Mar 7, 2013

RIP routing with nat overload


RIP routing with nat overload

How to : Rip Routing

Rip Routing with nat overload
In this post we will be doing RIP routing, static routing and NAT overload. In the Figure
R! : is the router which is connected to internet through my loopback adapter ( Please see earlier post  to see how to configure gns3 and static routing here.) We will be applying rip router in all the three routers so that three routers can have connection to each other. Along with this we will
configure SNAT overload in router R1 so that R2 and R3 also have internet connection through router R1
Remember this is all done in GNS3 with 2691 router image



Configuration on router R1

R1>en
R1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#inter
R1(config)#interface fa
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 192.168.0.2 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#int
*Mar  1 00:01:30.675: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:01:31.675: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config)#interfa
R1(config)#interface fa
R1(config)#interface fastEthernet 0/1
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#exit
R1#
*Mar  1 00:03:12.987: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
R1#
*Mar  1 00:03:13.703: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:03:13.987: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
R1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.1
R1(config)#exit
R1#ping 1
*Mar  1 00:03:35.171: %SYS-5-CONFIG_I: Configured from console by console
R1#ping 192.168.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 16/21/32 ms
R1#ping 8.8.8.8

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 216/256/308 ms
R1#ip na
R1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#ip name
R1(config)#ip name-server 8.8.8.8
R1(config)#ip dom
R1(config)#ip domain-l
R1(config)#ip domain-loo
R1(config)#ip domain-lookup
R1(config)#exit
R1#ping
*Mar  1 00:04:13.827: %SYS-5-CONFIG_I: Configured from console by console
R1#ping www.google.com
Translating "www.google.com"...domain server (8.8.8.8) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 74.125.235.52, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 156/175/236 ms

The above configuration shows that we have internet access from router R!
Now lets configure rip routing in R1 so that other routers knows about 192.168.0.0 and 192.168.1.0 network

R1(config)#router ri
R1(config)#router rip
R1(config-router)#ver
R1(config-router)#version 2
R1(config-router)#no au
R1(config-router)#no auto-summary
R1(config-router)#network 192.168.0.0
R1(config-router)#network 192.168.1.0

Now you can do
R1#sh ip protocols
Routing Protocol is "rip"
  Sending updates every 30 seconds
  Invalid after 180 seconds, hold down 180, flushed after 240
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Redistributing: rip
  Default version control: send version 2, receive version 2
    Interface             Send  Recv  Triggered RIP  Key-chain
    FastEthernet0/0       2     2
    FastEthernet0/1       2     2
  Automatic network summarization is not in effect
  Maximum path: 4
  Routing for Networks:
    192.168.0.0
    192.168.1.0
  Routing Information Sources:
    Gateway         Distance      Last Update
  Distance: (default is 120)
This shows that router rip is running and sending updates every 30 seconds

Now lets move to Router R2
R2>en
R2#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#interfa
R2(config)#interface fa
R2(config)#interface fastEthernet 0/0
R2(config-if)#ip add
R2(config-if)#ip address 192.168.1.2 255.255.255.0
R2(config-if)#no shu
R2(config-if)#no shutdown
R2(config-if)#exit
*Mar  1 00:03:18.119: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:03:19.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R2(config-if)#exit
R2(config)#exit
R2#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#
*Mar  1 00:03:20.823: %SYS-5-CONFIG_I: Configured from console by console
R2(config)#interf
R2(config)#interface fa
R2(config)#interface fastEthernet 0/1
R2(config-if)#ip address 192.168.2.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#
*Mar  1 00:03:49.651: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Mar  1 00:03:50.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
R2(config-if)#exit
R2(config)#router rip
R2(config-router)#vers
R2(config-router)#version 2
R2(config-router)#no au
R2(config-router)#no auto-summary
R2(config-router)#network 192.168.1.0 192.168.2.0
                                      ^
% Invalid input detected at '^' marker.

R2(config-router)#network 192.168.1.0
R2(config-router)#network 192.168.2.0
R2(config-router)#exit
R2(config)#exit
R2#
*Mar  1 00:04:49.815: %SYS-5-CONFIG_I: Configured from console by console
R2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

R    192.168.0.0/24 [120/1] via 192.168.1.1, 00:00:08, FastEthernet0/0
C    192.168.1.0/24 is directly connected, FastEthernet0/0
C    192.168.2.0/24 is directly connected, FastEthernet0/1

Above you can see that router R2 now knows about 192.168.0.0 network through rip running on router R!
Now lets see if we can ping 192.168.0.2
R2#ping 192.168.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 96/176/216 ms
yes we can
ok lets try to ping 192.168.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
oh the ping is failing why? remember our 192.168.0.1 is connected through internet so we have to perform nat so that all the packets to 192.168.0.1 should come from 192.168.0.2
we will be performing nat later, for now lets move to router R3 and configure RIP there

R3
R3>en
R3#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#interface fas
R3(config)#interface fastEthernet 0/0
R3(config-if)#ip address 192.168.2.2 255.255.255.0
R3(config-if)#exit
R3(config)#inter
R3(config)#interface lo
R3(config)#interface loopback ?
  <0-2147483647>  Loopback interface number

R3(config)#interface loopback 0
R3(config-if)#ip address 192.168.3.1
% Incomplete command.

R3(config-if)#ip address 192.168.3.1 255.255.255.0
R3(config-if)#no shut
R3(config-if)#exit
R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#no au
R3(config-router)#no auto-summary
R3(config-router)#network 192.168.2.0
R3(config-router)#network 192.168.3.0
R3(config-router)#exit
R3(config)#exit
R3#sh ip
*Mar  1 00:11:40.659: %SYS-5-CONFIG_I: Configured from console by console
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.3.0/24 is directly connected, Loopback0
R3#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#inter
R3(config)#interface f
R3(config)#interface fastEthernet 0/0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#exit
R3#
*Mar  1 00:12:06.791: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
R3#
*Mar  1 00:12:06.963: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:12:07.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.2.0/24 is directly connected, FastEthernet0/0
C    192.168.3.0/24 is directly connected, Loopback0
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.2.0/24 is directly connected, FastEthernet0/0
C    192.168.3.0/24 is directly connected, Loopback0
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

R    192.168.0.0/24 [120/2] via 192.168.2.1, 00:00:23, FastEthernet0/0
R    192.168.1.0/24 [120/1] via 192.168.2.1, 00:00:23, FastEthernet0/0
C    192.168.2.0/24 is directly connected, FastEthernet0/0
C    192.168.3.0/24 is directly connected, Loopback0

Now upto this point we have connectivity to all the routers, you can check by doing ping

Now if you see sh ip route in R1, R2 and R3 you can see that In R1 the gateway of last resort is set but in R2 and R3 you will find gateway of last resort not set
what this means is route R2 and R3 knows about 192.168..0.0 192.168.1.0 192.168.2.0 192.168.3.0 through direct connection and through rip routing, but it doesnt know any other networks than that.
so if we ping 8.8.8.8 then these two routers will look up in their routing table and drops the packet as both routers does not know about 8.8.8.8 networks. so we have to give them the default route so that
the routers can route all other packets other than the network they knows from direct connection and rip routing. In other words lets define their default gateways

R2(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
R3(config)#ip route 0.0.0.0 0.0.0.0 19.168.2.1

Ok now lets configure NAT overload in router R1 so that routers R2 and R3 can connect to the internet

NAT
R1>en
R1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int fa
R1(config)#int fastEthernet 0/0
R1(config-if)#ip nat outside
R1(config-if)#int fa
R1(config-if)#exit
R1(config)#int
R1(config)#interface fa
R1(config)#interface fastEthernet 0/1
R1(config-if)#ip nat inside
R1(config-if)#exit
R1(config)#ip access
R1(config)#ip access-list sta
R1(config)#ip access-list standard NAT_ADDRESSES
R1(config-std-nacl)#permit 192.168.0.0 0.0.255.255
R1(config-std-nacl)#exit
R1(config)#exit
R1#show ac
*Mar  1 00:18:21.811: %SYS-5-CONFIG_I: Configured from console by console
R1#show acc
R1#show acce
R1#show access-li
R1#show access-lists
Standard IP access list NAT_ADDRESSES
    10 permit 192.168.0.0, wildcard bits 0.0.255.255
R1#ip nat inside sour
R1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#ip na
R1(config)#ip nat ins
R1(config)#ip nat inside sou
R1(config)#ip nat inside source li
R1(config)#ip nat inside source list NAT_ADDRESSES int
R1(config)#ip nat inside source list NAT_ADDRESSES interface fa
R1(config)#$de source list NAT_ADDRESSES interface fastEthernet 0/0 over
R1(config)#$de source list NAT_ADDRESSES interface fastEthernet 0/0 overload

no routers R2 and R3 can have internet connection

R2(config)#ip nam
R2(config)#ip name-server 8.8.8.8
R2(config)#ip dom
R2(config)#ip domain-l
R2(config)#ip domain-lo
R2(config)#ip domain-lookup
R2#ping www.google.com
Translating "www.google.com"...domain server (8.8.8.8) [OK]

Translating "www.google.com"...domain server (8.8.8.8) [OK]

Translating "www.google.com"...domain server (8.8.8.8) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 74.125.235.51, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 240/383/572 ms
You can see nat translations in router R!
R1#sh ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
udp 192.168.0.2:55090  192.168.1.2:55090  8.8.8.8:53         8.8.8.8:53
icmp 192.168.0.2:7     192.168.1.2:7      8.8.8.8:7          8.8.8.8:7
icmp 192.168.0.2:4     192.168.1.2:4      192.168.0.1:4      192.168.0.1:4
icmp 192.168.0.2:8     192.168.1.2:8      192.168.0.1:8      192.168.0.1:8
udp 192.168.0.2:51837  192.168.1.2:51837  8.8.8.8:53         8.8.8.8:53
udp 192.168.0.2:56093  192.168.1.2:56093  8.8.8.8:53         8.8.8.8:53
udp 192.168.0.2:520    192.168.0.2:520    224.0.0.9:520      224.0.0.9:520
udp 192.168.0.2:56675  192.168.1.2:56675  8.8.8.8:53         8.8.8.8:53
icmp 192.168.0.2:3     192.168.1.2:3      74.125.235.51:3    74.125.235.51:3
icmp 192.168.0.2:6     192.168.1.2:6      74.125.235.48:6    74.125.235.48:6
icmp 192.168.0.2:5     192.168.1.2:5      74.125.235.52:5    74.125.235.52:5
udp 192.168.0.2:52606  192.168.1.2:52606  8.8.8.8:53         8.8.8.8:53
udp 192.168.0.2:52811  192.168.1.2:52811  8.8.8.8:53         8.8.8.8:53

Thank you

No comments:

Post a Comment