Subnetting

Content
1. Subnetting
2. CIDR (Classless Inter Domain Routing)
3. Variable length Subnet Mask (VLSM)
4. Who manages IP addresses?
5. Why we need subnetting?
6. How to assign IP address to device?

Subnetting
Subnetting is a process of dividing large network into the smaller network
based on layer 3 (Network Layer) IP address.
A subnet is a logical subdivision of an IP network. The practice of dividing a
network into two or more networks is called subnetting.
Subnetting provides a method of allocating a part of the host address space to
network addresses, which generate more networks.
Subnetting allows an organization to add sub-networks without the need to
acquire a new IP addresses from ISP.

Benefits of Subnetting
It reduces the network traffic by reducing the size of broadcasts domain.
It enables users to access a work network from their homes.
Subnetting helps in reducing the network traffic and network complexity.
It increase the security options in the network
By using subnetting network addresses can be decentralized it means the
administrator of the network can monitor the subnet.

Classless Inter Domain Routing (CIDR)
Classless Inter-Domain Routing is a method for allocating IP addresses and IP
routing in the Network.
CIDR is introduced in 1993 by Internet Engineering Task Force .
It replace the previous classful addressing method to design a network in the
Internet.
Its goal was to reduce the rapid exhaustion of IPv4 addresses.

IP address consist of two groups of bits
The most significant bits are the network address or network prefix , which
identifies a whole network or subnet.
The least significant bits are the host address, which specifies a particular
interface of a host on that network.
This division is used in CIDR to perform subnetting.
CIDR allocates address space to ISP and to end users on any address bit
boundary.
CIDR is based on the variable-length subnet masking (VLSM) technique.

Variable Length Subnet Mask (VLSM)
Variable length subnet mask(VLSM) technique is used in CIDR
VLSM is a process of dividing an IP address space into the subnet of different
sizes without wasting IP addresses. Example 192.168.1.160/30
VLSM is closely related to CIDR.
VLSM allows various network subnets to have different subnet masks.
CIDR allows routers to group the various routes together to reduce the amount
of routing information at the core routers whereas VLSM helps how to optimise
the available address space.

Who manages IP addresses?
The Internet Assigned Numbers Authority (IANA) manages the IP address.
It define space allocations globally and form five regional Internet registries
(RIRs) to allocate IP address blocks to ISP such as BSNL, Airtel, Vodafone etc.
Five Regional Internet Registries (RIRs) are:
RIPE (Reseaux IP Europeens) – Europe
APNIC (Asia pacific network information centre) – Asia
AFRINIC (African Network Information Centre) – Africa
ARIN (American registry for internet numbers) – North America
LACNIC (Latin america network information centre) – Latin America

Who manages IP addresses?
If a device wants to connect to internet then that device request the ISP for the
IP address.
ISP get the range of IP addresses from Internet Assigned Numbers Authority
(IANA) through different five Regional Registries according to the location of a
device.
In this way, device get an IP address from the range of IP Addresses.

Why we need Subnetting?
Let take an example, Any Internet Service Provider (ISP) require 150 IP
addresses to install a network. Then ISP request to APNIC for IP addresses.
APNIC provide a IP address 193.172.16.0/24 to the ISP
As this is Class C address ,and we know class C have 254 valid IP address in
total.
ISP required 150 IP address and APNIC provide 254 IP address. Thus, this led to
the wastage of 104 IP address.
To stop the wastage of IP addresses, a method is introduced known as
subnetting.

IP address are very costly so to stop the wastage of IP addresses we do
Subnetting.
Like Class C have 256 IP address in total.

Assigning IP address
IP address can be assign in two ways to the device
1. Static IP address
2. Dynamic IP address

Static IP address
A static IP address is an IP address that are manually configured for a device.
A static IP address is called static because it doesn’t change.
Static IP addresses are also known as fixed IP addresses or dedicated IP addresses.
Dynamic IP address
A dynamic IP address is an IP address that is automatically assigned to each device in a network.
This automatic assignment of IP addresses is done by a DHCP server.
Dynamic IP address is called dynamic because it will change on future connections to the network.

 

AWS SERVICES

What is AWS?

Amazon Web Services (AWS), a subsidiary of Amazon.com, offering
cloud-computing services
Cloud Computing or simply Cloud means, using a network of remote
servers hosted on the Internet to store, manage, and process data, rather
than a local server or a personal computer
Cloud Computing provides on-demand access to a shared pool of
configurable computing resources (e.g., computer networks, servers,
storage, applications and services)

AWS Global infrastructure

● AWS locations : regions and availability zones
● 43 availability zones
● 16 regions
● 11 Availability zones and 4 regions – plan to launch
● Placement of data and resources in multiple locations.
● Regions are isolated to each other.

Accessing platform

To access AWS cloud services , you can use
● AWS management console
● AWS command line interface
● AWS software development kits

AWS management console

● It is a web application for managing AWS cloud services. It provides an
interactive user interface. Each service has its own console which can
be accessed by AWS management console.
● It also provides information about account and billing.

AWS command line interface

● It is a unified tool used to manage AWS cloud services.
● With just one tool to download and configure , you can control
multiple services from the command line and automate them using
scripts.

AWS software development kits

● It provides an application programming interface that interacts with
web services that fundamentally make up the AWS platform.
● SDKs provide support for many different programming languages.
● SDKs can take the complexity out of coding by providing
programmatic access for many of the services.

Elastic Load Balancing

Elastic Load Balancing

  • Elastic Load balancing is a web service which distributes the application traffic across multiple EC2 instances within multiple Availability Zone.
  • It is used to increase the fault tolerance of users applications.
  • There are two type of load balancer such as: Application Load Balancer and Classic Load Balancer.
  • Elastic Load Balancing distributes incoming application traffic across multiple EC2 instances, in multiple Availability Zones.
  • This increases the fault tolerance of user’s applications.
  • The load balancer serves as a single point of contact for clients
  • User’s can configure health checks, which are used to monitor the health of the registered instances so that the load balancer can send requests only to the healthy instances.
  • User’s can also offload the work of encryption and decryption to their load balancer so that their instances can focus on their main work.

Elastic Load Balancing supports two types of load balancers

  • Application Load Balancers
  • Classic Load Balancers

load balancer can be choosed, according to the need of user’s.

User’s can create, access and manage their own load balancer using any of the following interfaces

  • AWS Management Console
  • AWS Command Line interface (AWS-CLI)
  • AWS SDKs
  • Query API
  • AWS Management Console

Provides a web interface that can be used to access Elastic Load Balancing.

  • AWS Command Line Interface (AWS CLI)

Provides commands for a broad set of AWS services, including Elastic Load Balancing

It is supported on Windows, Mac, and Linux.

  • AWS SDKs

Provides language-specific APIs

Also manage the connection details, such as calculating signatures, handling request retries, and error handling.

  • Query API

Provides low-level API actions using HTTPS requests.

It provide the direct way to access Elastic Load Balancing, but it requires that user’s application must handle low-level details such as generating the hash to sign the request, and error handling.

Elastic load balancing works with these services to increase the availability and scalability of user’s application

  • Amazon EC2
  • Amazon ECS
  • Amazon Route 53
  • Amazon CloudWatch
  • Autoscaling
  • Amazon EC2

Provide virtual servers to run user’s application in cloud.

User’s can configure their own load balancer to route the traffic to their EC2 instance.

  • Amazon ECS

It Enables user’s to run, stop, and manage their Docker containers on a cluster of EC2 instances.

User’s can configure their load balancer to route traffic to their containers.

  • Amazon Route 53

It provide reliable and cost effective way to route viewer to websites by translating their domain names into their corresponding IP addresses.

AWS assign their URLs to their resources i.e. to load balancer.

Amazon Route 53 help to get a website or web application up and running.

  • Amazon CloudWatch

It enables user’s to monitor their load balancer and take action as needed.

For example, user’s can monitor the CPU usage and disk reads and writes of your Amazon EC2 instances and then use this data to determine whether to launch additional instances to handle increased load or not.

  • Autoscaling

If user’s enable Auto Scaling with Elastic Load Balancing

Then instances that are launched by Auto Scaling are automatically registered with the load balancer.

The instances that are terminated by Auto Scaling are automatically de-registered from the load balancer.

How Elastic Load Balancing Works ?

  • A load balancer accepts incoming traffic from clients and routes requests to its registered EC2 instances in one or more Availability Zones.
  • Then load balancer monitors the health of its registered instances and routes traffic only to healthy instances.
  • User’s can configure their load balancer by specifying one or more listeners to accept incoming traffic.
  • A listener is a process that checks for connection requests.
  • It is configured with a protocol and port number for connections from clients to the load balancer and a protocol and port number for connections from the load balancer to the instances.

Elastic Load Balancing support two type of Load balancer:

  • Classic Load Balancer :

registers the instances to the load balancer

  • Application Load Balancers :

registers the instance as a target in a target group and route traffic to a target group.

AWS Managed Services

Managed Services

1

  • AWS Managed services include AWS Health check.
  • AWS Health provides personalized information.

AWS Health

AWS Health provides ongoing visibility into the state of the AWS resources, services, and accounts.

AWS Health provides relevant and timely information to help to manage events in progress, as well as be aware of and prepare for planned activities.

AWS Management Console

  • The AWS Management Console is a web application for managing Amazon Web Services.
  • The console provides an intuitive user interface for performing many AWS tasks such as working with Amazon S3 buckets, launching and connecting to Amazon EC2 instances, setting Amazon CloudWatch alarms, and so on.

AWS Command Line Interface

  • The AWS CLI is an open source tool built on top of the AWS SDK for Python (Boto) that provides commands for interacting with AWS services.
  • With less configuration, user can start using all of the functionality provided by the AWS Management Console using terminal program such as.
  • Linux shells
  • Windows command line
  • Remotely

AWS Tools for Windows Powershell

  • The AWS Tools for Windows PowerShell and AWS Tools for PowerShell Core are PowerShell modules that are built on the functionality exposed by the AWS SDK for .NET.
  • The AWS Tools for Windows PowerShell and AWS Tools for PowerShell Core are flexible in how they enable the user to handle credentials including support for the AWS IAM infrastructure.

Cloud Computing

Cloud computing is a type of internet based computing which provide the delivery of hosted services over the internet

It provide a  network of remote servers to store, manage and process data over the internet.

Companies offering these computing services are called cloud providers and  they charge for cloud computing services based on usage.

Example: Microsoft Window Azure, Amazon web services, Huawei GalaX cloud etc

2

Cloud Services

Cloud services are broadly divided into three categories:

1.Cloud Software as a Service (SaaS)

2.Cloud Platform as a Service (PaaS)

3.Cloud Infrastructure as a Service (IaaS)

These three models are independent of each other.

Cloud Software as a Service (SaaS)

Software as a service is a way of delivering applications over the Internet—as a service. The users manages access to the application, including security, availability, and performance.

SaaS customers have no hardware or software to buy, install, maintain or update.

Access to applications is easy by having internet connection.

Example: Google Apps, Salesforce, Workday, Cisco WebEx.

Cloud Platform as a Service (PaaS)

In Platform as a Service model, a cloud provider delivers hardware and software tools as a service to their users which are used for application development.A PaaS provider hosts the hardware and software on its own infrastructure.

PaaS allow developers to frequently change or upgrade operating system features. users access PaaS through a Web browser.PaaS  charge for that access on a per-use basis or as a monthly fee for the access to platform.

Example of PaaS vendors are Salesforce.com’s Force.com, Google and Amazon.

PaaS platforms for development and management of software are Appear IQ, Amazon Web Services (AWS) Elastic Beanstalk, Google App Engine.

Cloud Infrastructure as a Service (IaaS)

This cloud offer infrastructure resources such as hardware, software, server and storage.

Users can use these resources over internet and deploy application on them.

IaaS platforms offer highly scalable resources that can be adjusted on-demand.

Example: Amazon Web Services (AWS), Windows Azure, Google Compute Engine.

Advantages of Cloud Computing Services

1.Reduced Capital Cost

2.Device and Location independence

3.Scalability and Elasticity

4.Agility

5.Maintenance

Cloud Computing deployment models are

1.Cloud-based deployments

2.Hybrid deployments

Cloud-based deployment

A cloud-based application is fully deployed in the cloud

All parts of the application run in the cloud.

Applications have either been created in the cloud or have been migrated from an existing infrastructure

This migration is done to take advantage of the benefits of cloud computing. It can be built on low-level infrastructure pieces or can use higher level services.

Hybrid deployment

A hybrid deployment is a way to connect infrastructure and applications between cloud-based resources and existing resources (that are not located in the cloud).

It is used to extend, and grow, an organization’s infrastructure into the cloud while connecting cloud resources to internal system.

Features of Cloud Computing

  • On demand computing resources
  • Elastic resources—Scale up or down quickly and easily to meet demand
  • Metered service so you only pay for what you use
  • Self service—All the IT resources you need with self-service access

Cloud infrastructure as a service

In the 2016 Magic Quadrant for Cloud Infrastructure as a Service, Worldwide, for the 6th straight year, Gartner placed Amazon Web Services in the “Leaders” quadrant and named AWS as having both the furthest completeness of vision and the highest ability to execute

3

 

AWS – Amazon VPC

Amazon VPC can be used with these following AWS services:

1.AWS EC2

2.Auto Scaling

3.AWS OpsWorks

4.Amazon RDS

5.Amazon Route 53

6.Amazon WorkSpaces

7.Amazon Redshift

AWS configuration

AWS Config provides a detailed view of the configuration of AWS resources in AWS account.

This includes how the resources are related to one another and how they were configured in the past.

With AWS Config, user can config the following

  • Evaluate the AWS resource configurations for desired settings.
  • Get a snapshot of the current configurations of the supported resources that are associated with your AWS account.
  • Retrieve configurations of one or more resources that exist in your account.
  • Retrieve historical configurations of one or more resources.
  • Receive a notification whenever a resource is created, modified, or deleted.
  • View relationships between resources. For example, you might want to find all resources that use a particular security group.

Accessing Amazon VPC

Amazon VPC provides a web-based user interface, the Amazon VPC console.

1.Signed up for an AWS account

2.Then access the Amazon VPC console by signing into the AWS Management Console.

3.select VPC from the console home page.

AWS Command Line Interface (CLI)

Amazon VPC can be accessed using AWS CLI.

Provides commands for a broad set of AWS products and is supported on Windows, Mac, and Linux/UNIX.

AWS Tools for Windows PowerShell

Provides commands for a broad set of AWS products for those who script in the PowerShell environment.

Accessing Amazon VPC

To build applications using language-specific APIs , AWS provides libraries, sample code, tutorials, and other resources for software developers.

These libraries provide basic functions that automatically take care of tasks such as cryptographically signing your requests, retrying requests, and handling error responses etc.

Amazon VPC Limits

There are limits to the number of Amazon VPC components that can be provisioned.

To increase a limit that applies per resource, increase the limit for all resources in the region.

For example: the limit for security groups per VPC applies to all VPCs in the region.

 

 

AWS Route 53

AWS Route 53

10

  • Amazon Route 53 provide highly available and scalable Domain Name system (DNS)
  • Translate domain names of websites or web applications into associated ip addresses.
  • Reliable and cost effective service.

Amazon Route 53 is a part of AWS which provide highly scalable and available Domain Name Server (DNS).

It provide a reliable and cost effective way to translate domain name of any website and application into its IP address.

Developer define the route to end users over internet to their application or web pages by defining domain names such as amazon.com and their associated IP address.

It perform these functions such as

  • Registering domain names
  • Routing internet traffic to particular websites or application
  • Checking the health of resources (web server).

Amazon Route 53 concepts

Domain Registration concepts include:

  • Domain Name
  • Domain Registrar
  • Domain Registry
  • Domain Reseller
  • Top-level Domain
  • Domain Name:

Domain Name is the name that a user types in the address bar of a web browser to access a website or a web application such as example.com.

To make your website or web application available on the Internet, you must register a domain name first.

  • Domain Registrar

Domain Registrar is a company that is accredited by ICANN to process domain registrations for specific top-level domains (TLDs).

For example, Amazon Registrar, Inc. is a domain registrar for .com, .net, and .org domains.

Our registrar associate, Gandi, is a domain registrar for hundreds of TLDs, such as .apartments, .boutique, and camera.

  • Domain Registry

Domain Registry is a company that owns the right to sell domains that have a specific TLDs.

A domain registry defines the rules for registering a domain and  maintains the authoritative database for all of the domain names.

The registry’s database contains information such as contact information and the name servers for each domain.

For example, VeriSign is the registry that owns the right to sell domains that have a .com TLD.

  • Domain Reseller

Domain Reseller is a company that sells domain names for registrars such as Amazon Registrar.

Amazon Route 53 is a domain reseller for Amazon Registrar and for our registrar associate, Gandi.

  • Top-level Domain

Top-level Domain refers to .com, .org, or .edu. There are two types of top-level domains:

1.Generic top-level domains

2.Geographic top-level domains

Health Checking concepts include

  • DNS Failover
  • Endpoints
  • Health Check
  • DNS Failover:

DNS Failover is a method for routing traffic away from unhealthy resources and to healthy resources.

Amazon Route 53 perform health checks to check the health of user’s resources and configure resource record sets in hosted zone to route traffic only to healthy resources.

  • Endpoints

User specify the endpoint by IPv4 address (192.0.2.243), by IPv6 address (2001:0db8:85a3:0000:0000:abcd:0001:2345), or by domain name (example.com) of resources (such as web server or an email server) which are configured for health check.

User’s can create health checks that monitor the status of other health checks or that monitor the alarm state of a CloudWatch alarm.

  • Health Check

An Amazon Route 53 health check component perform these functions:

  • Monitor whether a specified endpoint, such as a web server, is healthy
  • Optionally, get notified when an endpoint becomes unhealthy
  • Optionally, configure DNS failover, which allows you to reroute Internet traffic from an unhealthy resource to a healthy resource

Domain Name System (DNS) concepts include

  • alias resource record set
  • authoritative name server
  • resource record set (DNS record)
  • reusable delegation set
  • subdomain
  • time to live (TTL)
  • IP address
  • name servers
  • private DNS
  • DNS query
  • DNS resolver or recursive name server
  • Domain Name System (DNS)
  • hosted zone
    • Alias Resource set

    It is a type of resource record set that is created by user with Amazon Route 53 to route traffic to AWS resources such as Amazon CloudFront distributions and Amazon S3 buckets.

    • Authoritative name server

    It is a name server that has definitive information about one part of the Domain Name System (DNS) and that responds to requests from a DNS resolver by returning the applicable information.

    • DNS query

    It a request that is submitted by a device, such as a computer or a smartphone, to the Domain Name System (DNS) for a resource that is associated with a domain name.

    • DNS Resolver

    A DNS resolver is also known as a recursive name server because it sends requests to a sequence of authoritative DNS name servers until it gets the response (typically an IP address) that it returns to a user’s device, for example, a web browser on a laptop computer.

    • Domain Name System (DNS)

    DNS is a worldwide network of servers that help computers, smart phones, tablets, and other IP-enabled devices to communicate with one another.

    • Hosted zone

    Hosted zone is a container for resource record sets, which include information about how user want to route traffic for a domain (such as example.com) and all of its subdomains (such as http://www.example.com, retail.example.com).

    • IP address

    IP address is a number that is assigned to a device on the Internet that allows the device to communicate with other devices on the Internet. IP addresses are in one of the following formats:

    Internet Protocol version 4 (IPv4) format, such as 192.0.2.44

    Internet Protocol version 6 (IPv6) format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345

  • Name servers

Name Servers are the Servers in the DNS that help to translate domain names into the IP addresses that computers use to communicate with one another.

Name servers are either recursive name servers (also known as DNS resolver) or authoritative name servers.

  • Private DNS

It is a local version of the DNS that lets the user to route traffic for a domain and its subdomains to Amazon EC2 instances within one or more Amazon VPCs.

  • Resource Record set (DNS Record)

An object in a hosted zone that is use to define how to route traffic for the domain or a subdomain.

  • Reusable Delegation set

It is a set of four authoritative name servers that is use with more than one hosted zone.

  • Subdomain

It is a domain name that has one or more labels prepended to the registered domain name.

  • Time to live (TTL):

TTL indicate the amount of time, in seconds, that user wants a DNS resolver to cache (store) the values for a resource record set before submitting another request to Amazon Route 53 to get the current values for that resource record set.

If the DNS resolver receives another request for the same domain before the TTL expires, the resolver returns the cached value.

Registering Domain Names

To create a website or a web application,

Start with by registering the name of website, known as a domain name.

Domain name is the name, such as example.com, that users enter in a browser to display their websites.

How to register a domain name with Amazon Route 53?

1.Choose a domain name and confirm that it’s available, meaning that no one else has registered with the same domain name.

2.Then Register the domain name with Amazon Route 53. When user register a domain, user must provide names and contact information for the domain owner and other contacts.

3.When domain get registered with Amazon Route 53, the service automatically makes itself the DNS service for the domain by doing the following:

  • Creates a hosted zone that has the same name as that of domain.
  • Assigns a set of four name servers to the hosted zone. (these name servers tell the browser where to find your resources as per http://www.example.com, such as a web server or an Amazon S3 bucket).4.At the end of the registration process, AWS send user’s information to the registrar for the domain.5.The registrar sends user information to the registry for the domain.

    6.The registry stores the information about user’s entered domain in their own database and also stores some of the information in the public WHOIS database.

    Routing Internet traffic to particular web application or websites:

    All computers on the Internet, from smartphone or laptop to the servers that serve content various websites, communicate with one another by using numbers. These numbers, known as IP addresses (IPv4 or IPv6).

    A DNS service such as Amazon Route 53 helps to make connection between domain names of the websites and IP addresses.

Configuring Amazon Route 53 to route internet traffic for various domain:

To route traffic to user resources, user must create resource record sets, also known as records, in hosted zone.

Each record includes information about how user want to route traffic for their domain, such as the following:

  • Name
  • Type
  • Value

How Amazon Route 53 route traffic for particular Domain?

After configuring Amazon Route 53 to route internet traffic to particular resources such as web server or amazon S3 bucket.

Then

What happens in just a few milliseconds when someone requests content for http://www.example.com let see

11

Amazon Route 53 health checks monitor the health of user’s resources such as web servers and email servers.

User’s can optionally configure Amazon CloudWatch alarms for their health checks, so that they receive notification when a resource becomes unavailable.

Here’s shown that how health checking works if user want to be notified when a resource becomes unavailable

12

To create a health check then specify values that define how to check health, as following:

  • Specify the IP address or domain name of the endpoint, such as a web server, that user want Amazon Route 53 to monitor.
  • Specify the protocol that user want Amazon Route 53 to use to perform the check: HTTP, HTTPS, or TCP.
  • Specify How often user want that Amazon Route 53 to send a request to the endpoint. This is the request interval.
  • Specify How many consecutive times the endpoint must fail to respond to requests before Amazon Route 53 considers it unhealthy. This is the failure threshold.
  • Specify how user want to be notified when Amazon Route 53 detects that the endpoint is unhealthy. When user configure notification, Amazon Route 53 automatically sets a CloudWatch alarm. (CloudWatch uses Amazon SNS to notify users that an endpoint is unhealthy.) (optional)1.Amazon Route 53 starts to send requests to the endpoint at the interval that user specified in the health check.2.If the endpoint responds to the requests, Amazon Route 53 considers the endpoint to be healthy and takes no action.

    3.If the endpoint doesn’t respond to a request, Amazon Route 53 starts to count the number of consecutive requests that the endpoint doesn’t respond to

    • If the count reaches the value that user specified for the failure threshold, Amazon Route 53 considers the endpoint unhealthy.
    • If the endpoint starts to respond again before the count reaches the failure threshold, Amazon Route 53 resets the count to 0, and CloudWatch doesn’t show notification.

    4.If Amazon Route 53 considers the endpoint unhealthy and if user configured notification for the health check, Amazon Route 53 notifies CloudWatch

Amazon Route 53 can be accessed by using following interfaces

  • AWS Management Console
  • AWS SDKs
  • Amazon Route 53 API
  • AWS CLI
  • AWS tools for Windows Powershell

Amazon Route 53 integrates with AWS Identity and Access Management (IAM) to provide following services

  • Creating users and groups under the organization’s AWS account
  • Easily sharing of AWS account resources among the users in the account
  • Assigning unique security credentials to each user
  • Granularly control user access to services and resources

IAM and Amazon route 53 use two features to provide securities to user AWS resources

  • Authentication
  • Access Control

Authentication

AWS IAM authenticate the AWS user who is performing various operation on Amazon Route 53 resources, such as registering a domain or updating a resource record set etc.

After authenticating the user’s identity.

Access Control

IAM controls access to AWS by verifying that user have permissions to perform operations and to access resources.