NetworKING A2Z: 2015

Monday, June 29, 2015

Neighbour Formation Stages in OSPF

Previous post about OSPF... click here open-shortest-path-first.

Neighbour Formation Stages in OSPF

1. Down stage	It is attempt stage/ starting stage This is the first OSPF neighbour state. It means that no information (hellos) has been received from this neighbour, but hello packets can still be sent to the neighbour in this state.
2. Init	This state specifies that the router has received a hello packet from its neighbour, but the receiving router's ID was not included in the hello packet. When a router receives a hello packet from a neighbour, it should list the sender's router ID in its hello packet as an acknowledgment that it received a valid hello packet.
3. 2-Way stage	This state designates that bi-directional communication has been established between two routers. Bi-directional means that each router has seen the other's hello packet. At tilohe end of this stage, the DR and BDR for broadcast and non-broadcast multi-access networks are elected.

OSPF (Open Shortest Path first)

OSPF

It is works on Dijkstra Algorithm
It is purely a classless protocol
It supports only VLSM
It is a 2-layer hierarchy
Minimizing the routing updates traffic

With in the Area only all the information will send to all routers in that area (LSA)
The ABR will send Auto summary information to the backbone area ( So burden will reduced on the main system)

The Multi-cast address are

224.0.0.5 - All other routers will communicate through this Multicast address.
224.0.0.6 - All routers with DR router will communicate through this.
NOTE: DR and BDR will Understand both packets from 224.0.0.5/6

Its AD value is 110
Its protocol number is 89
Metric is calculated by using “ BANDWIDTH”

Cost of path = Reference Bandwidth/My outgoing link BW
Note: Reference BW in OSPF is 100 Mbps ( We can also change the Reference BW)
EX: Serial – 1.54 Mbps = 64 cost, Fast Ethernet - 100Mbps = cost 1, Ethernet – 10Mbps = cost 10

LDAP Configuration

Scenario: Our aim is to configure the firewall such that all users should be authenticated through the LDAP server placed in our local network.

Step 1>

Configure the basic LAN and WAN settings on the Firewall.

Unified threat management

UTM features

To use UTM features you have to purchase the UTM license and apply it to your device

We first have to configure the basic LAN and WAN settings on the Firewall.

File blocking

1. Go to UTMàAntivirusà click on Create New

2. Give the name and then click OK, then again click on Create New

Passive Interface and Stuck in Active concepts in EIGRP

Stuck in Active:

When a router lost any one route (route went down) then it will start query about that down route to the neighbor routers. And the neighbor router will send query to next and so on until they get reply about that route. During this mean time all routers went too stuck in active mode.

STUB Router is used to eliminate this stuck in active problem. Stub router won’t receive query, reply to query etc.

#router eigrp 100

#eigrp stub

NOTE:

Ø Stub router won’t send the redistributed routes from any router to other

# eigrp stub redistribute (won’t work)

Enhanced Interior Gateway Routing Protocol

EIGRP (Enhanced Interior Gateway Routing Protocol) it is derived from IGRP

IGRP is a Distance vector routing protocol.

· EIGRP is a Hybrid (or) Advance distance vector routing protocol

· The AD value of EIGRP is

· 90 (EIGRP-INTERNAL),

· 170 (EIGRP-EXTERNAL)

· Protocol number is 88

· It works on RTP (Reliable transport protocol)

· It is fast convergence

· It works as class full/ classless (no auto summary)

· It works on AS number (Autonomous system) {in order to form neighbor ship the AS number should match}

· Fast convergence

· 100% loop Free

Policy based routing (PBR)

Scenario: Our aim is to configure the firewall such that all the traffic from 192.168.1.52 will flow from WAN2 and the remaining will flow from WAN1.

RIP (Routing Information Protocol)

Rip is a distance vector protocol

How far and in which direction the route presents (no:of Hops between the source and destination)

Distance vector protocol:

The name distance vector is derived from the fact that routes are advertised as vectors of (distance, direction), where distance is defined in terms of a metric and direction is defined in terms of the next-hop router. For example, "Destination A is a distance of 5 hops away, in the direction of next-hop router X." As that statement implies, each router learns routes from its neighboring routers' perspectives and then advertises the routes from its own perspective. Because each router depends on its neighbors for information, which the neighbors in turn may have learned from their neighbors, and so on, distance vector routing is sometimes facetiously referred to as "routing by rumor."

In rip max hop count is 15
Rip AD value is 120
It runs on UDP
Protocol number 520

Dynamic Routing & Administrative Distance (AD)

Dynamic Routing is again subdivided into two types:

a) IGP – it will exchange private network information within the AS

b) EGP – it will exchange public network information within the AS

Exterior Gateway Protocol (EGP) Interior Gateway Routing Protocol (IGP)

* BGP (Border Gateway Protocol) * RIP (Routing Information Protocol)

* EIGRP (Enhanced Interior Gateway Routing Protocol)

* OSPF (Open Shortest Path First)

Administrative Distance (AD Values):

Depends on the AD value router will prefer the Routes (Thrust worthiness)

Routing Basics

Routing:

The procedure of connecting two or more different networks

(Or)

The procedure of define routes, protocols and to find best path in them by using algorithms and provide security.

Routing protocol:

It is used to determine the best path for the packets are data to travel from source to destination

Routed protocol:

Which carries the data in the established path is called Routed Protocol. Routed protocols are always assigned to an interface and determine the method of packet delivery.

Ex of routed protocols is TCP, UDP, IP, IPX, SPX, Apple talk.

Different Modes in a router & Booting Sequence

Different Types of Modes in a router:

User Mode à Router>
Privilege Mode à Router#
Global configuration Mode à Router(Config)#
Interface Global configuration Mode/ Interface Mode à Router(config-if)#
Line Mode à #Line Vty

Line Modes:

à Auxiliary mode

à Console mode Vty - Used for Telnet & SSH

Setup for ISP Failover

Scenario: We want to create a network in which if one ISP fails the traffic should go through the second ISP without our network going down.

Scenario: Configure the DIP Pool on firewall so that all users behind the firewall will be accessing internet using any IP address in the DIP pool.

Our aim is to access the server remotely using Static IP mapped to local machine.

Scenario: We have hosted a machine in the network with http (Port 80) and https (Port 443) running on it. When a remote machine will access the port 8080 it will be forwarded to port 80 to the hosted machine and port 1443 would be forwarded to 443 to the hosted machine

Service Based Access (Port Blocking)

Scenario: We have to configure firewall such that computers can access only limited number of service to the internet.

DHCP and 3 Way-handshake

DHCP: Dynamic Host Configuration Protocol

· It will assign IP address dynamically to the clients

· It will works on DORA process

· Port numbers are 67 – for client, 68 – for server

· DORA – Discover Offer Request Acknowledgment

Default Gateway and APIPA

Default Gateway:

All the PC’s connected with in the Network is communicated with other network devices by using this Default-Gateway only

Scenario: Allocating particular amount of bandwidth for users in LAN

Step1>

We first need to configure the basic LAN and WAN settings on the firewall.

Scenario: We have to configure firewall such that only user which get authenticate via local firewall authentication can access the internet.

Step1>

We first need to configure the basic LAN and WAN settings on the firewall.

Scenario: We have to configure firewall such that only computer with specific IP can access the internet.

Initial Setup of the Fortinet firewall

By default the unit will be in factory settings.

(Note: Local computer should have the same IP range i.e. 192.168.1.x)

The Fortinet Firewall has a predefined IP which is 192.168.1.99 on its internal interface.

We have to connect the ISP cable to the either WAN1 or WAN2 port and the local computers should be connected to the any of the 6 ports on the internal side of the firewall.

Step 1

Then to access the GUI of the Fortinet Firewall we need to put the IP address https://192.168.1.99 in the browser of the explorer

The above screen will come up.

IP addressing

Comparision between IP address and MAC address

IP (Internet Protocol)/ logical address	MAC (Media access control) address/ Physical address
It is a 32 bit address [8.8.8.8]	It is a 48 bit address [8:8:8:8:8:8]
It is represented in doted decimal representation	It is represented in hexadecimal representation
It is used to uniquely identify a device within different network	It is used to uniquely identify a device within the same network
	Note: first 24 bits represents manufacturer Last 24 bits represents device

Protocol	Port number	Protocol Used
FTP File Transfer Protocol	20 - for data 21 - for connection establishing	TCP/UDP TCP
SFTP Secure File Transfer Protocol	22	TCP
SSH Secure Shell Protocol	22	TCP
Telnet	23	TCP
SMTP Simple Mail Transfer Protocol	25	TCP

TCP/IP Utilities

TCP/IP Utilities

it is used to troubleshoot and to maintain a Network without any Problems

PING (Packet Internet Gopher)

Ping is used to find the connected device is alive are not. Ping uses a special protocol called ICMP (Internet Control Message Protocol)

We can check it for Connected devices, websites, DNS, DHCP and Print server etc

Tracert

It is similar to Ping, it identifies the path through which the packets is going to reach the Destination.

OSI Model:

OSI Model:

Open System Interconnection is a reference model to describe how data communication takes place between one computer to other computer in a network.

it was proposed by International Organization for Standardization (ISO)

OSI is evolved from experiences with ARPANET

Format Layer Brief Function

--------------------------------------------------------------------------------------------------------------------------

Data -- Application Layer -- DHCP, FTP, HTTP

Data -- Presentation Layer -- File type ex: JPEG, TXT; Compression

Data -- Session Layer -- Security, connection establishment, connection release, type of communication

Segment -- Transport Layer -- Error control, messages to segments, TCP/UDP

Packet -- Network Layer -- Logical Address & Translation logical to Physical address

Frame -- Data link Layer -- Raw data to logical structure called Frame, A

Cable types

Types of connecting cables:

1. Straight cable

2. Cross cable

3. Roll over cable

Note:

For similar devices we will use Cross Cables.
For different Devices we will use Straight Cables.
For configuration through console port we will use Roll over Cable.

Physical Media:

1. Coaxial cables:

Ethernet based LANs using thick cable for inter-connection is referred as Thicknet. While ethernet systems using thinner coaxial cable is referred as Thinnet.

Thicknet is also referred as 10Base5 systems, where 10 means 10Mbps speed. Base means baseband and 5 denotes 500 meter max. distance between nodes/repeaters. RG-8/U cable is used as thick cable in thicknet based LAN network.

Thinnet is also referred as 10Base2, where 2 denotes 200 m max.distance between two nodes/repeaters. RG-58/U is used as thin cable in thinnet based LAN network.

Subscribe to: Posts ( Atom )

Pages

Monday, June 29, 2015

Saturday, June 27, 2015

Saturday, June 20, 2015

Sunday, June 14, 2015

Saturday, June 13, 2015

Wednesday, June 10, 2015

Sunday, June 7, 2015

Saturday, May 30, 2015

Monday, May 18, 2015

Sunday, May 17, 2015

Types of connecting cables:

Physical Media:

1. Coaxial cables:

NetworKING A2Z

Contact Form