© Synergon Informatika Rt., 1999 Chapter 5 Managing AppleTalk Traffic.

Slides:



Advertisements
Similar presentations
Route Optimisation RD-CSY3021.
Advertisements

RIP V1 W.lilakiatsakun.
Interconnecting Networks with TCP/IP
Implementing Inter-VLAN Routing
Basic IP Traffic Management with Access Lists
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
Ch. 9 – Basic Router Troubleshooting CCNA 2 version 3.0.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Scaling the Network with NAT and PAT.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—2-1 Ethernet LANs Operating Cisco IOS Software.
NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.
WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
Institute of Technology, Sligo Dept of Computing Cisco Semester 4 Chapter 1, version Review.
Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
1 Semester 2 Module 11 Access Control Lists (ACLs) Yuda college of business James Chen
1 Semester 2 Module 6 Routing and Routing Protocols YuDa college of business James Chen
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Scaling the Network with NAT and PAT.
CISCO NETWORKING ACADEMY Chabot College ELEC IP Routing Protocol Highlights.
© 2002, Cisco Systems, Inc. All rights reserved..
Lecture Week 7 RIPv2 Routing Protocols and Concepts.
© 1999, Cisco Systems, Inc Chapter 10 Controlling Campus Device Access Chapter 11 Controlling Access to the Campus Network © 1999, Cisco Systems,
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 6 Routing and Routing Protocols.
Ch. 9 – Basic Router Troubleshooting CCNA 2 version 3.0 Rick Graziani Cabrillo College.
Seminar ON CISCO ROUTER CONFIGURATION. CONTENT Introduction to Router Series of Router Interfaces of Router Types of Router Protocols used in Router Configuring.
Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
Access Control List ACL. Access Control List ACL.
© McLean HIGHER COMPUTER NETWORKING Lesson 1 – Protocols and OSI What is a network protocol Description of the OSI model.
© Synergon Informatika Rt., 1999 Chapter 9 Configuring Open Shortest Path First.
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
© 2002, Cisco Systems, Inc. All rights reserved..
Chapter 9. Implementing Scalability Features in Your Internetwork.
© Synergon Informatika Rt., 1999 Chapter 12 Connecting Enterprises to an Internet Service Provider.
Open Shortest Path First OSPF (Part 2) George Macri 6 th CEENET Workshop, Budapest 2000.
Chapter 11 Configuring Enhanced IGRP. Objectives Upon completion of this chapter, you will be able to perform the following tasks: Describe Enhanced IGRP.
Access-Lists Securing Your Router and Protecting Your Network.
ACLs ACLs are hard. Read, read, read. Practice, practice, practice ON TEST4.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Access Control List ACL’s 5/26/ What Is an ACL? An ACL is a sequential collection of permit or deny statements that apply to addresses or upper-layer.
1 What Are Access Lists? –Standard –Checks Source address –Generally permits or denies entire protocol suite –Extended –Checks Source and Destination address.
15.1 Chapter 15 Connecting LANs, Backbone Networks, and Virtual LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
Page 1 Chapter 11 CCNA2 Chapter 11 Access Control Lists : Creating ACLs, using Wildcard Mask Bits, Standard and Extended ACLs.
Sem 3 V1 Chapter 7 Novell IPX. So far we have studied the TCP/IP protocol in depth. Another common protocol that is implemented in the networking industry.
Routing and Routing Protocols
© Synergon Informatika Rt., 1999 Chapter 10 Configuring NetWare Link Services Protocol.
1 Novell NetWare Protocol Stack Media Access Protocols (Ethernet, Token Ring, WAN, others) Physical Data Link Network Session Transport Presentation.
S2C7 – Novell NetWare IP and IPX Services. Novell Protocols Transport Layer –TCP/IP –SPXInternetwork Packet Exchange Network Layer –NLSP (Netware Link.
Chapter 3 Managing IP Traffic. Objectives Upon completion of this chapter you will be able to perform the following tasks: Configure IP standard access.
Will learn to use router modes and configuration methods to update a router's configuration file with current and prior versions of Cisco Internetwork.
Network Programming Chapter 1 Networking Concepts and Protocols.
Semester 2v2 Chapter 8: IP Addressing. Describe how IP addressing is important in routing. IP addresses are specified in 32-bit dotted-decimal format.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—13-1 Lesson 13 Switching and Routing.
+ Routing Concepts 1 st semester Objectives  Describe the primary functions and features of a router.  Explain how routers use information.
Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 1 Cisco Networking Training (CCENT/CCT/CCNA R&S) Rick Rowe Ron Giannetti.
CCNA4 Perrine / Brierley Page 12/20/2016 Chapter 05 Access Control Non e0e1 s server.
© Synergon Informatika Rt., 1999 Chapter 8 Configuring IGRP.
© 2002, Cisco Systems, Inc. All rights reserved..
LAN Protocols Chapter 5. Learning Objectives Explain the following LAN protocols and how they work with network operating systems: IPX/SPX, NetBEUI, AppleTalk,
© Synergon Informatika Rt., 1999 Chapter 4 Managing Novell IPX/SPX Traffic.
Cisco Routers Routers collectively provide the main feature of the network layer—the capability to forward packets end-to-end through a network. routers.
© Synergon Informatika Rt., 1999 Chapter 2 Introduction to Managing Traffic and Access.
Instructor Materials Chapter 6: VLANs
Networking Devices.
Chapter 4: Routing Concepts
Routing and Switching Essentials v6.0
Access Control Lists CCNA 2 v3 – Module 11
© 2002, Cisco Systems, Inc. All rights reserved.
Chapter 2: Static Routing
© 2002, Cisco Systems, Inc. All rights reserved.
Presentation transcript:

© Synergon Informatika Rt., 1999 Chapter 5 Managing AppleTalk Traffic

2 Objectives Upon completion of this chapter, you will be able to perform the following tasks: Identify potential source of congestion in an AppleTalk network Configure zone filters Configure RTMP filters Configure NBP filters

3 AppleTalk Traffic Management

4 AppleTalk Traffic Management Overview I am looking for servers in Campus Zone I am server in Campus Zone Access Campus Zone Device location traffic is one source of overhead RTMP broadcasts table every 10 seconds Cisco IOS filters can reduce traffic or control access

5 AppleTalk Protocol Stack Application Presentation Session Transport Network Data Link Physical AppleTalk Higher Layres Ethernet Token Ring FDDIOther DDP ZIPRTMPNBP OSI Reference Model AppleTalk Architecture

6 AppleTalk Services Zone Bldg-17 Zone Users Zone Bldg D 1st floor Zone Bldg-13

7 Nonextended/Extended Networks 253 hosts/servers per network Range of network number per wire 127 hosts, 127 servers per network Single network number per wire Extended Nonextended Network Network 100 OR

8 Extended AppleTalk Internetwork Cable Range Zone B Zone A Zone B Zone A Cable Range Cable Range Multiple zones per cable range Multiple cable ranges per zone

9 AppleTalk Zones Zones divide a network into manageable “communities of interest” Widespread zones experience more traffic A B C Network Growth

10 AppleTalk Filtering Options GetZoneList - Local router to Macintosh ZIP reply - Hides zones between routers Distribute list - Hides cable range, controls broadcasts NBP - Hides service, control broadcasts RTMP filtered GetZoneList reply fiktered GetZoneList Zip reply filtered

11 Filtering Configuration Tasks Two fundamental configuration tasks common to all filters: Step 1Create an access list Step 2Apply access list to interface access-list 601 deny cable-range access-list 601 permit other-access access-list 601 deny cable-range access-list 601 permit other-access Interface Ethernet 2 AppleTalk access-group 601 Interface Ethernet 2 AppleTalk access-group 601 E1E2

12 Configuring Zone Filters

13 How Services and Zones Are Learned Zone Bldg-17 Zone Users Zone Bldg D 1st floor GetZoneList (GZL) request to router NBP broadcast

14 GZL Filter Hides Zones from User E0 E1 Requirement: Operation zone cannot access Accounting Solution: Use GZL filter Effect: Router does not include Accounting in GZL reply E2 Zone: Executive Cable-range: Zone: Accounting Cable-range: Zone: Operation Cable-range:

15 GetZoneList Filter Commands Router (config) # access-list access-list-number { permit | deny } zone zone-name  Defines default action for zones not specified  Creates access list Router (config) # access-list access-list-number { permit | deny } additional-zones  Applies GZL filter to an interface Router (config-if) # Appletalk getzonelist-filter access-list-number

16 GetZoneList Filtering Example E0 E1 E2 Zone: Executive Cable-range: Zone: Accounting Cable-range: Zone: Operation Cable-range: Interface Ethernet 1 AppleTalk cable-range AppleTalk zone Operation AppleTalk getzonelist-filter 601 access-list 601 deny zone Accounting access-list 601 permit additional-zones Interface Ethernet 1 AppleTalk cable-range AppleTalk zone Operation AppleTalk getzonelist-filter 601 access-list 601 deny zone Accounting access-list 601 permit additional-zones

17 How Routers Learn Zones Zone: Headquartes Cable-range: Zone: WAN Cable-range: Zone: WAN Cable-range: Zone: London Cable-range: R1 Zone Information Table Headquarters WAN , R1 sends RTMP update with network numbers 2R2 sends ZIP request asking for associated zones 3R1 sends Zone Information table (ZIT) R2 R1

18 ZIP Reply Filters Hide Zones Requirement: Do not want R2 router to know about Paris_Acct Zone Solution: Use ZIP reply filter on R1 Zone Headquarters Zone WAN Zone London Default Zone: Paris Additional zone:Paris_Acct S0 S1 E0 R2R3 R1

19 Zip Reply Filter Commands Router (config) # access-list access-list-number { permit | deny } zone zone-name  Defines default action to take for zones  Creates access list and defines zone access Router (config) # access-list access-list-number { permit | deny } additional-zones  Applies zip-reply-filter to an interface Router (config-if) # Appletalk zip-reply-filter access-list-number

20 ZIP Reply Filtering Example Default Zone: Paris Additional zone:Paris_Acct Cable-range: S0 S1 E0 R2R3 R1 interface Serial 0 appletalk caple-range appletalk zone WAN appletalk zip-reply-filter 602 access-list 602 deny zone Paris_Acct access-list 602 permit additional-zones R1 interface Serial 0 appletalk caple-range appletalk zone WAN appletalk zip-reply-filter 602 access-list 602 deny zone Paris_Acct access-list 602 permit additional-zones Zone: Headquartes Cable-range: Zone: WAN Cable-range: Zone: WAN Cable-range: Zone: London Cable-range: R1

21 Verifying Zone Filters Tokyo# show appletalk zone Name Network (s) Ozone Azone Fzone Total of 3 zones Tokyo# show appletalk zone Name Network (s) Ozone Azone Fzone Total of 3 zones Shows all zones know to the router

22 Configuring RTMP Filters

23 How Routers Learn Networks Cable-range: S0 S1 E0 R2R3 R1 Network Distance Cable-range: Cable-range: R1 Cable-range: Cable-range: RTMP broadcast full routing table every 10 seconds

24 How Routers Learn Networks S0 S1 E0 R2R3 R1 Network Distance R1 Requirement: Do not want cable range advertised to R2 Solution: Use distribute-list filter so R1 does not advertise cable range Zone: Headquartes Cable-range: Default Zone: Paris Additional zone:Paris_Acct Cable-range: E0 Zone: WAN Cable-range: Zone: London Cable-range: Zone: WAN Cable-range:

25 RTMP Filter Commands Router (config) # access-list access-list-number { permit | deny } network network  Defines access for a single cable range  Defines access for a single network number Router (config) # access-list access-list-number { permit | deny } cable-range cable-range  Defines the default action to take for network number or cable range not specified in list Router (config) # access-list access-list-number { permit | deny } other--access

26 RTMP Filter Commands (cont.) Router (config-if) # Appletalk distribute-list access-list-number in  Controls which router are advertised  Controls which routes are accepted into the routing table Router (config-if) # Appletalk distribute-list access-list-number Out

27 RTMP Filtering Example Default Zone: Paris Additional zone:Paris_Acct Cable-range: S0 S1 E0 R2R3 R1 interface Serial 0 appletalk caple-range appletalk zone WAN appletalk zip-reply-filter 603 out access-list 603 deny cable-range access-list 603 permit other-access access-list 603 permit additional-zones R1 interface Serial 0 appletalk caple-range appletalk zone WAN appletalk zip-reply-filter 603 out access-list 603 deny cable-range access-list 603 permit other-access access-list 603 permit additional-zones Zone: Headquartes Cable-range: Zone: WAN Cable-range: Zone: WAN Cable-range: Zone: London Cable-range: R1

28 RTMP Filtering Considerations R1 interface Ethernet 0 appletalk caple-range appletalk zone Accounting appletalk distribute-list 603 in appletalk permit-partial-zones access-list 603 deny cable-range access-list 603 permit other-access access-list 603 permit additional-zones R1 interface Ethernet 0 appletalk caple-range appletalk zone Accounting appletalk distribute-list 603 in appletalk permit-partial-zones access-list 603 deny cable-range access-list 603 permit other-access access-list 603 permit additional-zones Zone: Accounting Cable-range: Zone: Operation Cable-range: Zone: Operation Cable-range: R1 R2 E0 E1  If access to any network in a zone is denied, access to that zone is also denied by default  use appletalk permit-partial-zones to allow access to other networks in that zone

29 Verifying RTMP Filters Tokyo# show appletalk route Codes: R - RTMP derived, E - EIGRP derived, C - connected, A - AURP, S - static, P - proxy 5 routes in Internet he first zone listed for each entry is its default (primary) zone. C Net directly connected, Ethernet0, zone Azone C Net directly connected, Serial0, zone Azone C Net directly connected, Serial1, zone Azone R Net [1/G] via , 7 sec, Ethernet0, zone Fzone C Net directly connected, Ethernet1, zone Ozone Tokyo# show appletalk route Codes: R - RTMP derived, E - EIGRP derived, C - connected, A - AURP, S - static, P - proxy 5 routes in Internet he first zone listed for each entry is its default (primary) zone. C Net directly connected, Ethernet0, zone Azone C Net directly connected, Serial0, zone Azone C Net directly connected, Serial1, zone Azone R Net [1/G] via , 7 sec, Ethernet0, zone Fzone C Net directly connected, Ethernet1, zone Ozone Display routing table entries

30 Configuring NBP Filters

31 How Names Are Learned I am looking for file server in Campus Zone I am a file server in Campus Zone Campus Zone NBP Messages 1 broadcast requestUnicast to local router 2 Forward requestUnicast to either routers 3 Lookup Multicast on cable in zone 4 ReplyUnicast back to originator

32 NBP Filters Hide Services Fred’s Mac Main Server Cable Range NBP filters can deny access to a single device or to all devices within a zone NBP filters are based on entity names Cable Range Cable Range Campus Zone Users Zone E0R2R1

33 Entity Names Fred’s Mac Main Server A network-visible-entity (NVE) is any entity that is accessible over an AppleTalk network Entity names are character strings of form: Campus Zone Users Zone R2R1 Fred’s MAC: ZoneMain Server: Zone

34 NBP Filter Commands Router (config) # access-list access-list-number { permit | deny } nbp seq { type | object | zone} string  Defines the default action for all other NBPs  Creates access list Router (config) # access-list access-list-number { permit | deny } other-nbps  Apples the NBP filter to the interface Router (config) # appletalk access-group access-list-number

35 NBP Filtering Example 1 Fred’s Mac Main Server Cable Range Cable Range Cable Range Campus Zone Users Zone E0R2R1 interface Serial 0 appletalk caple-range appletalk zone Users Zone appletalk access-group 603 access-list 603 deny nbp 1 object Color Laser access-list 603 deny nbp 1 type LaserWriter access-list 603 deny nbp 1 zone Campus Zone access-list 603 permit other-nbps access-list 603 permit other-access R1 interface Serial 0 appletalk caple-range appletalk zone Users Zone appletalk access-group 603 access-list 603 deny nbp 1 object Color Laser access-list 603 deny nbp 1 type LaserWriter access-list 603 deny nbp 1 zone Campus Zone access-list 603 permit other-nbps access-list 603 permit other-access Denying a Single Device Color LAser

36 NBP Filtering Example 2 Fred’s Mac Main Server Cable Range Cable Range Cable Range Campus Zone Users Zone E0R2R1 interface Serial 0 appletalk caple-range appletalk zone Users Zone appletalk access-group 603 access-list 603 deny nbp 1 zone Campus Zone access-list 603 permit other-nbps access-list 603 permit other-access R1 interface Serial 0 appletalk caple-range appletalk zone Users Zone appletalk access-group 603 access-list 603 deny nbp 1 zone Campus Zone access-list 603 permit other-nbps access-list 603 permit other-access Denying All Services within a Zone Color LAser

37 Verifying NBP Filters Tokyo# show appletalk nbp Net AdrSktNameTypeZone Tokyo.Serial0ciscoRouterAzone Tokyo.Serial1ciscoRouterAzone Toky.Ethernet0ciscoRouterAzone Toky.Ethernet1ciscoRouterOzone Tokyo# show appletalk nbp Net AdrSktNameTypeZone Tokyo.Serial0ciscoRouterAzone Tokyo.Serial1ciscoRouterAzone Toky.Ethernet0ciscoRouterAzone Toky.Ethernet1ciscoRouterOzone  Display the contents of the name registration table

38 Summary Locating services and routing updates cause overhead in an AppleTalk network Understanding communities of interest is key to controlling service location traffic Filtering strategies must assure that routing information needed for service location is accessible to routers Cisco’s IOS software provides many features for reducing the volume of service location and routing traffic, and for controlling access

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.