Networking Protocols

12K

Solutions

16K

Contributors

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have read that Windows 2012 and 2008 IIS do not natively support SFTP. They support FTPS or FTP over. What would be the best options for securing FTP file transfers? Maybe using HTTPS?

DLH
0
FR
I have Frame Relay set up as shown in the screenshot above.
I have set up OSPF and manually configured Neighbors .
I can ping from the Hub to the Spokes  and back, but cannot ping between Spokes.

Any Help ?

Thank you


Hub#sh run
Building configuration...

Current configuration : 1431 bytes
!
! Last configuration change at 13:29:27 UTC Sun Oct 22 2017
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Hub
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip source-route
no ip icmp rate-limit unreachable
ip cef    
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
! 
!         
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex half
 !
!
interface Serial1/0
 ip address 192.168.123.1 255.255.255.0
 encapsulation frame-relay
 serial restart-delay 0
 !
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
 !        
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
 !
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
 !
!
!
router ospf 1
 log-adjacency-changes
 network 192.168.123.0 0.0.0.255 area 0
 neighbor 192.168.123.2
 neighbor 192.168.123.3
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
!
!
!
!
!
!

Open in new window

0
Sorry if this question is too basic. I have setup 2  cisco routers 1841 model. I have the first one configured with the following

Fe0 dhcp <------this interface is connected directly to the internet
Fe1 10.0.3.1 <----This interface is connected to the LAN

My problem is how do you get Internet traffic from FE0 to FE1 and other interfaces.

I am using OSPF and i can route  traffic from 10.0.3.x to any other private ip address within the 10.x.x.x network. How can I forward ISP traffic to my internal network, thanks
0
Screen-Shot-2017-10-16-at-9.01.37-PM.png
in the topology above , I  configured on R3 area 1 as stub in the first LAB then configured the same area 1 as NSSA in the second LAB.
In matter of OSPF Routing table Stub or NSSA the effect is the same , both have made R2 and R1 unable to reach any interface of R3 and the other way around also is true.

In matter of LSDB there was difference,, NSSA has created LSA type 7 on R3 area 1  

***My question is what's the purpose of LSA 7 if OSPF routing tables gave the same results between  , when I configured area 1 as Stub then NSSA ?


the output below is when I configured area 1 NSSA on R3

R1#sh ip route ospf 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

      2.0.0.0/32 is subnetted, 1 subnets
O        2.2.2.2 [110/2] via 192.168.12.2, 00:00:45, FastEthernet0/0
O IA  192.168.23.0/24 [110/2] via 192.168.12.2, 00:00:45, FastEthernet0/0
R1#

Open in new window


R2#sh ip route ospf 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

      1.0.0.0/32 is subnetted, 1 subnets
O        1.1.1.1 [110/2] via 192.168.12.1, 00:03:24, FastEthernet0/0
      11.0.0.0/24 is subnetted, 1 subnets
O E2     11.11.11.0 [110/20] via 192.168.12.1, 00:03:24, FastEthernet0/0
R2#

Open in new window


R3#sh ip route ospf 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

R3#
R3#

Open in new window


Thank you
1
I have :

R1---R2---R3

OSPF is configured at the Global configuration level on all routers.

R1  has 2 loopbacks: loopback0 (1.1.1.1/24) and loopback1 (11.11.11.11/24)
R1 has interface fa0/0 (192.168.12.1) connected to R2

Router OSPF 1
Network 1.1.1.0 advertised into area 0
Network 192.168.12.0 into area 0

** 11.11.11.0 network is not advertised, it is redistributed

R2 has loopback 2.2.2.2/24
R2 has interface fa0/0(192.168.12.2) connected to R1
Network 2.2.2.0 advertised into area 0
network 192.168.12.0 avertised into area 0

R2  has also interface fa0/1(192.168.23.2) connected to R3
so R2 has advertised Network 192.168.23.0/24 into area 1

***Let 's not worry about R3 , since it has all its interfaces in area 1

Now on R1 : I have "redistribute connected subnets"
this has redistributed the prefix 11.11.11.0 into area 0

Well, when I check R1 ospf routing table there is no prefix 11.11.11.0 , it shows on its global routing table as directly connected.

on R2, the prefix 11.11.11.0/24 shows as E2.

My question now is why in R1 the prefix 11.11.11.0 is not showing as E2 ?

Sorry I have my topology and configuration in the Lab , this is why I cannot paste the topology and/or the configuration.

Any clarification will be very much appreciated.

Thank you.
0
What are some good VPN software or services that will allow me to use the same external IP address every time and also change to different external IP addresses around the world whenever I need to?

I need to be able to use this both within Windows 10 and the latest Mac OS X software.
0
Around the time some of our traffic dipped to our site - I saw a number of changes of BGP path with lots of prepended AS's indicating less preferred routes. If those changes were beyond our directly connected ISP, what is the best way to find out why the path changed at that time? Is there a way to find out? There were perhaps 10 path changes in 10 minutes before things got back to normal.
1
I’m new to VLANs and I’m trying to set some up on our school’s network. I think my aims are simple, but I’m having problems.  Here’s a simplified diagram showing the topology.
St_dominics_network_extract3-help--1.jpg
Currently, everything is on 192.138.1.0/24.  I’m trying to split this into 4 VLANs, using the Layer 3 features of the SG300 rather than involving the Sonicwall (other than as a gateway).  My goal is that PCs on any VLAN can access only the web and the domain controller.  The DC will provide DHCP via a relay/helper address.

I’m starting with VLAN 100, to which I’ve assigned 192.168.100.1/24 (in the SG300).  I’ve set up the same VLAN in my SG200 switch (Layer 2).  The immediate problem is that VLAN 100 interface can only be pinged from within the SG300. Not from the SG200 or the DC.  

The Switch ports are set up like this:

SG200
40: Access (test PC)   VLAN1:excluded   VLAN100:untagged
48: Trunk (to sonicwall)  VLAN1:untagged   VLAN100:tagged
49: Trunk (to SG300)   VLAN1:untagged   VLAN100:tagged

SG300
2: trunk (to SG300)   VLAN1:untagged   VLAN100:tagged
9: trunk (to DC)  VLAN1:untagged   VLAN100:tagged      

Other SG300 settings
IPv4 interfaces:  VLAN1: 192.168.1.229   VLAN100: 192.168.100.1
IPv4 static routes:   Dest IP prefix: 0.0.0.0   next hop router ip: 192.168.1.200
DHCP:  relay:enabled  DHCP snooping status: enable   DHCP server IP:192.168.1.10

I haven’t made any changes to the Sonicwall router. I’m not sure whether I need to, or even whether it would…
0
We have AT&T MIS 10Gbps Ethernet circuit with speed throttled to 2Gbps. We have 10Gbps fiber connection from AT&T router to our fortinet firewall 600D 10G port. Is their a way to test internet speed over 1Gbps? We don't have any device or NIC with more than 1 Gig. How to test it?
0
using asa 5516 9.5

I want to block one host (for ex. 192.168.1.100) so that is unable to get outside at all including the obvious 80 and 441. Will I still have access to it internally? I just want to make sure I'll have all access for inside to it. the below does not have the "eq www" which only blocks internet.

If I do :
access-list inside_in extended deny tcp object-group SERVER_BLOCK any4 

Open in new window


SERVER_BLOCK = 192.168.1.100

Will I be OK?
0
Dear wizards, my router was hang this afternoon. Internet for email system was interrupted for about 20 mins. we could not telnet or connect to it via console port, and had to reset the router to bring it back.

so how can we know what happened? where can we find the logs? was it a signal of DDoS attack? and if so, how can we mitigate it?
0
I am using file Zilla to connect an ftp server but unfortunately unable to do so below is the error

Status:      Resolving address of ftp2.churchs.com
06:38:14      Status:      Connecting to 209.208.247.23:21...
06:38:14      Status:      Connection established, waiting for welcome message...
06:38:15      Status:      Insecure server, it does not support FTP over TLS.
06:38:15      Status:      Logged in
06:38:15      Status:      Retrieving directory listing...
06:38:34      Command:      PWD
06:38:34      Response:      257 "/CFC-Analytics" is current directory.
06:38:34      Command:      TYPE I
06:38:34      Response:      200 Type set to I.
06:38:34      Command:      PORT 10,139,105,11,209,15
06:38:34      Error:      Disconnected from server: ECONNABORTED - Connection aborted
06:38:34      Error:      Failed to retrieve directory listing
0
Hello, so this firm has a Windows Server SBS 2011 which is mainly used for Exchange and for sharing purposes.

Lately one strange problem has emerged: you open a file from a client (the file is on the server and shared) and you get the usual warning about someone else using the file right now, the file is read-only and so on.

Mind you, I'm not talking about a particular file, this can happen with any file actually.

Problem is, the file is not being used by anyone else, we have verified this many times.
After a while, it will just "unlock" and became fully available.

So, does anyone know how to address this problem or try to diagnose it? It never happened to me in many a year. Thanks.
0
I am trying to see what the best way to assign vlans to my subnets. The below is what I was planning for with the 3rd octet as the vlan#:
- vlan 8 - 10.10.8.0/22 (10.10.8.1 - 10.10.11.254)
- vlan 18 - 10.10.12.0/22 (10.10.12.1 - 10.10.15.254)

But now we are breaking 10.10.8.0/22 to the below. Any tips on assigning the vlan #?
vlan8 - 10.10.8.0/28
vlan? - 10.10.8.16/28
vlan? - 10.10.8.32/27
vlan? - 10.10.8.64/26
0
Please help me understand about ARP.
I know the local ARP table is cached and records also can be manually added. But how come when I ping a remote IP it doesn't automatically create a corresponding ARP table record?
0
Hello ,

I have 2 questions about timestamp ;

1. I have try to convert time stamp value to normal time but it was returned anormal dates :) what is the format of this TS val ?
2. As far as i read on the http://www.networksorcery.com/enp/protocol/tcp/option008.htm 


This field is only valid if the ACK bit is set in the TCP header.


but nearly all SYN packets in normal traffic not a DDOS has TSval  while ack was not sScreen-Shot-2017-08-27-at-18.05.41.pnget
0
Hi Sir,

Would like to ask for your help about the problem listed below,

[Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xccb797a8) not found (maybe expired)

Hoping that you can help me resolve this matter.


Thank you in advance.
0
Is this a mistake or  am i  checking sth wrong , how should be a packet with missing checksum ?

0000   a0 36 9f 55 7c aa dc 38 e1 ac 9b 89 08 00 45 00  .6.U|..8......E.
0010   00 25 8b cb 00 00 fd 11 d7 aa 89 3c 5a 64 b9 b6  .%.........<Zd..
0020   bc fa fc 5d 69 87 00 11 00 00 ff ff ff ff 55 38  ...]i.........U8
0030   55 76 03 00 00 00 00 00 00 00 00 00              Uv..........

Open in new window


Screen-Shot-2017-08-13-at-17.28.06.png
0
Dear Team,

There is port already open between  Source -target servers.
i have tested the same using telnet command.

However while I am creating some Datasource in Application server, i am getting  the above error message.

Kindly let me know if there anything required  at OS/App servet/network side .

Kindly advice
=== ERR MESSAGE IS =========
>
<Aug 7, 2017 4:52:24 PM AST> <Warning> <Deployer> <BEA-149004> <Failures were detected while initiating activate task for application 'test'.>
<Aug 7, 2017 4:52:24 PM AST> <Warning> <Deployer> <BEA-149078> <Stack trace for message 149004
java.rmi.RemoteException: [Deployer:149150]An IOException occurred while reading input.; nested exception is:
        java.net.NoRouteToHostException: No route to host
        at weblogic.deploy.service.internal.transport.http.HTTPMessageSender.sendMessageToServerURL(HTTPMessageSender.java:343)
0
Screen-Shot-2017-08-06-at-11.30.59-A.png
on the topology above , I have R1 and R6 on AS 1, R5 on AS3 , R2,R3,R4 on AS2

I would like to have Routers on AS1 (R1 and R6) Not take route through AS3 to reach routers inside AS2, instead I want AS1 routers to go straight to AS2 through R1 using BGP Default Local Preference command on R1

you can see in the config below on R1 :
bgp default local-preference 600


Below is the BGP route configuration on R1, R6, R3. As you can see R6 is going through AS3 to reach routers in AS2 instead of going straight to AS2 through R1

If you need more info , please feel free to ask.


Thank you

R1#sh run | beg router bgp
 bgp default local-preference 600
 network 1.1.1.0 mask 255.255.255.0
 neighbor 192.168.12.2 remote-as 2
 neighbor 192.168.16.6 remote-as 1

Open in new window


R6#sh run | beg router bgp
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.16.1 remote-as 1
 neighbor 192.168.56.5 remote-as 3

Open in new window


R5#sh run | beg router bgp
router bgp 3
 network 5.5.5.0 mask 255.255.255.0
 neighbor 192.168.35.3 remote-as 2
 neighbor 192.168.56.6 remote-as 1

Open in new window


R1# sh ip bgp
BGP table version is 13, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       0.0.0.0                  0         32768 i
* i2.2.2.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2             0             0 2 i
* i3.3.3.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2                           0 2 i
* i4.4.4.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2                           0 2 i
* i5.5.5.0/24       192.168.56.5             0    100      0 3 i
R1#

Open in new window


R6#sh ip bgp              
BGP table version is 6, local router ID is 192.168.56.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i1.1.1.0/24       192.168.16.1             0    600      0 i
* i2.2.2.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
* i3.3.3.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
* i4.4.4.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
*> 5.5.5.0/24       192.168.56.5             0             0 3 i

Open in new window



R5# sh ip bgp             
BGP table version is 10, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       192.168.56.6                           0 1 i
*> 2.2.2.0/24       192.168.35.3                           0 2 i
*> 3.3.3.0/24       192.168.35.3             0             0 2 i
*> 4.4.4.0/24       192.168.35.3                           0 2 i
*> 5.5.5.0/24       0.0.0.0                  0         32768 i
R5#

Open in new window

0
Need list of unencrypted protocols.

I know only port 80(HTTP) and 21(FTP)
0
bgp
on the topology above  I have R1 and R2 on AS12 and R3 on AS3

I am using Next-Hop-Self on R2 to tell R1 "in order to reach R3 come to me", but does not seem to work.

Here is the configuration  of BGP on each router.
R1#sh run | beg router bgp
router bgp 12
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.0 mask 255.255.255.0
 neighbor 192.168.12.2 remote-as 12

Open in new window


R2#sh run | beg router bgp
router bgp 12
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.12.1 remote-as 12
 neighbor 192.168.12.1 next-hop-self
 neighbor 192.168.23.3 remote-as 3
 neighbor 192.168.23.3 next-hop-self

Open in new window


R3#sh run | beg router bgp
router bgp 3
 no synchronization
 bgp log-neighbor-changes
 network 3.3.3.0 mask 255.255.255.0
 neighbor 192.168.23.2 remote-as 12

Open in new window


I cannot ping from R1 to R3 and vice-versa

If I advertize networks 192.168.12.0 and 192.168.23.0 From R2 then I will be able to ping from R1 to R3 and back

Any idea ?

Thanks
0
bgpon the topology above I configured Route-Reflector on R5 to get full reachability.
My Confusion is I have seen some examples where they configure Next-hop-self.
for instance this :https://www.youtube.com/watch?v=QMkJfnMNZm8

Any BGP expert out there to clarify when Route-Reflector should be used and when Next-hop-self should be used ? If I had used Next-hop-self in my scenario, will that work fine just as Route-reflector did ?

Thank you

======


R2,R5,R3 are on the same AS  (AS2), they are IBGP Routers
 R1 is in AS1 and R4 in AS3



R1#sh run | beg router bgp
router bgp 1
 network 1.1.1.0 mask 255.255.255.0
 network 192.168.12.0
 neighbor 192.168.12.2 remote-as 2

R2#sh run | beg router bgp
router bgp 2
 network 2.2.2.0 mask 255.255.255.0
 network 192.168.12.0
 network 192.168.25.0
 neighbor 192.168.12.1 remote-as 1
 neighbor 192.168.25.5 remote-as 2

R3#sh run | beg router bgp
router bgp 2
 network 3.3.3.0 mask 255.255.255.0
 network 192.168.34.0
 network 192.168.35.0
 neighbor 192.168.34.4 remote-as 3
 neighbor 192.168.35.5 remote-as 2

R4#sh run | beg router bgp
router bgp 3
 network 4.4.4.0 mask 255.255.255.0
 network 192.168.34.0
 neighbor 192.168.34.3 remote-as 2

R5#sh run | beg router bgp
router bgp 2
 no synchronization
 bgp log-neighbor-changes
 network 5.5.5.0 mask 255.255.255.0
 network 192.168.25.0
 network 192.168.35.0
 neighbor 192.168.25.2 remote-as 2
 neighbor 192.168.25.2 …
0
bgp

I have the topology above.
I configured BGP on R1:AS1  ,R2: AS2  and R4:AS2 ,R5:AS3 , I have also configured OSPF on R2,R4,R3
BGP is not configured on R3, just OSPF

Now when I  try to ping R5 from R2 or the R1 from R4 I get the UUUUU

Below is the configuration of all 5 Routers

R1#sh run
Building configuration...

Current configuration : 1385 bytes
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!         
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
! 
!
!
!         
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
 !
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
 duplex half
 !
!
interface Ethernet1/0
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/1
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/2
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/3
 no ip address
 shutdown
 duplex half
 !
!
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.0 mask 255.255.255.0
 neighbor 192.168.12.2 remote-as 2
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
!
!
!
!
!
!

Open in new window

0
bgpI have the topology shown  above.  R1 and R5 are running BGP, R2  and R4 are  running BGP and OSPF , R3 is running just OSPF

I would like to know if I need to run BGP on R3 in addition to OSPF, or just redistribute BGP into OSPF and OSPF into BGP on R2 and R4


Thank you
Screen-Shot-2017-07-27-at-2.33.23-PM.png
1

Networking Protocols

12K

Solutions

16K

Contributors

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.