* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Eng. Ashraf presentation for the academy exam
IEEE 802.1aq wikipedia , lookup
Point-to-Point Protocol over Ethernet wikipedia , lookup
Wireless security wikipedia , lookup
Power over Ethernet wikipedia , lookup
Parallel port wikipedia , lookup
Internet protocol suite wikipedia , lookup
Deep packet inspection wikipedia , lookup
Serial digital interface wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Computer network wikipedia , lookup
Airborne Networking wikipedia , lookup
Network tap wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
UniPro protocol stack wikipedia , lookup
Wake-on-LAN wikipedia , lookup
For the courtesy of others… 1 Cell phones may be put on vibrate mode, but please take the call outside of the room. LAN, WAN, Internetworks Local Area Network (LAN) - An individual network administered by a single organization , usually spans a single geographical area. Wide Area Network (WAN)- Individual organizations usually lease connections through a telecommunications service provider (TSP) . 2 T1, DS3, OC3 PPP, HDLC Frame Relay, ATM ISDN, POTS Communication starts with a an application Today’s popular communication tools 1- Instant Messaging A real-time communication by typing text. Developed from earlier Internet Relay Chat (IRC) services . Incorporates features such as: file transfer, voice ,video communication (web cam), chat . Protocol Data Units and Encapsulation – another example Segmentation and Encapsulation Email Message Data Data Data Header Data Header Header Data Data Trailer 0010100111011001010000011111010100010101 Protocol Data Units and Encapsulation Decapsulation and Reassembly Email Message Data Data Data Header Data Header Header Data Data Trailer 0010100111011001010000011111010100010101 Putting It all Together 1. Converted to Binary. 2. NIC generates signals that represent these bits. 3. Passed among LAN devices. 4. Exit the local area (router). Putting It all Together 6. Passed among local devices at the destination. 7. The destination device converts the bits into human readable form. IP Addresses – First look Network Address 172.16.0.0 172.16.10.100/16 Network Address 192.168.1.0/30 ISP 172.16.10.55/ 16 Internet 192.168.1.2/30 172.16.1.1/16 192.168.1.1/30 C:\> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 172.16.10.100 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 172.16.1.1 8 172.16.10.3/1 6 Routing Each host contain a routing table that contains at the minimum a “gateway”. The router also needs a routing table that defines where to forward the packet next. This is called the next-hop address or default route. Network device use the Default gateway to send the data to every device on the Internet it doesn’t know its addresses. 9 Domain Name System (DNS) 2 1 www.cisco.com 3 www.cisco.com = 198.133.219.25 • DNS and the Browser: 1. The resolver sends the DNS request to the DNS Server. 2. The server then searches its records and resolves the name with to a corresponding IP Address. Domain Name System (DNS) • The resolver send requests to the DNS server identified in the configuration • From the IP configuration on the device. IP Address 192.168.25.25 Subnet Mask 255.255.255.0 Default Gateway 192.168.25.1 DNS Server 208.67.222.222 Name Resolution Need the IP address DNS queries are two types of queries: Recursive queries Queries performed by Host to Local DNS Server Iterative queries 12 Queries performed Local DNS server to other servers Domain Name System (DNS) • Utility - nslookup: • Windows operating systems provide the nslookup utility. • Use to query a domain name and get the IP Address. Components of the Network Devices (hardware) : End devices or intermediate devices. Media : Wired or wireless media. Services (software) :Network applications, routing protocols, processes, algorithms 14 End devices Source Address Destination Address 209.67.102.55 107.16.4.21 Each host is identified by two addresses. • IP (Internet Protocol) address and a MAC address (later). The address of the destination host is used to specify where the message should be sent. 15 Network Representations Network Interface Card (NIC) or LAN adapter : Provides the physical connection to the network for the host device. The media connecting the PC to the networking device plugs directly into the NIC. 16 Two Address Types • Each device has two addresses. • A burned in Layer 2 / MAC address: • A logical , Layer 3 / Network “protocol” Address: This might be assigned statically or dynamically using DHCP. DHCP DHCP Information can include: • • • • • IP address. Subnet mask. Default gateway. Domain name. DNS Server. DHCP servers can be: • Server on LAN. • Router. • Server at ISP “Accessed remotely on t he WAN. 18 IP Packets: Carrying Data End to End • Host X sends a packet to Host Y. Remember: Two addresses are needed to move a packet from the source to the destination. • MAC Address • IP Address Media The medium provides the channel over which the messages travel from source to destination. Glass or plastic fibers Wireless Transmission Metallic wires within cables Media Coaxial cable and connectors Central conductor. Insulation. Copper braid acting as return path for current and also as shield against interference (noise). Outer jacket. Used formerly in Token LANs – died out as UTP was cheaper and gave higher speeds. Standards and Implementation Ethernet 802.3 Ethernet 802.2 Logical Link Control (LLC) 802.3 Media Access Control (MAC) Distance Connector 10BASE5 500m Coax 10BASE2 185m Coax 10BASE-T 100m UTP-RJ45 1000BASE-T 100m UTP-RJ45 1000BASE-SX 550m MM Fiber -SC 1000BASE-LX 5000m MM/SM Fiber-SC Unshielded twisted pair (UTP) cable Eight wires twisted together into four pairs and with an outer jacket. Jackets protects copper from physical damage. Commonly used for Ethernet LANs. The number of twists per metre is carefully controlled. (Protect from interference) Straight through cable Both ends the same Connect PC to switch or hub Connect router to switch or hub Installed cabling is straight through. Connects unlike devices DCE-DTE. Crossover cable Wire 1 swaps with 3 Wire 2 swaps with 6 Connect similar devices to each other Connect PC to router , switches to hubs , DTE to DTE or DCE to DCE. Rollover cable Cisco proprietary. Wire order completely reversed. Console connection from PC serial port to router – to configure router. Special cable or RJ45 to D9 adaptor. Cabling – Show the straight-through and cross-over cables Straight-through cable Cross-over cable router switch hub 26 hub switc h hub hub hub hub switch or hub Intermediary Devices switch or hub routers LAN WAN Processes running on the intermediary network devices perform these functions: Regenerate and retransmit data signals. Determine all network path ways available. Network address translation. Permit or deny and manage the flow of data, based on security settings. 27 Serial 0 192.168.10.1 255.255.255.252 Routers Used to link networks together. Routes packets to the best path based on Layer 3 IP Destination Address. Each routers interface is connected to a different network and has an IP address/mask as a gateway for that network users. Each interface has an IP address/mask on it’s network. 172.16.1.1 255.255.255.0 MAC: 0cddeeffaabb Ethernet 0 172.16.2.1 255.255.255.0 MAC: 0abbccddeeff Ethernet 1 Choice of router Expandability – Fixed or modular interfaces ? Media – serial , UTP or fibre optic ports ? how many ports of each? Operating System Features – what do you want the router to do? Will you have enough memory to upgrade the operating system? Do you need security supported IOS , VOIP,QOS. Packet Forwarding Routing is done packet-by-packet based on the destination IP address. 30 Routing – First Look Network 192.168.1.0/24 Destination Network Next Hop Network 192.168.2.0/24 192.168.1.254/24 Metric C 192.168.2.0/24 is direction connected, FastEthernet0/1 Routers know about routes either statically or dynamically using a routing protocol: • Directly connected networks (C): Network addresses of its interfaces • Remote networks : learned by static or dynamic Routing Protocol (R = RIP) 31 Destination Network - Routing Table Entries • The default route in a routing table performs as a default gateway in a PC. • If a route for a packet cannot be found in the routing table, and a default route is present, that route will be used to forward the packet. • A next-hop is the address of the device that will process the packet next. Packet Forwarding: Route Found Data for Host 10.1.2.2 / 24 L2 IP TCP DATA Network 10.1.1.0 L2 IP TCP DATA Network 10.1.2.0 IP Address 10.1.2.2 is on network 10.1.2.0 L2 IP TCP DATA L2 Packet Forwarding: Default Route Data for Host 207.1.1.1 / 24 L2 IP TCP DATA Network 10.1.1.0 L2 IP TCP DATA Network 10.1.2.0 IP Address 207.1.1.1 is on network 207.1.1.0 L2 IP TCP DATA L2 Packet Forwarding: Route Not Found Data for Host 207.1.1.1 / 24 L2 IP TCP DATA Network 10.1.1.0 L2 IP TCP ? DATA Network 10.1.2.0 IP Address 207.1.1.1 is on network 207.1.1.0 Private IP Addresses RFC 1918 • 10.0.0.0 to 10.255.255.255 (10.0.0.0 /8) • 172.16.0.0 to 172.31.255.255 (172.16.0.0 /12) • 192.168.0.0 to 192.168.255.255 (192.168.0.0 /16) • Need NAT/PAT if it requires to access the internet (next). • These addresses should not be routed in the Internet “Should be blocked by your ISP. 36 Data communications equipment and Data terminal equipment • Data Communications Equipment (DCE) – is a device that supplies the clocking services to another device. The clocking service is needed in WAN to synchronize the transmitted signal. Typically, this device is at the WAN provider end of the link. • Data Terminal Equipment (DTE) – is device that receives clocking services from another device . This device is at the WAN customer or user end of the link. • A router is by default a DTE device . Nevertheless, it can be configured to be a DCE by assigning a clock rate to the router. The purpose of Cisco IOS Software As with a computer, a router or switch or other Cisco devices cannot function without an operating system “IOS:. Cisco “IOS” Internetwork Operating System is stored in the flash memory but can be over written”. The IOS is copied into RAM to run from there when the device is powered on . This function increases the performance of the device. The IOS can be accessed using http or command line interface. Router internal components Similar to PC CPU Memory • RAM • Flash • NVRAM • Rom • • • Buses Interfaces Power Supply Router storage areas ROM Flash Permanent. Holds POST, boot instructions, basic IOS. NVRAM Keeps contents Holds startup configuration file Keeps contents Holds one or more IOS images RAM Volatile Holds runnning config, tables, queues etc Initial startup of Cisco routers When a Cisco router powers up, it performs a power-on self test (POST). During this self test, the router executes diagnostics from ROM on all hardware modules. After the POST, the following events occur as the router initializes: Configuring the Router Rollover cable – Console interface Used to initially configure and troubleshoot a router. Our rollover cables a DB9 connector at one end and do not need an adaptor. Match serial port on PC Hyper terminal Set up the PC’s serial port as follows: • • • • • Bits per second: 9600 bps Data bits: 8 Parity: None Stop bits: 1 Flow control: None Backing Up Configuration Files – Capture Text Using Hyper Terminal 44 Examining the initial router bootup Configuring the Router remotely - AUX Auxiliary (AUX) Interface: Used for remote management of a Cisco router. Typically, a modem is connected to the AUX interface for dial-in access. Telnet Telnet Server Telnet Used to remotely access and configure a device (host, router, switch). To configure a remote router , it should have an active interface with an (IP address). A connection using Telnet is called a Virtual Terminal (VTY) session, or connection. Telnet access devices using the command line interface (CLI). Configuring routers using Telnet should be protected through authentication. Power-up the router (and switch) – No configuration If the routers do not have a saved configuration. After several lines of information on the screen you should eventually see: Would you like to enter the initial configuration dialog? [yes/no]: n Always answer “n” fo no. We will never be using setup mode. If you accidentally press “y” and enter Setup Mode, press and hold down the control key and press C (CTRL-C). Wait a few seconds, and then press Enter. On some routers you may see the following message. Would you like to terminate autoinstall? [yes/no]: y <There will be several lines of output> Router> Configuration Files The configuration that defines the desired functionality of a Cisco device. Two types of configuration files: Start up configuration : • Stored in the Non-Volatile RAM (NVRAM) . • Used as the backup configuration . • If configured , it is loaded to the RAM as the router boots or reloads o be running configuration . Running configuration • Changes in running config will be parsed (translated , executed and take effect) by the Cisco IOS immediately or as the system boots. • Should be saved to be included in the startup – config. • A configuration file may also be stored remotely on a server as a backup. 49 The CLI uses a hierarchical structure for the modes. The mode is identified by the prompt that is unique to that mode. Each mode is used to accomplish particular tasks and has a specific set of commands that are available when in that mode. 50 User Exec Mode At the top of the modal hierarchical structure and the It is the first entrance into the CLI of an IOS router that allows only a limited number of basic monitoring commands. Often referred to as view-only mode It is identified by the CLI prompt that ends with the > symbol. Ex: Router> Switch> By default, there is no authentication required to access the user EXEC mode from the console. 51 Privileged Exec Mode For configuration and management commands. Also called the enable mode. It can be identified by the prompt ending with the # symbol. Ex: Router# Switch# The enable and disable commands are used to change the CLI between the user EXEC mode and the privileged EXEC mode, respectively. 52 Getting Help (Router and Switch) Router> ? Exec commands: access-enable entry access-profile clear <text omitted> ping ppp (PPP) --More-- • • • Create a temporary Access-List Apply user-profile to interface Reset functions Send echo messages Start IETF Point-to-Point Protocol Press the Space Bar to scroll a “screen’s worth” of more commands. Press the Enter or Return key to scroll down just one line of the list. Press any other key to halt the list output. Router>ena Router#configure terminal <Must be in privileged mode> Enter configuration commands, one per line. End with CNTL/Z. Router(config)#? Configure commands: access-list Add an access list entry <text omitted> Router(config)#exit 00:03:20: %SYS-5-CONFIG_I: Configured from console by con Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#exit 00:03:34: %SYS-5-CONFIG_I: Configured from console by console Router# Hostname Router#config t Router(config)#hostname R1 R1(config)# • • Changes the name, the prompt on the router. Very important to do early on so you don’t get confused about which router you are configuring. Configuring router passwords Not recommended, clear text Encrypts the passwords above, but… Use this command instead, password is encryped Router(config)#enable secret <password> Limiting Device Access Every device should have locally configured passwords to limit access. The passwords introduced here are: - Console password - limits device access to the console connection. - Enable password - limits access to the privileged EXEC mode. - Enable secret password - encrypted, limits access to the privileged EXEC mode. - VTY password - limits device access using Telnet You will see meaningless characters In config file 57 Router#show running-config Current configuration : 542 bytes ! version 12.2 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface Serial0/0 no ip address shutdown ! line con 0 line aux 0 line vty 0 4 ! end Router# running-config • This current configuration file stored in the RAM memory. “lost when the router loses power or reloads” • Privilege mode command. • Can be reached only from privilege mode because they display password information. Startup-config Router#show startup-config startup-config is not present Router# • This file is the configuration file saved in NVRAM. • If it exists in the NVRAM , it is copied into running-config as the router boots up. • The router uses the runningconfig that should be saved to startup config from time to time. Copy running-config to startup-config Router# copy running-config startup-config OR Router# copy run start Router#copy running-config startup-config Destination filename [startup-config]? <Press Enter> Building configuration... [OK] Router#show startup-config Current configuration : 542 bytes ! version 12.2 ! interface FastEthernet0/0 <text omitted> Erase startup-config Router#erase startup-config Erasing the nvram filesystem will remove all files! Continue? [confirm] <Press Enter> [OK] Erase of nvram: complete Router#Reload • When you are done with the routers in the lab, please be sure to erase the startup-config. • If you are starting a lab, and you do not get the message: Would you like to enter the initial configuration dialog? [yes/no]: • • You will need to erase the startup-config and reboot. Privilege mode command. Configuring an Ethernet interface Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#inter fastethernet 0/0 Router(config-if)#ip add 172.30.1.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)#end Router# • • • Your interfaces may differ. Adding an IP address and subnet mask no shutdown – turns on the interface. Configuring Router Serial Interfaces Serial interfaces are used to connect WANs to routers at a remote site or ISP. If a DCE device such as a CSU/DSU is used , it will provide the clock. By default, Cisco routers are DTE devices, but they can be configured as DCE devices. 63 Troubleshooting The ping command Pings may fail 172.30.1.20 172.30.1.25 Ping is the best way to test layer 3 connectivity Ping uses the ICMP protocol to check for connectivity. ping ip address i.e “ping 172.30.1.25” Test the Stack Test 1: Local Loopback (ping 127.0.0.1)– successful, host 1 has the IP stack properly configured. Test 2: Local NIC (ping own ip address) – Test 3: Ping Local Gateway (192.168.23.254) – successful, The default gateway is operational. This also verifies the operation of the local network. Test 4: Ping Remote Host (192.168.11.1) – failed, the problem probably appears to be somewhere beyond the local network. Test 5: Traceroute to Remote Host (192.168.11.1) - Failure at First Hop 66 Trace (Traceroute) Tracert , is used to trace the probable path a packet takes between source and destination. Trace will show the path the packet takes to the destination, but the return path may be different.(Internet is an example) • Uses ICMP message within an IP Packet • Both are layer 3 protocols. 67 Testing Sequence - Putting it all Together C:\>tracert 192.168.11.1 Tracing route to 192.168.11.1 over a maximum of 30 hops 1 * * * Request timed out. 2 * * * Request timed out. 3 ^C **** the possible problem might be the default gateway setting in host 68 Trace 10.0.0.0/8 172.16.0.0/16 RTA RTB .1 .2 192.168.10.0/24 RTC .1 .2 RTD .1 .2 DA = 192.168.10.2, TTL = 1 ICMP Time Exceeded, SA = 10.0.0.2 RTA# traceroute 192.168.10.2 Traceroute uses ping (echo requests) Traceroute sets the TTL (Time To Live) field in the IP Header, initially to “1” RTB - TTL: When a router receives an IP Packet, it decrements the TTL by 1. If the TTL is 0, it will not forward the IP Packet, and send back to the source an ICMP “time exceeded” message. Broadcast and network addresses , make sure these are not given to hosts. The router interface IP here is a wrong IP since it represents the subnetwork address for all devices on the network. Example: Sales department can’t get to ServerA in the mark. The client said she can ping the gateway. By looking at the figure, can you determine the problem? By looking at the figure, you can determine that the default gateway on the Lab_B router is incorrect. That address is the broadcast address of the 64 subnet, so there’s no way it could be a valid host. 95 is 010 11111 Example: A user in the Sales LAN can’t get to ServerB. Using ping , the host can communicate to the local network but not to the remote network. Find and define the IP addressing problem. Solution: ServerB has been configured with the broadcast address of the subnet. It is 01010111 show ip interface command Router# show ip interface brief Interface Ethernet0 Serial0 IP-Address 131.108.1.11 198.135.2.49 OK? YES YES Method manual manual Status up administratively down Protocol up down What is wrong here? The administrator has either done a “shutdown” on the interface or has forgotten to do a “no shutdown”. A serial interface will not show “up” and “up” unless both ends are properly configured (mostly) and a the no shutdown command is used. If one router’s configuration looks okay, check the other router’s configuration. Up or down Interface status: Layer 1 • Up • Down • Administratively down (no shutdown to bring up) Protocol: Layer 2 • Up • Down (no keepalive signal received)