WIXLIB

A PRACTICAL GUIDE TOADVANCED NETWORKINGJEFFREY S. BEASLEY AND PIYASAT NILKAEWPearson800 East 96th StreetIndianapolis, Indiana 46240 USA

A PRACTICAL GUIDE TO ADVANCED NETWORKINGASSOCIATE PUBLISHERCopyright 2013 by Pearson Education, Inc.EXECUTIVE EDITORAll rights reserved. No part of this book shall be reproduced, stored in a retrieval system,or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed withrespect to the use of the information contained herein. Although every precaution has beentaken in the preparation of this book, the publisher and author assume no responsibility forerrors or omissions. Nor is any liability assumed for damages resulting from the use of theinformation contained herein.ISBN-13: 978-0-7897-4904-8ISBN-10: 0-7897-4904-1Dave DusthimerBrett BartowSENIOR DEVELOPMENT EDITORChristopher ClevelandMANAGING EDITORSandra SchroederPROJECT EDITORMandie FrankThe Library of Congress Cataloging-in-Publication Data is on file.Printed in the United States of AmericaCOPY EDITORSheri CainFirst Printing: November 2012INDEXERTrademarksAll terms mentioned in this book that are known to be trademarks or service marks havebeen appropriately capitalized. Pearson IT Certification cannot attest to the accuracy ofthis information. Use of a term in this book should not be regarded as affecting the validityof any trademark or service mark.Warning and DisclaimerEvery effort has been made to make this book as complete and as accurate as possible, butno warranty or fitness is implied. The information provided is on an “as is” basis. The authors and the publisher shall have neither liability nor responsibility to any person or entitywith respect to any loss or damages arising from the information contained in this book orfrom the use of the CD or programs accompanying it.Ken JohnsonPROOFREADERSLeslie JosephDan KnottTECHNICAL EDITORSIantha Finley MalbonWayne RandallPUBLISHING COORDINATORVanessa EvansINTERIOR DESIGNERBulk SalesGary AdairPearson IT Certification offers excellent discounts on this book when ordered in quantityfor bulk purchases or special sales. For more information, please contactCOVER DESIGNERU.S. Corporate and Government or sales outside of the U.S., please contactInternational Salesinternational@pearsoned.comiiChuti PrasertsithCOMPOSITORBronkella Publishing

CONTENTS AT A GLANCEIntroduction1 Network Infrastructure Designxvi22 Advanced Router Configuration I523 Advanced Router Configuration II984 Configuring Juniper Routers1585 Configuring and Managing the Network Infrastructure1886 Analyzing Network Data Traffic2267 Network Security2668 IPv63069 Linux Networking33610 Internet Routing39611 Voice over IP428Glossary456Index472iii

TABLE OF CONTENTSIntroductionCHAPTER 1 Network Infrastructure DesignChapter OutlineObjectivesKey TermsINTRODUCTION1-1 PHYSICAL NETWORK DESIGNCoreDistribution LayerAccess LayerData FlowSelecting the Media1-2 IP SUBNET DESIGNIP Address RangeDetermining the Number of Subnetworks Needed for the NetworkDetermining the Size or the Number of IP Host Addresses Needed for the NetworkIP Assignment1-3 VLAN NETWORKVirtual LAN (VLAN)VLAN ConfigurationVLAN Tagging802.1Q ConfigurationNetworking Challenge: Static VLAN ConfigurationConfiguring the HP Procurve Switch1-4 ROUTED NETWORKRouterGateway AddressNetwork SegmentsMultilayer SwitchLayer 3 Routed NetworksRouted Port ConfigurationInterVLAN Routing ConfigurationSerial and ATM Port ConfigurationSummaryQuestions and 6272829303132333335374446

CHAPTER 2 Advanced Router Configuration I52Chapter OutlineObjectivesKey TermsIntroduction2-1 CONFIGURING STATIC ROUTINGGateway of Last ResortConfiguring Static RoutesLoad Balancing and RedundancyNetworking Challenge—Static Routes2-2 DYNAMIC ROUTING PROTOCOLSDistance Vector ProtocolsLink State Protocols2-3 CONFIGURING RIPv2Configuring Routes with RIPConfiguring Routes with RIP Version 2Networking Challenge—RIP2-4 TFTP—Trivial File Transfer ProtocolConfiguring TFTPSummaryQuestions and APTER 3 Advanced Router Configuration II98Chapter OutlineObjectivesKey TermsINTRODUCTION3-1 CONFIGURING LINK STATE PROTOCOLS—OSPFLink State ProtocolsConfiguring Routes with OSPFLoad Balancing and Redundancy with OSPFNetworking Challenge—OSPF3-2 CONFIGURING LINK STATE PROTOCOLS—IS-ISConfiguring Routes with IS-ISLoad Balancing and Redundancy with IS-ISNetworking Challenge: IS-IS999999101101102103109111112113117118CONTENTSv

3-3CONFIGURING HYBRID ROUTING PROTOCOLS—EIGRPConfiguring Routes with EIGRPLoad Balancing and RedundancyNetworking Challenge: EIGRP3-4 ADVANCED ROUTING REDISTRIBUTIONRoute Redistribution into RIPRoute Redistribution into OSPFRoute Redistribution into EIGRPRoute Redistribution into IS-IS3-5 ANALYZING OSPF “HELLO” PACKETSSummaryQuestions and ProblemsCHAPTER 4 Configuring Juniper RoutersChapter OutlineObjectivesKey TermsINTRODUCTION4-1 OPERATIONAL MODE4-2 ROUTER CONFIGURATION MODEDisplaying the Router InterfacesHostname ConfigurationAssigning an IP Address to an Interface4-3 CONFIGURING ROUTES ON JUNIPER ROUTERSConfigure STATIC Routes on Juniper RoutersConfigure RIP on Juniper RoutersConfigure OSPF on Juniper RoutersConfigure IS-IS on Juniper Routers4-4 CONFIGURING ROUTE REDISTRIBUTION ON JUNIPER ROUTERSSummaryQuestions and 78182182

CHAPTER 5 CONFIGURING AND MANAGING THE NETWORKINFRASTRUCTURE188Chapter OutlineObjectivesKey TermsIntroduction5-1 DOMAIN NAME AND IP ASSIGNMENT5-2 IP MANAGEMENT WITH DHCPDHCP Data PacketsDHCP Deployment5-3 SCALING THE NETWORK WITH NAT AND PATConfiguring NAT5-4 DOMAIN NAME SERVICE (DNS)DNS Tree HierarchyDNS Resource RecordsSummaryQuestions and 220CHAPTER 6 Analyzing Network Data Traffic226Chapter OutlineObjectivesKey TermsINTRODUCTION6-1 PROTOCOL ANALYSIS/FORENSICSBasic TCP/UDP ForensicsARP and ICMP6-2 WIRESHARK PROTOCOL ANALYZERUsing Wireshark to Capture Packets6-3 ANALYZING NETWORK DATA TRAFFICConfiguring SNMPNetFlow6-4 FILTERINGFTP FilteringRight-Click Filtering Logic RulesFiltering DHCPSummaryQuestions and 258260262262CONTENTSvii

CHAPTER 7 Network SecurityChapter OutlineObjectivesKey TermsINTRODUCTION7-1 DENIAL OF SERVICEDistributed Denial of Service Attacks (DDoS)7-2 FIREWALLS AND ACCESS LISTSNetwork Attack PreventionAccess Lists7-3 Router SecurityRouter AccessRouter ServicesRouter Logging and Access-List7-4 Switch SecuritySwitch Port SecuritySwitch Special Features7-5 Wireless Security7-6 VPN SecurityVPN Tunneling ProtocolsConfiguring a VPN Virtual Interface (Router to Router)Troubleshooting the VPN Tunnel LinkSummaryQuestions and ProblemsCHAPTER 8 IPv6Chapter OutlineObjectivesKey TermsIntroduction8-1 Comparison of IPv6 and IPv48-2 IPV6 ADDRESSING8-3 IPv6 Network Settings8-4 Configuring a Router for IPv68-5 IPv6 RoutingIPv6: StaticIPv6: RIPIPv6: 308308311315320324324324325

IPv6: EIGRPIPv6: IS-IS8-6 Troubleshooting IPv6 ConnectionSummaryQuestions and Problems325326327329329CHAPTER 9 Linux Networking336Chapter OutlineObjectivesKey TermsINTRODUCTION9-1 LOGGING ON TO LINUXAdding a User Account9-2 LINUX FILE STRUCTURE AND FILE COMMANDSListing FilesDisplaying File ContentsDirectory OperationsFile OperationsPermissions and Ownership9-3 LINUX ADMINISTRATION COMMANDSThe man (manual) CommandThe ps (processes) CommandThe su (substitute user) CommandThe mount CommandThe shutdown CommandLinux Tips9-4 ADDING APPLICATIONS TO LINUX9-5 LINUX NETWORKINGInstalling SSHThe FTP ClientDNS Service on LinuxChanging the Hostname9-6 TROUBLESHOOTING SYSTEM AND NETWORK PROBLEMS WITH LINUXTroubleshooting Boot ProcessesListing Users on the SystemNetwork SecurityEnabling and Disabling Boot NTENTSix

9-7 MANAGING THE LINUX SYSTEMSummaryQuestions and ProblemsCHAPTER 10 Internet RoutingChapter OutlineObjectivesKey TermsINTRODUCTION10-1 INTERNET ROUTING—BGPConfiguring a WAN ConnectionConfiguring an Internet Connection10-2 CONFIGURING BGPConfiguring BGPNetworking Challenge: BGP10-3 BGP BEST PATH SELECTION10-4 IPv6 OVER THE INTERNET10-5 CONFIGURE BGP ON JUNIPER ROUTERSSummaryQuestions and ProblemsCHAPTER 11 Voice over IPChapter OutlineObjectivesKey TermsINTRODUCTION11-1 THE BASICS OF VOICE OVER IP11-2 VOICE OVER IP NETWORKSReplacing an Existing PBX Tie LineUpgrading Existing PBXs to Support IP TelephonySwitching to a Complete IP Telephony Solution11-3 QUALITY OF SERVICEJitterNetwork LatencyQueuingQOS Configuration 436438438439439440

11-4ANALYZING VoIP DATA PACKETSAnalyzing VoIP Telephone Call Data Packets11-5 VoIP SECURITYSummaryQuestions and Problems442446449452452Key Terms Glossary456Index472CONTENTSxi

ABOUT THE AUTHORSJeffrey S. Beasley is with the Department of Engineering Technology and Surveying Engineering at NewMexico State University. He has been teaching with the department since 1988 and is the co-author of ModernElectronic Communication and Electronic Devices and Circuits, and the author of Networking.Piyasat Nilkaew is a network engineer with 15 years of experience in network management and consulting,and has extensive expertise in deploying and integrating multiprotocol and multivendor data, voice, and videonetwork solutions on limited budgets.xii

DEDICATIONSThis book is dedicated to my family, Kim, Damon, and Dana. —Jeff BeasleyThis book is dedicated to Jeff Harris and Norma Grijalva. Not only have you given me my networking career, butyou are also my mentors. You inspire me to think outside the box and motivate me to continue improving myskills. Thank you for giving me the opportunity of a lifetime. I am very grateful. —Piyasat NilkaewACKNOWLEDGMENTSI am grateful to the many people who have helped with this text. My sincere thanks go to the following technicalconsultants: Danny Bosch and Matthew Peralta for sharing their expertise with optical networks and unshielded twistedpair cabling, and Don Yates for his help with the initial Net-Challenge Software. Abel Sanchez, for his review of the Linux Networking chapter.I also want to thank my many past and present students for their help with this book: David Potts, Jonathan Trejo, and Nate Murillo for their work on the Net-Challenge Software. Josiah Jones,Raul Marquez Jr., Brandon Wise, and Chris Lascano for their help with the Wireshark material. Also,thanks to Wayne Randall and Iantha Finley Malbon for the chapter reviews.Your efforts are greatly appreciated.I appreciate the excellent feedback of the following reviewers: Phillip Davis, DelMar College, TX; Thomas D.Edwards, Carteret Community College, NC; William Hessmiller, Editors & Training Associates; Bill Liu, DeVryUniversity, CA; and Timothy Staley, DeVry University, TX.My thanks to the people at Pearson for making this project possible: Dave Dusthimer, for providing me with theopportunity to work on this book, and Vanessa Evans, for helping make this process enjoyable. Thanks to BrettBartow, Christopher Cleveland, and all the people at Pearson, and to the many technical editors for their help withediting the manuscript.Special thanks to our families for their continued support and patience.—Jeffrey S. Beasley and Piyasat Nilkaewxiii