You have four networks of 99.34.64.0, 99.34.68.0, 99.34.78.0 and 99.34.95.0 you need to supernet in order to use once ACL in a firewall.

99.34.64.0 – 99.34.95.0 fall into the range of 99.34.64.0 – 99.34.95.255 which consists of a 32 decimal division.

The first octets are 255.255, to calculate the 3rd octet we need to covert 32 decimal to a binary bit mask:

Screenshot_2018-10-28_08-49-32

2^5 = 32. As we are working on the subnet we work from the left. The resulting mask is 11100000.

The third octet now has 3 bits making the CIDR 8 + 8 + 3 = 19.

The subnets will be as follows:

99.34.0.0 - 99.34.31.255
99.34.32.0 - 99.34.63.255
99.34.64.0 - 99.34.95.255

The final address will be 99.34.64.0/19.

What is the broadcast address for 145.50.23.1/22?

Classification

145.50.23.1/22 is a “Class A” IPv4 address. It is “classless” address as it does not use the default subnet for “Class A” addresses (255.0.0.0 or /8).

Host Bits

Host bits = (32 – 22) = 10

210 = 1024 addresses (minus 2 for the network id and broadcast address)

Screenshot_2018-10-28_08-49-15.png

Network Bits

Network bits = 22

Each subnet contains 8 bits, so 22 = 8 + 8 + 6 + 0 = 255.255.x.0

x = (255 – 2 left bits) = (255 – (20+ 21)) = 255 – 3 = 252

/22 = 255.255.252.0

Broadcast Address

Here is the network mask in binary:

Screenshot_2018-10-28_08-56-42.png

Lets take the 3r octet:

11111100

Taken from the right to the left the highest significant bit is 22 (3rd bit from the right).

Screenshot_2018-10-28_08-49-32

This means each subnet is a multiple of four. Here are the network ranges:

145.50.0.0 - 145.50.3.255
145.50.4.0 - 145.50.7.255
145.50.8.0 - 145.50.15.255
145.50.16.0 - 145.50.19.255
145.50.20.0 - 145.50.23.255
145.50.24.0 - 145.50.27.255

As you can see the broadcast for this address is 145.50.23.255

1.15 Compare and contrast IPv6 address types

1.15.a Global unicast

Global unicast IPv6 addresses are globally unique and routable addresses that are assigned by IANA/ICANN, its member agencies, and other registries or ISPs.

Global unicast addresses begin with the hexadecimal digits 2 or 3.

1.15.b Unique local

Unique local addresses are unicast addresses similar to IPv4 private addresses. They are not globally unique or routable. They are useful if IPv6 NAT is being used or if traffic only needs to be routed locally.

Uniqe local addresses being with the hexadecimal digits FD.

1.15.c Link local

Link local addresses are a special kind of local address used for overhead protocols and routing.

Link local address are not routable (can not send be routed outside their current network), automatically generated and are commonly used as the next-hop address for IPv6 routes.

Link local addresses being with the hexadecimal digits FE80.

1.15.d Multicast

Multicast IPv6 addresses begin with the hexadecimal digits FF. IPv6 multicast addresses are commonly used in a similar way to IPv4 multicast addresses – routing protocols and other overhead protocols.

1.15.e Modified EUI 64

EUI-64 (extended unique identifier) is a way of auto generating the “host” part of a IPv6 address.

This is done by the following steps:

  1. Split the 12 hex digit MAC address into two halves.
  2. Insert FFFE in between the two.
  3. Invert the seventh bit of the interface ID.

1.15.f Autoconfiguration

Stateless Address Autoconfiguration (SLAAC) allows for the autoconfiguration of an IPv6 address.

This is achieved using ICMPv6 RS and RA messages after generating a Link Local address. Routers respond to a Router Solicitation (RS) message with a Router Advertisment (RA) message advertising the prefix(es) being used. EUI-64 is then use to generate an IPv6 address.

1.15.g Anycast

Anycast IPv6 addresses are IPv6 unicast addresses that have been assigned to multiple nodes. IPv6 packets sent to a anycast address are forwarded to the nearest anycast address (as determined by a routing protocol).

1.14 Configure and verify IPv6 Stateless Address Auto Configuration

To use SLAAC on an interface:

Screenshot_2018-08-28_10-42-05.png

Ensure at least one of the routers has an IPv6 address already configured:

R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#ipv6 unicast-routing 
R3(config)#int g1/0
R3(config-if)#ipv6 add 2001:db8::1/64
R3(config-if)#no shutdown 
R3(config-if)#^Z
R3#
*Aug 28 10:43:14.631: %SYS-5-CONFIG_I: Configured from console by console

On the other router:

R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#ipv6 unicast-routing 
R4(config)#int g1/0
R4(config-if)#ipv6 address autoconfig 
R4(config-if)#no shutdown
R4(config-if)#^Z
R4#

To verify:

R4#show ipv6 int g1/0
GigabitEthernet1/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C804:2CFF:FEB4:1C 
No Virtual link-local address(es):
Stateless address autoconfig enabled
Global unicast address(es):
2001:DB8::C804:2CFF:FEB4:1C, subnet is 2001:DB8::/64 [EUI/CAL/PRE]
valid lifetime 2591921 preferred lifetime 604721
Joined group address(es):
FF02::1
FF02::2
FF02::1:FFB4:1C
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 26456)
ND advertised reachable time is 0 (unspecified)
ND advertised retransmit interval is 0 (unspecified)
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
ND advertised default router preference is Medium
Hosts use stateless autoconfig for addresses.
R4#

 

 

1.11 Describe the need for private IPv4 addressing

The internet was originally intended for communication between Universities and Government agencies. After the commercialization of the Internet IPv4 addresses started to run out. To address this shortage three technologies were invented:

  1. Private network addresses
  2. Network Address Translation (NAT)
  3. IPv6

The first two technologies actually go against the original intention of the Internet which was that each individual node on a network should be able to directly connect to any other node. NAT uses the multiplexing facilities available in TCP and UDP (Port Address Translation) to enable multiple devices to use a single IPv4 address.

While this solution solved (or delayed the effects) of the IPv4 shortage it also introduced further complexities and fundamentally changed the way the Internet was used. As a result IPv6 was invented which has a practically inexhaustible amount of addresses (2^128).

However the debate continues as to whether every IPv6 address should be able to contact each other as some people see NAT (PAT) as a security feature as it prevents direct contact with the other hosts on the Internet.

1.10 Compare and contrast IPv4 address types

1.10.a Unicast

A unicast address is an address that represents a single unique node on a network. A message sent to a unicast address will only be received by the node that has that address. Unicast addresses fall into the following categories (first octet):

Class A: 1 - 126
Reserved: 127
Class B: 128 - 191
Class C: 192-223

The resulting subnet mask of each unicast address depends on which category the unicast address falls into. Here are the default subnet masks of each address:

Class A: 0.255.255.255
Class B: 0.0.255.255
Class C: 0.0.0.255

Subnet masks can be modified so a subnet is smaller is used, this is call Variable Length Subnet Masking. For example a 10.0.0.1 address could use a Class C subnet mask in order to divide the Class A subnet into multiple smaller subnets.

1.10.b Broadcast

A broadcast address is the very last address in a IPv4 subnet. This is dependent on the subnet mask. A message sent to the broadcast address of a subnet will be received by all nodes in the network.

For example the broadcast address for:

Network: 10.0.0.0/16
Subnet mask: 255.255.0.0
Broadcast: 10.0.255.255

Differs from:

Network: 10.0.0.0/8
Subnet mask: 255.0.0.0
Broadcast: 10.255.255.255

1.10.c Multicast

Multicast addresses are similar to broadcast addresses in that multiple hosts receive the message. They differ in the fact that only members of the multicast group will receive the message. Multicast address are in the 224 – 239 range and have a subnet mask of 240.0.0.0 (/4).

Multicast addresses are often used for routing protocols, streaming data to multiple machines and time services.

1.8 Apply troubleshooting methodologies to resolve problems

1.8.a Perform and document fault isolation

Refers to the first part of the troubleshooting problem. In this first step the problem is isolated and verified. It is important that the problem is documented and entered into a job tracking system.

The problems needs to be isolated down to a root cause, and this root cause needs to be verified.

1.8.b Resolve or escalate

Troubleshooting begins at the bottom of the OSI model. We first begin by ensuring the lower layers of the stack are not the problem and work our way up.

If after isolating the problem it can not be resolved using your resources and/or skills the problem should be escalated.

1.8.c Verify and monitor resolution

The final part of the solution is to verify that the fix works as intended and to continuously monitor for a period to ensure that the problem is fully resolved.