Application exam sprint title [computer] three network technologies - route aggregation and subnetting
This section, mainly to expand the examples to explain, after reading In this part, this type of topic basically done no problem, then you have to be a lot of practice.
Exam analysis
Analysis can be seen from FIG., CIDR route aggregation and variable length subnet with subnet high proportion, so that also p3. Intrusion Prevention System: IPS; firewall installation and configuration: nat, global, static commands; other test sites.
CIDR address planning
■ various lengths "network prefix" in place of the classification number and the network address subnet ID, a "maximum prefix matching" network address calculation for this purpose.
Example 1
CIDR route aggregation diagram:
Fill out the form in the router's routing table RG:
The answer : an output port S0 (direct connection): 10.10.13.132/30
analysis : First, that the meaning of the questions is RG router's routing table, and secondly we need to ask S0 is directly connected to the routing table. So we find RG S0 port on the right side of the router. We can see S0: 10.10.13.133 and S0: 10.10.13.134 two IP addresses with RG S0 port router directly connected, so we find this two IP addresses polymerization address.
How polymerization:
polymerization simple terms is to find different places need to aggregate addresses.
First, we will S0: 10.10.13.133 and S0: 10.10.13.134 two different IP addresses into a binary bit segment.
10.10.13.100001 | 01
10.10.13.100001 | 10
converted into binary, we can see two different IP addresses from the start after the first 30, then we will retain the same position, different bit set to 0 on it.
So we can get 10.10.13.10000100, then get converted to decimal: 10.10.13.132/30.
.
Then, we ask:
Using the same reason above, we can get
the answer : 10.10.13.128/30
.
Let's go on!
From the above chart we can see that the topology Oh, the router is divided into three layers, so does the routing table is divided into three layers, the routing table above, we find the first layer, then we have to seeking the routing table of the second layer.
The second layer RG router S0 port side, we can see the three IP addresses, namely E0: 10.10.13.58, E2: 10.10.13.56, E2: 10.10.13.57. So we have to do is these three IP addresses polymerization can be, but the above topic a little bit different, pay attention to listen! o (∩_∩) o
operation before First, we repeat, these three different segments address bits into binary:
10.10.13.001110 | 00
10.10.13.001110 | 01
10.10.13.001110 | 10
converted into binary, we can see, three IP addresses are not the same from the start after the first 30, then we will retain the same position, converted to decimal been 10.10.13.56, we can see that the IP address is 10.10.13.56 / 30, since / 30-bit only two network number of available IP addresses, but clearly we are polymerized three IP addresses, obviously does not meet the meaning of the questions, so we will "|" move forward one:
10.10.13.00111 | 000
10.10.13.00111 | 001
10.10.13.00111 | 010 converted to decimal to get 10.10.13.56/29, we also found that to get this IP address has been E2 RC port router uses, so get the IP address or do not meet the requirements, so we will "|" and then move forward one:
10.10.13.0011 | 1000
10.10.13.0011 | 1001
10.10.13.0011 | 1010 converted to decimal to get 10.10.13.48/28 bit, obviously this IP address to meet the requirements. So the answer to this question:
The answer: 10.10.13.48/28
The answer: 10.10.13.72/29 , the analysis above.
.
Let's continue to the third layer routing calculation:
we can see the topology IP address of the third layer a bit more, we can choose to use the IP address (for example: 10.10.66.1) polymerization or using the destination network ID (for example: 10.10. 66.0) polymerization is carried out, both to give the same answer.
Polymerization process: see above how to aggregate .
Examination format :
(2) if the premise without changing the routing table entry, please write in the number of routers up to the re-access router RF ().
Answer : 11
Analytical : routing aggregation results we just calculate the RF 10.10.13.48/28, so the host is 4 bits, the number of available host 2 . 4 -2 = 14, and because the nearly spent 3, 14-3 = 11.
Subnetting and variable length subnet
Example
, if the three sub divided 58.45.59.128/25, wherein the first subnet 48 to accommodate hosts, each subnet can accommodate two additional hosts 29, please state the subnet mask, and IP addresses available. (Note: the sequence number assigned by the subnet network address).
(A) three subnet mask, respectively (①), (②) and (③).
(Ii) the available IP addresses are (④), (⑤) and (⑥).
The answer : ①255.255.255.192 or / 26 ②255.255.255.224 or / 27 ③255.255.255.224 or / 27 ④58.45.59.129-58.45.59.190 ⑤58.45.59.193-58.45.59.222 ⑥58.45.59.225- 58.45.59.254
resolved :
(a) resolved to ask : since the first subnet need to accommodate 48 hosts, so we have to give it 6 host bits. (Because 5 bits are available hosts host 2 . 5 = 32, does not meet the intended title; 2. . 6 = 64, meets the requirements) so that a subnet number of bits is 26 bits, can be written as / 26 or 255.255.255.192 (alternative to); 29 required the second subnet hosts, so it points to the host 5 bits, then the second network number is 27 digits, can be written as / 27 or 255.255.255.224; third subnets with the second subnet.
(B) ask resolve: We first 58.45.59.128 fourth paragraph into a binary, get 58.45.59.10000000. Because the need to follow a sequence number assigned subnet network address, the first IP address of the first subnet is 58.45.59.10000001 → 58.45.59.129. And because the host bits of a subnet is 6, so the last IP address of the first subnet is 58.45.59.10 | 111110 → 58.45.59.190, first ④ space for 58.45.59.129-58.45.59.190.58.45. 59.10 | 111111 → 58.45.59.191 is the first direct broadcast subnet address, apparently 58.45.59.192 is the second subnet network address, 58.45.59.193 is the first available IP address of the third subnet. And because there are five second subnet host bits, so the last available IP address of the second subnet is 58.45.59.110 | 11110 → 58.45.59.222, empty for the first ⑤ 58.45.59.193-58.45.59.222. Again Obviously, 58.45.59.223 is a direct broadcast address of the second subnet, 58.45.59.224 is the network address of the third subnet, so the first available IP address in third subnet is 58.45.59.225, and because third there are five subnets host bits, so the last available IP address for the third subnet 58.45.59.111 | 11110 → 58.45.59.254, so the first ⑥ space for 58.45.59.225-58.45.59.254.
After experiencing such a title can be used this way .
^ _ ^ ...
Firewall installation and configuration
Knowledge (to remember)
■ If the network through a firewall Cisco PIX25 access the Internet, and part of the network need to access the Internet, the need to use two configuration commands followed by nat and , Ltd. Free Join ;
■ If the Cisco PIX525 firewall FW is, FTP server within the network required to allow the network to provide services outwardly, the command should be used Fixup ;
■ firewall FW is Cisco PIX525, if the external network to allow FTP server within the network service, the configuration commands required fixup protocol ftp or Fixup .
■ filtering the data packets to be detected when entering the network, and determines whether the packet contains this feature compromise security. If a detected malicious data packets, the system sends an alert only, measures will be taken in response (e.g., discarding packets containing offensive or connector block) to block the attack. This device name is PIX .
Other test sites
■ If the firewall FW is Cisco PIX525, if you need to configure a server to a network of public IP addresses, configure command should be used to write static ;
if you want to network access to Internet, then on ■ in RG (router) It should be in series with a dedicated device, write the function of the device must have the NAT .
Answer questions about the application of techniques basically here, then the next step is we refuel! Come on! Come again!
