Cisco CCNA (v3) Short Course

Based on subject :
ITE526: Practical Internetworking

Part of the :
Master of Networking and Systems
Administration
Master of Management (IT)
 NAT
IPv4 shortage of addresses
RFC1918 Private IPs
Are not public addresses
Must use NAT to route to the Internet
Translates b/w private and public addresses
Hides the specific private IP
Security by obscurity queue heated debate!
Not required with IPv6lets wait and see.
 Types of NAT
Static Nat
One-to-one translation b/w two addresses or b/w
a port one on address to the same port on another
address
Dynamic NAT
Uses a pool of global addresses to dynamically
translate outbound traffic
NAT Overload/PAT
Translates OB traffic to unique ports from a single
global address
 Terminology
Inside Local
Specific IP address assigned to an inside host
Inside Global
Address that identifies an inside host on the outside
Outside Global
Specific IP address assigned to an outside host
Outside Local
Address that identifies an outside host on the inside
 Terminology Example

Consider traffic from Host A to Host B

Inside Local 10.1.1.10
Inside Global 55.1.1.1
Outside Global 99.1.1.2
Outside Local 99.1.1.2
 Static NAT Configuration
Identify the inside and outside
interfaces
int fa0/0
ip nat inside
int atm0/0
ip nat outside
Map public to private addresses
ip nat inside source static 172.16.1.1
203.193.205.50
Dynamic NAT Configuration
Identify the inside and outside
interfaces
Create a pool of global addresses
ip nat pool <POOLNAME> 203.193.193.1 203.193.193.50 netmask 255.255.255.0

Identify which addresses to NAT using

ACL
access-list 10 permit 172.16.1.0 0.0.0.255

Apply ACL to NAT pool

ip nat inside source list 10 pool <POOLNAME>
NAT Overload Configuration
Identify the inside and outside
interfaces

Identify which addresses to NAT using

ACL
access-list 10 permit 172.16.1.0 0.0.0.255

Apply ACL to overload interface

ip nat inside source list 10 pool interface atm0/0 overload
 Troubleshoot NAT
Useful basic commands
show ip nat statistics
debug ip nat
Be careful on heavily used NAT routers!
show ip nat translation
clear ip nat translation
 DHCP Server
Large networks need DHCP servers
DHCP is the protocol of choice
Lease out client addresses
DHCP Process
DHCPDiscover
DHCPOffer
DHCPRequest
DHCPACK
 DHCP Server
Large networks need DHCP servers
DHCP is the protocol of choice
Lease out client addresses
DHCP Process
DHCPDiscover
DHCPOffer
DHCPRequest
DHCPACK
 WAN Basics
Two popular definitions
a network that spans large geographical
locations, usually to interconnect multiple
LANs (theory definition)
a network that traverses a public network
or commercial carrier, using one of several
WAN technologies (practical definition)
 Why use WANs?
People in the regional or branch offices of an
organization need to be able to communicate
and share data.
Organizations often want to share information
with other organizations across large distances.
Employees who travel on company business
frequently need to access information that
resides on their corporate networks.
 WAN Characteristics
WANs generally connect devices that are separated by a
broader geographic area than a LAN can serve

WANs use the services of carriers such as telcos, cable

companies, satellite systems, and network providers

WANs use serial connections of various types to provide

access to bandwidth over large geographic areas
 WAN Topologies
4 basic types
Point-to-Point
Hub & Spoke
Full Mesh
Single v Dual Homed
Logical/Physical Topologies
Logical/Physical Topologies
Common WAN Topologies
Physical P2P
Logical P2P
Basic WAN Terminology
WAN Connection Types
 Technologies
VPN
MPLS
Metro Ethernet
Broadband PPPoE
Frame-Relay, ATM
IPSec VPN
GRE
 MPLS
Multi-Protocol Label Switching
Been around for several years
Similar to FR & ATM concepts
Forwards packets by attaching labels
 MPLS
L2 MPLS VPN
Customer controls routing
Applications that need L2 to work
L3 MPLS VPN
SP routers control routing
L3 services across SP backbone
 Benefits of MPLS
Uses one unified network
Better IPoATM integration
BGP-free core
P2P model for MPLS VPN
Optimal traffic flow
Traffic Engineering
 Metro Ethernet
Metropolitan Area Network (MAN)
Based on Ethernet technologies
Very high speed links
Another L2 level technology
More about the cable Cu or Fibre
 Others.
Broadband PPPoE/PPPoATM etc

Frame-Relay

ATM
 Next Week
Infrastructure Security
Configure, verify, and troubleshoot port security
Describe common access layer threat mitigation techniques
Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering
Configure, verify, and troubleshoot basic device hardening
Describe device security using AAA with TACACS+ and RADIUS
Infrastructure Management
Configure and verify device-monitoring protocols
Troubleshoot network connectivity issues using ICMP echo-based IP SLA
Configure and verify device management
Configure and verify initial device configuration
Perform device maintenance
Use Cisco IOS tools to troubleshoot and resolve problems
Describe network programmability in enterprise network architecture
Questions?