From 5489c7395206c3ac0e28965994130da9bdaf998b Mon Sep 17 00:00:00 2001 From: chhan11 Date: Sun, 4 Jun 2017 19:16:36 +0200 Subject: [PATCH] Starting writing chapter about LLDP and CDP --- acronyms.tex | 16 +++-- chapter/mgmt.tex | 123 +++++++++++++++++++++++++++++++++++++++ commands.tex | 12 +++- main.tex | 2 +- references-wikipedia.bib | 27 +++++++++ references.bib | 2 +- structure.tex | 32 +++++++--- 7 files changed, 195 insertions(+), 19 deletions(-) create mode 100644 references-wikipedia.bib diff --git a/acronyms.tex b/acronyms.tex index 1f201e7..ba28381 100644 --- a/acronyms.tex +++ b/acronyms.tex @@ -31,25 +31,28 @@ \newacronym{igrp}{IGRP}{Interior Gateway Routing Protocol} \newacronym{imap}{IMAP}{Internet Message Access Protocol} \newacronym{ip}{IP}{Internet Protocol} -\newacronym{ipv4}{IPV4}{Internet Protocol v4} -\newacronym{ipv6}{IPV6}{Internet Protocol v6} +\newacronym{ipv4}{IPv4}{Internet Protocol v4} +\newacronym{ipv6}{IPv6}{Internet Protocol v6} \newacronym{irc}{IRC}{Internet Relay Chat} -\newacronym{isis}{ISIS}{Intermediate System to Intermediate System} +\newacronym{isis}{IS-IS}{Intermediate System to Intermediate System} \newacronym{isp}{ISP}{Internet Service Provider} \newacronym{l2}{L2}{Layer 2} \newacronym{l2vpn}{L2VPN}{Layer 2 Virtual Private Network} \newacronym{l3}{L3}{Layer 3} \newacronym{lacp}{LACP}{Link Aggregation Protocol} \newacronym{lan}{LAN}{Local Area Network} +\newacronym{lldp}{LLDP}{Link Layer Discovery Protocol} \newacronym{mac}{MAC}{Media Access Control address} -\newacronym{mkc}{MKC}{Mikkel Krøll} +\newacronym{mkc}{MKC}{Mikkel Kr\char"00F8ll} \newacronym{mpls}{MPLS}{Multiprotocol Label Switching} \newacronym{mst}{MST}{Multiple Spanning Tree} +\newacronym{nms}{NMS}{Network Management Software} \newacronym{ntp}{NTP}{Network Time Protocol} \newacronym{osi}{OSI}{Open Systems Interconnection} \newacronym{ospf}{OSPF}{Open Shortest Path First} -\newacronym{ospfv3}{OSPFV3}{Open Shortest Path First v3} +\newacronym{ospfv3}{OSPFv3}{Open Shortest Path First v3} \newacronym{pagp}{PAGP}{Port Aggregation Protocol} +\newacronym{poe}{PoE}{Power over Ethernet} \newacronym{pop3}{POP3}{Post Office Protocol} \newacronym{pvrst}{PVRST}{Per Vlan Rapid Spanning Tree} \newacronym{pvrst+}{PVRST+}{Per Vlan Rapid Spanning Tree Plus} @@ -72,7 +75,8 @@ \newacronym{tcn}{TCN}{Topology Change Notification} \newacronym{tcp}{TCP}{Transmission Control Protocol} \newacronym{tftp}{TFTP}{Trivial File Transfer Protocol} -\newacronym{toc}{TOC}{Table Of Contents} +\newacronym{tlv}{TLV}{Type, Length, Value} +\newacronym{toc}{ToC}{Table of Contents} \newacronym{udld}{UDLD}{Unidirectional Link Detection} \newacronym{udp}{UDP}{User Datagram Protocol} \newacronym{utc}{UTC}{Coordinated Universal Time} diff --git a/chapter/mgmt.tex b/chapter/mgmt.tex index 96a5253..871cede 100644 --- a/chapter/mgmt.tex +++ b/chapter/mgmt.tex @@ -1,3 +1,126 @@ +\chapter{Campus Network} + +\section{Discover Nodes} + +Protocols to do link discovery on the network between nodes is commonly used +\begin{itemize} + \item incorporated in many \gls{nms} tools to support it's underling functionally like alerts triggering and monitoring, + \item when the ops people do debugging on the \gls{cli}, + \item doing network discovery to find "what am I connected to ?" +\end{itemize} + +Information by the protocols is only sent and processed locally. Information transmitted is not send beyond the local \gls{l2} link. + +\newpage + +\subsection{LLDP} + +\myquote{\citealt{wiki:Link_Layer_Discovery_Protocol}}{The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol in the Internet Protocol Suite used by network devices for advertising their identity, capabilities, and neighbours on an IEEE 802 local area network, principally wired Ethernet.[1] The protocol is formally referred to by the IEEE as Station and Media Access Control Connectivity Discovery specified in IEEE 802.1AB[2] and IEEE 802.3-2012 section 6 clause 79.} + +\gls{lldp} carries information about +\begin{enumerate} + \item System name, + \item System description, + \item Port name, + \item Port description, + \item \gls{vlan} name, + \item \gls{ip} mgmt addr, + \item System capabilities\footnote{Support for fx. switching, routing etc.}, + \item \gls{mac}/PHY info, + \item MDI\footnote{MDI refers to modes in PoE} power, + \item Link aggregation. +\end{enumerate} + +\gls{lldp} has the advantage over \gls{cdp} of being more customizable in regards to the use of \gls{tlv}s. \textbf{However} it has the drawback of not being as lightweight as \gls{cdp}. + +\begin{itemize} + \item \itemtitle{Worth to remember}{about \gls{lldp} is the following} + \begin{itemize} + \item is unidirectional, + \item operates in advertising mode only, + \item does not try to obtain information from other nodes, + \item does not monitor link state changes between nodes, + \item uses \gls{l2} multicast to notify others of neighbouring nodes of its presence and properties, + \item will record \textit{all} obtained information from received \gls{lldp} frames. + \end{itemize} + \item \itemtitle{Frames}{Multicast addresses --- One of the following is used.\\Note the \textit{01} signifies a \gls{l2} multicast \gls{dst} address.} + \begin{enumerate} + \item 01:80:c2:00:00:0e, + \item 01:80:c2:00:00:03, + \item 01:80:c2:00:00:00. + \end{enumerate} + \item \itemtitle{Commonly exchanged information}{List includes both mandatory and optional fields.} + \begin{enumerate} + \item System name, + \item System description, + \item Port name, + \item Port description, + \item \gls{vlan} name, + \item \gls{ip} mgmt addr, + \item System capabilities\footnote{Support for fx. switching, routing etc.}, + \item MDI\footnote{MDI refers to modes in PoE} power, + \item Link aggregation. + \end{enumerate} + \item \itemtitle{Timers}{Default timers for \gls{lldp} on Cisco equipment} + \begin{enumerate} + \item hello packet sent once per ½ minute. + \item hold timer is 2 minutes. + \end{enumerate} +\end{itemize} + +\subsubsection{Configuration Example} + +\begin{cisco} +! Enable lldp +! Beware lldp is enabled by default on select cisco platforms. +lldp run +! +! Ensure lldp is enables on select ports +interface range gi0/1-2 + lldp transmit + lldp recieve +! +! Disable sending lldp packets on ports facing downstream +! to clients/workstations. But keep recieving lldp packets enabled +! so we can allways use the information for troubleshooting purpose. +interface range fa0/1-24 + no lldp transmit + lldp recieve +\end{cisco} + +\newpage + +\subsection{CDP} + +\myquote{\citealt{wiki:Cisco_Discovery_Protocol}}{Cisco Discovery Protocol (CDP) is a proprietary Data Link Layer protocol developed by Cisco Systems. It is used to share information about other directly connected Cisco equipment, such as the operating system version and IP address. CDP can also be used for On-Demand Routing, which is a method of including routing information in CDP announcements so that dynamic routing protocols do not need to be used in simple networks.} + +\gls{cdp} functions my sending frame out the wire of all connected interfaces by default +\begin{itemize} + \item Sends frames to multicast addr 01-00-0c-cc-cc-cc\footnote{This multicast address is also used by cisco for \gls{vtp} messages}, + \item by default a frame is shot out every 1 minute\footnote{The timer is adjusted in per x second}, + \item no security is built-in by default so spoofing \gls{cdp} packets is not hard if the net ops people have forgotten to basic hardening + \begin{enumerate} + \item Taking up resources by filling up tables with invalid \gls{cdp} entries\cite{wiki:CDP_Spoofing} is possible, + \item can be prevented by fx. disabling \gls{cdp} on ports where is it unnecessary to have it enabled. Say client access ports, + \item precaution can be taken by only allowing \gls{cdp} packets on trusted network ports. + \end{enumerate} +\end{itemize} + +\subsubsection{Configuration Example} + +\begin{cisco} +! Enable CDP globally +cdp run +! +! Ensure cdp is enables on select ports +interface range gi0/1-2 + cdp enable +! +! Disable CDP on ports facing downstream to clients/workstations +interface range fa0/1-24 + no cdp enable +\end{cisco} + \chapter{Management} \section{Network Mgmt} diff --git a/commands.tex b/commands.tex index 8014080..9748a1a 100644 --- a/commands.tex +++ b/commands.tex @@ -49,8 +49,14 @@ \DTMfetchTZminute{now} } -\newcommand{\itemtitle}[2]{\textbf{#1:}\\% - {\footnotesize #2}} +\newcommand{\itemtitle}[2]{% + \sbox0{#1}% + \ifdim\wd0=0pt + {\textbf{#1:}} %if #1 is empty + \else + {\textbf{#1:}\\{\footnotesize #2}} + \fi +} \newcommand{\myquote}[2]{% @@ -69,4 +75,4 @@ % Enviroment @var cisco -\lstnewenvironment{cisco}{\lstset{style=cisco}}{} \ No newline at end of file +\lstnewenvironment{cisco}{\lstset{language=cisco}}{} \ No newline at end of file diff --git a/main.tex b/main.tex index fa6b8c2..150bc38 100644 --- a/main.tex +++ b/main.tex @@ -81,7 +81,7 @@ % % %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -\bibliography{references} +\bibliography{references,references-wikipedia} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % % diff --git a/references-wikipedia.bib b/references-wikipedia.bib new file mode 100644 index 0000000..2d06337 --- /dev/null +++ b/references-wikipedia.bib @@ -0,0 +1,27 @@ +@comment Please use: +@comment https://irl.github.io/bibwiki/ +@comment when generating Wikipedia entriees for this DB file! + +@misc{ wiki:Link_Layer_Discovery_Protocol, + author = "Wikipedia", + title = "{Link Layer Discovery Protocol} --- {W}ikipedia{,} The Free Encyclopedia", + year = "2017", + howpublished = {\url{http://en.wikipedia.org/w/index.php?title=Link\%20Layer\%20Discovery\%20Protocol&oldid=755990989}}, + note = "[Online; accessed 04-June-2017]" +} + +@misc{ wiki:Cisco_Discovery_Protocol, + author = "Wikipedia", + title = "{Cisco Discovery Protocol} --- {W}ikipedia{,} The Free Encyclopedia", + year = "2017", + howpublished = {\url{http://en.wikipedia.org/w/index.php?title=Cisco\%20Discovery\%20Protocol&oldid=779112658}}, + note = "[Online; accessed 04-June-2017]" +} + +@misc{ wiki:CDP_Spoofing, + author = "Wikipedia", + title = "{CDP Spoofing} --- {W}ikipedia{,} The Free Encyclopedia", + year = "2017", + howpublished = {\url{http://en.wikipedia.org/w/index.php?title=CDP\%20Spoofing&oldid=740946635}}, + note = "[Online; accessed 04-June-2017]" +} \ No newline at end of file diff --git a/references.bib b/references.bib index 6a5b2f0..50d0488 100644 --- a/references.bib +++ b/references.bib @@ -21,4 +21,4 @@ year = {2015}, address = {Indianapolis, IN}, isbn = {978-1-58720-664-1} -} \ No newline at end of file +} diff --git a/structure.tex b/structure.tex index 599b2f5..2bfdc9f 100644 --- a/structure.tex +++ b/structure.tex @@ -21,8 +21,6 @@ \usepackage[nottoc]{tocbibind} \usepackage{url} \usepackage[showisoZ]{datetime2} -%\usepackage{lipsum} -%\usepackage{titling} \usepackage{transparent} \usepackage{soul} \usepackage{caption} @@ -40,6 +38,7 @@ \usepackage{epigraph} % used to style quotes \usepackage{titling} % makes available \thetitle \theauthor \thedate \usepackage[toc,acronym,footnote,nomain]{glossaries} % Load the package with the acronym option +\usepackage{chngcntr} \bibliographystyle{unsrtnat} %styles list https://www.sharelatex.com/learn/Natbib_bibliography_styles @@ -126,18 +125,19 @@ \lstdefinelanguage{cisco}{ keywords={ + cdp, + dhcp, end, hostname, - Interface int, + interface, ip, line, + lldp, login, network, no, router, - sh, show, - shut, shutdown, version, vlan, @@ -145,21 +145,23 @@ }, keywordstyle=\color{blue}\bfseries, ndkeywords={ - addr, address, aux, bgp, - con, console, dhcp, eigrp, - g, + enable, + fa, + FastEthernet, + gi, GigabitEthernet, isis, ospf, ospfv3, pool, rip, + run, vty, }, ndkeywordstyle=\color{darkgray}\bfseries, @@ -220,3 +222,17 @@ \renewcommand*{\acronymname}{Abbreviations} + + +% Do not reset counter for footnotes at all +% through the document from start to finish. +% https://tex.stackexchange.com/questions/10448/continuous-footnote-numbering +\counterwithout{footnote}{chapter} + + +% Set footnote numeration +% https://www.sharelatex.com/learn/Footnotes +% This command need to be run AFTER +% "\counterwithout{footnote}{chapter}" for the +% changes to be able to take effect. +\renewcommand{\thefootnote}{\arabic{footnote}}