7/21/2019 [Lab01] Network Design

1/38

2014 Academia Cisco, UPB. All rights reserved. 1

CCNP ROUTE

Mihai Bucicoiu

7/21/2019 [Lab01] Network Design

2/38

2014 Academia Cisco, UPB. All rights reserved. 2

Cuprins

o Introducere

o Modele de planificare

o Protocoale de rutare

o Desfurtor laborator

7/21/2019 [Lab01] Network Design

3/38

2014 Academia Cisco, UPB. All rights reserved. 3

Ateptri personale

Training n

persoan

Examene i

laboratoare n

clas

Certificarea

CCNP ROUTE

7/21/2019 [Lab01] Network Design

4/38

2014 Academia Cisco, UPB. All rights reserved. 4

Despre mine

o Mihai Bucicoiu mihai.bucicoiu@catc.ro

0721 90 45 00

o PhD student @UPB

Master n securitatea reelelor, Licen - Programareo Certificri

CCNA/CCAI/CCNP/CCNA Security/CCIE written

MCTIP SA, MCTS AD, MCTS NI, MCTS SA

FCNSA, FCNSP

o Experien

7 ani instructor @CATC Romania 4 ani manager @Microsoft Academy

5 ani Network Engineer @RoEduNet

2 ani security researcher @Intel&Darmstadt(Germany)

7/21/2019 [Lab01] Network Design

5/38

2014 Academia Cisco, UPB. All rights reserved. 5

Agenda cursului

No. Course Title Date

1 P: Network Design 14/07/2014

2 L: CCNA Recap 14/07/2014

3 P: Enhanced Interior Gateway Routing Protocol 14/07/2014

4 L: Enhanced Interior Gateway Routing Protocol 14/07/2014

5 P: Open Shortest Path First 15/07/2014

6 L: Open Shortest Path First 15/07/2014

7 P: Interior Gateway Protocol Redistribution 16/07/2014

8 L: Interior Gateway Protocol Redistribution 16/07/2014

9 P: Policy-Based Routing and IP Service Level Agreement 16/07/2014

10 L: Policy-Based Routing and IP Service Level Agreement 16/07/2014

7/21/2019 [Lab01] Network Design

6/38

2014 Academia Cisco, UPB. All rights reserved. 6

Agenda cursului

No. Course Title Date

11 P: Border Gateway Protocol 17/07/2014

12 L: Border Gateway Protocol 17/07/2014

13 P: Border Gateway Protocol 17/07/2014

14 L: Border Gateway Protocol 17/07/2014

15 P: Routing over Branch Internet Connections 18/07/2014

16 L: Routing over Branch Internet Connections 18/07/2014

17 P: Internet Protocol version 6 18/07/2014

18 L: Internet Protocol version 6 18/07/2014

19 Final exam 18/07/2014

20 Final exam 18/07/2014

7/21/2019 [Lab01] Network Design

7/38 2014 Academia Cisco, UPB. All rights reserved. 8

Resurse

o http://learn.ccna.ro

Cursuri i laboratoare in-house

o http://netacad.com

Examene on-line Cisco

o http://swarm.cs.pub.ro/~mihaib/bsci/start.html Cisco CCNP BSCI curricula (fostul CCNP ROUTE)

7/21/2019 [Lab01] Network Design

8/38 2014 Academia Cisco, UPB. All rights reserved. 9

Despre certificare

o 642-902 Implementing Cisco IP Routing

o Valabilitate 3 ani

o Prima certificare din setul CCNP

o Studiaz protocoale de reea

Nivel mediu

7/21/2019 [Lab01] Network Design

9/38 2014 Academia Cisco, UPB. All rights reserved. 10

Modele de planificare

7/21/2019 [Lab01] Network Design

10/38 2014 Academia Cisco, UPB. All rights reserved. 11

Full-Mesh Network Hub and Spoke Network

onumar de linii folosite:

n(n-1)/2

onumar de linii folosite:

n-1

Principalele probleme de planificare

7/21/2019 [Lab01] Network Design

11/38 2014 Academia Cisco, UPB. All rights reserved. 12

5 caracteristici ale unei reele

o Reliable and available

Protocoale de rutare

Load Balancing

o Responsive

Planning / Design

Inspectia fluxurilor si analiza pattern-urilor de trafic

QoS

Congestieo Efficient

ACL, Route-maps, Distribute-Lists

Sumarizare

Actualizri incrementale

7/21/2019 [Lab01] Network Design

12/38 2014 Academia Cisco, UPB. All rights reserved. 13

5 caracteristici ale unei reele

o Adaptable

ACL-uri dinamice

IP Inspection

NBAR IPvX

o Accessible but secure

Tunele (IPSEC, MPLS)

Canale dedicate Network Access Control

Firewall

7/21/2019 [Lab01] Network Design

13/38 2014 Academia Cisco, UPB. All rights reserved. 14

Tipuri de trafic ntlnite

o Trafic de voce si video

o Trafic de date foarte important

o Trafic folosit pentru tranzactii de tip e-commerce

o Actualizari ale protocoalelor de rutare

o Trafic pentru administrarea retelei

7/21/2019 [Lab01] Network Design

14/38 2014 Academia Cisco, UPB. All rights reserved. 15

Modelul ierarhic

7/21/2019 [Lab01] Network Design

15/38 2014 Academia Cisco, UPB. All rights reserved. 16

Modelul ierarhic

Nivelul acces Nivelul distributie Nivelul nucleu

ointrarea traficului in

reea

opre per port policy

oVLAN

opolitici de rutare

oagregare

ofiltrare

oVLAN routing

ovitez

otransport garantat

obackbone

oredundan

o26XX

o17XX

o36XX

o40XX

o12XXx

o7XXX

7/21/2019 [Lab01] Network Design

16/38 2014 Academia Cisco, UPB. All rights reserved. 17

Modelul Enterprise Composite Network

o Enterprise campus:

campus backbone, building distribution, building access

management and server farm

o Enterprise edge:

E-Commerce

Internet connectivity and remote access

o Service provider edge:

Internet service provider (ISP)

Public Switched Telephone Network (PSTN) for dialup

Frame Relay, ATM, and PPP for private connectivity

7/21/2019 [Lab01] Network Design

17/38 2014 Academia Cisco, UPB. All rights reserved. 18

Modelul Enterprise Composite Network

7/21/2019 [Lab01] Network Design

18/38 2014 Academia Cisco, UPB. All rights reserved. 19

Modelul Intelligent Information Network

o Alternativ pentru QoS, reea contientde tipul de trafic

real-time, transactional, routing-protocol, network management

o Integrated Transport

descrie o reea convergent

o Integrated Services

Virtualizarea resurselor

servere, stocare, reea (VLAN)

Tranzacie ctre modelul on-demand

o Integrated Application

Reeaua discut cu aplicaiile existente

NAC

7/21/2019 [Lab01] Network Design

19/38 2014 Academia Cisco, UPB. All rights reserved. 20

Service-Oriented Network Architecture

o SONApunerea n practic a modelului IIN

7/21/2019 [Lab01] Network Design

20/38 2014 Academia Cisco, UPB. All rights reserved. 21

Etapele implementrii unei reele

1. Proiectare

2. Planificareaimplementrii

3. Planificareavalidrii

4. Documentarearezultatului

7/21/2019 [Lab01] Network Design

21/38 2014 Academia Cisco, UPB. All rights reserved. 22

Metodologii de planificare

Fault, Configuration, Accounting, Performanceand SecurityFCAPS (ISO)

Information Technology Infrastructure LibraryITIL (MareaBritanie)

Telecommuncations Management NetworkTMN (ITU-T)

Prepare, Plan, Design, Implement, Operate,OptimizePPDIOO (Cisco)

7/21/2019 [Lab01] Network Design

22/38 2014 Academia Cisco, UPB. All rights reserved. 25

Rolul inginerului de reea

Particip la revizuirea proiectrii

Planific i documenteazconfiguraia echipamentelor

Revizuiete planurile deimplementare ale altor ingineri de

reea

Creeaz planul de validare

Revizuiete planurile de validareale altor ingineri de reea

Nu creeaz documentul deproiectare

Nu pune personal configuraiilepe echipamente

Nu valideaz personal efectulconfiguraiilor pe echipamente

7/21/2019 [Lab01] Network Design

23/38 2014 Academia Cisco, UPB. All rights reserved. 26

Protocoale de rutare

7/21/2019 [Lab01] Network Design

24/38

2014 Academia Cisco, UPB. All rights reserved. 27

Protocoale de rutare

Protocol Tip Vitez deconvergen

Interior

sau

Exterior

Proprietar AD

RIP Distance Vector Slow IGP No 120

EIGRP Distance Vector Fast IGP Yes 90/170

OSPF Link State Fast IGP No 110

IS-IS Link State Fast IGP No 115

BGP Path Vector Slow EGP No 20/200ODR Distance Vector Fast IGP Yes 160

7/21/2019 [Lab01] Network Design

25/38

2014 Academia Cisco, UPB. All rights reserved. 28

Split horizon

o Previne trimiterea de actualizri ale protocoalelor de rutare

pe interfaa pe care acestea s-au primit

o Trebuie dezactivat pe o interfa frame-relay multipoint

o Folosit pentru RIP & EIGRP classless

o OSPF nu folosete split-horizon

7/21/2019 [Lab01] Network Design

26/38

2014 Academia Cisco, UPB. All rights reserved. 29

Comanda "network"

o Folosit pentru specificarea interfeelor pe care s ruleze un

protocol

o Folosit pentru specificarea cror reele s fie incluse n

actualizri

o BGP folosete aceast comand doar pentru

o Atenie la wildcard-ul folosit mpreun cu aceast comand

0.0.0.0 IP 0.0.0.0

IP 255.255.255.255

7/21/2019 [Lab01] Network Design

27/38

2014 Academia Cisco, UPB. All rights reserved. 30

Pasivizarea unei interfee

o Actualizrile nu sunt trimise pe aceast interfa

o Reeaua va fi trimis n actualizrile de rutare

o OSPF, EIGRP i ISIS nu vor face adiacen pe respectiva

interfa

passive-interface default

7/21/2019 [Lab01] Network Design

28/38

2014 Academia Cisco, UPB. All rights reserved. 31

Interfaa Null0"

o Reprezint o interfa prin intermediul creia pachetelor

vor fi aruncate

o Este folosit de EIGRP atunci cnd se realizeaz agregarea

reelelor

o Floating static route

Folosirea unei rute statice cu AD mai mare dect o rut nvat

printr-un protocol de rutare

7/21/2019 [Lab01] Network Design

29/38

2014 Academia Cisco, UPB. All rights reserved. 32

Apropo de agregare

o C 86.77.32.0/19 is directly connected, Loopback0

o C 86.77.64.0/20 is directly connected, Loopback1

o C 86.77.80.0/20 is directly connected, Loopback2

o C 86.77.96.0/19 is directly connected, Loopback3

o C 86.77.128.0/20 is directly connected, Loopback4

o C 86.77.160.0/20 is directly connected, Loopback5

o C 86.77.192.0/20 is directly connected, Loopback6

o C 86.77.208.0/20 is directly connected, Loopback7

ip summary-address rip 101 86.77.192.0 255.255.224.0 5

ip summary-address rip 101 86.77.64.0 255.255.224.0 5

7/21/2019 [Lab01] Network Design

30/38

2014 Academia Cisco, UPB. All rights reserved. 33

ODROn Demand Routing

o Folosete CDP pentru transportul de date (60 seconds hello)

o Suport pentru VLSM, metric 1, AD 160

o Folosit doar pentru topologie de tip hub-and-spoke

o Propagare automat pentru rut implicit

o Configurare doar pentru hub

router ODR

timers basic update invalid hold-down flush cdp timers seconds

o Pentru routere stub

Fr protocol de rutare

7/21/2019 [Lab01] Network Design

31/38

2014 Academia Cisco, UPB. All rights reserved. 34

RIP v2

o Classless, VLSM

o suporta autentificare

o trimite actualizrile multicast 224.0.0.9 (poate fi configurat

s trimit broadcast sau unicast)

o agregare de reele la nivel de interfa(activat implicit)

o metrica hop count, max 15

7/21/2019 [Lab01] Network Design

32/38

2014 Academia Cisco, UPB. All rights reserved. 35

RIP v2 - timpi

o updatecnd se trimit actualizri 30 secunde

o invalid invalideaz ruta 180 secunde

o hold down - nu accept alte rute spre aceeai reea

(proprietar CISCO) 180 sec

o flush timer ruta este scoas din tabela de rutare dup

240 secunde

o nu trebuie s fie sincronizai n reea, dei e recomandat

o poate trimite actualizri declanate

7/21/2019 [Lab01] Network Design

33/38

2014 Academia Cisco, UPB. All rights reserved. 36

Desfurtor laborator

7/21/2019 [Lab01] Network Design

34/38

2014 Academia Cisco, UPB. All rights reserved. 37

Dynamips

o Platform folosit pentru simularea de hardware

o Suport diferite platforme de routere, nu suport switching

1700, 2600, 3600, 3700, 7200

o GNS3, interfa grafic pentru crearea de topologii

o Poate interfaa cu o imagine de VMWare sau placa de reea

real

o Trebuie s avei un IOS corespunztoro http://dynagen.org/tutorial.htm

7/21/2019 [Lab01] Network Design

35/38

2014 Academia Cisco, UPB. All rights reserved. 38

Topologie laborator

R1

R3R2 R4

10.0.34.0/2410.0.23.0/24

F1/0

F1/0

F1/0F1/0

F0/0

F0/0

F0/0

F2/0

F2/0

7/21/2019 [Lab01] Network Design

36/38

2014 Academia Cisco, UPB. All rights reserved. 39

Comenzi utile

line console 0

logging synchronous

exec-timeout 0 0

no ip domain-lookup

username cisco password cisco

line vty 0 15

login local

transport input telnet/ssh

hostname RX

7/21/2019 [Lab01] Network Design

37/38

2014 Academia Cisco, UPB. All rights reserved. 40

Cel mai important utilitar

o Folosii cu ncredere NOTEPAD

7/21/2019 [Lab01] Network Design

38/38

My job is to talk to you, and your job is tolisten. If you finish first, please let me know.

Harry Hershfield

Quote of the day