Giao Trinh Mang Doanh Nghiep 0313

http://www.ebook.edu.vn

B GIO DC V O TO

TRNG I HC S PHM K THUT HNG YN

GIO TRNH MNG DOANH NGHIP

TRNH O TO: I HC NGNH O TO: CNG NGH THNG TIN

(INFORMATION TECHNOLOGY)

Hng Yn, thng 12 nm 2008


LI NI U Cng vi s pht trin nhanh chng ca nn kinh t. Vn ng dng h thng

Mng thng tin vo iu hnh v sn xut trong doanh nghip ngy cng c y

mnh. Nh qun l mong mun Qun tr vin mng thng tin phi nm c hu ht

cc cng ngh mng nhanh chng trin khai, ng dng nhng cng ngh mng

tin tin vo phc v iu hnh sn xut cng nh lp k hoch xy dng v bo v

h thng thng tin ni b ca doanh nghip trnh khi mi nguy c tn cng.

Vi cun gio trnh ny, ti c gng tp trung i su vo cc cng ngh mi nht

hin ang c p dng trong doanh nghip ti thi im hin ti.

Gio trnh ny gm 16 bi trong c 09 bi ging, 06 bi thc hnh v 01 bi tho

lun. Mc tiu cun sch i vo cc vn chnh sau:

Thit k lc a ch IP cho doanh nghip C bn v cng ngh mng khng dy Vn nh tuyn v chuyn mch trong mng doanh nghip Trin khai cc dch v my ch (Mail Server, Web Server, DNS, DHCP) C bn v bo mt

Mong mun th nhiu nhng trong thi gian 3 tn ch ca mn hc ny chng ta

cha th bao qut ton b cc cng ngh mng p dng cho doanh nghip m ch c

th i vo nhng cng ngh chnh. Hi vng t sinh vin t nghin cu, hc hi

c th lm ch c cc cng ngh v p dng tt kin thc hc vo cng vic

mai sau.

Mi kin ng gp ca sinh vin v cc bn ng nghip xin gi v theo a ch

sau


a ch lin h:

V Khnh Qu - B mn Mng my tnh v Truyn thng - Khoa Cng ngh

Thng tin, i hc S phm K thut Hng Yn

Tel: (03213) 713153

Email: [email protected]

URL: http://www.utehy.edu.vn


Tn Module: Thit k mng doanh nghip M Module: Gio vin: V Khnh Qu Ngnh hc: Cng ngh Thng tin S gi hc: 140(30/30) Loi hnh o to: Chnh qui Thi gian thc hin: Hc k III Nm hc: 2008/2009 Loi Module: LT+TH Phin bn: 20090105 1. Mc tiu: Sau khi hon thnh module ny, ngi hc c kh nng: Sau khi hon thnh module ny, ngi hc c kh nng:

- nh gi c cc hot ng ca cc thit b phn cng v phn mm trong mt m hnh mng LAN, WAN sn c

- T vn trong vic la chn cc thit b phn cng phn mm thit k mng LAN, WAN ph hp vi nhu cu ca doanh nghip nh

- nh gi c cc yu cu v qun l mng, an ninh mng v cc rng buc khc trong qu trnh thit k mng

- Thit k c mng LAN trong ta nh phc v cho cng tc ging dy v nghin cu

- Thit k c mng WAN cho Trng hc phc v cng tc o to v qun l ca Nh trng.

Module ny gip ngi hc pht trin cc nng lc: Phn tch (2); T vn (2); Thc hin (3); Thit k (3) v Bo tr (2). 2. iu kin tin quyt:

Ngi hc hc Mng my tnh. 3. M t module:

Module ny nhm cung cp cho ngi hc cc kin thc Thit k c cc h thng mng LAN/WAN; Kim tra, nh gi hiu nng hot ng ca h thng; X l c cc s c xy ra; C k nng c bn v bo mt trong h thng mng doanh nghip nh.


4. Ni dung module:

Bi 1: Tng quan v mng doanh nghip

1.1.Gii thiu mn hc, phng php hc

1.2.Cch s dng cc phn mm thit k gi lp VMWare, Boson

1.3.Gii thiu h thng mng thc t ca mt s doanh nghip

Bi 2: a ch mng

2.1.a ch IP v Subnetmask

2.2.Cc loi a ch IP

2.2.1.a ch IP Private, Public

2.2.3.a ch IP Unicast, Multicast, Broadcast

2.3.Nguyn l dch chuyn a ch IP (NAT)

2.4 Nguyn l cp pht DHCP

Bi 3: Cng ngh Wireless

3.1. Tng quan v Wireless

3.2. Cc chun Wireless

3.3. Cu hnh mng Wireless

3.3.1. Cc thnh phn thit lp mng mng WLAN

3.3.2. WLAN v SSID

3.3.3. Cu hnh mt mng WLAN n gin Bi 4: C bn v cu hnh nh tuyn

4.1. Cc giao thc nh tuyn

4.2. Giao thc nh tuyn ni vng RIP

4.3. Giao thc nh tuyn ng OSPF Bi 5:Thc hnh v nh tuyn

Cu hnh nh tuyn cho cc mng

Bi 6:Cu hnh NAT trn Router

6.1. Khi nim v NAT

6.2. Nat tnh Static NAT

6.3. Nat ng Dynamic NAT


6.4. Nat Overload PAT

Bi 7:Thc hnh Cu hnh NAT trn Router

Bi 8:Cu hnh chuyn mch (Switching)

8.1. C bn v cu hnh Switch

8.2. Cu hnh VLAN

Bi 9:Thc hnh Cu hnh chuyn mch v VLAN

Bi 10: Tho lun Mt s ch tho lun

Cc k nng cn c ca mt k s trong vai tr HelpDesk Quy trnh thit k v nng cp h thng mng c Tm hiu cc giao thc m ho trong mng WLAN Mng Wimax Tm hiu VoIP Cng ngh VPN

Bi 11: Cu hnh cc Web Server, DNS Server

11.1. Dch v phn gii tn min DNS Server

11.1.1. Nguyn l phn gii tn min

11.1.2. Xy dng my ch phn gii tn min cho mng doanh nghip

11.2. Dch v Web Server

11.2.1. Giao thc HTTP v HTTPS

11.2.2. Trin khai Website doanh nghip trn Server

Bi 12: Thc hnh cu hnh cc dch v mng c bn

12.1. Cu hnh Active Directory (AD)

12.2 Cu hnh IIS

12.3 Cu hnh DNS

12.4 Cu hnh DHCP

Bi 13. Xy dng mt Mail Server

13.1. Giao thc SMTP, POP3, IMAP

13.2. Trin khai Mail Server cho doanh nghip

Bi 14. Thc hnh Xy dng mt Mail Server

Trin khai Mail Server cho doanh nghip

Bi 15: Thc hnh Proxy v Firewall


15.1. Nguyn l hot ng ca Proxy

15.2. Nguyn l hot ng ca Firewall

15.3. Trin khai xy dng h thng tng la cho doanh nghip

Bi 16. C bn v bo mt

16.1 Cc nguy c tim tng trn mng

16.2. Cc phng thc tn cng

16.2.1 Viruses, Worms, Trojan Horses.

16.2.2 Denial of Service (DoS) v Brute Force Attack

16.3. Cc chnh sch bo mt

5. Ti liu tham kho: Sch gio trnh, Slide do gio vin bin son.

Sch tham kho:

[1]. Cisco System, "CCNA Discovery1 4.0", Cisco System, 2007


[3]. J.C. Mackin and Ian McLean, Windows Server 2003 Network Infrastructure, Microsoft Press, 2005

6. Hc liu: Gio trnh lu hnh ni b, sch tham kho, h thng bi tp mu, bi tp t lm, my tnh, ti nguyn trn Internet, Projector.

7. nh gi: Hnh thc nh gi:

- Kim tra gia k (Trin khai trn mi trng gi lp): 20% - nh gi qu trnh (kt qu cc bui thc hnh): 10% - Kim tra cui k: 70%

Tiu ch nh gi: - K nng thit k, xy dng bi ton - K nng ci t bi ton

Ngi nh gi: Gio vin ging dy v ngi hc. 8. K hoch hc tp B tr ging dy module Mng doanh nghip (3 tn ch) nh sau: 27 tit l thuyt (thc hin trong 9 bui, mi bui 3 tit), 36 tit sinh vin lm tiu lun (gio vin t b tr lch gp, hng dn sinh vin), 18 tit thc hnh (thc hin trong 6 bui, mi bui 3 tit) v 90 gi chun b c nhn ( cng 130 trang)


8. K hoch hc tp:

Bi Mc tiu Hot ng gio vin SG GV

Hot ng sinh vin SG SV

iu kin thc hin

1 - Xc nh c v tr, vai tr v ni dung ca Module trong chng trnh o to - Xy dng c k hoch v phng php hc tp ph hp. - La chn c ngun hc liu phc v cho mn hc - Trnh by c nhng li ch em li cho doanh nghip khi c h thng mng. - Trnh by c cc bc tr thnh mt nh qun tr mng trong doanh nghip

- Nu mc tiu, ni dung v k hoch hc tp ca Module - Gii thiu ngun hc liu phc v cho hc Mudule, phng php hc tp v cc tiu ch nh gi - T chc tho lun cc li ch em li cho doanh nghip khi c h thng mng - Qu trnh tr thnh mt nh nh qun tr mng trong doanh nghip - Kt lun v tng kt cc ni dung tho lun - Tr li cc cu hi ca sinh vin - Pht phiu yu cu cc ni dung cn nghin cu trong bi 2

3h

- Lnh hi v t cc cu hi thc mc - La chn c phng php hc tp v ngun hc liu phc v cho Module - Tho lun cc ni dung trong phiu yu cu - Ghi ch nhng vn c bn - Nu cc cu hi thc mc

4h

Phng hc l thuyt c trang b my tnh, my chiu.

2 - Trnh by cu trc a ch IP v4 - Mi quan h gia Subnetmask v a ch IP.

- T chc tho lun v kin trc Ipv4 v mi lin quan gia a ch IP v Subnetmask - a ra bi tp yu cu sinh vin

3h - Trnh by c cu trc IP v4 - Hiu r mi quan h gia a ch IP v Subnetmask

4h Phng hc l thuyt c trang b my tnh, my chiu.


- Th hin phn chia di a ch IP thnh cc Subnet c subnetmask bng nhau v khng bng nhau - Thit k c lc IP ph hp cho mt doanh nghip.

thc hin phn chia a ch IP thnh cc Subnet c Subnetmask bng nhau v khng bng nhau. - T vn v gii p cc vn kh khn khi sinh vin gp vng mc

cng nh cch tnh ton v phn chia mt di IP thnh cc Subnet theo p ng yu cu ca ngi s dng - Tham gia tr li nhng cu hi tnh hung m gio vin a ra

3 - Phn tch c cc u nhc im ca mng khng dy v mng c dy - Trnh by c cc m hnh ng dng mng khng dy - Trnh by c cc chun mng 802.11a,b,g v c im ca mi chun. - Trnh by c chc nng ca cc thit b c bn trong mng WLAN - Trnh by c khi nim knh truyn v SSID trong mng WLAN

- T chc tho lun v mng WLAn, cc u nhc im v cc m hnh ng dng - Gii p cho sinh vin cc vn kh khn v nh hng cho sinh vin tho lun theo ng ch - Tr li cc cu hi thc mc ca sinh vin - Cu hnh th nghim mng WLAN

3h - Tho lun theo cc ni dung gio vin a ra - Nu cc cu hi, thc mc trong qu trnh tho lun - Quan st cc gi v phn tch ca gio vin v t a ra nhng nhn nh v kin ca mnh v vn tho lun. - Cu hnh th nghim mng WLAN vi chc nng c bn

4h Phng hc l thuyt c trang b my tnh, my chiu, AccessPoint, Card mng khng dy.


- Cu hnh mng WLAN n gin

4 - Trnh by c cc giao thc nh tuyn - So snh nh tuyn tnh v ng, Distance Vector v Link State - c im ca nh tuyn Rip v1 - Cu hnh nh tuyn h thng s dng Rip v1

- T chc tho lun v nh tuyn v Router - T chc tho lun v nh tuyn tnh v nh tuyn ng, Distance Vector v Linkstate - Hng dn sinh vin cu hnh nh tuyn h thng mng ni b - Tr li cc cu hi thc mc ca sinh vin

3h - Tho lun v cc ch do gio vin hng dn - Quan st v thc hin cu hnh LAB nh tuyn vi giao thc Rip V1 - Quan st cch gi v phn tch ca gio vin t a ra nhng nhn nh v kin ca mnh v vn tho lun.

4h Phng hc l thuyt c trang b my tnh, my chiu.

5 - Thit k c lc a ch IP cho doanh nghip - Thc hin cu hnh nh tuyn cho cc mng bng nh tuyn tnh v nh tuyn ng vi Rip v1, Rip v2 - nh gi c u nhc im gia nh tuyn tnh v nh tuyn ng

- a trc ti liu tho lun cho sinh vin - Tho lun thit k lc a ch IP - Cho sinh vin pht biu kin v cc vn tho lun theo nhm phn cng trc - Tr li cc cu hi thc mc ca sinh vin - Nhn xt, nh gi v tng kt vn

3h - Sinh vin c trc ti liu v vn tho lun - Tham gia vo tho lun, a ra cu hi - Tham gia tr li nhng cu hi tnh hung m gio vin a ra - Thit k lc a ch IP cho doanh nghip v cu

6h Phng hc thc hnh c trang b my tnh, my chiu.


tho lun hnh nh tuyn gia cc mng

6 - Trnh by c cc khi nim v NAT tnh, NAT ng - So snh u nhc im ca cc loi NAT - Trnh by nguyn l hot ng ca PAT - Cu hnh PAT trn Router cho php cc IP trong LAN ra IP Public

- T chc tho lun cho sinh vin hiu r khi nim v NAT, so snh u nhc im mi loi - T chc tho lun v PAT v s cn thit c PAT - Hng dn sinh vin thc hin bi lab cu hnh PAT - Cung cp cc ti liu lin quan n kin thc NAT - Tr li cc cu hi thc mc ca sinh vin trong qu trnh thc hnh - Nhn xt, nh gi v tng kt vn tho lun

3h

- Ch ng tham gia tho lun v ch do gio vin hng dn - Trnh by cc ni dung m mnh tm hiu - Thc hin tm hiu v cu hnh bi lab do gio vin a ra

4h



7 - So snh u nhc im mi loi NAT - Cu hnh PAT trn Router NAT cc IP trong LAN ra IP Public - Phn tch c nguyn l hot ng chuyn i a ch IP

- Tho lun thit k lc a ch IP - Cho sinh vin pht biu kin v cc vn tho lun theo nhm phn cng trc - Chun b bi thc hnh - Tr li cc cu hi thc mc ca sinh vin trong qu trnh thc hnh - Kim tra tin thc hin bi tp thc hnh ca sinh vin - Giao cng vic cho tun tip theo

3h - Sinh vin c trc ti liu v vn tho lun - Tham gia vo tho lun, a ra cu hi - Tham gia tr li nhng cu hi tnh hung m gio vin a ra - Thc hnh NAT cc IP trong LAN ra IP Public

6h

Phng hc thc hnh c trang b my tnh, my chiu.

8 - Trnh by nguyn l hot ng c bn ca Switch - Trnh by khi nim VLAN v nhng ng dng ca VLAN trong thc tin - Cu hnh VLAN trn Switch - S dng Router nh tuyn gia cc VLAN

- T chc tho lun cho sinh vin tm hiu nguyn l hot ng ca Switch h tr VLAN, khi nim VLAN v nguyn l hot ng ca gi tin trong VLAN - Cung cp cc ti liu lin quan n kin thc VLAN, nh tuyn gia cc VLAN vi Router - Tr li cc cu hi thc mc ca sinh vin trong qu trnh thc hnh - Nhn xt, nh gi v tng kt vn tho lun

3h

- Ch ng tham gia tho lun v ch do gio vin hng dn - Trnh by cc ni dung m mnh tm hiu - Quan st cch gi v phn tch ca gio vin t a ra nhng nhn nh v kin ca mnh v vn tho lun. - Tham gia tr li nhng cu hi tnh hung m gio vin a ra

4h



9 - Trnh by nguyn l hot ng ca VLAN v cc ng dng VLAN trong thc tin - Cu hnh VLAN trn Switch h tr VLAN - Cu hnh nh tuyn gia cc VLAN s dng Router -ng dng m hnh mng c VLAN vo thit k h thng mng trong doanh nghip

- Tho lun nguyn l hot ng ca VLAN - Cho sinh vin pht biu kin v cc vn tho lun theo nhm phn cng trc - Chun b bi thc hnh - Tr li cc cu hi thc mc ca sinh vin trong qu trnh thc hnh - Kim tra tin thc hin bi tp thc hnh ca sinh vin - Giao cng vic cho tun tip theo

3h - Sinh vin c trc ti liu v vn tho lun - Tham gia vo tho lun, a ra cu hi - Tham gia tr li nhng cu hi tnh hung m gio vin a ra - Thc hnh bi lab chia VLAN v nh tuyn gia cc VLAN s dng Router

6h

Phng hc thc hnh c trang b my tnh, my chiu, Switch h tr VLAN v Router.

10 - Phn nhm v giao ch tho lun cho tng nhm

- Phn nhm sinh vin - Chun b cc ch tho lun - Hng dn sinh vin cc bc thc hin v ngun ti liu cn tm hiu - Nhn xt, nh gi v tng kt vn giao ch

- Nhn nhm v bo co ch mong mun tm hiu vi gio vin nu c - Tham gia cc hot ng do gio vin t chc v a ra cc cu hi thc mc cn gii p - Tm hiu cc ngun ti liu do gio vin cung cp

Phng hc l thuyt c trang b my tnh, my chiu


11 - Trnh by nguyn l phn gii tn min ca my ch DNS v nhim v ca vic phn gii tn min - So snh hai giao thc http v https - Trnh by cch cu hnh my ch DNS v Web Server

- Tho lun v nhim v ca vin phn gii tn min v nguyn l phn gii tn min - Tho lun cc giao thc truy cp web http v https - Hng dn thc hin lab cu hnh web server v DNS server - Tr li cc cu hi, thc mc ca sinh vin - Kt lun, tng kt cc ni dung tho lun

3h

- Sinh vin c trc ti liu v vn tho lun - Tham gia vo tho lun, a ra cu hi - Tham gia tr li nhng cu hi tnh hung m gio vin a ra - Quan st cch gi v phn tch ca gio vin t a ra nhng nhn nh v kin ca mnh v vn tho lun

4h


12 - Phn tch c nguyn l lm vic ca my ch DNS v web Server - Thc hin Public mt website n gin cho php truy cp website vi tn min Nam - Bo mt d liu truy cp vi https - Cu hnh cp pht IP ng cho cc Client

- Pht ti liu tho lun cho sinh vin - Tho lun v nguyn l lm vic ca DNS Server v web Server - Tho lun v s cn thit xy dng mt site ni b cho doanh nghip - Giao bi thc hnh - Kim tra tin thc hin bi tp thc hnh ca sinh vin - nh gi v gi cc cch lm cho sinh vin - Giao cng vic cho tun tip theo

3h

- Sinh vin c trc ti liu v vn tho lun - Tham gia vo tho lun, a ra cu hi - Thc hin bi lab xy dng mt site ni b cho doanh nghip cho php cc nhn vin truy cp vo thng qua tn min vi Ip cho cc Client c cp pht ng

6h



13 - Trnh by cc giao thc gi nhn mail POP3, SMTP, IMAP - Gi v nhn th s dng SMTP qua Telnet - Cu hnh Mail server phc v cho doanh nghip

- Tho lun v nhu cu v s cn thit trin khai h thng mail trong doanh nghip - Tho lun v cc giao thc gi nhn mail POP3, SMTP, IMAP - Hng dn sinh vin thc hin Lab cu hnh trin khai h thng Mail vi Mdaemon Server - nh gi v gi cc cch lm cho sinh vin - Nhn xt, nh gi v tng kt vn tho lun

3h

- Tham gia vo tho lun, a ra cu hi - Tham gia tr li nhng cu hi tnh hung m gio vin a ra - Tham gia thc hin bi lab do gio vin a ra - Quan st cch gi v phn tch ca gio vin t a ra nhng nhn nh v kin ca mnh v vn tho lun

4h


14 - Phn tch c nguyn l lm vic ca my ch Mail Server - Gi v nhn th s dng giao thc SMTP thng qua telnet - Cu hnh my ch Mail Server

- T chc tho lun v nguyn l lm vic ca my ch Mail Server - Cc lnh thc hin nhn v gi mail s dng SMTP qua telnet - Giao bi thc hnh - Kim tra tin thc hin bi tp thc hnh ca sinh vin - nh gi v gi cc cch lm cho sinh vin - Giao cng vic cho tun tip theo

3h

- Sinh vin c trc ti liu v vn tho lun - Tham gia vo tho lun, a ra cu hi - Thc hin bi Lab trin khai Mail Server cho doanh nghip

6h

Phng hc thc hnh c trang b my tnh, my chiu.


15 - So snh u nhc im v nguyn l hot ng ca mi loi Firewall - Xy dng m hnh h thng mng doanh nghip v thit lp h thng tng la bo v h thng mng doanh nghip

- T chc tho lun cc loi firewall v u nhc im mi loi - Giao bi thc hnh - Kim tra tin thc hin bi tp thc hnh ca sinh vin - nh gi v gi cc cch lm cho sinh vin

3h

- Sinh vin c trc ti liu v vn tho lun - Tham gia vo tho lun, a ra cu hi - Thc hin bi Lab trin khai tng la bo v h thng mng ca doanh nghip

6h

Phng thc hnh Ti liu tham kho

16 - Trnh by cc nguy c trn mng - Phn bit c cc c im ca Virus, Trojan, Worm - Nhn dng cc kiu tn cng DoS - Gii m Pass vi Brute Force Attack - Cc chnh sch bo mt

- T chc tho lun cc nguy c trn mng - T chc tho lun cc lai Virus, Worm, Trojan - T chc tho lun cc kiu tn cng DoS - nh gi v gi cc cch lm cho sinh vin - Nhn xt, nh gi v tng kt vn tho lun

3h

- Sinh vin c trc ti liu v vn tho lun - Tham gia vo tho lun, a ra cu hi - Thc hin bi Lab trin khai tng la bo v h thng mng ca doanh nghip

4h

Phng l thuyt c trang b my chiu Ti liu tham kho

Thng qua khoa/ b mn Gio vin


V Khnh Qu Khoa CNTT H S phm K thut Hng Yn


19

Bi 1: Tng quan v mng doanh nghip ................................................................................. 21 1.1 Gii thiu mn hc, phng php hc ........................................................................... 21 1.2.Cch s dng cc phn mm thit k gi lp VMWare, Boson ..................................... 22

1.2.1 Phn mm VMWare ................................................................................................ 22 1.2.2 Phn mm Boson Netsim......................................................................................... 23

1.3. Gii thiu h thng mng thc t ca mt s doanh nghip.......................................... 24 Bi 2: a ch mng .................................................................................................................. 26

2.1.a ch IP v Subnetmask............................................................................................... 26 2.2. Cc loi a ch IP.......................................................................................................... 26

2.2.1. a ch IP Private, IP Public ................................................................................... 26 2.2.2.a ch IP Unicast, Multicast, Broadcast ................................................................. 27

2.3.Nguyn l dch chuyn a ch IP (NAT) ....................................................................... 27 2.3.1 Cc thut ng trong NAT ........................................................................................ 27 2.3.2. Cc kiu NAT ......................................................................................................... 28

2.4. Nguyn l thu nhn mt a ch IP t DHCP Server..................................................... 29 Bi 3: Cng ngh Wireless ....................................................................................................... 31

3.1. Tng quan v Wireless .................................................................................................. 31 3.2. Cc chun Wireless........................................................................................................ 31 3.3. Cu hnh mng Wireless ................................................................................................ 32

3.3.1. Cc thnh phn thit lp mng WLAN................................................................... 32 3.3.2. WLAN v SSID...................................................................................................... 40 3.3.3. Cu hnh mt mng WLAN n gin..................................................................... 41

Bi 4: C bn v cu hnh nh tuyn....................................................................................... 42 4.1. Cc giao thc nh tuyn ............................................................................................... 42 4.2. Giao thc nh tuyn ni vng RIP ............................................................................... 49 4.3. Giao thc nh tuyn ng OSPF .................................................................................. 55

Bi 5:Thc hnh v nh tuyn................................................................................................. 62 Bi 6: Cu hnh NAT trn Router............................................................................................. 63

6.1. Khi nim chung v NAT.............................................................................................. 63 6.2 Nat tnh Static NAT ..................................................................................................... 66 6.3. Nat ng Dynamic NAT............................................................................................. 67 6.4. Nat Overload PAT ...................................................................................................... 67

Bi 7:Thc hnh Cu hnh NAT trn Router............................................................................ 69 Bi 8:Cu hnh chuyn mch (Switching) ................................................................................ 70

8.1. Cu hnh Switch v VLAN............................................................................................ 70 Bi 9:Thc hnh Cu hnh chuyn mch v VLAN................................................................. 75 Bi 10: Tho lun...................................................................................................................... 77 Bi 11: Cu hnh cc Web Server, DNS Server ....................................................................... 78

11.1. Dch v phn gii tn min DNS Server................................................................... 78 11.1.1. Nguyn l phn gii tn min ............................................................................... 78 11.1.2. Xy dng my ch phn gii tn min cho mng doanh nghip.......................... 80

11.2. Dch v Web Server..................................................................................................... 89 11.2.1. Giao thc HTTP v HTTPS.................................................................................. 89 11.2.2. Trin khai Website doanh nghip trn Server ...................................................... 89

Bi 12: Thc hnh cu hnh cc dch v mng c bn ........................................................... 103




20

Bi 13. Xy dng mt Mail Server......................................................................................... 104 13.1. Giao thc SMTP, POP3, IMAP................................................................................. 104 13.2. Trin khai Mail Server cho doanh nghip ................................................................. 110

Bi 14. Thc hnh Xy dng mt Mail Server....................................................................... 115 Bi 15: Thc hnh Proxy v Firewall ..................................................................................... 116

15.1. Nguyn l hot ng ca Proxy................................................................................. 116 15.2. Nguyn l hot ng ca Firewall ............................................................................. 120 15.3. Trin khai xy dng h thng tng la cho doanh nghip ...................................... 127

Bi 16: C bn v bo mt...................................................................................................... 128 16.1. Mt s nguy c tn cng trn mng........................................................................... 128 16.2. Cc phng thc tn cng ......................................................................................... 130

16.2.1 Viruses, Worms, Trojan Horses........................................................................... 130 16.2.2 Denial of Service (DoS) v Brute Force Attack .................................................. 142

16.3. Cc chnh sch bo mt ............................................................................................. 145




21

Bi 1: Tng quan v mng doanh nghip

1.1 Gii thiu mn hc, phng php hc

Vi xu th ng dng h thng thng tin vo tt c cc hot ng sn xut ca cc doanh nghip, vn trin khai mt h thng mng khi xy dng mt doanh nghip l iu tt yu. Do vy nhu cu nhn lc trnh chuyn gia trong lnh vc mng doanh nghip trn th trng lao ng hin nay ang rt nhiu.

Mng doanh nghip l mn hc c ging dy sau Module Mng c bn v trc Module Bo mt mng v Module Mng th h mi. Mc ch ca mn hc gip sinh vin t c cc k nng v qun tr mng LAN, t vn, thit k v xy dng c mt h thng mng cho doanh nghip c quy m nh vi cc yu cu c th nh sau:

- nh gi c cc hot ng ca cc thit b phn cng v phn mm trong mt m hnh mng LAN, WAN sn c

- T vn trong vic la chn cc thit b phn cng phn mm thit k mng LAN, WAN ph hp vi nhu cu ca doanh nghip nh

- nh gi c cc yu cu v qun l mng, an ninh mng v cc rng buc khc trong qu trnh thit k mng

- Thit k c mng LAN trong ta nh phc v cho cng tc ging dy v nghin cu

- Thit k c mng WAN cho Trng hc phc v cng tc o to v qun l ca Nh trng.

y l mn hc mang tnh ng dng thc tin rt cao do vy i hi sinh vin chun b k cc ti liu v phng tin hc tp cn thit. Gm c - Cc phn mm gi lp thit k mng :

- VMWare Simulator, Boson Netsim Simulator

- ISA Server

- Mail Exchange Server, Mail Mdeamon Server

- Sch gio trnh, Slide do gio vin bin son.




22

- Sch tham kho:



[3]. J.C. Mackin and Ian McLean, Windows Server 2003 Network Infrastructure, Microsoft Press, 2005

Trong qu trnh hc tp sinh vin cn ch ng c trc ti liu ti nh, cc ti liu do gio vin giao cho v nh t hc, tham gia trao i kin thc trn forum ca nh trng v cc forum khc nh :

http://quantrimang.com http://nhatnghe.com.vn http://vnpro.org.

1.2.Cch s dng cc phn mm thit k gi lp VMWare, Boson

1.2.1 Phn mm VMWare

VMWare l phn mm gi lp cho php ci t nhiu h iu hnh trn mt my tnh c cu hnh mnh. VMWare cho php chng ta ci nhiu h iu hnh khc nhau nh Window XP, Window Server 2003, Window Vista, Window Server 2008, Linux... trn cng mt my tnh v ti mt thi im c th cng khi ng nhiu my tnh o trn mt my tnh tht. y l mt tin ch v cng th v v cn thit cho cc sinh vin khi hc v mng my tnh v cn cu hnh mt lc nhiu h thng khc nhau to thnh mt h thng mng o.




23

Trn y l hnh khi my o VMWare ang cng lc c ci t v chy c 03 h iu hnh gm Window Server 2003, Window XP v Red Hat Linux thc tp.

1.2.2 Phn mm Boson Netsim

Boson Netsim l phn mm cho php gi lp cc hot ng ca cc thit b mng Cisco. Vi th phn chim trn 70% ton th gii v thit b mng, cc thit b mng ca cisco lun l la chn s mt cho tt c cc nh thit k v trin khai h thng do n nh v tnh tin cy cng nh s bo m ca Cisco trong vn an ton thng tin. Boson Netsim sau khi ci t gm 02 tin ch con :

Boson Netsim Design Boson netsim Simulator




24

Boson Netsim Design l tin ch cho php chng ta thit k cc m hnh mng o khi khng c iu kin tip xc vi thit b tht. D vy Boson Design c th cho php gi lp n 90% cc m hnh tht.

Boson Netsim c thc hin sau khi bn thit k h thng gi lp. Nhim v ca n l to ra mi trng gi lp thc hin cc cu lnh cu hnh h thng c thit k bi Boson Design trn mi trng CLI (Conmand Line Interface).

1.3. Gii thiu h thng mng thc t ca mt s doanh nghip

Gii thiu tng quan s h thng mng mt s doanh nghip. Trong hnh l s h thng mng Trng H SPKT Hng Yn.




25




26

Bi 2: a ch mng

2.1.a ch IP v Subnetmask

Kin thc v a ch IP v cc kin thc lin quan n M hnh TCP/IP, Subneting c trang b ti Module Mng c bn, y l mt khi kin thc nn tng rt quan trng, sinh vin cn xem li ti liu hc. n tp li khi kin thc ny sinh vin cn hon tt bi tp sau:.

H thng mng ca cng ty ABC nh hnh v, cng ty c cp pht di a ch 192.168.0.0/16. Thc hin chia di a ch trn thnh cc Subnet tho mn iu kin s host trong mi Subnet nh trn hnh vi iu kin ti u ho khng gian a ch IP.

2.2. Cc loi a ch IP

2.2.1. a ch IP Private, IP Public

IP private l nhng IP khng c nh tuyn trn Internet, bao gm cc di a ch sau:

10.0.0.0 --> 10.255.255.255

172.16.0.0 --> 172.16.31.255

192.168.0.0 --> 192.168.255.255

1000 host LAN1 500 host LAN3

250 host LAN 2




27

Cc di a ch IP cn li ca lp A, B, C l nhng a ch IP Public (thuc quyn s hu ca ISP v nh cung cp a ch Internet)

2.2.2.a ch IP Unicast, Multicast, Broadcast

a ch Broadcast l a ch qung b cho mt Subnet theo chiu t PC n tt c cc PC trong cng Subnet : PC-> all PC

a ch Unicast l a ch cho php gi t mt a ch n mt a ch khc :

PC->PC

a ch Multicast l a ch cho php gi t mt host n mt nhm host khc: PC-> Group PC, cc a ch ny thuc lp D.

2.3.Nguyn l dch chuyn a ch IP (NAT)

2.3.1 Cc thut ng trong NAT

Khi mt my thc hin NAT s c c 2 chiu out v in theo quy nh ca Interface

- Cisco s dngthut ng 2 chiu ny ca NAT gi l inside v outside, cc nhm a ch trong NAT bao gm:

+ Inside local: nhm a ch bn trong

+ Inside global: a ch ton cc bn trong (a ch ny i din cho cc host ca bn kt ni ra ngoi Internet, chnh l a ch m ISP cp cho bn)

+ Outside local address : l a ch ring ca host bn ngoi mng ni b

+ Outside global address: l a ch public ca host bn ngoi (vd www.yahoo.com) khi host bn trong thc hin NAT chuyn i IP, qu trnh NAT nh sau:

inside local ip address ----- inside global ip address ----- outside global ip address

vd: 192.168.1.2 ----- 58.187.41.17:2412 ------- 209.191.93.52




28

Chng hn, khi vo trang web www.yahoo.com, u tin s c mt request ti web server yahoo, y chnh l thc hin NAT outside, khi bn nhn c reply t Yahoo server, qu trnh ngc li, lc ny chnh l thc hin NAT inside

NAT inside ngc li vi NAT outside, khi gi d liu n c thit b thc hin NAT, n xem trong bng NAT (NAT table) v thy rng 58.187.41.17:2412 tng ng vi 192.168.1.2, lc NAT s thc hin i li a ch IP ca gi tin v gi d liu s n c ng a ch ca my trong LAN ca bn.

Hon ton tng t nh vy vi inbound v outbound (ch khc n l thut ng ca Microsoft), nu c dng ch s port trong qu trnh chuyn i th l PAT, cn ch dng a ch IP th lc chuyn i l NAT

Cu lnh net use thng dng map share trong mng lan (tuy vy bn c th map mt my khc qua Internet, nu my php share nh vy - chng hn NAT ht port v cho php ht cc service), kt ni trong Lan, hay kt ni qua Internet u c th thc hin ging nhau, qua Internet th ch b hn ch bi tc v cht lng, thng l chm hn nhiu so vi mng LAN, tuy vy t ai dng lnh net use map mt share t ngoi Internet, thng dng cc cng c khc, nh l FTP, HTTP... v cc cng c chia s qua Internet.

2.3.2. Cc kiu NAT

C 2 kiu NAT c bn l NAT v PAT :

Ging nhau

Dng chuyn i a ch IP private thnh a ch IP public, gip cho my trong mng Lan ca bn c th kt ni vi Internet, v gip tit kim khng gian ca a ch IP public, mt cty c th ch cn 1 hay vi a ch IP public m vn cho php ton b mng ca h kt ni ra th gii bn ngoi.Khc nhau :




29

NAT : Network Address Translation : chuyn i a ch IP thnh a ch bn ngoi (c 2 dng chuyn i l 1-1 : static, v chuyn i overload, khi bn c cp nhiu IP t ISP)

V d: chuyn i 1-1 l : 192.168.0.1 186.15.4.2, cn chuyn i overload th mt a ch bn trong s c chuyn i thnh mt a ch bn ngoi (nu nh a ch bn ngoi cha s dng)

PAT (Port Address Translation), thng l cc router ADSL mc nh dng kiu chuyn i ny, v ban ch c 1 IP public, nu ton b LAN ca bn u mun kt ni ra ngoi - vi mt a ch IP public (58.187.168.41)=> lc a ch bn trong s c chuyn i thnh a ch kt hp vi ch s port, nu port cha s dng

V d: Bn c mt LAN nh vi di IP : 192.168.1.x , khi cc my trong lan s c chuyn i chng hn vi vi my:

192.168.1.3 58.187.168.41:2413

192.168.1.4 58.187.168.41:2414

192.168.1.5 58.187.168.41:2415

192.168.1.6 58.187.168.41:2416

....

Cc ch s port thng dng t 1024 n 65535 (not well-known port), v well-known port l ch yu dng cho server, s port ny p ng c hu ht cc mng LAN.

2.4. Nguyn l thu nhn mt a ch IP t DHCP Server.

C hai cch mt host c th thu nhn c mt a ch IP, ngi s dng c th cu hnh TCP/IP bng tay bng cch t nhp vo cc thng s, cch th 2 thng c s dng trong cc cng ty v cc nhn vin vng phng thng




30

khng th nh c cc con s do ngi qun tr h thng mng trong cng ty cung cp. host c th thu nhn t ng mt IP t Server, bn phi ci t dch v DHCP trn my ch. Client v Server s m phn vi nhau cp mt IP cho Client theo s sau:




31

Bi 3: Cng ngh Wireless

3.1. Tng quan v Wireless

Wireless hay mng 802.11 l h thng mng khng dy s dng sng v tuyn, ging nh in thoi di ng, truyn hnh v radio. H thng ny hin nay ang c trin khai rng ri ti nhiu im cng cng hay ti nh ring. H thng cho php truy cp Internet ti nhng khu vc c sng ca h thng ny, hon ton khng cn n cp ni. Ngoi cc im kt ni cng cng (hotspots), WiFi c th c thit lp ngay ti nh ring.

Tn gi 802.11 bt ngun t vin IEEE (Institute of Electrical and Electronics Engineers). Vin ny to ra nhiu chun cho nhiu giao thc k thut khc nhau, v n s dng mt h thng s nhm phn loi chng; 3 chun thng dng ca Wireless hin nay l 802.11a/b/g.

3.2. Cc chun Wireless

Wireless truyn v pht tn hiu tn s 2.4 GHz hoc 5GHz. Tn s ny cao hn so vi cc tn s s dng cho in thoi di ng, cc thit b cm tay v truyn hnh. Tn s cao hn cho php tn hiu mang theo nhiu d liu hn.

Wireless s dng chun 802.11:

Chun 802.11b l phin bn u tin trn th trng. y l chun chm nht v r tin nht, v n tr thnh t ph bin hn so vi cc chun khc. 802.11b pht tn hiu tn s 2.4 GHz, n c th x l n 11 megabit/giy.

Chun 802.11g cng pht tn s 2.4 GHz, nhng nhanh hn so vi chun 802.11b, tc x l t 54 megabit/giy. Chun 802.11g nhanh hn v n s dng m OFDM (orthogonal frequency-division multiplexing), mt cng ngh m ha hiu qu hn.

Chun 802.11a pht tn s 5 GHz v c th t n 54 megabit/ giy. N cng s dng m OFDM. Nhng chun mi hn sau ny nh 802.11n cn nhanh hn chun 802.11a, nhng 802.11n vn cha phi l chun cui cng.




32

3.3. Cu hnh mng Wireless

3.3.1. Cc thnh phn thit lp mng WLAN

Card mng khng dy (NIC_Wireless)

Cc my tnh nm trong vng ph sng WiFi cn c cc b thu khng dy, adapter, c th kt ni vo mng. Cc b ny c th c tch hp vo cc my tnh xch tay hay bn hin i. Hoc c thit k dng cm vo khe PC card hoc cng USB, hay khe PCI. Khi c ci t adapter khng dy v phn mm iu khin (driver), my tnh c th t ng nhn din v hin th cc mng khng dy ang tn ti trong khu vc.

Access Point (AP)

AP l thit b ph bin nht trong WLAN ch ng sau PC card khng dy. Nh tn ca n ch ra, AP cung cp cho client mt im truy cp vo mng. AP l mt thit b half-duplex c mc thng minh tng ng vi mt Switch Ethernet phc tp. Hnh di y m t AP v ni s dng chng trong mng WLAN.




33

AP c th giao tip vi cc client khng dy, vi mng c dy v vi cc AP khc. C 3 mode hot ng chnh m bn c th cu hnh trong mt AP

Root mode Repeater mode Bridge mode

Root mode

Root mode c s dng khi AP c kt ni vi mng backbone c dy thng qua giao din c dy (thng l Ethernet) ca n. Hu ht cc AP s h tr cc mode khc ngoi root mode, tuy nhin root mode l cu hnh mc nh. Khi mt AP c kt ni vi phn on c dy thng qua cng ethernet ca n, n s c cu hnh hot ng trong root mode. Khi trong root mode, cc AP c kt ni vi cng mt h thng phn phi c dy c th ni chuyn c vi nhau thng qua phn on c dy. AP giao tip vi nhau thc hin cc chc nng ca roaming nh reassociation. Cc client khng dy c th giao tip vi cc client khng dy khc nm trong nhng cell ( t bo, hay vng ph sng ca AP) khc nhau thng qua AP tng ng m chng kt ni vo, sau cc




34

AP ny s giao tip vi nhau thng qua phn on c dy nh v d trong hnh di.

Bridge mode

Trong Bride mode, AP hot ng hon ton ging vi mt Bridge khng dy (s c tho lun phn sau). Tht vy, AP s tr thnh mt Bridge khng dy khi c cu hnh theo cch ny. Ch mt s t cc AP trn th trng c h tr chc nng Bridge, iu ny s lm cho thit b c gi cao hn ng k. Chng ta s gii thch mt cch ngn gn Bridge khng dy hot ng nh th no, nhng bn c th thy t hnh di rng Client khng kt ni vi Bridge, nhng thay vo , Bridge c s dng kt ni 2 hoc nhiu on mng c dy li vi nhau bng kt ni khng dy.




35

Repeater Mode

Trong Repeater mode, AP c kh nng cung cp mt ng kt ni khng dy upstream vo mng c dy thay v mt kt ni c dy bnh thng. Nh bn thy trong hnh di, mt AP hot ng nh l mt root AP v AP cn li hot ng nh l mt Repeater khng dy. AP trong repeater mode kt ni vi cc client nh l mt AP v kt ni vi upstream AP nh l mt client. Vic s dng AP trong Repeater mode l hon ton khng nn tr khi cc k cn thit bi v cc cell xung quanh mi AP trong trng hp ny phi chng ln nhau t nht l 50%. Cu hnh ny s gim trm trng phm vi m mt client c th kt ni n repeater AP. Thm vo , Repeater AP giao tip c vi client v vi upstream AP thng qua kt ni khng dy, iu ny s lm gim throughput trn on mng khng dy. Ngi s dng c kt ni vi mt Repeater AP s cm nhn c throughput thp v tr cao. Thng thng th bn nn disable cng Ethernet khi hot ng trong repeater mode.




36

Cc ty chn ph bin (Common Options)

AP c sn nhiu ty chn phn cng v phn mm khc nhau. Cc ty chn ph bin bao gm:

+ Anten c nh hay c th tho lp.

+ Kh nng lc cao cp

+ Antenna c th tho c (Removeable hay Modular)

+ Thay i cng sut pht

+ Cc kiu khc nhau ca kt ni c dy

Fixed or Detachable Antenna

Ty thuc vo nhu cu doanh nghip ca bn hay nhu cu ca khch hng, bn s cn phi chn gia AP c anten c nh hay AP c anten c th tho lp. Mt AP vi anten c th tho lp cho bn kh nng s dng cc loi anten khc nhau kt ni vi AP s dng cable c chiu di khc nhau ty nhu cu ca bn.

V d: Nu bn cn treo mt AP trong nh nhng li cho php ngi s dng truy cp vo mng bn ngoi th bn s cn kt ni vi cable v anten ngoi tri trc tip vi AP v ch treo anten bn ngoi.




37

AP c th c hoc khng c anten diversity (tnh nng a dng anten). WLAN anten diversity l vic s dng nhiu anten vi nhiu input trn mt receiver duy nht ly mu tn hiu n thng qua mi anten. Vic ly mu tn hiu t 2 anten cho php xc nh c tn hiu input ca anten no l tt hn. Hai anten c th c mc nhn tn hiu khc nhau bi v mt hin tng c gi l multipath.

Advanced Filtering Capability

Cc chc nng lc MAC hay protocol c th c bao gm trong AP. Lc thng c s dng ngn chn k xm nhp vo mng WLAN ca bn. Nh l mt phng thc bo mt c bn, mt AP c th c cu hnh lc nhng thit b khng nm trong danh sch lc MAC ca AP.

Vic lc protocol cho php admin quyt nh v iu khin giao thc no nn c s dng trong mng WLAN.

V d: Nu Admin ch mun cho php truy cp http trong mng WLAN ngi dng c th lt web v truy cp mail dng web (yahoo), th vic cu hnh lc giao thc http s ngn chn tt c cc loi giao thc khc.

Removable (Modular) Radio Card

Mt s nh sn xut cho php bn thm vo v tho ra cc radio card t khe PCMCIA trn AP. Mt s AP c th c 2 Anten dnh cho cc mc ch c bit. Vic c 2 Anten trong mt AP cho php mt radio card c th hot ng nh l mt AP trong khi mt radio card khc hot ng nh l mt Bridge. Mt cch khc l s dng mi radio card nh l mt AP c lp. Vic c mi card hot ng nh l mt AP c lp cho php gp i s lng ngi s dng trong cng mt khng gian vt l m khng cn phi mua thm mt AP khc. Khi AP c cu hnh theo cch ny, mi radio card s c cu hnh trn mt knh khng chng ln nhau, l tng l knh 1 v knh 11.

Variable Output Power




38

Vic thay i cng sut pht cho php admin iu khin cng sut (miliwatt) m AP s dng truyn d liu. Vic iu khin cng sut pht ra c th l cn thit trong mt s trng hp khi cc node xa khng th xc nh c AP. N cng cho php bn iu khin vng ph sng ca mt AP. Khi cng sut pht ra trn mt AP tng ln, client c th di chuyn xa AP hn m khng mt kt ni vi AP. Tnh nng ny cng hu ch trong vic bo mt bng cch cho php thay i kch thc ca cell RF lm cho cc k xm nhp khng th kt ni vi mng t bn ngoi ta nh ca cng ty.

Ngoi AP c cng sut pht thay i th ta cng c th s dng AP c cng sut pht c nh. Vi AP c cng sut pht c nh th bn c th s dng cc b khuch i, b suy hao, cable di, hay anten c li cao. iu quan trng trong vic iu khin cng sut pht ra trn c AP v Anten l phi tun theo qui nh ca FCC

Varied Types of Connectivity

Cc ty chn kt ni cho mt AP c th bao gm 10BaseTx, 100BaseTx, 10/100BaseTx, 100BaseFx, Token Ring, Bi v AP thng l thit b m client kt ni vo v giao tip vi backbone mng c dy, v th admin phi hiu lm th no kt ni AP vo mng c dy. Thit k v kt ni AP chnh xc s gip ngn chn vic nghn c chai AP hoc xa hn c th l trc trc thit b.

Hy xt vic s dng mt AP chun trong mng WLAN. Nu trong trng hp ny AP c xc nh l s t v tr cch 150m t wiring closet gn nht, th vic s dng cable CAT5 ethernet s khng th hot ng c. y l mt vn bi v ethernet qua cable CAT5 ch hot ng c trong phm vi 100m. Trong trng hp ny vic mua mt AP c kt ni 100BaseFx v chy cable quang t wiring closet n AP lm trc ri th vn s d dng hn.

Configuration and Management

Cc phng php c s dng cu hnh v qun l AP s khc nhau ty nh sn xut. Hu ht h u cung cp t nht l console, telnet, USB, hay web server. Mt s AP cn c phn mm cu hnh v qun l ring. Nh sn xut cu hnh AP vi mt IP address trong cu hnh khi to. Nu admin cn thit lp li




39

thit lp mc nh, thng th s c mt nt phc v chc nng ny nm bn ngoi AP.

Cc chc nng trn AP l khc nhau. Tuy nhin, c mt iu l khng i: AP c cng nhiu tnh nng th gi ca n cng cao. V d, mt s AP SOHO s c WEP, MAC filter v thm ch l Web server. Nu cc tnh nng nh xem bng association, h tr 802.1x/EAP, VPN, Routing, Inter AP Protocol, RADIUS th gi ca n s gp nhiu ln so vi AP thng thng.

Thm ch cc tnh nng chun trn cc AP tng thch Wi-Fi i khi cng khc nhau ty nh sn xut. V d 2 dng SOHO AP khc nhau c th h tr MAC filter nhng ch mt trong s chng cho php bn permit hay deny c th mt trm no . Mt s AP h tr kt ni c dy full-duplex 10/100Mbps, trong khi mt s khc ch c kt ni 10BaseT half-duplex.

Vic hiu tnh nng no l cn thit cho AP trong mi trng SOHO, mid-range, hay enterprise-level l mt iu quan trng nu bn mun tr thnh mt nh qun tr mng khng dy. Di y l danh sch cc tnh nng cn c cho mt AP trong mi trng SOHO v Enterprise. Danh sch ny khng c ngha l y bi v mt s nh sn xut c nhiu tnh nng mi. Danh sch ny ch cung cp mt im bt u chn AP cho SOHO.

Small Office, Home Office (SOHO)

+ Mac filter

+ WEP (64 hay 128 bit)

+ Giao din cu hnh USB hay console

+ Giao din cu hnh Web n gin

+ Cc phn mm cu hnh n gin

Enterprise

+ Phn mm cu hnh cao cp

+ Giao din cu hnh web cao cp




40

+ Telnet

+ SNMP

+ 802.1x/EAP

+ RADIUS client

+ VPN client v server

+ Routing (dynamic hoc static)

+ Chc nng Repeater

+ Chc nng Bridge

Vic s dng sch hng dn ca nh sn xut s cung cp nhiu thng tin chi tit cho mi dng sn phm. Nu bn l mt nh qun tr mng WLAN th bn nn bit mi trng hot ng ca bn tm kim nhng sn phm tha mn nhu cu s dng cng nh bo mt, sau hy so snh cc tinh nng ca 3 hay 4 nh sn xut khc nhau chn c thit b ti u. Qu trnh ny c th tn nhiu thi gian, nhng thi gian s dng hc v cc sn phm khc nhau trn th trng l rt hu ch. Cc ngun ti nguyn tt nht tm hiu v dng sn phm no trn th trng chnh l website ca nh sn xut. Khi chn mt AP, hy nh chn nh sn xut c h tr ngoi cc tnh nng v gi c.

3.3.2. WLAN v SSID

Mng khng dy ni b theo chun IEEE 802.11 bo mt dng thng s cu hnh SSID (Service Set ID). K thut ny hot ng theo 2 ch

+ Ch khng bo mt th theo chu k thi gian Access Point gi Broadcast SSID ca mnh n cc my trm dng card mng wireless.M hnh ny thng dng cho cc im internet cng cng (Hot Post)

+ Ch th 2 l ch bo mt, Access Point khng gi SSID ca mnh cho my trm m my trm phi c cng thng s SSID (c cu hnh trong card wireless trn my trm) vi Access Point. M hnh ny thng s dng cho h thng mng cng ty)




41

3.3.3. Cu hnh mt mng WLAN n gin Sinh vin thc hin bi lab cu hnh mng Wireless cho vn phng mt cng ty nh

Yu cu thit b

Mt Modem ADSL Mt ng Internet Mt AccessPoint PC c card Wireless

Cu hnh h thng

Cu hnh s h thng theo hnh Cu hnh AccessPoint Wireless cho cc PC c card mng khng dy kt

ni c Internet




42

Bi 4: C bn v cu hnh nh tuyn

4.1. Cc giao thc nh tuyn

Trong ngnh mng my tnh, nh tuyn (ting Anh: routing hay routeing) l qu

trnh chn la cc ng i trn mt mng my tnh gi d liu qua . Vic

nh tuyn c thc hin cho nhiu loi mng, trong c mng in thoi,

lin mng, Internet, mng giao thng.

Routing ch ra hng, s di chuyn ca cc gi (d liu) c nh a ch t

mng ngun ca chng, hng n ch cui thng qua cc node trung gian;

thit b phn cng chuyn dng c gi l router (b nh tuyn). Tin trnh

nh tuyn thng ch hng i da vo bng nh tuyn, l bng cha nhng

l trnh tt nht n cc ch khc nhau trn mng. V vy vic xy dng bng

nh tuyn, c t chc trong b nh ca router, tr nn v cng quan trng

cho vic nh tuyn hiu qu.

Routing khc vi bridging (bc cu) ch trong nhim v ca n th cc cu trc

a ch gi nn s gn gi ca cc a ch tng t trong mng, qua cho php

nhp liu mt bng nh tuyn n m t l trnh n mt nhm cc a ch.

V th, routing lm vic tt hn bridging trong nhng mng ln, v n tr thnh

dng chim u th ca vic tm ng trn mng Internet.

Cc mng nh c th c cc bng nh tuyn c cu hnh th cng, cn nhng

mng ln hn c topo mng phc tp v thay i lin tc th xy dng th cng

cc bng nh tuyn l v cng kh khn. Tuy nhin, hu ht mng in thoi

chuyn mch chung (public switched telephone network - PSTN) s dng bng

nh tuyn c tnh ton trc, vi nhng tuyn d tr nu cc l trnh trc tip

u b nghn. nh tuyn ng (dynamic routing) c gng gii quyt vn ny




43

bng vic xy dng bng nh tuyn mt cch t ng, da vo nhng thng tin

c giao thc nh tuyn cung cp, v cho php mng hnh ng gn nh t tr

trong vic ngn chn mng b li v nghn.

nh tuyn ng chim u th trn Internet. Tuy nhin, vic cu hnh cc giao

thc nh tuyn thng i hi nhiu kinh nghim; ng nn ngh rng k thut

ni mng pht trin n mc hon thnh t ng vic nh tuyn. Cch tt

nht l nn kt hp gia nh tuyn th cng v t ng.

Nhng mng trong cc gi thng tin c vn chuyn, v d nh Internet,

chia d liu thnh cc gi, ri dn nhn vi cc ch n c th v mi gi c

lp l trnh ring bit. Cc mng xoay vng, nh mng in thoi, cng thc

hin nh tuyn tm ng cho cc vng (v d nh cuc gi in thoi)

chng c th gi lng d liu ln m khng phi tip tc lp li a ch ch.

nh tuyn IP truyn thng vn cn tng i n gin v n dng cch nh

tuyn bc k tip (next-hop routing), router ch xem xt n s gi gi thng tin

n u, v khng quan tm ng i sau ca gi trn nhng bc truyn cn

li. Tuy nhin, nhng chin lc nh tuyn phc tp hn c th c, v thng

c dng trong nhng h thng nh MPLS, ATM hay Frame Relay, nhng h

thng ny i khi c s dng nh cng ngh bn di h tr cho mng IP.

Thut ton vector (distance-vector routing protocols)

Thut ton ny dng thut ton Bellman-Ford. Phng php ny ch nh mt

con s, gi l chi ph (hay trng s), cho mi mt lin kt gia cc node trong

mng. Cc node s gi thng tin t im A n im B qua ng i mang li

tng chi ph thp nht (l tng cc chi ph ca cc kt ni gia cc node c

dng).




44

Thut ton hot ng vi nhng hnh ng rt n gin. Khi mt node khi

ng ln u, n ch bit cc node k trc tip vi n, v chi ph trc tip i

n (thng tin ny, danh sch ca cc ch, tng chi ph ca tng node, v

bc k tip gi d liu n to nn bng nh tuyn, hay bng khong

cch). Mi node, trong mt tin trnh, gi n tng hng xm tng chi ph ca

n i n cc ch m n bit. Cc node hng xm phn tch thng tin ny,

v so snh vi nhng thng tin m chng ang bit; bt k iu g ci thin

c nhng thng tin chng ang c s c a vo cc bng nh tuyn ca

nhng hng xm ny. n khi kt thc, tt c node trn mng s tm ra bc

truyn k tip ti u n tt c mi ch, v tng chi ph tt nht.

Khi mt trong cc node gp vn , nhng node khc c s dng node hng ny

trong l trnh ca mnh s loi b nhng l trnh , v to nn thng tin mi ca

bng nh tuyn. Sau chng chuyn thng tin ny n tt c node gn k v

lp li qu trnh trn. Cui cng, tt c node trn mng nhn c thng tin cp

nht, v sau s tm ng i mi n tt c cc ch m chng cn ti c.

Thut ton trng thi kt ni (Link-state routing protocols)

Khi p dng cc thut ton trng thi kt ni, mi node s dng d liu c s ca

n nh l mt bn ca mng vi dng mt th. lm iu ny, mi node

pht i ti tng th mng nhng thng tin v cc node khc m n c th kt ni

c, v tng node gp thng tin mt cch c lp vo bn . S dng bn

ny, mi router sau s quyt nh v tuyn ng tt nht t n n mi node

khc.

Thut ton lm theo cch ny l Dijkstra, bng cch xy dng cu trc d liu

khc, dng cy, trong node hin ti l gc, v cha mi noded khc trong

mng. Bt u vi mt cy ban u ch cha chnh n. Sau ln lt t tp cc




45

node cha c thm vo cy, n s thm node c chi ph thp nht n mt

node c trn cy. Tip tc qu trnh n khi mi node u c thm.

Cy ny sau phc v xy dng bng nh tuyn, a ra bc truyn k tip

tt u, t mt node n bt k node khc trn mng.

So snh cc thut ton nh tuyn

Cc giao thc nh tuyn vi thut ton vector t ra n gin v hiu qu trong

cc mng nh, v i hi t (nu c) s gim st. Tuy nhin, chng khng lm

vic tt, v c ti nguyn tp hp t i, dn n s pht trin ca cc thut ton

trng thi kt ni tuy phc tp hn nhng tt hn dng trong cc mng ln.

Giao thc vector km hn vi rc ri v m n v tn.

u im chnh ca nh tuyn bng trng thi kt ni l phn ng nhanh nhy

hn, v trong mt khong thi gian c hn, i vi s thay i kt ni. Ngoi ra,

nhng gi c gi qua mng trong nh tuyn bng trng thi kt ni th nh

hn nhng gi dng trong nh tuyn bng vector. nh tuyn bng vector i

hi bng nh tuyn y phi c truyn i, trong khi nh tuyn bng trng

thi kt ni th ch c thng tin v hng xm ca node c truyn i. V vy,

cc gi ny dng ti nguyn mng mc khng ng k. Khuyt im chnh ca

nh tuyn bng trng thi kt ni l n i hi nhiu s lu tr v tnh ton

chy hn nh tuyn bng vector.

Giao thc c nh tuyn v giao thc nh tuyn

S nhm ln thng xy ra gia giao thc c nh tuyn v giao thc nh

tuyn (routed protocols v routing protocols).




46

Giao thc c nh tuyn (routed protocols hay routable protocols )

Mt giao thc c nh tuyn l bt k mt giao thc mng no cung cp

y thng tin trong a ch tng mng ca n cho php mt gi tin c

truyn i t mt my ch (host) n my ch khc da trn s sp xp v a

ch, khng cn bit n ng i tng th t ngun n ch. Giao thc c

nh tuyn nh ngha khun dng v mc ch ca cc trng c trong mt gi.

Cc gi thng thng c vn chuyn t h thng cui n mt h thng cui

khc. Hu nh tt c giao thc tng 3 cc giao thc khc cc tng trn u c

th c nh tuyn, IP l mt v d. Ngha l gi tin uc nh hng (c a

ch r rng )ging nh l th c ghi a ch r ch cn ch routing (tm

ng i n a ch )

Cc giao thc tng 2 nh Ethernet l nhng giao thc khng nh tuyn c,

v chng ch cha a ch tng lin kt, khng nh tuyn: mt s giao thc

tng cao da trc tip vo y m khng c thm a ch tng mng, nh

NetBIOS, cng khng nh tuyn c.

Giao thc nh tuyn (routing protocols)

Giao thc nh tuyn c dng trong khi thi hnh thut ton nh tuyn

thun tin cho vic trao i thng tin gia cc mng, cho php cc router xy

dng bng nh tuyn mt cch linh hot. Trong mt s trng hp, giao thc

nh tuyn c th t chy ln giao thc c nh tuyn: v d, BGP chy

trn TCP: cn ch l trong qu trnh thi hnh h thng khng to ra s l

thuc gia giao thc nh tuyn v c nh tuyn.

Danh sch cc giao thc nh tuyn

Giao thc nh tuyn trong




47

Router Information Protocol (RIP) Open Shortest Path First (OSPF) Intermediate System to Intermediate System (IS-IS)

Hai giao thc sau y thuc s ha ca Cisco, v c h tr bi cc router

Cisco hay nhng router ca nhng nh cung cp m Cisco ng k cng

ngh:

Interior Gateway Routing Protocol (IGRP) Enhanced IGRP (EIGRP) Giao thc nh tuyn ngoi

Exterior Gateway Protocol (EGP) Border Gateway Protocol (BGP) Constrained Shortest Path First (CSPF)

Thng s nh tuyn (Routing metrics)

Mt thng s nh tuyn bao gm bt k gi tr no c dng bi thut ton

nh tuyn xc nh mt l trnh c tt hn l trnh khc hay khng. Cc

thng s c th l nhng thng tin nh bng thng (bandwidth), tr (delay),

m bc truyn, chi ph ng i, trng s, kch thc ti a gi tin (MTU -

Maximum transmission unit), tin cy, v chi ph truyn thng. Bng nh

tuyn ch lu tr nhng tuyn tt nht c th, trong khi c s d liu trng thi

kt ni hay topo c th lu tr tt c nhng thng tin khc.

Router dng tnh nng phn loi mc tin cy (administrative distance -AD)

chn ng i tt nht khi n bit hai hay nhiu ng n cng mt ch

theo cc giao thc khc nhau. AD nh ra tin cy ca mt giao thc nh

tuyn. Mi giao thc nh tuyn c u tin trong th t tin cy t cao n




48

thp nht c mt gi tr AD. Mt giao thc c gi tr AD thp hn th c tin

cy hn, v d: OSPF c AD l 110 s c chn thay v RIP c AD l 120.

Bng sau y cho bit s sp xp mc tin cy c dng trong cc router

Cisco

Cc lp giao thc nh tuyn

Da vo quan h ca cc dng router vi cc h thng t tr, c nhiu lp giao

thc nh tuyn nh sau:




49

Giao thc nh tuyn trong mng Ad-hoc xut hin nhng mng khng c hoc t phng tin truyn dn.

Interior Gateway Protocols (IGPs) trao i thng tin nh tuyn trong mt AS. Cc v d thng thy l:

o IGRP (Interior Gateway Routing Protocol) o EIGRP (Enhanced Interior Gateway Routing Protocol) o OSPF (Open Shortest Path First) o RIP (Routing Information Protocol) o IS-IS (Intermediate System to Intermediate System)

Ch : theo nhiu ti liu ca Cisco, EIGRP khng phn lp nh giao thc trng

thi kt ni.

Exterior Gateway Protocols (EGPs) nh tuyn gia cc AS. EGPs gm: o EGP (giao thc c ni mng Internet trc y, by gi li

thi)

o BGP (Border Gateway Protocol: phin bn hin ti, BGPv4, c t khong nm 1995)

4.2. Giao thc nh tuyn ni vng RIP RIP (ting Anh: Routing Information Protocol) l mt giao thc nh tuyn ni

vng s dng thut ton nh tuyn Distance-vector.

Cc c im:

L giao thc nh tuyn theo vector khong cch (Distance Vector ) , tc l RIP s cp nht ton b hoc 1 phn bng nh tuyn ca mnh cho cc

Router lng ging kt ni trc tip vi n . Bng nh tuyn gm cc thng




50

tin nh : a ch ca router k tip trn ng i , tng chi ph t chnh router

n mng ch

L giao thc nh tuyn theo kiu classful ( tc nh tuyn theo lp a ch) v rip k mang theo thng tin subnet mask i km (FLSM)

Chn ng i da vo thng s nh tuyn l hop count ( s router ) hay cn ni metric ca RIP l hop count, dng simple routing metric. Chnh v th m

i lc c 1 s ng m rip chn k phi l ng ti u nht n mng ch.

Nu 1 packet n mng ch c s lng hop vt qu 15 th n s b drop.

Do ci tnh kh chu ny ca RIP nn mi n c cho l kh m rng , ph

hp vi mng nh ( nhng mo thy n khng nh u i vi vn )

Update nh k 30s ( thay i bng cu lnh update-timers) . Ngoi ra RIP cn cc gi tr thi gian khc nh invalid , holdown v flush timer set bng cu

lnh sau timers basic update invalid holdown flush

Administrative Distance (AD) = 120 , thng s ny cng nh th cng u tin Load balacing ( chia ti ) maximum l 6 ng , default l 4 ng c th set

li bng cu lnh maximum-paths . Vic chia ti y i hi cc ng phi

c chi ph (cost)bng nhau mi c nh hay cn gi l equal-cost m cost

ca rip l hop count v th nu tc ca 2 ng khc nhau nh 1 ng l

dial-up v 1 ng l T1 th cng nh vy thi.

Cc c ch chng Loop

Count to infinity ( nh ngha gi tr ti a) khi trong mng xy ra loop , gi tin chy lng vng hoi trong mng cho n khi c tin trnh no ct t

vng lp gi l m v hn .Vi rip metric l hop count v th mi khi thng

tin cp nht c i qua 1 router th s lng hop s tng ln 1. Bn thn




51

rip s khc phc tnh trng m n v hn bng cch c thng s nh tuyn

m vt qu 15 th packet s b drop

Route poisioning ( poison reverse ): thng th khi 1 ng mng no c thng s nh tuyn tng dn ln th b tnh nghi l loop ri nh . Lc

router s pht i 1 thng tin poison reverse xa i ng v cho n vo

trng thi holddown .

Triggered update ( cu lnh ip rip triggered) : v rip cp nht thng tin nh

tuyn 30s 1 ln v th khi c 1 mng thay i th phi ch n ht 1 chu k

30s th cc router khc trong mng mi bit c s thay i . C ch

triggered update ny gip router cp nht ngay s thay i trong mng m k

cn phi i ht chu k . Kt hp c ch ny cng poison reverse l ok.

Holdown timer :khi router A nhn c 1 thng tin v 1 mng X t 1 router B ni rng mng X b t th router A s set holddown timer. Trong sut thi

gian holddown ny , router s khng cp nht bt k thng tin nh tuyn no

v mng X t cc router khc trong mng , chng hn router C cp nht cho

A ni , mng X cn sng th router A s pht l thng tin i. Tr phi

router B ni vi n l mng X sng li ri th router A mi cp nht nh

Split Horizon tc l khi router gi thng tin nh tuyn ra 1 interface , th router s k gi ngc tr li cc thng tin nh tuyn m n hc c t cng

. C ch ny ch trnh c loop gia 2 router

Kt hp Split horizon vi poision reverse : nu c pht qua , cc bn s thy 2 anh ny tri ngc nhau , chc l 2 c ch ny k nhau y . Nhng thc

ra khi kt hp li s hu dng trong khi mng gp s c , hnh nh mc nh

l n k dng c ch ny hay ni cch khc 2 c ch ny tch ring khng lm

chung v s lm tng kch thc ca bng nh tuyn. Khi router A hc c




52

1 mng X b die t router B t cng S0/0 chng hn , th A s advertise li

mng X ra cng s0/0 tip tc vi hop count l 16

Qu trnh gi v nhn thng tin nh tuyn

M hnh minh ha

Lc gi thng tin nh tuyn: Trc khi gi update (v ng mng 131.108 v

131.99) cho router 2 th router 1 phi check rng

ng mng 131.108.5.0/24 c cng major net vi 131.108.2.0/24 hay khng?

Trong trng hp ny l c, Router 1 mi check tp 131.108.5.0 v 131.108.2.0 c cng subnet mask hay khng?

Nu trng, Router 1 s qung b ng mng ny. Nu k trng , router 1 s drop packet ng mng 137.99.88.0/24 c cng major net vi 131.108.2.0/24 hay

khng?

Nu khng th router 1 s lm ng tc l tng hp (summarize) 137.99.88.0/24 ti major net boundary thnh 137.99.0.0 v qung b n.

Trong m hnh ny th ta nhn c kt qu nh th ny trong khi thi hnh lnh

debug ip rip




53

Nhn update :

Lc ny debug ip rip ngay trn router 2 th ta thy nh th ny

Router 2 s check xem nn apply mask no cho ng mng 131 v 137 ny

y

131.108.5.0 v 131.108.2.0( xt trn interface m nhn update vo) c cng 1

major net k?

Nu c th apply thng mask ca interface m n nhn update, trong trng hp

ny l apply /24). Nu mng c qung b tc 131.108 m /32 th router 2 s

apply /32 v tp tc qung b cho cc router khc l /32( iu ny n khc vi

IGRP nh)

131.108.5.0 v 137.99.0.0 c cng major net k?

Nu khng xt tip, trong bng nh tuyn c subnet no hay mng con ca

major net ny m n hc t cc interface khc khng?

Nu khng th router 2 s apply thng classful subnet mask l /16 lun v 137 l

mng lp B. Ch y n s apply host mask nu nh gia 2 router l 1

unnumbered link v cha thng tin v subnet ( tc l khi cc bit trong phn

portion ca network c set).

Ngc li th router s ignore thng tin nh tuyn ny i

Lc ny show ip route th xem




54

Do ripv2 pht trin t ripv1 nn n cng cn tha hng nhng c im ca

ripv1 nh :

L giao thc nh tuyn theo vector khong cch Cost ca n l hop count . y cho mo s dng t cost thay cho metric

nh . V nu l c ai xem qua BGP ri th s b ln 1 t . Maximum hop

count vn l 15

Cng s dng cc c ch chng lp vng nh ripv1

Nhng Ripv2 c cc im ci tin khc version 1 nh

Nhiu thng tin nh tuyn hn nh c gi subnet mask i km vi a ch mng trong thng tin m n update.

H tr VLSM ( Variable length subnet mask ) subnet mask khc nhau, CIDR ( Classless Interdomain Routing ) v route summarization

C c ch xc thc thng tin khi nhn c bng plaintext hoc m ha MD5

Gi thng tin nh tuyn theo a ch multicast l 224.0.0.9 bng vi 01-00-5E-00-00-09




55

4.3. Giao thc nh tuyn ng OSPF

Tng Quan V OSPF

OSPF l mt giao thc nh tuyn theo trng thi ng lin kt c trin khai

da trn cc chun m. OSPF c m t trong nhiu chun ca IETF (Internet

Engineering Task Force). Chun m y c ngha l OSPF hon ton m vi

cng cng, khng c tnh c quyn.

Nu so snh vi RIPv1 v RIPv2 l mt giao thc ni th IGP tt hn v kh

nng m rng ca n. RIP ch gii hn trong 15 hop, hi t chm v i khi cn

chn ng c tc chm v khi quyt nh chn ng n khng quan tm

n cc yu quan trng khc nh bng thng chng hn. OSPF khc phc c

cc nhc im ca RIP v n l mt giao thc nh tuyn mnh, c kh nng

mi rng, ph hp vi cc h thng mng hin i. OSPF c th cu hnh n

vng s dng cho cc mng nh.

So Snh OSPF Vi Giao Thc nh Tuyn Theo Distance Vector

Router nh tuyn theo trng thi ng lin kt c mt c s y v cu trc

h thng mng. Chng ch thc hin trao i thng tin v trng thi ng lin

kt lc khi ng v khi h thng mng c s thay i. Chng khng pht qung

b bng nh tuyn theo nh k nh cc router nh tuyn theo distance vector.

Do , cc router nh tuyn theo trng thi ng lin kt s dng t bng thng

hn cho hot ng duy tr bng nh tuyn.

RIP ph hp vi cc mng nh v ng tt nht i vi RIP l ng c s hop

t nht. OSPF th ph hp vi mng ln, c kh nng m rng, ng i tt nht

ca OSPF c xc nh da trn tc ca ng truyn. RIP cng nh cc

giao thc nh tuyn theo distance vector khc u s dng thut ton chn




56

ng n gin. Cn thut ton SPF th phc tp. Do , nu router chy theo

giao thc nh tuyn theo distance vector th s t tn b nh v cn nng lc x

l thp hn so vi khi chy OSPF.

OSPF chn ng da trn chi ph c tnh t tc ca ng truyn. ng truyn c tc cng cao th chi ph OSPF tng ng cng thp.

OSPF chn ng tt nht t cy SPF. OSPF bo m khng b nh tuyn lp vng. Cn giao thc nh tuyn

theo distance vector vn c th b loop.

Nu mt kt ni khng n nh, chp chn, vic pht lin tc cc thng tin v

trng thi ca ng kin kt ny s dn n tnh trng cc thng tin qung co

khng ng b lm cho kt qu chn ng ca cc router b o ln.

OSPF gii quyt c cc vn sau:

Tc hi t. H tr VLSM (Variable Length Subnet Mask). Kch c mng. Chn ng. Nhm cc thnh vin.

Trong mt h thng mng ln, RIP phi mt t nht vi pht mi c th hi t

c v mi router ch trao i bng nh tuyn vi cc router lng ging kt ni

trc tip vi mnh m thi. Cn i vi OSPF sau khi hi t vo lc khi

ng, khi c thay i th vic hi t s rt nhanh v ch c thng tin v s thay

i c pht ra cho mi router trong vng.

OSPF c h tr VLSM nn n c xem l mt giao thc nh tuyn khng theo

lp a ch. RIPv1 khng h tr VLSM, nhng RIPv2 th c.




57

i vi RIP, mt mng ch cch xa hn 15 router xem nh khng th n c

v RIP c s lng hop gii hn l 15. iu ny lm kch thc mng ca RIP b

gii hn trong phm vi nh. OSPF th khng gii hn v kch thc mng, n

hon ton c th ph hp vi mng va v ln.

Khi nhn c t router lng ging cc bo co v s lng hop n mng ch,

RIP s cng thm 1 vo thng s hop ny v da vo s lng hop chn

ng n mng ch. ng no c khong cch ngn nht hay ni cch khc

l c s lng hop t nht s l ng tt nht i vi RIP. Nhn xt thy thut

ton chn ng nh vy l rt n gin v khng i hi nhiu b nh v nng

lc x l ca router. RIP khng h quan tm n bng thng ng truyn khi

quyt nh chn ng.

OSPF th chn ng da vo chi ph c tnh t bng thng ca ng truyn.

Mi OSPF u c thng tin y v cu trc ca h thng mng v da vo

chn ng i tt nht. Do , thut ton chn ng ny rt phc tp, i

hi nhiu b nh v nng lc x l ca router cao hn so vi RIP.

RIP s dng cu trc mng dng ngang hng. Thng tin nh tuyn c truyn

ln lt cho mi router trong cng mt h thng RIP. Cn OSPF s dng khi

nim v phn vng. Mt mng OSPF c th chia cc router thnh nhiu nhm.

Bng cch ny, OSPF c th gii hn lu thng trong tng vng. Thay i trong

vng ny khng nh hng n hot ng ca cc vng khc. Cu trc phn lp

nh vy cho php h thng mng c kh nng m rng mt cch hiu qu.

Thut Ton Chn ng Ngn Nht

Theo thut ton ny, ng tt nht l ng c chi ph thp nht. Thut ton

c s dng l Dijkstra, thut ton ny xem h thng mng l mt tp hp cc

nodes c kt ni vi nhau bng kt ni point-to-point. Mi kt ni ny c mt




58

chi ph. Mi nodes c mt tn. Mi nodes c y c s d liu v trng thi

ca cc ng lin kt. Do , chng c y thng tin v cu trc vt l ca

h thng mng. Tt c cc c s d liu ny iu ging nhau cho mi router

trong cng mt vng.

Cc Loi Mng OSPF

Cc OSPF phi thit lp mi quan h lng ging trao i thng tin nh tuyn.

Trong mi mng IP kt ni vo router. N u c gng t nht l tr thnh mt

lng ging hoc l mt lng ging thn mt vi mt router khc, router OSPF

quyt nh chn router no lm lng ging thn mt l ty thuc vo tng loi

mng kt ni vi n. C mt s router c th c gng tr thnh lng ging thn

mt vi mi router lng ging khc. C mt s router khc li c th ch c gng

tr thnh lng ging thn mt vi mt hoc hai router lng ging thi. Mt khi

mi quan h lng ging thn mt c thit lp gia hai lng ging vi nhau

th thng tin v trng thi ng lin kt mi c trao i.

Giao thc OSPF nhn bit cc loi mng sau:

Mng qung b a truy cp, v d mng Ethernet. Mng point-to-point. Mng khng qung b a truy cp (NBMA NonBroadcast Multil-

Access), v d Frame Relay.

Mng Point-to-Multipoint c th c nh qun tr mng cu hnh cho mt cng ca router.

Trong mng a truy cp khng th bit c l c bao nhiu router s c th

c kt ni vo mng.

Trong mng point-to-point th ch c hai router c kt ni vi nhau.




59

Trong mng qung b a truy cp c rt nhiu router kt ni vo. Nu mi router

u thit lp mi quan h thn mt vi mi router khc v thc hin trao i

thng tin v trng thi ng lin kt vi mi router lng ging th s qu ti.

Nu c 10 router th s cn 45 mi lin h thn mt, nu c n router th s c

n*(n-1)/2 mi quan h lng ging cn thit lp.

Gii php cho vn qu ti trn l bu ra mt router lm i din (DR-

Designated Router). Router ny s thit lp mi quan h thn mt vi mi router

khc trong mng qun b. Mi router cn li s ch gi thng tin v trng thi

ng lin kt cho DR. Sau DR s gi cc thng tin ny cho mi router khc

trong mng bng a ch multicast 224.0.0.5 DR ng vai tr nh mt ngi pht

ngn chung.

Vic bu DR rt c hiu qu nhng cng c mt nhc im. DR tr thnh mt

tm im nhy cm i vi s c. Do , cn c mt router th hai c bu ra

lm i din d phng (BDR Backup Designated Router), router ny s m

trch vai tr ca DR nu DR b s c. m bo c DR v BDR u nhn

c thng tin v trng thi ng lin kt t mi router khc trong cng mt

mng, a ch multicast 224.0.0.6 cho cc router i din.

Trong mng point-to-point ch c 2 router kt ni vi nhau nn khng cn bu ra

DR v DBR. Hai router ny s thit lp mi quan h lng ging thn mt vi

nhau.

Loi Mng Cc c Tnh Bu DR

Broadcast, Multi-Access Ethernet,ToKen Ring,FI C

NonBroadcast Multi-Access Frame Relay,X25,SMDS C

Point-to-Point PPP,HDLC Khng

Point-to-Multipoint c cu hnh bi Administrator Khng




60

Giao Thc OSPF Hello

Khi router bt u khi ng tin trnh nh tuyn OSPF trn mt cng no

th n s gi mt gi hello ra cng v tip tc gi hello theo nh k. Giao

thc hello a ra cc nguyn tc qun l vic trao i cc gi OSPF hello.

lp 3 ca m hnh OSI, gi hello mang a ch multicast 224.0.5.0 a ch ny

ch n tt c cc OSPF router. OSPF router s dng gi hello thit lp mt

quan h lng ging thn mt mi v xc nh l router lng ging c cn hot

ng hay khng. Mc nh hello c gi i 10 giy mt ln trong mng qung

b a truy cp v mng Point-to-Point. Trn cng ni vo mng NBMA, v d

nh Frame Relay, chu trnh mc nh ca hello l 30 giy.

Trong mng a truy cp, giao thc hello tin hnh bu DR v BDR.

Mc d gi hello rt nh nhng n cng bao gm c phn header ca gi OSPF.

Cu trc ca phn header trong gi OSPF c th hin nh hnh sau. Nu gi

hello th trng Type s c gi tr l mt.

Cc thng ip Hello trong OSPF thc hin ba chc nng chnh:

Tm ra nhng router chy OSPF khc trn cng mt mng chung. Kim tra s tng thch trong cc thng s cu hnh. Gim st tnh trng ca lng ging phn ng nu lng ging b fail.

tm ra nhng router lng ging, OSPF lng nghe nhng thng ip Hello

c gi n 224.0.0.5. y l a ch multicast tng trng cho tt c cc

router OSPF, trn bt c cng no bt OSPF. Cc gi Hello s ly ngun t

a ch primary trn cng, ni cch khc, Hello khng dng a ch ph. (OSPF




61

router s qung b cc a ch ph nhng n s khng gi Hello t nhng a ch

ny v khng bao gi hnh thnh mi quan h dng a ch ph.

Khi hai router tm ra nhau thng qua cc gi Hello, cc router thc hin cc php

kim tra cc thng s nh sau:

o Cc router phi vt qua tin trnh xc thc. o Cc router phi trong cng a ch mng primary, phi c cng

subnetmask.

o Phi trong cng OSPF area. o Phi c cng kiu vng OSPF. o Khng c trng RID. o OSPF Hello v Deadtimer phi bng nhau.

Nu bt k iu kin no nu trn khng tha mn, hai router n gin s khng

hnh thnh quan h lng ging. Cng lu rng mt trong nhng iu kin quan

trng nht m hai bn khng cn ging l ch s ID ca tin trnh OSPF, nh

c cu hnh trong cu lnh router ospf process-id. Bn cng nn lu rng gi

tr MTU phi bng nhau cc gi tin DD c gi thnh cng gia nhng lng

ging nhng thng s ny khng c kim tra trong tin trnh Hello.

Chc nng th ba ca Hello l duy tr lin lc gia nhng lng ging. Cc

lng ging gi Hello mi chu k hello interval; nu router khng nhn c

Hello trong khong thi gian dead interval s lm cho router tin rng lng ging

ca n fail. Khong thi gian hello interval mc nh bng 10 giy trn nhng

cng LAN v 30 giy trong nhng ng T1 hoc ng thp hn T1. Thi gian

dead interval mc nh bng bn ln thi gian hello interval.




62

Bi 5:Thc hnh v nh tuyn

Thit k s h thng mng nh trong hnh

Yu cu

S dng giao thc nh tuyn tnh cu hnh nh tuyn gia cc LAN Su dng giao thc IGRP vi AS=100 cu hnh nh tuyn gia cc LAN

Kt qu

Cc PC thuc cc LAN ping c n nhau




63

Bi 6: Cu hnh NAT trn Router

6.1. Khi nim chung v NAT Hai mi nm trc y, IPv4 a ra mt m hnh a ch v cng p ng c

mt trong khong thi gian, nhng trong tng lai gn khng p ng . Trong

khi , IPv6 c xem l mt khng gian a ch khng gii hn, th c trin

khai th nghim chm chp v chc chn s thay th IPv4 trong tng lai gn.

Trong thi gian ch i s thay i , mt s k thut c th s dng s

dng c hiu qu ti nguyn IP l: NAT (Network Address Translation); PAT

( Port address translation ); VLSM ( Variable-Length Subnet Mask ).

Nat l ch vit tt ca ch Network Address Translate (Dch a ch IP). NAT c

02 mc ch

n a ch IP trong h thng mng ni b trc khi gi tin i ra Internet gim gim thiu nguy c tn cng trn mng

Tit kim khng gian a ch IP C 03 phng n NAT

Nat tnh (Static Nat) Nat ng (Dynamic Nat) Nat overload PAT (Port Address Translate)




64

Host A s dng 1 a ch dnh ring 192.168.2.23, host B s dng 1 a ch cng

cng 192.31.7.130. Khi Host A gi mt packet n host B, backet s c

truyn qua router v router thc hin qa trnh NAT. NAT s thay th a ch

ngun private ip address (192.168.2.23) thnh mt public IP address

(203.10.5.23) v forwards the packet., vi a ch ny packet s c nh tuyn

trn internet ti destination address (192.31.7.130). Khi host B gi gi tin hi

p ti host A, destination address ca gi tin s l 203.10.5.23. gi tin ny i

qua router v s c NAT thnh a ch 192.168.2.23

Inside local address - a ch IP c gn cho mt host ca mng trong. y l

a ch c cu hnh nh l mt tham s ca h iu hnh trong my tnh hoc

c gn mt cch t ng thng qua cc giao thc nh DHCP. a ch ny

khng phi l nhng a ch IP hp l c cp bi NIC (Network Information

Center) hoc nh cung cp dch v Internet.

Inside global address - L mt a ch hp l c cp bi NIC hoc mt nh

cung cp dch v trung gian. a ch ny i din cho mt hay nhiu a ch IP

inside local trong vic giao tip vi mng bn ngoi

Outside local address - L a ch IP ca mt host thuc mng bn ngoi, cc

host thuc mng bn trong s nhn host thuc mng bn ngoi thng qua a ch

ny. Outside local khng nht thit phi l mt a ch hp l trn mng IP (c

th l a ch private).




65

Outside global address - L a ch IP c gn cho mt host thuc mng ngoi

bi ngi s hu host . a ch ny c gn bng mt a ch IP hp l trn

mng Internet.

Vi s mng (Hnh 6.1) ta c NAT Table

Inside local address 192.168.2.23 Inside global address 205.10.5.23 Outside globaladdress 197.31.7.130

Cc gi tin bt ngun t phn mng inside s c a ch source IP l a ch

kiu inside local v destination IP l ouside local khi n cn trong phn

mng inside. Cng gi tin , khi c chuyn ra mng outside source IP

address s c chuyn thnh "inside global address" v a destination IP ca

gi tin s l outside global address.

Ngc li, khi mt gi tin bt ngun t mt mng outside, khi n cn ang

mng outside , a ch source IP ca n s l "outside global address", a

ch destination IP s l "inside global address". Cng gi tin khi c chuyn

vo mng inside, a ch source s l "outside local address" v a ch

destination ca gi tin s l "inside local address".




66

6.2 Nat tnh Static NAT

Nat tnh hay cn gi l Static NAT l phng thc NAT mt i mt. Ngha l

mt a ch IP c nh trong LAN s c nh x ra mt a ch IP Public c

nh trc khi gi tin i ra Internet. Phng php ny khng nhm tit kim a

ch IP m ch c mc ch nh x mt IP trong LAN ra mt IP Public n IP

ngun trc khi i ra Internet lm gim nguy c b tn cng trn mng.

V d: chuyn i mt a ch IP ring 165.10.1.2 255.255.255.0 sang di a ch

IP cng cng t 169.10.1.50 dn 169.10.1.100. Dng (Netsim) cu hnh. Sau

khi cu hnh song ta dng lnh show ip nat translations s c k qu nh sau.

Phng n ny c nhc im l nu trong LAN c bao nhiu IP mun i ra

Internet th ta phi c tng IP Public nh x. Do vy phng n NAT tnh

ch c dng vi cc my ch thuc vng DMZ vi nhim v Public cc Server

ny ln Internet.




67

6.3. Nat ng Dynamic NAT Nat ng (Dynamic NAT) l mt gii php tit kim IP Public cho NAT tnh.

Thay v nh x tng IP c nh trong LAN ra tng IP Public c nh. LAN ng

cho php NAT c di IP trong LAN ra mt di IP Public c nh ra bn ngoi.

V d:

H thng LAN trong cng ty c 100 IP, nu mun 100 IP ny truy cp Internet

th theo phng n NAT tnh cng ty s phi thu t ISP 100 IP Public. iu ny

qu tn km, gii php NAT ng cho php ch cn thu t ISP 10 IP Public nu

ti cng mt thi im ch c 10 IP trong LAN truy cp Internet. Tuy nhin gii

php NAT ng vn c hn ch v nu ti mt thi im cng ty cn 20 IP trong

LAN truy cp Internet th mi IP truy cp sau s phi i n khi no c IP ri

(cc IP trc khng chim dng IP Public na) th mi c th truy cp Internet

c. Chnh v th gii php NAT ng t khi c s dng.

6.4. Nat Overload PAT




68

Nat overload PAT l gii php c dng nhiu nht c bit l trong cc

Modem ADSL, y l gii php mang li c hai u im ca NAT l:

n a ch IP trong h thng mng ni b trc khi gi tin i ra Internet gim gim thiu nguy c tn cng trn mng

Tit kim khng gian a ch IP Bn cht PAT l kt hp IP Public v s hiu cng (port) trc khi i ra Internet.

Lc ny mi IP trong LAN khi i ra Internet s c nh x ra mt IP Public kt

hp vi s hiu cng

V d:

Trong v d trn PAT s dng s port ngun cng vi a ch IP ring bn trong

phn bit khi chuyn i. Router thc hin chuyn i a ch ip ngun t

10.0.0.4 sang 179.9.8.80. port ngun 1331. tng t ip ngun t 10.0.0.2 sang

179.9.8.80. port ngun l 1555

Gii php PAT thc s tit kim khng gian a ch IP v vi mi IP Public c

th i din cho 65.536 IP trong LAN theo l thuyt, tuy nhin thc t mi IP

Public i din cho khong 4000 IP trong LAN. y cng l mt con s a ch

IP khng l tha sc cung cp cho bt k mt cng ty no ln nht th gii.




69

Bi 7:Thc hnh Cu hnh NAT trn Router Thc hnh cu hnh NAT tnh, ng, Overload

Cng ty du lch ABC cn khong 100 a ch IP ring dch sang mt dy a ch

IP tht c th nh tuyn ra ISP. ABC thc hin iu ny bng cch s

dng NAT, dch cc a ch ring thnh cc a ch cng cng c cp bi cc

nh cung cp dch v ISP.

S dng phn mm gi lp thit k mng Boson thit k s h thng

mng nh hnh v.

Thc hin

1. Cu hnh cc a ch IP trn cc router theo s trn, kim tra cc kt ni

trc tip bng lnh show cdp neighbor. Kim tra bng cch ping gia cc

workstation v router NAT, gia WebServer v router ISP1.




70

Bi 8:Cu hnh chuyn mch (Switching)

8.1. Cu hnh Switch v VLAN Switch (ting Anh), hay cn gi l thit b chuyn mch, l mt thit b dng

kt ni cc on mng vi nhau theo m hnh mng hnh sao (star). Theo m

hnh ny, switch ng vai tr l thit b trung tm, tt c cc my tnh u c

ni v y. Trong m hnh tham chiu OSI, switch hot ng tng lin kt d

liu, ngoi ra c mt s loi switch cao cp hot ng tng mng.

Cu hnh cc thng s c bn cho Catalys Switch vi giao din dng lnh CLI.

Cc tc v cn thc hin bao gm t tn cho switch, cu hnh cc interface vlan,

cu hnh telnet vo switch.Dng my trm kt ni vi switch qua kt ni

console, giao din tng tc ngi dng s dng trnh HyperTerminal. y l

mt cng c uc MS Windows h tr.

Thc hin

Khi ng ngun ca switch. Trn giao din Hyper Terminal hin ra cc thng s khi to trong qu trnh khi

ng Switch.

Would you like to enter the initial configuration dialog? [yes/no]: no




71

Ngi dng s c hi nu mun vo cc hp thoi cu hnh t ng, tr li

NO (v mc ch ca ngi dng l mun vo ch CLI (command line

interface).

Vo enable mode xem cu hnh mc nh ca switch Switch>enable

Switch#show running-config

Thit lp cc thng s cho switch nh hostname, enable password, console password v virtual terminal password.

Cc loi password s dng c phn bit ch thng v ch hoa. Do ngi

dng cn phn bit cc k t s dng ch vit hoa khc vi ch vit thng. V

d Cisco khc vi cisco.

Switch#config terminal

Switch(config)#hostname Vnpro

Vnpro(config)#enable password cisco

Vnpro(config)#enable secret class

Vnpro(config)#line console 0

Vnpro(config-line)#password console

Vnpro(config-line)#login

Vnpro(config-line)#^Z

Switch h tr cc Virtual Line dng cho cc phin telnet. Cn cu hnh password

cho cc line ny mi c th telnet vo Switch (trnh t cu hnh h tr telnet s

trnh by sau). xem thng tin v cc Virtual Line trn Switch: dng lnh

show line.




72

Vnpro#show line

Cu hnh password cho cc line vty Vnpro#config terminal

Vnpro(config)#line vty 0 4

Vnpro(config-line)#password cisco

Vnpro(config-line)#login

Cu hnh trn thit b Cisco, mi dng lnh do ngi dng g vo. Sau khi nhn

phm enter cu hnh h thng s lp tc thay i. V vy, i vi cc h thng

mng tht, trc khi thay i mt thng s no ca thit b, cn phi sao lu

li cu hnh ban u c th khi phc li khi cn thit.

Cu hnh Vlan. Kim tra cu hnh Vlan mc nh trn Switch

Vnpro#show vlan

Mc nh trn Switch ch c Vlan 1 vi tt c cc port u nm trong Vlan ny,

Vlan 1002 dnh ring cho FDDI, Vlan 1003 dnh ring cho TOKEN-RING

C hai cch to thm Vlan Cch 1:Thao tc trn Vlan database

Vnpro#vlan database

Vnpro(vlan)#vtp domain Chuyenviet

Vnpro(vlan)#vtp server

Vnpro(vlan)#vlan 10 name Admin

Vnpro(vlan)#vlan 20 name User

Cch 2: Tong tc trc tip n Vlan cn to ra

Vnpro(config)#interface vlan 10




73

Vnpro(config-if)#exit

Vnpro(config)#


Vnpro(config-if)#exit

Vnpro(config)#

gn cc port vo cc Vlan, thc hin cc bc sau: V d ta cn gn cc port fastethernet 2 vo Vlan 10, port fastetehnet 3 vo Vlan

20

Vnpro(config)#interface fastethernet0/2

Vnpro(config-if-range)#switchport access vlan 10

Vnpro(config-if-range)#exit

Vnpro(config)#interface fastethernet0/3

Vnpro(config-if-range)#switchport access vlan 20

Vnpro(config-if-range)#exit

Kim tra li cu hnh Vlan

Vnpro#show vlan

Cu hnh IP cho interface Vlan: cc interface Vlan c cu hnh IP ch mang

tnh cht lun l. IP ny phc v cho vic qun l, a ch IP lun l ny cn c

th dng telnet vo Switch t xa v chy cc ng dng SNMP.

Vnpro#config terminal

Enter configuration commands, one per line. End with CNTL/Z.


Vnpro(config-if)#ip address 10.0.0.1 255.255.255.0

Vnpro(config-if)#no shutdown

Lu cu hnh vo NVRAM Vnpro#copy running-config startup-config




74

Cn ch gn default-gateway cho switch bng cu lnh

VnPro#ip default-gateway 10.0.0.100

a ch 10.0.0.100 c th dng l a ch ca PC c dng telnet vo switch.


V Khnh Qu Khoa CN

Documents

Giao Trinh Mang Doanh Nghiep 0313