What is NAT?

NAT (Network Address Translation) is a process for changing source and destination IP addresses and ports. Address translation reduces the need for IPv4 public addresses and hides private network address areas. The process is usually done by routers or firewalls.

There are three types of addressing:

1. Static NAT - translates a private IP address into a public one. The public IP address is always the same.

2. Dynamic NAT-Private IP addresses are assigned to the pool by public IP addresses.

3. Port Address Translation (PAT) - A public IP address is used for all internal devices, but each private IP address is assigned another port. Also known as NAT Overload.

An example helps you understand the concept.

Night example

Computer A requests a web page from an Internet server. Because computer A uses private IP addressing, the source address of the request must be changed by the router as private IP addresses on the Internet are not routable. The router R1 receives the request, changes the source IP address to its public IP address, and sends the packet to the server S1. Server S1 receives the packet and the answers to the router R1. The router R1 receives the packet, changes the destination IP addresses to the private IP address of computer A and sends the packet to computer A.

NAT Cheatsheet

VLAN Troubleshooting Sim Packet Tracer

Your colleague has set up a Layer 2 network with your customers. You must review the configuration and resolve any detected issues as per the customer's requirements.

Customer requirements:

+ Check that the switch ports have the correct VLANs assigned, as shown in the topology. Identify and resolve misconfigurations in three switches.

+ Make sure the trunk connections between the switches are functional and that the IEEE 802.1Q trunk encapsulation method is used. Identify and correct any configuration errors found in the trunk configuration.

+ Ensure that the ports connected between the switches are configured as trunk ports

We're not sure of the details, but here are the bugs in this sim:

- Mismatch of native VLAN between SW1 and SW3

- Switching port mode mismatch: one in access mode while the other ends in trunk mode -> must change access to trunk mode

- One port in VLAN 500 and another port in VLAN 600

Commands to solve this: show int trunk, show vlan, show run.

Commands to solve the problems:

Configuration SW1:

Sw1> activate
Configure Sw1 # terminal
Sw1 (config) #Interface e0 / 1
Sw1 (config-if) #switchport hull encapsulation dot1q
Sw1 (config-if) # switch port trunk mode
Sw1 (config-if) # switchport trunk native vlan 1
Sw1 (config-if) #interface e0 / 2
Sw1 (config-if) # switchport access mode
Sw1 (config-if) #switchport access to vlan 500
Sw1 (config-if) #interface e0 / 3
Sw1 (config-if) # switchport access mode
Sw1 (config-if) # switchport access to vlan 600
Sw1 (config-if) #end
Copy of sw1 # start execution

SW2 configuration:

Sw2> activate
Configure Sw2 # Terminal
Sw2 (config) #Interface e0 / 2
Sw2 (config-if) # switchport access mode
Sw2 (config-if) #switchport access to vlan 500
Sw2 (config-if) #interface e0 / 3
Sw2 (config-if) # switchport access mode
Sw2 (config-if) #switchport access to vlan 600
Sw2 (config-if) #end
Copy of Sw2 # Start execution

SW3 configuration:

Activate Sw3>
Configure Sw3 # terminal
Sw3 (config) #Interface e0 / 0
Sw3 (config-if) #switchport hull encapsulation dot1q
Sw3 (config-if) # line switching mode
Sw3 (config-if) # switchport trunk native vlan 1
Sw3 (config-if) #end
Copy of sw3 # start execution

Frame tagging

To Identify the VLAN to which a packet belongs and change tagging to assign a numeric value to each frame in a multi-VLAN network. This ensures that the switches know which ports to send.

Think of the following network topology.

The top list contains two VLANs, namely VLAN 3 and VLAN 4. Host A sends a shipping packet to SW1. Switch SW1 receives the packet, identifies the packet with VLAN ID 3, and sends it to SW2. SW2 receives the packet, searches for VLAN ID, and passes only the Fa0 / 1 packet because only this port is in VLAN 3. Host B and Host C do not receive the packet because they are in a VLAN other than Host A.

Static Routing Configuration using Serial Port using Cisco Packet Tracer

 Example :

Static routing Configuration on ROUTER 0:

R(config)#ip route 1.0.0.0 255.0.0.0 2.0.0.2

R(config)#ip route 9.0.0.0 255.0.0.0 7.0.0.2

R(config)#ip route 8.0.0.0 255.0.0.0 7.0.0.2

R(config)#ip route 5.0.0.0 255.0.0.0 6.0.0.2

R(config)#ip route 3.0.0.0 255.0.0.0 4.0.0.2

 

Static routing configuration on ROUTE 1:

R(config)#ip route 9.0.0.0 255.0.0.0 7.0.0.2

R(config)#ip route 7.0.0.0 255.0.0.0 4.0.0.1

R(config)#ip route 8.0.0.0 255.0.0.0 7.0.0.2

R(config)#ip route 7.0.0.0 255.0.0.0 4.0.0.1

R(config)#ip route 1.0.0.0 255.0.0.0 2.0.0.2

R(config)#ip route 2.0.0.0 255.0.0.0 4.0.0.1

R(config)#ip route 5.0.0.0 255.0.0.0 6.0.0.2

R(config)#ip route 6.0.0.0 255.0.0.0 4.0.0.1

Static Routing configuration on R2:

R(config)#ip route 9.0.0.0 255.0.0.0 7.0.0.2

R(config)#ip route 7.0.0.0 255.0.0.0 2.0.0.1

R(config)#ip route 8.0.0.0 255.0.0.0 7.0.0.2

R(config)#ip route 7.0.0.0 255.0.0.0 2.0.0.1

R(config)#ip route 5.0.0.0 255.0.0.0 6.0.0.2

R(config)#ip route 6.0.0.0 255.0.0.0 2.0.0.1

R(config)#ip route 3.0.0.0 255.0.0.0 4.0.0.2

R(config)#ip route 4.0.0.0 255.0.0.0 2.0.0.1

 

Static routing configuration on R3:

R(config)#ip route 1.0.0.0 255.0.0.0 2.0.0.2

R(config)#ip route 2.0.0.0 255.0.0.0 6.0.0.1

R(config)#ip route 3.0.0.0 255.0.0.0 4.0.0.2

R(config)#ip route 4.0.0.0 255.0.0.0 6.0.0.1

R(config)#ip route 8.0.0.0 255.0.0.0 6.0.0.2

R(config)#ip route 8.0.0.0 255.0.0.0 7.0.0.2

R(config)#ip routr 7.0.0.0 255.0.0.0 6.0.0.1

R(config)#ip route 7.0.0.0 255.0.0.0 6.0.0.1

R(config)#ip route 9.0.0.0 255.0.0.0 7.0.0.2

R(config)#ip route 7.0.0.0 255.0.0.0 6.0.0.1

Static routing configuration on R4:

R(config)#ip route 1.0.0.0 255.0.0.0 2.0.0.2

R(config)#ip route 2.0.0.0 255.0.0.0 7.0.0.1

R(config)#ip route 5.0.0.0 255.0.0.0 6.0.0.2

R(config)#ip route 6.0.0.0 255.0.0.0 7.0.0.1

R(config)#ip route 3.0.0.0 255.0.0.0 4.0.0.2

R(config)#ip route 4.0.0.0 255.0.0.0 7.0.0.1

Now check routing table on Middle router:

#show ip route

Gateway of last resort is not set

S 1.0.0.0/8 [1/0] via 2.0.0.2

C 2.0.0.0/8 is directly connected, Serial0/1/1

S 3.0.0.0/8 [1/0] via 4.0.0.2

C 4.0.0.0/8 is directly connected, Serial0/0/1

S 5.0.0.0/8 [1/0] via 6.0.0.2

C 6.0.0.0/8 is directly connected, Serial0/0/0

C 7.0.0.0/8 is directly connected, Serial0/1/0

S 8.0.0.0/8 [1/0] via 2.0.0.2 [1/0] via 7.0.0.2

S 9.0.0.0/8 [1/0] via 2.0.0.2 [1/0] via 7.0.0.2

Collision & Broadcast domain

Collision domain

A collision domain, as the name implies, is the part of a network where packet collisions can occur. A collision occurs when two devices simultaneously send a packet in the shared network segment. Packages collide and both devices must retransmit packets, which reduces network performance. Collisions are often in a hub environment because each port of a hub is in the same collision domain. In contrast, each port is on a bridge, a power switch, or a router in a separate collision domain.

The following examples illustrate collision domains:

Collision domains

In the above example we have 6 collision domains.

NOTE

Note that each port of a hub is in the same collision domain. Each port on a bridge, power switch, or router is in a separate collision domain.

Broadcast domain

A broadcast domain is the domain to which a broadcast is routed. A broadcast domain contains all devices that can broadcast over the data link layer (OSI Layer 2). All ports on a hub or switch are in the same broadcast domain by default. All ports of a router are in the different shipping domains, and routers do not send mail from one sending domain to another.

The following example illustrates the concept:

Broadcast domains

In the screenshot above, we have three broadcast domains because all ports on a hub or switch are in the same broadcast domain and all ports on a router are in a different broadcast domain.

CCNA 200-125 Exam: IPv6 OSPF Sim With Answers

Question

All routers run IPv6 OSPF with process ID 100. The IPv4 address of Loopback0 is the OSPF router's ID for each router.

A provider connection is located on the HQ router and you must configure a default IPv6 route in HQ and ensure that this route is announced in the IPv6 OSPF process. Also fix the reason why HQ does not make an IPv6 OSPF neighbor with BR.

Requirement:

1. Configure the default IPv6 route on the HQ router with the default gateway for 2001: DB8: B: B1B2 :: 1
2. After configuring the default router in HQ, point the vendor's IPv6 address 2001: DB8: 0: 1111 :: 1
3. Verify that the default box appears in IPv6 OSPF router HQ. This default route should only be notified if HQ has a default route in the roster table
4. Router HQ does not form an IPv6 OSPF neighbor with BR. Solve the problem and solve it

Special Note: To get the maximum number of points, you must complete the necessary configurations and fix a problem with the IPv6 OSPF interface with the BR BR. IPv6 OSPFv3 must be configured without using address families. Do not change IPv6 OSPF Process ID.

Solution

1. Configure the default IPv6 route on the HQ router with the default gateway for 2001: DB8: B: B1B2 :: 1:

(config) # ipv6 unicast routing
(config) # ipv6-route :: / 0 2001: DB8: B: B1B2 :: 1

First, we need to enable IPv6 routing with the command "ipv6 unicast routing" before we configure a default route on the HQ router.

2. Verify by testing the IPv6 address for the 2001 Provider: DB8: 0: 1111 :: 1, after configuring the default route in HQ:

# ping ipv6 2001: DB8: 0: 1111 :: 1

Run the ping test to see if the default pane works. Ping must be successful.
3. Verify that the default box appears in IPv6 OSPF router HQ. This default route should only be notified if HQ has a default route in the schedule table:

(config) # ipv6 router ospf 100
(config-rtr) # default information

The "Default Information Origin" command generates a default route, and is sent to all other routers in OSPF domain, provided that the local router has configured a default route.

4. Router HQ does not form an IPv6 OSPF neighbor with BR. Solve the problem and solve it

Perhaps the interface S1 / 0 of HQ not enabled with IPv6 OSPF (check this with the command "show run" or "show ipv6 OSPF interface").

(config) #interface s1 / 0
(config-if) # ipv6 ospf 100 interval 0

After the configuration, use the ipv6 ospf command command in the main directory to see if BR is specified in the output.

Introduction to Cisco Catalyst 9200 Switch

Introduction to Cisco Catalyst 9200 Switch

Are you ready to upgrade Cisco Catalyst 2960 X / XR switch to Cisco 9200 Catalyst switch?
Today, November 13, 2018, Cisco announces a new 9200 Catalyst Switch in its Cisco Catalyst 9000 Portfolio, which already contains the Cisco Catalyst 9300, 9400 and 9500 switches. This Catalyst 9200 switch is an upgrade model for Cisco Catalyst 2960 X / XR switches. Cisco announces three different models in the Cisco Catalyst 9200 Switches.

The Cisco Catalyst 9200 Series Changer extends the performance of intentional networks and Cisco Catalyst 9000 hardware and software experience to a wider range of implementations. The Catalyst 9200 Series, with its family artocracy, offers the best catalyst properties of the next generation.

What do you get in the Cisco Catalyst 9200 Switch?
With a capacity of 160 Gbps per stack, you can get 4x1G SFP or 4X10G SFP + ports. Because it replaces the Cisco Catalyst 2960 X / XR switches, you can use the common operating system for switching, routing, wireless and IoT. The low-end access switches are manufactured using the IOS-XE operating system and standard programmable interfaces.


Figure 1.1 - Cisco Catalyst 9200 Switch

The Cisco Catalyst 9200 switches give you the same features as streaming telemetry. Yes, with Cisco Catalyst 2900, replaced by 9200, you can set an access switch in SD Access. XR switches with Cisco 9200 switches in my next article.

What are the different models of Cisco Catalyst 9200?

Cisco comes with the models below.
Catalyst 9200 24 and 48 port, fixed 1G uplink
Catalyst 9200 24- and 48-port fixed 10G uplinks
Catalyst 9200 Modular Uplinks with 24 and 48 ports


Catalyst 9200 24 and 48 port, fixed 1G uplink

For this type, Cisco launches two models with 1G uplink. These models are C9200L-24T / P-4G and C9200L-48T / P-4G. The features are below:
With the Cisco Catalyst 9200 switch, you have all the PoE + options available.
As mentioned earlier, you can get 4 x 1 G SFP uplink ports.
If you have a 48-port switch, you can get up to 48 ports with 30 W full PoE +
At low cost, you can now run SD Access, Cisco StackWise and MACsec
With the unnecessary power supplies and fans and IOS XE features.


Catalyst 9200 24- and 48-port fixed 10G uplinks

Cisco launches two 10G uplink models for this type. These models are C9200L-24T / P-4X and C9200L-48T / P-4X. The features are below:
With the Cisco Catalyst 9200 switch, you have all the PoE + options available.
As mentioned earlier, you can get uplink portals with 4 x 10 G SFP +.
If you have a 48-port switch, you can get up to 48 ports with 30 W full PoE +
At low cost, you can now run SD Access, Cisco StackWise and MACsec
With the unnecessary power supplies and fans and IOS XE features.


Catalyst 9200 24 and 48 port, modular uplinks

Cisco launches two 10G uplink models for this type. These models are C9200L-24T / P and C9200L-48T / P. The functions are below:
With the Cisco Catalyst 9200 switch, you have all the PoE + options available.
As mentioned earlier, you can get 4 x 1/10 G, 2 x 25/40 G modular uplinks
If you have a 48-port switch, you can get up to 48 ports with 30 W full PoE +
At low cost, you can now run SD Access, Cisco StackWise and MACsec
With the unnecessary power supplies and fans and IOS XE features.

Open Shortest Path First (OSPF) Cheatsheet for Free !!!

Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS). It is defined asOSPF Version 2 in RFC 2328 (1998) for IPv4.

EIGRP automatic & manual summarization

EIGRP automatic & manual summarization

Route Summary is a method of displaying multiple networks with a single summary URL. It is often used in large networks with many subnetworks, as it reduces the number of routes a router must maintain and minimizes the traffic used to route updates. There are two methods for route summary: automatic summary and manual summary.

EIGRP auto summary

In EIGRP, the automatic summary function is enabled by default. For this reason, routes are grouped into routing updates in class-related addresses at network boundaries.

Consider the following example to better understand the concept of auto summary.

Routers R1 and R2 perform EIGRP. The router R1 has the locally connected subnet 10.0.1.0/24, which is communicated with the router R2. Due to the automatic resume function, the router R1 completes the network 10.0.1.0/24 before the box is sent to R2. If the autoscroll function is enabled, R1 sends the classified route 10.0.0.0/8 to R2 instead of the more specific 10.0.1.0/24 route.

At R1, we have configured the following network declaration:

Due to the auto summary function, R2 gets the route to the 10.0.0.0 / 8 network:

The auto-summary feature can cause problems with non-neighboring networks. Because of this, this feature is usually disabled. This is done with the command no automatic summary:

Now, R2 has the classless way to reach subnet 10.0.1.0/24:

EIGRP manual summary

One of the advantages of EIGRP over some other routing protocols (like OSPF) is that manual resync can be done on any router within a network. A single route can be used to represent multiple routes, reducing the size of routing tables in a network.

The manual summary is configured for each interface. The syntax command is:

(config-if) IP Summary Address Eigrp ASN SUMMARY_ADDRESS SUBNET_MASK

An example helps you understand the concept of manual summary:

Routers R1 and R2 perform EIGRP. The router R1 (left) has two online subnet networks: 10.0.0.0/24 and 10.0.1.0/24. EIGRP announces these subnetworks as two separate routes. R2 now has two routes for two subnetworks that can be confirmed by the show ip-rut command of R2:

We could configure R1 to only announce a summary route for both subnetworks, reducing R2's routing table. The following command can be used for this:

EIGRP Manual Summary

Now R1 only sends one route to reach both subnet to R2. We can verify this with the show ip routing command on R2:

Displays the summary of the IP box manually

Now R2 only has a route to reach both subnet of R1.