7.1 - 7.4 Routing
Interior and Exterior Routing
Dynamic routing protocols can be classified by their use, either for interior routing or exterior routing.
Link State Routing Protocols
1. Link state protocols are also known as shortest path first protocols. The following is the general process employed by a router that uses link state protocols for finding best hop information. 2. The router examines its directly connected network links and assigns a metric value. - The metric value is based on the status and connection type of the link. - The metric value may also include other factors, such as bandwidth and delay. 3. The router determines the neighbor routers that are connected by each direct network link. 4. The router builds a link-state packet (LSP) that contains a list of its neighbors and the metric value of the link to that neighbor. 5. Through a process called flooding, the router sends the LSP to its neighbor routers. 6. Neighboring routers, in turn, sends the LSP to its neighbors, and so on. - To eliminate looping, each router forwards the packet to every neighbor except the one it received the packet from. - A smart flooding algorithm prevents looping when there are circular routing paths. 7. Using converged route information, the router constructs a complete map of the routing topology. 8. From this map, the router will calculate the best path to each destination network. - Best path is determined using Dijkstras's algorithm, which calculates the shortest path first. 9. Using the link-state protocol, the router uses the best path information to insert next hop information for each network path into the routing table.
Which of the following IP addresses is a valid IP address for a host on a public network?
142.15.6.1 A public network is a network that does not limit traffic to members of a corporation or other group. The internet is an example of a public network. Certain sets of IP addresses are reserved for private networks only and cannot be used on public networks. They are: 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?
169.254.0.1 - 169.254.255.254 169.254.0.1 - 169.254.255.254 is the range of IP addresses assigned to Windows DHCP clients if a DHCP server does not assign the client an IP address. This range is known as the Automatic Private IP Addressing (APIPA) range. The other three ranges listed in this question are defined as the private IP addresses from RFC 1918, which are commonly used behind a NAT server.
You have a computer that is connected to the internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer? (Select all that apply.)
172.18.188.67 10.0.12.15 192.168.12.253 Of the addresses listed here, the following are in the private IP address ranges: 10.0.12.15 (private range = 10.0.0.0 to 10.255.255.255) 172.18.188.67 (private range = 172.16.0.0 to 172.31.255.255) 192.168.12.253 (private range = 192.168.0.0 to 192.168.255.255)
Black Hole Router
A black hole router is a router that drops packets if the size of the packet exceeds the Maximum Transmission Unit (MTU) size it can support. It is called a black hole because the router does not send an error message to the sending host when it drops an oversize packet. In essence, the packet enters a network "black hole."
7.4.3 Troubleshoot Routing Facts
A general routing problem symptom is the inability to access hosts on a specific network or any remote network. In this lesson, you will learn how to troubleshoot a few routing problems: > Can't access hosts outside the local subnet. > Can't communicate with any host on a specific network. > Can't access the internet. > Remote clients can't access network resources.
Packet
A packet is the payload of an OSI Layer 2 frame. A packet has a header and a payload. The header contains the source and destination IP addresses. The payload depends on the protocol that formed the packet.
Packet
A packet is the payload of an OSI layer 2 frame. A packet has a header and a payload. The header contains source and destination IP addresses. The payload depends on the protocol that formed the packet.
How Routing Works
A router is a device that sends packets from one network to another.
Routing loop
A routing loop occurs when data is being passed back and forth between routers in the path instead of forwarding it to the destination network.
Which of the following is a characteristic of static routing when compared to dynamic routing?
All routes must be manually updated on the router. Static routing requires that entries in the routing table are configured manually. Network entries remain in the routing table until manually removed. When changes to the network occur, static entries must be added or removed. The next hop router is used with most routes to identify the next router in the path to the destination, regardless of whether the route is a static or dynamically-learned route. The hop count can be used by static or dynamic routes, depending on the routing protocol used. Static routing can be used for private and public networks whether they are connected to the internet or not.
Throughput
Although the advertised bandwidth is the maximum capacity of a link, its actual throughput will be less due to latency and other network overhead. If used in the cost calculation, larger throughput will contribute to a lower cost.
Next Hop
An IP address entry in a router's routing table that specifies the next or closest router in its routing path.
7.3 Network Address Translation
As you study this section, answer the following questions: > How does NAT work? > What is the difference between static NAT and dynamic NAT? > What is port forwarding? > What is the difference between NAT and PAT? > Which IP addresses are considered private and guaranteed not to be used on the internet? In this section, you will learn to: > Configure NAT from the CLI. > Configure NAT on an NSA. > Configure port forwarding. The key terms for this section include:
7.4 Routing Troubleshooting
As you study this section, answer the following questions: > How is it possible for all hosts on a subnet to be configured with the wrong default gateway address? > What is the format for the default route entry in a routing table? What purpose does the default route serve? > What are the symptoms of a routing loop? How can you identify a routing loop? > Why might you escalate routing problems that you observe? > How can proxy ARP settings appear as routing problems? In this section, you will learn to: > Troubleshoot routing. > Find path information. The key terms for this section include:
7.2 Routing Protocols
As you study this section, answer the following questions: > What network link characteristics are used by routing protocols when computing a metric value or cost? > How does a distance vector routing protocol differ from a link state routing protocol? > How are routing paths shared by distance vector routing protocols? > How are routing paths shared by link state routing protocols? > What is a hybrid routing protocol? > How is administrative distance used to select a best path? > What is the difference between RIP and RIPv2? Why is this important in today's networks? > Which routing protocol is typically used within an ISP? Which protocol is used on the internet? > Which routing protocols divide an autonomous system into areas? > How does IS-IS differ from OSPF? In this section, you will learn to: > Configure a router with static routes. > Enable OSPF routing. The key terms for this section include:
7.1 Routing Basics
As you study this section, answer the following questions: > With respect to routing, what is a packet? > With respect to routing, what is a network? > What does the next hop signify? > What information is contained in a routing table? > What is the function of a routing table? > In a routing table, how is the default route used? > What is the difference between static and dynamic routing? > When would you create a static routing table entry? > When would you configure both static and dynamic routing on the same router? > What is the difference between interior and exterior routing? The key terms for this section include:
Which of the following routing protocols uses paths, rules, and policies instead of a metric for making routing decisions?
BGP BGP is an advanced distance vector protocol (also called a path vector protocol) that uses paths, rules, and policies to make routing decisions instead of a metric.
Which of the following routing protocols is used by routers on the internet for learning and sharing routes?
BGP BGP is the protocol used on the internet. ISPs use BGP to identify routes between ASs. Very large networks can use BGP internally, but typically only share routes on the internet if the AS has two (or more) connections to the internet through different ISPs. RIP is used on small private networks, while OSPF and EIGRP are used on larger private networks. IS-IS is used on very large private networks and within the internet service provider (ISP) network.
7.1.3 Practice Questions
CIST 1401
7.2.9 Practice Questions
CIST 1401
7.3.6 Practice Questions
CIST 1401
7.4.6 Practice Questions
CIST 1401
You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem. Which of the configuration values would you most likely need to change?
Default gateway Check the default gateway setting on the computer. The default gateway value is used for sending packets to other subnets. If the value is incorrect, then the packets will not be sent to the correct router. In this scenario, the host can communicate with other hosts on the same subnet, meaning that the IP address and subnet mask are correctly configured. The DNS server address is likely not the problem, as name resolution is not mentioned in the scenario. In addition, if name resolution were a problem, it could affect access to both local and remote hosts.
7.4.4 Find Path Information 1
Click the View Lab button and use the tracert command from the IT Administrator workstation (named ITAdmin) to answer the following question. Below are the IP addresses of the hops in the path between ITAdmin and the remote computer on the Internet which has an IP address of 206.8.28.127. Drag the IP addresses listed on the left, to the hops described on the right. Use only the addresses that belong to the routers that match the description. Not all of the IP addresses on the right will be used. Default gateway for ITAdmin 172.25.10.1 The ISP Internet Router 65.86.1.1 The PartnetNet Router 12.34.58.102 The destination host 206.8.28.127
7.4.5 Find Path Information 2
Click the View Lab button and use the tracert command to identify the devices in the path between the IT Administrator workstation (named ITAdmin) and a remote computer on the Internet which has an IP address of 206.8.28.127. How many routers are in the path between ITAdmin and the remote computer? six What is the default gateway address for ITAdmin? 172.25.10.1 What is the IP address of the last router in the path between ITAdmin and the remote computer? 73.44.216.19
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when all OSPF routers have learned about all other routes in the network?
Convergence The term "convergence" is used to describe the condition when all routers have the same (or correct) routing information. Convergence requires some time, but once it is reached, it means that any router has learned about all other networks that are being advertised (or shared) on the network. Link-state and distance vector describe general methods that routers use to share routes with other routers. Classful describes a routing protocol that assumes the subnet mask based on the address class of the network. Variable length subnet masks (VLSM) lets you use custom subnet masks for subnetting or supernetting.
Dynamic and Static NAT
Dynamic and static NAT, where two IP addresses are given to the public NAT interface (one for dynamic NAT and one for static NAT), allows traffic to flow in both directions.
Distance Vector Routing Protocols
Distance vector routing protocols: > Set a metric value or cost based on how far away a network is. - Are generally measured by hop count. - May measure distance by delay, packets lost, or something similar. > Set a direction that is associated with the distance. - Direction refers to the network interface that is used to forward the IP packet to the distant network. When using a distance vector protocol, a router: > Will only share information with its direct neighbors (the next hop routers). > Will share all route information that it knows about. - Directly connected routes - Routes learned from its direct neighbors > Will send route information at a regularly scheduled time. Convergence occurs when all routers share a consistent view of the network. Each router will used converged path information to insert next hop information for each learned path into the routing table. It does this by choosing the route with the lowest metric.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Drop the packet. If a packet does not match any route in a routing table, the router drops the packet. In this example, the router does not know about the destination network, and it is not configured with a default route. With a default route, the router will forward the packet to the next hop router specified by the default route.
You want to connect your small company network to the internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connections to internal hosts. What type of network address translation (NAT) should you implement?
Dynamic Use dynamic NAT to share public addresses with multiple private hosts. Dynamic NAT allows private hosts to access the internet, but does not allow internet hosts to initiate contact with private hosts.
Dynamic NAT
Dynamic NAT automatically maps internal IP addresses with a dynamic port assignment. On the NAT device, the internal device is identified by the public IP address and the dynamic port number. Dynamic NAT allows internal (private) hosts to contact external (public) hosts, but not vice versa—external hosts cannot initiate communications with internal hosts. This implementation is also sometimes called many-to-one NAT because many internal private IP address are mapped to one public IP address on the NAT router.
Border Gateway Protocol (BGP)
EGP - Hybrid BGP is an advanced distance vector protocol (also called a path vector protocol). BGP is an exterior gateway protocol (EGP) used for routing between autonomous systems. > BGP uses paths, rules, and policies instead of a metric for making routing decisions. > BGP is a classless protocol. > Internal BGP (iBGP) is used within an autonomous system; External BGP (eBGP) is used between autonomous systems. > BGP is the protocol used on the internet; ISPs use BGP to identify routes between autonomous systems. Very large networks can use BGP internally, but typically share routes on the internet only if the AS has two (or more) connections to the internet through different ISPs.
Which of the following routing protocols is classified as a hybrid routing protocol?
EIGRP EIGRP is a hybrid routing protocol developed by Cisco for routing within an AS RIP is a distance vector protocol, while OSPF and IS-IS are link state protocols.
Exterior
Exterior routing is done between autonomous systems. Organizations that connect their private network to the internet are assigned a unique autonomous system number, or ASN. > Exterior routing is the routing performed by the so-called internet backbone. > In most organizations, exterior routing will be limited to a single router that connects the organizations network to the internet via an ISP. - This router is often called a border router or an edge router. > Larger organizations or organizations with a critical mission may have multiple ISPs that give them redundant internet connectivity. In this case, the edge router or routers must run an exterior routing protocol.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Forward the packet to the next hop router specified by the route to network 0.0.0.0. A route of 0.0.0.0 with a mask of 0.0.0.0 identifies a default route. The default route is used when no other route is a better match. Packets that match no other networks are sent to the next hop router specified by the default route.
You have a private network connected to the internet. Your routers will not share routing information about your private network with internet routers. Which of the following best describes the type of routing protocol you would use?
IGP You would use an interior gateway protocol (IGP) on routers within your network. Routing protocols can be classified based on whether they are routing traffic within or between autonomous systems. An interior gateway protocol (IGP) routes traffic within an AS; an exterior gateway protocol (EGP) routes traffic between ASs. Link state and distance vector describe how routing protocols share routing information. The network size might determine which protocol is best for your network. Static routing uses manually-defined routes in the routing table, while dynamic routing uses a protocol so routers learn and share routes with other routers. You can use static routing, dynamic routing, or both on a private network.
Routing Information Protocol (RIP)
IGP - Distance Vector RIP is a distance vector routing protocol used for routing within an autonomous system (such as an IGP). > RIP uses hop count as the metric. > RIP network size is limited to a maximum of 15 hops between any two networks. A network with a hop count of 16 indicates an unreachable network. > RIP v1 is a classful protocol; RIP v2 is a classless protocol. *RIP is best suited for small private networks.
Enhanced Interior Gateway Routing Protocol (EIGRP)
IGP - Hybrid EIGRP is a hybrid routing protocol developed by Cisco for routing within an AS. > EIGRP uses a composite number for the metric, which indicates bandwidth and delay for a link. The higher the bandwidth, the lower the metric. > EIGRP is a classless protocol. *EIGRP is best suited for medium to large private networks.
Intermediate System to Intermediate System (IS-IS)
IGP - Link State IS-IS is a link-state routing protocol used for routing within an AS. > IS-IS uses relative link cost for the metric. > IS-IS is a classless protocol. > The original IS-IS protocol was not used for routing IP packets; use integrated IS-IS to include IP routing support. > IS-IS divides a large network into areas. There is no area 0 requirement, and IS-IS provides greater flexibility for creating and connecting areas than OSPF . > L1 routers share routes within an area. L2 routers share routes between areas. An L1/L2 router can share routes with both L1 and L2 routers. > A network link is the boundary between one area and another area. *IS-IS is best suited for large private networks; it supports larger networks than OSPF. IS-IS is typically used within an ISP and easily supports IPv6 routing.
Open Shortest Path First (OSPF)
IGP - Link State OSPF is a link state routing protocol used for routing within an AS. > OSPF uses relative link cost for the metric. > OSPF is a classless protocol. > OSPF divides a large network into areas. - Each autonomous system requires an area 0 that identifies the network backbone. - All areas are connected to area 0, either directly or indirectly through another area. - Routes between areas must pass through area 0. > Internal routers share routes within an area; area border routers share routes between areas; autonomous system boundary routers share routes outside of the AS. > A router is the boundary between one area and another area. *OSPF is best suited for large private networks.
Can't access the internet
If hosts are able to reach all internal networks but can't access the internet, try the following: > Verify that the internet connection is up. > Check for a default route on the router connected to the internet. A default route is indicated by a network address of 0.0.0.0 with a mask of 0.0.0.0. The default route is used for packets that do not match any other entries in the routing table. *Most routers that connect private networks to the internet do not know about specific networks and routes on the internet. Additionally, most routers do not share routes for private subnets with internet routers. A router is configured with a single default route that is used for all internet traffic, and a router at the ISP is responsible for sharing a single route for your private network with other internet routers.
Can't communicate with any host on a specific network
If hosts are unable to contact hosts on a specific subnet but they can communicate with other subnets, try the following: 1. Verify that the router connected to the subnet is up. 2. Use the route command on the default gateway of the local subnet and verify that the router has a route to the remote subnet. If necessary, configure a routing protocol so that the route can be learned automatically or configure a static route. 3. Use traceroute to view the route taken to the destination network. Identify the last router in the path and then troubleshoot routing at that point. 4. Check for routing loops in the path to the destination network. A routing loop is caused by a misconfiguration in the routers along the path, causing data to be sent back along the same path rather than forwarded to the destination. Routing loops are indicated by: - Routing table entries that appear and then disappear (called route flapping), often at regular intervals (such as every minute). - Routing table entries where the next hop router address oscillates (switches) between two or more different routers. *Routing loops are displayed in a traceroute output and shows the same sequence of routers being repeated. 5. Check for black hole routers. A black hole router causes the ping utility to send an ICMP echo packet that has the IP "Do not Fragment" or DF bit set. 6. -l sets the buffer (or payload) size of the ICMP echo packet. Specify this size by typing a number after the -l parameter. > The ping test will provide you with helpful information: - If the MTU of every segment of a routed connection is at least the MTU size, the packet is successfully returned. - If there are intermediate segments that have smaller MTUs, and the routers return the appropriate ICMP destination unreachable packet, the ping utility displays the message, "Packet needs to be fragmented but DF set." - If there are intermediate segments that have smaller MTUs and the routers do not return the appropriate ICMP "destination unreachable" packet, the ping utility displays the message, "Request timed out."
Can't access hosts outside the local subnet
If one or more hosts can communicate only with hosts on the local subnet, the problem is likely with the default gateway configuration. > If a single host is having problems, check the default gateway setting on that host. > If multiple hosts are having problems, check the default gateway setting and verify that the DHCP server is configured to deliver the correct default gateway address. > If all hosts have the same problem and the default gateway setting is correct, verify that the default gateway server is up and configured for routing. This issue could also be caused by problems with the neighbor discovery (ND) protocol. > Routers on the same link use the ND protocol to advertise their existence to neighboring routers and to learn about the existence of their neighbors. > Routers process ND messages to identify the link layer addresses of neighboring devices that are directly connected to the router. > Routers use the ND protocol to periodically send and receive small hello packets to and from neighboring routers. If hello packets are not received from a particular router, it is assumed that the router is not functioning. Issues with the ND protocol can occur when a large subnet is used for point-to-point links between routers, especially when IPv6 is used. By convention, a /64 prefix is used on each subnet when implementing IPv6, allowing for a very large number of hosts on the subnet. If you use a standard /64 prefix on the link subnet, the ND protocol will try to perform address resolution for all possible hosts on the subnet. When this happens, newly connected devices may not be recognized by other routers for a long period of time. A point-to-point link between routers is composed of only two interfaces, one on each end of the link. Therefore, the link subnet needs only to support a maximum of two hosts. As a recommended best practice, use a very small subnet for the point-to-point link between routers to reduce ND traffic. The recommendation is to use 127-bit (/127) prefixes on these links instead of the conventional 64-bit prefix.
Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers?
If the network is connected to the Internet using multiple ISPs. Very large networks can use BGP internally, but typically only share routes on the Internet if the AS has two (or more) connections to the Internet through different ISPs. If your network has over 15 hops, use a routing protocol other than RIP. Use OSPF or IS-IS to divide your network into areas. Private networks that use public IP addresses do not need to share routes with Internet routers; it is typically the responsibility of the ISP to configure routes into the private network, even when public addressing is being used. A single route out of the private network is all that is required if the network has a single connection to the Internet.
Routing Metrics
If there are multiple paths to a distant network, a routing protocol will assign a metric to each directly connected network link. The metric value can be thought of as the cost of sending a packet over that link. The metric is used when determining the best path to a network. A routing protocol can use one or more of the following characteristics:
Remote clients can't access network resources
If you have remote access clients who can establish a connection to the remote access server but can't connect to other resources on the private network, check the following: > If remote clients are being assigned IP addresses on the same subnet as the private network, make sure that proxy ARP is enabled on the LAN interface of the remote access server. Proxy ARP makes it appear as if the remote clients are connected to the same network segment. > If remote clients are being assigned IP addresses on a different subnet than the private network, make sure the remote access server is configured to route packets between the remote clients and the private network.
7.2.4 Routing Protocol Facts
In this lesson, you will learn about several routing protocols: RIP and RIPv2 EIGRP OSPF IS-IS BGP The following table lists the characteristics of each routing protocol.
Interior
Interior routing is done within an autonomous system (AS). An autonomous system is a private network that is somewhat independent of the internet. The only thing that is shared is the link to the internet. > You own and control the routers. > You determine where the routers are located - You control the logical topology. - You control the physical topology. > You control the interfaces that connect the routers to your network. > You determine which interior routing protocols are enabled.
Latency
Latency is the delay in transmissions over the path. If latency is used in the cost, a path with higher latency has a higher cost.
Latency
Latency is the delay in transmissions over the path. If latency is used in the cost, a path with higher latency will have a higher cost.
Link Utilization
Link utilization is the percentage of a network's bandwidth that is currently being consumed by network traffic. If utilization is used, the cost will be less for links with low utilization.
Loopback Entry
Loopback entries contains loopback addresses which are used for diagnostics and for troubleshooting the TCP/IP stack. Loopback interfaces are always available. They will continue to run even if other physical interfaces in the router are down.
Loopback Entry
Loopback entries contains loopback addresses, which are used for diagnostics and for troubleshooting the TCP/IP stack.
Dynamic
Maintaining static only routing in a large network with multiple routers would be very difficult, especially when there are multiple network paths that an IP packet can take to get to its destination. Routers can dynamically learn about networks by sharing routing information with other routers. > Dynamic routing is implemented by enabling a routing protocol. > A routing protocol adds dynamic entries to the routing table. > If multiple paths to a network are available, routing protocols define: - The algorithm used to calculate a metric. - How routers communicate with each other to share network path information. > Routing protocols use metric information to insert the best hop into the routing table when multiple paths are available. If needed, you can add static routes to supplement dynamic routing to identify networks that are not learned about through any routing protocol.
When multiple routes to a destination exist, what is used to select the best possible route?
Metric Routers use metric values to identify the distance, or cost, to a destination network. The metric is used by the routing protocol to identify and select the best route to the destination when multiple routes exist. The metric can be calculated based on hop count, bandwidth, or link cost. The Exterior Gateway Protocol is a routing protocol that routes traffic between autonomous systems. The distance vector is a routing protocol that defines how routers update and share routing information. An autonomous system number is a unique number used to identify an autonomous system.
You manage a network with multiple subnets connected to the internet. A user reports that she can't access the internet. You investigate the problem and find that she can access all hosts on the private network, including subnets, but no hosts on the internet. Which of the following is likely the cause of the problem?
Missing default route on a router If you can access all private subnets but not the internet, troubleshoot the connection to the internet. For example, verify that routers have a default route that would apply to internet traffic and make sure the internet link is up and working. The default gateway on the workstation is configured properly because routing to other subnets works correctly, meaning that the workstation is able to send and receive packets from remote networks. A duplex mismatch would cause slow communications, but some access might still be possible. A switching loop would affect devices within the subnet, not on other subnets.
You manage a network with multiple subnets connected to the internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on that subnet. However, the computer does access other computers on other subnets as well as the internet. Which of the following is most likely the cause of the problem?
Missing route on the default gateway router The most likely cause of the problem is a missing route in one of the routers on your internal network (or that the router connecting that subnet to the network is down). Because the problem applies to all hosts in the remote subnet, you can suspect some type of misconfiguration of the router. The default gateway on the workstation is configured properly because routing to other subnets and the internet works correctly, meaning that the workstation is able to send and receive packets from remote networks. A switching loop would affect devices within the subnet, not on other subnets. Incorrect VLAN membership for the server would affect communications with the server only, not all devices on the subnet (unless all switch ports on the remote subnet are assigned to the same VLAN).
Network Address Translation (NAT)
NAT translates private addresses to the public address of the NAT router. This allows you to connect a private network to the internet without obtaining registered (public) addresses for every host.
How NAT Works
NAT works by translating private addresses to the public address of the NAT router. > Hosts on the private network share the IP address of the NAT router or a pool of addresses assigned for the network. > The NAT router maps port numbers to private IP addresses. Responses to internet requests include the port number appended by the NAT router. This allows the NAT router to forward responses back to the correct private host. > Technically speaking, NAT translates one address to another. Port address translation (PAT) associates a port number with the translated address. - With only NAT, you would need a public address for each private host. NAT associates a single public address with a single private address. - PAT allows multiple private hosts to share a single public address. Each private host is associated with a unique port number on the NAT router. - Because virtually all NAT routers perform PAT, you normally use PAT, and not just NAT, when you use a NAT router. (NAT is usually synonymous with PAT.)
Neighbor Discovery (ND)
ND enables routers on the same link to advertise their existence to neighboring routers and to learn about the existence of their neighbors. Routers use ND messages to identify the link-layer addresses of neighboring devices that are directly connected to the router.
Which of the following techniques allows incoming traffic addressed to a specific port to move through a NAT router and be forwarded to a specific host?
Port forwarding Port forwarding is a type of static NAT implementation where a specific port is mapped to a private IP address. Incoming traffic that is addressed to a specific port is then forwarded to the specified host. Port address translation (PAT) is used to keep track of which request goes to which host on the internal network. EIGRP is a routing protocol used to exchange information about known routes with other routers. The spanning tree protocol is used to eliminate switching loops within a network.
7.3.5 NAT Facts
Network address translation (NAT) allows you to connect a private network to the internet without obtaining registered addresses for every host. This lesson covers: > How NAT works > Implementing NAT > Reserved private IP addresses
Bandwidth
Network bandwidth measures the capacity of a link. If bandwidth is a factor in the cost, a link with a lower capacity link will have a higher cost than a link with a high bandwidth link.
Bandwidth
Network bandwidth measures the capacity of a link. If bandwidth is a factor in the cost, a link with a lower capacity link will have a higher cost than a link with high bandwidth.
Which of the following routing protocols divides the network into areas, with all networks required to have an area 0 (area 0 identifying the backbone area)?
OSPF OSPF divides a large network into areas. Each autonomous system requires an area 0 that identifies the network backbone. All areas are connected to area 0, either directly or indirectly through another area. Routes between areas must pass through area 0. IS-IS uses areas, but does not have an area 0 requirement. Neither RIP nor EIGRP use areas.
Which of the following routing protocols uses relative link cost as the metric?
OSPF OSPF is a link-state routing protocol used for routing within an AS. OSPF uses relative link cost for the metric.
Which of the following best describes OSPF?
OSPF is a classless link state routing protocol. OSPF is a classless link state routing protocol. RIP version 1 and IGRP are both classful distance vector routing protocols. EIGRP is a hybrid protocol that supports classless addressing.
What are the main differences between the OSPF and IS-IS routing protocols?
OSPF requires an area 0, while IS-IS does not. Like OSPF, IS-IS uses areas when designing the network. However, IS-IS does not require an area 0 like OSPF does. Because IS-IS was originally designed for non-IP protocols, it can more easily support IPv6 routing. Both OSPF and IS-IS have the following characteristics: Both are link state protocols. Both are classless protocols, supporting CIDR and VLSM. Both are Interior Gateway Protocols (IGPs) that are used within an AS.
You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the internet. Why can't you access the server?
Private addresses are not accessible through the internet. The server has been assigned a private IP address. Private addresses are not accessible from the internet. Instead, a NAT router translates the private address into a public address, and the public address is used to gain access to the private host.
You work for a large multinational organization that has an extensive global network that is interconnected using WAN links and routers. Lately, users in one location have complained that they are unable to access resources stored on a server named FS23 in a South American branch office. To troubleshoot the issue, you have done the following: > Verified that the server is up and running. > Verified that the various routers in between the two locations are up and running. You suspect that perhaps one of the routers between the two locations may be dropping packets. To test this theory, you enter the ping FS23 -f -l 1500 command on your workstation. The ping command returns the following command for each ping packet sent: "Packet needs to be fragmented but DF set." What does this mean?
One of the intermediate routers is an MTU black hole. A black hole router will drop packets when the packet size exceeds the maximum transmission unit (MTU) size. You can use ping to locate a black hole router by setting the following parameters along with the IP address of the remote host: -f causes the ping utility to send an ICMP echo packet that has the IP do not fragment bit set. -l sets the buffer (or payload) size of the ICMP echo packet. Specify this size by typing a number after the -l parameter. The ping test will provide you with helpful information: If the MTU of every segment of a routed connection is at least the MTU size, the ping is successful. If there is an intermediate segment that has a smaller MTU size, the router returns an ICMP destination unreachable packet, and the ping utility displays a "Packet needs to be fragmented but DF set" message.
Which of the following associates a port number with a host on a private network?
PAT Port address translation (PAT) associates a port number with the translated address. Use PAT to allow multiple private hosts to share a single public address. Each private host is associated with a unique port number. Technically speaking, NAT translates one address to another. With only NAT, you would have to have a public address for each private host. NAT would associate a single public address with a single private address. Because virtually all NAT routers perform port address translation, most routers that are configured with NAT are really performing PAT. When you use a NAT router, you normally use PAT, not just NAT. (NAT is typically used synonymously with PAT.) Classless inter-domain routing (CIDR) allows non-default subnet masks (variable-length subnet masks, or VLSMs).
Packet Loss
Packet loss occurs when IP packets fail to reach their destination. If it is used in calculating cost, a link that experiences greater packet loss will have a higher cost.
Your computer has an IP address of 161.13.5.15. Your computer is on a:
Public network Most IP addresses are public IP addresses. However, certain ranges have been reserved for private networks. These are: 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255 Because your computer's IP address does not fall into these ranges, it is a public IP address.
Which of the following protocols has a limit of 15 hops between any two networks?
RIP RIP networks are limited in size to a maximum of 15 hops between any two networks. A network with a hop count of 16 indicates an unreachable network. The other routing protocols do not use the hop count as the metric. EIGRP uses bandwidth and delay for the metric. OSPF and IS-IS use a relative link cost. BGP uses paths, rules, and policies for the metric.
Which of the following statements about RIP is true?
RIP uses hop counts as the cost metric. RIP is a distance vector routing protocol. As such, it is susceptible to the count-to-infinity problem. RIP uses the hop count as the cost metric. Because it has a limitation of 15 hops in one route, it is not suited for large networks.
To perform routing, a router:
Receives a frame Opens the frame's payload, which is an IP packet Reads the packet header to find IP addressing information Matches the destination network address with entries in its routing table creates a new frame using the packet as a payload Transmits the new frame to the next hop gateway.
Reliability
Reliability is measured by how often the path is down. If it is used in cost calculations, a highly reliable path has a lower cost.
Reliability
Reliability is measured by how often the path is down. If it is used in cost calculations, a highly reliable path will have a lower cost.
Which of the following tasks do routers perform? (Select two.)
Route data based on logical network addresses. Maintain information about paths through an internetwork. Routers build and maintain tables of routes through an internetwork and deliver data between networks based on logical network addresses.
7.2.2 Routing Protocol Characteristics Facts
Routers use a routing protocol to assign a metric to a network path and exchange information about paths with other routers. In this lesson, you will learn about: > Routing metrics > Routing protocol categories > Distance vector protocols > Link state protocols > Hybrid protocols > Administrative distance > Configure a static route
Static and Dynamic Routing
Routing can be classified by how entries are added to the routing table. There are three types of routing entries—default, static and dynamic. You can use default, static and dynamic routing together. Information about other networks can be added to the routing table using one of two methods:
7.1.2 Routing Facts
Routing is the process of moving packet from one network to another using routers. In this lesson you will learn about: How routing works Static and dynamic routing Interior and exterior routing
You are the network administrator for a small company that implements NAT to access the internet. You recently acquired five servers that must be accessible from outside your network. Your ISP has provided you with five additional registered IP addresses to support these new servers, but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network, yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these five servers?
Static Static translation consistently maps an unregistered IP address to the same registered IP address on a one-to-one basis. Static NAT is particularly useful when a device needs to be assigned the same address so it can be accessed from outside the network, such as web servers and other similar devices. Dynamic translation would not work for these servers because it maps an unregistered host IP address to any available IP address configured in a pool of one or more registered IP addresses. Accessing a server assigned one of these addresses would be nearly impossible because the addresses are still shared by multiple hosts.
You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a web server and allow internet hosts to contact the server to browse a personal website. What should you use to allow access?
Static NAT Static NAT maps an internal IP address to a static port assignment. Static NAT is typically used to take a server on the private network (such as a web server) and make it available on the internet. External hosts contact the internal server using the public IP address and the static port. Using a static mapping allows external hosts to contact internal hosts. Dynamic NAT automatically maps internal IP addresses with a dynamic port assignment. On the NAT device, the internal device is identified by the public IP address and the dynamic port number. Dynamic NAT allows internal (private) hosts to contact external (public) hosts, but not vice versa. External hosts cannot initiate communications with internal hosts. DNS records associate a host name with an IP address. Multicast can forward a single data stream to all computers that are members of the same multicast group.
Static NAT (SNAT)
Static NAT maps a single private IP address to a single public IP address on the NAT router. Static NAT is used to take a server on the private network (such as a web server) and make it available on the internet. Using a static mapping allows external hosts to contact internal hosts—external hosts contact the internal server using the public IP address and the static port. This implementation is called one-to-one NAT because one private IP address is mapped to one public IP address. *In addition to static NAT, the term SNAT also means source NAT, stateful NAT, and secure NAT. Although the terms vary, the function is the same. One commonly used implementation of static NAT is called port forwarding. Port forwarding allows incoming traffic addressed to a specific port to move through the firewall and be transparently forwarded to a specific host on the private network. Inbound requests are addressed to the port used by the internal service on the router's public IP address (such as port 80 for a web server). This is often called the public port. Port forwarding associates the inbound port number with the IP address and port of a host on the private network. This port is often called the private port. Based on the public port number, incoming traffic is redirected to the private IP address and port of the destination host on the internal network. *Port forwarding is also called destination network address translation, or DNAT.
Static
Static routing entries are manually added to the routing table. A route entry of 0.0.0.0 identifies the default entry or default route which is special form of a static entry.Static entries remain in the routing table until they manually removed.When changes to the network occur, static entries must be modified, added, or removed.Static routing works well in smaller networks.
Port Address Translation (PAT)
Technically speaking, NAT translates one address to another. Port address translation (PAT) associates a port number with the translated address.
Default Route
The default route is an entry of 0.0.0.0 in a routing table. This entry matches every network.
Default Route
The default route is an entry of 0.0.0.0 in a routing table. This entry matches every network. If no other entry in the routing table matches the destination IP address in a packet, the router will send the packet to the gateway found in the default route. The gateway identified in the default route is known as the default gateway. If a default route does not exist, the router will drop any packets that do not match an entry in a routing table.
Routing Table
The routing table is a database of entries containing: > The address of a known network. > The next hop gateway (router). > The network interface to reach the next hop gateway. > A metric or cost that indicates the desirability of the route (Tte lower the metric, the more desirable the route).
Hop Count
The distance between networks can be measured in hop counts, or the number times a router forwards an IP packet from one network to another. For a directly connected link, the hop count is zero.
Hop Count
The distance between networks can be measured in hop counts, or the number times a router forwards an IP packet from one network to another. For a directly connected link, the hop count will be zero.
What information does the next hop entry in a routing table identify?
The first router in the path to the destination network. The next hop router is the first (or next) router in the path to the destination network. Each router looks at the destination network in the packet, then consults the routing table to identify the next hop router to the destination network. The hop count identifies the number of routers in the path to the destination network. A default gateway router is a router that is used for packets sent to external networks. Most routers do not have a default gateway setting, but instead use a default route setting, which identifies a next hop router for all unknown networks.
Troubleshooting Strategies
The following table presents a general troubleshooting strategy for each of these routing issues.
Load
The load on a router refers to the amount of computational work that it performs. If load is a factor in the cost, links for routers that are performing under heavy load will have a higher cost.
MTU
The maximum transmission unit (MTU) setting on a router determines the maximum payload size for a frame. While this characteristic is not usually included in a metric, it is sometimes used as a tie-breaker when two links or paths have the same cost.
Routing Table
The routing table is a database of entries, each with: The address of a known network The next hop gateway (router) The network interface to reach the next hop gateway A metric or cost that indicates the desirability of the route (The lower the metric, the more desirable the route.)
Routing Protocol Categories
There are two primary categories of gateway protocols, distance vector protocols and link state protocols. A third category is a combination of these two, hybrid protocols. There is only one popular exterior routing protocol, and it is a hybrid protocol. The difference in these categories of routing protocols is: > How metric values are calculated > How path information is shared between routers
Configure a Static Route
To configure a static route, enter the following commands at the prompt: SFO>enable SFO#configure terminal SFO(config)#ip route network_address subnet gateway SFO(config)#ip route 0.0.0.0 0.0.0.0 gateway SFO(config)#exit SFO#copy run start
Next Hop
To forward a packet, a router only needs to know next hop information, not the full path to the ultimate destination. The next hop is the gateway (router) that the router will to send the packet to.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?
Wait for convergence to take place. When using a routing protocol, changes in routing information take some time to be propagated to all routers on the network. The term "convergence" is used to describe the condition when all routers have the same (or correct) routing information. Static routes in the routing table must be updated manually. Restarting RIP might actually increase the time required for changes to be learned. Forcing an update (if the router supports it) is not a requirement, as the periodic sharing of routes will eventually update the routing table entry.
Reserved Private IP Addresses
When connecting a private network to the internet through NAT, IP addresses on the private network are commonly those reserved by the Internet Assigned Numbers Authority (IANA) for that purpose. These address ranges are guaranteed not to be used on the internet and do not need to be registered. The private IPv4 address ranges are: > 10.0.0.1 to 10.255.255.254 > 172.16.0.1 to 172.31.255.254 > 192.168.0.1 to 192.168.255.254
Administrative Distance
When more than one protocol is enabled on a router, each protocol is given an administrative distance. When the best path is being determined, protocols with a lower administrative distance are chosen over those with a higher administrative distance. Most routers have a default administrative distance assigned to each routing protocol. Source of the Route - Default Administrative Distance Connected interface or static route to an interface - 0 Static route to an IP address - 1 EIGRP summary - 5 BGP external - 20 EIGRP internal - 90 IGRP - 100 OSPF - 110 IS-IS - 115 RIP - 120 EIGRP external - 170 BGP internal - 200 Unknown source - 225
Network
When used in routing, the term network can be defined as a broadcast domain where all the hosts have the same network portion in their IP address. Normally, a LAN fits this more precise definition of a network.
Implementing NAT
When you implement NAT, be aware of the following: > NAT supports a limit of 5,000 concurrent connections. > NAT provides some security for the private network because it translates or hides private addresses. > A NAT router can act as a limited-function DHCP server, assigning addresses to private hosts. > A NAT router can forward DNS requests to the internet. > The following table describes three types of NAT implementation.
7.2.8 Enable OSPF Routing
You have two routers connected as shown in the network diagram. Router Jujuy has already been configured to share route information using OSPF on area 0. All interfaces have been configured and enabled. *The actual network statement you use does not have to match the subnet address on an interface. Instead, the network statement and mask must include the subnet address. For example, to enable OSPF on the Fa0/0 interface, you could have used any of the following statements: network 192.168.1.0 0.0.0.255 area 0 network 192.168.0.0 0.0.255.255 area 0 network 192.0.0.0 0.255.255.255 area 0 network 0.0.0.0 255.255.255.255 area 0 In this lab, your task is to complete the following: Configure the Salta router to share information about all directly connected routes with the Jujuy router. When you are finished, save your changes *To check your work, view the routing table on each router. If your configurations were successful, each router will have learned two networks through OSPF. Complete this lab as follows: 1. Select Salta. 2. Press Enter. 3. At the prompt, enter: Salta>enable Salta#config t Salta(config)#router ospf 100 Salta(config-router)#network 192.168.1.0 0.0.0.255 area 0 Salta(config-router)#network 192.168.2.0 0.0.0.255 area 0 Salta(config-router)#network 172.17.150.140 0.0.0.3 area 0 4. Press Ctrl + Z. 5. Enter the following command at the prompt: Salta#copy running-config startup-config 6. Press Enter. 7. Press Enter to save your changes.
7.2.7 Configure Static Routes
Your branch offices are connected to the main office and the internet through the SFO router. You need to configure static routes on the SFO router for each destination. Both of the serial interfaces connecting the SFO router to the main office and the internet have been configured and are up. Complete this lab as follows: Configure a static route to the 10.0.0.0/8 network (LAX). Configure a default route to the internet. Save your changes to the startup-config file. *Use the next hop address when assigning the static routes. Your ISP's address is 160.12.99.1. Use the show cdp neighbors detail command to discover the next hop address for the 10.0.0.0 network. Enter the following commands to configure the SFO static routes: 1. In the diagram, select the SFO router. 2. Press Enter. 3. At the prompt, enter: SFO>enable SFO#configure terminal SFO(config)#ip route 10.0.0.0 255.0.0.0 172.17.12.98 SFO(config)#ip route 0.0.0.0 0.0.0.0 160.12.99.1 *Make sure to add a space between the 2 octets of zeros. SFO(config)#exit SFO#copy run start 4. Press Enter. 5. Press Enter to save your changes.
Which of the following utilities would you use to view the routing table?
route Use the route command to display the contents of the routing table and to add or remove static routes. traceroute, or tracert, uses ICMP packets to test connectivity between devices and shows the path between the two devices. Responses from each hop on the route are measured three times to provide an accurate representation of how long the packet takes to reach and be returned by that host. The mtr command on Linux is a combination of the ping and traceroute commands. The dig command resolves (looks up) the IP address of a host name.
Which of the following commands would display the output shown here?
route print Use the route print or netstat -r commands to display the contents of the routing table. The mtr command performs a test that is like a combination of the ping and traceroute commands. The host command resolves host names to IP addresses. The ifconfig command shows the IP configuration on a Linux computer.
Which TCP/IP utility gives you the following output?
tracert The exhibit shows a few lines from the tracert command, which shows you each host a packet must pass through to reach its destination.
Examine the following output: 4 22 ms 21 ms 22 ms sttlwa01gr02.bb.ispxy.com [154.11.10.62] 5 39 ms 39 ms 65 ms plalca01gr00.bb.ispxy.com [154.11.12.11] 6 39 ms 39 ms 39 ms Rwest.plalca01gr00.bb.ispxy.com [154.11.3.14] 7 40 ms 39 ms 46 ms svl-core-03.inet.ispxy.net [205.171.205.29] 8 75 ms 117 ms 63 ms dia-core-01.inet.ispxy.net [205.171.142.1] Which of these commands produced this output?
tracert The output is from a tracert command run on a Windows Server 2003 system. The tracert command provides information on each step in the route a packet takes to reach a remote host. Responses from each hop on the route are measured three times to provide an accurate representation of how long the packet takes to reach and be returned by that host. This information can be useful for locating congestion points on a network or when verifying that network routing is operating as expected. The ping command is used to test connectivity between devices on a network. Like tracert, ping sends three packets to the target host, but it does not report information on any intermediate devices it traverses to reach the target. nslookup is a tool provided on Linux, Unix, and Windows systems that allows manual name resolution requests to be made to a DNS server. This can be useful when troubleshooting name resolution problems.
You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the United States. The office has two Windows 2000 servers, two UNIX servers, one Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users have been complaining that they are unable to access resources over the WAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working properly. What TCP/IP utility can you use to see if a router is working properly?
tracert tracert shows you the series of routers that are used between the source and destination computers. If a router is not functioning, tracert can help you find which router is not working by showing you the last router it was able to contact successfully.
