Добавил:
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:
Cisco Press CCNA ICND 2004 - Cisco Press.pdf
Скачиваний:
123
Добавлен:
24.05.2014
Размер:
13.19 Mб
Скачать

292 Chapter 8: Advanced TCP/IP Topics

Foundation Summary

The “Foundation Summary” section lists the most important facts from the chapter. Although this section does not list everything that will be on the exam, a well-prepared CCNA candidate should at a minimum know all the details in each Foundation Summary before taking the exam.

Table 8-11 shows the private address space defined by RFC 1918.

Table 8-11 RFC 1918 Private Address Space

Range of IP Addresses

Class of Networks

Number of Networks

 

 

 

10.0.0.0 to 10.255.255.255

A

1

 

 

 

172.16.0.0 to 172.31.255.255

B

16

 

 

 

192.168.0.0 to 192.168.255.255

C

256

 

 

 

Figure 8-20 and Table 8-12 outline some of the terminology used with NAT.

Figure 8-20 Static NAT Terminology

 

 

SA 10.1.1.1

 

 

 

SA 200.1.1.1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Server

10.1.1.1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Internet

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

NAT

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

170.1.1.1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

10.1.1.2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Inside

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Outside

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

DA 10.1.1.1

 

 

 

 

 

 

DA 200.1.1.1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Inside Local

 

 

 

 

Inside Global

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

10.1.1.1

 

 

200.1.1.1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

10.1.1.2

 

 

200.1.1.2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Foundation Summary 293

Table 8-12 NAT Addressing Terms

 

 

 

 

Term

Description

 

 

 

 

Inside local

In a typical NAT design, the term “inside” refers to an address used for a

 

 

host inside an enterprise. An inside local is the actual IP address assigned to

 

 

a host in the private enterprise network. A more descriptive term might be

 

 

“inside private,” because when using RFC 1918 addresses in an enterprise,

 

 

the inside local represents the host inside the enterprise, and it is a private

 

 

RFC 1918 address.

 

 

 

 

Inside global

In a typical NAT design, the term “inside” refers to an address used for a

 

 

host inside an enterprise. NAT uses an inside global address to represent the

 

 

inside host as the packet is sent through the outside network, typically the

 

 

Internet. A NAT router changes the source IP address of a packet sent by an

 

 

inside host from an inside local address to an inside global address as the

 

 

packet goes from the inside to the outside network.

 

 

A more descriptive term might be “inside public,” because when using RFC

 

 

1918 addresses in an enterprise, the inside global represents the inside host

 

 

with a public IP address that can be used for routing in the public Internet.

 

 

 

 

Outside global

In a typical NAT design, the term “outside” refers to an address used for a

 

 

host outside an enterprise—in other words, in the Internet. An outside

 

 

global is the actual IP address assigned to a host that resides in the outside

 

 

network, typically the Internet. A more descriptive term might be “outside

 

 

public,” because the outside global represents the outside host with a public

 

 

IP address that can be used for routing in the public Internet.

 

 

 

 

Outside local

In a typical NAT design, the term “outside” refers to an address used for a

 

 

host outside an enterprise—in other words, in the Internet. NAT uses an

 

 

outside local address to represent the outside host as the packet is sent

 

 

through the private enterprise network (inside network). A NAT router

 

 

changes a packet’s destination IP address, sent from an inside host to the

 

 

outside global address, as the packet goes from the inside to the outside

 

 

network. A more descriptive term might be “outside private,” because when

 

 

using RFC 1918 addresses in an enterprise, the outside local represents the

 

 

outside host with a private IP address from RFC 1918.

 

 

 

Example 8-8 shows a typical NAT configuration, as well as some show commands.

Example 8-8 Dynamic NAT Configuration

NAT# show running-config

!

! Lines omitted for Brevity

!

interface Ethernet0/0

ip address 10.1.1.3 255.255.255.0

ip nat inside

!

continues

294 Chapter 8: Advanced TCP/IP Topics

Example 8-8 Dynamic NAT Configuration (Continued)

interface Serial0/0

ip address 200.1.1.251 255.255.255.0 ip nat outside

!

ip nat pool fred 200.1.1.1 200.1.1.2 netmask 255.255.255.252 ip nat inside source list 1 pool fred

!

access-list 1 permit 10.1.1.2 access-list 1 permit 10.1.1.1

!

NAT# show ip nat translations

NAT# show ip nat statistics

Total active translations: 0 (0 static, 0 dynamic; 0 extended)

Outside interfaces:

Serial0/0

Inside interfaces:

Ethernet0/0

Hits: 0 Misses: 0

Expired translations: 0

Dynamic mappings:

-- Inside Source

access-list 1 pool fred refcount 0

pool fred: netmask 255.255.255.252

start 200.1.1.1 end 200.1.1.2

type generic, total addresses 2, allocated 0 (0%), misses 0

!

! Telnet from 10.1.1.1 to 170.1.1.1 happened next; not shown

!

NAT# show ip nat statistics

Total active translations: 1 (0 static, 1 dynamic; 0 extended)

Outside interfaces:

Serial0/0

Inside interfaces:

Ethernet0/0

Hits: 69 Misses: 1

Expired translations: 0

Dynamic mappings:

-- Inside Source

access-list 1 pool fred refcount 1

pool fred: netmask 255.255.255.252

 

start 200.1.1.1 end

200.1.1.2

 

 

 

type generic, total

addresses 2, allocated 1 (50%), misses 0

NAT# show ip nat translations

 

 

Pro

Inside global

Inside local

Outside local

Outside global

---

200.1.1.1

10.1.1.1

---

---

Foundation Summary 295

The Destination Unreachable, Time Exceeded, Redirect, and Echo messages are described in Table 8-13.

Table 8-13

ICMP Message Types

 

 

 

 

 

Message

Purpose

 

 

 

 

Destination Unreachable

Tells the source host that there is a problem delivering a packet.

 

 

 

 

Time Exceeded

The time it takes a packet to be delivered has expired, so the

 

 

packet has been discarded.

 

 

 

 

Redirect

The router sending this message has received a packet for which

 

 

another router has a better route. The message tells the sender to

 

 

use the better route.

 

 

 

 

Echo

Used by the ping command to verify connectivity.

 

 

 

Table 8-14 summarizes some features of TFTP and FTP.

Table 8-14 Comparison of FTP and TFTP

FTP

TFTP

 

 

Uses TCP

Uses UDP

 

 

Uses robust control commands

Uses simple control commands

 

 

Sends data over a TCP connection separate from

Uses no connections because of UDP

control commands

 

 

 

Requires more memory and programming effort

Requires less memory and programming effort

 

 

Example 8-9 shows the router configuration required to support ISL encapsulation and forwarding between three VLANs.

Example 8-9 Router Configuration for ISL Encapsulation

interface fastethernet 0.1

ip address 10.1.1.1 255.255.255.0 encapsulation isl 1

!

interface fastethernet 0.2

ip address 10.1.2.1 255.255.255.0 encapsulation isl 2

!

interface fastethernet 0.3

ip address 10.1.3.1 255.255.255.0 encapsulation isl 3

296 Chapter 8: Advanced TCP/IP Topics

Q&A

As mentioned in the Introduction, you have two choices for review questions. The following questions give you a bigger challenge than the exam because they are open-ended. By reviewing with this more-difficult question format, you can exercise your memory better and prove your conceptual and factual knowledge of the topics covered in this chapter. The answers to these questions are found in Appendix A.

For more practice with exam-like question formats, including multiple-choice questions and those using a router simulator, use the exam engine on the CD.

1.Define private addressing as defined in RFC 1918.

2.List the range of private networks defined in RFC 1918.

3.Does CIDR affect the size of Internet routing tables? If so, what does it do to those routing tables?

4.Define NAT and explain the basics of its operation.

5.Define the term inside local address in relation to NAT. Use Figure 8-21 to describe the answer.

Figure 8-21 Network for Use in Answering NAT Questions

10.1.1.1

200.1.1.1

Server

 

 

Internet

NAT 170.1.1.1

10.1.1.2

6.Define the term inside global address in relation to NAT. Use Figure 8-21 to describe the answer.

7.Create a configuration for NAT overload to a single IP address for the router shown in Figure 8-21.

8.Create a configuration for static NAT, mapping host 10.1.1.1 to 200.1.1.11, for the router shown in Figure 8-21.

Q&A 297

9.Which requires more lines of source code, FTP or TFTP? Explain your answer.

10.Does FTP or TFTP perform error recovery? If so, describe the basics of how this occurs.

11.Describe the process used by IP routers to perform fragmentation and reassembly of packets.

12.How many Class B-style networks are reserved by RFC 1918 private addressing?

13.Describe why ARP requests use an Ethernet broadcast address instead of an Ethernet unicast address.

14.Imagine that host 10.1.1.1 in Figure 8-21 sends a packet to the server at 170.1.1.1 and that the NAT router also happens to fragment the packet. Inside the context of this network, explain how reassembly of the fragments into the original packet occurs.

15.Imagine that R1 has an interface, FastEthernet 0/0, that uses ISL trunking to a switch.

R1 needs to route between VLAN 1 and VLAN 2. Create a valid router configuration.

16.Describe how NAT overload manages to support more than one inside local IP address using a single inside global address.

Cisco Published ICND Exam Topics*

Covered in This Part:

4 Design a simple internetwork using Cisco products

6 Choose WAN protocols to meet design requirements

14Implement simple WAN protocols

15Utilize the OSI model as a guide for systematic network troubleshooting

19Troubleshoot a device as part of a working network

21Perform simple WAN troubleshooting

26Evaluate key characteristics of HDLC, PPP, Frame Relay, DDR, and ISDN technologies * Always re-check www.cisco.com for the latest posted exam topics