Testing Static Route with no proxy-arp command

R1#sh run | s route

ip route 3.3.3.0 255.255.255.0 FastEthernet0/0

ip route 10.1.13.0 255.255.255.0 FastEthernet0/0

R1#sh ip route | begin Gate

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

S 3.3.3.0 is directly connected, FastEthernet0/0

   10.0.0.0/24 is subnetted, 2 subnets

S 10.1.13.0 is directly connected, FastEthernet0/0

C 10.1.12.0 is directly connected, FastEthernet0/0

Before using no proxy arp on R2

R1(config)#do ping 3.3.3.3

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 52/101/232 ms

R1(config)#do sh ip arp

Protocol    Address    Age (min)   Hardware Addr   Type       Interface

Internet     10.1.12.2       6           cc01.0d08.0000  ARPA    FastEthernet0/0

Internet     10.1.12.1       -            cc00.0d08.0000  ARPA    FastEthernet0/0

After using no proxy arp on R2

R2(config)#int f 0/0

R2(config-if)#no ip proxy-arp

R1(config)#do ping 3.3.3.3

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

R1(config)#do sh ip arp

Protocol    Address     Age (min)    Hardware Addr      Type        Interface

Internet     3.3.3.3 0                       Incomplete               ARPA

Internet     10.1.12.2          7          cc01.0d08.0000      ARPA     FastEthernet0/0

Internet     10.1.12.1          -           cc00.0d08.0000      ARPA     FastEthernet0/0

R1#debug ip packet detail

R1#ping 3.3.3.3 ( when debuging during R1 ping to R3 loopback )

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:

*Mar 1 00:25:19.083: IP: tableid=0, s=10.1.12.1 (local), d=3.3.3.3 (FastEthernet0/0), routed via RIB

*Mar 1 00:25:19.087: IP: s=10.1.12.1 (local), d=3.3.3.3 (FastEthernet0/0), len 100, sending

*Mar 1 00:25:19.091: ICMP type=8, code=0

*Mar 1 00:25:19.091: IP: s=10.1.12.1 (local), d=3.3.3.3 (FastEthernet0/0), len 100, encapsulation failed

*Mar 1 00:25:19.095: ICMP type=8, code=0.

*Mar 1 00:25:21.083: IP: tableid=0, s=10.1.12.1 (local), d=3.3.3.3 (FastEthernet0/0), routed via RIB

*Mar 1 00:25:21.087: IP: s=10.1.12.1 (local), d=3.3.3.3 (FastEthernet0/0), len 100, sending

*Mar 1 00:25:21.087: ICMP type=8, code=0

*Mar 1 00:25:21.091: IP: s=10.1.12.1 (local), d=3.3.3.3 (FastEthernet0/0), len 100, encapsulation failed

*Mar 1 00:25:21.095: ICMP type=8, code=0.

NOTE :: In Static Route , we prefer next-hop points to ip address than next-hop points to outing interface or exit interface .

Static Routing

Static Route has 2 format

1-ip route <Destination Network> <Subnet Mask><Next-Hop points to IP address >

2-ip route <Destination Network><Subnet Mask><Next-Hop points to outgoing interface or

    exit interface>

1. If you configured static route point to next hop IP address ,

    for every destination forwarding router requires only L2 address

    of next hop IP address to rewrite L2 frame.

2. If you configured static route point to outgoing interface ,

    forwarding router assume destination address is directly connected

    to that interface and router will try to find L2 address of destination

    by sending ARP request out of the interface to destination address .

R1(config)#do sh run | s route

ip route 10.1.13.0 255.255.255.0 10.1.12.2     ( more prefer )

ip route 10.1.14.0 255.255.255.0 fastEthernet 0/0

R2#sh run | s route
ip route 10.1.14.0 255.255.255.0 10.1.13.3

R3#sh run | s route
ip route 10.1.12.0 255.255.255.0 10.1.13.2

R4#sh run | s route
ip route 10.1.12.0 255.255.255.0 10.1.14.3
ip route 10.1.13.0 255.255.255.0 10.1.14.3

R1(config)#do sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets

C 1.1.1.0 is directly connected, Loopback0

10.0.0.0/24 is subnetted, 3 subnets

S 10.1.14.0 is directly connected, FastEthernet0/0

S 10.1.13.0 [1/0] via 10.1.12.2

C 10.1.12.0 is directly connected, FastEthernet0/0

The S represents the static route with the administrative distance of 1.
The router gives priority to static routes over dynamic routes, where 0 is best and 255 is worst!

To verify the connectivity, Ping from R1 to R4

R1#ping 10.1.14.4

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.14.4, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 220/268/316 ms

Testing TCP Three Way Handshake with Tcp Intercept . How does TCP Connection Terminate the Session ?

All Router run EIGRP 100 
net 0.0.0.0
no auto-summary

On Router R3 open Telnet

R3(config)#line vty 0 16
R3(config-line)#password cisco
R3(config-line)#login
R3(config-line)#exit
R3(config)#enable secret cisco
R3(config)#do write

 On Router R2 run these

R2(config)#ip tcp intercept list ?
<100-199> Extended access list number for intercept
WORD Access list name for intercept
R2(config)#ip tcp intercept list 100

R2(config)#access-list 100 permit tcp any host 10.1.12.3

R2(config)#ip tcp intercept watch-timeout ?
<1-2147483> Timeout in seconds

R2(config)#ip tcp intercept watch-timeout 20

R2(config)#ip tcp intercept mode watch

When R1 telnet to R3

R1#telnet 10.1.12.3
Trying 10.1.12.3 ... Open
User Access Verification
Password:
R3>enable
Password:
R3#

R2#debug ip tcp intercept
TCP intercept debugging is on

Output  show from R2 when debuging tcp intercept on R2 during R1 telnet to R3

R2#

 *Mar  1 00:22:31.507: INTERCEPT: new connection (10.1.11.1:27646 SYN -> 10.1.12.3:23)
 *Mar  1 00:22:31.563: INTERCEPT: (10.1.11.1:27646 <- ACK+SYN 10.1.12.3:23)
 *Mar  1 00:22:31.583: INTERCEPT: (10.1.11.1:27646 ACK -> 10.1.12.3:23)

How does TCP Connection terminate the session ?



A TCP connection is normally terminating using a special procedure where each side independently closes its end of the link
The device sends a FIN message to tell the other device that it wants to end the connection,which is acknowledged. 
When the responding device is ready, it too sends a FIN that is acknowledged; after waiting a period of time for the ACK to be received, the session is closed.


All Router run EIGRP 100
net 0.0.0.0
no auto-summary

On Router R3 open Telnet

R3(config)#line vty 0 16
R3(config-line)#password cisco
R3(config-line)#login
R3(config-line)#exit
R3(config)#enable secret cisco
R3(config)#do write


R1#debug ip tcp transactions

R1#telnet 10.1.12.3
Trying 10.1.12.3 ... Open


User Access Verification

Password:



[Connection to 10.1.12.3 closed by foreign host]
R1#
*Mar  1 00:22:01.603: TCP0: FIN processed
*Mar  1 00:22:01.603: TCP0: state was ESTAB -> CLOSEWAIT [42759 -> 10.1.12.3(23)]
*Mar  1 00:22:01.615: TCP0: state was CLOSEWAIT -> LASTACK [42759 -> 10.1.12.3(23)]
*Mar  1 00:22:01.619: TCP0: sending FIN
*Mar  1 00:22:01.763: TCP0: Got ACK for our FIN
*Mar  1 00:22:01.767: TCP0: state was LASTACK -> CLOSED [42759 -> 10.1.12.3(23)]
*Mar  1 00:22:01.767: Released port 42759 in Transport Port Agent for TCP IP type 1 delay 240000
*Mar  1 00:22:01.771: TCB 0x63D8A9E4 destroyed



R3#debug ip tcp transactions

R3#
*Mar  1 00:21:58.935: TCP130: state was ESTAB -> FINWAIT1 [23 -> 10.1.11.1(42759)]
*Mar  1 00:21:58.939: TCP130: sending FIN
*Mar  1 00:21:59.019: TCP130: state was FINWAIT1 -> FINWAIT2 [23 -> 10.1.11.1(42759)]
*Mar  1 00:21:59.027: TCP130: FIN processed
*Mar  1 00:21:59.027: TCP130: state was FINWAIT2 -> TIMEWAIT [23 -> 10.1.11.1(42759)]
R3#
*Mar  1 00:22:59.031: TCP130: state was TIMEWAIT -> CLOSED [23 -> 10.1.11.1(42759)]
*Mar  1 00:22:59.031: TCB 0x63D8B05C destroyed

   

                                                  Fig:  TCP Connection Ternination Procedure

TCP Three Way Handshake when Users ping to Server

TCP Three-Step Handshake

Client requests a connection by sending SYNchronize massage to Server.

Server ACKnowledgement this request by sending SYN,ACK back to Client.

Then, Client receives SYN, ACK from Server and responds with ACK packet .



TCP ( transmission control protocol ) define RFC 793.

It uses IP( internet protocol ) for transporting data from one node to another .

TCP/IP has 65535 ports.

Well-known ports are from 0 - 1023.

Register ports are from  1024 - 49151  that used by applications and services .

Dynamics or private ports are from  49152 - 65535 that are not assigned to any protocol and can use in any application and service .