Академический Документы
Профессиональный Документы
Культура Документы
A PROJECT REPORT
Submitted by
BACHELOR IN TECHNOLOGY
In
COMPUTER ENGINEERING
DECEMBER-2011
APPENDIX 2
Certified that this project report NETWORK INFRASTRUCTURE MANAGEMENT SYSTEM is the bonafide work of RAHUL SHRMA & NITIN KHANDELWAL Who carried out the project work under my supervision.
SIGNATURE
SIGNATURE
<<Name>>
SUPERVISOR
<<Academic Designation>>
<<Department>>
<<Department>>
CONTENTS TABLE
TITLE
CERTIFICATE ABSTRACT BASICS SWITCHING ROUTING ACCESS LIST NETWORK ADDRESS TRANSLATION REFRENCES
ABSTRACT
We have worked on our minor project in 7th semester. This report is based on the knowledge, which we acquired during our minor project . We have done our minor project on networking and we contributed our services on this project.
Practical knowledge means the visualization of the knowledge, which we read in our books. For this, we perform experiments and get observations. Practical knowledge is very important in every field. One must be familiar with the problems related to that field so that he may solve them and become a successful person.
After achieving the proper goal in life, an engineer has to enter in professional life. According to this life, he has to serve an industry, may be public or private sector or self-own. For the efficient work in the field, he must be well aware of the practical knowledge as well as theoretical knowledge.
BASICS
BASIC ROUTER CONFIGURATIONS.
C:\ping 172.16.0.1 (Checking connectivity to access router). C:\telnet 172.16.0.1 Pwd: access ACCESS>enable Pwd:networkz ACCESS#(TYPE NAME OF ROUTER ASSIGNED)
SHOW COMMANDS
Router>enable Router#show version Router#show flash Router#show ip interface brief Router#show run Router#show start Router#show clock Router#show history Router#show interface Ethernet 0 (RAM Contents) (NVRAM Contents)
INTERFACE CONFIGURATION
Router#Configure terminal Router(config)#interface serial 0 Router(config)#ip address 10.1.1.1 255.0.0.0 Router(config)#no shutdown Router(config)#interface Ethernet 0 Router(config)#ip address 172.16.0.X 255.255.255.0 Router(config)#no shutdown
SWITCHING
SWITHING
VLAN
SW1
Fa0/23
Fa0/23
Pc 1
Pc 2
Pc 3
Pc 4
Vlan Summary:
1. Connect pc 1 & pc 2 to interface fa0/1, fa0/2 resp. in SW1 2. Connect pc 3 & pc 4 to interface fa0/1, fa0/2 resp. in SW3 3. Configure interfaces in different vlans
Switch#vlan database Switch(vlan)#vlan 10 name sales Switch(vlan)#vlan 20 name finance Switch(vlan)#exit Switch#conf t Switch(config)#interface fa0/1 Switch(config-if)#switchport access vlan 10 Switch(config-if)#int fa0/2 Switch(config-if)#switchport access vlan 20 Switch(config-if)#interface fa0/24 Switch(config-if)#switchport trunk encapsulation isl Switch(config-if)#exit Switch(config)#exit Switch#show vlan Switch#show trunk Test connectivity between pcs. Connect them in same vlan and test again.
ROUTING
1. RIP ROUTING INFORMATION PROTOCOL (RIP)
R1 S0 S1
R2 S0 S1
R3
E0
E0
E0
E0
E0
E0
HARDWARE REQUIREMENTS:
1. Three 2500 series routers & 2 serial cables 2. Connect Ethernet interfaces to switches
R3 E0 S0 S1
R2 Router Configuration:
R3 Router Configuration:
R3#conf t R3(config)#router rip R3(config-router)#network 192.168.40.0 R3(config-router)#network 192.168.50.0
VERIFICATION COMMANDS:
R1#show ip protocols R1#show ip route R1#debug ip rip
2. EIGRP
E0 S0 S1 S0 R1 S1 E0 S0 R6 S1 S0 R2 S1
E0
S0 R3 S1 R4
R5 S1
S0 E0
E0
E0
HARDWARE REQUIREMENTS:
1. Six 2500 series routers & 6 serial cables 2. Connect Ethernet interfaces to switches
E0 R3 S0 S1 E0 R4 S0 S1 E0 R5 S0 S1 E0 R6 S0 S1
200.1.3.1 /24 200.10.10.9 /30 200.10.10.6 /30 200.1.4.1 /24 200.10.10.13 /30 200.10.10.10 /30 200.1.5.1 /24 200.10.10.17 /30 200.10.10.14 /30 200.1.6.1 /24 200.10.10.18 /30 200.10.10.21 /30
INTERFACE CONFIGURATION:
R1(config)#int e0 R1(config-if)#ip add 200.1.1.1 255.255.255.0 R1(config-if)#no shutdown R1(config-if)#int s0 R1(config-if)#ip add 200.10.10.1 255.255.255.252 R1(config-if)#no shut R1(config-if)#clock rate 64000 R1(config-if)#int s1 R1(config-if)#ip add 200.10.10.22 255.255.255.252 R1(config-if)#no shut R1(config-if)#clock rate 64000
NOTE: - To remove ip address from interface issue no form of command in the interface
R1(config-if)#no ip address
EIGRP CONFIGURATION:
R1(config)#router eigrp 100 R1(config-router)#network 200.1.1.0 R1(config-router)#network 200.10.10.20 R1(config-router)#network 200.10.10.0 R1(config-router)#no auto-summary
R2 CONFIGURATION:
R2(config)#router eigrp 100 R2(config-router)#network 200.1.2.0 R2(config-router)#network 200.10.10.4 R2(config-router)#network 200.10.10.0
R2(config-router)#no auto-summary
R3 CONFIGURATION:
R3(config)#router eigrp 100 R3(config-router)#network 200.1.3.0 R3(config-router)#network 200.10.10.4 R3(config-router)#network 200.10.10.8 R3(config-router)#no auto-summary
R4 CONFIGURATION:
R4(config)#router eigrp 100 R4(config-router)#network 200.1.4.0 R4(config-router)#network 200.10.10.8 R4(config-router)#network 200.10.10.12 R4(config-router)#no auto-summary
R5 CONFIGURATION:
R5(config)#router eigrp 100 R5(config-router)#network 200.1.5.0 R5(config-router)#network 200.10.10.12 R5(config-router)#network 200.10.10.16 R5(config-router)#no auto-summary
R6 CONFIGURATION:
R6(config)#router eigrp 100 R6(config-router)#network 200.1.6.0 R6(config-router)#network 200.10.10.20 R6(config-router)#network 200.10.10.16 R6(config-router)#no auto-summary
VERIFICATION COMMANDS:
Router#show ip protocols Router#show ip eigrp neighbors Router#show ip eigrp interfaces Router#show ip eigrp topology Router#show ip route eigrp Router#debug ip eigrp neighbors Router#debug eigrp packets
E0 S0 S1 R1 S0 S1 E0 R6 E0 S0 S1 S0 R2 AREA 0
E0 S1 R3 S0 S1 R4
S1 R5 E0
S0
E0
R1
E0 S0 S1
200.1.1.1 /24 200.10.10.1 /30 200.10.10.22 /30 200.1.2.1 /24 200.10.10.5 /30 200.10.10.2 /30 200.1.3.1 /24 200.10.10.9 /30
R2
E0 S0 S1
R3
E0 S0
S1 R4 E0 S0 S1 R5 E0 S0 S1 E0 R6 S0 S1
200.10.10.6 /30 200.1.4.1 /24 200.10.10.13 /30 200.10.10.10 /30 200.1.5.1 /24 200.10.10.17 /30 200.10.10.14 /30 200.1.6.1 /24 200.10.10.18 /30 200.10.10.21 /30
INTERFACE CONFIGURATION:
R1(config)#int e0 R1(config-if)#ip add 200.1.1.1 255.255.255.0 R1(config-if)#no shutdown R1(config-if)#int s0 R1(config-if)#ip add 200.10.10.1 255.255.255.252 R1(config-if)#no shut R1(config-if)#clock rate 64000 R1(config-if)#int s1 R1(config-if)#ip add 200.10.10.22 255.255.255.252 R1(config-if)#no shut R1(config-if)#clock rate 64000
NOTE:- To remove ip address from interface issue no form of command in the interface
R1(config-if)#no ip address
OSPF CONFIGURATION:
R1(config)#router ospf 1 R1(config-router)#network 200.1.1.0 0.0.0.255 area 0 R1(config-router)#network 200.10.10.0 0.0.0.3 area 0 R1(config-router)#network 200.10.10.20 0.0.0.3 area 0 R2(config)#router ospf 2 R2(config-router)#network 200.1.2.0 0.0.0.255 area 0 R2(config-router)#network 200.10.10.0 0.0.0.3 area 0 R2(config-router)#network 200.10.10.4 0.0.0.3 area 0
R3(config)#router ospf 3 R3(config-router)#network 200.1.3.0 0.0.0.255 area 0 R3(config-router)#network 200.10.10.4 0.0.0.3 area 0 R3(config-router)#network 200.10.10.8 0.0.0.3 area 0
R4(config)#router ospf 4 R4(config-router)#network 200.1.4.0 0.0.0.255 area 0 R4(config-router)#network 200.10.10.8 0.0.0.3 area 0 R4(config-router)#network 200.10.10.12 0.0.0.3 area 0
R5(config)#router ospf 5 R5(config-router)#network 200.1.5.0 0.0.0.255 area 0 R5(config-router)#network 200.10.10.12 0.0.0.3 area 0 R5(config-router)#network 200.10.10.16 0.0.0.3 area 0
R6(config)#router ospf 6 R6(config-router)#network 200.1.6.0 0.0.0.255 area 0 R6(config-router)#network 200.10.10.16 0.0.0.3 area 0 R6(config-router)#network 200.10.10.20 0.0.0.3 area 0
VERIFICATION COMMANDS:
Router#show ip protocols Router#show ip route Router#show ip ospf interface Router#show ip ospf database Router#show ip ospf neighbor Router#show ip ospf [process-id]
ACCESS-LIST
R1 R1 E0 1 2 3 S0 S1
HARDWARE REQUIRED:
1. 2 2500 ROUTERS 2. 1 SERIAL CABLE 3. 4 PCS
WORKSTATION IP CONFIGURATION
PC1- 10.1.1.2 /24 PC2- 10.1.1.3 /24 PC3- 20.1.1.2 /24 PC4- 20.1.1.3 /24
I-SCENARIOS FOR STANDARD ACCESS-LIST:1. Create access-list to block PC1 access to PC3 2. Permit PC2 to access PC3 3. Deny all the workstations in R2 LAN to access INTERNET
II-SCENARIOS FOR EXTENDED ACCESS-LIST:1. Provide internet access only to PC1 in R1 LAN 2. Permit only PC2 to telnet R1. 3. PC3 is denied to telnet to R1 and permitted to access internet 4. Deny PC1 to access ftp application in server. 5. Permit PC2 to access only web pages from server and deny the rest. 6. Block all ping packets to enter your perimeter Router. 7. Deny telnet access from Internet to the Routers
I-SCENARIOS COMMANDS:1. R2(config)#access-list 10 deny 10.1.1.2 0.0.0.0 R2(config)#access-list 10 permit any R2(config)#int e0 R2(config-if)#ip access-group 10 out
NOTE:
To remove ACL use no forms of commands
To remove applied ACL from interface issue no form of cmd in interface Ex: R2(config-if)#no ip access-group 10 out
2. R2(config)#access-list 20 deny 20.1.1.0 0.0.0.255 R2(config)#access-list 20 permit any R2(config)#int s0 R2(config-if)#ip access-group 20 out
II-SCENARIOS COMMANDS
1. R2(config)#access-list 100 permit tcp 10.1.1.2 0.0.0.0 any R2(config)#access-list 100 permit tcp 20.1.1.2 0.0.0.0 any R2(config)#int s0 R2(config-if)#ip access-group 100 out
2. R1(config)#access-list 101 permit tcp 10.1.1.3 0.0.0.0 any R1(config)#line vty 0 4 R1(config-line)#ip access-class 101 in
3. R1(config)#access-list 111 deny tcp host 10.1.1.2 host 20.1.1.3 eq 21 R1(config)#access-list 111 permit ip any any R1(config)#int e0 R1(config-if)#ip access-group 111 in
4. R1(config)#access-list 123 permit tcp 10.1.1.3 0.0.0.0 host 20.1.1.3 eq 80 R1(config)#access-list 123 deny ip any any
5. R2(config)#access-list 199 deny icmp any any R2(config)#access-list 199 deny tcp any any eq 23 R2(config)#access-list 199 permit ip any any R2(config)#int s0 R2(config-if)#ip access-group 199 in
VERIFYING ACL:
TESTING ACL:
1.PING 2.WEB BROWSER 3.FTP CLIENT
R1 S0 E0 S1
R2 S0 E0
R3 S1
PC0 PC1
PC2 PC3
INTERFACE CONFIGURATION:
R1 E0 S0 R2 E0 S0 S1 R3 S1 20.1.1.1 /24 190.10.10.1 /29 30.1.1.1 /24 N/A 190.10.10.2 /29 90.90.90.1 /28
NOTE:
Serial interface gets ip address from DHCP server in ISP.
I SCENARIO
1. Configure Nat in R1 so that host 20.1.1.3 is translated to ip 190.10.10.3 and the rest of the hosts in that subnet should use serial ip address. 2. Configure dynamic NAT in R2 to translate
INSIDE GLOBAL
90.90.90.10 TO 90.90.90.14
II SCENARIO
1. Configure PAT in R2 to translate the rest of the hosts in Ethernet to use dynamically assigned serial ip address from ISP.
INTERFACE CONFIGURATION:
R1(config)#int e0 R1(config-if)#ip add 20.1.1.1 255.255.255.0 R1(config-if)#no shut R1(config-if)#int s0 R1(config-if)#ip add 190.10.10.1 255.255.255.248 R1(config-if)#no shut R1(config-if)#clock rate 64000
R2 CONFIGURATION:
R2(config)#int e0 R2(config-if)#ip add 30.1.1.1 255.255.255.0 R2(config-if)#no shut R2(config-if)#int s1 R2(config-if)#ip add 190.10.10.2 255.255.255.248 R2(config-if)#no shut R2(config-if)#clock rate 64000 R3 CONFIGURATION: R3(config)#int s1 R3(config-if)#ip add 90.90.90.1 255.255.255.224 R3(config-if)#no shut R3(config-if)#clock rate 64000
R2 NAT CONFIGURATION :
R2(config)#access-list 50 permit host 30.1.1.30 R2(config)#access-list 50 permit host 30.1.1.40 R2(config)#access-list 50 permit host 30.1.1.41 R2(config)#access-list 50 permit host 30.1.1.51 R2(config)#access-list 50 permit host 30.1.1.99 R2(config)#ip nat pool ccna 90.90.90.3 90.90.90.10 netmask 255.255.255.224 R2(config)#ip nat inside source list 50 pool ccna
R2(config)#access-list 60 permit any R2(config)#ip nat inside source list 60 interface serial 0 overload
VERIFICATION COMMANDS:
Router#show access-list [ acl no. ] Router#show ip nat translation Router#show ip nat statistics
DEBUG COMMANDS:
REFRENCES:
y y Sybex CCNA 640-802 cracked CCNA 640-802 study guide