Monday, 30 January 2023

Static vs dynamic IP addresses - configurations

Knowledge 

A static IP address is a permanent, fixed address assigned to a device on a network, rather than being assigned dynamically by a DHCP server. This allows for easier network administration and can help with specific applications such as remote access or website hosting.


DHCP stands for Dynamic Host Configuration Protocol. It is a network protocol used to dynamically assign IP addresses to devices on a network. DHCP allows for automatic and centralized management of IP addresses, reducing the manual effort required to configure devices on a network. It helps ensure that each device has a unique IP address and eliminates the risk of IP address conflicts. 

Skill


DHCP from a router

Set a simulation environment similar to the below



Assign  the IP address

On the router enter the commands below. Here ip address 192.168.0.1 with default subnet mask 255.255.255.0 has been assigned to interface gigabitethernet 0/0/0




Configure DCHP pool

Here the DHCP pool has been named "FOC" the network address has been assigned to the pool "192.168.0.0" and the default router: "192.168.0.1" . The default router address will give the default gateway address to the devices requesting a DHCP ip address. The final commands exclude an IP range. This range is outside the DHCP pool so our first host should connect with 192.168.0.11




Testing

On one (or all the PCS) change the IP configuration to DHCP. If successful your first device should be given 192.168.0.11 and so on.



Video run through





DHCP from a server

Build a topology similar to the below.


Configure the router


Set the ip address of the router. Here we have assigned IP address 192.168.0.1 to interface gigabit ethernet 0/0/0 with the default subnet mask of 255.255.255.0






Server DHCP configuration

Turn the DHCP service on. Give the pool a name, here it is "FOC". Set the default gateway which is the router address (192.168.0.1) and the DNS server we will just use this server address for now. Click Save or Add.



Assign an IP address to the Server


In the interface section give the server an IP address of 192.168.0.2







Testing

On one of the PCs change the IP configuration to DHCP in order to receive an IP address, Default Gateway and DNS server address





Higher thinking

  • Where would you see these uses of DHCP? Server use and router use? What type of network?
  • What devices would  you expect to see in the excluded range?
  • What is the benefit of using DHCP?
  • What are the downsides to using DHCP?
  • Research lease times and DHCP










SSH vs Telnet - Configure both

Knowledge

SSH and Telnet are both protocols for remote access, but there are differences between the two:

Security: SSH provides encrypted communication, while Telnet is insecure and sends data in clear text.

Port numbers: SSH uses port 22, Telnet uses port 23.

Functionality: SSH provides secure terminal emulation and also supports file transfers, while Telnet only provides terminal emulation.

Authentication: SSH uses public key and password-based authentication, Telnet only uses password-based authentication.

In general, SSH is preferred over Telnet for remote access due to its security and additional functionality.

Skill

SSH

Setting the environment


Make a small network environment similar to the below


Configure the interfaces


Below shows the router configuration for interface gigabitEthernet 0/0/0 with an ip address of 172.16.0.1 and the default subnet mask of 255.255.0.0



Configure the ssh encryption keys


Below are the commands to generate encryption keys. The domain name given is FOC, the router name is changed to FOC1 and the bits assigned is 1024. (the greater the number the higher level of encryption but speed is impacted




Configure the password for ssh login


Here the password is set to friends. Line vty simply means that 16 simultaneous connections can be made. 




Testing


On the command prompt of the pc. Type the ssh -l ..... (then the username and the ip address)

You should now have access via ssh (make sure to type an IP address into your PCs configuration that is on the same network ie 172.16.0.2)




Telnet


Similar to the previous example build a small simulation environment like the below.




Secure the Switch


Set the password for the executive mode, this will be used after the remote login password






Configure the VLAN



Configure interface vlan 1 and give it an IP address




Configure remote login with telnet


Configure the number of simultaneous connections and set the remote login password



Testing

Don't forget to give your PC/laptop an IP address within the same subnet. Telnet + the IP address of the switch. Here I will use the remote login password "friend" and after enable the switch config password "friends"





Higher thinking

There are two methods of remote access here, one with a higher level of security than the other. Do they both have a use within organisations, can you think of when and why these may be. 

Fast switching vs Process switching

Process Switching: Process switching is the traditional method of packet forwarding used in early routers. When a packet arrives at a router...