Tag - Router Config

What is Frame Relay

Frame Relay is a WAN technology, it is used for communication. Frame relay is an industry standard, shared across, best effort, switch Data Link layer encapsulation that services multiple virtual circuits and protocols between connected mechanisms.

frame-relay-cloud

Frame Relay Terminologies:

1. Local-Access-Rate: 

Form 64- 2MB. It is a required bandwidth

2. Virtual Circuit

It is used for connection to a station

Types of VC:

  • PVC (Permanent Virtual Circuit)

           It is a dedicated line, which is used permanently

  • SVC (Switch Virtual Circuit)

           It is used when data is flowing.

3. Committed information Rate:

      Frame relay works by providing a portion of dedicated bandwidth to each user, and it also allows the user to exceed their guaranteed bandwidth if resources on the Telco network happen to be available. Frame Relay providers allow customers to buy a lower amount of bandwidth than what they really use.

 4. Data Link Connection Identifier:

It is a value which is used in virtual circuit.

5. Local Management Interface:

It is used to establish connection between Frame Relay switch and client router.

 Configuration of a Router in a Frame Relay environment:

  • Router(config)# int so
  • Router(config_if)# ip address 1.1.1.1 255.0.0.0
  • Router(cofnig_if)# encapsulation frame-relay
  • Router(config_if)# frame-relay lmi-type ansi
  • Router(config_if)# no shut
  • Router(config_if)# exit

Network Address Translation

Network Address Translation is used translate the private IP into Public IP. It is do mapping.

Types of NAT:

  1. Static NAT
  2. Dynamic NAT
  3. Overloading

1. Static Network Address Translation

It translate the one private IP into one Public IP, it also called 1-1 mapping

i.e. 192.168.10.1— 200.100.100.1

For Example:

LAN IP scheme is 192.168.10.0, and want to do nat for only one Private IP (192.168.10.1) to the one public IP 200.100.100.1

Public IP is 200.100.100.1

So Static NAT will be as

Static Network Address Translation

  • Router# conf terminal
  • Router(config)# int e0
  • Router(config_if)# ip add 192.168.10.10 255.255.255.0
  • Router(config_if)# no shut
  • Router(config_if)# exit
  • Router(config)# int s0
  • Router(config_if)# ip add 1.1.1.1 255.255.255.0
  • Router(config_if)# no shut
  • Router(config_if)# clock rate 6400
  • Router(config_if)# router rip

If we want to configure on RIP v2 so do as

  • Router(config_router)# version v2
  • Router(config_router)# network 192.168.10.10
  • Router(config_router)# network 1.0.0.0
  • Router(config_router)# exit
  • Router(config)# ip nat inside source static 192.168.10.1 200.100.100.1
  • Router(config)# int e0
  • Router(config_if)# ip nat inside
  • Router(config_if)# exit
  • Router(config_if)# int s0
  • Router(config_if)# ip nat outside
  • Router(config_if)# exit
  • Router(config)# exit
  • Router#

2. Dynamic Network Address Translation:

Dynamic NAT is used to translate the number of Private IP into the number of Public ip (ip pool)

For Example:

LAN IP scheme is: 192.168.10.0

Public Ip pool is: 200.100.100.1 200.100.100.10

Serial 0 ip is: 1.1.1.1

So the configuration will be as:

 Dynamic-Network-Address-Translation

 

  • Router# conf terminal
  • Router(config)# int e0
  • Router(config_if)# ip add 192.168.10.10 255.255.255.0
  • Router(config_if)# no shut
  • Router(config_if)# exit
  • Router(config)# int s0
  • Router(config_if)# ip add 1.1.1.1 255.255.255.0
  • Router(config_if)# no shut
  • Router(config_if)# clock rate 6400
  • Router(config_if)# router rip

If we want to configure on RIP v2 so do as

  • Router(config_router)# version v2
  • Router(config_router)# network 192.168.10.10
  • Router(config_router)# network 1.0.0.0
  • Router(config_router)# exit
  • Router(config)# ip nat pool mypool 1.1.10 1.1.1.20 netmask 255.0.0.0
  • Router(config)# ip nat inside source list 100 pool mypool
  • Router(config)# access-list 100 permit IP 192.168.10.0 0.0.0.255 any
  • Router(config)# int e0
  • Router(config_if)# ip nat inside
  • Router(config_if)# exit
  • Router(config)# int s0
  • Router(config)# ip nat outside
  • Router(config)#exit

3. Overload or Port Address Translation:

PAT or Overload NAT is used to do mapping to only one public IP for all the LAN IP.

For Example:

LAN IP scheme is: 192.168.10.0

Pubic IP is: 1.1.1.1 which is our S0

Overload or Port Address Translation

 

  • Router# conf terminal
  • Router(config)# int e0
  • Router(config_if)# ip add 192.168.10.10 255.255.255.0
  • Router(config_if)# no shut
  • Router(config_if)# exit
  • Router(config)# int s0
  • Router(config_if)# ip add 1.1.1.1 255.255.255.0
  • Router(config_if)# no shut
  • Router(config_if)# clock rate 6400
  • Router(config_if)# router rip

             If we want to configure on RIP v2 so do as

  • Router(config_router)# version v2
  • Router(config_router)# network 192.168.10.10
  • Router(config_router)# network 1.0.0.0
  • Router(config_router)# exit
  • Router(config)# ip nat inside source list 100 int so overload
  • Router(config)# access-list 100 permit ip 192.168.10.0 0.0.0.255 any
  • Router(config)# int e0
  • Router(config_if)# ip nat inside
  • Router(config_if)# exit
  • Router(config)# int s0
  • Router(config)# ip nat outside
  • Router(config)#exit

We can do overload in dynamic method as:

  • Router(config)# router rip
  • Router(config_router)# version v2
  • Router(config_router)# network 192.168.10.10
  • Router(config_router)# network 1.0.0.0
  • Router(config_router)# exit
  • Router(config)# ip nat pool mypool 1.1.1.1 1.1.1.1 netmask 255.0.0.0
  • Router(config)# ip nat inside source list 100 pool mypool overload
  • Router(config)# access-list 100 permit ip 192.168.10.0 0.0.0.255 any
  • Router(config)# int e0
  • Router(config_if)# ip nat inside
  • Router(config_if)# exit
  • Router(config)# int s0
  • Router(config)# ip nat outside
  • Router(config)#exit

 IOS (internetwork Operating System) Loading (Recovery and Backup) of Router:

Requirements:

  1. TFTP server (solar-wind TFTP server)
  2. A system connected with LAN for the purpose of TFTP software installation as

TFTP— Open it—File Configure

Select the 3rd option i.e. (Terminal and Replace…). It will make in a directory with name C:TFTP root in C: drive in that LAN system. Copy the IOS image file and paste in C:TFTP server directory. Now go to router and do the following configuration

  • Router# copy tftp flash
  • Router# ……… []? 10.0.0.10 (the TFTP server ip address)
  • Router#…………. []? Mc381-ismg.1207f (file name of IOS in backup)
  • Router#…………. []? Press Y. (confirmation message)
  • Router# reload

To take Backup of IOS to a system:

  • Router# copy flash tftp
  • Router# ……… []? 10.0.0.10 (the TFTP server ip address)
  • Router#…………. []? Mc381-ismg.1207f (file name of IOS in backup)
  • Router#…………. []? Press Y. (confirmation message)
  • Router#

Extended Access Control List

Extended ACL is implemented on the bases of source, Destination and Application. The application are telnet, ICMP, HTTP, SMTP etc it also work on port no of that application. As Remember that the router 1 ip scheme is 200.100.100.0 and Router2 ip scheme is 192.168.10.0

Extended Access Control List

 

 

To allow the traffic of Router 2 on Router 1 for every application

  • Router1(config)# Access-list 100 permit ip 192.168.10.0 0.0.0.255 200.100.100.0 0.0.0.255
  • Router1(config)# access-list 100 deny any any
  • Router1(config)# int s0
  • Router1(config_if)# ip access-group 100 in
  • Router1(config_if)# exit

 To allow all the traffic of Router 2 on Router 1 for 1st 7 computer

  • Router1(config)# Access-list 100 permit ip 192.168.10.0  0.0.0.255 200.100.100.0 0.0.0.7
  • Router1(config)# access-list 100 deny any any
  • Router1(config)# int s0
  • Router1(config_if)# ip access-group 100 in
  • Router1(config_if)# exit

 To block the traffic for pinging Router 1 from Router 2 computer

  • Router1(config)# Access-list 100 deny tcp 192.168.10.0  0.0.0.255 200.100.100.0 0.0.0.255 eq ICMP
  • Router1(config)# access-list 100 permit any any
  • Router1(config)# int s0
  • Router1(config_if)# ip access-group 100 in
  • Router1(config_if)# exit

 To allow the computer of Router 2 for just browsing the Web Server of the Router1 and the ip of the web server is 200.100.100.50

  • Router1(config)# Access-list 100 permit tcp
  • 192.168.10.0 0.0.0.0.255

200.100.100.50 0.0.0.0  eq 80 (or http)

  • Router1(config)# access-list 100 deny ip any any
  • Router1(config)# int s0
  • Router1(config_if)# ip access-group 100 in
  • Router1(config_if)# exit

Type of ACL

  1. Standard ACL     (1-99)
  2. Extended ACL     (100-999

Copyright ©2010 - 2022 Ciscoforall.com | Privacy Policy | Terms & Conditions