IPv4 has been widely used worldwide due to its successful design. However, the problem of insufficient address space is like a death sentence that will eventually come. Once that day comes, the development of the Internet will be greatly hindered. In order to solve this problem, scientists have designed the IPv6 protocol on the one hand, and it is already in the initial deployment stage, on the other hand, it is to improve the efficiency of the use of IPv4 addresses and delay the death penalty as much as possible. CIDR and NAT are the products of the latter thinking.
1. Subnet division and subnet mask
Before detailing CIDR, I have to mention the subnetting technology.
Subnetting further divides a large network into multiple subnets. The specific implementation is based on the original division, the host number is further divided into subnet number and host number. The hosts under the same network number may belong to different subnets, and the subnets can be divided into multiple users.
Accompanied by subnetting is the subnet mask. The subnet mask is the same as the IP address. It is a 32-bit binary number, and 1 and 0 must be consecutive respectively. The subnet mask of each network is equal to setting the network number of its corresponding network to 1 , The value generated after the host number is set to 0.
The number of networks and hosts divided by the subnet will be determined by the subnet mask. For example, a Class B network 174.123.0.0, subnetting it, set the subnet mask to 255.255.252.0 (11111111.11111111.11111100.00000000), it can be seen that in the last 16 host numbers, the first 6 bits are set as subnets Net number, the remaining 10 bits are used as the host number, so the number of subnets that can be used is 2 6=64, and the usable host number is 2 10-2=1022 (excluding all 0 and all 1 host numbers)
The traditional ABC class address has a default subnet mask, that is, class A address subnet mask: 255.0.0.0, class B address subnet mask: 255.255.0.0, and class C address subnet mask: 255.255.255.0
As for the subnet to which a foreign IP address should be transmitted, it only needs to be ANDed with the subnet mask to find the corresponding IP address.
Two, CIDR
1 Overview
CIDR, the full name in English is Classless Inter-Domain Routing, that is, classless inter-domain routing, which breaks through the traditional ABCDE class of address division and can be used for IPv4
Technology for more detailed network division and improved address utilization.
Under the traditional address division, the following problems have emerged in practical applications: For most companies, using a class C address, each address has only 256 available host numbers, which is too few, while using a class B address, each address is There are 65535 host numbers and too many. This problem is caused by inflexible address division. With the emergence of CIDR, the address was divided in more detail and this problem was solved ingeniously.
2. Division method
In the subnet division, the IP address is divided into three segments-network number, subnet number, and host number. CIDR combines the network number with the subnet number, and the three-segment division returns to the two-segment division. The IP address under CIDR is expressed as abcd/n, and n is the length of the network number. In this way, 32-bit IP addresses are not only divided into ABCDE categories, but can be flexibly divided into dozens of categories, as long as the length of the network number meets the requirements.
For example:
1) Two hosts with IP addresses 198.189.252.3/22 and 198.189.253.4/22 respectively. The two IP addresses expressed in binary are 11000110.10111101.11111100.00000011 and 11000110.10111101.11111101.00000100. The first 22 digits are the network number. Obviously, the two hosts have the same network number and belong to different hosts on the same network.
2) Two hosts with IP addresses 198.189.252.3/22 and 198.189.252.3/20 respectively. Although the length of the two IP addresses is the same after removing the network number, it can be known through calculation that they belong to different networks.
3. Subnet aggregation
While subnetting increases the utilization of IP addresses, it may also bring about the problem of routing table explosion. At this time, aggregating subnets is a good solution. The specific implementation performance is to find the smallest identical network prefix and shorten the length of the network number.
Example: There are two subnets in a network: 198.189.253.0/24 and 198.189.254.0/24. Two entries will be occupied in the routing table, but the next hop address is the same. If you merge the subnets and find that the first 22 digits of the network number are the same, you can use 198.189.252.0/22 as the supernet of the two subnets, and you only need to use this entry in the routing table to replace the previous two. can.
Three, NAT
1 Overview
NAT, the English full name is network address translation, that is, network address translation. The core idea is to reuse a large number of private IP addresses and represent them with fewer shared IP addresses, so as to alleviate the problem of IP address space exhaustion.
In addition to alleviating the exhaustion of IP addresses, NAT technology can also play a role in security protection. Since the IP address of the local network exposed to the outside world is only the IP address of its representative router, its real IP address is hidden, and the security is naturally improved.
2. Concrete realization
In the previous section, we introduced private IP addresses. ABD addresses have their own private IP addresses. In a local network, the private IP address of this type of network can be used to represent each host. When it is necessary to interact with the host on the external network, the router can be converted into a public IP address according to the NAT table.
For example:
As shown in the figure, there is a local network with a network number of 192.168.0.0. When internal hosts transmit information to each other, they only need to use private IP addresses 192.168.0.3, 192.168.0.4, etc. When you need to exchange data with external network hosts, such as 213.18.2.4, you only need to perform a conversion based on the NAT routing table at the NAT router to become a public IP address.
2.168.0.4 and so on. When you need to exchange data with external network hosts, such as 213.18.2.4, you only need to perform a conversion based on the NAT routing table at the NAT router to become a public IP address.