Embed Size (px)
Citation preview
What is a Network ?What is a Network ?
A network is a collection of computers and A network is a collection of computers and devices connected by communications channels devices connected by communications channels that facilitates communications among users and that facilitates communications among users and allows users to share resources with other users. allows users to share resources with other users.
The connectivity can be wired or wireless.The connectivity can be wired or wireless. Networks are built with a mix of computer Networks are built with a mix of computer
hardware and computer software.hardware and computer software.
Network ClassificationNetwork Classification
By Range:-By Range:- Local Area Network ( LAN )Local Area Network ( LAN ) Metropolitan Area Network ( MAN )Metropolitan Area Network ( MAN ) Wide Area Network ( WAN )Wide Area Network ( WAN ) Personal Area Network ( PAN )Personal Area Network ( PAN )
By Functional Relationship:-By Functional Relationship:- Client-ServerClient-Server Peer to PeerPeer to Peer
By Network Topology:-By Network Topology:- Bus NetworksBus Networks Star NetworksStar Networks Ring NetworksRing Networks
RoutingRouting Routing (or routeing) is the process of Routing (or routeing) is the process of
selecting paths in a network along which selecting paths in a network along which to send network traffic.to send network traffic.
primarily with routing in electronic data primarily with routing in electronic data networks using packet networks using packet switching technology.switching technology.
Routing process usually directs Routing process usually directs forwarding of packets on the basis forwarding of packets on the basis of routing tables which maintain a of routing tables which maintain a record of the routes to various network record of the routes to various network destinations. destinations.
Classification of RoutingClassification of Routing
Based on the route telling scheme to the Based on the route telling scheme to the routerrouter
Static RoutingStatic Routing Routing tables are manually configured.Routing tables are manually configured. The advantage of this routing type is maximum The advantage of this routing type is maximum
computing resources are saved but are computing resources are saved but are conditioned. conditioned.
Dynamic RoutingDynamic Routing Routing tables are constructed automatically, Routing tables are constructed automatically,
based on information carried by routing protocols.based on information carried by routing protocols. Dynamic routing dominates the Internet because Dynamic routing dominates the Internet because
it allows the network to act nearly autonomous in it allows the network to act nearly autonomous in avoiding network failures and blockages.avoiding network failures and blockages.
Dynamic RoutingDynamic Routing
Distance VectorDistance Vector This approach assigns a number, the cost, to each of This approach assigns a number, the cost, to each of
the links between each node in the network. the links between each node in the network. Nodes will send information from point A to point B via Nodes will send information from point A to point B via
the path that results in the lowest total cost.the path that results in the lowest total cost.
Link State Link State Each node uses as its fundamental data a map of the Each node uses as its fundamental data a map of the
network in the form of a graph.network in the form of a graph. Each router then independently determines the least-Each router then independently determines the least-
cost path from itself to every other node using a cost path from itself to every other node using a standard shortest path algorithm such as Dijkstra's standard shortest path algorithm such as Dijkstra's algorithm.algorithm.
The result is a tree which The result is a tree which serves to construct the serves to construct the routing table, which specifies the best next hop to get routing table, which specifies the best next hop to get from the current node to any other node. from the current node to any other node.
Major Routing ProtocolsMajor Routing Protocols
Routing Information Protocol ( RIP )Routing Information Protocol ( RIP ) Open Shortest Path First ( OSPF)Open Shortest Path First ( OSPF) External Interior Gateway Routing External Interior Gateway Routing
Protocol Protocol
( EIGRP )( EIGRP )
RIPRIPRandom Facts:-Random Facts:-
Is a Dynamic Routing ProtocolIs a Dynamic Routing Protocol Uses Distance Vector Routing algorithmUses Distance Vector Routing algorithm RIP updates are used as keep alives and are RIP updates are used as keep alives and are
periodicperiodic Routing table is sent as updates Routing table is sent as updates Hello Timer is 30 secondsHello Timer is 30 seconds Dead(flush) Timer is 240 seconds i.e. 8 consecutive Dead(flush) Timer is 240 seconds i.e. 8 consecutive
packetspackets Updates are UDP based and uses destination port Updates are UDP based and uses destination port
no. 520no. 520 Hop Count is used as the metricHop Count is used as the metric RIP v1 does not support subnettingRIP v1 does not support subnetting RIP v2 supports subnettingRIP v2 supports subnetting
OSPFOSPF
Random Facts:-Random Facts:- Is a Link State Routing ProtocolIs a Link State Routing Protocol OSPF Hello Packets are used as keep alivesOSPF Hello Packets are used as keep alives Hello Timer is 10 secondsHello Timer is 10 seconds Dead Timers is 40 seconds i.e. 4 consecutive Hello Dead Timers is 40 seconds i.e. 4 consecutive Hello
PacketsPackets Information of networks is sent only during Information of networks is sent only during
neighbourship establishmentneighbourship establishment Metric = cost = 100/Bandwidth in MbpsMetric = cost = 100/Bandwidth in Mbps Linked State Database(LSD) is formed from the Link Linked State Database(LSD) is formed from the Link
State Updates(LSU), from which graph of whole State Updates(LSU), from which graph of whole network is created network is created
Auto-summarization is OFF by defaultAuto-summarization is OFF by default
Access ListsAccess Lists Is a group of permit/deny statementsIs a group of permit/deny statements The list is scanned from top to bottom--in the exact The list is scanned from top to bottom--in the exact
order that it was entered for a pattern that matches order that it was entered for a pattern that matches the incoming packetthe incoming packet
Can use a mask, which is like a wild card, to Can use a mask, which is like a wild card, to determine how much of an IP source or destination determine how much of an IP source or destination address to apply to the pattern match address to apply to the pattern match
To make a change, we have to re-enter the entire list To make a change, we have to re-enter the entire list Any packet not processed by the list is dropped by Any packet not processed by the list is dropped by
default.default. Is associated with an interface of the router, where Is associated with an interface of the router, where
we want to filter the traffic.we want to filter the traffic. Can be INBOUND i.e. applied for incoming traffic or Can be INBOUND i.e. applied for incoming traffic or
OUTBOUND i.e. applied for outgoing traffic of an OUTBOUND i.e. applied for outgoing traffic of an interfaceinterface
Types of Access ListTypes of Access List
StandardStandard Operates on the Network Layer (Layer 3)of the OSI Operates on the Network Layer (Layer 3)of the OSI
modelmodel Used to block/permit networks from reaching other Used to block/permit networks from reaching other
networks based on the source ip addresses and masknetworks based on the source ip addresses and mask Uses Access List range from 1 to 99Uses Access List range from 1 to 99
ExtendedExtended Operates on both Layer 3 and Layer 4 of OSI modelOperates on both Layer 3 and Layer 4 of OSI model Allow us to filter traffic not only by network address Allow us to filter traffic not only by network address
but also by the type of traffic that is being sent or but also by the type of traffic that is being sent or received and also on the basis of source as well as received and also on the basis of source as well as destination ip addresses and maskdestination ip addresses and mask
Uses Access List Range from 100 to 199Uses Access List Range from 100 to 199
Domain Name Domain Name System( DNS)System( DNS)
Standard technology for managing the names Standard technology for managing the names of Web sites and other Internet domain of Web sites and other Internet domain
DNS serverDNS server is any computer registered to join is any computer registered to join the Domain Name System the Domain Name System
DNS server runs special-purpose networking DNS server runs special-purpose networking software, features a public ip address, and software, features a public ip address, and contains a database of network names and contains a database of network names and addresses for other Internet hostsaddresses for other Internet hosts
DNS servers are organized in a hierarchy DNS servers are organized in a hierarchy At the top level of the hierarchy, so-called root At the top level of the hierarchy, so-called root
servers store the complete database of Internet servers store the complete database of Internet domain names and their corresponding IP domain names and their corresponding IP addresses addresses
DNS networking is based on DNS networking is based on the client/serrver architecture the client/serrver architecture
Case Study: College Case Study: College NetworkNetwork
Certain Facts:-Certain Facts:-The concepts of networking used to demonstrate and configure The concepts of networking used to demonstrate and configure
the networks are as follows:-the networks are as follows:- Routing ProtocolsRouting Protocols
Link State Routing Protocol ( OSPF )Link State Routing Protocol ( OSPF ) Distance Vector Routing Protocol ( RIP )Distance Vector Routing Protocol ( RIP )
Access-ListsAccess-Lists StandardStandard ExtendedExtended
Domain Name SystemDomain Name System
The elements of networks used in the configuration are as The elements of networks used in the configuration are as follows:-follows:-
Routers ( Cisco 2811)Routers ( Cisco 2811) Switches ( Cisco 2960 24 TT )Switches ( Cisco 2960 24 TT ) Network CablesNetwork Cables
Serial cablesSerial cables Straight Ethernet CablesStraight Ethernet Cables Crossover Ethernet CablesCrossover Ethernet Cables
ServersServers
Constraints on the Constraints on the Network:- Network:-
The DNS server is located in another The DNS server is located in another Autonomous System. We have to make Autonomous System. We have to make sure that all users in the college sure that all users in the college network get access to the DNS server.network get access to the DNS server.
Perform sufficient configuration at Perform sufficient configuration at appropriate places so that only the appropriate places so that only the users in Department 1 get access to the users in Department 1 get access to the College web server.College web server.
Enable internet access for all the clients Enable internet access for all the clients except PC5 and PC6 in Department 2except PC5 and PC6 in Department 2
Explanation: College Explanation: College NetworkNetwork
The college network comprises an The college network comprises an autonomous system which uses OSPF autonomous system which uses OSPF which is a Link State Routing Protocol.which is a Link State Routing Protocol.
There are 2 routers used in the network.There are 2 routers used in the network. 10.0.0.0/8 network is used for connecting 10.0.0.0/8 network is used for connecting
computers of department 1, thus using computers of department 1, thus using class A private addresses.class A private addresses.
192.168.21.0/24 network is used for 192.168.21.0/24 network is used for connecting computers of department 2, connecting computers of department 2, thus using class C private addresses.thus using class C private addresses.
The College Server uses 22.0.0.0/8 networkThe College Server uses 22.0.0.0/8 network
OSPF Network OSPF Network Topology:-Topology:-
Configuration of OSPF on Configuration of OSPF on RoutersRouters
To turn ON OSPF process globally on a To turn ON OSPF process globally on a routerrouter
Select the interfaces(networks) which we Select the interfaces(networks) which we want to advertisewant to advertise
Router# configure terminalRouter# configure terminal
Router(conf)# router OSPF <process id> Router(conf)# router OSPF <process id>
Router 1(conf-router)# network 10.0.0.0 Router 1(conf-router)# network 10.0.0.0 0.255.255.255 area 00.255.255.255 area 0
10.0.0.0 – The network which we want to advertise and enable routing on.0.255.255.255 – Wild Card Mask, allowing certain ip addresses to be advertised.Area 0 – The area ID, identifying all the machines in an area.
Routes at the College Routes at the College RouterRouter
The result of ‘show ip route’ command on The result of ‘show ip route’ command on College Router is:-College Router is:-
R2#show ip routeO 10.0.0.0/8 [110/65] via 20.0.0.1, 00:58:11, Serial0/1/1C 20.0.0.0/8 is directly connected, Serial0/1/1C 22.0.0.0/8 is directly connected, FastEthernet0/0C 23.0.0.0/8 is directly connected, Serial0/1/0O 30.0.0.0/8 [110/65] via 23.0.0.2, 00:58:11, Serial0/1/0O E2 34.0.0.0/8 [110/20] via 23.0.0.2, 00:58:11, Serial0/1/0O E2 35.0.0.0/8 [110/20] via 23.0.0.2, 00:58:11, Serial0/1/0O E2 45.0.0.0/8 [110/20] via 23.0.0.2, 00:58:11, Serial0/1/0O E2 56.0.0.0/8 [110/20] via 23.0.0.2, 00:58:11, Serial0/1/0C 192.168.21.0/24 is directly connected, FastEthernet0/1O*E2 0.0.0.0/0 [110/1] via 23.0.0.2, 00:58:11, Serial0/1/0
RIP Network TopologyRIP Network Topology (used (used
by the ISP) by the ISP)
Configuration of RIP on Configuration of RIP on RoutersRouters
To turn ON RIP process globally on a To turn ON RIP process globally on a routerrouter
Select the interfaces(networks) which we Select the interfaces(networks) which we want to advertisewant to advertise
Router4# configure terminalRouter4# configure terminal
Router4(conf)# router RIPRouter4(conf)# router RIP
Router 4(conf-router)# network 34.0.0.0Router 4(conf-router)# network 34.0.0.0
Router 4(conf-router)# network 45.0.0.0Router 4(conf-router)# network 45.0.0.0
10.0.0.0 – The network which we want to advertise and enable routing on.
Routes at the ISP RouterRoutes at the ISP RouterThe result of ‘show ip route’ command on an The result of ‘show ip route’ command on an
ISP Router is:-ISP Router is:-R4#show ip routeR 10.0.0.0/8 [120/2] via 34.0.0.1, 00:00:29, Serial0/1/1 [120/2] via 45.0.0.1, 00:00:00, Serial0/0/0R 20.0.0.0/8 [120/2] via 34.0.0.1, 00:00:29, Serial0/1/1 [120/2] via 45.0.0.1, 00:00:00, Serial0/0/0R 22.0.0.0/8 [120/2] via 34.0.0.1, 00:00:29, Serial0/1/1 [120/2] via 45.0.0.1, 00:00:00, Serial0/0/0R 23.0.0.0/8 [120/2] via 34.0.0.1, 00:00:24, Serial0/1/1R 30.0.0.0/8 [120/2] via 34.0.0.1, 00:00:24, Serial0/1/1C 34.0.0.0/8 is directly connected, Serial0/1/1C 45.0.0.0/8 is directly connected, Serial0/0/0R 56.0.0.0/8 [120/1] via 45.0.0.1, 00:00:00, Serial0/0/0R 192.168.21.0/24 [120/2] via 34.0.0.1, 00:00:29, Serial0/1/1 [120/2] via 45.0.0.1, 00:00:00, Serial0/0/0
R* 0.0.0.0/0 [120/1] via 45.0.0.1, 00:00:00, Serial0/0/0
The TCP/IP configuration of The TCP/IP configuration of computers:-computers:-
Entries in the DNS Entries in the DNS Server:-Server:-
Entries of Access Lists:-Entries of Access Lists:- Access List 100 used for applying the second constraintAccess List 100 used for applying the second constraint
R2#show ip access-lists 100Extended IP access list 100 deny tcp host 192.168.21.50 host 60.0.0.60 deny tcp host 192.168.21.60 host 60.0.0.60 deny tcp host 192.168.21.60 host 70.0.0.70 deny tcp host 192.168.21.50 host 70.0.0.70 permit ip any any
Access List 101 used for applying the third constraintAccess List 101 used for applying the third constraint
R2#show ip access-lists 101Extended IP access list 101 permit ip 10.0.0.0 0.255.255.255 host 22.0.0.2 deny ip any any
Different parts of an Different parts of an Access ListAccess List
deny tcp host 192.168.21.50 host 60.0.0.60
Deny – Specifies the permission whether to permit/deny the accessTcp – This specifies the type of traffic we want to permit/deny
The type of traffic we can control is:-IP – Represents all the traffic flowing on the internet.TCP – Represents only the packets which use Transmission Control ProtocolUDP - Represents only the packets which use the User Datagram ProtocolICMP - Represents only the packets which use Internet Control Message ProtocolHost 192.168.21.50 – This section specifies the source machine we want to control access toHost 60.0.0.60 - This section specifies the destination machine we want to control access toInstead, if we want to control the access to all the machines, we do it by writing ‘any’ like:-Permit ip any any
Thank You!!!Thank You!!!
