Chapter 8210.70.254.122/chingyu/RoutingProt-Ch8.pdf · 5Dynamic NAT with overload Network Address...
Transcript of Chapter 8210.70.254.122/chingyu/RoutingProt-Ch8.pdf · 5Dynamic NAT with overload Network Address...
2
Network Address Translation
Configure Network Address TranslationNonroutable Protocols
Contents
Routed Protocols
3
Contents (cont.)
Review Questions
Routing Information Protocol
Routing Protocols
Static Routing
Interior Gateway Routing Protocol
4
Network Address Translation
NAT (Network Address Translation) is defined in RFC 3022, which describes methods for connectingprivate (internal) IP addressto the Internet.
5
NAT uses a one-to-onemapping or one-to-many mapping method to allow one or more private IPclients to access to theInternet.
Network Address Translation (cont.)
8
Static NATDynamic NATDynamic NAT with overloadPort Address Translation
Network Address Translation (cont.)
Four forms of NAT are available:
9
Static NAT
Network Address Translation (cont.)
Static NAT is the simplest form of NAT, in which a single private IP address is mapped to a single public IP address. (see Fig. 8-1)
10
Dynamic NAT
Network Address Translation (cont.)
Dynamic NAT means that the NAT router automaticallymaps a group of valid localIP address to a group of Internet IP address, as needed.
11
Dynamic NAT with overload
Network Address Translation (cont.)
Overloading is a form ofdynamic NAT that uses port address translation (PAT).
PAT allows multiple internalunregistered IP addressesto use a single external registered address.
12
Dynamic NAT with overload (cont.)
Network Address Translation (cont.)
To differentiate between the connections, PAT usesmultiple public TCP and UDP ports to create uniquesockets that map tointernal IP address.
13
Dynamic NAT with overload (cont.)
Network Address Translation (cont.)
In Table 8-2, you can see how the NAT router keep track of these individual connections uniquely.
14
Dynamic NAT with overlapping
Network Address Translation (cont.)
Overlapping occurs when the internal network has been incorrectly configured for an IP range that actually exists on the Internet or two companies merge and each company was using the same private IP address.
15
Network Address Translation
Configure Network Address TranslationNonroutable Protocols
Contents
Routed Protocols
16
Configuring Static NAT
Configure NAT
Define the static mapping between the inside addressand the outside address.Define the NAT router’s
interfaces as inside oroutside.
17
Configure NAT (cont.)
Configuring Static NAT (cont.)For example,
Router(config)# ip nat inside source static 192.168.0.1 209.86.192.197
Router(config)#int fa0/0Router(config-if)#ip nat insideRouter(config)#int ser0/1Router(config-if)#ip nat outside
18
Configure NAT (cont.)
Configuring Dynamic NATConfigure a standard
control list to define what internal traffic will be translated.Define a pool of addresses to be used for dynamic NAT allocation.
19
Configure NAT (cont.)
Configuring Dynamic NAT (cont.)Link the access list to theNAT pool.Define interfaces as eitherinside or outside.
20
Configure NAT (cont.)
Configuring Dynamic NAT (cont.)For example,
Router(config)# access-list 1 permit 192.168.0.0 0.0.0.255
Router(config)# ip nat pool PoolEx209.86.192.200 209.86.192.240netmask 255.255.255.0
Router(config)# ip nat inside sourcelist 1 pool PoolEx
21
Configure NAT (cont.)
Configuring Dynamic NAT (cont.)For example, (cont.)Router(config)#int fa0/0Router(config-if)#ip nat insideRouter(config)#int ser0/1Router(config-if)#ip nat outside
22
Network Address Translation
Configure Network Address TranslationNonroutable Protocols
Contents
Routed Protocols
23
Nonroutable Protocols
Several nonroutableprotocols exist in today’s networking world, but NetBEUI (NetBIOS Enhanced User Interface) is the most common.
24
Nonroutable Protocols (cont.)
NetBEUI ships with MS windows OS. In a small peer-to-peer networks, NetBEUI is easy to configure and use.Because it is very small, NetBEUI is fast and efficient.
25
Unfortunately, NetBEUIcannot scale into large internetworks, because it cannot hold Network layer information in its network header.
Nonroutable Protocols (cont.)
26
Therefore, if you try to use NetBEUI – or anynonroutable protocol in a network with multiple networks, communication between networks will fail.
Nonroutable Protocols (cont.)
27
Network Address Translation
Configure Network Address TranslationNonroutable Protocols
Contents
Routed Protocols
28
Routed protocols have packet headers that containNetwork layer address.
Routed Protocols
Routed protocols were developed to supportnetworks consisting ofmultiple networks or subnetworks. (see Fig. 8-4)
29
Routed Protocols (cont.)
For routed protocols to work on a network, every devices must be configured with a unique IP or IPX address.
30
Routed Protocols (cont.)
These network layer logical address allow TCP/IP or IPX/SPX (Internetwork Packet Exchange/ Sequence Packet Exchange) packets to be routed throughoutinternetworks. (see Fig. 8-5)
31
Contents (cont.)
Review Questions
Routing Information Protocol
Routing Protocols
Static Routing
Interior Gateway Routing Protocol
32
Routed protocols are protocols used by routers to make path determination choices and to share those choices with other outers.
Routing Protocols
Table 8-3 shows a conceptual routing tablethat routerB in Fig. 8-5.
33
Hop count is the number of routers a packet must pass through to reach a particular network.A metric is a value used to define the suitability of a particular route.
Routing Protocols (cont.)
34
An autonomous system (AS), which uses Interior Gateway Protocols a routing protocols, is a group of routers under the control of a single administration. (seeFig. 8-6)
Routing Protocols (cont.)
35
Routing Protocols (cont.)
In general, an AS runs a single routing protocol.Routing protocols come in two major categories: Interior Gateway Protocols (IGPs) and Exterior Gateway Protocols (EGPs) .
36
Routing Protocols (cont.)
IGPs are the routing protocols used within anAS.EGPs are the routing
protocols used to route information between multiple AS.
37
Routing Protocols (cont.)
Routing Information Protocol(RIP), Interior Gateway Routing Protocol (IGRP), Enhanced Interior Gateway Routing Protocols (EIGRP), and Open Shortest Path First(OSPF) are examples of IGPs.
38
Routing Protocols (cont.)
RIP and IGRP are distance vector routing protocols, and OSPF is link-state routing protocols.EIGRP is a hybrid routing protocols developed byCisco to overcome limitations associated withIGRP.
39
Routing Protocols (cont.)
EIGRP combines the best attributes of bothdistance-vector and link-state routing protocols.Border Gateway Protocol (BGP) is an example of EGP.
40
Distance-Vector Routing Protocols
Routing Protocols (cont.)
Distance-vector routing protocols broadcast their entire routing table to each neighbor routers at predetermined interval.Fig. 8-7 shows how this process occurs.
41
Distance-Vector Routing Protocols (cont.)
Routing Protocols (cont.)
Fig. 8-8 shows that the time it will take the network to convergedepends on the amount of time between update interval on RouterB andRouterA.
42
Distance-Vector Routing Protocols (cont.)
Routing Protocols (cont.)
Convergence is a state where all routers on the internetwork share a common view of theinternetwork routes.
43
Distance-Vector Routing Protocols (cont.)
Routing Protocols (cont.)
Fig. 8-9 shows that the internetwork could, without proper precaution, readvertise a route that was actually not accessible.
44
Distance-Vector Routing Protocols (cont.)
Routing Protocols (cont.)
The prevent the problems, techniques such as defining a maximum, split horizon,split horizon with poison reverse, and hold-down timers are used here.
45
Routing Protocols (cont.)
Defining a maximum is one of the easiest waysto limit count-to-infinityproblems.
Distance-Vector Routing Protocols (cont.)
RIP defines a maximum hop count of 15.
46
Routing Protocols (cont.)
Distance-Vector Routing Protocols (cont.)
Split horizon controls what information a routerwill send out through aparticular interface.
47
Routing Protocols (cont.)
Distance-Vector Routing Protocols (cont.)
For example, if RouterA in Fig. 8-9 uses split horizon, it will not accept updateregarding E0 on RouterBfrom RouterC at Time 4.
48
Routing Protocols (cont.)
Distance-Vector Routing Protocols (cont.)
If RouterA uses Split horizon with poison reverse, it not only refuses to acceptRouterC’s update regarding E0 on RouterB, but it also responses to RouterC’sattempted update.
49
Routing Protocols (cont.)
Distance-Vector Routing Protocols (cont.)
In other words, it poisonsthe erroneous routeadvertised by RouterC so that no other router will see this as a viable route.
51
Routing Protocols (cont.)
Distance-Vector Routing Protocols (cont.)
Hold-down timers allow arouter to place a route in a state where it will not accept any changes to that route.
52
If RouterA uses hold-down timer, the updatefrom RouterC is ignoredbecause the route would be in “hold-down” for a period of time after it was marked down.
Routing Protocols (cont.)
Distance-Vector Routing Protocols (cont.)
53
It will accept the update and release timer if the update has a more favorable metric.
Routing Protocols (cont.)
Distance-Vector Routing Protocols (cont.)
54
Routers configured with a link-state routing protocol use link-state advertisement (LSA) to inform neighbor routerson the internetwork.
Routing Protocols (cont.)
Link-State Routing Protocols
55
Instead of sending their entire routing table, theLSAs contain only the local links for theadvertised router.
Routing Protocols (cont.)
Link-State Routing Protocols (cont.)
56
A LSA is an OSPF data packet containing link-state and routing infothat’s shared amongOSPF routers.
Routing Protocols (cont.)
Link-State Routing Protocols (cont.)
57
The shortest path first(SPF) algorithm uses thelink information tocompute the routes.
Routing Protocols (cont.)
Link-State Routing Protocols (cont.)
58
Routing Protocols (cont.)
Link-state packets (LSPs),packets used to send outLSAs, allow every router in the internetwork to share a common view of the topology of the internetwork.
Link-State Routing Protocols (cont.)
59
Routing Protocols (cont.)
In Fig. 8-10, the networkquickly reaches a state of convergence due tothe flooding of link-state packets.
Link-State Routing Protocols (cont.)
60
Routing Protocols (cont.)
Also, later updates by the routers in the internetworkwill be triggered updates. These updates occurs due to network topology change, not periodic routing table advertisement.
Link-State Routing Protocols (cont.)
61
Routing Protocols (cont.)
In other words, routers will flood the internetwork with LSPs if a change occurs to its routing table.
This announcementcontains only the change in the routing table, not the entire routing table.
Link-State Routing Protocols (cont.)
62
Routing Protocols (cont.)
The drawbacks of the link-state routing protocol:
Configured with more memory and processing power
More complicated to configure on the routers
Link-State Routing Protocols (cont.)
63
Routing Protocols (cont.)
Table 8-4 summarized the key characteristics associated with distance-vector and link-staterouting protocols.
Link-State Routing Protocols (cont.)
64
Contents (cont.)
Review Questions
Routing Information Protocol
Routing Protocols
Static Routing
Interior Gateway Routing Protocol
66
路 徑 更 新 通 告 (Routing Updates)
RIP的路徑更新通告採用
UDP 協定,其通訊埠為
520,此通告每30秒定時以
廣播方式傳給其臨接路由
器。(其目的IP位址設定為
255.255.255.255)
RIP (cont.)
70
若更新通告中含有已知的目
的網路位址,且具較低的權
值,但該更新通告的來源正
好是路由表中下一個中繼節
點,則只需修改路由表有關
到該路徑權值即可。
更新通告的處理(續)
RIP (cont.)
73
計時器(Timers)
RIP使用了update timer、invalid timer、hold-down timer及flush timer菶四種
計時器,來快速且正確渡過
收斂狀態期。
RIP (cont.)
74
計時器(續)
所 謂 收 斂 狀 態 期
(convergence) 是指當網
路發生變化時,整個網路
的路由操作就會因為路由
器間彼此資訊不一致,而
進入到一個不穩定狀態。
RIP (cont.)
78
保留計時器 (Hold-down timer):預設值為180秒。`當失效計時器逾時,路由
器不再信任收到的更新通
告,此時原本的路徑資
訊,就進入保留狀態。
計時器(續)
RIP (cont.)
82
RIP (cont.)
The output in Fig. 8-14 illustrates an extremely important concept called administrative distance.
83
RIP (cont.)
Administrative distance is a value used to determine the reliable informationregarding a particular route. (see Table 8-5)
84
顯示RIP協定的資訊(see Fig. 8-15)
Router# show ip protocols
RIP (cont.)
顯示RIP路由表(see Fig. 8-14)
Router# show ip route
85
RIP (cont.)
debug IP rip指令(see Fig. 8-16)
Router# debug ip rip
關閉debug IP rip指令
Router# no debug ip rip
Router# no debug all
86
RIP (cont.)
Fig. 8-17 shows the results of ‘show ip route’command after Eth0 on RouterC becomesinaccessible.
87
RIP (cont.)
If you issue the ‘show iproute’ command after the route has been flushed from the routing table, you will get the output displayed in Fig. 8-18.
90
路由器Alice
路由器Candy
網路B
路由器Bob
網路A
◆ 將 RIP 協 定 設 定 於 路 由 器Alice、Bob及Candy上,以便網路A與B的電腦可相互通訊。
10.1.1.0/24
172.16.1.1/30
10.2.2.0/24
.2/30
172.31.1.1/30
.2/30
Homewok-1(續)
91
Contents (cont.)
Review Questions
Routing Information Protocol
Routing Protocols
Static Routing
Interior Gateway Routing Protocol
92
IGRP
IGRP是Cisco於1980代中
期,所發展出來的路徑選
擇協定(Cisco-proprietary routing protocol) 。與RIP一樣,都是使用距
離向量,且只與鄰接的路
由器作路徑資訊的交換。
96
選擇路徑(續)
在預設值下,IGRP只會使用
delay 與 bandwidth 兩 個 項
目。其中delay代表來源主機
到達目的主機的延遲值;而
bandwidth指來源主機到目的
主機的最小頻寬值(Kbps)。
IGRP (cont.)
97
權值metric = B + delay其中
B=10,000,000/ bandwidth ;
而delay值則是經過傳輸媒體
的延遲時間加總後,再除以
10。此值愈小代表路徑愈短,
即最佳路徑。
選擇路徑(續)
IGRP (cont.)
98
以一條路徑,從起點經由
T1、ATM及Ethernet到終
點為例,其B = 10,000,000/ 1,544 = 6,476;而delay的值為 (20,000 + 100 + 1,000) / 10 = 2,110。
選擇路徑(續)
IGRP (cont.)
103
IGRP的設定 (see Fig. 8-20)#conf ter(conf)# router igrp 52
(conf-router)# network 172.22.0.0
IGRP (cont.)
104
In Fig. 8-22, you can see a router is running multiple protocols, RIP and IGRP.
IGRP (cont.)
In the real world, you would normally not configure your routers to run both RIP and IGRP on the same router on a permanent basis.
105
路由器Alice
路由器Candy
網路B
路由器Bob
網路A
◆將 IGRP 協定設定於路由器Alice、Bob及Candy上,以便網路A與B的電腦可相互通訊。
192.168.10.0/24
172.30.1.1/30
192.168.20.0/24
.2/30
172.20.1.1/30
.2/30
Homewok-2
106
Contents (cont.)
Review Questions
Routing Information Protocol
Routing Protocols
Static Routing
Interior Gateway Routing Protocol
107
Static Routing
一般而言,小型區域網路是以
人 工 方 式 設 定 路 由 表
(Statically Defined routes),而中、大規模的網路,則使用
動態路由協定來交換路由器之
間 的 路 由 表 (Dynamically Learned routes)。
108
靜 態 路 由 (Statically Defined Routes)的主要缺
點是,不適用於中大型的
網路架構。 (因為須使用
Routing Table很大的空間)
Static Routing (cont.)
109
For example, a network with two routers would required 1 × 2 = 2 static routes.
R1 R2
Static Routing (cont.)
110
For example, a network with three routers would required 2 × 3 = 6 static routes.
R1 R2R3
Static Routing (cont.)
111
For example, a network with 100 routers would required 99 × 100 = 9,900static routes.
Static Routing (cont.)
112
PC的路由表包括底下幾個欄位:
目的網路(Network Destination):可以是子網路網段或主機位址
網路遮罩(Netmask):目的網路
的網路遮罩
閘道(Gateway):預定轉送封包
的下一個節點
Static Routing (cont.)
113
路由表包括底下幾個欄位:(續)介面(Interface):用來轉送封包的網路連線。
計量值(Metric):表示封包送到
目的地可能經過的節點,即封
包送到目的網路的成本。
Static Routing (cont.)
114
在路由表中,目的網路
0.0.0.0表示預設路由,若路
由表上未指定路徑來傳送封
包,則選用此路由來傳送。
此閘道位址其實就是TCP/IP內容中的預設閘道。
Static Routing (cont.)
115
範 例 : 電 腦 A 設 定
192.168.1.1 為其預設閘道來存取 Internet,但無
法與該區域網路內的其他
網段通訊。
解決之道就是自訂路由表
Static Routing (cont.)
116
將底下兩個路由增加到路由表內
route add 192.168.2.0 MASK255.255.255.0 192.168.1.254 Metric 1route add 192.168.3.0 MASK255.255.255.0 192.168.1.254 Metric 1
若成功加入兩個路由後,使用
route print顯示新增的路由。
Static Routing (cont.)
121
路由器A
路由器B
10.10.2.0/24網路A 網路B
10.10.1.0/24
192.168.1.2/30
192.168.1.1/30
(專線)
◆設定路由器A與路由器B的路由表,
以便10.10.1.0與10.10.2.0兩個網段
可以相互通訊。
練習三
122
路由器A的路由表ip route 10.10.2.0 255.255.255.0
192.168.1.2
路由器B的路由表
ip route 10.10.1.0 255.255.255.0 192.168.1.1
練習三(續)
123
◆設定路由器A、B及C的路由表,
以便網路A、B及C的電腦可相互
通訊。
路由器A 路由器
B
10.10.2.0/24
網路A網路B10.10.1.0/24 192.168.1.2/30
192.168.1.1/30
(專線)
路由器C
10.10.3.0/24
網路C192.168.1.6/30
192.168.1.5/30
練習四
124
Ans:路由器A路由表的設定
ip route 10.10.2.0 255.255.255.0 192.168.1.2
ip route 10.10.3.0 255.255.255.0 192.168.1.6
練習四(續)
125
Ans:路由器B路由表的設定
ip route 10.10.1.0 255.255.255.0 192.168.1.1
ip route 10.10.3.0 255.255.255.0 192.168.1.1 metric 2
練習四(續)
ip route 192.168.1.4255.255.255.252 192.168.1.1
126
Ans:路由器C路由表的設定
ip route 10.10.1.0 255.255.255.0 192.168.1.5
ip route 10.10.2.0 255.255.255.0 192.168.1.5 metric 2
練習四(續)
ip route 192.168.1.0255.255.255.252 192.168.1.5
130
Configuring a Default Route
Static Routing (cont.)
All packets that are not defined specifically inrouting table will go to the specified interface for thedefault route.
131
Configuring a Default Route (cont.)
Static Routing (cont.)
A default route is type of static route that the administrator configured.
Fig. 8-25 shows a network where a default route would be ideal.
132
路由器Alice
路由器Candy
網路B
路由器Bob
網路A
Homework-3
◆ 設 定 路 由 器 Alice 、 Bob 及Candy的路由表,以便網路A與B的電腦可相互通訊。
10.10.10.0/26
192.168.1.1/30
10.20.20.0/27
.2/30
172.16.1.1/30
.2/30
133
Contents (cont.)
Review Questions
Routing Information Protocol
Routing Protocols
Static Routing
Interior Gateway Routing Protocol
134
RIP has a maximum hop count of __________.
Ans: C
A. 255B. 16C. 15D. 32E. None of the above
Review Questions
135
◆ How often does RIP update neighbors by default?
Ans: c
a. 180 secb. 45 secc. 30 secd. 60 sece. 90 sec
Review Questions (cont.)
136
Which command will show the IP routing table of arouter?
Ans: A
A. Show ip routeB. Show ip protocolC. Show ip igrp eventsD. Show runE. None of the above
Review Questions (cont.)
137
IGRP can use which of the following as metrics? (Choose all that reply)
Ans: B, C
A. Hop countB. BandwidthC. DelayD. Split horizonE. Poison reverse
Review Questions (cont.)
138Ans: e
a. 5 secb. 10 secc. 30 secd. 60 sece. 90 sec
◆ What update timer is used by IGRP?
Review Questions (cont.)
139
Which of the following is a routed protocol?
Ans: C
A. NetBEUIB. TCP/IPC. IPX/SPXD. RIPE. None of the above
Review Questions (cont.)
140
Which of the followinghelps to prevent routing loop? (Choose all that reply)
Ans: A~D
A. Count-to-infinityB. Hold-down timerC. Split horizon with
poison reverseD. Split horizon
Review Questions (cont.)
141
Which of the following does RIP support? (Choose all that reply)
Ans: A, B
A. Load balancingB. Link reliabilityC. Bandwidth metricD. Delay metricE. MTU metric
Review Questions (cont.)
142
What is used on routers to hide intranet addresses from the Internet?
Ans: C
A. PAPB. CHAPC. NATD. CATE. None of the above
Review Questions (cont.)
143
◆ Which of the following protocols are considered to use distance vector logic?
Ans: a, b
a. RIPb. IGRPc. OSPFd. EIGRP
Review Questions (cont.)
144
◆ You use the distance vector routing protocol. Which problems will you have?
Ans: c, d
a. More memory usageb. More CPU processingc. Routing loopsd. Counting to infinitye. More complicated algorithm
Review Questions (cont.)
145
◆ Which two of the following are used in the IGRP metric by default?
Ans: c, d
a. Reliabilityb. Costc. Delayd. Bandwidthe. MTU
Review Questions (cont.)
146
◆ What does the command “debug IP rip” do?
Ans: c
a. Display routing tableb. Display IP addressc. Display RIP routing updatesd. Display RIP errore. Display none
Review Questions (cont.)
147
◆ Which two of the following routing protocols areclassful?
Ans: c, d
a. OSPFb. EIGRPc. RIPd. IGRPe. FTP
Review Questions (cont.)
148
◆ Which two of the following routing protocols do not support VLSM?
Ans: c, d
a. OSPFb. EIGRPc. RIP-1d. IGRPe. RIP-2
Review Questions (cont.)
149
◆ You have a class C IP addressand use VLASM on a point-to-point serial link. Which subnet mask is the most efficient?
Ans: d
a. 255.255.255.192b. 255.255.255.224c. 255.255.255.240d. 255.255.255.252e. None of the above
Review Questions (cont.)
150
What is the primary purpose of a routing protocol?
Ans: Routing protocolsdiscover the routes in network and buildrouting table.
Short Question