Archive for forwarding

Giving Some STATIC (Routes, that Is!)

Posted in Cisco Certification with tags , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , on June 13, 2012 by jjrinehart

The Original Static Route!

Last time we talked about the IPv4 routing table and how the information populates it in the first place, starting with directly connected routes.  The fact that interfaces with these routes have to be up and functioning to be in the table at all makes them inherently “believable” (the term used to describe routes).  Routes in the IPv4 routing table from this source are marked with a C (connected) and easily recognizable.

That brings us to the topic of static routes, which may evoke images of lightning (see above), or walking across a carpeted room and sending a shock to someone just for fun.  Certainly the word static is used in those contexts, but in this case it simply means fixed or stationary, and refers to the fact that these routes stay permanently in the routing table.  You might think that this sounds like a description of connected routes too, but in reality it means that the routes are manually configured by a network administrator.

You can think of static routes in terms of the large concrete barricades that separate the sides of traffic on the highway.  First, they stay in one place, they do not move, even when an object may strike them with some degree of force.  Static routes remain in the table once configured and do not simply vanish when things are taking place from a routing perspective.  Second, these barriers unforgivingly separate traffic, just as static routes continually direct traffic to their intended destination.  Finally, these concrete dividers are actually put there by highway workers, they do not simply magically appear, just as static routes have to be placed manually in the router’s configuration.

The configuration of a static is remarkably straightforward and uncomplicated, using the following syntax:

ip route <destination-prefix> <subnet-mask> <next-hop-address | exit-interface> [<distance>]

The destination prefix is a subnet and/or network using standard decimal notation (e.g., 192.168.2.0), followed by a subnet mask, just as you probably have seen and used numerous times in your networking job and/or studies.  The next part is critical to understand, as you have options you need to consider.  You can choose simply to specify the outgoing interface, or you can specify the IPv4 address of the device you want to send the traffic to (typically directly connected).  In either case, if the interface is down and/or the next hop is unreachable, the route will not appear in the table.  The optional distance command allows you to specify the administrative distance, which we will cover next time!

– Joe

Road Trip, the Sequel! (aka, Introduction to IP Routing II)

Posted in Cisco Certification with tags , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , on June 4, 2012 by jjrinehart

Cross Country RV Trip

Continuing the theme of road trips, my wife Brenda, our son Josh and daughter-in law Liz, and two dogs got into our thirty-one foot RV and headed across the country, not metaphorically, but literally. The real part of the adventure actually happened before the trip when I decided to do the brakes myself. We had been given a $3-6000 estimate on doing that at a professional garage, and after I came to, I decided that was far too spendy and would do the job myself. Have you ever launched into something and then halfway through decided it was a stupid idea? It took almost forever, and even though I have done brakes before, it’s a much greater challenge on a vehicle that enormous. I would probably do it all over again, but with a lot more trepidation.

Our “navigator map guy” was a team of my son and wife, who plotted out the route of travel, keeping our two-week timeframe squarely in the middle of the calculations. To their credit (they did a lot of the driving as well), we stayed fairly close to our plan all along the way. There were a variety of factors that they had to keep in mind:

All of those added together formed the basis of the various routes we needed to take to get all the way across the country step by step. Our plan was written out, with the details needed to get to the next step of the journey.

 

In the world of IPV4 routing, we call this the ip routing table. Just like the vacation driving plan, there are several critical pieces of the table:

The “means by which the route is chosen” needs further expansion, since it describes how the route was learned and ended up in the table to begin with.  There are three primary means why which routes are installed in the ip routing table:

Directly Connected Routes are those that “live” on the device itself, usually a router.  These routes come from functioning interfaces with IPV4 addresses learned by DHCP or manually configured.  This makes them the most reliable and believable routes on the device.

Next time, we will dig into static routes

–          Joe

Leave a comment »

Road Trip! (aka, Introduction to IP Routing I)

Posted in Cisco Certification with tags , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , on May 31, 2012 by jjrinehart

Route Sign

As you may recall from the very first entries on this blog, networking is all about communication—getting information from one location to another.  IPV4 packets carry that data from a source address to a destination address and all, but how does the process know how to get there in the first place?  The simple version of the answer is just IP routing!  Routing is the process of figuring out the best path to travel between any two given points in the journey.

To explain this a little bit, let me describe how I remember family vacations when I was a kid.  My Dad would load up the station wagon (yes, the nerdiest possible vehicle in history, I know), load us all inside, and then head out on the road.  My father was not the typical “Red Foreman” dad (in case you don’t remember, he was the colorful character from That 70’s Show).  My Dad is an engineer, and approaches everything with a carefully calculated plan by which to succeed, without much tolerance for variance.  Out would come the map, and he would move through and figure out the safest, most efficient path of travel, all before we ever actually got out on the road.

In a nutshell, that’s almost the same exact process that network devices (routers) use to figure out how to send data from the source to the destination.  When there are multiple possible ways to get there, a process is used to determine the most efficient manner to get from end to end.  Each part of the journey involves various networks, addresses, interfaces and media, not unlike the various highways and access roads used on a long-distance road trip.  And no, none of the small packets in the back seat keep asking “Are we there yet” over and over!

Each segment of the “trip” of an IP packet is managed by a Layer 3 routing device, typically a router or Layer 3 switch.  These devices maintain a list of networks it can reach, and by which exit point from the device (interface) it uses to reach those.  Once the packet leaves that device, it becomes the responsibility of the next one in the chain, which uses a similar process (route lookup) to send traffic on to the next part of the journey.  Once it reaches the destination, the process is repeated for return traffic, just as a road trip usually involves heading back to the point of origin.

Next time, we will take a look at the various methods used for specifically accomplishing the forwarding process.

–          Joe

1 Comment »

Going Back to Class

Posted in Cisco Certification with tags , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , on September 30, 2011 by jjrinehart

When the Internet Protocol was first introduced, the designers had no idea just how widely it would become adopted.  At the time, it competed head to end with Novell’s IPX protocol, along with Appletalk and a number of others, before IP finally achieved dominance.  In the beginning uses, groups of addresses were placed in classes which represented the way the addresses treated parts of the address, namely network and node (or host).  I love Wendell Odom’s explanation of these concepts, which he uses in his CCNA ICND1 Official Exam Certification Guide by Cisco Press (his website can be found at:http://www.certskills.com/) .  The network portion of the address is similar to a postal zip code, a broader representation of locations in a geographical area, after which street addresses and cities narrow down to a specific location.  A letter carrier on his/her route doesn’t care about zip codes several states away (in this analogy, addresses in other networks), but only the ones local to them.  With this in mind, let’s look at how address classes break out in terms of network length and node length.

Class A addresses have a network length of 8 bits, which is the first byte/octet of that address space.  Let’s use the example of 4.233.10.40, which would use 4 as the network portion and 233.10.40 as the node portion.  The natural or default mask is 255.0.0.0, or /8 using the examples described in the last blog.  Look at the representation of the possible ranges of Class A addresses in binary: 00000000 – 01111111. Two things should jump out at you, first, that only the leading digit (0) is consistent, which should always clue you in that a leading zero represents a Class A address.  Second, if you do the conversion from binary back to decimal, you will find the range to be 0 through 127 in the first octet.  Strictly speaking, the 127.0.0.0  range is reserved for internal loopback usage and zero ist permitted, so the actual usable range is 1.0.0.0 – 126.255.255.255.

To save space and brain cells, I will just summarize the Class B and C address characteristics, but keep in mind that the binary math works similarly to what is discussed above:

Address Class                        Leading Bit(s)                       Valid Network Numbers                       Network Bits                       Host Bits

A                                               0                                              1.0.0.0 to 126.0.0.0                                8                                             24

B                                               10                                            128.0.0.0 to 191.0.0.0                            16                                           16

C                                               11                                             192.0.0.0 to 223.0.0.0                           24                                           8

Notice that if you add the host bits and network bits you end up with 32 bits (4 bytes), which is the total address space in an IP Address.  Being able to recognize the Class of address in both binary and decimal will be very helpful not only on the exam, but later on when we discuss subnetting.

More to come…

– Joe

Leave a comment »

An Address By Any Other Name…

Posted in Cisco Certification with tags , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , on September 27, 2011 by jjrinehart

Source and Destination Addresses

When I first got into networking, I found the whole idea of IP addressing to be arcane and mysterious. Keep in mind that during most of my
elementary and middle school years, I was told that math was certainly NOT my thing (the string of C’s seemed to support that). That made me very skittish to even try to grasp things in the numerical arena, and it cast a blanket of fog over the dotted decimal addresses (e.g., 192.168.1.1, 10.2.1.5, etc.)

To be totally truthful, as a visual learner I read and memorized first and had my “aha” moment much later. Granted, there are a
boatload of principles, facts, and figures that just have to be firmly fixed in the brain first, but typically understanding happens at various points along the way. I hope that sharing my own experiences of learning will enable some of you to grasp the concepts more readily than I first did.

First things first, binary is king, as I mentioned much earlier in this blog. All of the seemingly strange things make perfect sense when you
leave behind our familiar decimal/base 10 thinking and get “tw0-dimensional.” At various points I will try to explain the quite-literal “bits and bytes” when it will further clarify some of the networking magic.

There are two ways to typically refer to an Internet Protocol (IP or IPV4) address, either of which you may encounter in various articles, books,
and other technical literature. The first is the use of the address and then the mask/subnet mask, while the second is the network or subnet, with the number of bits used, as follows:

192.168.1.2                 255.255.255.0

192.168.1.2/24

While they look very different, they mean exactly the same thing.  In decimal, each group of numbers between the dots is between 1-255 and is
referred to as an octet because you use 8 binary characters (bits) to create the same number in base-2. We’ll look into the bits involved a little
bit later, but that gives you a beginning point.

IP addresses are grouped into categories referred to as address classes, referred to as A, B, C, D and E. Class D addresses (223.0.0.0 to
239.255.255.255) refer to multicast addresses which are beyond the scope of the CCENT/CCNA but a fascinating topic nonetheless (if interested, read some more on your own). Class E (240.0.0.0 – 255.255.255.255) addresses were experimental and never used in any production setting, and mostly just idle geek-party chatter (just kidding).

Next time we will delve into the A, B and C address classes in more detail

– Joe

Leave a comment »

No Strings (Wires) Attached: Wireless LANs, Part IV

Posted in Cisco Certification with tags , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , on September 9, 2011 by jjrinehart
Image Detail

Up to NO Good!

When the 802.11 wireless standard first came out, security was seemingly an afterthought…one of the greatest criticisms of the technology in the “early days” was the fact that just about anyone could access the wireless medium with relative ease.  Stories abounded of hackers with antenna arrays made out of Pringle’s cans not only getting access to a company’s network, but having access to restricted information resources as well.  To combat these very real threats, the first security measure, called Wired Equivalent Privacy, or WEP, was released.

Any early adopter of technology will tell you that the first release of just about anything, now matter how cool, is going to have some significant problems.  Most seasoned engineers or administrators will typically pass on the first release of a new product or version of code for that very reason (why make your job harder than it needs to be, right?)  WEP was no exception to that rule, for several reasons.  First, it used static preshared keys that were rarely, if ever, changed.  I know of a large healthcare institution where an ex-employee, just out of curiosity, checked to see if the WEP keys one supposedly secure wireless network had been changed, after several years of being gone.  Not only were the WEP keys the same, but so were most of the passwords on the servers and network!  Had this individual had unhealthy motives, it could have resulted in a significant security breach resulting in RGE’s (resume generating events) for members of the network staff.  To complicate the death knell for WEP, the keys were easily cracked and the methods for doing so were readily available to both the hacker community as well as publicized on the Internet.  NOT a good start for wireless security.

The next generation of wireless security was advanced by the Wi-Fi Alliance, and titled WPA or Wi-Fi Protected Access.  WPA introduced more thorough methods of authentication (that is, verification of the identity of legitimate users before granting access) as well as strong encryption.  WPA was released prior to an actually IEEE standard, so not long after WPA2 was released, matched to the 802.11i standard, and made even stronger, particularly on the encryption front.

The final area of wireless security had nothing to do with technology, and everything to do with policy management: security policies.  Many times the reasons networks have serious points of vulnerability have less to do with technology protection mechanisms and more to do with the foibles of internal users.  A strong security policy can prevent either intentional or unintentional problems by regulating risky behavior.  Next time, we will consider IP addressing and services…

– Joe

Leave a comment »

No Strings (Wires) Attached: Wireless LANs, Part III

Posted in Cisco Certification with tags , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , on August 25, 2011 by jjrinehart

Accidental Brilliance!

As with many inventions, microwave ovens were actually invented by accident. Percy Spencer, an engineer at Raytheon, was touring a factory and was standing close to a magnetron, (a device which provided the heart of radar systems at the close of World War II). He noticed that a candy bar in his
pocket began melting as he stood close to the machine, and then called for a bag of popcorn, which began popping within minutes of getting close to the
machine. The reason for including this seemingly irrelevant history lesson?
Simply put, it introduces the subject of the Industrial, Scientific, and Mechanical (ISM) unlicensed radio bands. In 1985, The FCC gave permission for
general use of a group of frequencies without requiring government-issued licenses, which is why it is often referred to an unlicensed spectrum. The
frequencies within this allocated space included 900 MHz, 2.4 GHz, and 5.0 GHz, which then spawned an entire range of wireless-enabled devices on the market.  Early cordless phones, for example, usd the 900 MHz range, with newer ones using the 2.4 GHz range, along with our friend, the microwave oven.

The first generation of just about anything, whether hardware, software, cellular phones, always starts out with a very small group of early
adopters. This group tends to love gadgets, are willing to pay a premium, and tolerant of initial “bugginess.” As the technology gains popularity,
costs begin to drop, the rough edges get smoothed out, and the rates of sales and usage starts to grow, and eventually skyrocket. Wireless networking is no
different, as when the original 802.11 devices were released, with only 1-2 Mbps speeds and clunky/proprietary implementations. The “golden
ticket” came with the introduction of 802.11b devices in 1999, which operated in the 2.4 GHz frequency band and speeds of 11 Mbps using a modulation called
Digital Sequence Spread Spectrum, or DSSS. Ironically, 802.11a was released at the same time, which boasted speeds of up to 54 Mbps in the 5.0 GHz range using Orthogonal Frequency Division Multiplexing (OFDM), but the greater cost and lower adoption made it far less popular. Companies such as Linksys, D-Link, and others on the consumer side and Cisco on the business side flooded the market with affordable 802.11b access points and client adapters and pushed wireless network access into “prime time.” While it was an interesting time for service providers trying to offer subscription-based services, the hardware
side fared pretty well.

Wireless technology is now offered as standard on laptops, cellular phones, printers, and an entire plethora of other devices, making it
certain that it is here to stay.  There are drawbacks to wireless LAN technologies, which is what we will consider next time.

– Joe

2 Comments »