Caso de estudio

Caso de estudio
01/08/2011 Silvia juliana Martnez Serrano Unab

Caso de estudio

Situacin 1 - Fase 1: Descripcin del proyecto

mbito de direcciones de red: Cantidad requerida de subredes: Protocolo de enrutamiento:

Fase 2: Asignacin de direcciones de IP

Diagrama de red Asignacin de direcciones de IP

Pgina 2

Caso de estudio

dispositivo BOAZ

interfaz Fa 0/0 Serial 0/0/0 Fa 0/0

Direccin ip 10.32.0.1 28.0.0.1 10.0.0.1 28.0.0.2 28.32.0.1 10.64.0.1 28.32.0.2 10.0.0.2 10.0.0.3 10.32.0.2 10.32.0.3 10.64.0.2 10.64.0.3

Mascara de subred 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0 255.224.0.0

Gateway predeterminado N/C N/C N/C N/C N/C N/C N/C 10.0.0.1 10.0.0.1 10.32.0.1 10.32.0.1 10.64.0.1 10.64.0.1

CENTER EVA SERVER1 PC2 PC3 PC4 PC5 PC6

Serial 0/0/0 Serial 0/0/1 Fa 0/0 Serial 0/0/1 NIC NIC NIC NIC NIC NIC

Fase 3: Configuracin bsica de los routers y las estaciones de trabajo

BOAZ BOAZ cisco clase cisco 28.0.0.1 N/C CENTER CENTER cisco clase cisco 28.0.0.2 28.32.0.1 EVA EVA cisco clase Cisco N/C 28.32.0.2

NOMBRE DE HOST CONTRASEA DE CONSOLA CONTRASEA SECRETA CONTRASEA VTY DIRECCION IP SERIAL 0/0/0 DIRECCION SERIAL 0/0/1 VELOCIDAD

64000
Pgina 3

Caso de estudio

SINCRONIZACI ON SERIAL 0/0/0 VELOCIDAD SINCRONIZACI ON SERIAL 0/0/1 DIRECCION IP FA 0/0 DIRECCION IP FA 0/1 ACTIVAR INTERFACES PROTOCOLO ENRUTAMIENT O MENSAJE DEL DIA DESCRIPCION SERIAL 0/0/0 DESCRIPCION SERIAL 0/0/1 DESCRIPCION FA 0/0/ DESCRIPCION FA 0/1

64000

10.32.0.1 N/C NO SH OSPF

10.64.0.1 N/C NO SH OSPF

10.64.0.1 N/C NO SH OSPF

**ACCESO **ACCESO **ACCESO RESTRINGIDO RESTRINGIDO RESTRINGIDO ** ** ** CONEXIN A CONEXIN A N/C CENTER BOAZ N/C CONEXIN A CONEXIN A EVA CENTER N/C N/C N/C N/C N/C N/C

Fase 4: Listas de control de acceso Boaz

Access-list 117 permit tcp 10.64.0.0 0.31.255.255 host 10.0.0.2 eq www Access-list 117 permit icmp any any echo-reply Access-list 117 deny tcp any any

Inter fa 0/0

Pgina 4

Caso de estudio Ip access-group 117 in

Eva
Access-list 117 permit tcp 10.64.0.0 0.31.255.255 host 10.0.0.2 eq www Access-list 117 permit icmp any any echo-reply Access-list 117 deny tcp any any

Inter fa 0/0 Ip access-group 117 in

SUBNETEO

Yo escog las direcciones 10.0.0.0/8 y la 28.0.0.0/8 para subnetear Requisitos: necesito de cada red 8 subredes 23=8 por lo tanto tomo prestados 3 bits del 2 octeto de la mscara quedara as

Mascara por defecto clase a 11111111.00000000.00000000.00000000

Pgina 5

Caso de estudio

Mascara subneteada 11111111.11100000.00000000.00000000

Por lo tanto
27 128 1 26 64 1 25 32 1 24 16 0 23 8 0 22 4 0 21 2 0 20 1 0

224
Quedara 10.0.0.0/11 y 28.0.0.0/11

saltos de las subredes

Los saltos serian de 32 en 32 segn la mascara 1. 10.0.0.0/11 2. 10.32.0.0/11 3. 10.64.0.0/11 4. 10.96.0.0/11 5. 10.128.0.0/11 6. 10.160.0.0/11 7. 10.192.0.0/11 8. 10.224.0.0/11 28.0.0.0/11 28.32.0.0/11 28.64.0.0/11 28.96.0.0/11 28.128.0.0/11 28.160.0.0/11 28.192.0.0/11 28.224.0.0/11

Yo utilic las subredes: 10.0.0.0/11, 10.32.0.0/11, 10.64.0.0/11 y 28.0.0.0/11, 28.32.0.0/11

Fase 5: Documentacin de la red

Pgina 6

Caso de estudio

Boaz
BOAZ#sh cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Interface Holdtme Capability Platform Switch CENTER Fas 0/0 Ser 0/0/0 142 160 S 2950 R Fas 0/1 Ser 0/0/0 Port ID

C1841

BOAZ# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP I - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, IA - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - Periodic downloaded static route Gateway of last resort is not set 10.0.0.0/11 is subnetted, 3 subnets O C O 10.0.0.0 [110/65] via 28.0.0.2, 00:07:06, Serial0/0/0 10.32.0.0 is directly connected, FastEthernet0/0 10.64.0.0 [110/129] via 28.0.0.2, 00:05:37, Serial0/0/0 28.0.0.0/11 is subnetted, 2 subnets C O 28.0.0.0 is directly connected, Serial0/0/0 28.32.0.0 [110/128] via 28.0.0.2, 00:07:06, Serial0/0/0 BOAZ#sh ip protocol Routing Protocol is "ospf 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Pgina 7 Router ID 28.0.0.1

Caso de estudio

BOAZ#sh ip interface brief Interface FastEthernet0/0 FastEthernet0/1 Serial0/0/0 Serial0/0/1 Vlan1 IP-Address 10.32.0.1 unassigned 28.0.0.1 unassigned unassigned
BOAZ#sh version Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team ROM: System Bootstrap, Version 12.3(8r) T8, RELEASE SOFTWARE (fc1) System returned to ROM by power-on

OK? YES YES YES YES YES

Method manual unset manual unset unset

Status up administratively up

Protocol up down up

administratively down down administratively down down

Pgina 8

System image file is "flash: c1841-advipservicesk9-mz.124-15.T1.bin"

Caso de estudio BOAZ#sh startup-config Using 853 bytes ! Version 12.4 no service timestamps log datetime msec no service timestamps debug datetime msec BOAZ#sh hosts Default Domain is not set Name/address lookup uses domain service Name servers are 255.255.255.255 Codes: UN - unknown, EX - expired, OK - OK, revalidate temp - temporary, perm - permanent NA - Not Applicable None - Not defined no service password-encryption ! hostname BOAZ ! ! ! enable secret 5 $1$mERr$ZIvuLWaqZSN.IGTvVO7VE/ ! Host Port Flags Age Type Address (es) ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 10.32.0.1 255.224.0.0 ip access-group 117 in duplex auto speed auto ! ! router ospf 1 ! log-adjacency-changes ! network 10.32.0.0 0.31.255.255 area 0 Pgina 9 network 28.0.0.0 0.31.255.255 area 0

Caso de estudio

Pgina 10

Caso sh ip interface BOAZ#de estudio Probe proxy name replies are disabled FastEthernet0/0 is up; line protocol is up (connected) Internet address is 10.32.0.1/11 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 Helper address is not set Directed broadcast forwarding is disabled Internet protocol processing disabled Outgoing access list is not set Serial0/0/0 is up, line protocol is up (connected) Inbound access list is not set Internet address is 28.0.0.1/11 Proxy ARP is enabled Broadcast address is 255.255.255.255 Security level is default Address determined by setup command Split horizon is enabled MTU is 1500 ICMP redirects are always sent Helper address is not set ICMP unreachable are always sent Directed broadcast forwarding is disabled ICMP mask replies are never sent Outgoing access list is not set IP fast switching is disabled Inbound access list is not set IP fast switching on the same interface is disabled Proxy ARP is enabled IP Flow switching is disabled Security level is default IP Fast switching turbo vector Split horizon is enabled IP multicast fast switching is disabled ICMP redirects are always sent IP multicast distributed fast switching is disabled ICMP unreachable are always sent Router Discovery is disabled ICMP mask replies are never sent IP output packet accounting is disabled IP fast switching is disabled IP access violation accounting is disabled IP fast switching on the same interface is disabled TCP/IP header compression is disabled IP Flow switching is disabled RTP/IP header compression is disabled IP Fast switching turbo vector Pgina 11 Policy routing is disabled Network address translation is disabled WCCP Redirect outbound is disabled WCCP Redirect exclude is disabled BGP Policy Mapping is disabled FastEthernet0/1 is administratively down, line protocol is down (disabled)

Caso de estudio

CENTER#SH CDP Neighbors

CENTER

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Interface Holdtme Capability Platform Port ID Switch EVA Fas 0/0 Ser 0/0/1 Ser 0/0/0 159 165 121 S R R 2950 C1841 C1841 Fas 0/1 Ser 0/0/1 Ser 0/0/0

CENTER# sh ip route

BOAZ

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - Periodic downloaded static route Gateway of last resort is not set 10.0.0.0/11 is subnetted, 3 subnets C O O 10.0.0.0 is directly connected, FastEthernet0/0 10.32.0.0 [110/65] via 28.0.0.1, 00:13:57, Serial0/0/0 10.64.0.0 [110/65] via 28.32.0.2, 00:12:06, Serial0/0/1 28.0.0.0/11 is subnetted, 2 subnets C C 28.0.0.0 is directly connected, Serial0/0/0 28.32.0.0 is directly connected, Serial0/0/1

CENTER# sh ip protocol Routing Protocol is "ospf 1" Pgina 12 Outgoing update filter list for all interfaces is not set

Caso de estudio

CENTER# sh ip interface Brief Interface FastEthernet0/0 FastEthernet0/1 Serial0/0/0 Serial0/0/1 Vlan1 IP-Address 10.0.0.1 unassigned 28.0.0.2 28.32.0.1 OK? YES YES YES YES YES Method manual Status up Protocol up down up up down

unset administratively down manual up manual up unset administratively down

CENTER# sh unassigned version

Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by Pgina pt_team ROM: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)

13

Caso de estudio

Pgina 14

Caso de estudio CENTER# sh startup-config Using 1029 bytes ! version 12.4 no service timestamps log datetime msec no service timestamps debug datetime msec CENTER# sh host Default Domain is not set Name/address lookup uses domain service Name servers are 255.255.255.255 no service password-encryption ! Hostname CENTER ! ! Codes: UN - unknown, EX - expired, OK - OK, ?? revalidate Temp - temporary, perm - permanent NA - Not Applicable None - Not defined ! enable secret 5 $1$mERr$ZIvuLWaqZSN.IGTvVO7VE/ ! ! Host Port Flags Age Type Address(es) ! ! ! ! ! ! ! ! ! ! ! Pgina 15 !

Caso de estudio interface FastEthernet0/0 ip address 10.0.0.1 255.224.0.0 ip access-group 117 in duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/0/0 ip address 28.0.0.2 255.224.0.0 ! interface Serial0/0/1 ip address 28.32.0.1 255.224.0.0 clock rate 64000 ! interface Vlan1 no ip address shutdown router ospf 1 log-adjacency-changes network 10.0.0.0 0.31.255.255 area 0 network 28.0.0.0 0.31.255.255 area 0 network 28.32.0.0 0.31.255.255 area 0 default-information originate ! ip classless ! banner motd ^C *************************************** ACCESO RESTRINGIDO *************************************** ^C ! ! line con 0 password cisco login line vty 0 4 password cisco login line vty 5 15 password cisco login end Pgina 16

Caso de estudio CENTER# sh ip interface FastEthernet0/0 is up, line protocol is up (connected) Internet address is 10.0.0.1/11 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachable are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP Fast switching turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Pgina 17 Probe proxy name replies are disabled Policy routing is disabled Network address translation is disabled WCCP Redirect outbound is disabled WCCP Redirect exclude is disabled BGP Policy Mapping is disabled FastEthernet0/1 is administratively down, line protocol is down (disabled) Internet protocol processing disabled Serial0/0/0 is up, line protocol is up (connected) Internet address is 28.0.0.2/11 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachable are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled IP Flow switching is disabled

Caso de estudio

EVA# sh cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

EVA
Switch CENTER

S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Interface Holdtme Capability Platform Port ID Fas 0/0 Ser 0/0/1 171 131 S R 2950 C1841 Fas 0/1 Ser 0/0/1

EVA# sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - Periodic downloaded static route Gateway of last resort is not set 10.0.0.0/11 is subnetted, 3 subnets O O C 10.0.0.0 [110/65] via 28.32.0.1, 00:33:52, Serial0/0/1 10.32.0.0 [110/129] via 28.32.0.1, 00:33:52, Serial0/0/1 10.64.0.0 is directly connected, FastEthernet0/0 28.0.0.0/11 is subnetted, 2 subnets O C 28.0.0.0 [110/128] via 28.32.0.1, 00:33:52, Serial0/0/1 28.32.0.0 is directly connected, Serial0/0/1

Pgina 18

Caso de estudio

EVA#sh ip protocol

Routing Protocol is "ospf 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 28.32.0.2 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Maximum path: 4 Routing for Networks: 10.64.0.0 0.31.255.255 area 0 28.32.0.0 0.31.255.255 area 0 Routing Information Sources: Gateway 28.0.0.1 28.32.0.1 28.32.0.2 Distance 110 110 110 Last Update

00:06:02 00:04:15 00:04:13 Distance: (default is 110)

EVA# sh ip interface brief Interface FastEthernet0/0 FastEthernet0/1 Serial0/0/0 Serial0/0/1 Vlan1 IP-Address 10.64.0.1 unassigned unassigned 28.32.0.2 unassigned OK? YES YES YES YES YES Method Status manual up unset administratively down unset administratively down manual up unset administratively down Protocol up down down up down

Pgina 19

Caso de estudio
EVA# sh version Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team ROM: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1) System returned to ROM by power-on System image file is "flash:c1841-advipservicesk9-mz.124-15.T1.bin" This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Processor board ID FTX0947Z18E M860 processor: part number 0, mask 49 2 FastEthernet/IEEE 802.3 interface(s) 2 Low-speed serial(sync/async) network interface(s) 191K bytes of NVRAM.

63488K bytes of ATA CompactFlash (Read/Write) Configuration register is 0x2102 Pgina 20

Caso de estudio EVA#sh startup-config Using 964 bytes ! version 12.4 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption EVA# sh host ! Default Domain is not set hostname EVA Name/address lookup uses domain service ! Name servers are 255.255.255.255 ! Codes: UN - unknown, EX - expired, OK - OK, ?? revalidate temp - temporary, perm - permanent NA - Not Applicable None - Not defined ! ! Host Port Flags Age Type Address(es) ! ! ! ! ! ! ! ! ! ! ! Pgina 21 ! enable secret 5 $1$mERr$ZIvuLWaqZSN.IGTvVO7VE/

Caso de estudio interface FastEthernet0/0 ip address 10.64.0.1 255.224.0.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/0/0 no ip address shutdown ! interface Serial0/0/1 ip address 28.32.0.2 255.224.0.0 ! interface Vlan1 no ip address shutdown ! router ospf 1 log-adjacency-changes network 10.64.0.0 0.31.255.255 area 0 network 28.32.0.0 0.31.255.255 area 0 default-information originate ip classless access-list 117 permit tcp 10.64.0.0 0.31.255.255 host 10.0.0.2 eq www access-list 117 permit icmp any any echo-reply access-list 117 deny tcp any any ! ! banner motd ^C *************************************** ACCESO RESTRINGIDO *************************************** ^C ! ! ! line con 0 password cisco login line vty 0 4 password cisco login Pgina vty 5 15 line 22 password cisco

Caso de estudio EVA# sh ip interface FastEthernet0/0 is up, line protocol is up (connected) Internet address is 10.64.0.1/11 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachable are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP Fast switching turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Pgina 23 Probe proxy name replies are disabled Policy routing is disabled Network address translation is disabled WCCP Redirect outbound is disabled WCCP Redirect exclude is disabled BGP Policy Mapping is disabled FastEthernet0/1 is administratively down, line protocol is down (disabled) Internet protocol processing disabled Serial0/0/0 is administratively down, line protocol is down (disabled) Internet protocol processing disabled Serial0/0/1 is up, line protocol is up (connected) Internet address is 28.32.0.2/11 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachable are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled