Router Fundas

This is the trace route output of 61.1.196.1 using the website whatismyipaddress.com.

 

The visual tracert tool displays the path Internet packets traverse to reach a specified destination. The tool works by identifying the IP addresses of each hop along the way to the destination network address. The estimated geophysical location of each hop is identified using MaxMind's GeoIP database. After all of the hops locations' are identified, the path to the destination is plotted on a Google Map. Concerning trace routes The IP packet is having a field called "time to live(TTL)".Normally its intial value is 30. In case of windows, it may even be 128.. Every time a host forwards a packet, it decrements the TTL value of the packet by one. If the TTL value of a packet is zero and it has yet to reach its destination, the packet is discarded and the host will send a response back to the sender notifying them that the destination was not reached. The main purpose of TTL is to prevent packets from endlessly looping around the Internet, never finding their destination. A “trace route” works by increasing the TTL value of each successive packet sent. The first packet is sent with a TTL value of one (implying that it will make a single hop). The next packet has a TTL value of two, and so on. By doing so, a destination unreachable response packet is elicited from each hop. These returning packets are used to produce a list of hosts that the packets have traversed en route to the destination.

What is ip version 1

I know IP Version 4. But what is IP Version 1,IP Version 2 and IP Version 3? Dont ask the format of IPV1,IPV2 and IPV3. There is no such thing as IP Version 1 to 3. The first IP Version itself is IPV4.   Then how it got the name IPV4? Orginally TCP and IP worked together and there was TCP Version 1 to 3. When IP got its own format, it got the version name as IP Version 4.   I have heard about IPV6. Then what is IP Version 5(IPV5)? Believe me ! IPV5 also doest not exist. It was intentionally omitted.   But why? When they were experimenting on a new protocol called as "Internet Stream Protocol, Version 2", this protocol was doing the same job as that of ip at the Internet Layer. So to differentiate it from the IPV4, it was called as IPV5. But this version has not come out of the Lab. 2009 pannirpandy

IP Addressing - Multiple choice Question Bank

Q.1 Which of the following are Class-C IP addresses? A) 50.50.50.1 B) 130.130.130.1 C) 200.200.200.1 D) 240.240.240.1

Q.2 An IP address of IP (Version 4) is a ..... bit address A) 4 Bit address B) 8 Bit address C) 32 bit address D) 128 bit address

Q3. 192.168.1.39/28 is the IP address of a PC. Which of the following IPs are in the same subnet? A) 192.168.1.1 B)192.169.1.1 C) 192.168.1.48 D) 192.168.1.45

Q4. How many bits are there in a MAC address? A) 32 Bits B) 48 Bits C)56 Bits D) 128 Bits.

Q5. An IP address of computer is 84.23.5.92 / 0.0.0.0 . Which of the following IPs are in the same group? A) 84.23.5.93 B) 23.2.2.1 C) 5.5.5.5 D) 200.200.200.200

Q6. Which of the Following is a Class C IP address? A) 5.5.5.5 B) 140.140.140.140 C) 240.240.240.240 D) 200.200.200.200

Q.7 Which of the following IP addresses are members of networks that can be routed across the public Internet? A. 10.172.13.65 B. 172.16.223.125 C. 172.64.12.29 D. 192.168.23.252 E. 198.234.12.95 F. 212.193.48.254

Q.8 While implementing VLSM on a network , which subnet mask is the most efficient for point-to-point serial links? A. 255.255.255.0 B. 255.255.255.128 C. 255.255.255.248 D. 255.255.255.252 E. 255.255.255.254

Q.9 A subnet is having 29 bits. Which wildcard mask should be used to configure ACL to deny access to the entire subnetwork? A. 255.255.255.224 B. 255.255.255.248 C. 0.0.0.224 D . 0.0.0.7

Q10. I am 192.168.1.53 / 255.255.255.224. Who are all on my network? A) 192.168.1.1 B) 192.168.2.53 C) 192.168.1. 62 D) 192.168.1.224

Q.11. I am 10.10.4.45 / 255.255.0.0 . Who are all on my network? A) 10.10.4.200 B) 10.10.4.46 C) 10.10.30.122 D) 10.10.10.10

Q12. In the following four IP addresses, Find out which of them are on the same network. A) 192.168.1.1 / 255.255.255.252 B) 192.168.2.1 / 255.255.255.252 C)192.158.1.5 / 255.255.255.252 D)192.168.1.2 / 255.255.255.252

Q13. In the following four IP addresses, Find out which of them are on the same network. A) 10.10.33.2/255.255.240.0 B)10.10. 134.2/255.255.240.0 C) 10.10.31.2/255.255.240.0 D)10.10.33.222/255.255.240.0

Sample NAT configuration for cisco router

Sample Configuration to Allow Internal Users to Access the Internet interface ethernet 0 ip address 10.10.10.1 255.255.255.0 ip nat inside interface ethernet 1 ip address 10.10.20.1 255.255.255.0 ip nat inside ! two lan networks are connected to internet interface serial 0 ip address 172.16.10.64 255.255.255.0 ip nat outside ip nat pool mypool 172.16.10.1 172.16.10.63 prefix 24 ! just type the first ip, last ip, mask of these ip ip nat inside source list 7 pool mypool ! ! !--- Indicates that any packets received on the inside interface that !--- are permitted by access-list 7 !--- will have the source address translated to an address out of the !--- NAT pool "mypool". access-list 7 permit 10.10.10.0 0.0.0.31 access-list 7 permit 10.10.20.0 0.0.0.31 !--- Access-list 7 permits packets with source addresses ranging from !--- 10.10.10.0 through 10.10.10.31 and 10.10.20.0 through 10.10.20.31. Further details available at http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Configuring NAT to Allow Internal Users to Access the Internet Using Overloading interface ethernet 0 ip address 10.10.10.1 255.255.255.0 ip nat inside interface ethernet 1 ip address 10.10.20.1 255.255.255.0 ip nat inside interface serial 0 ip address 172.16.10.64 255.255.255.0 ip nat outside ip nat pool mypool 172.16.10.1 172.16.10.1 prefix 24 ! !--- Defines a NAT pool named mypool with a range of a single IP !--- address, 172.16.10.1. ip nat inside source list 7 pool mypool overload ! ! ! ! !--- Indicates that any packets received on the inside interface that !--- are permitted by access-list 7 will have the source address !--- translated to an address out of the NAT pool named mypool. !--- Translations will be overloaded which will allow multiple inside !--- devices to be translated to the same valid IP address. access-list 7 permit 10.10.10.0 0.0.0.31 access-list 7 permit 10.10.20.0 0.0.0.31 !--- Access-list 7 permits packets with source addresses ranging from !--- 10.10.10.0 through 10.10.10.31 and 10.10.20.0 through 10.10.20.31. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Configuring NAT to Redirect TCP Traffic to Another TCP Port or Address: interface ethernet 0 ip address 172.16.10.1 255.255.255.0 ip nat inside interface serial 0 ip address 200.200.200.5 255.255.255.252 ip nat outside ip nat inside source static tcp 172.16.10.8 8080 172.16.10.8 80 !--- Static NAT command that states any packet received in the inside !--- interface with a source IP address of 172.16.10.8:8080 will be !--- translated to 172.16.10.8:80. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ How to configure a webserver having private ip address to be reached by public?

How to configure a Cisco Router for NATing a web server having Private IP Address. interface Ethernet0/0 ip address 192.168.1.1 255.255.255.0 ip nat inside interface Serial0/0 ip address 50.50.50.1 255.255.255.252 ip nat outside ! ! ip nat inside source list 101 interface Serial0/0 overload ip nat inside source static tcp 192.168.1.2 80 interface Serial0/0 80 ! access-list 101 permit ip any any         Meaning of interface Ethernet0/0 ip address 192.168.1.1 255.255.255.0 ip nat inside   This office is having a LAN network. All the machines in this work are having private IP addresses in the range of 192.168.1. x.   What is Private IP Address? The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets (normally LAN networks) . 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255   What is "ip nat inside"? NAT means Network Address Translation. " inside " refers to INTERNAL NETWORK. In our example, it refers to the LAN network(192.168.1.0/24) having private ip addresses. "ip nat inside" means, whenever a packet having the source ip address 192.168.1.0/24 going out , its ip address is will be changed, provided, the packet should go out through an internface marked as "ip nat outside" access-list also should permit. the destination ip address should be one of the "nat pool"       Meaning of interface Serial0/0 ip address 50.50.50.1 255.255.255.252 ip nat outside   What is "ip nat outside"? " outside" refers to EXTERNAL NETWORK network. It is WAN network (50.50.50.0/30) which is a public network.   Meaning of access-list 101 permit ip any any   Whichever interface is marked with "101" should allow any packet   Suppose , if the access-list is configured like this: access-list 101 permit ip 192.168.1.0 0.0.0.63 any Then, the access list gives permission only to 192.168.1.1 to 192.168.1.63. So, access list is for limiting the LAN IPs which can get internet.       Meaning of : ip nat inside source list 101 interface Serial0/0 overload Any packet which is having SOURCE ip address from the network which is declared as "ip nat inside" will get a NEW OUTSIDE ip address , provided, the source ip address should be allowed by the access-list 101 also. Suppose, if all the outside ip addresses are exhausted, allow this packet to go out using PAT (port address translation).

MPLS VPN Fundas

MPLS VPN   MPLS stands for MultiProtocol Label Switching VPN stands for Virtual Private Network   In conventional packet forwarding every router opens the IP packet and looks at IP header to find out destination IP address and then with the help of its routing table takes independent decision to forward the packet. Handling the bulky IP header and reconstructing the ip packet again reduces the speed.   But MPLS works at layer 2. It classifies each packet based on FEC (Forwarding Equivalence Class). Subsequent routers simply look at the label and route the packet after swapping the label with a new one.