RJS Network Cloud Academy: August 2022

Monday, August 29, 2022

Enterprise & Campus LAN Switching Overview

Local Area Network (LAN) is a logical explanation of how big a network should be called as a local.

Definition

For 2 or more computer or communicating devices which are in a room or in a floor, in a building or in a campus, if they are connected, they are said to be connected to a LAN.

Characteristics

It should be capable of providing high bandwidth, high speed, high-capacity communication.
Owner of the premises is the owner of the LAN. To connect 2 computers, we do not lease(rent) link from service provider.
Cost of deploying LAN should be cheap. Equipment used in a LAN should be compact and powerful to provide high bandwidth or high capacity or high-speed communication.
Services in a campus define the architect of the campus. Next generation campus wide network architecture should be converged architecture to carry voice, video, data i.e., triple line service over single converge infrastructure.

In a campus, if there are 40,000 employee and if the campus authority wants to host his 40,000 employees with all the 3 services, i.e., data, video, voice, then campus have to lay 3 networks separately.
Data network with the centre device has a switch connecting to all the computers.
Voice network with a centre device as a PBX connecting all computer.
To provide multi party video conferencing then they had to lay a network with a centre device called as MCU (Multimedia convergence unit), connecting all computer.
Drawback
Cost of laying one network is 2 crores, then cost of laying 3 network will be 6 crores. Hence, cost for separate network will increase.
For maintaining this 3 Network separately, the campus had to appoint 3 group of people. Maintenance operational cost will be increased.
All the devices are in line. Consider voice service device i.e., PBX which handle 40,000 voice call simultaneously. To provide these 40,000 simultaneous calls, the device itself should be very powerful.
In IP communication all the computers are given IP address to identify the computer in a communication and the information is delivered in the form of packet.

Size of the premise is the size of LAN. Biggest LAN is the campus wide LAN.
Administrative control is centralized.

Converged Architecture

When we build a converged architecture, your converged architecture will be a data network. Wire which come out of a switch, will go to your phone, and from phone it will be connected to a PC. Which mean your phone has a small switch inside for connectivity purpose. In this converged architecture, all the communication will be happened at the network or in the IP network. In IP enabled network, when voice, video, data all these 3 services are delivered together then it is very important to understand that these services will be going together on the same wire, they should not mix up and spoil the quality of experience. So, it is very important to understand what impact will happen if these 3 services will work together. For this we must study these services one by one.

Data Services:

Data service is a best effort service.
This mean there is no guarantee after how much time it will reach or after how much re-transmission it will reach or after how much drop it will reach, there is only one guarantee that whenever the data will reach it will reach perfectly.

Real Time Services:

Real Time services are voice and video services.
Stored video or stored voice are referred as data
So, what is Real time voice and video services. When we are talking on a phone or watching a live cricket match on the screen is a real time voice and video.
In Real time voice and video, the most important is Quality of Experience. It cannot be compromised, whatever the user is experiencing, the quality of that should be maintain.
Quality of Experience is controlled by three parameters:

Delay (latency)
Jitter (Inconsistent delay)
Drops

This parameter cannot be compromised in Real time services, whether the communication is happening in Real world or IP world.

Real world
Communication happens in FDM and in TDM
Every service work at different frequency
IP world
Communication between two devices is on same frequency.
If sending capacity is 10 Mbps, then receiving/hearing capacity should be 10 Mbps

Now, if sending capacity is 100 Mbps, then some part is for data, some it for voice and rest it is for video. In Real time communication, in IP enabled world, these 3 parameters cannot be compromised, and it should be taken care, so that user experience is not spoil.
Now, let us understand voice and video service.

Voice Service:

When we speak on IP phone, it is actually a analog voice. When analog voice come out of mouth, the phone will digitize it and create sample of voice. This sample will be packetized and will be send on a network.
Voice packet are very small. Normally, they are 8 Kb – 64 Kb in size.
So, suppose if one of these packets is drop, it will not make a huge impact on user experience.
Moreover, the end device has voice concealment program, which try to conceal the drop of voice sample. It works by concealing or by making the copy of received voice packet or forthcoming voice packet and just concealing in between the drop packet and maintain the quality of voice.
The number of drops which can be handle should be 1/10000 packet.
In Voice, drop is allowed, which is not allowed is delay or jitter.
Therefore, Voice is Delay Sensitive.

Video Service:

Video packet are of 2 types:

High definition – 8.5 mb
Standard definition – 2.5 mb

These files can be created per second
So, these files cannot be sent in one shot, so they are fragmented and sent one after the other in sequence.
More important in video, is sequencing of video frame. If there is no proper sequencing user experience will be lost.
To control sequencing of frame, three types of frames are created by a conferencing kit. They are:

I frame : B frame : P frame
Index Frame Bearer Frame Padding Frame

I frame contain actual indexing of one second video.
Drops are not allowed in video communication. Now, what is allowed is delay.
Therefore, Video is Drop Sensitive.

When we used all these 3 services together on a wire, then every equipment on my network should be intelligent,
This required intelligent should be classification and prioritization.
When these 3 packets are received by any device, it should first classify which is voice, video and data packet, and after classifying it should prioritized voice over video, and video over data to maintain and provide quality to be work over converged architecture.
This capability of classification and prioritization is called Quality of service (QoS), which is only available in IP enabled network. So, converged architecture should be IP enabled network.

Ethernet Technology

Technology facilitate communication, it does not communicate on your behalf. Somebody, have to use technology for communication, it does not communicate on his own.
GSM is a Voice communication Technology, when you dial a number, it searches a number which can be presence in any corner of earth and connect through it.
Technology has 2-level:

Level-1 ---- Hardware
Level-2 ---- Software/Logic/Protocol

LAN is Ethernet Technology
And Mostly, MAN and WAN are Serial Technology.

Ethernet Technology work on the fundamental of CSMA/CD.
IEEE has standardized these fundamental of ethernet and given a number, IEEE 802.3
Cisco has deployed this standard in his switches and routers and named as ARPA.

Carrier Sense Multiple Access with Collision Detection

CSMA/CD is basically used on half-duplex Ethernet technology for local area networking.
CSMA/CD, a MAC process protocol, first senses for any transmissions from the other stations in the channel and starts transmitting only when the channel is clear to transmit.
As soon as a station detects a collision, it stops transmission and sends a jam signal. It then waits for some time before retransmitting.
Let’s understand the meaning of the individual component of CSMA/CD

CS – It stands for Carrier Sensing. It implies that before sending data, a station first senses the carrier. If the carrier is found free, then the station transmits data else it refrains.
MA – Stands for Multiple Access i.e., if there’s a channel, then there are many stations that are trying to access it.
CD – Stands for Collision Detection. It also guides to proceed in case of packet data collision.

CSMA/CD procedure can be understood as a group discussion, where if the participants speak all at once then it will be very confusing, and the communication will not happen.
Instead, for good communication, it is required that the participants speak one after another so that we can clearly understand the contribution of each participant in the discussion.
Once a participant has finished talking, we should wait for a certain period to see if any other participant is speaking or not. One should start speaking only when no other participant has spoken. If another participant also speaks at the same time, then we should stop, wait, and try again after some time.
Similar is the process of CSMA/CD, where the data packet transmission is only done when the data transmission medium is free. When various network devices try to share a data channel simultaneously, then it will encounter a data collision.
The medium is continuously monitored to detect any data collision. When the medium is detected as free, the station should wait for a certain period before sending the data packet to avoid any chances of data collision.
When no other station tries to send the data and there is no data collision detected, then the transmission of data is said to be successful.

Algorithm
The algorithm steps include:

First, the station that wants to transmit the data senses the carrier as to whether it is busy or idle. If a carrier is found idle, then the transmission is carried out.
The transmission station detects a collision, if any, using the condition: Tt >= 2 * Tp where Tt is the transmission delay and Tp is the propagation delay.
The station releases the jam signal as soon as it detects a collision.
After collision has occurred, the transmitting station stops transmitting and waits for some random amount of time called the ‘back-off time’. After this time, the station retransmits again.

How Does CSMA/CD Work?
To understand the working of CSMA/CD, let’s consider the following scenario.

Check if the sender is ready for transmitting data packets.
Check if the transmission link is idle?

Sender must keep on checking if the transmission link/medium is idle.
For this, it continuously senses transmissions from other nodes.
Sender sends dummy data on the link.
If it does not receive any collision signal, this means the link is idle now.
If it senses that the carrier is free and there are no collisions, it sends the data.
Otherwise, it refrains from sending data.

Transmit the data & check for collisions.

Sender transmits its data on the link. CSMA/CD does not use an ‘acknowledgment’ system.
It checks for successful and unsuccessful transmissions through collision signals.
During transmission, if a collision signal is received by the node, transmission is stopped.
The station then transmits a jam signal onto the link and waits for random time intervals before it resends the frame.
After some random time, it again attempts to transfer the data and repeats the above process.

If no collision was detected in propagation, the sender completes its frame transmission and resets the counters.

How does a station know if its data collide?

Consider the above situation. Two stations, A & B.
Propagation Time: Tp = 1 hr (Signal takes 1 hr to go from A to B)

At time t=0, A transmits its data.
t= 30 mins: Collision occurs.

After the collision occurs, a collision signal is generated and sent to both A & B to inform the stations about a collision. Since the collision happened midway, the collision signal also takes 30 minutes to reach A & B.
Therefore, t=1 hr: A & B receive collision signals.
This collision signal is received by all the stations on that link. Then,

How to ensure that it is our station’s data that collided?

For this, Transmission time (Tt) > Propagation Time (Tp) [Rough bound]
This is because, we want that before we transmit the last bit of our data from our station, we should at least be sure that some of the bits have already reached their destination.
This ensures that the link is not busy, and collisions will not occur.
But above is a loose bound. We have not taken the time taken by the collision signal to travel back to us.

For this consider the worst-case scenario.
Consider the above system again.

At time t=0, A transmits its data.
t= 59:59 mins: Collision occurs

This collision occurs just before the data reaches B. Now the collision signal takes 59:59 minutes again to reach A. Hence, A receives the collision information approximately after 2 hours, that is, after 2 * Tp.

Hence, to ensure tighter bound, to detect the collision completely,
Tt > >= 2 * Tp

This is the maximum collision time that a system can take to detect if the collision was of its own data.
What should be the minimum length of the packet to be transmitted?
Transmission Time = Tt = Length of the packet/ Bandwidth of the link
[Number of bits transmitted by sender per second]
Substituting above, we get,
Length of the packet/ Bandwidth of the link>= 2 * Tp
Length of the packet >= 2 * Tp * Bandwidth of the link
Padding helps in the cases where we do not have such long packets. We can pad extra characters to the end of our data to satisfy the above condition.

Efficiency Of CSMA/CD

The efficiency of CSMA/CD is better than Pure ALOHA however there are some points that need to be kept in mind while measuring the efficiency of CSMA/CD. These include:

If the distance increases, then the efficiency of CSMA/CD decreases.
For Local Area Network (LAN), CSMA/CD works optimally but for long-distance networks like WAN, it’s not advisable to use CSMA/CD.
If the length of the packet is bigger, then the efficiency increases but then again there is a limitation. The maximum limit for the length of the packets is 1500 bytes.

Advantages & Disadvantages Of CSMA/CD

Advantages

Overhead is less in CSMA/CD.
Whenever possible, it utilizes all the bandwidth.
It detects collision within a very short span of time.
Its efficiency is better than simple CSMA.
It mostly avoids any kind of wasteful transmission.

Disadvantages

Not suitable for large distance networks.
Distance limitation is 2500 meters. Collision can’t be detected after this limit.
Assignment of priorities cannot be done to certain nodes.
As devices are added, the performance disrupts exponentially.

Applications of CSMA/CD

CSMA/CD was used in shared media Ethernet variants(10BASE2,10BASE5) and in the early versions of twisted pair Ethernet that used repeater hubs.
But nowadays, modern Ethernet networks are built with switches and full-duplex connections so that CSMA/CD is no longer used.
In full-duplex mode, communication is possible in both directions. So there are least or in fact no chance of collision and thus no mechanism like CSMA/CD find its use on a full-duplex.

Sunday, August 28, 2022

IPv4 Subnetting

What is Subnet?

A subnet, or subnetwork, is a network inside a network. Subnets make networks more efficient. Through subnetting, network traffic can travel a shorter distance without passing through unnecessary routers to reach its destination.
Imagine Alice puts a letter in the mail that is addressed to Bob, who lives in the town right next to hers. For the letter to reach Bob as quickly as possible, it should be delivered right from Alice's post office to the post office in Bob's town, and then to Bob. If the letter is first sent to a post office hundreds of miles away, Alice's letter could take a lot longer to reach Bob.
Like the postal service, networks are more efficient when messages travel as directly as possible. When a network receives data packets from another network, it will sort and route those packets by subnet so that the packets do not take an inefficient route to their destination.

Why Subnetting?

Assigning multiple Classful networks to each company would result in network depletion.
So, a single Classful network was assigned to each company with the expectation of subnetting.
If any company has many branch offices which are geographically separated, if connected are said to be connected on MAN or WAN. In MAN/WAN, we mostly used serial technology and router. As router route between the network, it every port should be in different network. Now, from ISP/IANA we have got only one single network, and we can’t assign single network to all router interfaces. So, in 1985 subnetting was introduced. Hence, subnetting is done.

Each IP network that is purchased is only good for a single broadcast domain (VLAN).
Often unused/unallocated host space within a given network.
Subnetting = Dividing a single, allocated network into multiple sub-networks.
Minor loss of available hosts addresses.

Subnetting is nothing, but a mask manipulation.

Design Rule: Two directly connected communicating devices should be in same subnet, and two port of router should be in different network/subnet.

Subnetting creates additional network IDs at the expense of host IDs and can be used with either A, B or C class addresses. These additional network addresses are called subnets and not networks because to the Internet, the original address is still a class B network address but locally the class B network address can be broken down to manageable subnets that function as actual network addresses. Why use subnets? Subnets are interconnected using routers, and routers improve network performance by reducing traffic and minimizing disruption due to broadcast messages. Large networks become more manageable when subnets are deployed.

With a network that has been assigned from an ISP you have two portions:

The “network” part
The “host” part

ISP doesn’t care what you do with Host bits, but you are not allowed to modify the “network” bits.

Suppose ISP provided 192.1.1.X classful IP network.
From the IP address, we understand, the first 3 bit of first octet if converted in binary, will have “110”, which mean ISP provided the IP network from class c network, which mean we have,

24 bits in network portion
8 bits in host portion

But, in our company we have requirement of 8 different network, and we got one single class C classful address from ISP.
So, now we must do subnetting of these IP network.
So, subnetting can be done with network point of view or host point of view.
From network point of View:

As we have requirement of 8 network, which mean we need 3 bits from the host portion of the classful address.
So, now the network portion will be 24 +3 = 27 bits.
Total bits in IP Address are 32 bits, and now network bits are 27.
So, host side will have 32 -27 = 5 bits, which mean 32 host per network.

From Host point of View:

As we require 8 networks, and in each network if we require 30 hosts per network.
For 30 hosts, we need 5 bits.
As per IANA rule, whenever we do subnetting, subnet can be of 2, 4, 8, 16, 32, 64, 128, 255 host.
So, in one subnet we have 32 host, which is of 5 host bits.
Total bits in IP Address are 32 bits, and now host bits are 5.
So, network side will have 32-5 = 27 bits.
From ISP we got IP network of 24 bits, and now we got network of 27 bits.
Which means we have 3 bits borrowed from host side, which can give us 8 different networks.

Finally, from above both point of view we will have below 8 sub-networks each of 32 hosts as:

Subnet Mask

To create subnets, you need a subnet mask that defines which bits will be used to create the new network address out of the 32-bit IP addresses. By "ANDing" the 32-bit IP address with a 32-bit mask, we create a 32-IP address that represents <netid, subnetid> becoming our new network address.
What do these masks look like? If we start with a basic class A address and do not define any subnets, the mask will look like 255.0.0.0 which is called a natural or default mask.
Only those bits that are set as a 1 will be considered when defining a network address.
In this case, all the bits in the first byte of the IP address will be considered.
The natural mask for a class B address is 255.255.0.0 and for a class C address it is 255.255.255.0.
To create more network addresses (subnets) we need to move the mask bits to the right (changing 0 bits into 1s) to convert host bits into network bits.

Remember that while we (as humans) represent IP addresses as dotted decimal, computers see it simply as a long string of 32-bits.
A subnet mask is another string of 32-bits that is used as a comparison tool against the IP address.
The subnet mask can divide the IP address anywhere…it doesn’t have to fall on an even byte boundary

From any ISP if we lease one classful network, we need to do subnetting, we first need to get out network requirement, and then we need to find how much bit we can then borrow or steal from host portion, as we can’t make any changes from network portion.

We can use below formula:

2^sn >= Quantity of subnets you’ve created.
(where “sn” = subnetting bits)

Suppose we lease 172.17.0.0/16.
If Quantity of subnets we want 8, so the sn value will be 3.
So, we will borrow 3 bits from host portion.
From lease network, we have 16 bits in host portion, so we will borrow 3 bits.
Now, network portion will be 16 + 3 = 19 bits.
So, the new subnet mask will be 19 of our all 8 sub-networks.

Bits to Mask

Now from above we got subnet mask in bits.
How will we convert these bits into Network mask?
We can use below logic to convert bits to mask.

Now, if we have subnet mask as /27, so the nearest default mask is 24.
Now, 24 + 3 = 27.
So, from 4 octet we have 3 bits in network portion.
From above logic, from left side if you see, you will get the mask value for 4^th octet.
So, the Netmask for /27 will be 255.255.255.224.

Classful Address is an address with default mask
For example: 16.20.20.1 255.0.0.0

Classless Address is an address with any other mask, but not with a default mask.
For example: 16.20.20.1 255.255.255.224

By default, Cisco router will only allow classful address to be configured on interfaces.
To use classless address, need to configure “IP classless” command.
From Cisco IOS version 12.0 onwards, “IP classless” and IP subnet-zero” has become a default command. Hence, no need of configuring.

Simple Logic for Same Length Subnetting

An ISP leases you the following network: 199.10.1.0 / 24
You need to create 22-subnetworks from this single network.
You need to get answer for below Question

What will be your new subnet mask (dotted decimal)? 255.255.255.248

For New subnet Mask, we can use above formula as:
2^sn >= Quantity of subnets required
2^sn >= 22
2^5 will give 32 subnets, which is greater than 22.
So, we got subnet bits as 5 bits which need to be borrowed/steal from host portion.
Current mask is 24 + subnet bits is 5 = New subnet mask will be /29
To convert this subnet mask to Netmask, use above logic “Bits to Mask”.
5 bits from left hand side, will give 248.
So, the Netmask will be 255.255.255.248

How many hosts will be supported in each subnet? 8 hosts

Now we have subnet bits as 5, so remaining will be host bits as 3 bits.
So, for 3 bits we will have 8 hosts

What is the subnet address of the fourth subnet? 199.10.1.24

From the logic diagram, we can see for /29 on the left, we have 8, which mean every subnet will be multiple of 8.
1^st subnet = 199.10.1.0/29
2^ndsubnet = 199.10.1.8/29
3^rd subnet = 199.10.1.16/29
4^th subnet = 199.10.1.24/29

What is the broadcast address of the sixth subnet? 199.10.1.47

1^st subnet = 199.10.1.0/29
2^ndsubnet = 199.10.1.8/29
3^rd subnet = 199.10.1.16/29
4^th subnet = 199.10.1.24/29
5^th subnet = 199.10.1.32/29
6^th subnet = 199.10.1.40/29
7^th subnet = 199.10.1.48/29
For 6^th subnet broadcast address will be one less than 07^th subnet address.

Problem with Same Length Subnetting and its Solution

When same length subnetting was first introduced, it was simply known as "subnetting." Its biggest benefit is that it validates the idea of borrowing bits from an IP address host field to create locally significant subnet identification addresses.
The use of same length subnetting saves a router the task of having to handle an entire IP address, because the router deals only with the digits selected by the mask. Further, it divides the address space into an adequate number of subnets and can therefore meet the needs of large LANs.
In IP classes of IPv4 addresses, there are fixed subnets with a fixed number of hosts and networks. For example, a class C IP address has a 24-bit network part and an 8-bit host part. Similarly, Class A addresses have an 8-bit network part and a 24-bit host part.
What this means is that in this method of subnet masking, subnets are rarely filled to capacity. This results in the inefficient use of IP address space, and a significant waste of unused addresses.
To overcome these challenges, a VLSM is better. In networks with many unassigned IP addresses, VLSM uses IP address space more efficiently, and thus prevents waste.

Variable Length Subnet Mask (VLSM)

VLSM stands for Variable Length Subnet Mask where the subnet design uses more than one mask in the same network which means more than one mask is used for different subnets of a single class A, B, C, or a network. It is used to increase the usability of subnets as they can be of variable size. It is also defined as the process of subnetting of a subnet.

Procedure of implementing VLSM –

In VLSM, subnets use block size based on requirement so subnetting is required multiple times. Suppose there is an administrator that has four departments to manage. These are sales and purchase department with 120 computers, development department with 50 computers, accounts department with 26 computers and management department with 5 computers.

If the administrator has IP 192.168.1.0/24, department wise IPs can be allocated by following these steps:
For each segment select the block size that is greater than or equal to the actual requirement which is the sum of host addresses, broadcast addresses and network addresses. Make a list of subnets possible:

Slash Notation	Hosts/subnet
/24	256
/25	128
/26	64
/27	32
/28	16
/29	8
/30	4
/31	2

Arrange all the segments in descending order based on the block size that is from highest to lowest requirement.

Sales and Purchase: 120
Development: 50
Accounts: 26
Management: 5

The highest IP available must be allocated to highest requirement so the sales and purchase department gets 192.168.1.0/25 which has 128 valid addresses that can easily be available for 120 hosts. The subnet mask used is 255.255.255.128
The next segment requires an IP to handle 50 hosts. The IP subnet with network number 192.168.1.128/26 is the next highest which can be assigned to 64 hosts thus fulfilling the requirement of development department. The subnet mask used is 255.255.255.192
Similarly, the next IP subnet 192.168.1.192/27 can fulfil the requirements of the accounts department as it has 32 valid hosts IP which can be assigned to 26 computers. The mask used is 255.255.255.224
The last segment requires 5 valid hosts IP which can be fulfilled by the subnet 192.168.1.224/29 which has the mask as 255.255.255.248 is chosen as per the requirement. The IP with the mask 255.255.255.240 could be chosen but it has 14 valid host IPs, and the requirement is less in comparison so the one that is comparable with the requirement is chosen.
So, below is the final IP assignment overall for required departments

Sales and Purchase: 120 -- 192.168.1.0/25
Development: 50 -- 192.168.1.128/26
Accounts: 26 -- 192.168.1.192/27
Management: 5 -- 192.168.1.224/29

So, we still have many unused IP which can be used for future purpose.
Thus, there is less IP wastage in VLSM as compared to same length subnetting.

IPv4 Address/Route Summarization

Aggregating multiple subnets into a single network advertisement.
That advertisement does not break classful boundaries.
Route summarization is a method where we create one summary route that represent multiple networks/subnets. It’s also called route aggregation.
Some routers perform summarization by default.
Summarization has several advantages:

Saves memory: routing tables will be smaller which reduces memory requirements.
Saves bandwidth: there are less routes to advertise so we save some bandwidth.
Saves CPU cycles: less packets to process and smaller routing tables to work on.
Stability: Prevents routing table instability due to flapping networks.

There are also some disadvantages to summarization:

Forwarding traffic for unused networks: a router will drop traffic when it doesn’t have a matching destination in its routing table. When we use summarization, it’s possible that the summary route covers networks that are not in use. The router that has a summary route will forward them to the router that has advertised the summary route.
Sub-optimal routing: routers prefer the path with the longest prefix match. When you use summaries, it’s possible that your router prefers another path where it has learned a more specific network from. The summary route also has a single metric.

Example

Network: 10.10.32.0 / 20
Network: 10.10.48.0 / 20
Subnet mask: 255.255.240.0

Conversion of network-id into bits

10.10.0010hhhh.hhhhhhhh / 20
10.10.0011hhhh.hhhhhhhh / 20
AND operation result: 10.10.001hhhhh.hhhhhhhh

10.10.32.0 / 19 (summarized network)

IPv4 Supernetting

Aggregating multiple networks (could be subnets or classful networks) into a single network advertisement.
That advertisement breaks classful boundaries
Supernetting can only be done manually.

Example

Network: 192.168.1.0/ 24
Network: 192.168.2.0/ 24

Conversion of network-id into bits

192.168.00000001.hhhhhhhh
192.168.00000010.hhhhhhhh
AND operation result: 192.168.000000hh.hhhhhhhh

192.168.0.0 / 22 (Supernet)

When performing summarization or supernetting ask yourself, “what bits…from left-to-right…do all of these networks have in common?”
Answer to the above question will determine new mask.

Tuesday, August 23, 2022

IPv4 Addressing History and Its Classes

History of IPv4

Internet was born from a research network called ARPANET i.e., a computer network funded by the Advanced Research Projects Agency of the U.S. Department of Defense.
On its first day of office in 1969, ARPANET operated across 4 hosts.
Each host had a unique address for online communication.
The online addresses were identified using 8-bit numbers called the Network Control Protocol (NCP). ARPANET was thus, an 8-bit network.
In early Internet History (1972), all communications were point-to-point using a variety of methods.

Circuit Switching
Satellite Uplinks
Direct Cable connection

There was a need to develop a protocol so that hosts on these disparate networks (and networks yet to be invented) could communicate with each other.
By 1981, it had evolved into a national network connecting 213 hosts across universities and research facilities.
Soon, all kinds of networks emerged and so did the need to connect these heterogeneous networks into one big inclusive network.
The idea was to maintain the heterogeneous nature of each network and allow users to communicate across networks.
To this end, the first half of the 1970s witnessed Robert Khan (DARPA) and Vint Cerf (NCP) work on a Transmission Control Program and publish their first paper in 1974.
It was implemented through 4 versions, wherein the 3rd version segregated itself into Transmission Control Protocol (TCP) and Internet Protocol (IP).
By 1978, the very first draft of TCP/IP v4 was published. By 1981 it became a standard and on 1st January 1983 i.e., “flag day”, ARPANET retired NCP and adopted TCP/IP.

With the popularity of Ethernet and Token Ring in late 1970s, the concept of multiple hosts all sharing a common gateway (a single Broadcast domain) was born.
As we know on any mainframe devices as 2 address, Layer 2 MAC address and L3 IP address, and these 2 address can be formatted in 3 different ways on Broadcast Domain as:

Communication within Broadcast Domain

Broadcast (needs no address)
Unicast (requires an address: MAC)
Multicast (requires an address: MAC with special format)

Networked Software Applications fall into two categories:

Those that assume the destination is in same broadcast domain as the source (example= ARP).
Those capable of intra, or inter-broadcast domain communications.

IP is used to address “networks”, be they broadcast-based or Point-to-Point, or anything else.
IP address is divided into 2-parts

Network/ Broadcast Domain Address
Unique Host address within that broadcast domain

In this way, when sending to a remote host, we don’t need to know their L2 address.

Packet is addressed to remote host’s IP address
Frame is addressed to gateway’s L2 address

This means any messages transmitted on wire, will have 2 address, L3 IP address for remote host which is in different broadcast domain, and L2 mac address of router.

What do these L2 and L3 addresses look like?

What does a computer see when it looks at incoming data?

IPv4 Addressing and its Classes

IPv4 is the fourth version of the Internet protocol and the first version that was used on a worldwide scale (the Internet). It uses 32-bit addresses which theoretically, should offer 4294967296 addresses. IPv4 addresses are assigned in blocks called networks or subnets. IPv6 is the successor which offers 128-bit addresses.

It is 32-bit addressing system
Logical address for a network defined by IANA
For human readable, IPv4 addresses are divided into 4 octets, each of 8 bits.
Dotted decimal notation is used to segment the octet.

IP Bit Pattern

Multicast

One-to-many communication
Any address which have starting 4 bit “1110” is a multicast address
1110xxxx. xxxxxxxx. xxxxxxxx. xxxxxxxx

Broadcast

One-to-all communication
Host portion of address all ones…or entire address all ones.
Any.11111111.11111111.11111111
11111111. 11111111. 11111111. 11111111

Unicast

One-to-one communication
All other patterns that do NOT start with 00000000

Classes of IPv4
1981 - Classes of Addresses Introduced:

Class A: 0.0.0.0 through 127.255.255.255

The first bit of the first octet is always set to 0 (zero). Thus, the first octet ranges from 1 – 127, i.e.

Class A addresses only include IP starting from 1.x.x.x to 126.x.x.x only.
The IP range 127.x.x.x is reserved for loopback IP addresses.
The default subnet mask for Class A IP address is 255.0.0.0 which implies that Class A addressing can have 126 networks (2^7-2) and 16777214 hosts (2^24-2).

Class B: 128.0.0.0 through 191.255.255.255

An IP address which belongs to class B has the first two bits in the first octet set to 10, i.e.

Class B IP Addresses range from 128.0.x.x to 191.255.x.x.
The default subnet mask for Class B is 255.255.x.x.
Class B has 16384 (2^14) Network addresses and 65534 (2^16-2) Host addresses.

Class C: 192.0.0.0 through 223.255.255.255

The first octet of Class C IP address has its first 3 bits set to 110, that is −

Class C IP addresses range from 192.0.0.x to 223.255.255.x.
The default subnet mask for Class C is 255.255.255.x.
Class C gives 2097152 (2^21) Network addresses and 254 (2^8-2) Host addresses.

Class D: 224.0.0.0 through 239.255.255.255

Very first four bits of the first octet in Class D IP addresses are set to 1110, giving a range of –

Class D has IP address range from 224.0.0.0 to 239.255.255.255.
Class D is reserved for Multicasting.
In multicasting data is not destined for a particular host, that is why there is no need to extract host address from the IP address, and Class D does not have any subnet mask.

Class E: 240.0.0.0 through 255.255.255.255

This IP Class is reserved for experimental purposes only for R&D or Study.
IP addresses in this class ranges from 240.0.0.0 to 255.255.255.254.
Like Class D, this class too is not equipped with any subnet mask.

Note:
127 ranges are considered as loopbacks
169.254 ranges are considered as APIPA

IPv4 Governing Bodies

As new networks were created and connected to the Internet, there was a need for someone to govern the allocation of IP addresses
Current IPv4 Addressing Allocation Structure

IANA IPv4 Address Space Registry

Public and Private IP Address

Public IP Address:

IP addresses “leased” to a corporation (by an ISP or an RIR) are known as public IP addresses.
A Public IP address is the one which is globally recognizable and our ISP (Internet Service Provider) or IANA provides the same.
Public IP identifies our home network to the outside world. It is an IP address that is unique throughout the entire Internet.
Each customer who uses the Global/Public IP Block needs to pay the Service Provider or IANA.
Beyond the RFC 1918 space, all addresses are public

Private IP Address:

IP addresses that are unregistered and may overlap from one company to the next, are known as private IP addresses.
Unlike Public Addresses, Private IP addresses never leave the LAN network, just as the public IP address is never used inside your network. Additionally, customer need not pay for private IP blocks used inside the LAN environment.
Defined in RFC 1918. For internal use only
Range of private address

Class A: 10.0.0.0 - 10.255.255.255 (10/8 prefix)
Class B: 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
Class C: 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

Note:

169.254.X.X is neither a public nor private IP address.
It is special network, called as Automatically Provisioned IP Address (APIPA).
Basically, it is on system which utilized DHCP.
If DHCP failed to assign dynamically IP address to a system, it automatically provisioned itself with IP address 169.254.X.X.
And usually when you see this IP address (169.254.X.X) is bad, and that means DHCP has been failed and you’re not getting the real and usable IP address assigned to your system.
127 ranges are considered as loopbacks, are neither a public nor private IP address.

Hosts per bit:

In any classful network, if we need to find how many hosts exist, we can use below figure to find number of hosts in a classful network.
Suppose we have 130.20.0.0/16 classful network, which we can identify and say it is class B address.
So, we have 16 bits in host side, i.e., 2-byte octet (8 + 8 bits).
If we look from below figure for 1 octets, we have 8 bits , so 2^8 will give 256 hosts.

Monday, August 22, 2022

Extensible Authentication Protocol (EAP)

What is the Extensible Authentication Protocol?

The Extensible Authentication Protocol (EAP) is an architectural framework that provides extensibility for authentication methods for commonly used protected network access technologies, such as IEEE 802.1X-based wireless access, IEEE 802.1X-based wired access, and Point-to-Point Protocol (PPP) connections such as Virtual Private Networking (VPN).
EAP is used on encrypted networks to provide a secure way to send identifying information to provide network authentication. It supports various authentication methods, including as token cards, smart cards, certificates, one-time passwords, and public key encryption.

How does EAP work?

EAP uses the 802.1x standard as its authentication mechanism over a local area network or a wireless LAN (WLAN). There are three primary components of 802.1X authentication:

the user's wireless device.
the wireless access point (AP) or authenticator; and
the authentication database or the authentication server.

The organization or user must choose what type of EAP to use based on their requirements. EAP transfers authentication information between the user and authenticator database or server.

The EAP process works as follows:

A user requests connection to a wireless network through an AP -- a station that transmits and receives data, sometimes known as a transceiver.
The AP requests identification data from the user and transmits that data to an authentication server.
The authentication server asks the AP for proof of the validity of the identification information.
The AP obtains verification from the user and sends it back to the authentication server.
The user is connected to the network as requested.

Depending on the type of EAP used, the process may vary.

Authentication EAP methods

EAP authentication methods that are used within tunneled EAP methods are commonly known as inner methods or EAP types.

EAP-TLS (Transport Layer Security)

EAP-TLS provides certificate-based, mutual authentication of the network and the client. Both the client and the server must have certificates to perform this authentication. EAP-TLS randomly generates session-based, user-based Wired Equivalent Privacy (WEP) keys. These keys secure communications between the AP and the WLAN client.
One disadvantage of EAP-TLS is the server and client side both must manage the certificates. This can be challenging for organizations with an extensive WLAN.

EAP-TTLS (Tunneled TLS)

Like EAP-TLS, EAP-TTLS offers an extended security method with certificate-based mutual authentication. However, instead of both the client and the server requiring a certificate, only the server side does.
EAP-TTLS enables WLANs to securely reuse legacy user authentication databases, such as Active Directory.

LEAP (Lightweight EAP)

Cisco created this proprietary EAP authentication type for mutual client and server authentication on its WLANs.
The LEAP server sends the client a random challenge, and the client returns a hashed password. Once authenticated, the client asks the server for a password, and a key exchange follows.

PEAP (Protected EAP)

PEAP was created as a more secure version of LEAP. Like EAP-TTLS, PEAP authenticates clients using server-side certificates.
It creates a TLS tunnel from the server to the client so the client can be authenticated through that encrypted tunnel.
Unlike EAP-TTLS, with PEAP, the client must use a different EAP type.

EAP-FAST (Flexible Authentication via Secure Tunneling)

Cisco created EAP-FAST to replace LEAP. EAP-FAST uses a tunnel to provide mutual authentication like PEAP and EAP-TTLS.
EAP-FAST does not have the server authenticate itself with a digital certificate. Instead, it uses a Protected Access Credential, which creates a one-time provisioning exchange with a shared secret, or PAC key. The PAC key handles the authentication.

EAP-SIM (Subscriber Identity Module)

Enables authentication by using SIM cards and is implemented when a customer purchases a wireless broadband service plan from a mobile network operator. As part of the plan, the customer commonly receives a wireless profile that is preconfigured for SIM authentication.
This authentication type is based on the Global System for Mobile communication (GSM) SIM card used in cellphones. It uses a per-session WEP key to encrypt the data.
This authentication method requires the client to enter a verification code to enable communication with the SIM.
EAP-SIM 802.1X requests go through a carrier's roaming gateway to a GSM authentication server. It is used to authenticate devices that roam between commercial 802.11 hotspots and GSM networks.

EAP-MD5 (Message Digest 5)

EAP-MD5 offers a base level of support and is not recommended when implementing a WLAN.
It is easier for threat actors to determine the user's or client's password with this method.
It also only provides one-way authentication rather than mutual authentication, and there is no way to develop per-session WEP keys or offer a continuous rotation and distribution of WEP keys. The manual maintenance of the WEP keys can pose challenges.

You can access the EAP properties for 802.1X authenticated wired and wireless access in the following ways:

By configuring the Wired Network (IEEE 802.3) Policies and Wireless Network (IEEE 802.11) Policies extensions in Group Policy.
By manually configuring wired or wireless connections on client computers.

You can access the EAP properties for virtual private network (VPN) connections in the following ways:

By using Connection Manager Administration Kit (CMAK) to configure VPN connections.
By manually configuring VPN connections on client computers.

By default, you can configure EAP settings for the following network authentication methods for 802.1X authenticated wired access, 802.1X authenticated wireless access, and VPN:

Microsoft: Smart card or another certificate (EAP-TLS)
Microsoft: Protected EAP (PEAP)
Microsoft: EAP-TTLS

Additionally, the MS-CHAP-V2 network authentication method is available for VPN by default.

RJS Network Cloud Academy

Main Menu