Chapter 7. IP Addressing

What is the structure of an IPv4 address?

What is the purpose of the subnet mask?

What are the characteristics and uses of the unicast, broadcast, and multicast IPv4 addresses?

How do you use public address space and private address space?

Why transition from IPv4 to IPv6?

How is an IPv6 address represented?

What are the different types of IPv6 network addresses?

How do you configure global unicast addresses?

What is a multicast address?

What is the role of ICMP in an IP network (both IPv4 and IPv6)?

How would you use ping and traceroute utilities to test network connectivity?

binary notation page 267

American Standard Code for Information Interchange (ASCII) page 267

prefix length page 279

network address page 281

host address page 282

broadcast address page 283

ANDing page 287

static addressing page 292

unicast page 293

broadcast page 293

multicast page 293

private addresses page 298

public addresses page 299

loopback page 299

link-local addresses page 300

TEST-NET addresses page 301

experimental addresses page 301

class A page 301

class B page 301

class C page 301

classless addressing page 303

dual stack page 309

tunneling page 309

translation page 310

hexadecimal numbering page 311

IPv6 link-local address page 321

IPv6 global unicast addresses page 322

global routing prefix page 323

Stateless Address Autoconfiguration (SLAAC) page 327

Dynamic Host Configuration Protocol for IPv6 (DHCPv6) page 329

solicited-node multicast address page 338

Router Solicitation message (RS) page 342

Router Advertisement message (RA) page 342

Neighbor Solicitation page 342

Neighbor Advertisement page 342

Designing, implementing, and managing an effective IP addressing plan ensures that networks can operate effectively and efficiently.

This chapter examines in detail the structure of IP addresses and their application to the construction and testing of IP networks and subnetworks.

Using ASCII, the letter “A” is represented in bit form as 01000001, whereas the lowercase letter “a” is represented in bit form as 01100001. Use the ASCII translator available in the online course to convert ASCII characters to binary.

Although it is not generally necessary for people to concern themselves with binary conversion of letters, it is necessary to understand the use of binary for IP addressing. Each device on a network must be uniquely identified using a binary address. In IPv4 networks, this address is represented using a string of 32 bits (1s and 0s). At the network layer, the packets then include this unique identification information for both the source and destination systems. Therefore, in an IPv4 network, each packet includes a 32-bit source address and a 32-bit destination address in the OSI Layer 3 header.

For most individuals, a string of 32 bits is difficult to interpret and even more difficult to remember. Therefore, we represent IPv4 addresses using dotted decimal format instead of binary. This means that we look at each byte (octet) as a decimal number in the range of 0 to 255. For clarification, 1 byte equals 8 bits equal one octet. To understand how this works you need to have some skill in binary to decimal conversion.

For the decimal number 192, the value that the 1 represents is 1 * 10^2 (1 times 10 to the power of 2). The 1 is in what we commonly refer to as the “100s” position. Positional notation refers to this position as the base^2 position because the base, or radix, is 10 and the power is 2. The 9 represents 9 * 10^1 (9 times 10 to the power of 1). Positional notation for the decimal number 192 is shown in Figure 7-1.

Using positional notation in the base 10 numbering system, 192 represents

192 = (1 * 10^2) + (9 * 10^1) + (2 * 10^0)

or

192 = (1 * 100) + (9 * 10) + (2 * 1)

The binary address

11000000 10101000 00001010 00001010

is expressed in dotted decimal as

192.168.10.10

But how are the actual decimal equivalents determined?

    2^7        2^6       2^5       2^4        2^3       2^2       2^1       2^0

    128        64         32         16           8          4           2           1

The base 2 numbering system only has two digits: 0 and 1.

When we interpret a byte as a decimal number, we have the quantity that position represents if the digit is a 1, and we do not have that quantity if the digit is a 0, as shown in Activity 7.1.1.2.

Figure 7-2 illustrates the representation of the decimal number 192 in binary. A 1 in a certain position means we add that value to the total. A 0 means we do not add that value. The binary number 11000000 has a 1 in the 2^7 position (decimal value 128) and a 1 in the 2^6 position (decimal value 64). The remaining bits are all 0, so we do not add the corresponding decimal values. The result of adding 128 + 64 is 192, the decimal equivalent of 11000000.

Here are two more examples:

Example 1: An octet containing all 1s: 11111111

A 1 in each position means that we add the value for that position to the total. All 1s means that the values of every position are included in the total; therefore, the value of all 1s in an octet is 255:

128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255

Example 2: An octet containing all 0s: 00000000

A 0 in each position indicates that the value for that position is not included in the total. A 0 in every position yields a total of 0:

0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 = 0

A different combination of 1s and 0s yields a different decimal value.

Determine the value of the octet by adding the values of positions wherever there is a binary 1 present:

If there is a 0 in a position, do not add the value.

If all 8 bits are 0s, 00000000, the value of the octet is 0.

If all 8 bits are 1s, 11111111, the value of the octet is 255 (128 + 64 + 32 + 16 + 8 + 4 + 2 + 1).

If the 8 bits are mixed, the values are added together. For example, the octet 00100111 has a value of 39 (32 + 4 + 2 + 1).

So the value of each of the four octets can range from 0 to a maximum of 255.

Using the 32-bit IPv4 address, 11000000101010000000101000001010, convert the binary representation to dotted decimal using the following steps:

Step 1. Divide the 32 bits into four octets.

Step 2. Convert each octet to decimal.

Step 3. Add a “dot” between each decimal.

Because we represent IPv4 addresses using dotted decimal format, it is only necessary that we examine the process of converting decimal values of 0 to 255 for each octet in an IPv4 address to the 8-bit binary.

To begin the conversion process, we start by determining if the decimal number is equal to or greater than our largest decimal value represented by the most-significant bit. In the highest position, we determine if the octet number is equal to or greater than 128. If the octet number is smaller than 128, we place a 0 in the bit position for decimal value 128 and move to the bit position for decimal value 64.

If the octet number in the bit position for decimal value 128 is larger than or equal to 128, we place a 1 in the bit position for decimal value 128 and subtract 128 from the octet number being converted. We then compare the remainder of this operation to the next smaller value, 64. We continue this process for all the remaining bit positions. Look at Figures 7-3 through 7-8 to see the process of converting 168 to the binary equivalent of 10101000.

Follow the conversion steps in Figures 7-9 through 7-13 to see how an IP address is converted to binary.

The bits within the network portion of the address must be identical for all devices that reside in the same network. The bits within the host portion of the address must be unique to identify a specific host within a network. Regardless of whether the decimal numbers between two IPv4 addresses match up, if two hosts have the same bit pattern in the specified network portion of the 32-bit stream, those two hosts will reside in the same network.

But how do hosts know which portion of the 32 bits is network and which is host? That is the job of the subnet mask, as shown in Figure 7-14.

When an IP host is configured, a subnet mask is assigned along with an IP address. Like the IP address, the subnet mask is 32 bits long. The subnet mask signifies which part of the IP address is network and which part is host.

The subnet mask is compared to the IP address from left to right, bit for bit. The 1s in the subnet mask represent the network portion; the 0s represent the host portion. As shown in Figure 7-14, the subnet mask is created by placing a binary 1 in each bit position that represents the network portion and placing a binary 0 in each bit position that represents the host portion. Note that the subnet mask does not actually contain the network or host portion of an IPv4 address, it just tells the computer where to look for these portions in a given IPv4 address.

Similar to IPv4 addresses, the subnet mask is represented in dotted decimal format for ease of use. The subnet mask is configured on a host device, in conjunction with the IPv4 address, and is required so the host can determine which network it belongs to. Figure 7-15 displays the valid subnet masks for an IPv4 octet.

Networks are not always assigned a /24 prefix. Depending on the number of hosts on the network, the prefix assigned may be different. Having a different prefix number changes the host range and broadcast address for each network.

The following figures illustrate different prefixes using the same 10.1.1.0 address. Figure 7-16 illustrates the /24 to /26 prefixes, and Figure 7-17 illustrates the /27 and /28 prefixes.

Notice that the network address could remain the same, but the host range and the broadcast address are different for the different prefix lengths. In the figures, you can see that the number of hosts that can be addressed on the network also changes.

Network address

Host address

Broadcast address

As shown in Figure 7-19, within the IPv4 address range of a network, the first address is reserved for the network address. This address has a 0 for each host bit in the host portion of the address. All hosts within the network share the same network address.

The broadcast address uses the highest address in the network range. This is the address in which the bits in the host portion are all 1s. All 1s in an octet in binary form is equal to the number 255 in decimal form. Therefore, as shown in Figure 7-21, for the network 10.1.1.0/24, in which the last octet is used for the host portion, the broadcast address would be 10.1.1.255. This address is also referred to as the directed broadcast. Note that the host portion will not always be an entire octet.

When sending network data, the device uses this information to determine whether it can send packets locally or must send the packets to a default gateway for remote delivery. When a host sends a packet, it compares the network portion of its own IP address to the network portion of the destination IP address, based on subnet masks. If the network bits match, both the source and destination host are on the same network and the packet can be delivered locally. If they do not match, the sending host forwards the packet to the default gateway, to be sent on to the other network.

1 AND 1 = 1 (see Figure 7-24)

0 AND 1 = 1 (see Figure 7-25)

0 AND 0 = 1 (see Figure 7-26)

1 AND 0 = 1 (see Figure 7-27)

The IPv4 host address is logically ANDed, bit by bit, with its subnet mask to determine the network address to which the host is associated. When this bitwise ANDing between the address and the subnet mask is performed, the result yields the network address.

Because all the bits of the subnet mask that represent host bits are 0s, the host portion of the resulting network address becomes all 0s. Recall that an IPv4 address with all 0s in the host portion represents the network address.

Likewise, all the bits of the subnet mask that indicate the network portion are 1s. When each of these 1s is ANDed with the corresponding bit of the address, the resulting bits are identical to the original address bits.

As shown in Figure 7-28, the 1 bits in the subnet mask will result in the network portion of the network address having the same bits as the network portion of the host. The host portion of the network address will result in all 0s.

For a given IP address and its subnet, ANDing can be used to determine what subnetwork the address belongs to, as well as what other addresses belong to the same subnet. Remember that if two addresses are in the same network or subnetwork, they are considered to be local to each other and can therefore communicate directly with each other. Addresses that are not in the same network or subnetwork are considered to be remote to each other and must therefore have a Layer 3 device (like a router or Layer 3 switch) between them to communicate.

In network verification/troubleshooting, we often need to determine two hosts are on the same local network. We need to make this determination from the perspective of the network devices. Due to improper configuration, a host may see itself on a network that was not the intended one. This can create an operation that seems erratic unless diagnosed by examining the ANDing processes used by the host.

There are several advantages to static addressing. For instance, static addresses are useful for printers, servers, and other networking devices that do not change location often and need to be accessible to clients on the network based on a fixed IP address. If hosts normally access a server at a particular IP address, it would cause problems if that address changed. Additionally, static assignment of addressing information can provide increased control of network resources. For example, it is possible to create access filters based on traffic to and from a specific IP address. However, static addressing can be time consuming to enter on each host.

When using static IP addressing, it is necessary to maintain an accurate list of the IP address assigned to each device. These are permanent addresses and are not normally reused.

DHCP enables the automatic assignment of addressing information such as IP address, subnet mask, default gateway, and other configuration information. The configuration of the DHCP server requires that a block of addresses, called an address pool, be used for assigning to the DHCP clients on a network. Addresses assigned to this pool should be planned so that they exclude any static addresses used by other devices.

Using DHCP is generally the preferred method of assigning IPv4 addresses to hosts on large networks because it reduces the burden on network support staff and virtually eliminates entry errors.

Another benefit of DHCP is that an address is not permanently assigned to a host but is only “leased” for a period of time. If the host is powered down or taken off the network, the address is returned to the pool for reuse. This feature is especially helpful for mobile users that come and go on a network.

If DCHP is enabled on a host device, the ipconfig command can be used to view the IP address information assigned by the DHCP server, as shown in Figure 7-32.

Unicast: The process of sending a packet from one host to an individual host

Broadcast: The process of sending a packet from one host to all hosts in the network

Multicast: The process of sending a packet from one host to a selected group of hosts, possibly in different networks

These three types of communication are used for different purposes in data networks. In all three cases, the IPv4 address of the originating host is placed in the packet header as the source address.

In an IPv4 network, the unicast address applied to an end device is referred to as the host address. For unicast communication, the addresses assigned to the two end devices are used as the source and destination IPv4 addresses. During the encapsulation process, the source host places its IPv4 address in the unicast packet header as the source address and places the IPv4 address of the destination host in the packet header as the destination address. Regardless of whether the destination specified in a packet is unicast, broadcast, or multicast, the source address of any packet is always the unicast address of the originating host.

IPv4 host addresses are unicast addresses and are in the address range of 0.0.0.0 to 223.255.255.255. However, within this range are many addresses that are reserved for special purposes. These special-purpose addresses will be discussed later in this chapter.

Some examples for using broadcast transmission are

Mapping upper-layer addresses to lower-layer addresses, such as ARP

Requesting an address, such as DHCP

Unlike unicast, where the packets can be routed throughout the internetwork, broadcast packets are usually restricted to the local network. This restriction is dependent on the configuration of the gateway router and the type of broadcast. There are two types of broadcasts: directed broadcast and limited broadcast.

As an example, a host within the 172.16.4.0/24 network would broadcast to all hosts in its network using a packet with a destination address of 255.255.255.255.

When a packet is broadcast, it uses resources on the network and causes every receiving host on the network to process the packet. Therefore, broadcast traffic should be limited so that it does not adversely affect performance of the network or devices. Because routers separate broadcast domains, subdividing networks with excessive broadcast traffic can improve network performance.

Some examples of multicast transmission are

Video and audio broadcasts

Routing information exchange by routing protocols

Distribution of software

News feeds

The IPv4 multicast addresses 224.0.0.0 to 224.0.0.255 are reserved link-local addresses. These addresses are to be used for multicast groups on a local network. A router connected to the local network recognizes that these packets are addressed to a link-local multicast group and never forwards them further. A typical use of reserved link-local addresses is in routing protocols using multicast transmission to exchange routing information.

The globally scoped addresses are 224.0.1.0 to 238.255.255.255. They may be used to multicast data across the Internet. For example, 224.0.1.1 has been reserved for the Network Time Protocol (NTP) to synchronize the time-of-day clocks of network devices.

The administratively scoped addresses (or limited-scope addresses) are the 239.0.0.0 to 239.255.255.255 range.

Each multicast group is represented by a single IPv4 multicast destination address. When an IPv4 host subscribes to a multicast group, the host processes packets addressed to this multicast address and packets addressed to its uniquely allocated unicast address.

10.0.0.0 to 10.255.255.255 (10.0.0.0/8)

172.16.0.0 to 172.31.255.255 (172.16.0.0/12)

192.168.0.0 to 192.168.255.255 (192.168.0.0/16)

Private addresses are defined in RFC 1918, Address Allocation for Private Internets, and are sometimes referred to as RFC 1918 addresses. Private space address blocks, as shown in Figure 7-33, are used in private networks. Hosts that do not require access to the Internet can use private addresses. However, within the private network, hosts still require unique IP addresses within the private space.

Hosts in different networks may use the same private space addresses. Packets using these addresses as the source or destination should not appear on the public Internet. The router or firewall device at the perimeter of these private networks must block or translate these addresses. Even if these packets were to make their way to the Internet, the routers would not have routes to forward them to the appropriate private network.

In RFC 6598, the Internet Assigned Numbers Authority (IANA) reserved another group of addresses known as shared address space. Similar to RFC 1918 private address space, shared address space addresses are not globally routable. However, these addresses are intended only for use in service provider networks. The shared address block is 100.64.0.0/10.

Although only the single 127.0.0.1 address is used, addresses 127.0.0.0 to 127.255.255.255 are reserved. Any address within this block will loop back to the local host. No address within this block should ever appear on any network.

Communication using IPv4 link-local addresses is only suitable for communication with other devices connected to the same network, as shown in Figure 7-34. A host must not send a packet with an IPv4 link-local destination address to any router for forwarding and should set the IPv4 Time-to-Live (TTL) field for these packets to 1.

Link-local addresses do not provide services outside of the local network. However, many client/server and peer-to-peer applications will work properly with IPv4 link-local addresses.

Figure 7-35 illustrates how these address classes are divided.

Even though this classful system was all but abandoned in the late 1990s, you will see remnants of it in networks today. For example, when you assign an IPv4 address to a computer, the operating system examines the address being assigned to determine if this address is a class A, class B, or class C address. The operating system then assumes the prefix used by that class and makes the default subnet mask assignment.

Figure 7-36 shows the classful address ranges.

The IETF knew that CIDR was only a temporary solution and that a new IP protocol would have to be developed to accommodate the rapid growth in the number of Internet users. In 1994, the IETF began its work to find a successor to IPv4, which eventually became IPv6.

The following are the major RIRs, the regions they cover, and their URLs:

AfriNIC (African Network Information Centre): Africa Region; http://www.afrinic.net

APNIC (Asia Pacific Network Information Centre): Asia/Pacific Region; http://www.apnic.net

ARIN (American Registry for Internet Numbers): North America Region; http://www.arin.net

LACNIC (Regional Latin-American and Caribbean IP Address Registry): Latin America and some Caribbean Islands; http://www.lacnic.net

RIPE NCC (Reseaux IP Europeans): Europe, the Middle East, and Central Asia; http://www.ripe.net

In a sense, the ISP loans or rents these addresses to the organization. If we choose to move our Internet connectivity to another ISP, the new ISP will provide us with addresses from the address blocks that have been provided to them, and our previous ISP returns the blocks loaned to us to their allocation to be loaned to another customer.

IPv6 addresses can be obtained from the ISP or, in some cases, directly from the RIR. IPv6 addresses and typical address block sizes will be discussed later in this chapter.

The primary advantages for customers of Tier 1 ISPs are reliability and speed. Because these customers are only one connection away from the Internet, there are fewer opportunities for failures or traffic bottlenecks. The drawback for Tier 1 ISP customers is its high cost.

The primary disadvantage of Tier 2 ISPs, as compared to Tier 1 ISPs, is slower Internet access. Because Tier 2 ISPs are at least one more connection away from the Internet backbone, they also tend to have lower reliability than Tier 1 ISPs.

These customers often have little or no computer or network expertise. Tier 3 ISPs often bundle Internet connectivity as a part of network and computer service contracts for their customers. Although they may have reduced bandwidth and less reliability than Tier 1 and Tier 2 providers, Tier 3 ISPs are often good choices for small to midsize companies.

IPv4 has a theoretical maximum of 4.3 billion addresses. RFC 1918 private addresses in combination with network address translation (NAT) have been instrumental in slowing the depletion of IPv4 address space. NAT has limitations that severely impede peer-to-peer communications.

The Internet of today is significantly different than the Internet of past decades. The Internet of today is more than e-mail, web pages, and file transfer between computers. The evolving Internet is becoming an Internet of things. As depicted in Figure 7-39, no longer will the only devices accessing the Internet be computers, tablets, and smartphones. The sensor-equipped, Internet-ready devices of tomorrow will include everything from automobiles and biomedical devices to household appliances and natural ecosystems. Imagine a meeting at a customer site that is automatically scheduled on your calendar application to begin an hour before you normally start work. This could be a significant problem, especially if you forget to check the calendar or adjust the alarm clock accordingly. Now imagine that the calendar application communicates this information directly to your alarm clock and to your automobile. Your alarm clock wakes you up in plenty of time to get ready for your meeting, and your car automatically warms up to melt the ice on the windshield before you enter the car, and then gives you instructions for which route to take to your meeting.

With an increasing Internet population, a limited IPv4 address space, issues with NAT, and an Internet of things, the time has come to begin the transition to IPv6.

Dual stack: As shown in Figure 7-40, a dual stack allows IPv4 and IPv6 to coexist on the same network. Dual-stack devices run both IPv4 and IPv6 protocol stacks simultaneously.

Tunneling: As shown in Figure 7-41, tunneling is a method of transporting an IPv6 packet over an IPv4 network. The IPv6 packet is encapsulated inside an IPv4 packet, similar to other types of data.

Translation: As shown in Figure 7-42, Network Address Translation 64 (NAT64) allows IPv6-enabled devices to communicate with IPv4-enabled devices using a translation technique similar to NAT for IPv4. An IPv6 packet is translated to an IPv4 packet, and vice versa.

The base 16 numbering system uses the numbers 0 to 9 and the letters A to F. Figure 7-43 shows the equivalent decimal, binary, and hexadecimal values. There are 16 unique combinations of 4 bits, from 0000 to 1111. The 16-digit hexadecimal numbering system is the perfect numbering system to use, because any 4 bits can be represented with a single hexadecimal value.

With practice, it is possible to recognize the binary bit patterns that match the decimal and hexadecimal values. Figure 7-44 shows these patterns for selected 8-bit values.

“Preferred format” means the IPv6 address is written using all 32 hexadecimal digits. It does not necessarily mean it is the ideal method for representing the IPv6 address. In the following pages, we will see two rules to help reduce the number of digits needed to represent an IPv6 address. Figure 7-46 has examples of IPv6 addresses in the preferred format.

01AB can be represented as 1AB.

09F0 can be represented as 9F0.

0A00 can be represented as A00.

00AB can be represented as AB.

This rule only applies to leading 0s, not to trailing 0s; otherwise the address would be ambiguous. For example, the hextet ABC could be either 0ABC or ABC0.

Figures 7-47 through 7-54 show several examples of how omitting leading 0s can be used to reduce the size of an IPv6 address. For each example the preferred format is shown. Notice how omitting the leading 0s in all examples results in a smaller address representation.

The double colon (::) can be used only once within an address; otherwise there would be more than one possible resulting address. When used with the omitting leading 0s technique, the notation of IPv6 address can often be greatly reduced. This is commonly known as the compressed format.

The following address is incorrect because it includes two sets of double colons:

2001:0DB8::ABCD::1234

Possible expansions for the preceding ambiguous compressed address include the following:

2001:0DB8::ABCD:0000:0000:1234

2001:0DB8::ABCD:0000:0000:0000:1234

2001:0DB8:0000:ABCD::1234

2001:0DB8:0000:0000:ABCD::1234

Figures 7-55 through 7-61 show several examples of how using the double colon (::) and omitting leading 0s can reduce the size of an IPv6 address.

Unicast: An IPv6 unicast address uniquely identifies an interface on an IPv6-enabled device. As shown in Figure 7-62, a source IPv6 address must be a unicast address.

Multicast: An IPv6 multicast address is used to send a single IPv6 packet to multiple destinations.

Anycast: An IPv6 anycast address is any IPv6 unicast address that can be assigned to multiple devices. A packet sent to an anycast address is routed to the nearest device having that address. Anycast addresses are beyond the scope of this course.

Unlike IPv4, IPv6 does not have a broadcast address. However, there is an IPv6 all-nodes multicast address that essentially gives the same result.

IPv6 uses the prefix length to represent the prefix portion of the address. IPv6 does not use the dotted-decimal subnet mask notation. The prefix length is used to indicate the network portion of an IPv6 address using the IPv6 address/prefix length.

The prefix length can range from 0 to 128. A typical IPv6 prefix length for LANs and most other types of networks is /64. This means the prefix or network portion of the address is 64 bits in length, leaving another 64 bits for the Interface ID (host portion) of the address, as shown in Figure 7-63.

There are six types of IPv6 unicast addresses, as shown in Figure 7-64 and described in the following list.

Global unicast: A global unicast address is similar to a public IPv4 address. These are globally unique, Internet-routable addresses. Global unicast addresses can be configured statically or assigned dynamically. There are some important differences in how a device receives its IPv6 address dynamically compared to DHCP for IPv4.

Link-local: Link-local addresses are used to communicate with other devices on the same local link. With IPv6, the term link refers to a subnet. Link-local addresses are confined to a single link. Their uniqueness must be confirmed on that link only because they are not routable beyond the link. In other words, routers will not forward packets with a link-local source or destination address.

Loopback: The loopback address is used by a host to send a packet to itself and cannot be assigned to a physical interface. Similar to an IPv4 loopback address, you can ping an IPv6 loopback address to test the configuration of TCP/IP on the local host. The IPv6 loopback address is all 0s except for the last bit, represented as ::1/128 or just ::1 in the compressed format.

Unspecified address: An unspecified address is an all-0s address represented as ::/128 or just :: in the compressed format. It cannot be assigned to an interface and can only be used as a source address in an IPv6 packet. An unspecified address is used as a source address when the device does not yet have a permanent IPv6 address or when the source of the packet is irrelevant to the destination.

Unique local: IPv6 unique local addresses have some similarity to RFC 1918 private addresses for IPv4, but there are significant differences as well. Unique local addresses are used for local addressing within a site or between a limited number of sites. These addresses should not be routable in the global IPv6. Unique local addresses are in the range of FC00::/7 to FDFF::/7.

With IPv4, private addresses are combinedindenthangingN with NAT/PAT to provide a many-to-one translation of private-to-public addresses. This is done because of the limited availability of IPv4 address space. Many sites also use the private nature of RFC 1918 addresses to help secure or hide their network from potential security risks. However, this was never the intended use of these technologies, and the IETF has always recommended that sites take the proper security precautions on their Internet-facing routers. Although IPv6 does provide for site-specific addressing, it is not intended to be used to help hide internal IPv6-enabled devices from the IPv6 Internet. IETF recommends that limiting access to devices should be accomplished using proper, best-practice security measures.

Embedded IPv4: The last type of unicast address is the IPv4 embedded address. These addresses are used to help transition from IPv4 to IPv6. IPv4 embedded addresses are beyond the scope of this course.

Unlike IPv4 link-local addresses, IPv6 link-local addresses have a significant role in various aspects of the network. The global unicast address is not a requirement; however, every IPv6-enabled network interface is required to have a link-local address.

If a link-local address is not configured manually on an interface, the device will automatically create its own without communicating with a DHCP server. IPv6-enabled hosts create an IPv6 link-local address even if the device has not been assigned a global unicast IPv6 address. This allows IPv6-enabled devices to communicate with other IPv6-enabled devices on the same subnet. This includes communication with the default gateway (router).

IPv6 link-local addresses are in the FE80::/10 range. The /10 indicates that the first 10 bits are 1111 1110 10xx xxxx. The first hextet has a range of 1111 1110 1000 0000 (FE80) to 1111 1110 1011 1111 (FEBF).

Figure 7-65 shows an example of communication using IPv6 link-local addresses. Figure 7-66 shows the format of an IPv6 link-local address.

IPv6 link-local addresses are also used by IPv6 routing protocols to exchange messages and as the next-hop address in the IPv6 routing table

A global unicast address has three parts:

Global routing prefix: The global routing prefix is the prefix, or network, portion of the address that is assigned by the provider, such as an ISP, to a customer or site. Currently, RIRs assign a /48 global routing prefix to customers. This includes everyone from enterprise business networks to individual households. This is more than enough address space for most customers.

Figure 7-68 shows the structure of a global unicast address using a /48 global routing prefix. /48 prefixes are the most common global routing prefixes assigned and will be used in most of the examples throughout this course.

For example, the IPv6 address 2001:0DB8:ACAD::/48 has a prefix that indicates that the first 48 bits (three hextets) (2001:0DB8:ACAD) is the prefix, or network, portion of the address. The double colon (::) prior to the /48 prefix length means the rest of the address contains all 0s.

Subnet ID: The Subnet ID is used by an organization to identify subnets within its site.

Interface ID: The IPv6 Interface ID is equivalent to the host portion of an IPv4 address. The term Interface ID is used because a single host may have multiple interfaces, each having one or more IPv6 addresses.

An easy way to read most IPv6 addresses is to count the number of hextets. As shown in Figure 7-69, in a /64 global unicast address the first four hextets are for the network portion of the address, with the fourth hextet indicating the Subnet ID. The remaining four hextets are for the Interface ID.

The interface command to configure an IPv6 global unicast address on an interface is ipv6 address ipv6-address/prefix-length.

Notice that there is not a space between ipv6-address and prefix-length.

The example configuration will use the topology shown in Figure 7-70 and these IPv6 subnets:

2001:0DB8:ACAD:0001:/64 (or 2001:DB8:ACAD:1::/64)

2001:0DB8:ACAD:0002:/64 (or 2001:DB8:ACAD:2::/64)

2001:0DB8:ACAD:0003:/64 (or 2001:DB8:ACAD:3::/64)

As shown in Figure 7-71, configuring the IPv6 global unicast address on the Gigabit Ethernet 0/0 (G0/0) interface of R1 would require the following commands:

Click here to view code image

Router(config)# interface GigabitEthernet 0/0
Router(config-if)# ipv6 address 2001:db8:acad:1::1/64
Router(config-if)# no shutdown

As shown in Figure 7-72, the default gateway address configured for PC1 is 2001:DB8:ACAD:1::1, the global unicast address of the R1 Gigabit Ethernet interface on the same network.

Just as with IPv4, configuring static addresses on clients does not scale to larger environments. For this reason, most network administrators in an IPv6 network will enable dynamic assignment of IPv6 addresses.

There are two ways in which a device can obtain an IPv6 global unicast address automatically:

Stateless Address Autoconfiguration (SLAAC)

DHCPv6

IPv6 routers periodically send out ICMPv6 RA messages to all IPv6-enabled devices on the network. By default, Cisco routers send out RA messages every 200 seconds to the IPv6 all-nodes multicast group address. An IPv6 device on the network does not have to wait for these periodic RA messages. A device can send a Router Solicitation (RS) message to the router, using the IPv6 all-routers multicast group address. When an IPv6 router receives an RS message, it will immediately respond with an RA.

Even though an interface on a Cisco router can be configured with an IPv6 address, this does not make it an “IPv6 router.” An IPv6 router is a router that

Forwards IPv6 packets between networks

Can be configured with static IPv6 routes or a dynamic IPv6 routing protocol

Sends ICMPv6 RA messages

IPv6 routing is not enabled by default. To enable a router as an IPv6 router, the ipv6 unicast-routing global configuration command must be used.

The ICMPv6 RA message contains the prefix, prefix length, and other information for the IPv6 device. The RA message also informs the IPv6 device how to obtain its addressing information. The RA message can contain one of the following three options, as shown in Figure 7-73:

Option 1 – SLAAC Only: The device should use the prefix, prefix-length, and default gateway address information contained in the RA message. No other information is available from a DHCPv6 server.

Option 2 – SLAAC and DHCPv6: The device should use the prefix, prefix-length, and default gateway address information in the RA message. Other information is available from a DHCPv6 server, such as the DNS server address. The device will, through the normal process of discovering and querying a DHCPv6 server, obtain this additional information. This is known as stateless DHCPv6 because the DHCPv6 server does not need to allocate or keep track of any IPv6 address assignments; it only needs to provide additional information, such as the DNS server address.

Option 3 – DHCPv6 Only: The device should not use the information in this RA message for its addressing information. Instead, the device should use the normal process of discovering and querying a DHCPv6 server to obtain all of its addressing information. This includes an IPv6 global unicast address, prefix length, a default gateway address, and the addresses of DNS servers. In this case, the DHCPv6 server is acting as a stateful DHCP server similar to DHCP for IPv4. The DHCPv6 server allocates and keeps track of IPv6 addresses so it does not assign the same IPv6 address to multiple devices.

Routers send ICMPv6 RA messages using the link-local address as the source IPv6 address. Devices using SLAAC use the router’s link-local address as their default gateway address.

A device may receive all or some of its IPv6 addressing information from a DHCPv6 server, depending upon whether option 2 (SLAAC and DHCPv6) or option 3 (DHCPv6 Only) is specified in the ICMPv6 RA message. Additionally, the host OS may choose to ignore whatever is in the router’s RA message and obtain its IPv6 address and other information directly from a DHCPv6 server, as shown in Figure 7-74.

Before deploying IPv6 devices in a network, it is a good idea to first verify whether the host observes the options within the router’s ICMPv6 RA message.

A device may obtain its IPv6 global unicast address dynamically and also be configured with multiple static IPv6 addresses on the same interface. IPv6 allows for multiple IPv6 addresses, belonging to the same IPv6 network, to be configured on the same interface.

A device may also be configured with more than one default gateway IPv6 address. For further information about how the decision is made regarding which address is used as a source IPv6 address or which default gateway address is used, refer to RFC 6724, Default Address Selection for IPv6.

This section looks at the Extended Unique Identifier (EUI-64) process, and the randomly generated identifier that does not use the MAC address.

Ethernet MAC addresses are usually represented in hexadecimal and are made up of two parts:

Organizationally Unique Identifier (OUI): The OUI is a 24-bit (six hexadecimal digits) vendor code assigned by IEEE.

Device identifier: The device identifier is a unique 24-bit (six hexadecimal digits) value within a common OUI.

An EUI-64 Interface ID is represented in binary and is made up of three parts:

24-bit OUI from the client MAC address, but the 7th bit (the Universally/Locally [U/L] bit) is reversed. This means that if the 7th bit is a 0. it becomes a 1, and vice versa.

The inserted 16-bit value FFFE (in hexadecimal).

24-bit Device Identifier from the client MAC address.

The EUI-64 process is described next and illustrated in Figure 7-75, using R1’s Gigabit Ethernet MAC address of FC99:4775:CEE0.

Step 1. Divide the MAC address between the OUI and device identifier.

Step 2. Insert the hexadecimal value FFFE, which in binary is 1111 1111 1111 1110.

Step 3. Convert the first two hexadecimal values of the OUI to binary and flip the U/L bit (bit 7). In this example, the 0 in bit 7 is changed to a 1.

The result is an EUI-64-generated Interface ID of FE99:47FF:FE75:CEE0.

The advantage of EUI-64 is that the Ethernet MAC address can be used to determine the Interface ID. It also allows network administrators to easily track an IPv6 address to an end device by using the unique MAC address. However, this has caused privacy concerns among many users. They are concerned that their packets can be traced to the actual physical computer. Due to these concerns, a randomly generated Interface ID may be used instead.

An easy way to identify that an address was more than likely created using EUI-64 is the FFFE located in the middle of the Interface ID.

Global unicast address: When using SLAAC, the device receives its prefix from the ICMPv6 RA and combines it with the Interface ID.

Link-local address: A link-local prefix begins with FE80::/10. A device typically uses FE80::/64 as the prefix/prefix length, followed by the Interface ID.

After a global unicast address is assigned to an interface, the IPv6-enabled device will automatically generate its link-local address. IPv6-enabled devices must have, at a minimum, the link-local address. Recall that an IPv6 link-local address enables a device to communicate with other IPv6-enabled devices on the same subnet.

IPv6 link-local addresses are used for a variety of purposes, including

A host uses the link-local address of the local router for its default gateway IPv6 address.

Routers exchange dynamic routing protocol messages using link-local addresses.

Routers’ routing tables use the link-local address to identify the next-hop router when forwarding IPv6 packets.

A link-local address can be established dynamically or configured manually as a static link-local address.

Router(config-if)# ipv6 address link-local-address link-local

Figure 7-77 shows that a link-local address has a prefix within the range FE80 to FEBF. When an address begins with this hextet (16-bit segment), the link-local parameter must follow the address.

Figure 7-78 shows the configuration of a link-local address using the ipv6 address interface command. The link-local address FE80::1 is used to make it easily recognizable as belonging to router R1. The same IPv6 link-local address is configured on all of R1’s interfaces. FE80::1 can be configured on each link because it only has to be unique on that link.

Similar to R1, router R2 would be configured with FE80::2 as the IPv6 link-local address on all of its interfaces.

The show interface command displays the MAC address of the Ethernet interfaces. EUI-64 uses this MAC address to generate the Interface ID for the link-local address. Additionally, the show ipv6 interface brief command displays abbreviated output for each of the interfaces. The [up/up] output on the same line as the interface indicates the Layer 1/Layer 2 interface state. This is the same as the Status and Protocol columns in the equivalent IPv4 command.

Notice that each interface has two IPv6 addresses. The second address for each interface is the global unicast address that was configured. The first address, the one that begins with FE80, is the link-local unicast address for the interface. Recall that the link-local address is automatically added to the interface when a global unicast address is assigned.

Also, notice that R1’s Serial 0/0/0 link-local address is the same as its Gigabit Ethernet 0/0 interface. Serial interfaces do not have an Ethernet MAC address, so Cisco IOS uses the MAC address of the first available Ethernet interface. This is possible because link-local interfaces only have to be unique on that link.

The link-local address of the router interface is typically the default gateway address for devices on that link or network.

As shown in Figure 7-80, the show ipv6 route command can be used to verify that IPv6 networks and specific IPv6 interface addresses have been installed in the IPv6 routing table. The show ipv6 route command will only display IPv6 networks, not IPv4 networks.

Within the route table, a C next to a route indicates that this is a directly connected network. When the router interface is configured with a global unicast address and is in the “up/up” state, the IPv6 prefix and prefix length is added to the IPv6 routing table as a connected route.

The IPv6 global unicast address configured on the interface is also installed in the routing table as a local route. The local route has a /128 prefix. Local routes are used by the routing table to efficiently process packets with a destination address of the router’s interface address.

The ping command for IPv6 is identical to the command used with IPv4, except that an IPv6 address is used. In the example shown in Figure 7-81, the command is used to verify Layer 3 connectivity between R1 and PC1. When pinging a link-local address from a router, Cisco IOS will prompt the user for the exit interface. Because the destination link-local address can be on one or more of its links or networks, the router needs to know to which interface to send the ping.

There are two types of IPv6 multicast addresses:

Assigned multicast

Solicited-node multicast

Two common IPv6 assigned multicast groups are

FF02::1 All-nodes multicast group: This is a multicast group that all IPv6-enabled devices join. A packet sent to this group is received and processed by all IPv6 interfaces on the link or network. This has the same effect as a broadcast address in IPv4. Figure 7-82 shows an example of communication using the all-nodes multicast address. An IPv6 router sends ICMPv6 RA messages to the all-nodes multicast group. The RA message informs all IPv6-enabled devices on the network about addressing information, such as the prefix, prefix length, and default gateway.

FF02::2 All-routers multicast group: This is a multicast group that all IPv6 routers join. A router becomes a member of this group when it is enabled as an IPv6 router with the ipv6 unicast-routing global configuration command. A packet sent to this group is received and processed by all IPv6 routers on the link or network.

IPv6-enabled devices send ICMPv6 RS messages to the all-routers multicast address. The RS message requests an RA message from the IPv6 router to assist the device in its address configuration.

A solicited-node multicast address is an address that matches only the last 24 bits of the IPv6 global unicast address of a device. The only devices that need to process these packets are those devices that have these same 24 bits in the least significant, far-right portion of their Interface ID, as shown in Figure 7-83.

An IPv6 solicited-node multicast address is automatically created when the global unicast or link-local unicast addresses are assigned. The IPv6 solicited-node multicast address is created by combining a special FF02:0:0:0:0:FF00::/104 prefix with the rightmost 24 bits of its unicast address.

The solicited-node multicast address consists of two parts:

FF02:0:0:0:0:1:FF00::/104 multicast prefix: This is the first 104 bits of the solicited-node multicast address.

Least significant 24 bits: These are the last or rightmost 24 bits of the solicited-node multicast address. These bits are copied from the rightmost 24 bits of the global unicast or link-local unicast address of the device.

It is possible that multiple devices will have the same solicited-node multicast address. Although rare, this can occur when devices have the same rightmost 24 bits in their Interface IDs. This does not create any problems because the device will still process the encapsulated message, which will include the complete IPv6 address of the device in question.

ICMP is available for both IPv4 and IPv6. ICMPv4 is the messaging protocol for IPv4. ICMPv6 provides these same services for IPv6 but includes additional functionality. In this course, the term ICMP will be used when referring to both ICMPv4 and ICMPv6.

The types of ICMP messages, and the reasons why they are sent, are extensive. We will discuss some of the more common messages.

ICMP messages common to both ICMPv4 and ICMPv6 include

Host Confirmation

Destination or Service Unreachable

Time Exceeded

Route Redirection

Some of the Destination Unreachable codes for ICMPv4 are

0: Net Unreachable

1: Host Unreachable

2: Protocol Unreachable

3: Port Unreachable

ICMPv6 also sends a Time Exceeded message if the router cannot forward an IPv6 packet because the packet has expired. IPv6 does not have a TTL field; it uses the Hop Limit field to determine if the packet has expired.

Both ICMPv4 and ICMPv6 use Route Redirection messages.

ICMPv6 includes four new protocols as part of the Neighbor Discovery Protocol (ND or NDP):

Router Solicitation message (RS)

Router Advertisement message (RA)

Neighbor Solicitation message (NS)

Neighbor Advertisement message (NA)

RS message: When a host is configured to obtain its addressing information automatically using SLAAC, the host will send an RS message to the router. The RS message is sent as an IPv6 all-routers multicast message.

RA message: RA messages are sent by routers to provide addressing information to hosts using SLAAC. The RA message can include addressing information for the host, such as the prefix and prefix length. A router will send an RA message periodically or in response to an RS message. By default, Cisco routers send RA messages every 200 seconds. RA messages are sent to the IPv6 all-nodes multicast address. A host using SLAAC will set its default gateway to the link-local address of the router that sent the RA.

As shown in Figure 7-85, Neighbor Solicitation and Neighbor Advertisement messages are used for

Address resolution: Address resolution is used when a device on the LAN knows the IPv6 unicast address of a destination but does not know its Ethernet MAC address. To determine the MAC address for the destination, the device will send an NS message to the solicited-node multicast address. The message will include the known (targeted) IPv6 address. The device that has the targeted IPv6 address will respond with an NA message containing its Ethernet MAC address. Address resolution in IPv6 works similarly to ARP in IPv4.

Duplicate Address Detection (DAD): When a device is assigned a global unicast or link-local unicast address, performing DAD on the address is recommended to ensure that it is unique. To check the uniqueness of an address, the device sends an NS message with its own IPv6 address as the targeted IPv6 address. If another device on the network has this address, it responds with an NA message. This NA message will notify the sending device that the address is in use. If a corresponding NA message is not returned within a certain period of time, the unicast address is unique and acceptable for use, DAD works similarly to gratuitous ARP in IPv4.

To test connectivity to another host on a network, an Echo Request is sent to the host address using the ping command. If the host at the specified address receives the Echo Request, it responds with an Echo Reply. As each Echo Reply is received, ping provides feedback on the length of time between when the Echo Request was sent and when the Echo Reply was received. This can be a measure of network performance.

Ping has a timeout value for the reply. If a reply is not received within the timeout, ping provides a message indicating that a response was not received. This usually indicates that there is a problem, but could also indicate that security features blocking ping messages have been enabled on the network.

After all the requests are sent, the ping utility provides a summary that includes the success rate and average round-trip time to the destination.

A response from 127.0.0.1 for IPv4, or ::1 for IPv6, indicates that IP is properly installed on the host. This response comes from the network layer. This response is not, however, an indication that the addresses, masks, or gateways are properly configured. Nor does it indicate anything about the status of the lower layer of the network stack. This simply tests IP down through the network layer of IP. If we get an error message, it is an indication that TCP/IP is not operational on the host.

For this test, the gateway address is most often used because the router is normally always operational. If the gateway address does not respond, a ping can be sent to the IP address of another host on the local network that is known to be operational.

If either the gateway or another host responds, then the local host can successfully communicate over the local network. If the gateway does not respond but another host does, this could indicate a problem with the router interface serving as the gateway.

One possibility is that the wrong gateway address has been configured on the host. Another possibility is that the router interface may be fully operational but have security applied to it that prevents it from processing or responding to ping requests.

If this ping is successful, the operation of a large piece of the internetwork can be verified. A successful ping across the internetwork confirms communication on the local network, the operation of the router serving as our gateway, and the operation of all other routers that might be in the path between the local network and the network of the remote host.

Additionally, functionality of the remote host can be verified. If the remote host could not communicate outside of its local network, it would not have responded.

This information can be used to locate a problematic router in the path. When the display shows high response times or data losses from a particular hop, it is an indication that the resources of the router or its connections may be stressed.

Play the animation in the video to see how traceroute takes advantage of TTL.

The first sequence of messages sent from traceroute will have a TTL field value of 1. This causes the TTL to time out the IPv4 packet at the first router. This router then responds with an ICMPv4 message. Traceroute now has the address of the first hop.

Traceroute then progressively increments the TTL field (2, 3, 4...) for each subsequent sequence of messages. This provides the trace with the address of each hop as the packets time out further down the path. The TTL field continues to be increased until the destination is reached or the field is incremented to a predefined maximum.

When the final destination is reached, the host responds with either an ICMP Port Unreachable message or an ICMP Echo Reply message instead of the ICMP Time Exceeded message.

IP addresses are hierarchical, with network, subnetwork, and host portions. An IP address can represent a complete network, a specific host, or the broadcast address of the network.

Understanding binary notation is important when determining if two hosts are in the same network. The bits within the network portion of the IP address must be identical for all devices that reside in the same network. The subnet mask or prefix length is used to determine the network portion of an IP address. IP addresses can be assigned either statically or dynamically. DHCP enables the automatic assignment of addressing information such as the IP address, subnet mask, default gateway, and other configuration information.

IPv4 hosts can communicate in one of three different ways: unicast, broadcast, or multicast. Blocks of addresses that are used in networks that require limited or no Internet access are called private addresses. The private IPv4 address blocks are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.

The depletion of IPv4 address space is the motivating factor for moving to IPv6. Each IPv6 address has 128 bits, versus the 32 bits in an IPv4 address. IPv6 does not use the dotted-decimal subnet mask notation. The prefix length is used to indicate the network portion of an IPv6 address using the following format: IPv6 address/prefix length.

There are three types of IPv6 addresses: unicast, multicast, and anycast. An IPv6 link-local address enables a device to communicate with other IPv6-enabled devices on the same link, and only on that link (subnet). Packets with a source or destination link-local address cannot be routed beyond the link from where the packet originated. IPv6 link-local addresses are in the FE80::/10 range.

ICMP is available for both IPv4 and IPv6. ICMPv4 is the messaging protocol for IPv4. ICMPv6 provides the same services for IPv6 but includes additional functionality.

After it is implemented, an IP network needs to be tested to verify its connectivity and operational performance. The ping and traceroute utilities are two tools that can be used to test network connectivity.

Class Activity 7.4.1.1: The Internet of Everything...Naturally!

Lab 7.1.2.8: Converting IPv4 Addresses to Binary

Lab 7.1.4.8: Identifying IPv4 Addresses

Lab 7.2.5.4: Identifying IPv6 Addresses

Lab 7.2.5.5: Configuring IPv6 Addresses on Network Devices

Lab 7.3.2.7: Testing Network Connectivity with Ping and Traceroute

Packet Tracer Activity 7.2.5.3: Configuring IPv6 Addressing

Packet Tracer Activity 7.3.2.5: Verifying IPv4 and IPv6 Addressing

Packet Tracer Activity 7.3.2.6: Pinging and Tracing to Test the Path

Packet Tracer Activity 7.3.2.8: Troubleshooting IPv4 and IPv6 Addressing

Packet Tracer Activity 7.4.1.2: Skills Integration Challenge

1. The eight-digit binary value of the last octet of the IPv4 address 172.17.10.7 is ________.

2. Which two statements describe broadcast transmissions on a wired network? (Choose two.)

A. Directed broadcasts use the IP address of 255.255.255.255.

B. Limited broadcasts are intended for local and remote hosts listening for a multicast packet.

C. Directed broadcasts are intended for all hosts on a local or remote network.

D. Limited broadcasts are only intended for all hosts on a local network.

E. Limited broadcasts are forwarded by routers.

3. What is the prefix length notation for the subnet mask 255.255.255.224?

A. /25

B. /26

C. /27

D. /28

4. The greatest part of the /8 block IPv4 address bit space consists of what types of addresses?

A. Private addresses

B. Public addresses

C. Multicast addresses

D. Experimental address

5. The most compact form of the IPv6 address 2001:0DB8:0000:AB00:0000:0000:0000:00AB is ___________________.

6. Which type of IPv6 address is not routable and is used only for communication on a single subnet?

A. Global unicast address

B. Link-local address

C. Loopback address

D. Unique local address

E. Unspecified address

7. An organization is assigned an IPv6 global prefix of 2001:db8:1234::/48. What is the maximum number of /64 subnets the organization can create with this space?

A. 4

B. 16

C. 1,024

D. 65,536

8. Match the description to the IPv6 addressing component. (Not all options are used.)

9. Which two ICMPv6 messages are not present in ICMP for IPv4?

A. Destination Unreachable

B. Host Confirmation

C. Neighbor Solicitation

D. Route Redirection

E. Router Advertisement

F. Time Exceeded

10. Which IP addresses are network addresses? (Choose two.)

A. 64.104.3.7/28

B. 192.168.12.64/26

C. 192.135.12.191/26

D. 198.18.12.16/28

E. 209.165.200.254/27

F. 220.12.12.33/27

11. A network administrator is building a network for a small business that has 22 hosts. The ISP has assigned only one Internet-routable IP address. Which IP address block can the network administrator use to address the network?

A. 10.11.12.16/28

B. 172.31.255.128/27

C. 192.168.1.0/28

D. 209.165.202.128/27

12. Which subnet mask would be used with the hosts in the 128.107.176.0/22 network?

A. 255.0.0.0

B. 255.248.0.0

C. 255.255.252.0

D. 255.255.255.0

E. 255.255.255.252

13. You have been assigned the address block 10.255.255.224/28 to create the network addresses for point-to-point wide area network (WAN) links. How many of these WAN links can you support with this address block?

A. 1

B. 4

C. 7

D. 14

14. A network administrator needs to create a new network that has 14 computers and two router interfaces. What subnet mask will provide the appropriate^oo number of IPv4 addresses for this network with minimal wasted addresses?

A. 255.255.255.128

B. 255.255.255.192

C. 255.255.255.224

D. 255.255.255.240

E. 255.255.255.248

F. 255.255.255.252

15. A host in the south branch cannot access the server with the address 192.168.254.222/224. While examining the host, you determine that its IPv4 address is 169.254.11.15/16. What is the apparent problem?

A. The host is using a link-local address.

B. The server is using an invalid subnet mask.

C. The host has been assigned a broadcast address.

D. The server thinks that the host is on the logical network with the server.