Tài liệu TCP/IP Networking ppt

✓ Classless Interdomain Routing CIDR✓ Transmission Control Protocol/Internet Protocol TCP/IP ✓ Address Resolution Protocol ARP ✓ Reverse Address Resolution Protocol RARP ✓ Hot Standby Ro

✓ Classless Interdomain Routing (CIDR)

✓ Transmission Control Protocol/Internet Protocol (TCP/IP)

✓ Address Resolution Protocol (ARP)

✓ Reverse Address Resolution Protocol (RARP)

✓ Hot Standby Routing Protocol (HSRP)

✓ Telnet

✓ Ping

✓ File Transfer Protocol (FTP)

Techniques you’ll need to master:

✓ Describing IP address classes

✓ Identifying TCP/IP functions

✓ Identifying the use of Network Address Translation (NAT)

✓ Explaining TCP/IP application services

This chapter delves into many of the commonly confused topics within the world

of internetworking Mastery of these topics is essential for CCIE candidates;these technologies will serve you well in your daily activities We begin with themost common protocol, TCP/IP, and we’ll use it as the base for our more ad-vanced discussions throughout this chapter and the remainder of the book.The following CCIE blueprint objectives as laid out by the Cisco Systems CCIEprogram are covered in this chapter:

➤ Addressing—Classless Interdomain Routing (CIDR), subnetting, Address

Resolution Protocol (ARP), Network Address Translation (NAT), HotStandby Router Protocol (HSRP)

➤ Services—Domain Name System (DNS), Bootstrap Protocol (BOOTP),

Dynamic Host Configuration Protocol (DHCP), Internet Control MessageProtocol (ICMP)

➤ Applications—Telnet, File Transfer Protocol (FTP), Trivial File Transfer

Protocol (TFTP)

➤ Access Lists—Standard access lists and extended access lists, including where

and how to place and design them

As with other chapters in this book, we have provided additional information inthis chapter for both completeness and in preparation for additional subjects asthe CCIE program expands This will allow you to use this book as a referencesource throughout the CCIE certification process and beyond

TCP/IP Overview

Transmission Control Protocol/Internet Protocol (TCP/IP) is by far the mostpopular networking protocol in use today The Internet links many different hard-ware types, and TCP/IP enables the various hardware types to communicateeffectively with each other Figure 5.1 shows the TCP/IP protocol suite and how

it maps to the seven-layer OSI model

When using TCP/IP in the OSI model, the Transport layer (TCP or UDP)provides connection orientation (TCP) or connectionless services (UDP), andthe Network layer (IP) provides best-effort delivery (connectionless) The nextsection describes what makes up an IP address and the associated addressingschemes available Later in this chapter, we’ll take a closer look at TCP’s functions

The Internet Protocol (IP) was described by Jon Postel in RFC 791 inSeptember 1981 The following URL provides you with some of the

most common RFC’s are available: www.cisco.com/warp/customer/ 459/index.shtml.

TCP provides connection-oriented delivery UDP provides connectionless delivery OSPF, RIP, IGEP/EIGRP, BGP

The original RFC classified IP addressing into five main classes Table 5.1 liststhe RFC’s IP address classes Using the table, you can see that the IP addressshown in Figure 5.2 is a Class A address.

The address range 127.0.0.0 is reserved for loopback devices For ample when you read the Cisco documentation CD-ROM on your PC,the address used is 127.0.0.1 to indicate the local CD-ROM drive Class

ex-D addresses are reserved for Multicast groups The address255.255.255.255 is reserved for broadcasts

By applying a default mask, as shown in Table 5.1, to an IP address, the IP model

is known as the classful model IP routing protocols that use Table 5.1’s tions are referred to as classful routing protocols (for example, RIP v1) This iscontrasted with routing protocols that use a mask other than the default Thesetypes of routing protocols are known as classless routing protocols (for example,OSPF) Class D addressing is reserved for multicast groups For example, theCisco IP routing protocol Enhanced Interior Gateway Routing Protocol (EIGRP)sends multicast hello packets to the multicast address 224.0.0.10 Class E ad-dressing is reserved for future use

defini-A simple way to observe an IP address’s class is to look at the first couple of bits

in the IP address’s first octet The value contained within the first few bits willtell you what class of IP address you are working with:

Table 5.1 IP address classes.

Note: A Cisco router will apply the longest match rule when deciding where an an IP

packet will be sent Consider the case in which a router can have two or more

different next hop addresses for the same network The router will choose the next hop that has the longest mask that matches the destination network This is called the longest match rule.

Due to the rapid growth of hosts on the Internet or intranets (not public works), it was soon evident to the Internet community that IP addressing wouldeventually be depleted Therefore, to allow for the continued expansion of theInternet, subnetting was implemented to allow IP administrators to maximizethe use of an IP address space

net-Subnetting

Subnetting allows the network or IP address administrator to maximize the use

of an IP address space within the network A subnet mask borrows bits from an

IP address’s host portion and uses the bits to define new networks If subnetting

is implemented, IP addresses have three sections:

➤ Network

➤ Subnet (new)

➤ Host Address

Note: All IP addresses have a mask associated with them, either implied (default) or

defined There are three address representations: dotted decimal, bitcount, and

Network 0

A subnet mask is a 32-bit decimal number that is used to identify a network andits host addresses Subnet masks can be the classful kind, as shown earlier inTable 5.1.

Class A, B, and C network addressing schemes are not much use in today’s plex Internetworks unless you extend the mask or use variable length subnetting

com-to avoid wasting IP address space The phrase variable length subnet mask (VLSM)

refers to the fact one network can be configured with different subnet masks Forexample, a network could be configured to have one mask that allows only twohosts and another mask that can be extended to allow 512 hosts VLSM ensuresthat IP addressing is not wasted Think of a serial line that contains two routers.Why assign a Class C address for two nodes? Instead, you could assign an ad-dress (subnet) that contains only two hosts; the mask 255.255.255.252 can beused to accomplish this

To determine the number of hosts or subnets available on a network, you need toexamine the IP addresses in binary To determine the number of hosts or subnets

you can assign to a network, you apply the formula 2n -2, where n equals the

number of borrowed bits Why are two subnets subtracted? Because one address

is reserved to identify the subnet and the other is used to send broadcasts (bitsthat are set to all 0s or all 1s are used for broadcasts) Determining how manyhosts or subnets you can assign to a network is best explained with examples.Let’s assume the subnet mask 255.255.255.240 has been applied to your net-work How many subnets are available when assigning the subnet address of131.108.1.0?

Looking at the subnet mask, you can interpret the 240 as 11110000 in binary.Hence, 4 bits have been borrowed from the host portion of the IP address to

form a subnet Therefore, the subnet mask formula would be 2 4 -2, which equates

to 14 subnets (2*2*2*2=16-2=14) Why do we take away 2 subnets? The reason is

that they are used to represent the subnet and the broadcast address Bits that areset to all 0s are the network (wire address) and all 1s are used for broadcasts Thiscan be shown in the following:

131.108.1.0 255.255.255.240

In this subnet and subnet mask, note that:

➤ Network address 131.108.1.0

➤ First usable host address 131.108.1.1

➤ Last usable host address 131.108.1.14

➤ Directed Broadcast address 131.108.1.15

➤ Broadcast address 255.255.255.255

Similarly, consider the mask 255.255.255.192 How many end nodes could side on the network? Note that 192 in binary is 11000000 Hence, two bits havebeen borrowed, so the end nodes can use the last six bits The formula would be

re-2 6 -2, which equates to 62 hosts.

Note: When using a 26-bit subnet mask, you need to use the ip subnet command to

access all of the subnets that the mask allows!

It is vital that you have a good understanding of how an IP address’network and host portion is calculated You should be able to calculatethe number of hosts on a network using any IP addressing scheme

For additional review, let’s look at a couple more examples of how to calculate thehost and subnet portion of any given class of address

Given the host address of 131.108.1.93/24, what is the subnet and broadcast address?

You need to know what a network address such as 131.108.1.0/24means In this example, the address is the equivalent of the network131.108.1.0 with a subnet mask of 255.255.255.0, or 24 bits of

subnetting

The notation 131.108.1.93/24 means that the subnet mask uses 24 bits, or theequivalent of a subnet mask represented as 255.255.255.0 in dotted format There-fore, 131.108.1.93/24 is the same as 131.108.1.93 255.255.255.0 In binary,131.108.1.93 is:

10000011.01101100.00000001.01011101

And the mask, 255.255.255.0 in binary is:

11111111.11111111.11111111.00000000

Performing a logical AND operation on the host address and subnet mask will

provide you with the subnet mask, which has been derived as 255.255.255.0, or a

Class C address To determine the subnet, you must perform a logical AND function on the host Logical AND means that 1 and 1 equates to 1 only The remaining options are 0 AND 0 is 0, 0 AND 1 is 0 The logical AND operation

provides the following:

10000011.01101100.00000001.01011101 IP ADDRESS

11111111.11111111.11111111.00000000 Subnet Mask

EQUALS NETWORK

10000011.01101100.0000001.0000000

10000011.01101100.0000001.0000000 is a 131.108.1.0 subnet address To termine the broadcast address, you need the decimal equivalent of all one bits(11111111), which is 255; hence, the broadcast address of a 131.108.1.0 subnet is131.108.1.255.

de-Finally, let’s look at a Class A host address of 10.99.34.50 Using a Class C mask,what is the network portion and how many hosts can reside on this network?

The logical AND function is performed once more A Class C mask is

255.255.255.0 when represented in decimal format Therefore, 10.99.34.50 and255.255.255.0 in binary is

00001010.01100011.00100010.00110010

11111111.11111111.11111111.00000000

A logical AND between the address and mask yields:

00001010.01100011.00100010.00000000

00001010.01100011.00100010.00000000 indicates a subnet of 10.99.34.0 The

number of hosts available on a Class C mask is 2 8 -2, or 254 hosts, because 2

addresses are used to identify the subnet and the directed broadcast address Adirected broadcast address is sent to all hosts on the subnet only (10.99.34.0 isthe subnet and 10.99.34.255 is a directed broadcast address for all users on thelocal subnet.)

Table 5.2 provides a useful guide that can help you to prepare for the exam Table 5.2displays the decimal value and binary value of a subnet number followed by thenumber of available subnets The number of hosts that can reside on each subnetfollows

Note: Try some subnet examples on your own and then compare them to a subnet

calculator freely available on the Internet Cisco’s Web site (www.cisco.com/

techtools/ip_addr.html) has a subnet calculator.

Table 5.2 Common subnets.

Now that we’ve covered the IP addressing and the formats that are used to sent IP addresses, let’s move on to a more advanced IP routing concept—Class-less Interdomain Routing (CIDR).

repre-Classless Interdomain Routing (CIDR)

In the past few years, the expansion of the Internet has been phenomenal rently, the Internet uses more than 70,000 routes From 1994 through 1996 therouting table was increased from around 20,000 entries to more than 42,000.How can network administrators reduce the large routing table size? Each rout-ing entry requires memory and a table lookup by the router each time a packet isrequired to reach a destination Reducing memory requirements and the time ittakes to send a packet to the destination provides faster response times for pack-ets to travel around the Internet

Cur-Classless Interdomain Routing (CIDR) helps to reduce the number of routingtable entries and memory requirements CIDR helps to conserve resources, be-cause it removes the limitation of using the default mask (which wastes IP ad-dress space) and leaves the addressing up the IP designer CIDR is used by routers

to group networks together in order to reduce routing table size and memory

requirements CIDR is typically represented with the network number/bits used in the mask, such as 131.108.1.0/24, or the equivalent of 131.108.1.0 255.255.255.0.

Now that we’ve covered CIDR and the purpose of CIDR, let’s move on to howdevices such as PCs map layer 2 addresses to layer 3 addresses using AddressResolution Protocol (ARP) and Reverse Resolution Protocol (RARP)

ARP and RARP

Address Resolution Protocol (ARP) and Reverse Resolution Protocol (RARP)carry out important functions in the TCP/IP model, which allows devices tocommunicate at layer 2 of the OSI model Remember, all frames are sent to a validMAC address So, before one IP host can communicate with another, the sourcedevice must have an identified layer 2 address to traverse the physical medium oruse broadcast frames to locate resources on any particular physical media

ARP is used when a source device needs to know the destination’s layer 2 MACaddress to allow communication between two devices ARP is a layer 2 framesent as a broadcast frame with a known IP address requesting the destination’sMAC address For example, you might Telnet to a local router with a known IPaddress, such as 131.108.1.99 Your PC does not have a layer 2 address or MACaddress to send the frame to, so ARP obtains the MAC address For example,ARP is used between a Client PC and a Cisco router for the Telnet applicationprotocol In contrast, RARP is used when a source device knows a destination’s

MAC address but the IP address is unknown RARP obtains the unknown IPaddress Typically, RARP is used with diskless workstations where the worksta-tions send out requests for IP addresses with a known local MAC address.Figure 5.4 shows the ARP/RARP frame format The function of each field in anARP and RARP frame is described as follows:

➤ Hardware Type—Specifies the hardware in use For example, this value is set

to 1 for Ethernet or 6 for IEEE 802 networks

➤ Protocol—Indicates the protocols in use For example, 0800 is used to indicate IP.

➤ Length of Hardware Address—Indicates the length of layer 2 addresses, 48 bits.

➤ Length of Protocol Address—Defines length of protocol addresses For example,

for IP this field is set to 4 bytes (32 bits)

➤ Operation Code—Defines whether the frame is an ARP or RARP 1 is an

ARP request, 2 is an ARP reply, 3 is a RARP request, and 4 is a RARP reply

➤ Sender Hardware Address—Identifies the sender’s layer 2 MAC address (48 bits).

➤ Sender Protocol Address—Identifies the sender’s IP address (32 bits).

Target Hardware Address

Target Protocol Address

Address

Target Hardware Address

Note: Hardware addresses are 48 bits (32 + 16)

and protocol address are 32 bits in length.

Figure 5.4 ARP/RARP frame format.

➤ Target Hardware Address—Specifies a destination’s address In an ARP

re-quest, this field is set to a broadcast of FF-FF-FF-FF-FF-FF (48 bits)

➤ Target Protocol Address—Specifies a destination’s layer 3 address (32 bits).

The ARP and RARP protocol will provide IP-aware devices with valuable tion needed to successfully send data across a network, regardless of hardware types

informa-You should ask yourself what MAC address will a local device use tosend an IP packet to a remote station, which may have many routers inbetween Most commonly, a local device will use the local gateway orthe local router’s MAC address

To display the IP ARP table on a router, you issue the IOS show ip arp

com-mand, as shown in Listing 5.1

Listing 5.1 The show ip arp command.

R1>sh ip arp

Protocol Address Age (min)Hardware Addr Type Interface

Internet 10.1.1.1 - 0000.0c3b.ed6d ARPA Ethernet0

Internet 10.1.1.5 - 0000.0c3b.ed6d ARPA Ethernet0

Internet 137.10.16.3 1 0000.0c07.ac00 ARPA Ethernet0

Internet 137.10.16.2 - 0000.0c3b.ed6d ARPA Ethernet0

Internet 137.10.17.1 - 0000.30dc.b736 SNAP TokenRing0 Internet 137.10.16.4 12 0060.2f53.5cff ARPA Ethernet0

Listing 5.1 provides the IP address and the associated MAC address used to

reach a device To clear the ARP cache on a Cisco router, you use the clear arp

command

Note: If your router is configured for other routable protocols, such as AppleTalk, the show arp command will also display AppleTalk ARP entries To display only IP

ARP entries, use the show ip arp command.

Remember, there is also another type of ARP used in Frame Relay networks—Proxy ARP Proxy ARP maps the DLCI to the remote IP address, essentially alayer 2 to layer 3 mapping in Frame Relay We will now look at how a networkcan use Network Address Translation (NAT) to connect to the Internet, eventhough the network does not have a registered address

Network Address Translation (NAT)

To reduce the impact of network address depletion due to the rapid growth of theInternet, many large IP networks needed the ability to retain their current ad-dressing scheme yet be able access the Internet This can be accomplished withNetwork Address Translation (NAT) defined in RFC 1631

The implementation of NAT by the Cisco IOS supports most of the cations we have discussed so far, including Domain Name System andFile Transfer Protocol The common applications supported on Ciscorouters running NAT include the following:

appli-➤ Routing table updates (OSPF, RIP, and so on)

➤ HTTP, DNS zone transfers, TFTP, BOOTP, telnet, SNMP, finger, NTP,NFS, rlogin, rsh, rcp

➤ ICMP, FTP (including PORT and PASV commands), NetBIOS over TCP/IP.The following URL provides a full list of supported applications:www.cisco.com/cpropart/sync-src/ccstcp/cc/cisco/mkt/ios/nat/prodlit/792_pp.htm#xtocid11070

NAT is a standard defined in RFC 1631 Cisco devices started supporting NAT

in IOS versions 11.2 and higher NAT grants the ability to retain a network’soriginal IP addressing scheme while translating that scheme to valid Internet IPaddresses Thus the layer 3 address is changed when the packet is sent out to theInternet and vice versa

NAT Terminology

To clarify this discussion and to fully prepare for the exam, you should reviewsome of the terminology used in a NAT environment You need to understand anumber of terms when using NAT, most notably:

➤ Inside Local Address—An IP address assigned to a host on the internal network

and is not being advertised to the Internet This address is generally assigned

by a local administrator This address is not a legitimate Internet address.

➤ Inside Global Address—A registered IP address as assigned by InterNIC.

➤ Outside Local Address—The IP address of an outside host of the network that

is being translated

➤ Outside Global Address—The IP address assigned to a host on the outside of

the network that is being translated

NAT Operation on Cisco Routers

When a packet leaves an inside network, NAT translates the inside address to aunique InterNIC address for use on the outside network, as shown in Figure 5.5.The router in Figure 5.5 will be configured for an address translation and willmaintain a NAT table When the packet returns from the outside network, theNAT router will again perform an address translation from the valid InterNICaddress to a local inside address

Let’s look at the steps required to configure NAT on a Cisco router The basicconfiguration tasks are as follows:

1 Determine the network addresses to be translated

2 Configure inside network with the IOS ip nat inside command.

3 Configure the outside network with the IOS ip nat outside command.

4 Define a pool of addresses that will be translated with the following

10.99.34.5 PC

10.99.35.5 PC

Ethernet

TR1

Internet Hosts S0

E0

Inside global IP address assigned by InterNIC, 131.108.1.1/24 NAT Table

Inside Address 10.99.34.5 10.99.35.5

Figure 5.5 NAT overview.

Now, for a more specific illustration, let’s configure NAT on Router R1 in Figure 5.5,the NAT pool name is going to be CCIE (you can use any name) Let’s assumethat InterNIC has assigned you the Class C address of 192.108.1.0/24 Yourservice provider has also supplied you the unique address 131.108.1.1/24 to use

on your serial connection Listing 5.2 provides a sample NAT configuration forthis setup The listing assumes that your setup has an IP routing protocol thatadvertises the 131.108.1.0/24 and 192.108.1.0/24 IP networks

Listing 5.2 Sample NAT configuration

hostname R1

ip nat pool CCIE 192.108.1.1 192.108.1.254 netmask 255.255.255.0

ip nat inside source 1 pool CCIE

Monitoring NAT

To monitor the operation of NAT, you can use the following commands:

show ip nat translation [verbose]

show ip nat statistics

The show ip nat translation command displays the current active transaction The show ip nat statistics command displays NAT statistics, such as how many

translations are currently taking place

NAT can also support many other advanced features, such as TCP load tion See the “Need to Know More Section” at the end of this chapter for addi-tional sources of information

distribu-Note: TCP load distribution is typically used in large IP networks that have server

farms A server farm contains two or more servers that are typically critical to a high end users You might want to distribute network TCP traffic across many servers but only use one IP address TCP load distribution will ensure all servers are equally

loaded TCP load distribution is sometimes referred to as Port Address Translation (PAT) PAT basically uses the same IP address, but different port addresses.

Hot Standby Router Protocol (HSRP)

HSRP is a protocol that allows networks to provide a virtual default gateway.Through HSRP you create a virtual default gateway address that is shared bymultiple routers

To illustrate how HSRP can provide default gateway support, refer to Figure 5.6

In Figure 5.6, you can see a network with two local routers configured with anEthernet interface address of 131.108.1.1/24 for Router R1 and 131.108.1.2/24for Router R2 Notice that both routers share a common Ethernet network All

131.108.1.100 HSRP

131.108.1.0/24

Figure 5.6 Example without HSRP.

devices in Figure 5.6 have been configured with a default gateway pointing toRouter R1 If Router R1 goes down or the Ethernet interface becomes faulty, allthe devices must be manually reconfigured to use the second default gateway(Router R2 Ethernet address) HSRP enables the network administrator to electone of the two routers to act as the default gateway If the elected router goesdown, the second router assumes the IP default gateway The IOS command

under the Ethernet interface, standby track <interface of WAN> will allow the

router to monitor the WAN link If the WAN link continuously fails past a old, the HSRP default router will decrease its priority to allow a more reliableWAN connection to provide a gateway For example in Figure 5.6, if the link onR1 to the WAN fails past a threshold then R2 will assume the HSRP address toprovide a faster connection to the IP backbone network

thresh-As shown in Figure 5.6, having redundant routers is helpful, but hosts can getconfused because they are typically only allowed one default gateway When us-ing HSRP, as shown in Figure 5.7, both routers retain their unique Ethernetaddresses However, HSRP allows them to share a virtual address This virtualaddress is assigned to each host as its default gateway In the event of a routerfailure, the other will assume control of the virtual address

E0 MAC Address (physical) 00-D0-97-D9-8000

E0 MAC Address (physical) 00-D0-97-D9-7000

Virtual MAC Address 00-00-0C-07-AC-01

Figure 5.7 Example Using HSRP.

Configuring HSRP

You can configure certain HSRP parameters to elect a default gateway router andmonitor routers’ WAN links To illustrate, let’s configure HSRP on Routers R1and R2 shown in Figure 5.6 Let’s make Router R1 the default gateway, becausethe link on Router R2 is occasionally prone to WAN problems All PCs on thenetwork are configured to use the default IP gateway 131.108.1.100/24 Listing 5.3displays the configuration for Routers R1 and R2

Listing 5.3 HSRP configuration on R1 and R2

!HSRP address used by local devices

standby track Serial0

! Monitor serial 0 for failures

standby track Serial0

In Listing 5.3, Router R1 will be the active default gateway, because it has thehigher priority If Router R1 fails, Router R2 will assume the virtual IP address of131.108.1.100

Monitoring HSRP

To monitor HSRP settings, you can use the show standby command The show standby command displays a router’s state and which router is active Listing 5.4 displays the output from the show standby command.

Listing 5.4 The show standby command.

Ethernet0 - Group 0

Local state is Active, priority 120, may preempt

Hellotime 3 holdtime 10

Next hello sent in 00:00:01.108

Hot standby IP address is 131.108.1.100 configured

Active router is local

Standby router is 131.108.1.2 expires in 00:00:08

Tracking interface states for 1 interface, 1 up:

Up Serial0