Advanced IP Networking Series: “Routing The Network · PDF fileAdvanced IP Networking Series: “Routing The Network of Networks“ ... “Routing The Network of Networks ........

Advanced IP Networking Series: “Routing The Network of Networks“

Wayne M. Pecena, CPBE, CBNE

Texas A&M University

Office of Information Technology

Educational Broadcast Services

Advanced IP Networking Series: “Routing The Network of Networks “

• The Quick IP Networking Fundamentals Review

• The Routing Protocol

• Which Routing Protocol?

• Implementing Routing

• Access Control Lists

• The Layer 3 Switch

• Summary – Q&A

2

Advertised Webinar Scope: Part 2 of Advanced IP Networking builds on the previous Network of Networks webinar by incorporating IP Layer 3 routing and selective access features utilizing Access Control Lists (ACL) to a VLAN-based layer 2 multiple network based infrastructure. Theoretical concepts of routing protocol choices and ACL implementation will be reinforced with real-world equipment configuration examples.

Prerequisite Knowledge: Attendees should have knowledge of IP networking concepts that includes OSI Layers 1-3, Ethernet switching, IP routing,

and VLAN principals.

WEBINAR OUTLINE:

The Quick IP Networking Fundamentals Review

3

5 Things Required To Build a Network

• Send Host

• Receive Host

• Message or Data to Send Between Hosts

• Media to Interconnect Hosts

• Protocol to Define How Data is Transferred

Reference Models

5

Application

Session

Presentation

Transport

Physical

Data Link

Network

7

5

6

4

1

2

3

Transport

Internetwork

Network AccessProvides Media

Interface, Topology

Provides Data Sequencing, Flow Control, Integrity

Provides Logical Addressing, Fragmentation,

End-End Delivery

Provides Physical Addressing, Error

Correction

Service Provided to Applications

Provides Conversation Control

Provides Data Formatting

3

1

2

LLC

MAC

The OSI Model TCP/IP Model Encapsulation

Application4

IP

Network Interface

TCP UDP

Application Data

Segments

Bits

Frames

Packets

DoD Model

Another Look at the “OSI Model”

6

EMAIL RS-xxx

PPPIPv4TCP

25POPSMTP

Net Mgmt

File Transfer

WEB

Directory

SNMP

FTP

HTTP

DNS

161 / 162

20 / 21

80

53

UDPIPv6

802.2 SNAP

Ethernet II

ISDN

ADSL

Fiber

Coax

CAT 5

Application7

Presentation6

Session5

Transport4

Network 3

Data Link2

Physical1

Application Layers

Network Layers

Layer 2 Standards:

• Project 802 Ethernet Standards:

– 802.1 Bridging

– 802.3 Ethernet

– 802.11 Wireless

7

http://standards.ieee.org/about/get/

Layer 3 Standards:

• Request for Comments – RFC’s – The “Standards Bible” of the Internet

– Explains All Aspects of IP Networking

8

www.rfc-editor.org/rfc.html

Layer 2 & Layer 3 Addressing

• Each Host on an Ethernet Based IP Network Has:

• An Unique MAC Address – Layer 2 Physical Address (local network segment)

• An Unique IP Address – Layer 3 Logical Address (global routed)

172.15.1.1 172.15.2.2 DATA Trailer00:12:3F:8D:4D:A7FF:FF:FF:FF:FF:FF

DestinationMAC

SourceMAC

DestinationIP

SourceIP

IP Packet

Ethernet Frame

Simplified Representation

Common Port Numbers

• RESERVED PORTS

“System Port Numbers” • Port 20 / 21 – FTP “File Transfer Protocol”

• Port 23 – TELNET

• Port 53 – DNS “Domain Name Service”

• Port 80 – HTTP

• Port 110 – POP3 “Post Office Protocol”

• Port 123 – NTP “Network Time Protocol”

• Port 161 – SNMP “Simple Network Management Protocol” (UDP)

• Port 443 - HTTPS

• REGISTERED PORTS

“User Port Numbers” • Port 1720 – H.323 Video Call Setup

• Port 1812 – RADIUS Authentication

• Port 2000 – CISCO “Skinny”

• Port 3074 – “X-Box” Live

• Port 4664 – Google Desktop

• Port 5004 – RTP “Real Time Transport Protocol”

• Port 5060 – SIP “Session Initiation Protocol

• Port 5631 – PC Anywhere

• Port 8080 – Alternate HTTP

10

http://www.iana.org/assignments/port-numbers

Broadcast Domain – Collision Domain

Layer 3 Routing Fundamentals

12

Key Terminology

• The “Routed” Protocol

• The “Routing” Protocol

• The “Routing” Table Contains: – The Destination Network

– The “Next-Hop” Information

– Routing Metric & Administrative Distance

• The Router Looks at the “Destination” Address – Determines Appropriate Interface

13

Routing

• Routing is Simply the Moving of Information Between Networks (Subnets or Broadcast Domains)

• OSI Model Layer 3 Process

• Routing Types:

– Static Routing

– Dynamic Routing

• Routing Protocol Classes:

– Interior Gateway Protocol (IGP)

– Exterior Gateway Protocols (EGP)

14

Routing Types • Static Routing

– Appropriate for Small & Simple Networks – Minimal Router CPU/Memory – No Routing Update Overhead – Appropriate for Stable Networks – Often Used in “Stub” Networks – Human Intervention / Administration Required Yy

• Dynamic Routing – Appropriate for Changing Topology Environments

– Automatically Adapts to Changes

– Desirable When Multiple Paths Exist

– More Scalable

– Hardware More Complex

– Less Configuration Error Prone

15

Dynamic Routing Categories

• Distance Vector Routing Protocol – Periodic Routing Table Updates

– “Distance” Used as a Metric

– Neighbors “Trust” Neighbors

– Slow Convergence

• Link State Routing Protocol – Maintains Neighbor, Topology, & Shortest-Path Tables

– Each Router Updates From All Others

– “Cost” Used as a Metric

16

Routing Metrics & Administrative Distance Determines The Best Path to Target Host

• Cost Metrics: – Hop Count The Number of Routers in a Path

– Bandwidth Throughput (bps)

– Load Traffic Flowing Through a Router

– Delay Network Latency (distance or congestion)

– Reliability Amount of Downtime of a Network Path

• Administrative Distance – Indicates Believability of the Route

– Often Used When Multiple Protocols Are Used

– Often Used to Prefer A Certain Path When Multiple Paths Exist

– Routing Protocols Have Default Administrative Distances

17

Smaller Metrics = Best Route Lower Administrative Distance = More Believed

The “Administrative” Distance

• The Administrative Distance Determines Which Route to Trust

18

Route Source: Administrative Distance (default)

Direct 0

Static 1

EIGRP 90

OSPF 110

RIP 120

Unknown 255

Used When Multiple Routes Exist

Hop Count May Not Be The Best Metric!

19

The Routing Protocol

20

The Routing Protocol

• Learn the route to each subnet in the internetwork (build routing table)

• Determine the “best’ route (one route)

• Remove routes that are no longer valid

• Update routing table to reflect changes

• Perform updates quickly

• Prevent routing loops

Routing Fundamentals

22

Distance-Vector Routing Protocols

• “Routing by Rumor” – The Overall Network is Unknown, Only Directly Connected Neighbors Are Known by Each Router

• Routing Decision Based Upon a “Distance” or Metric and “Direction” or Vector to Describe the “Next-Hop”

23

Link-State Routing Protocols

• Network Topology Information is Flooded Throughout the Network

• Each Router Determines its Own “Best Path”

24

Which Routing Protocol?

25

IGP and EGP Protocols

26

ExteriorGatewayProtocol

InteriorGatewayProtocol

InteriorGatewayProtocol

IS-IS BGP

RIP IGRP

EIGRP OSPF

RIP IGRP

EIGRP OSPF

Routing Protocol Choices “Most Popular”

27

Interior Distance Vector

Interior Link State Exterior Path Vector

Classful RIP IGRP EGP

Classless RIP v2 EIGRP OSPF v2 IS-IS BGP v4

IPv6 RIPng EIGRP v6 OSPF v3 IS-IS v6 BGP v4

Our Focus

Practical Routing Protocol Choices “Common” IGP Protocols – VLSM Support

RIP v2 EIGRP (Cisco) OSPF v2

Type: Distance Vector Hybird Link-State

Metric: Hop Count Bandwidth/Delay Cost

Administrative Distance:

120 90 110

Hop Count Limit: 15 224 None

Convergence: Slow Fast Fast

Updates:

Full Table Every 30 Seconds

Send Only Changes When Change Occurs

Send Only When Change Occurs, But Refreshed Every 30m

RFC Reference: RFC 1388 N/A RFC 2328

28

RIP v2 Routing Information Protocol

RFC 1388

• Advantages: – Simple – Easy to Configure

– Low Maintenance

– General Understanding Of

• Disadvantages: – Higher Router CPU Utilization

– High Bandwidth Use for Routing Updates

– No Knowledge of Link Bandwidth

– Slow Convergence

– Limited Network Size (hop count = 15)

29

OSPF v2 Open Shortest Path First

RFC 2328

• Advantages: – Fast Convergence

– Routing Updates Are Small

– Scales to Varying Network Sizes

– Considers Link Bandwidth Into Metric Calculation

• Disadvantages: – More Knowledge Required – A lot of Options

– Complex to Configure

30

EIGRP v4 Enhanced Interior Gateway Routing Protocol

CISCO Proprietary

• Advantages: – Fast Convergence

– No OSPF Area Assignments = Less Complex

– Complex Cost Metric: • Bandwidth

• Delay

• Reliability

• Utilization

• Disadvantages: – More Knowledge Required – A lot of Options

– Need “Cisco” Environment

31

Implementing Routing

32

VLAN Example from Part 1

33

Switch Port Type Configuration:

Access Link – Member of One VLAN Only Connects to a Host Trunk Link – Carries Traffic From Multiple VLANS Between Switches

Switch Interface Configuration

34

35

No Connectivity Exists Between Broadcast Domain, Networks, or Subnets!

Add Connectivity Between Broadcast Domains

36

Add Router

Router Configuration:

37

Configuration Disclaimer: Exact configuration commands may vary based upon specific equipment models and software version. Generic “Cisco” commands utilized for illustration purposes.

Blue Network: 192.168.100.0 /24 Green Network: 192.168.200.0 /24 Red Network: 192.168.300.0 /24

Assign Network to an Interface: interface ge0 ip address 192.168.100.1 255.255.255.0 no shutdown interface ge1 ip address 192.168.200.1 255.255.255.0 no shutdown interface ge2 ip address 192.168.300.1 255.255.255.0 no shutdown

Enable RIP Routing: router rip network 192.168.100.0 network 192.168.200.0 network 192.168.300.0

Add Connectivity Between Broadcast Domains

38

Sub-Interface Created on Router GE1 Interface

Access Control Lists The “ACL”

39

The “ACL” Rules:

• Simply a “Set of Rules” That Provides a “Permit” or “Deny” Based Upon: – Layer 3 IP Address

– Layer 4 Port Number

• An ACL is: – A Table (with explicit DENY)

– Applied to a Specific Router Interface

40

The “ACL” Rules continued…..

• ACL’s can be Numbered or Named

• Numbered ACL’s Structure: – 1-99 IP Standard Access List

– 100-199 IP Extended Access List

– 200-299 Protocol Access List

– 1300-1999 IP Standard Access List-Expanded

– 2000-2999 IP Extended Access List-Expanded

• Named ACL Structure: – Standard Named

– Extended Named

41

The “ACL” Rules continued…..

• Standard Access List – Can Only Permit or Deny The Source Host IP Address

– Placed Closest to Destination Host

• Extended Access List – Can Permit or Deny Based Upon:

• Source IP Address

• Destination IP Address

• TCP Port #

• UDP Port #

• TCP/IP Protocol

– Placed Closest to Source Network

42

The “ACL” Rules continued…..

• One “ACL” per Interface per Direction – Ingress

– Egress

• An ACL Only Acts of IP Traffic Passing Through Router

• Organize Structure of ACL: – More specific statements placed first

– Process Sequentially

43

ACL Example(s): access-list 110 deny ip any host 192.168.100.110 access-list 123 deny ip any host 192.168.100.110 eq 23

ACL Structure

44

Create an Access-List:

access-list [number] [deny | permit] [host] [source ip] [wildcard]

Apply Access-List to Interface:

ip access-group [number] [in | out]

Logical Operators Can Be Used:

lt Less Than gt Greater Than eq Equal To neq Not Equal To range port number range

Wild Card Mask

45

Inverse of the “Subnet” Mask

The Subnet Mask:

192.168.100.100 / 24 or

192.168.100.100 mask 255.255.255.0

The Inverse Mask:

0.0.0.255

Network Host

Match Don’t Care

Standard IP List Example #1: Prevent Host 192.168.30.30 from Accessing Host 192.168.10.10

46

Create Access List on Router 1: access list 101 192.168.30.30 0.0.0.0 access-list 101 permit any Apply Access List to Interface: interface E1 ip access-group 101 in

Configuration Disclaimer: Exact configuration commands may vary based upon specific equipment models and software version. Generic “Cisco” commands utilized for illustration purposes.

Extended IP List Example: Allow Only http Access to Host 192.168.10.10 from 192.168.30.0 /24

47

Create Access List on Router 2: Access-list 101 permit tcp 192.168.30.0 0.0.0.255 host 192.168.10.10 eq 80 access-list 101 permit ip any any Apply Access List to Interface: interface E0 ip access-group 101 in

Configuration Disclaimer: Exact configuration commands may vary based upon specific equipment models and software version. Generic “Cisco” commands utilized for illustration purposes.

A “Practical” ACL Example Block External Users From “Pinging” Inside Hosts

48

Create Access List on Router 1: access list 101 deny icmp any any access-list 101 permit ip any any Apply Access List to Interface: interface E1 ip access-group 101 in

Configuration Disclaimer: Exact configuration commands may vary based upon specific equipment models and software version. Generic “Cisco” commands utilized for illustration purposes.

The Layer 3 Switch

49

What Is A “Layer 3” Switch? • “Marketing Terminology” Applied to a One Box Solution:

– Layer 2 Switching

– Layer 3 Routing

• Layer 3 Switch Performs Both!

• Multilayer Switch Port Types:

– Switchport: Layer 2 Port – MAC Addresses Learned

– Layer-3 Port: Routing Port

– Switched Virtual Interface: VLAN Virtual Interface

• Not for All Environments:

– Typically Found in Workgroup Environment

– Limited to Ethernet Ports/Interfaces

– Limited to OSPF and RIP Protocols

50

Summary Q & A

51

Takeaway Points • Routers Create “Broadcast Domains”

• Routing is Moving an IP Packet from One Network to Another Network

• Static & Dynamic Routing Each Have Advantages & Disadvantages

• The Routing Protocol Determines the Best Path to a Destination Host

• ACL’s Can Be Used to Control IP Traffic

• A Layer 3 Switch Combines Layer 2 Switching & Layer 3 Routing in One Box

52

Further Study:

53

SBE Networking Certifications CBNT Certified Broadcast Networking Technician

• This certification is designed for persons who wish to demonstrate a basic familiarity with networking hardware as utilized in business and audio/video applications in broadcast facilities.

• Exam Focus: – Network topologies and layouts – Common network protocols – Wiring standards and

practices – Maintenance, troubleshooting and

connectivity issues – Challenges unique to broadcast-

based networks

CBNE Certified Broadcast Networking Engineer

54

• This certification is an “Advanced” level that reflects the skill and knowledge that will be required in today's world of converged IT and broadcast engineering.

• Exam Focus: – Audio/Video over IP

– Digital Content Management

– Video Systems in an IT World

– Data Transmission Systems

– General IT Hardware

55

Thank You for Attending! Wayne M. Pecena Texas A&M University w-pecena@tamu.edu N1WP@tamu.edu 979.845.5662

56

? Questions ?