 is based on octet boundaries
• /24 Delegations– Address blocks should be delegated– At least one name server
• /16 Delegations– Same as /24 delegations– APNIC delegates entire zone to member
• < /24 Delegations– Read “classless in-addr.arpa delegation”– Not supported
RFC2317
![Page 62: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/62.jpg)
8/13/19
62
123123
Reverse Delegation for IPv6• Reverse delegation for IPv4 is based on nibble boundaries
• /32 delegation– One domain object
• /48 delegation– One domain object
• /35 delegation– Divide into two /36 (closest 4-bit boundary)– Two separate domain objects
124124
APNIC & LIR Responsibilities• APNIC
– Manage reverse delegations of address block distributed by APNIC – Process organisations requests for reverse delegations of network
allocations
• Organisations / LIR– Be familiar with APNIC procedures– Ensure that addresses are reverse-mapped– Maintain nameserver(s) for allocations– Keep accurate records in the database– Keep reverse DNS current with the Whois DB
![Page 63: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/63.jpg)
8/13/19
63
125125
Reverse Delegation Procedures• Domain objects can be updated through MyAPNIC
• Nameserver/domain must be configured before domain objects are created
http://apnic.net/create-domain
126
Reverse Delegation Procedures
Input your IP address block here
At least one DNS server (FQDN)
Maintainer password
![Page 64: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/64.jpg)
8/13/19
64
127127
Whois Domain Object
domain: 28.12.202.in-addr.arpaDescr: in-addr.arpa zone for 28.12.202.in-addr.arpaadmin-c: NO4-APtech-c: AIC1-APzone-c: NO4-APnserver: cumin.apnic.netnserver: tinnie.apnic.netnserver: tinnie.arin.netmnt-by: MAINT-APNIC-APmnt-lower: MAINT-AP-DNSchanged: [email protected] 20021023changed: [email protected] 20040109changed: [email protected] 20091007changed: [email protected] 20111208source: APNIC
Reverse Zone
Contacts
Nameservers
Maintainers
128
![Page 65: 1.Internet Fundamentals NR](https://reader033.vdocuments.net/reader033/viewer/2022042403/625d91391cf34e024e1e6d47/html5/thumbnails/65.jpg)
8/13/19
65
129129
Thank You!END OF SESSION