Assignment 3
Computer Network
BS-CS
Sec-5B
Muhammad Usman
Bcsm-f19-407
a) Classify ACL (Access Control Lists) and explains its features and operations?
Support your answer by labeling the diagrams?
 ACLs are lists of conditions that are applied to traffic traveling across a router's
interface.
 These lists tell the router what types of packets to accept or deny.
 Acceptance and denial can be based on specified conditions.
 ACLs enable management of traffic and secure access to and from a network.
Diagram:
Packet Filtering:
 A router acts as a packet filter when it forwards or denies packets according to
filtering rules.
 An ACL is a sequential list of permit or deny statements, known as access control
entries (ACEs).
ACL Operation:
 To filter network traffic, ACLs determine if routed packets are forwarded or blocked at
the router interfaces.
 The router examines each packet and will forward or discard it based on the conditions
specified in the ACL.
 An ACL makes routing decisions based on source address, destination address,
protocols, and upper-layer port numbers.
 ACLs must be defined on a per protocol, per direction, or per port basis.
 To control traffic flow on an interface, an ACL must be defined for each protocol enabled
on the interface.
 ACLs control traffic in one direction at a time on an interface.
Two separate ACLs must be created to control inbound and outbound
traffic.
(b) Classify about the Routing Protocols Types?
Types of Routing Protocols
There are mainly two types of Network Routing Protocols


Static
Dynamic
Routing Protocols
Static Routing Protocols
Static routing protocols are used when an administrator manually assigns the path from source
to the destination network. It offers more security to the network.
Advantages



No overhead on router CPU.
No unused bandwidth between links.
Only the administrator is able to add routes
Disadvantages



The administrator must know how each router is connected.
Not an ideal option for large networks as it is time intensive.
Whenever link fails all the network goes down which is not feasible in small networks.
Dynamic Routing Protocols
Dynamic routing protocols are another important type of routing protocol. It helps routers to add
information to their routing tables from connected routers automatically. These types of
protocols also send out topology updates whenever the network changes’ topological structure.
Advantage:



Easier to configure even on larger networks.
It will be dynamically able to choose a different route in case if a link goes down.
It helps you to do load balancing between multiple links.
Disadvantage:


Updates are shared between routers, so it consumes bandwidth.
Routing protocols put an additional load on router CPU or RAM.
Distance Vector Routing Protocol (DVR)
Distance Vector Protocols advertise their routing table to every directly connected neighbor at
specific time intervals using lots of bandwidths and slow converge.
In the Distance Vector routing protocol, when a route becomes unavailable, all routing tables
need to be updated with new information.
Advantages:


Updates of the network are exchanged periodically, and it is always broadcast.
This protocol always trusts route on routing information received from neighbor routers.
Disadvantages:

As the routing information are exchanged periodically, unnecessary traffic is generated,
which consumes available bandwidth.
Internet Routing Protocols:
The following are types of protocols which help data packets find their way across the Internet:
Routing Information Protocol (RIP)
RIP is used in both LAN and WAN Networks. It also runs on the Application layer of the OSI
model. The full form of RIP is the Routing Information Protocol. Two versions of RIP are
1. RIPv1
2. RIPv2
The original version or RIPv1 helps you determine network paths based on the IP destination
and the hop count journey. RIPv1 also interacts with the network by broadcasting its IP table to
all routers connected with the network.
RIPv2 is a little more sophisticated as it sends its routing table on to a multicast address.
Interior Gateway Protocol (IGP)
IGRP is a subtype of the distance-vector interior gateway protocol developed by CISCO. It is
introduced to overcome RIP limitations. The metrics used are load, bandwidth, delay, MTU, and
reliability. It is widely used by routers to exchange routing data within an autonomous system.
This type of routing protocol is the best for larger network size as it broadcasts after every 90
seconds, and it has a maximum hop count of 255. It helps you to sustain larger networks
compared to RIP. IGRP is also widely used as it is resistant to routing loop because it updates
itself automatically when route changes occur within the specific network. It is also given an
option to load balance traffic across equal or unequal metric cost paths.
Link State Routing Protocol
Link State Protocols take a unique approach to search the best routing path. In this protocol, the
route is calculated based on the speed of the path to the destination and the cost of resources.
Routing protocol tables:
Link state routing protocol maintains below given three tables:



Neighbor table: This table contains information about the neighbors of the router only.
For example, adjacency has been formed.
Topology table: This table stores information about the whole topology. For example, it
contains both the best and backup routes to a particular advertised network.
Routing table: This type of table contains all the best routes to the advertised network.
Advantages:



This protocol maintains separate tables for both the best route and the backup routes, so
it has more knowledge of the inter-network than any other distance vector routing
protocol.
Concept of triggered updates are used, so it does not consume any unnecessary
bandwidth.
Partial updates will be triggered when there is a topology change, so it does not need to
update where the whole routing table is exchanged.
Exterior Gateway Protocol (EGP)
EGP is a protocol used to exchange data between gateway hosts that are neighbors with each
other within autonomous systems. This routing protocol offers a forum for routers to share
information across different domains. The full form for EGP is the Exterior Gateway Protocol.
EGP protocol includes known routers, network addresses, route costs, or neighboring devices.
Enhanced Interior Gateway Routing Protocol (EIGRP)
EIGRP is a hybrid routing protocol that provides routing protocols, distance vector, and linkstate routing protocols. The full form routing protocol EIGRP is Enhanced Interior Gateway
Routing Protocol. It will route the same protocols that IGRP routes using the same composite
metrics as IGRP, which helps the network select the best path destination.
Open Shortest Path First (OSPF)
Open Shortest Path First (OSPF) protocol is a link-state IGP tailor-made for IP networks using
the Shortest Path First (SPF) method.
OSPF routing allows you to maintain databases detailing information about the surrounding
topology of the network. It also uses the Dijkstra algorithm (Shortest path algorithm) to
recalculate network paths when its topology changes. This protocol is also very secure, as it can
authenticate protocol changes to keep data secure.
c) Classify about the Distance Vector Routing Protocols (RIP) and its types?
Routing Information Protocol (RIP)
(RIP) is a dynamic routing protocol that uses hop count as a routing metric to find the best
path between the source and the destination network. It is a distance-vector routing protocol
that has an AD value of 120 and works on the application layer of the OSI model. RIP uses
port number 520.
Features of RIP :
1. Updates of the network are exchanged periodically.
2. Updates (routing information) are always broadcast.
3. Full routing tables are sent in updates.
4. Routers always trust routing information received from neighbor routers. This is also known
as Routing on rumours.
RIP versions :
There are three versions of routing information protocol – RIP Version1, RIP
Version2, and RIPng.
RIP v1
RIP v2
RIPng
Sends update as broadcast
Sends update as multicast
Sends update as multicast
RIP v1
RIP v2
RIPng
Multicast at FF02::9 (RIPng
can only run on IPv6
networks)
Broadcast at
255.255.255.255
Multicast at 224.0.0.9
Doesn’t support
authentication of update
messages
Supports authentication of
RIPv2 update messages
–
Classful routing protocol
Classless protocolupdated
supports classful
Classless updates are sent
RIP v1 is known as Classful Routing Protocol because it doesn’t send
information of subnet mask in its routing update.
RIP v2 is known as Classless Routing Protocol because it sends information of
subnet mask in its routing update.
(d) Classify about NAT & PAT?
NAT:
Network Address Translation (NAT) basically connects two networks and map the
private (inside local) addresses into public addresses (inside global). Here the term inside local
signifies that the host address belongs to an internal network and not assigned by Network
Information Center or service provider. And the inside global means that the address is a licit
address assigned by the NIC or service provider and it also represents one or more inside local
addresses to the outside world.
The main purpose of NAT was to slow down the rate of depletion of available IP address space
by enabling many private IP addresses to be represented by some smaller number of public IP
addresses.
Furthermore, only one address can be configured in NAT to represent the entire network to the
outside world. Therefore it provides security as the translation process is transparent. NAT can
be used as a tool for network migration and merging, server load sharing, virtual server creation,
etc.
NAT can be of three types :



Static NAT – In this type of NAT a local address is mapped to a global address, and there
exists a one-to-one relationship. Static NAT is useful when a host requires a consistent
address, which must be accessed from the internet. For example, enterprise servers or
networking devices.
Dynamic NAT – Dynamic NAT allows unregistered private IP address to be translated
into registered public IP address from a pool of public IP addresses.
PAT/ NAT Overloading/IP masquerading – PAT is most popular type among the three
types. It is a variant of Dynamic NAT and is similar to it, but it maps multiple private IP
addresses to a single public IP address by making use of ports.
Definition of PAT
Port Address Translation (PAT) is a type of Dynamic NAT through which address
translation can be configured at the port level, and the remaining IP address usage is also
optimized. PAT maps multiple source local addresses and ports to a single global IP address
and port from a pool of IP addresses that are routable on the destination network. Here the
interface IP address is used in combination with the port number and multiple hosts could have
same IP address because the port number is unique.
It uses unique source port address on the inside global IP address to identify the distinct
translations. The total number of NAT translations that can be carried out is 65536 because the
port number is encoded in 16 bits.
Original source ports are preserved by the PAT. If the source port is already allocated the
available ports are searched. The port groups are divided into three ranges that are from 0 to
511, 512 to 1023, or 1024 to 65535.
Q 2: (a) Analyse VLAN and Inter-VLAN Routing and frame relay?
VLAN: is a custom network which is created from one or more local area networks. It
enables a group of devices available in multiple networks to be combined into one
logical network. The result becomes a virtual LAN that is administered like a physical
LAN. The full form of VLAN is defined as Virtual Local Area Network.
Inter-VLAN:
Inter-VLAN routing can be defined as a way to forward traffic between different VLAN by
implementing a router in the network. As we learnt previously, VLANs logically segment the switch
into different subnets, when a router is connected to the switch, an administrator can configure the
router to forward the traffic between the various VLANs configured on the switch. The user nodes in
the VLANs forwards traffic to the router which then forwards the traffic to the destination network
regardless of the VLAN configured on the switch.
Frame Relay:
Frame Relay is a packet-switching technology offered as a telecommunications service by
telcos and long-distance carriers, used primarily for WAN links. Frame relay can be used to
encapsulate local area network (LAN) traffic such as Ethernet frames for transmission over
digital data transmission lines for wide area networks (WANs) and can connect multiple LANs to
form a multipoint WAN. Frame relay technology was originally an offshoot of Integrated Services
Digital Network (ISDN) digital communication technology.
(C) Analyze in detail about Spanning Tree Protocol?
Spanning Tree Protocol (STP) is a communication protocol operating at data link layer the OSI
model to prevent bridge loops and the resulting broadcast storms. It creates a loop − free
topology for Ethernet networks.
Working Principle
A bridge loop is created when there are more than one paths between two nodes in a given
network. When a message is sent, particularly when a broadcast is done, the bridges repeatedly
rebroadcast the same message flooding the network. Since a data link layer frame does not
have a time-to-live field in the header, the broadcast frame may loop forever, thus swamping the
channels.
Spanning tree protocol creates a spanning tree by disabling all links that form a loop or cycle in
the network. This leaves exactly one active path between any two nodes of the network. So
when a message is broadcast, there is no way that the same message can be received from an
alternate path. The bridges that participate in spanning tree protocol are often called spanning
tree bridges.
To construct a spanning tree, the bridges broadcast their configuration routes. Then they
execute a distributed algorithm for finding out the minimal spanning tree in the network, i.e. the
spanning tree with minimal cost. The links not included in this tree are disabled but not
removed.
In case a particular active link fails, the algorithm is executed again to find the minimal spanning
tree without the failed link. The communication continues through the newly formed spanning
tree. When a failed link is restored, the algorithm is re-run including the newly restored link.
Example
Let us consider a physical topology, as shown in the diagram, for an Ethernet network that
comprises of six interconnected bridges. The bridges are named {B1, B2, B3, B4, B5, B6} and
several nodes are connected to each bridge. The links between two bridges are named {L1, L2,
L3, L4, L5, L6, L7, L8, L9}, where L1 connects B1 and B2, L2 connects B1 and B3 and so on. It
is assumed that all links are of uniform costs.
From the diagram we can see that there are multiple paths from a bridge to any other bridge in
the network, forming several bridge loops that makes the topology susceptible to broadcast
storms.
According to spanning tree protocol, links that form a cycle are disabled. Thus,we get a
logical topology so that there is exactly one route between any two bridges. One
possible logical topology is shown in the following diagram below containing links {L1,
L2, L3, L4, L5} −
In the above logical configuration, if a situation arises such that link L4 fails. Then, the spanning
tree is reconstituted leaving L4. A possible logical reconfiguration containing links {L1, L2, L3,
L5, L9} is as follows −