Taller de Redes Avanzadas: 2016

1-Armado de Maqueta

2-Habilite protocolo de ruteo para que sean alcanzables todas las redes

Router3(config)#router rip
Router3(config-router)#net
Router3(config-router)#network 200.210.222.0
Router3(config-router)#network 200.210.222.132
Router3(config-router)#version 2

3-Verifique mediante Ping que todas las PC se alcancen unas con otras

4-Habilite el acceso por terminal virtual VTY

Username Admin secret cisco

Line vty 0 4

Secret class

Login local

5-Verifique que todas las PC pueden administrar remotamente todos los routers

login as: admin
Using keyboard-interactive authentication
Router_3>en
Router_3#
Password:

6-Aplicar listas de acceso a las interfaces para que las PC no accedan por administración remota.

access-list 10 deny 200.210.220.2
access-list 10 deny 200.210.221.2
access-list 10 deny 200.210.222.2
access-list 10 permit any
access-list 102 deny tcp 10.96.0.0 0.31.255.255 10.64.0.0 0.31.255.255 eq smtp
access-list 102 permit ip any any

7-Conteste las siguientes preguntas
*¿Funcionan los Pings entre las PC?
Si
*¿Como se podría limitar solo el acceso a la consola sin limitar todo el tráfico?
Delimitando un rango en las redes que hay que negar

8-Aplique la misma lista de control de acceso ahora a las terminales virtuales VTY

Router_3(config)#int g 0/0
Router_3(config-if)#ip access-group 10 in
Router_3(config-if)#line vty 0 4
Router_3(config-line)#access
Router_3(config-line)#access-class 10 in
Router_3(config-line)#end

9-Verifique el estatus de las terminales con el comando show lines

Router_3#show running-config
Building configuration...

Current configuration : 2121 bytes
!
! Last configuration change at 02:39:47 UTC Fri May 6 2016
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router_3
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$Kv16$DTwQKzJs1NLNX2rEz5Lok/
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 10.96.0.1
!
ip dhcp pool pool
network 10.96.0.0 255.224.0.0
default-router 10.96.0.1
!
!
!
ip domain name cisco.com
ip cef
ipv6 unicast-routing
ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
!
license udi pid CISCO2901/K9 sn FJC1853A09U
!
!
username admin secret 5 $1$zRxs$XfZtH3OK0NtZXoggtZWy4/
!
redundancy
!
!
ip ssh version 2
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 10.96.0.1 255.224.0.0
ip access-group 102 in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 200.210.222.1 255.255.255.128
ip access-group 10 in
duplex auto
speed auto
!
interface Serial0/0/0
ip address 200.210.222.134 255.255.255.252
clock rate 64000
!
interface Serial0/0/1
ip address 10.192.0.1 255.224.0.0
clock rate 64000
!
router ospf 1
network 10.96.0.0 0.31.255.255 area 0
network 10.160.0.0 0.31.255.255 area 0
network 10.192.0.0 0.31.255.255 area 0
!
router rip
version 2
network 172.16.0.0
network 200.165.200.0
network 200.210.220.0
network 200.210.221.0
network 200.210.222.0
network 209.165.200.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
ipv6 router rip process1
!
!
!
access-list 10 deny 200.210.220.2
access-list 10 deny 200.210.221.2
access-list 10 deny 200.210.222.2
access-list 10 permit any
access-list 102 deny tcp 10.96.0.0 0.31.255.255 10.64.0.0 0.31.255.255 eq smtp
access-list 102 permit ip any any
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 10 in
login local
transport input ssh
!
scheduler allocate 20000 1000
!
end

1. Armado de la maqueta

2. Verificar conectividad con PING desde el Router hacia PC y Router vecinos

3.Habilite OSPF de área 0

R2(config)#router ospf 10

R2(config-router)#network 200.210.221.0 0.0.0.255 area 0

R2(config-router)#network 200.210.222.128 0.0.0.3 area 0

R2(config-router)#network 200.210.222.132 0.0.0.3 area 0

R2(config-router)#end

4. Verificar el anuncio de redes con "show ip route"

Router#show ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

a - application route

+ - replicated route, % - next hop override

Gateway of last resort is not set

O 200.210.220.0/24 [110/129] via 200.210.222.133, 00:03:13, Serial0/0/1

O 200.210.221.0/24 [110/65] via 200.210.222.133, 00:09:23, Serial0/0/1

200.210.222.0/24 is variably subnetted, 5 subnets, 3 masks

C 200.210.222.0/25 is directly connected, GigabitEthernet0/1

L 200.210.222.1/32 is directly connected, GigabitEthernet0/1

O 200.210.222.128/30

[110/128] via 200.210.222.133, 00:03:23, Serial0/0/1

C 200.210.222.132/30 is directly connected, Serial0/0/1

L 200.210.222.134/32 is directly connected, Serial0/0/1

Router#

5.Conteste las siguientes preguntas:

-¿Cuantas redes aparecen en la tabla de enrutamiento?

-¿Cuantas deberían de aparecer?

6.Verifique estatus de OSPF

-show ip ospf

Router#show ip ospf

Routing Process "ospf 1" with ID 200.210.222.1

Start time: 00:07:32.828, Time elapsed: 00:35:42.156

Supports only single TOS(TOS0) routes

Supports opaque LSA

Supports Link-local Signaling (LLS)

Supports area transit capability

Supports NSSA (compatible with RFC 3101)

Event-log enabled, Maximum number of events: 1000, Mode: cyclic

Router is not originating router-LSAs with maximum metric

Initial SPF schedule delay 5000 msecs

Minimum hold time between two consecutive SPFs 10000 msecs

Maximum wait time between two consecutive SPFs 10000 msecs

Incremental-SPF disabled

Minimum LSA interval 5 secs

Minimum LSA arrival 1000 msecs

LSA group pacing timer 240 secs

Interface flood pacing timer 33 msecs

Retransmission pacing timer 66 msecs

Number of external LSA 0. Checksum Sum 0x000000

Number of opaque AS LSA 0. Checksum Sum 0x000000

Number of DCbitless external and opaque AS LSA 0

Number of DoNotAge external and opaque AS LSA 0

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

--More-- Number of areas transit capable is 0

External flood list length 0

IETF NSF helper support enabled

Cisco NSF helper support enabled

Reference bandwidth unit is 100 mbps

Area BACKBONE(0) (Inactive)

Number of interfaces in this area is 2

Area has no authentication

SPF algorithm last executed 00:00:26.424 ago

SPF algorithm executed 2 times

Area ranges are

Number of LSA 1. Checksum Sum 0x0074CA

Number of opaque link LSA 0. Checksum Sum 0x000000

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

Flood list length 0

-show ip ospf neighbor

Router#show ip ospf neighbor interface

GigabitEthernet0/1 is up, line protocol is up

Internet Address 200.210.222.1/25, Area 0, Attached via Network Statement

Process ID 1, Router ID 200.210.222.1, Network Type BROADCAST, Cost: 1

Topology-MTID Cost Disabled Shutdown Topology Name

0 1 no no Base

Transmit Delay is 1 sec, State DR, Priority 1

Designated Router (ID) 200.210.222.1, Interface address 200.210.222.1

No backup designated router on this network

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

oob-resync timeout 40

Hello due in 00:00:02

Supports Link-local Signaling (LLS)

Cisco NSF helper support enabled

IETF NSF helper support enabled

Index 2/2, flood queue length 0

Next 0x0(0)/0x0(0)

Last flood scan length is 0, maximum is 0

Last flood scan time is 0 msec, maximum is 0 msec

Neighbor Count is 0, Adjacent neighbor count is 0

Suppress hello for 0 neighbor(s)

Serial0/0/1 is up, line protocol is up

Internet Address 200.210.222.134/30, Area 0, Attached via Network Statement

Process ID 1, Router ID 200.210.222.1, Network Type POINT_TO_POINT, Cost: 64

--More-- Topology-MTID Cost Disabled Shutdown Topology Name

--More-- 0 64 no no Base

--More-- Transmit Delay is 1 sec, State POINT_TO_POINT

--More-- Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

--More-- oob-resync timeout 40

--More-- Hello due in 00:00:01

--More-- Supports Link-local Signaling (LLS)

--More-- Cisco NSF helper support enabled

--More-- IETF NSF helper support enabled

--More-- Index 1/1, flood queue length 0

--More-- Next 0x0(0)/0x0(0)

--More-- Last flood scan length is 1, maximum is 1

--More-- Last flood scan time is 0 msec, maximum is 0 msec

--More-- Neighbor Count is 1, Adjacent neighbor count is 1

--More-- Adjacent with neighbor 200.210.222.133

--More-- Suppress hello for 0 neighbor(s)

Router#

-show ip ospf interface

Router#show ip ospf interface database rpo outer

OSPF Router with ID (200.210.222.1) (Process ID 1)

Router Link States (Area 0)

LS age: 621

Options: (No TOS-capability, DC)

LS Type: Router Links

Link State ID: 200.210.222.1

Advertising Router: 200.210.222.1

LS Seq Number: 8000000B

Checksum: 0x2A70

Length: 60

Number of Links: 3

Link connected to: a Stub Network

(Link ID) Network/subnet number: 200.210.222.0

(Link Data) Network Mask: 255.255.255.128

Number of MTID metrics: 0

TOS 0 Metrics: 1

Link connected to: another Router (point-to-point)

(Link ID) Neighboring Router ID: 200.210.222.133

--More-- (Link Data) Router Interface address: 200.210.222.134

--More-- Number of MTID metrics: 0

--More-- TOS 0 Metrics: 64

--More--

Link connected to: a Stub Network

(Link ID) Network/subnet number: 200.210.222.132

(Link Data) Network Mask: 255.255.255.252

Number of MTID metrics: 0

TOS 0 Metrics: 64

LS age: 439

Options: (No TOS-capability, DC)

LS Type: Router Links

Link State ID: 200.210.222.129

Advertising Router: 200.210.222.129

LS Seq Number: 80000002

Checksum: 0x1618

Length: 60

Number of Links: 3

Link connected to: another Router (point-to-point)

(Link ID) Neighboring Router ID: 200.210.222.133

(Link Data) Router Interface address: 200.210.222.129

Number of MTID metrics: 0

TOS 0 Metrics: 64

--More--

Link connected to: a Stub Network

(Link ID) Network/subnet number: 200.210.222.128

(Link Data) Network Mask: 255.255.255.252

Number of MTID metrics: 0

TOS 0 Metrics: 64

Link connected to: a Stub Network

(Link ID) Network/subnet number: 200.210.220.0

(Link Data) Network Mask: 255.255.255.0

Number of MTID metrics: 0

TOS 0 Metrics: 1

LS age: 439

Options: (No TOS-capability, DC)

LS Type: Router Links

Link State ID: 200.210.222.133

Advertising Router: 200.210.222.133

LS Seq Number: 8000000A

Checksum: 0xD732

Length: 84

Number of Links: 5

--More--

--More-- Link connected to: a Stub Network

--More-- (Link ID) Network/subnet number: 200.210.221.0

(Link Data) Network Mask: 255.255.255.0

Number of MTID metrics: 0

TOS 0 Metrics: 1

Link connected to: another Router (point-to-point)

(Link ID) Neighboring Router ID: 200.210.222.1

(Link Data) Router Interface address: 200.210.222.133

Number of MTID metrics: 0

TOS 0 Metrics: 64

Link connected to: a Stub Network

(Link ID) Network/subnet number: 200.210.222.132

(Link Data) Network Mask: 255.255.255.252

Number of MTID metrics: 0

TOS 0 Metrics: 64

Link connected to: another Router (point-to-point)

(Link ID) Neighboring Router ID: 200.210.222.129

(Link Data) Router Interface address: 200.210.222.130

Number of MTID metrics: 0

TOS 0 Metrics: 64

--More-- Link connected to: a Stub Network

--More-- (Link ID) Network/subnet number: 200.210.222.128

--More-- (Link Data) Network Mask: 255.255.255.252

Number of MTID metrics: 0

TOS 0 Metrics: 64

Router#

7. Documente

-Las direcciones de los neighbors

200.210.222.134

200.210.222.129

-Identifique el Designated Router

200.210.222.133

-Anote cuál es la distancia administrativa de OSPF

Distancia administrativa= 110

Taller de Redes Avanzadas

miércoles, 25 de mayo de 2016

Listas de Control de Acceso Estándar

miércoles, 27 de abril de 2016

OSPF de área única