CA_Ex_S4C7_IP Addressing Services by kimchivn

VIEWS: 5 PAGES: 52

More Info
									      Chapter 7:
IP Addressing Services


            CCNA Exploration 4.0
Objectives




             2
DHCP




       3
Introducing DHCP
 •   Every device that connects to a network needs an IP
     address.
 •   Network administrators assign static IP addresses to routers,
     servers, and other network devices whose locations
     (physical and logical) are not likely to change.
 •   Network devices that are added, moved or changed
     (physical and logical) need new addresses. Manual
     configuration is unwieldy  dynamic configuration.
 •   DHCP assigns IP addresses and other important network
     configuration information dynamically.
 •   DHCP is an extremely useful and timesaving tool for network
     administrators.
 •   Cisco router can be configured to provide DHCP services,
     called Easy IP.
                                                                     4
DHCP Operation




 •   DHCP automatically dynamically assigns, or leases, an IP
     address from a pool of addresses for a limited period of time
     chosen by the server, or until the client tells the DHCP server
     that it no longer needs the address.
 •   DHCP works in a client/server mode.
                                                                       5
BOOTP and DHCP




•   The Bootstrap Protocol (BOOTP), defined in RFC 951, is the
    predecessor of DHCP and shares some operational
    characteristics.
•   Both DHCP and BOOTP are client/server based and use
    UDP ports 67 and 68.




                                                                 6
DHCP Message Format




                      7
DHCP Discovery and Offer Methods




                                   8
DHCP Discovery and Offer Methods




                                   9
Configuring a DHCP Server
•   Step 1. Define a range of addresses that DHCP is not to
    allocate.




•   Step 2. Create the DHCP pool




                                                              10
Configuring a DHCP Server
 •   Step 3. Configure the specifics of the pool.




                                                    11
Configuring a DHCP Server
 •   Example:




 •   Disabling DHCP:
      – use the no service dhcp command.


                                           12
Verifying DHCP




                 13
Verifying DHCP




                 14
Verifying DHCP




                 15
Configuring a DHCP Client




                            16
Configuring a DHCP Client




                            17
DHCP Relay
•   DHCP Problem




                   18
DHCP Relay




             19
DHCP Relay




      Broadcast               Broadcast
Helper address configuration that relays broadcasts to all servers on the
  segment.
RTA(config)#interface e0
RTA(config-if)#ip helper-address 172.24.1.255
But will RTA forward the broadcast?
                                                                            20
Directed Broadcast




 •   Notice that the RTA interface e3, which connects to the server farm, is not
     configured with helper addresses.
 •   However, the output shows that for this interface, directed broadcast
     forwarding is disabled.
 •   This means that the router will not convert the logical broadcast 172.24.1.255
     into a physical broadcast with a Layer 2 address of FF-FF-FF-FF-FF-FF.
 •   To allow all the nodes in the server farm to receive the broadcasts at Layer 2,
     e3 will need to be configured to forward directed broadcasts with the following
     command:
 RTA(config)#interface e3
 RTA(config-if)#ip directed-broadcast
                                                                                       21
DHCP Relay




       L3 Broadcast           L2 Broadcast
 Helper address configuration that relays broadcasts to all servers on the
   segment.
 RTA(config)#interface e0
 RTA(config-if)#ip helper-address 172.24.1.255
 RTA(config)#interface e3
 RTA(config-if)#ip directed-broadcast
                                                                             22
DHCP Relay
•   By default, the ip helper-address command forwards the
    following eight UDP services:
     – Port 37: Time
     – Port 49: TACACS
     – Port 53: DNS
     – Port 67: DHCP/BOOTP client
     – Port 68: DHCP/BOOTP server
     – Port 69: TFTP
     – Port 137: NetBIOS name service
     – Port 138: NetBIOS datagram service
•   To specify additional ports, use the ip forward-protocol
    command to specify exactly which types of broadcast
    packets to forward.
                                                               23
Configuring a DHCP Server Using SDM




                                      24
Configuring a DHCP Server Using SDM
 •   Add a DHCP
     Pool




                                      25
Configuring a DHCP Server Using SDM




                                      26
Troubleshooting DHCP




 •   The show ip dhcp conflict command displays all address
     conflicts recorded by the DHCP server.
 •   Use the show interface interface_name command




                                                              27
Troubleshooting DHCP




 •   Step 1. Verify that the ip helper-address command is
     configured on the correct interface.
 •   Step 2. Verify that the global configuration command no
     service dhcp has not been configured.
                                                               28
Troubleshooting DHCP




 •    Uses debug command:
       – debug ip packet detail 100
       – debug ip dhcp server packet
       – debug ip dhcp server events


     Activity 7.1.8.4
                                       29
Scaling Networks with NAT




                            30
Private and Public Addressing




                                31
What is NAT?




               32
What is NAT?




 • Inside local address - Usually not an IP address assigned by a RIR or
     service provider and is most likely an RFC 1918 private address.
 •   Inside global address - Valid public address that the inside host is given
     when it exits the NAT router.
 •   Outside global address - Reachable IP address assigned to a host on
     the Internet.
 •   Outside local address - The local IP address assigned to a host on the
     outside network. In most situations, this address will be identical to the
     outside global address of that outside device.
                                                                                  33
How Does NAT Work?




                     34
How Does NAT Work?
• There are two types of NAT translation: dynamic and static.
• Dynamic NAT uses a pool of public addresses and assigns
    them on a first-come, first-served basis. When a host with a
    private IP address requests access to the Internet, dynamic
    NAT chooses an IP address from the pool that is not already
    in use by another host.
•   Static NAT uses a one-to-one mapping of local and global
    addresses, and these mappings remain constant. Static NAT
    is particularly useful for web servers or hosts that must have
    a consistent address that is accessible from the Internet.
    These internal hosts may be enterprise servers or
    networking devices.
•   Both static and dynamic NAT require that enough public
    addresses are available to satisfy the total number of
    simultaneous user sessions.
                                                                     35
NAT Overload or PAT




                      36
Differences Between NAT and NAT Overload
 •   NAT generally only translates IP addresses on a 1:1
     correspondence between publicly exposed IP addresses and
     privately held IP addresses. NAT overload modifies both the
     private IP address and port number of the sender. NAT
     overload chooses the port numbers seen by hosts on the
     public network.
 •   NAT routes incoming packets to their inside destination by
     referring to the incoming source IP address given by the host
     on the public network. With NAT overload, there is generally
     only one or a very few publicly exposed IP addresses.
     Incoming packets from the public network are routed to their
     destinations on the private network by referring to a table in
     the NAT overload device that tracks public and private port
     pairs. This is called connection tracking.
                                                                      37
Benefits and Drawbacks of Using NAT




                                      38
Configuring Static NAT




                         39
Configuring Static NAT: Example




                                  40
Configuring Dynamic NAT




                          41
Configuring Dynamic NAT: Example




                                   42
Configuring NAT Overload
 •   Configuring NAT Overload for a Single Public IP Address




                                                               43
Configuring NAT Overload: Example




                                    44
Configuring NAT Overload
 •   Configuring NAT Overload for a Pool of Public IP Addresses




                                                                  45
Configuring NAT Overload: Example




                                    46
Port Forwarding
•   Port forwarding (sometimes referred to as tunneling) is the
    act of forwarding a network port from one network node to
    another. This technique can allow an external user to reach
    a port on a private IP address (inside a LAN) from the
    outside through a NAT-enabled router.




                                                                  47
Port Forwarding: Example




                           48
Verifying NAT and NAT Overload




                                 49
Verifying NAT and NAT Overload




                                 50
Troubleshooting NAT and NAT Overload
Configuration
• Steps to verify that NAT is operating as expected:
• Step 1. Based on the configuration, clearly define what NAT
    is supposed to achieve. This may reveal a problem with the
    configuration.
•   Step 2. Verify that correct translations exist in the translation
    table using the show ip nat translations command.
•   Step 3. Use the clear and debug commands to verify that
    NAT is operating as expected. Check to see if dynamic
    entries are recreated after they are cleared.
•   Step 4. Review in detail what is happening to the packet,
    and verify that routers have the correct routing information to
    move the packet.
                                                                        51
Troubleshooting NAT and NAT Overload
Configuration




 Activity 7.2.8.3
                                       52

								
To top