Friday, 26 August 2016

Basic knowledge of the distance vector routing protocol RIP version 2


Because RIP is a distance vector routing protocol, it will NOT have any ideas about the current network topology.  It will learn routes directly from the update sent by its neighbors.

There are some importance facts about the RIP version 2:

1. RIPv2 is using UDP port 520 to transmit its request & response message.

2. On the broadcast network, RIPv2 uses the multicast address 224.0.0.9

3. Distance vector routing likely got the loop problem named "Counting to infinity".

4. There are two loop-prevent mechanisms for RIPv2: Split-Horizon and Poison-Reverse.

5. Update are sent every 30s, but we can use the trigger update.

Monday, 22 August 2016

Adding routes dynamically to the routing table or forwarding table


Manually controlling the routing table is easy and fun when your network is small with a few routers. When the number of routers increasing, it's almost impossible to do the STATIC way.

This time, we need a protocol so all routers can talk together to exchange the routing information. There are two kinds of that protocol Distance Vector & Link State routing protocol.


Adding routes manually to the routing table or forwarding table


You can always add routes into the routing table manually on every router even your home wifi routers by WEB interface or command lines.

By controlling the router's forwarding table manually, you will understand the routing process more.  By default, routers will put all subnets connected to its interface into the routing table. Thus you do NOT need to worry much about those connected routes.

You should only think about how the packet gets to the destination. The importance thing is this process is only ONE WAY. You should also think about how the packet gets back to its source.


Understand the forwarding table or routing table of a router


First, an incoming Layer-2 Frame to a router interface will be de-encapsulated to get the IP Packet inside it.  After that, the router will look at the IP Header to find a field named IP Destination.

Next, it will check that IP destination address with its Routing Table.

       1. If there is a matched, the router will re-encapsulated that packet into a Layer-2 Frame then forward that frame to the matched interface.

       2. If NOT, the router will drop that packet and do nothing.

How is an IP Packet moved around the internet


Unlike a shipping package which can be moved around by a person or a shipping truck, An IP Packet is so dumped. It needs a device that can put and wrap it in a Layer-2 box then send it to another device.

Any devices (server, firewall, PCs, modem ...) that have the ability of receive an IP Packet, read its Header IP information then forward to the next device are called routers. Routers rely on its routing table to forward a received IP packet.

What is IP address


Because all the network devices are using the same TCP/IP protocol to communicate to each other. They must have a unique address to distinguish from the other. That address is called IP address.

Now we have two version of the IP addresses: IP version 4 (IPv4) and IP version 6 (IPv6). Although IPv4 is supposed to end soon because it supports only 2^32 = 4.3 billion addresses, it is still widely used until now because of the NAT.

The Network Address Translation allows us to use any Private IP addresses and translate them into Public IP Address(es) in order to communicate to the internet (Public IP Addresses).

Basic knowledge of the TCP/IP Protocol suite



People need some things in commons so they can talk together. So does the computers. They all need to use the same protocol in order to maintain an efficiency communication.

You could build up your own style of network protocol but if you would like to communicate with billion devices out there, you have no choices. The TCP/IP protocol is used right now on almost all network devices. It based on the OSI model.



There are 4 ways you can publish your server to the internet from your house:

1. Using the modem provided by your ISP, configure the DMZ feature to host all services from your server.

2. Using the modem provided by your ISP, configure the port forwarding feature to host specific port from your server such as TCP port 80 for Web service...

3. Turning the modem provided by your ISP to a normal layer-2 switch by enabling its BRIDGE mode in the configuration page.

4. Asking your Internet Service Provider allow the IP passthrough feature to get additional public IP addresses.

You should ask your Internet Service Provider for a free second IP passthrough


You would like to set up a network related lab in your house but you do NOT like to mess up your home network. So the only way you can do it is asking your ISP for a free second IP address.

How to connect a VPN software client to an ezVPN server


Cisco already provides us a reliable VPN software for Windows. You can use the configuration same as the picture showed above.

For all the Linux-based OSs, you have to download the VPNC packaged to connect to an ezVPN server.

I do NOT test on a MAC yet. But I am pretty sure that there is a VPNC software out there for the Macintosh OS.


How to config small Cisco routers as an ezVPN client


Normally, we use routers for a VPN site-to-site or VPN software for an ezVPN client. However, in the case, we do NOT have a public IP address or the router is behind a NAT device, we have to config the router as an ezVPN client.

Unlike the VPN software client, the router must config static routes after its connected to the ezVPN server.


Friday, 19 August 2016

How to config small Cisco routers as an ezVPN server


Although configuring the ezVPN server on a Cisco Firewall device is much easier, you still could use a small Cisco router such as 17xx, 18xx or 26xx series to make it happens.

First, you have to check the router if it supports VPN tunnel or not by using the command
        
       #show version


How to convert the Cisco access point AP1130 back to Autonomous from Lightweight


Because these Cisco access points are out-of-date, you probably could get one of those very cheap in the eBay or used stuff website. You could even get one for free from a big Corp that just renovate their wireless network.

The thing is these access points usually coming with the Lightweight mode. Thus you have to convert it back to the Autonomous mode by uploading the default IOS for it.

By default, in the Rommon Mode, it already has these configurations to communicate with the FTTP Server:

       IP_ADDR=10.0.0.1
       NETMASK=255.255.255.224


All you need is just prepare a TFTP Server in your PC/Laptop then follow the instructions in the image.

How to access to the Rommon Mode of the Cisco access point AP1130


By default, you can easily access to the Rommon Mode by pressing the ESC key to abort the loading process via the console port.

If you can NOT do that, it means the environment variable ENABLE_BREAK is off. Thus, you have to do the HARD RESET by pressing the MODE button of the access point.

How to hard reset the Cisco access point AP1130


You need to pull back the lid of the access point so you can see all the ports, button, and LEDs.

1. Do not power on the access point.

2. Press and hold the MODE button showed in the picture.

3. Wait until the Ethernet LED turns amber about 3 seconds.

4. Release the MODE button.

Now you can access the Rommon Mode of the access point via the console port.