lab2_bùi duy cương_lê quang bắc_09dthm
TRANSCRIPT
Lab 2 – Mạng sơ trung 1
Đại Học Kỹ Thuật Công Nghệ TP.HCM
Khoa Công Nghệ Thông Tin
BÁO CÁO MẠNG MÁY TÍNH
LAB 2 – MẠNG SƠ TRUNG
Giảng viên hướng dẫn : Nguyễn Đức Quang
Sinh viên thực hiện : Lê Quang Bắc_0951020030
Bùi Duy Cương_0951020036
Lớp : 09DTHM
TPHCM, 2012
Lab 2 – Mạng sơ trung 2
Mục lục
I/ Mô hình mạng.......................................................................................................................................... 4
II/Cấu hình router ........................................................................................................................................ 5
1/ Router 1 (R1) ...................................................................................................................................... 5
2/ Router 2 (R2) ...................................................................................................................................... 7
3/ Router 3 (R3) ...................................................................................................................................... 9
4/ Router 4 (R4) .................................................................................................................................... 11
5/ Router 5 (R5) .................................................................................................................................... 13
6/ Router 6 (R6) .................................................................................................................................... 15
7/ Frame relay switch (FT_S) ................................................................................................................. 17
III/ Bảng định tuyến của router ................................................................................................................... 19
1/Router 1 ............................................................................................................................................. 19
2/Router 2 ............................................................................................................................................. 19
3/Router 3 ............................................................................................................................................. 20
4/Router 4 ............................................................................................................................................. 20
5/Router 5 ............................................................................................................................................. 21
6/Router 6 ............................................................................................................................................. 21
IV/ Kết quả bắt gói tin: ............................................................................................................................... 22
HTTP: ................................................................................................................................................... 22
HTTPS:................................................................................................................................................. 23
TELNET: ............................................................................................................................................... 24
SSH: ..................................................................................................................................................... 25
NTP: ..................................................................................................................................................... 26
Netmeeting ........................................................................................................................................... 27
FTP ...................................................................................................................................................... 28
TFTP .................................................................................................................................................... 29
DNS ..................................................................................................................................................... 30
SIP ....................................................................................................................................................... 31
H323..................................................................................................................................................... 32
Kerberos ............................................................................................................................................... 33
SNMP trap ............................................................................................................................................ 34
RADIUS ................................................................................................................................................ 35
TACACS ............................................................................................................................................... 36
SMTP ................................................................................................................................................... 37
RTP ...................................................................................................................................................... 38
Lab 2 – Mạng sơ trung 3
RTCP ................................................................................................................................................... 39
POP ..................................................................................................................................................... 40
DHCP ................................................................................................................................................... 41
V/ C2 vào net:........................................................................................................................................... 42
VI/ Thể hiện sự ưu tiên lưu lượng từ cao đến thấp ở trường DSCP cho các lưu lượng theo thứ tự sau : RTP,
Netmeeting, TELNET, SSH. ...................................................................................................................... 44
VII/ Cầu hình cho giao thức RTP chiếm 25% tổng băng thông, Netmeeting 15% tổng băng thông và 60% còn
lại dành cho các giao thức khác. ............................................................................................................... 45
Lab 2 – Mạng sơ trung 4
I/ Mô hình mạng
Mô hình được triển khai trên phần mềm GNS3:
- Client (Win 7) sử dụng card Loopback
- Server (Win 2k3) sử dụng card VMNET
- Router 7200
Lab 2 – Mạng sơ trung 5
II/Cấu hình router
1/ Router 1 (R1) ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1
! boot-start-marker boot-end-marker ! ! aaa new-model ! ! aaa authentication login default group radius aaa authorization exec default group radius aaa accounting exec default start-stop group radius ! aaa session-id common ! ! ip cef no ip domain lookup ! ! ! ipv6 unicast-routing ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
class-map match-all telnet match access-group 102
class-map match-all netmeeting
match access-group 101
class-map match-all ssh match access-group 103
class-map match-all rtp match access-group 100 ! !
policy-map LLQ-OUT-2 class rtp
priority percent 25 class netmeeting
priority percent 15 class class-default
fair-queue
policy-map Marking-IN-1 class rtp
set dscp cs6 class netmeeting
set dscp cs5 class telnet
set dscp cs4 class ssh set dscp cs3 ! ! ! ! ! !
interface FastEthernet0/0 ip address dhcp shutdown duplex half !
interface Serial1/0 no ip address ip virtual-reassembly encapsulation frame-relay serial restart-delay 0 priority-group 1 !
interface Serial1/0.12 point-to-point bandwidth 50 ip address 192.168.1.30 255.255.255.0 ip router isis frame-relay interface-dlci 98 service-policy input Marking-IN-1 !
interface Serial1/0.13 point-to-point bandwidth 50 ip address 192.168.2.30 255.255.255.0 ip router isis ip nat inside ip virtual-reassembly frame-relay interface-dlci 96 service-policy input Marking-IN-1 !
interface Serial1/1 no ip address shutdown serial restart-delay 0 !
interface Serial1/2 no ip address shutdown serial restart-delay 0 !
interface Serial1/3 no ip address shutdown serial restart-delay 0 !
interface Serial1/4
Lab 2 – Mạng sơ trung 6
no ip address shutdown serial restart-delay 0 !
interface Serial1/5 no ip address shutdown serial restart-delay 0 !
interface Serial1/6 no ip address shutdown serial restart-delay 0 !
interface Serial1/7 no ip address shutdown serial restart-delay 0 !
interface FastEthernet2/0
bandwidth 50 ip address 10.0.0.36 255.255.255.0 ip helper-address 192.168.5.36 ip router isis ip nat outside ip virtual-reassembly duplex auto speed auto priority-group 1 service-policy input Marking-IN-1 !
interface FastEthernet2/1 no ip address shutdown duplex auto speed auto !
router isis net 00.0001.0000.0000.0001.00 ! !
no ip http server no ip http secure-server ! ip nat inside source list 1 interface FastEthernet2/0 overload ! access-list 1 permit any access-list 100 permit tcp any any eq 3230 access-list 100 permit udp any any eq 3230 access-list 101 permit tcp any any eq 3389 access-list 102 permit tcp any any eq telnet access-list 103 permit tcp any any eq 22 snmp-server community private RW ! ! ! radius-server host 20.0.0.36 auth-port 1645 acct-port 1646 radius-server key 123456 ! control-plane ! ! ! ! ! !
gatekeeper shutdown ! !
line con 0
exec-timeout 0 0 logging synchronous stopbits 1
line aux 0 stopbits 1 line vty 0 4 ! ! end
Lab 2 – Mạng sơ trung 7
2/ Router 2 (R2)
!* R2.CiscoConfig !* IP Address : 192.168.1.36 !* Community : private !* Downloaded 3/1/2012 8:02:28 AM by SolarWinds Config Transfer Engine Version 5.5.0 ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2
! boot-start-marker boot-end-marker ! ! no aaa new-model ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
class-map match-all telnet match access-group 102
class-map match-all netmeeting match access-group 101
class-map match-all ssh match access-group 103
class-map match-all rtp match access-group 100 ! !
policy-map LLQ-OUT-2 class rtp
priority percent 25 class netmeeting
priority percent 15 class class-default fair-queue
policy-map Marking-IN-1
class rtp
set dscp cs6 class netmeeting
set dscp cs5 class telnet
set dscp cs4
class ssh set dscp cs3 ! ! ! ! ! !
interface FastEthernet0/0 no ip address shutdown duplex half !
interface Serial1/0 no ip address encapsulation frame-relay serial restart-delay 0 priority-group 1 service-policy input Marking-IN-1 !
interface Serial1/0.21 point-to-point ip address 192.168.1.36 255.255.255.0 ip router isis frame-relay interface-dlci 89 !
interface Serial1/1 no ip address shutdown serial restart-delay 0 !
interface Serial1/2 no ip address shutdown serial restart-delay 0 !
interface Serial1/3
no ip address shutdown serial restart-delay 0 !
interface Serial1/4 no ip address shutdown serial restart-delay 0 !
interface Serial1/5 no ip address shutdown serial restart-delay 0 !
interface Serial1/6 no ip address shutdown serial restart-delay 0
Lab 2 – Mạng sơ trung 8
!
interface Serial1/7 no ip address shutdown serial restart-delay 0 !
router isis net 00.0001.0000.0000.0002.00 ! ! no ip http server no ip http secure-server ! ! access-list 100 permit tcp any any eq 3230 access-list 100 permit udp any any eq 3230 access-list 101 permit tcp any any eq 3389 access-list 102 permit tcp any any eq telnet access-list 103 permit tcp any any eq 22 snmp-server community private RW ! ! ! !
control-plane ! ! ! ! ! !
gatekeeper shutdown ! !
line con 0 exec-timeout 0 0 logging synchronous stopbits 1
line aux 0 stopbits 1
line vty 0 4 login ! ! end
Lab 2 – Mạng sơ trung 9
3/ Router 3 (R3)
!* R3.CiscoConfig !* IP Address : 192.168.3.30 !* Community : private !* Downloaded 3/1/2012 8:23:17 AM by SolarWinds Config Transfer Engine Version 5.5.0 ! ! No configuration change since last restart ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3
! boot-start-marker boot-end-marker ! ! aaa new-model ! ! aaa authentication login default group tacacs+ aaa authorization exec default group tacacs+ aaa accounting exec default start-stop group tacacs+ ! aaa session-id common clock timezone GTM 7 ! ! ip cef no ip domain lookup ! ! ! ipv6 unicast-routing ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
class-map match-all telnet match access-group 102
class-map match-all netmeeting
match access-group 101
class-map match-all ssh match access-group 103
class-map match-all rtp
match access-group 100 ! !
policy-map LLQ-OUT-2
class rtp
priority percent 25 class netmeeting
priority percent 15 class class-default fair-queue
policy-map Marking-IN-1 class rtp
set dscp cs6 class netmeeting
set dscp cs5 class telnet
set dscp cs4 class ssh set dscp cs3 ! ! ! ! ! !
interface FastEthernet0/0 no ip address shutdown duplex half !
interface Serial1/0
no ip address encapsulation frame-relay serial restart-delay 0 priority-group 1 service-policy input Marking-IN-1 !
interface Serial1/0.31 point-to-point ip address 192.168.2.36 255.255.255.0 ip router isis ip nat outside ip virtual-reassembly frame-relay interface-dlci 69 !
interface Serial1/1 ip address 192.168.3.30 255.255.255.0 ip nat inside ip virtual-reassembly ipv6 address 2001::2/64 ipv6 enable ipv6 rip CNTT enable serial restart-delay 0 priority-group 1 service-policy input Marking-IN-1 !
interface Serial1/2 no ip address
Lab 2 – Mạng sơ trung 10
shutdown serial restart-delay 0 !
interface Serial1/3 no ip address shutdown serial restart-delay 0 !
interface Serial1/4 no ip address shutdown serial restart-delay 0 !
interface Serial1/5 no ip address shutdown serial restart-delay 0 !
interface Serial1/6 no ip address shutdown serial restart-delay 0 !
interface Serial1/7
no ip address shutdown serial restart-delay 0 !
router isis net 00.0001.0000.0000.0003.00 redistribute connected redistribute rip ! address-family ipv6 redistribute connected metric 0 redistribute rip CNTT metric 0 exit-address-family !
router rip redistribute connected redistribute isis level-1-2 metric 5 passive-interface Serial1/0 network 192.168.3.0 ! ip route 0.0.0.0 0.0.0.0 Serial1/0.31 ! no ip http server no ip http secure-server !
! access-list 100 permit tcp any any eq 3230 access-list 100 permit udp any any eq 3230 access-list 101 permit tcp any any eq 3389 access-list 102 permit tcp any any eq telnet access-list 103 permit tcp any any eq 22 snmp-server community private RW snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps tty snmp-server enable traps config snmp-server enable traps syslog snmp-server host 192.168.2.36 R3 snmp-server manager
ipv6 router rip CNTT maximum-paths 1 redistribute connected metric 1 redistribute isis metric 10 level-1-2 ! ! ! tacacs-server host 20.0.0.36 tacacs-server directed-request tacacs-server key 123456 ! ! control-plane ! ! ! ! ! !
gatekeeper shutdown ! !
line con 0 exec-timeout 0 0 logging synchronous stopbits 1
line aux 0 stopbits 1 line vty 0 4 ! ntp master 3 ! end
Lab 2 – Mạng sơ trung 11
4/ Router 4 (R4)
!* R4.bac.com.CiscoConfig !* IP Address : 192.168.3.36 !* Community : private !* Downloaded 3/1/2012 8:07:41 AM by SolarWinds Config Transfer Engine Version 5.5.0 ! ! No configuration change since last restart ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R4
! boot-start-marker boot-end-marker ! enable password 123 ! no aaa new-model ip flow-cache timeout active 1 ! ! ip cef no ip domain lookup ip domain name bac.com ! ! ip ssh time-out 30 ip ssh authentication-retries 2 ip ssh version 2 ! ipv6 unicast-routing ! ! ! ! ! ! ! ! ! ! ! ! ! ! username hello password 0 123 username bac password 0 123 ! !
class-map match-all telnet match access-group 102
class-map match-all netmeeting
match access-group 101
class-map match-all ssh match access-group 103
class-map match-all rtp
match access-group 100 ! !
policy-map LLQ-OUT-2
class rtp
priority percent 25 class netmeeting
priority percent 15 class class-default fair-queue
policy-map Marking-IN-1 class rtp
set dscp cs6 class netmeeting
set dscp cs5 class telnet
set dscp cs4 class ssh set dscp cs3 ! ! ! ! ! !
interface FastEthernet0/0 no ip address shutdown duplex half !
interface Serial1/0
ip address 192.168.3.36 255.255.255.0 ip flow egress ip nat outside ip virtual-reassembly ip route-cache flow ipv6 address 2001::1/64 ipv6 enable ipv6 rip hutech enable serial restart-delay 0 priority-group 1 service-policy input Marking-IN-1 ip rsvp bandwidth !
interface Serial1/1 ip address 192.168.4.30 255.255.255.0 ipv6 enable serial restart-delay 0 priority-group 1 service-policy input Marking-IN-1 ip rsvp bandwidth !
interface Serial1/2 ip address 192.168.5.30 255.255.255.0 ip nat inside ip virtual-reassembly serial restart-delay 0
Lab 2 – Mạng sơ trung 12
priority-group 1 service-policy input Marking-IN-1 !
interface Serial1/3 no ip address shutdown serial restart-delay 0 !
interface Serial1/4 no ip address shutdown serial restart-delay 0 !
interface Serial1/5 no ip address shutdown serial restart-delay 0 !
interface Serial1/6 no ip address shutdown serial restart-delay 0 !
interface Serial1/7
no ip address shutdown serial restart-delay 0 !
router ospf 1 log-adjacency-changes redistribute static metric 10 subnets redistribute rip metric 10 subnets network 192.168.4.0 0.0.0.255 area 0 !
router rip redistribute static metric 10 redistribute ospf 1 metric 10 network 192.168.3.0 network 192.168.5.0 ! ip route 0.0.0.0 0.0.0.0 Serial1/0 ip route 20.0.0.0 255.255.255.0 Serial1/2 ip flow-export source Serial1/0 ip flow-export version 5 ip flow-export destination 10.0.0.30 9996 !
no ip http server no ip http secure-server ! ! access-list 100 permit tcp any any eq 3230 access-list 100 permit udp any any eq 3230 access-list 101 permit tcp any any eq 3389 access-list 102 permit tcp any any eq telnet access-list 103 permit tcp any any eq 22 snmp-server community private RW snmp-server ifindex persist
ipv6 router rip hutech maximum-paths 1 ! ! ! ! ! control-plane ! ! ! ! ! !
gatekeeper shutdown ! !
line con 0 exec-timeout 0 0 logging synchronous stopbits 1
line aux 0 stopbits 1
line vty 0 4 password 123456 login transport input ssh ! ntp clock-period 17179773 ntp server 192.168.3.30 ! end
Lab 2 – Mạng sơ trung 13
5/ Router 5 (R5)
!* R5.bac.com.CiscoConfig !* IP Address : 192.168.4.36 !* Community : private !* Downloaded 3/1/2012 8:10:10 AM by SolarWinds Config Transfer Engine Version 5.5.0 ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R5
! boot-start-marker boot-end-marker ! ! no aaa new-model ! ! ip cef no ip domain lookup ip domain name bac.com ! ! ip ssh time-out 40 ip ssh authentication-retries 4 ! ! !
crypto pki trustpoint TP-self-signed-4279256517 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-4279256517 revocation-check none rsakeypair TP-self-signed-4279256517 ! ! ! ! ! ! ! ! ! ! ! ! ! username bac password 0 123456 ! !
class-map match-all telnet match access-group 102
class-map match-all netmeeting match access-group 101
class-map match-all ssh
match access-group 103
class-map match-all rtp match access-group 100 ! !
policy-map LLQ-OUT-2 class rtp
priority percent 25 class netmeeting
priority percent 15 class class-default fair-queue
policy-map Marking-IN-1 class rtp
set dscp cs6 class netmeeting
set dscp cs5 class telnet
set dscp cs4 class ssh set dscp cs3 ! ! ! ! ! !
interface FastEthernet0/0 no ip address shutdown duplex half !
interface Serial1/0
ip address 192.168.4.36 255.255.255.0 serial restart-delay 0 priority-group 1 service-policy input Marking-IN-1 !
interface Serial1/1 no ip address shutdown serial restart-delay 0 !
interface Serial1/2 no ip address shutdown serial restart-delay 0 !
interface Serial1/3 no ip address shutdown serial restart-delay 0 !
interface Serial1/4 no ip address shutdown
Lab 2 – Mạng sơ trung 14
serial restart-delay 0 !
interface Serial1/5 no ip address shutdown serial restart-delay 0 !
interface Serial1/6 no ip address shutdown serial restart-delay 0 !
interface Serial1/7 no ip address shutdown serial restart-delay 0 !
router ospf 1 log-adjacency-changes network 192.168.4.0 0.0.0.255 area 0 ! ! ip http server ip http secure-server ! ! ! ip access-list standard wo ip access-list standard wr access-list 100 permit tcp any any eq 3230 access-list 100 permit udp any any eq 3230 access-list 101 permit tcp any any eq 3389
access-list 102 permit tcp any any eq telnet access-list 103 permit tcp any any eq 22 snmp-server community public RO wo snmp-server community private RW ! ! ! ! control-plane ! ! ! ! ! !
gatekeeper shutdown ! !
line con 0 exec-timeout 0 0 logging synchronous stopbits 1
line aux 0 stopbits 1
line vty 0 4 login local transport input ssh ! ! end
Lab 2 – Mạng sơ trung 15
6/ Router 6 (R6)
!* R6.CiscoConfig !* IP Address : 192.168.5.36 !* Community : private !* Downloaded 3/1/2012 8:09:04 AM by SolarWinds Config Transfer Engine Version 5.5.0 ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R6
! boot-start-marker boot-end-marker ! ! no aaa new-model ! ! ip cef no ip domain lookup no ip dhcp use vrf connected ip dhcp excluded-address 10.0.0.1 10.0.0.36 ! ip dhcp pool network10.0.0.0 network 10.0.0.0 255.255.255.0 default-router 10.0.0.36 dns-server 8.8.8.8 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! username bac password 0 123 ! !
class-map match-all telnet match access-group 102
class-map match-all netmeeting match access-group 101
class-map match-all ssh match access-group 103
class-map match-all rtp
match access-group 100 ! !
policy-map LLQ-OUT-2 class rtp
priority percent 25 class netmeeting
priority percent 15
class class-default fair-queue
policy-map Marking-IN-1
class rtp
set dscp cs6
class netmeeting
set dscp cs5 class telnet
set dscp cs4 class ssh set dscp cs3 ! ! ! ! ! !
interface FastEthernet0/0 no ip address shutdown duplex half !
interface Serial1/0 ip address 192.168.5.36 255.255.255.0 ip nat outside ip virtual-reassembly serial restart-delay 0 priority-group 1 service-policy input Marking-IN-1 !
interface Serial1/1 no ip address shutdown serial restart-delay 0 !
interface Serial1/2 no ip address shutdown serial restart-delay 0 !
interface Serial1/3 no ip address shutdown serial restart-delay 0 !
interface Serial1/4 no ip address shutdown serial restart-delay 0
Lab 2 – Mạng sơ trung 16
!
interface Serial1/5 no ip address shutdown serial restart-delay 0 !
interface Serial1/6 no ip address shutdown serial restart-delay 0 !
interface Serial1/7 no ip address shutdown serial restart-delay 0 !
interface FastEthernet2/0 ip address 20.0.0.30 255.255.255.0 ip nat inside ip virtual-reassembly duplex auto speed auto priority-group 1 service-policy input Marking-IN-1 !
interface FastEthernet2/1 no ip address shutdown duplex auto speed auto ! ip route 0.0.0.0 0.0.0.0 Serial1/0 ip route 10.0.0.0 255.255.255.0 Serial1/0 ip route 192.168.1.0 255.255.255.0 Serial1/0 ip route 192.168.2.0 255.255.255.0 Serial1/0 ip route 192.168.3.0 255.255.255.0 Serial1/0 ip route 192.168.4.0 255.255.255.0 Serial1/0 !
no ip http server no ip http secure-server ! ! access-list 100 permit tcp any any eq 3230 access-list 100 permit udp any any eq 3230 access-list 101 permit tcp any any eq 3389 access-list 102 permit tcp any any eq telnet access-list 103 permit tcp any any eq 22 snmp-server community private RW ! ! ! ! control-plane ! ! ! ! ! !
gatekeeper shutdown ! !
line con 0 exec-timeout 0 0 logging synchronous stopbits 1
line aux 0 stopbits 1
line vty 0 4 password 123 login ! ! end
Lab 2 – Mạng sơ trung 17
7/ Frame relay switch (FT_S)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname FRS
! boot-start-marker boot-end-marker ! ! no aaa new-model ! ! ip cef no ip domain lookup ! ! ! frame-relay switching ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
class-map match-all telnet match access-group 102
class-map match-all netmeeting match access-group 101
class-map match-all ssh match access-group 103
class-map match-all rtp match access-group 100 ! !
policy-map LLQ-OUT-2 class rtp
priority percent 25 class netmeeting
priority percent 15 class class-default fair-queue
policy-map Marking-IN-1
class rtp
set dscp cs6 class netmeeting
set dscp cs5 class telnet
set dscp cs4 class ssh
set dscp cs3 ! ! ! ! ! !
interface FastEthernet0/0 no ip address shutdown duplex half !
interface Serial1/0 no ip address encapsulation frame-relay serial restart-delay 0 priority-group 1 frame-relay lmi-type ansi frame-relay intf-type dce frame-relay route 96 interface Serial1/2 69 frame-relay route 98 interface Serial1/1 89 service-policy input Marking-IN-1 !
interface Serial1/1 no ip address encapsulation frame-relay serial restart-delay 0 priority-group 1 frame-relay lmi-type ansi frame-relay intf-type dce frame-relay route 89 interface Serial1/0 98 service-policy input Marking-IN-1 !
interface Serial1/2 no ip address encapsulation frame-relay serial restart-delay 0 priority-group 1 frame-relay lmi-type ansi frame-relay intf-type dce frame-relay route 69 interface Serial1/0 96 service-policy input Marking-IN-1 !
interface Serial1/3 no ip address shutdown serial restart-delay 0 ! interface Serial1/4
Lab 2 – Mạng sơ trung 18
no ip address shutdown serial restart-delay 0 !
interface Serial1/5 no ip address shutdown serial restart-delay 0 !
interface Serial1/6 no ip address shutdown serial restart-delay 0 !
interface Serial1/7 no ip address shutdown serial restart-delay 0 ! ! no ip http server no ip http secure-server ! ! access-list 100 permit tcp any any eq 3230 access-list 100 permit udp any any eq 3230 access-list 101 permit tcp any any eq 3389 access-list 102 permit tcp any any eq telnet
access-list 103 permit tcp any any eq 22 ! ! ! ! control-plane ! ! ! ! ! !
gatekeeper shutdown ! !
line con 0 exec-timeout 0 0 logging synchronous stopbits 1
line aux 0 stopbits 1
line vty 0 4 login ! ! end
Lab 2 – Mạng sơ trung 19
III/ Bảng định tuyến của router
1/Router 1
2/Router 2
Lab 2 – Mạng sơ trung 20
3/Router 3
4/Router 4
Lab 2 – Mạng sơ trung 21
5/Router 5
6/Router 6
Lab 2 – Mạng sơ trung 22
IV/ Kết quả bắt gói tin:
Bắt gói tin bằng Netflow trên cổng S1/0 của R4 và WireShark trên card loopback của máy thật
HTTP:
Lab 2 – Mạng sơ trung 23
HTTPS:
Lab 2 – Mạng sơ trung 24
TELNET:
Lab 2 – Mạng sơ trung 25
SSH:
Lab 2 – Mạng sơ trung 26
NTP:
Lab 2 – Mạng sơ trung 27
Netmeeting
Lab 2 – Mạng sơ trung 28
FTP
Lab 2 – Mạng sơ trung 29
TFTP
Lab 2 – Mạng sơ trung 30
DNS
Lab 2 – Mạng sơ trung 31
SIP
Lab 2 – Mạng sơ trung 32
H323
Lab 2 – Mạng sơ trung 33
Kerberos
Lab 2 – Mạng sơ trung 34
SNMP trap
Lab 2 – Mạng sơ trung 35
RADIUS
Lab 2 – Mạng sơ trung 36
TACACS
Lab 2 – Mạng sơ trung 37
SMTP
Lab 2 – Mạng sơ trung 38
RTP
Lab 2 – Mạng sơ trung 39
RTCP
Lab 2 – Mạng sơ trung 40
POP
Lab 2 – Mạng sơ trung 41
DHCP
Lab 2 – Mạng sơ trung 42
V/ C2 vào net:
Lab 2 – Mạng sơ trung 43
Lab 2 – Mạng sơ trung 44
VI/ Thể hiện sự ưu tiên lưu lượng từ cao đến thấp ở trường DSCP cho các lưu lượng theo
thứ tự sau : RTP, Netmeeting, TELNET, SSH.
Lab 2 – Mạng sơ trung 45
VII/ Cầu hình cho giao thức RTP chiếm 25% tổng băng thông, Netmeeting 15% tổng
băng thông và 60% còn lại dành cho các giao thức khác.