네트워크-Router, Switch, Security/라우터-Router: 13개의 글

NAT Static

Posted by nkjok
2017. 12. 8. 12:06 네트워크-Router, Switch, Security/라우터-Router
반응형




ISP의 공인 IP주소의 절약 및 공공망과 연결되는 사설망을 침입자들로부터 보호하기 위해 사용.





셋팅

HQ_SE_Core_R2(config)#ip nat inside source list 1 interface Serial0/0/0 overload

HQ_SE_Core_R2(config-if)#ip nat inside

HQ_SE_Core_R2(config-if)#ip nat outside





결과

HQ_SE_Core_R2#show ip nat translations

Pro Inside global Inside local Outside local Outside global

icmp 200.1.2.2:3 192.168.5.33:3 200.1.2.1:3 200.1.2.1:3

icmp 200.1.2.2:4 192.168.5.33:4 200.1.2.1:4 200.1.2.1:4

icmp 200.1.2.2:5 192.168.5.33:5 200.1.2.1:5 200.1.2.1:5

icmp 200.1.2.2:6 192.168.5.33:6 200.1.2.1:6 200.1.2.1:6


반응형
저작자표시

'네트워크-Router, Switch, Security > 라우터-Router' 카테고리의 다른 글

Multi HSRP Interface Tracking  (0) 2017.12.14
Hot Standby Routing Protocol  (0) 2017.12.13
Multi Cast. dense-mode  (0) 2017.12.06
OSPF Key Chain  (0) 2017.12.04
Totally Stub  (0) 2017.12.02
Trackback: Comment:

Multi Cast. dense-mode

Posted by nkjok
2017. 12. 6. 09:09 네트워크-Router, Switch, Security/라우터-Router
반응형


멀티캐스트 + VLC media player를 통한 실시간 영상전달.



셋팅

All Layer 3 (config)#ip multicast-routing

All Layer 3 (config-if)#ip pim dense-mode



HQ_SE_1F_L3_1#show ip mroute

IP Multicast Routing Table

(*, 239.1.1.1), 00:42:55/stopped, RP 0.0.0.0, flags: D

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    FastEthernet0/0, Forward/Dense, 00:42:55/00:00:00

(192.168.1.1, 239.1.1.1), 00:36:55/00:02:54, flags: T

  Incoming interface: FastEthernet0/1, RPF nbr 0.0.0.0

  Outgoing interface list:

    FastEthernet0/0, Forward/Dense, 00:36:41/00:00:00

(*, 239.255.255.250), 01:03:07/00:02:46, RP 0.0.0.0, flags: DC

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    FastEthernet0/1, Forward/Dense, 01:03:07/00:00:00

    FastEthernet0/0, Forward/Dense, 01:03:07/00:00:00

(*, 224.0.1.40), 01:08:19/00:02:56, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    FastEthernet0/0, Forward/Dense, 01:08:19/00:00:00


반응형
저작자표시

'네트워크-Router, Switch, Security > 라우터-Router' 카테고리의 다른 글

Hot Standby Routing Protocol  (0) 2017.12.13
NAT Static  (0) 2017.12.08
OSPF Key Chain  (0) 2017.12.04
Totally Stub  (0) 2017.12.02
OSPF Summary  (0) 2017.11.30
Trackback: Comment:

OSPF Key Chain

Posted by nkjok
2017. 12. 4. 12:52 네트워크-Router, Switch, Security/라우터-Router
반응형




 Host 에서 소프트웨어 (GNS3 ) 를 통한 네트워크 해킹 (Neighbor연결시도) 등을 방지하기 위해 사용 .




#Interface

HQ_SE_Core_R1(config-if)#ip ospf authentication message-digest

HQ_SE_Core_R1(config-if)#ip ospf message-digest-key 1 md5 123

HQ_SE_Core_R1(config-if)#ip ospf authentication

HQ_SE_Core_R1(config-if)#ip ospf authentication-key 123

#Area

HQ_SE_1F_L3_1(config-router)#area 1 authentication message-digest

HQ_SE_1F_L3_1(config-router)#area 1 authentication

-KeyInterface에 적용

(같은 방식은 Area Interface 간에 공유 가능)






Hello Debug

05:18:13: OSPF: Send hello to 224.0.0.5 area 0 on Vlan10 from 192.168.1.30

05:18:13: OSPF: Rcv hello from 192.168.1.100 area 0 from Vlan10 192.168.1.100

05:18:13: OSPF: End of hello processing

반응형
저작자표시

'네트워크-Router, Switch, Security > 라우터-Router' 카테고리의 다른 글

Hot Standby Routing Protocol  (0) 2017.12.13
NAT Static  (0) 2017.12.08
Multi Cast. dense-mode  (0) 2017.12.06
Totally Stub  (0) 2017.12.02
OSPF Summary  (0) 2017.11.30
Trackback: Comment:

Totally Stub

Posted by nkjok
2017. 12. 2. 14:23 네트워크-Router, Switch, Security/라우터-Router
반응형



E1E2 외부경로와 AS내의 다른 Area경로(O IA) 대신 0.0.0.0/0 을 서비스 한다




셋팅

HQ_SE_Core_R2(config-router)#area 2 stub no-summary

HQ_SE_3F_L3_1 (config-router)#area 2 stub no-summary

HQ_SE_3F_L3_2 (config-router)#area 2 stub no-summary







적용 전

HQ_SE_3F_L3_2

Gateway of last resort is not set

        192.168.1.0/27 is subnetted, 4 subnets

O IA 192.168.1.0 [110/4] via 192.168.5.98, 00:02:33, FastEthernet0/1

O IA 192.168.1.32 [110/4] via 192.168.5.98, 00:02:33, FastEthernet0/1

O IA 192.168.1.64 [110/3] via 192.168.5.98, 00:02:33, FastEthernet0/1

O IA 192.168.1.96 [110/3] via 192.168.5.98, 00:02:33, FastEthernet0/1

        192.168.2.0/27 is subnetted, 1 subnets

O IA     192.168.2.0 [110/3] via 192.168.5.98, 00:02:23, FastEthernet0/1

O IA 192.168.3.0/24 [110/4] via 192.168.5.98, 00:02:33, FastEthernet0/1

O IA 192.168.4.0/24 [110/3] via 192.168.5.98, 00:02:23, FastEthernet0/1

        192.168.5.0/27 is subnetted, 4 subnets

O          192.168.5.0 [110/3] via 192.168.5.98, 00:02:43, FastEthernet0/1

C          192.168.5.32 is directly connected, Vlan20

O          192.168.5.64 [110/2] via 192.168.5.98, 00:02:43, FastEthernet0/1

C          192.168.5.96 is directly connected, FastEthernet0/1

O IA 192.168.32.0/24 [110/3] via 192.168.5.98, 00:02:33, FastEthernet0/1

O IA 192.168.33.0/24 [110/3] via 192.168.5.98, 00:02:33, FastEthernet0/1

O IA 192.168.34.0/24 [110/2] via 192.168.5.98, 00:02:43, FastEthernet0/1

O IA 192.168.35.0/24 [110/2] via 192.168.5.98, 00:02:43, FastEthernet0/1








적용 후

HQ_SE_3F_L3_2

Gateway of last resort is 192.168.5.98 to network 0.0.0.0

   192.168.5.0/27 is subnetted, 4 subnets

O     192.168.5.0 [110/3] via 192.168.5.98, 00:04:38, FastEthernet0/1

C     192.168.5.32 is directly connected, Vlan20

O     192.168.5.64 [110/2] via 192.168.5.98, 00:04:38, FastEthernet0/1

C     192.168.5.96 is directly connected, FastEthernet0/1

O*IA 0.0.0.0/0 [110/2] via 192.168.5.98, 00:04:38, FastEthernet0/1

반응형
저작자표시

'네트워크-Router, Switch, Security > 라우터-Router' 카테고리의 다른 글

Hot Standby Routing Protocol  (0) 2017.12.13
NAT Static  (0) 2017.12.08
Multi Cast. dense-mode  (0) 2017.12.06
OSPF Key Chain  (0) 2017.12.04
OSPF Summary  (0) 2017.11.30
Trackback: Comment:

OSPF Summary

Posted by nkjok
2017. 11. 30. 11:51 네트워크-Router, Switch, Security/라우터-Router
반응형




네트워크 정보를 요약하여 Routing 테이블에서 다루어야할 정보량을 줄이기



셋팅

HQ_SE_Core_R1#area 1 range 192.168.1.0 255.255.255.128

HQ_SE_Core_R2#area 2 range 192.168.5.0 255.255.255.128




설정 전

HQ_SE_2F_L3_1

192.168.1.0/27 is subnetted, 4 subnets

O IA 192.168.1.0 [110/3] via 192.168.32.1, 00:11:34, FastEthernet0/6

O IA 192.168.1.32 [110/3] via 192.168.32.1, 00:11:34, FastEthernet0/6

O IA 192.168.1.64 [110/2] via 192.168.32.1, 00:11:34, FastEthernet0/6

O IA 192.168.1.96 [110/2] via 192.168.32.1, 00:11:34, FastEthernet0/6

192.168.2.0/27 is subnetted, 1 subnets

C 192.168.2.0 is directly connected, Vlan10

C 192.168.3.0/24 is directly connected, Vlan20

O IA 192.168.4.0/24 [110/2] via 192.168.33.2, 00:11:34, Port-channel10

192.168.5.0/27 is subnetted, 4 subnets

O IA 192.168.5.0 [110/4] via 192.168.32.1, 00:11:34, FastEthernet0/6

                      [110/4] via 192.168.33.2, 00:11:34, Port-channel10

O IA 192.168.5.32 [110/4] via 192.168.32.1, 00:11:34, FastEthernet0/6

                       [110/4] via 192.168.33.2, 00:11:34, Port-channel10

O IA 192.168.5.64 [110/3] via 192.168.32.1, 00:11:34, FastEthernet0/6

                       [110/3] via 192.168.33.2, 00:11:34, Port-channel10

O IA 192.168.5.96 [110/3] via 192.168.32.1, 00:11:34, FastEthernet0/6

                       [110/3] via 192.168.33.2, 00:11:34, Port-channel10

C 192.168.32.0/24 is directly connected, FastEthernet0/6

C 192.168.33.0/24 is directly connected, Port-channel10

O 192.168.34.0/24 [110/2] via 192.168.32.1, 00:11:34, FastEthernet0/6

O 192.168.35.0/24 [110/2] via 192.168.33.2, 00:11:34, Port-channel10




설정후

HQ_SE_2F_L3_1

192.168.1.0/27 is subnetted, 1 subnets

O IA 192.168.1.0 [110/3] via 192.168.32.1, 00:05:18, FastEthernet0/6

192.168.2.0/27 is subnetted, 1 subnets

C 192.168.2.0 is directly connected, Vlan10

C 192.168.3.0/24 is directly connected, Vlan20

O 192.168.4.0/24 [110/2] via 192.168.2.29, 00:05:38, Vlan10

192.168.5.0/25 is subnetted, 1 subnets

O IA 192.168.5.0 [110/3] via 192.168.32.1, 00:05:28, FastEthernet0/6

                      [110/3] via 192.168.33.2, 00:05:28, Port-channel10

C 192.168.32.0/24 is directly connected, FastEthernet0/6

C 192.168.33.0/24 is directly connected, Port-channel10

O 192.168.34.0/24 [110/2] via 192.168.32.1, 00:06:03, FastEthernet0/6

O 192.168.35.0/24 [110/2] via 192.168.33.2, 00:06:03, Port-channel10

반응형

'네트워크-Router, Switch, Security > 라우터-Router' 카테고리의 다른 글

Hot Standby Routing Protocol  (0) 2017.12.13
NAT Static  (0) 2017.12.08
Multi Cast. dense-mode  (0) 2017.12.06
OSPF Key Chain  (0) 2017.12.04
Totally Stub  (0) 2017.12.02
Trackback: Comment:

티스토리툴바