Upload
rohit-singhal
View
58
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Basic IP Configuration
Citation preview
Network – When systems connected to each other to share resources and data in a network is known as networking.
Point to Point Configuration
It is dedicated link exits between two devices.
Multipoint
When two or more device shares a link.
Topology
It is the physical structure (design) in which they are connected to each other.
Types of topologies
1. Physical topology - It refers to arrangement of devices in a network they are BUS, Star, Tree, mesh.
2. Logical topology - It represents the way in which data is transferred from one device to next device irrespective of physical connection.
Bus topology
In this device share a common backbone cable to send and receive data.
Ring topology
In this each device is connected to adjacent devices forming a circle data flows in one direction only clockwise.
Star topology
In this topology multiple devices are connected to central connection point as hub or switch.
Mesh topology
In this device is connected to each other two mesh topology.
Full mesh topology
Each mode is connected to each other.
Partial mesh topology
It does not connect to each other it is very expensive.
Tree topology
It combines linear bus and star topology.
A backbone is used to connect multiple star networks.
Types of network
Lan – local area network
It is a small area network to share data and resources.
Types of lan
1. Ethernet – used IEEE 802.3 standard and csma and cd technology 2. Token ring – passes s token over the network in ring format 3. Token bus – uses token mechanism the system are physically connected in bus format 4. FDDI – it uses token passing technique like token ring network. It uses primary and secondary
rings.CAN – Campus Area network
It is area network which is limited to a campus.
MAN – Metropolitan Area network
It is an interconnection of networks in a city.
WAN – Wide Area network
Wide network consists of geographical area which includes multiple computers or LANs.
Modes of Transmission
1. Simplex – It is unidirectional one devices transmit and other device data. 2. Half Duplex – Uses only one wire to connected network and transmits data. It uses CSMA /CD to
avoid collision only one device communicates eg. Walkie-talkie 3. Full-Duplex – It uses two wires for communication one for sending and one for receiving there is
no threat of data collision both devices communicate at a time. Ethernet
1. It is a standard communication protocol embedded in software and hardware devices for LAN.2. It uses bus or star topology. 3. Ethernet is frame based it uses baseband signalling and implies CSMA/CD. 4. Types of Ethernet are 10base2, 10baseT, 10base5 and 100baseT.5. [Baseband – it sends a single signal at a given instant]6. Works on IEEE 802.3 standard. 7. Developed by DEC, Intel, Xerox corporation
Devices
HUB – It is a device which contains a series ports to which computer can connect joins multiple network segments together to form a single segment
Feature
One broadcast, shares the bandwidth, one collision domain.
Working
When any transmission received on one port it will be sent at all ports in a hub and collision is checked out through CSMA/CD
Switch – It is also a device which connects multiple LAN segments at data link layer.
Working
It examines data packets for sources and destination MAC address to sent it on respective port in case if destination is unknown than it acts like hub and floods the frame to every port
Types of switch
1. Managed switch – this type of switch uses SNMP which sets the communication parameter as per requirement of network it shows number of bytes and frames transmitted or received and number of error on each port.
2. Unmanaged switch - If Ethernet devices start to communication on connection One broadcast domain, multiple collision domain, switch has its own VLAN.
Types of switching
1. Cut through switching – These types of switches forward data packets as soon as they receive it. They validate data by comparing checksum value.
2. Store and forward switching - It performs a checksum on each data packets before forwarding it. This switch is slower than previous switch. These switch minimize the errors due to improper packet forwarding.
3. Fragment free switch – It checks first 64 bytes of data. It provides a balance cut through switch and store and forward.
Bridge – All features are same of hub but it has MAC table.
Router – It is a device that provides the best possible route to data packets to reach destination they use routing table to decide route of data. Join multiple network using different protocols. Operate at network layer.
Function of router
1. Provide traffic management 2. Do not pass broadcast traffic 3. Connect different network segment.
Repeater – It is a device that increases the strength of data signals sent across the network it amplifies and passes it on next segment.
Bridges – Devices that divide network into different segments. It decides network segment where the data has to travel in order to reach its own destination.
OSI Model
Open System Interconnection
1. This model was developed by ISO - international standard organisation 2. It is a set of guidelines that application developers can use to create and implements application
that run in network.3. It provides a framework for creating and implementing networking standard, devices and
internetworking schemes.Note- devices that operates on all seven layers are as follows
1. Network management stations 2. Web and application services 3. Gateways and network host
It has seven layers divided into two groups.
1. Top three layers define how application within the end stations will communicate with each other and with users.
2. Bottom four layers define how data is transmitted end to end.Layers
1. Application – files, print, message, database, application2. Presentation – data encryption, compression and translation.3. Session – dialog control 4. Transport – end to end connection 5. Network – routing 6. Data link – framing 7. Physical – physical topology
Application layer – It defines the manner in which application interact with network like database e-mail. It provides user interface protocol that work on this layer FTP,TFTP,SMTP, DNS, SNMP, NFS, NNTP
Presentation layer – It defines the way in which data is formatted, presented, converted and encoded. Presents data and handles processing such as encryption.
Session layer – Co-ordinates communication and maintains session for as long as it is required performing security logging and administrative functions. Keeps different applications data separate.
Transport layer – It defines protocols for structuring messages and supervises the validity of transmission by performing error checking. Provides reliable or unreliable delivery. Performs error correction before retransmit.Protocols that works are TCP, UDP, SCTP.
Network Layer – It defines data-routing protocols to increase the likelihood that information arrives at correct destination node. Devices that work on this layer is routers and firewalls. Provides logical addressing which routers use for path determination.Protocols that work are ICMP, IGMP, IP,ARP, RARP.
Data link layer – Validates the integrity of flow of data from one node to another by synchronizing blocks of data and controlling the flow. Combines packets into bytes and bytes into frames. Provides access to media using MAC address. Performs error detection not correction.Protocols that works are HDLC, SDLC.
Physical layer – It defines mechanism for communicating with tansmission medium and interface hardware. Moves bits between devices. Specifies voltage wire speed and pin out of cables.
Protocols – These are sets of rules to determine how data is transmitted over the network it works on several levels. Hardware level software level program level.
Protocols are predefined set of rules which govern the transfer of data and communication between computers connected in a network.
Functions of protocols
Regulate type of networks access method Compression techiques Topologies Cabling methods Speed of data transfer.
Ethernet – It is a standard communication protocols embedded in software and hardware devices for lan.
1. Uses bus or star topologies 2. It is based on frames 3. It uses baseband signalling and implies CSMA / CD4. Types of Ethernet are 10base2, 10baseT, 10base5, 100baseT.5. Works on IEEE 802.3 standard.
6. Developed by DEC, INTEL, XEROX corporation.Note – It is the only technology to support two different topologies.
Ethernet frames
It is used to encapsultes packets handed down from network layers. It perform a data security check and ensures that data is not corrupted.
It is made up of two sub layers.
1. MAC – Media access control 2. LLC – Logical link control.
Frame
Destination address – 6 bytes / 48 bits
Source address – 6 bytes / 48 bits
Length – 64 bytes / 1024 bits
Frame check sequence total 1632 bits
IEEE standards 802.3 – Institute of electricals and electronics engineers.
MAC 802.3 – It defines how packets on media are placed. MAC address is of 48 bit (12 digit hexadecimal number) divided into two parts. MM:MM:MM:SS:SS:SS
On first part it represents manufacturers identifier provided by IEEE. Second part represents a serial number provided by manufacturers.
LLC – Logical link control 802.2
It is responsible for identifying network layer protocols and then encapsulating them. It also provides flow control and sequencing of control bits.
DTE – Data Terminal Equipment
Devices which communicates on Ethernet network such as computer and printer.
DCE – Data Communication Equipment
Devices which provide communication on Ethernet eg. Switch and router.
IEEE 802 networking standard
1. 802.1 – LAN /MAN management (internetork ) 2. 802.2 – Logical link control 3. 802.3 – CSMA /CD 4. 802.4 – Token Bus 5. 802.5 – Token Ring 6. 802.6 – MAN – Distributed Queue Dual Bus 7. 802.7 – Broadband 8. 802.8 – Fibre Optic LAN and MAN 9. 802.9 – ISDN Isochronous LAN 10. 802.10 – Network Security 11. 802.11 – Wireless (a to n)12. 802.12 – Demand Priority Access Method 13. 802.15 – Wireless Personal Area Network 14. 802.16 – Wireless MAN 15. 802.17- Resilent Packet Ring 16. 802.18 – LAN/MAN Standard Commitee
Cable Standard for UTP
1. Cat 1 – telephone (carries only voice) 2. Cat2 – 4Mbps 4 pairs of wires 3. Cat3 – 10 Mbps RJ45 16 Mhz 4. Cat4 – 16 Mbps 20 Mhz 5. Cat 5 – 10 Mbps 100 Mhz6. Cat6 – 1000 Mbps 250 Mhz 7. Cat7 – 600 Mhz
Data link layer for Ethernet
It works on physical address known as MAC address i.e. of 48 bit (6 bytes) denoted by haxa-decimal digit. Responsible for converting packets into frames and transmitting to network layer. It encapsulates data and media access control which check error in data during and after reception. It’s sub layer LLC provides error detection and flow control.
SNAP- Sub Network Access Protocol
IEEE defines two frames SAP and SNAP in LLC that handle the data link layer.
SAP – Service Access Point
This frame is of one byte in length and uses only first 6 bits to identify network layer protocols.
i.e. 2^6 =64 protocols only
SNAP – This frame is of 2 byte so it can identify upto 65536 protocols.
TCP/IP Model
Allows data transfer between network device
TCP – It is transport layer of the protocol and serves to ensure a reliable verifiable data exchange between hosts on a network breaks data packets into segments number them and send in random order.
IP – It is responsible for network addressing routing connectionless and reliable
DOD Model (Department of Defence) TCP/IP Model
Four layers of DOD Model
1. Application Layer 2. Host to host layer 3. Internet layer 4. Network access layer
Application layer – Defines application such ad FTP Telnet interact through this layer.
Protocols that function on this layer
SNMP FTP TFTP SFTP
SMTP POP3 IMAP HTTP
NNTP IGMP NTP NFS
LDAP
Host to host layer
Adds transport control information to user data. Responsible for source to destination delivery of entire message.
Internet layer
It allows routing of data over the network. Adds IP information to form a packet ARP and RARP works on this layer.
Network interface layer
In this layer protocols that are used to transmit data to other device in network transmit data frames in network over the physical connection exchange data between devices.
Application layer protocols
Telnet – It allows a user on a remote client machine to access the resources of another system.
FTP – File Transfer Protocols (port 20,21)
Used over internet to exchange files it can download a file from a server or upload a file to server. It is limited to listing and manipulating directories typing fules contents and copying files between hosts. Authentication required.
TFTP – Trivial File Transfer Protocol.
It is used to transfer files to and from a remote computer such a diskless workstations. These workstations do not have their own storage disk and boots from a network host or a server.
It has no directory browsing abilities it can do nothing but send and receive files uses UDP. No authentication required.
NFS – Network File System
It allows two different types of file system to interoperate. Developed by SUN microsystem so that UNIX server can communicate with TCP.
SMTP – Simple Mail Transfer Protocol
It is used for transferring mail from client to server and server to server.Specifies how mail system work together and the format control message they use to exchange and transfer mail.
LDP – Line printer daemon
It is designed for printer sharing. It allows print jobs to be spooled and sent to networks printers using TCP/IP.
SNMP – Simple Network Management Protocol
It allows network administrator to collect information and remotely monitor other devices on network. It gives smart devices such as routers, switches, hubs, bridges, PC’s to report their status and allows administrator to make changes.
It uses two protocols.
1. SMI2. MIB
SMI – Structure of management Information
It defines the rules and does not define how many objects are managed in an entity SMI sets the rule for naming objects types and shows how to encase objects and values.
MIB – Management Information Base
It creates a set of objects foe each entity that is similar to normal database. It defines the number of objects name the objects with respect to rules defined by SMI.
X-Window – It defines a protocol for writing client/server application based on graphical user interface.
NNTP – Network News Transfer Protocol
It is standard protocol used to transfer UseNet news from one machine to other UseNet news is a large collection of discussion group covering a wide range of topics. Provide connection – oriented service. Gives failure – delivery message (error generation)
SFTP – Secure File Transfer Protocol
It is used to transfer files over an encrypted. it uses an SSH session which encrypts the connection.
POP - Post Office Protocol.
It provides a storage mechanism for incoming mail. All messages are download to client for POP3 server.
IMAP – Internet Message Access Protocol
It allows user to download mail selectively current version is IMAP4.
SSH – Secure Shell
It is used to establish secure telnet session used to run programs on remote system. Log into other system and move files maintaining strong encrypt connection.
HTTPS – Hyper text transfer protocol secure
Allows browser and servers to sign authenticate and encrypt an HTTP message.
NTP – Network Time Protocol.
It is used to synchronize computer clock to some standard time source which is usually a nuclear clock.
SCP – Secure Copy Protocol
It used SSH to establish and maintain an encrypted connection between host. The file transfer can then take place without fear of password or data interception.
LDAP – lightweight directory access protocol
It keeps track of user and resources. It allows clients to perform objects lookups with a directory using standard method.
IGMP – Internet Group Management Protocol.
It is used to manage IP multicast sessions. It keeps a track of group membership and active multicast streams.
Transport Layer Protocols
TCP – Transmission Control Protocol
It serves to ensures a reliable verifiable data exchange between a host on a network. It breaks Data into pieces, wraps the needed information; it numbers and sequences each segment so that destinations TCP can put the segment back in order. It is a full duplex connection oriented reliable and accurate protocol. Check the flow control. Error detection.
UDP – User Datagram Protocol
It is connectionless, unreliable protocol. It adds port addresses and error control information to data and deliver the data. It is faster than TCP.
Network Layer Protocol
IP – Internet Protocol
It is connectionless protocol. It does not establish end to end connection before transmission. It’s only job is to route the data to destination.
ARP – Address Resolution Protocol
It finds the hardware (MAC) of a host from a known IP address.
RARP – Reverse Address Resolution Protocol
It is a protocol which finds IP address from its MAC address. It is used by a diskless machine to request for IP address by DHCP server from its address.
Proxy ARP – It is used to allow redundancy in case of a failure with the configured default gateway on a host. Proxy ARP is a variation of a ARP protocol in which an intermediate device such as a router sends a ARP response on behalf of an end node to requesting host.
ICMP – Internet Control Message Protocol
It provides a method for communicating error message and other transmission information. They are (ICMP packets) encapsulated within IP datagram.
Generates four messages
1. Destination Host unreachable – If router or device is unable to deliver IP packets to destination in this case it discards the original packets
2. Network unreachable – When packet fails to reach destination.3. Host unreachable – When packet fails if subnet is wrong.4. Protocol unreachable – When destination does not support upper layer protocol.5. Port unreachable – When TCP socket is not available.
Echo Request Message – It checks whether another device is reachable or not.Request Message – ICMP redirect requires address of only one router to forward packet for efficient routing.
Time exceeded Message – Router sent IP packet when time reaches zero it discard original packet after time out.
Cisco Model
This model consists of 3 functional layer
1. Core layer2. Distribution layer3. Access layer
Core layer – This main layer is responsible for fast, reliable communicating of data across network. It reduces latency time in delivery of packets.
Factors
1. High data transfer rate 2. Low latency period 3. High reliability
Distribution layer – This layer is used for routing and managing network traffic, manipulates packets by queuing.
Factors
1. Packets filtering – regulates packet by source and destination address.2. Access layer aggregation point – serves as aggregation point.3. Control Broadcast and multicast – serves as boundary and multicast domains.4. Application gateways – create protocol gateways to from network architecture.5. Implementing Security and network policies.
Access layer – Ensures that packets are delivered to destination, allows workgroup and user to utilize services provided by distribution layer and core layer.
Functions
1. Address filtering – allows selected system to access LAN. 2. Separate collision domains – creates collision domain for each node.3. Share bandwidth – enable network to handle all data.4. Handle switch bandwidth – perform load balancing.
IP Addressing
It is a numeric identifier assigned to a machine over the network.
IP terminology
1. Bit – Digit either 0 or 1 2. Byte – It is a pair of 8 bits.3. Octet – an octet is made up of 8 bits 4. Network address – It is used in routing to send packet to a remote network.5. Broadcast Address – It is used by application and host to send information to all nodes on a
network.
IP has two version (Ranging from 0 to 15)1. IP version 4 binary
2. IP version 6 hexadecimal
IP version 4 – It is of 32 bits divided into four sections through dot.
Classification of IP address
00000000.00000000.00000000.00000000 = 32 bits
Class A 1 to 126 8 bit network bits 24 bits host bits
10.0.0.0 to 10.255.255.255 private address
127.0.0.0 – 127.255.255.255 loopback address used for testing
0 and 1 bit is reserved 2 ^7 = 128 – 2 = 126 network
Class B 128 – 191 16 bit network 16 bit host bits
172.16.0.0 – 172.31.255.255 private address
1,0 two bits are reserved 2 ^ 6= 64 networks
Class C 192 -223 24 bit for network 8 bit host bits
192.168.0.0 – 192.168.255.255 private
1,1,0 three bits are reserved 2^5 = 32 network
Class D 224 – 239 used for multicast
1,1,1,0 four bits reserved 2^4 =16network
Class E 240 – 255 used for experiment
1,1,1,1,0 – 5 bit reserved 2 ^3 =8 network
Subnetting – Used in IP networks to break up larger network into smaller subnet.
Supernetting – When we increase number of host bits
APIPA – 169.254.0.0
Public address – routable IP address are known as public address
Private address – non routable IP addresses are known as private address.
Subnet mask – It defines the network portion of the octet and which belongs to host.
Loads of reasons in favour of subnetting
1. Reduced network traffic
2. Optimized network performance 3. Simplified management 4. Facilitated spanning of large geographical distance.
Subnet Mask
Class A 255.0.0.0
Class B 255.255.0.0
Class C 255.255.255.0
CIDR – Classless Inter Domain Routing
It allows a group of IP network to appear to other network as a unified larger entity.
CIDR values
255.0.0.0 /8 255.128.0.0/9
255.192.0.0/10 255.224.0.0/11
255.240.0.0/12 255.248.0.0/13
255.252.0.0/14 255.254.0.0/15
Router – It is network devices that allow directing data traffic to an appropriate destination. They use routing table to decide route of data. Join multiple network using different protocols. Operate at network layer.
Functions of router
1. Provide traffic management 2. Don’t pass broadcast traffic 3. Connect different network segment
Types of router memory
DRAM – Dynamic RAM
Main storage memory for router. It contains dynamic configuration information. It stores a copy CISCO IOS
Non – volatile RAM
It contains a backup copy of configuration for restoration
Flash Memory
It contains copy of CISCO IOS. It is erasable and programmable.
Router components
1. Processor – It executes IOS commands it uses two types of processors like Motorola 68030, Orion. It makes routing decision and maintains routing tables. It requires access to memory to get data for making routing decisions ( to get instruction for execution)
2. ROM - non volatile storage device which decides boot process of router. 3. Post – power on self test
It provides a series of diagnostic test for router in reverse numerical order.4. Bootstrap program – It is rom monitor component that allows you to initialize the processor
hardware when router boots. It loads IOS image for router with the help of configuration register.
5. Configuration register – It is a file that decides the boot mode for ios image.
Function of Bootstrap
Verifies configuration (file) register value
Check NVRAM for boot system commands in startup configuration file.
Mini IOS – it provides an alternate file for router boot up if IOS unavailable.
ROM monitor
It is a program stored in ROM which is used to debug user program.
RAM – It consists of active IOS image that is loaded when the router boots. It stores active configuration files, routing tables and information in input and output buffers of router interface.
Flash - A non-volatile storage medium which contains IOS image through which router boots.
NVRAM – It stores configuration files for router and startup files.
Router boot sequence ********
1. It performs POST to test hardware and memory 2. Bootstrap program is loaded from ROM and execute.3. Load IOS image from specified location (flash/RAM/TFTP server) 4. Locates hardware and software components of router and display list of component on console.5. Executes configuration commands which begins routing processes on router and provide IP
address to router interfaces.
IOS – internetwork operating system
It provides an interface between user and hardware i.e. network devices and user. It is an assembly of commands and functions that allows you to run network device. It allows us to work and configure those commands.
Features of IOS
1. Support different technologies – supports data link layer technologies such as LAN and WAN copper and fibre wiring.
2. Scalability – support different platform so that hardware could be changed without affecting the performance.
3. Security – it enables to control access to network using different security policies.
Ports Console port – used to configure router locally it has 8 pin RJ45 connector connected with
system through rollover cable. Auxiliary port – connects modem to router through straight cable.
Command line interface
Allows manual configuration of router through text based interface. It can be directly accessed through console port.
Router has three modes.
1. User Exec mode 2. Privileged Exec mode3. Configuration mode
User Exec mode – used to check the router status and switch to different modes.
To enter in privileged mode
Router > prompt appears
Router > en
And privileged mode appears as
Router #
Privileged mode – to Executes higher level commands such as security and configuration setting.
To switch to user mode
Router # disable
Configuration mode – it allows you to executes configuration commands for router.
Router # config terminal
Router (config)
To exit from configuration mode ctrl + z
Return to user mode directly exit
Router configuration – It can be done in 3 ways
1. Using security device manager – starts automatically2. Using command line – manual configuration 3. Using setup mode – enables to configure host name, password etc.
Name ways to access prompt
User exec mode access through cable or auxiliary port >
Privilege mode type enable on user mode to check all the configuration #
Mode on router
Global configuration type config-t on privilege exec mode to make changes on (config)#
mode Router configuration.
Interface configuration it is used to make changes on whatever part either it is serial (config-if)#
Mode or fast ethernet to give shutdown or No shutdown the interface
Line configuration if you want to apply password security on different lines. This (config-line)#
Mode configuration mode.(line vty-virtual terminal, AUX, console)
Router configuration if we are going to configure dynamic routing protocols then (config-router)#
Mode this mode comes in existence.
CLI prompt
Interface – to make changes to an interface you use interface command from global configuration mode
Router(config) interface ?
Fast ethernet – fa
Serial – s
Loopback – loopback interface
Router (config)# interface fast ethernet 0/0
Router (config-if)#
Sub-interface – it allows you to create a logical interface within the router
Router (config-if) # interface f0/0.1
Router (config-subif)#
Line commands – to configure user mode password use the line command.
Router (config-line)# any command entered from here is called sub-command
Routing protocol configurations
To configure running protocol such as rip and eigrp
Router (config-router)#
Router# config t
Router (config) #router rip
Router (config-router) # version 2
Router (config-router) #
Banners – it manages displayed to all user when they access the router through telnet console and auxiliary port.
Note – # is used at end at end of banner to indicate it is required it is finished
It is of 4 types
Message of day banner – displayed to all user accessing it through console, telnet or auxiliary port.
Syntax : banner motd [delimiter]
Delimiter character such as comma, fullstop, character or numeric values.
Exec process creation banner – displayed when you create an EXEC process. It can be a line activation or incoming connection to vty (virtual terminal) line.
Incoming terminal line banner – displayed on terminal that use reverse telnet [in this session is initiated by host computer for its user]
Log in banner – it is configured to displayed on all terminals connected to router it can be viewed after MOTD banner and before the log in prompt.
To disable it – no banner login is used
Routing – it is the process of transferring data from the source to destination. It determines the best path for packets from one device and sends it through the network to other device.
Minimum requirement for routing
1. Destination address 2. Neighbour routers from which it can learn about remote networks3. Possible routers to all remote network4. The best route to each remote network 5. How to maintain and verify routing information
Goals of routing
Stability- Information or packets are routed by using optimal path. Provides with a robust network – while routing protocols take care of hardware failures, high
load conditions. Dynamic update of network paths – protocols are capable of updating the routing paths. Information is safe while transmitting by internetwork router.
There are 3 types of routing
1. Static routing 2. Dynamic routing 3. Default routing
Static routing – when we manual adds router in each router’s routing table is known as static routing. Its administrative distance is 1. It’s totally based on admin intervention.
In static routing we have to give the hop information of next hop.
Benefits of static routing
There is no overhead on router CPU which means you could buy a cheaper router.
There is no bandwidth usage between routers
It adds security because administrator can choose to allow routing access to certain network only.
Disadvantages
The administrator must really understand the internetwork and how each router is connected
Not feasible for large network
If network is added to a internetwork, the administrator has to add the route manually
Syntax
Ip route [destination –network][mask][next-hop-address or exit interface][AD] [permanent]
Ip route – command used to create the static route
Destination-network – network you are placing in routing table
Mask – subnet mask being used on network
Next hop address – the address of next hop router that will recieve the packets and forward it to remote network.
Exit interface – used in place of next hop address if you want and show up as a directly connected route.
AD- administrative Distance
By default static route have an administrative distance of 1
Permanent – if the interface is shut-down or the router cannot communicate to next hop router.
Configure IP address on interface E0 on router A
Router >en
Router #config t
Router (config) # hostname R1
R1(config)# int e0/0
R1 (config-if)# ip add 172.16.10.1 255.255.255.0
R1 (config-if)# no shut
R1 (config-if)# ip add 172.16.20.1 255.255.255.0
R1 (config-if)# no shut
Router B
Router >
Router # config t
Router (config)# hostname r2
R2 (config)# int e0/1
R2 (config-if)# ip add 172.16.20.2 255.255.255.0
R2 (config-if)#no shut
R2 (config-if)# ip add 172.16.30.1 255.255.255.0
R2 (config-if)# no shut
Static routing on router r1
R1 >en
R1 #config t
R1(config)#ip route <dest. Add> <mask> <gateway>
R1(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.2
Static routing on router r2
R1 >en
R2 #config t
R2(config)#ip route <dest. Add> <mask> <gateway>
R2(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.1
To disable static routing on r1
R1 #config t
R1 (config) # no ip route 172.16.30.0 255.255.255.0 172.16.20.2
Dynamic routing – It can be defined as the phenomena in which the routing protocols are assigned the job of finding the path to route the packets and update routing tables.
Routing protocol – It is defines the set of rules used by router when it communicates routing information between neighbours.
Two types of routing protocols
1. Interior gateway protocols 2. Exterior gateway protocols
Note – the major difference between static and dynamic is that we get redundancy in dynamic routing because we publish our own self interface network so that any network can reach in multiple ways.
Administrative Distance – it is used to rate the trustworthiness of routing information received on a router. Its range is between 0- 255.
If router receives two updates listing the same remote network the first thing the router checks is the AD.
Note- lower AD is preferred.
If two protocols have same AD then router uses metrics such as hop count, bandwidth, cost delay, load and reliability, to find best to route the packets to connected network.
Hop – the movement of a packet between any two network nodes.
Hop count – A routing metric that calculates the distance between a source and destination based on the number of routers in the path RIP employs hop count as its sole metric.
Bandwidth – The gap between the highest and lowest frequencies employed by network signals.
Cost – it is an arbitrary value, based on hop count, bandwidth or another calculation that is typically assigned by a network administrator and used by routing protocol to compare different routes through an internetwork.
Delay- the time elapsed between a senders initiation of a transaction and first response they receive the time needed to move a packet from its source to its destination over a path.
Load – Amount of data on the link.
Classes of routing protocols
1. Distance vector2. Link state 3. Hybrid
Distance vector – This protocols find the best path to a remote network by judging distance. The route with the least number of hops to the network is determined to be the best route.
RIP and EIGRP – classfull
Link state – It is called shortest path first protocols. Router create 3 separate tables.
1. It keeps track of directly attached neighbour.2. Determines the topology of entire internetwork.3. One is used as routing table.
1. OSPF and IS-IS - classless OSPF – It is an IP routing protocol that is completely link state. It sends updates containing the state of their own links to all other routers on network.
Hybrid – This protocol use aspects of both distance vector and link state for eg. EIGRP
Interior Gateway Protocols – It is used to route the packets inside an autonomous system (independent network system).
Protocols are
RIP – Routing Information Protocol.
OSPF – Open shortest path First
IGRP – Interior Gateway Routing Protocol
EIGRP – Enhanced Interior Gateway Routing Protocol
IS-IS – Intermediate system to intermediate system.
Exterior Routing Protocol – Protocols that communicate between two or more autonomous system.
Two exterior Routing Protocols are
EGP – Exterior Gateway Protocol
BGP – Border Gateway Protocol
Configure router A
R1 # config t
R1 (config) # router rip
R1 (config-router) # network 172.16.20.0
R1 (config-router) # network 172.16.10.0
R1 (config-router) # no shut
Configure router B
R2 # config t
R2 (config) # router rip
R2 (config-router) # network 172.16.20.0
R2 (config-router) # network 172.16.30.0
R2 (config-router) # no shut
Default Routing – We use default routing to send packets with a remote destination network not in routing table to the next hop router.
To configure a default route, we use wild card in the network address and mask location
To configure default routing of r1
R1# config t
R1(config)# ip route 0.0.0.0 0.0.0.0 172.16.20.2
To configure default routing of r2
R2# config t
R2(config)# ip route 0.0.0.0 0.0.0.0 172.16.20.1
Note – Max 2 default route is pointed in a single network.
RIP – Routing Information Protocol
It manages the exchange of routing table information among router to exchange their routing tables at a predefined interval.
RIP uses hop count to determine the best way to remote network.
Max. Allowable hop count of 15 by default
Efficient for small network.
RIP has 2 versions
RIP version 1
RIP version2
RIP version1 – It uses only classful routing which means that all devices in network must use same subnet mask. It does not send updates with subnet mask.
RIP version 2 – It sends subnet mask information with the route updates. It is classless routing.
Note – Both uses same administrative distance 120.
RIP timers
Route update timer – sets the interval (30 sec) between periodic routing updates in which the router sends a complete copy of its routing table out all neighbors.
Route invalid timers – determines the length of time that must elapse (180 sec) before a router determines that a route has become invalid.
Hold down timer – Sets the amount of time during which routing information is suppressed
Route flash timer – Sets the time between a route becoming invalid and its removal from routing table (240 sec).
Administrative Distance
Static route 1
RIP 1 & 2 120
Eigrp 90/170(internal / external)
IGRP 100
OSPF 110
Unknown 255
Configure router 1 dynamic
R1 # config t
R1 (config)# router rip
R1(config)# network 172.16.20.0
R1(config)# network 172.16.10.0
R1 (config) # no auto-summary
To configure router 2
R2 # config t
R2 (config)# router rip
R2(config)# network 172.16.20.0
R2(config)# network 172.16.30.0
R2 (config) # no auto-summary
RIP version 2
Configure dynamic routing on router A
R1 # config t
R1 (config)# router rip
R1(config-router) # version 2
R1(config-router)# network 172.16.1.0
R1(config-router)# network 172.18.1.0
R1 (config-router) # no auto-summary
Configure dynamic routing on router B
R2 # config t
R2 (config)# router rip
R2(config-router)# version 2
R2(config-router)# network 172.16.1.0
R2(config-router)# network 199.1.11.0
R2 (config-router) # no auto-summary
Configure dynamic routing on router C
R3 # config t
R3 (config)# router rip
R3(config-router)# version 2
R3(config-router)# network 172.18.1.0
R3(config-router)# network 199.1.12.0
R3 (config-router) # no auto-summary
IGRP – Interior Gateway Routing Protocol
It is a cisco- proprietary distance vector routing protocol. Support cisco routers only at both ends. Uses bandwidth and delay for determining best route to an internetwork. Needs autonomous system (AS) for configuration
Dynamic routing of router A
R1 (config) # router igrp 10
R1 (config-router) # network 172.16.20.0
R1 (config-router) # network 172.16.10.0
Dynamic routing of router B
R2 (config) # router igrp 10
R2 (config-router) # network 172.16.20.0
R2 (config-router) # network 172.16.30.0
Dynamic routing of router A
R1 (config) # router igrp 10
R1 (config-router) # network 172.17.20.0
R1 (config-router) # network 199.1.10.0
R1 (config)# router igrp 20
R1 (config-router)# network 172.16.30.0
R1 (config-router)# network 199.1.10.0
Dynamic routing of router B
R2 (config)# router igrp 10
R2 (config-router)# network 172.17.20.0
R2 (config-router)# network 199.1.11.0
Dynamic routing of router C
R3 (config)# router igrp 20
R3 (config-router)# network 172.16.20.0
R3 (config-router)# network 199.1.12.0
EIGRP – Enhanced Interior Gateway Routing Protocol
It is classless, enhanced distance vector protocol that gives us a real edge.
It uses the concept of autonomous system.
It works on path calculation based on five metrics.
Bandwidth
Load
Delay
Reliability
MTU – Maximum Transmission Unit
Autonomous System – A group of networks under mutual administration that share the same routing methodology. As are sub-divided by areas and must be assigned an individual 16 bit number given by IANA.
Note – The best point in EIGRP is that when any changes occur in any network then it releases its update.
EIGRP uses following table for route discovery.
Neighbour Table – stores the condition of directly connected neighbour and new neighbour.
Topology table – store the advertisements of destinations by the neighbour which consists of destination address the neighbour that are linked with destination.
Route Table – router that helps to make the routing decisions are stored in route table.
Successors – path with the best metric as compared to all other paths.
Feasible Successors – it is a backup route and is stored in topology table. A successor route is stored in topology table and is copied and placed in routing table.
Troubleshooting commands
Show ip route – shows the entire routing table
Show ip route eigrp – shows only eigrp entries
Show ip eigrp neighbour – show all eigrp neighbour
Show ip eigrp topology – show entries in eigrp in topology
Debug eigrp packet – hello packets sent / receive between adjacent router.
Debug ip eigrp notification – show eigrp changes and updates as they occur in your network.
Features of EIGRP
Supports for multiple autonomous system numbers on a single router.
Support VLSM
Sends subnet mask information in routing updates
Supports discontinuous network
Supports summarization of router connected to reduce size of routing table.
OSPF – Open Shortest Path First
It is a link state routing protocol. Updates the routing table only when network changes occur.
Its work is based upon area system. All areas are connected to area 0 which is backbone area. In each area there are 50 router supported.
Features
Consists of areas and autonomous system
Minimizes routing update traffic allows scalability
Supports VLSM/CIDR
Has unlimited hop count
Allows multi-vendor deployment
OSPF hierarchy design
Autonomous system – Sets the networks grouped together with a common administrative control
Areas – A logical, rather than physical sets of segments along with their attached devices. Areas are commonly connected to other using routers to single autonomous system.
Backbone Area – The basic portion of network that provides the primary path for traffic sent to and initiated from the other network.
Area border router – (ABR) – An OSPF router that is located on border of one or more OSPF areas. ABR’s are used to connect OSPF areas to OSPF backbone.
Stub Area – An OSPF area carrying a default route, intra area routes and inter area routes but no external routes. It does not have multiple exit point only single area border router is connected to stub area.
ASBR- Autonomous system boundary router
An area border router placed between an OSPF autonomous system and non-OSPF network that operates both OSPF and an additional routing protocol such as RIP.
OSPF Terminology
Link – A router that is connected to the network and uses OSPF as its routing protocol is defined as link.
Router ID – The IP address that identifies the router is called router ID.
Neighbour - When two or more router are connected physically with the help of an interface such as a serial or fast ethernet are termed as neighbour.
Adjacency – it is a relationship between two OSPF router that permit the direct exchange of route updates.
Hello Protocol – The protocols that are sent by the routers to discover and preserves the relationship with the neighbours. The protocols along with link state advertisement (LSA) update the topological database.
Neighbourship Database – It is a list of all OSPF routers for which hello packets have been sent.
A variety of details including the router ID and state are maintained on each router in this database.
Topological database – It contains information from the entire link state advertisement packet that have been received for an area. Router uses the information from the topology database as input into algorithm that computes the shortest path.
Designated Router – These are decided hello protocols when two or more OSPF router attempt to access the same multi-access networks. These networks have more than one recipient. It reduces the number of adjacencies in multi-access network and reduces routing protocol traffic and topological size.
BDR – Backup Designated Router
The router used as an alternative for DR.
Broadcast (multi-access) – It allows multi devices to connect to same network as well as provide a broadcast ability in which a single packet is delivered to all nodes on the network.
Non-broadcast multi-access – These networks allow for multi-access but have no broadcast ability. So these networks require special OSPF configuration to function properly and neighbour relationship must be defined.
Point to point – When two routers are connected directly using a serial cable and packets are terminated using a single communication path.
Point to multi-point – When a router is connected to multiple routers using a single interface.
Configure an OSPF
Syntax
Router ospf process_id
Network ip_add wildcard mask
Area area_#
Process_id – provides a unique identification to OSPF processes running on router.
IP _address – specifies the IP address of OSPF area interface.
Wildcard mask – provides specification to router regarding part of address that should match.
Area – Specifies area where the address on the router belongs
Router R1
R1 (config) # router ospf1
R1 (config-router) # network 192.168.10.64 0.0.0.7 area 0
R1 (config-router) # network 10.255.255.80 0.0.0.3 area 0
Router R2
R2 (config) # router ospf1
R2 (config-router) # network 192.168.10.48 0.0.0.7 area 0
R2 (config-router) # network 10.255.255.80 0.0.0.3 area 0
R2 (config-router) # 10.255.255.0 0.0.0.3 area 0
Router R3
R3 (config) # router ospf1
R3 (config-router) # network 192.168.10.16 0.0.0.7 area 0
R3 (config-router) # network 10.255.255.8 0.0.0.3 area 0
Router R1
R1 (config) # router ospf20
R1 (config-router) # network 172.16.10.0 0.0.0.255 area 0
R1 (config-router) # network 172.16.20.0 0.0.0.255 area 0
Router R2
R2(config) # router ospf20
R2 (config-router) # network 172.16.20.0 0.0.0.255 area 0
R2 (config-router) # network 172.16.30.0 0.0.0.255 area 0
Or
Router1
R1 (config) # router ospf 20
R1 (config-router) # network 172.16.0.0 0.0.255.255 area 0
Router 2
R2 (config) # router ospf 20
R1 (config-router) # network 172.16.0.0 0.0.255.255 area 0
Wildcards: Indicates that the corresponding octet in the network must match exactly 255 indicates that you don’t care what the corresponding octet is in the network number.
Just the opposite of subnet mask
Block Size – 0, 3, 7, 15, 31, 63
Loopback – These are logical interface which are virtual. It ensures that an interface is always active for ospf processes.
Advantages of loopback
Used for diagnostic purposes
Highest IP address on router will become that router’s RID which is used to advertise the routes as well as elect DR and BDR.
Configuration
R1 (config) # int loopback 0
R1 (config-if) # ip add 192.168.90.1 255.255.255.0
R1 (config) # int loopback 1
R1 (config-if) # ip add 192.168.80.1 255.255.255.0
R1 (config) # int loopback 2
R1 (config-if) # ip add 192.168.70.1 255.255.255.0
R1 (config-if ) # no shut
OSPF
AD – Administrative Distance 110
DR – Designated Router
Any network changes in area are maintained by DR.
Access-list – A set of test conditions kept by routers that determines interesting traffic to and from the router for various services on the network.
Or
It is a set of commands, which are grouped together to filter traffic that enters or leaves an interface.
It allows the administrator to deny or permit traffic that enters the interface.
Functions of ACL
1. Reduce network traffic and increase the network performance.2. Control the flow of traffic in the network by limiting the routing updates.3. Provides security for network access.4. Make decision about the type of network to be forward or restricted on an interface.
Inbound list – Filters the traffic as it enters the interface.
Outbound access list – Filters the traffic before it leaves the interface.
Types of ACL
1. Standard ACL2. Extended ACL 3. Named ACL
Standard Access List – These use only the source IP address in an IP packet no destination address. It basically permits or deny suite of protocols.
Extended Access List – These use source destination IP addresses to filter the packets. This gives extended access list the ability to make much more granular decision which controlling traffic.
Names Access List – these are either standard or extended but they are referred by names.
Standard Access List
Access List – are differentiated using a number.
1-99 IP standard access list
100-199 IP extended access list
1100-1199 extended 48 bit MAC address list
1300-1999 IP standard access list (expanded range)
200-299 protocol type code access list
2000-2699 IP extended access list (expanded list)
700-799 48 bit MAC address access
Syntax – standard access list
Deny – specify packets to reject
Permit – specify packets to forward
Remark – access list entry comment
R1 (config)#access-list 10 deny 172.16.10.0 0.0.0.255
R1 (config) # access-list 20 permit <source> <wildcard mask>
Log into the router
Switch to privilege mode
Configuration mode
Router > en
Router (config) # hostname r2
R2 (config) # access-list1 deny 192.168.10.10 0.0.0.255
R2 (config) # access-list1 permit 192.168.10.10 0.0.0.255
R2 (config) # interface ethernet 0/0
R2 (config-if) # ip access-group 1
R2 (config-if) # exit
R2 (config) #
Syntax
Access-list 1-99 permit/deny source-address wildcard
199.1.11.0 Cannot access network 199.1.12.0 but can still access by the rest of network
# Config t
# access-list 10 deny 199.1.11.0 0.0.0.255
# access-list 10 permit any any
# Int fa0/0
# Ip access-group 10 out
# 199.1.11.12.0 but can still access by the rest of network and host
# Config t
# access-list 10 deny 199.1.11.2 0.0.0.0
# access-list 10 permit any any
# int fa0/0
# ip access-group 10 out
R2 # config t
R2 (config) # access-list 10 permit any any
R2 (config) # interface ethernet 0
R2 (config-if)# access-group 10 out
Extended ACL
Syntax
Access-list <100-199> permit/deny
Ip_protocol source-address source-wildcard log
Router r2
R2 (config) # access-list 131 deny tcp 192.168.70.10 255.255.255.0 202.197.47.1 255.255.255.0
R2 (config) # access-list 131 deny tcp 192.168.50.10 255.255.255.0 202.197.47.1 255.255.255.0
R2 (config) # int s0/1
R2 (config) # ip access-group 131 out
Switching
Switch – It is a device responsible for multiple functions such as filtering flooding and sending frames. It works using destination address of individual frames. Operates at data link layer.
Features
It creates private dedicated collision domain.
Provides independent bandwidth on each port.
Layer 2 switching provides
1. Hardware base bridging 2. Wire speed 3. Low latency low cost
Bridging Vs switching
1. Bridges are software based – switches are hardware 2. Switch is a multi port bridge 3. Both forward layer 2 broadcast
4. Both learn MAC address by examining the source address of each frame received.
Functions of switch at layer
Address learning – they remember the source hardware address of each frame received on interface and enter this information into MAC data called forward/filter table.
Forward/filter decision – When a frame is received on interface the switch looks at the destination hardware address and finds exit interface in MAC address. The frame is only forwarded out the specified destination port.
Loop avoidance – If multiple connections between switches are created for redundancy purposes, network loops can occur STP [spanning tree protocol] is used to stop network loops while still permitting redundancy.
WAN Process
WAN connection types
1. Dedicated line – ISDN These are point to point dedicated connection. A leased line is a pre established WAN communication path that goes from customer premises equipment through DCE switch then over to CPE of remote site.
2. Circuit switching – telephone Used with dial-up networks such as PPP and ISDN. Passes data but needs to set up the connection first.
3. Packet-switching – frame relayDividing a continuous of data into small unit’s packets enables data from multiple devices on network to share communication channel simultaneously but also requires the use of precise routing information.
4. Cell switching – ATM In ATM networking the basic unit data for switching and multiplexing. Cells have a defined of 53 bytes including a 5 byte header that defines the cells data stream and 48 bytes of payload.
ISDN – Integrated service digital network
It is a set of digital services that transmit voice and over existing phone line at a high speed (64 kbps).
Features
1. Speed 2. Multiple device support – allows multiple device on single line.3. Inexpensive
ISDN supports two type of connection
1. BRI – Basic Rate Interface 2. PRI – Primary Rate Interface
BRI – It consists of two channels and one channel.
B channel – 64 kbps
D channel – 16 kbps
PRI – It consists of 23 B channel and one D channel B channel – 64 kbps D channel -
Used in North United States
23 B channels
1 D channel
Total bit rate 1.544 mbps
Used in Europe and Australia
30 B channels
1 D channel
Total bit rate 2.048 mbps
Frame-relay
It is a protocol used connecting devices on WAN. Operate at data link layer providing a connection-oriented network. A DLCI data link connection identifier is used for finding a communication path between source and destination nodes.
Frame relay is configured on serial interface. Its default speed is up to 56 kbps.
Component of frame relay
Data terminal equipment – connects a computer to WAN with the help of DCE DTE is end user equipment such as router or computer.
A device where a communication path begins or ends is called DTE.
Data communication equipment (DCE) – creates a physical connection between over a network. It is responsible for forwarding traffic and transferring data between computers eg. Modem
Important Terms
DLCI – Data Link connection identifier
It is a frame relay header which is used to map router. It is a 10 bit number.
CIR – Committed information Rate
The maximum bandwidth of data guaranteed to be delivered by an ISP to customer.
Note – If any organization or customer wants more bandwidth apart from default whatever conjunction remains in network he needs to pay more to ISP.
LMI – Local management Interface
It is clocking and switching signalling standard between services provides and customer end devices.
Or
It is signalling standard used between your router and the first frame relay switch it’s connected to.
It allows for passing information about the operation and status of virtual circuit between ISP and customer device.
Virtual circuit
A logical circuit device to assure reliable communication between two devices in a network. These circuits are what link together the thousands of devices connected to provide cloud.
Router R1
R1 (config) # int s0
R1 (config) # encapsulation frame-relay
R1 (config-if) # exit
R1 (config) # int s0.1 point-to-point
R1 (config-subif) # ip add 192.168.1.1 255.255.255.0
R1 (config-subif) # frame-relay interface dlci 102
R1 (config-subif) # frame-relay interface dlci 104
R1 (config-subif) # exit
R1 # wr
Router R2
R2 (config) # int s1
R2 (config-if) # encapsulation frame-relay
R1 (config-if) # exit
R1 (config) # int s1.1 point-to-point
R1 (config-subif) # ip add 192.168.1.2 255.255.255.0
R1 (config-subif) # frame-relay interface dlci 201
R1 (config-subif) # frame-relay interface dlci 204
R1 (config-subif) # exit
R1 # wr
NAT – Network Address Translation
It is a process of converting private of IP address into public IP address. It is a standard that allows LAN to operate with a single IP Address when connected to internet. It hides the IP address of private network.
Types of NAT
1. Static NAT 2. Dynamic NAT 3. NAT overload PAT
Static NAT – It allows one to one mapping between local and global addresses.
Dynamic NAT – It allows pool of public IP address to convert in many private addresses.
PAT – Port Address Translation
This process allows a single IP address to represent multiple resources by altering the source TCP or port number.
Terminology
Inside Local – name of inside source address before translation.
Outside Local – name of destination host before translation.
Inside global – name of inside host after translation.
Outside global – name of outside host after translation.
Configuration commands
Access list – It defines standard IP access list for inside network.
IP NAT pool – It defines an IP NAT pool for inside network.
IP NAT inside source list pool – Maps the access list to IP NAT pool.
IP NAT outside source pool – It defines mapping between access list and outside local pool.
IP NAT inside source static – It defines the addresses when using static address translation for local addresses.
IP NAT [ inside 1 outside] – It enables NAT on at least one inside and one outside interface.
IP NAT inside destination list pool – It defines mapping between the access list and real host pool.
Static NAT configuration
# ip nat inside source local_ip global_ip
# int e0
# ip nat inside
# exit
NAT_router # configure terminal
NAT router (config) # ip nat inside source static 192.168.50.10
# interface serial 0/1
# ip nat inside
# exit
NAT_router (config) # int serial 0/0
(config-if) # ip nat outside
(config-if) # exit
Nat (config) # ip nat source static 10.1.1.1 170.46.2.2
Nat (config) # int e0
Nat (config-if) # ip add 10.1.1.10 255.255.255.0
Nat (config-if) # ip nat inside
Nat (config-if) # exit
Nat (config) # int s0
Nat (config-if) # ip add 170.46.2.1 255.255.255.0
Nat (config-if) # ip nat outside
Nat (config- if) # exit
Dynamic configuration
Syntax
# ip nat pool pool_name start_ip end_ip
# ip nat inside source start_ip end_ip
# int e0
# ip nat inside
#exit
R2 (config) # ip nat pool airtel 170.16.13.19 170.16.13.32 255.255.255.0
R2 (config) # ip nat inside source192.168.1.0 192.168.1.254
R2 (config) #int e0
R2 (config-if) #ip nat inside source list 1
R2 (config-if) #exit
R2 (config)# access-list 1 permit 192.168.1.0 0.0.0.255
PAT – Port Address Translation
Configuration
Note – To configure PAT delete dynamic NAT configuration using clear command
Nat (config) # clear ip Nat translation
Nat (config) # no ip nat pool globalnet 172.168.50.10 172.168.50.50 netmask 255.255.255.0
Nat (config) # ip nat pool patpool 172.168.50.100 172.168.50.100 netmask 255.255.255.0
Nat (config) # access-list 1 permit 10.0.0.0 0.0.0.255
Nat (config) # access-list 1 permit 10.1.1.0 0.0.0.255
Nat (config) # access-list 1 permit 10.1.2.0 0.0.0.255
Nat (config) # ip nat inside source list 1 pool patpool overload
VLAN – Virtual Local Area Network
It is a logical LAN. It defines a
a logical subnet is a group switch ports assigned to same VLAN regardless of their physical location in a switched network.
VLAN is a group of network devices that behave as they are connected to a single network segment.
Devices in single VLAN can share resources and bandwidth.
This reduces the traffic on network but every
needs to have separate network number.
Features of VLAN
1. Broadcast control – we can create individual networks and direct the messages or data to the host connected to the specific VLAN.
2. Security – It allows you to create and regulate independent networks or broadcast group which control ports to prevent unauthorized access of network.
3. Flexibility and scalability – it allows us to construct groups or networks connected to a switch or group of switches and we can modify the group by adding or deleting user.
Types of VLAN
End to end VLAN – members can reside on different switches. They are assigned to VLAN based on functions or workgroup rather than location.
Local VLAN – Host are assigned to VLAN based on their location.
VLAN membership can be assigned through
1. Static 2. Dynamic
Static VLAN – manually configured port by port.
Administrator decides which broadcast domain the host shall be connected and also to which VLAN these hosts shall belong.
Note- IP address of host should belong to network address of its respective VLAN.
Dynamic VLAN – Switches are assigned to VLAN automatically. It is based on number of host connected to switch. In this administrator needs to store the devices MAC address through VMPS- VLAN management policy server that maps MAC to VLAN.
Static VLAN
Switch > en
Switch # config t
Switch (config) # int fa0/1
Switch (config-if) # switch_port mode access
Switch (config-if) # switch_port access VLAN 12
Dynamic VLAN
Switch > en
Switch #config t
Switch (config) # int fa0/1
Switch (config-if) # switch_port mode access
Switch (config-if) # switch_port access VLAN dynamic
Switch (config-if) # vmps server ip address.
Trunking
Trunk links – it is a link of 100 or 1000 mbps point to point link between two switches it carries the traffic of multiple VLANs.
There are two options for trunking VLAN traffic between switches
1. ISL
2. 802.1 Q
ISL –inter switch link
It is a way of explicitly tagging VLAN to be multiplexed over a trunk link through external encapsulation. It allows the switch to identify VLAN membership of a frame over the trunk link.
IEEE 802.1 Q (supports ethernet & token ring)
It is a standard method of frame tagging. It inserts a field into the frame immediately after source MAC to identify VLAN.
VTP – VLAN trunking protocol
These are used to manage all configured VLANs across a switch. It allows to add delete and rename VLAN information that propagates across all switches configured in VTP domain.
Features of VTP
1. Consistent VLAN configuration across all switches in network.2. Supports ethernet ATM or FDDI networks 3. Accurate tracking and monitoring of VLANs 4. Dynamic reporting of added VLAN to all switch in a VTP domain.5. Plug and play VLAN adding.
VTP modes
Switches support one of three VTP
1. Client 2. Server3. Transparent
1. Client Mode – Switches receive information from VTP servers but they also send and receive updates. They cannot create change or delete VLAN.
2. Server Mode – This is default mode for all catalyst switches. It need at least one server in VTP domain switch can create add or delete VLAN in VTP domain.
3. Transparent – Switches don’t participate in VTP domain or share its VLAN database but they still forward VTP advertisement s through any configured trunk links. They create modify and delete VLAN and keep their own database.
VTP pruning
It ensures that there is no VLAN traffic sent across a trunk link which does not participate in VLAN network. It pressure bandwidth by configuring it to reduce the amount of broadcast, multicast and unicast packet.
VTP configuration
Switch( config) # vtp mode server
Switch (config) # vtp domain domain_name
Trunk link configuration
Ports can become trunk through static and dynamic registration using DTP (dynamic trunking protocol)
Switch modes
1. Access – The port is user a port in a single VLAN.2. Trunk – The port negotiates trunking with the port on the other end of link.3. Non-negotiate – The port is a trunk and does not do DTP negotiation with other side of link.4. Dynamic Desirable – Actively negotiates trunking with other side of the link. It becomes a trunk
dynamic desirable or dynamic auto mode.5. Dynamic Auto – Passively waits to be contracted by the other switch. It becomes a trunk if other
end is set to trunk or dynamic desirable mode.
Configuration ISL Trunks
To configure an ISL trunk
Switch (config-if) # trunk on
Trunk has 5 option
1. ON 2. OFF 3. Auto
4. Desirable 5. Non-negotiates
Configuration VLAN
Switch (config) #VLAN 10
Switch (config-vlan) # name sales.
To modify name
Switch (config) # vlan 10
Switch (config-vlan) # name sales_group 10
To add port
Switch (config-if) # switch_port access vlan 10
Verification commands
Show vtp status – to verify vtp configuration
Show interface gigabit ethernet 0/2 – switch verify trunks
Show vlan – verify vlan
Show spanning- tree vlan 10 – verify stp configuration
THE INTERFAZE= = EXCELLENCE IN IT/CISCO TECHNOLOGY = =
www.howtonetwork.net
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Name ___________________________________________________________ Mob. No._____________________________________
E-Mail ID_________________________________________________________Contact No.___________________________________
Academic Credential (with Stream) BE(IT) / BE(CS)/ BE(EC)/ BE(E & Ex) Year/Semester
BCA/ MCA/ BSc(IT)/ MSc(IT)
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1. Do you have any knowledge of Internetworking Technologies such as CISCO, Juniper, AVAYA, NORTEL, Check Points? If yes, Please specify.
________________________________________________________________________________________________________________
2. Do you know the degree of importance if you have these vendor specific International Certifications additional to college degree?
________________________________________________________________________________________________________________
3. Please mark under mention Vendor Specific Certification, if knows about that: apologies
Professional Level
(a) CCNP (Routing & Switching) (b) CCNP(Security)/ CCSP
(c) CCNP (Voice)/CCVP (d) CCNP (Service Provider)/ CCIP
(e) Check Point Engineer/ Professional
Expert Level
(a) CCIE (Cisco Certified Internet Expert) Routing & Switching(b) CCIE (Cisco Certified Internet Expert) Security(c) CCIE (Cisco Certified Internet Expert) Voice over Internet Protocol
(d) CCIE (Cisco Certified Internet Expert) Internet Service Provider(e) CCIE (Cisco Certified Internet Expert) Wireless(f) CCIE (Cisco Certified Internet Expert) Storage Area Network
Specialization
(a) Firewall Specialist (PIX/ASA/Juniper Netscreen/ Fortigate)(b) Identity Management Specialist (AAA)(c) Virtual Private Network (IP Sec, GRE/GRE over IP Sec, GET, DM VPN, Remote VPN, SSL(d) Advanced BGP & MPLS(e) VMware(f) Sunsolaries & Veritas(g) Ethical Hacking(h) IPS/IDS
Few basic term which IT/CS/EC Students must know. Please try to recall your memory and try following questions :
4. You know the concept of TCP/UDP and all protocols comes under Internet Protocol Stack. Which is the fast protocol, TCP or UDP and why?
____________________________________________________________________________________________________________________
5. IP Address may be defined as unique identity of the host. Now 224.0.0.10 is also IP Address. Can it be a unique identity of the host? Specify the class of IP Address mentioned in this question.
___________________________________________________________________________________________________________________
6. Expend the following :
(a) OSI , ISO, IOS (b) ICMP/IGMP
(c) CSMA CD/ CA (e) VLSM/CIDR
(f) IANA (g) Internet
(i) GRE (j) DNS
(k) FORTRAN/ REGEX (l) BGP/MPLS
6. Write the port number of following protocols and specify that they comes under TCP or UDP:-
(a) FTP - (b) HTTP - (c) NTP –
(d) DNS - (e) RADIUS - (e) RIP –
(f) Telnet - (g) SSL- (h) HTTPS-
(i) BGP –
7. Write down OSI Layers and arrange under mention protocol/ Devices in order of OSI Layer.
Router, Hub, HTTP, TCP, UTP Cat6 Cable, IP, Switch, L3 Switch, Spanning Tree Protocol, UDP, Power Point,
8. Fill in the balnks :
a) Protocol used to access web page from Web server with encryption _____________________
b) Protocol used to down load/upload files from server_________________________________
c) “C” language does not have its own commands to write program. It has to depend on ______________
d) Basic difference between symmetric and asymmetric encryption is -______________________________
e) One computing device with limited memory and Storage Capacity runs multiple task of different nature and multiple policies may be define for each context. The concept is called_____________________________ It’s very cost effective.
f) Operating System used to manage LAN and WAN are called __________________ & _______________ respectively.
9. Select the Routing Protocol : IPX, OSPF, Appletalks, BGP, SPX, EIGRP
10. We use Regular Expressions in computer program to obtain desired output. Interpret following Regular Expression :-
(a) \\ (b) * (c) *.ppt
11. Who is Governor of Madhyapradesh ?
12. Who won Vimbledon championship in Female ?
13. What are the top News stories today ?
14. List WAN Technologies which you knows ?
15. What is MAC Address ? MAC Address function on which layer of OSI ?
16. What is IP Address ? IP Address function on which layer of OSI ?
17. What is the difference between Astronauts and Cosmonauts?
18. Explain the function of RADAR? What is MTI and Doppler Effect?
19. Why you can see the sparkles of firecracker much before it’s sound ?
20. What is the deference between Virus and Worms?
Static and Dynamic NAT
Both static and dynamic NAT require that enough public addresses are available to satisfy the total number of simultaneous user sessions.
Static NATStatic NAT also called inbound mapping, is the process of mapping an unregistered IP address to a registered IP address on a one-to-one basis. The unregistered or mapped IP address is assigned with the same registered IP address each time the request comes through. This process is particularly useful for web servers or hosts that must have a consistent address that is accessible from the Internet.
Simply, Static NAT enables a PC on a stub domain to maintain an assigned IP address when communicating with other devices outside its network or the Internet.
Static NAT configuration commands example:
R1#config t
R1(config)#ip nat inside source static 10.10.10.2 212.165.200.123
R1(config)#interface fa0/0 10.10.10.1 255.255.255.0
R1(config)#ip nat inside
R1(config)#interface se0/0 192.168.1.1 255.255.255.0
R1(config)#ip nat outside
The above configuration creates a permanent entry in the NAT table as long as the configuration is present and enables both inside and outside hosts to initiate a connection.
All you need to do in static NAT configuration is to define the addresses to translate and then configure NAT on the right interfaces. Packets arriving on an inside interface from the identified IP addresses are subject to translation. Packets arriving on an outside interface addressed to the identified IP address are subject to translation.
Dynamic NATUnlike static NAT that provides a permanent mapping between an internal address and a specific public address, dynamic NAT maps private IP addresses to public addresses. Dynamic NAT uses a pool of public addresses and assigns them on a first-come, first-served basis. When a host with a private IP address requests access to the Internet, dynamic NAT chooses an IP address from the pool that is not already in use by another host. Dynamic NAT is useful when fewer addresses are available than the actual number of hosts to be translated.
Dynamic NAT configuration commands example:
R1#config t
R1(config)#ip nat-pool 179.9.8.80 179.9.8.95 netmask 255.255.255.0
R1 (config #ip nat inside source list 1 pool nat-pool1
R1 (config)#interface fa0/0 10.10.10.1 255.255.255.0
R1(config)#ip nat inside
R1(config)#interface se0/0
R1(config)#ip address 192.168.1.1 255.255.255.0
R1(config)#ip nat outside
R1(config)#access-list 1 permit 10.10.10.0 0.0.0.255
While static NAT provides a permanent mapping between an internal address and a specific public address, dynamic NAT maps private IP addresses to public addresses. These public IP addresses come from a NAT pool.
Note:
When configuring dynamic NAT, you need an ACL to permit only those addresses that are to be translated. Remember, you have to add an implicit "deny all" at the end of each ACL.
NAT Overload or PAT
NAT overload sometimes called PAT (Port Address Translation) maps multiple unregistered or private IP addresses to a single registered or public IP address by using different ports. This is what most home broadband routers do. Your ISP assigns an IP address to your router, but you find out that all the computers in the house could connect to the Internet at the same time.
PAT uses unique source port numbers on the inside global IP address to distinguish between translations
When a client logs on the Internet, the NAT router assigns a port number to its source address. NAT overload or PAT ensures that clients use a different TCP port number for each client session with a server on the Internet. When the server response, the client router routes the packet based on the source port number, which had become the destination port number. This process also validates that the incoming packets were requested, thus adding a degree of security to the session
NAT Overload Table
Looking at the figure above, NAT overload or PAT used unique source port numbers on the inside global IP address to distinguish between translations. As NAT processes each packet, it uses a port number to identify the packet source - 2333 and 1555 in the above figure -.
Inside Local IP Address Inside Global IP Address Outside Global IP Address Outside Local IP Address
10.10.10.2:1555 209.165.200.226:1555 209.165.201.1:80 209.165.201.1:80
10.10.10.3:2333 209.165.200.226:2333 209.165.202.129:80 209.165.202.129:80
* The source address (SA) is the inside local IP address with the assigned port number attached.
* The destination address (DA) is the outside local IP address with the service port number attached, in this case port 80: HTTP (Internet).
At the border gateway router (R1), NAT overload changes the SA to the inside global IP address of the client, again with the port number attached. The DA is the same address, but is now referred to as the outside global IP address. When the web server replies, the same path is followed but in reverse.