Monday, June 29, 2015

Neighbour Formation Stages in OSPF

Previous post about OSPF... click here open-shortest-path-first.

Neighbour Formation Stages in OSPF



1. Down stage
It is attempt stage/ starting stage
        This is the first OSPF neighbour state. It means that no information (hellos) has been received from this neighbour, but hello packets can still be sent to the neighbour in this state.
2. Init
       This state specifies that the router has received a hello packet from its neighbour, but the receiving router's ID was not included in the hello packet. When a router receives a hello packet from a neighbour, it should list the sender's router ID in its hello packet as an acknowledgment that it received a valid hello packet.
3. 2-Way stage
       This state designates that bi-directional communication has been established between two routers. Bi-directional means that each router has seen the other's hello packet.
       At tilohe end of this stage, the DR and BDR for broadcast and non-broadcast multi-access networks are elected.

Saturday, June 27, 2015

OSPF (Open Shortest Path first)

OSPF

  • It is works on Dijkstra Algorithm
  •  It is purely a classless protocol
  • It supports only VLSM
  • It is a 2-layer hierarchy
  • Minimizing the routing updates traffic
    •  With in the Area only all the information will send to all routers in that area (LSA)
    • The ABR will send Auto summary information to the backbone area ( So burden will reduced on the main system)
  • The Multi-cast address are
    • 224.0.0.5 - All other routers will communicate through this Multicast address.
    •  224.0.0.6 - All routers with DR router will communicate through this.
    •  NOTE: DR and BDR will Understand both packets from 224.0.0.5/6
  • Its AD value is 110
  • Its protocol number is 89
  • Metric is calculated by using “ BANDWIDTH”
    •  Cost of path =  Reference Bandwidth/My outgoing link BW
    •  Note: Reference BW in OSPF is 100 Mbps ( We can also change the Reference BW)
    •  EX: Serial – 1.54 Mbps = 64 cost, Fast Ethernet - 100Mbps = cost 1, Ethernet – 10Mbps = cost 10

Saturday, June 20, 2015

LDAP Configuration



Scenario:  Our aim is to configure the firewall such that all users should be authenticated through the LDAP server placed in our local network.

Step 1>
Configure the basic LAN and WAN settings on the Firewall.

Sunday, June 14, 2015

Unified threat management

UTM features


To use UTM features you have to purchase the UTM license and apply it to your device
We first have to configure the basic LAN and WAN settings on the Firewall.

File blocking
1.      Go to UTMàAntivirusà click on Create New
2.      Give the name and then click OK,  then again click on Create New

Saturday, June 13, 2015

Passive Interface and Stuck in Active concepts in EIGRP

Stuck in Active:
When a router lost any one route (route went down) then it will start query about that down route to the neighbor routers. And the neighbor router will send query to next and so on until they get reply about that route. During this mean time all routers went too stuck in active mode.
STUB Router is used to eliminate this stuck in active problem. Stub router won’t receive query, reply to query etc.
#router eigrp 100
#eigrp stub
NOTE:
Ø  Stub router won’t send the redistributed routes from any router to other
# eigrp stub redistribute                     (won’t work)

Enhanced Interior Gateway Routing Protocol

EIGRP (Enhanced Interior Gateway Routing Protocol) it is derived from IGRP
IGRP is a Distance vector routing protocol.

·         EIGRP is a Hybrid (or) Advance distance vector routing protocol
·         The AD value of EIGRP is
·         90     (EIGRP-INTERNAL),
·          170     (EIGRP-EXTERNAL)
·         Protocol  number is 88
·         It works on RTP (Reliable transport protocol)
·         It is fast convergence
·         It works as class full/ classless (no auto summary)
·         It works on AS number  (Autonomous system)  {in order to form neighbor ship the AS number should match}
·         Fast convergence
·         100% loop Free

Wednesday, June 10, 2015

Sunday, June 7, 2015

RIP (Routing Information Protocol)

Rip is a distance vector protocol

  •  How far and in which direction the route presents (no:of Hops between the source and destination)

Distance vector protocol:
The name distance vector is derived from the fact that routes are advertised as vectors of (distance, direction), where distance is defined in terms of a metric and direction is defined in terms of the next-hop router. For example, "Destination A is a distance of 5 hops away, in the direction of next-hop router X." As that statement implies, each router learns routes from its neighboring routers' perspectives and then advertises the routes from its own perspective. Because each router depends on its neighbors for information, which the neighbors in turn may have learned from their neighbors, and so on, distance vector routing is sometimes facetiously referred to as "routing by rumor."
  1.      In rip max hop count is 15
  2.      Rip AD value is 120
  3.      It runs on UDP
  4.      Protocol number 520

Dynamic Routing & Administrative Distance (AD)

Dynamic Routing is again subdivided into two types:
a)      IGP – it will exchange private network information within the AS
b)      EGP – it will exchange public network information within the AS

Exterior Gateway Protocol (EGP)                       Interior Gateway Routing Protocol (IGP)
* BGP (Border Gateway Protocol)                             * RIP (Routing Information Protocol)
* EIGRP (Enhanced Interior Gateway Routing Protocol)
* OSPF (Open Shortest Path First)
                       

Administrative Distance (AD Values):
Depends on the AD value router will prefer the Routes (Thrust worthiness)

Routing Basics

Routing:
The procedure of connecting two or more different networks
(Or)
The procedure of define routes, protocols and to find best path in them by using algorithms and provide security.

Routing protocol:
It is used to determine the best path for the packets are data to travel from source to destination

Routed protocol:
Which carries the data in the established path is called Routed Protocol. Routed protocols are always assigned to an interface and determine the method of packet delivery.
Ex of routed protocols is TCP, UDP, IP, IPX, SPX, Apple talk.

Different Modes in a router & Booting Sequence

Different Types of Modes in a router:
  1. User Mode à Router>
  2. Privilege Mode à Router#
  3. Global configuration Mode à Router(Config)#
  4. Interface Global configuration Mode/ Interface Mode à Router(config-if)#
  5. Line Mode à #Line Vty

   Line Modes:
   à Auxiliary mode
   à Console mode Vty - Used for Telnet & SSH

Setup for ISP Failover

  


Scenario: We want to create a network in which if one ISP fails the traffic should go through the   second ISP without our network going down.

VIP (Dynamic IP Pool)

Scenario: Configure the DIP Pool on firewall so that all users behind the firewall will be accessing internet using any IP address in the DIP pool.

VIP (Mapped IP) Configuration


Our aim is to access the server remotely using Static IP mapped to local machine.

VIP (Virtual IP – Port Forwarding)


Scenario: We have hosted a machine in the network with http (Port 80) and https (Port 443) running on it. When a remote machine will access the port 8080 it will be forwarded to port 80 to the hosted machine and port 1443 would be forwarded to 443 to the hosted machine

Service Based Access (Port Blocking)

Scenario: We have to configure firewall such that computers can access only limited number of service to the internet.

Saturday, May 30, 2015

DHCP and 3 Way-handshake

DHCP: Dynamic Host Configuration Protocol
·         It will assign IP address dynamically to the clients
·         It will works on DORA process
·         Port numbers are 67 – for client, 68 – for server
·         DORA – Discover Offer Request Acknowledgment

Default Gateway and APIPA

Default Gateway:
All the PC’s connected with in the Network is communicated with other network devices by using this Default-Gateway only

ISP Bandwidth Management (Traffic Shaping)



   
Scenario: Allocating particular amount of bandwidth for users in LAN
Step1>
We first need to configure the basic LAN and WAN settings on the firewall.

Local Firewall Authentication Based Access


     
Scenario: We have to configure firewall such that only user which get authenticate via local firewall authentication can access the internet.
Step1>
We first need to configure the basic LAN and WAN settings on the firewall.

Internet Access for specific IP Range


              
Scenario: We have to configure firewall such that only computer with specific IP can access the internet.

Initial Setup of the Fortinet firewall


By default the unit will be in factory settings.
(Note: Local computer should have the same IP range i.e. 192.168.1.x)
The Fortinet Firewall has a predefined IP which is 192.168.1.99 on its internal interface.
We have to connect the ISP cable to the either WAN1 or WAN2 port and the local computers should be connected to the any of the 6 ports on the internal side of the firewall.

Step 1
Then to access the GUI of the Fortinet Firewall we need to put the IP address https://192.168.1.99 in the browser of the explorer


 The above screen will come up.


IP addressing

Comparision between IP address and MAC address

IP (Internet Protocol)/ 
logical address
MAC (Media access control) address/ 
Physical address
It is a 32 bit address                        [8.8.8.8]
It is a 48 bit address            [8:8:8:8:8:8]
It is represented in doted decimal representation
It is represented in hexadecimal representation
It is used to uniquely identify a device within different network
It is used to uniquely identify a device within the same network

Note: first 24 bits represents manufacturer
          Last 24 bits represents device

List of Protocols and there Port numbers

Protocol
Port number
Protocol Used
FTP
File Transfer Protocol
20 - for data
21 - for connection establishing
TCP/UDP
TCP
SFTP
Secure File Transfer Protocol
22
TCP
SSH
Secure Shell Protocol
22
TCP
Telnet
23
TCP
SMTP
Simple Mail Transfer Protocol
25
TCP

TCP/IP Utilities

TCP/IP Utilities

it is used to troubleshoot and to maintain a Network without any Problems

  • PING (Packet Internet Gopher)

  Ping is used to find the connected device is alive are not. Ping uses a special protocol called ICMP (Internet Control Message Protocol)
  We can check it for Connected devices, websites, DNS, DHCP and Print server etc

  • Tracert

It is similar to Ping, it identifies the path through which the packets is going to reach the Destination.

Monday, May 18, 2015

OSI Model:

OSI Model:
Open System Interconnection is a reference model to describe how data communication takes place between one computer to other computer in a network.
it was proposed by International Organization for Standardization (ISO)

  •  OSI is evolved from experiences with ARPANET


Format                       Layer                                             Brief Function
--------------------------------------------------------------------------------------------------------------------------
Data                 -- Application Layer               -- DHCP, FTP, HTTP
Data                 -- Presentation Layer            -- File type ex: JPEG, TXT; Compression
Data                 -- Session Layer                   -- Security, connection establishment,                                                                                           connection release, type of communication
Segment            -- Transport Layer              -- Error control, messages to segments,                                                                                       TCP/UDP
Packet              -- Network Layer                 -- Logical Address & Translation logical to                                                                                    Physical address
Frame              -- Data link Layer                 -- Raw data to logical structure called Frame, A  

Sunday, May 17, 2015

Cable types

 Types of connecting cables:

1. Straight cable
2. Cross cable
3. Roll over cable


Note:
  • For similar devices we will use Cross Cables.
  • For different Devices we will use Straight Cables.
  • For configuration through console port we will use Roll over Cable.


Types of Media used in Networking

Physical Media:

1.      Coaxial cables:

Ethernet based LANs using thick cable for inter-connection is referred as Thicknet. While ethernet systems using thinner coaxial cable is referred as Thinnet.
Thicknet is also referred as 10Base5 systems, where 10 means 10Mbps speed. Base means baseband and 5 denotes 500 meter max. distance between nodes/repeaters. RG-8/U cable is used as thick cable in thicknet based LAN network.
Thinnet is also referred as 10Base2, where 2 denotes 200 m max.distance between two nodes/repeaters. RG-58/U is used as thin cable in thinnet based LAN network.