Post

NetworkSec - Layer 3 - Router

Posted Updated
By Grace L
2 min read

[toc]

NetworkSec - Layer 3 - Router

**each port 1 collision domain, 1 broadcast/port **

Router

  • makes decisions based on logical network address (like IP address)
    • has the capability to consider high-layer traffic parameters (like quality of service [QoS] settings) in making its forwarding decisions.

A router :

  • connects multiple network segments together into a single network.
    • routes traffic between the segments.
      • Example
      • the Internet is effectively a single network hosting billions of computers.
      • Routers route the traffic from segment to segment.
  • routers don’t pass broadcasts
    • Moving computers to a different segment separated by a router:
    • effectively reduce traffic on single segment.
    • significantly improve overall performance
      • Segments separated by routers are one broadcast domains.
      • network with too many computers on a single segment,
      • broadcasts can result in excessive collisions and reduce network performance.
  • Similarly, subnetting networks creates separate broadcast domains.

router and switch.

difference between router and switch.

deviceswitchrouter
.simplesophisticated
.forward packets in a single networkforward packets to multiple networks
.uses learned associations to reduce the use of broadcastinguses routing tables to determine how to forward packets, avoiding broadcast altogether.

why router rather than multilayer switch?

  • more feature-rich
  • support a broader range of interface types.
    • example
      • to connect a Layer 3 device out to Internet service provider (ISP) using a serial port
      • more likely to find a serial port expansion module for router, rather than multilayer switch.

Cisco routers

Connections of router:

  • Straight through:
    • Switch-router, switch-PC, router-server, hub-PC. Hub-router
  • Cross-over:
    • switch-hub
    • Switch-switch, PC-PC, hub-hub, router-router

Cisco routers are popular, but many other brands exist.

  • physical devices, most efficient.
  • However, it’s also possible to add routing software to computers with more than one NIC.
  • Example: Windows Server products can function as routers by adding additional services to the server.

Antispoofing

From (New S+ ch3)

Spoofing:

  • to impersonate or masquerade as someone or something else.
  • For routers:
    • attacker spoof the source IP address
    • replacing it with a different one.
    • to hide the actual source of the packet.

antispoofing on router:

  • modifying the access list to allow / block IP addresses.

Example: private IP addresses should only be used in private networks. Any traffic coming from the Internet using a private IP address as the source IP address is obviously an attempt to spoof the source IP address.

The following three rules would be implemented on a router:

  • deny ip 10.0.0.0 0.255.255.255 any
  • deny ip 172.16.0.0 0.15.255.255 any
  • deny ip 192.168.0.0 0.0.255.255 any
  • 10.0.0.0 0.255.255.255 covers all the IP addresses in the range of 10.0.0.0 through 10.255.255.255.
15NetworkSec
NetworkSec
This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.