Académique Documents
Professionnel Documents
Culture Documents
Networking Technology
Summer Internship Report
(June 16th 2014 July 25th 2014)
Prepared
Ashish
( CSE )
PREFACE
The report is prepare during industrial training as a part of
summer internship program conducted after the end term of 4 th
semester B.Tech program. This period provided me an opportunity
to give theoretical knowledge a practical implementation. The
report is a result of six weeks industrial training that I underwent
at CDAC, Mohali. Joining CDAC as a trainee gave me an excellent
platform at the onset of my professional carrier.
I whole heartedly thank the organization and especially their
Network Department for provided me an opportunity to work on
the Router, switches (layer 2 and layer 3) & hubs and hence
bringing out the best in me, alongside developing my talents &
improving my skills, not just technically but also laying a firm
foundation for all round personality development. Co-operating
and working with a team helped me explore my potential &
perform better.
This report deals with the network scenario and how the
connection is made in the university and organizations. The report
also includes the pictorial scenario of network using Edraw.
Acknowledgement
It is a great sense of satisfaction and a matter of privilege for me
to work at CDAC, Mohali. I wish to express my heartiest thanks to
CDAC for providing me the opportunity to undergo training in the
esteemed organization. Under such a good environment,
systematic work approach and target oriented task, management
of this division provided me with the much-desired training
experience needed for the future software professional career.
It is my pleasure to thank Mr. Vijay Kumar to whom I owe a lot
giving me an opportunity to pursue my training in this
organization.
I would like to thank Mr. Ashutosh Bajpai my faculty guide, for this
help cooperation and by being interactive during the reviewing of
my project for the various designs and performance issue.
Mr. Ashutosh
CDAC, Mohali
My Experience
My experience throughout the training was a big learning curve for my career.
Being with the professionals was a great oppourtunity for me. My utmost effort
was to master the skill to as much extent as it can be. I got hands on experience
this summer ;working on the real equipment during their internships was as
interesting as it can get. The Industrial training programme was exhaustive and
covering the latest in technologies.
The first week we were taught about the basics of Networking which we were
already thorough with, courtesy the excellent faculty and innovative teaching
style of our college. Therefore the first week was a brush upon the ideas which
were somewhat weakened during the holidays.
The second week was a step in the more detailed realms of networking
technologies. We were taken into greater depths of the knowledge pool and we
were allowed to explore n our own the new possibilities and new ways to
overcome our own doubts and questions.
The third and fourth weeks were full of new advanced concepts that were
introduced to us. It was challenging at first, but once we discovered where the
root of all doubt liesit was able to make peace with the new concepts.
The fifth and sixth week consisted of Project Making. It was the time to showcase
everything that we have learnt past four weeks into a single project. We got much
help from our supervisors at CDAC and some co-trainees. The professionalism was
exemplary.
Overall these six weeks have given a new direction to my career and a new
direction as to how to think in the right manner.
ROUTER
A router is a device that forwards data packets between telecommunications
networks, creating an overlay internetwork. A router is connected to two or more
data lines from different networks. When data comes in on one of the lines, the
router reads the address information in the packet to determine its ultimate
destination. Then, using information in its routing table or routing policy, it directs
the packet to the next network on its journey or drops the packet. A data packet is
typically forwarded from one router to another through networks that constitute
the internetwork until it gets to its destination node.
The most familiar type of routers are home and small office routers that simply
pass data, such as web pages and email, between the home computers and the
owner's cable or DSL modem, which connects to the Internet (ISP). However more
sophisticated routers range from enterprise routers, which connect large business
or ISP networks up to the powerful core routers that forward data at high speed
along the optical fiber lines of the Internet backbone.
A router has interfaces for different physical types of network connections, (such
as copper cables, fiber optic, or wireless transmission). It also
contains firmware for different networking protocol standards. Each network
interface uses this specialized computer software to enable data packets to be
forwarded from one protocol transmission system to another.
FUNCTION OF ROUTER
Router Terminology
Routers used to be called "gateways," which is why the term "default gateway"
means the router in your network (see default gateway). In older Novell
terminology, routers were also called "network-layer bridges." For more details on
the routable protocol layer (network layer 3), see OSI model and TCP/IP abc's. See
layer 3 switch, route server, router cluster and routing protocol.
Route Forwarding
Routing tables hold the data for making forwarding decisions. Although this is a
simple example, routing tables become very complex. Static routing uses fixed
tables, but dynamic routing uses
routing protocols that let routers exchange data with each other.
TYPES OF ROUTERS
Enterprise routers
All sizes of routers may be found inside enterprises. The most powerful routers are
usually found in ISPs, academic and research facilities. Large businesses may also
need more powerful routers to cope with ever increasing demands
of intranet data traffic. A three-layer model is in common use, not all of which
need be present in smaller networks.
Access
A screenshot of the LuCI web interface used by OpenWrt. Here it is being used to
configure Dynamic DNS.
Access routers, including 'small office/home office' (SOHO) models, are located at
customer sites such as branch offices that do not need hierarchical routing of their
own. Typically, they are optimized for low cost. Some SOHO routers are capable of
running alternative free Linux-based firmwares like Tomato, OpenWrt or DD-WRT.
Distribution
Distribution routers aggregate traffic from multiple access routers, either at the
same site, or to collect the data streams from multiple sites to a major enterprise
location. Distribution routers are often responsible for enforcing quality of service
across a WAN, so they may have considerable memory installed, multiple WAN
interface connections, and substantial onboard data processing routines. They
may also provide connectivity to groups of file servers or other external networks.
Security
External networks must be carefully considered as part of the overall security
strategy. Separate from the router may be a firewall or VPN handling device, or
the router may include these and other security functions. Many companies
produced security-oriented routers, including Cisco Systems' PIX and ASA5500
series, Juniper's Netscreen, Watchguard's Firebox, Barracuda's variety of mailoriented devices, and many others.
WORKING OF ROUTER
Routers understand these Ethernet and IP addresses. Routers are primarily
interested in the destination IP address of the packet you are sending to the
router. The router takes this destination (say it is 63.248.129.2) and looks that up
in its routing table. Here is an example of a routing table:
Location-A# show ip route
10.0.0.0/24 is subnetted, 2 subnets
R
Location-A#
Routes in the routing table are learned from either static routes (entered by you)
or dynamic routes. Using the routing table, the router tries to find the best route
for your traffic. There may be only one route. Often, this is a "default route" (a.k.a.
"gateway of last resort"). The default route just says: "If there are no better routes
to send this traffic, send it here."
Just about every home and small business user has just a single Internet
connection. In that case, they have a default route and all traffic is sent to their
Internet service provider (ISP). In the case of ISPs, however, there may be many
places they can send this traffic. Their routers must compare many hundreds of
thousands of routes and select the best one for your traffic. This happens in
milliseconds. And to get your traffic through the Internet and back, it may pass
through hundreds of routers. To you, it appears almost instantaneously
(depending on many factors).
If it doesn't find a valid route for your traffic, the router discards (yes, throws
away) your traffic and sends an ICMP "destination unreachable" message back to
you. When the router does find the best route and is ready to send your traffic, it
has to do a number of things:
1.
Encapsulate the packet for the protocol of the WAN. Routers often perform
protocol conversion. Say, for example, you have a router that has a PPP T1
connection to the Internet and is connected to the LAN using Ethernet. The
Ethernet frames must be de-encapsulated, modified, then re-encapsulated in
Ethernet, then PPP, before they can be sent across the PPP link.
On the other side of the link, the destination router is performing all of these same
tasks, but in reverse. This happens for every packet sent and every response
received.
To see a real production routing table from an ISP, you can telnet to public Cisco
route servers around the world. From here, you can do a show ip route and see
what a real ISP's routing table looks like.
BRIDGES
A bridge connects two or more networks, or segments of the same network. These
networks may use different physical and data link protocols. For example, you can
install a bridge to connect a small lab of Macintosh computers using LocalTalk to
the school's main Ethernet network.
Bridges filter network traffic. They examine each set of data, transmitting only
appropriate data to each connected segment. (Hubs, by contrast, broadcast all
information to each connected computer, whether or not that computer is the
intended recipient.) In this manner, bridges help reduce overall network traffic.
Bridges are relatively simple and efficient traffic regulators. However, in most
networks they
have been replaced by their less expensive or more powerful cousinshubs,
switches, and
routers.
Most bridges operate by examining incoming or outgoing signals for information
at OSI level 2.
Network Switch
A network switch or switching hub is a computer networking device that
connects network segments.
The term commonly refers to a multi-port network bridge that processes and
routes data at the data link layer (layer 2) of the OSI model. Switches that
additionally process data at the network layer (Layer 3) and above are often
referred to as Layer 3 switches or multilayer switches.
Functions of a Switch
The network switch plays an integral part in most modern Ethernet local area
networks (LANs). Mid-to-large sized LANs contain a number of
linked managed switches. Small office/home office (SOHO) applications typically
use a single switch, or an all-purpose converged device such as a gateway to
access small office/home broadband services such as DSL or cable internet. In
most of these cases, the end-user device contains a router and components that
interface to the particular physical broadband technology. User devices may also
include a telephone interface for VoIP.
An Ethernet switch operates at the data link layer of the OSI model to create a
separate collision domain for each switch port. With 4 computers (e.g., A, B, C,
and D) on 4 switch ports, A and B can transfer data back and forth, while C and D
also do so simultaneously, and the two conversations will not interfere with one
another. In the case of a hub, they would all share the bandwidth and run in half
duplex, resulting in collisions, which would then necessitate retransmissions.
Using a switch is called microsegmentation. This allows computers to have
dedicated bandwidth on a point-to-point connections to the network and to
therefore run in full duplex without collisions.
Switches may operate at one or more layers of the OSI model, including data
link, network, or transport (i.e., end-to-end). A device that operates
simultaneously at more than one of these layers is known as a multilayer switch.
In switches intended for commercial use, built-in or modular interfaces make it
possible to connect different types of networks, including Ethernet, Fibre
Channel, ATM, ITU-T G.hn and802.11. This connectivity can be at any of the layers
mentioned. While Layer 2 functionality is adequate for bandwidth-shifting within
one technology, interconnecting technologies such as Ethernet and token ring are
easier at Layer 3.
Interconnection of different Layer 3 networks is done by routers. If there are any
features that characterize "Layer-3 switches" as opposed to general-purpose
routers, it tends to be that they are optimized, in larger switches, for high-density
Ethernet connectivity.
In some service provider and other environments where there is a need for a
great deal of analysis of network performance and security, switches may be
connected between WAN routers as places for analytic modules. Some vendors
provide firewall, network intrusion detection, and performance analysis modules
that can plug into switch ports. Some of these functions may be on combined
modules.
In other cases, the switch is used to create a mirror image of data that can go to
an external device. Since most switch port mirroring provides only one mirrored
stream, network hubscan be useful for fanning out data to several read-only
analyzers, such as intrusion detection systems and packet sniffers.
A "layer 2 switch" remains more of a marketing term than a technical term, the products
that were introduced as "switches" tended to use microsegmentation and Full duplex to
prevent collisions among devices connected to Ethernet. By using an internal forwarding
plane much faster than any interface, they give the impression of simultaneous paths
among multiple devices.
Once a bridge learns the topology through a spanning tree protocol, it forwards data link
layer frames using a layer 2 forwarding method. There are four forwarding methods a
bridge can use, of which the second through fourth method were performance-increasing
methods when used on "switch" products with the same input and output port
bandwidths:
1. Store and forward: The switch buffers and verifies each frame before forwarding it.
2. Cut through: The switch reads only up to the frame's hardware address before
starting to forward it. Cut-through switches have to fall back to store and forward if
the outgoing port is busy at the time the packet arrives. There is no error checking
with this method.
3. Fragment free: A method that attempts to retain the benefits of both store and
forward and cut through. Fragment free checks the first 64 bytes of the frame,
where addressinginformation is stored. According to Ethernet specifications,
collisions should be detected during the first 64 bytes of the frame, so frames that
are in error because of a collision will not be forwarded. This way the frame will
always reach its intended destination. Error checking of the actual data in the
packet is left for the end device.
4. Adaptive switching: A method of automatically selecting between the other three
modes.
While there are specialized applications, such as storage area networks, where the input
and output interfaces are the same bandwidth, this is rarely the case in general LAN
applications. In LANs, a switch used for end user access typically concentrates lower
bandwidth (e.g., 10/100 Mbit/s) into a higher bandwidth (at least 1 Gbit/s). Alternatively,
a switch that provides access to server ports usually connects to them at a much higher
bandwidth than is used by end user devices.
switch can increase efficiency by delivering the traffic of a multicast group only to ports
where the attached device has signaled that it wants to listen to that group.
Layer 7 switches may distribute loads based on URL or by some installationspecific technique to recognize application-level transactions. A Layer-7 switch
may include a web cacheand participate in a content delivery network.
Types of Switches
Configuration based
on given objects. Each entry in a typical ACL specifies a subject and an operation.
For instance, if a file has an ACL that contains (Alice, delete), this would give Alice
permission to delete the file.
The Cisco access control list (ACL) is probably the most commonly used object in
the IOS. It is not only used for packet filtering (a type of firewall) but also for
selecting types of traffic to be analyzed, forwarded, or influenced in some way.
Standard ACLs:
A standard IP ACL is simple; it filters based on source address only. You can filter
a source network or a source host, but you cannot filter based on the destination
of a packet, the particular protocol being used such as the Transmission Control
Protocol (TCP) or the User Datagram Protocol (UDP), or on the port number. You
can permit or deny onlysource traffic.
Extended ACLs:
An extended ACL gives you much more power than just a standard
ACL. Extended IP ACLs check both the source and destination packet addresses.
They can also check for specific protocols, port numbers, and other parameters,
which allow administrators more flexibility and control.
Named ACLs:
One of the disadvantages of using IP standard and IP extended ACLs is that you
reference them by number, which is not too descriptive of its use. With a named
ACL, this is not the case because you can name your ACL with a descriptive name.
The ACL named DenyMike is a lot more meaningful than an ACL simply numbered
1. There are both IP standard and IP extended named ACLs.
Another advantage to named ACLs is that they allow you to remove individual
lines out of an ACL. With numbered ACLs, you cannot delete individual
statements. Instead, you will need to delete your existing access list and re-create
the entire list.
Range
IP Standard
199
IP Extended
100199
13001999
20002699
connectivity across the Internet and NAPT makes it difficult for systems behind a
NAT to accept incoming communications. As a result, NAT traversal methods have
been devised to alleviate the issues encountered
Methods of Port translation
There are several ways of implementing network address and port translation. In
some application protocols that use IP address information, the application
running on a node in the masqueraded network needs to determine the external
address of the NAT, i.e., the address that its communication peers detect, and,
furthermore, often needs to examine and categorize the type of mapping in use.
Usually this is done because it is desired to set up a direct communications path
(either to save the cost of taking the data via a server or to improve performance)
between two clients both of which are behind separate NATs. For this purpose,
the Simple traversal of UDP over NATs (STUN) protocol was developed (RFC 3489,
March 2003). It classified NAT implementation as full cone NAT, (address)
restricted cone NAT, port restricted cone NAT or symmetric NAT and proposed a
methodology for testing a device accordingly. However, these procedures have
since been deprecated from standards status, as the methods have proven faulty
and inadequate to correctly assess many devices. New methods have been
standardized in RFC 5389 (October 2008) and the STUN acronym now represents
the new title of the specification: Session Traversal Utilities for NAT.
Advantages of PAT
In addition to the advantages provided by NAT:
PAT (Port Address Translation) allows many internal hosts to share a single
external IP address.
Users who do not require support for inbound connections do not consume
public IP addresses.
Project Report
Project
Name
Network
Concepts used
1. DHCP
Short for Dynamic Host Configuration Protocol, a protocol for assigning
dynamic IP addresses to devices on a network. With dynamic addressing, a
device can have a different IP address every time it connects to the network.
In some systems, the device's IP address can even change while it is still
connected. DHCP also supports a mix of static and dynamic IP addresses.
Dynamic addressing simplifies network administration because the software
keeps track of IP addresses rather than requiring an administrator to
manage the task. This means that a new computer can be added to a
network without the hassle of manually assigning it a unique IP address.
Many ISPs use dynamic IP addressing for dial-up users .
2.VLAN
Short for virtual LAN, a network of computers that behave as if they are
connected to the same wire even though they may actually be physically
located on different segments of a LAN. VLANs are configured through
software rather than hardware, which makes them extremely flexible. One of
the biggest advantages of VLANs is that when a computer is physically
moved to another location, it can stay on the same VLAN without any
hardware reconfiguration.
3.VTP
VTP is a VLAN Trunking protocol.It is a Layer 2 Messageing Protocol. We need
it for :1. For Low Administration.
2. Securty.
Its function is to pass information Of VLAN into a VTP Domain. VTP stands for
Vlan Trunking Protocal. Its used for saving time if multiple switches having
same vlan to configure.
There are 3 parts
1) Client
2) Server
3) Transparent
4.IP Routing
IP Routing is an umbrella term for the set of protocols that determine the
path that data follows in order to travel across multiple networks from its
source to its destination. Data is routed from its source to its destination
through a series of routers, and across multiple networks. The IP Routing
protocols enable routers to build up a forwarding table that correlates final
destinations with next hop addresses.
These protocols include:
5.ACL
An access control list (ACL) is a table that tells a computer operating system
which access rights each user has to a particular system object, such as a
file directory or individual file. Each object has a security attribute that
identifies its access control list. The list has an entry for each system user
with access privileges. The most common privileges include the ability to
read a file (or all the files in a directory), to write to the file or files, and to
execute the file (if it is an executable file, or program). Microsoft Windows
NT/2000, Novell's NetWare, Digital's OpenVMS, and UNIX-based systems are
among the operating systems that use access control lists. The list is
implemented differently by each operating system.
6.NAT
Short for Network Address Translation, an Internet standard that enables a
local-area network (LAN) to use one set of IP addresses for internal traffic
and a second set of addresses for external traffic.
7.PAT
Short for Port Address Translation, a type of network address translation.
During PAT, each computer on LAN is translated to the same IP address, but
with a different port number assignment.
Scenario
The simulation of IEC network has been done in the project. An overview of the
total network can be seen in the image belowScenario in packet tracer will be like this:
CONFIGURATION OF DHCP
CONFIGURATION OF HTTP
CONFIGURATION OF DNS
Configuration of FTP :-
Bibliography
1. Study material provided during training.
2. www.wikipedia.com
3. www.google.com