Network Includes Routers Switches Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

A router is a device that forwards data packets along networks. A router is connected to at least two networks, which commonly are two local area networks or wide area networks  or a Local area network and its ISP's network. Routers are normally located at the gateways which are the places in which two or more networks connect. When data is sent between locations that are on one network or from one network to another network, the data is always located and is sent to the correct location by the router. The router is able to do this by using headers and forwarding tables to see which is the best path for forwarding the data packets, and they also use protocols such as Internet Control Message Protocol (ICMP) to communicate with each other and configure what the best route is between any two hosts.

A networking switch is the central device in a wired or a wireless local area network. A switch receives signals from each computer on the network via Ethernet cables in a wired network or from radio waves in a wireless local area network. In both cases, the switch directs traffic across the LAN, which would enable the computers to talk to each other and be able to share resources.

All computers included in the LAN must have a network interface card (NIC). The card assigns a unique address to the machine that it is installed. This is called a Medium Access Control address (MAC).A wired network interface card accommodates an Ethernet cable, which runs to a port on the back of the networking switch. If the NIC is wireless, the card will feature a small antenna where it transmits signals to the wireless switch, where it also has an antenna rather than ports. Whether wireless or wired, the switch acts as a relay, reading traffic packets as they arrive from the various machines and directing the packets to the proper MAC address.

A networking switch runs in full-duplex mode which means that a machine on the LAN can receive and transmit data at the same time. This is much faster than using a networking hub which is another device which serves the same purpose, but operates in half-duplex mode, which allows each machine or node either to send or receive data at any given time. Another difference between a switch and a hub is that the switch sends traffic in order, using addresses to send traffic packets to where they are supposed to go. A networking hub broadcasts all traffic on the network to all nodes, where it relies on filters within each machine to discard packets that are not addressed to it. This makes networks that use a hub particularly vulnerable to "packet sniffers" or eavesdropping.

For the above reasons, a networking switch is considered superior to a networking hub, but the device is also not foolproof. It can be "tricked" into accommodating packet sniffers, but the methods used to trick the switch will leave telltale traffic signatures, unlike the passive methods that can be used on a hub. Anti-sniffing software can be installed on a switched network to detect packet sniffers.

The company already has a network set up but it is not secure. To make it secure Access Control Lists would have to be implemented. The Access Control Lists would be configured in the Routers. The ACLs would consist of standard and extended ACLs.

An ACL (Access Control list) comprises of access control entries (ACE). Each ACE that is in the listing contains the information on permissions for packets that are entering or leaving the ACL network. Each ACE would contain either a permit or deny statement, as well as additional criteria a packet will need to meet. Most of the time packets are looked upon based on common Internet protocol (IP) standards, such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP). For a standard ACL, only the originating address where the packet is coming from is checked, however in an extended ACL, rules can be established to check that the origin and destination addresses as well as the specific ports that the traffic both came from and are headed to.

In an ACL network, the control lists are configured within network routers and switches. There are separate rules in which an ACL should be configured. Regardless of which hardware manufacturer or software developer created the programming that processes packets against an ACL, the most important part of implementing and configuring an ACL network is planning. Where there is poor planning, it can be entirely possible for an administrator to log on to a router, begin configuring an ACL on that router, and then find him or herself locked out of that router or some segment of an entire network.

One of the most common ACL network implementations is built on the Internetwork Operating System (IOS) that was created by Cisco. On Cisco IOS routers and switches, the ACL is typed in manually by an administrator and is implemented automatically as each item in the list is added. The ACL has to be implemented incrementally, so that as an individual packet matches an entry, the remainder that fall under the same permissions can follow. Any changes to the list mean that it would need to be retyped in its entirety again.

An Access Control list is not as secure as a firewall for protecting a network; an ACL is useful while being used along with a firewall for a number of scenarios. An administrator can limit the traffic going to and from certain areas of a larger network or prevent traffic that originates at certain addresses from leaving the network altogether. Packets can also be monitored in an ACL network in order to locate problem areas on the network; it can identify hosts that are behaving improperly or track down client computers that may be infected with a virus that is attempting to spread. An ACL can also be used to categorize traffic that may need to be encrypted between nodes on the network.

Using the class C address 192.168.11.0/24 which was allocated we will be creating this ip address scheme with a 3 bit subnet. The Admin subnet would have an address of 192.168.11.0 along with a subnet mask of 255.255.255.224 along with an assignable range of 192.168.1.1 to 192.168.1.30 and with a broadcast address of 192.168.11.31. The finance subnet has an ip address of 192.168.11.32 with a subnet mask of 255.255.255.224 along with an assignable range of 192.168.1.33 to 192.168.1.62 and with a broadcast address of 192.168.11.63. The users subnet has an address of 192.168.11.64 with a subnet mask of 255.255.255.224 with an assignable range of 192.168.1.65 to 192.168.1.94 and with a broadcast address of 192.168.11.95.

There is also the finance to admin link which has an ip address of 192.168.11.96, with a subnet mask of 255.255.255.224, with an assignable range of 192.168.11.97 to 192.168.11.126. The broadcast address for this link is 192.168.11.127. The admin to users link has an IP address of 192.168.11.128, with a subnet mask of 225.255.255.224, with an assignable range of 192.168.11.129 to 192.168.11.158. The broadcast address for this link is 192.168.11.159.

The ip addresses for the devices in the network include the Admin router on a fa0/0 interface with an ip address of 192.168.11.33, with a subnet mask of 255.255.255.224 and the admin router with the fast Ethernet port is on the 192.168.11.32. On the serial port S0/0/0 interface the ip address is 192.168.11.98 along with a subnet mask of 255.255.255.224 and the admin router with the serial port is on the 192.162.11.96 network.

The finance router on a fast Ethernet port Fa0/0 has an ip address of 192.168.11.1 with a subnet mask of 255.255.255.224 the fast Ethernet port is on the 192.168.11.0 network. The serial port on the router which is s/0/0/0 has an ip address of 192.168.11.97 with a subnet mask of 255.255.255.224, the network ip address that it is connected to is 192.168.11.96. The serial port s/0/0/1 has an ip address 192.168.11.130; the subnet mask is 255.255.255.224, the network ip address that this serial port is connected to 192.168.11.128.

The users router with a serial port s/0/0/0 has an ip address of 192.168.11.130 it has a subnet mask of 255.255.255.224. The network IP address that it is connected to is 192.168.11.128. The fast Ethernet connect fa0/0 has an ip address of 192.168.11.65, it's subnet mask is 255.255.255.224. The network IP address that it is connected to is 192.168.11.64.

There are three pc's PC1 through it's network card has an ip address of 192.168.11.30 It has a subnet mask of 255.255.255.224, the network ip address it is connected to is 192.168.11.0, the default gateway address that it connected to is 192.168.11.1. PC2 through it's network card has an ip address of 192.168.11.62, it has a subnet mask of 255.255.255.224. The network IP address that it is connected to is 192.168.11.32, the default gateway address that it is connected to is 192.168.11.33. PC3 through it's network card has an ip address of 192.168.11.94, the network ip address that it is connected to is 192.168.11.64. The default gateway address that it is connected to is 192.168.11.65.

Subnet Name

Needed Size

Allocated Size

Address

Mask

Dec Mask

Assignable Range

Broadcast

Admin

30

30

192.168.11.0

/27

255.255.255.224

192.168.11.1 - 192.168.11.30

192.168.11.31

Finance

30

30

192.168.11.32

/27

255.255.255.224

192.168.11.33 - 192.168.11.62

192.168.11.63

Users

30

30

192.168.11.64

/27

255.255.255.224

192.168.11.65 - 192.168.11.94

192.168.11.95

Finance -> Admin link

30

30

192.168.11.96

/27

255.255.255.224

192.168.11.97 - 192.168.11.126

192.168.11.127

Admin -> Users link

30

30

192.168.11.128

/27

255.255.255.224

192.168.11.129 - 192.168.11.158

192.168.11.159

Device name

Interface

IP Address

Subnet Mask

Network

Default gateway

Admin Router

Fa0/0

192.168.11.33

255.255.255.224

192.168.11.32

N/A

S0/0/0

192.168.11.98

255.255.255.224

192.168.11.96

N/A

Finance Router

Fa0/0

192.168.11.1

255.255.255.224

192.168.11.0

N/A

S0/0/0

192.168.11.97

255.255.255.224

192.168.11.96

N/A

S0/0/1

192.168.11.130

255.255.255.224

192.168.11.128

N/A

Users Router

S0/0/0

192.168.11.129

255.255.255.224

192.168.11.128

N/A

Fa0/0

192.168.11.65

255.255.255.224

192.168.11.64

N/A

PC1

Network Card

192.168.11.30

255.255.255.224

192.168.11.0

192.168.11.1

PC2

Network Card

192.168.11.62

255.255.255.224

192.168.11.32

192.168.11.33

PC3

Network Card

192.168.11.94

255.255.255.224

192.168.11.64

192.168.11.65

These were the ACL configures for the routers.

The ACL that was implemented in the Finance router is aimed to prevent access for the users group.

Finance router ACLs

Applied named standard ACL 'NO_ACCESS_USERS' to the fa0/0 interface in the outbound direction to deny the users group access to the finance LAN

Applied Standard ACL 1 to the vty lines to permit telnet access from the 'Admin' LAN only

The ACL that was implemented in the admin router is aimed at allowing telnet access from the admin local area network only.

Admin Router ACLs

Applied Standard ACL 1 to the vty lines to permit telnet access from the 'Admin' LAN only

Users Router ACLs

Applied the named extended ACL 'NO_FTP' to the fa0/0 interface in the inbound direction to deny transmission of FTP data from the 'Users' LAN

Applied Standard ACL 1 to the vty lines to permit telnet access from the 'Admin' LAN only

RIP (Routing Information Protocol) is a protocol that is widely used and is used for managing router information in a network that is self contained, for example in corporate local area networks (LAN) or in a group of LANs that are interconnected. RIP is classified by the Internet Engineering Task Force (IETF) as one of several internal gateway protocols (Interior Gateway Protocol).

Using RIP, a gateway host along with a router sends its entire routing table (which lists all of the other hosts that it knows about to its closest neighbour host every 30 seconds. The neighbour host in turn will then pass the information on to its next neighbour and so on until all of the hosts within the network have the same knowledge of routing paths, a state known as network convergence. RIP uses a hop count as a way to determine the network distance. Other protocols use more sophisticated algorithms that include timing as well. Each host with a router in the network uses the routing table information to determine the next host to route a packet to for a specified destination.

RIP is known as being an effective solution for small homogeneous networks. For larger, more complicated networks, RIP's transmission of the entire routing table every 30 seconds may put a heavy amount of extra traffic in the network.

The alternative to RIP is the Open Shortest Path First Protocol (OSPF), the difference between RIP and OSPF is that OSPF handles its own error detection and correction functions. RIP uses auto summarization and OSPF uses manual summarization

The version that is used for this project is RIP v1

Testing

The testing was done on packet tracer so it would be easy to see where there were any problems and it would be easy to reconfigure.

As per the aims

Source Host

Destination Host

Packet Type

Source Address

Destination Address

Expected results

Actual Results

PC1

PC2

PING

192.168.11.30

192.168.11.62

Ping Returned

Ping Returned

PC1

PC3

PING

192.168.11.30

192.168.11.94

Ping Returned

Ping Returned

PC2

PC1

PING

192.168.11.62

192.168.11.30

Ping Returned

Ping Returned

PC2

PC3

PING

192.168.11.62

192.168.11.94

Ping Returned

Ping Denied

PC3

PC1

PING

192.168.11.94

192.168.11.30

Ping Returned

Ping Returned

PC3

PC2

PING

192.168.11.94

192.168.11.62

Ping Denied

Ping Denied

PC3

PC2

FTP

192.168.11.94

192.168.11.62

Traffic Accepted

Traffic Accepted

PC3

PC1

FTP

192.168.11.94

192.168.11.30

Traffic Denied

Traffic Denied

PC1

Admin Router

TELNET

192.168.11.30

192.168.11.1

Session Established

Session Established

PC1

Finance Router

TELNET

192.168.11.30

192.168.11.33

Session Established

Session Established

PC1

Users Router

TELNET

192.168.11.30

192.168.11.65

Session Established

Session Established

PC2

Admin Router

TELNET

192.168.11.62

192.168.11.1

Session Denied

Session Denied

PC2

Finance Router

TELNET

192.168.11.62

192.168.11.33

Session Denied

Session established

PC2

Users Router

TELNET

192.168.11.62

192.168.11.65

Session Denied

Session established

PC3

Admin Router

TELNET

192.168.11.94

192.168.11.1

Session Denied

Session established

PC3

Finance Router

TELNET

192.168.11.94

192.168.11.33

Session Denied

Session established

PC3

Users Router

TELNET

192.168.11.94

192.168.11.65

Session Denied

Session established

From the results there was one test which came as not expected as PC 2 on 192.168.11.62 tried to ping PC 3 on 192.168.11.94 which ended up as ping denied.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.