Methods of communication
Unicast – One to one communication
Broadcast – One to all communication
Multicast – One to group communication
RIP
RIPV1
o Classful Version (Doesn’t support VLSM
[subneting])
o No Authentication
o Broadcasts every 30 Seconds
RIPV2
o Classless Version (Does support
VLSM[subneting])
o Has Authentication
o Multicast
How to setup RIPV2:
o (config) Router rip
o (config-router) Version 2
o (config-router) No auto-summary
o (config-router) Network (A.B.C.D) (Tells RIP what
networks to advertise & what interfaces to
advertise on)
OSPF
Area – group of router that all have the same
information (More than 50 router in an area is not
recommended)
ABR – Area Border Router
All areas must connect to area 0
All router in an area have the same topology table
ASBR – Autonomous system boundary router –
border router for other networks (ex. Internet)
Hello messages send every 10 seconds on
broadcast/p2p networks, or 30 seconds on nbma
networks(frame relay)
How to setup
o (config) Router ospf (process ID #)
o (config-router) Network (A.B.C.D)
(wildcardmask) area 0 (to selected interfaces,
not networks)
EIGRP
Pros
o Backup routes
o Simple configuration
o Flexibility in summarization
o Unequal cost load-balancing
o Supports multiple networks protocols
Cons
o Proprietary (only Cisco)
Terms
o Neighbor Table – List of Directly connected
routes
o Topology Table – List of all routers
Successor – route that is used in routing
table (main connection)
Feasible successor – backup connection
o Routing table – list of routes being used
How to configure
o (config) Router eigrp (#) (# must be the same for
all of network)
o (config-router) Network (A.B.C.D) or (A.B.C.D)
(wildcardmask)
o (config-router) no auto-summary (optional)
ACL’s
what they can be used for
o access control
o NAT
o quality of service
o demand dial routing
o policy routing
o route filtering
Reads top to bottom and stops once it finds it
Deny all at the bottom of all ACL’s
ACL’s types
o Standard
Matches based on source address
Low processor utilization
Affect depends on application
Apply closest to destination
How to:
(config)Access-list (1-99) (deny/permit)
(IP A.B.C.D / any) (Wildcard A.B.C.D)
(config-if) ip access group (1-99)
(in/out)
Permit all – (config) Access-list (1-99)
permit any
o Extended
Matches based on source and/or
destination address, protocol, source
and/or destination ports
Higher processor utilization
Apply closest to source
How to:
(config))Access-list (100-199)
(deny/permit) (protocol) (Source IP
A.B.C.D / any) (Source Wildcard
A.B.C.D) (Destination IP A.B.C.D / any)
(Destination Wildcard A.B.C.D)
(config-if) ip access group (1-99)
(in/out)
Permit all – (config) Access-list (100-
199) permit ip any any
o Dynamic
o Reflexive (established)
Allows return traffic for internal requests
o Time-based
o Context-based access control (CBAC)
NAT
Dynamic NAT
o Connects a group of address to another group of
address dynamically
o Setup with overload:
(config) Ip nat pool (pool name) (A.B.C.D
start) (A.B.C.D end) netmask (netmask)
(config) ACCESS-LIST (#) permit (A.B.C.D)
(wildcardmask)
(config) Ip nat inside source list (#) pool
(pool name) overload
NAT odiddle
verload (PAT)
o Connects a group of private address to a single
public address dynamically
o Setup:
(config) Interface (interface₁ #)
(config-if) Ip nat inside
(config-if) Exit
(config) Interface (interface₂ #) (port
connected to internet)
(config-if) Ip nat outside
(config-if) Exit
(config) ACCESS-LIST (#) permit (A.B.C.D)
(wildcardmask)
(config) Ip nat inside source list (#) interface
(interface₂ #) overload
Static NAT
o Connects a single private address (and a port) to
a single public address (and a port)
o Setup simple static nat mapping:
(config) Ip nat inside source static (A.B.C.D
private) (A.B.C.D public)
o Setup static port mapping:
(config) Ip nat inside source static tcp
(A.B.C.D private) (port #) (A.B.C.D public)
(port #)
VPN
IPSec – the security protocol used for VPN’s – apart
of the transport layer
Types of VPN’s
o Site to site (L2L) – connects one router to
another router
o Remote access – connects one device (usually a
pc) to a router
Symmetric encryption – routers use a shared key to
encrypt the data
Asymmetric encryption –router A sends a public key
to router B. router B sends a shared key that is
encrypted by the public key to router A. router A
unencryptes the shared key with the private key that
it keeps local. The communication now uses the
shared key to encrypt future data. A new shared key
will be generated at a set time.
o Ex. T1 / E1 = 1.544mbps
Circuit switched: on demand bandwidth between
locations (cheep but slow)
o Encapsulation types:
o Dialup
o ISDN
PPP
Industry standard
Moderate overhead
Features
o Authentication
Pap
Chap – uses hash not encryption
o Compression
o Callback
o Multilink(bundles multiple T1 connections)
o Setup PPP:
(config-if) Encapsulation ppp
o Setup chap:
(config) username (other router name)
password (password)
(cofnig) ppp authentication chap
--repeat on other router
Frame relay
Committed information rate (CIR) – minimum logical
bandwidth
Local access rate (LAR) – maximum physical
bandwidth
Local management interface – protocol used on the
connection to the ISP
Data link connection identifier (DLCI) – identifier for
each line
Permanent virtual circuit – single connections to
other frames relay routers
Types of frame relay PVC designs
o Hub and spoke – all connections at one point
o Full mesh – all connections connected to all
points
o Partial mesh – all connection connected to
some/all points
Multipoint design
o All routers on same subnet
o Multiple DLCI numbers mapped to interface
o Causes problems with split horizon
Point to point design
o All router on different subnets
o Point to point sub-interface created for each
DLCI
o No problem with split horizon
Setup multipoint
o (config-if) encapsulation frame-relay
o (config-if) frame-relay map ip (A.B.C.D remote
router ip) (Local-DLCI#) broadcast
Setup Point-to-point
o (config-if) encapsulation frame-relay
o (config-if) interface (interface).(#) point-to-point
o (config-if) frame-relay interface-dlci (local-
DLCI#)
Troubleshooting commands
o Show frame-relay map
o Show frame-relay pvc
o Show frame-relay lmi
IPv6
Address size moved from 32-bit (IPv4) to 128-bit
(IPv6)
All current Routing protocols are now IPv6
compatible
Addresses:
o Link-local – include mac address
o Unique-local – similar to local address
o Global – Global internet address
Setup:
o (Config) ipv6 unicast-routing
o (config) interface (interface #)
o (config-if) ipv6 address (1111:2222::3333)
Migration to IPv6
o Dual-stack routers – Routers that run IPv4 &
IPv6
o Tunneling – allows IPv4 talk to IPv4 threw IPv6
and allows IPv6 talk to IPv6 threw IPv4
o NAT-PT – allows IPv4 networks to NAT over to
IPv6
Known Ports
Administrative distance
Connected Route = 0
Static route = 1
EIGRP Summary = 5
External BGP = 20
EIGRP (Internal) = 90
OSPF = 110
ISIS = 115
RIP = 120
EIGRP (External) = 170