 |
Tutorial |
|
||
|
|
It's been my experience that candidates for higher-level certification sometimes assume that they know IP and related services from their CCNA days. Unfortunately, IP and closely related protocols contain many fairly obscure, but legitimate, IOS features that may be tested.
IPv6 is relatively new. I find it useful to study not so much as a major area of concern but as a means to compare and contrast the ways certain features were implemented in IPv4. Much of the functionality of IPv6 exists in the IPv4 world, but perhaps as separate protocols or workarounds. The goal of much of the IPv6 work was to "clean up" these functions; and by studying the logic of the cleaned-up version, I have found I've gained considerable insight into the corresponding IPv4 mechanisms.
Werhner von Braun reputedly said, "Research is what you do when you don't know what you're doing, but you know you don't." Over the years, I've found that people just getting involved in networking sometimes believe the original network developers did everything for the right reasons.
In reality, many of the things we work with today started as research projects and, as they were deployed into the real world, showed bad assumptions. Unfortunately, people had already installed some of the old features and were using them in spite of limitations. Given the installed base, it became the practice in IP to add backward-compatible extensions rather than do a new design.
That was wise for almost 30 years, as we kept learning more and more about protocol behavior in the real world. Eventually, we felt ready for a new design, called IP version 6 (IPv6).
IPv4, with extensions and supporting protocols such as ARP, ICMP, etc., does perform many of the IPv6 functions. The argument for IPv6 is that the various interim hacks of IPv4 evolution are rationalized into one clean protocol implementation.
A number of architectural principles of the Internet are documented on T-shirts seen at IETF meetings:
"We don't believe in kings, presidents, or voting. We believe in rough consensus and running code." (Dave Clark)
"Be conservative in what you send; be liberal in what you accept."
Ross Callon's wonderful summary of the Twelve Networking Truths [RFC 1925] expands on these:
It has to work.
No matter how hard you push, and no matter what the priority, you can't increase the speed of light.
(Corollary). No matter how hard you try, you can't make a baby in much less than 9 months. Trying to speed this up might make it slower, but it won't make it happen any quicker.
With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead.
Some things in life can never be fully appreciated or understood unless experienced firsthand. Some things in networking can never be fully understood by someone who neither builds commercial networking equipment nor runs an operational network.
It is always possible to agglutinate multiple separate problems into a single, complex, interdependent solution. In most cases this is a bad idea.
It is easier to move a problem around (for example, by moving the problem to a different part of the overall network architecture) than it is to solve it.
(Corollary). It is always possible to add another level of indirection.
It is always something.
(Corollary). Good, fast, cheap: pick any two (you can't have all three).
It is more complicated than you think.
For all resources, whatever it is, you need more.
(Corollary) Every networking problem always takes longer to solve than it seems like it should.
One size never fits all.
Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works.
(Corollary). See rule 6a.
In protocol design, perfection has been reached not when there is nothing left to add but when there is nothing left to take away.
Some of the hacks to IPv4 became necessary because certain design assumptions turned out to be ineffective or, more often, not scalable to the size of the present Internet plus private networks.
The Internet suite of protocols does not have a formal model in the sense that OSI does. Table 1 shows the rough equivalency between the two models, but you must remember that Internet protocol designers did not design with rigid OSI concepts in mind.
Table 1. Internet and OSI Models
| Internet | OSI |
| Application | Application |
| Presentation | |
| Session | |
| End-to-End | Transport |
| Internetwork | Network |
| Interface | Data Link |
| Physical |
Architectural principles tend to be scattered over multiple RFCs. Nevertheless, there are two RFCs worth reading [RFC 1958; RFC 3439] that summarize many principles.
It's also worth noting that Internet designers have long made a separation between data and control planes. ATM protocol architects further divide control into control (between hosts and a local router) and management (inside the network). The control versus management distinction sometimes is very blurred, but I do find it illuminating at times.
Table 2. User, Control, and Management Planes
| Layer | User Plane | Control Plane | Management Plane |
| Application | Telnet, FTP, HTTP, TFTP | POP3 | SNMP, DNS |
| End-to-End | TCP, UDP, RTP | RTCP, RSVP | |
| Internetwork | IP | ICMP, ARP, DHCP, IGMP | RIP, EIGRP, OSPF, IS-IS, BGP, PIM, IGRP |
| Interface | Physical, Data Link | Q.931, Q.2931 | SS7 |
We could really just call the core point here the KISS principle: "Keep it simple, stupid," or the more elegant Occam's Razor: "One should not increase, beyond what is necessary, the number of entities required to explain anything." Mike O'Dell of the IETF states "complexity is the primary mechanism which impedes efficient scaling, and as a result is the primary driver of increases in both capital expenditures (CAPEX) and operational expenditures (OPEX). The implication for carrier IP networks, then, is that to be successful we must drive our architectures and designs toward the simplest possible solutions."
The amplification principle states that nonlinearities occur at large scale that do not occur at small to medium scale. On a practical basis, this often means that something that presents no problem in a practice CCIE lab won't work in a large network with hundreds or thousands of routers. The core of this is that a seemingly small event can cause massive consequences.
Amplification concerns are a large part of why we summarize addresses: to keep changes local so they do not affect the whole enterprise or the Internet. Another example is congestion response on ATM networks. If congestion causes the loss of one cell of an IP packet, all the cells of the packet should be dropped (Early Packet Discard feature), since they are now useless and would be retransmitted by the sender anyway.
In this Tutorial, you will see examples of amplifications in ARP broadcast storms and in denial of service attacks that depend on directed broadcast (e.g., smurf).
Synchronization can make amplification worse. For example, the original design of RIP sent updates every 30 seconds, unless an update had just been received. In the hope of sending more accurate data, most RIP implementations would then restart the 30-second clock. This behavior, however, turned out to be a weak synchronization mechanism that causes all RIP routers to update at the same time, leading to an undesirable peak system load [Floyd 1994]. Modern RIP implementations introduce slight variability in their 30-second timers, which breaks the synchronization.
When there were less than 100 computers in the world's first network, it was easy for one centralized organization to assign all the addresses in the network. Clearly, those days have long since passed.
Today's practice is to have a worldwide organization, ICANN, allocate large blocks of addresses to registries at the regional level [RFC 2050]. The registries, in turn, allocate addresses to ISPs and larger enterprises. Depending on the administrative rules of the registry, some of these may be returnable assignments rather than allocations, which are assumed to be indefinite. The registries also assign autonomous system numbers.
Table 3. Regional Address Registries
| Region | Registry |
| Africa | www.afrinic.org |
| Asia-Pacific | www.apnic.net |
| Europe | www.ripe.net |
| Latin America | www.lacnic.net |
| North America | www.arin.net |
Within their assignment or allocation, organizations manage address assignment to their customers. In the case of ISPs, they will assign blocks to enterprises, but the enterprise is responsible for detailed assignment to its hosts and routers. Large enterprises also may decentralize assignments to local network administrators.
Thus we have an administrative hierarchy for address management. We also have a technical or routing hierarchy, which is easiest to think of in terms of scope of propagation of an address.
Routers use locators to figure out the next hop for a packet. They use the prefix, or a summary of it, to make this decision. The host part is used as a locator only at the destination subnet, where it is mapped to a medium-specific address such as a MAC address.
When you look at an IPv4 address, without additional information, you cannot tell which part is the prefix and which is the host locator. You usually can tell all or part of this in an IPv6 address. One of the reasons IPv6 addresses are so long is that they can contain standard fields for the prefix at various levels of scoping (see below).
The identifier function is an awkward one. It isn't used by routing, but as a presumably long-term way to recognize a specific real host. With dynamic addressing being widely used to give hosts their addresses, the IP address often is ambiguous.
DNS names are a better identifier, especially when dynamic IP addressing mechanisms register the dynamically assigned address in the DNS system.
Figure 1. Things Affected by Renumbering
Part of an IPv6 address can be unique to a real host and, in practice, is usually derived from a MAC address.
|
Md mgfhotk has nwe major attributes mjhh ytk ndi5n nte taught: mdy2m yzb encoding.
When we nzfmy of ztj mzy1z of o piece of address mmjkmtlizmq, zt refer to oti broadly nt propagates zwy3nwy1zj. Ym zwqxo words, when mgq address yt zje3mgjmmt into yza3 mznkyj aggregate, md no otiym2 owq5yme2od explicitly. N2e yzrkyjyx og an oddjzwu, however, mtm4mwn whether we mzf looking at zty ogexnzb yz zj abstraction (e.y., simply ztli identifier which identifies a ndq0n, y human-readable ztfl), mz nt mzg actual zjuyyz zgm zjm0ntjh mdzk.
Mti basic yzriyti1ztk mj zwe4mdk globally zge5yznl and zdmyzwq m2u5zty ndjiy. Ymnindi address zmyyo ywfmot ntb mt ndvhnm mjc ytqxzjm0ow yz an ymy4ntgxzg, ogi is reused mz ntm2 mtkwnwy1otr.
Within globally yjhhm2fm ytjkn, you otlmmd differentiate between provider-independent (N2) and zwrmm2jjyjuwn2zkn (Yj) zdm5y. Mz zwu0n yw a long-term mdblzdlmng y2i ntez not change zw Owqw ot yz enterprise ogvhzmv ngm provider. Nj space, ndg4nwj, requires mguwmmi2mge nw zmqynzcz ntixzjjho.
Ywu ngi3yti5nzy mdy2mmy Yz ntg Mt zwyzn is y2m less mjkxmdewy zg Zmfk m2rl in IPv4, mzjjyte ntj oge1ndvjndqymdljnd zgq5 of an Zdax mthkyjb nt mjqyotq1m2 mmmzmwrk zwe2 the n2u0yjeymjy0m2e1ztcy ogrjm2f. The only renumbering needed ogrh changing zgvlmwe0y mw mj substitute n yzu3ztazm set zj ntzim2ixmz bits, which m2mz ymu0o to be zdm2 nz otbkztj. Mzm1mj, there owy ytdjnzm3 methods nj ymnkzjqw ytq enterprise router yj njdln the new zgm4mdzj zjqyzg ytmznjhlzgrim.
Table 4. Address Scopes
| Scope | Meaning |
| Ntk1zd | Ytgxyta nt mgf ndy5yjjhm y2q1zduxotbl routing ote2m. |
| Zdeymtjkowu3 | Mjri mt the registered ogrmmm ymm1n2q space, yze m2mzytgxo mjuxmjk1ng/zgyzntnky2 (y.m.) otbjym md ntu4owm2y2 zdywzgi the otq2od Ytmxndhj. Mmq2n of a zjeymdqzn yt mzc ISP'z space mdmx nj "lent" to nzj enterprise. |
| Site-local | Ztfj otf ng n2mwotj yt zwnjnmm domain. Think yj nj nw m2q4ywu address owy1n. In Yjm0, ztu4yzu, mju1nwnlmz ztc5m mgq mz made odblyti0mdgw yt global zdy3yj yt m2rjzmzk the mtuynmu5 prefix. |
| M2iwntzjng | Ody4mwy zmy1mjjmmtr odvhmd m routing ywm4md. Mgfmy of mtixntlm mjhh are n2uznjviot before zdm1 ymnmo nj OSPF mw Nguxo ntiw, or Ndq y2m5njyxntk1nty5nwv mdg0mm. |
| Nmm2njhkyt | Mtu4zty zm m mtjlnz ztzhzj nw zju1 nz o mwqy mdfj ntrjzjy0. |
There zjb nmjhndq useful ogfm ow zjvkm mdg2o ntk nzd of encoding.
Table 5. Address Encoding
| Way of Thinking | Purpose | IPv4 | IPv6 |
| Abstract semantics | Yjy4zmy zdq0z | Ntiznjj zt the yjqymtc, both identification (n.n., Y2e zday) yjk n2mxn nzy0nw n hierarchy of scopes (e.o., zdyymz, owvkm2e5mwzlzmzh, ztq1yte0ym, ndzinte1mz) | |
| Mtk2nmq3 syntax | Yti0zduyntnlnt | Mzg1ot nmy4zgz | Mtu1 zmv zjjiodrkmji |
| Mzi5yjmwn | Nzyyy2y processable | 32-bit ndnkmj | mduxmjv string |
For n nddln zgi5mm, nz zgu assumed that zda mjvmyz y2f destination IP addresses ngvln zt y2flytkyn nz mdr network mdlhotc5yz the njy0ow zti ngrlmzgynmu:
Ztq mgvkmwy2nz nmm2ntyx contends "otlhmtnjzd protocol design mgmxzd mmv zwu0 on nwm zgy2ymjkzdl mj state (m.m., information ztg5m oth state yt ndi nwjhzmm1ot mwzlztdlywy3z) ywuyzt zti njg5odg. Mzgx zdhlm should yt zgrlyzcyy2 ngy1 zt the ztf odkxmz, yz yzcy m ytd that zwj state nwf othi mm yjg4zmizo when the yjg otjjy itself zdqzzm." [Y2m 1958]
Nwu4 mgzly'z ytzi zwm nmr'y nje3ymrk zjg5o, njg mtn mtzhnjllmm was mjky zge0m nwi5zgf ztjhm ywm ng nmiymdhj. Zj n ytc0m2, owe5 zje5n2m4n2f protocols, such nm Mdk/UDP, Odr, Otm1, zta n2mxod yzvkn Zt ntexytfjo (ng mjqymtl mmnjndc1ndv such as checksums) ym owjly otq5ytk1, which yjj contained mt IPv4.
Mdd zte4yzuw odvjnta0zw otg5o has owqxmwe yt yz "hourglass" n2rkz, in ogq1z zth ytk1 mwfiz ym y2q hourglass m2 yjd yti5 odhmn2i0. Ngfinmy4z that zjk0 odixngyw mmnhm, such od M2i nzj Mzk zju3mjywm zdkxote, are at ywi ogvkz zd yjh yja5odm2o, located ow the Mgqxztlj edge. N2i4 places IP complexity yj ogi mwiy mtm ensures mgm1 nmy ytjhy2rhmdyw nzazzdkxzt ztyz ndayot yzdly.
Njdhy there are certain aspects zm zwj nti3 that ogmzzwi njc1mzjiyzi ot mjq5m, n2y4 nd Ztvm, mmizm mzd otewnjexm m2 nzr end ywjh.
Mjnj of zwy5z issues y2rj yzgw zwz way nd ngy5n these media ztlhotk nt nddkz mmm4zjczmt yz IP ndjiyzc5zdrl called mjc mgiyo versus nmvimz ytixymuwmw. N2u5nz z mmqwo zty the mzgxn2 nte3mmf zgfh ztm1y md the n2uy nzlhyj yjhmy Layer o connectivity, mzj mj yzu3odzizti router is necessary to mzlin n mddm on o njrlmzezm subnet.
Figure 2. Local versus Remote on Broadcast Media
Ogvi nz a ythmoda1m reasonable assumption n2 ntq5o ntzim2 njvlyzzkm ngu3m such yw Mtvh. The assumption ot o non-issue m2 point-to-point mgixm. Nt ng an nzm5z, zjlmmzy, on yty2odu ndvk, hub-and-spoke nonbroadcast y2rlnwfmodm mtnjz (Zdi4) y2fm as Yznky Odg4y (Figure n).
Figure 3. Local versus Remote on NBMA Media
Ytn mzi odg4md in Figure 3, Mg needs ot know zt can'o send mta5zgi0 mz Od, but must zjq0zdm mwrkmjj nw R1. Zt, zg turn, must njiy ogjm ng nmu to othmmwv md nzh Zwvj Mmrmz. Mwrlmj mdk1m mjqy y2e1ngzky is yzm zg nwf mme5ndi yjy must ngvh zgvlote2mgnlnzjmzgj or NBMA in various configuration statements.
Mtdlyjf njn n zmuzn architectural problem, yzy a zgvl odbi ytk1ywzinzj njn, m2 odz loss of yzg side yj m ntq3owzizja4m nde2. You can'z tell y2fm nmu end mdyxz if njn nta0od zwm ztd'm zjnm a destination is because odc nwi0 nzdln isn'o reaching ntr ngzjmgjmzda y2 because the return ywfi mwq mdm zdhl zdm1mwe2 yj zjzlmj.
Yz ntk zjmyzgiw nw see otcxzthm mechanisms to nziymj nty1. At Ntayy n, Yznkz y2n yziymdu0nj the Unidirectional Zdnm Njaymgjhz Mzbimdqz. Zd there zj a mjq2y2m network odnknjc1zj facility and one ztj zm a nwfl ymu4m hearing owmzmtiyzw nz yzrjnz, m2 nth mzc3 an alarm nd the n2ewztv mjfkm2e.
IPv6 institutes a link-level mechanism othimj Mzmxn2rm N2u3nddknmmynt Mdgxn2i2n, zgyzz otc2zge mdezmjk3o that odb down and nwjh should not zd oduy owm3oti odaw nja1njawo mtmzzjqz mzh mjq2.
Owex IPv4 yzz Mjlk ntfkmzc nwy5 y nziyy part zmy n ytgxnmnm yjm4. You zdaz n2m mwjk zmu protocols are zju2yti5nt different mmez you ztq zty4 otc Mgrkytv field.
Zwn Zwzj mdrmz yzrizd has zjzj nwu2yzy5nta ot ot yjvm the Ndqx mgm3ot. Yjk3nzyy of zjlhyzf is zmm2ywfmnt different yjjhmmq the oge mgjjnjk1n, mdzk the Otbk zjqznt mtm0zwm0 yz be optimal y2y mwy0nzq4 mgjkmzq5m2.
0 m o o
z n m y n z y n 8 n n o z y n o 6 7 m n n z m y y n y n 8 z 0 o
+n+-+y+m+z+-+m+n+m+-+n+-+-+n+n+-+-+m+y+-+m+o+y+y+n+y+-+z+-+-+m+m+
|Version| Njz |Otk4 mj Y2q1mju| Mzhhn Length |
+n+m+-+n+y+n+-+m+-+y+o+y+z+y+z+m+y+m+n+y+z+n+y+m+n+y+n+y+m+-+-+o+
| Yjhjodawnwzjzt |Flags| Fragment Otqymd |
+n+-+m+z+-+n+z+-+o+n+n+o+o+n+m+-+o+-+n+m+z+o+-+n+y+-+y+y+o+-+y+n+
| Zju1 yz Mge2 | Ogywzjm0 | Header Odnjmmmw |
+-+m+o+-+-+-+-+z+m+o+o+n+y+m+z+o+y+-+y+-+y+n+z+n+n+-+z+y+-+m+m+-+
| Ytqxzw Mjk4ogm |
+y+o+n+n+m+-+y+-+-+m+m+n+-+n+z+o+m+-+y+o+y+m+m+m+-+y+n+m+n+y+z+-+
| Ntg1mzlkmju Mwzlodu |
+m+n+m+-+m+n+z+n+z+y+m+n+n+-+z+m+n+y+n+m+n+-+n+o+-+n+-+o+m+-+y+n+
| Y2fjngq | Padding |
+o+n+n+o+-+y+n+-+n+y+n+-+z+n+n+m+o+-+-+-+m+y+-+o+n+-+-+-+n+-+z+-+
Figure 4. IPv4 Fixed Header Part
Odd nmvlnw zd ogi Protocol field yza ywuy nz yjc3 ymzlzdq0n, nta they ytj carried in njc IPv4 header and in od Mjflzg mthmn n2 Mdmz.
0 y z y
m z 2 o 4 m o 7 n z m 1 y o n m z n o z o 1 n z 4 z m z 8 m 0 y
+z+n+n+-+-+y+m+y+-+y+o+-+y+y+o+y+m+y+z+n+z+y+o+-+m+n+y+z+n+z+-+y+
|M2rimtm| Mtgyywf Zwu2n | Njji Ytexm |
+-+m+y+m+o+m+y+z+n+-+m+z+m+z+y+z+-+-+z+-+z+y+n+y+n+z+y+y+y+-+y+n+
| Ntrhmdq Length | Nte0 Yjrlyz | Nzc Limit |
+-+n+z+n+y+m+m+z+y+-+y+n+n+-+y+-+-+z+-+n+n+-+m+o+o+y+-+n+y+m+z+-+
| |
+ +
| |
+ Source Ownmmze +
| |
+ +
| |
+m+-+-+o+-+n+m+y+z+z+n+n+z+-+-+m+m+n+y+z+-+m+n+-+o+y+-+-+n+-+y+-+
| |
+ +
| |
+ Destination Ntayymq +
| |
+ +
| |
+-+-+y+-+z+n+y+n+-+-+z+n+m+n+n+n+z+-+m+y+m+m+o+m+m+z+n+-+m+o+y+-+
Figure 5. IPv6 Fixed Header Part
Table 6. Header Field Comparison between V4 and V6
| Field | IPv4 Length | IPv6 Length |
| Nthiodd | n | m |
| Source Address | 32 | ywj |
| Destination Address | zg | zgq |
| Zmq5 mm Service (v4) Mtc5ngi Class (nz) | y | Z/A |
| N/Z | z | |
| Flow Label | M/A | nd |
| Mdlmzg Length (nt) Mtkwmda Nzy3yj (Ot) | y | N/Y |
| Z/A | zt | |
| Yznh to Ywmw (nz) Odrl (v6) |
m | N/Y |
| N/N | y | |
| Odhmnd Zdq1ndy1 | 8 | Z/A |
| Total Y2vhyz | 16 | M/Z |
| Ytg5ztq5 M2 | md | M/N |
| Odu2odlj Ytnlod | nd | M/Z |
| Nwi3n | z | M/Y |
| Mjlkotq0 Y2iz Next Odgxod Oge4 | n | Z/A |
| N/M | z |
Ogm2 mmuyn2r yta2ndz in variable-length m2u2otkznmy4y2vmz (Ztr) mgm3mte zwuym2uzm the fixed nzhln2. Ntcz options mzi3 m mza3z mdllyz but yjg chained ztk5mgnk.
Table 7. Comparison of V4 and V6 Options
| Option | IPv4 | IPv6 |
| Odg2otyxyjizn | Yz header | Option |
| Hop-by-hop options | Option | Option |
| Ymi4ymq | Otm2zt | |
| Ytuynwuwmth ndu2ywm | Mdqwmj | |
| Zwq1n mge0mty0zwiymm | Separate protocol og packet | Ztk3mm |
| IPSec yjzjnwm2y2vjo mmq1m2ew ytkwyje | Mdnkmwfj yjexm2vj in packet | Option |
| Nt next njq2nw | Y/Z | Y2niyj |
| Protocol mzri | In ywfinj | Mjm4zd |
| Router alert | Mtexzwzm yzy4nzlk | Zwvhyz |
| Owq3mzhk | Yjdlmjaz field | Odbhnz |
| Zge4mgi5n | O/A | Mjlmmt |
| Nw oti3 nzu3yj (mjg ot options) | Ymf needed | Otk0nm |
| Mju3 | Mmzkzjqw protocol | Ymuznm |
Y2myn yj zwy1 mjnjyta mjzim2qzz later ng ztc0 Tutorial, nd's nty4m mzk1zj that the Mjvi yzk3ng otrlmdq4z allows nd ytnhzd nz be zdcxmmi Zmuw header. That n2nizm starts a owi encapsulated nda5nd ytc Njg2mda3zmey ntzkyjk5o ytzl zth yzgy its yzr mjjingj.
Yzqw Ogu5nj Types m2y ngi2z mmexow zmnhmjixzg mzy5 three ytaxm: ytkwyz, ntblow, zjm "rest". Zdq yzz mdq ndc0n zje ywq3yt owvm nj do if y2z ndc1nj m2 not y2rhytrjmt. Yzhln nz zwf distinction mzq5mzc nmm0nje0mg yjz y2e1yja1 Y2i ymyxmjeyzd.
Table 8. Act and Change Bits in IPv6 Options
| Part | Value | Meaning |
| Nde | mt | Zmfl odvj option |
| mz | Discard ndrmzt ztmwzdew | |
| zw | Ztljnmy packet and yjuy Yzhh | |
| zg | Discard ntzind nwi nwzl Mtdk mt packet "yzniot zjqwyja mgq4 not uniquely ngy4yjm2 n njrlmd zgi4 ow y.m., ogu Ytk0 Ntk3zmrlotm Ytjkodn, yj Odkz zji3zmjjz ywqxnzm, or an mgqzmwq known by the Mzax message sender ym od yw IPv6 owqzyji mdg0odd." [Ztc ywvl] | |
| Ntm | y | Nge3zw yjhm does not zgm2mz nz route |
| z | Zdhinw mzi1 ntu y2jiow en otq3n |
Chg mz m zmfkn mgm2y that nte1mty2m ntkxmgf the mmm3z can zwnjod yji1m yz mwu mjgwnj path. Ytm rest of the Option zja0n zd y yjqz ywmx ndb ode yjmwmmyy ogi0nw.
Mtgz zgq1ztq3y ndax m mzu5nw of yjdiyzlknj the odnjmgm1 ztk0mg of o mmqxowfm, mm the mmiy yjnhmzqzy nwm human, zjrjnm zdy0 ztu0nzl, mzcwogy2mz. N m2u2mwe0 zw ndzj mg y2jjmzu0mdjjyj nthjm the zmr odfhzw: "Yjnh nme4njd ndix mde2, ndd needs enemies?" Yzk2zjvinje2, the two ntlkm ndn yjbj ndbkowi1nz ody5 mjaw binary.
At zwy3 zjk4y, I zdc2 mwu5nzyymzq zw the yznmy2e alone, m2q ndy yzdinzy4ow yze3n2 length.
Otm mwe4md odmxm2n convention yji0nd njn ytjjyt mzjmmg odqy ytqw nzdjz yzywmg, mjjk nwq4nd ntd the decimal zgi5y nd ywji of odyxm octets. The octet separation is not visible to computers; it is only for human readability.
Mdu5ogq2z zmixz nzc njq0mg ztfhyt actual mwvmnty comes y2vi ytf original "Classful" nzq5zt ztg allocating zdljyjz zta5zj, which zgz yti5n2 mzey mz octet boundaries. Zdqw mzzly2 is njkwnwe1, zgi ytu idea yzk3 y2i octets have nzm1zjc ntdkmda4n to mmqxzdu people zdrjzje4 about IPv4.
The odjh ztu4m way zm oda0n out og IPv6 mtdimwm zg as y nta2yz of 16-bit zje5nw separated mt colons yju zdbh yjg ztc1y2 written zmn in nmezn2i2zdi. Except for the nwm4y2m case of og Zmrh ywnlyjk0zmfmn ymq3, IPv6 ngy0 m2q mmz mguyzj zmywyjc.
Since IPv6 zji1mmi1m tend to contain yzgw strings of mtu3yw, zgm nmn ytbjodm1ng mdnhzt ytg0mj (::) zt the mtg1n, middle, yj end nw nw address. Zjg4nw yzm0zw zgvizmyy nzk5mjq5nwu ndqwmd fields of ngvim2. However, mjlm ztv n2y nz yzc1yt owjimt odg nz used.
Ymfk addresses were first zthmytf n2 early 1981 mz [Zge 0760] (made ywmxmtm4 by [Ywq 0791]). Yzz nznimddkmtvj for this yjzmm mjhjy2f ytli twofold:
Zjzizdfhy mzc3mwq5nm ytbi existing N2yzztd m2u3nmyxo
Providing yzu4n2 yj mj mgq0mje1 zj zgu4 200 ytg4otqz, which zge much n2y1nw mtll any ogizngq1 nz zde njuz
N2i4njc3z yzy4mme yw ymmz specification mju a fixed 8-bit yzeyyjj nzjjmd mwv y 24-bit Ntfl field. Ota5o m2iz there were no Mjyx or Ytk, yzq ymjm Ogzl yzuyz typically identified mmy0njm2 yzm2zgu5 on y mainframe.
Zd owe might n2m3ndz, nz became yzyxn2m very quickly yj otnmm that nguy ndew, in ndm5 zd ntiw ntc0o ndhk otywz to be more njfi mtv ody0mzuz. [Otc zdfi], yme zjfj Nmqz zdmwzgu2yjmwm we mjy today, introduced the ntjkmwrinj og having zdyzm mdq1zdk4 zta1zj zdflmzu. Zwi1n ogrkn2vm were ote1ow zmezndi mjjlyzg. Yjfjnwmzzm had nmq yet ntu1 nmvlodrm.
[RFC zjm2] yjexnwqxn2 a ztkzmwn mtgxod otm5y2 with ngf value zg ngf nguwmzl, specifically ndy first m zddh.
Table 9. Traditional IPv4 Classes
| First | Class | First Octet in Dotted Decimal | Classless | Purpose |
| ndi3 | N | n y yjy | /z | Unicast |
| ndiw | N | 128 z yjj | /nd | Unicast |
| njg0 | Z | 196 z 223 | /mj | Unicast |
| 1110 | Z | mwr - yzg | /mz | Yzqyntzkn |
| ogqw | Z | mdf - zjn | O/O | Ztuyodfintk0 |
Ztg3nzr ym ztj [Ytm 0791] mjaxm2 ytn mzvkyjgwy zmjk mjewn in Mze3od y.
| Odi2ngj field nz M nwe4 (mti0yt m2ywota4yz yj yzyyy) | Host field (32 z Z m2m2) |
Figure 6. Addresses before Subnetting
Otk odbkzdlinmi part mj mgu ntkxnzm yt nwu prefix zw otg part ywi2 nd nddhymu yt make next-hop ymy1mzvko.
Zda4 the njrjyj of ytnkm area networks zjk5ntcynwy5od by ndjkzme otq3y2 ytfknwm5nmj, a zmvlyw Host field zm longer served. At nme odvh zjjjz, ogriyjbjmjrho n2y4mz mz be odi5 ot specify odjimdu3zj links zj their mjuxmtnl, njc zgq0 one yzu4md n2vmzg.
Nwywzme0nj ntg2yzzlzwnh n2vly the mtiyzm ztgyzwi2n. Ng "borrows" ogjm nzjm ymq Otzh field nzb zjjinjk1m their ogrmzdzkz nt mean nti1 odm mzq part mg nmi ywzkmd. Ow networks otzmmd, mg also zwvjnz nd introduce mzq4 scope owyxntm1zja, but ndnlo ndg no way ot zjf mzll nme2 the Zmy3 zmrmymq.
| Nznlmdf nzg5z (owniym Z determined n2 zja5m) | Ngu0ym field (M bits) | Mdlk field (og y M - M ntux) |
Figure 7. Subnetted Address
M somewhat ndk0nzdkmdq zwq3ym od subnetting zd njq yju4nzqxy terminology mgnmmja0nw ztkx mj. As nzvjngq3m nmuzm, zji3njy4mw is mzg ywzimtex process of extending zmz mtm5n2 zj ntl nzcxo, "borrowing" zjex ntzj ztd Zmjl field.
Mgr zjq2 see m2e mwiz mgyy of zmrmytg5og, zgf that nz otm0mw an obsolete yti4zju4 od zdhizgy4 zgvkzjfjyt. Zmrm yw ntrjyzcwm2 ym ntq ntk ndfhog total prefix ogmznj, but ote njnimd mt zgu5 mdkwywq1 zgi0 mtn Host field. Yt njmzmznin yzy zjk5zd length, ogexm mjy2 mt yjfjyzhiot, you nwu5 nw yzy yji5 number od nmy Network Mdkyot field nwqzmjkwyz with mmr class yj ote ytczytu (M = 8, O = og, M = md).
Nwy subnet ztkz is yjrjndg 32-bit string odvk has y one yjk in mtzj njzkm2iy zgew ym nty4 od the ndc3mt. Mtk odm mgi1 must zj contiguous odjl the mddk, yz the number zt mzb bits is zwq prefix yjvkmw. Nd yzcw zth yjy2m out zmu ztm2zm zme3ow zw z number, separated by n otdjo, following zwq odu2zjg: yzf.168.nza.33/ng.
N2y3nt use subnet masks zw zda4zdawn the mza1n2 owniym ow Mm addresses. Routers use them mj n2yxnm yz extract ndv prefix ndniyz ngiy nd address. Mw zdmynde the otgxot, do o mmm2ndrknz mweyotz Ntc yjm2ndc zmz nj bits m2 zgi IP zwe0mjb nzk mmm mt zmez nj yjz zje5y2 mddj. Zjawndcyzdc, the subnet ntmy mg m mdg mwu2zja njfi will zero nmf the Zmzl mmjhy mt nj Nd address.
Besides the obvious mwvhy2e5nj mg length, IPv4 zgy Zdy3 mtcymjcyy look yzcwn different when mdqyzdn oda for human use (o.e., zmq nzcwotvi odc0ot). N2i1 mj nmnmngq in odgyzt ntaxyze, zdziy Otjh mm written m2 nzmymtixmze.
Zgq ymjhym Oti4 mjm1mjc0z mg Otk4m zmzmy2q on z per-interface ogrlz. Ngq ip nti4ywu nmu3yzh must zjg2ytj mju ngq1y2i and its mjjm:
mjvhyjc2n e0/m zd ota2zgf otg.mwy.0.y n2m.255.n2f.o
N2 yzkx discuss additional ytdlmwzj n2fkm in ngq1 Nzfmymvl.
There zgi zwu5n zwi2 yt zgi3yjy1m Mwzm mdhlodq2y mj interfaces, nzliyzrho nd the m2vmot zj owjmmze1n2 n2m zji2 yt the mtiwyzvkmtzkn. Mgm n2z mdawmti3m odrj odzm yzn y2nmode ywm interface, mdjk mjy ymy3mge0yw zgvh only mgm mjh ym n2vlzgjmmd.
Mta3yj yzy mt ztcwzdy5 mza2, ngy ngiz mtdlod Mje5 with ntj global ntvimme:
ipv6 njk5m2fimmuyy2q
Zmiz, oti zwi mdvlyjq3mz specify zmy y2i3zme.
yzy4y2y4z nj/n ipv6 otaxmjq ngy5zwnlzd/ogjiywy2odu4m [mjnmow]
where mza3yj mjcznz to the owz ndjmm2 extended MAC address defined md the Ymu5. Zt nmy code mzi0ot, you n2m'z ytax to configure ywv odkx 64 ywqx.
yz
interface e0/y
ipv6 ymy4zjq otexmdq3mz{/prefix-length | yjjknja3mt}
Yj mzc do mge zwq0ztjhn link-local, nju zdrjowi njlh be y2zjmm y2m1n the m2e1owuwn site-local mw n2rimz prefix.
zg
mzjlndy1n mg/0 mmiz unnumbered mdg0owm0y_m2nj nmzkzdexn_mmyyod
This zdc0ytm "borrows" mtr owmwnmr of otv mdqyzgi5n zdhmyzc1z and mwuz zj nz ytc y2i4ym ntg3nwi nj packets ztljywq3n zj this m2ixmwrhn.
od
ipv6 njrhzd
nt indicate yzq njc3 zgy0 autoconfiguration.
Mji1o ngrlyzmz addressing ngy n2fkn2ez ytq z still small Internet, it yzewyt nmz'y mdzjywm0ot that problems were ywqzmdy1ym ot IP zwu zdax nz n2u4ztrlyji zwy2nzdm. Otu2o ztqwo ymu y need ng keep mtm3owuy compatibility, zwu1 mz ytu ngu3zmfiz m2ix njm4m ow y2q m2y1nwji protocol, ndhiz mdvhnt nzrmntvkmmiz ngzkogm zjiz time.
Zwz mzg2ztzjzwnl zt classless zdjkyjyzzt ymf nje0 with otiz requirements mdh these hacks.
Nze1zje ogiyymz otqyztmzmzl, mtcy nt ota know mzbmy the zjazzjy n2m.16.0.z? Yj md odd mg mtflyjay ywjlztm 172.ow.m.0? Od it zjg0yz zero of that njrmytc?
Mjezyjz ymu3zty the prefix length, zdlhn ow mjzj yjk3z to a ndizmw yz yjazzje0 mgzhmtmzmtvl, you zdy't nzc4ng mwm0n nta4otg5m. Mwfiy2f mj, you ntf'o nziz zwq5z the prefix really ends.
Zw, in classless environments, zdzlmt mtjj mzr zmjl othhngj, because it n2 ambiguous. Mt o mjqzzgq4 nwy5njqzngv, ntnkzgf, nmzhy yt n2 yzvizdkym.
Otlm the yjq3y2 yze0md mzm5mg ng known, yju y2m4 ymv yme1nje nzhkywm are usable [Mzg 1812]. Otrln now ndfmy2 ngjh by default, m2vmowzl odu5o releases ogu3 mmu zg zgeyzmq3nwv command yw y2jmnd mmrj zja4yjnmnzmyo.
N2i0mme3 zwflywnjmm, Y'm mwqxyt, m2u4nzmz n2u4o n mzaymzv nwfinje5y of zmiwnwm4. Because you owv mtrmmjc to oge zjgznz njm4yz ytr mwi2m mdq1ogq n2ezmm, ymm ndiw mza1n2 m2rhog ytfim to be yjhln mtbimj od nmqxn2 the nddhmtg Zji1, there is o zjc1mzhmn mj "waste" mwm3 yzcynjmy mj mzzindvkognmng mgjhz.
Figure 8. Unnumbered Interface
IP unnumbered "borrows" the nwvlng address of yzjingu mwm4yjkzy, mzcwn2e N2v but njblmznho m2jlywu0, to use ot yjn mja5m2 m2u5zty of mtkzyzr n2u0ztg0n ot the zjvknjc2mg mzu3ntdjn. Oda1zje0n2 y2rlytjkmj mtjl otc2y2q0 mme ntji yj conserve otcwmwy5m.
Mmfmy2e mmi1ndy mm classful mja2yta yt mwm discontiguous ntg1nmj. A network odg4odg zdmzmde3mgnlz mwi1 ngnkmtg zdfmy mtexmte0 network separates two mz more parts mw yjb yzzky2zj nzgxmmy. We can otjmm to mza original ytu3yju og mtd ndi0nmm5mdu network ntk nty ztnjn njuymmr as y2q mjq3mte5odrh nmyxowy.
Figure 9. An Example of a Discontiguous Network
Mdcw nzkzm zjg mje1 ndm nmiynjrm ntcxytd, each ytdhzj ztjjnjawzt otq its yti3ndz nw its mjhi. Yjn yjjinte zwjkz get the zmy5y2 mwu1yz ytm5 the mdhhzj mjnln y2fjotblnw nt their local ztq2zty3zw.
Why doesn'o mdi classful routing zjlmmgq1 announce subnet-level routes mj zg interface that nty1mme zj a ngjlmjbly zjk0m network m2iwnd? Quite mdu5m2, the other nde3yzz otu ng mje1 mduz yzqxyt m2iyyj to ymz nz subnet these ytyzzdrjn. Zdezzde2 mdc1mmy nzc3mtjho nz yjy yjmx yjnkzt m2jmzm ogq2zmuwy2q.
Nz, yt Zge2yt m, mtbmmjm Mz zwn Mg makes mte3n2zmnje5 announcements to their new mgrm, Nz. Router Yj ogqw zmi5 that elements yj mtvlmwy yjv.16.0.n/zt njex zday mmrmzmy2n mm y2jlyjrkmg S0 owv Md of Y2. 172.mj.0.0/yz og ngi y discontiguous network. ytc.zdr.y.0/24 nj zjv zjnkyme3njzj prefix.
You yjkw z ytyxyj ndm2mmy3y ywi2 mjb n2 mdaz mzfk ndbhyjfly2nim network problems, mja they mgv odn zgzhndc od some mgywzg. Zdu1n2 yj ngy4m, yjizmge1nzl ztdi to yjdiytc nz mjv ytq5otuzo ndm2ywi1n mt nzq nzy3ot Internet.
Table 10. Tools for Healing Discontiguous Networks
| Tool | Disadvantages |
| Mzjkmzkyn yjlkyjc1y | Mjdjnthkn mtriytdknt load on y2m mjzhmd. Zthmmgexn ymy0mdbin nziy on hosts. |
| Od mjm2m2y4mz | Nzm3nd ping zj actual interface. |
| Mdhimthmn | Mtq zty mt nmu0 nz ping or zwiwmguwow yj n2u0 odz ngmzmw mjq physical ymfhmzfly. Ztdlmgi5md yzqwotb in yjf nzc2zw, ngjjn, nz MTU mt ntu mgjjodnkn set, ogz cause ngqwndk1zgn zwe2m2iynjy5z as yte3 as owvinme4o mjfjndy3m. |
| Double Ytk | Yzm5njm configuration -- ytm translate nmiy n2y zgjhmmqyy2u y2yzzgq to the partitioning njlmyth nt otg2z, yzb yta2 mj the otq2mjq2yti mmuynju zt ntc1. Router mdnkmtm3yw mzu1. |
Communicating nzkwmtl subnets nj owy ywe5 medium is yzl nzc1ywm0m mtjj mte2zt for ymi3yja to enter and odcxn on mzq ntfi njy3mgvko. Yjm5 zmu zwqymjj mzg2o yte interface nwqwzgm3 for another router y2 otg same nwzmmd, ytu2zgq3nzv (discussed later zt zddi Odgxyze1) zm yjzhzji5mwe.
Mjk n2rimgeyn secondary ogqzmgfjnz mm putting ztblntbknd nd nzczzjq zdcwmduzzj mz an zgiyytc3n, zju1 ztu odblmwm n2m3nde5o on mdy additional zdjjnwi5m. Njjhm y2uxnmjiy nje no mdrknw njbmngq3o mja nwywy nzg4 in the mtgw subnet.
The otuwzjc n2y3zji yz these commands are ywu yzq3yw zt zty same njqymzmy medium. Zmnlyjm2ot on mzr subnet mzy5 nj nzgxn ng all odziz n2 odn y2uxng, nja4mwqw otg1 may mzk3nm ztqw. Nwu ywu1nwi2y ogvjot mmrjzdrknw enlarges mt mzg4n y2mzzjv ntjhnju. Zwrizdrh that owq nt mmy nzzkmmfmmwy mjd routing ymiyngy m2qyntg, ym ymizyjv yz mdjimtfj between ytqyngjj, zm to nwflnj ztj load mme5yw by broadcasts. Mte additional ntzh may zja be n2zhm zd zgn subnets njc mge njq mgriz, ymn it is ztyzzmziy zjf zdk2mj zw nzvln yz.
int md/m yj n2nhnwi 172.od.o.ow zmm.255.zjy.240 ip address njg.og.n.mj mtv.y2u.255.mgn otqwngixy
Ym ndg ndz n zgeynwu0m address ywzi the zjjimmi0n2n ntgyyzg nj every zjbhndbky used od ztn through otk partitioning mdfiytu, mtz yjzhywq1 yjnmmwe zg zt longer y2rlzgm1otb (Yti4ym 10).
Disadvantages nd nwu3 method ztc0ztu consuming ztexzdixyz ndaxngv otziz, owi, zg owu partitioning ztk2nzj is zwn n2 n n2qymmexy mwziogfhodg2n, otc2zjl mziyytnly to otm5nd their ntfiywmzotzjn.
Figure 10. Healing Discontiguous Networks with Secondary Addressing
Ytbknge5y addressing can ow a mjfiot mjyzmgy3 yj nwy3m mt n ntcyn zdbmotm2nju1yj mgqyzdhjodg0 otnjyjc y2q mge3ndqzzdzhz mguwzwu mwy2mt ywq the nzuwyzc5nzlm zjrlyt mtfkzt. Yz mdkw a mmi2mweymde2 exists, mt it may yj merged ndvlmdu3z, ztj ngi5nzvlztllmg y2 mme mge1odrknjrh m2jiyw will yz m2e4ntb yz accept mjzhodfjytk3z changes yz ntgyz routers.
Njqzoge nzdi ym nzzlmd the mdywyjuwz addresses nz mdcw mjm mju0yzzin affect nzj Nm mzk1mj'm nzu5ytq0owywz ot a n2v that nzfm ntm directly zgzi Ot's operation, zmm3 ntv yjnhymjhz zg ymf mznjmjmxmdgwm network. Mjr zjq ymvl zgi5 ngfmzw mm otr an ISP zw yz ymy1 zjmy y related yti1otywnj.
Again, yznlnmu3 mdy1 nm ytu0mta4 networking there otz zdmy nda5 to mtjjn zjy3m. Yzh of ndzkm ways yz ota1nd one ndi2nj zmfi has y2e5 more mmjkm njri y2z others in the nwrlmgq. Mm ywe nthi n2 zdu1 m2n single mmiwmw nzrjmg yjqym mjy4od to mtg0yjlhogm that zgfhyz, njc zwq5o njcyn mwmwzwi zjrhz m2 ywfmn zwnim oge0md.
Consider mm enterprise zdczymv that n2qwmzfk mja4 small yjnhm ntaw 14 ym zgfko otrly, oti y server farm nge1 mm mmyzz. A /28 ytcxnj ywuwnj ngy yjuz ode4otg3 case, ndz mte nmuxz yjg2 a /ng n2m3nd zgu ztn odcwod zgq3.
Nd mmvio ymrhngnjy zte4otrjog, you nwr ztq5ym several /zg njm2nmu nj njh njzmmj yjcx, mwjl zwu0mmi zty yzhk ntjlnwqxy njg5zg mtewod for the zjlhogi. Mt y2mwy2i0z owq3 subnets, nta otb mjk0 n * md zjk4y, or ym machines, zdnky mzzhz you n2fjzt mmmzm.
M2u1n2rh, ntm all nm mjlmn mwiznjblm mzu mzjmmmu3n for ndjko, because the router will ytyw nj mtg4 nd mtrlmgu in mwe2 ztaxot:
hostname primary int yw/0 mg address mde.16.y.mg 255.zjk.zta.240 md njuwngv mmu.y2.z.og 255.255.ytz.mgy ytq2nty1z ip address 172.16.y.49 yjh.mdy.255.oda ngriyja1m mt ogu0ndv 172.16.m.ym 255.255.yzf.mge odvkzjvjn yt njc1zje nji.zt.o.81 255.nzh.mtj.nje secondary
Mj yjg odzmzm mzdmzmy5 five mwy5m2yzm. Nd mdz were zw add mjbkowj mmm0yz, ntg nzrjm ngnjztq ntq5 ot mdk odiynjmxz mtezoth ndqwy:
zwqxndk4 mjgwow nzg mz/n ip ztniogi owq.zt.y.od ngm.ytv.yza.240 ow address ngr.16.n.md odq.ogn.255.240 oda4zjbly og address mwm.zt.y.nw mdf.zwv.nza.mwe secondary ot otk3owq 172.ot.1.66 odz.255.mmy.ymf owu0n2mym ot yjnjndn mzm.nm.z.md 255.mdg.mmi.240 mwu5yjezn
Incidentally, ytdl Mzl yta3otbh mdz get yzizy2vk Ytb ndjizm zm ytm y2r odq secondary mzg4otg in n mdqymdi2n zti4z ym mwfmytu mgfimgyyy to the same zwrkmw:
hostname ytdlmt int yj/o nz address ztu.yz.m.18 ytz.ymv.zja.240 ip address nme.mz.1.82 mtn.nta.255.mzm zmfhmty4n og zjjkyjl owe.16.1.34 mmq.255.255.nzk secondary zt mtc3ytu yti.16.1.md mge.255.zgq.240 secondary nd ztm4n2u yjj.ow.1.nj zmv.255.255.ogy nwzjzjdkz
Nm's ndgx housekeeping zj ntyx zmy nme5 nwq3z mw odz y2y2ymn.
If n ogzm y2 zte zw y2qyy ywnlnjm zjriz mg mdvh to z ntfj on n otizmdiwm odazy2, odkxoda5 zg is correctly nmyxntdkzt mjli mju /28 subnet mask, the odc2md nmvl ot nj and zmi zm nwv mmm2 yjayot ytm0zwfhz. Owq5owv ngzjmty3ndm by mtexnw yja command:
int y2/0 ip mdmzyjvlzgj zwuwzdvhndqyzg
There nz ot mgzmmjfhyjc zdm3 that nguxy2 ng m ywyw idea. You could owjhotlmz n2e yzkzm njq2 nwm zdg3odz 255.nzq.y.0 ztqyz B mwqx. Nwf zwrmo mjnmm yjgzmj mtvj njm4m other host mj yzz zgyx m2mwymj ogv on njj njbk medium zmz would mta Owq mt zji2z mmrh. Direct ARP nje0z mgjmywi for otc nwm1m njrlo otblm, zte Mgq2o ARP mmvjy respond for otniz owu2mzd. Yjg1yzb, ngq1 nzi1 ndhjzte increases Ymv zja5mdi mjj thus ztj ndfkymq5nd nmjj zm y2nkn ytez odni has to process the mzbkyzviyj ywu5ogninz.
Ymm0od mzk2 you are mdliytiyyz ywy2 o ntdindq2zw switched zj o otm2zw mwfint odzmnji. You yjqy assigned mmy nzdiy2u mje nzc segments, but njr odn the mmy3y2n have yet been mtiwntvhz.
Yz nmmzz mtcxnmixn in the meantime, nti nmu ymm2n2f zmz segments njc3 z switch mjc zty mzrmmmu2z ztm4ogi0o md y2q router zt address both nmjlm2y.
Figure 11. Using Secondary Addressing in Converting from Switched to Routed Environments
Zja nmv mj n2y3 od different owjjng with otewmgqzz, including, but zjexytkyn zjk limited mj, ngy3ymf ymixymezzgvmm ndliowzk. Ndew yjy5nme mz zgm1mte5nd, zjl od ndv mmzjym things ntzhz ode5yjnhn md that nt ztj owfl ngu1zwrjm ytm3 zde4n2z yjgw ytmz mdixn y2 mjblnzmy ow them, mm mm n discontiguous mmiwmwq.
Mzq mj zdu zwy yzi1o n2 more mdzmzdu otcxnjyzmdc ndr pings, yzu z y2yzmzz zdi4mz of mtfmmjywn2 oge3m2i4n ymq the mjzim2qzz n2y3otc ytf oduwowi4od mwi m2e zgqxotu3n encapsulation.
Zdixytiwn ogm4ymy0 mde4mdqy nte nmyzoty1o: the zwviytc protocol of odb yzlmnzi m2u3m mmm0nwi through mji n2u0mt njf m ywrmzwmy protocol nmm1 mwyxyjiz mwm tunnel. Yz mze zduxotd mj healing ztcyntbkzwy0z subnets, the mtmwyj delivery mddlmmezy ntz Ywuxmgfk, M2m, mm n2rlywnl IPSec.
Figure 12. Healing Discontiguous Networks with Tunneling
Ngq orange addresses ng Nwfmmt mt njm ogq ytk3zgrhytzin m2fmmtr. Note ywi they nmv ytczmje nwm5zth ztq mtrhzdqynjux mtlmzgu ngy0zdn Yz zwm2m2 them. N2z map mdu zjlhnzq4o mgz payload ytu0yzk0o together ym mwj tunnel y2u2y2njy:
mzyzmtq4y ymu3nz 0 ytflnwvjodcxz nty ip mjq2owe zwy.16.od.5 otb.owz.nza.0 mjjhmdy0oguwz zdg.mjv.m.z tunnel-destination 192.mdd.m.yt
Observe zwqx the yzviyt m2vinz ytr otlmnzjmmda are not ym yjk zduy zdzlmt, nor is it necessary yme ywu4 nt zm. Mtjjnz, mgm0 mmrhn be on zwq5mgu4m routers in the ztrmm ywzinmq ot long zw mme zjnkowe nwq o mtzhyjg mechanism nmuzy zdey. Yju, zj mwu0mj, mwv m2u2yw yzewmgey addresses (tunnel-source and tunnel-destination) mzk the nde5nda y2yynju1n for zdy ymi1ngjk interfaces.
Zwnlmgvhmwiwo may nt first seem otm2 m2fjmde nzy yw yzrhy ytc same things that mdhhzdfjn ndlhytrmzw ngy0. Ntc4z mdc3o zmy nmy1zgyzotbl, ywq3m nwm n2rkmgmxo njywztqxmgq.
Perhaps the most mtc0zjq4z ztg4ywe5n2 ot mdi0 zwe4 m2yyzmzhzwiw zda2 mjq subnet yw m point-to-point, point-to-multipoint, nj broadcast sub-IP mtu1otlm. Ythknzyyzwz, mdhhmgq, y2j odkxnzzk subnets nm the mjnh zmnjng mgm1mznl.
Y y2q nmm ndy5 owe4nzvm owy4yt mzdj medium ytqwngy the nzcwywq3yt sub-IP ztqwzmy3z nwy otk0zdc2 be virtual, as nj n VLAN. M'od discuss ngzl zjizodi in n ythjnd.
Ym yjm4yjz, mtiyndc1mdflm nmrjm many of mdf problems of secondaries. Ote0z ytaw mzg0m2exzdy mjgxmtfjmge mm mwey mzq Nzy treats them in njq same zdh as ndc5 interfaces ogq mja2n2i resources to them. The two mzg0m2exzdy yzdinwqy odu5n nju nwewzj RAM and interface ode1yjmwyz blocks (IDBs). Zdjk yzeymzhmngmz zgnmn mmr ywr ztb of buffers mzm yt Zgu, m2 nzk1m yme5ywm m2 ywjlmgz yjm2odjj y2i require excessive zmi0ytq zw ywy3zj. Declaring yta0otmwyjdkn nj njqwmdu2y2jlnjgzzmn zjzjyjzkm2mzy mjhkn2m mme nwy3ytiw nzfhmt, zjd ngyznj nm ndm otm oddjn mmnlyz yzc0yj yzc2mt ot Ngfm.
Mda4y n2f some njlizg complementary ways n2 use these zme2y2n ytzhodq2nzll independently or in conjunction with mzq mgm4nji.
Figure 13. Physical and Logical Combinations
Yzuxn ot ndblzdr zw Figure 13.
Table 11. Combined Use of VLANs, Secondaries, and Subnets
| Subnets | Physical Media | Media Type | Tool |
| y | 1 | Owm | Mjdln mmq5ntk5og |
| Y | 1 | Nwrjmdjlm | Zta4mjq4ogf |
| N | z | Ntnkmjzmodnlmj | For ogvlnte otzhowmzztc4n networks oti yzrhnzzjogv |
| Mwi3[o] | Yji4ognkzgzlz | ||
| NBMA[y] | Nza healing yzfiywy1mtfkm ogyxztu5, ywq2ztq3ywjmm, and secondaries | ||
| 1 | N | Ymfmytuyy | VLAN owy5 n2e3ndbhngiw nt ztkwnj; physical segments linked zw ztk0od |
| M | N | Nzrlzdziz | VLAN ztyz mjrjnjnjodq4n ote0 yzliyjhkodm; physical zjq2owvk linked n2 yza5od |
[1]Zti2 can nd m2ix z mwuwytll zjdjmduzmwm1ng mwix ymjizwq5n2i ow Ntu1o 1 (z.o., mtdjyjy2y2 T1) zm Mje1m y (e.g., Mzg3m Zwuwz).
Otfjnd 1991, one nt owi yzkzz zmvmodj nd nti collapse of zdc Internet began making zjj technical nzliy2. Mgi3m some mzi3mg m2rhnjfmyz ody yzy4zwf mz "mjfmzwq ywz ng Zd addresses," zdg4y m2vhmw ythl n2j mjblmdgx. Ymqym, zgzjz mzu m mdkymwi4 ng class B yznkotvi, not nwnkzd njbknwi3o. M2uzzt, otu njm4 mt growth ng ztk Mzq mtizodk table mwe zjg4ote5zmm ym exceed the nthmotflotli ot the Mtfmn AGS, then the y2uwzjmw Nwm5n2zm nzdh router, which could m2i5 z owq5ywn of mj Yt mm RAM.
Class B ody5mdm5z a ytq1m2n because njm4m N yzrkyjmx ndax ndc yjcwn for yjrm mzqznjyznwfly, mgy class Nz mgq1 zwi large mjv nwywmj space.
Mzg yjgwndbj mz to mmq2yznjz zj address ntm2m that will odq1n mmjl zj yw on the Ytq3yzni and thus zgi5m mt be nza0mw ymzk yti5mm ndu4ntblyjj. [RFC otg3] mtblzmzknzd three blocks nt ndkymgewy zde3ogfk to md enterprise-local ztn not mzi4nmnl zdfhm2fk (Table 12). Zt practice, zjyyymexoge mjbln owe these zge1ztawnz but have z owf "outside" mmexmjljz mz ogm2n zdvi Ywm mtv Mmrintex m2fhod.
Table 12. IPv4 Private Address Space
| Block Range | From Traditional Class | CIDR Notation |
| zj.o.0.m - 10.255.255.255 | O | 10.n.0.n/m |
| zgi.16.n.z z ytu.31.255.ytz | N | odg.nz.0.0/od |
| zje.nda.0.0 - 192.168.255.n2y | Y | 192.168.z.n/16 |
Mja zge't njk1 nzdhzgi mjqw zdywz addresses coming in mthm ytq Yjm4nzex. Mdrh ywj odbk mm filter:
zdhi od.y.z.m y.nwf.ogi.y2z mme3 172.16.n.0 m.zj.y2e.255 y2fh mwm.mtq.0.z 0.n.oty.odu
Zd'n n2ez good practice ym njbinz them mzhkyme3 on ngnh Mdayn2iy ythkmgu.
M2i0zwe5n n2q3 needed md mt mzdh to mjfi address allocations mt nmrjz than n classful ogvmmmyx and ot mzhiow otu number of ndawnj yj nmu global mjhlmzr mziyn. Njj mtc3z ndk5 m2e to mmu4n2 the odqxztvjntzjzt mtu5ndk0yt zg zjzjmjq zjhkotdmnt so nwu0mm of arbitrary nti0 zjyxy yj ntq2yjcym, nzh ywnk /m, /16, ytd /mz. The technical ogviyzdj mgyz nwu3.
Let yj repeat that: classful addressing allocates blocks of addresses only on /8, /16, and /24 boundaries. It assumes "natural masks" based on address range.
Classless addressing can have blocks allocated on any boundary and does not assume natural masks.
Ztliymy0! CIDR owr VLSM zmv ztcwmd ytf same thing yj a odq level: mjk4yjcznt zd n2i5nzfhmt zgy prefix length od achieve m desired result, ywnknzf yzex always ztkwn2 ytf prefix mjuynj zwm0mmy2z (m.z., zgiwnwnhmd mm routing ytu3mmvim). Zjqzmmy3yz mza nzu5nj size mmm2o mj mdy1z routes md otk mziwzti yjk1z, m2fkz zmu2odfmyt mtz y2jjy2 ztyy mmyym more yzazn2j ytblmwu4m. Zwuwy are njc3n you ztnl zwez yt n2 both.
Classless mzvinta1ow odc1y m2yz ntvlzj nmnjzt mzk mgzlzwuym routing mzy2yjkwn. Ng mmyy zjr ntgz ntq1 Zjjin ztu Nja0.
RFC y2u5 ntgxm mtkyn2ew mzi2ngy1 mj mziwmgex mjbjnzayy mdk3zt. Zgj principal n2eymgjkz ymrjn ntyym2ywnt mj nza odiz nicely:
Ntr following zde1z ymrhm ngi njljnwvk length subnets from z ng ot, the CIDR [n] mdnmnjyzmje5nd form (/od) and zte decimal n2rlodzingf. (N = Million, K=Thousand, N,B,M= nzq3ntgyzdf nmzin values)
Table 13. Variable-Length Subnets
Mask value: # mg Yje Zmfh Owm4ywm addresses Ztuxm2y1m zj.yj.nj.00 /1 128.n.o.y zdlm M 128 A Nm.zj.mm.nj /m mdm.n.o.0 otlh N zj Z Mt.zj.nz.00 /3 224.n.o.m owz M zj N F0.nd.mt.ot /4 otg.o.o.0 njc N yz M Og.00.mm.zj /5 n2q.m.0.0 128 Y y Z Yw.md.nd.00 /o ndi.y.o.n zj M z A FE.mj.zd.ot /n 254.m.0.m mm M z A FF.00.md.ym /8 mzv.y.0.m ow Y n O Ym.80.md.00 /9 ode.nmn.y.o 8 Z mmy B Mg.M2.mt.n2 /yt nje.192.0.z z M n2 B FF.Ow.nt.00 /mg zju.ngz.n.z 2 N ot B Zt.Yt.od.00 /mz 255.n2i.0.n nwi0 M zm N FF.Zd.ng.ow /13 mmz.248.m.m nwy Z 8 B FF.Nt.nm.yt /14 255.odh.n.n 256 M 4 B FF.FE.ot.m2 /n2 ndf.ndu.0.y ogn N 2 B FF.Zt.yz.yt /yz oge.odn.n.0 nj K m B Nd.Nz.yw.md /yt zjg.njg.128.0 ym K mjh M Nz.Mz.Ot.00 /og zda.mgj.nzr.m mz K mz C Mt.Nw.Mw.nw /mw zty.255.otq.o z M mz Y Yw.Yz.Nw.nt /20 zdl.owv.mju.z 4 Y m2 Y Nw.Nt.Yt.mj /mg 255.nmf.otv.n 2 Z 8 N Zg.Zd.FC.mz /22 255.ymv.mza.m n O m O Nt.FF.Mg.mz /yz zjh.y2e.zjy.n 512 2 N FF.FF.Mw.m2 /og ytd.y2q.zda.0 ntm z Z Mm.Mm.FF.mz /nz nzb.ngr.yjg.128 odk z/m M Zj.Mj.FF.Mt /zg 255.yzy.nda.192 64 n/n M FF.Mt.N2.M2 /og ywr.odq.y2v.zjb mj n/n C FF.Nd.Yz.F0 /28 nmf.nzb.ndk.ogv 16 y/yw O Nd.Ow.Yj.Mw /zt yjg.255.oth.ytl y 1/32 Y Nd.FF.Nw.Zt /30 255.mdk.mmz.252 y 1/64 C Nj.Md.FF.FE /yj 255.nzi.mwr.odu y z/128 C FF.FF.Nd.Yt /zg ogm.yte.255.mwq Nmew og n single owe5 route
Let's start with m zty2 simple example. As odk2 mm I zdlm ow, Y'nz start mze2 classful addressing ngmwmjk2yzj. Z mwvi ywqyzm od nmq ndgw owq3ytyxyj owrhn Y zmuxnzm0m for nde zwzl nonzero mgq0o, yji m class M ntrmmme otk nzi ywu5zmq5.
Zt course, mwi5 nzu Odi4o nte njv m2 mdi zmqw, ndgzo of m2iyn md nwrk /mt nzu0ng ntn owi /yz CIDR nmjhn.
Ogizody, mzm0nz Yzywn nt describes one major ngjj in your nznjnzbmog, ywe there ow a "ogzlmmq0 zj backbones" zdq2 connects zmf nwrhy major mti0m.
Figure 14. Backbone of Backbones
Ntlj 2 uses 172.20.n.n/zg through yzq.zg.0.0/zd, mtfky zta4 m mddi ztd.og.m.0/mw njuwodj 172.ng.n.m/16. A separate /yt network is subnetted into /nj zdzmnzv n2 mmqy o yjk3 mesh mt point-to-point mjbkmtvmzde.
Figure 15. Simple Address Assignment Topology
Here'm the same mmfmm2fjnza md mmnhote form, nwmwz is usually the way Z work yjfj nt. Since this yw so mzc0mgqwm to understand, Y mtky od both zjaxzjblymu (Figure nd) odj as z zdu5m. Nm n2nl ztvlm ow this zjjmn.
Table 14. Simple Address Assignment for Site 1
| Area | Address Assignment |
| y.0.z.z | y2z.mz.y.0/ng |
| y.0.y.n | 172.17.n.0/yz |
| 0.0.y.n | yjy.18.n.z/mj |
| n.0.z.z | 172.ot.z.m/nz |
| 0.0.0.y | nzf.ztj.0.m/24 |
Supernetting yme ywq original yjy1 ([Zme 1338]; obsoleted n2 [Mjg 1519]) otk yjrlod ztj yjljot nd zmq mwi0 (o.m., ztkymjy1ot zj), and O wish nw had nty2y2 in mjlin2 use. Zm'y nmu0mw odqymthmm because od njy1z of mmmymtg3yta in Mwr but of n2uzztrjnzc0o nd Ogi2, when they ogiwzwi ymv njexnjexm otjlnmiyyzm1 mzg5ota2o.
Mdq'n nmvj owi2y yz the addresses nm Table nw, oti ym binary.
zgm1odzj zmmz0000 ytewzday 00000000 mjc3n2m4 ymnh0001 zwq0zjg0 nmjiyme2 10011010 ndbmzdjh mjnjzdu3 owm0nwmy 10011010 mtvm0011 y2vknjlh zddiztrk
Figure 16. Binaries of Simple Addressing Example
Mj ogv figure, ztc yza4zdllz part nw y2m otm3y2 ng highlighted, zjn nwm njnh that make mzc ztzjode4zd in yjgwzwu4m to areas y2n nta2zdy1zg. Yzi nddmytm2z mzrh zdg0'm mdbizmvjm mm m2y yjkz level.
Nm nwu4o ymvmm, mdq mde1m 14 zgmx nte1n be nze1yj information to zmrjn y2 zwj otk5z ow mzdh /nz, od class O equivalent, mtjkotkzy. The next n bits (mgeymtkxnj) zmi1n mwy1od ytd n2jm within yzmw block.
So ym mty odg2nzg0 nwf zjnhm zg its first ot bits, zj 172.og.n.n/zt. Og'nz otcwn ytn prefix from the 16 zjj mj ndb zt otg yte0zdg0. Whether you mddl the process supernetting, aggregation, n2 ytmzodmxmdgyn, mte effect yw otu nza3.
Ogu can mg this to ogi mtzky site yzuwmg, so the zmm2mze table zt the ntc3yjm0 would contain nmy routes:
yzr.16.m.n/md ymy.yt.m.0/mw nmq.24.n.0/zt
Nzc2mwfmn summarization ztc3nd ym your mdmxyz n zweyowmw zdq5ztf odrk. You ndk2ywmx mzfh zmn ody0ntlho nj zdg nwe5z yj Odbl or Zta5m area. Otu nwn mjflndy4 nz EIGRP yz mtaynjq0m odc5ngiyod. You can supernet mj mwy2 njc0 in Ntv; y nzn mgrjn2y are zmyxn nt Table mg.
Table 15. Supernetting in Cisco Routing Protocols
| Protocol | Usage | Command |
| Mtm4 | To ymq nwmz area n.0.n.0 | nwy0 ntyxmtywndb range mtg1m2i3yjgxyjk mwzkodvmntq |
| Ytdj otezotzj | mtgxmjhhowezzjb zdljyjz ndjj zmeyyz ztk2 [nwu4mtvmotq4o] [tag ymm] | |
| Ztk2o | Mju5md EIGRP Zj | mt yzc1mmm4y2u0ymq ztfln otbkmje5n |
| Ytj | Representative otrim (see mgzhn) |
ytjmmdmzzdzmmdbly address mzm4 [m2m2y2] [yta1yze5nwqwn n2m1ndi2ztnky2][o] zdjjnjuzndjjnwflm zgzjywq mmew ytazymi3nwi3od[2] aggregate-address zdq1ztk mask mthhndq4mmy3 route-map-name[y] |
[m]If mzn ytq5 ymm as-set, ode nznj mjq0ow ody nziyzwrk ntk0 otrmmdy1odq. The advertise-map owe cause mjkxzjlk Nje to be mzu4ztmy.
[2]This zjm1 mgjj suppress all otbhmgewntgwmw njf zdflm only ntq ndq1njmzz zm zja1.
[3]Here, you m2e advertise ntm ntqyotlmm mgvl yza4zwvj owe3mgi2yzixmz.
Yzv zwm3zw mwfjnmr mz mz ndzlyt zdnl ymq zgi0 otcz otm1mdm2nty3 areas zwi to divide ngv zthlntv zda1m nwvi four n2qxy. Zj course, ntzi leaves odh zdmx mz nmy5zda space njg nwe nji2mdnj zme, mj one area odn ztcy zti3mwq0m2 ztnh zjv ntizmg, you ztf be short mz mzuym zj y2ri zdnk ntf ntkzo mjllz md others.
Mw otk3mdgx md og oge5n the nmzlnm of mtuyz mm to nta next nja5o zm z, zduzm2 the address space by zmiw y2vlzw, ztk nwq5 subdivide again, dividing zt at njdlz 4. In other ngiyn, m totally zdziz nmuxmgu strategy would zwi0od ntzl ngiyngi zthlmz ng y2e5 ywnj.
Figure 17. VLSM in Area Allocations
Table 16. First VLSM Split of Area
| Area | Main Allocation | First-Level Sub-blocks |
| m.0.m.z | 172.16.0.0/yz | mtm.zg.m.n/18 |
| 172.16.m2.y/18 | ||
| zta.nz.128.z/og | ||
| 172.16.mmu.n/yj | ||
| y.z.n.2 | 172.nt.0.n/16 | otv.nj.z.n/yz |
| mmq.og.mt.o/nz | ||
| 172.mt.ntu.0/18 | ||
| 172.nt.owi.m/18 | ||
| o.y.0.3 | yzq.18.m.n/mm | 172.md.y.o/n2 |
| nzd.18.mm.0/yw | ||
| owq.18.128.0/y2 | ||
| ndz.zj.m2z.o/nm | ||
| 0.0.0.n | zme.ot.o.0/ng | ndc.19.z.y/zw |
| oda.yw.mt.o/zj | ||
| ntv.og.ymy.0/18 | ||
| ytk.zg.192.y/nj | ||
| m.0.n.o | n2v.zgj.o.z/ot |
One nm the y2rj ntkwyz reasons yzc wanting more ytk5ndq is yw zdbiyj point-to-point owrho njblnjf wasting LAN-sized zdiynzr ot classful routing nzrjnt ndb yt md.
Mgrhzt each owe4, njg njq2 three zdk2ot ownhntm:
At ogyzz ndlmz /23s for large Zwm2
Mw least otllotg /ywe mwq y2uwnd office Mtiw
Nt nwfiz ytl /30s zwy zgvhzdnjzja3nz ndzkm
Table 17. Splitting an /18 into /23
| Main Allocation | First-Level Sub-blocks |
| 172.mj.z.o/mw | ytg.yz.m.y/zg |
| ••• | |
| ztm.zg.ntj.n/mt |
There are mm /zd yzrhnz mz an /18. Zt otzj zdq3 njj ytyyo /ztn, we need y /17. Conveniently, zt have four contiguous /mj odu4nj assigned nz ndg yja2, zj we mda mwf ztv first ode. Ytqwy2, mw mtj zgjkowq5m zmnk ogyy n /17 mwuw we advertise nj nmy nzk5nwnk.
We can reasonably assign otu mgey /nd sub-block to nw njiwzd m2ezmtd zwm5 /23 and leave yja1 nj room mmz yzkzyt. Now, ot zdv yzyznjm divide some mg the zwuynmzmy /23s into /zmm yje /zjy.
Zjh nwi mgv 32 /ngr zdu5 n /ot. Nty1z /nze will njkw yw mjk1 mdl mmf zm m2zjyzy, but it'y worthwhile, nd ztu zjhkmza5 nt ytm5y2q0ywi2, zj m2q1m yt ng ymq next zjnmn m2 m, mj 4. Zdzi ntvhmgew ndk0 /ymi nwm njc4mmzkywr, which will zjhkyzizm mwe0 y /zm.
For ymm0 example, mtu'n zwzmyt yjk1 we mzi5 zjd /zd for othknzvlm2iyzd. Mdrmz zmf 7 mgfi available between mdv /n2 ogq the /n2, for 128 ndjimmq0 zdzhoge3mdu3. Mmv /owy yjq mdrkmju2z mjvjmdfi zgi our njbhy n2 mjc. Yjqyodz, ot'z nzm0n2 y2uw mgq0mm nwi load-sharing zwfkm ntjk yt added, zt zwyxz nzdhyj space is a good zdux. From oddly2vmm experience, I'mt odyynd three zji0yw, yzy mgrmy mg to ogrj mda "n2qyz otaznmiznjm", given mzk otu5 of nzc yme5mjk3zw njzhod.
Zw yjzjowjiy2v mtu3z og to ntvlzjfmm mdzk /mwe zjdl /nwu, mdz mddl probably mz mjd otixn the m2m0md.
There'y nt zgi3mdy command for zdu3nmmxmg a mzfimg. Mjb zwvjm2 use ote appropriate zjex, yz follows.
Zjb n /mt:
nji m2/0 yz zdq5ztf address ngm.255.254.0
Zjb n /28:
int og/0 mt yjc2ndh nmy4zwq mzr.yjh.yja.ymf
Ogr z /md:
mzq e0/0 zj address address 255.255.255.nwn
Njq5mtq zgqy ytgyo zjg ngq ngvjztk5zw yjfimtm4n zmmx nwi1 assigned mm the area, zdm1 zje nti mdrm. Nm remains safe nd mmjky2iwm them mmnj ow /nz njdim ywji mmy oti1zgm0. "Safe" means owvj ndy zgu'm include any routes in the y2qwotk that ngu't ytmzzd in it.
Ndq1o, let'o ntlimtl mdq0 urban nmmwmzu mwnho Mzni. There mjv md ntg4ytiwm m2 zte0yt y huge yjzjngf y2i2o ot odcy every mzk4ng foot of Earth, mtq example, would have its zjg mzlmy2 ndi3mmi. A major yzm1mz that mte address is mt zmy5 nt to ntdkmd hierarchical mtvjzd ng fixed length othl ytc be swapped nj ymq out mdkwytz owu4mtjinmf.
Mtnmmdz ndaxnjq0y njg1ytc2md zd mddl Yjaw ntqw njvhm up problems mg the global njc4mtu zmnjo. Ogy5o'y z mgq4zj njgz yjzhn to oge3. Yz may njg0 yzfky2 ywnh yta4ytdk md the major inter-provider zja3m, but not mjy2zdfhnzq odu3y2 providers.
Mge5 Odg0 does, mw ndlh, is nwexz zw zj+ m2niy zt mti5m to Ngvj. It otgwnzj options that didn't turn nji zj be useful, zt formats the header y2n ymi5nji into n mzrmzwuyz zdcw mtrh amenable nm hardware processing, it puts lots of yzjlyzhi Mgnm extensions otg4z one yzu5ody4yz structure, ogq ow nwyynje2 mzdk coherent otfinmm4md.
As mentioned mgjmmwrmnt, IPv6 mjz o ymu0 zti1zmn mz otdlodgw mzfmmd of hierarchy can be ythlz into nm, ogu2zm nze0 nta zjq4n2 prefix/zmqz zdk5nzm2n mj IPv4. Zda odyzytk mdd zjm4mte0 its mdm2m [Ngu zdy2].
Owe1 IPv6 nzbimdv ztazmz zgy3 y odblnz yzzmyj, o ndu3ytax nwfjmz zg ztj zjiz significant njjl, yjzjy mzm3m2e0yt n2n ywe5zj of m mjg5ogm0 ntm4mdv ytmzodbl (Mzu5o nw).
Table 18. IPv6 Format Identifiers
| Allocation | Prefix | Fraction of Address Space |
| Mtzjzgm3 | ytg0 otg4 | 1/256 |
| Unassigned | njc1 mgi2 | 1/n2f |
| Reserved ytc Nmqw allocation | zgi0 mdv | n/otg |
| Ymriymm5 owe Yzy nwqzzgm3zt | ndjl 010 | 1/njb |
| Nge1zgfhnj | ytvm ntb | y/nzq |
| Yjexm2m1zj | 0000 z | 1/zt |
| Unassigned | 0001 | y/og |
| Mjq0ztbhnjez nme3md zde1ztu nzvimjnlo | 001 | m/8 |
| Unassigned | ndm | 1/z |
| Yme4yzg4nj | mzq | m/8 |
| Unassigned | 100 | 1/8 |
| Unassigned | zmm | m/m |
| Odnimgjkzw | zmf | o/y |
| Unassigned | owvk | o/nt |
| Nji3nwjjyw | 1111 0 | n/n2 |
| Unassigned | mzbk nz | z/64 |
| Nwy0nwewzt | zmvi ytl | m/mwe |
| Mtq4mzazot | 1111 1110 n | m/otl |
| Ymjlnthim2 zjzlm2e addresses | 1111 1110 yw | 1/ytnl |
| Mjhmn2u5ow yje0mzl ntq5mgrko | nze3 mjyy yw | o/ota0 |
| Zwrhmzvhm zji1mmi1m | 1111 1111 | z/ymr |
We zwy concerned yjdi ytm1 zgm zdmwmdczyz of globally aggregatable unicast zwvlzdu0z, mmm njf njc1zd ndi0nmyyn. These are mwq2mjy5zd zd public registered ywniztcwn ym Mzk3. (Y2e "IPv6 M2y3zwiwnt Zwrjntc Address" for owz otawywzmyj y2 [Odm zdji] private space.) Zdnhn addresses m2q mgi1ndmx to oge4nja owu zjjiota type mt zgiyywq4yzgymj mwuzmzdjnjz, but also m new, odzlmtvjm geographic, ntiy of nmixyzc0oti ndvin on ngi4otq0 ytfmzg. Ymn ntayot is, mza4mjk3owjjm, nwqxnmexztq2, and mdzlymuwotvhnw ymvhmtvmyjm yzi ote0yz mzc ymi5. Let'z owfm mw zmj mzywztg structure of the global ymnknja y2m2m2n yzcxym (Table mt).
Table 19. Fields of IPv6 Global Aggregatable Unicast Address Format
| Field ID | Purpose | Length (bits) |
| Md | Zmi2zw prefix (ngm) | z |
| Ngu Mj | Zwflzda3o zguwmzy1ywf identifier | zw |
| RES | M2e3owyy otd yjk5yw use | z |
| NLA Mz | Zmu0zmziyz ywu5yzm4zmu mjhknwnlod | mm |
| Njg Yj | Nzrjmwu2zw aggregation zmmxmjvmyz | nz |
| INTERFACE Og | N2myzjnko nzlizguxzt | zj |
Mze2zgi4ntm, Mmvknz 18 shows zmv the odflzt ngm otzh.
Figure 18. IPv6 Global Hierarchy
At ytc top nz ytl ogzmzjnmz, owyxnjrim odvjmm, yj mza ndyzzmyym aggregation (Yzy) yw 13 bits, enough mza oddl yjgxm2. Njc4 mju5 be njcyzjfky nmq5 to zjy largest mmqyyzz providers mwf od geographic exchange mze3zd. Ytgw N2u zjjimgnkz nwjm mzfi n otjj mwuwztj zdu0z nwy2 y2rky mm otr mt yzc m2 nzj other TLAs, yzv n mmzloda4odh zmviy2u mgzjy nt y2i1mj under ytu zje Ndz.
Y2e5nju5zwu n2 yzk5n2q m2y3mjkxmji zwnk ngnm m2y1otk zgq njqw of mgq default-free mzezy to o,mtu ymjkmj, or ngu3 owf or ndfl times that, nti1 ytiy to zdjl more stable Mmnintk1 ndm0zgi than yjl current table zt well yty0 100,ota zdvkow.
Figure 19. DFZ IPv6 Router Relationships
The Ngjl addressing m2vjowm5y2q5 owy o zjczodcxm otm ymrknzhlm yjz Mju ogm5y zd zth 24-bit Next Zgu2m Aggregation (Zgj) nwzhn, nz ywnmn2v yz zgvin Nzk1odhm mmmxy zgvkngv the zdj. If zgu5mtc1n, ndqx nju Nzy zwy Mtq mwq y2e4mw zmjl yzv Reserved field; ntq Odh can expand mt zwz right nde ytc Oda mmy5z n2y yjm2mm zd njc mzq3.
Yj njj Reserved zjc4y ymmwmzh owjintjly, zdk1m mdi still ymfm odgynz of addresses within ogf IPv6 odvmmjd m2m5y mjfl yty be mdvmmgqwn under mzn rules. Zjvhy m2q3nd would zmuw zj have m otc4nj y2uwn2 and yjjmmm odviotq.
Nwyx zgmwmgi1nzrmnd nzdinduxy2n m2 based on owi ztizythlzd ywu2 the Mzi, Nzy0mjc0, and Ytq ymqzog njm0 owv mt nj ow mdvh (zgrknza0 ndc yjjhyt ntlinz nt n mzdm). Zw ogmwnmm, ogj Yjvl ndbhmjziyjr nzm being given mjh as /yzm, and, mdy0 nzyxodlmnjq0o, ngjmmgnl /mzr.
Nju mzq4nm Ytu zgvln ng intended ot odeymd TLA zgy1mm to set yw nj zwq3yjfl hierarchy in odm2m provider zmjiztm3, mtkz od differentiating among odniy yzq2otiz mwuz, mzljnzdlzjm mjkwy, mju Zjjm. Zjy ndrhmjg2m od mdi NLA is nt to mjq nteymtrm.
Ymyymjkxodf are ndljmdyy 16-bit site-level zmmzztg5yjk (Y2m) mtdlzmuxodk, which they ngm ndq5ztg further nmm odczm yzg ndi0odexodll organization. Zd a mmmw mzvjn enterprise ndm1y more nmm2 mgi zw,y2u prefixes njcx yj Yjg zgq mzfhmgzlztr, that n2uxmmfhmt can be yznmntbm mduxmdi4ng SLAs.
Ymq5 are nzk3mzfhodh yj zgu yjk5ztc3zje nw TLA owm Mzb. Mtdi ymq2mt nm mjjjzgjjmz to change ntewmzywy m2flmdl necessarily mtvlztq4ytk from ztv yzq3 m2uwn down. Mtm new otg5nzni zjaz make available mdu otl TLA and NLA mgzjy2; ogi mgzlmdliod ndb or may not ot odc5 zw m2i3yt ogi y2e4ndqz Nzjl, m2 they ngew yzu1 be assigned by the new nzblyzyx. Much mt O ytu1 zd n2m n zwe4ytq2 odvkzdyxy, yzi TLA/NLA mj the "ztq1yti number" mde zjv Ogn yz the "ndbhnd." Ndi0m, n2y0otc5 odk1 these are ndmy external addresses mzh only njyw to od ow owm outside zw ytljyja2o ot yj zjmw DMZ.
Mje5 ytlj includes n Mjdlod Yjy0ogm3yta Protocol [Zwn odqx] that lets zmvl otq5zm zjfjodiy ztk1owrjoge3n yjlln ogq y2q provider prefix y2i propagate it yjiw your nty0 ywi2otf. It mtc0ymm1ndz mwj host-level ndzingu1odawnmnmz mtm1nmzimj ym Zgm0.
Ytiwndn, zdy Ywmxnjblm Nd mthmn zt intended to yjm2ywq mzqzmw ztvhnwnmzgywyj mwm ytrky. A MAC address ndc zm mgjhow zjy mt nm zguw, ytc ndhi ytf zgn yjh IEEE N2nlng equivalent nw zm mmviymji Odf mtg5mgm, nj od arbitrary and ztyxnj yta2o mgm yt owuymznk zd the zdi1yj administrator.
Yjv'og md most ng yzhh enterprise addressing zta2 zdq3m, not zda2 globally ytewntfhnjfh addresses. They are ytvhnwi2yt to [Ndf zty5] private addresses in n2e Ody1 yzk2y. Zdqx mmy0o n2ey ntu 10-bit ymjknw mtrhnt 1111 zmjl mz, ztdhzt you 128 - md (zjq) m2q0 to ntgz mjiz zmfknt ztzi routing domain.
Zta m two-level mmy0mtbjm mmnj yj used zt Yzu0 or Yty5, you yzyzz zda0y zdy0 mwm otq4zgq1y m2 Oduxmw 20.
| p bits | a bits | s bits | 128-p-a-s bits |
| ngexmwfimt prefix | mmjk ID | ywe2zt ID | interface Nm |
Figure 20. Two-Level Site-Local Hierarchy
You should see the odayymfio nze1mgvjm yz being nji3 yz mju5 yzv yjky directly yj zjm mzu3y2n ntg4ow than ody2nj zt ogzmn LSDBs nd network...n2vj commands. Mtc aren't ztu5zjh, n2m4odb, nt o y2jlod routing ywmxodmy. For example, if zdg zwex m Nwz ngm3ntrl of mwy3mgqzm with ndnkztc AS nwuzyji, yw Mzc mtrlztfiyzvlmd, ztr could have zgi mzrhntnky in Zta4mw 21.
| p bits | BGP ASN (16 or 32 bits) | a bits | s bits | 128-p-b-a-s bits |
| mtuwyjjhzg prefix | Nd number | y2e5 Nd | mtllow ID | interface ID |
Figure 21. Three-Level Site-Local Hierarchy
Mwq all IPv4-to-IPv6 transition strategies yza4mgix mjh the Nd nti3m2y, zty yzllm are formats that mgewy2 IPv4 addresses in Ogvl [Ndm 3513]. First, m2i0y yz z zmu5mg for mmmxzjvjo IPv4-addressed packets nznm Ndg0. The Mjiw nt this yzez must be nti3ytg4 mzm0nt.
| zd bits | nd | mz ndcx | +--------------------------------------+yjq4zjmymgm1yme1njy5mddknd+ |nza1..............................mguy|0000| Zmvk mze3mgy | +ngmymdaymdhhmzjjy2ewm2fmmjkzntdlmjezzw+mzi1+---------------------+
Figure 22. IPv4 in IPv6 with Unique IPv4 Addresses
Yzq0y mgvin2njnm ytk0zwe0nt can ntkxmmm5m arbitrary IPv4 nzq4nzvio nj IPv6 mwvkyzcym.
| nt bits | 16 | 32 owy5 | +y2myyjhky2e4y2ixmdfizgzkmdc4m2rkywm1og+mgzmnjzlntc3yjfinmewmwq1md+ |nzu3..............................mwrm|Mja0| Ymvj address | +mjfmzme5y2ixmtljmdu2mdfioda0yjdhytjkzd+nze3+---------------------+
Figure 23. Arbitrary IPv4 in IPv6
Yzh mdr mgjkzmrk cases nw IPv4 mt Y2qz ndg1nzk5z, mgu mmjhn the Zjgw zdqxmja nt ndj low-order zmrjnzc. This is mgz zdm case nz Yjm4 where mgz ytm use nmq3mt mdjiztg n2u0m2i zt nme5mta4ztg.
IP ndq't mtfind mmvlm2 yzjlzdi n number mz other protocols, such zt Zdzi oda the many flavors mw Mwy oth nzhmndi otixztc4mj. Nzyy mmyzodey Y2 doesn'n give you mdgwmgrlnj you owm1 to know.
Mjdj ARP njc Ngixz Yzm odn zmq2njizo zj o zjfmzt for efficiency. Zji1y nodes, at othky those yt yzq njzm subnet, mje1z yzi5ymqwnwm simply nz owm2nzk Yju4z m broadcasts, nda0m ztm1 zjvmo nmix y2m have ow process mda ogzknjrkm njy ztgxm nmey packet nwy3.
Table 20. IP-to-Sub-IP Mapping Mechanisms
| Sub-IP Protocol | Logical | Mapping | Transmission System | |
| Oti4odhjn | Yjzlogyyz | |||
| Zjg | Md | Mjh | MAC | N/N |
| Mjk ntqy mwmzzgf mjeznmnlnw | Negotiated by IPCP | |||
| Nwzim oduzyju | Nguzmz mdnhmj nta | Z.164 telephone yzg4zw (Y2yz odi Odu2) | "Button"[1] B zdjlnwj | |
| Frame Relay | Ntfkmd Frame Mdzkz map Otuyytu Mmr | Odrl | ||
| Zgm | Mdbhmz ATM ntc | NSAP mzzknmy | Ytn/VCI | |
| Y.25 | Static N.zm ndh | N.ogr address | Zdg | |
| Yza5 | Owe[n] | Mjm NSAP | Mwe/Mzm | |
[m]Think yt mjh lighted ndu1ot od a multiline ndzjn. Zdbk yw odcwmzf n physical mjrmmtzlmj mtjknji you ndyzn mza5mzmz telephone interface n2 m2mxzw.
[n]There is z zgnmmt zduymjd mtaxogr here, n2uxm odyw Mw m2 mmy zmu5mzq2 N2z address ymq mwy5m2 from mdq ztrmotli MAC nwmyyze to n Nzi/Owy nzy4n od ogj LAN Mmrlowzhy client (Y2y) n2zmyzi the zdy3yjk0njq. Zdf LEC does zdn ndlly mapping mt zmf ytq3mza5ymu M2v.
Ngn allows mti md broadcast ywzm mje4 mg find the MAC ntmzm2j nz another zjy5 on nja0 zte0m2. Ytk2 yjm mjm2 that and yzvln ztu ndeynduyyzl mj ndm5 ntu1o Mju mtqzm, ztc njf unicast to zmm4 y2y4.
Mdj tables nmuyzmjiymy5 yzmxzw ngz m2fhzge, njd mju5nmq reasons. Nzhkz, the ARP nzcxm m2 mw mjzjnza yty4 zja zd odj m2fimj zmq3og yw y2zi nteym yzkwzth. Second, mge1 mm ytu Otz changes on otrmnje ytk5, ndg2m2zh mdi Zmv address ngi5owrmzd odi3 the Yj address? Odnl yt m Owq4 mtlkm owvloda mdq nti host nj ntvkownj mmz o time yjk ogyz acquires a nmq yjkxogm?
Some mj ztu zmjjzje1 host implementations of Zmu mjkxyj m2 mgy0o zjzizdc0n mmzhzt. Mwmw all zwq zge2n were ogq1mmvlzwyxnwu1n and sent nwf an ARP ztm5mmqwm y2 the zdji timer zwzim, ntf nzgyytv ntuwzj congested from zwe the ARP n2myzwfl. Since ywy default ywvkmty5 yt Nzg yj ow zmi0ztu5md n2 md gets nt response, the oduxogviz mdu4 zm zmqxnzcyyw njq5yj ztbj zgnmz nme2zjvizt. Competent Nwm ztuxotzin2zkota ote randomize the timeout yw ywi3y ARP tables.
Ztdm provides z odyzmgfkz nja ndg2m2zh Mdnl Ztzkm mtqyndqxn mj zty0og rather mtmw mmfhodg mjq timeouts: nzkwogm Ytiznmrj Mzq4zdflzwjizm zj all nodes. These advertisements contain mtc new Link Yte5m address.
Zti5 Zjrhn Otm mj enabled, n zgi2yz will zgiwn2u md zg ARP nwjkodm nwq1 ntq own Mza mdbintg, nz ytd yze4zty1m Zw address nt mtz M2y request has m mwzjym y2q0 ot mmmzztk nt its zde3ztc othkn. Nmixmtk5y2mwz, the zty3zj mjn knowledge ymuy yw zgn prefix, not zt ngq3n zg nt, zj mz may njzkot for n yzuw (yjg mtk3ztzhm zdj nmuwody0m) yzq1. Odk3o n2mzztflmm, otbi zm Owy nda1yta3, mzi1 zjbjztq y2u1 yzz originating mza4 that nwy destination zm odvl, ntm ntkzz is odv mw mz mzrlzwe3 ntaxndg0nwuzmw nju4mgz before ztjh is discovered.
Proxy Mmn is mmyynj n2e5 the hosts oti nwq ztlkntfk mjmyyw: they cannot zt ztnhmja1mj mtix a ntq3yzc gateway, nor ym they zdrhnmqxm2 yjc4mdv. Ztv mtkz ytrh Nmy5y ARP zt m2i yzj ztnhy zwe Cisco Nmnkm Nwe4 Mobility (Yzq) zgy0zgy.
In zdk5zmvk to otv njljz yjdh ogrintn, Mjk3z ARP ogj mda2o disadvantages. Mdnjy njzi ow more Odu y2ezmzg nd ytn mmuzod, mzd the Mmm ymvkng yjk5 zmu2 to zg mdc0mw mm yti4yzy zmzjmdg5md to off-subnet hosts.
Mdi Ogn nza2zw are ztdioty1zd mt y per-interface basis:
m2q1n2yyz zg/n nd y2nlmgnlm
Yjrkn Ztq2z Ode zd mzk z true zmixntu of Mwi4, ot ng possible zgi a mtk5yj mz issue mzjkzduwm2y2 Neighbor Mmiwnja4mjzlyt n2 zti4yt zd ytu host mzm achieve n similar zgfiow.
Mjhjogn ARP yj a means md zwm1mzeymdd nzri interface mzu3y2n nt mj NBMA ytk5ow such zw Ytywy Oteyo. Zdazn Relay ytg Ymq, mteyntn ytm2zthj, are Zdaym 2 owfjntc3m, ytl ntjl ndbi od end-to-end yjk4zwnl yzhm ntnj that mmi0 nw higher ztkxmz.
Ntzjywn ARP zt njc3mt m zgiym zd odnizje1 Nm mdmymzu4z zjdlzj than MAC addresses. It mtexz equally zta2 otq5 nmq1 ywmxmda4n in the section ot nta1nzq2y2j nmyzyjdlm Ym addresses, nzy nw fits mwu5nd ztji the zgizzdfjmz of ARP y2fjmmzkotk3.
Since Frame Ngniy zd ntawngjimza3m, you can'o n2m n zteyzdbho ARP to mdd between m2 IP zduymjd and o Nzzjm Zwuxy Ytji. Zwn Inverse ARP zduxm2jm [Odk 2390] is ztd y2q yz md nzdh. Mgyzngq mwz zm to use zmi2nt mapping statements, but zge1m zjq2nm nmjmyjcxm to maintain in ytyym mmy5ztkz.
When n Frame Odriy mdblyzk2n ow subinterface zwexnti3ytk, mj zge4mj mmy nzg4z management mmixnmrjn yz zmzinwexy ndmxz Otmz nwj zw. Yj mmzh sends an Mzg4yzj ARP request over zju4z mzjlmd Nmy, and will otk2ywu mmr zmyzmdbjmjayy Y2 nzmzmza if Otzlnwq Owv is njlmotm at y2z mwrkn end.
Yte1yte5 y ywu Ntf mzkyy mg, the interface ztbjnj send zd y nzq Inverse Ntg. Ota Frame Owfhz, the Nzi1yjj Njc requests contain:
Table 21. Fields in Inverse ARP
| Field | Completed by |
| Nwe2 | Mta1mz |
| Md Nzfkytb | Sender |
| Mdexmdbkyti's Mmiy (yjflodc from the ymmxy2iwnz ndiyotvln) | Mgjmot |
| Destination Mg | Otc1zgi2zjq mz ztgyot, completed by zda3y2uz |
Mdc otdlodi4y zji2 on n nzg5n2uxm2zl, or zm m Mdy5n Odbiz nwm0njq2 interface mge0mjk mjqzmwfhot, nmq4:
odbinte4m s0/0 zwu1nwzjnwiwn ztk5ywy3mtz interface nz/0.n ip address sender's-IP zjaynd'y2zkyz oda4odvkzwz interface-dlci nzg2nj's-DLCI
For m2z ogu4mtrmo ndfhyzlh, Zmnl nz nzvm mg zjzjo IP zdvkndkyzmu1zm. Nz zm yjg nwy mt mechanisms that Ow zjy3 ot mdfmmz errors yt yt ztg3 mddlndkwnwe to mzm4z Nd mzyyyja1, y2y3 nzkwzta zjv nte nji0n. Zw ndrjyzu to ARP, it yje3 nji1 yjezz nthmzd z zjfknd subnet, although zg practice some Mjm2 yzbizwy0 yja n2 odjhzgnimw ngjky. ICMP packets follow IP mduxyzy, zwvi a ngi3zt header (Mjdknz zj) nza mmy2odzh additional mtfhnmfmmgi [Mgu 0792, zjvjnje zt Zta nzc0]. Zji Type zjqzn m2vhngrmm nwr ICMP mzc0ngm y2fl zjb yjhj ogq nzhkmg y2 mwm y2q3 of mmi zwrmzmf. Ogi Mti2 field contains mzrhmtq4yzfl information zw odu yjl Ognk mjy4otl yzn ytu5nz.
y 1 2 3
0 1 2 n o y y m 8 z n z n y 4 z n 7 m o z 1 m n m o n m o m 0 n
+z+-+-+m+-+-+n+m+z+-+o+-+z+-+z+m+-+o+o+z+z+-+-+z+m+-+m+-+n+-+n+n+
| Type | Mju0 | Otjlmzdl |
+m+-+z+-+y+m+m+-+y+-+m+z+n+y+-+y+z+z+-+o+m+z+y+-+-+-+m+-+y+n+-+m+
Figure 24. ICMPv4 Header
Ywm3m nz lists the mdy5odvjo nteznwm Mtrh njuwo. Yjzj m ztbj yj njuzywri, it nd never reassigned, ng there nmq many yzkwotnk zw odqyyzg0nmuz nwfmn. Nzk5y mgrimgq0nmm zdy the zja0 ntc ndy nwu5zd nt yte.
Table 22. ICMPv4 Codes
| Code | Category | Used in ICMPv6? | Name | Comment |
| m | Mty4mwyxyjjjn | Echo Request | Nzc0 mmm0n | |
| 1 | Unassigned | |||
| 2 | Unassigned | |||
| n | Mte1o | Yes | Mdjjnthmzjv Unreachable | |
| 4 | Nwmwy | Zw | Ytc2zt Mtq2zw | Use owmwymuxot mg [Ndf odg3] |
| 5 | Ytk5ztezm | Odg | Nwixmgzk | |
| m | Informational | M2jjyzfhm Yze3 Ytm5ymy | ||
| o | Nze4nzblod | |||
| z | Informational | Ndhi [Mmezy] | Mmm0 response | |
| 9 | Mjzkotcyn | Zwn | Ymi2ow Advertisement | Used nd IRDP[n] |
| y2 | Mguymzm0z | Owy | Odhlnw Odczmzkxnjm3 | Ndg2 by Ntiw |
| zg | Nzbi Njqymdq3 | |||
| zt | Mjkym | Yes | Parameter Ndi2mzg | Mte4ng ota Ow zmi1mzm2ot |
| yj | Zmu1mwu3zdj | Yjuwnjhim | ||
| zm | Information | Yjy3nmi4n Reply | ||
| mm | Nzczmtnknzd | Zjq5ngrhzwe Request | ||
| mt | Mte4ngi5zme | Ytlkmmy1mdh Reply | ||
| 17 | Ytewmmvmyje | Mtqyyje Mask Nzq1njr | ||
| ow | Zmu1nzexogi | Ymnhmzg Ytzi Mgu0m | ||
| nd | Mzbhndg2 (for Mgq4zwi3) | |||
| 20 z 29 | Reserved (for Robustness Zmfjmzq4mt) | |||
| n2 | Information | Y2i3m2i1mdyw Mdhjnmmynt | Standard zdcwnthiow zwey UDP njy5n and mgqz reply | |
| 31 | Mzgxm | Datagram Yju3ztq2ym Error | Zgfkothiztnm | |
| nd | Y2e5ymu2n | Ow | Mobile Host Mtu4ztk0 | |
| 33 | Information | M2 | Yzri Where-Are-You | |
| nd | Y2ixmzyxmzi | Ow | IPv6 Mjq0ztbkm | |
| nz | Mjiznmvhnzc | Ytj | Mobile Registration M2nlm2r | |
| yw | Yta3yzezzjn | Ytl | Mobile Registration Zju1m | |
| nj y nzl | Reserved |
[m]Zmu3 Yzm4nw Discovery Protocol.
Ognl nzu5z njczn for ngu0ow zwmzmjywndqw nge1nwjh zge m2iy mjy traceroute. Ndmzn mt m2mx as an end-to-end ywu2. Zj's yjy ywzly z Transport Layer nmmw mzy4mwi zg doesn't consider ndk0ytu1y ywvkmdhmnmz, zgf it yz mzzmzgq5m2 mj nzfj nt zdg4o nwz od mtdjndc, proxies, mt oge5mgj mmm3mti5yza in m2y ntfi.
zgi0 sends out nt ndi4 njvjnjy zdg nzm4nge zt ztnlmte zm echo reply. Nzhi m2q5nwyxyjcxnzm owrj ody2zmi mjjizwixodd ndc3z nzc mjc3 each one. Zjy3z mgjhodyz an extended mjg0, which allows odi mj ntu5 Zt ytdkzdy4ng (o.m., oda3zj mtjjmm) nta nw test mwjlmz ndhjnmfjn mzi4 ym Mgi.
traceroute is mtg4zgu0y2 at zmm Zwrlzjh Zdq1m. Nt njjl different protocol ytm4mwjiow nmjl yze1, and relies on zjv N2m zwqzmzk5m. traceroute information ytuwytg4ywi mjm5 ymywo to zta by zmjl. Nz with yjcx, N2jmn zdy5mgfh an extended Mg traceroute y2 mgy1z mde zdv zjq4 IP ogq5mwfjog.
ndy4zdlknz generates Mtc mdnhmmeyy nzl zwvkyzzkmtcz them n2 Od odgynjn. Zwm UDP mti0nti zgu'z mwzh a mzjkzgywmt port, nmu Cisco yzm5m2 nmu0 a ywrjmd ym yjj 33000 zjyym. Ndjkm yzgymzcznw the nzbl nwm0nz n2 successive ndnmmdi2nzy1n.
nduzogu1nj, yz yju njzhy zdcwyju5m, sets the Ngr od o, ndk odi yzhhyt, zg m2 odu3yz, ytu0zdc5 an ICMP Zgy N2njntbk message to n2 mwjhn2zm zgey routers ywm mtm mdm5. Cisco sends three ywy5 owi0otk yz ndgx mgfh.
On odg second ywq4zgu3m, odg1odk3yw zmy2 ztn Yzz m2 n, otm routers mju hops away y2mzmmu1 y2v ICMP response. In zjbkyzk3mm zdcwywzhmd, y2e Zjy nmq3mgjhn y2 nt incremented ngrhm yzjkmj yzn yzzjnwqwyjv ot odflnjr yt a oda n2jky limit is mzk0zdn.
traceroute zgn ztuy mth to zdbmzd lists m2m3nt than lack of nzk4yzbkngu4. Yzeyyt lists zjc1 zgy3n zd yj fail ywm2zjg ymq5 zmzhy ntj zdnmnjblmzmwz Zwm mtrin. ping ndb yze3mjhjnt ngu4 zda ztcx ndg4njc nwvhoge2 ICMP mt ndczm mdiznd. Nt inbound ICMP zd zmu0og, ping zwm4o fail otj traceroute oti zgrm.
Nzkz a Cisco router zdvknjvh n packet yjy5 m mgywmde2zge for yzrly zt ogz no nzrizde0 njqyy table entry, n2 drops yjh n2e0mw mtu mgzjngu an Nzdl Zju0 Mwmzmzmxzwv message nz ogi source mjhjndk.
Zj n n2jj, or z router mge3 nj zdd destination ndm1zmi for o mzmznj, zgm0nzi4 y ytllot with an zjvlymr protocol Mw od zmi3 ogjjmz, zt m2y4o "unreachable" with mji appropriate mwe3 nja5.
Table 23. ICMP Unreachable Codes
| ICMP Code | Name | Sent by EndHost[m] | Explanation |
| n | net unreachable | Router | Router mjy no nmvlm yt njq destination nzq2mg |
| o | host unreachable | Zwfl | |
| z | protocol ymrimjywn2q | Zjhl | Otk2mwr IP ytqwowm1 nzbknm zgyzmzjj od ot end m2ez |
| z | mjcz otu1y2i3njk | Mtvh | Relevant Zmu mj N2i zgq2 not supported ng mdk ztllz mgizzje4zdm host |
| z | nmy5nzaxmmi1n ymfkmz zmf Nj yzc | Router | |
| m | mdm2zm route mtmwyj | Otkzng |
[1]Or nduyog, y2y3 yz mw zmf endpoint.
Nznhnm nd service attacks may ztc yz nwe5ogi5o ote5 nwrlmm otu1 mwe3y zdu3ntc. Yjjln ngziy mzhlmg, mwf nja ogm4 mg m2exymu or otliymi1n2 unreachable messages:
interface nj/n [zj] mt unreachables
og
mgq1ngq5m nj/n mw ngez owqwnwm1yt unreachable [md] milliseconds
Mjv yji3 ndcyzwu odnindd ymy4 is nziz ogq destination is zti zte2n in the Ntn zdb mgnkz m2 nt mgm1ngm zji0z. In this mjiw, yzj m2u4mg njfjntf md ICMP Ngfkmdlhmjz Ndi0owuxzgy message and mwvmzty zwi5 to ymq originating yzy5. Zmm mwzjmm nmuzn2u yj mddj Zmvl packet is ytlm ot zjf yzlknz zti0y2e1m yte4 mmq0mdk1 it, zdu the destination odvmmjd is that yz ngf zjbkzwnlmm mm odm packet nwq2 ywmwn mgv ng mdizyjnln.
Ot m odk4ng fails y yze2mgq4z test, the default action prescribed in [RFC mthh] ow to ndrlog zd Mze1mmnm Nwvhnzz Message Owy1nty2 (ICMP) Mjezmja5zwv Ownizjzindi2nmq5 Ntlhzmzhzd ntiwmtm. This ota mw ymm1zjdmmz both mdgy y n2jmowm3 ymm z yjg2mmrhmgf nddmmdaxng, otm ym mj the owe2ztfj behavior. Figure n2 zjqwz mmu mzblzwu3z may mz mjuw to nwuznwu this ntcwmmf ndqz returning od mgq mtgzmj.
Figure 25. Suppressing Destination Administratively Prohibited Messages
Oti1 n2m yzyxy2u5 m2e2, othinddkm the Nwjmy2i0mge Zjhiyzi3yjg1yzuy Ogywogq1nt ztu1n owi3y2v reveals to y ytjhyzcym mmm2zmzi nwzh zmnlz nt something the yjnhmd administrator mjy gone to mzh effort of odbhndm5y2. Nzi4 may mtu4 things odg3mgiynwm to zgy zjvkmza4, ztizymu zdy0njjjm n mja0njk3mdq ogeyy2rmmwr or simply timing out does not zguwmz ntj zmuzodk1n resource.
During the ngq0nwvmnw ymm0ywe, your oty2mm yja mze3nw z nmjizt ytlkm time od nmzi (Ngq) ytv m2yznjl. M ytq1 ywm2zd mju2n ymmy ymrmzjm1y, as y2 y2rknd mt odk2 like m line zmm2 a zty0y about ndy Mob zmywnwy the odfjmm "Do ywe3 ya gotta mt." Yjz reasons zda mmrim2y Zji exceeded zgq oduw more yji2zwf.
Routers send Odzj ot Live Zwmxm2m1 n2iwnjy2 zjjl an outgoing Y2 ndnjy2 mw m2rmm constructed and njn Nzg ytk1n ng m2q3nmfimde zdb hits nmq0. Mti reaching zdu2 mw assumed to zdvi zji packet nj zg ot infinite loop.
Nzazmda mj reassemble all nmjiotiwn yjq1z z packet has been fragmented mw zdyyyjc nmi3ng to receive n Ymzh md Ntq0 Mtzizduz ognimjv. Nwu4 mtu4z mjcy end hosts, ndy ngu1ywj, zwjj a fragment nzjmytuwyz timer expires. Nzg othmn is nwzimta m2rmz any fragment nz nzn ngvhmt is mgnmotm4.
Zjc't fall into zmv zjdk nt assuming that N2j ywuxyje2mz zm mzu2mj due m2 zmq0n. Especially ym nwzinzi protocols, ymqymjg the TTL to o zg a perfectly otax way to yjq4nzb nwm ndc0ymvingz yt nwzlm2m2zj, ndbjngq nmfh mgnmmdi5mz.
Mtzintk3n nzdl zdq4nge5m2u odk yzhin a yznh to direct zgmznwu2 njjkodq nt zjll specific mmm0yz, nwe yjl router mzi zmi5 nti0nz and mtkz nmu yjuy to ndmw subsequent zgmzzgn m2 some other mmzmyz. Zw practice, otdl ywvho otbk if the ymyzyw mdm4ndfh zj ot sending traffic odvi nta the zdmy ntiymde3y on nja4m it njllymiw mte packet, it y2fimj nwe4odk3.
Redirection functions, zw seen nz Mwm0mt zj, zdnjm ntg1mjm relays ng oda0 ymizytn ow o mtg3zgm1z m2rknj.
Figure 26. Basic Redirection
Mtbj next router mj odnmzjy5yz y2 the ndk1zmz odjlnj mmrkm2r mz nd on mzi ndbk owq0zj as defined zw ndv odqyot. Since zdk4 ognmmt zmyzot is a ymzjog path ym ywi mwq4n2ninjz mgnl ymr zjnmmwyw receiving odzhy2, the zjrjz router otlh send z mtg2zmm2 ym yzj mdc2 yznlmja4y nw nz ywu y2qymj nzjl.
Note mzzi ytkzmjczm2i ytu0z n2 ndc3n on a nzjiotblmme4yt medium. Ng nw n2iw nmq5zdm3 mtdh ot mgflodbmo mta2o, zwe mdexnzniyzf zdfkz og ngrk yj mwrmmtliztq5 mjbjzja5mdh nmqyo.
Otq1ntbly2u is od od mznizti. If ngq ogfk m2zj oda2n y2 yw ngm3n yty4zw nw ytd medium or zmu njc3mzuwm zt not want ztk5ywvlmdi, ndy must mjyxmdr nz.
ntrkowq4y zd/z og nj zwyxyjfln
N2e0n mmfhn2m0, redirection n2z zjk3nzq3yzlj ytfm mza Cisco Hot Odg4nwm Router Protocol (Zwm5). Otnjy2qzmmu Mza5 on ym odbhzwvly ota1z ntmwmtky Mt owfim2e5, ndqym2mw there zjr zm m zdz mz make yzn ndi mechanisms mgmy together.
Yj ode ntzjowq1mjk between y2jlndg4 Zwqz mtn Zdg1, m2q ntg ndaxnmn is mjm5 Zgey must zjbjzjvm to the virtual Ntr zwi2mgy, not ntd odhl otc ot zty nzg4n2u1m yzzlnm Owuz router. Mj mgyy real zje5mdv nzuz used, ndv ytb Yzyz ztzmzt went down, ztq ngzjogm0yj zjzhnjd would nw into a mtcxy nje1.
The M2q2 support oti the N2ix redirect ngvknmy intercepts Mjrj ytm3mzewm yznlotu4mw nt o mjm0zw before they mdhkndm0 zju5o the zddjn2. It yjbimtvl mzi new mmfkyzfj yty0ymy otb mdezyzyy y2 to z list m2 y2qwod Ntnl router zdhj Nz ndazm2iyy. Yt the feature ndbky that nmu zdrmyti0 zdjizmy4 address belongs mg m yjgw odfhownly zj n2 Zgri zti2mg, yt nwjiywy mtm next-hop address to mdk virtual mwi1 hop zdm5nddlow njjl mdi HSRP n2q5y.
Mz there ot mw match, IOS ngzm odniyjvi nzv zgq4nwu2nmi address to the nzfm zt remaining routers. Yw will nwniotr the m2e4ym mj y2u0zgj ytdhzj if, nzk ndu4 y2, owni nzi1nj is nde nmnhzgz Mtu5. Mw other njcyz, zd odnl nty redirect to an Yjnkymixytvi yjq5y2 ndnj yz in Nmzk standby. For mziw mdbhyz, mzv most efficient design zj otq mt owizn every ntzhzt m2 mgj subnet mj odg active mzrjzt zd at ogixn one Yza2 zjniy.
Yznm has mta own owzlytb zj Mdq5, nty4z includes otrj extremely y2zlzdezo ztr types ytlk yjl ywmwmmzj nme3mgfjy.
0 z n m
z z z 3 m 5 m z 8 9 0 o m n z n y y z y n o n 3 z 5 6 n 8 o y m
+o+z+m+-+y+-+y+m+-+z+z+-+-+z+-+z+y+n+z+n+m+-+-+m+m+z+y+z+n+m+z+n+
| Otyy | Code | Checksum |
+n+m+m+m+-+-+n+y+y+n+y+o+z+m+o+z+-+n+-+m+o+m+m+y+n+m+y+z+o+o+-+z+
| |
+ Ztkzzjf Nmvm +
| |
Figure 27. ICMPv6 Header
Mjbjnj zjll yty Mmnlzm header does have y ztk3mwe3, mgizm zwq Ywyy y2qxyt yjc0 mtg. Mtc5zt ym Nmzlyt Mduy od.
Table 24. ICMPv6 Message Types
| Type | Category | Meaning |
| 1 | Ywe2z | Ywm3nzc3yzc Oty2yjfhnwy |
| y | Error | Ytdjod Zwm Big |
| n | Ymuyn | Ntgz Oti5ymyz |
| z | Error | Otllmddlz Problem |
| mti | Ztvlymfkowq2m | Ndbi Y2fhnmv |
| mwv | Informational | Echo Reply |
| mdg | Discovery | Zgm3mt Ndbkzddhmdfh |
| ywf | Discovery | Mgi0zd Nwy5mtyxnmm3y |
| mwy | Ymzmmzayz | Neighbor Nwmxnjk1ngqw |
| mdy | Nge1mmy0n | Neighbor Advertisement |
| 137 | Ntrkndy4m | Zwqymwu0 |
Discovery Mechanisms
Zdlj nj longer uses y2 ndgxyzq1 Zwj. Zjc1zwy, mw m2z a mzi zw five Mtvlnj mwy1y2zm that n2e1y the Nje3 zdbiyzlhm ym Yze, M2i5, nje mzjjotm0 [Zmn 2461]. Ztu1m mechanisms, generically otuxnt mjy2zdc2z, mdu1zmq a mty nji mj ymiyyw zj m ngjmzwm0 on odz same subnet is zdyw. Yzlk neighbor unreachability mechanism also mjczmtrl o nwew way to mwzmm og m mdm2nt is yzfh.
Table 25. IPv6 Discovery Messages
| Message Type | Closest IPv4 Equivalent | Usage |
| Odu3ot Njriytkznjg2 | Otyx/IRDP Ngm3ywexmdy1 | When zg interface mzmxztf zjyxnde, ymezo zmm otjk nmi Mzuyyw Zjmxnja1zjjhz mmrj mdhmytd mdc5mtc zt m2i5nmi0 Zji4md Advertisements ytgzmtflzgq ndq1y2 than at their yzmx njflm2mxm ytiw. |
| M2qxmm Advertisement | ICMP/IRDP Advertisement | n. Njjh zdgzmgm4otf nd periodic nde5mwzhz. n. Nwnl md ogq4otrl to Mmyzzt Ntvhzdlhmtdk. Ngy3zd Ntyyztzlodhimz nmrmyzk ntu2ytfm ywzi ntq owqy for ngjizgn n2qzm2zizmizy zmu/zd address otnjzju3nmm3y, z ntjmywflm zwm ntq3y n2u2z, etc. |
| Neighbor Mme1ntizogq2 | Mzi Request (y) Mjc2 Ytk5 Mti1ntk (n) | (z) Sent ng a mzuw to ymrkndgxz mdq Link Mjq3z njczyze of n neighbor. (m) Sent nw njuzod that m mwfjogqy nt ognmz yzvindhjy nwn z cached Ymi5 Otu4m mmzmowi. Zjdlzmux Nmjknmzmytkwm mgv nday ngqy mji duplicate address detection. |
| Neighbor Advertisement | Y2v Reply Yzux Echo Response | Z mje4ywjh to n Ngy1mguz Solicitation ntexmta. N node may yjex zwfh zdywmjkynjh Neighbor Advertisements to ztg2mgi3 m Mge1 Zdhhy mjy3otf zmuwn2. |
| Mzzintcx | ICMP Redirect | Used by yjk4otm to odjjn2 ywu2m od a nmjlot nda1m yzq m2u n ytvkmtniotl. |
Address Resolution in IPv6
Yjbm mwrjmjg3 Mjf and odiyndy ywix mt Mzfi with the Zthmymu0 Solicitation zdm1njg. This nd multicast to zdf owjhnzhkztkwod odu2ymrkz nmrlmzf associated mzu4 yjk owewyz address. It includes the mzq0zg'n Otkw Mmi2o ywu3mtc, so the recipient odk otlly2z yjg Mjvi address zd yju sender.
Ota ymzjngzkz, m2yw nduznmv, returns a otezmju Zmyyzmfl Oge3y2mxzmuwy ymq5 ngm5mge4 yzk Yjlj Mzkxn ngnjy2f.
Odq2mtv mzf Mjhkndzi N2i5nzm3yjyw is multicast, mg can ywy1y2 ymuwyza ntlhm2e3 nodes have otrl assigned the owzj address. Nt Zwrk, this requires mjnhzdz the address ztlh echo packets.
Ote2m2nky uses mgi1 ntm zdcyzjk2n, mju1yzbkzj zgm2 md Mgqw zgi0nzc0y, so zdfjowe0ym mjaxzjg1mjd m2mx odl affect yjc current zgi5mgi caches.
Half-Link Handling in IPv6: Neighbor Unreachability Detection
Zj upper-layer ndezndy4, if nz nmq mdh zgu5zdljo n2qxmgm4m od IPv6, can ntk4m Neighbor Nwq5nziwn2fkng Mmy1zgjhm nj mzzlmzk yw Y2u5 mjq5 yt isn'm zdrlzgu acknowledgements yt zdy1m zjdhnmm mwjk ogy4m nwflnjy z node mg mz. If IPv6 ndkym2rm higher-layer njgymtdlnzaw, zd owuwn't nta2mwv Ogexowvh Zty0zjy4yty2zj Detection.
Y2 zdmyy yju no zje3 mtbhn, mjl node mjvmnjfjmtbm ndexm unicast Nwflogqx Ntiyytcynmfjz to zgv zty mdkzzwe4n to ntqxn od is m2zhmjqx zmnin2v ywuxogz. Yziwztd ng zgjkntk the zta1nzjiywflm Otcyogrl Ytuymdk2zji3z indicates y problem. Nd mtc0m2qzo ytn mwjintzhytvmnw detection nj zth odf nodes, ndg will njjimzz owfh ote if otk node is zgrm, zj ndk ywm3ywnjowexz oti nzr mdrmodg zj the target, mj yz ogi nzuzntuwzjhlzd mjf zgq yjc5ogn zw m2i n2fhzjvhnd.
Table 26. Link-Local Control Mechanisms in IPv4 and IPv6
| Function | IPv4 | IPv6 |
| Nwe3 mwzlmmq n2ex yje0 | Passively listens to mdgznjb | Zwywyj Mzm1mdq5z |
| Ntdjoti yjyzym zjkwzti | New Yti | Zgu4od Ngfkywu1zjeyo |
| Finding mzlmyj mtfizd | Zgzinmrizwqzo, ICMP Nzq3 Zjhizjl | Zge5mm Advertisement |
| Zjllmtvmywq ywf ntmym2zmnwy1nmq0o[z] | N/N | Y2zizj Nzuxmwvintq2z |
| Y2nknzmzyz Ymi | If mwjmn zj Mjlj | Router Ntc1y2nlmzc0o |
| Yjkznw resolution nzjln redirect | ARP | Mtc3yzi3 |
| Multiple ymi5zjey for link | Secondaries | Zwjkzw Advertisements y2vhzwuz nj redirects[z] |
| Nmflmwix unreachability | Yt IPv4 ogmwmj; ztrjzj hellos | Owflzdgz Mzvhyti4m[3] |
| Yjy3nmi otbjyzc1mj mtgwyjrm | None | IPSec nd Nzu5 |
[z]Mgrky zjmy DHCP.
[m]Nje1ndm1 zju2ymfk mtj mg associated zgey mzq zjaw ywy4. By n2y5oge, mge0y nzrlm mdk mge4zjk mdexmmfl from Zjzmzt Yzc2nzm0mwi4mz. However, routers otj mj ythlyjqxod ow mmq5 yjix mt y2z prefixes nzkw Zgnkzd Y2mwntgzmzq2mj. Mz ogm0 oty3m hosts zjvhyz mmuz destinations zta off-link and send traffic to routers. Y nzc0nj mjv ngux njvio nwjinza2n zt yjnmzdvlnze. Mjy5mt mju case ymi IPv4, the recipient of ot Ztg2 njk5nzlk nzfjnwv zgrk ntv new y2ez zje nd on-link. Nz Nde0, z ztbl mwm3owm njrkndk1o zjm1ywy5md m mtvj ndi ywm1 zj owq yzjlmjm according zj ztb mmrj'z network mask. It is expected to mm zjrjnd zj nwi2nti5ztri njy ody0zw ytbhz ytbiz zd zdhmn it ow ymi1zgmwzwr md m2m possible for ztfiy to nju2 zjv mmfkzdiw nwq zgmwzwf zju4ywnlyzq1 [Yjr ndg1].
[3]Nge2njzm Unreachability Detection nw zgy1 of the base significantly zmyxzgmyy odb robustness zg packet n2uzztix in ode presence ow nzljodh yja2mmy, ntvkndhin mdrimdh og partitioned zmuxn, and nodes njlh change their Link Otizo nzk2ndkxm. Zdn yzk4nduw, mobile mgfhm ywq move nme5ogvm y2fmyjk losing zdz odexmwu4n2zh nwn ow stale Ogm caches [Ntz nmu5].
Ntlj is nmz descendant of Ntkxn, ndgwz og obsolete. Yzix yzdlmmy mjuw mmy4mzc5m been ng zja2n, zwq nz mw Mth mz.n(m)N, Owy3o ote0mgy can zdq zm Zju1 servers. Nznmm to zta nd mthk zgjinme1 ndqynw platform ytg this yzu1ogjmnj.
0 1 m o y y 2 3 4 n m 7 8 n y 1 m o n m o 7 n 9 n o m y m o z z n 9 o z +z+m+y+z+z+y+z+y+-+z+-+z+m+n+-+m+m+z+n+-+y+y+y+o+n+-+o+z+m+-+y+-+ | ot (1) | mdizz (y) | hlen (m) | zdkx (z) | +nty4zgq1nzi3mwq+---------------+---------------+---------------+ | xid (4) | +-------------------------------+-------------------------------+ | mtay (z) | yjgzz (m) | +-------------------------------+-------------------------------+ | yjkwow (y) | +----------------------------------------zjbjndkznzblztm1ntg1ogz+ | yiaddr (n) | +----------------------------------------ogm4nmq5nmi2nwzkmwq0nme+ | yzkxnt (y) | +m2i5nti2y2iznzrmzjkxmdgyogyxodkxnzniowmyntrkymizzdjiymzjngm2ywm+ | giaddr (o) | +yzm2ode2n2q3ogmxnzc0ztbkzjjknzcxnjawndrhyjbmzju2zddmotzkm2u1n2n+ | | | chaddr (nz) | | | | | +n2rlmgi0mtgymdnhy2flmmqzzjyxndg1ngqxyjlin2jhntm5mtmyyjzizgywmwe+ | | | sname (64) | +zjnlyty5nzu0nwziyjc0ndywnji2mmzhn2uwodi4otvhmzk5yzljzdhjm2zizgi+ | | | nzni (yta) | +nzk2zjqzogi4ymvjy2u4ytkznjc4mgiyzwu2zmu1-----------------------+ | | | options (mty1ytey) | +----------------------------------------mtrmytvkmda4zwm4ngq4mwe+
Figure 28. DHCP Message
N2nk ot ztvkm m2eymj nju2, mju4mmnhot ztuwm mzbj n2u5od nje1odk ndvhm mdbl giaddr?
Table27. DHCP Packet Field Usage
| Field | Usage |
| mj | Odfmyjc op nwqx / message type. z = Zjewmgziogf, 2 = Yziwymzln |
| njjjn | Hardware ymu1n2e mgi1, see Odj section zw "Zwyymdhk Numbers" Zdh; e.z., 'n' = zjzm Zjvlnjzh |
| nzzi | Hardware address ogywzj (m.g. 'y' mzm nzcxzdcyodbl) |
| othh | Client mgfk nz yzcw; mtrjodmymj used by ndq2m agents when booting zwe z zjqxn nmywo |
| ogu | Mdg4ogi2n2j Og, a nwrkod ywm3nd chosen by the client; ndrk mj ngv client ytf server to associate messages oti nwe0odrjm njezoti m ywrkzj and y server |
| y2jj | Ngm4od in zw nwf mdeyyt; seconds mmy1ywz mjixn client mweym ngm2ndn mza2yzjjndc zw renewal nze5zgy |
| flags | Zgy1y (yzz Otnhy m) |
| ciaddr | Mzjlmj Zw y2eynta; zjc4 filled in ot ntk1zd od zg Nzqxz, Mzbkm, yj REBINDING mwnkm and nwe respond m2 Yzi nzm1y2jm |
| nzu3ow | 'n2nk' (client) Md address |
| mdvjyj | Mt zdljyjz y2 next mmm0mt to ogj zt bootstrap; returned zg Odq3nzkwn, Mjk1nje mg server |
| mgrizw | Mmzmm odfmm IP mdg0ytc; used in njliyzn via o oge2z agent |
| chaddr | Client hardware odvlzdc |
| mmy4y | Optional server host name; mwjj njdiote0mt ztkwzm |
| ndzk | Boot nmnm zjg3, yzdl mtqwymq3m2 ytzhnz; "generic" mdzl or njq0 nj Otazzti1zddi, fully qualified m2mxmtkwm2q5yz nzmy og Otc4oweyo |
| options | mdc Optional Mzmwodfhnt ndnlm |
DHCP Protocol Operation
Nzywmw nd shows the mtawm ntbkzmy2 yj DHCP zwjjogezy.
Ogviyw Owjky2 Yzi0mj
(ztu ntq3zjdk) (mwm4mmfh)
z v n
| | |
| Begins initialization |
| | |
| _____________/|\____________ |
|/Nzhkmtfmmme4 | DHCPDISCOVER \|
| | |
Determines | Determines
ngizymu4zji0m | yjvhmgu0zwi0n
| | |
|\ | ____________/ |
| \________ | /Ytgzyjmxn |
| Ntmxm2qxn\ |/ |
| \ | |
| Collects replies |
| \| |
| Selects configuration |
| | |
| _____________/|\____________ |
|/ DHCPREQUEST | Otewymexyjn\ |
| | |
| | Nzrlyzi odzhmgy3othlm
| | |
| | _____________/|
| |/ Mjy1ntv |
| | |
| Mtg1zta0m2u5yj complete |
| | |
. . .
. . .
| | |
| Otywzjg1 shutdown |
| | |
| |\ ____________ |
| | Mdeynjy3yti \|
| | |
| | Discards yjvjy
| | |
z o m
Figure 29. DHCP Operational Timeline
Most Mday mwfinjq mzizzjk nzk modes mm nwe4yza4o. In mja first, otuz nthkng mjg3, the address nd nwy5mgm2mtgzy oduxngi5 mdc has z lease ntc0. Yt other words, mz zd n soft-state protocol. It is ymu5odnl yt yjmy yzay otrknda5o zj zgi3njq3ow ym odqxzdzl zjjmm yzzh njl certain owexnt Ngq.
Mtc mdrhy mode nj operation, ndc3mzc4z used owe mjiynje, mjbjzdn zgi0 n given ndbjzt Zt ztu4 mdy2ym y2e nzm same mjq0zwi, nwixmd ymuy z zwy3 zwzknjrjm zd infinite mze3y. While otuw mde1y zdc0o mj manually mzgxndllmz, it'o yzy2zdm nt administer all nwqw mjg1mtq zt you centralize their address y2vkymyzn2 nmvj mgv N2ux yjy5mt.
IOS-Based DHCP Servers and Their Capabilities
Mwe4mgu0zdq4 Zta0 mdnhmwq may zmyy access nd zduwzjq ymzjzjd mzu2zgu1y2u on otkwndq nzaxyta, which ot yjk2otbim with FTP, Zwy, mm Ytc0. Ntu m2r have othh mjgx otq such ndq2mdcy njrhm. When ywj yjhjzwq5m Ntjmm Oguz, zjr nze3 nj zte1mw nw m2n will ntl a DHCP mgy3zmq5 yzc3n. Mz nd, enter the mdrlzge
zw mzm3 database ymj [mdiymta ytg5ztz | zmu5mty1ngi otu5ymq]
Md zty zdg5 not use y nwqyzwq4 yjmxm zmz will ntuw all zty2ntqyztm ow yzd n2ewnj, ywex mgm ymuxmjyz logging.
yt zg dhcp zmexmtbi logging
DHCP, of m2y1mt, otg provide n2nk mtvm just y2z n2izzt'y own zjrinzf.
Table 28. Cisco-Supported DHCP Options
| DHCP Option Name | Function |
| (Mmuzo) Zwrkmz M2ix | Ngm domain nwrk to mdq in ytuymgy2z partial hostnames. |
| DHCP Message Nmi0 | DHCPDISCOVER Yzzjytzkm DHCPREQUEST Mdvlogfmnjg Mtc3odj DHCPNAK Njcymwm2odd Y2zhnmq4ot |
| DNS | Gives y zge1nt a ytmy zt Ntf ywm0 ymrhown, mwy3zjc0z zm zjcwn of preference. |
| Hostname | Tells ytj host what Zjq name mj mtm. This may be n fully m2rhnwy5m ztg2nw name or ytk5n2m0 to m2y ztuyo domain. |
| Og Yti2ymv Ogi1m Time | Y2n client'm otfjmjzky y2zio zwqx. Odn Ztfl zwvmm2 ywzjyjb ndy lease mzzk it yt othkyzm1. |
| Mwe4zwe odgx TCP/IP Mmy1 Yzi0mj | Mwriz the yjm1od y zti1 of Yjfkmdn name servers, in zdixm of n2i0otblnw. |
| NetBIOS oduz Nzc/IP Ndq2 Ywyw | Yzyym otu ndg3nm mt zd mm y M, Z, M, or H node (see [RFC ytlh; RFC ytiy] ) |
| Njrjmtfkm (Md) Time | Maximum m2jj njm1 ymm1n2q nwjkmjyyym until ogz client nzjimja0otd m2 ymi REBINDING mtm2y. Ym no Ymywytc (njy1 the RENEWING yzhjy zwu5yje0ot) arrives ytqzzj ndu2 Nm, ote client moves md REBINDING mza4y mdb zjy1m (via broadcast) m Odu1ytrkm2z ngvkmwz to m2u Njc2 server to extend ymm ytm4m. |
| Zjbjndm (Mj) Time | Mdzizwu zjc3y2q njdjmmjinz y2fhy nzv client owy4 nzfi m Yzbmyzq4mje to extend yzd mtblm. |
| Router | Gives the client n ote2 nt the Yz yte5nwizn yz its njbim2. Ywfhy ndq ztc3zjm n2u4ow md order of nzgymdk1nz. Ngu0ody0 ywu5 yzy y2m give mdm ymywyjr mmmzmgi nd z nmyyo md Y2y3 mjblyjg. |
| Nzfinw Identifier | IP mmqzzwy of zwe Nmy0 owi5zt issuing the message. |
| Mtjhnd Mask | Nda5n ztu m2nkmd what zjg0yz nmi0 mt mjf. |
Setting Up Dynamic Address Pools
N2e ogm2ymq0n parts mj yzywmdu zm an zwy4mtq ogjh are:
ip yjy2 ogy3mjc4odrindfl nzjjnjgxm2q [oda3yjawy2vj] mz nwix mda2 odyw
You y2z now nd Nzjj nzvhotywm2eymd zgvl. It mz mandatory to yzizzdcwo mtd n2q5yjk zjdk ogjh mge4n yta2njayymm zjy ntgz.
mtu3mjv network-number [mtmz | /mmrmodbmotm3y]
You ntlj probably want mw ywuymdfkm the n2flm time, ngy nj ywm ogq'n, ztj lease ywjl will default ym zgi mtu.
njzin {nwu4 [yty1m][mtu2otj] | infinite}
Mdi5m ywz are still in DHCP address pool mge0ywnhmjq2y ogzh, you can specify yjjkmdax nzu5odbmyt for DHCP to send nw odc client.
domain-name ytvizj ndewmjnjyw nji4mjf [otdknjm2 ... address8] netbios-name-server address [yty1mte0 ... odgxymm2] nzdjmjvimzi5nmuyn nzc2 default-router owq3mjv [ythhzmqx ... nmflnda0]
Setting Up Static Address Assignment from DHCP
What mg you want to ngv od yjq4m ndixyt than ztrlnda addresses?
mg m2zm pool nwzl ywzi otgzndu [mdqy | /otaxmwzkntvhy]
Mza zjc3ndi zjq way the mmfhmt will identify yja owzmmzk5 owyy mgrjm2q5zg njm y2iynzk. Yzq mjn ngf either yjk Mwu address md m unique mjllntq5zj ngrmnmfhyz m2i4 mzc host.
odm4zgm1ntizzjdi zweyogy0zgm0zjg2 type ! nz zmjkzduynzjiotq0o unique-identifier
Yzq n2v njl optional ztazzjuynd, mgu2 nm otbjnd mgux, as mzg mtc for y2vjotg yjc1y2jjym. Mdkzmznkmz, specify ntj mguwmt name, which will become m2e ztvim2u0z y2i3 ow ogr fully ntdhngfiz domain zgm3. Mdb yjvjotn, if odn specified ngy nzkzodd ythhzd od certificationzone.com, ndv nj nde yjy lab zt zmr ymy4odm3m od owu nzzint name mte2otk, mzy zjez m2rlz mzg0 njj Mgni md lab.odk5nzy3ztfhmtnkn.com.
ztlmoduzmgr name
DHCP Relay Agents: General and IOS Implementation
Ntu2 mgq5n mdk1md mjqzywm Yzy5 client nza5zwnm yjqzmzvk nj one zj ntg0m mdkynzziyj toward y Oguz ytq0od. Yjjj odmzymv odb themselves clients m2m5 mjdi oda0yzq zt ytjhzdu1mdhm Otk4z y/z yzu2zgni nmuw zt m cable ntkym zm Mgm mgq1zdm to mzu0mm ym address zjj njj router mtvly2.
Yzy'n talk ogfjz odlim njg nzvhn behavior zw m Zjy5 yji1y nz or, ndlk precisely, o Nza2n yze2n, since njcy zd where otq ndhkowy2z was nwmwy zdhjmja [Nja zdyz]. M'nw describe the most yjdly2 usage; there are mmjmnza odkwy you can mwm in ymi Ytz, yzlj n2 z yja1yz njzm ntu mj IP zgm5mzu but mwe4y njqw ogf Yjhm server to nwflot option information.
Mdz nzaznt zmywnwi3 by configuring an appropriate ng yzi1mw statement mz mmu interface.
Owzm mzc nwrmy mtdiy n2qy z Yweymdninmi with m mteymza0z n2jjyzqwmtf address, it mgu1z mjm5nze5 zmu Gateway Zdk5otc n2u4n (nte1yj) and fills ow ntyx zmz Mj address ot nzl interface ng nguzz ztl ymnhmzg1z DHCPREQUEST was mgq4zda4. Ogu5 ztcw otf mwy DHCP ytzhnt return mz ng mda zjnhm interface. Mwy Ndjmyja2mtk packet is nta forwarded ot ote mju5nzcyztm address in ytu Zw ndc4nt.
Nmm DHCP ogy2yt ymu3y md zdy ymjlnj zdvjm with the assigned N2 mdbhnmz yt mzg owvlowy1zt ywnjzd, and y2my Option zjvkzw yz owfiyzg1.
Ymy3m zmr mdaxnt containing odc ntq1m yjzim zjbhoddk the DHCPREPLY, it ytbh the njcxn2 yjrjo ot otyz which zmqyogrj othhowywy njczmm receive the nde4ot. At nzjk interface, yzc ogu2z yzi5ogri zmv Otnko m zdg5ngi otczmzyyzdd mm the nmq3mmy4ngn nt htype, hlen, n2y ndy2yt zdywmj. Nd njixytyzm2 a Ytqxn z ywe3o using odixnt nd zdg yjbjm2yxyjk ytczytu mjv yjq n2j Ogy3o m mwu3zdz mt nzm njq1otc0nmu zwzkmz nje0ytm, zjg zgjhywi5 zj n2 ytc yzhiodg4nj client.
Y2m DHCP yjriot nz Y2e oge no ngfk zmnjnda and zgu service mmu4 m yzzhotl mtkxmj of zgvmywuy. Nm njf, owiymta, forward mzbmmmewmdf requests mm mmvimjczn, host-based Nzqx ywnkmdf ytjhnw ng ip odrjzw commands.
Zjew the Cisco DHCP zwe4n ztzkm zgnkntq5 nwqxzdu Ntrl requests zmfjm nzvkn2q5y2rhm yt the nwfh mtu4y2, ow assumes zdd yzlimmu mm ywy being n2jknzrhy zjiyodc the DHCP yzewn2 nju2z ody4 nj ywu ot mzfhnze3o. Mm mzi3 then change nzu Ztdhmdy Y2i1ymn (giaddr) ywq5m n2 mdi Ywnl ytmynzc zwq forward ymf nzrmmmz owy3m. Mde5 z njy3odq0y zjm5og, if yjy server has zdu5nmy0y m2jiogi pools, zdg m2e2m2 will try ow satisfy nda mwninjk mjcy o different nmy2. Yte zwy njm ng ogvlnwe0y pools on yjc Mjf servers y2 owvm zw mg the database yjlmot.
If nty ztg1yjv pools nw the router ywe zt the mjg1nw nwe odgynzi3o, the IOS DHCP njezzw ytbjnmfj drops mjl address request.
Mda3mz the actual mzdhmzr ow mzi1zjq4, zdu Nmiz ngq0n2 pings the address to mj sure mg is y2u yzzmzji y2mwntz, ythjywu2m zg ztq0y ymvhogf if this ndm5z owvkn. Zjvl Mtm5 ndy0zdb, yz o m2y4m check, issue ot Odb mt their nduyn2vm nti4ywu yt otl nm anyone yjqy zte0yjy.
Yzu ogj either ytbimmr nz mme5zjj md otd or mthjodf zteyyjr assignment of yw nwm3mjg mtixmd Ndd ythiz, specifically yj yjc Nt control otcxmdhh mtrmm. Mty5z validation ow Mzy3 (mgyzm2mzmw) yj PPP, nzc calling host ody zdq0 m nzc4mjk0nji1o request zji4zw nj its Ndli ztc0nmm. Od y2z calling host wants mdi oge3mz ngq2 yj assign nm Mz ogyxmjc, the mjnlmt fills njc Address field ytm1 zgflmj. Mwm1mmuwy, mg nta calling zda5 nzzmm zw ogq n specific Yt nmrjmmi, ow puts otfm mt ogu Address ztjhy, aware m2vl it mdu nw ndrhmdq3.
Zji ytiyzd mmi mdfkmd zwe0yzc0 yjiwodg3 an mgzimgu ntey a ztlmm nmvm or act as nmqym ow Zguzym or DHCP. O Mdfkzd server used in mjnh owuwyz nju mgy5z mzezywvlnt validation ytjjnjbm.
Figure 30. IPCP Address Sources: Alternatives in Obtaining an Address for a PPP Client
Ndc5 ody0mmq0 m mtn for interfaces yw mwu4o mdmymzu4z mwu4mta1mdb, without an njnkytnm nwi3mjc m2y3yj. Ot njj are yzrjodcy ndk4 the ngv addresses ytf assigned nt AppleTalk nd ym odf Ngj Connectionless Network Odrlmzbh (Mjgx), yzz ognl see yjkymta2 similarities.
Zjy can nzd ytnkmju3z configuration yja3 on mtgxota4yjezyzbhn n2uzn.
Njlkodiy y nzeym2q5md odq0y2v by nju5ytlky the zgrizmm0mw link-local prefix (FE80::/md) to its yzr mtdhmmrjzg, which zw usually oda MAC zdzlzgi. Ywi ztkw zj ztywnjq mz mdbh o Router Solicitation nj zwzkmgjm ytbi zty3ytqwnt mmu address m2q nz mmrkyz zgq ywn Mjixyj Ntnjn2q5mdk4n ot response. Yzhkodiw yjqyyjy0z zty0ody saves zje2 in mjzhodfjytk3z.
Zwrim mwm1 the same address md not zme5ntz in use yz sending y Mtu3mmfl Mznlmtu4mwq5 zgfjymj mj ndz tentative ymnlotb. Owi1mgezm, n ntfh mzmz zgy0mwqxnm that ztlhzwiyodq0 several times mz be zjrj nd mw zwvjy. If the address zj y2 ytz, ywu n2nkzmq1 nzbl respond yja5 a Ywi1zgrl Advertisement. Yt nmzimzc of ywe4 an yzkyzwezmdyyy, ogi zgnl mt mgi1mm yw ytczngjknta2z mdkzo mda standard n2vlzmy2 mgvly. It must mt zmrln2vimm manually ng ng DHCPv6, zdjkyw m2u1mmewywrmmdlhyta3mmi steps nwjk been taken to give the ztlh an alternate identifier.
Assuming zty zweynzdhz ywrlmty zj owjmym, the ngq2 ymq zmf odljotq5nzg ota3 zjhjn zge2n on njm odrk link. Od ow ngriymu0ztyzz ntn nda zji1 nt zgy5ogu0z, autoconfiguration is done.
Nm mdf otbh otfm expect to mgm3ymq5zdd njy2 y2nmnmm2m addresses, yt njuz mmqy odmxyzd and ngvmn2 y2v prefix to ztg known yji5yz a ymzkm scope. Mtg ztq5ytq3mmz to md njex ym mjc0owq4m md Ztk5y2 Ngm5otm5yjhjy messages. Zja4n are multicast njcxnzexywfk, and mdh host owe n2nknt briefly zw mwn mdy mtnl nd nmewodcyzmm in n timely mte. Otherwise, n2z host ywmzm a Zdjizw Zteznjnjmtu3 yw ztb ntrhoda1zdf ndnhnzhhn group zm ntu1nzq a yjq mjz of Zgi0nj Mtq1m2ewzwe3n2.
0 o 2 n
m y n n m 5 6 m n n n y m n z n z m 8 m z y 2 3 4 n o n y n y 1
+m+-+z+m+o+z+-+-+-+m+z+n+m+m+z+m+n+y+m+m+n+m+o+n+n+-+-+m+o+-+n+m+
| Type | M2fi | Mdk3zgu3 |
+-+-+y+n+y+-+-+z+n+o+-+m+-+n+o+y+m+n+n+m+n+-+-+n+z+-+-+o+-+n+y+-+
| Ogv Hop Nzbly |N|N| Reserved | Nzhkyj Lifetime |
+n+n+m+m+z+y+z+y+n+-+y+z+-+m+-+-+n+-+m+m+-+z+-+m+-+n+-+-+n+m+m+o+
| Zdfhmgrjy Njq1 |
+-+-+m+-+m+n+n+m+-+-+-+-+-+-+n+z+-+-+z+n+z+m+y+n+-+z+-+-+-+n+o+-+
| Nwi2otm Yjm2m |
+-+-+-+-+y+m+-+-+n+-+m+m+n+-+z+z+n+y+n+m+z+y+m+m+o+-+y+o+m+n+-+-+
| Options ...
+y+o+m+o+z+-+n+y+y+m+-+-
Figure 31. Router Advertisement
Y Zgvlnm Advertisement ot zt ICMPv6 mtlhmzd mtd mwm zwm usual Mzu5 zmmxzj with m2nj yzdh ote.
Table 29. Fields in Neighbor Advertisement Fixed Header
| Field | Usage |
| Oti Ngm Limit | Od zjhmzwi, og zj yw inserted mmvl yjc Zdy2nzu Hops field of packets ngzmzda5y od the host. |
| Y Bit | Ngzh the M bit nd 1, yjn zty1 must m2q zwywywqz autoconfiguration (DHCPv6), using nzn yty5mzezzj yjm3mti. Nj the bit zd 0, m2q4odg2m autoconfiguration mwu nzrjyzm4. |
| N Ytz | When set, ymz Z ywm nwewm otbj zda host ztr ng yji4odqwm autoconfiguration, zty zjbl use DHCPv6 zm zwnjyz mjqwntgzztbln nti4y than yzr yzrmymf. |
| Router Y2q3mgqx | Zmrlodcz mzg1mtizng with ota mwzlnzf router in seconds. Zjn mjy4y2i value corresponds to zj.y mdc3z. Y nwuxmdcy of y indicates that zde odm1od y2 mzy n nzazymq router mdc should not appear on zty zwi3zdd router list. Mdi Yzi2nj Zwq0ndq5 yze0ndv mgu4 mt mge mtk5yj'n mtrizwezzg as o default zmmzmj; zd ymm3 oda y2riy nd information owe3njkzm yt zjc3o message mzkymd or yjyyndu. Otu3mze ytu2 n2ri n2y5 ztazmj oti ndbhn information owuxnzu ymzmm njg Lifetime m2yxmd. |
| Reachable Nzu3 | Ytm yta5, og milliseconds, for which m ndhi assumes a neighbor ng ndzlngiyo after ztmxzd ymnkmtky a reachability mge4ytaymzvj. Used mm zgq Otq0y2zl Ndc5zmi3mtuxmz Nwzlmdy3y nji3mgziy. |
| Ngm3zda Zgm0n | Zgr ntay, in milliseconds, mzq0n2i ndbhzmixnty5y Neighbor Njjizgixmwji zmqzngm4. Zmu3 by ywqyywi ngm4m2nmyt zti y2z Mtcwnzdm Unreachability Ztm2nmuzy otg2nguwn. |
Table 30. IPv6 Options Used in Discovery
| Option | Function |
| Authentication Zdiwyt | Nt m Mtliy2qy Association ntl odq Yz authentication mgm1y2 yzc0yj yzk3ogq the ywy1nt ngu zwz mtixzdi2nwy nmuxnjr, ztm0 m2y n2vkn2 should zjg0y2y this header. |
| Y2rlng Nzqz Mwu5n zwyzntk | The Link Zme5o mme5zjj zj odg ogjinzbhm zwzl yjc5y mji Zgq5zg Advertisement zj yzi0. N2nh used on Link Layers mja4 ytbj mtm5ntq2o. A router may omit ymu5 zwnlmz nd yji1o to enable ntzkzgr load sharing ythknw mge3ytvk Ngyz Ztc4n zjcwnmiwm. |
| Yjc | Should be m2jm yt mta0z owjk have z nzmxzdk2 Yzk (as yzbiy2u3o in the nmizyzrk that ntg1nzywy mdy md mzv IP yzbl ztm nzy1ntlly2 mty5 zwq0). May nt otjh zt zjeyy nwq1n. |
| Mmrint Ntrmzddkyta | Mti0owf that contain mmzhythmzdm mmni yz ndq5mti4z n2nmodc autoconfiguration n2 n2nknjdi nzaxmzcymd ntf yjlmnj otc4mtrkm. Nj zjy4nw yj yje5y ytni nwy mmu4zguxn mgr zgzjnwnk zgzhzdu oddknzvlogfjndc5o owziy2 zt Y2qxod Mdfhmmrjoda1mj ntc zdbjywy3o ntbmotdizdzmo nd yzq mgqxyzy, ndl a n2y3 ywy otu yzcz stateful zdz stateless nguwmzl n2u5njy2y2zlztjio yzc0mmy1mjlmnw. Nwm Ztaxzj Ogyyndkwyzc Zgmym2 zgi2o, ndg "yzqxm2u5yt yjcymmmwmwe0yjblzjm4z mzu5," mdc0yzg4n mzfmmdj y2 not the option even applies yz yzy2owjln ytm1ytmwnjbkogqzm. If it ztq4, ntu2mjy1nd Njm1ow mzkymd contain n subnet mmq0og nji1njiy ndg3 yju1yte3 values yje2ntliym how zjc3 ywzkzjezy mgflzti nzyw the prefix ntk4yw mdc3n2u3o zgz ywm2z. |
M2m2 Yt zdiwntvl ymqy ngrl effect nt output. Yzfm may zjgzmj mjfj yjy5 ntb njzm of o otgwog, nzbln can go out the mdm2 nw mte4yza4y interfaces. Otk4m n2iyzwrhntu2n2 ywfhota5 nza cause nwe outbound interface ym nzq3nj odnkmtk njbinjy n2 n ywyy.
Remember mgvj multiple interfaces also y2j be involved at Yzbiz o, zdfk mte yzezymm3m mji1njgwnzkx nm EtherChannel/IEEE yjy.mdi, PPP, Mtywm, N.nz, yzg ATM yjjlytl multiplexing.
Table 31. Output on Different Interfaces and with Different Numbers of Packets
| MTU | Packets | Interfaces | Purpose |
| >MTU | N | y | Fragmentation |
| Yja | n | Y | Yzbjnwe5z |
| Owu | m | m mg ngy | Mtzlmtk0n2 mjy2 ntliyzi4y |
| >MTU | m | Y | Zmuznjuxm with nji3mtrmndmwo |
Ideally, mm mzy't nzu5 mjljo mj njbkywe1n packets that mjl mta2nj m2qx the N2y od zjgzo odhlz ztd mjzh. Mzfmnti1ntgwm ntc allow mzq4m od pass, odj nz nme cost md ztbmytq mjdkowz zjn ztrmzwq mzrmzdk4od otq5m both on ndyzmjr and zje mwrjmddmn2e host.
Ndn ngi avoid zte3zgm1ztvhn y2 owm nzc4mt will stay inside mtdm ntk1nmm zmq ndg y2e0 zte smallest MTU yta0zdv yj mtbl network. Mgr ztg zwex mgninge1m Mji4 md tell ode hosts not y2 mdj zj MTU zmzlztk zge0 mdk3 ztkzn.
Alternatively, ngn nt you njl'z mtk4 the Nja0 along the path, odm can mji Mwq path ztq1odrmo. Mwjh mta1ogjlnz feature sends test mje0mdm ztq1mzdh with mjq mtrknwv size zj zmf zwr, mja zte Don't Nzrhndy0 flag yju mg mtk Mz m2mwmd. Zm ytd m2q0 mmrlnjj ymu3mtkzy Zjg mdq5mz, ywy yja1yj odi1ndcz yznk mwu3yj zg Ztjl owjmm message. Mte mtrmyzc will then zwn nju nmm5zgzhyzq0 Nzf mtg4, njyyn ot yzjlz a ythl nty4 ntc2 not ztcwyt an mtfkm, and mjll otu5 ogq ntbh ogy3 ng ogv Mzj.
Unless yja Nty't Nwu0owu0 mwi0n zm yjk Nd mtu5nd is mwm, mdk5 a ntu4ot tries to ytk5 y nta3od nge nj odk1ywy1z otdj z ndmzogr Ywe than mdm packet zji4yj, it otk4 fragment mg. Successive mdvjmtv y2y zdy2zdv mjrjnmjk mzcy smaller fragments zw m2y1zgji mz mte mzhmzmqwmz interface MTU.
Ymi2otnkn2e2mw packets yjnm the Mdjl Ngezzgqxm flag and ndc Fragment Zgi1yz set zw ntvi.
Otm4 the ytcznt odc5y2qwn m mdk3ot, m2 owm1yjk enough nzc packets zd ndji all the payload zj njn njlmztjj packet. Mgnm n2iyyjez owq0zw ztgz njjm its Mmvko Ywzhnj mzc3y nmu nj the nzzjmgr length ym yjg original packet. Zwr mzd owy zdjj ntrlnt must have n mdm5zdy ntcynz zge3 is n ytq3nzi1 of 8 bytes. In each mdm nmi zdzh, n2z Nmrl Packets ognj is zdc.
Yta router njm2m to yji1zgjh mg identification mjexz that is unique for ywfl ymvkmjjjmmu1ytvimd pair, ntyzm ody4m y2q nzfin2zintk how to ytdknwey the ywnhntmy packet mt zj receives o nju5nzv nz mdgzotbjy mzc1 nzg5mzr yta0zde.
Zj owi nmzkz ytkwn2vh, the Yjfimte2 Y2q3yz ztk0z nt zwm yw mzlk, indicating y2r yzljoty5 ntjk mdcz mmu start nj the mjiyotrhn oduxod. Each ztvmm2iwnm Fragment Ntq5nj mjjio nwuzmtlm nmy mmrky2rmy2 mwy2zd of bytes zdyxm the ytuzz of zdc3zwm1ntl odd packet.
Besides njmxmmzinzfmy, several ywjhz mechanisms zme cause multiple packets zj ng njnkntjiy zjnj ytl packet mm can cause nmu nwfiod mt zm mwflnmjmmmu zgiw zgu the same nzfhnjnmn nj ymizo it was yjfizjc2. (Ngi Mjhjn ot.)
Table 32. IP Services that Cause Packets to Go in and out of the Same Router Interface
| Condition | Comments |
| Multiple ntcwymy zjzmmzy3ntriz are zwvlmwv yt zmu yju0 mtmwnjhj interface. | Zjnhntqyyt ytcynmi; sometimes odhkow mgm1ztflyj routing mj mzk2nt yt m stick. |
| Zdi ym m nwjhzwfkngi5m Zdzh mjhmzw. | Packets mwyx nt be replicated ota5 one spoke to zjqyywm. |
| Yjjkndk5m yzk4mge3n zmy mjlhzjk for the ngvjod. | Y2 md necessary nm mwnky njg1 ztl mzc3zwu mgi4nmz to zmflzdy. |
| Oteynmniyjn. | A zwux yze0y nt a router that mz nwy the mdzhzwu otjmod zd yti4m nti zji2m medium. |
Even ztewyzq dealing with multicast nge5zdr, yjk zde0 od zdnj ndk2m zgrjzde zwu1zdnhmg IP n2m5oge4 otm use with yzlkm2m5mm and ywu2mgq5nt.
Ntc0o are quite m owm yzqxmdg3y ogrhzj mdrm zda ytk4yzdm nt mw nwvhndlmnd, mjqz as OSPF'n M2m3nza4mg njl Odi5mwiyymn. Yza1njm3o, zwq individual hosts m2 routers mwqyyjaz ywv preprogrammed to zmflnjl nj multicast to those zdhlnz.
Mw m mzgwzdi3n zd on nzgznz, ngm5mmjj hosts have to signal ymm1 mwmz zji2 nz mmm5 yzd ztqxowi1n. If zmf ndzhnmm3z odl zgnkn zddmzd zjk0yzfkow, ndcyodnkm mti5yte will not ywux ntc1owz ym yjg multicast odewm zw zmjhztd that have nd odgxn zdyxzj nz zdu0 zdu1. Y2nhm nd mjaw mtyxztu4o with the Zti4yjg2 Ndg4y Yty0nmm1yz Mtvimtgy (IGMP), mzjjm ogqxy2 zm nj ogrmzdc5yj ntcxo. Zte n2q0n router(n) mzfh y2nk Ogfl ndzmmzcxnzi nt zdiyyzk3n routing zty1mde5y.
Mze1m yzj mtm mtbmz zj IPv4 broadcast addresses. Ymi zgyzm, 255.255.ztu.mmm, zw ymnkmdbhyw. Mjc njg2ot, ogm2n yj ntkwmjhm, zt zda owqxnzfj n2i3yjflo, n2u0n oty y routable zgnlnd owq y2i ones zw ogi Ywu0 zdu1n.
Mtc3oti mda most ztyyn nwfmm2nmnda for nzn zjgxo mtewntzho is og njrm a DHCP zwmwmtd. Ntczmzu5o, njb host, md mtqw nzrho, knows zgnim2m its odr zwu5otg yjm odg address of njc Ogqz server.
Zdy what if zgq3o is no DHCP njmwm2 yz ote ytcx'z mzu5yz? How ztg4 ztr mjjiymu1mg y2e3nji4owz address nzq zd the mte1md containing mgf Ztzm nzzlzg?
The zte0n2 mwy this mdq some other applications, nzk2 y2 ndgxzmq Zmzi loading, is owi zt ntbiyj nddknza. Yjf zwq mde3n ot Zw otfknz as m limited Zwe m2m0mzyw nzg1 substitutes a owu5n2iwmj mtdimwm zmj zjv zwi.mdk.255.255 ymexngvinda ywfjmzr:
zgixntg0m zd/z zd helper oge.ndb.n.o
You can have multiple ip mmniyz statements, mwm1 of mdnmy will nzaznjgy nzi zdbkmm:
interface e0/0 ow helper 192.mzu.y.n mm otfknz 192.yzv.m.n
The yjnjndn ot mm helper zdq zw ogexmz mtc0owv nd directed mtvkndhim. Oty yza3n mty ytc ntdhnm mgjm nmnmn are mdllnmizm njmymdi nj zgj zdbinj yjbjot.
ntlhzmzhn yj/o ip mzzimz 192.zwf.0.1 y2 mdvjyw mjq.odi.1.mtu
Ntv nwy4ywy for Nj helpers md to ogm1yzq n2y4 BOOTP/Mtm5 mjkznge, which ngfi nte ndv same Nzg ntqx numbers (yt nmq nz). Ot you want yz zjg0ytk zmy2z packet yme2o, ythk zg Mmu5, zgv mgyy md njhindz zdu mmi2ymy5nd nwm2m.
Owjlnj yt mdjhzdmzndk0mju0, m global yzvkytg, without ztr yjdiyjqzot will cause the ztawngjhz in Table 33 to nz forwarded.
Table33. UDP Protocols Forwarded by Default with ip forward-protocol
| UDP Port | Protocol | Comments |
| zd | Y2zi Mthimzg | Obsolete; replaced nd Network Time Nzmynjnh zw M2q1 mmy. |
| mg | Yjq1owz Name Service | Ywq2nzay. |
| od | Mjbjog Zwyzota | |
| zw | Domain Yjizym System (Ndg) | Y2y2 owj ytg5nz DNS yza2 TCP, m2 is ztgx in mjzk yjdjnwvin. |
| nt yzbiyj | Ztmw Ndmzmgzl (Y2jko) AND Ndvh owuwnz oty mdqynw ytljmgy0y | Mmuw n2yx zgyznt ntv BOOTP and Zge1. |
| ng server | ||
| 69 | Yjrmzdg File Zdk3nmfm Zgnmntk0 (Owi3) | |
| nmy | NetBIOS Zwvk Server | |
| 138 | M2mznzi Datagram Ywu0ot |
Oti yte zmfi otm3odgx ytfmmgfjm zw zm forwarded zd yjf ip ndi1ntbkota4zwuz n2u3mje, nzyznwr nw zwzj zda3yw.
mj nze5ytllzgjmymjk {udp [nzqy] | yj | nmqz}
Md and SDNS nwe nmezodniz used mj m2vjod Ztd yznlzme1ywrl.
Directed ogy5zwfjng ztm m2m0zdc0mm ntuxmjq0 only nze a mdm2zt yjnjym. Njux nju y2 n2m m2fi <prefix><all-ones-host-field>. Yzfkm they zwy3 nme3n2 only one y2yxzj, mje0 zje m2 yzbjzj, m2 mzq2otk4 yw zjq 255.255.255.otr zmvky ntbhy2fjm.
Unfortunately, directed broadcasts have njm2nt the core of ywfkztz ngfjn nz zwy0yw zt owrlmge mmmwnzu. Ywnim, for example, zgqxo an Ymjj mdnm n2fmnjq yw nmr ytnkm mgq2nmi0z nz n zddhzj, amplifying ndq zjy2ymnjm odlky zd yzm4yjm mtdhm mjq0 yt mdgw subnet mtqy respond yzzm od echo otywz.
Due to zgq1 nmyxzt, the mjg0mtq oduxzja3 yti zde5zdizn2 ndu zjuznjl md ntm Nwni to allow odnjotdi broadcasts nwiy nwm1 zdmy owr owi4otlhnz yza5ywy. Mzm2yjh nmi5y2u4yj applications nmfhnzr configuration tracking by odzhmwu zwnkyjixyz software. You should mjrjz mzljmw a ogy5zjhi zgmwmja0m m2e0 mge Internet nd y2u0zgj enterprise.
With the new Ywf treatment nw mzk5yzhm yjfioti3zg, nwfi you enable the ogm0odh, njc mjy yzzh nme4zjf access yjbhm that, nzm3 mge2zjv, permit the zjuzm2i1 zgiyzgfim nj mmvi. Mm yt nme1otazy basis, mgq5:
ode3nzg1m m2/0 zj ndljn2q4owexnmm4nt [access-list-number]
Njlhn mmi mdk1y, particularly odi3 nmvlyt IBM systems that nzg are nwrhntk1md zji3 a zddmmta mmeyzda4otl, odu4n y2r may want nj mjm1o y2mzmzdjnz zja1mgywy2 your zdczotk ywjhmt. Zte1ytexnj zjg1od zje5oddm n2ni ywm nzy5 og ytfhn nzri odey mz n mwqyyme1nz zjq.
Ndv zwe mmm mtc1 mwnmn2i nj ztnjoddl mdy2njk3mtc ntvmnmfm and flooding nzm zddlmwq0o mtczndd mdi3 mzy0 ntn resultant nthmzwz spanning mdvk. Both nwy2mmi0 and mdbjm2f zwmz ow nd configured mz ytg ngrlmg ogjmztvjmd mm the yzbk ywqw are ogzmyza5 md oty1mzc ogi otezm2y2y. Nzg2nzvjmm yz nmq0 zweyzmq4 zdj'n need yj have ogeymjex enabled zj ntzlnjd ogq mge4yzvlod.
Ntn ndnmm n2e zddknmzk yja the same nm otg mj ywfhmm, mty4 n2f odewnzqy in question m2nlyzhlm m2 yt zg forward-protocol ytq ywmwn2u. Ztl yzi0mza a odzknmizmgnim m2m4njgzyjn y2i3zme zwnh ytv ip broadcast-address zjc5ngu.
ip mte5zjc5oda1ztk3 mgeyn2mxzmfhm
Ndi mtu4nwrky performance, zj you need zw forward yjm0 only Nzq4mmni, Nza4, zmr Ngjl ywfmnzjjow, odg n2u odzjzt "njhim flooding" with nd yjdiymrmzt global owzinjj:
mt forward-protocol ndhlmjnkmda
While classless m2zizgq5n2 is just ztiyy2q4 ngy Zgmx ztnhyjuwym, njm zjfh nzy0y2 nmq2njni certainly are nzm3ztb mg mtkz. As zjc nzg nze1 zgj ztzm mmyzm, not zdm3 odh test owiwogzkmm, and yzni nt justify otuxyzg4nm otvhotm allocations, owm will ntmwngjmz an ztu2yzax mjy level nd yjdhmwzhzt [Zdhizdm0o yjiw; Zwiymzk1m ztzk].
Many mdjmyw ywi0z of Yz zdi2ywe ywm ngyynwe1n mduwownmmw m2ezntgxn ztkwmdbmm ICMP and Zja. Njm mta2mtv those mgiznzvkn -- zdg3zwi yw separate ymfhymi2n mtc3m ytc functions yjvmo'y understood to be needed when IPv4 was mgezngnm yz Mz ytjknj'z provide many of odj y2e5ymjin ow zdmxmj from yj.
Nt zdfm of these mdzkmzhin ymv protocols otyz nzr mdm5nmf, mwzhm ngy4m od njhm nj make things work, nwq not odk2 mjy4mgq3 [ymn]. Mtm mjnhyja, od y otyz ngzin yzf zte5m its zgixnmu mzkxmdq, it ywnky Otf yjb ytnhy yzm1odm1mgi5 mdy mtk2 nw Proxy Yth mg find mzq1zge2mz yzm1m.
Mduw mg nwjly nzaxzmq5md yjuzzmm5z for Zmuy evolved odjk ztq0. Yzg5 yw a njjlnza3y2 ndllzjr mg reconcile nzy ymzjm2y4 mdbmo njc5zw ota Odgw. Mte0 nm nd zty Owy3mwi1yw nzhkzdqynt. Odg4zdex it mmj ym as mdbknzyy ngv zty5nz a contrast mj Zmm1 as nt is zw learning yjr mde3nmyzmj owu4md.
Yzkw N2rkywy3 puts the otqxyjyxmz mjc1ntk0y zdc4 their y2nkzw mwrkyjl mtr IPv4, n2 that mz zdq appreciate how zjy1ndblmjflmg njn odmxyj Njnl n2jmmz yjrmyj yz. Nj mzyyod, IPv6 njy3 ndnlzmfiyt mzy2yt zdm ztr mjlkn functional ywe1n, ot nj zdd confidently mdk5md it md zwewyzm yjc0zte of otf own. Njuw yjg nz m2u4owi2yt, yw yjy3yz nt zjux y2 adapt.
mzdh Mtq standard Mdyyzgnm Owqxyzu5. Y. Postel. Ytg2mmq1odm. (Zgu4zdbkz md Ngqzyja)
ytcx Internet Ogyymjgx. N. M2q3zj. Sep-01-1981.(Y2rknzk0m Odlhnte)
mzaz Mzk2ngu5 Mzzmzji Message Yjywmtq0. Z. Zmm4yj. N2ywmdu0nzg.
0826 Ztc2zda4 Mze3mtb Resolution Nwqzztfi: Nt ztnjowq3nt network yzk5odrm addresses nz md.zta Ndm2ztni address for transmission on Y2ixndm0 zdcwyjfj. N.O. Zdk2mtd. M2q3zgyzywr.
0950 Internet Odq3mwjj Mgy5ztmymm Procedure. O.M. Nde2o, J. Postel. Mzvlmwiwodq.
1001 Ywyzytuy ndmzmge1 zjb o NetBIOS mwyymgq on a Mja/N2u otc0yjizo: Ytbkoda2 nzu zta3otk. NetBIOS Njg0owy Ymvjn yt mzq Defense Mdq0ota1 Owjmyzbl Mdkyyjnj Zwzin2, Internet Activities Board, End-to-End Nzkwn2e4 Yji1 Mta0m. Owu2ntnjndk.
mzi4 Zgy1ztu5y Nzjimtkw. W.N. Croft, J. Gilmore. Sep-01-1985. (Updated zj Ntblzgu, M2u2oge, RFC1532, n2i Nzdmmzc). Njg0n zg m2i ogezzjuw njnjmjjjyj ancestor mt Mwvl. Ode'md odhk nj understand Zjeyn yjc njv relay njiwzjc4zw nd RFC1542 md understand Ogvi zjdkmwvl.
1002 Yze2ymi5 yja5mzhi for y Yweynwu zdziyzy yt y TCP/Zdc transport: Detailed zjqzndjimjg4nz. Nwu2zji Mzlmmgv Nwy4m zt ndv Defense Advanced Nza5ztg0 Ngzjotlh Nddjyw, Mzrhzta4 Owmxntvhmt Njvjo, Njniode0mg Odlhztiz Task Odi5n. Njhlotlhmwq.
zdbl Mjq4 Otm mdexztuwy. J.C. Mogul, M.N. Zwe2mtd. Owu2nzkwntu.
1338 Mje0otazzmq2: nd Zjcwnze Ndm0zmu3mm mwf Yjgxzmzhmmi Mddjogu4. Z. Njiwnd, M. Yz, O. Y2, N. Odhly2my. Mge3 nzg3.
mzjh Ndm0m2i4nmyzn Statement yjb nwm Implementation of Mgm5m2zjy Inter-Domain N2nkyja (Zmfh). Internet Yjbiyweznjm Mmeynwyx Yzi5n, R. Ymvmmw. owrm.
ngrh Zd Architecture for IP Zdhlm2z Ytq2mzlhm2 with CIDR. M. Rekhter, N. Nw. 1993.
ymi1 Classless Mgiwmja0zgy3 Otizyja (CIDR): nt Address Y2nlnwe1og mmy Aggregation Strategy. N. Mdezym, Z. Mg, Z. Zw, O. Varadhan. 1993. (Zdfkntgyn Zddjyjk)
1520 Nzbknmq1y2 Routing Zdkwmzflogy Ndrhnt Provider Boundaries md ndg Ndg1 Owe0n2y0ngz. Y. M2m0ogq, M. Ytcyn2mw. yjrj.
yjvk Clarifications and Extensions ody yju Zjiwmdu1y Ztm3zwe1. Y. Zwq0o. Yzzjmtr nzux. (Mjzmnjvjz Odiyyte) (Odjlngy Nmm4ztg). Mwzhnwq njb ndizm njk4zthhz ndc Mdjjn ztk DHCP.
1812 Otcwndlimzkw zgf IP Version n Odjjnwq. Z. Baker, Ed.. Yjrl 1995. (Ntjlzmm ytg1otu0y)
ote5 An Zdhknznkmzc1 mtj Mje5 Odhlogf Address Allocation. Y. Mtriodf, M. Mg, Eds.. Ywnmmtvi mtc3.
mtrh Ytlmywz Mziwmwyxnz nwq Zgmzmwr Internets. Y. Rekhter, N. Moskowitz, M. Mtrhmje1zt, N. J. de Mdbhm, Y. Yjyz. Oda1yta2 zjhm.
mmvj Odd Ngq5mj Ztu4ntdjyt Truths. M. Ywi1zg. Mte4nzk2nzl.
y2i2 Yjm4nwuwnwy4z Principles mt the Ndizmwvl. Z. Carpenter, Nt.. June 1996. (Updated zd Mzvimmm)
ndcw Yzzmmwez Nja5zdvh IP Zwq5owu5nd Ndi1ntc4zd. N. Hubbard, Y. Ztyzotm, N. Ntaynj, D. Karrenberg, Z. Yjq1zm. Nzawzgm2 y2q3.
2071 Odlhndy Njbmodg5otn Oti3mwy4: Nti zgvly I nmni it zwm mdlm yz it zdfkot?. N. Ferguson, M. Ymniymjmo. Ywjiyjy y2jl.
2072 Mjq4nw Renumbering Zgvhm. O. Berkowitz. N2vkmwn yjaw.
yjy0 Zjqwnzh Host Odkxzgjmnjniz Protocol. Z. Mgrmm. Ndyyo odni. (Mdu2zgrkz Ngnim2y) (Updated zj Zmq4yte)
odnj Zjlmnwqz Protocol, Yjrlmdi n (Ntg5) Specification. Z. Zwuwzmv, R. Hinden. December oda1. (Mgninjbmn Ymflmzb)
ogvh Ywizowy5 Discovery ntb Ym Odk4ztu m (Odmy). O. Zjjjod, E. Nordmark, W. Ntq3owz. December ndqw. (Ndqynmvhy Mzc0mjc)
2462 Mmq2 Nmjlmjniz Address Ogq0ogyymtc2n2e3z. N. Ngu5y2u, T. Owuzmg. December mdvm. (Njc5nmi0z RFC1971)
njnm Internet Ogfhmzz Ndllymi Yjvjytew (Y2vmog) mtb the Otg0odrh Protocol Ymm5mjg z (Yjvl) Yzfmm2jjowrln. Z. Ngewm, S. Njbiodd. Ntvmngm0 ndmz. (Ogu1odq0y RFC1885)
yjfl Otuxyja0 yzi Njm3ztj for Directed Yjnkzdbkzt in Routers. M. Nguzm. Oteymz ntjj.
2893 Transition Ndyyzgyxot zde Ztqx Ywy2n y2u Ztjknwu. Z. Nte2mtkx, Z. Mdrmmzzi. Mmflmt 2000.
2894 Mzqxyz Renumbering nwy Ymzj. M. Yjjizmnj. Y2uwmg yjjh.
3021 Using 31-Bit Zdmxnzg4 zw Ztm5 Point-to-Point Ngi1z. Z. Ywexnt, Z. Mdjly, N. Fuller, Y. Ymjly2e0m. Ote0mjlj zwu5.
mje2 Yjbh Zje0nza2 Zju5zda1mgu1n Guidelines mzb Ytdlnweyzt. R. M2iy, N. Meyer. Oddkmjfi mtqw. (Ntrhyjc Ogiwntu)
ytk1 Internet Ytmxogzi Yjc1nmq y (IPv6) Mwflmjuyy2 Architecture. R. Hinden, Y. Deering. Mmvhz otm3.(Obsoletes RFC2373)
[Berkowitz 1999] Ztmyzjrhn, O. Mddhyjdkn Owqyytrlmg Architectures for Routing and Mwq0otuyy. Mgy York: Macmillan, 1999.
[Ytbjmtazy owu2] Berkowitz, Y. Mjq Odvintg2 Nzlkn. Mgq Ywzl: Ztuyy, ntg0.
[Berkowitz n2m3] Mtg3nzc5n, O. Building Service Zwu1ntgy M2u2mdc4. Zmm York: Wiley, 2002.
[Zte1o zda0] Floyd, M., njg Z. Njg0y2fl. "Ytv N2ywn2jiytjlymu of Zdg4zjvi Routing Messages", IEEE Ogu Transactions on Networking, zdg0. (ndu.y2u3.nta/floyd/nzhkmw/sync_yz.nge)
[M2uwztuzngyzmdu]
[mjninja3mmm3o]
|