Networking Primer

IP Addressing

An IP address is a unique logical identifier for a node or host connection on an IP

network. An IP address is a 32 bit binary number, and represented as 4 decimal values of
8 bits each. The decimal values range from 0 to 255. This is known as "dotted decimal"
notation.

Example: 192.189.210.078

It is sometimes useful to view the values in their binary form.

192 .189 .210 .078

11000000.10111101.11010010.1001110

Every IP address consists of network identifier and node identifier. The IP network is
divided based on Class of network. The class of network is determined by the leading bits
of the IP address as shown below.

Address Classes
There are 5 different address classes. You can determine which class any IP
address is in by examining the first 4 bits of the IP address.

• Class A addresses begin with 0xxx, or 1 to 126 decimal.

• Class B addresses begin with 10xx, or 128 to 191 decimal.
• Class C addresses begin with 110x, or 192 to 223 decimal.
• Class D addresses begin with 1110, or 224 to 239 decimal.
• Class E addresses begin with 1111, or 240 to 254 decimal.

Addresses beginning with 01111111, or 127 decimal, are reserved for loopback and for
internal testing on a local machine. Class D addresses are reserved for multicasting. Class
E addresses are reserved for future use. They should not be used for host addresses.

Now we can see how the Class determines, by default, which part of the IP address
belongs to the network (N) and which part belongs to the Host/node (H).

• Class A: NNNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH
• Class B: NNNNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH
• Class C: NNNNNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH

In the example, 192.189.210.078 is a Class C address so by default the Network part of

the address (also known as the Network Address) is defined by the first three octets
(192.189.210.XXX) and the node part is defined by the last one octets
(XXX.XXX.XXX.078).

In order to specify the network address for a given IP address, the node section is set to
all "0"s. In our example, 192.189.210.0 specifies the network address for
192.189.210.078. When the node section is set to all "1"s, it specifies a broadcast that is
sent to all hosts on the network. 192.189.210.255 specifies the broadcast address.

Private Subnets

There are three IP network addresses reserved for private networks. The addresses are
10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. They can be used by anyone setting up
internal IP networks, such as an intranet. Internet routers never forward the private
addresses over the public Internet.

Subnet masking
Subnetting an IP Network is done primarily for better utilization of available IP address
space, and routing purpose. Other reasons include better organization, use of different
physical media (such as Ethernet, WAN, etc.), and securing network resources.

A subnet mask enables you to identify the network and node parts of the address. The
network bits are represented by the 1s in the mask, and the node bits are represented by
the 0s. A logical AND operation between the IP address and the subnet mask provides
the Network Address.

For example, using our test IP address and the default Class C subnet mask, we get:

192.189.210.078: 1100 0000.1011 1101.1101 0010.0100 1110 Class C IP Address

255.255.255.000: 1111 1111.1111 1111.1111 1111.0000 0000 Default Class C subnet

mask

192.189.210.0 1100 0000 1011 1101 1101 0010 0000 0000

As can be seen above, by using and AND operator, we can compute the network portion
of an IP address. The network portion for the IP address given in the above example is
192.189.210.0, and the host portion of the IP address is 078.

Given below is a table that provides binary equivalent of decimal values.

For binary conversion, take first octet of a given IP address (in dotted decimal form), and
lookup the binary value. Then take the second octet and lookup the binary value, and so
on.
Binary Conversion Table
Decimal Binary Decimal Binary Decimal Binary Decimal Binary
0 0000 0000 64 0100 0000 128 1000 0000 192 1100 0000
1 0000 0001 65 0100 0001 129 1000 0001 193 1100 0001
2 0000 0010 66 0100 0010 130 1000 0010 194 1100 0010
3 0000 0011 67 0100 0011 131 1000 0011 195 1100 0011
4 0000 0100 68 0100 0100 132 1000 0100 196 1100 0100
5 0000 0101 69 0100 0101 133 1000 0101 197 1100 0101
6 0000 0110 70 0100 0110 134 1000 0110 198 1100 0110
7 0000 0111 71 0100 0111 135 1000 0111 199 1100 0111
8 0000 1000 72 0100 1000 136 1000 1000 200 1100 1000
9 0000 1001 73 0100 1001 137 1000 1001 201 1100 1001
10 0000 1010 74 0100 1010 138 1000 1010 202 1100 1010
11 0000 1011 75 0100 1011 139 1000 1011 203 1100 1011
12 0000 1100 76 0100 1100 140 1000 1100 204 1100 1100
13 0000 1101 77 0100 1101 141 1000 1101 205 1100 1101
14 0000 1110 78 0100 1110 142 1000 1110 206 1100 1110
15 0000 1111 79 0100 1111 143 1000 1111 207 1100 1111

16 0001 0000 80 0101 0000 144 1001 0000 208 1101 0000
17 0001 0001 81 0101 0001 145 1001 0001 209 1101 0001
18 0001 0010 82 0101 0010 146 1001 0010 210 1101 0010
19 0001 0011 83 0101 0011 147 1001 0011 211 1101 0011
20 0001 0100 84 0101 0100 148 1001 0100 212 1101 0100
21 0001 0101 85 0101 0101 149 1001 0101 213 1101 0101
22 0001 0110 86 0101 0110 150 1001 0110 214 1101 0110
23 0001 0111 87 0101 0111 151 1001 0111 215 1101 0111
24 0001 1000 88 0101 1000 152 1001 1000 216 1101 1000
25 0001 1001 89 0101 1001 153 1001 1001 217 1101 1001
26 0001 1010 90 0101 1010 154 1001 1010 218 1101 1010
27 0001 1011 91 0101 1011 155 1001 1011 219 1101 1011
28 0001 1100 92 0101 1100 156 1001 1100 220 1101 1100
29 0001 1101 93 0101 1101 157 1001 1101 221 1101 1101
30 0001 1110 94 0101 1110 158 1001 1110 222 1101 1110
31 0001 1111 95 0101 1111 159 1001 1111 223 1101 1111

32 0010 0000 96 0110 0000 160 1010 0000 224 1110 0000
33 0010 0001 97 0110 0001 161 1010 0001 225 1110 0001
34 0010 0010 98 0110 0010 162 1010 0010 226 1110 0010
35 0010 0011 99 0110 0011 163 1010 0011 227 1110 0011
36 0010 0100 100 0110 0100 164 1010 0100 228 1110 0100
37 0010 0101 101 0110 0101 165 1010 0101 229 1110 0101
 38 0010 0110 102 0110 0110 166 1010 0110 230 1110 0110
39 0010 0111 103 0110 0111 167 1010 0111 231 1110 0111
40 0010 1000 104 0110 1000 168 1010 1000 232 1110 1000
41 0010 1001 105 0110 1001 169 1010 1001 233 1110 1001
42 0010 1010 106 0110 1010 170 1010 1010 234 1110 1010
43 0010 1011 107 0110 1011 171 1010 1011 235 1110 1011
44 0010 1100 108 0110 1100 172 1010 1100 236 1110 1100
45 0010 1101 109 0010 1101 173 1010 1101 237 1010 1101
46 0010 1110 110 0110 1110 174 1010 1110 238 1110 1110
47 0010 1111 111 0110 1111 175 1010 1111 239 1110 1111

48 0011 0000 112 0111 0000 176 1011 0000 240 1111 0000
49 0011 0001 113 0111 0001 177 1011 0001 241 1111 0001
50 0011 0010 114 0111 0010 178 1011 0010 242 1111 0010
51 0011 0011 115 0111 0011 179 1011 0011 243 1111 0011
52 0011 0100 116 0111 0100 180 1011 0100 244 1111 0100
53 0011 0101 117 0111 0101 181 1011 0101 245 1111 0101
54 0011 0110 118 0111 0110 182 1011 0110 246 1111 0110
55 0011 0111 119 0111 0111 183 1011 0111 247 1111 0111
56 0011 1000 120 0111 1000 184 1011 1000 248 1111 1000
57 0011 1001 121 0111 1001 185 1011 1001 249 1111 1001
58 0011 1010 122 0111 1010 186 1011 1010 250 1111 1010
59 0011 1011 123 0111 1011 187 1011 1011 251 1111 1011
60 0011 1100 124 0111 1100 188 1011 1100 252 1111 1100
61 0011 1101 125 0111 1101 189 1011 1101 253 1111 1101
62 0011 1110 126 0111 1110 190 1011 1110 254 1111 1110
63 0011 1111 127 0111 1111 191 1011 1111 255 1111 1111

Example Question: Which of the following is a Class C IP address?

A. 10.10.14.118

B. 135.23.112.57

C. 191.200.199.199

D. 204.67.118.54

Correct Answer: D.
Explanation:

IP addresses are written using decimal numbers separated by decimal points. This is
called dotted decimal notation of expressing IP addresses. The different classes of IP
addresses is as below:

Leading Network address Maximum Maximum

Class Format
Bit pattern Range networks hosts
A N.H.H.H 0 0-126 127 16,777,214
B N.N.H.H 10 128-191 16,384 65,534
C N.N.N.H 110 192-223 2,097,152 254

Network address of all zeros means "This network or segment".

Network address of all 1s means " all networks", same as hexadecimal of all Fs.

Network number 127 is reserved for loopback tests.

Host (Node) address of all zeros mean "This Host (Node)".

Host (Node) address of all 1s mean "all Hosts (Nodes) " on the specified network.

Subnet masking -II

What we discussed in the previous section is Classful subnet masking. A Subnetmask
normally contains the host portion of the bits also. This is called Classless Inter Domain
Routing (CIDR). This will enable more networks for a given class of network address.
For example, allowing 3 host bits towards subnet portion in our previous IP address, will
allow us to offer 2X2X2 or 8 additional subnetworks. Traditionally, all zeros, and all
ones subnets are not used, and hence we are left with 6 subnets.

192.189.210.078: 1100 0000.1011 1101.1101 0010.0100 1110 Class C IP Address

255.255.255.224: 1111 1111.1111 1111.1111 1111.1110 0000 Class C subnet mask with
3 additional bits of host portion used for Subnetting.

Broadcast address: 1100 0000.1011 1101.1101 0010.0101 1111 :192.189.210.95

The above is the broadcast address for a given subnet (192.189.210.078). Under Classful
routing, the broadcast address would have been 192.189.210.255.

Note that by using Subnetting, we are able to increase the number of networks available
within a given IP address. On the otherhand, we will be loosing the number of hosts
available within a subnet to 24 or 16 hosts per subnet. Again, all zeros, and all ones host
addresses are traditionally reserved for other purposes.
CIDR (Classless InterDomain Routing) notation: Subnet mask is also represented as
below:

192.189.210.078/27, where 27 is the number of bits in the network portion of the IP

address.

Why use CIDR?

Normally, ISPs allocate the IP addresses for individuals or Corporates. The reason being
that it is almost impossible to allocate a classful IP address to every individual or a
corporate. Using CIDR, the biggest ISPs are given large pool of IP address space. The
ISP's customers such as individual or Corporates are then allocated networks from the big
ISP's pool. This kind of arrangement will enable efficient management and utilization of
the Internet.

Classful addresses can easily be written in CIDR notation

Class A = A.B.C.D/8, Class B = A.B.C.D/16, and Class C = A.B.C.D/24

Where A,B,C,D are dotted decimal octets.

Example Question:

You have an IP of 156.233.42.56 with a subnet mask of 7 bits. How many hosts and
subnets are possible?

A. 126 hosts and 510 subnets

B. 128 subnets and 512 hosts

C. 510 hosts and 126 subnets

D. 512 subnets and 128 hosts

Correct answer: C

Explanation:

Class B network has the form N.N.H.H, the default subnet mask is 16 bits long.

There is additional 7 bits to the default subnet mask. The total number of bits in subnet
are 16+7 = 23.

This leaves us with 32-23 =9 bits for assigning to hosts.

7 bits of subnet mask corresponds to (2^7-2)=128-2 = 126 subnets.

9 bits belonging to host addresses correspond to (2^9-2)=512-2 = 510 hosts.

Routing Fundamentals
When IP packets travel over the Internet, routing information is exchanged between the
devices that control the flow of information over the Internet. These devices are known
as routers, and they use the IP address as the basis for controlling the traffic. These
devices need to talk the same language to function properly, though they belong to
different administrative domains. For example, one router may be in Newyork(US), and
the receiving router may be in London (UK). It is necessary that a routing protocol is
followed for smooth flow of traffic. Given below are the widely used routing protocols
for routing Internet traffic:

• RIP v1
• RIP v2
• OSPF
• IGRP
• EIGRP
• BGP

Notations used: Routing Information Protocol (RIP), Open Shortest Path First (OSPF),
Interior Gateway Routing Protocol (IGRP), Enhanced Interior Gateway Routing Protocol
(EIGRP), and Border Gateway Protocol (BGP).

One often get confused between a routing protocol and a routed protocol. A routing
protocol such as RIP is used to route information packets over the Internet, where as a
routed protocol such as IP (or IPX) is the payload (contains data) that get routed from
source to the destination.

Routing protocols are primarily distinguished into three types:

• Distance Vector Protocols

• Link State Protocols
• Hybrid Protocols

RIP is an example of distance vector protocol. IS-IS is an example of Hybrid protocol,

and OSPF is an example of Link State Protocol.

The table below provides the routing protocol used with different routed protocols:

Routing Protocol Routed Protocol

RIP, OSPF,IS-IS, BGP,EIGRP IP
RIP, NLSP, EIGRP IPX
RTMP, EIGRP AppleTalk

The list of routed, and routing protocols given in the above table is not complete, and
given to serve as an example only.

Routing Metric: This is a fundamental measure that routing protocols use for determining
appropriate route to deliver packets. Each routing protocol uses its own measure of
metric, and a sample of routing metrics used by different routing protocols is given
below:

Routing Protocol Metric

RIPv2 Hop count
EIGRP Bandwidth, Delay, Load, Reliability, and MTU
OSPF Cost (Higher bandwidth indicates lower cost)
IS-IS Cost

The best route in RIP is determined by counting the number of hops required to reach the
destination. A lower hop count route is always preferred over a higher hop count route.
One disadvantage of using hop count as metric is that if there is a route with one
additional hop, but with significantly higher bandwidth, the route with smaller bandwidth
is taken. This is illustrated in the figure below:

The RIP routed packets take the path through 56KBPS link since the destination can be
reached in one hop. Though, the alternative provides a minimum bandwidth of 1MBPS
(though using two links of 1MBPS, and 2MBPS each), it represents 2 hops and not
preferred by the RIP protocol.

Link State vs. Distance Vector

Distance Vector routing protocols usually send their entire routing table to their nearest
neighbors at regular intervals. A router that receives several such routing tables filter the
routes and arrive at its own and retransmits it to its neighbouring routers. There will some
period of time where different routers hold non-optimized routes initially. After some
time, known as convergence time, a final routing table is arrived at by all the routers. A
faster convergence time results in a stable network.

RIP, as mentioned earlier uses hop count as the metric for computing a route to a given
destination. Other Distance Vector routing protocols, such as IGRP, improve on this by
using hop count, bandwidth, current load, cost, and reliability to determine the best path.

Link State routing protocols usually send only the routing changes to every other router
within their area. Unlike Distance Vector, routers using Link State routing protocols
maintain a picture of the entire network. A router can use this network wide information
to determine the best route for traffic.

Example Question:

What is true about IP routing?

A. The frame changes at each hop

B. The source IP address changes at each hop

C. The destination IP address changes at each hop

D. The hardware interface addresses remain constant

Correct answer: A

Explanation:

IP Packets are transported from source network to the destination network by what is
known as routing. Hop-by-hop routing model is used by the Internet for delivery of
packets. At each hop, the destination IP address is examined, the best next hop is
determined by the routing protocol (such as RIP, OSPF or BGP) and the packet is
forwarded by one more hop through this route. The same process takes place at the next
hop. During this process, the logical addresses remain same. In an IP network, the
logical addresses are IP addresses. The hardware interface addresses, such as MAC
address change with each hop.

RIP Routing Fundamentals

RIP stands for Routing Information Protocol.

RIP is a dynamic, distance vector routing protocol and was developed for smaller IP
based networks. As mentioned earlier, RIP calculates the best route based on hop count.
There are currently two versions of RIP protocol.

• RIPv1, and
• RIPv2

RIPv1: RIP version 1 is among the oldest protocols.

Limitations of RIPv1:

1. Hop Count Limit: Destination that is more than 15 hops away is considered
unreachable by RIPv1.

2. Classful Routing Only: RIP is a classful routing protocol. RIPv1 doesn't support
classless routing. RIP v1 advertises all networks it knows as classful networks, so it is not
possible to subnet a network using RIP v1.

3. Metric limitation: The best route in RIP is determined by counting the number of hops
required to reach the destination. A lower hop count route is always preferred over a
higher hop count route. One disadvantage of using hop count as metric is that if there is a
route with one additional hop, but with significantly higher bandwidth, the route with
smaller bandwidth is taken. This is illustrated in the figure below:

The RIP routed packets take the path through 56KBPS link since the destination can be
reached in one hop. Though, the alternative provides a minimum bandwidth of 1MBPS
(though using two links of 1MBPS, and 2MBPS each), it represents 2 hops and not
preferred by the RIP protocol.

Features of RIP v2:

RIP v2 is a revised version of its predecessor RIP v1. The following are the important
feature enhancements provided in RIPv2:
1. RIPv2 packets carry the subnet mask in each route entry, making RIPv2 a classless
routing protocol. It provides support for variable-length subnet masking (VLSM) and
classless addressing (CIDR).

2. Next Hop Specification: In RIPv2, each RIP entry includes a space where an explicit
IP address can be entered as the next hop router for datagrams intended for the network in
that entry.

For example, this field can be used when the most efficient route to a network is through
a router that is not running RIP. Since, that a router will not exchange RIP messages,
explicit Next Hop field allows the router to be selected as the next hop router.

3. Authentication: RIPv1 does not support authentication. This loophole may be used
maliciously by hackers, that may resulting in delivering the data packets to a fictitious
destination as determined by the hacker. RIPv2 provides a basic authentication scheme,
so that a router can accept RIP messages from a neighboring router only after
ascertaining its authenticity.

4. Route Tag: Each RIPv2 entry includes a Route Tag field, where additional information
about a route can be stored. It provides a method for distinguishing between internal
routes (learned by RIP) and external routes (learned from other protocols).

Limitations of RIP v2:

One of the biggest limitations of RIPv1 still remains with RIPv2. It is hop count
limitation, and metric. The hop count of 16 still remains as unreachable, and the metric
still remains hop count. A smaller hop count limits the network diameter, that is the
number of routers that can participate in the RIP network.

Example Question:

While the packet travels from source to destination through an Internetwork, which of the
following statements are true? (Choose 2 best answers).

A. The source and destination hardware (interface) addresses change

B. The source and destination hardware (interface) addresses remain constant.

C. The source and destination IP addresses change

D. The source and destination IP addresses remain constant.

Ans. A, D

Explanation: While a packet travels through an Internetwork, it usually involves multiple

hops. It is important to know that the logical address (IP address) of the source (that
created the packet) and destination (final intended destination) remain constant, whereas
the hardware (interface) addresses change with each hop.

OSPF Routing Fundamentals

OSPF stands for Open Shortest Path First.

Definition: OSPF is a routing protocol used to determine the best route for delivering the
packets within an IP networks. It was published by the IETF to serve as an Interior
Gateway Protocol replacing RIP. The OSPF specification is published as Request For
Comments (RFC) 1247.

Note that OSPF is a link-state routing protocol, whereas RIP and IGRP are distance-
vector routing protocols. Routers running the distance-vector algorithm send all or a
portion of their routing tables in routing-update messages to their neighbors.

OSPF sends link-state advertisements (LSAs) to all other routers within the same area.
Information on attached interfaces, metrics used, and other variables is included in OSPF
LSAs. OSPF routers use the SPF (Shortest Path First) algorithm to calculate the shortest
path to each node. SPF algorithm is also known as Dijkstra algorithm.

Advantages of OSPF
• OSPF is an open standard, not related to any particular vendor.
• OSPF is hierarchical routing protocol, using area 0 (Autonomous System) at the
top of the hierarchy.
• OSPF uses Link State Algorithm, and an OSPF network diameter can be much
larger than that of RIP.
• OSPF supports Variable Length Subnet Masks (VLSM), resulting in efficient use
of networking resources.
• OSPF uses multicasting within areas.
• After initialization, OSPF only sends updates on routing table sections which have
changed, it does not send the entire routing table, which in turn conserves network
bandwidth.
• Using areas, OSPF networks can be logically segmented to improve
administration, and decrease the size of routing tables.

Disadvantages of OSPF:
• OSPF is very processor intensive due to implementation of SPF algorithm. OSPF
maintains multiple copies of routing information, increasing the amount of
memory needed.
• OSPF is a more complex protocol to implement compared to RIP.
OSPF Networking Hierarchy:
As mentioned earlier, OSPF is a hierarchical routing protocol. It enables better
administration and smaller routing tables due to segmentation of entire network into
smaller areas. OSPF consists of a backbone (Area 0) network that links all other smaller
areas within the hierarchy. The following are the important components of an OSPF
network:

• Areas
• Area Border Routers
• Backbone Areas
• AS Boundary Routers
• Stub Areas
• Not-So-Stubby Areas
• Totally Stubby Area
• Transit Areas

ABR: Area Border Router

ASBR: Autonomous System Boundary Router

Areas: An area consists of routers that have been administratively grouped together.
Usually, an area as a collection of contiguous IP subnetted networks. Routers that are
totally within an area are called internal routers. All interfaces on internal routers are
directly connected to networks within the area.

Within an area, all routers have identical topological databases.

Area Border Routers: Routers that belong to more than one area are called area border
routers (ABRs). ABRs maintain a separate topological database for each area to which
they are connected.
Backbone Area: An OSPF backbone area consists of all routers in area 0, and all area
border routers (ABRs). The backbone distributes routing information between different
areas.

AS Boundary Routers (ASBRs): Routers that exchange routing information with routers
in other Autonomous Systems are called ASBRs. They advertise externally learned routes
throughout the AS.

Stub Areas: Stub areas are areas that do not propagate AS external advertisements. By
not propagating AS external advertisements, the size of the topological databases is
reduced on the internal routers of a stub area. This in turn reduces the processing power
and the memory requirements of the internal routers.

Not-So-Stubby Areas (NSSA): An OSPF stub area has no external routes in it. A NSSA
allows external routes to be flooded within the area. These routes are then leaked into
other areas. This is useful when you have a non-OSPF router connected to an ASBR of a
NSSA. The routes are imported, and flooded throughout the area. However, external
routes from other areas still do not enter the NSSA.
Totally Stubby Area: Only default summary route is allowed in Totally Stubby Area.

Transit Areas: Transit areas are used to pass traffic from an adjacent area to the
backbone. The traffic does not originate in, nor is it destined for, the transit area.

Link State Advertisements (LSAs):

It is important to know different Link State Advertisements (LSAs) offered by OSPF
protocol.

Type 1: Router link advertisements generated by each router for each area it belongs to.
Type 1 LSAs are flooded to a single area only.

Type 2: Network link advertisements generated by designated routers (DRs) giving the
set of routers attached to a particular network. Type 2 LSAs are flooded to the area that
contains the network.

Type 3/4: These are summary link advertisements generated by ABRs describing inter-
area routes. Type 3 describes routes to networks and is used for summarization. Type 4
describes routes to the ASBR.

Type 5: Generated by the ASBR and provides links external to the Autonomous System
(AS). Type 5 LSAs are flooded to all areas except stub areas and totally stubby areas.

Type 6: Group membership link entry generated by multicast OSPF routers.

Type 7: NSSA external routes generated by ASBR. Only flooded to the NSSA. The ABR
converts LSA type 7 into LSA type 5 before flooding them into the backbone (area 0).

Area Restriction
Normal None
Stub Type 5 AS-external LSA NOT allowed
Type 5 AS-external LSAs are NOT allowed, but Type 7 LSAs that convert to
NSSA
Type 5 at the NSSA ABR can traverse
Totally
Type 3, 4 or 5 LSAs are NOT allowed except the default summary route
Stubby

Cisco IOS An Introduction

Cisco IOS (short for Internetwork Operating System) is the software used on a majority
of Cisco Systems routers and switches. IOS consists of routing, switching,
internetworking and telecommunications functions in a multitasking operating system.
Cisco IOS has uses command line interface (CLI), and provides a fixed set of multiple-
word commands. A Cisco IOS command line interface can be accessed through either a
console connection, modem connection, or a telnet session. The set of commands
available at any particular level is determined by the "mode" and the privilege level of
the current user.

Cisco IOS follows a command hierarchy, with each level offering different set of
commands All commands are assigned a privilege level, from 0 to 15, and can only be
accessed by users with the necessary privilege. Through the CLI, the commands
available to each privilege level can be defined.

Some of the widely used command hierarchy levels are given below:

User EXEC level: This is the level that a connected user is allowed initially. User EXEC
allows access to a limited set of basic monitoring commands. A ">" sign denotes User
EXEC mode.

Privileged EXEC level: Privileged EXEC level allows access to all router commands
including router configuration and management commands. This level is usually
password protected for security reasons. A "#"sign denotes privileged EXEC mode.

When a user is connected to a Cisco IOS, a User EXEC prompt appears. Now, the user
can enter privileged EXEC mode by typing the password shown as below:

Router> enable
Password: [enable password]
Router# configure terminal
Router(config)#

Global configuration mode: "Global configuration mode" provides commands to change

the system's configuration. This is typically represented by "(config)#" sign as shown in
the above example.

Interface configuration mode: "Interface configuration mode" provides commands to

change the configuration of a specific interface of the router. An interface configuration
mode is denoted by "(config-in)#".

A summary of Cisco IOS router command prompt is given below:

Prompt Explanation
Router> User EXEC mode
Router# Privileged EXEC mode
Global configuration mode. # sign indicates this is
Router(config)#
only accessible at privileged EXEC mode.
Router(config-if)# Interface level configuration mode.
Router(config-router)# Routing engine level within configuration mode.
Line level (vty, tty, async) within configuration
Router(config-line)#
mode.

Context Sensitive Help

Cisco IOS CLI offers context sensitive help. At any time during an EXEC session, a user
can type a question mark (?) to get help.

Two types of context sensitive help are available:

• Word help and

• Command syntax help.

Word help: Word help can be used to obtain a list of commands that begin with a given
character string. To use word help, type in the characters in question followed
immediately by the question mark (?). The following is an example of word help:

Router# co?
configure connect copy

Command syntax help: Command syntax help can be used to obtain a list of commands,
keyword, or argument options that are available starting with the keywords that the user
had already entered. To use command syntax help, enter a question mark (?) after hitting
a space. The router will then display a list of available command options with <cr>
standing for carriage return. The following is an example of command syntax help:

Router# configure ?
memory Configure from NV memory
network Configure from a TFTP network host
terminal Configure from the terminal
<cr>

Cisco IOS also allows abbreviated commands support. For example, consider the
following:

Router#configure terminal
Router(config)#

Router#config term
Router(config)#

Both the above commands to the same job. The IOS correctly interprets the full
command words. However, if there is any ambiguity, an error message is generated as
below:
Router(config)#c
% Ambiguous command: "c"

Checkout a ccna router simulator available from certexams.com.

Example Question:

What is the command used to add a banner to a Cisco router configuration?

A. add banner

B. banner motd #

C. motd banner #

D. add banner #

Correct answer: B

Explanation:

The banner is displayed whenever anyone logs in to your Cisco router. The syntax is

"banner motd #

MOTD stands for "Message Of The Day".

# symbol signifies the start of the banner message to the router. You will be prompted for
the

message to be displayed. You need to enter "#" symbol at the end of the message,
signifying

that the msg has ended.

Alternatively, you can enter the banner in the same line as below:

"banner motd # your message here#

note that you need to begin and end the banner with a delimiter (here # sign).

Cisco Access Control Lists

The Cisco Access Control List (ACL) is are used for filtering traffic based on a given
filtering criteria on a router or switch interface. Based on the conditions supplied by the
ACL, a packet is allowed or blocked from further movement.

Cisco ACLs are available for several types of routed protocols including IP, IPX,
AppleTalk, XNS, DECnet, and others. However, we will be discussing ACLs pertaining
to TCP/IP protocol only.

ACLs for TCP/IP traffic filtering are primarily divided into two types:

• Standard Access Lists, and

• Extended Access Lists

Standard Access Control Lists: Standard IP ACLs range from 1 to 99. A Standard
Access List allows you to permit or deny traffic FROM specific IP addresses. The
destination of the packet and the ports involved can be anything.

This is the command syntax format of a standard ACL.

access-list access-list-number {permit|deny}

{host|source source-wildcard|any}

Standard ACL example:

access-list 10 permit 192.168.2.0 0.0.0.255

This list allows traffic from all addresses in the range 192.168.2.0 to 192.168.2.255

Note that when configuring access lists on a router, you must identify each access list
uniquely by assigning either a name or a number to the protocol's access list.

There is an implicit deny added to every access list. If you entered the command:

show access-list 10

The output looks like:

access-list 10 permit 192.168.2.0 0.0.0.255

access-list 10 deny any

Extended Access Control Lists: Extended IP ACLs allow you to permit or deny
traffic from specific IP addresses to a specific destination IP address and port. It also
allows you to have granular control by specifying controls for different types of protocols
such as ICMP, TCP, UDP, etc within the ACL statements. Extended IP ACLs range from
100 to 199. In Cisco IOS Software Release 12.0.1, extended ACLs began to use
additional numbers (2000 to 2699).
The syntax for IP Extended ACL is given below:

access-list access-list-number {deny | permit} protocol source source-wildcard

destination destination-wildcard [precedence precedence]

Note that the above syntax is simplified, and given for general understanding only.

Extended ACL example:

access-list 110 - Applied to traffic leaving the office (outgoing)

access-list 110 permit tcp 92.128.2.0 0.0.0.255 any eq 80

ACL 110 permits traffic originating from any address on the 92.128.2.0 network. The
'any' statement means that the traffic is allowed to have any destination address with the
limitation of going to port 80. The value of 0.0.0.0/255.255.255.255 can be specified as
'any'.

Applying an ACL to a router interface:

After the ACL is defined, it must be applied to the interface (inbound or outbound). The
syntax for applying an ACL to a router interface is given below:

interface <interface>
ip access-group {number|name} {in|out}

An Access List may be specified by a name or a number. "in" applies the ACL to the
inbound traffic, and "out" applies the ACL on the outbound traffic.

Example:

To apply the standard ACL created in the previous example, use the following
commands:

Rouer(config)#interface serial 0
Rouer(config-if)#ip access-group 10 out

Example Question:

Which command sequence will allow only traffic from network 185.64.0.0 to enter
interface s0?

A. access-list 25 permit 185.64.0.0 255.255.0.0

int s0 ; ip access-list 25 out
B. access-list 25 permit 185.64.0.0 255.255.0.0
int s0 ; ip access-group 25 out

C. access-list 25 permit 185.64.0.0 0.0.255.255

int s0 ; ip access-list 25 in

D. access-list 25 permit 185.64.0.0 0.0.255.255

int s0 ; ip access-group 25 in

Correct answer: D

Explanation:

The correct sequence of commands are:

1. access-list 25 permit 185.64.0.0 0.0.255.255
2. int s0
3. ip access-group 25 in

WAN Protocols
1. Comparison of WAN and LAN technologies
2. Serial Links
1. Synchronous and
2. Asynchronous
3. Framing and WAN Protocols

a. HDLC
b. LAP, LAPB, LAPD
c. PPP, and SLIP
d. ISDN
I. ISDN BRI
II. ISDN PRI
e. Frame Relay

a. Frame Relay Protocol Overview

b. Frame Relay Network Operation

Comparison of LANs and WANs

LANs (Local Area Networks) and WANs (Wide Area Networks) are two basic types of
networks used in digital communications. We try to distinguish between LAN and WAN
by comparing both technologies.

Property LAN WAN

 Ethernet, Token Ring, FDDI, X.25, Frame Relay, ISDN,
Protocols commonly used
etc. Leased line etc.
Communication method Shared Media Point-to-point
Offer relatively low speeds
over longer distances. With
Offer high speeds over WAN, the media becomes
short distances. Since LANs very expensive since it had to
spread over short distances traverse over several
(typically a fraction of a kilometers (sometimes 100s or
kilometer), they offer very 1000s of Kilometers).
high speeds. The signal Attenuation and noise become
Main Advantage
strengths offered by LAN significant over such large
devices is good, and LANs distances. Hence, powerful
typically require less transmitters, and receivers are
expensive equipment for used with WANs. These
transmission, and reception equipment tend to be very
of signals. expensive. All these factors
influence the protocols used
for implementing WANs.
1. Between cities or any points
that are geographically
1. Within a building,
separated by a large distance
campus, or city
(several kilometers or more)
Common Usage
2. Used to connect several
2. WAN is normally used for
host computers within a
connecting LANs separated by
building or campus together.
a large distance (say, several
hundred kilometers)
Up to 1 Gbps typical.
Normally, all of LAN Up to several Gbps shared.
bandwidth is available to a Though todays WANs offer
Speeds single user (or host) at any very high bandwidths, the
given time. The bandwidth is typically shared
communication is burst in among several customers.
nature.
Cost Very low cost per Mbps High cost per Mbps.
Both LAN and WAN are used in different circumstances,
Comments
and they both complement each other.

As a case study, a college Aurobindo has several departments and a centralized

applications server. Each department needs to access the central server to access any
application such as Microsoft Word or Excel. These applications are bandwidth intensive,
and require high band width over a shorter distance. What is required under these
circumstances is a Local Area Network. A LAN may be confined to a small room, or a
building, or a big campus depending on the requirement.

Now, that you want to provide email access to a school, Shanti situated in a different
city. You can't provide a LAN connection, since it is typically limited to a fraction of a
kilometer (or a few kilometers with signal conditioners). Another reason for unsuitability
of LAN is that you can't lay cables over public property without explicit permissions.
One feasible solution for this is to have a WAN connection. For example, both
Aurobindo and Shanti can have a link to ISP at both ends, and setup a virtual LAN over
the the WAN. By using WAN, you can have your LAN spread across a large
geographical regions. Without WAN, it would have been impossible to provide email
access to the school. Internet is an example of a Wide Area Network spreading across
continents.

Introduction to WAN protocols

Wide Area Networks (WANs) operate over serial links. A serial link is one that transmits
and receives digitized signal one bit at a time. Serial links using modems typically offer
56Kbps. Compare a serial link with that of a parallel link. An example of parallel link is
printer connection over parallel cable. A printer receives several bits at a time and
processes them all. A parallel line is typically used for connecting your monitor, printer,
and CDROM drive. Parallel links run over over a very short distances.

Within serial links, there are two types:

1. Asynchronous serial links

2. Synchronous serial links

Asynchronous serial links: These are widely used for connecting to Internet using your
dial-up modem. Asynchronous link is normally used for low speed communications.

Async (short for Asynchronous) links require start and stop bits for effective
communication. It can also have parity bits for error checking. When using Async
communication link, both sender and receiver need to agree on fixed line speed
(expressed in terms of bits per second), otherwise, the receiver may not be able to receive
any data at all.
 2. Synchronous serial links: Synchronous links, as the name suggests use clocking to
transmit or receive data. A clock signal is required for transmitting or receiving
synchronous data.

The clock signal may be transmitted separately, or could be derived from the received
signal. In either case, the clock signals are used for receiving the data.

Synchronous links can operate at very high speeds. SDLC, and HDLC are examples of
synchronous link protocols.

HDLC Protocol Overview

HDLC (High-level Data Link Control) is a group of protocols documented in ISO
3309 for transmitting synchronous data between serial links (Point-to-Point nodes).
HDLC organizes data into a frame before transmission. HDLC protocol operates within
Layer 2 (data link layer) of the OSI model.

HDLC Frame Structure:

The HDLC frame consists of Flag, Address, Control, Data, and CRC fields as shown.
The bit length of each field is given below:

Flag (both opening and closing flags): 8 bits (01111110 or 7E hex)

Address: It is normally 8 or 16 bits in length. A leading 'zero' bit (MSB) indicates a
unicast message; the remaining bits provide the destination node address. A leading 'one'
bit (MSB) location indicates multicast message, the remaining bits provide the group
address.
Control: The field is 8 bits, or 16 bits wide and indicates whether the frame is a Control
or Data frame. The field contains sequence number (hdlc frames are numbered to ensure
delivery), poll (you need to reply) and final (indicating that this is the last frame) bits.

Data (Payload): This is the information that is carried from node to node. This is a
variable field. Sometimes padded with extra bits to provide fixed length.
FCS (Frame Check Sequence) or CRC (Cyclic Redundancy Code): It is normally 16
bits wide. Frame Check Sequence is used to verify the data integrity. If the FCS fails, the
frame is discarded.

The polynomial used for 16 bit FCS:

FCS [16 bits] = X16 + X12 + X5 + 1

Closing Flag: It is same as Opening Flag.

If no prior care is taken, it is possible that flag character (01111110) is present in data
field. If present, then it will wrongly be interpreted as end of frame. To avoid this
ambiguity, a transmitter will force a '0' bit after encountering 5 continuous 1s. At the
receiving end, the receiver drops the '0' bit when encountered with 5 continuous 1s, and
continues with the next bit. This way, the flag pattern (01111110) is avoided in the data
field.

Normally, synchronous links transmit all the time. But, useful information may not be
present at all times. Idle flags [11111111] may be sent to fill the gap between useful
frames. Alternatively, a series of flags [01111110] may be transmitted to fill gaps
between frames instead of transmitting idle flags [11111111]. Continuous transmission of
signals is required to keep both the transmitting and receiving nodes synchronized.

Ex.: frame...flag...flag...flag...frame..flag..flag..frame...frame...

PPP and SLIP use a subnet of HDLC protocol. ISDN's D channel uses a modified version
of HDLC. Also, note that Cisco routers' uses HDLC as default serial link encapsulation
protocol.

HDLC Frame Types

The control field in HDLC is also used to indicate the frame type. There are three types
of frames supported by HDLC. These are:

I Frames: These are information frames, and contain user data

S Frames: These are supervisory frames, and contain contain commands and responses
U Frames: These are un-numbered frames, and typically contain commands and
responses.
I Frames are sequentially numbered, carry user data, poll and final bits, and message
acknowledgements.

S Frames performs any retransmission requests, and other supervisory controls.

U Frames can be used to initialize secondaries.

PPP and SLIP Protocols Overview

Serial Line Internet Protocol (SLIP):
This is a packet-framing protocol and defines a sequence of bytes that frame IP packets
on a serial line. It is commonly used for point-to-point serial connections running
TCP/IP.

Point-to-Point Protocol (PPP):

PPP is basically an encapsulation protocol that is used to transport datagrams over serial
point-to-point links. Network address assignment, link configuration management, error
detection, multi protocol support are some of the most prominent features of PPP
protocol. PPP supports these features by using LCP (Link Control Protocol), and NCP
(Network Control Protocol).

LCP responsible for initiating, negotiating, configuring, maintaining, and terminating the
serial link point-to-point connection.

You can transport multiple protocols like IP, IPX, DECnet using PPP.

Protocol frame configuration: As mentioned earlier, the protocol frame is a version of

HDLC protocol. It contains six fields as shown in the diagram.
Flag (both opening and closing flags): 8 bits (01111110 or 7E hex)
Address: PPP does not use node addresses. It is a single byte of 11111111, representing a
broadcast address.
Control: The field is 8 bits, wide and indicates whether the frame is a Control or Data
frame.
Protocol: 16 bits wide, and identify the protocol encapsulated in the DATA field of the
frame.
Data (Payload): This is the information that is carried from node to node. The default
maximum length of the Data field is 1500 bytes.
FCS (Frame Check Sequence) : It is either 16 bits, or 32 bits wide. Frame Check
Sequence is used to verify the data integrity. If the FCS fails, the frame is discarded. FCS
is implement by using Cyclic Redundancy Code (CRC).

Operation of PPP:

PPP operates over different phases consisting of

• Link establishment and configuration negotiation

• Link quality determination phase (Optional)
• Network layer protocol configuration negotiation
• Link termination

Initially, PPP negotiates a link between the two point to point interfaces. These are
normally a DTE and a DCE interfaces such as RS-232C, V.35, RS-422, and RS-423. PPP
by itself does not impose any limitation on achievable speed. The physical interfaces, and
the media normally limits the available link speeds.

The second phase is link quality determination. This phase is optional.

Once the Link level configuration is made, and the link is established, then the network
level configuration is made.

The link is terminated by LCP as and when required.

Advantages of PPP over SLIP:

1. Address notification: It enables a server machine to inform a dial-up client of its IP

address for that link. SLIP requires that the user manually configure this information.

2. Authentication: PPP supports Password Authentication Protocol (PAP), and

Challenge Handshake Authentication Protocol (CHAP) protocols. PAP transmits
password in plain text, whereas CHAP uses encryption for authentication.
3. Multiple Protocol Support: PPP can support Multiple Protocols to operate on the
same link. For example, both IP and IPX traffic can use same PPP link.

4. Link Monitoring: Offers link monitoring to help diagnose any link failures.

ISDN Protocols Overview

Integrated Services Digital Network (ISDN), as the name implies, provides integrated
services that consist of telephony, data, and video transmission over ISDN.

ISDN is of two types:

• Basic Rate ISDN (BRI), and

• Primary Rate ISDN (PRI)

Basic Rate ISDN consists of two 64kbps B-channels (B for Bearer) and one D-channel
(2B+1D). B-Channels are used for transmitting user information (voice, data, or video),
and D-Channel is used for transmitting control information. B-Channel offers a
bandwidth of 64kbps, and D-Channel has a bandwidth of 16kbps. With 2B channels,
BRI provides up to 128kbps uncompressed bandwidth. Note that the total bandwidth
used by ISDN BRI is 192kbps. The remaining bandwidth [192 - (2B+D)] or 48kbps is
used for framing.

Primary Rate ISDN consists of 23 B-channels and one D-channel (23B+1D) for US or 30
B-channels and one D-channel (30B+1D) for Europe, Australia, India, and some other
countries. The ISDN standard followed by Europe is also known as Euro ISDN, and
standardized by ETSI (European Telecommunications Standard Institute). The PRI D-
Channel offers 64kbps bandwidth.

There are several constituent standards that define ISDN.

I.430 Standard: It describes the Physical layer and part of the Data Link layer for BRI.

Q.920 and Q.921 Standards: Together, they provide the Data Link protocol used over the
D channel.

Q 930, and Q.931 Standards: Documents the Network layer user-to-user and user-to-
network interface. The functionalities offered include call setup and breakdown, channel
allocation, and other optional services.

G.711 Standard: It describes the standard 64 kbps audio encoding used by telcos.

ISDN Reference Points:

ISDN standards specify several reference points that functionally separate the ISDN
network. The ISDN devices need to comply with applicable reference point
specifications. For example, a TE1 device such as an ISDN phone or a computer need to
comply with reference point 'S' specifications. Various reference points specified in
ISDN are given in the figure below:

R: This is the reference point between non-ISDN equipment and a Terminal Adapter
(TA).

S: This is the reference point between user terminals and Network Termination Type2
(NT2).

T: This is the reference point between NT1 and NT2 devices.

U: This is the reference point between NT1 devices and line termination equipment of the
Telco

Frame Relay Protocols Overview

Before going ahead with Frame Relay protocol, and its operation, we discuss virtual
circuits. Remember that a circuit provides connection between end nodes by means of an
electrical connection. In data circuits, the term virtual circuit is also used in similar sense.
A virtual circuit provides a logical connection between end nodes for the flow of
information. There are two types of virtual circuits:

• Permanent Virtual Circuit (PVC), and

• Switched Virtual Circuits (SVC)

Permanent Virtual Circuit (PVC): PVC is a permanent connection between the end
nodes (DTEs) within a Frame Relay network. The virtual circuit is always available
irrespective of whether any data is being transmitted or not. This type of connection
(PVC) is used when it is required to consistently transfer data between the end nodes. A
PVC can have two operational states as given below:
 • Data transfer state: Data is transmitted between the end nodes over the virtual
circuit.
• Idle state: No data is transferred between the end nodes. Note that PVC does not
terminate the virtual circuit even when there is no data being transferred between
the end nodes.

Switched Virtual Circuit(SVC): A switched virtual circuits (SVC) provide temporary

connection between end nodes (DTEs) across a Frame Relay network. An SVC
communication session has four states:

• Call setup: The virtual circuit between two Frame Relay end nodes is established.
• Data transfer: Data is transmitted between the end nodes over the virtual circuit.
• Idle: The connection between end nodes is still active, but no data is transferred.
An SVC call is terminated after a certain period of idle time
• Call termination: The virtual circuit between end nodes is terminated.

If there is some more data to be transmitted at a later time, an SVC is negotiated again.
SVCs are advantageous when you have burst traffic, and you don't want to block the
network bandwidth for a given virtual circuit 24hours a day.

Unlike SVC, there is no call setup, and call termination procedures in PVC. This results
in simple link management procedures, and more efficient data transfers.

Frame Relay Protocol: FR is an HDLC protocol based network. We have discussed

HDLC in earlier sections, and the HDLC frame is given below. Other protocols that use
HDLC frames include SDLC, Frame Relay, and X.25. They primarily differ in how the
address and control bits in HDLC frame are used.

The different fields are explained below with respect to Frame Relay:

Flag (both opening and closing flags): 8 bits (01111110 or 7E hex)

Address (Also known as Frame Relay Header): It is a 16-bit field as given below.

Data Link Connection Identifier (DLCI): The DLCI is 10-bit wide. DLCI identifies the
virtual connection between the end node (a DTE device) and the switch (a DCE device).

C/R: The C/R bit says whether the frame is a command or response.
Forward Explicit Congestion Notification (FECN): This is a single-bit field that can be
set to either 0 or 1 by a switch. Normally, FECN is zero. A value of 1 indicates network
congestion in the direction of source to destination, known as Forward Explicit
Congestion Notification.

Backward Explicit Congestion Notification (BECN): This is a single-bit field that can
be set to either 0 or 1 by a switch in the FR network. Normally, BECN is zero. A value of
1 indicates that the FR network has experienced congestion in the direction of destination
to source.

By using FECN and BECN, upper layer protocols can control the communication for
efficient utilization of FR network.

Discard Eligibility (DE): This is set by the DTE device to indicate that the marked
frame may be discarded in the event of network congestion. Discard Eligible frames are
discarded first before removing frames that do not have DE bit set, in the event of
network congestion.

Note that all FECN, BECN, and DE enable FR network congestion control by regulating
the communication, and prioritizing traffic.

Extended Address (EA): The eighth bit of each byte of the Address field (header) is
used to indicate the EA. If the EA value is 1, then the current byte is determined to be the
last octet of the DLCI.

Data: This field contains encapsulated upper-layer protocol data. It has variable length
up to 16,000 octets.

FCS (Frame Check Sequence) or CRC (Cyclic Redundancy Code): It is either 16 bits,
or 32 bits wide. Frame Check Sequence is used to verify the data integrity. If the FCS
fails, the frame is discarded

Frame Relay Network Operation

A Frame Relay (FR) network is shown in the figure below. An FR network may be
considered as a FR cloud that consists of FR switches, and customer nodes. A FR switch
acts as DCE and the customer equipment works as DTE. A virtual circuit is established
between the DTE and corresponding DCE. As mentioned earlier, a virtual circuit is
identified by a DLCI (Data Link Connection Identifier) number. DLCIs have local
significance. It means that on a given physical channel, there can not be two DLCIs
which are identical.
Frame Relay is essentially a packet switched network, and can be compared with an X.25
network. Though both Frame Relay and X.25 use same basic protocol HDLC, there are
several differences between the two. Some of the important differences between a Frame
Relay network and and X.25 network are given below:

Feature X.25 Frame Relay

Basic frame protocol used HDLC HDLC
Typical Speed (bandwidth) Low High
Interactive sessions Barely suitable Suitable
LAN connectivity for fast file
Not suitable Suitable
transfers
Protocol Overhead High Minimal
Protocol complexity High Low
Voice support Poor Good
Error Correction Very good Not supported
Comments 1. X.25 is a very old 1. Frame Relay is widely
protocol, and widely implemented these days.
implemented. However, it is
Frame Relay does not support
hard to find any new any node-to-node error
implementations. correction. With the advent of
highly reliable physical
2. X.25 implements node-to- channels, node-to-node error
node error correction, and correction (offered by X.25) is
very suitable for noisy considered to be out-of-date,
circuits. A severe drawback and not essential.
is high overhead, and
transmission delays. 2. Revised specifications for
Frame Relay network support
LMI extensions. These
 include: global addressing,
virtual circuit status messages,
and multicasting

VLAN - Virtual Local Area Networks

Some basic knowledge of LANs, different topologies, and working of Local Area
Networks is required to proceed further.

What is a VLAN?

To refresh your memory, a Local Area Network (LAN) is a set of connected devices
like computers, hubs, and switches sharing the same pool of logical address space.
Normally, a router is required to route packets from one LAN to another LAN.
Traditionally, all packets within a LAN are broadcast to all other devices connected to
that particular LAN.

As a result, a traditional LAN has several disadvantages as below:

• Usable bandwidth is shared among all the devices connected to the LAN
• ALL devices connected within a LAN can hear ALL the packets irrespective of
whether the packet is meant for that device or not. It is possible for some
unscrupulous node listening to data packets not meant for that.
• Suppose, your organization has different departments. Using a traditional LAN,
when any changes take place within the organization, physical cables and devices
need to be moved to reorganize the LAN infrastructure.
• A LAN cannot extend beyond its physical boundary across a WAN as in VLANs.

If you are looking for a simple networked solution for a small office, it may be a good
idea to have a traditional LAN setup with a few hubs or switches. However, if you are
planning for a large building or campus wide LAN for several individual departments, a
VLAN is almost essential.

Virtual LANs (VLANs) can be considered as an intelligent LAN consisting of different

physical LAN segments enabling them to communicate with each other as if they were all
on the same physical LAN segment.

Benefits of VLAN: Several of the disadvantages of traditional LANs can be eliminated

with the implementation of VLANs.
1. Improved Performance: In a traditional LAN, all the hosts within the LAN receive
broadcasts, and contend for available bandwidth. As a result, the bandwidth is shared
among all the connected devices within the LAN segment. If you are running high-
bandwidth consumption applications such as groupware or server forms, a threshold point
may easily be reached. After a threshold, the users may find the LAN too slow or un-
responsive. With the use of VLAN, you can divide the big LAN into several smaller
VLANs. For example, if there are two file servers, each operating at 100Mbps, in a
traditional LAN both the servers have to share the LAN bandwidth of 100Mbps. If you
put both the servers in separate VLANs, then both have an available bandwidth of
100Mbps each. Here the available bandwidth has been doubled.

2. Functional separation of an institute or a company: It is often required to separate the

functional groups within a company or institute. For example, it might be necessary to
separate HR department LAN from that of Production LAN. Traditionally, it requires a
router to separate two physical LANs. However, you can set up two VLANs, one for
Finance, and the other for Production without a router. A switch can route frames from
one VLAN to another VLAN. With VLAN's it is easier to place a workgroup together
eventhough they are physically in different buildings. In this case Finance VLAN does
not forward packets to Production VLAN, providing additional security.

3. Ease of Network Maintenance:

Network maintenance include addition, removal, and changing the network users. With
traditional LANs, when ever a User moves, it may be necessary to re-configure the user
work station, router, and the servers. Some times, it may also be necessary to lay the
cable, or reconfigure hubs and switches. If you are using VLANs, many of these
reconfiguration tasks become unnecessary. For example, you can avoid network address
configuration on the work station and the corresponding router if you use VLAN. This is
because, routing traffic within VLANs doesn't require a router.

However, VLAN's add some administrative complexity, since the administration needs to
manage virtual workgroups using VLANs.

4. Reduced Cost

VLANs minimize the network administration by way of reduced maintenance on account

of workstation addition/deletion/changes. This in turn reduce the costs associated with
LAN maintenance.

5. Security

Using a LAN, all work stations within the LAN get the frames meant for all other work
stations within the broadcast domain. Since a VLAN splits the broadcast domain into two
or more, it is possible to put work stations sharing sensitive data in one VLAN, and other
work station in another VLAN. Of course, if two VLANs are not sufficient, you can split
the work stations into as many VLANs as required. VLAN's can also be used to set up
firewalls, restrict access, and send any intrusion alerts to the administrator.

Example:

Question: Your network has 100 nodes on a single broadcast domain. You have
implemented VLANs and segmented the network to have 2 VLANs of 50 nodes each. The
resulting broadcast traffic effectively:

A. Increases two fold

B. Remains same

C. Decreases by half

D. Increases 4 fold

Ans: C

Explanation: By implementing VLANs, the effective broadcast traffic decreases, since

VLANs do not forward the broadcast traffic from one VLAN to another.

LANs and VLANs

Traditional LAN segmentation: Using traditional LAN segmentation, all the segments
will be in the same broadcast domain. This effectively, reduces the efficiency of the
network. A traditional LAN segmentation is shown below.
 Figure 1: Traditional LAN Segmentation

VLANs: Using VLANs, the broadcast domain gets divided into the number of VLANs.
If there are three VLANs, as shown in the figure, the broadcast domain will be split into
three.
 Figure 2: Segmentation using VLANs

Logical View: Given below is the logical view of segmentation using VLANs. Note that
a router is required to route traffic between VLANs, and each VLAN is in different
broadcast domain.
Only a single router is shown for simplicity. One or more routers may be used for routing
interVLAN traffic.

Figure 3: Logical View of VLANs

VLAN Types
How a Switch distinguishes between VLANs? This is done by associating the work
stations to a specific VLAN using specified format. This is known as VLAN
membership. Four prominent VLAN membership methods are by port, MAC address,
protocol type, and subnet address. Each of these are discussed below:

1. VLAN membership by Port:

Here, you define which ports of a Switch belong to which VLAN. Any work station
connected to a particular port will automatically be assigned that VLAN. For example, in
a Switch with eight ports, ports 1-4 may be configured with VLAN 1, and ports 5-8 may
be configured with VLAN2.
One of the disadvantages of this method is that it requires Switch port reconfiguration
whenever a user (of course, with associated workstation) moves from one place to
another. VLANs by port association operates at Layer 1 of the OSI model.

2. VLAN membership by MAC Address:

Here, membership in a VLAN is based on the MAC address of the user workstation. A
Switch that participates in VLAN, uses the MAC addresses to assign a VLAN to each
workstation. When a workstation moves to another place, the corresponding switch
automatically discovers the VLAN association based on the MAC address of the
workstation. Since the MAC address is normally inseparable from that of the workstation,
this method of VLAN membership is more amenable to workstation moves.

This type of VLAN works at Layer 2 of the OSI model.

3. Membership by Protocol Type:

Layer 2 header contains the protocol type field. You can use this information to decide on
the VLAN association. For example, all IP traffic may be associated with VLAN 1 and
all IPX traffic may be associated with VLAN 2.

4. Membership by IP Subnet Address

In this type of VLAN association, membership is based on the Layer 3 header. The
Switch reads the Layer 3 IP address and associates a VLAN membership. Note that even
though the Switch accesses Layer 3 information, it still works at Layer 2 of OSI model
only. A VLAN Switch doesn't do any routing based on IP address.

Examples:

IP Subnet VLAN
192.23.160.0 1
192.23.161.0 2
112.18.0.0 3

IP Subnet addresses assignment to different VLAN's.

IP address based VLANs allow user moves. However, it is likely to take more time to
forward a packet by a Switch because it has to read Layer 3 information. Hence the
latency rates may be relatively more using this type of VLAN membership.

Communication Between VLANs

Communicating within VLANs: There are different protocols available for
communicating between VLANs. These encapsulation schemes are also known as VLAN
trunking protocols. These protocols are based on Layer 2 of the OSI model.

These are:

1. Inter-Switch Link Protocol (ISL)

2. IEEE 802.10 Protocol
3. IEEE 802.1Q Protocol
4. ATM LANE Protocol

5. ATM LANE Fast Simple Server Replication Protocol (FSSRP)

Inter-Switch Link Protocol (ISL): The ISL protocol is used to interconnect two VLAN-
capable Ethernet, Fast Ethernet, or Gigabit Ethernet devices. Here, VLAN information is
tagged to the standard Ethernet frame. The packets on the ISL link contain a standard
Ethernet, FDDI, or Token Ring frame and the VLAN information associated with that
frame. ISL is a Cisco proprietary protocol.

IEEE 802.10 Protocol: This protocol provides connectivity between VLANs. The
protocol incorporates authentication and encryption techniques to ensure data
confidentiality and integrity. The protocol operates at layer 2 of OSI model, and hence
ensures greater efficiency.

IEEE 802.1Q Protocol: This protocol is used to interconnect multiple switches and
routers, and for defining VLAN topologies. IEEE 802.1Q is the industry standard for
communicating within VLANs.

ATM LANE Emulation Protocol (LANE): Using LANE, you can benefit from the legacy
LAN hardware. The LANE protocol operates over traditional LAN, emulating a
broadcast environment like IEEE802.3. LANE makes. LANE allows standard LAN
drivers like NDIS and ODI to be used. Applications can use normal LAN functions
without the underlying complexities of the ATM implementation. Client work stations
need LAN Emulation Client for running LANE protocol. The switches or routers also
need to support appropriate LANE functionalities.

ATM LANE Fast Simple Server Replication Protocol (FSSRP): Cisco introduced the
ATM LANE Fast Simple Server Replication Protocol (FSSRP). FSSRP provides better
network redundancy. If a single LANE server is unavailable due to any technical reasons,
the LANE client transparently switches over to the next LANE server and BUS.

Example:

Question:

Match the trunking protocols with respective media:

1. Inter Switch Link A. FDDI
2. LANE B. Fast Ethernet
3. 802.10 C. ATM

Choose the correct choice.

A. 1-> C, 2->B, 3->A

B. 1->B, 2->C, 3->A

C. 1->B, 2->A, 3->C

D. 1->A, 2->B, 3->C

Ans: B

Explanation: ISL, 802.1Q are the VLAN trunking protocols associated with Fast
Ethernet. The VLAN trunking protocol defined by 802.10 is associated with FDDI. LANE
(LAN Emulation) is associated with ATM.

Contents Up Previous