Introduction IP Address & MAC Address TCP/UDP/ICMP IP ...
78
1 Outline Introduction IP Address & MAC Address TCP/UDP/ICMP IP Gateway, Network Mask, TTL Routing Protocol Network Address Translation (NAT) Domain Name System (DNS) Dynamic Host Configuration Protocol (DHCP) / Asymmetric Digital Subscriber Line (ADSL) HyperText Transfer Protocol (HTTP) Protocol Virtual Private Network (VPN)
Transcript of Introduction IP Address & MAC Address TCP/UDP/ICMP IP ...
Microsoft PowerPoint - Ch04a.pptIntroduction IP Address & MAC
Address TCP/UDP/ICMP IP Gateway, Network Mask, TTL Routing Protocol
Network Address Translation (NAT) Domain Name System (DNS) Dynamic
Host Configuration Protocol (DHCP) / Asymmetric Digital Subscriber
Line (ADSL) HyperText Transfer Protocol (HTTP) Protocol Virtual
Private Network (VPN)
2
Gateway
LAN WAN Gateway Internet RouterRouter
TCP/IPX.25Systems Network Architecture (SNA)Gateway Packet ( )
3
SNA IBM
PC1GatewayARP Gateway MAC Address PC1 NetmaskIP Gateway
CYUT NC
PC 1 Windows2000
1. arp –a 2. ping 168.95.1.1 3. arp –a 4. route print
7
Routing Table
Router Packet Packet IPDestination IP Address Packet
Routing Table
Routing Table Layer 3 PCFirewallRouter PDA
13
Linux Host Routing Table (ip route)
Linux Host Routing Table /sbin/ip route (mask bit) /sbin/route
[root@gr /]# /sbin/ip route
61.218.155.224/28 dev eth1 scope link src 61.218.155.226 192.168.2.0/24 dev eth0 scope link src 192.168.2.254 192.168.0.0/24 dev eth0 scope link src 192.168.0.10 192.168.254.0/24 dev eth0 scope link src 192.168.254.254 10.0.0.0/16 dev eth0 scope link src 10.0.0.10 172.16.0.0/16 dev eth0 scope link src 172.16.0.10 127.0.0.0/8 dev lo scope link default via 61.218.155.225 dev eth1
14
Kernel IP routing table Destination Gateway Genmask Metric Iface NAT 61.218.155.224 * 255.255.255.240 0 eth1 192.168.2.0 * 255.255.255.0 0 eth0 192.168.0.0 * 255.255.255.0 0 eth0 192.168.254.0 * 255.255.255.0 0 eth0 10.0.0.0 * 255.255.0.0 0 eth1 172.16.0.0 * 255.255.0.0 0 eth0 127.0.0.0 * 255.0.0.0 0 lo default 61.218.155.225 0.0.0.0 0 eth1
15
Default0.0.0.0 / 00.0.0.0 / 0 IP Entry Packet
16
Packet Destination IP 61.218.155.236 Entry 61.218.155.224/28 28 bits
IP 00111101 11011010 10011011 1110 1100
IP 61.218.155.236 Routing Table entry
Longest Prefix Length Match
√
√
√
Routing Table Entry
Routing Table Entry Routing Decision IP 28 bits 61.218.155.224 28 bits eth1
scope link IP Destination MAC ARP src 61.218.155.226 eth1 IP 61.218.155.226 1,2,5 Entry 1 match 28 bits Entry 1 eth1
19
TCP/IProuting protocol Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Border Gateway Protocol (BGP) (Chapter 5)
20
21
Routing
22
23
Slow Path: CPURouting Protocol
24
Router Routing Table Packet Packet
CYUT NC
Application Gateway
27
Routing Table Default GatewayDefault Gateway Packet
ADSLADSL ATU-R Default Gateway
32
Default Gateway
ISP Default Gateway ADSL Default Gateway DHCP (Dynamic Host Configuration Protocol, RFC 1541, RFC 2131) Default GatewayCable Modem PPP (The Point-to-Point Protocol, RFC 1661) Default Gateway Modem ADSLPPPoE (PPP over Ethernet) ( PPP)
33
CYUT NC
PPPoEDefault Gateway
38
PC1PPPoE
PPP IPGatewayDNS Routing TableDefault Gateway PPP Gateway IP
39
RoutingPacket Intel IXP Network Processor IBM PowerNP Linux Router
43
[1] Linux Router Project, http://www.linuxrouter.org/ [2] Free Cisco, http://www.freesco.org/ [3] IBM PowerNP, http://www.ibm.com [4] Intel IXP Network Processor, http://www.intel.com [5] Linux Routing Protocol, http://www.zebra.org
44
Linux PC 1 PC 4 HTTP
Hub PC1PC4
46
NetGuru
47
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 ip route add default via 192.168.0.254
48
IP Network Mask ifconfig Route Entry
192.168.0.0/24 dev eth0 scope link src 192.168.1.254
ip route add 192.168.1.254/24 dev eth0
49
eth1 IP Network Mask ifconfig Route Entry
192.168.2.0/24 dev eth2 scope link src 192.168.2.254
ip route add 192.168.2.254/24 dev eth2
50
ifconfig eth2 192.168.2.3 netmask 255.255.255.0 ip route add default via 192.168.2.254
CYUT NC
Proxy
WEB Proxy Proxy Proxy Server WEB Proxy squid http://www.squid-cache.org/
53
Proxy ARPARP ARPProxy ARP() MAC Address Proxy ARP
54
PC 1 PC 4 Proxy ARP
PC 4 MAC Address Linux eth0 MAC AddressPC 4 ARP Request PC 1 MAC Address Linux eth2
55
NetGuru
56
NetGuru
57
NetGuru Host B Proxy ARP
arp –i eth1 –Ds 192.168.1.1 eth1 netmask 255.255.255.255 pub arp –i eth0 –Ds 192.168.1.10 eth0 netmask 255.255.255.255 pub
59
Host B: ifconfig eth1 down
Host C: ifconfig eth0 down ifconfig eth1 down
67
Host A:
default gateway
ICMP requestreply ICMP requestreply
71
routing
72
Host B:
73
Host C: ip route add 192.168.0.0/24 via 192.168.1.1 Host C192.168.1.1Host A(Host B )
74
Host A: ping 192.168.2.3TTL
traceroute 192.168.2.3
76
Host A: ping 192.168.2.3 TTL=4
Hint: TTL255
2
Gateway
LAN WAN Gateway Internet RouterRouter
TCP/IPX.25Systems Network Architecture (SNA)Gateway Packet ( )
3
SNA IBM
PC1GatewayARP Gateway MAC Address PC1 NetmaskIP Gateway
CYUT NC
PC 1 Windows2000
1. arp –a 2. ping 168.95.1.1 3. arp –a 4. route print
7
Routing Table
Router Packet Packet IPDestination IP Address Packet
Routing Table
Routing Table Layer 3 PCFirewallRouter PDA
13
Linux Host Routing Table (ip route)
Linux Host Routing Table /sbin/ip route (mask bit) /sbin/route
[root@gr /]# /sbin/ip route
61.218.155.224/28 dev eth1 scope link src 61.218.155.226 192.168.2.0/24 dev eth0 scope link src 192.168.2.254 192.168.0.0/24 dev eth0 scope link src 192.168.0.10 192.168.254.0/24 dev eth0 scope link src 192.168.254.254 10.0.0.0/16 dev eth0 scope link src 10.0.0.10 172.16.0.0/16 dev eth0 scope link src 172.16.0.10 127.0.0.0/8 dev lo scope link default via 61.218.155.225 dev eth1
14
Kernel IP routing table Destination Gateway Genmask Metric Iface NAT 61.218.155.224 * 255.255.255.240 0 eth1 192.168.2.0 * 255.255.255.0 0 eth0 192.168.0.0 * 255.255.255.0 0 eth0 192.168.254.0 * 255.255.255.0 0 eth0 10.0.0.0 * 255.255.0.0 0 eth1 172.16.0.0 * 255.255.0.0 0 eth0 127.0.0.0 * 255.0.0.0 0 lo default 61.218.155.225 0.0.0.0 0 eth1
15
Default0.0.0.0 / 00.0.0.0 / 0 IP Entry Packet
16
Packet Destination IP 61.218.155.236 Entry 61.218.155.224/28 28 bits
IP 00111101 11011010 10011011 1110 1100
IP 61.218.155.236 Routing Table entry
Longest Prefix Length Match
√
√
√
Routing Table Entry
Routing Table Entry Routing Decision IP 28 bits 61.218.155.224 28 bits eth1
scope link IP Destination MAC ARP src 61.218.155.226 eth1 IP 61.218.155.226 1,2,5 Entry 1 match 28 bits Entry 1 eth1
19
TCP/IProuting protocol Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Border Gateway Protocol (BGP) (Chapter 5)
20
21
Routing
22
23
Slow Path: CPURouting Protocol
24
Router Routing Table Packet Packet
CYUT NC
Application Gateway
27
Routing Table Default GatewayDefault Gateway Packet
ADSLADSL ATU-R Default Gateway
32
Default Gateway
ISP Default Gateway ADSL Default Gateway DHCP (Dynamic Host Configuration Protocol, RFC 1541, RFC 2131) Default GatewayCable Modem PPP (The Point-to-Point Protocol, RFC 1661) Default Gateway Modem ADSLPPPoE (PPP over Ethernet) ( PPP)
33
CYUT NC
PPPoEDefault Gateway
38
PC1PPPoE
PPP IPGatewayDNS Routing TableDefault Gateway PPP Gateway IP
39
RoutingPacket Intel IXP Network Processor IBM PowerNP Linux Router
43
[1] Linux Router Project, http://www.linuxrouter.org/ [2] Free Cisco, http://www.freesco.org/ [3] IBM PowerNP, http://www.ibm.com [4] Intel IXP Network Processor, http://www.intel.com [5] Linux Routing Protocol, http://www.zebra.org
44
Linux PC 1 PC 4 HTTP
Hub PC1PC4
46
NetGuru
47
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 ip route add default via 192.168.0.254
48
IP Network Mask ifconfig Route Entry
192.168.0.0/24 dev eth0 scope link src 192.168.1.254
ip route add 192.168.1.254/24 dev eth0
49
eth1 IP Network Mask ifconfig Route Entry
192.168.2.0/24 dev eth2 scope link src 192.168.2.254
ip route add 192.168.2.254/24 dev eth2
50
ifconfig eth2 192.168.2.3 netmask 255.255.255.0 ip route add default via 192.168.2.254
CYUT NC
Proxy
WEB Proxy Proxy Proxy Server WEB Proxy squid http://www.squid-cache.org/
53
Proxy ARPARP ARPProxy ARP() MAC Address Proxy ARP
54
PC 1 PC 4 Proxy ARP
PC 4 MAC Address Linux eth0 MAC AddressPC 4 ARP Request PC 1 MAC Address Linux eth2
55
NetGuru
56
NetGuru
57
NetGuru Host B Proxy ARP
arp –i eth1 –Ds 192.168.1.1 eth1 netmask 255.255.255.255 pub arp –i eth0 –Ds 192.168.1.10 eth0 netmask 255.255.255.255 pub
59
Host B: ifconfig eth1 down
Host C: ifconfig eth0 down ifconfig eth1 down
67
Host A:
default gateway
ICMP requestreply ICMP requestreply
71
routing
72
Host B:
73
Host C: ip route add 192.168.0.0/24 via 192.168.1.1 Host C192.168.1.1Host A(Host B )
74
Host A: ping 192.168.2.3TTL
traceroute 192.168.2.3
76
Host A: ping 192.168.2.3 TTL=4
Hint: TTL255
![- dl.20learn.irdl.20learn.ir/mikrotik/mik(4).pdf · [admin@mikrotik] >ip firewall filter add chain=forward action=drop protocol=icmp Src-address = 10.10.10.2 هچ نانچ، دنیآ](https://static.fdocuments.in/doc/165x107/5bc2087209d3f2840b8debcb/-dl-4pdf-adminmikrotik-ip-firewall-filter-add-chainforward-actiondrop.jpg)
