Post on 26-Dec-2015
ANKIT M. RATHOD
ROUTER• Routers have the following components:
• CPU• NVRAM• RAM• ROM (FLASH)• IOS
Cisco 2800 Series Router
ROUTER PORTS
PATH DETERMINATION
ROUTING TABLES
IP ADDRESS RANGES
*127 (01111111) is a Class A address reserved for loopback testing and cannot be assigned to a network.
IP – V4 ADDRESS CLASSES
• Class A: • Class B: • Class C: • Class D: Multicast • Class E: Research
NetworkNetwork HostHost HostHost HostHost
NetworkNetwork NetworkNetwork HostHost HostHost
NetworkNetwork NetworkNetwork NetworkNetwork HostHost
8 Bits 8 Bits 8 Bits 8 Bits
PUBLIC IP ADDRESSES
PRIVATE IP ADDRESSES
Class Private Address Range
A 10.0.0.0 to 10.255.255.255
B 172.16.0.0 to 172.31.255.255
C 192.168.0.0 to 192.168.255
SUBNETWORKS
Smaller networks are easier to manage.
Overall traffic is reduced. You can more easily apply
network security policies.
Base Net:
11000001.00000001.00000001 .00000000 =
193.1.1.0/24
Subnet #0: 11000001.00000001.00000001.000
00000 = 193.1.1.0/27
Subnet #1: 11000001.00000001.00000001.001
00000 = 193.1.1.32/27
Subnet #2: 11000001.00000001.00000001.010
00000 = 193.1.1.64/27
Subnet #3:
11000001.00000001.00000001.011 00000 =
193.1.1.96/27
Subnet #4: 11000001.00000001.00000001.100
00000 = 193.1.1.128/27
Subnet #5: 11000001.00000001.00000001.101
00000 = 193.1.1.160/27
Subnet #6: 11000001.00000001.00000001.110
00000 = 193.1.1.192/27
Subnet #7: 11000001.00000001.00000001.111
00000 = 193.1.1.224/27
HOW ROUTERS USE SUBNET MASKS
Supernetting
NETWORK ADDRESS TRANSLATION (NAT)
An IP address is either local or global. Local IP addresses are seen in the inside network. Global IP addresses are seen in the outside network. Assignment can be static or dynamic.
WHAT IS IPSEC?
IPsec acts at the network layer, protecting and authenticating IP packets. It is a framework of open standards that is algorithm independent. It provides data confidentiality, data integrity, and origin authentication.
IPSEC SECURITY SERVICES
ConfidentialityData integrityAuthentication
ENCRYPTION ALGORITHMS (CONFIDENTIALITY)
• Encryption algorithms: DES
AES
3DES RSA
DATA INTEGRITY
Hashing algorithms: HMAC-MD5 HMAC-SHA-1
IPSEC SECURITY PROTOCOLS
IP V6 INTRODUCTION
• Research start from 1994, Implemented Oct-2008
• 128 bit Support ( 64 Network + 64 Host )
• More Levels of Addressing Hierarchy
• Form is X : X : X : X : X : X : X : X ( Each X Refers to 4 Digit Hex Integer (16 Bit))
• 16 . 16 . 16 . 16 . 16 . 16 . 16 . 16
Prefix-Length Mask Interface Add
• FP : Format Prefix
• TLA : Top Level Aggregator – Assign by IANA – Local Internet Registry
• Res : Reserved Address for TLA or NLA
• NLA : Next Level Aggregator – Customer Site
• SLA : Site Level Aggregator – Individual Organization
• Interface ID
TYPE OF IP V6 ADDRESSES1. Global Unicast Address (Public)
- 2000::/3
- used in Routable environment
- Same as Public Address in IP-V4
2. Link – Local Address (Private)
- FE80::/10
- Used in Local LAN – Non Routable Environment
- Same as Private Address in IP - V4
Mobile IP: MAC : 0012 : 36 | 4F : 96BO ( 48 bit )
0012 : 36 FF FE 4F 96BO (64 bit)
3. Unique Local Address
- FC00:: /7
- Unique in Global but used in Non-Routable Environment
4. Multicast Address
- Used for Multicasting (Set of Addresses belong to different nodes)
• Loop back Address
- 0:0:0:0:0:0:0:1
- ::1
• Short Format
- 2031 : 0000 : 130F : 0000 : 0000 : 09CO : 876A : 130B
- 2031 : : 130F : : 9CO : 876A : 130B
QUESTIONS?