using routing and remote access chapter five. exam objectives in this chapter: plan a routing...
TRANSCRIPT
Using Routing Using Routing and Remote and Remote
AccessAccess
ChapterFive
Exam Objectives in this Chapter: Plan a routing strategy
Identify routing protocols to use in a specified environment
Plan routing for IP multicast traffic Plan security for remote access users
Plan remote access policies Analyze protocol security requirements Plan authentication methods for remote access clients
Troubleshoot TCP/IP routing. Tools might include the route, tracert, ping, pathping, and netsh commands, and Network Monitor
Lessons in this Chapter: Planning a Routing and Remote Access
Strategy Static and Dynamic Routing Securing Remote Access Troubleshooting TCP/IP Routing
Planning a Routing and Remote Access Strategy Choosing a WAN Topology
WAN
Router Router
Planning a Routing and Remote Access Strategy 5 Network Sites WAN
Mesh Topology
Planning a Routing and Remote Access Strategy 5 Network Site WAN
Ring Topology
Planning a Routing and Remote Access Strategy 5 Network Site WAN Star Topology
Selecting a WAN Technology Using Leased Lines Using Dial-On-Demand Connections Using Frame Relay Using VPN
Exam Tip Be sure to understand the ramifications of
using persistent WAN connections as
Using Frame Relay
Static and Dynamic Routing Selecting Routers
Using Route Print
Using Static Routing The drawbacks of static routing are the amount of manual
maintenance the process requires and the routers’ inability to compensate for changes in the network configuration
Example Route Add Statement:
ROUTE ADD 192.168.87.0 MASK 255.255.255.0 192.168.2.21 METRIC 2 IF 1
The address following the ADDADD parameter is the Network Destination column value.
The subnet mask for the destination network address follows the MASK parameter.
The IP address following the subnet mask is the Gateway column value. The Metric column value follows the METRIC parameter, and The number following the IF parameter identifies one of the computer’s
network interfaces. By substituting the DELETE or CHANGE parameter for ADD, you can create
commands that remove entries from the routing table or modify existing entries.
Using Static Routing The drawbacks of static routing are the amount of manual
maintenance the process requires and the routers’ inability to compensate for changes in the network configuration
Example Route Add Statement:
ROUTE ADD 192.168.87.0 MASK 255.255.255.0 192.168.2.21 METRIC 2 IF 1
The address following the ADDADD parameter is the Network Destination column value.
The subnet mask for the destination network address follows the MASKMASK parameter.
The IP address following the subnet mask is the Gateway column value. The Metric column value follows the METRIC parameter, and The number following the IF parameter identifies one of the computer’s
network interfaces. By substituting the DELETE or CHANGE parameter for ADD, you can create
commands that remove entries from the routing table or modify existing entries.
Using Static Routing The drawbacks of static routing are the amount of manual
maintenance the process requires and the routers’ inability to compensate for changes in the network configuration
Example Route Add Statement:
ROUTE ADD 192.168.87.0 MASK 255.255.255.0 192.168.2.21 METRIC 2 IF 1
The address following the ADDADD parameter is the Network Destination column value.
The subnet mask for the destination network address follows the MASKMASK parameter.
The IP addressIP address following the subnet mask is the Gateway column value. The Metric column value follows the METRIC parameter, and The number following the IF parameter identifies one of the computer’s
network interfaces. By substituting the DELETE or CHANGE parameter for ADD, you can create
commands that remove entries from the routing table or modify existing entries.
Using Static Routing The drawbacks of static routing are the amount of manual
maintenance the process requires and the routers’ inability to compensate for changes in the network configuration
Example Route Add Statement:
ROUTE ADD 192.168.87.0 MASK 255.255.255.0 192.168.2.21 METRIC 2 IF 1
The address following the ADDADD parameter is the Network Destination column value.
The subnet mask for the destination network address follows the MASKMASK parameter.
The IP addressIP address following the subnet mask is the Gateway column value. The MetricMetric column value follows the METRIC parameter, and The number following the IF parameter identifies one of the computer’s
network interfaces. By substituting the DELETE or CHANGE parameter for ADD, you can create
commands that remove entries from the routing table or modify existing entries.
Using Static Routing The drawbacks of static routing are the amount of manual
maintenance the process requires and the routers’ inability to compensate for changes in the network configuration
Example Route Add Statement:
ROUTE ADD 192.168.87.0 MASK 255.255.255.0 192.168.2.21 METRIC 2 IF 1
The address following the ADDADD parameter is the Network Destination column value.
The subnet mask for the destination network address follows the MASKMASK parameter.
The IP addressIP address following the subnet mask is the Gateway column value. The MetricMetric column value follows the METRIC parameter, and The number following the IFIF parameter identifies one of the computer’s
network interfaces. By substituting the DELETE or CHANGE parameter for ADD, you can create
commands that remove entries from the routing table or modify existing entries.
Using Static Routing The drawbacks of static routing are the amount of manual
maintenance the process requires and the routers’ inability to compensate for changes in the network configuration
Example Route Add Statement:
ROUTE ADDADD 192.168.87.0 MASK 255.255.255.0 192.168.2.21 METRIC 2 IF 1
The address following the ADDADD parameter is the Network Destination column value.
The subnet mask for the destination network address follows the MASKMASK parameter.
The IP addressIP address following the subnet mask is the Gateway column value. The MetricMetric column value follows the METRIC parameter, and the number
following the IF parameter identifies one of the computer’s network interfaces. By substituting the DELETEDELETE or CHANGECHANGE parameter for ADDADD, you can create
commands that remove entries from the routing table or modify existing entries.
Planning When you consider the number of
networks, routers, and sites that make up your enterprise, you can decide whether the amount of time and effort needed to maintain static routes is worth the savings in network traffic.
Using Dynamic Routing Dynamic routing uses specialized
protocols that enable routers to communicate with each other and share their routing table information
Dynamic routing eliminates the need for network administrators to manually create static routes on each router
Selecting a Routing Protocol The routing protocols most commonly
used on private networks are the two supported by the Routing and Remote Access service in Windows Server 2003: Routing Information Protocol (RIP) and Open Shortest Path First (OSPF).
In most cases, the designer of a routing strategy selects one of these two protocols
Understanding Routing Metrics The lower the metric value, the more
efficient the route In dynamic routing, the metric values must
represent a specific attribute for routing protocols to compute them
Different Routing Protocols: Distance Vector Routing Link State Routing
Exam Tip Be sure to understand that the metrics in
distance vector routing protocols represent the number of hops to the destination, regardless of the type or speed of the network connecting the routers at each hop. RIP is a distance vector routing protocol.
Distance Vector Routing RIP makes no distinction between different
types of networks. A hop is a hop, whether the packets are passing over a 1,000 Mbps Gigabit Ethernet network or a 33 Kbps dial-up modem connection.
Link State Routing Use a route cost value, which OSPF factors
into the equation Link state routing is more processor
intensive than distance vector routing, but it is also more precise and more capable of compensating for changes in the network infrastructure.
Understanding Routing Protocol Communications Link state routing is one of the main
reasons that administrators choose OSPF over RIP
When a RIP router starts, it generates a RIP request message and transmits it as a broadcast over all its network interfaces.
After the initial exchange of messages, the RIP routers all transmit periodic updates at regular intervals.
Administering Routing Protocols OSPF’s link state routing capabilities and
its ability to form areas make it more efficient and scaleable than RIP, but it does have drawbacks. Deploying RIP on a network is usually simplicity itself.
Exam Tip When preparing for the exam, no time
spent familiarizing yourself with the RIPand OSPF configuration parameters in the Routing And Remote Access console will be wasted.
Use the online help to learn the functions of the routing protocol parameters.
Routing IP Multicast Traffic A unicastunicast transmission, by definition,
involves two systems only, a source and a destination.
MulticastMulticast transmissions use a single destination IP address that identifies a group of systems on the network, called a host group.
MulticastsMulticasts use Class D addressesClass D addresses, as assigned by the Internet Assigned Numbers Authority (IANA), which can range from 224.0.1.0 to 239.255.255.255.
Multicast Promiscuous Mode To receive all the IP multicast traffic on the
network, the network interface adapters in a router must support a special mode called multicast promiscuous mode.
Unlike promiscuous mode, in which the network interface adapter processes all incoming packets, multicast promiscuous mode has the network interface adapter process all incoming packets with the multicast bit (that is, the last bit of the first byte of the destination hardware address) set to a value of 1.
Practice: Installing RIP
Exercise 1: Configuring Routing and Remote Access as a LAN Router
Page 5-21 Exercise 2: Installing RIP
Page 5-22 Exercise 3: Disabling Routing and Remote
Access Page 5-23
Securing Remote Access Determining Security Requirements
Which users require remote access? Do users require different levels of remote
access? Do users need access to the network? What applications must users run?
Securing Remote Access Controlling Access Using Dial-In Properties
Remote Access Permission (Dial-in Or VPN) Verify Caller ID Callback Options
Planning Authentication Extensible Authentication Protocol (EAP) Microsoft Encrypted Authentication Version 2 (MS-CHAP v2) Microsoft Encrypted Authentication (MS-CHAP) Encrypted Authentication (CHAP) Shiva Password Authentication Protocol (SPAP) Unencrypted Password (PAP) Allow Remote Systems To Connect Without Authentication
Exam Tip You should understand the differences
among these authentication protocols and how they provide their respective levels of security.
Using Remote Access Policies Remote Access Policy Components
Conditions Remote access permission Remote access profile
Creating Remote Access Policies
Important: Before RRAS can use remote access
policies to regulate access to the serverby group membership, you must configure the user’s account by selecting the Control Access Through Remote Access Policy option button in the Dial-in tab in the user’s Properties dialog box in the Active Directory Users And Computers console.
Practice: Installing a Routing and Remote Access
Server Exercise 1: Configuring Routing and Remote
Access as a Remote Access Server Page 5-35
Exercise 2: Creating a Remote Access Policy for Domain Users
Page 5-36 Exercise 3: Creating a Remote Access Policy for
Domain Administrators Page 5-37
Troubleshooting TCP/IP Routing Isolating Router Problems
Using Ping Using Tracert Using Pathping
Troubleshooting the Routing and Remote Access Configuration Verify that the Routing and Remote Access
service is running Verify that routing is enabled Check the TCP/IP configuration settings Check the IP addresses of the router
interfaces
Troubleshooting the Routing Table Troubleshooting Static Routing Troubleshooting Routing Protocols Troubleshooting RIP Troubleshooting OSPF
Summary Case Scenario Exercise
Page5-50 Troubleshooting Lab
Page 5-52 Exam Highlights
Key Points Key Terms
Page 5-53