An IP address is a 32-bit address allocated to a device connected to the Internet. It consists of two fields: net-id and host-id. To facilitate IP address management, IP addresses are divided into five classes, as shown in Figure 1-1.
Figure 1-1 Five classes of IP addresses
Class A, Class B, and Class C IP addresses are unicast addresses. Class D IP addresses are multicast addresses and Class E addresses are reserved for future special use. The first three types are commonly used.
IP addresses are in the dotted decimal notation. Each IP address contains four decimal integers, with each integer corresponding to one byte (for example,10.110.50.101).
Some IP addresses are reserved for special use. The IP address ranges that can be used by users are listed in Table 1-1.
Table 1-1 Classes and ranges of IP addresses
|
Network type |
Address range |
IP network range |
Description |
|
A |
0.0.0.0 to 127.255.255.255 |
1.0.0.0 to 126.0.0.0 |
l An IP address with all 0s host ID is a network address and is used for network routing.
l An IP address with all 1s host ID is a broadcast address and is used for broadcast to all hosts on the network.
l The IP address 0.0.0.0 is used by hosts when they are booted but is not used afterward.
l An IP address with all 0s network ID represents a specific host on the local network and can be used as a source address but cannot be used as a destination address.
l All the IP addresses in the format of 127.X.Y.Z are reserved for loopback test and the packets sent to these addresses will not be output to lines; instead, they are processed internally and regarded as incoming packets. |
|
B |
128.0.0.0 to 191.255.255.255 |
128.0.0.0 to 191.254.0.0 |
l An IP address with all 0s host ID is a network address and is used for network routing.
l An IP address with all 1s host ID is a broadcast address and is used for broadcast to all hosts on the network. |
|
C |
192.0.0.0 to 223.255.255.255 |
192.0.0.0 to 223.255.254.0 |
l An IP address with all 0s host ID is a network address and is used for network routing.
l An IP address with all 1s host ID is a broadcast address and is used for broadcast to all hosts on the network. |
|
D |
224.0.0.0 to 239.255.255.255 |
None |
Class D addresses are multicast addresses. |
|
E |
240.0.0.0 to 255.255.255.254 |
None |
These IP addresses are reserved for future use. |
|
Others |
255.255.255.255 |
255.255.255.255 |
255.255.255.255 is used as a LAN broadcast address. |
The traditional IP address classification method wastes IP addresses greatly. In order to make full use of the available IP addresses, the concepts of mask and subnet were introduced.
A mask is a 32-bit number corresponding to an IP address. The number consists of 1s and 0s. A mask is defined as follows: the bits of the network number and subnet number are set to 1, and the bits of the host number are set to 0. The mask divides the IP address into two parts: subnet address and host address. In an IP address, the part corresponding to the "1" bits in the mask is the subnet address, and the part corresponding to the remaining "0" bits in the mask is the host address. If there is no subnet division, the subnet mask uses the default value and the length of 1s in the mask is equal to the net-id length. Therefore, for IP addresses of classes A, B and C, the default values of the corresponding subnet masks are 255.0.0.0, 255.255.0.0 and 255.255.255.0 respectively.
The mask can be used to divide a Class A network containing more than 16,000,000 hosts or a Class B network containing more than 60,000 hosts into multiple small networks. Each small network is called a subnet. For example, for the Class B network address 138.38.0.0, the mask 255.255.224.0 can be used to divide the network into eight subnets: 138.38.0.0, 138.38.32.0, 138.38.64.0, 138.38.96.0, 138.38.128.0, 138.38.160.0, 138.38.192.0 and 138.38.224.0 (see Figure 1-2). Each subnet can contain more than 8000 hosts.
Figure 1-2 Subnet division of the IP address
1.2 Configuring an IP Address for a VLAN Interface
You can only configure IP address for the VLAN interface using the corresponding command. Generally, it is enough to configure one IP address for a VLAN interface. However, you can configure up to five IP addresses for a VLAN interface so that the interface can be connected to several subnets. Among these IP addresses, one is the primary IP address and the others are secondary ones.
Table 1-2 Configure an IP address for a VLAN interface
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter VLAN interface view |
interface Vlan-interface vlan-id |
— |
|
Configure an IP address for a VLAN interface |
ip address ip-address { mask | mask-length } [ sub ] |
Required
By default, a VLAN interface has no IP address. |
After the above configuration, you can execute the display command in any view to display the operating status and configuration on the interface to verify your configuration.
Table 1-3 Display IP address configuration
|
Operation |
Command |
Description |
|
View VLAN interface information |
display ip interface [ brief ] [ interface-type [ interface-number ] ] |
You can execute the display command in any view |
I. Network requirements
Set the IP address and subnet mask of VLAN interface 1 to 129.2.2.1 and 255.255.255.0 respectively.
II. Network diagram
Figure 1-3 IP address configuration
III. Configuration procedure
# Configure an IP address for VLAN interface 1.
<H3C> system-view
[H3C] interface Vlan-interface 1
[H3C-Vlan-interface1] ip address 129.2.2.1 255.255.255.0
Symptom: The switch cannot ping the host directly-connected to a port.
Solution: You can perform troubleshooting as follows:
l Check the configuration of the switch, and then use the display arp command to check whether the host has an corresponding ARP entry in the ARP table maintained by the Switch.
l Check the VLAN that includes the switch port connecting the host. Check whether the VLAN has been configured with the VLAN interface. Then check whether the IP addresses of the VLAN interface and the host are on the same network segment.
l If the configuration is correct, enable ARP debugging on the switch, and check whether the switch can correctly send and receive ARP packets. If it can only send but cannot receive ARP packets, errors may occur at the Ethernet physical layer.
IP performance configuration mainly refers to TCP attribute configuration. The TCP attributes that can be configured include:
l synwait timer: This timer is started when TCP sends a syn packet. If no response packet is received before the timer times out, the TCP connection will be terminated. The timeout of the synwait timer ranges from 2 to 600 seconds and is 75 seconds by default.
l finwait timer: This timer is started when the TCP connection turns from the FIN_WAIT_1 state to the FIN_WAIT_2 state. If no FIN packet is received before the timer times out, the TCP connection will be terminated. The timeout of the finwait timer ranges from 76 to 3,600 seconds and is 675 seconds by default.
l The connection-oriented socket receive/send buffer size ranges from 1 to 32 KB and is 8 KB by default.
Every switch stores a forwarding information base (FIB). FIB is used to store the forwarding information of the switch and guide Layer 3 packet forwarding.
You can know the forwarding information of the switch through the FIB table. Each FIB entry includes: destination address/mask length, next hop, current flag, timestamp, and outbound interface.
When the switch is running normally, the contents of the FIB and the routing table are the same. For routing and routing tables, refer to the Routing Protocol module of this manual.
Table 2-1 Configure IP
Table 2-2 Configure TCP attributes
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Configure timeout time for the synwait timer in TCP |
tcp timer syn-timeout time-value |
Required
The default value is 75 seconds |
|
Configure timeout time for the FIN_WAIT_2 timer in TCP |
tcp timer fin-timeout time-value |
Required
The default value is 675 seconds |
|
Configure the socket receiving and sending buffer size of TCP |
tcp window window-size |
Required
By default, the size of the socket receiving and sending buffers is 8 KB
|
Usually the switch sends TTL timeout packets and unreachable packets to the CPU in the process of forwarding IP packets. The CPU processes these special packets after receiving them. Incorrect configuration and malicious attack will cause heavy CPU load. You can perform the following configuration to configure not to send corresponding packets to the CPU in order to ensure normal running.
Table 2-3 Configure to send special IP packets to CPU
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Configure to send TTL timeout packets and unreachable packets to CPU |
ip { ttl-expires | unreachables } |
Required
By default, unreachable packets are not sent to the CPU, while TTL timeout packets are sent to the CPU |
Broadcast packets include full-net broadcast packets and directly-connected broadcast packets. The destination IP address of a full-net broadcast packet is all 1s (255.255.255.255) or all 0s. A directly-connected broadcast packet is a packet whose destination IP address is the network broadcast address of a subnet, but the source IP address is not in the subnet segment. When a switch forwards this kind of packet, the switch cannot tell whether the packet is a broadcast packet if the switch is not connected with the subnet.
If a broadcast packet reaches the destination network after being forwarded by the switch, the switch will receive the broadcast packet, for the switch also belongs to the subnet. Since the VLAN of the switch isolates the broadcast domain, the switch will stop forwarding the packet to the network. Using the following configuration tasks, you can choose to forward the broadcast packet to the network for broadcast.
Perform the following configuration in system view.
Table 2-4 Configuring to forward layer 3 broadcast packets
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Configure to forward layer 3 broadcast packets |
ip forward-broadcast |
Required
By default, the switch does not forward layer 3 broadcast packets |
After the above configurations, you can execute the display command in any view to display the running status to verify your IP performance configuration.
Table 2-5 Display IP performance
|
Operation |
Command |
Description |
|
View TCP connection status |
display tcp status |
You can execute the display command in any view. |
|
View TCP connection statistics |
display tcp statistics |
|
View UDP traffic statistics |
display udp statistics |
|
View IP traffic statistics |
display ip statistics |
|
View ICMP traffic statistics |
display icmp statistics |
|
View the current socket information of the system |
display ip socket [ socktype sock-type ] [ task-id socket-id ] |
|
View the summary of the forwarding information base (FIB) |
display fib fib-rule |
Use the reset command in user view to clear the IP, TCP, and UDP traffic statistics.
Table 2-6 Debug IP performance
|
Configuration |
Command |
Description |
|
Clear IP traffic statistics |
reset ip statistics |
The reset command can be executed in user view |
|
Clear TCP traffic statistics |
reset tcp statistics |
|
Clear UDP traffic statistics |
reset udp statistics |
Symptom: IP packets are forwarded normally, but TCP and UDP cannot work normally.
Solution: Enable the corresponding debugging information output to view the debugging information.
l Use the display command to display the IP performance and check whether the PC runs normally.
l Use the terminal debugging command to enable debugging information to be output to the console.
l Use the debugging udp packet command to enable the UDP debugging to trace UDP packets.
<H3C> terminal debugging
<H3C> debugging udp packet
The UDP packets are shown in the following format:
UDP output packet:
Source IP address:202.38.160.1
Source port:1024
Destination IP Address 202.38.160.1
Destination port: 4296
l Use the debugging tcp packet command to enable the TCP debugging to trace TCP packets.
<H3C> terminal debugging
<H3C> debugging tcp packet
Then the TCP packets received or sent will be displayed in the following format in real time:
TCP output packet:
Source IP address:202.38.160.1
Source port:1024
Destination IP Address 202.38.160.1
Destination port: 4296
Sequence number :4185089
Ack number: 0
Flag :SYN
Packet length :60
Data offset: 10
The Internetwork packet exchange (IPX) protocol is a network layer protocol in the NetWare protocol suite. IPX's position in the Novell Netware protocol is similar to IP's in the TCP/IP protocol suite. IPX can address, route and forward packets.
IPX is a connectionless protocol. Though an IPX packet includes a destination IPX address in addition to the data, there is no guarantee of successful delivery. Packet acknowledgement and connection control must be provided by protocols above IPX. In IPX, each IPX packet is considered as an independent entity that has no logical or sequential relationship with any other IPX packets.
IPX and IP use different address structures. An IPX address comprises two parts: the network number and the node address; it is in the format of network.node.
A network number identifies the network where a site is located. It is four bytes long and expressed by eight hexadecimal numbers. A node address identifies a node on the network. Like a MAC address, it is six bytes long and written with the bytes being separated into three 2-byte parts by “-“. The node address cannot be a broadcast or multicast address. For example, in the IPX address bc.0-0cb-47, bc (or 000000bc) is the network number and 0-0cb-47 (0000-00cb-0047) is the node address. You can also write an IPX address in the form of N.H-H-H, where N is the network number and H-H-H is the node address.
IPX uses the routing information protocol (RIP) to maintain and advertise dynamic routing information. With IPX enabled, the switch exchanges routing information with other neighbors through RIP to maintain an internetwork routing information database (also known as a routing table) to accommodate to the network changes. When the switch receives a packet, it looks up the routing table for the next site and if there is any, and then forwards the packet. The routing information can be configured statically or collected dynamically.
This chapter introduces RIP in IPX. For the RIP configurations on an IP network, refer to the Routing Protocol module of this manual.
IPX uses the service advertising protocol (SAP) to maintain and advertise dynamic service information. SAP advertises the services provided by servers and their addresses as well. With SAP, a server broadcasts its services when it starts up and the termination of the services when it goes down.
With IPX enabled, the switch creates and maintains an internetwork service information database (or the service information table) through SAP. It helps you learn what services are available on the networks and where they are provided. The servers periodically broadcast their services and addresses to the networks directly connected to them. However, you cannot use such information directly. Instead, the information is collected by the SAP agents of the switches on the networks and saved in their server information tables.
Table 3-1 Configure IPX
Table 3-2 Basic IPX configuration
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enable IPX |
ipx enable |
Required
IPX is disabled by default |
|
Enter VLAN interface view |
interface Vlan-interface vlan-id |
— |
|
Configure an IPX network number for the VLAN interface |
ipx network network |
Required
By default, the system does not assign network numbers to VLAN interface. That is, IPX is disabled on all the VLAN interfaces |
l After the undo ipx enable command is executed, the IPX configurations are cannot be recovered with the ipx enable command.
l After IPX is enabled, you must assign a network number to a VLAN interface to enable IPX on this VLAN interface. One network number can be assigned to only one VLAN interface.
l If the IPX network number of a VLAN interface is deleted, the IPX configuration and static routing information of this VLAN interface will be deleted at the same time.
I. Configuring IPX static routes
Table 3-3 Configure IPX static routes
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enable IPX |
ipx enable |
Required
IPX is disabled by default |
|
Enter VLAN interface view |
interface Vlan-interface vlan-id |
— |
|
Configure an IPX network number for the VLAN interface |
ipx network network |
Required
By default, the system does not assign network numbers to VLAN interface. That is, IPX is disabled on all the VLAN interfaces |
|
Exit VLAN interface view |
quit |
— |
|
Configure IPX static routes |
ipx route-static network network.node [ preference value ] [ tick ticks hop hops ] |
