Maqueiras Network Module 1 unit 1
Routing Troubleshooting Tools... route command. For example
route add 192.168.3.0 mask 255.255.255.0 192.168.5.1 metric 2
Boarder gateway protocol(BGP)
**As (Autonomous Systems) *Autonomous -Existing as an independent entity *Group of IP routes under common control *RFC 1930, Section 3: Definitions -"An AS is a connected group of one or more IP prefixes run by one or more network operators which has a SINGLE and CLEARLY DEFINED routing policy." *Important point of reference for discussing interior Gateway Protocols and Exterior Gateway protocols **IGP (Interior Gateway Protocol) *USed within a single AS -Not intended to route between Autonomous Systems (AS) --Thats why tire's Exterior Gateway Protocols (EGPs) *OSPF (Open Shortest Path First) *IS-IS (Intermediate System to Intermediate System) *RIP (Routing Information Protocol) *EIGRP (Enhanced Interior Gateway Routing Protocol) *You'll use these every day **EGP (Exterior Gateway Protocol) *Used to route between autonomous systems -Leverages the IGP at th AS to handle local routing BGP (Boarder Gateway Protocol) -Many organization use BGP as their EGP. normally used to connect different types of networks like Rip to a EIGRP or also when connecting to the internet...
(IGMP) To join a group, each host is configured with a multicast IP address in addition to its standard address. There are two main ranges of multicast IPs:
*239.192.0.0 / 255.252.0.0 - the locally administered scope for private intranets, allowing for 262,144 groups. *233.0.0.0 / 255.255.255.0 - used for multicasting on the intern
Router Configuration
*A hardware router is configured and secured in the same way as a switch (using a web or command line interface for instance). *The main difference is that a router is likely to have an exposed public interface. *Properly securing the router is more important. *Routers are also more complex than switches and it is consequently easier to make mistakes and very similar to layer 3 switches advanced switches. *A software router is configured using the appropriate tools in the underlying NOS. As well as the configuration of the routing functions, the performance and security of the underlying server should be considered too.
A DHCP server: -must be allocated a static IP address -configured with the following information:
*A range of IP addresses to allocate (its scope). * A lease period plus renewal (T1) and rebinding (T2) timers. * A subnet mask to allocate. * Other optional information to allocate, such as default gateway and DNS address(es).
End Systems and Intermediate Systems ...Info... To read all of it again and decide more important facts to isolate into single question...
*All IP hosts are, in essence, capable of functioning as routers. *Hosts are incapable of forwarding packets to other subnets, and are therefore referred to as End Systems (ES). *Routers that interconnect subnets and can perform this packet forwarding process are known as Intermediate Systems (IS). *Routers are simply IP hosts configured with multiple network interfaces and knowledge of the location of other networks. *Information about the location of other networks is usually stored in a routing table of some sort.
Enhanced Interior Gateway Routing Protocol (EIGRP) resume
*An interior gateway protocol -Based on the earlier IGRP -A generic name, but very specify protocol *Proprietary to Cisco -Does not interoperate with other routers *EIGRP metrics -Total Delay -Minimum Bandwidth -Reliability -Load -Minium path Maximum Transmission Unit (MTU). *Hybrid routing protocol -A little link state, a little distance-vector -Supports multiple protocols(IP, IPX, AppleTalk) *Cleanly manage topology changes -Speed of convergence is always a significant concern -loop free operation -Diffusing update Algorithm (DUAL) chooses the path. *Minimize bandwidth use -Efficient discovery of neighbour routers. -Uses the proprietary Reliable Transport Protocol (RTP) to communicate
Routing algorithms and metrics... To achieve these goals, algorithms should: in short...
*Be efficient in selecting the best route *Be efficient in routing packets *Be reliable and flexible *Support rapid convergence
Routing algorithms and metrics... To achieve these goals, algorithms should:
*Be efficient in selecting the best route - the metrics used must be representative of the network and meaningful. *Be efficient in routing packets - too much overhead and complexity in the selection and routing process will slow the packet throughput, leading to unacceptable delays. *Be reliable and flexible - intermediate systems sit between networks and their failure may lead to significant problems. *Support rapid convergence - convergence is the process whereby routers agree on routes through the network.
UDP IP Ports
*Bootps-67- bootp DHCP server *Bootpc-68-bootp DHCP client *UDP-NTP-123
Routing Troubleshooting Tools... *For example, the default entries for a Windows host are:
*Default route (0.0.0.0). *Loopback address. *Host's subnet address. *Host's own address. *Multicast address. *Broadcast address.
TCP/UDP common port#
*Domain-TCP/UDP-port 53
TCP IP Ports
*File transfer protocol data-TCP -20 *File transfer protocol-TCP-21 *Secure shell-TCP-22 *Telnet-TCP-23 *Simple Mail Transfer protocol-TCP-25 *HTTP-TCP-80 *HTTPs-TCP-443 *Imap4-TCP-143. internet mail access protocol *Remote Desktop protocol-3389
Open Shortest Path First (OSPF) Resume
*Interior gateway protocol -Used within a single autonomous systems *Link-state protocol -Routing is based on the connectivity between routers. -Each link has a "cost" -Throughput, reliability, round-trip time -low cost and fastest path wins, identical costs are load balanced *Dynamic routing protocol -Detects changes in network link state and modifies the routing structure very quickly -Usually within seconds *OSPF routers and links are grouped logically into areas -default area is 0 -Each area has its own database of link states -Flexible *Very complex protocol -Common in large enterprise networks *Very capable Protocol -Fast convergence -Load sharing support
Devices use for routing ...edge router or border router...
*Is a router designed to connect a private network to the internet. *These routers can perform framing to repackage data from the private LAN frame format to the WAN internet access frame format. *Edge routers designed to work with DSL or cable modems are called SOHO Routers (Small Office or Home Office).
Internet Group Management Protocol (IGMP)
*Is an internet protocol, operating at the network layer that provides a way for an IP host to report its multicast group membership to adjacent routers -Multicasting allows one computer on the internet (or private IP network) to send content to multiple other computers that have identified themselves as interested in receiving the originating computer's content. -Software distribution and video conferencing applications may use multicasting and hence IGMP.
(Info) plus REASONS on the other side of the CARD An IP network address can represent an organization on the internet, but most companies need to farther subdivide their networks into different logical groups. These groups are referred to as subnetworks or subnets. Organizations need to do this for a number of REASONS:
*It is inefficient to have very large numbers of computers on the same network. A single network in this sense is a single broadcast domain; excessive broadcast traffic is created when there are more hosts on the same network. *Many organizations have more than one site and WAN links between them. The WAN link normally forms a separate network. *It is useful to divide a network into logically distinct zones for security and administrative control.
Types of Routing Algorithms... Some dynamic routing algorithm types include:
*Multipath *Hierarchical *Host-intelligent *Distance vector *Link-state
Enhanced Interior Gateway Routing Protocol (EIGRP)... Each router stores information in three tables:
*Neighbor Table - contains address and link state information about other routers to which there is a direct interface. *Topology Table - contains information about the wider network built from information obtained from neighbors, including hop count and link state information. The best path to a given network (called a successor) is built by DUAL (Diffusing Update ALgorithm). An alternative, backup path is referred to as a feasible successor. *Routing Table - stores the routes selected by DUAL as the best ones (successors).
Additional constraints to consider when planning an addressing scheme:
*Network ID cannot be 127 - this address is reserved for loopback testing. *Network and / or host IDs cannot be all 1s in binary - this is reserved for broadcasts. *Network and / or host ID cannot be all zeroes in binary - 0 means "This Network". *Host ID must be unique on the subnet. *Network ID must be unique on the internet (if using a public addressing scheme)
Routing Metrics These metrics might include:
*Path length *Reliability *Delay *Bandwidth *Load (Link utilisation) *MTU(Maximum Transmission Unit) *Price
Port Scanners
*Port scanning specifically aims to enumerate the TCP or UDP application ports that are "open" on a host. *Port scanning is associated with "footprinting", or discovering more about the network configuration in order to attack it. *However it is a useful technique for network administrators to use, as it reveals configuration errors and "back doors" as well as confirming that legitimate services are running as expected.
Routing Information Protocol resume
*RIP, RIPv2, RIPng -Been around since 1998 *Interior gateway protocol -Used within a single autonomous system *Distance-vector protocol -Routing is based on a number of hops between routers. -Usually calculated automatically. *Dynamic routing protocol -Detects changes in network link state and modifies the routing structure. *Routing information Protocol(version 1 and 2) -RIPv2 was updated for classless inter-domain Routing (CIDR) -RIPv2 includes authentication to verify the source. *Network address, number of hops, destination -Maximum number of hops is 15 *One of the most popular routing protocols -Even on larger networks.
Router Appliances
*Routers designed to service medium to large networks are complex and expensive appliances. *They feature specialized processors to handle the routing and forwarding processes and memory to buffer data. *Most routers of this class will also support plug-in cards for WAN interfaces.
Installing and configuring Routers The main features of a router include the following: ...in Short...
*Routers work at the network layer. *A router is able to keep track of multiple active paths between any given source and destination network. This makes it fault tolerant. *Routers provide excellent traffic management using sophisticated path selection; * Routers can share status and routing information with other routers and can listen to the network and identify which connections are busiest or not working. *Routers do not forward any information that does not have a correct network address.
Routing Protocols... Types os Routing Protocols
*Routing Information Protocol *Enhanced Interior Gateway Protocol *Open Shortest Path First *Boarder Gateway Protocol Extra info...check the table on the phone
UDP The table below shows the structure of a UDP datagram.
*Source port. *Destination port *Message length *Checksum --The header size is 8 bytes compared to 20 bytes (or more) for TCP.
Info When the DHCP server provides IP settings to a client, it must supply at a minimum *IP address and *subnet mask. ...Question... Depending on the configuration of the network, it may also provide other IP-related settings. These typically include:
*The default gateway (IP address of the router). *The IP address(es) of DNS servers. *The DNS suffix (domain name) to be used by the client. *Other useful server options, such as time synchronization (NTP), file transfer (TFTP), or VoIP proxy.
tracert / traceroute
*The tracert (Windows) / traceroute (Linux) ICMP utility is used to trace the route taken by a packet as it "hops" to the destination host on a remote network. *It can be used either with an IP address or FQDN. It returns the IP address (or FQDN) of each router used by the packet to reach its destination
Routers are responsible for two functions in an internetwork:
*They must choose a route *They must deliver the network packets to the destination using the selected route..
Internet access can be facilitated for hosts using the private addressing scheme in two ways:
*Through a router configured with a single or block of valid public IP addresses; the router translates between the private and public addresses (NAT). *A proxy server that fulfills requests for internet resources on behalf of clients.
TP... TCP(Transmission Control Protocol)
*Transport protocols work at the next layer up from the network layer. *IP provides addressing and routing functionality for a network. *Protocols at the transport layer are concerned with effective delivery *At the transport layer, communications are often referred to as segments. *The (TCP) provides a connection-oriented, guaranteed method of communication using acknowledgements to ensure delivery. *TCP takes data from the application layer as a stream of bytes and divides it up into segments, each of which is given a header. The TCP segments become the payload of the underlying IP datagram. *TCP requires that a session be established before hosts can exchange data. ***Another important function of TCP is handling flow control to make sure the sender does not inundate the receiver with packets. ***and it support unicast only.
(Info + Question:) Planning an IP Addressing Scheme A network designer will need to plan the network addressing scheme carefully. Before choosing a scheme, consider the following factors
*Whether you need a public or private addressing scheme. *How many networks and subnetworks you need. *How many hosts per subnet.
Installing and Configuring Routers ...Info...
*You should note that networks can be distinguished by different physical locations or by separate logical topologies (such as subnets). *In the former case, routers join networks together; in the latter they can subdivide a single physical network to conform to a logical topology.
IPv4 and IPv6 Internet Routing
*internet backbone routers store routes only to large networks, as identified by their network routing prefix. This is referred to as route aggregation or summarisation. *Classless IPv4 routing uses a mix of flat and hierarchical structures to make more efficient use of the limited address space (compared to the old method of classful address allocation). The system is based on (CIDR) Systems.
UDP is:
*is suitable for applications that send small amounts of data and do not require acknowledgement of receipt. *It is used by application layer protocols that need to send multicast or broadcast traffic. *It may also be used for applications that transfer time-sensitive data but do not require complete reliability, such as voice or video. The reduced overhead means that delivery is faster.
Netstat
*netstat can be used to investigate connections on your machine. These connections are established by checking for ports that are active or merely listening for connection attempts.
DHCP Scopes and Leases *Scope defintion *How to define a scope
*range of IP addresses that a DHCP server can allocate to clients, along with associated IP configuration settings known as DHCP options. -To define a scope, you must provide a start and end IP address, along with a subnet mask. -The range of addresses must be contain within the subnet mask given. -The DHCP server will then allocate the scope to this subnet.
Multiple Routing Protocols ...Info... *AD-Adminstrative Distance
-A complex network may need to run more than one routing protocol. -Where a router is configured to run multiple routing protocols, it uses a metric called Administrative Distance (AD) to determine which protocol to "trust" when presented with alternative routes to a network. -Default AD values are coded into the router but can be adjusted by the administrator if necessary: table below check book -This means, for example, that a static route will always be preferred to anything other than locally connected networks and that a route discovered by EIGRP would be preferred to one reported by RIP. The value of 255 for unknown routes means that they will not be used.
Netstat The following switches can be used:
-a displays all the connections and listening ports. -b shows the process that has opened the port. -e displays Ethernet statistics. -n displays the port's number in numerical format. -p proto displays ports by protocol (TCP or UDP). -r shows the routing table. -s shows per protocol statistics ...Info... The utility can also be set to run in the background by entering netstat nn, where nn is the refresh interval in seconds (press Ctrl+C to stop).
tracert / traceroute You can use the:
-d switch to suppress name resolution, -h to specify the maximum number of hops (the default is 30), -w to specify a timeout in ms (the default is 4000). -j option allows you to specify preferred routers (loose source routing)
To close a connection, the following basic steps are performed:
1-The client sends a FIN segment to the server and enters the FIN-WAIT1 state. 2-The server responds with an ACK segment and enters the CLOSE-WAIT state. 3-The client receives the ACK segment and enters the FIN-WAIT2 state. The server sends its own FIN segment to the client and goes to the LAST-ACK state. 4-The client responds with an ACK and enters the TIME-WAIT state. After a defined period, the client closes its connection. 5-The server closes the connection when it receives the ACK from the client
TCP A session is established using a three-way handshake:
1-The client sends a SYN segment to the server with a randomly generated sequence number. The client enters the SYN-SENT state. 2-The server, currently in the LISTEN state (assuming it is online), responds with a SYN/ACK segment, containing its own randomly generated sequence number. The server enters the SYN-RECEIVED state. 3-The client responds with an ACK segment. The client assumes the session is ESTABLISHED. 4-The server opens a session with the client and also enters the ESTABLISHED state.
DHCP Client initialisation 1-When a DHCP client initializes, it broadcasts to find a DHCP server. This is called a DHCPDISCOVER packet. 2-The DHCP server responds to the client with an IP address and other configuration information, as long as it has an appropriate IP address available. 3-The client may choose to accept the offer using a DHCPREQUEST packet - also broadcast onto the network. 4-Assuming the offer is still available, the server will respond with a DHCPACK packet. The client broadcasts an ARP message to check that the address is unused.
1-When a DHCP client initializes, it broadcasts to find a DHCP server. This is called a DHCPDISCOVER packet. All communications are sent using UDP, with the server listening on port 67 and the client on port 68 2-The DHCP server responds to the client with an IP address and other configuration information, as long as it has an appropriate IP address available. The IP addressing information is offered for a period of time. This packet is also broadcast and is called a DHCPOFFER 3-The client may choose to accept the offer using a DHCPREQUEST packet - also broadcast onto the network. 4-Assuming the offer is still available, the server will respond with a DHCPACK packet. The client broadcasts an ARP message to check that the address is unused. If so it will start to use the address and options; if not, it declines the address and requests a new one.
Private addressing
10.0.0.0 to 10.255.255.255 (Class A private address range). 169.254.0.0 to 169.254.255.255 (APIPA / link-local autoconfiguration). This range is used by hosts for autoconfiguration (selecting a link-local address). The first 256 addresses and last 256 addresses should not be used by hosts though. 172.16.0.0 to 172.31.255.255 (Class B private address range). 192.168.0.0 to 192.168.255.255 (Class C private address range).
Info Number of High order bits
10000000-128 11000000-192 11100000-224 11110000-240 11111000-248 11111100-252 11111110-254 11111111-255
Routing algorithms and metrics Flapping interface.
A "flapping" interface is one that frequently changes from online to offline and offline to online
Open Shortest Path First (OSPF) ...Defintion...
A hierarchical link-state routing protocol, Open Shortest Path First (OSPF) is better suited to large organizations with multiple redundant paths between various networks. It has high convergence performance compared to RIP and better scalability compared to EIGRP. It was designed from the outset to support classless addressing.
Open Shortest Path First (OSPF) ...Info...
A hierarchical link-state routing protocol, Open Shortest Path First (OSPF) is better suited to large organizations with multiple redundant paths between various networks. It has high convergence performance compared to RIP and better scalability compared to EIGRP. It was designed from the outset to support classless addressing. Networks and their connected hosts and routers within an autonomous system are grouped into OSPF areas. Routers within a given area share the same topological database of the networks they serve. Routers that can connect to multiple areas are known as Area Border Routers. A backbone (always called Area 0) is created by the collection of border routers. This backbone is only visible to the border routers and invisible to the routers within a specific area. Routers use a Link State Advertisement (LSA) to update their routing tables. In a given area, routers exchange OSPF Hello messages, both as a form of keep-alive packet and in order to acquire neighbors with which to exchange routing information. These exchanges of routing information enable the routers to each build a topological routing tree (a shortest-path tree) and keep it up-to-date. The use of areas to subdivide the network minimizes the amount of routing traffic that has to be passed around the network as a whole, improving convergence performance. Like EIGRP, messages are sent using OSPF's own datagram format. This is tagged as protocol number "89" in the IP datagram's protocol field. There are various packet types and a number of mechanisms to ensure sequencing and reliable delivery and to check for errors. OSPF also supports plain text or cryptographic authentication. The version in current use is OSPFv2; OSPFv3 provides support for IPv6.
Routing Troubleshooting Tools... ...Intro...
A host's routing table contains information about routes to other hosts. A router for a complex network would normally have a very large routing table populated dynamically by the routing protocol. An end system will usually have a simple routing table, configured with a few default entries. For example, the default entries for a Windows host are:
Path Selection Metric
A metric is a unit of measurement; for example, *how far the next hop router is, *how long it will take to route a packet to the subsequent routers, *what bandwidth is available on the selected path, *how large a packet can be sent without fragmentation, and so on.
Info Private addressing
A private network will typically use a private addressing scheme to allocate IP addresses to hosts. These addresses can be drawn from one of the pool of addresses defined in RFC 1918 as non-routable over the internet
Routing algorithms and metrics... Performance
All algorithms are designed to determine paths and switch packets across those paths.
Path Selection
All routers choose an appropriate path through the network using some sort of evaluation process of all possible paths available.Metrics are used in this process.
*DHCP Scopes and Leases Leases
Along with the scope, you also need to define a lease period. A long lease period means the client does not have to renew the lease as frequently but the DHCP server's pool of IP addresses is not replenished. Where IP addresses are in short supply, a short lease period provides a means of utilizing addresses from computers that are not in use.
Routing Protocols... Exterior Gateway Protocol (EGP)
An Exterior Gateway Protocol (EGP) is one that can perform routing between autonomous systems.
Routing Protocols... Interior Gateway Protocol (IGP)
An Interior Gateway Protocol (IGP) is one that performs routing within a single private network, also referred to as an Autonomous System (AS).
Info + important info in the other side Classful Addressing In the classful addressing system, an organization was allocated a network address from a suitable class (A, B, or C). With the introduction of subnetting, depending on the class of IP address, some of the octets were fixed but the remaining portion could use any valid addressing scheme. For example, an organization might be allocated the network address 128.248.0.0 where it can allocate the third and fourth octets as it desires. Under this classful system, almost all Class B addresses became allocated. This shortage of network addresses prompted the development of IP version 6, which uses 128-bit IP addresses. However, the deployment of IPv6 has been enormously protracted, so a series of stopgap measures have been introduced over the years. The earliest were the use of subnetting and private address ranges to hide the complexity of private local networks from the wider internet. Another significant measure was the introduction of supernetting or Classless Interdomain Routing (CIDR) in 1993
Another significant measure was the introduction of supernetting or Classless Interdomain Routing (CIDR) in 1993.
Info IP Addressing Schems
As described earlier, the combination of an IP address and subnet mask can be used to describe a network ID and a host ID. "Addressing schemes" describes different ways of configuring IP addressing to suit different types and sizes of networks.
(I.Info) and definition Automatic Private IP Addressing (APIPA) *Developed for clients configured to obtain an address automatically that could not contact a DHCP server to communicate on the local subnet. *The host randomly selects an address from the range 169.254.1.0 - 169.254.254.255.
Automatic Private IP Addressing (APIPA) was developed by Microsoft as a means for clients configured to obtain an address automatically that could not contact a DHCP server to communicate on the local subnet. The host randomly selects an address from the range 169.254.1.0 - 169.254.254.255. These addresses are from one of the address ranges reserved for private addressing (169.254.0.0/16; the first and last subnets are supposed to be unused). It then performs an ARP broadcast to check that the address is currently unused; if it is in use, the host selects another address, and repeats the broadcast, and so on. This type of addressing is referred to as link-local in standards documentation (RFC 3927). Link-local addressing mechanisms can also be implemented on other client OS's, such as Bonjour for the Mac OS X platform or Avahi for Linux.
Bandwidth
Bandwidth - metrics based on bandwidth look at the maximum achievable bandwidth on a link and do not consider the available bandwidth. This is a less efficient metric than delay-based metrics.
BootP(Bootstrap Protocol) * develop to supply hosts with a full set configuration such as: IP addresses Subnet mask Default gateway DNS server Disadvantages: *It depends on a static configuration file mapping address to MAC addresses. -Which lead DHCP.
Bootstrap Protocol (BOOTP) was developed as a means of supplying a full set of configuration parameters (IP address, subnet mask, default gateway, DNS addresses, and so on) to a host. The additional parameters are provided in an executable boot file downloaded to the host using Trivial File Transfer Protocol (TFTP). BOOTP is still used in some circumstances to provide addressing information to diskless workstations and print devices. The main drawback of BOOTP is that it depends on a static configuration file mapping IP addresses to MAC addresses. This drawback was addressed by the development of BOOTP into the Dynamic Host Configuration Protocol (DHCP
how to identify an address class from the first octet of the IP address in decimal:
Class A 1-126 Class B 128-191 Class C 192-223
Info IP Address Classes
Class A network addresses support large numbers of hosts - over 16 million. However, there are only 126 of them. There are 16 thousand Class B networks, each containing up to about 65,000 hosts. Finally class C networks support only 254 hosts each, but there are over 2 million of them.
Delay
Delay - it takes time for a packet to traverse an internetwork. Delay-based metrics measure transit time (latency).
Path selection Routing algorithms
Different routing algorithms, as implemented in the various routing protocols, may use different metrics and make comparisons of available paths in different ways. However, the desired end result is always the same - to choose the optimal path for a specific packet at a given moment.
Distance Vector
Distance vector - distance vector algorithms require that routers propagate their entire routing table periodically to their immediate neighbors. Distance vector algorithms provide for slower convergence than with link-state algorithms.
Dynamic configuration host protocol *It provides an automatic method for allocating: -IP addresses -Subnet masks -and optional parameters such as -Default gateway -DNS Address. *DHCP-is defined in RFC 2131 *All major operating systems provide support for DHCP client and server.
Dynamic Host Configuration Protocol (DHCP) provides an automatic method for allocating IP addresses, subnet masks, and optional parameters, such as the default gateway and Domain Name Server (DNS) address. This mitigates many of the configuration problems discussed previously. DHCP is defined in RFC 2131. All the major operating systems provide support for DHCP clients and servers. DHCP servers are also embedded in many SOHO router / modems.
The main headers in a TCP segment are
Fields... *Source port *Destination port *Sequence number *Ack number *Data length
End Systems (ES) also referred to Hosts,
Host are incapable of forwarding packets to other subnets
Routing protocols ...Info...
For larger organizations in is simply not practical to configure routing tables manually. Aside from anything else, routing information is seldom static as routers are reconfigured, taken temporarily offline, and even decommissioned. Whilst many organizations can manage to maintain routing tables for these internal changes, when connected to the internet, it becomes almost impossible. Consequently, router vendors provide support for routing protocols. These routing protocols use various algorithms and metrics to build and maintain routing tables to provide reasonably current routing information about the networks to which they are connected. An Interior Gateway Protocol (IGP) is one that performs routing within a single private network, also referred to as an Autonomous System (AS). An Exterior Gateway Protocol (EGP) is one that can perform routing between autonomous systems. Some of the most popular routing protocols are listed in the table below.
*Hierarchical - in hierarchical routing systems, certain routers form a routing backbone. *Other routers are grouped into logical collections, sometimes called areas or domains.
Hierarchical - in hierarchical routing systems, certain routers form a routing backbone. *Other routers are grouped into logical collections, sometimes called areas or domains. Some routers can communicate with routers in other domains, whilst the remainder are limited to communication with routers in the current domain. Non-hierarchical systems are referred to as flat; a situation in which all routers can inter-communicate with one another.
Host-Intelligent Host-intelligent - in host-intelligent algorithms, it is assumed that end systems (hosts) can perform path determination and routers act as store-and-forward devices only.
Host-intelligent - in host-intelligent algorithms, it is assumed that end systems (hosts) can perform path determination and routers act as store-and-forward devices only. In router-intelligent systems, end systems have no knowledge of routes or routing and merely forward their requests to the routers who perform the path determination and routing function
(IGMP) ...Info... in both sides Multicasting on the Internet requires a service provider with a multicast-enabled router network. The Multicast Backbone (MBONE) network once maintained by some of the universities is now defunct. IP multicasting on the Internet may be resuscitated by IPTV (broadcasting television channels and movies using IP)
IGMP is only used to configure group membership and propagate that information between multicast routers. A separate class of multicast routing protocols (Distance Vector Multicast Routing Protocol [DVMRP], Protocol Independent Multicast [PIM], Multicast Border Gateway Protocol [MBGP]), or Multiprotocol Label Switching (MPLS) manage forwarding and Quality of Service. At the data link layer, multicasts are delivered using a specially designated OUI belonging to IANA [01:00:5E] in the MAC address. Switches capable of recognizing IGMP traffic ("IGMP snooping") are also beneficial otherwise the traffic is broadcast to all h
IPv4 and IPv6 internet Routing ...info...
IPv4 and IPv6 Internet Routing Internet routers must be able to locate any host on the internet. As there are millions of networks and hosts, it is impossible to do this by storing routes to each of them. Instead, internet backbone routers store routes only to large networks, as identified by their network routing prefix. This is referred to as route aggregation or summarization. Classless IPv4 routing uses a mix of flat and hierarchical structures to make more efficient use of the limited address space (compared to the old method of classful address allocation). The system is based on the Classless Interdomain Routing (CIDR) specification. High-level network routing prefixes (or CIDR blocks), which are 8 bits in length (/8s), are allocated by IANA to Regional Internet Registries (RIR), such as ARIN (America) and RIPE (Europe). A few are still held privately by companies such as IBM, Xerox, HP, or AT&T or by government agencies such as the DoD. You can view the assignments at gtsgo.to/yqu0j. The registries then allocate blocks to national and local registries. Actual ISPs are generally allocated blocks with prefixes of 20 bits or less. Any routing over that boundary (that is, a /21 network or higher) takes place solely within the ISP's network rather than over the general internet. The ISP's network is referred to as an Autonomous System. The ISPs subdivide their allocations into different sized blocks for different customer requirements, ranging from dynamically allocated addresses for home users, through fixed single IP addresses for small businesses, to smaller and larger ranges for medium sized and large enterprises. At each level, a router serving a particular set of networks needs only to be advertised by a routing prefix of a given length, greatly reducing the number of routes that need to be stored in memory.
IPv4 and IPv6 internet Routing ...Continues...
IPv6 follows the same hierarchical structure, with the advantage of planning an efficient addressing topology from the start and having a larger address space to work with. The full network prefix of an IPv6 address is 64 bits long. This is divided up into the following general hierarchy: The globally unique unicast address range is indicated by the 2000::/3 address space (the first 3 bits). Ranges from this address space are allocated to RIRs in blocks from /3 to /32, as listed at gtsgo.to/48het. ISPs received allocations from their registry in the space from /32 to /35. End users receive allocations from their ISP in the /48 to /64 range. End users can subnet their networks using the remainder of the network prefix left to them (if any).
Packet delivery Time to Live (TTL)
If the packet has been routed the Time to Live (TTL) is decreased by at least one. This could be greater if the router is congested. When the TTL is zero, the packet is discarded. This prevents badly addressed packets from permanently circulating the network.
Packet delivery ...Info... Maximum transmission unit (MTU)
In IPv4, routers can be made responsible for calculating the Maximum Transmission Unit (MTU - or datagram size) for a given interface and fragmenting and reassembling datagrams that are too big. In IPv6, the host is responsible for determining the MTU and routers cannot perform fragmentation.
Information about other networks is usually stored:
In a routing table of some sort.
Enhanced Interior Gateway Routing Protocol (EIGRP)
Interior Gateway Routing Protocol (IGRP) was developed by Cisco to provide a routing protocol for routing within a domain, or autonomous system (that is, within a single organization). IGRP was seen as a possible alternative to organizations limited by the inherent restrictions imposed by RIP, such as the hop count limit of 15. Limitations in IGRP, such as lack of support for classless addressing, led to the development of Enhanced IGRP (EIGRP). There are versions for IPv4 and IPv6. IGRP itself is now obsolete. Like RIP, EIGRP is usually classed as a distance vector-based routing protocol. Unlike RIP, which is based on a simple hop count metric, EIGRP uses a metric composed of several administrator weighted elements, including reliability, bandwidth, delay, and load. EIGRP also supports multiple paths to the destination network, again, unlike RIP. EIGRP may also therefore be described as an advanced distance vector protocol or as a hybrid routing protocol. EIGRP builds on the strengths of RIP whilst providing for more efficient route selection, better administrative control, and better fault tolerance. More info... Unlike RIP, EIGRP is a native IP protocol, which means that it is encapsulated directly in IP datagrams rather than using TCP or UDP (it is tagged with the protocol number "88" in the protocol field of the IP header). EIGRP uses the Reliable Transport Protocol (RTP) with a mixture of multicast and unicast messages. RTP provides sequence and acknowledgement numbers (but only where necessary), so it has some of the functions of TCP but less of the overhead. Unlike RIP, changes to the topology are transmitted as updates after startup, so much less unnecessary traffic is generated and convergence performance is better.
Intermediate Systems (IS).
Intermediate Systems (IS) are Routers that interconnect subnets and can perform this packet forwarding process.
Link-State
Link-state - routers implementing a link-state algorithm propagate information about only their own links to other routers on the internetwork. These smaller, frequent updates lead to more rapid convergence and more efficiently support larger networks. However, they are more processor intensive
Load(Link utilisation)
Load (link utilization) - a metric that bases routing decisions on how busy a particular route is
MTU (Maximum Transmission Unit)
MTU (Maximum Transmission Unit) - how large a packet can be sent without the need for fragmentation
Multipath
Multipath *some algorithms provide for only a single path to the destination, whilst others support multiple paths. Advantage *different paths can be used simultaneously for load balancing.
Advanced Port Scanning Tools Some examples include
Nmap, IPEye, SuperScan, and Atelier Web Security Port Scanner.
Info directly connected route.
Once a router has received a packet, it goes through the same process that the source host did to calculate whether the packet needs to be routed to another router or whether the packet can be delivered locally to another interface (i.e. an interface other than the originating interface). This is referred to as a directly connected route.
Reverse ARP(RARP) *One of the first auto configuration mechanism to automatically obtain Ip addresses. * IP addresses obtained from a server configured with a list of MAC:IP addresses mappings. *Only used to obtain IP addresses
One of the first autoconfiguration mechanisms was Reverse ARP (RARP) which allows a host to obtain an IP address from a server configured with a list of MAC:IP address mappings. RARP can only be used to obtain an IP address, which is inadequate for most implementations of TCP/IP. Consequently,
Packet Delivery
Packet delivery is the physical process of transmitting the packet to the destination host.
Packet Delivery ...Info...
Packet delivery is the physical process of transmitting the packet to the destination host. As we have seen, when a host determines that it must route a packet, it determines the MAC address of the nearest router (its default gateway) and merges the data link frame onto the wire. The router interface with the corresponding MAC address picks up the frame, and tries to determine if the destination host is directly attached to any of its interfaces. If so, it updates the frame with the MAC address of the destination host and merges the new frame onto the appropriate interface. If not, then the router determines the appropriate path, and selects a router on that path, and inserts the next router's MAC address into a new frame (containing the original IP packet) and merges it onto the wire attached to the appropriate interface for the next hop router. If the packet has been routed the Time to Live (TTL) is decreased by at least one. This could be greater if the router is congested. When the TTL is zero, the packet is discarded. This prevents badly addressed packets from permanently circulating the network.
Path Selection ...Info...
Path Selection All routers choose an appropriate path through the network using some sort of evaluation process of all possible paths available. Metrics are used in this process. A metric is a unit of measurement; for example, how far the next hop router is, how long it will take to route a packet to the subsequent routers, what bandwidth is available on the selected path, how large a packet can be sent without fragmentation, and so on. Different routing algorithms, as implemented in the various routing protocols, may use different metrics and make comparisons of available paths in different ways. However, the desired end result is always the same - to choose the optimal path for a specific packet at a given moment.
Path Length
Path length - the end-to-end cost of using a route (hop count). You might assign an arbitrary value to a particular path between router A and B and between B and C. The end-to-end path length is the sum of A-to-B and B-to-C
Price
Price - you can assign a monetary cost to various links and the router using a cost metric will try to select the cheapest link available. Useful for organizations routing on a budget
Reliability
Reliability - over a period of time, it might become obvious that some links between routers are more reliable than others. You can assign an arbitrary value for this reliability that routers can assess when determining an effective path.
Installing and configuring Routers The main features of a router include the following:
Routers work at the network layer. Routers are able to identify source and destination network addresses within packets. A router is able to keep track of multiple active paths between any given source and destination network. This makes it fault tolerant. Routers provide excellent traffic management using sophisticated path selection; they select the best routes based on traffic loads, line speeds, number of hops or administrator pre-set costs. The parameters used for determining routes for packets are called metrics. Routers can share status and routing information with other routers and can listen to the network and identify which connections are busiest or not working. They then route network traffic avoiding slow or malfunctioning connections. Routers do not forward any information that does not have a correct network address. For this reason they do not forward bad data. They also filter broadcast traffic by not routing broadcast packets. This means network broadcasts do not propagate throughout the internetwork and that broadcast storms are confined to a single subnet.
Routing Troubleshooting Tools... route command. more info...
Routes added in this manner are often stored in memory and require reloading if the machine is restarted. A route can be permanently configured in the Registry using the -p switch. If you are experiencing problems contacting a remote network, try adding the route to that network manually. The tool also allows for routes to be deleted (DELETE), modified (CHANGE), and displayed (PRINT). The Linux version of route is similar to the Windows tool in usage though the syntax is quite different and the CHANGE parameter is not supported.
Routing Information Protocol (RIP) info...
Routing Information Protocol (RIP) is a long established distance vector-based routing protocol. It uses a hop count metric to determine the distance to the destination network. Generally speaking, each router is assigned a hop count value of 1. RIP only considers a single route to a given destination network - that with the lowest hop count. To help prevent looping, the maximum hop count allowed is 15. Consequently, this limits the maximum size of a RIP network as networks which have a hop count of 16 or higher are unreachable. RIP sends regular updates about the routing table to neighboring routers plus ad-hoc updates whenever changes occur. When a router receives an update from a neighbor, it updates the appropriate route in its own route table, increases the hop count by 1, and indicates the originator of the update as the next hop to the specified network. The router then propagates the update. RIP uses the User Datagram Protocol (UDP) as the network transport protocol (port 520). There are, in fact, three implementations of RIP. RIPv2 provides for a level of authentication between RIP routers and uses more efficient multicast transmissions rather than broadcasting updates. In addition, RIPv2 packets carry a subnet mask field and therefore support classless addressing. RIPng is an update to support IPv6. RIPng uses UDP port 521. Because it is widely adopted, well understood, and simple, RIP is ideally suited to small networks with fairly limited failover routes. For more complex networks, with redundant paths, other network routing protocols should be considered.
Info Introduction to the unit
Static versus Dynamic IP Addressing Originally, all the parameters required by TCP/IP were configured manually (static configuration). Every machine was allocated an appropriate IP address, a subnet mask, and a default gateway (router) for its network. Manual configuration is relatively complex and if any of the values are entered incorrectly, communications are affected and the cause of the problem has to be isolated, which can be difficult. For example, a very common problem is accidental configuration of duplicate IP addresses. When TCP/IP loads on a Windows host, it checks that there is no other machine with the same IP address on the network. If it encounters a duplicate, it disables the protocol and the machine will be unable to communicate. Ensuring each machine is configured with a unique IP address can become a very tedious responsibility for the administrator of a large network. Errors are disastrous for the network users as only the first machine holding the duplicate IP address can connect to the network. Over the years, several mechanisms have been employed to provide a client autoconfiguration service for TCP/IP.
Info + Other side Supernetting was designed to solve two major problems of the classful addressing scheme as more and more networks joined the internet through the early 1990s.
Supernetting is described in RFC 4632. Essentially, it uses bits normally assigned to the network ID to mask them as host or subnet bits. *Network addresses (specifically, Class B addresses) were becoming very scarce. *Near exponential growth in internet routing tables
UDP(User datagram protocol)
The (UDP) is a connectionless, non-guaranteed method of communication with no sequencing or flow control (the application layer controls delivery reliability). *There is no guarantee regarding the delivery of messages or the sequence in which packets are received.
Network Time Protocol (NTP)
The Network Time Protocol (NTP) provides a transport over which to synchronize these time dependent applications *NTP works over UDP on port 123.
Routing algorithms and metrics... ...Info...
The routing protocol you implement depends upon a variety of factors. As different protocols support different routing algorithms, it is worth spending some time considering the different algorithms used.
Types of Routing Algorithms ...Info...
The algorithms used for path selection can be categorized according to the topology and metrics that they use to build and update routing tables. Static routing is defined manually. You create the routing entries in the router's memory and they only change if you edit them. Routers configured this way are not flexible and do not support rapid convergence, but they might suit a small internetwork. Most routing takes place using dynamic algorithms, encoded in a routing protocol. Routers use these protocols to exchange information about connected networks periodically and select the best available route to a particular destination.
When does the process of routing takes place
The process of routing takes place when a host needs to communicate with a host on another network or in another subnet.
Introduction... ...Info... Routing Basics
The process of routing takes place when a host needs to communicate with a host on another network or in another subnet. IP is able to determine that the target host is on a different network by deriving the network address from the full IP source and destination addresses and comparing them. The network address is obtained by masking the full IP address against a network prefix or subnet mask. Extra reading In IPv4, the network prefix can be increased (to make more network numbers available) at the expense of the number of host IDs left available for each network. The network prefix can be expressed in slash notation as a number of bits (172.16.0.0/20 for instance) or as a dotted decimal subnet mask (255.255.240.0 for instance). In IPv6, the host ID is always 64 bits and the network prefix is only given in slash notation. Prefixes are allocated in a hierarchical manner, with the smaller prefix blocks (which contain more networks) going to internet registries, who then allocate mid-size blocks to ISPs, who then allocate the blocks with the largest network prefixes to end users. End users themselves may then be left with a block to use to subnet their network. In either protocol, IPv4 or IPv6, once the IP layer has established that the destination host is on a different network, routing must take place
Advanced Port Scanning Tools ...Info...
There are a number of tools that can perform scans against remote computers as well as the local host. These tools are often used to probe for weaknesses or exploitable conditions in network security. Some tools can perform additional functions to simple port scanning, including network mapping, vulnerability scanning, service enumeration, and host profiling.
Class D and E
There are two additional classes of IP address (D and E) that utilize the remaining numbers. Class D addresses (224.0.0.0 through 239.255.255.255) are used for multicasting; Class E addresses (240.0.0.0 through 255.255.255.255) are reserved for experimental use and testing.
Router placement
To get a better resume The graphic below shows a simplified example of a typical network configuration. Basic switches provide ports and Virtual LANs (logical groupings of clients) for wired and (via an access point) wireless devices. Traffic between logical networks is controlled by a router (or layer 3 switch). A WAN router provides access to the internet. Typical network configuration Routers are connected to a LAN network via switches. Each interface (LAN and WAN) must be configured with appropriate IP addressing information. Their function is typified by acting as the "default gateway" for hosts on the internal network. You should note however, that the function of subdividing a network can also be performed more efficiently by Layer 3 Switches, which take on the functions of a router.
unicast packet
When an IPv4 host wants to send a packet to another single host
Public Internet Addressing
When an organization wants to connect to the internet, it must apply for a range of public IP addresses via its Internet Service Provider (ISP)
Broadcast
When the local host needs to communicate with multiple hosts, it can do so either by using a broadcast, in which the destination address is all hosts on the local subnetwork,
Info Classful Subnets
When working with classful addresses, the default subnet mask can be modified to allow a single network to be divided into a number of subnets. To do this, additional bits of the IP address have to be allocated to the network address rather than the host ID
Very important to know and read, read and read more... The process of designing the scheme is as follows:
Work out how many subnets are required (remembering to allow for future growth) then round this number to the nearest power of 2. For example, if you need 12 subnets, the next nearest power of 2 is 16. The exponent is the number of bits you will need to add to your default mask. For example, 16 is 24 (two to the power of four), so you will need to add 4 bits to the default network prefix. Next work out how many hosts each subnet must support and whether there is enough space left in the scheme to accommodate them. For example, if your network address is in the /16 range and you use 4 bits for subnetting, you have 12 bits for hosts in each subnet. The number of hosts per subnet can be expressed using the formula 2n-2, where n is the number of bits you have allocated for the host ID. 12 bits is enough for 4094 hosts in each subnet. Just for comparison, if you have a /24 (or Class C) network address, there will only be enough space left for 14 hosts per subnet (24-2). You can make more efficient use of the space by deploying Variable Length Subnet Masks (VLSM). In this case, you assign network prefixes of different lengths to different subnets. For example, you could create some /26 subnets with up to 50 hosts and some /30 subnets with just two hosts (for WAN links perhaps). Remember that we subtract 2 because each subnet's network address and broadcast address cannot be assigned to hosts. Now work out the subnets. The easiest way to find the first subnet ID is to deduct the least significant octet in the mask (240 in the example) from 256. This gives the first subnet ID, which, in full, is 172.16.16.0/20. Work out the next subnet ID, which will be the lowest subnet value higher (32 in the example). The second and subsequent subnet IDs are all the lowest subnet ID higher than the one before - 16, 32, 48, and so on. Work out the host ranges for each subnet. Take the subnet address and add a binary 1 to it for the first host. Take the next subnet ID and deduct two binary digits from it. In our case, this is 172.16.16.1 and 172.16.31.254 respectively. Repeat for all subnets.
Installing and Configuring Routers ...A router...
is the device that connects multiple networks and routes packets from one network to another (internetwork).
Utilities are available to view and modify the routing table. For example, both UNIX / Linux and Windows support the route command. The syntax is as follows:
route [-f -p] ADD DestinationIP MASK Netmask GatewayIP METRIC MetricValue IF Interface *DestinationIP is a network or host address. *Netmask is the subnet mask for DestinationIP. *GatewayIP is the router to use to contact the network or host. *MetricValue is the cost of the route. *Interface is the adapter the host should use (used if the host is multi-homed)
Multicast address
which represents a group of computers, programmed to respond to a particular address.