1 / 68

Chapter 9

Chapter 9. Routing with Windows Server 2003. Lesson 1: Configuring Windows Server 2003 for LAN Routing Lesson 2: Configuring Demand-Dial Routing Lesson 3: Configuring NAT Lesson 4: Configuring and managing Routing Protocols Lesson 5: Configuring Packet Filters.

chipo
Télécharger la présentation

Chapter 9

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 9 Routing with Windows Server 2003

  2. Lesson 1: Configuring Windows Server 2003 for LAN Routing • Lesson 2: Configuring Demand-Dial Routing • Lesson 3: Configuring NAT • Lesson 4:Configuring and managing Routing Protocols • Lesson 5: Configuring Packet Filters

  3. Lesson 1: Configuring Windows Server 2003 for LAN Routing • Routing: is the process of transferring data across an internetwork from on LAN to another. • Routing is performed according a routing table • All IP hosts use routing table to forward the IP traffic

  4. Using Routing and Remote access (RRA) • Windows routing and remote access server can be easily integrated with windows feature as security, accounts, and group policy. • In RRA the number of network segment can be routed depending on the network interfaces installed on windows 2003 Computer running the service. (if the computer is configured 2 Nic and 1 modem) the RAA can route traffic for 3 networks

  5. Enabling Routing And Remote Access • RRA service is installed by windows server 2003 in disable state. • If the server is member server, you must add it to the RAS and IAS Group before the router can function. • If the server is already a domain controller, it will be automatically added to this security group.

  6. Using Routing And Remote Access Console To enable the RRAS ,Right click on server name, select configureand enable routing and remote access

  7. RAAS includes 2 nodes Network Interfaces Node IP Routing Node

  8. Network Interfaces Node • Network Interface is a software component that connects to the physical interface such as modem, Nic card • To configure routing throw RAAS make sure that the network interfaces are listed in the Network Interfaces Node

  9. Notes • Preconfigured dialed up connection are not available. • Preconfigured dial-up connections are not available in Routing And Remote Access. If you want to configure routing through an on-demand or persistent dial-up connection, a VPN connection, or a Point-to-Point Protocol over Ethernet (PPPoE) connection, you must add this connection type manually through the Network Interfaces

  10. Add a dial-UP Connection • 1. Open the Routing And Remote Access console. • 2. In the console tree, select Network Interfaces. • 3. Right-click Network Interfaces, and then choose New Demand-Dial Interface. • 4. Follow the instructions in the Demand Dial Interface Wizard.

  11. Add a routing interface, • 1. Open Routing And Remote Access. • 2. In the console tree, select General. • 3. Right-click General, and then choose New Interface. • 4. In Interfaces, select the interface you want to add, and then click OK. • 5. If applicable, complete any configuration dialog boxes for the interface.

  12. IP Routing Node • The IP Routing node allows you to configure basic features of IP routing. • The IP Routing node by default: has the following sub nodes • General,Static, Routes.NAT/Basic Firewall.

  13. Configuring Routing And Remote Access Service Properties • The RRA service properties in the properties dialog box of the server node in the Routing And Remote Access console has the following • routing, demand-dial, and remote access enabling; authentication • configuration; client address assignment; Point-to-Point Protocol (PPP) options; and • logging features.

  14. General Tab1/2

  15. General Tab2/2 • allows you to configure • Access service as a LAN router, • demand-dial router, • remote access server, • or all three.

  16. Security Tab 1/3 • The Security tab, allows you to configure authentication methods, connection request logging, and preshared keys for Internet Protocol Security • (IPSec). These security options are applied to remote access clients as well as to • demand-dial routers.

  17. Security Tab 2/3

  18. 3/3

  19. IP Tab 1/2

  20. IP Tab 2/2 • This tab allows you to configure the Routing And Remote Access service to route IP packets over LAN, remote access, or demand-dial connections. Whereas options in the General tab apply to routing, demand-dial, andremote access service in general, the function of the IP tab is to enable specifically IP traffic to pass through the various connection types. Consequently, to configure IP routing and remote access successfully, you must select appropriate options in both the General tab and the IP tab. • IP Address Assignment area of the IP tab, you can configure how the server assigns IP addresses to remote access clients. • when the Static Address Pool option is selected, Routing And Remote Access acts as its own DHCP-type server. • IP tab also includes an Enable Broadcast Name Resolution check box.

  21. PPP Tab

  22. PPP Tab • You use the PPP tab to negotiate and authenticate dial-up connections. • four PPP-related options: • Multilink Connections, • Dynamic Bandwidth Control Using BAP Or BACP • Link Control Protocol (LCP) Extensions, • Software Compression. • All four of these options are enabled by default

  23. Multilink Connections When you select the Multilink Connections check box, the Routing And Remote Access service allows Multilink connections from remote access clients. With Multilink, multiple physical links operate as a single logical link over which data is sent and received. Thus, PPP clients can increase their bandwidth by fusing separate connections to the remote access server. (Multilink requires additional configuration at the client.

  24. Dynamic Bandwidth Control Using BAP Or BACP When you select the Dynamic Bandwidth Control Using BAP Or BACP check box, Multilink connections add or drop additional PPP connections to accommodate a rise or fall in available bandwidth. Bandwidth Allocation Protocol (BAP) and Bandwidth Allocation Control Protocol (BACP) work together to provide this service, which is known as bandwidth on demand (BOD).

  25. Link Control Protocol (LCP) Extensions The Link Control Protocol (LCP) Extensions check box must be selected to support certain advanced PPP features such as callback. Leave this option enabled unless clients cannot successfully connect through PPP. Disabling this check box might resolve problems with older clients that do not support these extensions

  26. Software Compression • The Software Compression check box enables Routing And Remote Access to perform compression of PPP data at the software level. Leave this option enabled unless the modem connecting to the PPP client is capable of compressing PPP data at the hardware level.

  27. Logging Tab

  28. The Logging tab allows you to configure Routing And Remote Access logging options. By default, the Routing And Remote Access service is configured to log only errors and warnings. Note that this tab includes an option to log additional information for debugging.

  29. Node 1 General Certain features provided by the Routing And Remote Access service relate to IP routing in general. You can manage these features only in the General Properties dialog box associated with the General subnode within the IP Routing node in the Routing And Remote Access console.

  30. Logging Tab

  31. Logging Tab • This tab allows you to configure which IP routingevents are written to the Event Log. By default, only errors are written to the Event Log,but you can select two higher logging levels: Log Errors And Warnings and Log The Maximum Amount Of Information. In addition, you can disable logging in IP routing when you select the Disable Event Logging option.

  32. Preference Levels Tab IP routing decisions are performed according to routing tables and this feature allows you to arrange the priority of routes collected from various sources. When two sources provide a conflict in routes, only the route with the higher preference level is added to the routing table. These preference levels therefore supersede any metrics assigned to routes. Preference levels are listed in order. The first (top) route source has the highest priority and the lowest rank number (1). The lowest route source has the lowest priority and the highest rank number (120). You can adjust the rank of a route source by clicking a source on the list and using the Move Up button and Move Down button as needed.

  33. Preference Levels Tab

  34. Working with Routing Tables • Routers read the destination addresses of received packets and then route those packets according to directions provided by routing tables. • The routing table contains entries called routes that provide directions toward destination networks or hosts. Three types of routes exist: • ■ Host route This type of route provides a route to a specific destination host or to a broadcast address. In IP routing tables, host routes are distinguished by a 255.255.255.255 network mask. • ■ Network route This type of route provides a route to a specific destination network. In IP routing tables, network routes can be distinguished by any subnet mask between 0.0.0.0 and 255.255.255.255.

  35. Working with Routing Tables • Default route:Routing tables contain a single default route. This route is used to forward all packets whose destination address does not match any address listed in the routing table. In IP routing tables, the default route is defined by the 0.0.0.0 address and 0.0.0.0 network mask.

  36. Working with Routing Tables

  37. Viewing the IP Routing Table • To view your routing table type > route print

  38. Reading the IP Routing Table • Routers use routing tables to determine where to send packets. When IP packets are sent to an IP router, the router reads the destination address of the packet and compares that destination address to the entries in the routing table. One of these entries is used to determine which interface to use to send the packet and to which hop (gateway) the packet will be sent next. • Each routing table entry includes the five columns described in the following section

  39. Network Destination • This column provides entries that the router compares to the destination address of every received IP packet. A few of these entries are common to most routing tables. For example, the entry 0.0.0.0 represents the default route, used when no other matches are found in the routing table. The entry 127.0.0.0 points to the loopback address of 127.0.0.1, which corresponds to the local machine. Each entry of 224.0.0.0, furthermore, refers to a separate multicast route. Finally, entries with a final octet value of 255 represent a broadcast address. Broadcast addresses include specific subnet broadcast addresses, such as 192.168.1.255, and the limited broadcast address 255.255.255.255, which is general for all networks and routers.

  40. Netmask • The value in this column determines which part of the IP packet’s destination address is compared to the entries in the Network Destination column. This information is important because the largest match determines the route or table entry that is applied to the packet.

  41. Example

  42. The router receives two packets, the first destined for the address 192.168.1.1 and the second destined for the address 192.168.1.2. Both packets match the third routing table entry because the netmask value of 255.255.255.0 • However, only the first packet matches the fourth entry because the netmask of 255.255.255.255 signals that all four octets are compared to the table’s network destination value of 192.168.1.1. • The fourth entry is thus applied to the first packet because this entry represents the largest match in the routing table. In this manner, the third entry is applied to the second packet because that entry represents the packet’s only match in the routing table aside from the default route. • ???

  43. Gateway • When a particular route or table entry is applied to a packet, the gateway value determines the next address or hop for which that packet is destined. For example, according to the routing table shown in Figure 9-13, an IP packet with a destination such as 206.73.118.5 (which matches only the default route of 0.0.0.0) would next be forwarded to the gateway address of 207.46.252.3. Note that the gateway value for the default route is the same as the default gateway address configured in TCP/IP properties.

  44. Interface • When a particular route (table entry) is applied to a packet, the interface value specified in that route determines which local network interface is used to forward the packet to the next hop. For example, in Figure 9-13, an IP packet with a destination of 131.107.23.101 matches only the default route. According to the routing table, such a packet is sent through the interface 207.46.252.88 toward the default gateway address.

  45. Metric • This column indicates the cost of using a route. If separate routes (entries) match an IP packet’s destination address equally, the metric is used to determine which route is applied. • Lower metrics have precedence over higher metrics. • For the routing protocol RIP, the metric is determined by the number of hops before the network destination. However, you can use any algorithm to determine the metric if you are configuring a route manually.

  46. Static and Dynamic Routing • For every host and router, IP automatically builds a simple routing table that includes only the essential network destinations. These addresses can occur in eight types and include the default address, the loopback address, the default gateway address, locally configured addresses, local subnet addresses, local subnet broadcast addresses, the limited broadcast address, and multicast addresses for each adapter. • But in a complex network, a router needs to be told which among its many interfaces to use to send packets destined for unknown (nonneighboring) networks.

  47. Simple Routing Scenario In this configuration, routing protocols are not necessary, and static routes need not be added manually because the router is directly connected to all the networks to which it needs to route packets.

  48. Multiple-Router Scenario

  49. Multiple-Router Scenario • Router 1 must notify Router 2 that Network A can be reached through Router 1, and Router 2 must notify Router 1 that Network C can be reached through Router 2. This information is automatically communicated by means of routing protocols such as RIP or OSPF. When a user on Network A wants to communicate with a user on Network C, the user’s computer on Network A forwards the packet to Router1. Router 1 then forwards the packet to Router 2. Router 2 then forwards the packet to the user’s computer on Network C.

More Related