- •Warning and Disclaimer
- •Feedback Information
- •Trademark Acknowledgments
- •About the Author
- •About the Technical Reviewers
- •Dedication
- •Acknowledgments
- •Contents at a Glance
- •Contents
- •Icons Used in This Book
- •Command Syntax Conventions
- •Cisco’s Motivation: Certifying Partners
- •Format of the CCNA Exams
- •What’s on the CCNA Exams
- •ICND Exam Topics
- •Cross-Reference Between Exam Topics and Book Parts
- •CCNA Exam Topics
- •INTRO and ICND Course Outlines
- •Objectives and Methods
- •Book Features
- •How This Book Is Organized
- •Part I: LAN Switching
- •Part II: TCP/IP
- •Part III: Wide-Area Networks
- •Part IV: Network Security
- •Part V: Final Preparation
- •Part VI: Appendixes
- •How to Use These Books to Prepare for the CCNA Exam
- •For More Information
- •Part I: LAN Switching
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Brief Review of LAN Switching
- •The Forward-Versus-Filter Decision
- •How Switches Learn MAC Addresses
- •Forwarding Unknown Unicasts and Broadcasts
- •LAN Switch Logic Summary
- •Basic Switch Operation
- •Foundation Summary
- •Spanning Tree Protocol
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Spanning Tree Protocol
- •What IEEE 802.1d Spanning Tree Does
- •How Spanning Tree Works
- •Electing the Root and Discovering Root Ports and Designated Ports
- •Reacting to Changes in the Network
- •Spanning Tree Protocol Summary
- •Optional STP Features
- •EtherChannel
- •PortFast
- •Rapid Spanning Tree (IEEE 802.1w)
- •RSTP Link and Edge Types
- •RSTP Port States
- •RSTP Port Roles
- •RSTP Convergence
- •Edge-Type Behavior and PortFast
- •Link-Type Shared
- •Link-Type Point-to-Point
- •An Example of Speedy RSTP Convergence
- •Basic STP show Commands
- •Changing STP Port Costs and Bridge Priority
- •Foundation Summary
- •Foundation Summary
- •Virtual LANs and Trunking
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Review of Virtual LAN Concepts
- •Trunking with ISL and 802.1Q
- •ISL and 802.1Q Compared
- •VLAN Trunking Protocol (VTP)
- •How VTP Works
- •VTP Pruning
- •Foundation Summary
- •Part II: TCP/IP
- •IP Addressing and Subnetting
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •IP Addressing Review
- •IP Subnetting
- •Analyzing and Interpreting IP Addresses and Subnets
- •Math Operations Used to Answer Subnetting Questions
- •Converting IP Addresses from Decimal to Binary and Back Again
- •The Boolean AND Operation
- •How Many Hosts and How Many Subnets?
- •What Is the Subnet Number, and What Are the IP Addresses in the Subnet?
- •Finding the Subnet Number
- •Finding the Subnet Broadcast Address
- •Finding the Range of Valid IP Addresses in a Subnet
- •Finding the Answers Without Using Binary
- •Easier Math with Easy Masks
- •Which Subnet Masks Meet the Stated Design Requirements?
- •What Are the Other Subnet Numbers?
- •Foundation Summary
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Extended ping Command
- •Distance Vector Concepts
- •Distance Vector Loop-Avoidance Features
- •Route Poisoning
- •Split Horizon
- •Split Horizon with Poison Reverse
- •Hold-Down Timer
- •Triggered (Flash) Updates
- •RIP and IGRP
- •IGRP Metrics
- •Examination of RIP and IGRP debug and show Commands
- •Issues When Multiple Routes to the Same Subnet Exist
- •Administrative Distance
- •Foundation Summary
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Link-State Routing Protocol and OSPF Concepts
- •Steady-State Operation
- •Loop Avoidance
- •Scaling OSPF Through Hierarchical Design
- •OSPF Areas
- •Stub Areas
- •Summary: Comparing Link-State and OSPF to Distance Vector Protocols
- •Balanced Hybrid Routing Protocol and EIGRP Concepts
- •EIGRP Loop Avoidance
- •EIGRP Summary
- •Foundation Summary
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Route Summarization and Variable-Length Subnet Masks
- •Route Summarization Concepts
- •VLSM
- •Route Summarization Strategies
- •Sample “Best” Summary on Seville
- •Sample “Best” Summary on Yosemite
- •Classless Routing Protocols and Classless Routing
- •Classless and Classful Routing Protocols
- •Autosummarization
- •Classful and Classless Routing
- •Default Routes
- •Classless Routing
- •Foundation Summary
- •Advanced TCP/IP Topics
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Scaling the IP Address Space for the Internet
- •CIDR
- •Private Addressing
- •Network Address Translation
- •Static NAT
- •Dynamic NAT
- •Overloading NAT with Port Address Translation (PAT)
- •Translating Overlapping Addresses
- •Miscellaneous TCP/IP Topics
- •Internet Control Message Protocol (ICMP)
- •ICMP Echo Request and Echo Reply
- •Destination Unreachable ICMP Message
- •Time Exceeded ICMP Message
- •Redirect ICMP Message
- •Secondary IP Addressing
- •FTP and TFTP
- •TFTP
- •MTU and Fragmentation
- •Foundation Summary
- •Part III: Wide-Area Networks
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Review of WAN Basics
- •Physical Components of Point-to-Point Leased Lines
- •Data-Link Protocols for Point-to-Point Leased Lines
- •HDLC and PPP Compared
- •Looped Link Detection
- •Enhanced Error Detection
- •Authentication Over WAN Links
- •PAP and CHAP Authentication
- •Foundation Summary
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •ISDN Protocols and Design
- •Typical Uses of ISDN
- •ISDN Channels
- •ISDN Protocols
- •ISDN BRI Function Groups and Reference Points
- •ISDN PRI Function Groups and Reference Points
- •BRI and PRI Encoding and Framing
- •PRI Encoding
- •PRI Framing
- •BRI Framing and Encoding
- •DDR Step 1: Routing Packets Out the Interface to Be Dialed
- •DDR Step 2: Determining the Subset of the Packets That Trigger the Dialing Process
- •DDR Step 3: Dialing (Signaling)
- •DDR Step 4: Determining When the Connection Is Terminated
- •ISDN and DDR show and debug Commands
- •Multilink PPP
- •Foundation Summary
- •Frame Relay
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Frame Relay Protocols
- •Frame Relay Standards
- •Virtual Circuits
- •LMI and Encapsulation Types
- •DLCI Addressing Details
- •Network Layer Concerns with Frame Relay
- •Layer 3 Addressing with Frame Relay
- •Frame Relay Layer 3 Addressing: One Subnet Containing All Frame Relay DTEs
- •Frame Relay Layer 3 Addressing: One Subnet Per VC
- •Frame Relay Layer 3 Addressing: Hybrid Approach
- •Broadcast Handling
- •Frame Relay Service Interworking
- •A Fully-Meshed Network with One IP Subnet
- •Frame Relay Address Mapping
- •A Partially-Meshed Network with One IP Subnet Per VC
- •A Partially-Meshed Network with Some Fully-Meshed Parts
- •Foundation Summary
- •Part IV: Network Security
- •IP Access Control List Security
- •“Do I Know This Already?” Quiz
- •Foundation Topics
- •Standard IP Access Control Lists
- •IP Standard ACL Concepts
- •Wildcard Masks
- •Standard IP ACL: Example 2
- •Extended IP Access Control Lists
- •Extended IP ACL Concepts
- •Extended IP Access Lists: Example 1
- •Extended IP Access Lists: Example 2
- •Miscellaneous ACL Topics
- •Named IP Access Lists
- •Controlling Telnet Access with ACLs
- •ACL Implementation Considerations
- •Foundation Summary
- •Part V: Final Preparation
- •Final Preparation
- •Suggestions for Final Preparation
- •Preparing for the Exam Experience
- •Final Lab Scenarios
- •Scenario 1
- •Scenario 1, Part A: Planning
- •Solutions to Scenario 1, Part A: Planning
- •Scenario 2
- •Scenario 2, Part A: Planning
- •Solutions to Scenario 2, Part A: Planning
- •Part VI: Appendixes
- •Glossary
- •Answers to the “Do I Know This Already?” Quizzes and Q&A Questions
- •Chapter 1
- •“Do I Know This Already?” Quiz
- •Chapter 2
- •“Do I Know This Already?” Quiz
- •Chapter 3
- •“Do I Know This Already?” Quiz
- •Chapter 4
- •“Do I Know This Already?” Quiz
- •Chapter 5
- •“Do I Know This Already?” Quiz
- •Chapter 6
- •“Do I Know This Already?” Quiz
- •Chapter 7
- •“Do I Know This Already?” Quiz
- •Chapter 8
- •“Do I Know This Already?” Quiz
- •Chapter 9
- •“Do I Know This Already?” Quiz
- •Chapter 10
- •“Do I Know This Already?” Quiz
- •Chapter 11
- •“Do I Know This Already?” Quiz
- •Chapter 12
- •“Do I Know This Already?” Quiz
- •Using the Simulation Software for the Hands-on Exercises
- •Accessing NetSim from the CD
- •Hands-on Exercises Available with NetSim
- •Scenarios
- •Labs
- •Listing of the Hands-on Exercises
- •How You Should Proceed with NetSim
- •Considerations When Using NetSim
- •Routing Protocol Overview
- •Comparing and Contrasting IP Routing Protocols
- •Routing Through the Internet with the Border Gateway Protocol
- •RIP Version 2
- •The Integrated IS-IS Link State Routing Protocol
- •Summary of Interior Routing Protocols
- •Numbering Ports (Interfaces)
Analyzing and Interpreting IP Addresses and Subnets 127
(c)Find the multiple of the magic number that is closest to but not greater than the address’s interesting octet.
(d)Write down that multiple of the magic number as the value of the subnet number’s interesting octet.
(e)To find the first valid IP address in the subnet, copy the subnet number, but add 1 to the fourth octet.
Step 3 Derive the broadcast address and the last valid IP address:
(a)Write down 255s in the broadcast address octets to the right of the line or the box.
(b)To find the broadcast address’s interesting octet value, take the subnet number’s interesting octet value, add the magic number, and subtract 1.
(c)To find the last valid IP address in the subnet, copy the broadcast address, but subtract 1 from the fourth octet.
Becoming proficient at this shortcut takes some practice. To make sure you have the process down, review the examples in the CD chapter “Subnetting Practice: 25 Subnetting Questions,” which has 25 different examples, including the Boolean AND and shortcut methods of finding the subnet number.
Which Subnet Masks Meet the Stated Design Requirements?
This chapter has explained how to answer questions that provide the subnet number. However, some questions do not supply the subnet number, but instead ask you to choose the correct subnet mask given a set of requirements. The most common of these questions reads something like this:
“You are using Class B network X, and you need 200 subnets, with at most 200 hosts per subnet. Which of the following subnet masks can you use?” This is followed by some subnet masks from which you choose the answer.
To find the correct answers to these types of questions, you first need to decide how many subnet bits and host bits you need to meet the requirements. Basically, the number of hosts per subnet is 2x – 2, where x is the number of host bits in the address. Likewise, the number of subnets in a network, assuming that the same subnet mask is used all over the network, is also 2x – 2, but with x being the number of subnet bits. As soon as you know how many subnet bits and host bits are required, you can figure out what mask or masks meet the stated design goals in the question.
128 Chapter 4: IP Addressing and Subnetting
Examples certainly help. The first sample question reads like this:
“Your network can use Class B network 130.1.0.0. What subnet masks meet the requirement that you plan to allow at most 200 subnets, with at most 200 hosts per subnet?”
First you need to figure out how many subnet bits allow for 200 subnets. You can use the formula 2x – 2 and plug in values for x until one of the numbers is at least 200. In this case, x turns out to be 8. In other words, you need at least 8 subnet bits to allow for 200 subnets.
If you do not want to keep plugging values into the 2x – 2 formula, you can instead memorize Table 4-30.
Table 4-30 Maximum Number of Subnets/Hosts
Number of Bits in the Host |
Maximum Number of Hosts or Subnets (2x – 2) |
or Subnet Field |
|
1 |
0 |
|
|
2 |
2 |
|
|
3 |
6 |
|
|
4 |
14 |
|
|
5 |
30 |
|
|
6 |
62 |
|
|
7 |
126 |
|
|
8 |
254 |
|
|
9 |
510 |
|
|
10 |
1022 |
|
|
11 |
2046 |
|
|
12 |
4094 |
|
|
13 |
8190 |
|
|
14 |
16,382 |
|
|
As you can see, if you already have the powers of 2 memorized, you really do not need to memorize the table—just remember the formula.
As for the first sample question, 7 subnet bits is not enough, because that allows for only 126 subnets. You need 8 subnet bits. Similarly, because you need up to 200 hosts per subnet, you need 8 host bits.
Analyzing and Interpreting IP Addresses and Subnets 129
Finally, you need to decide what mask(s) to use, knowing that you have a Class B network and that you must have at least 8 subnet bits and 8 host bits. Using the letter N to represent network bits, the letter S to represent subnet bits, and the letter H to represent host bits, the following shows the sizes of the various fields:
NNNNNNNN NNNNNNNN SSSSSSSS HHHHHHHH
All that is left is to derive the actual subnet mask. Because you need 8 bits for the subnet field and 8 for the host field, and the network field takes up 16 bits, you have already allocated all 32 bits of the address structure. Therefore, only one possible subnet mask works. To figure out the mask, you need to write down the 32-bit subnet mask, applying the following fact and subnet masks:
The network and subnet bits in a subnet mask are, by definition, all binary 1s.
Similarly, the host bits in a subnet mask are, by definition, all binary 0s.
So, the only valid subnet mask, in binary, is
11111111 11111111 11111111 00000000
When converted to decimal, this is 255.255.255.0.
A second example shows how the requirements stated in the question allow for multiple possible subnet masks:
“Your network can use Class B network 130.1.0.0. What subnet masks meet the requirement that you plan to allow at most 50 subnets, with at most 200 hosts per subnet?”
For this design, you still need at least 8 host bits, but now you only need at least 6 subnet bits. 6 subnet bits allows for 26 – 2, or 62, subnets. Following the same convention as before, but now using an X for bits that can be either subnet or host bits, the format of the address structure is as follows:
NNNNNNNN NNNNNNNN SSSSSSXX HHHHHHHH
In other words, the addresses have 16 network bits, at least 6 subnet bits, and at least 8 host bits. This example actually allows for three valid subnet masks, whose structure is as follows:
NNNNNNNN NNNNNNNN SSSSSSSS HHHHHHHH – 8 subnet, 8 host NNNNNNNN NNNNNNNN SSSSSSSH HHHHHHHH – 7 subnet, 9 host NNNNNNNN NNNNNNNN SSSSSSHH HHHHHHHH – 6 subnet, 10 host
130 Chapter 4: IP Addressing and Subnetting
So, based on the requirements in the question, three different valid subnet masks meet the requirements:
11111111 11111111 11111111 00000000 255.255.255.0
11111111 11111111 11111110 00000000 255.255.254.0
11111111 11111111 11111100 00000000 255.255.252.0
The 2 bits that could be subnet bits or host bits, based on the requirements, are shown in bold.
What Are the Other Subnet Numbers?
The final general type of IP addressing and subnetting question covered in this chapter asks you to list all the subnets of a particular network. You could use a long process that requires you to count in binary and convert many numbers from binary to decimal. However, because most people either learn the shortcut or use a subnet calculator in their jobs, I decided to just show you the shortcut method for this particular type of question.
First, the question needs a better definition—or at least a more-complete one. The question might be better stated like this:
“If the same subnet mask is used for all subnets of this Class A, B, or C network, what are the valid subnets?”
IP design conventions do not require the engineer to use the same mask for every subnet. Unless specifically stated, the question “What are all the subnets?” probably assumes that the same mask is used for all subnets, unless the question specifically states that different masks can be used on different subnets.
The following easy decimal process lists all the valid subnets given the network number and the only mask used on that network. This three-step process assumes that the size of the subnet part of the address is, at most, 8 bits in length. The same general process can be expanded to work when the size of the subnet part of the address is more than 8 bits, but that expanded process is not described here.
The three-step process uses a chart that I call the subnet list chart. I made up the name just for this book. Table 4-31 presents a generic version of the subnet list chart.
Table 4-31 Three-Step Process Generic Subnet List Chart
Octet |
1 |
2 |
3 |
4 |
|
|
|
|
|
Network Number |
|
|
|
|
|
|
|
|
|
Mask |
|
|
|
|
|
|
|
|
|
Subnet Zero |
|
|
|
|
|
|
|
|
|
Analyzing and Interpreting IP Addresses and Subnets 131
Table 4-31 Three-Step Process Generic Subnet List Chart (Continued)
Octet |
1 |
2 |
3 |
4 |
|
|
|
|
|
First Subnet |
|
|
|
|
|
|
|
|
|
Next Subnet |
|
|
|
|
|
|
|
|
|
Last Subnet |
|
|
|
|
|
|
|
|
|
Broadcast Subnet |
|
|
|
|
|
|
|
|
|
You list the known network number and subnet mask as the first step in the process. If the question gives you an IP address and mask instead of the network number and mask, just write down the network number of which that IP address is a member. (Remember, this three-step process assumes that the subnet part of the addresses is 8 bits or less.)
For the second of the three steps, copy the network number into the Subnet Zero row. Subnet zero, or the zero subnet, is numerically the first subnet, and it is one of the two reserved subnet numbers in a network. (You can use the zero subnet on a Cisco router if you configure the global configuration command ip zero-subnet.) Interestingly, a network's zero subnet has the exact same numeric value as the network itself—which is one of the reasons that it should not be used. For the purposes of answering questions on the exam about the number of valid subnets in a network, consider the zero subnet unusable, unless the question tells you that using it is ok. In real life, do not use the zero subnet if you do not have to.
The third step in the process is covered after Tables 4-32 and 4-33, which list two familiar examples, with the first two steps completed.
Table 4-32 Subnet List Chart: 130.4.0.0/24
Octet |
1 |
2 |
3 |
4 |
|
|
|
|
|
Network Number |
130 |
4 |
0 |
0 |
|
|
|
|
|
Mask |
255 |
255 |
255 |
0 |
|
|
|
|
|
Subnet Zero |
130 |
4 |
0 |
0 |
|
|
|
|
|
Table 4-33 Subnet List Chart: 130.4.0.0/22
Octet |
1 |
2 |
3 |
4 |
|
|
|
|
|
Network Number |
130 |
4 |
0 |
0 |
|
|
|
|
|
Mask |
255 |
255 |
252 |
0 |
|
|
|
|
|
Subnet Zero |
130 |
4 |
0 |
0 |
|
|
|
|
|
132 Chapter 4: IP Addressing and Subnetting
The last step in this process, Step 3, is repeated many times. This last step uses the magic number, which is 256 minus the mask octet value in the interesting octet. With this process of finding all the subnet numbers, the interesting octet is the octet that contains all of the subnet part of the addresses. (Remember, the process assumes 8 or fewer subnet bits!) In both Tables 4-32 and 4-33, the interesting octet is the third octet.
The third and final step in the process to find all the subnet numbers goes like this: Starting with the last completed row in the table, do the following:
a.Because this process assumes 1 byte or less in the subnet part of the addresses, on the next row of the table, copy down the three octets that are not part of the subnet field. Call the octet that is not copied down the “subnet octet” or the “interesting octet.”
b.Add the magic number to the previous subnet octet, and write that down as the value of the subnet octet.
c.Repeat the preceding two tasks until the next number you would write down in the subnet octet is 256. (But don’t write it down—it’s invalid.)
The idea behind the process of finding all the subnets becomes apparent when you review the same two examples used earlier. Table 4-34 lists the example with the easy mask. Note that the magic number is 256 – 255 = 1 in this case, and that the third octet is the interesting subnet octet.
Table 4-34 Subnet List Chart: 130.4.0.0/255.255.255.0 Completed
Octet |
1 |
2 |
3 |
4 |
|
|
|
|
|
Network Number |
130 |
4 |
0 |
0 |
|
|
|
|
|
Mask |
255 |
255 |
255 |
0 |
|
|
|
|
|
Subnet Zero |
130 |
4 |
0 |
0 |
|
|
|
|
|
First Subnet |
130 |
4 |
1 |
0 |
|
|
|
|
|
Next Subnet |
130 |
4 |
2 |
0 |
|
|
|
|
|
Next Subnet |
130 |
4 |
3 |
0 |
|
|
|
|
|
Next Subnet |
130 |
4 |
4 |
0 |
|
|
|
|
|
(Skipping Many Subnets) |
130 |
4 |
X |
0 |
|
|
|
|
|
Last Subnet |
130 |
4 |
254 |
0 |
|
|
|
|
|
Broadcast Subnet |
130 |
4 |
255 |
0 |
|
|
|
|
|
You might better understand the logic behind how this process works by looking at the first few entries and then the last few entries. The zero subnet is easily found because it’s the same
Analyzing and Interpreting IP Addresses and Subnets 133
number as the network number. The magic number is 256 – 255 = 1 in this case. Essentially, you increment the third octet (in this case) by the magic number for each successive subnet number.
One row of the table is labeled “Skipping Many Subnets.” Rather than make this book even bigger, I left out several entries but included enough that you could see that the subnet number’s third octet just gets bigger by 1, in this case, for each successive subnet number.
Looking at the end of the table, the last entry lists 255 in the third octet. 256 decimal is never a valid value in any IP address, and the directions said not to write down a subnet with 256 in it, so the last number in the table is 130.4.255.0. The last subnet is the broadcast subnet, which is the other reserved subnet number. The subnet before the broadcast subnet is the highest, or last, valid subnet number.
With a simple subnet mask, the process of answering this type of question is very simple. In fact, many people might even refer to these subnets using just the third octet. If all subnets of a particular organization were in network 130.4.0.0, with mask 255.255.255.0, you might simply say “subnet 5” when referring to subnet 130.4.5.0.
The process works the same with difficult subnet masks, even though the answers are not as intuitive. Table 4-35 lists the answers for the second example, using a mask of 255.255.252.0. The third octet is again the interesting subnet octet, but this time the magic number is 256 – 252 = 4.
Table 4-35 Subnet List Chart: 130.4.0.0/255.255.252.0
Octet |
1 |
2 |
3 |
4 |
|
|
|
|
|
Network Number |
130 |
4 |
0 |
0 |
|
|
|
|
|
Mask |
255 |
255 |
252 |
0 |
|
|
|
|
|
Subnet Zero |
130 |
4 |
0 |
0 |
|
|
|
|
|
First Subnet |
130 |
4 |
4 |
0 |
|
|
|
|
|
Next Valid Subnet |
130 |
4 |
8 |
0 |
|
|
|
|
|
(Skipping Many Subnets) |
130 |
4 |
X |
0 |
|
|
|
|
|
Last Subnet |
130 |
4 |
248 |
0 |
|
|
|
|
|
Broadcast Subnet |
130 |
4 |
252 |
0 |
|
|
|
|
|
The first subnet number numerically, the zero subnet, starts the list. By adding the magic number in the interesting octet, you find the rest of the subnet numbers. Like the previous example, to save space in the book, many subnet numbers were skipped.
134 Chapter 4: IP Addressing and Subnetting
You probably wouldn’t guess that 130.4.252.0 is the broadcast subnet for this latest example. However, adding the magic number 4 to 252 gives you 256 as the next subnet number, which is invalid, so 130.4.252.0 is indeed the broadcast subnet.
The three-step process to find all the subnet numbers of a network is as follows:
Step 1 Write down the network number and subnet mask in the first two rows of the subnet list chart.
Step 2 Write down the network number in the third row. This is the zero subnet, which is one of the two reserved subnets.
Step 3 Do the following two tasks, stopping when the next number you would write down in the interesting column is 256. (But don’t write it down— it’s invalid.)
(a)Copy all three uninteresting octets from the previous line.
(b)Add the magic number to the previous interesting octet, and write it down as the value of the interesting octet.