| 1: || |
What is an Inside Global address, and when is it used?
| A1: || |
The Inside Global address connects your organization indirectly to the Internet. Typically, these are the addresses provided by the ISP. These addresses are propagated outside the organization. They are globally unique and are the addresses used by the outside world to connect to inside the organization. Simply explained, they are the addresses that define how the inside addresses are seen globally by the outside.
| 2: || |
When is the Inside Local address used?
| A2: || |
The Inside Local address is the address that allows every end device in the organization to communicate. Although these addresses are unique within the organization, they are probably not globally unique. They may well be private addresses that conform to RFC 1918. They are the inside addresses as seen locally within the organization.
| 3: || |
Explain the difference between the Outside Global address and the Outside Local address.
| A3: || |
The Outside Global address is the Internet address (all the addresses outside the domain of the organization). They are the outside addresses as they appear to the global Internet.
The Outside Local address, however, is external to the organization. This is the destination address used by a host inside the organization connecting to the outside world. This will be the destination address of the packet propagated by the internal host. This is how the outside world is seen locally from inside the organization.
| 4: || |
Give one example of when NAT might be employed.
| A4: || |
NAT is useful in the following circumstances:
- To connect organizations that use address space issued to other organizations to the Internet
- To connect organizations that use private address space defined in RFC 1918 and want to connect to the Internet
- To connect together two organizations that have used the same private address, in line with RFC 1918
- When the organization wants to hide its addresses and is using NAT as part of firewall capabilities or is using additional security features
| 5: || |
Explain what PAT is.
| A5: || |
Port Address Translation (PAT) translates different local addresses (within the organization) into one address that is globally significant for use on the Internet. The additional identifier of a TCP or UDP port unravels the multiple addresses that have been mapped to single addresses. The uniqueness of the different local addresses is ensured by the use of the port number mapped to the single address.
| 6: || |
Why is NAT often configured on the organization's firewall?
| A6: || |
NAT performs Network Address Translation from private addressing to global addressing. This is required only when connecting to the outside world when a globally unique address is required. A firewall is installed on the edge of the autonomous system to protect the organization from unauthorized access. Therefore, both applications would reside on the edge of the network as it connects into the Internet.
| 7: || |
Give one example of when private addressing would be a good solution for an organization.
| A7: || |
Private addressing was designed as an addressing method for an organization that has no intention of ever connecting to the Internet. If Internet connectivity were not required, there would be no requirement for a globally unique address from the Internet. The individual organization could address its network without any reference to the Internet, using one of the address ranges provided. Private addressing is often used now by companies that do not want to make a submission for an address from the IANA or do not want the labor of stretching the small allocation of addresses that they might receive. Instead, they can use a Class A address for their organization and use NAT to connect to the outside world.
| 8: || |
Why does summarization need a hierarchical addressing structure?
| A8: || |
Summarization of IP addresses needs a hierarchical addressing structure to hide the downstream subnets. A summarized address is where many subnets that share the same leftmost bits of the IP address might be represented by a single subnet. This can only occur when the minor subnets are physically downstream of the summarized network.
| 9: || |
When might you use Destination Address Rotary Translation?
| A9: || |
You use destination address rotary translation for traffic entering the organization from the outside. The destination address is matched against an access list, and the destination address is replaced by an address from the rotary pool. This is used only for TCP traffic, unless other translations are in effect. This is required when creating TCP connections that require a connection into the network. It allows Telnet, FTP, and other connection-oriented sessions.
| 10: || |
Why do NAT and private addressing tend to be implemented together?
| A10: || |
NAT performs Network Address Translation and is implemented when private addresses need to be translated into a global address to allow connectivity to the Internet with a globally unique address.
| 11: || |
Which routing protocols for IPv6 does Cisco IOS support?
| A11: || |
Cisco supports RIPng, BGP-4+, IS-IS, and OSPF in Cisco IOS 12.2T.
| 12: || |
How many bits are there in the IPv6 address space?
| A12: || |
There are 128 bits in the IPv6 address space.
| 13: || |
Explain why it is important to remember to identify how many hosts and subnets are required when designing an IPv4 network.
| A13: || |
It is important to determine how many hosts and subnets are required so that you can adequately address the network, allowing for the physical topology of the network to marry the logical topology and to build in a hierarchical addressing scheme that can be summarized to add efficiency into the network.
| 14: || |
Why does IPv6 addressing allow for more effective security and QoS to be implemented?
| A14: || |
IPv6 addressing allows for more effective security and QoS to be implemented because the address space allows for end-to-end connectivity. Without having to traverse firewalls and NAT servers, both security and QoS are much easier to create and maintain.
| 15: || |
Give one reason it might be advisable to implement private addressing.
| A15: || |
The reasons for addressing your organization's network using private addressing include the following:
- There is a shortage of addressing within the organization.
- You need security. Because the network must go through a translation gateway, it will not be visible to the outside world.
- There is an ISP change. If the network is connecting to the Internet through an ISP, the addresses allocated are just on loan or are leased to your organization. If the organization decides to change its ISP, the entire network will have to be readdressed. If the addresses provided define just the external connectivity and not the internal subnets, however, readdressing is limited and highly simplified.
| 16: || |
In the following address
which part of the address is autoconfigured?
| A16: || |
The MAC address 0AC0:3428:121C provides the system ID for the address.
| 17: || |
Why is IPv6 multicasting more efficient than IPv4 broadcasting?
| A17: || |
IPv4 broadcasting forces every end system to interrupt its process to view the incoming packet, because the broadcast address is an address to every system. This saturates not only the media resources, but also the resources of the end systems. Multicasting is an address to multiple end systems, but only to those systems that need to receive the packet.
| 18: || |
State one of the main benefits of IPv6.
| A18: || |
The main benefits of IPv6 are as follows :
- Larger address space, allowing for a larger number of systems that can be globally addressed and a more scalable network
- Increased address space, allowing for a deeper hierarchical structure
- Simplified header, allowing for greater routing efficiency and, thus, network performance
- Policies for network architecture flexibility, allowing evolution and growth of the protocol
- Support for routing and route aggregation
- Simple administration through serverless autoconfiguration, the ability to renumber with ease, multihomingall of which allow a level of plug-and-play support
- Security using IP Security (IPSec) support for all IPv6 devices
- Support for Mobile IP and mobile computing devices (direct- path )
- Multicast support built into the protocol using a greater number of addresses and efficient mechanisms
| 19: || |
What is an IPv6 extension header?
| A19: || |
The IPv6 extension header is the same as the Options field in the IPv4 header. However, instead of including the Options field within the header as IPv4 does, IPv6 attaches the Options field to the end of the header, indicating with the Next Header field whether there is something to additional to process. This speeds up the processing and also allows for protocol evolution, because many extension fields can be chained together.
| 20: || |
What are the two most common methods of transitioning an IPv4 network to an IPv6 network?
| A20: || |
Dual stacks and 6to4 tunneling are the two most common methods of transitioning an IPv4 network to an IPv6 network.