Documente Academic
Documente Profesional
Documente Cultură
RLcurs 04
RLcurs 04
4
IPv4iIPv6
October25,2011
Obiec9ve
DHCP
ICMP
IPv6
PPPiPPPoE
Cursul4
DHCP
Rol
Funcionare
DHCPRelay
DHCP
DynamicHostCongura9onProtocol
FolositdeostaiepentruaideterminaautomatadresaIP
EstenecesarunserverDHCP
Acestapoateunrutersauuncalculatordedicatdinreea
Deceesteu9lDHCP?
AdresIP?
IP:192.168.0.1
DHCP
Broadcast
Unicast
Broadcast
Unicast
1.DHCPDiscover
2.DHCPOer
3.DHCPRequest
4.DHCPAcknowledgment
DHCP1.Discovery
1.Discovery
2.Oer
3.Request
4.Ack
ClientultrimiteunbroadcastUDPpereeaua
local
ServereleDHCPdinreeaaucongurate
DHCPpoolscarereprezintdefaptseturide
adresecepotasignateclienilor
LaprimireaunuiDHCPdiscover,ecare
serverrezervpentruclientulrespec9vo
adresIP
Peunserverpotconguratemaimulte
DHCPpools;reeauadincarevaalocat
adresaestealeasnfunciedeIPul
interfeeipecaresaprimitcererea
DHCP2.Oer
1.Discovery
2.Oer
3.Request
4.Ack
DuprezervareaIPului,serverultrimiteun
rspunsunicastclientului
Rspunsultrebuiesconinurmtoarele
cmpuri:
AdresaMACaclientului
Adresaoferitdeserver
Mascadereeaaadresei
Durataleaseului
AdresaserveruluideDHCP
Leaseulreprezintduratade9mppentru
careadresaIPesterezervatclientului
DHCP3.Request
1.Discovery
2.Oer
3.Request
Clientultrimiteunbroadcastpentruaspune
dacofertaesteacceptat
Clientul9eadresaIPaserverului.Deceeste
necesarunmesajdebroadcast?
R:Potexistamul9pleservereDHCPnreea.Toate
trebuieinformatedealegereaclientuluipentrua
puteaeliberaadreselerezervatenprimeledou
faze.
4.Ack
DHCP4.Acknowledgment
1.Discovery
2.Oer
3.Request
4.Ack
Serverulitransmiteclientuluicprocesulsa
ncheiatiadresaiafostatribuitpedurata
leaseului
Dacleaseulseapropiedeexpirare,clientul
poatecereoprelungire
Existposibilitateacalaexpirareclientuls
cearadresapecareaavutonainte
Deceesteu9lpstrareaadresei?
nAckpottrimiseialteinformaiicerute
declient:
Defaultgateway
ServereDNS
9
DHCPrelay
ExistsituaiincareserverulDHCPnuestenreeaualocal
Deoarecemesajulesteunbroadcastctre255.255.255.255
acestanupoatetransmisnaltereele
RedirectareauneicereriDHCPsepoatefaceprincongurarea
DHCPRelayperuteruldinreeaualocal
CerereaDHCPvaredirectatctreIPulserveruluideDHCPdin
altreea
Discover
?.?.?.?
Gateway
10.0.0.1
90.0.0.1
DHCPRelayctre
90.0.0.2
90.0.0.2
DHCP Server
10
Cursul4
ICMP
CeesteICMP
U9litarulping
U9litarultraceroute
CeesteICMP
Reelelesuntstructuricomplexecesuntpredispuseladefecte
Comportamentulreelelorpoatesnuentocmaiceldoritde
administratori/u9lizatori(deexemplubinecunoscutulnumerge
netul)
ProtocolulICMP(InternetControlMessageProtocol)esteu9lizat
niden9careaeroriloraprutenreele
ICMP
Esteunprotocoldenivelul3
ConsideratunprotocolauxiliarIPului
SemnaleazprilorimplicatencomunicaiiIPeventualeeroriceaparla
acestnivel
MaiestefolositipentruatransmiteanumiteinformaiispeciceIPului
(TermsofService,FlowControl,etc.)
12
Exempledeerori
Pachetulajungelaunrutercarenugsetedes9naiantabelasa
derutare;pachetulestearuncat
EmitorulesteinformatprintrunmesajICMPDes9na9onUnreachable
PachetulafostprinsntrobuclderutareiTTLulajungela0;
pachetulestearuncat
EmitorulesteinformatprintrunmesajICMPTimeExceeded
13
U9litarulping
Scop:Testareafuncionriicomunicaieidenivel3cuodes9naie
Funcionare:EstetrimisunmesajICMPEchoctredes9naiei
seateaptprimireaunuimesajICMPEchoReply
Exemplu:
14
U9litarultraceroute
Scop:Vericareaciipecareoiaupachetelectreodes9naie
Funcionare:Setrimit,pernd,mesajeICMPEchoctre
des9naiencepndcuunTTLde1;dupceseprimetemesajul
deICMPTimeExceededsenoteazsursaacestuiaisetrimiteun
noumesajcuunTTLincrementat(Obs:uneleu9litarefolosesc
UDPpentruadeterminacalea)
Exemplu:
15
DincursulanteriordezavantajeIPv4
Adreseinsucientepentruafacefacreterii
numruluidedispozi9vecuacceslaInternet
Antetcomplicat
Nusuportpachetededimensiunifoartemari
SuportreduspentruMul9castiIPsec
NATintroducemulteprobleme
16
Cursul4
IPv6
AvantajeleIPv6
Formatantet
AdresaIPv6
AvantajeleIPv6
IPv6afostdezvoltatcuscopuldearezolvaproblemele
protocoluluiIPv4
Spaiudeadresemultmaimare
Suportsimplicatpentrumul9cast
Adreseautocongurabile
SuportpentruIPsec
Antetecient
Jumbograme(pachetedepnla4Gb)
18
Formatulantetului
Version
TracClass
FlowLabel
PayloadLength
NextHeader
HopLimit
SourceIPAddress(128bits)
Des9na9onIPAddress(128bits)
Data
19
Numerehexazecimale
Numerenbaza16
Cifrelesuntreprezentatedesimbolurile09iAF
8bii(unoctet)potreprezentaicadoucifrehexa
4biipotreprezentaicaosingurcifrhexaaspel:
Bii
Baza16
Bii
Baza16
0000
1000
0001
1001
0010
1010
0011
1011
0100
1100
0101
1101
0110
1110
0111
1111
F
20
Numerehexazecimale
Transformainhexazecimalurmtoruloctet:
6
01101011
TransformainhexazecimalurmtoareaadresIP:
11000000
C0
10101000
A8
01011101
5D
00001010
0A
192.168.93.10
21
AdresaIPv6
128bii
Reprezentatncifrehexazecimale:
2001:0db8:1f70:0000:0000:0de8:7648:06e8
Zerouriledinfaaecruigruppotomisepentruascurta
adresa:
2001:db8:1f70:0000:0000:de8:7648:6e8
Unsingurircon9nuudezerouridinfapoateprescurtat
ca:::
2001:db8:1f70::de8:7648:6e8
22
SubnetareIPv6
Iden9ccuIPv4laniveldebit
Datoritnumruluimaredeadrese,poatefolositurmtoarea
convenie:
2001:0000:0000:0000:02D0:58FF:FEA9:1901
Parteadereea
Parteadehost
Procesuldesubnetareselimiteazlaparteadereea
Cemascdereeaareadresademaisus?
R:/64
23
Exerciiu
Subnetaireeauaurmtoaren32desubreelededimensiuni
egale
2001:0000:0000:0000:02D0:58FF:FEA9:1901/16
R:
32desubreelepotcodicatecu5bii
2001:0000:0000:0000:02D0:58FF:FEA9:1901/16
00000000(binar)
Soluiaeste:
2001:0000:0000:0000:02D0:58FF:FEA9:1901/21
2001:0800:0000:0000:02D0:58FF:FEA9:1901/21
2001:1000:0000:0000:02D0:58FF:FEA9:1901/21
2001:1800:0000:0000:02D0:58FF:FEA9:1901/21
2001:F800:0000:0000:02D0:58FF:FEA9:1901/21
24
TipurideadreseIPv6
Adres
Rol
Loopback
::1
Testareas9veiTCP/IP
Globalunicast
2000::/3
Transmisiiunicast
Linklocal
FE80::/10
Comunicaiinacelai
segmentdereea
MulYcast
FF00::/8
Transmisiictreungrup
Broadcast
???
Rutdefault
::/0
Folositnrutare
(detaliincursul6)
EsteoadrescencepecuFEB7oadreslinklocal?
R:Da.Doarprimii10biitrebuieseaceiai.
25
Adreseeui64
PermitecreareadeadreseunicentrunLANporninddoardela
adresadereea
CreeazoadresIPv6dehostdelaadresadereeaiadresa
MACainterfeeizice:
Biideumplutur
.fe
AdresMAC
00.d0.58.a9.19.01
00.d0.58..fe.a9.19.01
Adresadereea
2001:0000:0000:00A0
Inversarebit7
02.d0.58..fe.a9.19.01
2001:0000:0000:00A0:02D0:58FF:FEA9:1901
26
DincursulanteriorTopologieexemplu
192.168.17.35/26
B
192.168.17.64/26
A
SW1
192.168.17.31/27
C
27
TopologieexempluIPv6
PotexistamaimulteadreseIPv6peaceeaiinterfa
Fiecareinterfaareioadreslinklocalgeneratautomatpe
bazaMACului
FE80::2D0:58FF:FEA9:1902/64
2001:0:0:1::B/64
FE80::2D0:58FF:FEA9:1901/64
2001:0:0:1::A/64
A
SW1
B
FE80::2D0:58FF:FEA9:1903/64
2001:0:0:1::C/64
C
28
NDP
NetworkDiscoveryProtocol
Includeurmtoarelefuncionaliti:
Autocongurareaadreselor
Descoperireaechipamentelordinreea
Determinareaadreselordenivel2
Descoperireagatewayului
Descoperireaadreseidereea(prexului)
Descoperireaadreselorduplicat
FolosetemesajeICMPpentruandeplinifuncionalitile
29
ICMPv6
ProtocolcendeplineterolulICMPpentruprotocolulIPv6
5mesajeICMPv6suntfolositedeNDPpentruaoferiservicii
automatenreeaualocal
Router
Solicita9on
(133)
Folositdestaiipentruacereinformaiituturorruterelor
dinreeaualocal
Trimiseperiodicderuteresaucarspunslacerereaunui
RS
Router
Pebazaacestormesajeostaieiconstruietedinamic
Adver9sement
listaderuteredefault(defaultgateway)
(134)
Folositnstatelessautocongpentrudescoperirea
prexuluireelei
30
ICMPv6
Neighbor
Solicita9on
(135)
Folositpentruadescoperiadreselelinklocalalevecinilor
cndsecunoateadresaIPv6(similarARP)
Folositpentruadeterminadacexistconec9vitatecu
unvecin
Detecteazadreseleduplicaten9mpulprocesuluide
autocongurare
TrimisecarspunslaunNS
Trimiseautomatatuncicndarelocoschimbarea
Neighbor
Adver9sement
adreseidenivel2
LaprimireaunuiNAecarenodiactualizeazlistade
(136)
vecini
Redirect
(137)
Folositederuterepentruaindicahosturilorcpentru
des9naiadoritesterecomandatfolosireaunuialt
ruterdinreea
31
Autocongurare(stateless)
RFC2462
Nunecesitnicioconguraresuplimentarnreeaualocal
OferdoaradresIPglobalidefaultgateway
PentruDNSialteinformaiiestenecesarinstalareaunuiserverDHCPv6
Pai:
1. SegenereazadresalinklocalprinconcatenareaFE80::/64cueui64(saucu
unalttokengeneratpe64debii)
2. Setesteazdacadresalinklocalesteunic
3. Daceunic,seasigneazadresalinklocalinterfeeizice
4. SencearcdescoperireaunuiruterlocalprinascultareaRAurilorsau
forareaunuiRAprintrimitereaunuiRS
5. RuterulrspundenRAcu9pulautocongurriidinreeaualocal(Cmpul
MdincmpulAutocongFlagsdinmesajulRA)
6. Dacefolositautocongurarestateless,segenereazadresaunicprin
concatenareaprexuluiprimitnRAcuul9mii64debiidinadresadela
pasul1
32
Autocongurare(stateless)
0.Stareiniialreea
Fa0/0
SW1
Ruter
(fr DHCP)
B
InformaiiIPv6peA:
AdresFa0/0:
StareFa0/0:Shutdown
Listruteredefault:
Listprexe:
FE80::/10
33
Autocongurare(stateless)
1.GenerareadreslinklocallaridicareainterfeeiFa0/0
Fa0/0
Generatlinklocal:
FE80::02D0:58FF:FEA9:1901/64
InformaiiIPv6peA:
SW1
Ruter
(fr DHCP)
B
AdresFa0/0:
StareFa0/0:Up
Listruteredefault:
Listprexe:
FE80::/10
34
Autocongurare(stateless)
2.Testareaunicitiiadreseilinklocal(DADDuplicateAddressDetec9on)
NA
NS
Fa0/0
InformaiiIPv6peA:
NA
Esteunicadresa?
FE80::02D0:58FF:FEA9:1901/64
SW1
Ruter
(fr DHCP)
UnNAetrimisca
rspunsdoardac
adresaeunduplicat
AdresFa0/0:
StareFa0/0:Up
Listruteredefault:
Listprexe:
FE80::/10
35
Autocongurare(stateless)
3.AdresalinklocalunicesteasignatinterfeeiFa0/0
Fa0/0
Adresaesteunicdecipoate
adugatpeinterfa.
FE80::02D0:58FF:FEA9:1901/64
InformaiiIPv6peA:
StareFa0/0:Up
Listruteredefault:
SW1
Ruter
(fr DHCP)
B
AdresFa0/0:
FE80::2D0:58FF:FEA9:1901/64
Listprexe:
FE80::/10
36
Autocongurare(stateless)
4.StaiaAcereunRApentruanuateptaupdateulperiodic
RS
Fa0/0
SW1
Ruter
(fr DHCP)
B
InformaiiIPv6peA:
StareFa0/0:Up
Listruteredefault:
AdresFa0/0:
FE80::02D0:58FF:FEA9:1901/64
Listprexe:
FE80::/10
37
Autocongurare(stateless)
5.RuterulrspundecuunRAncareicomunicstaieiprexeledinreea,
adresasalinklocalifaptulcpoatefolosistatelessautocongura9on
A
RA
Fa0/0
SW1
Ruter
(fr DHCP)
B
InformaiiIPv6peA:
StareFa0/0:Up
Listruteredefault:
FE80::2D0:D3FF:FE25:C02/64
AdresFa0/0:
FE80::2D0:58FF:FEA9:1901/64
Listprexe:
FE80::/10
2001:0:0:1234::/64
38
Autocongurare(stateless)
6.Agenereazadreseglobalefolosindprexeleobinutenpasulanteriori
ul9maporiunedinadresasalinklocal
A
RA
Fa0/0
SW1
Ruter
(fr DHCP)
B
InformaiiIPv6peA:
StareFa0/0:Up
Listruteredefault:
FE80::2D0:D3FF:FE25:C02/64
AdresFa0/0:
FE80::2D0:58FF:FEA9:1901/64
2001::1234:2D0:58FF:FEA9:1901/64
Listprexe:
FE80::/10
2001:0:0:1234::/64
39
Autocongurare(stateful)
NecesitcongurareaunuiserverdeDHCPv6
DHCPv6esteu9ldoarnasigurareaunorserviciisuplimentaren
reea(adresareaIPesterezolvatmultmaiuordestateless
autocong):
ServereDNS
ServereWINS
DomeniulDNS
ServereNTP
A
SW1
Ruter
(cu DHCP)
B
40
ARPIPv6?
Dincursulanterior:
CeesteARP?Laceniveldins9vaOSIopereaz?
DeceestenecesarARP?
Cumfuncioneaz?
ntroreeaIPv6,avemaceeaiproblem:cumputemaaadresa
MACdac9madresaIPv6?
ARPnuesteosoluie
Dece?CedefecteaveaARP?
UnnouprotocolaluatrolulARPuluipentruIPv6:NDP
41
Determinareaadreseidenivel2
OperaresimilarcuARP
FoloseteNSiNApentruadescoperiadresadenivel2:
NeighborSolicita9onpachetmul9castcareconinecerereaadreseide
nivel2
NeighborAdver9sementrspunsulceconineadresa
FE80::2D0:58FF:FEA9:1902/64
2001:0:0:1::B/64
B
FE80::2D0:58FF:FEA9:1901/64
2001:0:0:1::A/64
A
FE80::2D0:58FF:FEA9:1902/64
2001:0:0:1::C/64
SW1
1.NS
2.NA
42
Cursul4
PPP
Funcionare
PPPoE
PPP
PointtoPointProtocol
Funcioneazlanivelullegturdedate
OferfuncionaliticenusuntspecicatedeEthernet:
Auten9care
Criptare
Compresie
Estefolositpestenumeroasemediizice:
Liniiseriale
Liniitelefonice
Fibrop9c
Funcioneazattpestecircuitesincronectiasincrone
44
PPPoE
FolositdeISPuripentruacombinafuncionalitilesuplimentare
alePPPcuinfrastructuraEthernet
CadrelePPPsuntncapsulatencadreEthernet
RolulPPPestedeastabiliconexiunicudispozi9veleceintrn
reea,oferindaspelsecuritatesporit
Ethernet
PPP
IP
Auten9careicriptare
Transportcadrepesteinfrastructurazic
45
Cuvintecheie
PPP
PPPoE
Request
Ping
ICMP
Echo
Request
NS
ICMPv6
NA
RA
Oer
DHCP
Relay
Acknowledgment
Traceroute
Echo
Reply
RS
Discover
DHCPv6
Mul9cast
NDP
Autocongurare
IPv6
Linklocal
Jumbogram
DAD
46
TheEnd
?
R
47