USD ($)
$
United States Dollar
India Rupee

Understand IP Addressing and Subnetting

Created by Deepak Sharma in CCNA 27 May 2024
Share

Chapter 1.5

Chapter 1.7

1.6 Configure and verify IPv4 addressing and subnetting. 

IPv4 addresses are 32-bit binary numbers, typically represented in decimal format (dotted-decimal notation) consisting of four octets separated by periods. 

Each octet represents 8 bits, ranging from 0 to 255, giving a total of 2^32 (approximately 4.3 billion) unique IPv4 addresses. IPv4 addresses are divided into. 

Class A

First bit set to 0 and range is from 1.0.0.0 to 126.0.0.0. It is primarily used for large networks.

Class B

First two bits set to 10 and range is from 128.0.0.0 to 191.255.0.0. It is used for medium-sized networks.

Class C

First three bits set to 110 and is from 192.0.0.0 to 223.255.255.0. It is used for small networks.

Class D

First four bits set to 1110 and used for multicast addresses. It is not assigned to individual hosts or networks.

Class E

First four bits set to 1111 and reserved for experimental and future use.

There are two types of IPv4 addresses.

1. Public IPv4 addresses: They are globally routable and can be accessed over the Internet.

1.0.0.0 - 126.255.255.255

128.0.0.0 - 191.255.255.255

192.0.0.0 - 223.255.255.255

2. Private IPv4 addresses: They are used in private networks which are not routable on the Internet.

10.0.0.0 - 10.255.255.255

172.16.0.0 - 172.31.255.255

192.168.0.0 - 192.168.255.255

NAT (Network Address Translation) converts private IPv4 addresses into public addresses or vice versa. It helps private network to communicate over the internet once they are converted to public addresses. 

Subnetting divides a network into smaller subnets which allows an efficient utilization of IP addresses with network segmentation. It has several benefits such as improved network management, enhanced security, and optimized routing.

In order to calculate subnets, the following needs to be determined.

IP Address

Start with an IP address that you want to subnet. This can be a network address or a host address within the network.

Subnet Mask

Decide on the subnet mask that will define the size of each subnet. The subnet mask consists of a series of contiguous 1s followed by a series of contiguous 0s and is represented in decimal format (dotted-decimal notation).

Subnet Bits

Count the number of 1s in the subnet mask. This represents the number of bits dedicated to the network portion of the IP address.

Subnet Formula

Use the formula 2^n - 2, where n is the number of subnet bits. Subtract 2 to account for the network and broadcast addresses, as they cannot be assigned to hosts.

Network Address

Calculate the network address by performing a bitwise AND operation between the IP address and the subnet mask.

Subnet Range

Determine the range of valid host addresses within each subnet. Usable hosts address range is between (network address + 1) to the last usable address (broadcast address - 1).

Broadcast Address

Calculate the broadcast address for each subnet by setting all host bits to 1.

Topology Diagram


Tasks

● Begin by logging into device R01 and observe that it already has a customized configuration, evident from its host name. Reset this device to its factory default configuration.

● Login into each device and perform the following configurations:

   ✓ Set the hostname to match the device name as indicated in the topology diagram.

   ✓ Implement a command to prevent the device from attempting DNS resolution for mistyped commands.

   ✓ Configure a command to display the most recent input/typing on the screen after an interruption caused by a SYSLOG or other console message.

   ✓ Require a password of "CISCO" whenever anyone attempts to access Privileged EXEC mode. Ensure that this password is not visible in plaintext in the configuration file.

   ✓ Enable all interfaces shown in the topology diagram and provide brief interface descriptions to indicate their respective connections.

   ✓ Once these steps are completed, use CDP on SW02, R05, and R04 to verify that these devices can recognize other connected Cisco devices as CDP neighbors.

● Proceed to configure devices R01 and R03 to allow inbound Telnet connections, authenticated against a preconfigured password of "CISCO".

● For devices R02 and R05, configure them to allow inbound SSH (version 2) connections, authenticated using the username "admin" and a password of "CISCO" at Privilege Level 15. Feel free to include any additional required keywords or features for SSH configuration at your discretion.

● To drive an IP addressing scheme for network segments A through F, adhere to the following guidelines:

   ✓ Begin with the starting network of 170.50.0.0/16.

   ✓ Allocate the first and largest subnet as 170.50.0.0 with a new or different subnet mask.

● Utilize the Variable Length Subnet Masking (VLSM) method, ensuring that each network has the fewest or least host bits possible based on the below provided host requirements.

        Network Segment    Required Hosts    Subnet Mask         Prefix

                     A                          99

                     B                          13

                     C                           6

                     D                          11

                      E                          26

                      F                          30

● Assign IPv4 addresses to your router interfaces using these guidelines:

   ✓ Routers connecting to network segments A through D should be assigned the first available host address within each respective subnet.

   ✓ The addressing of router R03's E0/2 interface for Segments E and F will be covered in another lab.

   ✓ Configure IP addresses of routers R03 (E0/0: 20.1.3.3/24 and E0/1: 20.1.34.3/24), R04 (E0/0: 20.1.45.4/24 and E0/1: 20.1.34.4/24), and R05 (E0/0: 20.1.45.5/24, E0/1: 50.1.23.5/24 and E0/2: 20.1.5.5/24).

● To verify your IPv4 addressing configuration, perform the following actions:

   ✓ Confirm successful Telnet connectivity from R02 to R01.

   ✓ Verify Telnet connectivity from R04 to R03.

   ✓ Ensure SSH connectivity from R01 to R02.

   ✓ Validate SSH connectivity from R04 to R05.


Configuration and Verifications

Login to R01, press enter and go to the user mode using command "enable". Use command "write erase" or "erase startup-config" to remove the configuration and press enter to confirm. Then use "reload" command to restart the device and press enter to confirm. 


When R01 device comes up again it will be in factor default state. It asks for System Configuration Dialog, Type "no" to proceed as



Login to all devices and configure using the following commands.

enable

- command to enter in user mode

configure terminal

- command to enter in configuration mode

no ip domain-lookup

- command to prevent the device from attempting DNS resolution for mistyped commands

line console 0

  logging synchronous 

- command to display the most recent input/typing on the screen after an interruption caused by a console message

enable secret CISCO

- command for configuring password to enter in privileged exec mode

interface <> 

  description <>

- command to enter into interface mode and give description to it, note <> give interface name here

Note: All devices are in factory default, and it asks for System Configuration Dialog, Type "no" to proceed. By default, router's interfaces are shutdown, so need to unshut them using command "no shutdown". Save the devices configuration using "write" command.

R01:

!

enable

configure terminal

hostname R01

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/2

 description "Connection-to-SW01"

 no shutdown

!

interface E0/1

 description "Connection-to-SW02"

 no shutdown

!

interface E0/0

 description "Connection-to-R02"

 no shutdown

!

end

!

write

!



R02:

!

enable

configure terminal

hostname R02

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/3

 description "Connection-to-SW01"

 no shutdown

!

interface E0/2

 description "Connection-to-SW02"

 no shutdown

!

interface E0/0

 description "Connection-to-R01"

 no shutdown

!

interface E0/1

 description "Connection-to-PC02"

 no shutdown

!

end

!

write

!



R03:

!

enable

configure terminal

hostname R03

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/2

 description "Connection-to-SW03"

 no shutdown

!

interface E0/0

 description "Connection-to-PC04"

 no shutdown

!

interface E0/1

 description "Connection-to-R04"

 no shutdown

!

end

!

write

!



R04:

!

enable

configure terminal

hostname R04

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/0

 description "Connection-to-R05"

 no shutdown

!

interface E0/1

 description "Connection-to-R03"

 no shutdown

!

end

!

write

!



R05:

!

enable

configure terminal

hostname R05

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/0

 description "Connection-to-R04"

 no shutdown

!

interface E0/2

 description "Connection-to-R02"

 no shutdown

!

end

!

write

!



Note: The switch's interfaces are already in no shutdown state by default. Please shutdown all the unused interfaces using command "shutdown". Using interface range <> command, you can configure multiple interfaces at the same time. Save the devices configuration using "write" command.

SW01:

!

enable

configure terminal

hostname SW01

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/0

 description "Connection-to-PC01"

!

interface E0/2

 description "Connection-to-R01"

!

interface E0/3

 description "Connection-to-R02"

!

interface range E0/1

 description "unused interface"

 shutdown

!

end

!

write

!



SW02:

!

enable

configure terminal

hostname SW02

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/0

 description "Connection-to-SW03"

!

interface E0/1

 description "Connection-to-R01"

!

interface E0/2

 description "Connection-to-R02"

!

interface E0/3

 description "Connection-to-SW04"

!

interface E1/0

 description "Connection-to-SW04"

!

interface range E1/1-3

 description "unused interface"

 shutdown

!

end

!

write

!



SW03:

!

enable

configure terminal

hostname SW03

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/0

 description "Connection-to-PC03"

!

interface E0/1

 description "Connection-to-SW02"

!

interface E0/2

 description "Connection-to-SW04"

!

interface E0/3

 description "Connection-to-R03"

!

interface E1/0

 description "Connection-to-PC"

!

interface E1/1

 description "Connection-to-SW04"

!

interface range E1/2-3

 description "unused interface"

 shutdown

!

end

!

write

!



SW04:

!

enable

configure terminal

hostname SW04

no ip domain-lookup

line console 0

 logging synchronous

 exit

enable secret CISCO

!

interface E0/0

 description "Connection-to-SW02"

!

interface E0/1

 description "Connection-to-R05"

!

interface E0/2

 description "Connection-to-SW03"

!

interface E1/0

 description "Connection-to-SW02"

!

interface E1/1

 description "Connection-to-SW03"

!

interface range E0/3, E1/2-3

 description "unused interface"

 shutdown

!

end

!

write

!



Use "show cdp neighbor" command on SW02, R05, and R04 to verify that these devices can recognize other connected Cisco devices as CDP neighbors.
Note: Now whenever you login to any device, you have to first use enable command for privileged mode and it will then also ask for password (which you previously configured as "CISCO")
Here in the output Device IDs are the neighbors, Local Interface are this device interfaces and Port IDs are the neighbor devices interfaces on which this device is connected. 

SW02:

In the output above SW02 is connected to R01, R02, SW03 and SW04 on interfaces E0/1, E0/2, E0/0 and E0/3 & E1/0 respectively.

R05:


In the output above R05 is connected to R04 and SW04 on interfaces E0/0 and E0/2 respectively.

R04:

In the output above R04 is connected to R03 and R05 on interfaces E0/1, E0/0 respectively.

Now configure devices R01 and R03 to allow inbound Telnet connections and authenticated them against a preconfigured password of "CISCO". This will be configured in vty line, there are 5 lines in these routers i.e., 0-4 (in high end devices there are 15 lines) meaning 5 users can login to this device at the same time.

Note: By default, telnet is allowed, and any user (who has this device password) can telnet to this device.

Now onwards, it will be assumed that you are already logged into the devices and have entered the enable password.

R01 and R03:

!

configure terminal

!

line vty 0 4

 transport input telnet

 password CISCO

 exit

!

end

!

write

!




Configure R02 and R05 to allow inbound SSH (version 2) connections, authenticated using the username "admin" and a password of "CISCO" at Privilege Level 15

Note: By default, SSH is not allowed in many low-end or old devices so first need to enable SSH on these devices as follows

Note: When generating rsa key, select 1024-bit long key

R02 and R05:

!

configure terminal

!

ip domain-name cisco.com

!

crypto key generate rsa

!

ip ssh version 2

!

end

!

write

!




Now similar to allowing telnet under vty lines in the previous scenario, in this case allow ssh as follows, remember here username and password is to be configured at privileged level 15 instead of under vty line. This needs to specify under vty line that local password will be used using command "login local".

R02 and R05:

!

configure terminal

!

username admin password CISCO

!

line vty 0 4

 transport input ssh

 login local

 exit

!

end

!

write

!





Drive an IP addressing scheme for network segments A through F as per the provided table from a major subnet 170.50.0.0/16. The following bits are required to have these hosts in the Network Segments (A, B, C, D, E, F). If you subtract these bits from 32 then you will get subnet mask.

A = 99 requires 7-bits => 32-7 = 25 or 255.255.255.128  
B = 13 requires 4-bits => 32-4 = 28 or 255.255.255.240  
C = 6 requires 3-bits => 32-3 = 29 or 255.255.255.248 
D = 11 requires 4-bits => 32-4 = 28 or 255.255.255.240  
E = 26 requires 5-bits => 32-5 = 27 or 255.255.255.224  
F = 30 requires 5-bits => 32-5 = 27 or 255.255.255.224 

As per given in the task, the first and largest subnet should be 170.50.0.0 and other are as follows, so first subnet 170.50.0.0/25 and add 128, 32, 32, 16, and 16 in the last octate for segment F, B, E, D and C respectively.

A => 170.50.0.0 255.255.255.128
F => 170.50.0.128 255.255.255.224
E => 170.50.0.160 255.255.255.224
B => 170.50.0.192 255.255.255.240
D => 170.50.0.208 255.255.255.240
C => 170.50.0.224 255.255.255.248

Now configure R01 and R02's interfaces using network segments A, B and D as per topology. Use initial available IP addresses. Note: By default, router's interfaces are in shutdown state, here we are adding command "no shutdown" on interfaces just for consistency. 

R01:
!
configure terminal
!
interface E0/2
 description "Segment A"
 ip address 170.50.0.1 255.255.255.128
 no shutdown
!
interface E0/0
 description "Segment B"
 ip address 170.50.0.193 255.255.255.240
 no shutdown
!
interface E0/1
 description "Segment D"
 ip address 170.50.0.209 255.255.255.240
 no shutdown
!
end
!
write
!


R02:
!
configure terminal
!
interface E0/3
 description "Segment A"
 ip address 170.50.0.2 255.255.255.128
 no shutdown
!
interface E0/2
 description "Segment D"
 ip address 170.50.0.210 255.255.255.240
 no shutdown
!
interface E0/0
 description "Segment B"
 ip address 170.50.0.194 255.255.255.240
 no shutdown
!
interface E0/1
 description "Segment C"
 ip address 170.50.0.225 255.255.255.248
 no shutdown
!
end
!
write
!


Now configure interface IP addresses on R03, R04 and R05 as per provided in the tasks. 

R03:
!
configure terminal
!
interface E0/0
 description "connected to PC04"
 ip address 20.1.3.3 255.255.255.0
!
interface E0/1
 description "connected to R04"
 ip address 20.1.34.3 255.255.255.0
!
end
!
write
!


R04:

!
configure terminal
!
interface E0/0
 description "connected to R05"
 ip address 20.1.45.4 255.255.255.0
!
interface E0/1
 description "connected to R03"
 ip address 20.1.34.4 255.255.255.0
!
end
!
write
!


R05:

!
configure terminal
!
interface E0/0
 description "connected to R04"
 ip address 20.1.45.5 255.255.255.0
!
interface E0/1
 description "future use"
 ip address 50.1.23.5 255.255.255.0
!
interface E0/2
 description "connected to SW04"
 ip address 20.1.5.5 255.255.255.0
!
end
!
write
!


Now checking the direct IP connectivity between the devices using PING command. R01 is able to reach R02 from segment A, B and D. Also use "show ip interface brief" command to check the configured IP address on interfaces and make sure both interface status and protocol are showing up/up.

R01:


Check the IP connectivity from R04 to R03 and R05. Also use "show ip interface brief" command to check the configured IP address on interfaces and make sure both interface status and protocol are showing up/up.

R04:


Further verifications can be performed by, use password CISCO for telnet or SSH into other devices (as configured in the tasks) and use "exit" to come out from the terminal of the logged device.

Telnet connectivity from R02 to R01


Telnet connectivity from R04 to R03


SSH connectivity from R01 to R02, login using username "admin" and password "CISCO"


SSH connectivity from R04 to R05, login using username "admin" and password "CISCO"


Don't Miss to Checkout our Next Articles

Exploring Subnetting: Understanding the Subnet Mask

Understanding IPv6 Addressing on Cisco Devices



Other Popular & Useful Articles

Exploring CDP Protocol and LLDP

Understanding Cisco's Spanning Tree

Deepak Sharma

He is a senior solution network architect and currently working with one of the largest financial company. He has an impressive academic and training background. He has completed his B.Tech and MBA, which makes him both technically and managerial proficient. He has also completed more than 450 online and offline training courses, both in India and ...

More... | Author`s Bog | Book a Meeting

Comments (0)

Deepak Sharma

Deepak Sharma

Senior Instructor (Part Time) at UniNets Instructor role
★★★★★ 4.95
Faithful User
Expert Vendor
Golden Classes
King Seller
Fantastic Support
Loyal Writer

Upcoming batches

+91 84484 40748

Enquire Now

Share to your friends

Share

Share this post with others

Contact learning advisor

New Cisco ACI Training Live Batch Starts June 15th!
New Cisco ACI Training Live Batch Starts June 15th!
Advance your career? Don't miss out on our Cisco Application Centric Infrastructure (ACI) training ...
Enroll Now