820 likes | 847 Views
Implementing IP Addressing Services. Accessing the WAN – Chapter 7. Objectives. Configure DHCP in an enterprise branch network Configure NAT on a Cisco router Configure new generation RIP (RIPng) to use IPv6. Configure DHCP in an Enterprise Branch Network.
E N D
Implementing IP Addressing Services Accessing the WAN– Chapter 7
Objectives • Configure DHCP in an enterprise branch network • Configure NAT on a Cisco router • Configure new generation RIP (RIPng) to use IPv6
Configure DHCP in an Enterprise Branch Network • Describe the function of DHCP in a network
Configure DHCP in an Enterprise Branch Network • Describe how DHCP dynamically assigns an IP address to a client
DHCP Discover Source IP 0.0.0.0
DHCP Offer UPD Port 68 = BootP Server
DHCP Request • After the client receives a DHCPOFFER, it responds with a DHCPREQUEST message, indicating its intent to accept the parameters in the DHCPOFFER, and moves into the Requesting state. • The client chooses one DHCPOFFER and responds to that DHCP server only, implicitly declining all other DHCPOFFER messages. • The client identifies the selected server by populating the Server Identifier option field with the DHCP server's IP address. • The DHCPREQUEST is also a broadcast, so all DHCP servers that sent a DHCPOFFER will see the DHCPREQUEST, and each will know whether its DHCPOFFER was accepted or declined. • Even though the client has been offered an IP address, it will send the DHCPREQUEST message with a source IP address of 0.0.0.0. At this time, the client has not yet received verification that it is clear to use the IP address.
DHCPACK • The DHCPACK message has a source IP address of the DHCP server, and the destination address is once again a broadcast and contains all the parameters that the client requested in the DHCPREQUEST message. • When the client receives the DHCPACK, it enters into the Bound state, and is now free to use the IP address to communicate on the network. • DHCP server stores the lease in its database and uniquely identifies it using the client identifier or chaddr, and the associated IP address. • Both the client and server will use this combination of identifiers to refer to the lease. The client identifier is the Mac address of the device plus the media type. • Before the DHCP client begins using the new address, the DHCP client must calculate the time parameters associated with a leased address, which are Lease Time (LT), Renewal Time (T1), and Rebind Time (T2). The typical default LT is 72 hours.
Configure DHCP Step 1 • Define a range of addresses that are not to be allocated. • These are usually static addresses reserved for the router interface, switch management IP address, servers, and local network printers.
Configure DHCP in an Enterprise Branch Network • Describe how to configure a Cisco router as a DHCP client
Configure DHCP in an Enterprise Branch Network • Describe how to troubleshoot a DHCP configuration
Troubleshooting Address Conflict R2# show ipdhcp conflict IP address Detection Method Detection time 192.168.1.32 Ping Feb 16 2007 12:28 PM 192.168.1.64 Gratuitous ARP Feb 23 2007 08:12 AM The show ipdhcp conflict command displays all address conflicts recorded by the DHCP server. The server uses the ping command to detect conflicts. The client uses Address Resolution Protocol (ARP) to detect clients. If an address conflict is detected, the address is removed from the pool and not assigned until an administrator resolves the conflict.
Configure NAT on a Cisco Router • Describe the operation and benefits of using private and public IP addressing
What is NAT? • NAT translates non-routable, private, internal addresses into routable, public addresses. • NAT has an added benefit of adding a degree of privacy and security to a network because it hides internal IP addresses from outside networks. • A NAT-enabled device typically operates at the border of a stub network. • A stub network is a network that has a single connection to its neighbor network.
NAT Terminology Explained • Inside local address - Usually not an IP address assigned by a service provider and is most likely an RFC 1918 private address. In the figure (previous slide), the IP address 192.168.10.10 is assigned to the host PC1 on the inside network. • Inside global address - Valid public address that the inside host is given when it exits the NAT router. When traffic from PC1 is destined for the web server at 209.165.201.1, router R2 must translate the address. In this case, IP address 209.165.200.226 is used as the inside global address for PC1. • Outside global address - Reachable IP address assigned to a host on the Internet. For example, the web server is reachable at IP address 209.165.201.1. • Outside local Address: An address of an external device as it is referred to by devices on the local network. In some situations, this may be identical to the outside globaladdress of that outside device.
Configure NAT on a Cisco Router • Explain the advantages and disadvantages of NAT
NAT Types • Dynamic NAT uses a pool of public addresses and assigns them on a first-come, first-served basis. When a host with a private IP address requests access to the Internet, dynamic NAT chooses an IP address from the pool that is not already in use by another host. This is the mapping described so far. • Static NAT uses a one-to-one mapping of local and global addresses, and these mappings remain constant. Static NAT is particularly useful for web servers or hosts that must have a consistent address that is accessible from the Internet. These internal hosts may be enterprise servers or networking devices.
Configure NAT on a Cisco Router • Describe how to configure static NAT to conserve IP address space in a network
Configure NAT on a Cisco Router • Describe how to configure dynamic NAT to conserve IP address space in a network
Port Forwarding • Port forwarding (sometimes referred to as tunneling) is the act of forwarding a network port from one network node to another. • This technique can allow an external user to reach a port on a private IP address (inside a LAN) from the outside through a NAT-enabled router. • Port forwarding allows users on the Internet to access internal servers by using the WAN port address and the matched external port number. • When users send these types of requests to your WAN port IP address via the Internet, the router forwards those requests to the appropriate servers on your LAN. • For security reasons, broadband routers do not by default permit any external network request to be forwarded to an inside host.
Configure NAT on a Cisco Router • Describe how to configure port forwarding
Configure NAT on a Cisco Router • Describe how to verify and troubleshoot NAT and NAT overload configurations
Configure New Generation RIP (RIPng) to use IPv6 • Explain the need for IPv6 to provide a long-term solution to the depletion problem of IP address