Anda di halaman 1dari 106




I am dedicating this papers to my teacher and well wisher Mr Siddiq Ahmed who has give me a chance to teach in Netmetric Solutions Everything what I will get from this teaching is dust of his foot I will thank to Mr Sultan ( who had helped in completion of this papers And staff of Netmetric Solutions Ameerpet

Mirza Muqeem Baig (csit)


Network Evolution Computer Networking: Computer networking is continuously evolving more than 30years. Provides companies with the ability to share data between systems. Allow companies to centralizes and manage applications Email Database Web Types of networks: Local Area Network LAN are designed to create within a limited geographical area. Control the network privately under local administration. Provide full time connectivity to local services. Connect physically adjacent services Metropolitan Area Network Wide Area Network A WAN is a data communications network that covers a relatively broad geographic area and that often uses transmission facilities provided by common carriers, such as telephone companies. WAN technologies generally function at the lower three layers of the OSI reference model: the physical layer, the data link layer, and the network layer. Enterprise: Extranet or Virtual Private Network utilizes public medium such as internet to connect external devices to an extranet. VPN Remote Access employees Extranet Partners or affiliate companies Storage Area: Storage Area Network(SAN): High speed special purpose network that interconnects various kinds of data storage devices with associated data servers on behalf of a larger network of users Supports disk mirroring, backup and restore, archival and retrieval of the archived data, data migration and sharing data among different servers in a network. Network Attached Storage (SAN) device: stores data for various systems. A storage area network (SAN) is an architecture to attach remote computer storage devices such as disk array controllers, tape libraries and

CD arrays to servers in such a way that to the operating system the devices appear as locally attached devices. (By contrast to a SAN, network attached storage (NAS), uses file-based protocols such as NFS or SMB/CIFS where it is clear that the storage is remote, and computers request a portion of an abstract file rather than a disk block.) Content Delivery Networks: Service of copying pages of a website to geographically dispersed servers. Dynamically identifies and serves pages content from the closest server to the user, enabling faster delivery. Typically, high traffic website owners and internet service providers (ISPs) hire service of companies that provide content delivery. Internetworking: The process of interconnecting two or more individual networks to facilitate communications among their respective parts. May be of different types, each having its own address, internal protocols, access methods, and administration. The focus is the ability to communicate between dissimilar media types. No one solution is right for everyone. No company has only one solution. Internetworking must provide: Reliable communications Scalability/expandability Manageability Security Cisco provides a complete internetworking solution: They provide internetworking hardware. They provide internetworking connectivity. Software for internetworking Security Management products and so on. TCP/IP Connectivity: In 1969 Department of Defense commissioned Advanced Research Projects Agency (ARPA) network. ARPAnet used Network Connection Protocol (NCP). TCP/IP research began in Stanford university funded by Department of Defense and developed four-layered networking layer 4

Research published in Request for Comments (RFCs) Dejure standard Dejure means by law you have to use this or otherwise we will not buy equipment from the mainframe vendors. Internetworking as we know, it was born Defacto Standard Defacto means the more accepted by everyone.

OSI Model: In 1970, International Organization for Standardization (ISO) began work on 7-layered model. Open system Interconnection (OSI) model was born Created full standard set for all internetworking communications. 1979 OSI was completed. Implemented in 1984. Creation of the distribution processing networking model. LAN and WAN definition were born. Ethernet: In 1970s Digital, Intel and Xerox (DIX) consortium created the original Ethernet Ethernet II standard was subsequently defined and released. Ethernet II is known as ARPA Ethernet. 802. X: In February 1980, Institute of Electrical and Electronics Engineers inc., (IEEE) took on the project 802. 802.1 Committee was responsible for high level internetworking protocols and management thereof. 802.2 Logical Link Control (LLC) focused on end-to-end link connectivity and the interface between the higher layers and the medium access dependent layers. 802.3 Became the Ethernet standards (pushed by DIX). 802.4 Token Bus (Burroughs, concord data system, Honeywell, western digital and later, general motors and Boeing). 802.5 Token ring (published by IBM).


OSI Reference Model: OSI model is not a protocol. It is not a protocol stack something used to allow communication. In fact, it is a layered model, a reference model something to used vendors to develop these products. They can develop their products to meet the standards. The OSI model is a 7-layered model which is designed to facilitate standardization of various components that make internetworking function. OSI was developed by the International Organization for Standardization (ISO) and introduced in 1984. Each layer defines a set of functions which takes part in data communication.

Benefits of OSI: The layered approach to network communications provides the following benefits: Improved teaching and learning Accelerated evolution Interoperable technology Standard interfaces Allows different vendors network to work with each other. Breaks the complexities of networking into smaller pieces. Modularity enables changes at one layer without affecting other layers. 6

Facilitates standardization. Eases the process of troubleshooting. Application Layer (Layer 7): Network processes to applications It is responsible for providing an interface for the users to interact with application services or networking services. Provides network services to application process such as e-mail, file transfer, terminal emulation. Developers can write programs that allow application that are not network aware to access components of layer 7 Identifies communication partners. Identification of services is done using port numbers (service port address). Port is a logical communication channel. Port number is a 16 bit identifier. The total no. of ports are 0 65535. Server ports are 1 1023. Client ports are 1024 65535. Email client / email server Protocol Data Unit (PDUs) HTTP port no. is 80 FTP port no. is 21 SMTP port no. is 25 Telnet port no. is 23 TFTP port no. is 69 DNS port no. is 53 DHCP port no. is 67 Determines resource availability. Email folder Synchronize communication between systems Make sure that server and client are work together. Layer 7 services File and print Email Database Name resolution Internet access Terminal emulation Management services Presentation Layer (Layer 6): Data Representation. It is responsible for defining a standard format to the data. It deals with data representation. Ensures data is readable by receiving system. Format data. 7

Data structures. Negotiates data transfer syntax for application layer. Layer 6 is responsible for: Data encoding / decoding and conversion. o ASCII to EBCDIC (Text). o JPEG, GIF, TIFF (Graphics). o MPEG, DAT, AVI (Video). Encryption / Decryption o DES (Data Encrypt Standard) o 3- DES o AES (Advanced Encrypt Standard) o SSL / TLS. o Certificates. Compression / Decompression o Predictor. o Stacker. o MPPC (Microsoft Point to Point Compression).

Session Layer (Layer 5): Inter host communication. It deals with sessions or interaction between the applications. It is responsible for establishing, maintaining and terminating the sessions between applications. Session ID is used to identify the session or interaction. Establish connection Session setup Dialog Manage connection Dialog control Simplex one way traffic eg., Radio Half Duplex Two way traffic one at a time eg., Walkie-talkie Full Duplex Two way traffic simultaneously eg., Telephone Terminate connection Examples: Remote Procedural Call (RPC) Structural Query Language (SQL) Apple Talk Session Protocol. Transport Layer (Layer 4): End-to-end connections Identification of services. Multiplexing and de-multiplexing It is responsible for end-to-end transportation of data between the applications. Transportation issues between host Data transport reliability Establish, maintain and terminate virtual circuits 8

Fault detection and recovery Information flow control Data transports: Reliable data transfer Connection-oriented protocols o Guaranteed reliable o Acknowledged o Higher overload (is a disadvantage) Connectionless protocol o Best effort delivery o Non-acknowledged o Lower overhead because there is no acknowledgement. Flow control Designed to ease overhead. Allows data buffering Sliding windows Buffering with source quench messages Ports defined and assigned by the internet assigned numbers authority (IANA) Public applications (Well Known) 1 255. o HTTP (80) or FTP (21). Private Applications 256 1023 o Application specific Dynamic client (High Order) 256 65535. o Dynamically assigned by the client. Identify applications TCP/IP o Port value depends on the following: Type of applications What application is? Common ports are o TCP 21 FTP Control o TCP 20 FTP Data o TCP 23 Telnet o TCP 25 SMTP (simple mail transfer protocol) o TCP/UDP 53 DNS o UDP 69 TFTP o TCP 80 HTTP o UDP 161 SNMP (simple new management protocol) o UDP 162 SNMP Trap (A Trap is a line of communication that come from SNMP Client). The major functions described at the transport layer are as follows: Identifying services

Multiplexing and De-Multiplexing Segmentation Sequencing and Re-assembling Error correction with the help of checksum Flow control The size of protocol is 46 to 1500 bytes and beyond this it is called as joint frame and below it is called as Runt frame. Between 46 and 1500 is called as good frame.






Connection oriented



Layer 4

Connectionless Oriented Layer 3



Your LAN


Network Layer (Layer 3): The network layer manages devices addressing, tracks the locations of devices on the network and determines the best way to move data which means that the network layer must transport traffic between devices that are not locally attached. Routers are specified at the network layer and provide the routing services within an internetwork. Handles most of the protocol communication and is responsible for identifying the best path to move data from across the network. Provides connectivity and path selection between two end systems Domain of routing. Routing: Routed protocols o IP, IPX, Apple Talk Routing protocols o RIP 10

o IGRP o OSPF o EIGRP Route selection Addressing and switching Addressing is used to identify source and destination logical or software IP addresses Switching methods o Circuit switching telephony o Message switching Store and forward o Packet switching Frame relay and T1. Protocols Routed protocols carry data through the network o Run at the network layer o Make path determination based on content of route table o Eg., IP, IPX, Apple Talk Routing protocols o Programs that run exclusively on routers o Communicate known networks with other routers o Keep track of all network addresses and routes so as routable protocols can make its way through the networks. o Populates the route table o RIP, OSPF, IGRP, EIGRP, IS-IS, BGP 4.

Data Link Layer (Layer 2): It is responsible for end-to-end delivery of data between the devices on a network segment. The primary responsibility of layer 2 is framing (Encapsulation). Takes all the data from all the layers of the host and putting them all in a format that are understand by the other side. Layer 2 primary responsibility is access to the media. Its actually provides the reliable transfer of data through media Its job is to take care of the physical addressing, network topology. Responsibilities of Layer 2 are: Framing (CISCO use the word encapsulation) o MAC sub layer o LLC sub layer Physical addressing o MAC Address (Hardware address) Access to the physical topology. Ethernet II Frame PRE Destination Source Type Address Address Layer 3 7 data FCS

Ethernet 802.3 Frame PRE Destination Source Length Layer 3 7 data Address Address FCS

Token ring Frame Start AC FC Destination Source Layer 3 7 Address Address data FCS End Stat

Note: The source and destination address must use the same frame type for data communications Data link layer comprises of two sub layers: Media Access Control (MAC) and Logical Link Control (LLC). Provide a layer of abstraction between upper layer protocols and underlying interface hardware. Allow multiple protocols binding to exist. MAC deals with hardware addresses (MAC Addresses). MAC addresses are 12 digit Hexa decimal identifiers used to identify the devices uniquely on the network segment. It also provides error detection using CRC and framing (Encapsulation control information). Eg: Ethernet, token ring, etc. It is a 6-byte hexa-decimal address (6 octets). MAC address is globally unique to each network interface. Three bytes are assigned to the manufacturer. Three bytes used for node ID. Eg: 00-aa-00-34-e5-f1 Where, 00-aa-00 = 3 com and 34-e5-f1 = node ID Node ID is always unique. LLC (Logical Link Control) deals with layer 3 negotiation. Eg: SAP, SNAP, etc Framing is done on data link layer. Switches and NIC are under data link layer. Layer 3 devices are router / operating system SAP identify IP is IPX-0x06 IPX-0x0E Protocols High Level Data Link Control (HDLC) designed to support point to point or multipoint serial connections. o Default for all CISCO serial connections. o CISCO version is proprietary. Synchronous Data Link Control (SDLC) o Created by IBM to facilitate connections to mainframe hosts. 12

X.25 Standard for packet switched network. o Built in error detection o Predecessor to frame relay o Defined to DTE or DCE devices o CISCO routers are DTE devices Link Access Procedure Balanced (LAPB) Designed for use over X.25 o Provides services like sequencing and retransmits for X.25 Frame Relay o Faster up to 45 Mbps o High quality digital technology. Dial Protocols Serial Line Internet Protocol (SLIP) o Original standard for TCP/IP transmission over low speed serial links o Predecessor to PPP Point-to-Point (PPP) o New standards for TCP/IP transmission over low speed serial links o Adds multiple protocol supports encryption and error detection. Integrated Service Digital Network (ISDN) o Digital technology for the transmission of both voice and data over modified analog lines. IEEE Standards 802.1 Internetworking 802.2 LLC 802.3 CSMA/CD (Ethernet) 802.4 Token bus 802.5 Token ring 802.6 MANs 802.7 Broadband Technology 802.8 Fiber optics 802.9 Integrated Voice and data 802.10 Network Security 802.11 Wireless networking 802.12 100 VG any LAN Data Encapsulation Application Layer Data Presentation Layer Session Layer Transport Layer Network Layer
Segmen ts Packets Frame 13

Data Link Layer Physical Layer Physical Layer (Layer 1): It is responsible for binary transmission. It deals with physical transmission of binary data on the given media (Copper fiber, wireless). It is also deals with electrical, mechanical and functional specification of the devices media. The major function describe at this layer are: Encoding And Decoding It is the process of converting the binary data into signals based on the type of media. Media Specification Copper Media Electrical signal of different voltages. Fiber Media Light pulses of different wave length. Wireless Media Radio frequency waves Electrical and Mechanical specification of media devices topology Clocking Sets the rate at which various data samples are passed across the wire. Physical Topology Identifies how devices connect to the network Physical and logical topologies have to match. Modes of Transmission of signals signal communication happens in three different modes Simplex one way traffic eg., Radio Half Duplex Two way traffic one at a time eg., Walkie-talkie Full Duplex Two way traffic simultaneously eg., Telephone Standards EIA/TIA 232 (RS232) supports circuit speeds up to 64 KBps EIA/TIA 449 (RS449) supports circuit speed up to 2 MBps V.24/ V.35 ITV T Standards Similar to RS 232 Topology Types Bus Ring Star Point-to-Point Full Mesh (Partial Mesh)

Ethernet Topology LAN Topology Used in contention based networks such as, Ethernet and fast Ethernet. Ethernet, digital, Intel and Xerox (DIX) and IEEE 802.3 Define original Ethernet standards CSMA/CD designed to detect collisions All versions uses a bus topology Half duplex operation (Full duplex capable) o Both define a max raw transmission rate of 10 MB. o Aggregate rates double then full duplex. Standards o 10 Base 2 Thin Ethernet 185 meters o 10 Base 5 Thick Ethernet 500 meters o 10 Base T Twisted pair Ethernet 100 meters The original Ethernet only used a 4 bit data path at 2.5 MHz o Current processor 2 GHz Fast Ethernet Technologies o 802.3 Standard Ethernet (10 Mb) o 802.3u Fast Ethernet (100Mb) o 802.3z Gigabit Ethernet (1000 Mb) o 802.3ae 10 Gigabit Ethernet (10000 Mb) Fast/Gigabit Ethernet o 802.3u 100 Base T Defines a bus topology Half duplex or full duplex o 100 Base TX CAT 5/FE UTP 100 meters o 100 Base FX Multi-mode fiber 400 meters Maximum raw transmission rate of 100 Mb. o Aggregate rates double when full duplex. o 4 bit data path at 25 MHz o 802.3z 1000 Base T Defines a bus topology Half / full duplex operation o 1000 Base T CAT 5 UTP 100 meters o 1000 Base SX Multimode fiber 260 meters o 1000 Base LX Single mode fiber 10 Km Maximum raw transmission rates of 1 GB o Aggregate rates doubles when full duplex o 8 bit data path at 125 MHz Ring Topology IBMs Token Ring was first seen in the late 1970s o Later IEEE 802.5 became standard o Available in 4 Mbps and 16 Mbps 15

Uses a token frame for access to the network. o Token is passed around a logical ring of the network devices o System must acquire the token to transmit data o Data always travels around the ring in the same direction, therefore no collision.


Internet Protocol (IP) The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. IP is documented in RFC 791 and is the primary network-layer protocol in the Internet protocol suite. Along with the Transmission Control Protocol (TCP), IP represents the heart of the Internet protocols. IP has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of datagrams to support data links with different maximumtransmission unit (MTU) sizes. IP Packet Format An IP packet contains several types of information, as illustrated in . Figure 30-2 Fourteen fields comprise an IP packet.

The following discussion describes the IP packet fields illustrated in : VersionIndicates the version of IP currently used. IP Header Length (IHL)Indicates the datagram header length in 32-bit words. Type-of-ServiceSpecifies how an upper-layer protocol would like a current datagram to be handled, and assigns datagrams various levels of importance. Total LengthSpecifies the length, in bytes, of the entire IP packet, including the data and header. IdentificationContains an integer that identifies the current datagram. This field is used to help piece together datagram fragments. 17

FlagsConsists of a 3-bit field of which the two low-order (least-significant) bits control fragmentation. The low-order bit specifies whether the packet can be fragmented. The middle bit specifies whether the packet is the last fragment in a series of fragmented packets. The third or high-order bit is not used. Fragment OffsetIndicates the position of the fragment's data relative to the beginning of the data in the original datagram, which allows the destination IP process to properly reconstruct the original datagram. Time-to-LiveMaintains a counter that gradually decrements down to zero, at which point the datagram is discarded. This keeps packets from looping endlessly. ProtocolIndicates which upper-layer protocol receives incoming packets after IP processing is complete. Header ChecksumHelps ensure IP header integrity. Source AddressSpecifies the sending node. Destination AddressSpecifies the receiving node. OptionsAllows IP to support various options, such as security. DataContains upper-layer information.

Addressing IP addressing supports five different address classes: A, B,C, D, and E. Only classes A, B, and C are available for commercial use. The left-most (high-order) bits indicate the network class. provides reference information about the five IP address classes.
IP Address Format Class HighOrder Bit(s) Address Range


No. Bits Network/Host Max. Hosts


N.H.H.H Few large 0 organizations N.N.H.H Medium-size 1, 0 organizations to to

7/24 14/16 21/8

167772142 (224 - 2) 65534 (216 - 2) 254 (28 2)

N.N.N.H Relatively 1, 1, to small 0 organizations N/A

Multicast 1, 1, to N/A (not N/A groups (RFC 1, 0 for 1112) commercial use) Experimental 1, 1, to N/A 1, 1 N/A



Address Scheme Public Address Scheme Many host require direct access to the internet Have a sufficient no. of public addresses. Must have been assigned an address by the internet community or by an ISP Private Address Scheme Fewer hosts require direct access to the internet. Will probably not have a sufficient no. of public addresses for all hosts.

Reserved Addresses (Private IP Addresses): RFC 1918 There are certain addresses in each class of IP address that are reserved for LAN. These addresses are called as private IP addresses. They can be used for home and office networks, networks that are not connected to internet. Note: Reserved Private IP addresses are not routable oriented Class type A B C Start address End address

Other Reserved Ranges: Loop back Testing is only a prominent address which is used for self checking i.e., used to test your own network interface card but complete 127 network is reserved for loop back test. Link Local Addresses (RFC2026) o RFC 2026 link local address o Automatically assigned to clients if the DHCP server cannot be contacted. o Not routed by any router. o Submitted by Apple computers corporation to suppress messages on DHCP clients IP Addressing is logical addressing. It works on network layer. As with any other network-layer protocol, the IP addressing scheme is integral to the process of routing IP datagrams through an internetwork. Each IP address 19

has specific components and follows a basic format. These IP addresses can be subdivided and used to create addresses for subnetworks, as discussed in more detail later in this chapter. Each host on a TCP/IP network is assigned a unique 32-bit logical address that is divided into two main parts: the network number and the host number. The network number identifies a network and must be assigned by the Internet Network Information Center (InterNIC) if the network is to be part of the Internet. An Internet Service Provider (ISP) can obtain blocks of network addresses from the InterNIC and can itself assign address space as necessary. The host number identifies a host on a network and is assigned by the local network administrator. There are two versions of IP addressing Scheme IP V 4 32 bit addressing IP V 6 128 bit addressing Bit is a value representing 0s or 1s Priority Bit To identify the range of each class a bit called priority bit is used Priority bit is the left most bits in the first octet Class A priority bit is 0 Class B priority bit is 10 Class C priority bit is 110 Class D priority bit is 1110 Class E priority bit is 1111 Network Address is represented with all bits as zero in the host portion of the address Broadcast address is represented with all bits as ones in the host portion of the address. The valid IP address lies between the network address and broadcast address. Only valid IP addresses are assigned to hosts/clients. Every host requires a unique IP address on a given network. Every router interface has a unique address to the respective network. This address is used by the host to get off of the network. Always configure an IP host with: Own IP Subnet mask Address of Default Gateway IP Address Format The 32-bit IP address is grouped eight bits at a time, separated by dots, and represented in decimal format (known as dotted decimal notation). Each bit in the octet has a binary weight (128, 64, 32, 16, 8, 4, 2, 1). The minimum value for

an octet is 0, and the maximum value for an octet is 255. Illustrates the basic format of an IP address. Figure: An IP address consists of 32 bits, grouped into four octets.

Subnet Mask A subnet address is created by "borrowing" bits from the host field and designating them as the subnet field. The number of borrowed bits varies and is specified by the subnet mask. Shows how bits are borrowed from the host address field to create the subnet address field. Subnet Mask differentiates network portion and host portion. Subnet mask is been given for host identification of network ID. Identifies the division of network portion and host portion of an IP address. Used in conjunction with source and destination address to make routing decisions. All hosts in given network scheme will always use the exact subnet mask to provide accurate routing known as classful routing Same subnet mask is always evaluated against the source and destination IP. Without an accurate subnet mask, broadcast or ARP storing LAN occur. Have an accurate subnet mask for every host or the network. Two different types of subnet mask Default subnet mask It is the no. of bits that are reserved by the address class o Using the default mask only accommodates a single segment. o Will not have any more than one subnet capability Custom subnet Mask can be defined to accommodate many network segments Represented with all 1s in the network portion and with all 0s in the host portion. Default subnet mask: Class A Class B Class C Note: A subnet mask itself defines the bits used by the network address. The classful boundary defines the classful network bits and a custom subnet mask defines any additional bits used for the network portion.

Figure: Bits are borrowed from the host address field to create the subnet address field.

Subnet masks use the same format and representation technique as IP addresses. The subnet mask, however, has binary 1s in all bits specifying the network and subnetwork fields, and binary 0s in all bits specifying the host field. illustrates a sample subnet mask. Figure: A sample subnet mask consists of all binary 1s and 0s.

Subnet mask bits should come from the high-order (left-most) bits of the host field, as illustrates. Details of Class B and C subnet mask types follow. Class A addresses are not discussed in this chapter because they generally are subnetted on an 8-bit boundary. Figure: Subnet mask bits come from the high-order bits of the host field.


Various types of subnet masks exist for Class B and C subnets. The default subnet mask for a Class B address that has no subnetting is, while the subnet mask for a Class B address that specifies eight bits of subnetting is The reason for this is that eight bits of subnetting or 28 - 2 (1 for the network address and 1 for the broadcast address) = 254 subnets possible, with 28 - 2 = 254 hosts per subnet. The subnet mask for a Class C address that specifies five bits of subnetting is five bits available for subnetting, 25 - 2 = 30 subnets possible, with 23 - 2 = 6 hosts per subnet. The reference charts shown in table 30-2 and table 30-3 can be used when planning Class B and C networks to determine the required number of subnets and hosts, and the appropriate subnet mask.

Class B Subnetting Reference Chart Number of Bits 2 3 4 5 6 Subnet Mask Number of Subnets 2 6 14 30 62 Number of Hosts 16382 8190 4094 2046 1022

7 8 9 10 11 12 13 14

126 254

510 254 126 62 30 14 6 2 510 1022 2046 4094 8190 16382

Class C Subnetting Reference Chart Number of Bits 2 3 4 5 6 Subnet Mask Number of Subnets Number of Hosts 62 30 14 6 2 2 6 14 30 62

How Subnet Masks are Used to Determine the Network Number The router performs a set process to determine the network (or more specifically, the subnetwork) address. First, the router extracts the IP destination address from the incoming packet and retrieves the internal subnet mask. It then performs a logical AND operation to obtain the network number. This causes the host portion of the IP destination address to be removed, while the destination network number remains. The router then looks up the destination network number and matches it with an outgoing interface. Finally, it forwards the frame to the destination IP address. Specifics regarding the logical AND operation are discussed in the following section. How subnet mask works? IP address: Subnet mask: ANDing process the output of AND table is 1 if both its input is 1 for all other possible inputs the output is 0. IP Address = 11000000.10101000.00000001.00000001 24

Subnet Mask = 11111111.11111111.11111111.00000000 Network ID = 11000000.10101000.00000001.00000000 Subnetting: Dividing a single network into multiple networks. Converting hosts bits to network bits i.e., 0s into 1s Subnetting is also called as FLSM Subnetting can be done in three ways Requirement of networks Requirements of host CISCO/Notation Fixed Length Subnet Mask (FLSM) All the bits in the subnet mask portion should not be zeros or all ones. Variable Length Subnet Mask (VLSM) All the bits vary in subnet portion. Subnetting a subnet is called as VLSM


ROUTER A Router is a layer 3 network device that moves data between different network segments and can look into a packet header to determine the best path for the packet to travel. Routers can connect network segments that use different protocols. They also allow all users in a network to share a single connection to the Internet or a WAN. It is used to improve network performance by: segmenting the network and creating separate collision & broadcast domains. reducing competition for bandwidth. Broadcasts are not forwarded to other network segments. Increases security by using Access Lists. Components of Router Router is a device which makes communication possible between two or more different networks present in different geographical locations To make communication possible between two or more different network present in the same geographical location what are the steps to be taken. The same network present in different geographical locations cant communicate through a router because of network ID of both the networks are same then the request will not go out of the router and it will keep on searching with the LAN. CISCO Hierarchical Design Model: CISCO divided router into three layers Access Layer Router Routers which are used by the small organizations and are also known as Desktop Routers or Company Layer Routers. Router Series: 800, 1000, 1600, 1700, 2500. Distribution Layer Router Routers which are used by the ISPs and are also know as ISP layer routers. Router Series: 2600, 3200, 3600, 3700. Core Layer Router Routers which are used by the global ISPs and are also known as Back bone Routers. Router series: 6400, 7200, 7300, 7400, 7500, 7600, 10000, 12000.


Router Classification Fixed Router Fixed Routers are just like a branded PC where modification of interface is not possible

Modular Router Modular routers are just like assembled PC where modifications of interfaces are possible.

Access layer router are example of fixed router except 1600 and 1700 series

Distribution and core layer routers are example of modular routers.

Internal and External Components of a Router: Very similar to a PC. PC works on layer 1 to layer 7 but routers are optimized to work at OSI layer 3. Attachment Unit Interfaces: AUI pin configuration is 15 pin female. It is known as Ethernet port or LAN port or Default gateway. It is used for connecting LAN to the router. Transceiver is used for converting 8 wires to 15 wires i.e., RJ45 to 15 pin converter. An IP address need to be assigned to this interface and it should be in the same network as of the LAN Serial Port: Serial pin configuration is 60 pin configuration female (i.e., 15 pin and 4 rows) and smart serial pin configuration is 26 pin configuration pin It is known as WAN port It is used for connecting to remote locations V.35 cable is having 60 pin configuration male at one end and on other end 18 pin configuration male. Console Port: It is known as local administrative port. It is generally used for initial configuration, password recovery and local administration of the router. It is RJ 45 port. It is the most delicate port on the router so make less use of the console port. Auxiliary Port: It is known as remote administrative port. It is used for remote administration. It is an RJ 45 port A console or a roll over cable is to be used.

BRI Port (WAN): Basic Rate Interface (BRI) used to connect ISDN to the router. It is a RJ 45 port. It is available on 2503 and 2520 model router. 10 Base T Port: It is a RJ 45 port. It is used for connecting LAN to the router. Its function is same as AUI port but there is no need for a transceiver. It is available on 2520 model router. Processor: Motorola processor 70 MHz RISC (Reduced Instruction Set Computer) based processor. Read Only Memory (ROM) On every router board ROM will present. Contains Bootstrap process Basic boot configuration May contain an almost complete subset of the IOS ROM is used to store the router's bootstrap startup program, operating system software, and power-on diagnostic tests programs. In order to perform ROM upgrades you remove and replace pluggable chips on the motherboard. Random Access Memory (RAM) RAM is used to store operational information such as routing tables, router's running configuration file. RAM also provides caching and packet buffering capabilities. Its contents are lost when you switch off or restart the router. Allows basic functionality Password recovery Retrieval of lost devices Amounts differ depending on the capacity Used as a working buffer memory. Buffer memory stores packet on the interfaces before switching it to the out interfaces. The higher the RAM, the greater the router capacity. Routers ship with the amount of RAM required operating at their minimum capacity. Flash Memory It holds operating system image(s). Flash memory is erasable, reprogrammable ROM. IOS software upgrades without having to remove and replace chips. 28

Flash content is retained when you switch off or restart the router. Stores the full IOS image Loaded during the boot process into RAM Similar to a PC operating system being loaded from the hard drive.

Non-Volatile RAM (NVRAM) Does not lose power when turned off. Start up configuration file When first started, a router does not know how to route. No name, no IP address Looks for the startup configuration file. The configuration file will be not present in NVRAM we have to save it. When saved, the configuration file is copied to NVRAM. Every subsequent boot will load the configuration. Generally, size of NVRAM is 32 KB. Network Interfaces The router's network interfaces are located on the motherboard or on separate interface modules. You configure Ethernet or Token Ring interfaces to allow connection to a LAN. The synchronous serial interfaces are configured to allow connection to WANs. You can also configure ISDN BRI interfaces to allow connection to an ISDN WAN. Router Components (External) A router can be configured over any of its network interfaces. You can supply configuration information to a router using: TFTP servers: Trivial File Transfer Protocol; A simplified version of FTP that allows files to be transferred from one computer to another over a network. virtual terminals network management stations Router Process Every interface is assigned in memory a specific buffer area used for storing packets on inbound and outbound transit paths. Every incoming packet is stored in the inbound packet buffer. Router examines every inbound packet then moves it to outbound of another interface. Memory function is based upon dynamic RAM (DRAM). DRAM allocates buffer to the router itself.

Route Table The element that a router uses to make decisions when forwarding data. Matches an inbound packet to a destination router Used by the IP protocol in the router to make decisions. More information in the route table results in the better decisions by IP. Have a certain degree of accuracy in the route table. Route Determination Determine destination of packet. Determine if there is a match in the table. No router returns an ICMP host unreachable message. Yes runs selection sequence to identify which route to use. Selection order Most specific route o Route which most closely matches the destination. o Router picks the route with longest prefix. Router with lowest cost or lowest metric. Oldest route Switching Process Packet moves from input packet buffer to destination interface via output buffer. Every packet has to be re-written into DRAM than switched to the outbound interface. By default, the entire router has the capability of process switching. IOS Upgrade Process Backup all router configurations first. Access the CISCO website using CISCO account. Make sure that the appropriate license has been purchased for the software. Downloading IOS. Looks at caveats and security warning with the download. Several stages of deployment for software. General deployment typically means most bugs have been fixed. Have a TFTP or FTP server available that the router can access. File download will have .bin extension In the root directory for TFTP In the FTP root directory on the FTP servers Routing Table Understand the contents of the route table. Contains a list of routes learned Table displays: 30

Route origin Destination network Administrative distance Metric First step in the path to the destination Age of route Destination port Cisco CLI Command Modes The Cisco IOS software provides you with access to several different command modes. Each command mode provides a different group of related commands. The Cisco Command Line Interface (CLI) is called EXEC. EXEC has two modes:User mode Privileged mode For security purposes the two EXEC modes serve as two levels of access to Cisco IOS commands. EXEC user commands allow you to connect to remote devices make temporary changes to terminal settings perform basic tests list system information If you want to access privileged mode you have to enter a password. The commands available in Privileged mode also include all those available in User mode. You can use Privileged EXEC commands to: set operating parameters perform a detailed examination of the router's status test and debug router operation access global and other included configuration modes From Privileged mode you can enter global configuration mode. This gives you access to configuration commands that affect the system as a whole, and to other configuration modes. You can specify the source of the configuration commands as being from : a terminal memory the network You can access many other specific configuration modes from Global Configuration mode that allow complex configurations to be performed. Setup Mode: If the router does not have a configuration file it will automatically enter Setup mode when you switch it on. Setup mode presents you with a prompted dialog, called the system configuration dialog, in which you establish 31

an initial configuration. Rom Monitor Mode: If the router does not find a valid operating system image, or if you interrupt the boot sequence, the system may enter ROM monitor mode. From ROM monitor mode you can boot the device or perform diagnostic tests. Router's Startup Procedure Each time you switch on the router, it goes through power-on self-test diagnostics to verify basic operation of the CPU, memory and network interfaces. The system bootstrap software in ROM (boot image) executes and searches for valid router operating system software (Cisco IOS image). IOS is acronym for Internetwork Operating System. There are three places to find the Cisco IOS image to load: Flash memory A TFTP server on the network ROM The source of the Cisco IOS image is determined from the boot field setting of the router's configuration register. Configuration Registration: A 16-bit register used to control how the router boots up, where the IOS image, how to deal with the NVRAM configuration, setting the console baud rate and enabling or disabling the break function. The default setting for the configuration register indicates that the router should attempt to load a Cisco IOS image from flash memory. If the router finds a valid IOS image, it searches for a valid configuration file. If your router does not find a valid system image, or if its configuration file is corrupted at startup, and the configuration register (bit 13) is set to enter ROM monitor mode, the system will bypass the NVRAM setting and enters ROM monitor mode. This also allows access to the router in the event a password is lost. The configuration file, saved in NVRAM, is loaded into main memory and executed one line at a time. These configuration commands start routing processes, supply addresses for interfaces, and set media characteristics. If no configuration file exists in NVRAM, the operating system executes a question-driven initial configuration routine called the system configuration dialog. This special mode is also called the Setup mode. Boot Process Power on Self Test (POST) checks memory and power like a PC POST. Loads Bootstrap from ROM Looks for the IOS image in flash 32

IOS image is a small file IOS image loaded from flash IOS looks for a start up configuration file in NVRAM. Start up configuration is loaded from NVRAM. If no configuration file is found, router enters auto setup mode. Auto setup mode is used for establishing the initial use of a router.

Boot sequence POST (Power On Self Test) BOOTSTRAP (ROM) (It tries to locate IOS) FLASH (FLASH relies on TCP) or TFTP (TFTP relies on UDP) NVRAM (NVRAM is a router memory) (Start up configuration) RAM (NVRAM Configuration copied into RAM) Start program accessories communications hyper Terminal click give a connection name connect to COMM1 ok com1 properties restore default ok switch on the router now would u like to enter initial configuration (Y/N) no enter

Basic Router Configuration

Rename the Router To specify or modify the host name for the router, global configuration command HOSTNAME is used. Hostname is case sensitive. The host name is used in prompts and default configuration filenames. Router(config)# hostname How2Pass The factory-assigned default host name is router. Setting the System Clock The system clock runs from the moment the system starts up and keeps track of the current date and time based on Coordinated Universal Time (UTC), also known as Greenwich Mean Time (GMT). The system clock can be set from a number of sources, and in turn can be used to distribute the current time through various mechanisms to other systems. To manually set the system clock, use one of the formats of the clock set EXEC command. clock set hh:mm:ss day month yyyy clock set hh:mm:ss month day yyyy In the following example, the system clock is manually set to 1:32 p.m. on May 12, 2001: 33

Router# clock set 13:32:00 12 May 2001 Show System Time To display the system clock, use the show clock EXEC command. If time has not been set by the clock set command then this command will show the time lapsed since router is up. Router# show clock Setting the Banner To specify a message-of-the-day (MOTD) banner, use the banner motd global configuration command. The no form of this command deletes the MOTD banner. When someone connects to the router, the MOTD banner appears before the login prompt. Router(config)# banner motd # message # Here (#) sign is used as delaminating character. You can use any character. Setting the Description for an Interface To add a description to an interface configuration, use the description interface configuration command. Use the no form of this command to remove the description. The description command is meant solely as a comment to be put in the configuration to help you remember what certain interfaces are used for. The following example shows how to add a description for a T1 interface: Router(config)# interface serial 0 Router(config-if)# description T1 line to How2Pass - 128 Kb/s The description "T1 line to How2Pass - 128 Kb/s" appears in the output of the following EXEC commands: show startup-config, show interfaces, and show running-config Setting the Line Password To specify a password on a line, use the password line configuration command. Use the no form of this command to remove the password. The first character cannot be a number. The string can contain any alphanumeric characters, including spaces, up to 80 characters. Console Password Console password is needed when logging into router at user EXEC mode from console. Router(config)# line console 0 Router(config-line)# password How2pass2004

vty lines password Virtual terminal lines (vty) are used to allow remote access to the router (by telneting through its interfaces). The router has five virtual terminal lines by default. Router(config)# line vty 0 4 Router(config-line)# password How2Pass2004 Setting Privileged Access Password To set a local password to control access to various privilege levels, use the enable password global configuration command. Use the no form of this command to remove the password requirement. An enable password is defined as follows: Must contain from 1 to 25 uppercase and lowercase alphanumeric characters. Must not have a number as the first character. Can have leading spaces, but they are ignored. However, intermediate and trailing spaces are recognized. Router(config)# enable password How2Pass2004 Setting Secret (Encrypted) Password To set an encrypted local password to control access to various privilege levels, use the enable secret global configuration command. Use the no form of this command to remove the password requirement. Router(config)# enable secret How2pass2004 Router > enable * this is called as user mode. Router # Show running config * this is called as Privileged mode. Router # configure terminal Router (config)# * this mode is called as global configuration mode. Router (config)# hostname hyd Hyd(config)# Interface Ethernet 0 Hyd(config-if)# * this mode is called as interface configuration mode. Hyd(config-if)# IP address <ip address> <subnet mask> Hyd(config-if)# no shutdown (because all the interfaces are shutdown before configuration) Hyd(config-if)# exit Hyd(config)# lineconsole 0 * console configuration. Hyd(config-line)# login Hyd(config-line)# password zoom Hyd(config-line)# exit Hyd(config)# line Vty 0 4 * Telnet configuration. 35

Hyd(config-line)# login Hyd(config-line)# password CCNA Hyd(config-line)# exit Hyd(config)# line aux 0 * auxiliary configuration. Hyd(config-line)# login Hyd(config-line)# password CISCO Hyd(config-line)#exit Hyd(config)# enable password <password> Hyd(config)# enable secret <password> Hyd(config)# ^z * to go to the user mode directly from any other mode. Hyd# show configuration * to view the configuration Hyd# copy running-config startupconfig * to save router configuration. Or Hyd# write * this is the shortcut command to save configuration In global configuration mode, Hyd (config)# service password encryption By using this command the password which are stored in clear text will be encrypted into MD-5 (message digest file) {line Vty 0 4} (o to 4 is used because telnet can run 5 session at a time)
Command Modes Access Method Prompt Exit Method About This Mode


Begin a session with your router.


Enter the logout command.

A subset of the commands available in this mode. Use this mode to:

Change terminal settings Perform basic tests Display system information


Privileged EXEC

Enter the enable command while in user EXEC mode.


To exit to user EXEC mode, enter the disable command. To enter global configuration mode, enter the configure command.

Use this mode to:

Configure your router operating parameters. Perform the verification steps shown in this guide.

To prevent unauthorized changes to your router configuration, access to this mode should be protected with a password . Use this mode to configure parameters that apply to your router as a whole.

Global configuration

Enter the configure command while in privileged EXEC mode.


To exit to privileged EXEC mode, enter the exit or end command, or press Ctrl-Z. To enter interface configuration mode, enter the interface command.

Interface configuration

Enter the interface command (with a specific interface) while in the global configuration mode.

1600(config-i f)#

To exit to global configuration mode, enter the end command. To exit to privileged EXEC mode,

Use this mode to configure parameters for the various LAN and WAN interfaces of your router, including the:

Ethernet interface Serial 37

enter the exit command, or press Ctrl-Z. To enter subinterface configuration mode, specify a subinterface with the interface command. Router configuration Enter your router command followed by the appropriate keyword while in global configuration mode.
1600(config-r outer)#

interface ISDN interface

To exit to global configuration mode, enter the end command. To exit to privileged EXEC mode, enter the exit command, or press Ctrl-Z.

Use this mode to configure an IP routing protocol.

Line configuration

Specify a line with the line vty command while in the global configuration mode.

1600(config-l ine)#

To exit to global configuration mode, enter the exit command. To enter privileged EXEC mode, enter the end command, or press Ctrl-Z.

Use this mode to configure parameters for the terminal.


WAN Interfaces Communication Protocols PPP Point to point protocol Open standard protocol (works with same and different company router) i.e., CISCO NORTEL. Support authentication (user name and password identification) Support compression HDLC High level data link control Vendor Proprietary protocol (works with same company router) i.e., CISCO CISCO, NORTEL NORTEL. No support authentication. No support for compression By default on all CISCO routers uses HDLC protocol.

Device Classification DCE Data communication equipment Generating, clocking (i.e., speed) Master Example of DCE devices in leased line setups: V.35 and G703 modem and exchange (MODEM and MUX) (MUX Multiples) Example of DCE devices in dial-up setup: dialup modem DTE Data terminal equipment Accept clocking (i.e., speed) Slave Example of DTE devices in leased setup: router Example of DTE devices in dial up setup: computer

Command This command is used to know which interface is router either DCE or DTE. Router# show controller S0 To list the available clock rate in the router the command is Router# clock rate? Configuration of Serial Interfaces Router(config)# interface serial S0 Router(config-if)# ip address <ip address> <subnet mask> Router(config-if# no shutdown Router(config-if)# clock rate <clock rate> (this command is only for DCE device only) Router(config-if)# encapsulation {PPP/HDLC} 39

For the removal of the interfaces Router(config)# default interface Router(config)# default interface S% (for removal of S% interface) On Hyd router Hyd(config)# interface serial S0 Hyd(config-if)# ip address Hyd(config-if)# no shutdown Hyd(config-if)# encapsulation HDLC Hyd(config-if)# exit On Adilabad router Adilabad (config)# interface S1 Adilabad (config-if)# ip address Adilabad (config-if)# no shutdown Adilabad (config-if)# encapsulation HDLC Adilabad (config-if)# exit Trouble shooting Hyd#show int S0 If serial 0 is up, line protocol is up. It implies all configurations and the connectivity are fine. If serial 0 is administratively down, line protocol is down. Implies, no shutdown (layer 1 command) has not been given on the local router interface. If serial 0 is up and line protocol is down. Implies, encapsulation or clock rate (layer 2 command) have not been given or encapsulation on both the routers are different. Serial 0 is down and line protocol is down. Implies, no shutdown command has not been given on the remote router interface or some problem with the physical connectivity.


Rules of Routing Head office Ethernet interface should be in the same network as your head office LAN and similarly on branch office side. Head office LAN E0 Branch office LAN E0 Head office S0 and Branch office S1 should be in the same network. Network S0 S1 Head office LAN and Branch office LAN should be in different network. Head office LAN Branch office LAN All interfaces of router should be in different networks Head office E0 S0 Branch office E0 S1 Types of Routing: 1. Static routing 2. Dynamic routing Static Routing It is configured by administrator manually. Administrator has entered in a route table entry. Mandatory need of destination network ID It is secure and fast. Enhanced security Lower utilization of bandwidth Lower route processing overhead. Used for small organization with a network of 10 15 routers Administrative distance for static routing is 0 and 1. Administrative distance is a trust worthiness of the routing information. Lesser the administrative distance, higher the preference. Administrative distance is 0 and 1 for static routing because if the router is referred twice its distance is 1. The one which is configured with the exit interface administrative distance is 0. The which is configured with its next hop address its administrative distance will be 1. Disadvantages Administrative overhead Time consuming Error prone Not dynamic No automatic recovery in the event of a failure. Suitable only for small network

Configuring static routing: Router(config)# ip route <destination network ID> <destination subnet mask> <next hop IP address>


Router(config)# ip route <destination network ID> <destination subnet mask> <exit interface type> <interface number> Hyd Router Hyd(config)# ip routing Hyd(config)# ip route Adilabad Router Adilabad (config)# ip routing Adilabad (config)# ip route S1

Multiple Routing Hyd router E0 Chennai router Bang router S0 S1 S0 S0 S0 E0 E0




LAN Routing Table Hyd router via



E0 S0

Chennai router S0 S1 E0

Bang router S1 E0 S1

42 via via via via

S1 S1

On Hyd Router Hyd(config)# ip routing Hyd(config)# ip route Hyd(config)# ip route Hyd(config)# ip route On Adilabad router Adilabad (config)# ip routing Adilabad (config)# ip route or S1 Adilabad i(config)# ip route or S1 On Nag Router Nag (config)# ip routing Nag (config)# ip route or S1 Nag (config)# ip route or S1 Nag (config)# ip route or S1 To view the IP routes which are configured the command is: Router# show ip route What is Routing Protocol? A Routing Protocol is the language a router speaks with other router in order to share information about the reach-ability and status of network. Eg: RIP, EIGRP etc. Dynamic Routing Information entered into the IP route table dynamically. This is a function of routing protocol. Protocols share information about all known network with neighbors. Automatic recovery from network failure. Suitable for layer network. Router converges automatically. Dynamic routing protocol advantages far outweigh the disadvantages. Disadvantages Router processing overhead. Network bandwidth utilization. 43

Administrative Distance Integral part of how CISCO works. Not all routers use the same terminology or technology. Predefined sets of precedence no. known as Administrative Distance. Administrative distance qualifies how believable the learned router is. The lower the no. the most believable the router. EIGRP is much more sensitive to live conditions and has a lower no. Metric: A Metric is a variable assigned to routers as a mean of ranking them from best to worst or from preferred to least preferred. Protocol Static RIP IGRP OSPF EIGRP Administrative Distance (AD) 0 or 1 120 100 110 90

Advantages of Dynamic Routing over Static Routing: There is no need to know the destination network ID. Need to advertise the directly connected networks Update topology change dynamically. Administrative work reduced. Used for larger organizations. Types of Dynamic Routing: Distance Vector Protocol Link State Protocol Hybrid Protocol Distance vector Protocol Two primary characteristic Uses measurement of distance or direction as the metric. Hop count is one example. Broadcast the entire routing table on specific time interval. Work with Bellman Ford Algorithm. Periodic updates. Class full routing protocol (class full means doesnt understand subnetting) Full routing tables are exchanged. Updates are through broadcast Also known as Routing by Rumors. Examples: RIP, EIGRP 44

Link State Protocol Three primary characteristics: Compound metrics calculation of cost, bandwidth, delay, etc. More sensitive to line conditions and considered more believable. Can typically make better decisions. Make a map of the network from every routers perspective. Exchange triggered updates. o Small updates everywhere. o Only shared with neighbor when network status change. o Lower bandwidth consumption. Works with Dijkstra Algorithm. Utilizes the network in more optimal fashion than distance vector Link state updates Classless routing protocol (classless means understand subnetting) Missing routes are exchanged. Updates are through multicast. Also known as Routing by Intelligence. Examples are OSPF, IS-IS Hybrid Protocol Works with Diffusing Update Algorithm (DUAL) Link state updates Classless routing protocol. Missing routes are exchanged. Updates are through multicast. Also know as Routing by Intelligence Examples: EIGRP Note: EIGRP is classified in both distance-vector and link state protocol because its metric measures distance but its function is more compatible to a link state routing protocol. Routing Information Protocol (RIP) Open standard protocol. RIP uses non-reliable transmission i.e., UDP Classful routing protocol. Updates are broadcasted via Administrative distance is 120 Metric : hop count Maximum hop count is 15 and maximum routers are 16. Load balancing of 4 equal paths. Used for small organization. 45

Characteristics RIP Version 1 Uses hop count as the only metric. o Not sensitive at all to line conditions. Least believable of all protocols. o Administrative distance of 120 o Every other routing protocols take precedence over router learned from RIP Sends updates every 30 sec. o Entire route table from every interface Invalid flush and hold down timer RIP Version 2 Add capability for multiple masks (Supports VLSM) Type version 2 at the router rip prompt. Uses triggered updates. Uses split horizon and poison reverse. Extremely simple to configure. Route selection is not believable. RIP Timers Update Timer: 30 sec. Time between consecutive updates. Invalid Timer: 180 sec It is a time a router waits to hear updates The route is marked unreachable if there is no update during this interval Flush Timer: 240 sec Time before the invalid route is purged from the routing table. Hold down Timer: 180 sec Specifies the amount of time for which the information about poorer router is ignored. Syntax Router(config)# router RIP Router(config-router)# network <network ID> Hyd router E0 Chennai router Bang router S0 S1 S0 S0 S0 E0 E0



Switch 46


LAN E0 0 S1 0 S0 1 1 1

LAN C C R R R E0 0 S1 0 1 1 2

C E0 0 C C S0 0 C R 1 C R 1 R R 2 R At Hyderabad router Hyd(config)# router RIP Hyd(config-router)# network Hyd(config-router)# network

At Adilabad Router Adilabad i(config)# router RIP Adilabad (config-router)# network Adilabad i(config-router)# network Adilabad (config-router)# network At Nag Router Nag (config)# router RIP Nag (config-router)# network Nag (config-router)# network Update Timer By default, updates start in 30 sec. when the timer gets 0 the router will send the update which contains the whole routing table by incrementing the hop by 1. Hyd router sends updates to the neighbor router, Chennai router receives the updates i.e., the IP address and by incrementing the hop by 1.Chennai router will accept the IP address which is missing in its tables. Similarly Chennai and Bangalore router will send updates after every 30 sec. Invalid Timer Invalid timer is a timer specified when a link between the router is down while sending an update. The update will not be received by the neighbor router so after 180 sec it will mark that router as invalid by making the hop count as 16 because 16 is not reachable in RIP. Flush Timer 47

If again that router couldnt send any update due to some problems in another 60 sec i.e., (180+60 = 240 sec) the router will be remove the IP address from the routing table i.e., it will flushed. Hold down Timer Prevents data from using the path that has the hold down timer set. A router never forwards a broadcast. Distance vector loops Advertises through broadcast the entire routing table a predetermined interval. Exchanges data the same way no matter what. Routing by rumor process Can generate routing loops Split Horizon: It will not send the update from where you have received through the same interface. It prevents from routing loops. Updates are never sent back in the direction they were received. Its the best of the solution for preventing routing loops. Route Poisoning: Incrementing the hop count to 16 is called as Route Poisoning. It sets max hop count to unreachable state. Route remains poisoned until hold down timer expires. Only one direction of traffic. Commands of RIP: to see the updates of RIP routers Router# debug ip RIP? Router# terminal Monitor To stop the debug process router# u all To stop the terminal monitor Router# terminal no monitor Commands for Holding down the updates router# config t router(config)# router rip router(config-router)# network <network ID> router(config-router)# passive-interface serial 0 Disadvantages of RIP More bandwidth utilization since it sends updates for every 30 secs. Doesnt consider bandwidth, works only with hop count. Slow convergence. Formation of routing loops.


Note: The biggest disadvantage of RIP is, it sends updates every 30 sec i.e., bandwidth consumption.


Interior Gateway Routing Protocol (IGRP) CISCO proprietary protocol. Class full routing protocol. Updates are broadcasted via Administrative distance is 100 Metric (24 bit) = composite metric (bandwidth + delay) Bandwidth = {107/ least bandwidth along the path} Delay = {sum of delay along the path/10} Delay metric is based upon calculating of total link delay Bandwidth based on the smallest bandwidth line on the transit path. Delay will dominate longer paths because calculating of 10s of microsecond timer 256. Bandwidth will dominate shorter paths. Maximum hop count is 255 (100 is by default). Load balancing of 6 equal or unequal paths. Used for larger organization. Characteristics IGRP uses a compound or composite metric for route determination. Display this with 24-bit number. IGRP utilizes different values. Bandwidth Delay Reliability Load factor Maximum transmission unit (MTU) Bandwidth and delay are the primary factors of determining the metric of IGRP and EIGRP. Reliability, load factor and MTU are taken into consideration only as secondary values. IGRP uses 24-bit number metric whereas EIGRP displays the metric with 32 number. Understand bandwidth of the line and overall delay. Does have the capability of properly calculating the overall network condition. Add reliability, load and MTU. Very good metric for use in the larger network environment. IGRP Timer Update Timer: 90 sec. Time between consecutive updates. Invalid Timer: 270 sec It is a time a router waits to hear updates 50

The route is marked unreachable if there is no update during this interval Flush Timer: 630 sec Time before the invalid route is purged from the routing table. Hold down Timer: 280 sec Specifies the amount of time for which the information about poorer router is ignored Configuration of IGRP Syntax Router(config)# router IGRP <AS no.> Router(config-router)# network <network ID> To check the updates the command is Router# show ip route Open Shortest Path First (OSPF) Open standard protocol. Successor of RIP Classless routing protocol (supports subnetting) Work with link state administrative (LSA). Updates are through multicast Administrative distance is 110. Metric (Cost) = 108/ bandwidth in bps (bits per sec) (CISCO) Hello packets are send every 10sec Faster convergence. Hierarchical design with multiple areas Area 0 is called the back bone area. If logical interface is configured, the highest IP address of the logical interface is router ID. Highest IP address of the logical interface will be given preference over highest IP address of the active physical interface. Router ID is the highest IP address of the active physical interface of the router. OSPF uses reliable transmission i.e., TCP Characteristics Link state routing protocol Neighbor relationship and hello packets. Exchanges updates only with neighbors. More complex than EIGRP Design to be an IGRP. Designed for a single Autonomous system. Supposed to be used inside a companys environment. Designed exclusively for large networks. 51

Does allow authentication. Very management intensive. Designed for: Fast convergence Enhanced coverage for all networks. Net mask capable supports VLSM Minimizing bandwidth utilization. Optimal route selection OSPF is industry standard, every router supports OSPF. Uses protocol 89 for IP. Requires careful design and planning before implementation.

OSPF Tables: It maintains three tables. Neighbor Table: It contains information about directly connected OSPF neighbor forming adjacency. Database Table: It contains information about the entire view of the topology with respect to each router. Routing Information Table: Routing table contains information about the best path calculated by the shortest path first algorithm in the database table. Terminology Area Location where all routers share information about every router Always one area that exist is known as Area 0. Area 0 is designated as backbone. OSPF focused more on logical design of routing domains. Area types An OSPF network is divided into areas. These are logical groupings of routers whose information may be summarized towards the rest of the network. Several "special" area types are defined: Backbone area The backbone area (also known as area zero) forms the core of an OSPF network. All other areas are connected to it, and inter-area routing happens via a router connected to the backbone area. It is the logical and physical structure for the 'autonomous system' (AS) and is attached to multiple areas. The backbone area is responsible for distributing routing information between nonbackbone areas. The backbone must be contiguous, but it does not need to be physically contiguous; backbone connectivity can be established and maintained through the configuration of virtual links. Note: All OSPF areas must connect to the backbone area! Stub area 52

A stub area is an area which does not receive external routes. External routes are defined as routes which were distributed in OSPF from another routing protocol. Therefore, stub areas typically need to rely on a default route to send traffic to routes outside the present domain. This implies that AS-external routes (Type 5 LSAs) are not fed into Stub Areas. Totally stubby area A totally stubby area (TSA) is similar to a stub area, however this area does not allow summary routes in addition to the external routes, that is, inter-area (IA) routes are not summarized into totally stubby areas. The only way for traffic to get routed outside of the area is a default route which is the only Type-3 LSA advertised into the area. When there is only one route out of the area, fewer routing decisions have to be made by the route processor, which lowers system resource utilization. Not-so-stubby area A not-so-stubby area (NSSA) is a type of stub area that can import autonomous system (AS) external routes and send them to the backbone, but cannot receive AS external routes from the backbone or other areas. Cisco also implements a proprietary version of a NSSA called a NSSA totally stubby area. It takes on the attributes of a TSA, meaning that type 3 and type 4 summary routes are not flooded into this type of area. Multiple OSPF Area All areas are connected to Area 0. All areas are communicated through Area 0. Area Border Routers (ABRs) The routers which interconnect the areas are known as ABRs. Provides all transition and routing from one area to another. Connect all areas together. Autonomous System It is defined as a no. of devices that falls under same administrative control. Two autonomous systems are connected by exterior gateway protocol but they do not share the routing table irrespective of their physical connection. A unique number identifying the routing domain of the routers Ranges from 1 65535 Public 1 64512 Private 64519 - 65535

An autonomous system is a collection of networks under a common administrative domain. The Autonomous number is given by the registrar (APNIC, Afri NIC) Autonomous System Border Routers (ASBRs) o Have an interface into the local AS and also have interfaces that plug into other system Every router inside an area has a link state database and route table. All share information about their perspective of the network Link state routing protocol builds a tree which defines all possible paths.

OSPF router types OSPF defines various router types. These are logical definitions, and a router that uses OSPF may be classified as more than one of the following types. For example, a router that is connected to more than one area, and which receives routes from a BGP process connected to another AS, is both an ABR and an ASBR. Internal router A router is called an internal router (IR) if it has only OSPF adjacencies with routers in the same area. Area Border Routers: These are routers that connect to routers or networks in more than one area. They maintain an LSDB for each area of which they are a part. They also participate in the backbone. Backbone Routers: These are routers that are part of the OSPF backbone. By definition, this includes all area border routers, since those routers pass routing information between areas. However, a backbone router may also be a router that connects only to other backbone (or area border) routers, and is therefore not part of any area (other than Area 0). To summarize: an area border router is always also a backbone router, but a backbone router is not necessarily an area border router. Designated router A designated router (DR) is the router elected among all routers on a particular multi-access network segment. The DR is elected based on the following default criteria: If the priority setting on a OSPF router is set to 0, that means it can NEVER become a DR or BDR (Backup Designated Router). When a DR fails and the BDR takes over, there is another election to see who becomes the replacement BDR. The router sending the Hello packets with the highest priority. 54

If two or more routers tie with the highest priority setting, the router sending the Hello with the highest RID (Router ID) wins. NOTE: a RID is the highest logical (loopback) IP address configured on a router, if no logical/loopback IP address is set then the Router uses the highest IP address configured on its active interfaces. (e.g. would be higher than Usually the router with the second highest priority number becomes the BDR. The priority values range between 1 - 255, with a higher value increasing its chances of becoming DR or BDR. IF a HIGHER priority OSPF router comes online AFTER the election has taken place, it will not become DR or BDR until (at least) the DR and BDR fail. DR's exist for the purpose of reducing network traffic by providing a source for routing updates, the DR maintains a complete topology table of the network and sends the updates to the other routers via multicast. This way all the routers do not have to constantly update each other, and can rather get all their updates from a single source. The use of multicasting further reduces the network load. DRs and BDRs are always setup/elected on Broadcast networks (Ethernet). DR's can also be elected on NBMA (Non-Broadcast Multi-Access) networks such as Frame Relay or ATM. DRs or BDRs are not elected on point-topoint links (such as a point-to-point WAN connection) because the two routers on either sides of the link must become fully adjacent and the bandwidth between them cannot be further optimized. Backup designated router A backup designated router (BDR) is a router that becomes the designated router if the current designated router has a problem or fails. The BDR is the OSPF router with second highest priority at the time of the last election. Link State Database (LSDB) Builds based upon neighbor relationship. Routers exchange information about their own LSDB Run the shortest path first (SPF) algorithm or Dijkstras algorithm. Takes the contents of the LSDB and generates the route table. Dijkstras or SPF algorithm is much higher overhead than DUAL o Must take the entire picture of the network at once and create the router. o When OSPF converges, the entire tree must be changed inside the LSDB before generating routes Convergence is not quite as fast as EIGRP


Note: ABRs are designed to connect area together and share information because LSDB is specific to an area , ABR have more than one database One for every area they connect to. OSPF Metric OSPF uses only bandwidth as its metric. Calculation based on the bandwidth of the line divided into 100. Critical that the bandwidth is set appropriately for every line on every router. OSPF has no capability of measuring another statistics. By default, utilizes a reference no. of 100 for divisor. o Anything faster than 100 Mbps fast Ethernet would have cost of 1, unless the no. is changed. o This calculation must be modified for OSPF to properly produce the metrics required. Dijkstra Tree Built to identify what the LAN looks like inside the local area. Every router connected to R1 will produce a relative cost of the line in between. Every target network identified will have a cost associated with it. Dijkstra tree is built automatically through the convergence of the OSPF protocol o Routers exchange LSDB until they are identical. o Dijkstra tree is built. o Dijkstra or SPF algorithm is run to allow the route table to be built. SPF Algorithm The Shortest Path First (SPF) routing algorithm is the basis for OSPF operations. When an SPF router is powered up, it initializes its routing-protocol data structures and then waits for indications from lower-layer protocols that its interfaces are functional. After a router is assured that its interfaces are functioning, it uses the OSPF Hello protocol to acquire neighbors, which are routers with interfaces to a common network. The router sends hello packets to its neighbors and receives their hello packets. In addition to helping acquire neighbors, hello packets also act as keep alive to let routers know that other routers are still functional. On multi-access networks (networks supporting more than two routers), the Hello protocol elects a designated router and a backup designated router. Among other things, the designated router is responsible for generating LSAs for the entire multi-access network. Designated routers allow a reduction in network traffic and in the size of the topological database.

When the link-state databases of two neighboring routers are synchronized, the routers are said to be adjacent. On multi-access networks, the designated router determines which routers should become adjacent. Topological databases are synchronized between pairs of adjacent routers. Adjacencies control the distribution of routing-protocol packets, which are sent and received only on adjacencies. Each router periodically sends an LSA to provide information on a router's adjacencies or to inform others when a router's state changes. By comparing established adjacencies to link states, failed routers can be detected quickly, and the network's topology can be altered appropriately. From the topological database generated from LSAs, each router calculates a shortest-path tree, with itself as root. The shortest-path tree, in turn, yields a routing table. OSPF States and Packets: OSPF States Down Initial 2 way Ex-start Exchange Loading Full OSPF Packets Hello Database descriptor (DBD) Link state Request (LSR) Link state update (LSU) Link State Acknowledgement (LS Ack)

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | version | type | packet length | +---------------+---------------+-------------------------------+ | router ID | +---------------------------------------------------------------+ | area ID | +-------------------------------+-------------------------------+ | checksum | authentication type | +-------------------------------+-------------------------------+ | authentication | +---------------------------------------------------------------+ | authentication | +---------------------------------------------------------------+

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | version | type | packet length | +---------------+---------------+-------------------------------+ | router ID | +---------------------------------------------------------------+ | area ID | +-------------------------------+-------------------------------+ | checksum | authentication type | +-------------------------------+-------------------------------+ | authentication | +---------------------------------------------------------------+ | authentication | +---------------------------------------------------------------+ | network mask | +-------------------------------+---------------+---------------+ | hello interval | options |router priority| +-------------------------------+---------------+---------------+ | router dead interval | +---------------------------------------------------------------+ | designated router | +---------------------------------------------------------------+ | backup designated router | +---------------------------------------------------------------+ | neighbor ID | +---------------------------------------------------------------+ | neighbor ID | +---------------------------------------------------------------+ | ... |

Packet Format All OSPF packets begin with a 24-byte header. Figure: OSPF Packets Consist of Nine Fields

The following descriptions summarize the header fields illustrated in Figure 46-2. Version numberIdentifies the OSPF version used. TypeIdentifies the OSPF packet type as one of the following: HelloEstablishes and maintains neighbor relationships. Database descriptionDescribes the contents of the topological database. These messages are exchanged when an adjacency is initialized. Link-state requestRequests pieces of the topological database from neighbor routers. These messages are exchanged after a router discovers (by examining database-description packets) that parts of its topological database are outdated. Link-state updateResponds to a link-state request packet. These messages also are used for the regular dispersal of LSAs. Several LSAs can be included within a single link-state update packet. 58

Link-state acknowledgmentAcknowledges link-state update packets. Packet lengthSpecifies the packet length, including the OSPF header, in bytes. Router IDIdentifies the source of the packet. Area IDIdentifies the area to which the packet belongs. All OSPF packets are associated with a single area. ChecksumChecks the entire packet contents for any damage suffered in transit. Authentication typeContains the authentication type. All OSPF protocol exchanges are authenticated. The authentication type is configurable on per-area basis. AuthenticationContains authentication information. DataContains encapsulated upper-layer information.

Additional OSPF Features Additional OSPF features include equal-cost, multipath routing, and routing based on upper-layer type-of-service (TOS) requests. TOS-based routing supports those upper-layer protocols that can specify particular types of service. An application, for example, might specify that certain data is urgent. If OSPF has high-priority links at its disposal, these can be used to transport the urgent datagram. OSPF supports one or more metrics. If only one metric is used, it is considered to be arbitrary, and TOS is not supported. If more than one metric is used, TOS is optionally supported through the use of a separate metric (and, therefore, a separate routing table) for each of the eight combinations created by the three IP TOS bits (the delay, throughput, and reliability bits). For example, if the IP TOS bits specify low delay, low throughput, and high reliability, OSPF calculates routes to all destinations based on this TOS designation. IP subnet masks are included with each advertised destination, enabling variable-length subnet masks. With variable-length subnet masks, an IP network can be broken into many subnets of various sizes. This provides network administrators with extra network-configuration flexibility. Routing Hierarchy Unlike RIP, OSPF can operate within a hierarchy. The largest entity within the hierarchy is the autonomous system (AS), which is a collection of networks under a common administration that share a common routing strategy. OSPF is an intra-AS (interior gateway) routing protocol, although it is capable of receiving routes from and sending routes to other ASs. An AS can be divided into a number of areas, which are groups of contiguous networks and attached hosts. Routers with multiple interfaces can participate in multiple areas. These routers, which are called Area Border Routers, maintain separate topological databases for each area. 59

A topological database is essentially an overall picture of networks in relationship to routers. The topological database contains the collection of LSAs received from all routers in the same area. Because routers within the same area share the same information, they have identical topological databases. The term domain sometimes is used to describe a portion of the network in which all routers have identical topological databases. Domain is frequently used interchangeably with AS. An area's topology is invisible to entities outside the area. By keeping area topologies separate, OSPF passes less routing traffic than it would if the AS were not partitioned. Area partitioning creates two different types of OSPF routing, depending on whether the source and the destination are in the same or different areas. Intraarea routing occurs when the source and destination are in the same area; inter area routing occurs when they are in different areas. An OSPF backbone is responsible for distributing routing information between areas. It consists of all Area Border Routers, networks not wholly contained in any area, and their attached routers. Figure 46-1 shows an example of an internetwork with several areas. In the figure, routers 4, 5, 6, 10, 11, and 12 make up the backbone. If Host H1 in Area 3 wants to send a packet to Host H2 in Area 2, the packet is sent to Router 13, which forwards the packet to Router 12, which sends the packet to Router 11. Router 11 then forwards the packet along the backbone to Area Border Router 10, which sends the packet through two intra-area routers (Router 9 and Router 7) to be forwarded to Host H2. The backbone itself is an OSPF area, so all backbone routers use the same procedures and algorithms to maintain routing information within the backbone that any area router would. The backbone topology is invisible to all intra-area routers, as are individual area topologies to the backbone. Areas can be defined in such a way that the backbone is not contiguous. In this case, backbone connectivity must be restored through virtual links. Virtual links are configured between any backbone routers that share a link to a nonbackbone area and function as if they were direct links. Figure: An OSPF AS Consists of Multiple Areas Linked by Routers


OSPF Configuration: Syntax Router# ip routing Router(config)# router OSPF <pid> *pid process ID Router(config-router)# network <network ID> <wild card mask> area <area no.> Wild card mask = global subnet mask (GSM) customizing subnet mask (CSM) Example: its CSM will be and the GSM is So the wild card mask = = Note: we can give any value in process ID (Pid) but have to remember because if we want to reconfigure we have to give the Pid. For Hyderabad Router Hyd(config)# ip routing Hyd(config)# router OSPF 100 Hyd(config-router)# network area 0 Hyd(config-router)# network area 0 For Adilabad Router Adilabad (config)# ip routing Adilabad i(config)# router OSPF 128 Adilabad i(config-router)# network area 0 Adilabad i(config-router)# network area 0 Adilabad (config-router)# network area 0 61

For Nag Router Nag (config)# ip routing Nag (config)# router OSPF 113 Nag (config-router)# network area 0 Nag (config-router)# network area 0 To check the table enter the command: Router# show ip OSPF database To check the OSPF neighbor the command is: Router# show ip OSPF neighbor Disadvantages of OSPF Consumes more memory and CPU processing.

OSPF in Multiple Areas

For Hyderabad Router Hyd(config)# no ip routing Hyd(config)# router ospf 1 Hyd(config-router)# network area 1 Hyd(config-router)# area 1 For Adilabad Router 62

Adilabad(config)# ip routing Adilabad (config)# router ospf 2 Adilabad (config-router)# area 0 Adilabad (config-router)# area 1 Adilabad (config-router)# area 2 For Nag Router Nag(config)# ip routing Nag (config)# router ospf 1 Nag (config-router)# network area 2 Nag (config-router)# network area 2 Note: The network is divided into area for efficiency of the router. To check the result of the configuration done enter command: Router(config)# show ip route Note: Area 0 is very important area. It distributes data to other areas thats the reason it is called as backbone area.


Enhanced Interior Gateway Protocol (EIGRP) CISCO proprietary protocol. Classless routing protocol. EIGRP is very optimal. Automatic discovery of neighbor. Utilizes hello packets. Establishes neighbor relationship with all router around. Creates adjacencies with neighboring router. Reliable transport mechanism Automatically uses TCP, UDP protocols and specific IP protocols IDs Utilizes TCP acknowledgement where necessary. Guarantees neighboring router receive the right information. Does not use any broadcast. Uses IP multicast packet to reduce overall traffic. Includes all features of IGRP. Fastest convergence of all routing protocol Never throws away any router. Maintains a topology table to maintain all known routes. EIGRP automatically revert to back up routes. Utilizes less bandwidth Changes are non-periodic and incremental i.e., only communicate when they have to send a change i.e., only changes are sent Designed for optimal routing in large networks. Allows authentication. Can set up a MD 5 (Message digest 5) authentication keys. Allows router to authenticate with one another for updates Deterministic results on convergence timer. Metric(32 bit) : composite metric Compound metric is same as IGRP Bandwidth and delay as its primary. Reliability, load, and MTU as back up. Calculated same way as IGRP. EIGRP extends the value to 32 bit no. Administrative distance is 90. Updates are through multicast Max hop count is 255 (100 by default) Supports IP, IPX, and apple talk protocols. Hello packets are sent every 5 sec. If the link goes down the EIGRP gives that link is dead in 20 sec (5 * 4 times) Metric = Bandwidth +delay Bandwidth = [107 / least bandwidth along the path] * 256 Delay = [sum of delay/10] *256 It is been multiplied by 256 because EIGRP is 8 bit more than IGRP Convergence rate is faster because the router comes to know that the neighbor is dead in 20 sec because hello packets are sent for every 5 sec. 64

Configuration is exactly same as IGRP instead just add E before IGRP. EIGRP works on DUAL (diffusing update algorithm) for route processing. Always select the best possible route by using diffused update. Makes EIGRP more optimal for routers resources.

Enhanced Interior Gateway Routing Protocol The Enhanced Interior Gateway Routing Protocol (EIGRP) represents an evolution from its predecessor IGRP (refer to Chapter 42, "Interior Gateway Routing Protocol"). This evolution resulted from changes in networking and the demands of diverse, large-scale internetworks. EIGRP integrates the capabilities of link-state protocols into distance vector protocols. Additionally, EIGRP contains several important protocols that greatly increase its operational efficiency relative to other routing protocols. One of these protocols is the Diffusing update algorithm (DUAL) developed at SRI International by Dr. J.J. Garcia-Luna-Aceves. DUAL enables EIGRP routers to determine whether a path advertised by a neighbor is looped or loop-free, and allows a router running EIGRP to find alternate paths without waiting on updates from other routers. EIGRP provides compatibility and seamless interoperation with IGRP routers. An automatic-redistribution mechanism allows IGRP routes to be imported into EIGRP, and vice versa, so it is possible to add EIGRP gradually into an existing IGRP network. Because the metrics for both protocols are directly translatable, they are as easily comparable as if they were routes that originated in their own autonomous systems (ASs). In addition, EIGRP treats IGRP routes as external routes and provides a way for the network administrator to customize them. EIGRP Capabilities and Attributes Key capabilities that distinguish EIGRP from other routing protocols include fast convergence, support for variable-length subnet mask, support for partial updates, and support for multiple network layer protocols. A router running EIGRP stores all its neighbors' routing tables so that it can quickly adapt to alternate routes. If no appropriate route exists, EIGRP queries its neighbors to discover an alternate route. These queries propagate until an alternate route is found. Its support for variable-length subnet masks permits routes to be automatically summarized on a network number boundary. In addition, EIGRP can be configured to summarize on any bit boundary at any interface. EIGRP does not make periodic updates. Instead, it sends partial updates only when the metric for a route changes. Propagation of partial updates is automatically bounded so that only those routers that need the information are updated. As a result of these two capabilities, EIGRP consumes significantly less bandwidth than IGRP. EIGRP includes support for AppleTalk, IP, and Novell NetWare. The AppleTalk implementation redistributes routes learned from the Routing Table 65

Maintenance Protocol (RTMP). The IP implementation redistributes routes learned from OSPF, Routing Information Protocol (RIP), Intermediate System-toIntermediate System (IS-IS), Exterior Gateway Protocol (EGP), or Border Gateway Protocol (BGP). The Novell implementation redistributes routes learned from Novell RIP or Service Advertisement Protocol (SAP). Underlying Processes and Technologies To provide superior routing performance, EIGRP employs four key technologies that combine to differentiate it from other routing technologies: neighbor discovery/recovery, reliable transport protocol (RTP), DUAL finite-state machine, and protocol-dependent modules. The neighbor discovery/recovery mechanism enables routers to dynamically learn about other routers on their directly attached networks. Routers also must discover when their neighbors become unreachable or inoperative. This process is achieved with low overhead by periodically sending small hello packets. As long as a router receives hello packets from a neighboring router, it assumes that the neighbor is functioning, and the two can exchange routing information. Reliable Transport Protocol (RTP) is responsible for guaranteed, ordered delivery of EIGRP packets to all neighbors. It supports intermixed transmission of multicast or unicast packets. For efficiency, only certain EIGRP packets are transmitted reliably. On a multi-access network that has multicast capabilities, such as Ethernet, it is not necessary to send hello packets reliably to all neighbors individually. For that reason, EIGRP sends a single multicast hello packet containing an indicator that informs the receivers that the packet need not be acknowledged. Other types of packets, such as updates, indicate in the packet that acknowledgment is required. RTP contains a provision for sending multicast packets quickly when unacknowledged packets are pending, which helps ensure that convergence time remains low in the presence of varying speed links. The DUAL finite-state machine embodies the decision process for all route computations by tracking all routes advertised by all neighbors. DUAL uses distance information to select efficient, loop-free paths and selects routes for insertion in a routing table based on feasible successors. A feasible successor is a neighboring router used for packet forwarding that is a least-cost path to a destination that is guaranteed not to be part of a routing loop. When a neighbor changes a metric, or when a topology change occurs, DUAL tests for feasible successors. If one is found, DUAL uses it to avoid recomputing the route unnecessarily. When no feasible successors exist but neighbors still advertise the destination, a recomputation (also known as a diffusing computation) must occur to determine a new successor. Although recomputation is not 66

intensive, it does affect convergence time, so it is advantageous to avoid unnecessary recomputations. Protocol-dependent modules are responsible for network layer protocol-specific requirements. The IP-EIGRP module, for example, is responsible for sending and receiving EIGRP packets that are encapsulated in IP. Likewise, IP-EIGRP is also responsible for parsing EIGRP packets and informing DUAL of the new information that has been received. IP-EIGRP asks DUAL to make routing decisions, the results of which are stored in the IP routing table. IP-EIGRP is responsible for redistributing routes learned by other IP routing protocols.

EIGRP also maintains 3 tables namely a) Neighbor Table b) Topology Table (instead database table as in OSPF) topology table contains the topological information of the network c) Routing Information Table. Routing Concepts EIGRP relies on four fundamental concepts: neighbor tables, topology tables, route states, and route tagging. Each of these is summarized in the discussions that follow. Neighbor Tables When a router discovers a new neighbor, it records the neighbor's address and interface as an entry in the neighbor table. One neighbor table exists for each protocol-dependent module. When a neighbor sends a hello packet, it advertises a hold time, which is the amount of time that a router treats a neighbor as reachable and operational. If a hello packet is not received within the hold time, the hold time expires and DUAL is informed of the topology change. The neighbor-table entry also includes information required by RTP. Sequence numbers are employed to match acknowledgments with data packets, and the last sequence number received from the neighbor is recorded so that out-oforder packets can be detected. A transmission list is used to queue packets for possible retransmission on a per-neighbor basis. Round-trip timers are kept in the neighbor-table entry to estimate an optimal retransmission interval. Topology Tables The topology table contains all destinations advertised by neighboring routers. The protocol-dependent modules populate the table, and the table is acted on by the DUAL finite-state machine. Each entry in the topology table includes the destination address and a list of neighbors that have advertised the destination. 67

For each neighbor, the entry records the advertised metric, which the neighbor stores in its routing table. An important rule that distance vector protocols must follow is that if the neighbor advertises this destination, it must use the route to forward packets. The metric that the router uses to reach the destination is also associated with the destination. The metric that the router uses in the routing table, and to advertise to other routers, is the sum of the best-advertised metric from all neighbors and the link cost to the best neighbor. Route States A topology-table entry for a destination can exist in one of two states: active or passive. A destination is in the passive state when the router is not performing a recomputation; it is in the active state when the router is performing a recomputation. If feasible successors are always available, a destination never has to go into the active state, thereby avoiding a recomputation. A recomputation occurs when a destination has no feasible successors. The router initiates the recomputation by sending a query packet to each of its neighboring routers. The neighboring router can send a reply packet, indicating that it has a feasible successor for the destination, or it can send a query packet, indicating that it is participating in the recomputation. While a destination is in the active state, a router cannot change the destination's routing-table information. After the router has received a reply from each neighboring router, the topology-table entry for the destination returns to the passive state, and the router can select a successor. Route Tagging EIGRP supports internal and external routes. Internal routes originate within an EIGRP AS. Therefore, a directly attached network that is configured to run EIGRP is considered an internal route and is propagated with this information throughout the EIGRP AS. External routes are learned by another routing protocol or reside in the routing table as static routes. These routes are tagged individually with the identity of their origin. External routes are tagged with the following information: Router ID of the EIGRP router that redistributed the route AS number of the destination Configurable administrator tag ID of the external protocol Metric from the external protocol Bit flags for default routing Route tagging allows the network administrator to customize routing and maintain flexible policy controls. Route tagging is particularly useful in transit ASs, where EIGRP typically interacts with an interdomain routing protocol that implements more global policies, resulting in a very scalable, policy-based routing. EIGRP Packet Types 68

EIGRP uses the following packet types: hello and acknowledgment, update, and query and reply. Hello packets are multicast for neighbor discovery/recovery and do not require acknowledgment. An acknowledgment packet is a hello packet that has no data. Acknowledgment packets contain a nonzero acknowledgment number and always are sent by using a unicast address. Update packets are used to convey reachability of destinations. When a new neighbor is discovered, unicast update packets are sent so that the neighbor can build up its topology table. In other cases, such as a link-cost change, updates are multicast. Updates always are transmitted reliably. Query and reply packets are sent when a destination has no feasible successors. Query packets are always multicast. Reply packets are sent in response to query packets to instruct the originator not to recompute the route because feasible successors exist. Reply packets are unicast to the originator of the query. Both query and reply packets are transmitted reliably. To check the topology in EIGRP Router# show ip eigrp topology Successor is the best path FD feasible distance is second best path To check the neighbors Router# show ip eigrp neighbor Disadvantages of EIGRP: Works only on CISCO routers LAN Segmentation Network congestion Causes Of Network congestion Too many hosts on the network: Will increase the likelihood of congestion. Never scale network above 75%. Every protocol has different limits. Using IP or IPX with any windows net BIOS technology may generate more unnecessary traffic. Will have certain no. of collisions. Acceptable amount of collision is less than 0.1% of the total no. of output packets. Broadcast/Multicast Traffic patterns are generated at layer3 o Every device below layer3 will have to flood information to every port. o Every host on the network has to examine it. Identify the no. of broadcast.

o Anything less than 20% of total segment bandwidth should be the max. no. of broadcast or multicast. Protocol/service updates Routing protocol updates o Every protocol has different types of traffic pattern. o Distance vector protocols can send updates as often as every 30 sec out of every interface. IP Services o Be aware of the deterministic traffic pattern of DHCP, DNS, etc. Limit Broadcast Domain Too much broadcast or multicast traffic then reduces the broadcast domain. Broadcast domain can be reduce by: o Reduce the size of the domain o Add router to the network o Utilize VLANs o Broadcast will not propagate beyond a routers or the VLAN boundaries unless chosen to do so. o By default, the broadcast domain is limited with either of these solutions. Limit the no. of hosts on the segment. Reduce Collision Contention problem with media. Reduce collision domain o Reduce the effective collisions by isolating communication time between systems o Utilizes layer 2 switches Creates a collision domain for every port. Provides dedicated bandwidth on a port by port bases o Limits the host per network LAN Optimization Reducing broadcast domain reduces the distance that the broadcast can be propagated. Reduces the amount of collision on the network by dedicating bandwidth per host. o Allows the host to always sense a clear line. Once both of these have achieved the LAN should operate optimally.

Layer 2 Switching Reduces the collision domain. Single contiguous network segment. o Provides a complete solution to media contention duplexing issues Dedicates bandwidth to an individual port Utilizes MAC address to make forwarding decision. Layer 2 switch learns the MAC address of the system. 70

Provides full duplex connectivity for every system. Every switch port will operate in full duplex mode The disadvantage of the switch is does a still forward broadcast and multicast frame to every port. Broadcast is generated at layer3. o Derivatives of

MAC Address Table A layer 2 switch maintains the MAC address table to use for forwarding decisions for every port on that switch. Every time an individual system wants to communicate with another, it must do so by MAC address. Types of entries: Dynamic entry (Default) o Default setting on every switch port. o Switch itself enters information into the MAT via what it has learned on that port. o Learned by sending and receiving frames o Can be cleared by an administrator or will time out. Permanent o Must be configured o Assign or dedicate a port to a specific MAC address. o Will never time out unless changed. Restricted static o Must be configured o Additional restriction to permanent. o Data must originate from a particular port o If data violates the restricted policy, the port would shutdown and become disabled. The disadvantage for permanent and restricted-static are : have to know what the target MAC address are. Layer 3 Routing Routers reduce to broadcast domain Do not forward broadcast or multicast by default. Segments the network. Filter broadcast. Will not pass bad frames. Does not provide a complete solution for media contention To have all systems go through a single router interface may be inefficient. Layer 3 Switching

Layer 2 and layer 3 elements are performed within a switch. It combines the function of layer 2 switch and router. Uses application-specific integrated circuits (ASICs) for switching. Can implement security control and quality of service Used where high speed LAN connectivity and bandwidth are required. Most of CISCOs switches run on at least a 24 Gbps backplane.

Multilayer Switching Goes above layer 3. Uses hardware ASICs to switch packets at layer 2, 3, and 4. Applications specific traffic flows can be optimized. Forwarding is done at wire speed. Once routes are identified on the back plane it never has to be examined again. Adds a route-cache component, or flow cache Can perform the route one, switch many function. Only examines the layer 3 information once for the first packet. Traffic flow is cached at layer 3 based on IP address. Tighter control over application specific traffic can be added at layer 4 Uses both source and destination ports to optimized the traffic flow. Cables: 10 Base 2 thin coaxial cable. Maximum length of 185 meters. 10 Base 5 thick coaxial cable, maximum length is 500 meters 10 Base T twisted pair 10 Base Tx Twisted pair extended 100 Base Tx twisted pair extended 1000 Base Tx twisted pair extended 1000 Base F fiber pair In Tx it uses all 4 pairs of wire is used for transmitting and receiving.


Hub It is a physical layer device. It is a dumb device. It works with 0s and 1s bits It works with broadcasting. It work with shared bandwidth. It has on broadcast domain and one collision domain. Collisions are identified using access method called CSMA/CD Broadcast domain set of all devices that receive broadcast frame originating from any device within the set. Collision domain In Ethernet, the network area within which frames that have collided are propagated is called a collision domain. A collision domain is a network segment with two or more devices sharing the same bandwidth. Repeater and Hub propagates collision domain, LAN Switches, bridges and routers do not. Switch It is a data link layer device. It is an intelligent device. It works with physical address (i.e., MAC address) It works with fixed bandwidth. It works with flooding and unicast. It has one broadcast domain and number of collision domain depends upon the no. of ports. It maintains a MAC address table. A MAC address table is also known as Content Access Memory (CAM). ARP-A is a command to see the MAC address cache. Catalyst LAN Switches CISCO acquired the company known as catalyst Continued to use the OS on some switch products IOS covers all current switches product 1900 and 2800 series 2900 XL and 2950 series 3500 XL and 3550 series 4500 XL and 6500 series o Have been migrated from the original catalyst OS to true IOS o Most commands used on the router will be valid on switch Catalyst OS (CAT OS) 2900 G 4000, 5000 and 6000 series switches. 73


Command will always be based on set or clear command Most newer switches can be upgraded to an integrated or hybrid OS Campus Network Traffic Model Must full understand Models that are used Traffic generated by applications such as email, database, etc. Traffic flows to and from the user communities. o Limit work group traffic to the local segment. Two traffic models 80/20 Rule Designed to limit the majority of traffic to the local segment. 80% of traffic is local (Switched) 20% of traffic is remote (Routed) Uses local authentication. Can perform majority of tasks locally. Solution for implementation Bring servers and users close together. Move applications and files to their locations Move users logically Add more servers 80/20 rule is mostly limited to branch offices 20/80 Rule 20% of traffic is local (Switched) 80% of traffic crosses the backbone Consolidate services into one location Layer3 technologies can become the bottle neck. Involves more processing resources VLANs become the major consideration. Creating isolated workgroups. Follow rules to implement a predictable network model Low maintenance High availability Scalable Support the 20/80 rule from a traffic standpoint o Design the network around traffic flows instead of a particular type of traffic. o Have enough bandwidth on uplink and backbone lengths. Types of Switches: Manageable Switch: On a manageable switch an IP address can be assigned and configuration can be made. It has a console port. 74

Unmanageable Switch: On an unmanageable switch configuration cannot be made, an IP address cannot be assigned as there is no console port. Bridge Vs Switch: Bridge Bridges are software based Bridges have lesser no. of ports Generally used for connecting two different topology Switch Switches are hardware based Switches have higher no. of ports Generally used for connecting single topology segment.

Router: Router is a network layer device (layer 3 device) It is an intelligent device It works with logical addressing i.e., IP, IPX, Apple Talk It does not support broadcast. CISCO Hierarchical Design Model Build a network in blocks Identify different function at different layers Provides an increased level of Functionality Availability scalability CISCO has divided the switches into three layers. 1. Access layer switches High level of port density for actual people Provides the original VLAN definition Switch series: 1900, 2900, and 2950. 2. Distribution layer switches Access list Packet filtering Isolates the work group area from the backbone area. Switches Series: 3000, 4500, and 5000 3. Core layer switches Aggregate all traffic that needs to cross the backbone Facilitates connectivity to other network locations Switches series: 7000, 8000 and 10000 Switching Modes Every switch has a variety of switching modes Objective is to move data as quickly as possible, with fewest errors. 75

Three different modes Either focus on efficiency or reliability Two primary methods are cut-through and store-and-forward. Switches closest to backbone require efficient switching Identify where most errors will be generated. Access layer and distribution layer switches are typically configured for store-and-forward. Network devices do not normally generate error condition Core layer can use cut-through for efficiency

Store and Forward: A default switching method for distribution layer switches. Latency is high and there is an error checking. Whenever a frame is received by the switch, it will store the complete frame and runs the CRC (checksum redundancy check) on complete frame. If there is an error contacts source transport layer. If there is no error, it will check the MAT (MAC address table). If there is an entry in the MAT it will uni-cast and if there entry is not available then it will flood. Only reads 6 bytes into a frame before forwarding Extremely low latency May pass error packets Runt packets Less than 64 bytes in size Damage packets Not checking the frame for consistency. Fragment Free: It is also referred to a modified, cut-through. A default switching method for access layer switches. Latency is medium and error checking is only on 64 bytes of frame. Whenever a frame is received by the switch, it checks the first 64 bytes of the frame. It checks the first 64 bytes of the frame header. If there is an error contact source transport layer but if there Is no error it will check MAT. ). If there is an entry in the MAT it will uni-cast and if there entry is not available then it will flood. Reads the entire header before forwarding. Eliminates the possibility of passing Runt, but may still pass damaged packets Lower latency than store-and-forward. Cut Through: A default switching method for the core layer switches. Latency is low and there is no error checking. Whenever a frame is received by the switch, it will directly check the MAT. If there is an entry in the MAT it will uni-cast and if there entry is not available then it will flood. Good level of reliability Entire frame is read into memory CRC calculation is performed before forwarding 76

Higher latency levels Not able to pass Runt, Giant and damaged frames Latency: Latency is the total time taken for a frame to pass through the switch. Latency depends on the switching mode and the hardware capabilities of the switch. Frame: minimum size of a frame is 64 and maximum size of the frame is 1518. Any frame less than 64 bytes is called as RUNT frame and any frame greater than 1518 bytes is called as giant frame and between 64 and 1518 is called as good frame. Initial Configuration of Switch: Console connectivity Connect a rollover cable to the switch console port (RJ 45 connector) Connect the other end of the roll over cable to the RJ 45 to the DB9 adapter. Attach the female DB9 adapter to the PC serial port. Emulation software for windows, hyper terminal and for Linux To check the MAC address table the command is : Switch# show MAC-address-table To check the status of the switch interfaces: Switch# show interfaces status Configuration of Switch: Switch# configure terminal Switch(config)# hostname switch65 Switch65(config)# interface VLAN 1 Switch65(config-if)# ip address <ip address> <subnet mask> Switch65(config-if)# no shutdown Switch65(config-if)# line Vty 0 15 Switch65(config-if)# password zoom Switch65(config-if)# login Switch65(config-if)# exit Switch65(config)# enable password ccna Switch65(config)# enable secret zoom Switch65(config)# exit Switch65(config)# ip default gateway Bridging Loops STP Need to have redundancy. Design to eliminate loops. Facilitate having redundancy while preventing loops condition. Algorithm called the Spanning Tree Algorithm is run by switches 77

Identifies the root of a spanning tree and builds the best path to that device. Block a particular port so it cannot be used to forward data. Spanning Tree Protocol STP uses spanning tree algorithm to avoid switching loops in layer 2 devices (Bridges and Switches.) STP works when multiple switches are used with redundant links avoiding broadcast storms, multiple frame copies and database availability. First developed by DEC (Digital Equipped Controller, now known as HP Compaq) STP is open standard (IEEE 802.10) If there is a tie then the lowest MAC address will selected as root. By default every switch is a root. Whoever MAC address is less it will be elected as a root. By sending BPDUs they will select the root. All the ports of the roots switches connected to non-root switches are called Designated root (DP). STP Process Looping conditions are accomplished with the STP. STP was designed to overcome the possibility of bridging loops Utilizes a BPDUs for communication o BPDU discover looping conditions o They shut down redundant links automatically but links that are shut down continue to send and receive BPDUs o Redundant link can be brought up if a failure is detected. Every switch by default will run the STA Will identify a reference point on the network to calculate all paths that will be used, known as Root Bridge. Do not ever turn off spanning tree. This could potentially brings network down. Elects a root bridge Redundant links are blocked while one link is chosen to be the transit toward the root A tree structure is created that identifies the best possible path o Best path is always identified based on link cost o Switches always negotiate and identify the cost link utilizing cost factors on every type of media. Set Root Switch Set priority of a particular switch to become the root bridge Will influence the election process accordingly. Can be set on a global basis or VLANs basis. 78

Range is 0-65535 (32768 is a default) Syntax Switch(config)#spanning-tree [vlan list] priority value Can designate different switches for different VLANs to have priority. Use the show spanning-tree command to view current bridge settings.

STP Terminology Bridge Protocol data Units (BPDU) Switches use BPDUs to exchange data. Do so ever a well known multicast address 01.80.C2.00.00.00 All switches exchange information through what is called as bridge protocol data units (BPDU). Goal is to provide a stable spanning tree. Two types of BPDUs Configuration Used for computation of the network Topology Change Notification (TCN) It is used anytime a failure is detected. BPDUs contains a lot of information to help the switches determines the topology and any loops that result from that topology. Switches do not forward packets until their spanning tree is built. BPDUs are sent every 2 sec. Bridge ID Each switch has a unique identifier called as Bridge ID or Switch ID. Bridge ID = Priority + MAC address of the switch. When a switch advertises a BPDU, they place their switch ID in these BPDUs. Root Bridge The key to the spanning tree is the root bridge To elect the root bridge to appropriately root the spanning tree. Spanning tree is the very first of IEEE 802.1d Root bridge is elected based on the bridge ID (8-byte) Bridge priority (2bytes) Range of 0 65535 (all switches set to 32768 by default) Local switch MAC address (6 bytes) Comes directly from the supervisor or backplane and cannot be changed. Can change the bridge priority Used to optimize the spanning tree. Process Every switch sends an initial BPDU with the root bridge equal to its own ID. Lower no. is considered better. MAC address will determine which is lower. 79

Nomination of the root bridge will occur and convergence will complete The objective is to create the appropriate root switch and compute the spanning tree. The bridge with the best (lowest ID). Out of all the switches in the network one is elected as a root bridge that becomes the focal point in the network.

Non-Root Bridge All switches other than the root bridge are non-root bridges. Designated Port Either a port on Root Bridge or a port that has been determined as having the best (lower) cost. A designated port will always in forward mode. Root Port The link directly connected to the root bridge or the shortest path to the root bridge. Priority and alternative if configuration occurred The bridge with the best (lowest) switch ID Lowest physical port no. Only one root port will be in the bridge or switch. Non Designated Port All the switch port or ports which are blocked by STP to avoid switching loop. A non-designated port will always in a blocked mode. IEEE Revised Cost Switch-Port states: Blocking 20 sec or no limits (neither send no receive any BPDU) Listening 15 sec (it will not accept frame but only BPDU) Learning 15 sec (it will accept frame) Forwarding no limit (it can send frames and BPDU as well receive it) Disable No limit (until the line is make up it will be in disable state) Root port A port through which it is connected to the root with minimum cost is called root port. It takes 50 sec to converge network. To overcome this switch uses RSTP (Rapid STP), RSTP converges in 5 sec Loop Free Decision Four step process 1. Lowest root bridge ID 2. Lowest path cost to root bridge 3. Lowest sender bridge ID 80

4. Lowest port value (by no.) Decision process component is used if all other value are same.


VLAN Usage Too many users on the same layer 2 network. Single broadcast domain Every host sees every broadcast packet from any system. Use VLANs to breakup the broadcast domain effectively and on a per-port basis. Provide a good level of segmentation. VLAN can be big or small as desired. Assign VLAN on a port-by-port basis to the switch. Note: a VLAN trunk is defined as a very specific link running a trunking protocol. This VLAN trunk allows multiple VLAN connections to cross over a single link, which cuts down on the no. of interfaces required and therefore cost however this setup is not ideal as bottle neck can occur on the router devices and the single line being used. Integrated Router Same as layer 3 switching Any no. of switches can be hooked together As long as one switch has layer 3 capabilities Can stay on the backplane of the switch and perform routing Much closer to wire speed One of the best solutions for routing between VLANs. Prerequisites May have many switches that participate in the same VLAN. Make sure VLANs are assigned to a VLAN trunking protocol domain. Allow all switches to share VLAN database contents VLAN information will be propagated to switches in the VTP domain Different modes Server mode o Server propagates information to client Transparent mode o Can be transit when moving VTP messages Placing VLANs Understand traffic patterns Application type in the network Segmenting work group Relationship between VLANs and IP addressing o One-to-one correspondence at the subnet level Use an IP addressing scheme Keep VLANs in class o VLANs are limited to single layer 2 domain 82

Virtual LAN (VLAN)

VLAN A layer 2 security. Divides a single broadcast domain into multiple broadcast domains. By default all ports of the switch are in VLAN1. This VLAN1 is known as administrative VLAN or management VLAN. VLAN can be created from 2 to 1001. It can be configured on a manageable switch only. There are two types of VLAN membership Static VLAN Static VLANs are based on port no. Need to manually assign a port on a switch to a VLAN. Also called as port based VLANs It can be a member of single VLAN and not multiple VLANs. Dynamic VLAN o It is based on the MAC address of a PC. o Switch automatically assigns the port to a VLAN. o Each port can be a member of multiple VLANs. o For dynamic VLANs configuration, a software is called VMPS (VLAN Membership policy server) is needed. Intercommunication between multiple VLANs can be done through a layer three device. Important point: The PC port from which you telnet to the switch must be in a default VLAN. If all the ports on a switch are in a different VLANs, we cannot telnet to the switch so to remove VLANs enter through console port. VLAN Trunking Protocol (VTP): VTP is prerequisites to using VLANs on switches. VTP is a CISCO proprietary protocol. Designed to ease administration of a layer no. of switches sharing VLAN information All switches need to have trunk lines connecting them. Uses layer 2 trunk frames to communicate. One switch is identified as the server switch Propagates all VLAN information to every other switch. Server manages addition, deletion, and remaining VLANs from central point. Used to share the VLAN configuration with multiple switches. Information will be passed only if switches connected with fast Ethernet or higher ports. 83

Unable to span a single VLAN over any layer 3 boundary Has to be a router between VLANs to move data between them

VTP domains Switches can belong to only on domain o Advertise specific attributes Domain name, revision no., known VLANs and parameters Revision no. is used to identify if the switch is in synch with the servers. o All switches in the same VTP domain should have the same revision no. Note: Switches should be configuring with same domain. Domains are not case sensitive. VTP Modes: There are three modes. Server Mode Full control of the VLAN environment. Advertises information to other switches. A switch configured in server mode can add, modify and delete VLANs. A default VTP mode for all switches. Client Mode Passive listening. Forward messages but is not read/write. A switch configured in client mode cannot add, modify or delete its VLAN configuration. Doesnt store its VLAN configuration information in the NVRAM instead, it learns from the server every time it boots up. Transparent Mode No participation in advertising or synchronization. Will either forward messages or will not. A switch configured in a transparent mode can add, modify and delete. VLAN configuration changes in one transparent switch will not affect any other switch. Older version is VTP Version 1 switches do not relay. Latest version is VTP Version 2 provides best functionality. Switches all inbound messages on a trunk port to be relayed out other trunk ports. VTP Messages: Advertisement Request Subset Advertisement Summary Advertisement VTP Pruning Prevents needless broadcast flooding of VLAN traffic across trunk lines. Uses advertisements with VTP to determine whether a switch belongs to a set of VLANs o Switches automatically calculate this when pruning is enabled. Avoids trunks connected to switches with no VLAN in the advertisement.


VLAN Configuration Switch65# show VLAN Switch65# show interfaces status Creation of VLAN syntax For 2950 series switch Switch(config)# VLAN <no.> Switch(config-vlan)# name <name> Switch(config-vlan)# exit For 2900 series switch Switch# vlan database Switch(vlan)# vlan <no.> name <name> Switch(vlan)# exit VLAN Implementation Syntax Switch(config)# interface <interface type> <interface no.> Switch(config-if)# switch port mode access Switch(config-if)# switch port access vlan <no.> For trunking Configuration, 2900 series syntax Switch(config)# interface <interface type> <interface no.> Switch(config-if)# switch port trunk allowed vlan {<vlan no.> / all} Switch(config-if)# switch port trunk encapsulation dot1q Note: dot1q only for 2900 series switch. Dot1q is an open standard so we use dot1q protocol. VTP Configuration For 2950 series switch Switch(config)# vtp domain <name> Switch(config)# vtp password <password> Switch(config)# vtp mode <server/client/transparent> Switch(config)# vtp pruning For 2900 series switch Switch# vlan database Switch(vlan)# vtp domain <name> Switch(vlan)# vtp password <password> Switch(vlan)# vtp mode <server/client/transparent> Switch(vlan)# vtp pruning

Note: there is no need to give encapsulation dot1q in 2950 series because it is taken by default.


Access Control List

ACL Implementation Provides traffic control into and out of a router. List of conditions designed to match against IP addresses. Similar to firewall configuration. Can also be used to define range of addresses. WAN, NAT, route control. IP protocol security Processes the list against inbound or outbound traffic. ACLs can travel in multiple direction ACL Rules Implicit deny is always at the end of each defined ACL By not permitting everybody else as a second entry everybody is denied Lists are read from top to bottom. Exists the list on first match. Most specific entries at the top. Increased performance overhead Apply this in strategic locations Do not assign ACLs to core devices o Routers must process packets on a packet-by-packet basis. Cannot insert a line into a list on a fly. Unless using 12.3 software New entries always go to the bottom of the list Create the list using text editor. Remove the entries list and copy the new list back into the router. Remove ACL entries with the no commands in IOS. Note: There is an implicit deny at the end of every created access list. By not permitting all other traffic as a second entry in the list, all traffic is effectively denied. Access Control List It is a layer 3 security which controls the flow of traffic from one router to another. It is also called as packet filtering firewall. Types of Access List: Standard ACL Numbered ACL Named ACL Filters only on source address Normally used for address definition 87

Extended ACL Numbered ACL Named ACL Filters on: o Source address o Destination address o Protocols (IP, TCP, UDP, ICMP) o Port (Telnet, Web, DNS)

Standard Access List: The access list number lies between 1 99. Can block a network, host and subnet. Two way communications is stopped. All services are blocked. Implemented to the closest to the destination. (Guideline) Wild Card Mask Used to specify how much of the network portion or host portion should be matched upon. Allows the router to process IP information correctly 0 Match exactly 255 Wild card Block size allow ranges to be specified to match the subnet mask 4, 8, 16, 32, 64 (subtract 1 from the no. when entered). Provides incremental value for the address. Assigning ACL Standard ACL go closer to the destination Only filters on source address Extended ACL go closer to the source Filters on both source and destination address Allows user to block traffic from the source Note: Assign standard ACL closest to destination. Extended ACLs, however, should be assigned closest to source. Extended Access List: The access list number lies between 100 199. Can block a network, host, subnet and service. One way communication is stopped. Selected services can be blocked. Implemented closest to the source (Guideline). Terminology: 88

Deny: blocking a network, host, subnet or services. Permit: Allowing a network, host, subnet or services. Source Address: The address of the PC from where the request starts. Destination Address: The address of the PC from where the request ends. Inbound: Traffic coming into the interface. Outbound: Traffic going out of the interface. Protocols: IP TCP UDP ICMP Operators: eq (equal to) neq (not equal to) lt (less than) gt (greater than) Services: HTTP, FTP, TELNET, DNS, DHCP..etc.

Creation of Standard ACL Syntax for Creating standard ACL: Router(config)# access-list <ACL No.> deny/permit <source address> <source wild card mask> Syntax for Implementing Standard ACL: Router(config)# interface <interface-type> <interface no.> Router(config)# ip access-group <ACL no.> in/out Example: If u want to block 1.1 from accessing 2.0 network So, first we have to create ACL, Router(config)# access-list 10 deny Router(config)# access-list 10 permit any Then, implantation the ACL Router(config)# interface Ethernet 0 Router(config)# ip access-group 10 out Syntax for Creating Extended ACL: Router(Config)# access-list <ACL no.> permit/deny <protocol> <source address> <source wild card mask> <destination address> <destination wild card mask> operator <service> Syntax for Implementing Extended ACL: Router(config)# interface <interface type> <interface no.> 89

Router(config)# ip access-group <ACL no.> in/out Monitoring ACL To display all access lists and parameters configured on the router. Does not show interface assignment Show access-list To display a particular access lists and parameters Does not show interface assignment Show access-list list number To display only IP access list Show IP access list Assigning access list to interfaces IP access-group To identify what list has been applied in which location Show IP interface Show running-config Show run Able to have one list for each protocol in each direction assigned to an interface. No more than one per protocol Example: 1.0 should not access HTTP 1.0 should be able to access FTP and should not be able to access others. Solution: Router(config)# access list 101 deny tcp eq 80 Router(config)# access-list 101 permit TCP eq 21 Or Router(config)# access-list deny IP neq 21 If we use the second command then, Router(config)# access-list 101 permit IP any any Router(config)# interface serial 0/0 Router(config)# IP access-group 101 in all the deny statement should be given first and later the permit statement in ACL. At least one permit statement should be in the ACL statement compulsorily. If we want to block ping request: Router(config)# access-list 101 deny ICMP echo


Wide Area Network

Wide Area Network A WAN is a data communication network that covers a relatively broad geographical area and that often uses transmission facilities provided by common carriers, such as telephone companies. WAN Devices WANs use numerous types of devices that are specific to WAN environments. WAN switches, access servers, modems, CSU/DSUs, and ISDN terminal adapters are discussed in the following sections. Other devices found in WAN environments that are used in WAN implementations include routers, ATM switches, and multiplexers. WAN Switch A WAN switch is a multiport internetworking device used in carrier networks. These devices typically switch such traffic as Frame Relay, X.25, and SMDS, and operate at the data link layer of the OSI reference model. Figure 3-5 illustrates two routers at remote ends of a WAN that are connected by WAN switches. Figure 3-5 Two Routers at Remote Ends of a WAN Can Be Connected by WAN Switches

Access Server An access server acts as a concentration point for dial-in and dial-out connections. Figure 3-6 illustrates an access server concentrating dial-out connections into a WAN. Figure 3-6 An Access Server Concentrates Dial-Out Connections into a WAN


Modem A modem is a device that interprets digital and analog signals, enabling data to be transmitted over voice-grade telephone lines. At the source, digital signals are converted to a form suitable for transmission over analog communication facilities. At the destination, these analog signals are returned to their digital form. Figure 3-7 illustrates a simple modem-to-modem connection through a WAN. Figure 3-7 A Modem Connection Through a WAN Handles Analog and Digital Signals

CSU/DSU A channel service unit/digital service unit (CSU/DSU) is a digital-interface device used to connect a router to a digital circuit like a T1. The CSU/DSU also provides signal timing for communication between these devices. Figure 3-8 illustrates the placement of the CSU/DSU in a WAN implementation. Figure 3-8 The CSU/DSU Stands Between the Switch and the Terminal

ISDN Terminal Adapter An ISDN terminal adapter is a device used to connect ISDN Basic Rate Interface (BRI) connections to other interfaces, such as EIA/TIA-232 on a router. A terminal adapter is essentially an ISDN modem, although it is called a terminal adapter 93

because it does not actually convert analog to digital signals. Figure 3-9 illustrates the placement of the terminal adapter in an ISDN environment. Figure 3-9 The Terminal Adapter Connects the ISDN Terminal Adapter to Other Interfaces

WAN Dialup Services Dialup services offer cost-effective methods for connectivity across WANs. Two popular dialup implementations are dial-on-demand routing (DDR) and dial backup. DDR is a technique whereby a router can dynamically initiate a call on a switched circuit when it needs to send data. In a DDR setup, the router is configured to initiate the call when certain criteria are met, such as a particular type of network traffic needing to be transmitted. When the connection is made, traffic passes over the line. The router configuration specifies an idle timer that tells the router to drop the connection when the circuit has remained idle for a certain period. Dial backup is another way of configuring DDR. However, in dial backup, the switched circuit is used to provide backup service for another type of circuit, such as point-to-point or packet switching. The router is configured so that when a failure is detected on the primary circuit, the dial backup line is initiated. The dial backup line then supports the WAN connection until the primary circuit is restored. When this occurs, the dial backup connection is terminated. WAN Virtual Circuits A virtual circuit is a logical circuit created within a shared network between two network devices. Two types of virtual circuits exist: switched virtual circuits (SVCs) and permanent virtual circuits (PVCs). SVCs are virtual circuits that are dynamically established on demand and terminated when transmission is complete. Communication over an SVC consists of three phases: circuit establishment, data transfer, and circuit termination. The establishment phase involves creating the virtual circuit between the source and destination devices. Data transfer involves transmitting data between the devices over the virtual circuit, and the circuit termination phase involves tearing down the virtual circuit between the source and destination devices. SVCs are used in situations in which data transmission between devices is 94

sporadic, largely because SVCs increase bandwidth used due to the circuit establishment and termination phases, but they decrease the cost associated with constant virtual circuit availability. PVC is a permanently established virtual circuit that consists of one mode: data transfer. PVCs are used in situations in which data transfer between devices is constant. PVCs decrease the bandwidth use associated with the establishment and termination of virtual circuits, but they increase costs due to constant virtual circuit availability. PVCs are generally configured by the service provider when an order is placed for service. WAN Connection Type: There are 3 types of WAN connectivity Dedicated lines (synchronous serial) Permanent connection (T1,T3, etc) Circuit switching (Synchronous Serial) Frame relay, X.25, etc Packet switching (Asynchronous Serial) ISDN, etc 1. Dedicated Lines: Used for shorter to medium distance and for longer connectivity. Private lines. Bandwidth is fixed. Line is 24 hours up. Whether used or not, billing is done. Example: leased lines 2. Circuit Switching: Used for medium to longer distance for shorter connectivity. Bandwidth is fixed. Billing depends on usage. Examples: ISDN, PSTN, (Dial-up connections) 3. Packet Switching: Used for medium to longer distance and for longer connectivity. Bandwidth is shared. Example: frame relay. Point-to-point Serial Two types of framing protocols Default is CISCO High Level Data Link Control (HDLC) Point-to-point protocol used on leased lines (T1, E1, etc) Does not provide authentication. CISCOs implementation is proprietary. Supports multilayer 3 protocols. PPP Architecture 95

Point-to-point Protocol Operates across any data communication equipment (DCE) or data terminal equipment (DTE) interface connections. Must be a duplex circuit. Operates both synchronous and asynchronous mode No transmission rate limits Multiple layer 3 protocol support Authentication o Password authentication protocol (PAP) clear text o Challenge handshake authentication protocol (CHAP) encrypted RFC Compliant o Provides all layer 2 characteristics required fro PPP communications Three different layer 2 components o Standard HDLC frame o Link Control Protocol (LCP) Provides initial connection setup o Network Control Protocol (NCP) Separate NCP for every protocol.

PPP Authentication: Two types of authentication Password Authentication Protocol (PAP): Two way handshaking protocol. Username and password are in clear text. No security. Challenge Handshake Authentication Protocol (CHAP): Three way handshaking protocol. Username is sent in clear text and password in encrypted form. It is secured. Access server issues a challenge message. Remote end responds with one way hash function using Message Digest 5. o Prevents the password from being passed across the network. Router(config)# username router password cisco Router(config)# interface serial 0 Router(config-if)# encapsulation ppp Router(config-if)#ppp chap hostname router Router(config-if)#ppp authentication chap Enabling PPP Router# config t Router(config)# int s0 Router(config-if)# encapsulation PPP 96

Router(config-if)# exit Set the authentication type to use Router(config)# int s0 Router(config-if)# ppp authentication chap Or Router(config-if)#ppp authentication pap Router(config-if)# ^z Router# show int s0 Public Switched Telephone Network (PSTN) Analog signal Max speed of 33 to 40 kbps. Call establishment is slower (min 1 minute). Terminated at the PSTN Switch at the exchange. Supports single service at a time. Integrated Services Digital Network (ISDN) Digital signals. Min speed for 128 kbps. Call establishment is faster. Terminated in ISDN switch at the exchange. Supports multiple services at a time. Allows voice, data and video to be carried simultaneously. Faster call setups than a modem. Faster data rates than a modem. Terminates the local analog line to a digital line. Basic Rate Interface (BRI) (192 kbps) (2B+1D) Channel. Each channel 64kbps. Bearer (B) channel is used to carry data. Delta (D) channel is used for signaling control (16 kbps). (2*64) + (1*16) = 144 kbps Every 64 kbps channel is the same as phone line. o Always take away 8 kbps overhead for signaling and framing. Two channels are allocated at a full 64 kbps Third channel carries all signaling and framing control. Total of 128 kbps of actual data line. PRI Primary Rate Interface. There are two standards in PRI European Standard (E1) o 30B +1D channels o 30 * 64 + 1 * 64 = 2.04 Mbps US Standard (T1) 97

o 23B +1D channels. o (23 * 64) = (1 * 64) = 1.544 Mbps Dial-on-Demand routing (DDR) Allows two or more routers to connect using BRI whenever there is interesting traffic. Low volume solution. Always uses static routes. Implementation Five primary steps 1. Set the ISDN switch type Will come from the provider Normally basic 5ess, basic dms100 or basic-ni1 2. Specify interesting traffic 3. Identify static routes Used to make sure the link does not stay up due to routing protocol updates. 4. Define interface encapsulation and ISDN addressing parameters Can be PPP or HDLC. But PPP is most popular 5. Configure protocol addressing ISDN and DDR can be configured for any routable protocol 6. Additional Interface Information Dialer idle time out o Allows the link to be terminated when appropriate Dialer load threshold o Identifies when to bring up the second B channel based on a load measurement Service profile identifiers (SPIDs) o Identify the purchase feature set to the phone provider. o Two numbers one for each bearer channels o Phone no. + SPID + Local Dial No. (LDN) Caller ID Screening BRI Interface Configuration Telnet Isdn(config)# interface bri <no.> Isdn(config-if)# ip address negotiated Isdn(config-if)# no shut down Isdn(config-if)# encapsulation {ppp/hdlc} Authentication Configuration Isdn(config-if)# ppp authentication pap or chap calling 98

Isdn(config-if)# ppp pap sent-username <username> password <password> Isdn(config-if)# ppp chap hostname <user name> Isdn(config-if)# ppp chap password <password> Dialer Commands Configuration Isdn(config-if)# dialer string <telephone no. of ISP> Isdn(config-if)# dialer idle-time out<seconds> Isdn(config-if)# dialer-group<group no.> Isdn(config-if)# exit ISDN Switch Type Configuration Isdn(config)# isdn switch-type <switch name> Basic 1 tr 6 1 TR 6 switch type for Germany Basic 5ess AT & T 5 ESS switch type for US Basic dms100 Northern DMS-100 switch type Basic net 3 NET3 switch type for UK, Europe, Asia, India. Network Address Translator (NAT): Translates private IP addresses to public and public addresses to private. Allow communication from private world to the public world and not vice versa. Used for internet sharing. Inside Local Addresses: An IP address is assigned to a host inside a network. This address is likely to be a RFC 1918 private address. Inside Global Address: A legitimate IP address assigned by the NIC or service provider that represent one or more inside local IP address to the outside world. Outside Local Address: The IP address of an outside host as it known to the host in inside network. Outside Global Address: The IP address assigned to host on the outside network. The owner of the host assigns their address. NAT Features: Static NAT is designed to allow one to one mapping of local and global addresses Dynamic NAT is designed to map a private IP address to a public address. PAT (Port Address Translator): PAT uses unique source port no. on the inside global IP addresses to distinguish between translations. NAT Commands Configuration 99

(Config)# interface Ethernet <no.> (Config-if)# ip nat inside (Config-if)# exit (config)# interface BRI <no.> (Config-if)# ip nat outside (config-if)# exit (Config)# ip nat inside source list <no.> interface BRI <no.> overload Access List Commands Configuration (Config)# access-list <aclno.> <permit/deny> <source address> <wildcard mask> (config)# dialer-list <dialer no.> protocol ip permit Routing Command Configuration (Config)# ip routing (config)# ip route <destination network ID> <destination subnet mask> <exit interface type> <interface no.> Miscellaneous Commands (Default) (config)# ip name-server <i9p address> (config)# ip domain-lookup These are the public IP DNS servers in India Trouble Shooting #Show ISDN status Layer1 = active Layer2 = multiple frame established Layer3 = 1-active calls Implies, all configurations and the connectivity are fine #Show ISDN status Layer1 = inactive physical connectivity is down Layer2 = TE1_ Assigned Terminal equipment identifier Layer3 = 0-Active calls Implies, layer 1 problem Check physical connectivity #Show ISDN status Layer1 = active Layer2 = not activate Layer3 = 0-Active calls Implies, layer2 problem Check encapsulation #Show ISDN active (Command) 100

#show ISDN history History table data is retained of max 15 minutes #show int bri 0 #Show ip route How to create sub-interfaces (Config)# interface serial <no.>.<no.> (Config-if)# ip address <address> <subnet mask> Logical interfaces created by physical interfaces is called as sub interfaces


FRAME RELAY Frame relay is a data link layer packet-switching protocol that uses digital circuits It is used for medium to large distances and for longer connectivity. Leased lines also provide longer connectivity but a physical circuit is used to make connection between two sites and the same circuit path is used always. Frame relay connections use logical circuits to make connections between two sites. These logical circuits are referred to as virtual circuits(VCs) Multiple VCs can exist on the same physical connection VCs are full duplex Characteristics Facilitates connectivity between data terminal (DTE) devices through carrier network DCE. A CISCO router is always DTE in a frame relay environment. DCEs facilitate all switching within the cloud Utilizes Virtual Circuits Permanent Virtual Circuit (PVC) o Identified at each end by a data link connection identifier (DLCI) o DLCIs facilitate connectivity to the remote end via PVC Switched Virtual Circuit (SVC) or sometimes called as on demand circuit o Brought up only when there is traffic to be sent Supports most layer 3 protocols Such as IP, IPX, apple talk, etc Advantages of Frame Relay VCs overcome the scalability problems of leased lines by providing multiple logical circuits over the same physical connection. Only one serial interface of a router is needed to handle the VC connection to multiple sites whereas using leased lines multiple serial interfaces are needed to connect to multiple sites. VCs provide full connectivity at a much lower price compared to leased lines. Frame Relay Terminology Sub-Interfaces Users shared bandwidth Local Management Interface (LMI) Used between the frame relay. DTE (eg., router) and the frame relay DCE (eg., frame relay switch) 102


Defines how the DTE interacts with the DCE Logically significant Provides VCs status information (keep-alive mechanism) LMI standards CISCO, ANSI, q933a The DTE and DCE must have the same LMI signaling type. Data Link Connection Interface (DLCI) Used to identify each VC on a physical interface i.e., each VC has a unique local address called a DLCI number. Switch will map to the destination depending on the DLCI number. Inverse ARP is used to map DLCIs to next hop addresses. Mapping can also be done manually. Its locally significant. These numbers are given by the frame relay service providers, service providers assign DLCIs in the range of 16 to 1007. Virtual Circuits Virtual circuits are of two types 1. Permanent Virtual Circuits PVCs 2. Switched Virtual Circuits SVCs Permanent Virtual Circuits o Similar to dedicated leased lines permanent connection. o Used when constant data is being generated. Switched Virtual Circuits o Also called as semi-permanent virtual circuit o Similar to circuit switched connection where the VC is dynamically built and then torn down once the data has been sent. o Used when data has to be sent in small amounts and at periodic intervals. Committed Information Rate (CIR) Average data rate measured over a fixed period of time that the carrier guarantees for a VC. Committed bandwidth Burst Rate (BR) Average data rate provides guarantees for a VC. Excess bandwidth. Forward/Backward Explicit Congestion Notification (FECN/BECN) When congestion occurs switch marks the FECN and BECN bits in the frame header. FECN is sent to the destination.

BECN is sent to the source. Thereby notifying both source and destination about the congestion. FECN = 0, BECN =0 implies no congestion. Configuring Serial Interface Router(config)# interface serial <no.> Router(config-if)# ip address <address> <subnet mask> Router(config-if)# no shutdown Router(config-if)# encapsulation frame-relay Router(config-if)# frame-relay lmi-type <lmi type> Router(config-if)# frame-relay interface-dlci <dlci no.> Configure in the same way another serial interface. Converting router to frame-relay switch Router(config)# frame-relay switch Configuring Frame-Relay Switch Router(config)# interface serial <no.> Router(config-if)# no ip address Router(config-if)# no shutdown Router(config-if)#clock rate <clock rate> Router(config-if)#encapsulation frame-relay Router(config-if)# frame-relay lmi-type <lmi-type> Router(config-if)# frame-relay intf-type dce Router(config-if)# frame-relay route <source dlci no.> interface <int type> <int no.> <destination dlci no.> Trouble Shooting Frame-Relay # show frame-relay pvc PVC status = active Implies all configuration and the connectivity are fine PVC status = Inactive Implies, configuration or connectivity problem with remote LMI PVC status = Deleted Implies, configuration or connectivity problem with local LMI #show frame-relay map #show frame-relay route


Leased Lines Is a point-to-point link providing a single pre-established WAN communication path from the customer premises to a remote network through a carrier network, such as a telephone company. Features of Leased Lines Used for shorter to medium distances and for longer connectivity. Private lines (Dedicated). Bandwidth is fixed. Line is 24 hrs up. Whether used or not billing is done. Transmission speed of leased lines varies from 64 kbps up to several megabytes. Types of Leased Lines Internet Leased Lines The leased line connected between ISP and subscribers premises then we call it as internet leased line Point-to-point The leased line connected between corporate office and branch office is called as point-to-point leased lines Point-to-point leased line types Local leased line Long distance leased line International Private/Principal Leased Circuit (IPLC) It is a dedicated point-to-point connection providing a non-switched, fixed and assured bandwidth between two points. Example: one being in India and the second is in a foreign country, IPLC services in India are available for speeds ranging from 64 kbps to 155 Mbps. IPLC can provide connectivity in two ways Using satellite Using physical medium (fiber optic submarine cable) Service Provider for India BSNL Raitel VSNL Bharti BT TATA Reliance Communication Requirements of Leased Lines Routers V.35 cables V.35 modem 105

G.703 modem


Manufacturer of CSU/DSU Cygnus Avantel D-Link RAD Motorola Tie Net Ascom Main Street Express Atrie Router Level Trouble Shooting Router level trouble shooting can be done with the help of command Router# show interface serial <no.> S0 is down, line protocol is down Implies, V.35 cable not functioning properly S0 is up, line protocol is up (looped) When local loop or digital loop is pressed on one of the CSU/DSU. Serial 0 is reset Implies, there is clocking problem with the multiplexer. Serial 0 is in standby mode Implies, the back up line is up and primary line is standby mode. Password Recovery When the router starts ROMMONITOR mode: If it is a fixed router > 0/r 0x2142 If it is a modular router ROMMON> config 0x2142 ROMMON> reset Router>enable Router# show startup-config Router# show version Router# copy startup-config running config Router# configure terminal Router(config)# interface Ethernet 0 Router(config)# no shut Router(config)# exit Router(config)# enable secret <password> Router(config)# config-register 0x2102 Router(config)# ctrl z Router# write Router# show version Router# reload