LAN Switching and WAN Networks: Internet Protocol in Switched Networks - (II)

LAN Switching and WAN Networks
Internet Protocol in Switched

Networks – (II)
Topic & Structure of the lesson
Internet Protocol in Switched Networks (II)
•RFC 1918 Networks with Firewalls

•Broadcast Reduction in IP Networks
•Troubleshooting Switched IP Networks
CT032-LAN Switching and WAN Networks

Learning Outcomes
At the end of this module, YOU should be able to:
• Explain the importance and functions of Proxy firewalls.
• Explain the purpose and implementation of Network Address

Translation function.
• Explain the different methods for baselining and monitoring

network broadcast rate.
• Explain the various common IP-related issues in switched networks.

Key Terms you must be able to use
If you have mastered this topic, you should be able to use the
following terms correctly in your assignments and exams:
• Private Internets and Non-connected Networks
• Proxy Firewalls
• Network Address Translators
• Passive RIP Nodes
• Broadcast Reduction Techniques
• ARP Caches
• Network Unreachable
Main Teaching Points
• RFC 1918 Networks with Firewalls
• Broadcast Reduction in IP Networks
• Troubleshooting Switched IP Networks

RFC 1918 Networks with Firewalls
 RFC 1918 Networks with Firewalls Overview

The massive growth of the global Internet has created one
unfortunate consequence
 The 32-bit addressing form of Internet Protocol is unable
to provide enough unique IP networks to meet the demand
of the user community
 Today, if a new company wishes to register a valid IP
address to attach to the Internet, it will most likely receive a
class C network address
 In order to provide some other option for those users
planning on large-scale switched LANs but only having valid
class C networks for the Internet,
 IETF has allowed for the construction of valid private

internets of class A, B, C size using RFC 1918
The address ranges allocated by the Internet Assigned
Numbers Authority (IANA) for private use are as follows:
 Class A: 10.0.0.0 – 10.255.255.255
 Class B: 172.16.0.0. – 172.31.255.255
 Class C: 192.168.0.0 – 192.168.255.255
 These address ranges are officially allowed to be utilized
in customer networks so long there is no connectivity to the
Internet via a router

 Private Internets and Non-connected Networks

 Is defined as an IP network that does not have direct
router-based connectivity to the global Internet
 Reasons for having such networks:
 a) The company building the network has no
requirement to connect to the Internet from its
corporate network
 b) The company requires Internet connectivity but
desires a higher level of control over access to the
Internet than traditional routers provide
 c) The customer has been given a number of
separate class C IP networks from the IANA to define
its network
 Proxy Firewalls
 A device that has become the preferred method of
connecting to the global Internet for most enterprises and
government
 This device can be viewed as a two-port gateway from the
private internal internet to the global Internet
 Its gateway services are not like those of a traditional
router in that it forwards only application layer requests
 By only forwarding the application layer information, this
type of device is able to apply much more control over what
kind of communication should exit or enter the private
network
 Since the firewall is the IP destination with which all

internal nodes communicate, it acts as if it were just a single
IP node in the private network and a single IP on the global
Internet
 The firewall is application based, not all IP applications
can traverse this type of device. However, common
applications such as Telnet, FTP, Web Access, and e-mail
(SMTP)

 Network Address Translators (NAT)
 A second option for connecting a private internet to the
global Internet is the network address translator, or NAT
 In the RFC 1631, the NAT is defined as a device or service on a
traditional router or firewall that translates private network IP
address to valid global Internet IP addresses
The NAT can use a pool of valid global IP addresses to
dynamically replace the private source IP addresses of packets
passing through it
 The private network is able to use valid IP addresses while on the
Internet and private IP addresses internal to the non-connected
network
 It is normal for the NAT function be embedded in a router or a
firewall as an additional service
Broadcast Reduction in IP Networks
 Methods of base lining and monitoring network broadcast rate
 Manage NFS mounts
 Network file system mounting is the process of mapping a file
system of one IP device to another IP device over the network
 In cases where the other device is no longer present, the NFS
applications can attempt to restore IP connectivity through ARP
protocol
 This ARP broadcasting can occur at very high rates when the
other NFS device is not present on the network
 Network management systems
When the common network management systems such as
SunNET Manager, HP OpenView, Cabletron Spectrum, and IBM
Netview/6000, discover a network they can detect any pingable
device
When any such device is detected, the device is added to their
database, and the management system will begin polling the
device via SNMP or ICMP
 If the device leaves the network , the management system will
still attempt to contact that device using ARP requests
 Use OSPF as routing protocol
 Open Shortest Path First (OSPF) generally provides a less
broadcast intensive method of layer three routing
 Since routing tables are not broadcast in this routing protocol,
as they are in Routing Information Protocol (RIP), the total
broadcasts generated will be reduced significantly in large
networks
 It is not always possible to utilize OSPF easily due to its
complexity but it should be considered preferable to RIP
Keep high bandwidth IP multicast applications off the switched
LAN
The services of IP multicast using Internet Group Management
Protocol (IGMP) are used for a variety of applications
Low bandwidth applications such as network time updates are
not usually an issue on switched networks
 High-bandwidth applications using IP multicast, such as video
conferencing or radio feeds, are not usually suitable for switched
LANs without some additional method of control

Troubleshooting Switched IP Networks
 Overview
 Once the switched network has been implemented and the IP
configuration completed, the overall network performance and
simplicity should be significantly greater
 However, it is possible that connectivity issues may occur in
the network and it fails to perform at the expected level
 If standard procedures to troubleshoot the switched LAN has
been performed but to no success then the problem could be an
IP-related issue
 The following address some of the more common IP-related
issues in switched networks:

ARP Caches
 Symptom:
After flattening the network, some end systems are unable to
reach other IP devices that are known to exist in the switched
network. This failure only occurs after the routers have been
relocated and generally does not affect all devices in the
switched network.
 Probable Cause:
The ARP cache of the end nodes at one or both sides of the
conversation are still populated with a router’s MAC address
for the destination IP address. It is very probable that the end
users in a Proxy environment have the IP address of other
IP devices all mapped to the MAC address of the local router.
 Possible solutions:
Since the ARP cache is dynamic in most cases, it will
eventually age out and the device will re-ARP for the IP
destination. At such a time, the correct MAC to IP binding will
be placed in the ARP cache and IP communication will occur.
 Network Unreachable
 Symptom:
When IP communication is attempted to another IP device, the
message network unreachable is returned to the user interface
by the IP stack. The communication fails and no ARP cache
entry is seen for the destination.
 Probable Cause:
The network unreachable message is generated when route

determination fails in the IP host communication process.
Since the route determination is the process of using the
source IP address, the destination IP address, and the source
mask to determine if the two devices exist in the same IP
network (local) or different networks separated by gateways
(remote). For the destination is remote and if that lookup fails
to find any next-hop gateway, the network is considered
unreachable.
 Solution
The solution is to correct the mask and.or routing tables of the
hosts affected. To correct the mask or routing table, determine
the proper mask and gateway parameters, based on your

addressing scheme, and reapply the correct configuration
using the IP stack’s configuration files or interfaces.

Quick Review Question

Summary of Main Teaching Points

Question and Answer Session
Q&A

References for Figures used
• Lammle T, (2007) CCNA Study Guide, Sybex
• Odom S, Nottingham H (2002), Cisco Switching Black Book:

A Practical in Depth Guide to Configuring, Operating and
Managing Cisco LAN Switches, Paraglyph Press.
• John J. Roese, (1998) Switched LANs, McGraw-Hill

Next Session
• Troubleshooting and maintaining

switched LANs (I)

LAN Switching and WAN Networks: Internet Protocol in Switched Networks - (II)

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

LAN Switching and WAN Networks: Internet Protocol in Switched Networks - (II)

Uploaded by

Copyright:

Available Formats

LAN Switching and WAN Networks

Internet Protocol in Switched

•RFC 1918 Networks with Firewalls

CT032-LAN Switching and WAN Networks

At the end of this module, YOU should be able to:

• Explain the importance and functions of Proxy firewalls.

• Explain the purpose and implementation of Network Address

• Explain the different methods for baselining and monitoring

• Explain the various common IP-related issues in switched networks.

CT032-LAN Switching and WAN Networks

• Private Internets and Non-connected Networks

• Network Address Translators

• Passive RIP Nodes

• Broadcast Reduction Techniques

• RFC 1918 Networks with Firewalls

• Broadcast Reduction in IP Networks

• Troubleshooting Switched IP Networks

CT032-LAN Switching and WAN Networks

 RFC 1918 Networks with Firewalls Overview

 IETF has allowed for the construction of valid private

CT032-LAN Switching and WAN Networks

 Private Internets and Non-connected Networks

 Since the firewall is the IP destination with which all

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

The network unreachable message is generated when route

the proper mask and gateway parameters, based on your

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

CT032-LAN Switching and WAN Networks

• Lammle T, (2007) CCNA Study Guide, Sybex

• Odom S, Nottingham H (2002), Cisco Switching Black Book:

• John J. Roese, (1998) Switched LANs, McGraw-Hill

CT032-LAN Switching and WAN Networks

• Troubleshooting and maintaining

CT032-LAN Switching and WAN Networks

You might also like