ANKIT M. RATHOD

ROUTER• Routers have the following components:

• CPU• NVRAM• RAM• ROM (FLASH)• IOS

Cisco 2800 Series Router

ROUTER PORTS

PATH DETERMINATION

ROUTING TABLES

IP ADDRESS RANGES

*127 (01111111) is a Class A address reserved for loopback testing and cannot be assigned to a network.

IP – V4 ADDRESS CLASSES

• Class A: • Class B: • Class C: • Class D: Multicast • Class E: Research

NetworkNetwork HostHost HostHost HostHost

NetworkNetwork NetworkNetwork HostHost HostHost

NetworkNetwork NetworkNetwork NetworkNetwork HostHost

8 Bits 8 Bits 8 Bits 8 Bits

PUBLIC IP ADDRESSES

PRIVATE IP ADDRESSES

Class Private Address Range

A 10.0.0.0 to 10.255.255.255

B 172.16.0.0 to 172.31.255.255

C 192.168.0.0 to 192.168.255

SUBNETWORKS

Smaller networks are easier to manage.

Overall traffic is reduced. You can more easily apply

network security policies.

Base Net:

11000001.00000001.00000001 .00000000 =

193.1.1.0/24

Subnet #0: 11000001.00000001.00000001.000

00000 = 193.1.1.0/27

Subnet #1: 11000001.00000001.00000001.001

00000 = 193.1.1.32/27

Subnet #2: 11000001.00000001.00000001.010

00000 = 193.1.1.64/27

Subnet #3:

11000001.00000001.00000001.011 00000 =

193.1.1.96/27

Subnet #4: 11000001.00000001.00000001.100

00000 = 193.1.1.128/27

Subnet #5: 11000001.00000001.00000001.101

00000 = 193.1.1.160/27

Subnet #6: 11000001.00000001.00000001.110

00000 = 193.1.1.192/27

Subnet #7: 11000001.00000001.00000001.111

00000 = 193.1.1.224/27

HOW ROUTERS USE SUBNET MASKS

Supernetting

NETWORK ADDRESS TRANSLATION (NAT)

An IP address is either local or global. Local IP addresses are seen in the inside network. Global IP addresses are seen in the outside network. Assignment can be static or dynamic.

WHAT IS IPSEC?

IPsec acts at the network layer, protecting and authenticating IP packets. It is a framework of open standards that is algorithm independent. It provides data confidentiality, data integrity, and origin authentication.

IPSEC SECURITY SERVICES

ConfidentialityData integrityAuthentication

ENCRYPTION ALGORITHMS (CONFIDENTIALITY)

• Encryption algorithms: DES

AES

3DES RSA

DATA INTEGRITY

Hashing algorithms: HMAC-MD5 HMAC-SHA-1

IPSEC SECURITY PROTOCOLS

IP V6 INTRODUCTION

• Research start from 1994, Implemented Oct-2008

• 128 bit Support ( 64 Network + 64 Host )

• More Levels of Addressing Hierarchy

• Form is X : X : X : X : X : X : X : X ( Each X Refers to 4 Digit Hex Integer (16 Bit))

• 16 . 16 . 16 . 16 . 16 . 16 . 16 . 16

Prefix-Length Mask Interface Add

• FP : Format Prefix

• TLA : Top Level Aggregator – Assign by IANA – Local Internet Registry

• Res : Reserved Address for TLA or NLA

• NLA : Next Level Aggregator – Customer Site

• SLA : Site Level Aggregator – Individual Organization

• Interface ID

TYPE OF IP V6 ADDRESSES1. Global Unicast Address (Public)

- 2000::/3

- used in Routable environment

- Same as Public Address in IP-V4

2. Link – Local Address (Private)

- FE80::/10

- Used in Local LAN – Non Routable Environment

- Same as Private Address in IP - V4

Mobile IP: MAC : 0012 : 36 | 4F : 96BO ( 48 bit )

0012 : 36 FF FE 4F 96BO (64 bit)

3. Unique Local Address

- FC00:: /7

- Unique in Global but used in Non-Routable Environment

4. Multicast Address

- Used for Multicasting (Set of Addresses belong to different nodes)

• Loop back Address

- 0:0:0:0:0:0:0:1

- ::1

• Short Format

- 2031 : 0000 : 130F : 0000 : 0000 : 09CO : 876A : 130B

- 2031 : : 130F : : 9CO : 876A : 130B

QUESTIONS?