Upload
ritanjan-dawn
View
181
Download
4
Tags:
Embed Size (px)
Citation preview
Project Report On
DYNAMIC ROUTING USING ACL
Under
WEBEL INFORMATICS LIMITED
By
Ritanjan Dawn
Arindam Samanta
Suman Kumar Mishra
Indira Kar
CAMELLIA INSTITUTE OF TECHNOLOGY
MADHYAMGRAM, KOLKATA-700129
ACKNOWLEDGEMENT
The ability and patience to exercise and provide diligence support is a quality admonished by few. We start to examine the technical issues in detail ,it is worth devoting sometime to pointing out why people are interested in computer networks and what they can be used for. We will start with traditional uses at companies and for individuals and then move on to recent development regarding mobile users and home networking.
We express our sincere thanks to our Training and Placement Officer for providing us this excellent opportunity to undergo such wonderful and effective in-curriculum learning.
We would like to thank WEBEL INFORMATICS LIMITED for giving us opportunity to do the project at their renowned office. We would like to special thanks my project guide Subhasish Khan and S.Banerjee for being extremely co-operative and providing support.
CERTIFICATE
This is to certify that the project report entitled “DYNAMIC ROUTING USING ACL” is done by us is an authentic work carried for the partial fulfillment of the requirements for the award of the degree of bachelor of technology under the guidance of Mr.Subhasish Khan.
We have got enough knowledge during this training about computer networking and also got the ability of router configuration. Hope this knowledge and experience will help us in future to work in a networking field.
The matter embodied in this project work has not been submitted earlier for award of any degree or Diploma to the best of our knowledge and belief.
WEBEL INFORMATICS LIMITED-
About the CompanyWebel Informatics Limited is the IT Education and Training arm of West Bengal Electronics Industry Development Corporation Limited(WBEIDC).
Since 1992,WIL has successfully trained around36000 industry ready professional every year from its own classroom,103 locations/centre all over the state trough Corporate training.
WIL conduct Diploma and certificate courses in software, hardware with networking and multimedia besides a host of other IT courses for beginners. Special emphasis is given for training to college students to help make them ready for professional placement on graduation. WIL is the regional CISCO networking academy for eastern India and awards CISCO Certified Network Associate. It also conduct Red Hat Certified Engineer for individuals and corporate clients. WIL is also conducting Voice-Language-Training for 160 hour spread over 14 weeks using course material of a leading BPO MNC company in the country.
INTRODUCTION
We will use the term “Computer Network” to mean a collection of autonomous computers interconnected by a single technology. Two computers are said to be interconnected if they are able to exchange information. The connection need not be via a copper wire, fiber optics, microwaves, infrared and communication satellites can also be used. Although it may sound strange to some people, neither the internet nor the World Wide Web is a Computer Network.
In a Computer Network, this coherence model and software are absent. Users are exposed to the actual machines without any attempt by the system to make the machines look and act in a coherent way. If the machines have different hardware and different operating system, that is fully visible to the users. If a user want to run a program on a remote machine, he has to log onto that machine and run it there.
The up gradation from the current infrastructure to the switches and router will help in divisioning the networks but keeping them connected the same time with enforce security policies implemented by ACL.
OBJECTIVE
We have configured a LAN connection in WEBEL INFORMATICS LIMITED. The main objective of our beautiful project is that with the help of this configuration the administrator can control the traffic between routers and can give the privilege to some specific device to access the specific server or other device. The administrator can deny the access privilege of any device on any network also.
Any Small Institute:
In a institute the administrator at first make every network available for every device.
But after that if he think that there is no need to give the privilege to all device for accessing any device, then he can stop the accessing power of some device.
The administrator can also decide which route will be short for a router to transfer packet and he can set the route also. This will help not only to reduce time as well as to maintain the traffic and to prevent the wastage of packets.
CONTENTS
Introduction of Networks Different Types of Topology
Device and Cable Various Network Device and Their Utility Various Types of Network Cable and Their Uses
Network Models
The OSI Model Layered Architecture Layers in The OSI Model TCP/IP Model
IP Addressing Types of Address Classification of IP Address Sub netting VLSM
Introduction of Router and ACL Internal Component of Router Router Connector Routing Protocol Types of Routes Configuration of Static and Dynamic Route Router Configuration Interface Configuration
Project Description Diagram of Network Used Commands
Introduction of Networks
DIFFERENT TYPE OF PHYSICAL TOPOLOGY:
1. STAR TOPOLOGY
2. EXTENDED STAR TOPOLOGY
3. RING TOPOLOGY
4. MESH TOPOLOGY
5. BUS TOPOLOGY
BUS TOPOLOGY- In a physical bus topology every computer is directly connected to a common medium.
STAR TOPOLOGY- In a physical star topology, a cable runs from each network entity to a central device.
EXTENDED STAR TOPOLOGY- When one star topology are connected to other star topology is called extended star topology.
RING TOPOLOGY- In a physical ring topology every network entity connects directly to only two other network entities.
MESH TOPOLOGY- In a physical mesh topology, every computer is directly connected to every other computer.
VARIOUS NETWORK DEVICES AND THEIR UTILITIES:-
Network devices are two type a) LAN devicesb) WAN devices.LAN Devices:1.Repeater, hub-> It is a layer 1 of the OSI model device.2. Bridge, Switch-> It is a layer 2 of the OSI model device.
Repeater: 1) Regenerate the signal.
2) It work in Layer 1 of the OSI Reference model. 3) Accept signal through one port and send other
port except source port. 4) Repeater has two port. 5) Repeater has no decision making power.
Hub:1) Regenerate the signal.
2) It work in Layer 1 of the OSI Reference model.3) Accept signal through one port and send other port except source port.
4) Logically Hub is a multiple port Repeater. 5) Hub has no decision making power.
Bridge:1) Bridge has two port.2) Bridge create two segments.
3) Bridge has decision making power. 4) It maintain bridge table ie.MAC table(data can
be sent according to the bridge table). 5) Bridge is a layer 2 of the OSI reference model .
Switch: 1) Switch has multiple port.
2) Switch create multiple segments. 3)Switch has decision making power. 4) It maintain Switch table ie.CAM table(data can
be sent according to the CAM table). 5) Switch is a layer 2 of the OSI reference model .
WAN Devices:1)Router, Communication Server are layer 3
of the OSI model device.
Router:
1) Create the connection between different network.
2) Select Best path.3)It create Switching i.e. from one port to another.4)It create Routing table and ARP table
NETWORK CABLING:
Network cabling are different type
I)copper cable ii)fiber optic cable
copper cable are different type:-1)straight cable.2)cross cable.3) Rollover cable.4) serial cable.
Straight-through Cable:
Unshielded twisted pair (UTP) copper cable for connecting dissimilar networking devices. In straight cable the pin-outs of RJ-45 connector from one end is similar to other end.
Diagram of Straight-Through cabling
Crossover Cable:
UTP copper cable for connecting similar networking devices. In cross cable the pin no 1 of RJ-45 is connected to pin 3 of other end. Pin 2 of one end is connected to pin 6 of other end. Pin 3 of one end is connected to pin 1 of other end.
Diagram of Crossed-over cabling
Rollover cable:UTP copper cable for connecting console port of router for configuration of router.In Rollover cable pin-outs of RJ-45 connector from one end is opposite to other end.
Diagram of rollover cabling
Serial Cable: Copper cable typical of wide area connections
OSI(Open System Interconnection MODEL)Before OSI Reference model ISO (International Standardized organization) developed SNA,TCP/IP dissolute etc. Reference model ie CISCO Proprietary networking system for communication. After that this three model will follow the OSI Reference model in 1984.
7 Layer of OSI reference model:
Layer seven:Top Layer of the OSI Reference model accomplish a task for Running the application i.e., File transfer, Printing, messaging services. It defining how interaction occur between network services and the network application Layer.Layer six:Presentation layer is responsible for formatting data exchange. It encrypted different formatted data by sequired socket layer(ssl) protocol.Layer Five:The session layer defines how two computers are establish synchronize, it create the session, Manage the session, connect &disconnect the session.Layer four:The Transport layer is responsible for transportation issue of data, it is also use to divide a message that is too long into smaller Segments. In this layer operate TCP and UDP Protocol. This protocol are Unique identifier protocol. It also control flow of data.Layer Three:The network layer is responsible for logical addressing .This layer provides the routing technologies, creating a forwarding table on a logical path between the source and destination. Routing and forwarding are functions of the network layer. Network layer protocols include IP, IPX, Apple Talk.Layer two:Data link layer provides for physical or hardware addresses i.e. MAC address. At the data link layer, data packets are placed into frames for subsequent transmission across the transmission protocol knowledge and management and handles Physical layer and reassembling them into the original data link layer frame. Layer One:The first or bottom most layer of the OSI Model is the Physical
layer. Physical layer control the function of Interface –
1.The type of NIC card.2. The type of UTP, Fiber optics cable used for connecting device.3. Connectors RJ-45,DB-9,DB-25 are used for each end of the device.4. The Pin-Outs Straight, Cross, Rollover etc are used for each of the connections on the cable.
TCP/IP MODEL:TCP/IP is based on a four-layer reference model. All protocols that belong to the TCP/IP protocol suite are located in the top three layers of this model.
Each layer of the TCP/IP model corresponds to one or more layers of the seven-layer Open Systems Interconnection (OSI) reference model proposed by the International Standards Organization (ISO).
IP ADDRESSING
Internet Protocol addressing is known as Logical addressing.
IPV4- Is a 32 bit ip address version 4. i.e. 32bit Special format of IPV4 is dotted decimal.Address are three type 1) Unicast 2) Multicast 3) Broadcast.1.Unicast- Unicast means one to one communication.2.Multicast- Group of computer is domain and multicast is used for domain.3.Broadcast- Broad cast is used for all.
IP address are different classes:-
1) Class A
2) Class B
3) Class C
4) Class D
5) Class EWe use class A,B,C.Class D is used for Multicast.Class E is used for Research Work.The range of Classes of First octet are :-
Class A- 1-126Class B- 128-191Class C- 192-223Class D- 224-239
Class E- 240-255
Here 127.0.0.1 is the preserved address for checking TCP/IP protocol stack.
In all classes the network bit and host bit are as follows:
Network address- When all host bit are zero then this address is called network address.
Host address- When host bit are zero & one then this address is called host address.
Broadcast address- when all host bit are one then this address is called broadcast address.
Subnet mask- How many 1bit are Present in the network portion is called subnet mask.
Sub netting:
Host bits must are reassigned(or “borrowed”) as network bits.
The starting point is always the leftmost host bit.
Reasons for sub netting:
Provides addressing flexibility for the network administrator.
Each LAN must have its own network or sub network address.
Provides broadcast containment and low level security on the LAN.
Provides some security since access to other subnets is only available through the services of a router.
VLSM- Variable Length Subnet Masking (VLSM) allows the use of different masks for each subnet. After a network address is sub netted, those subnets can be further sub netted. As you most likely recall, VLSM is simply sub netting a subnet. VLSM can be thought of as sub-sub netting.
Introduction of Router
Internal component of router:-
1. NVRAM
2. FLASH
3. ROM
4. INTERFACE
5. RAM
6. BUSES – a) SYSTEM BUS b) CPU BUS.
RAM- RAM store the routing table, Hold ARP Cache, Provide temporary memory for the configuration file.It is a volatile memory ie. When router is power down or Restarted then all contain of RAM are losses. RAM config file is running-config.
NVRAM- Provide storage for the startup configuration file. Retain the contain when router is power down on reset. Its file name is Startup-config.
FLASH-Hold the operating system image(IOS). Internetwork operating system allow software to be updated without removing and replacing chips on the Processor. It can store multiple version of IOS software. It is a type of EEPROM(Electrical Erasable Programmable Read only memory).
ROM-Maintain instruction for power on self test(POST). Store boot strap program and basic operating system software.
BOOT ROM-It is a permanent storage and storing startup diagnostics code. Main task are hardware diagnostics during router boot up and loading Cisco IOS software from flash to RAM. Some router also have scaled down version of IOS that can be used as an alternative boot source.It is not erasable but upgrade by replacing the Rom chip in the socket.
INTERFACE- Connect the router to network for frame entry and exit. It can be on the motherboard or on a separate module. This interface are two type a) Ethernet Interface b) Serial
Interface.
BUSES- Most router contains a) System bus b) CPU bus.
SYSTEM BUS-System bus used for communication between the CPU and the interface or expansion slot. This buses transfer the packet to and from the interface.
CPU BUS- CPU bus is used for accessing the component from router storage. CPU bus transfer instruction and data to or from the specified memory address.
Router Connector Details
1. Ethernet Port
2. Serial port
3. Console port
4. Auxiliary console port
Ethernet port- For system i.e. Host connection.
Serial port-For router to router connection serial port are used.
Console port-By Rollover Cable we can connect the router console port to PC through COM port.
Auxiliary port- Remote configuration port.
STEPS OF ROUTER BOOTING:
1.Power on self test.
2.Bootstrap loader from ROM.
3.Locate &Load the IOS in RAM i.e. Decompressed.
4. Search the configuration file & load it.
Routing and Routed Protocols: ROUTING PROTOCOLS are the software that allow routers to dynamically advertise and learn routes, determine which routes are available and which are the most efficient routes to a destination. Routing protocols used by the Internet Protocol suite include:
->Routing Information Protocol (RIP and RIP II)->Open Shortest Path First (OSPF)->Intermediate System to Intermediate System (IS-IS)->Interior Gateway Routing Protocol (IGRP)->Enhanced Interior Gateway Routing Protocol (EIGRP)->Border Gateway Protocol (BGP)
Routing is the process of moving data from one network to another network. Within a network, all hosts are directly accessible and do not need to pass data through a default gateway. All hosts on the same network are directly connected and can communicate directly with each other.
ROUTED PROTOCOLS-ROUTED PROTOCOLS are nothing more than data being transported across the networks. Routed protocols include:Internet Protocol Novell IPXAppleTalkOutside a network, specialized devices called ROUTERS are used to perform the routing process of forwarding packets between networks.
Routes of router are two type1) Static 2) Dynamic.
Static Routes - A static route is a route that is created manually by a network administrator.
Default Routes- A default route, also known as the gateway of last resort, is the network route used by a router when no other known route exists .
Configuration of Static Routes:-RT1(config)# ip route <unknown destination network><destination mask><next hop router interface address>/ <own out bound interface name><administrative distance> where AD-0 for exit interface. And AD=1 for next hop.
Configuration of Default Route:-RT1(config)# ip route 0.0.0.0 0.0.0.0 <next hop address>which is found from interface configuration.
Dynamic Routes- How routers can discover this information automatically and share that information with other routers via dynamic routing protocols.
Dynamic routing -performs the same function as static routing except it is more robust. Static routing allows routing tables in specific routers to be set up in a static manner so network routes for packets are set. If a router on the route goes down the destination may become unreachable.
Dynamic routing allows routing tables in routers to change as the possible routes change. There are several protocols used to support dynamic routing including RIP and OSPF.
Regular routing updates are sent every 30 seconds with all or part
of the route table. As each router sends routing tables (advertises routes to networks its NICs interface to) routes are determined to each network.
Drawbacks of RIP:RIP has no knowledge of subnet mask. It takes a long time to stabilize after a router or link failure. Uses more broadcasting
RIP Version 2:Defined by RFC 1388. It passes further information in some of the fields that are set to 0 for the RIP protocol. These additional fields include a 32 bit subnet mask and a next hop IP address,
There are two classifications of protocols:
IGP - Interior Gateway Protocol. The name used to describe the fact that each system on the internet can choose its own routing protocol. RIP and OSPF are interior gateway protocols.
EGP - Exterior Gateway Protocol. Used between routers of different systems. There are two of these, the first having the same name as this protocol description:
EGP - Exterior Gateway Protocol.
BGP - Border Gateway Protocol.
Routing cost:Counting route cost is based on one of the following calculations: Hop count - How many routers the message must go through to reach the recipient.
Commands for router configuration:-
Router> enable
Router # Privilege executive mode allows the administrator to modify the router configuration. Router# configuration terminalRouter (config)# is a global configuration mode
Configuring Hostname:-Router(config)# Hostname RT
Configuring router Passwords:-For Console port configuration-RT(config)# line console 0RT(config-line)# Password *****RT(config-line)# loginRT(config-line)# exitRT(config)# enable password ******
Virtual terminal Emulation for Remote access:RT(config)# line VTY 0 4RT(config-line)# Password ********RT(config-line)# loginRT(config-line)# exit
Command for enable secret password:RT(config)# enable Secret ******RT(config) exitHere enable Secret Password has Priority value high so enable password value is invalid.
Command for encrypting password:RT(config)# Service Password-encryptionRT(config)# exitService Password encryption is week encryption and enable
secret password encryption is Md-5 mode encryption.
To copy NVRAM from RAM:RT# copy running-config Startup-config.
Erase Startup-config(NVRAM):RT# Erase startup-config
To Copy NVRAM to RAM:RT# copy Startup-config running-config.
Interface Configuration:-
Serial Interface:RT# configure terminalRT(config)# RT(config)# Interface s slot/port (s0/0)RT(config-if)# RT(config-if)# ip address 192.168.1.1 255.255.255.0RT(config-if)# Bandwidth 56 i.e. In kbps.RT(config-if)# clock rate 56000 i.e. In bps.RT(config-if)# No Shutdown
Fast Ethernet Interface configuration:RT(config)# RT(config)# Interface Fa0/0RT(config-if)#RT(config-if)# ip address 192.168.2.1 255.255.255.0RT(config-if)# No shutdown.
Accessing the remote router by telnet command:
Create a host table in all router. RT1(config)# ip host RT2 192.168.10.2 RT1(config)# ip host RT2 192.168.20.1RT1(config)# ip host RT3 192.168.20.2RT1# RT2RT2# RT3RT3# Telnet RT2 or From RT3 press CTRL+shift+f+6 then release all key then press xit go to RT1.
Configuration of RIPv1&RIPv2:-In RIPV1:RT1(config)# Router ripRT1(config-router)# Network < Directly connected Network address>In RIPV2:RT1(config)# Router rip RT1(config)#version 2RT1(config-router)# Network <Directly connected Network address>
Introduction of ACL:
ACL is the short form for Access Control List .It is a listing containing one or more ACE that tells a computer operating system or other network device what rights a users has to each item on a computer or network device. For example an ACL may specify if a user or the group the user belongs to has access to a file or folder on that computer or network.ACL filter IP packets based on:
Source address
Destination address Type of packet Any combination of these items
In order to filter network traffic, ACLs control whether routed packets are forwarded or blocked at the router interface.ACL criteria include:
Source address of the traffic Destination address of the traffic Upper-layer protocol
These are examples of IP ACLs that can be configured in Cisco IOS Software:
Standard ACLs Extended ACLs Dynamic (lock and key) ACLs IP-named ACLs Reflexive ACLs Time-based ACLs that use time ranges Commented IP ACL entries Context-based ACLs Authentication proxy Turbo ACLs Distributed time-based ACLs
But most commonly used ACLs are Standard ACLS and Extended ACLS.
Standard ACLs control traffic by comparing the source address of the IP packets to the address configured in the ACL.
The command syntax format of a standard ACL is access-list access-list-number {permit|deny} {host|source source-wildcard|any}.
Extended ACLs control traffic by comparing the source and destination addresses of the IP packets to the addresses configured in the ACL. You can also make extended ACLs more granular and configured to filter traffic by criteria such as:
Protocol Port numbers Differentiated services code point (DSCP) value Precedence value State of the synchronize sequence number (SYN) bit
The command syntax format of a extended ACL is:
IPaccess-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence] [tos tos] [log | log-input] [time-range time-range-name][fragments]
Internet Control Message Protocol (ICMP)access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit}
icmp source source-wildcard destination destination-wildcard [icmp-type
[icmp-code] | [icmp-message]] [precedenceprecedence] [tos tos] [log |
log-input] [time-range time-range-name][fragments]
Transport Control Protocol (TCP)access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} tcp
source source-wildcard [operator [port]] destination destination-wildcard
[operator [port]] [established] [precedence precedence] [tos tos] [log |
log-input] [time-range time-range-name][fragments]
User Datagram Protocol (UDP)access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} udp
source source-wildcard [operator [port]] destination destination-wildcard
[operator [port]] [precedence precedence] [tos tos] [log | log-input]
[time-range time-range-name][fragments]
Project Description
We have taken four Cisco 2620 routers named as Kolkata, Delhi, Chennai & Banglore starting from left to right.
No of PCs in each router is –
9 PCs for Kolkata
4 Servers for Delhi
5 PCs for Chennai
& 17 PCs for Banglore
The given IP address is 192.168.10.0/24
Calculation of IP address for sub netting:-
No of host in Banglore router are 17.So we need 5 bits for host address.
Usable host address for Banglore are
192.168.10.000|00000
192.168.10.000|00001
192.168.10.000|00010
……………………………………
…………………………………….
…………………………………….
192.168.10.000|11101
192.168.10.000|11110
192.168.10.000|11111
So subnet mask will be 255.255.255.224
Network address will be 192.168.10.0/27
Broadcast address will be 192.168.10.31/27
No of host in Kolkata router are 9.So we need 4 bits for host address.
Usable host address for kolkata are
192.168.10.0010|0000
…….……….
192.168.10.0010|1111
So subnet mask will be 255.255.255.32
Network address will be 192.168.10.32/28
Broadcast address will be 192.168.10.47/28
No of host in Delhi router are 4.So we need 3 bits for host address.
Usable host address for Delhi are
192.168.10.00110|000
…….……….
192.168.10.00110|111
So subnet mask will be 255.255.255.48
Network address will be 192.168.10.48/29
Broadcast address will be 192.168.10.55/29
No of host in Chennai router are 5.So we need 3 bits for host address.
Usable host address for Chennai are
192.168.10.00111|000
…….……….
192.168.10.00111|111
So subnet mask will be 255.255.255.56
Network address will be 192.168.10.56/29
Broadcast address will be 192.168.10.63/29
For serial connection between Kolkata & Delhi, the addresses will be
192.168.10.010000|00
…..
192.168.10.010000|11
So the usable addresses will be 192.168.10.65/30 &
192.168.10.66/30
For serial connection between Delhi & Chennai, the addresses will be
192.168.10.010001|00
…..
192.168.10.010001|11
So the usable addresses will be 192.168.10.69/30 &
192.168.10.70/30
For serial connection between Chennai & Banglore, the addresses will be
192.168.10.010010|00
….………..
192.168.10.010010|11
So the usable addresses will be 192.168.10.73/30 &
192.168.10.74/30
Configuring ACL:
1.192.168.10.32 network can access Ip services of all servers(192.168.10.48) , but only web service of 192.168.10.53
2.192.168.10.56 network can access web service of all servers,but Ip services of 192.168.10.52 server.
3.192.168.10.0 network can access Ip services 192.168.10.51 & 192.168.10.50
4.192.168.10.2 to 192.168.10.10 pc can access web service of 192.168.10.50 server &192.168.10.11 to 192.168.10.18 pc can access web service of 192.168.10.51 server.
PROJECT SCENARIO
The following devices are taken in this Router Configuration:
1.Four 2620 Cisco Routers.
2 Six Switches.
3.9 PCs for Kolkata, 4 servers for Delhi ,5 PCs for Chennai and 17 PCs for Banglore.
We have used serial cable for connection between Routers, straight cable for connection Router-Switch and Switch-PC and Switch-Server, and cross cable for Switch-Switch connection. Every PC and Router has been given unique IP address. During the Router configuration we have given unique host name, console password, enable secret password and VTY password
for each Router. Every Router is connected with their neighbor Router through the serial interface(s0/0 or s0/1) using IP address, subnet mask, bandwidth(128 kbps) and clock rate(128000).
Description of Connection for Every Router:
Kolkata Router :Network Address:192.168.10.32/28Broadcast Address:192.168.10.47Fast Ethernet:192.168.10.33/28(Fa0/0)Connections: Kolkata →Switch(Kolkata)→PCs(5) ↓ Switch(level I)→PCs (4)Serial Interface:192.168.10.65/30 (Se0/0)
Delhi Router :Network Address:192.168.10.48/29Broadcast Address:192.168.10.55Fast Ethernet:192.168.10.49/29(Fa0/0)Connections: Delhi →Switch(Delhi)→Servers(4)Serial Interface:192.168.10.66/30 (Se0/0) 192.168.10.69/30(Se0/1)
Chennai Router :Network Address:192.168.10.56/29Broadcast Address:192.168.10.63Fast Ethernet:192.168.10.57/29(Fa0/0)Connections: Chennai →Switch(Chennai)→PCs(5)Serial Interface:192.168.10.70/30 (Se0/0) 192.168.10.73/30(Se0/1)
Banglore Router :Network Address:192.168.10.0/27Broadcast Address:192.168.10.31Fast Ethernet:192.168.10.1/27(Fa0/0)Connections: Banglore →Switch(Banglore)→PCs(8) ↓ Switch(level I)→PCs (9)Serial Interface:192.168.10.73/30 (Se0/0)
Now for packet transfer we need to create route between Routers, otherwise packet transfer will not be occurred from one device to another device of different Router. Routes are two types as we have mentioned before. Here we have used Dynamic route with the help of RIP2.After introducing Dynamic route in this configuration now packet transfer is possible between any device.
Creation of Dynamic Route:
Here we created two Dynamic route for Kolkata i.e. 192.168.10.32 and 192.168.10.64 directly connected networks through fa0/0 & se0/1 interfaces.
Here we created three Dynamic route for Delhi i.e. 192.168.10.48, 192.168.10.64 and 192.168.10.68 connected networks through fa0/0, se0/0 & se0/1 interfaces respectively.
Here we created three Dynamic route for Chennai i.e. 192.168.10.56, 192.168.10.68 and 192.168.10.72 directly connected networks through fa0/0, se0/0 & se0/1 interfaces respectively.
Here we created two Dynamic route for Kolkata i.e. 192.168.10.0 and 192.168.10.72 directly connected networks through fa0/0 & se0/1 interfaces.
Commands for configuring Kolkata router:
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname kolkata
kolkata(config)#line console 0
kolkata(config-line)#password cit1
kolkata(config-line)#login
kolkata(config-line)#exit
kolkata(config)#enable password cit1
kolkata(config)#enable secret kolkata
kolkata(config)#line vty 0 4
kolkata(config-line)#password cit1
kolkata(config-line)#login
kolkata(config-line)#exit
kolkata(config)#service password-encryption
kolkata(config)#interface fa0/0
kolkata(config-if)#ip address 192.168.10.33 255.255.255.240
kolkata(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
kolkata(config-if)#exit
kolkata(config)#interface s0/0
kolkata(config-if)#ip address 192.168.10.65 255.255.255.252
kolkata(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0, changed state to down
kolkata(config-if)#bandwidth 128
kolkata(config-if)#clock rate 128000
kolkata(config-if)#exit
kolkata(config)#exit
kolkata#
%SYS-5-CONFIG_I: Configured from console by console
kolkata#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
Configuring Dynamic route (rip v2) :
User Access Verification
Password:
kolkata>enable
Password:
kolkata#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
kolkata(config)#router rip
kolkata(config-router)#version 2
kolkata(config-router)#network 192.168.10.32
kolkata(config-router)#network 192.168.10.64
kolkata(config-router)#exit
kolkata(config)#exit
Configuring ACL:
kolkata#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
kolkata(config)#access-list 100 deny tcp 192.168.10.32 0.0.0.15 host 192.168.10.50 eq 80
kolkata(config)#access-list 100 deny tcp 192.168.10.32 0.0.0.15 host 192.168.10.51 eq 80
kolkata(config)#access-list 100 deny tcp 192.168.10.32 0.0.0.15 host 192.168.10.52 eq 80
kolkata(config)#access-list 100 permit ip any any
kolkata(config)#interface fa0/0
kolkata(config-if)#ip access-group 100 in
kolkata(config-if)#exit
kolkata(config)#exit
Commands for configuring Delhi router:
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname delhi
delhi(config)#line console 0
delhi(config-line)#password cit2
delhi(config-line)#login
delhi(config-line)#exit
delhi(config)#enable password cit2
delhi(config)#enable secret delhi
delhi(config)#line vty 0 4
delhi(config-line)#password cit2
delhi(config-line)#login
delhi(config-line)#exit
delhi(config)#service password-encryption
delhi(config)#interface fa0/0
delhi(config-if)#ip address 192.168.10.49 255.255.255.248
delhi(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
delhi(config-if)#exit
delhi(config)#interface s0/0
delhi(config-if)#ip address 192.168.10.66 255.255.255.252
delhi(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0, changed state to up
delhi(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
delhi(config-if)#bandwidth 128
delhi(config-if)#clock rate 128000
delhi(config-if)#exit
delhi(config)#interface s0/1
delhi(config-if)#ip address 192.168.10.69 255.255.255.252
delhi(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/1, changed state to down
delhi(config-if)#bandwidth 128
delhi(config-if)#clock rate 128000
delhi(config-if)#exit
delhi(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
delhi#exit
Configuring Dynamic route(rip v2):
User Access Verification
Password:
delhi>enable
Password:
delhi#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
delhi(config)#router rip
delhi(config-router)#version 2
delhi(config-router)#network 192.168.10.48
delhi(config-router)#network 192.168.10.64
delhi(config-router)#network 192.168.10.68
delhi(config-router)#exit
delhi(config)#exit
Commands for configuring Chennai router:
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname chennai
chennai(config)#line console 0
chennai(config-line)#password cit3
chennai(config-line)#login
chennai(config-line)#exit
chennai(config)#enable password cit3
chennai(config)#enable secret chennai
chennai(config)#line vty 0 4
chennai(config-line)#password cit3
chennai(config-line)#login
chennai(config-line)#exit
chennai(config)#service password-encryption
chennai(config)#interface fa0/0
chennai(config-if)#ip address 192.168.10.57 255.255.255.248
chennai(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
chennai(config-if)#exit
chennai(config)#interface s0/0
chennai(config-if)#ip address 192.168.10.70 255.255.255.252
chennai(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0, changed state to up
chennai(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
chennai(config-if)#bandwidth 128
chennai(config-if)#clock rate 128000
chennai(config-if)#exit
chennai(config)#interface s0/1
chennai(config-if)#ip address 192.168.10.73 255.255.255.252
chennai(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/1, changed state to down
chennai(config-if)#bandwidth 128
chennai(config-if)#clock rate 128000
chennai(config-if)#exit
chennai(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
chennai#exit
Configuring Dynamic route(rip v2):
User Access Verification
Password:
delhi>enable
Password:
delhi#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
delhi(config)#router rip
delhi(config-router)#version 2
delhi(config-router)#network 192.168.10.56
delhi(config-router)#network 192.168.10.68
delhi(config-router)#network 192.168.10.72
delhi(config-router)#exit
delhi(config)#exit
Configuring ACL:
kolkata#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
chennai(config)#access-list 100 permit tcp 192.168.10.56 0.0.0.7 host 192.168.10.50 eq 80
chennai(config)#access-list 100 permit tcp 192.168.10.56 0.0.0.7
host 192.168.10.51 eq 80
chennai(config)#access-list 100 permit tcp 192.168.10.56 0.0.0.7 host 192.168.10.53 eq 80
chennai(config)#access-list 100 permit ip 192.168.10.56 0.0.0.7 192.168.10.32 0.0.0.15
chennai(config)#access-list 100 permit ip 192.168.10.56 0.0.0.7 192.168.10.0 0.0.0.31
chennai(config)#access-list 100 permit ip 192.168.10.56 0.0.0.7 host 192.168.10.52
chennai(config)#access-list 100 deny ip any any
chennai(config)#interface fa0/0
chennai(config-if)#ip access-group 100 in
chennai(config-if)#exit
chennai(config)#exit
Commands for configuring Banglore router:
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname banglore
banglore(config)#line console 0
banglore(config-line)#password cit4
banglore(config-line)#login
banglore(config-line)#exit
banglore(config)#enable password cit4
banglore(config)#enable secret banglore
banglore(config)#line vty 0 4
banglore(config-line)#password cit4
banglore(config-line)#login
banglore(config-line)#exit
banglore(config)#service password-encryption
banglore(config)#interface fa0/0
banglore(config-if)#ip address 192.168.10.1 255.255.255.224
banglore(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
banglore(config-if)#exit
banglore(config)#interface s0/0
banglore(config-if)#ip address 192.168.10.74 255.255.255.252
banglore(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0, changed state to up
banglore(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
banglore(config-if)#bandwidth 128
banglore(config-if)#clock rate 128000
banglore(config-if)#exit
banglore(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
banglore#exit
Configuring Dynamic route(rip v2):
User Access Verification
Password:
kolkata>enable
Password:
kolkata#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
kolkata(config)#router rip
kolkata(config-router)#version 2
kolkata(config-router)#network 192.168.10.0
kolkata(config-router)#network 192.168.10.72
kolkata(config-router)#exit
kolkata(config)#exit
Configuring ACL:
kolkata#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
chennai(config)#access-list 100 permit ip 192.168.10.0 0.0.0.31 host 192.168.10.52
chennai(config)#access-list 100 permit ip 192.168.10.0 0.0.0.31 host 192.168.10.53
chennai(config)#access-list 100 deny tcp 192.168.10.2 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.3 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.4 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.5 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.6 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.7 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.8 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.9 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.10 0.0.0.31 host 192.168.10.51 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.11 0.0.0.31 host 192.168.10.50 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.12 0.0.0.31 host 192.168.10.50 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.13 0.0.0.31 host 192.168.10.50 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.14 0.0.0.31 host 192.168.10.50 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.15 0.0.0.31 host 192.168.10.50 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.16 0.0.0.31 host 192.168.10.50 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.17 0.0.0.31 host 192.168.10.50 eq 80
chennai(config)#access-list 100 deny tcp 192.168.10.18 0.0.0.31 host 192.168.10.50 eq 80
chennai(config)#access-list 100 permit ip any any
chennai(config)#interface fa0/0
chennai(config-if)#ip access-group 100 in
chennai(config-if)#exit
chennai(config)#exit
Conclusion:
Router generally used for connecting networks for exchanging of packets between them. Routers can be used to implement network security and supports various other function .In this project we have implemented for small group of computers using VLSM and allocated different routers and switch. This particular project can be used to implement a larger network. We have shown subnetting of Ip’s ,configuration of the router.we have configured dynamic route using (rip v2) also configured the ACL.
This project has helped us to learn various technical aspects of networks and its configurations, which we think will help us greatly in years to come.We are thankful to everyone who has helped us in preparing our project.