CCNA New2

LOCAL AREA NETWORK
A local area network (LAN) connects personal computers, printers, and other
computer resources together within a building or campus. Many schools, offices, and
even homes now have LANs. These networks allow printers, as well as documents and
projects, to be shared. LANs also enable computers to talk to one another and are
often used to share Internet access across all of the computers in a building or school.
Most LANs use wires, or cables, to connect computers and other peripheral devices. In
most networks, a network cable (which generally looks like an oversized telephone
cord) connects a computer to a network jack in the wall. Sometimes, in classrooms or
business offices, many computers are connected to an intermediate hub or switch,
not directly to the network jack. The hub or switch into which all of the computers
are plugged is the device that is connected to the network jack. In both cases, the
network jack is connected to a small router by another cable. Printers are also often
shared using this method of hubs and switches.
Some LANs are now wireless. Wireless LANs are fundamentally the same as wired
LANs, but the cabling is replaced by small "radios" that are contained inside the
computers. Wireless LANs are generally somewhat slower than the wired networks,
but they are much easier to set up and allow users to move their machines around
without having to reconnect network cables.
Wireless LANs have moved into the mainstream in schools and classrooms during the
last few years; however, it is important to note that security is much more difficult
when using a wireless network. Additionally, the adoption of competing protocols is
creating some confusion in the marketplace. Agencies need to select a wireless
protocol with care, considering how the network can be upgraded and whether it is
compatible with existing wireless protocols.
Telekomunikasi dan Elektronika
komlek.net@2008
Where a LAN may connect all of the computers within a building or campus, a wide
area network (WAN) connects multiple LANs. Many districts now have WANs
connecting all of the schools within the district for the sharing of Internet access,
selected files, or other resources.
What Are Servers, Routers, and Firewalls?

LANs often involve a number of different components, including a dizzying variety of
servers, switches, routers, firewalls, and the like. This section provides descriptions
of many of these items.
Servers
While servers often are spoken of in almost mystical tones, they are really just
powerful computers running specialized software designed to share files, manage
printers, or perform any other specialized task assigned. Most of these computers are
powerful enough to do more than one thing at a time; for example, a single network
server might be a file server, a print server, and a mail server simultaneously.
File server. A file server is essentially the computer equivalent of a filing cabinet.
Documents, spreadsheets, and other (computer) files are stored on a file server, just
as paper documents are stored in a filing cabinet. The file server's job is to make
those files available to computer users on the LAN and, when appropriate, allow the
users to update the files.
Print server. A print server is a piece of software or hardware that manages print
jobs submitted by users. When a document is sent to a networked printer, the print
server receives the job and queues it (puts it in line behind previously submitted
jobs). When a job gets to the front of the queue, the print server sends it to the
printer. It is not necessary to buy an individual printer for each personal computer.
Users in classrooms or offices often share printers, since not everyone is typically
printing at the same time. This option can save an agency a great deal of money.
Mail server. The third common type of server is a mail server. The mail server acts as
the conduit to the outside world as messages are sent and received. Some servers are
set up so that all of the mail stays on the mail server until a user actively deletes it.
In other configurations, the user is able to move the mail from the server to the
desktop computer. This process, called "downloading," uses less space on the mail
server.
Router
A router is a piece of equipment that acts as the interface between a local network
and the Internet, by routing traffic from one to the other. A router may be a
komlek.net@2008
computer dedicated to managing the traffic of a WAN, or it may be a piece of
software running on a computer that is configured for other tasks as well. Routers
also may be used in LANs to route internal traffic.
Firewall
A critical component of any network is a firewall. A firewall in layman's terms is a
wall that acts as a firebreak—it keeps a fire from spreading. In this sense, a computer
firewall keeps a network secure from hackers (the "arsonists" of the Internet) by
denying access to all or part of the network. Management of firewalls requires a great
deal of expertise. While the network administrator must ensure that no unwanted
traffic can enter the network from outside, a level of access to and from the Internet
must be created that will permit authorized users to conduct their business safely and
efficiently.
A solid, well-designed firewall is critical to ensure that only authorized users have
access to a restricted network. Like routers and servers, firewalls are available as
either hardware or software. Choosing a firewall for a particular network is an issue
best addressed at the local level, after reviewing the options available.
Server vs Desktop Computer
Advances in technology have blurred the distinctions between the computer on the
desktop and a network server. Computing power has continued to grow
exponentially—in fact, most users do not need all the computing power available to
them (at least for now). The same is true of network servers, which have become so
powerful that some network administrators run applications, in addition to the server
software, from the network server, rather than installing applications directly on each
of the computers connected to the network. Servers are capable of managing a much
greater workload today than they were in past years.
Running applications from a server has a number of advantages. One key advantage is
in licensing, since it is much easier to track usage. Another is that local users are
prevented from altering the configuration of applications, which can create software
failure and cause problems for other users. In addition, it is much easier to upgrade
software since only one copy needs to be upgraded, instead of upgrading one copy for
each personal computer. Applications run from a network server, however, are often
comparatively slower than applications running directly on a desktop computer.
Another benefit to server-run applications is the cost-saving use of thin clients. Thin
clients are basic, low-cost computers with insufficient power to run sophisticated
software applications, but with enough power to access applications installed on the
server. By purchasing a single copy of an application that can run on a network, with
komlek.net@2008
licenses for multiple users, the organization can save the cost of multiple software
copies and can purchase less powerful computers at a much lower cost.
In addition, by instituting a thin client environment, older computers in schools have
longer useful lives. In recent years, more and more LANs have incorporated thin
clients for a variety of purposes. In addition, more and more computer applications
are written to take advantage of the web to run remotely. The user's desktop
computer essentially acts as a "dumb" terminal, simply displaying the web pages
broadcast by the server. The computing actually takes place on an Internet server,
and users transmit their commands via the web page. This web-based model works
best when users have high-speed Internet connections.
Computing today occurs on the desktop, on network servers, and Internet servers
alike. The distinctions between the various types of computers and servers, in many
cases, matter less and less. As computer and network transmission speeds improve,
the differences will be even harder to grasp. The increasing complexities of
computing and networking reinforce the need for agencies to employ the services of a
qualified network administrator.
Connecting to the Internet
There are many different ways to connect to the Internet. Agencies can generally
purchase several different kinds of on-ramps to the information superhighway based
on their particular need. Depending on the kind of connection to the Internet, access
to information may be fast or slow.
The key to Internet speed is bandwidth. Bandwidth refers to the amount of data
transferred within a specified time. Greater bandwidth increases the speed of data
transfer. A general overview of the various types of Internet connections is listed
below, starting with the slowest (smallest bandwidth) and moving up to the faster
(greater bandwidth) technologies. Cost and service quality can vary widely. Use of a
competitive bid process, with an appropriate Request for Proposal (RFP), can better
enable agencies to obtain needed service while controlling cost. In other words, the
agency should not commit to service from a provider based on advertisements.
Acronyms and abbreviations referenced in this appendix are defined in the glossary. A
reference table is provided at the end of this appendix for quick comparison of the
various Internet connection options discussed below.
Internet Service Providers
Internet Service Providers (ISPs) provide the portals, or access, that allow computer
users to connect to the Internet. There are numerous ways for education agencies to
komlek.net@2008
connect with an ISP. Before selecting an ISP, the agency should determine its needs
for bandwidth, speed, and services.
The agency should secure the services of an ISP through the RFP process. Using the
RFP process, the ISP should be required to identify the available connection speed
and the reliability of the system, sometimes measured by the amount of time the ISP's
services were down during the previous 6 months. Although most ISPs will advertise a
high connection speed, the agency should determine whether the full bandwidth is
available at all times by requesting an assessment of the provider's typical bandwidth
and connection speed at different times of the day and on different days of the week.
The chief technology officer or technology director should review any ISP proposal.
Following are descriptions of the various Internet connections available.
Dial-Up
Dial-up services connect to the Internet using modems over a traditional telephone
line. The vast majority of Internet users connect to the Internet from home via dialup
service. The maximum connection speed is 56 kilobits per second (Kbps), which is
slow when supporting bandwidth-intensive services, such as video conferencing or
streaming video. Dial-up service is typically sufficient for using web and e-mail
applications. It is not recommended for multiple users, such as a number of students,
who need to access the Internet at the same time. Dial-up service is available almost
everywhere in the United States and is the least expensive way of connecting to the
Internet/World Wide Web.
ISDN
Developed and marketed through the 1980s and early 1990s, the Integrated Services
Digital Network (ISDN) was the telephone company's first attempt at providing faster
online services. As with dial-up service, ISDN is generally insufficient for serving a
large number of users with the same connection. The service provides up to 128 Kbps,
approximately twice the speed of dial-up. ISDN tends to be much more expensive than
dial-up, costing generally $100 to $300 per month. For the most part, DSL technology
has replaced ISDN; however, in some areas where DSL is not available, ISDN may be
the best option. If available, most of the other services mentioned in this appendix
provide greater capacity at lower cost than ISDN.
DSL
Digital Subscriber Line (DSL) technologies have largely replaced ISDN service as the
product telephone companies want consumers to use when connecting to the
Internet. Like dial-up service, DSL connects to the Internet over ordinary copper
telephone lines, but is faster-at rates of 1.5 to 6.1 megabits per second (Mbps)-
enabling continuous transmission of video and audio. DSL service is primarily
marketed to home and small business users, but the service is adequate to meet the
komlek.net@2008
needs of education agencies. While it does not have the same quality of service in
terms of speed or support that dedicated fiber optic lines typically provide, DSL is
much more affordable. DSL is available in much of the United States, particularly in
urban areas. Commercial DSL service generally runs from $100 to $250 per month, but
can run significantly higher.
DSL service quality can vary from area to area and from service provider to service
provider. Additionally, the speed of access to the Internet depends on the distance
between the user and the DSL relay station.
Cable Modems
Cable modems have become, in recent years, the most popular broadband technology
for home computer users. The cable modem uses the same coaxial cable that carries
cable TV signals for high-speed data transmission. While not as robust as fiber optic
connections, cable modems can provide similar quality service at a fraction of the
cost. The quality of a cable modem connection, however, is dependent on the overall
quality of the cable modem provider's network, and the more people accessing the
provider's network at the same time, the slower each individual's connection to the
Internet will be. Speed ranges from under 1 to 8 Mbps; costs are generally $100 to
$250 per month for commercial users.
Because of the historically strong connection between education and the cable
television community, many schools are using cable modems. When contracting to
provide cable service to a city or county, the cable company typically makes the
commitment to provide one cable connection and one modem to each school within
the service area of the cable company. There are cases, however, in which cable
companies have provided additional services.
Higher Bandwidth Connections (including fiber optics)
Many businesses and schools today connect to the Internet through larger cables,
typically referred to as T1 (copper wire), T3 (coaxial cable or fiber optic cable), or
OC3c (fiber optic) connections. These services are widely available, are highly
flexible, and provide high quality, fast broadband service. Costs are comparatively
high and vary widely from area to area. In urban areas, T1 connections (providing 1.5
Mbps) are generally available for approximately $200 to $500 per month. In rural
areas, the same connection usually costs much more. Larger T3 and OC3c
connections, which provide 45 Mbps and 155 Mbps, respectively, generally cost
several thousands of dollars per month in urban areas and tens of thousands of dollars
per month in rural areas. Depending on the bandwidth needs of the school or district,
it may be more sensible to utilize a less expensive connection.
For some agencies, a more feasible option in the T-carrier system may be a
"fractional" T1 line, which utilizes a portion of the T1. Fractional T1 lines are
komlek.net@2008
available to meet almost any speed requirement for a reduced price. This option
makes sense for those agencies that may not need a full T1 line today, but might need
increased bandwidth in the future. In addition, upgrading fractional T1 to use more of
the T1 line can usually be done without purchasing new hardware.
Larger organizations, such as state government agencies or large school districts, may
require the faster OC3c connection. These high-speed connections are not always
available and, as mentioned, can cost tens of thousands of dollars per month. Where
these networks exist, however, states (or counties or large districts) may be able to
divide the bandwidth, according to the needs of smaller districts or schools. By doing
this, the cost of connecting to the Internet could be reduced for smaller agencies or
schools. Districts or schools should, when considering which kind of connectivity to
purchase, determine if there is a preexisting network to which they can connect.
Satellite
Some larger agencies have considered buying space on a satellite to upload and
download files. While the cost of transmitting information over wires would be
removed, satellite reliability is debatable. Weather (such as rain) or even sunspots
can affect satellite transmission.
Cellular Wireless
Traditionally, Internet access over cellular telephone networks has been slow and
somewhat unreliable. Wireless technology, however, is coming of age, and new,
significantly faster Internet connection services are offered throughout the United
States. While these "third generation wireless" services (generally referred to as 3G
services) are not necessarily suitable for building use, they may suit the needs of
individuals within the agency as they maintain contact with each other during the
workday. Already, cellular phones are replacing "walkie-talkies" in many secondary
schools. It is still too soon to tell how much these services will cost, but they will
probably be metered, with cost depending upon the amount of usage.
Fixed Wireless
Fixed wireless refers to the operation of wireless devices in a fixed location. Unlike
mobile wireless devices, which are battery powered, fixed wireless devices are
electrically powered. The basic idea behind fixed wireless is that the traditional wired
connection (e.g., fiber optic, telephone line, or cable TV line) is replaced by a highspeed
wireless connection. Depending on the technology, bad weather (such as rain)
can significantly interfere with fixed wireless services. This service is usually most
attractive in communities where traditional wired connections are not available;
however, the technology is also suitable for urban areas. Fixed wireless speed varies
considerably, from under 1 Mbps to upwards of 15 Mbps. Cost also varies widely.
Wide-Area Networking Overview
Cisco IOS software provides a range of wide-area networking capabilities to fit almost every network
environment need. Cisco offers cell relay via the Switched Multimegabit Data Service (SMDS), circuit
switching via ISDN, packet switching via Frame Relay, and the benefits of both circuit and packet
switching via Asynchronous Transfer Mode (ATM). LAN emulation (LANE) provides connectivity
between ATM and other LAN types. Refer to the Cisco IOS Dial Technologies Configuration Guide:
Volume 1 of 2 for further information on configuring ISDN. Refer to the Cisco IOS Switching Services
Configuration Guide for information on configuring LANE.
Objectives
The Cisco IOS Wide-Area Networking Configuration Guide presents a set of general guidelines for
configuring the following software components:
• ATM
• Broadband Access: PPP and Routed Bridge Encapsulation
• Frame Relay
• Frame Relay-ATM Internetworking
• SMDS
• Link Access Procedure, Balanced and X.25
This overview chapter gives a high-level description of each technology. For specific configuration
information, see the appropriate chapter in this document.
Organization
The Cisco IOS Wide-Area Networking Configuration Guide includes the following chapters:
• Configuring ATM
• Configuring Broadband Access: PPP and Routed Bridge Encapsulation
• Configuring Frame Relay
• Configuring Frame Relay-ATM Interworking
• Configuring SMDS
• Configuring X.25 and LAPB
Introduction to NETWORKING
Network is the method to share hardware resources and software resources. We
can share the resources with the help of operating system like windows, Linux,
UNIX etc. To connect multiple networks we have to use internetworking devices
like router, bridge, layer 3, switches etc.
Administrator model for Networks

We can say that there are four components which are required to create
networks
1. Software
2. Protocol Stack
3. Network Interface Card
4. Media
Software
Networking software can be divided in two categories:
Server software: - The software used to provide a particular service.
Client software: - The software which is used to access service
provided by server.
Apache, Internet Explorer,

Server IIS, Client Outlook Express,
Software Exchange 2003, Software Yahoo messenger,
FTP Server, Cute FTP
Media Send Mail Media
P P
R R
O O
T TCP/IP, T
O IPX/SPX, O
C AppleTalk, C
O Netbeui O
L L
Stack Stack
NIC NIC
Design Considerations
Server software and Client software should be compatible.
Protocol stack must be same.
Connectivity can be performed via switch/hub etc.
If NIC standards are different then translational bridge is required.
If media is different then Trans-Receiver is required.
OSI Model
OSI model is the layer approach to design, develop and implement networks.
OSI model provides following advantages: -
(i) Designing of network will be standards based.
(ii) Development time of new technologies will be reduced.
(iii) Devices from multiple vendors can communicate with each other.
(iv) Implementation and troubleshooting of network will be easier.
• Application Layer: -sales man

Application layer accepts data and forward into the protocol stack. It
creates user interface between application software and protocol stack.
• Presentation Layer: -
This layer decides presentation format of the data. It also able to performs
other function like compression/decompression and
encryption/decryption.
Jpg file
Online song
• Session Layer: -
This layer initiate, maintain and terminate sessions between different
applications. Due to this layer multiple application software can be
executed at the same time.
Telephone trun
• Transport Layer: -
Transport layer is responsible for connection oriented and connection less
communication. Transport layer also performs other functions like
Positive Acknowledgement & Response
Error checking Flow Control
Buffering Windowing
Multiplexing Sequencing
Connection Oriented Communication
Connection less Communication
Sender Receiver
Send
(i) Error checking

Transport layer generates cyclic redundancy check (CRC) and forward the
CRC value to
destination along with data. The other end will generate CRC according to
data and match the
CRC value with received value. If both are same, then data is accepted
otherwise discarded.
(ii) Flow Control

Flow control is used to control the flow of data during communication. For
this purpose
following methods are used: -
(a) Buffering
Buffer is the temporary storage area. All the data is stored in the buffer
memory and when
communication ability is available the data is forward to another.
(b) Windowing
Windowing is the maximum amounts of the data that can be send to
destination without
receiving Acknowledgement. It is limit for buffer to send data without
getting
Acknowledgement.
(c) Multiplexing
Multiplexing is used for multiple application on same IP.
(iii) Sequencing
Transport layer add sequence number to data, so that out of sequence
data can be detected and
rearranged in proper manner.
(iv) Positive Acknowledgement and Response

When data is send to destination, the destination will reply with
Acknowledgement to indicate
the positive reception of data. If Acknowledgement is not received within
a specified time then
the data is resend from buffer memory.
Network Layer
This layer performs function like logical addressing and path
determination. Each networking device has a physical address that is MAC
address. But logical addressing is easier to communicate on large size
network.
Its other responsibilities are:

Fragmentation Quality of Service
Header checksum Protocol
Identification
Logical addressing defines network address and host address. This type
of addressing is used to simplify implementation of large network. Some
examples of logical addressing are: - IP addresses, IPX addresses etc.
Path determination
Network layer has different routing protocols like RIP, EIGRP, BGP, and
ARP etc. to perform the path determination for different routing protocol.
Data Link Layer

The functions of Data Link layer are divided into two sub layers
• Logical Link Control
• Media Access Control
• Logical Link Control defines the encapsulation that will be used by the
NIC to delivered data to destination. Some examples of Logical Link
Control are ARPA (Ethernet), 802.11 wi-fi.
• Media Access Control defines methods to access the shared media and
establish the identity with the help of MAC address. Some examples of
Media Access Control are CSMA/CD, Token Passing.
Physical Layer
Physical Layer is responsible to communicate bits over the media this
layer deals with the standard defined for media and signals. This layer
may also perform modulation and demodulation as required.
Data Encapsulation
Data => Segment => Packet => Frames => Bits
Devices at different Layers

Physical Layer Devices
Hub, Modem, Media, DCE (Data comm. Equipment)
CSU/DSU, Repeater, Media converter
Data Link Layer
NIC, Switch, Bridge
Network Layer Device
Router, Layer 3 Switch
All Layers Device
PC, Firewall
DCE: - DCE convert the bits into signal & send them on media.
FDDI – Fiber Distributed Data Interface
Switch forwards frames on the base of MAC address.
Router forwards packets on the base of IP address.
LAN Technologies
LAN
Ethernet Token Ring FDDI Wi-Fi
10 – 10000 mbps 4 – 16 mbps 4 – 16 mbps 1 – 108
mbps
Ethernet
Ethernet is the most popular LAN technology. It can support verity of media like
copper (UTP, Coaxial, fiber optic). This technology supports wide range of speed
from 10mbps to 10000 mbps.
Ethernet at Logical Link Control

To create logical link control Ethernet uses ARPA protocol also called IEEE802.3.
Ethernet adds source MAC, destination MAC, error checking information and
some other information to data. Ethernet encapsulation explain as follows
Ethernet frame
Preamble An alternating 1,0 pattern provides a 5MHz clock at the start of each
packet, which allows the receiving devices to lock the incoming bit stream.
Start Frame Delimiter (SFD)/Synch The preamble is seven octets and the
SFD is one octet (synch). The SFD is 10101011, where the last pair of 1s allows
the receiver to come into the alternating 1,0 pattern somewhere in the middle
and still sync up and detect the beginning of the data.
Length or type 802.3 uses a length field, but the Ethernet frame uses a type
field to identify the network layer protocol. 802.3 cannot identify the upper-layer
protocol and must be used with a proprietary LAN-IPX, for example
Ethernet at Media Access Control
Ethernet at Media Access Control layer uses CSMA/CD protocol to access the
shared media.
In these days, we use Ethernet with switches and in switches the technology is
made CSMA/CA (Collision Avoidance). So this reason Ethernet is best compare
with Token Ring, FDDI & Wi-Fi.
CSMA/CD
This algorithm runs when a collision created.
Detect the Collision
Stop transmitting receiving data
Generate a random Number
Try to communicate after delay

in multiple of random no.
Ethernet Family
Speed Base band
10 Base 2 200-meter Coaxial cable
10 Base 5 500-meter Thick Coaxial cable
10 Base T 100 meter Twisted Pair (UTP)
10/100(present) Base TX 100 meter UTP
100 Base T4 100 meter UTP 4 Pairs used
100 Base FX up to 4 kms Fiber Optic
1000(Server) Base TX 100 meter UTP
1000 Base FX up to 100 kms Fiber Optic
10000 Base FX Fiber Optic
Ethernet Cabling
Coaxial cabling
T connector, Terminator, BNC connector, Coaxial cable, 10 base2 lan cards
UTP Cabling
In the UTP, we have used different topology to create the network.
In any Ethernet UTP topology we have to use one of the two types of cables
• Straight cable
• Cross cable
Structure Cabling
Requirement: -
Rack, patch panel, Switch/ Hub( Rack Mounable), patch cord,
I/O connector, I/O box, UTP cable
Tool: - Punching tool
Problems of Ethernet technology

• In Ethernet only one pc is able to send data at a time, due to this the
bandwidth of Ethernet will be shared.
• Not an equal access technology.
• One pc will send data, which will be received by the all devices of
network. Due to this data communication will not be secured.
• Collision will occur in the network and collision will lead to other
problems like latency, delay and reduce throughput.
Latency – time duration to send packet from start to
end.
Throughput – speed to send data (output)
• All PCs will have single broadcast domain. Due to this the bandwidth
will be reduced.
LAN Segmentation of Ethernet Network
There are three methods to perform LAN segmentation
(1) LAN segmentation using bridge.
(2) LAN segmentation using switches.
(3) LAN segmentation using Routers.
LAN segmentation using bridge.

Existing
New
1st collision domain 2nd collision domain 3rd collision domain
1 broadcast domain
Working of Bridge: -
Working of Bridge explains in following steps: -
(i) Bridge can receives a frame in the buffer memory.
(ii) The source MAC address of frame this stored to the bridging table.
Port number MAC address
1
2
3
(iii) According to the destination MAC address the frame will be forwarded
or drop
(a) If destination MAC address of the frame is known then frame is
forwarded to the particular port.
(b)If destination MAC address is unknown by bridging table then
frame is forwarded to the all port except receiving port.
(c) If destination MAC address is broadcast MAC address ff.ff.ff.ff.ff.ff.
(d)If destination MAC address exist on the same port from which
port received then frame is dropped.
Collision domain
A group of pc, in which collision can occur, is called a collision domain.
Broadcast domain
A group of pc in which broadcast message is delivered is called broadcast
domain.
LAN segmentation using Switches

Due to perform Lan segmentation using switches. We have to remove hubs from
the network and replace hub with switches the working of switches. The working
of switch is exactly like a bridge. A multiport bridge can be used as a bridge.
1 Broadcast domain Multiple Collision domain = micro
segmentation
Switch’s working is similar to the bridge.

Advantages of Switches: -
(1)Bandwidth will not be shared and overall throughput will depend on
wire speed of the switch. Wire speed is also called switching
capacity measured in mbps or gbps.
Minimum port on switches = 4
Maximum port on switches = 48
(2)Any time access technology.
(3)One to one communication so that network will be more secures.
(4)Switches will perform micro segmentation and no collision will occur
in network.
Lan segmentation using router

If we are facing high concession in the n/w due to the large number of broadcast
then we can divide broadcast domain of network. So that number of broadcast
message will be reduced.
1st Broadcast Domain 2nd Broadcast Domain 3rd Broadcast

Domain
We have to install router between multiple switches to divide the broadcast
domain. Each broadcast domain has to used different network address and
router will provide inter network communication between them.
Router Administration
In this chapter we will study hardware architecture, Router Booting behavior,
Command Line Usage and administration.
Pc Architecture
Processor K/B Keyboard
Controller
Memory controller
I/O Display V.D.U
Controller Card
RAM
Serial
BIOS Parallel
ROM USB
HDD FD CD
D Sound
CMOS
Card
RAM
Router Architecture
LAN
Processor
I/O
Controller WAN
Memory
Controller RAM
Ports
BIOS
Flash
ROM
RAM
O/S
IOS
NVRAM
Components of ROUTER
Router operation
When a pc has to send data to a different network address, then data will be
forwarded to the router. It will analysis IP address of the data and obtain a route
from the routing table. According to the route data will be dropped, If route not
available.
(1) Processor
Speed: - 20 MHz to 1GHz
Architecture: - RISC
Reduce Instruction set computer
Manufacturers: - Motorola, IBM, Power PC, Texas, Dallis, Intel.
(2) Flash RAM

Flash Ram is the permanent read/write memory. This memory is used to
store one or more copies of router o/s. Router o/s is also called IOS
(Internetwork Operating System).
 Flash Ram stores the only o/s.
The size of flash ram in the router is 4mb to 128mb. The flash ram may be
available in one of the following three packages: -
SIMM Flash: - Single In-Line Memory Module
PCMCIA Flash: - Personal Computer Memory Card Interface
Architecture
Compact Flash: - (Small Memory)
(3) NVRAM
NVRAM is a “Non Volatile Random Access Memory”. It is used to store the
configuration of the Router. The size of NVRAM is 8 KB to 512 KB.
(4) RAM
Ram of the router is divided into two logical parts.
(i) Primary RAM
(ii) Shared RAM
Primary RAM
Primary RAM is used for: -
(a) Running copy of IOS.
(b)Running configuration
(c) Routing table
(d)ARP table (IP address to MAC address)
(e) Processor & other data structure
Shared RAM
Shared RAM is used as a buffer memory to shared the data received from
different interfaces. Size of ram in a router may vary from 2 mb to 512
mb. The types of memory that may be present in a ram are: -
(a) DRAM Dynamic RAM
(b)EDORAM Extended Data Out RAM
(c) SDRAM Synchronous Dynamic RAM
(5) BIOS ROM

The BIOS ROM is the permanent ROM. This memory is used to store
following program & Routines: -
(i) Boot strap loader (doing booting)
(ii) Power on self test routines
(iii) Incomplete IOS
(iv) ROM Monitor (ROM-MON)
Router & PC terms

Router PC
ROM-MON CMOS Setup
Incomplete IOS Bootable Floppy/CD
FLASH O/S From HDD
Router Interfaces & Ports

Interface is used to connect LAN networks or wan networks to the router.
Interface will use protocol stacks to send/receive data. Ports are used for
the configuration of routers. Ports are not used to connect different
networks. The primary purpose of port is the management of router.
Router Interfaces
Interface Connector color Speed Use
Ethernet RJ45 yellow 10 mbps To connect
Ethernet LAN
Using UTP media
AUI DB15 yellow 10 mbps To connect

Ethernet LAN
Using Trans-Receiver
Fast Ethernet RJ45 yellow 100 mbps To connect

Ethernet LAN
Serial DB60 blue E1-2 mbps To connect WAN

T1-1.5 mbps Technology like Leased
Lines, Radio link, Frame
Relay, X.25, ATM
Smart Serial SS blue “ “
BRI ISDN RJ45 orange 192 kbps To connect ISDN

Basic
Rate Interface
VOIP RJ11 white - to connect

Phones, Fax,
EPABX
AUI – Attachment Unit Interface EPABX – Electronic Private Automatic Branch

PSTN – Public Services Telephone Network
Router Ports
Port Connector Color Speed Details
Console RJ45 sky blue 9600bps Used for
configuration
using PC
Auxiliary RJ45 black depend on To connect

remote
Modem router using
PSTN line
Virtual terminal - - - To connect

remote router
Vty with telnet
protocol via
interface
Other interfaces:-
(1) Token Ring RJ45 Violet 4/16 mbps To connect
Token Ring network.
(2) E1/T1 controller RJ45 White E1-2048 kbps Connect

E1/T1lines
T1-1544 kbps
(3) ADSL RJ11 - UP- 1 mbps For ADSL
Broadband
(Asynchronous Digital Subscriber Line) Down- 8 mbps
Types of routers:-
(1) Fixed configuration router
(2) Modular router
(3) Chassis based router
Access Router using console

Connect PC serial port to router Console using console cable.
Step 1 Click the Start button on the Windows Taskbar, and select Programs >
Accessories > Communications > HyperTerminal. HyperTerminal
launches and displays the Connection Description dialog box.Type any name
Step 2 Select com port
Step 3 On the Port Settings tab, enter the following settings:
• Speed - 9600
• Data Bits - 8
• Parity - none
• Stop bits - 1
• Flow Control - none
Step 4 Click ok
Router Access Modes

When we access router command prompt the router will display different
modes. According to the modes, privileges and rights are assigned to the user.
User mode
In this mode, we can display basic parameter and status of the router we can
test connectivity and perform telnet to other devices. In this mode we are not
configure to manage & configure router.
Privileged mode
In this mode, we can display all information, configuration, perform
administration task, debugging, testing and connectivity with other devices. We
are not able to perform here configuration editing of the router.
The command to enter in this mode is ‘enable’. We have to enter
enable password or enable secret password to enter in this mode. Enable secret
has more priority than enable password. If both passwords are configured then
only enable secret will work.
Global configuration
This mode is used for the configuration of global parameters in the router.
Global parameters applied to the entire router. The command enter in this mode
is ‘configure terminal’.
For e.g: - router hostname or access list of router
Line configuration mode

This mode is used to configure lines like console, vty and auxiliary. There are
main types of line that are configured.
(i) Console
router(config)#line console 0
(ii) Auxiliary
router(config)#line aux 0
(iii) Telnet or vty
router(config)#line vty 0 4
Interface configuration mode

This mode is used to configure router interfaces. For e.g:- Ethernet, Serial, BRI
etc.
Router(config)#interface <type> <number>
e.g.
Router(config)#interface serial 1
Routing configuration mode

This mode is used to configure routing protocol like RIP, EIGRP, OSPF etc.
Router(config)#router <protocol> [<option>]
Router(config)#router rip
Router(config)#router eigrp 10
Configuring Passwords
There are five types of password available in a router
(1) Console Password (3) Auxiliary Password

router#configure terminal router#configure terminal
router(config)#line console 0 router(config)#line Aux 0
router(config-line)#password router(config-line)#password
<word> <word>
router(config-line)#login router(config-line)#login
router(config-line)#exit router(config-line)#exit
(2) Vty Password (4) Enable Password

router#configure terminal router>enable
router(config)#line vty 0 4 router#configure terminal
router(config-line)#password router(config)#enable password
<word> <word>
(5) Enable Secret Password
Enable Password is the clear text password. It is stored as clear text in
configuration where as enable secret password is the encrypted password with
MD5 (Media Digest 5) algorithm.
Router#configure terminal
Router(config)#enable secret <word>
Router(config)#exit
Encryption all passwords

All passwords other than enable secret password are clear text password. We
can encrypt all passwords using level 7 algorithm. The command to encrypt all
passwords are:
Router(config)#service password-encryption
TIP: In CISCO router any configuration can be removed by using ‘no’ prefix to
the same command.
Managing Configuration
There are two types of configurations present in a router
(1) Startup Configuration (2) Running Configuration
Startup configuration is stored in the NVRAM. Startup configuration is used to

save settings in a router. Startup configuration is loaded at the time of booting
in to the Primary RAM.
Running Configuration is present in the Primary RAM wherever we run a

command for configuration, this command is written in the running
configuration.
To display running- To save configuration

configuration Router#copy running-config
Router#show running- startup-config
configuration Or
Router#write
To display startup configuration
Router#show startup- To abort configuration
configuration Router#copy startup-config
running-config
To erase old configuration
CISCO command line editing & shortcuts

Command line shortcuts Command line editing
Tab – to auto complete shortcuts
command Ctrl+A – to move cursor at start of line
? – To take help Ctrl+E – to move cursor at end of line
Ctrl+P – to recall previous Ctrl+ B – to move cursor one character
command back
Ctrl+N – next command Ctrl+F – to move cursor one character
Ctrl+Z – alternate to ‘end’ forward
command Ctrl+W – to delete word one by one
Ctrl+C – to abort word back
Configuring HostName
Router#hostname <name>
Configuration Interfaces
Interfaces configuration is one of the most important part of the router
configuration. By default, all interfaces of Cisco router are in disabled mode. We
have to use different commands as our requirement to enable and configure the
interface.
Configuring IP, Mask and Enabling the Interface

Router(config)#interface <type> <no>
Router(config-if)#ip address <ip> <mask>
Router(config-if)#no shutdown
Router(config-if)#exit
Interface Numbers
Interface numbers start from 0 for each type of interface some routers will
directly used interface number while other router will use slot no/port no
addressing technique.
Eth 0 Slot 1 Slot 0

Serial 0 Serial 1/0 Serial 0/0
Serial 1 Serial 1/1
To configure Interface Configuring parameters on

description WAN interface
Router#configure terminal Router#configure terminal
Router(config)#interface <type> Router(config)#interfac <type>
<no> <no>
Router(config-if)#description <line> Router(config-if)#encapsulation
<protocol>
Configuring parameters on LAN Router(config-if)#clock rate
interface <value>
Router#configure terminal Router(config-if)#end
Router(config)#interface <type>
<no> To display interface status
Show interfaces command will display following parameters about an

interface
Status Keep alive

Mac address Queuing strategy
IP address Input queue detail Output queue details
Subnet mask Traffic rate (In packet per second,bit per
Hardware type / manufacturer second)
Bandwidth Input packet details
Reliability Output packet details
Delay Modem signals (wan interface only)
Load ( Tx load Rx load) M.T.U maximum transmission rate (mostly
Encapsulation 1500 bytes)
ARP type (if applicable)
Configuring sub interface

Sub interface are required in different scenario. For e.g:- in Ethernet we need
sub interface for Vlan communication and in frame relay we need sub interface
for multipoint connectivity. Sub interface means creating a logical interface
from physical interface.
Router#config ter
Router(config)#interface <type> <no>.<subint no>
Router(config-subif)#
Router(config)#interface serial 0.2
Configuring secondary IP
Router(config-if)#IP address 192.168.10.5 255.255.255.0
Router(config-if)#IP address 192.168.10.18 255.255.255.0 secondary
Managing Command Line History

We can use CTRL+P & CTRL+N shortcuts to display command history. By
default router will up to 10 commands. In the command line history, we can use
following commands to edit this setting
To display commands present To change history size
in history Router#config terminal
Router#show history Router(config)#line console 0
Router(config-if)#history size
To display history size <value>
Router#show terminal Router(config-if)#exit
Configuring Banners
Banners are just a message that can appear at different prompts according to
the type. Different banners are:
Message of the day (motd)-This banner appear at every access method
Login-Appear before login prompt
Exec- Appear after we enter to the execution mode
Incoming-Appear for incoming connections
Syntax:- Example:-
Router#config terminal Router#config terminal
Router(config)#banner <type> Router(config)#banner motd $
<delim. char> This router is distribution 3600
Text Massage router
<delimation char> connected to Reliance
Router(config)# $
Logging configuration
Router generates the log message, which has stored in the router internal buffer
and also displayed on the console.
To send log messages to sys log Synchronous Logging on console
server Router#config terminal
Router#config ter Router(config)#line console 0
Router(config)#logging <IP address> Router(config)#logging synchronous
Router(config)#exit Router(config)#exit
To display log buffer

Router#show logging
Download Syslog Server Software from internet & install it on PC to store syslog
messages.
Configuring Router Clock
We can configure router clock with the help of two methods.
(1) Configure clock locally (2) Configure clock on NTP server (Network
Time Protocol)
Router does not have battery to save the clock setting. So that clock will
reset to the default on reboot. In new routers clock battery will be available for
time keeping.
To display clock To configure clock from NTP
Router#show clock server
Router#config terminal
To configure clock Router(config)#ntp server <IP
Router#clock set hh:mm:ss day month address>
year Router(config)#exit
Use “C:\>ping pool.ntp.org” To get ntp server ip from internet
Status message of Interfaces
When we use “Show Interfaces” command on router. The first two lines will
display the status message. It will display one of the following four messages.
Interface is administratively down, line protocol is down.

This message means that the interface is shutdown by the administrator using
“shutdown” command. We can change this status with help of “no shutdown”
command.
Interface is up, line protocol is up.
This message will appear when everything working fine and interface is able to
communicate with other devices. In case of Ethernet, this message will display
when interface is connected and enabled. In case of serial, this message will
display when end to end connectivity is established.
Interface is down, line protocol is down
In case of serial, this message will appear due to loss in connectivity with
modem.
Interface is up, line protocol is down
This message will appear due to the encapsulation failure. In case of Ethernet,
this message may appear when interface is not connected properly. In case of
serial, this message may appear due connectivity problem with far end router.
Setup Mode
The router will enter in setup mode if there is no configuration is present in
NVRAM. The router will display following message
“Would you like to enter in initial configuration dialog [
y / n ]: “
There are two types of setup modes:
• Basic setup mode
• Extended setup mode
In basic mode only one interface is configured which will be used for
telnet or web access connectivity. In extended mode all interfaces are
configured. At the end we can save configuration changes or discard changes
Telnet access :
Telnet is a virtual port through which we can access router command line using
interfaces
PC
Switch Router
To accept telnet connection we have to configure following options on router:
Configure IP on interface
Configure VTY, enable secret password
On client PC test connectivity with router & use command ‘telnet <router_ip>’
SSH access to Router or Switch

There are four steps required to enable SSH support on an IOS router:
1. Configure the hostname, domain name command.

2. Generate the SSH key to be used.
3. Enable SSH transport support for the virtual type terminal (vtys).
4.
5.
Router Booting Sources
A router can boot from various sources. By default, it will boot from the
flash memory and we can control the sequence with the help of configuration
system or commands. A router can boot from following sources: -
(1) First file in flash
(2) Specific file in flash
(3) Incomplete IOS
(4) TFTP Server
(5) Rom Monitor (from Bios)
The first to control boot sequence using configuration system register. We
can modify configuration register value with the help of “config-register”
command in global configuration mode. We can also modify register value from
ROM monitor mode.
Configuration Register
Configuration Register is 16-bit value, which is stored in the NVRAM. At
the time of booting the Bootstrap Loader reads the value of configuration
Register and according to the value it configure its booting behavior.
0x2102 (IOS with Config)

With this value the router will boot from first file present in the flash memory.
This is the default value of configuration register. After loading IOS the router
will also load startup-config into running-config.
0x2101 (Incomplete IOS with Config)
The router will boot from incomplete IOS and then load the startup-config.
0x2100 (Rom Monitor)
With this router will not boot, but enters in the Rom Monitor mode.
0x2142 (IOS without Config)
The router will boot from first file in flash. But bypass the startup configuration
0x2141 (Incomplete IOS without Config)
The router will boot from Incomplete IOS but bypass the startup-config.
To change Config-Register from global
mode
Router(config)#config-register <value>
Router(config)#exit
Router#reload
Note: - this is the only value, which is configured in the configuration mode and
does not need to be saved.
To change Config-Register using Rom Monitor

Steps: -
(1)Power on the router
(2)Press “ctrl+break” from console with in 60 sec.
(3)The router will enter to the Rom Monitor. Type following commands
Rommon 1> confreg <value>
Rommon 2> i
Note: - in 2500 series router “o/r” command should be used in place of
“confreg” command.
Boot System commands
Boot system command is the second method to control sequence of
router. These commands will be executed only when configuration register is
set to 0x2102. Boot system commands are executed in global configuration
mode. These commands are executed in the same sequence they are applied to
the router. If one boot system command is successful then next boot system
command is not executed in the router.
To boot router from specific file in flash To boot from first file in
Router(config)#boot system flash <file flash
TFTP
name> server Router(config)#boot
TFTP server is modified form of FTP. It is used system
to transfer file without
flash
performing authentication.
To boot router from TFTP TFTP has only home directory, in which
server/network
subdirectories are not allowed. Directory browsing isTo
Router(config)#boot system tftp <file name> not allowed
boot from in the home
directory.
TFTP is the udp-based protocol, which works on port no 69. TFTP has
following features in comparison to the FTP.
(1)Only get file and put file service is available.
(2)Authentication is not supported.
(3)Home directory may not have subdirectories
(4)Directory browsing is not allowed
Installation and Configuration of TFTP server
In windows system, we have to execute following steps to use the pc as TFTP
server.
(1)Download TFTP server software from Internet.
(2)Install the TFTP server software on pc.
(3) If software is not installed as the service then software should be running
on screen.
Configure home directory of server or use default.
Functions to be perform with the help of TFTP server

(1)To boot router from TFTP server
(2)Backup IOS and configuration
(3)Restore IOS and configuration
(4)Upgrade IOS
(1) To boot from TFTP server

i) Run the tftp server s/w on pc. And copy IOS image file in the Home
directory of tftp server.
ii) Test connectivity between router and tftp server.
iii) On router use following commands:-
Router#conf ter
Router(config)#boot system tftp c1700-1s-mz.122.3.bin 10.0.0.18
Router(config)#exit
Router#copy runn start
Reload the device. Make sure that configuration register set as 0x2102.
2) To backup IOS
i) Test connectivity and make sure TFTP server is running.
ii) Type command: -
Router#show flash (note the IOS filename)
Router#copy flash TFTP
Source filename = ?
Destination filename=?
IP of TFTP server=?
(3) To backup Configuration

ii) Type commands: -
Router#copy running-config tftp
Or
Router#copy startup-config tftp
Remote IP: ________

Destination Filename: ________
3) To restore Configuration
ii) Make sure configuration file is present in home directory and note the
filename.
iii) Type commands: -
Router#copy tftp running-config
Remote IP: __________
Source Filename: ___________
Destination Filename[running-config]: _ Press enter here
4) Restore/Upgrade IOS
There are four different conditions in which we can restore/upgrade IOS.
Case 1: old IOS is present and flash is in read/write mode.

• Copy IOS image in tftp server’s home directory.
• Test connectivity and make sure tftp server is running.
• On router use commands: -
Router# copy tftp flash
Source file: -
Destination file: -
IP address: -
Erase Flash [y/n]:
Case2: Old IOS is present but flash is in read only mode.

• In this case, we have to set config-register to 0x2101 to boot the router from
incomplete IOS.
• After booting the flash will be read/write mode. Now use same command as in
condition case 1.
• When IOS loading is complete reset config-register to 0x2102.
Case3: old IOS is not present but incomplete IOS is present in bios.
The router will automatically boot from incomplete IOS. And we have to
execute same commands as in case1 and case2.
Case4: Complete IOS and incomplete IOS is not present in router.

There are two methods to load IOS with the help of Rom Monitor mode.
Method1: Loading IOS using xmodem

In this case we have to use xmodem command and the IOS will be loaded
with the help of console cable. Tftp is not required in this case.
• Enter to the Rom Monitor and type following command.
Rom Mon 1>xmodem <filename>
• When router display a message “ Ready to receive file” then click on
HyperTerminal then Transfer>> Send file>> use browse to select
file>> select protocol xmodem>> send.
Method2: In this case we have to use tftp server in Rom Monitor.

• Connect the pc tftp server make sure tftp is running and IOS image
present in the home directory.
• Enter to the Rom Monitor mode and type following command.
Rom Mon>IP_ADDRESS=10.0.0.2
Rom Mon> TFTP_SERVER=10.0.0.1
Rom Mon> TFTP_FILE=<filename>
Rom Mon> DEFAULT_GATEWAY=10.0.0.1
Rom Mon> IP_SUBNET_MASK=255.0.0.0
Rom Mon> tftpdnld
When IOS transfer is completed then type command.
Rom Mon>boot
To view source from which router boots.
Router#show version
Resolving Host Names

In router, we can communicate with the help of IP address as well as host name
and domain name. There are two methods to resolve hostname into IP address.
1) Using local hostname database

We can use local hostname database by using IP host command. We can
use this command with following syntax: -
To create local hostname To display hosts

database Router#show hosts
2) Using a DNS server

We can configure router to send DNS queries to DNS server. The DNS server
will resolve hostname and then pc or router will try to communicate with
destination. We can create maximum 6 IP.
Router#config terminal
Router(config)#IP name-server <IP> [<IP2>]
Router(config)#IP name-server 202.56.230.6
Router(config)#exit
Managing Telnet connection

Our router is able to telnet other devices as well as other devices can also
perform telnet to our router.
To allow Telnet access to router

For this purpose we have to configure IP address, vty password and
enable secret password. IP must exist between client and router. When router
will be able to perform telnet access.
On telnet client we have to use following command: -
Router#Telnet <IP of router>
To display connected users To telnet a device from router

Router#show users Router#telnet <IP>
To exit from telnet session
To disconnect a user Router#exit
Router#clear line <no>
To exit from a hanged telnet
To display connected session session
Router#show sessions Ctrl+shft+6 X
TIP: If we want to allow telnet router without password then on the VTY type
command “No Login”.
TCP/IP MODEL
TCP/IP is the most popular protocol stack, which consist of large no of protocol.
According to the OSI model TCP/IP consist of only four layers. TCP/IP model is
modified form of DOD (Department of Defense) model.
Application Layer
This layer contains a large no. of protocols. Each protocol is designed to
act as server & client. Some of protocol will need connection oriented. TCP and
others may need connection less UDP for data transfer.
Application layer use port no.s to identity each application at Transport
layer. This layer performs most of functions, which are specified by the
Application, Presentation, and Session layer of OSI model.
Transport Layer
Two protocols are available on Transport layer
Transmission Control Protocol User Datagram Protocol
1) Transmission Control Protocol:
TCP performs connection-oriented communication. Its responsibilities are: -
Error Checking Acknowledgement
Sequencing Flow Control
Windowing
• Source Port and Destination Port fields together identify the two local end points of the
particular connection. A port plus its hosts’ IP address forms a unique end point. Ports are
used to communicate with the upper layer and distinguish different application sessions on
the host.
• The Sequence Number and Acknowledgment Number fields specify bytes in the byte
stream. The sequence number is used for segment differentiation and is useful for reordering
or retransmitting lost segments. The Acknowledgment number is set to the next segment
expected.
• Data offset or TCP header length indicates how many 4-byte words are contained in the
TCP header.
• The Window field indicates how many bytes can be transmitted before an acknowledgment
is received.
• The Checksum field is used to provide extra reliability and security to the TCP segment.
• The actual user data are included after the end of the header.
2) User Datagram Protocol

UDP is considered to be a connectionless protocol. It leaves reliability to be handled by the
application layer. All it cares about is fast transmission.
UDP header is responsible for error checking and identifying applications using
port numbers.
Internet Layer
The main function of Internet layer is routing and providing a single network
interface to the upper layers protocols. Upper or lower protocols have not any
functions relating to routing. To prevent this, IP provides one single network
interface for the upper layer protocols. After that it is the job of IP and the
various Network Access protocols to get along and work together. The main
protocols are used in Internet layer:-
1) Internet Protocol (IP)
2) Internet Control Message Protocol (ICMP)
3) Address Resolution Protocol (ARP)
4) Reverse Address Resolution Protocol (RARP)
5) Proxy ARP
Internet Protocol
This protocol works at internet layer. It is responsible for logical addressing,
defining type of service and fragmentation.
• Source Port and Destination Port fields together identify the two local end points of the
particular connection. A port plus its hosts IP address forms a unique end point. Ports are
used to communicate with the upper layer and distinguish different application sessions on
the host.
• The Sequence Number and Acknowledgment Number fields specify bytes in the byte
stream. The sequence number is used for segment differentiation and is useful for reordering
or retransmitting lost segments. The Acknowledgment number is set to the next segment
expected.
• Data offset or TCP header length indicates how many 4-byte words are contained in the
TCP header.
• Window indicates how many bytes can be transmitted before an acknowledgment is
received.
• Checksum is used to provide extra reliability and security to the TCP segment.
• User data represents the actual data which are always included at end of the header.
IP Subnet
In TCP/IP by default three sizes of networks are available: -
(1) Class A -224 PC -> 16777216
(2) Class B - 216 PC-> 65536
(3) Class C – 28 PC -> 256
In subneting, we will divide class A,B & C network into small size sub networks.
This procedure is called subneting.
Subneting is performed with the help of subnet mask. There are two types
of subneting that we performed: -
(1)FLSM Fixed Length Subnet Mask
(2)VLSM Variable Length Subnet Mask
Why to Sub?
(i) Default Class Network provide us large no. of PCs in comparison to the
requirement of PCs in the network.
(ii) It is practical never possible to create a class A or class B sized network.
To reduce the broadcast of network, we have to perform LAN
segmentation of routers. In each sub network, we need different network
addresses.
How to Subnet?
In this formula, we will first modify our requirement according to the no. of
subnet possible then we calculate new subnet mask and create IP range.
Example 1
Class = C
No. of subnet =5
Step1
No. of subnet possible is 2,4,8,16,32……
Class= C
No. of subnets= 8
Step 2
Calculate key value
2? = No. of subnets
2? = 8
23= 8
Step 3
Calculate new subnet mask
In class C
Net id Host id
24+key 8-key
24+3 8-3
27 5
11111111.11111111.11111111.11100000
255. 255. 255. 224
We add this address to make subnet mask
Step 4
Range
No. of Pc/Subnet= Total Pc/ No. of Subnet
= 256/8 =32
In Class C
x.x.x.0 – x.x.x.31
(1)- (30)
x.x.x.32- x.x.x.63
64- 95
96- 127
128- 159
160- 191
192- 223
x.x.x.224-x.x.x.255
The first IP of each subnet will be subnet id and last IP will be sub network
broadcast address.
Example 2
Class= C
No. of subnet= 10
Step 1
No. of subnet= 16
Step 2
24= 16
Step 3
Net id Host id
24+4 8-4
11111111.11111111.11111111.11110000
Subneting method 2
Class=
No. of Pc/Sub= 8
Mask= ?
Range= ?
In this case we have to calculate the key according to the no. of per subnet
according to the key value the bits of subnet mask from right hand side are set
to zero then range is calculated.
Example
Class= C
No. of Pc/Sub=5
Step 1
No. of Pc/Subnet possible 4,8,16,32,64….
New requirement
Class= C
No. of Pc/Sub= 8
Step 2
2?= No. of Pc/Sub
2?= 8
23= 8
key 3
11111111.11111111.11111111.11111000
255. 255. 255. 248
No. of Subnet= Total Pc/(Pc/Sub)

= 256/8
Class C Sub Pc/Sub

255.255.255.248 32 8
200.100.100.0 200.100.100.7
.8 .15
.16 .23
.24 .31
.
.
Example 2
Class C
No. of Pc/Sub=50
Step 1
Class= C
No. of Pc/Sub= 64
Step 2
26= 64
11111111.11111111.11111111.11000000
255. 255. 255. 192
No. of subnet= 256/64= 4
Class C Sub Pc/Sub

255.255.255.192 4 64
Method 3
No. of Pc/Sub= 50
New req.
No. of Pc/Sub= 64
No. of Subnet= 256/64= 4
Class= C
No. of Sub= 4
22= 4
24+2 8-2
11111111.11111111.11111111.11000000
255. 255. 255. 192
Zero Subnet
According to the rules of IP Addressing the first subnet and last subnet is not
useable due to routing problem. In new Cisco router a command is present in
default configuration. With this command, we are able to use first and last
Subnet after Subneting.
Command is
Router#config ter
Router(config)#ip subnet-zero
Router(config)#exit
Example: - Check whether an address is valid IP, N/w address or Broadcast

address. If IP is valid then calculate its N/w & Broadcast address.
200.100.100.197
255.255.255.240
28 4
200.100.100.197
200.100.100.1100 0101 Valid IP
200.100.100.192
200.100.100.1100 0000 Network address
200.100.100.207
200.100.100.1100 1111 Broadcast address
Example: -
Class= B
No. of subnet= 64
26= 64
11111111.11111111.11111111.11000000
255. 255. 255. 192
No. of Pc/Sub= 65536/64= 1024
150.20.0.0 – 150.20.3.255
150.20.4.0 – 150.20.7.255
150.20.8.0 – 150.20.11.255
Prefix Notation of representing IP Address

IP address can be written as IP & Mask as well as IP/Prefix.
200.100.100.18
255.255.255.248
200.100.100.18/29
170.20.6.6
255.255.255.224.0
170.20.6.6/19
This method is representing IP address also called CIDR (Classless Inter Domain
Routing) notation.
No Subneting
200.100.8.X
200.100.1.X
200.100.7.X 200.100.9.X
200.100.4.X 200.100.6.X
200.100.5.X
200.100.3.X
200.100.2.X
FLSM
200.100.1.112-127/28 200.100.1.128-143/28
200.100.1.95-111/28
200.100.1.48-63/28
200.100.1.80-95/28
200.100.1.64-79/28
200.100.1.32-47/28
200.100.0-15/28
200.100.1.16-31/28
Remaining Subnet
144 – 159
160 – 175
176 – 191
192 – 207
208 – 223
224 – 239
240 – 255
Problem with FLSM

In FLSM, we have to create subnet of equal size. All N/w will be allotted constant
size subnet instead of their IP addresses requirement. Due to this a N/w may be
allotted more than required IP address and less than required IP addresses.
VLSM
/25 /26 /27 /28 /29
255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240
255.255.255.248
Sub Pc/Sub Sub Pc/Sub Sub Pc/Sub Sub Pc/Sub

Sub Pc/Sub
2 128 4 64 8 32 16 16 32
8
0 – 127 0 – 63 0 – 31 0 – 15 0–7
128 – 255 64 – 127 32 – 63 16 – 31 8 – 15
128 – 191 64 – 95 32 – 47 16 – 23
192 – 255 96 – 127 48 – 63 24 - 31
64 –79
80 – 95
96 – 111
/30
255.255.255.252
Sub Pc/Sub
64 4
0 – 3
4 – 7
8 – 11 20 64
12 – 15 32-63/30 64-95/27
2 IP
2 0-3/30
4-7/30
2 2
8-11/30 12-15/30
5
16-23/29
10 50
96-111/28 128-191/26
Remaining
24 – 31
112 – 127
If we are using VLSM and Dynamic Routing then routing be compatible to VLSM.
This will happen only if Subnet masks are also sends in the routing updates.
Super Netting
Combining small N/w to create a large size N/w is called Super Network. Super
netting is mostly used to define route summarizations in routing tables. It is not
used for the implementation of large network.
170.10.0.0 170.00001010.00000000.00000000
170.11.0.0 170.00001011.00000000.00000000
IP Routing
When we want to connect two or more networks using different n/w addresses
then we have to use IP Routing technique. The router will be used to perform
routing between the networks. A router will perform following functions for
routing.
(1)Path determination
(2)Packet forwarding
(1) Path determination

The process of obtaining path in routing table is called path determination.
There are three different methods to which router can learn path.
i) Automatic detection of directly connected n/w.
ii) Static & Default routing
iii) Dynamic routing
(2) Packet forwarding

It is a process that is by default enable in router. The router will perform
packet forwarding only if route is available in the routing table.
Routing Process
(i) The pc has a packet in which destination address is not same as the local n/w
address.
(ii) The pc will send an ARP request for default gateway. The router will reply to
the ARP address and inform its Mac address to pc.
(iii) The pc will encapsulate data, in which source IP is pc itself, destination IP is
server, source Mac is pc’s LAN interface and destination Mac is router’s LAN
interface.
R1
10.0.0.1
PC1 10.0.0.6 172.16.0.5
S. MAC D. MAC
PC1 R1
D. IP 172.16.0.5
S. IP 10.0.0.6
The router will receive the frame, store it into the buffer. When obtain packet
from the frame then forward data according to the destination IP of packet. The
router will obtain a route from routing table according to which next hop IP and
interface is selected
(iv) According to the next hop, the packet will encapsulated with new frame and
data is send to the output queue of the interface.
Static Routing
In this routing, we have to use IP route commands through which we can specify
routes for different networks. The administrator will analyze whole internetwork
topology and then specify the route for each n/w that is not directly connected
to the router.
Steps to perform static routing

(1) Create a list of all n/w present in internetwork.
(2) Remove the n/w address from list, which is directly connected to n/w.
(3) Specify each route for each routing n/w by using IP route command.
Router(config)#ip route <destination n/w> <mask> <next hop ip>
Next hop IP it is the IP address of neighbor router that is directly connected

our router.
Static Routing Example: -

Router#conf ter
Router(config)#ip route 10.0.0.0 255.0.0.0 192.168.10.2
Advantages of static routing

(1) Fast and efficient.
(2) More control over selected path.
(3) Less overhead for router.
(4) Bandwidth of interfaces is not consumed in routing updates.
Disadvantages of static routing

(1) More overheads on administrator.
(2) Load balancing is not easily possible.
(3) In case of topology change routing table has to be change manually.
Alternate command to specify static route

Static route can also specify in following syntax: -
Old
Or
Router(config)#ip route 172.16.0.0 255.255.0.0 serial 0
Backup route or loading static route

If more than one path are available from our router to destination then we can
specify one route as primary and other route as backup route.
Administrator Distance is used to specify one route as primary and other
route as backup. Router will select lower AD route to forward the traffic. By
default static route has AD value of 1. With backup path, we will specify higher
AD so that this route will be used if primary route is unavailable.
Protocols AD
Directly Connected 0
Static 1
BGP 20
EIGRP 90
IGRP 100
OSPF 110
RIP 120
Syntax: - To set backup path

Router(config)#ip route <dest. n/w> <mask> <next hop> <AD>
Or
<exit interface>
Example: -
Router#conf ter
Router(config)#ip route 150.10.0.0 25.255.0.0 160.20.1.1 8 (below 20)
Router(config)#exit
Default Routing
Default routing means a route for any n/w. these routes are specify with the
help of following syntax: -
Router(config)#ip route 0.0.0.0 0.0.0.0 <next hop>
Or
<exit interface>
This type of routing is used in following scenario.
Scenario 1: -
Stub network
A n/w which has only one exit interface is called stub network.
If there is one next hop then we can use default routing.
Scenario 2
Internet connectivity
On Internet, million of n/ws are present. So we have to specify default routing
on our router.
Default route is also called gateway of last resort. This route will be used when
no other routing protocol is available.
ISP
200.100.100.11
172.16.0.5
R1 R2
10.0.0.0

To display routing table

Router#sh ip route
To display static routes only

Router#sh ip route static
To display connected n/ws only

Router#sh ip route connected
S 192.168.10.0/28 [1/0] via 172.16.0.5
To check all the interface of a router

Router#sh interface brief
Dynamic Routing
In dynamic routing, we will enable a routing protocol on router. This protocol will
send its routing information to the neighbor router. This protocol will send its
routing information to the neighbor router. The neighbors will analyze the
information and write new routes to the routing table.
The routers will pass routing information receive from one router to other
router also. If there are more than one path available then routes are compared
and best path is selected. Some examples of dynamic protocol are: -
RIP, IGRP, EIGRP, OSPF
Types of Dynamic Routing Protocols

According to the working there are two types of Dynamic Routing Protocols.
(1) Distance Vector
(2) Link State
According to the type of area in which protocol is used there are again two
types of protocol: -
(1) Interior Routing Protocol
(2) Exterior Routing Protocol
Autonomous system
Autonomous system is the group of contiguous routers and n/w, which will share
their routing information directly with each other. If all routers are in single
domain and they share their information directly with each other then the size
of routing updates will depend on the no. of n/w present in the Internetwork.
Update for each n/w may take 150 – 200 bytes information.
For example: - if there are 1000 n/ws then size of update will be
200*1000 = 200000 bytes
The routing information is send periodically so it may consume a large amount
of bandwidth in our n/w.
Border Routing
Exterior Routing
Interior Routing
AS 400
AS 200 AS 500
Domain
Protocols
Interior Routing Exterior Routing
RIP BGP
IGRP EXEIGRP
EIGRP
OSPF
Distance Vector Routing
The Routing, which is based on two parameters, that is distance and direction is
called Distance Vector Routing. The example of Distance Vector Routing is RIP &
IGRP.
Operation: -
(1) Each Router will send its directly connected information to the neighbor
router. This information is send periodically to the neighbors.
(2) The neighbor will receive routing updates and process the route according to
following conditions: -
(i) If update of a new n/w is received then this information is stored in routing
table.
(ii) If update of a route is received which is already present in routing table
then route will be refresh that is route times is reset to zero.
(iii) If update is received for a route with lower metric then the route, which is
already present in our routing table. The router will discard old route and write
the new route in the routing table.
(iv) If update is received with higher metric then the route that is already
present in routing table, in this case the new update will be discard.
(3) A timer is associated with each route. The router will forward routing
information on all interfaces and entire routing table is send to the neighbor.
There are three types of timers associated with a route.
(i) Route update timer
It is the time after which the router will send periodic update to the
neighbor.
(ii) Route invalid timer
It is the time after which the route is declared invalid, if there are no
updates for the route. Invalid route are not forwarded to neighbor routers but it
is still used to forward the traffic.
(iii) Route flush timer
It is the time after which route is removed from the routing table, if there
are no updates about the router.
Metric of Dynamic Routing

Metric are the measuring unit to calculate the distance of destination n/w. A
protocol may use a one or more than one at a time to calculate the distance.
Different types of metric are: -
(1) Hop Count
(2) Band Width
(3) Load
(4) Reliability
(5) Delay
(6) MTU
Hop Count:It is the no. of Hops (Routers) a packet has to travel for a destination n/w.
Bandwidth : Bandwidth is the speed of link & path with higher bandwidth is preferred to send data.
Load : Load is the amount of traffic present in the interface. Paths with lower load and high
throughput
is used to send data.
Reliability : Reliability is up time of interface over a period of time.
Delay : Delay is the time period b/w a packet is sent and received by the destination.
MTU : Maximum Transmission Unit It is the maximum size of packet that can be
sent in a frame mostly
MTU is set to 1500.
Problems of Distance Vector

There are two main problems of distance vector routing
(1)Bandwidth Consumption
(2)Routing Loops
Bandwidth Consumption
The problem of accessive bandwidth consumption is solved out with the help of
autonomous system. It exchanges b/w different routers. We can also perform
route summarization to reduce the traffic.
Routing Loops
It may occur between adjacent routers due to wrong routing information.
Distance Vector routing is also called routing by Rumor. Due to this the packet
may enter in the loop condition until their TTL is expired.
Method to solve routing loops

There are five different methods to solve or reduce the problem of routing loop.
(1)Maximum Hop Count
(2)Flash Updates/Triggered Updates
(3)Split Horizon
(4)Poison Reverse
(5)Hold Down
Maximum Hop Count

This method limits the maximum no. of hops a packet can travel. This method
does not solve loop problem. But it reduce the loop size in the n/w. Due to this
method the end to end size of a n/w is also limited.
Flash Updates/Triggered Updates

In this method a partial update is send to the all neighbors as soon as there is
topology change. The router, which receives flash updates, will also send the
flash updates to the neighbor routers.
Split Horizon
Split Horizon states a route that update receive from an interface can not be
send back to same interface.
Poison Reverse
This method is the combination of split Horizon and Flash updates. It
implements the rule that information received from the interface can not be
sent back to the interface and in case of topology change flash updates will be
send to the neighbor.
Hold Down
If a route changes frequently then the route is declared in Hold Down state and
no updates are received until the Hold Down timer expires.
Routing Information Protocol

Features of RIP: -
• Distance Vector
• Open standard
• Broadcast Updates
(255.255.255.255)
• Metric - Hop Count
Timers
Update 30 sec
Invalid 180 sec
Hold 180 sec
Flush 240 sec
* Loop Control
Split Horizon
Triggered Updates
Maximum Hop Count
Hold Down
* Maximum Hop Count 15
* Administrative Distance 120
* Equal Path Cost Load Balancing
* Maximum Load path 6
Default 4
* Does not support VLSM
* Does not support Autonomous system
Configuring RIP
Router#conf ter
Router(config-router)#network <own net address>
Router(config-router)#network <own net address>
--------------
--------------
Router(config-router)#exit
172.16.0.6
10.0.0.1 172.16.0.5 175.2.1.1

R
1
200.100.100.12
Router(config-router)#network 10.0.0.0
175.2.0.0 via 172.16.0.6
Display RIP Routers

Router#sh ip route rip
R 192.168.75.0/24 [120/5] via 172.30.0.2 00:00:25 serial 1/0
RIP Dest. n/w mask AD Metric Next Hop Timer own Interface
RIP advanced configuration

Passive Interfaces
An interface, which is not able to send routing updates but able to receive
routing update only is called Passive Interface. We can declare an interface as
passive with following commands: -
Router#conf ter
Router(config-router)#Passive-interface <type> <no>
Neighbor RIP
In RIP, by default routing updates are send to the address 255.255.255.255. In
some scenarios, it may be required to send routing updates as a unicast from
router to another. In this case, we have to configure neighbor RIP.
For example: - in a Frame Relay n/w the broadcast update is discarded by the
switches, so if we want to send RIP updates across the switches then we have to
unicast updates using Neighbor RIP.
Frame Relay
Unicast 10.0.0.2
Cloud
255.255.255.255
10.0.0.1 10.0.0.2
R1 R2
R1 R2
Router(config)#router rip Router(config)#router rip
Router(config-router)#neighbor 10.0.0.2 Router(config-router)#neighbor
10.0.0.1
Configuring Timers
Router(config-router)#timers basic <update> <invalid> <hold down> <flush>
Example: -
Router(conf)#timer basic 50 200 210 300
Update 50 sec
Invalid 200 sec
Hold 210 sec
Flush 300 sec
To change Administrative Distance

Router(config-router)#distance <value>
Router(config-router)#exit 95 or 100
To configure Load Balance

RIP is able to perform equal path cost Load Balancing. If multiple paths are
available with equal Hop Count for the destination then RIP will balance load
equally on all paths.
Load Balancing is enabled by default 4 paths. We can change the no. of
paths. It can use simultaneously by following command: -
Router(config-router)#maximum-path <1-6>
To display RIP parameters

Router#sh ip protocol
Or
Router#sh ip protocol RIP
This command display following parameters: -

(i) RIP Timers
(ii) RIP Version
(iii) Route filtering
(iv) Route redistribution
(v) Interfaces on which update send
(vi) And receive
(vii) Advertise n/w
(viii) Passive interface
(ix) Neighbor RIP
(x) Routing information sources
(xi) Administrative Distance
RIP version 2
RIP version 2 supports following new features: -
(1) Support VLSM (send mask in updates)
(2) Multicast updates using address 224.0.0.9
(3) Support authentication
Commands to enable RIP version 2

We have to change RIP version 1 to RIP version 2. Rest all communication will
remain same in RIP version 2.
Router(config)#Router RIP
Router(config-router)#version 2
To debug RIP routing
Router#debug ip rip
To disable debug routing

Router#no debug ip rip
Or
Router#no debug all
Or
Router#undebug all
Interior Gateway Routing Protocol
Features: -
* Cisco proprietary
* Distance vector
* Timers
Update 90 sec
Invalid 270 sec
Hold time 280 sec
Flush 630 sec
* Loop control
All methods
* Max hop count
100 upto 255
* Metric (24 bit composite)
Bandwidth (default)
Delay (default)
Load
Reliability
MTU
* Broadcast updates to address 255.255.255.255
* Unequal path cost load balancing
* Automatic route summarization
* Support AS
* Does not support VLSM
Configuring IGRP
Router(config)#router igrp <as no>(1 – 65535)
Router(config-router)#network <net address>
Router(config-router)#network <net address>
Configuring Bandwidth on Interface for IGRP

By default the router will detect maximum speed of interface and use this value
as the bandwidth metric for IGRP. But it may be possible that the interfaces and
working at its maximum speed then we have to configure bandwidth on
interface, so that IGRP is able to calculate correct method.

Router(config-if)#bandwidth <value in kbps>
Router(config)#interface serial 0
Router(config-if)#bandwidth 256
Serial E1 modem Serial E1
2048 k 2048 k
256 k
sync
Configuring Unequal path cost load balancing

To configure load balancing, we have to set two parameters
(1) Maximum path (by default 4)
(2) Variance (default 1)
Maximum Path: - it is maximum no. of paths that can be used for load balancing
simultaneously.
Variance: - it is the multiplier value to the least metric for a destination n/w up
to which the load can be balanced.
Router(config)#Router igrp <as no>

Router(config-router)#variance <value>
Configuring following options in IGRP as same as in case of RIP: -

(1) Neighbor
(2) Passive interface
(3) Timer
(4) Distance (AD)
(5) Maximum path
Neighbor Topology Routing

11.0.0.1 R1 11.0.0.0 dc
13.0.0.2 12.0.0.0 dc
13.0.0.0 dc
R2 11.0.0.0
10.0.0.0
R3 13.0.0.0
14.0.0.0
15.0.0.0
16.0.0.0
R4 16.0.0.0
17.0.0.0
R5 18.0.0.0
19.0.0.0
20.0.0.0
14.0.0.0
R6 20.0.0.0 19.0.0.0
21.0.0.0
20.0.0.0 18.0.0.0
R R
6 5
21.0.0.0 14.0.0.0
15.0.0.0 R 13.0.0.0 R 11.0.0.0 R 10.0.0.0

3 1 2
16.0.0.0 12.0.0.0
17.0.0.0 R
4
Link State Routing
This type of routing is based on link state. Its working is explain as under
(1) Each router will send Hello packets to all neighbors using all interfaces.
(2) The router from which Hello reply receive are stored in the neighborship
table. Hello packets are send periodically to maintain the neighbor table.
(3) The router will send link state information to the all neighbors. Link state
information from one neighbor is also forwarded to other neighbor.
(4) Each router will maintain its link state database created from link state
advertisement received from different routers.
(5) The router will use best path algorithm to store the path in routing table.
Problems of Link State Routing

The main problems of link state routing are: -
(1) High bandwidth consumption.
(2) More hardware resources required that is processor and memory (RAM)
The routing protocols, which use link state routing are: -
(1) OSPF (2) EIGRP
Enhanced Interior Gateway Routing Protocol

Features: -
* Cisco proprietary * Metric (32 bit composite)

* Hybrid protocol Bandwidth
Link State Delay
Distance Vector Load
* Multicast Updates using Reliability
Address 224.0.0.10 MTU
* Support AS * Neighbor Recovery
* Support VLSM * Partial updates
* Automatic Route Summarization * Triggered updates
* Unequal path cost load balancing * Backup Route
* Multi Protocol Routing
EIGRP Protocols & Modules

(1) Protocol depended module
This module is used to perform multi protocol routing that is the router will
maintain 3 routing table for TCP/IP, IPX/SPX and Appletalk. It will analyze the
update packet and send to the corresponding routing table.
Reliable Transport Protocol

RTP is used to exchange routing updates with neighbor routers. It will also
maintain neighbor relationship with the help of Hello packet. RTP has following
features: -
(1) Multicast updates (224.0.0.10)
(2) Neighbor recovery: If neighbor stops responding to the Hello packets
then RTP will send 16 unicast Hello packet for that neighbor.
(3) Partial updates
(4) No updates are send if there is no topology change. Due to this feature it is
also called quiet protocol.
Diffusing Update Algorithm (DUAL)

DUAL is responsible for calculating best path from the topology table. Dual has
following features: -
* Backup Path * VLSM
* Route queries to neighbor for unknown n/w.
Configuring EIGRP
Router(config)#router eigrp <as no>
Router(config-router)#network <net addr.>
Router(config-router)#network <net addr.>
Advanced Configuration EIGRP

Configuring following options are same as configuring IGRP
(1) Bandwidth on Interfaces
(2) Neighbor
(3) Load balancing
Max path
Variance
Display Commands Debug IGRP

Router#clear ip route * Router#debug ip igrp events
Flush routing table. Its display info. On special event
Router#sh ip eigrp topology Router#debug ip igrp transactions

It shows topology database. It shows every update
P-> passive-> stable
A->active->under updation Debug EIGRP
Router#debug ip eigrp
Router#sh ip eigrp neighbor Router#debug ip eigrp summary
It shows neighbor table
Open Shortest Path First

Features: -
* Link State * Hierarchical model
* Open standard
* Multicast updates * Metric
224.0.0.5 Bandwidth
224.0.0.6 * Equal path cost load balancing
* Support VLSM * Support authentication
* Support Area similar to AS * Unlimited hop count
* Manual Route Summarization
OSPF Terminology
Already known topics in this: -
(1) Hello packets
(2) LSA (Link State Advertisement)
(3) Neighbor
(4) Neighbor table
(5) Topology table (LSA database)
Router ID
Router ID is the highest IP address of router interfaces. This id is used as the
identity of the router. It maintaining stale databases. The first preference for
selecting router ID is given to the Logical interfaces. If logical interface is not
present then highest IP of physical interface is selected as router id.
Area
Area is the group of routers & n/ws, which can share their routing information
directly with each other.
Adjacency
A router is called adjacency when neighbor relationship is established. We can
also say adjacency relationship is formed between the routers.
OSPF Hierarchical Model Area 0
br br br
abr abr abr
ar ar ar ar
ar ar ar
Area 20 Area 70 Area 90
Area Router
A router, which has all interfaces member of single area, is called area router.
Backbone Area
Area 0 is called backbone area. All other areas must connect to the backbone
area for communication.
Backbone Router
A router, which has all interfaces members of area 0, is called backbone router.
Area Border Router
A router, which connects an area with area 0, is called area border router.
LSA Flooding in OSPF

If there are multiple OSPF routers on multi access n/w then there will be
excessive no. of LSA generated by the router and they can choke bandwidth of
the network.
Designated Router
A router with highest RID (router id) will be designated router for a particular
interface. This router is responsible for receiving LSA from non-DR router and
forward LSA to the all DR router.
Backup Designated Router
This router will work as backup for the designated router. In BDR mode, it will
receive all information but do not forward this information to other non-DR
router.
L K M N
A B C D
Switch
A B C D
B A A A Neighbor
C C B B
D D D C
L K M N
This problem is solved with the help of electing a router as designated router
and backup designated router.
Commands to configure OSPF
Router#conf ter
Router(config)#router ospf <process no>
Router(config-router)#network <net address> <wild mask> area <area id>
Router(config-router)#network <net address> <wild mask> area <area id>
Wild Mask – Complement of subnet mask
Example 255.255.0.0 0.0.255.255
255.255.255.255 255.255.255.255
- Subnet mask - 0.255.255.192
Wild mask 0 . 0 . 0 . 63
Configuring bandwidth on interface

If the actual bandwidth of interface is not equal to the maximum speed of
interface then we have to use bandwidth command to specify the actual
bandwidth.

Router(config-if)#bandwidth <speed>
Configuring logical interface for OSPF

By default the highest IP address of interface will be elected as Router id. If
there is a change in status of interface then router will reelect some IP as Router
id. So if we create logical interface, it will never go down and first preference
give to the logical interface for RID.
Command: -
Router(config)#interface loopback <no>
Router(config-if)#ip address 200.100.100.1 255.255.255.255
Router(config-if)#no sh
The subnet mask 255.255.255.255 is called host mask. It is

recommended to use this mask due to which minimum IP
address will be wasted.
Command to display OSPF parameter

Router#show ip protocol
Router#show ip ospf
Display Neighbor Table

Router#show ip ospf neighbor
Display Database
Router#show ip ospf database
To display DR/BDR Elections

Router#show ip ospf interfaces
Area 20
200.100.100.2/24
215.1.13/24
Router(config)#router ospf 32
Router(config-router)#network 200.100.100.0 0.0.0.255 area 20
Area 0
R 200.100.100.33/30 200.100.100.34/30
R
1 2
200.100.100.66/27 200.100.100.160/26
R1
R2
200.100.100.5/30 200.100.100.17/30
R R R
1 2
200.100.100.6/30 3
200.100.100.18/30
200.100.100.230/27
200.100.100.38/28 200.100.100.161/28
R1
Router(config-router)#network 200.100.100.4 0.0.0.3
R2
R3
LAN Switching
Ethernet switches are used in LAN to create Ethernet networks. Switches
forward the traffic on the basis of MAC address. Switches maintain a switching
table in which MAC addresses and Port No are used to perform switching
decision. Working of bridge and switch is similar to each other.
Classification of switches
Switches are classified according to the following criteria: -
Types of switches based on working
(1) Store & Forward
This switch receives entire frame then perform error checking and start
forwarding data to the
destination.
(2) Cut through
This switch starts forwarding frame as soon as first six bytes of the frame
are received.
(3) Fragment-free
This switch receives 64 bytes of the frame, perform error checking and then
start forwarding data.
(4) Adaptive cut-through
It changes its mode according the condition. If there are errors in frames
then it changes its mode to
Store & Forward.
Types of switches based on Types of switches based on

management OSI layer
(1) Manageable switches (1) Layer 2 switches (only
(2) Non-Manageable switches switching)
Types of switches based on Switches based on

command mode (only in hierarchical model
Cisco) (1) Core layer switches
(1) IOS based (2) Distribution layer switches
Features of switch
- No. of ports - Speed of ports
- Type of media - Switching or Wire speed or Throughput
Basic Switch Administration

IOS based switches are similar to the routers. We can perform following function
on switches in a similar manner as performed on router.
Access switch using console Configuring CDP

Commands to enter & exit from Configuring time clock
different mode Configuring Banners
Commands to configure Command line shortcuts and
passwords editing shortcuts
Manage configuration Managing history
Backup IOS and configuration Configure logging
Configuring and resolving Boot system commands
hostnames
Following function and options are not similar in router and switch.
Default hostname is ‘Switch’ Interface no. starts from 1
Auxiliary port is not present Web access is by default enabled
VTY ports are mostly 0 to 15 Configuration register is not same
By default interfaces are enabled Flash memory may contain multiple
IP address cannot be assign to files
interfaces Startup-configuration is also saved in
Routing configuration mode is not flash
Configuring IP and Gateway on switch

We can configure IP address on switch for web access or telnet IP address is
required for the administration of the switch. If we have to access switch from
remote n/w then we will configure default gateway in addition to IP address.
Assigning IP to logical Configuring Gateway
interface:- Switch(config)#ip default-
Switch(config)#interface vlan 1 gateway <ip>
Switch(config)#IP address <ip> Switch(config)#exit
<mask>
Switch(config)#no sh
Breaking Switch Password
(1) Power off switch press mode button present in front of switch then power on
the switch.
(2) Keep mode button press until ‘Switch:’ prompt appears on console.
(3) In switch monitor mode, type following commands: -
flash_init
load_helper
rename flash:config.text flash:<anyname>
dir flash:
boot
(4) After booting switch will prompt to enter in initial configuration dialog. Enter
‘no’ here and type.
Switch>enable
Rename flash:<anyname> Flash:config.text
Configure memory
Change password and save config. Then copy run strat_config.
Cisco Hierarchal Model

When we want to create a large sized LAN network then we may face following
problems if we are going design the network in flat model.
• High latency
• Conjunction between switches between switches
• Large broadcast domain
Cisco hierarchal model recommends three layer design of the network

o Core layer
o Distribution layer
o Access layer
On each layer there are some rules which we have to follow

Highest performance devices are connected on Core layer.
Resources should be placed on Core layer.
Polices should not be applied on core layer.
On distribution layer, we can implement policies.
Distribution and Core devices should be connected with high-speed links.
Access layer devices are basic devices and may be non manageable.
Hierarchal model
After using hierarchal model the most of LAN problem will be solved but one
problem still remain same that is all pc s will be in single broadcast domain. We
have to implement following solution for this problem.
(1) Physical Segmentation (2) Logical Segmentation
Logical Segmentation of Network

To perform logical segmentation, we have to create VLAN in the network. With
the help of VLAN, we can logically divide the broadcast domain of the network.
VLAN (Virtual LAN)

VLAN provides Virtual Segmentation of Broadcast Domain in the network. The
devices, which are member of same Vlan, are able to communicate with each
other. The devices of different Vlan may communicate with each other with
routing. So that different Vlan devices will use different n/w addresses. Vlan
provides following advantages: -
(1) Logical Segmentation of network (2) Enhance network
security
Creating port based Vlan
In port based Vlan, first we have to create a VLAN on switch then we have to
add ports to the Vlan.
Commands to create Vlan Commands to configure ports for

Switch#config ter a Vlan
Switch(config)#vlan <no> Switch#conf ter
Switch(config)#name <word> Switch(config)#interface <type>
Switch(config)#exit <no>
Switch(config-if)#switchport access
By default, all ports are member of single vlan that is Vlan1. we can change vlan
membership according to our requirement.
Commands to configure multiple ports in a vlan

Switch#conf ter
Switch(config)#interface range <type> <slot/port no (space)–(space) port
no>
Switch(config-if)#switchport access vlan <no>
Switch(config-if)#exit
Example: - Suppose we want to add interface fast Ethernet 0/10 to 0/18 in

vlan5
Switch#config ter
Switch(config)#interface range fastethernet 0/10 – 18
Switch(config-if)#switchport access vlan 5
Switchconfig-if#exit
To display mac address To Display Vlan and port

table membership
Switch#sh mac-address-table Switch#sh vlan
Trunking
When there are multiple switches then we have to use trunk links to connect
one switch with other. If we are not using trunk links then we have to connect
one cable from each VLAN to the corresponding VLAN of the other switch.
Normal: -
Vlan 1 7 3 1 3 7
In Trunking: - Vlan 1, 3, 7
1 7 3 1 3 7
Trunk Trunk
Switches will perform trunking with the help of frame tagging. The trunk port
will send data frames by adding a Vlan id information to the frame, at the
receiving end vlan id information is removing from the end and according to the
tag data is delivered to the corresponding vlan. There are two protocols to
perform frame tagging.
(1) Inter switch link (cisco propietry) (2) IEEE 802.1 q
Configuring Trunking
In cisco switches all switch ports may be configured in three modes
(1) Trunk desirable (default)
(2) Trunk on
(3) Trunk off
Switch#conf ter
Switch(config)#interface <type> <no>
Switch(config-if)#switchport mode <trunk|access|auto>
Switch(config-if)#exit on off desirable
To configure Vlans allowed on Trunk

By default all Vlans are allowed on Trunk port. We can add/remove a partucular
Vlan from trunk port with following command
Switch#config ter
Switch(config-if)#switchport trunk allowed vlan all
Remove <vlan>
Add <vlan>
Except <vlan>
To display trunk interfaces

Switch#sh interface trunk
Switch#sh interface <type> <no> trunk
Vlan Trunking Protocol (VTP)

With the help of VTP, we can simplify the process of creating Vlan. In multiple
switches, we can configure one switch as VTP server and all other switches will
be configured as VTP client. We will create Vlans on VTP server switch. The
server will send periodic updates to VTP client switches. The clients will create
Vlans from the update received from the VTP server.
VTP server
VTP server is a switch in which we can create, delete or modify Vlans. The
server will send periodic updates for VTP clients.
VTP client
On VTP client, we are not able to create, modify or delete Vlans. The client will
receive and forward vtp updates. The client will create same Vlans as defined in
vtp update.
VTP Transparent
Transparent is a switch, which will receive and forward VTP update. It is able to
create, delete and modify Vlans locally. A transparent will not send its own VTP
updates and will not learn any information from received vtp update.
VTP Server Vlan 1,3,5,10,20
Vlan Client Client Clinet Vlan 1,3,10,20,40,90

1,3,5,10,20
Client Client Client Client
VTP Transparent
Commands
Switch#conf ter
Switch(config)#vtp domain <name>
Switch(config)#vtp password <word>
Switch(config)#vtp mode <server|client|transparent>
Switch(config)#exit
By default in cisco switches the VTP mode is set as VTP server with no domain
and no password.
To display VTP status

Switch#sh vtp status
VTP Pruning
Pruning is the VTP feature through which a trunk link can be automatically
disable, for a particular Vlan if neighbor switch does not contain ports in that
Vlan. Vlan1 is not prun eligible.
Command to configure VTP Pruning

We have to use only one command on VTP server for VTP Pruning.
Switch#conf ter
Switch(config)#vtp pruning
Switch(config)#exit
Server
Vlan 1,3,5,7
Client Client Client
Vlan 1 3 5 7 1 3 5 7 1 3 5 7
Inter Vlan Communication
After creating Vlans, each Vlan has own broadcast domain. If we want
communication from one Vlan to another Vlan then we need to perform routing.
There are three methods for inter vlan communication.
(1) Inter Vlan using router on a stick method
(2) Inter Vlan using layer 3 switch
(1) Inter Vlan using router on a stick method
In this method a special router is used for Inter Vlan. In this router, we can
create one interface for each Vlan. The physical interface of router will be
connected on trunk port switch. This router will route traffic on the same
interface by swapping vlan id information with the help of frame tagging
protocol.
Fa 0/0.1 – 10.0.0.1 -> Vlan1

Router Fa 0/0.2 – 11.0.0.1 -> Vlan3
Fa 0/0.3 – 12.0.0.1 -> Vlan5
Fa 0/0
Vlan 1, 3, 5
Trunk
T T T
T T T
1 3 5 1 3 5 1 3 5
N/w 10.x.x.x 11.x.x.x 12.x.x.x

Gateway 10.0.0.1 11.0.0.1 12.0.0.1
Configuration on Router Router(config)#interface

Router#config ter fastethernet 0/0.2
Router(config)#interface fastethernet Router(config-if)#encapsulation
0/0 dot1q 3
Router(config-if)#no ip address Router(config-if)#ip address 11.0.0.1
Router(config-if)#no sh 255.0.0.0
Router(config-if)#exit Router(config-if)#no sh
Router(config)#interface fastethernet
0/0.1 Router(config)#interface
Router(config-if)#encapsulation dot1q fastethernet 0/0.3
1 Router(config-if)#encapsulation
Router(config-if)#ip address 10.0.0.1 dot1q 5
Configuration on Core switch

(1) Configure switch as VTP server
(2) Create Vlans
(3) Configure interface connected to router as Trunk
(4) Configure interfaces connected to other switches as trunk (if required)
Configuration on Distribution layer switches

(1) Configure switch as VTP client
(2) Configure required interface as Trunk (optional)
(3) Add ports to Vlan
Configuration on Pc
Configure IP and Gateway
Spanning Tree Protocol

When we connect multiple switches with each other and multiple path exist
from one switch to another switch then it may lead to the switching loop in the
network. Multiple paths are used to create redundancy in the network. STP is
only required when multiple path exist then there is possibility of loop in n/w.
Packets
Switch Switch Switch
Problems the occur with redundancy path

(1) Multiple copies of the frame will be received by destination.
(2) Frequent changes in the mac address table of switch.
(3) A mac address may appear at multiple ports in a switch.
(4) Packets may enter in the endless loop.
Spanning Tree Protocol will solve this problem by blocking the redundancy
interface. So that only one path will remain active in the switches. If the primary
path goes down then disabled link will become enable and data will be
transferred through that path.
Working of STP
The STP will create a topology database in which one switch will be elected as
root switch. Path cost is calculated on the basis of bandwidth. The lowest path
cost link will be enable mode and another path will be disable.
Root Switch
1 Gb 1 Gb
Switch Switch
100 Mb 100 Mb
100 Mb
Switch Switch
Lowest cost
(Disable)
STP terminology
(1) Bridge id
It is the combination of bridge priority and base mac address. In Cisco
switches default priority no. is 32768.
(2) Root Bridge

The Bridge/Switch with lowest Bridge id will become the Root Bridge. The
Root Bridge is used as the center point for calculating path cost in topology.
(3) BPDU Bridging Protocol Data Units

It is the STP information, which is exchange between the switches to create
topology and path selection.
(4) STP port mode

An STP is enabled a port may be in one of the following mode.
(i) Listening: - in this mode a port will send/receive BPD.
(ii) Learning: - a port will learn mac address table.
(iii) Forwarding: - the port will forward data based on mac address table.
(iv) Blocking: - the port is block to send/receive data by Spanning Tree
Protocol.
(v) Disable: - the port is administratively disabled.
Path cost calculation
The links in switches will be enable or disabled on the basis of path cost. The
path cost for each link is calculated according to following table.
Old IEEE New IEEE

Speed Cost Cost
10 Mb 100 100
100 Mb 10 19
1 Gb 1 4
10 Gb 1 2
To configure ports for forwarding mode directly

Switch#config ter
Switch(config-if)#switchport host
Configuring port security

In manageable switches, we can restrict the no. of mac addresses that a port
can learn. Even we can specify the mac address statically with a command.
With port security, we can also specify the action to be perform if port security
violation is detected.
Switch#conf ter
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security maximum <no. of mac>
Switch(config-if)#switchport port-security violation <shutdown|restrict|reject>
Switch(config-if)#switchport port-security mac-address sticky
Switch(config-if)#switchport port-security mac-address sticky <mac address>
Switch(config-if)#exit
Access Control List
ACL are the basic security feature that is required in any network to
control the flow of traffic. Most of time our network may have servers and
clients for which traffic control is required. We can also use ACL to classify the
traffic. ACLs are used in features like QOS (Quality of Service), Prioritize traffic
and interesting traffic for ISDN.
Classification Access Control List: -

Types of ACL based on Types of ACL based on Access
Protocol: - mode: -
(1) IP Access Control List (1) Numbered ACL
(2) IPX Access Control List (2) Named ACL
(3) Appletalk Access Control List Types of ACL based on Order of
rules: -
Types of ACL based on (1) Deny, permit
Feature: - (2) Permit, deny
(1) Standard ACL Types of ACL based on direction: -
(2) Extended ACL (1) Inbound ACL
Flow chart of Inbound ACL
A Packet is received
Is there any Access- The packet

list applied on No is passed to
interface in Inbound Routing
direction? Engine
Yes
Is there any macthing No The packet

rule in ACL from top- is dropped.
down order?
Yes
The packet Yes Is it No The packet

is passed to permit is dropped.
RE ?
IP Standard ACL (Numbered)

In Standard ACL, we are only able to specify source address for the filtering of
packets. The syntax to create IP standard ACL are: -
Router#conf ter
Router(config)#access-list <no> <permit|deny> <source>
Router(config)#exit
<source> Single pc host 192.168.10.5

192.168.10.5
192.168.10.5 0.0.0.0
N/w 200.100.100.0 0.0.0.255
Subnet 200.100.100.32 0.0.0.15
All any
Applying ACL on interface

Router#conf ter
Router(config-if)#ip access-group <ACL no.> <in|out>
Rule for applying ACL

Only one ACL can be applied on each interface, in each direction for
each protocol.
Example: - Suppose we want to allow Internet only for 192.168.10.32 – 70.
Internet
Router(config)#access-list 25 permit
192.168.10.32 0.0..31
192.168.10.64 0.0.0.3
Router
192.168.10.68
192.168.10.69
192.168.10.70
IP Standard ACL (Named)

In Numbered ACL editing feature is not available that is we are not able to
delete single rule from the ACL. In Named ACL editing feature is available.
Router#config ter
Router(config)#ip access-list standard <name>
Router(config-std-nacl)#<deny|permit> <source>
Router(config-std-nacl)#exit
Router#conf ter To modify the ACL

Router(config)#ip access-list Router#conf ter
standard abc Router(config)#ip access-list
Router(config-std-nacl)#deny standard abc
172.16.0.16 Router(config-std-nacl)#no deny
Router(config-std-nacl)#deny 172.16.0.17
172.16.0.17 Router(config-std-nacl)#exit
Router(config-std-nacl)#deny
To control Telnet access using ACL
If we want to control telnet with the help of ACL then we can create a standard
ACL and apply this ACL on vty port. The ACL that we will create for vty will be
permit – deny order.
Example: - suppose we want to allow telnet to our router from 192.168.10.5 &
200.100.100.30 pc.
Router#conf ter
Router(config)#access-list 50 permit 192.168.10.5
Router(config)#access-list 50 permit 192.168.10.30
Router(config)#access-list 50 deny
Router(config)#line vty 0 4
Router(config-line)#access-class 50 in
Router(config)#exit
IP Extended ACL (Numbered)

Extended ACL are advanced ACL. ACL, which can control traffic flow on the basis
of five different parameters that are: -
(i) Source address (ii) Destination address (iii) Source port
(iv) Destination port (v) Protocol (layer 3/layer 4)
The syntax to create Extended ACL

Router#conf ter
Router(config)#access-list <no> <deny|permit> <protocol> <source>
[<s.port>]
<destination> [<d.port>]
router(config)#exit
<no> -> 100 to 199

<protocol> -> layer 3 or layer 4 IP TCP UDP ICMP IGRP
<Source port> no (1 to 65535) or
<Destination port> telnet/www/ftp etc.
<Source>
<Destination>
Example rules of Extended ACL
Router(config)#access-list 140 deny ip 192.168.10.3 0.0.0.0 any
(All tcp/ip data is denied from source 192.168.10.3 to any destination)
Router(config)#access-list 120 permit ip any any

(All tcp/ip data permit from any source to any destination)
Router(config)#access-list 145 deny tcp any host 200.100.100.5

(All tcp data is denied from any source to host 200.100.100.5)
Router(config)#access-list 130 permit tcp any host 200.100.100.10 eq 80

(All tcp based data from any source is allowed to access destination
200.100.100.10 on port no. 80 that is www(http) ) – web access
Router(config)#access-list 130 permit udp any host 200.100.100.10 eq 53

(Any pc is able to access our DNS service running on port no. 53)
Router(config)#access-list 150 deny tcp any any eq 23 [or telnet]

(Telnet traffic is not allowed)
Router(config)#access-list 160 deny icmp any any
(All icmp data from any source to any destination is denied)
To display ACL To display ACL applied on

Router#show access-lists or interface
Router#show access-list <no> Router#show ip interface
Example: - Extended ACL

Suppose we want to control inbound traffic for our network. ACL should be
designed according the following policy.
(1) Access to web server (200.100.100.3) is allowed from any source.

(2) FTP server (200.100.100.4) should be accessible only from branch office n/w
(200.100.175.0/24).
(3) ICMP & Telnet should be allowed only from remote pc 200.100.175.80
(4) Any pc can access DNS (200.100.100.8)
200.100.175.x
Route
r
Route
r
200.100.100.x
Router(config)#access-list 130 permit tcp any host 200.100.100.3 eq 80

Router(config)#access-list 130 permit tcp 200.100.175.0 0.0.0.255
200.100.100.4 0.0.0.0
Eq 21
Router(config)#access-list 130 permit icmp 200.100.175.80 0.0.0.0 any
Router(config)#access-list 130 permit tcp 200.100.175.80 0.0.0.0 any eq 23
Router(config)#access-list 130 permit udp any host 200.100.100.8 eq 53
Switch port ACL

You can only apply port ACLs to layer 2 interfaces on your switches because
they are only supported on physical layer 2 interfaces. You can apply them as
only inbound lists on your interfaces, and you can use only named lists as well.
Extended IP access lists use both source and destination addresses as well
as optional protocol information and port number. There are also MAC extended
access lists that use source and destination MAC addresses and optional
protocol type information.
Switches scrutinize all inbound ACLs applied to a certain interface and
decide to allow traffic through depending on whether the traffic is a good match
to the ACL or not. ACLs can also be used to control traffic on VLANs. You just
need to apply a port ACL to a trunk port.
Switch#conf ter
Switch(config)#mac access-list extended abc
Switch(config-ext-mac)#deny any host 000d.29bd.4b85
Switch(config-ext-mac)#permit any any
Switch(config-ext-mac)#do show access-list
Switch(config-ext-mac)#int f0/6
Switch(config-if)#mac access-group abc
Lock and Key (Dynamic ACLs)

These ACLs depends on either remote or local Telnet authentication in
combination with extended ACLs. Before you can configure a dynamic ACL, you
need to apply an extended ACL on your router to stop the flow of traffic through
it.
Reflexive ACLs
These ACLs filter IP packets depending upon upper-layer session information,
and they often permit outbound traffic to pass but place limitations on inbound
traffic. You can not define reflexive ACLs with numbered or standard IP ACLs, or
any other protocol ACLs. They can be used along with other standard or static
extended ACLs, but they are only defined with extended named IP ACLs.
Time-Based ACLs
In this you can specify a certain time of day and week and then identity that
particular period by giving it a name referenced by a task. The reference
function will fall under whatever time constraints you have dictated. The time
period is based upon the router’s clock, but it is highly recommended that using
it in conjunction with Network Time Protocol (NTP) synchronization.
Router#conf ter
Router(config)#time-range no-http
Router(config-time-range)#periodic <Wednesday|weekdays|weekend> 06:00 to
12:00
Router(config-time-range)#exit
Router(config)#time-range tcp-yes
Router(config-time-range)#periodic weekend 06:00 to 12:00
Router(config-time-range)#exit
Router(config)ip access-list extended time

Router(config-ext-nacl)#deny tcp any any eq www time-range no-http
Router(config-ext-nacl)#permit tcp any any time-range tcp-yes
Router(config-ext-nacl)#interface f0/0
Router(config-if)#ip access-group time in
Router(config-if)#do show time-range
Remarks
Remarks are the comments or remarks regarding the entries you have made in
both your IP Standard and Extended ACLs.
Router#conf ter
Router(config)#access-list 110 remark <remark words>
permit rahul from admin only to sale
Router(config)#access-list 110 permit ip host 172.16.10.1 172.16.20.0
0.0.0.255
Router(config)#access-list 110 deny ip 172.16.10.0 0.0.0.255 172.16.20.0
0.0.0.255
Router(config)#ip access-list extended no_telnet

Router(config-ext-nacl)#remark deny all of finance from telnetting to sale
Router(config-ext-nacl)#deny tcp 172.16.30.0 0.0.0.255 172.16.20.0 0.0.0.255
eq 23
Router(config-ext-nacl)#permit ip any any
Router(config-ext-nacl)#do show run
Cisco Discovery Protocol

This protocol is by default enabled in Cisco devices. It will send periodic update
after every one minute on all interfaces. The neighbors will receive this
information and store in the CDP neighborship table. CDP is helpful in
troubleshooting or to create documentation of CDP. We can obtain following
information about neighbor automatically.
(1) Hostname
(2) Device type
(3) Model/Platform
(4) IOS version
(5) Local connected interface
(6) Remote device connected interface
(7) Entry IP address etc.
Display CDP status

Router#sh cdp
To display CDP enabled interfaces

Router#sh cdp interface
To display CDP neighbors

Router#sh cdp neighbor
Or
Router#sh cdp neighbor detail
To disable CDP from device

Router#conf ter
Router(config)#no cdp run
To disable CDP on particular interface

Router#conf ter
Router(config)#int <type> <no.>
Router(config-if)#no cdp enable
Router(cobfig-if)#exit
To change CDP timers

Router#conf ter
Router(config)#cdp timer <value> (by default 60 sec)
Router(config)#cdp holdtime <value> (by default 180 sec)
(Value in seconds)
Wide Area Network

The network that is design for long distance communication is called Wide Area
Network. A WAN network uses WAN protocols, WAN interface card to
communicate with remote network.
WAN
Point-to-Point Circuit Switching Packet Switching Cell Switching
Leased line ISDN Frame Relay ATM

MLLN PSTN X.25
Radio Link
For 2 locations Unlimited Maximum Maximum
Factors to be considered while selecting a WAN technology
(1) No. of locations
(2) Hours of connectivity
(3) Speed
(4) Cost (Bandwidth + Distance)
(5) Reliability
WAN Encapsulation
WAN encapsulation is used to convert a packet into frame and transfer data to
WAN links, Different type of encapsulation are designed for different WAN
technologies. The general format of WAN encapsulation is: -
Flag Address Control Data FCS Flag
FH Packet FT
Common WAN Encapsulation
Point-to-Point High level data link control HDLC

Point-to-Point, Point-to-Point Protocol PPP
Circuit Switch
Frame Relay Frame Relay Cisco
Frame Relay Frame Relay IETF
X.25 Link Access Procedure Based LAPB
ISDN Link Access Procedure Based for D channel LAPD
ATM ATM Adaptation layer 5 AAL5
Point-to-Point WAN technologies

These WAN technologies are used to connect two locations with each other. It is
the 24-hour high speed and reliable connectivity. We can setup this WAN
technology in three steps: -
Step 1: - Connect the devices according to topology.
Step 2: - Configure Modems.
Step 3: - Configure Router.
Step 1
Point-to-Point WAN Topology
(a) Campus n/w or Drop wire n/w
V.35 Modem Line Line

RS 232
EIA/TIA 530 2 wire TP
Or
4 wire TP
DB-60
Smart Serial
Serial
Router
Router
eth
RJ-45
* Distance depends on modems & mostly
up to 10-15 kms.
(b) Leased line via Service Provided
G703
G704 Mux Exchange Mux
Modem Modem
Line
Local Loop Local Loop
Line
Modem Modem
V.35
RS 232, EIA/TIA 530
SS, DB-60
R R
(c) Managed Leased Line n/w (MLLN)
MLLN MLLN
MUX Exchange MUX
MLLN MLLN
Modem Modem
Route Route
r r
(d) Radio Link
Antenna
Radio Radio
V.35 Modem Modem
RS 232
EIA 530
DB-60
Smart Serial
Router Router
(e) Radio Link using IDU & ODU
Radio Radio
Modem Modem
ODU ODU
UTP or
Coaxial
Radio Radio
Route Modem Modem
r
IDU IDU
Route
r
ODU – Out Door Unit
IDU – In Door Unit
Line
4 Wire 2 Wire
1 ------- 1
2 ------- Loop 1 2
3 3
4 ------- Loop2 4 ------- Signal
5 ------ - 5 -------
6 6
7 7
8 8
Step 2 Configurations of Modems

We have to configure various parameters in the modem. There are three
different methods to configure these parameters according to Modem.
Method1) Configuration of modem using Jumper setting/ Dip switches.

2) Configuration of modem using LCD menu.
3) Configuration of Modem using Console/ Terminal.
Step 3 Configuration of Router

To configure Router for a Leased line scenario or Point-to-Point n/w, we
have to set following parameters: -
1) IP addresses
2) IP routing
3) WAN encapsulation
172.16.0.1 172.16.0.2
192.168.5.1 10.0.0.1
In Point-to-Point WAN n/w any type of routing be perform on routers.
WAN Encapsulation
Two routers interfaces in Point-to-Point WAN must required to have same WAN
encapsulation. Two types of WAN encapsulation are supported in this type of
network.
(1) HDLC
(2) PPP
HDLC
PPP
Same Manufacturer
PPP
Different Manufacturer
By default, Cisco routers will use Cisco HDLC encapsulation. We can change
encapsulation by following command: -
Router#conf ter
Router(config-if)#encapsulation ppp|hdlc
HDLC
High Level Data Link Control
HDLC is the modified form of SDLC (Synchronous Data Link Control). SDLC was
developed by IBM for router to main frame communication. HDLC is modified for
router-to-router communication. Most of manufacturer has developed their
proprietary HDLC protocol. So HDLC from one manufacturer is not compatible
for other.
HDLC encapsulation is designed for Point-to-Point router communication.
In HDLC no addressing is required, but still all station address is used in
encapsulation. HDLC provides only basic features and error checking for the
frame.
PPP – Point-to-Point Protocol

PPP is an open standard WAN protocol that can be used in Point-to-Point and
circuit switching networks. PPP provides various advantages as compared to
HDLC. PPP has following special features: -
(1) Authentication
(2) Multi Link
(3) Compression
(4) Call Back
PPP at OSI layer
A
P TCP/IP
S IPX/SPX
T
N PPP
Lan, Wan Protocols DL HDLC
P LAPB
EE 8023 ARPA
Network
D
A NCP
T -------------------
A
LCP PPP
L
I --------------------
N
K HDLC
Physical
Three Phases of PPP

(1) Link Control Protocol (LCP)
This protocol negotiates the basic feature of PPP. It exchanges the
parameter and option to be used with link. LCP supported features are: -
Authentication, Compression, Multi link & Call back
(2) Authentication Phase - optional

In this phase authentication is performed with peers with the help of one of
the following protocol.
(i) Password Authentication Protocol
(ii) Challenge Handshake Authentication Protocol
(iii) Microsoft CHAP
(iv) Shiva PAP (clear text)
(3) Network Control Protocol Phase (NCP)

In this phase parameters for routed protocol are established. In NCP, there is
one module for each router protocol.
IPCP for TCP/IP
IPXCP for IPX/SPX
CDPCP for CDP etc.
Configuring Authentication in PPP

Example: -
Router 1 Router 2
S1
S0
Router 1
Router#config ter
Router(config)#int serial 0
Router(config-if)# encapsulation ppp
Router(config-if)# ppp authentication chap
Router(config)#hostname chd
Router(config)#username ldh password net123
Router(config)#exit
Router 2
Router#config ter
Router(config-if)#encapsulation ppp
Router(config-if)#ppp authentication chap
Router(config)#hostname ldh
Router(config)#username chd password net123
Router(config)#exit
Configuring Compression in PPP

In PPP, one of the following three protocols can be used for compression
(1) Stac
(2) Predictor
(3) Microsoft Point-to-Point Compression
Router#config ter
Router(config-if)#compress <Stac|MPPC|Predictor>
To display Compression
Router#show compress
PPP debug commands

Router#debug ppp error
Router#debug ppp authentication
Router#debug ppp negotiation
To display PPP status

Router#show interface
LCP Open
LCP Closed
LCP Request sent
LCP Listen
IPCP Open
IPCP Closed
CDPCP Open
CDPCP Closed
Circuit Switching
In Circuit Switching, all users are connected to the Circuit Switching. Exchange
cloud depending upon user request. A circuit is established between two
locations and then data is transferred. A signaling protocol is used to establish
the connectivity then data is transferred with the help of protocol used Point-to-
Point WAN.
Examples of Circuit Switching are: -
ISDN (Integrated Services Digital Network)
PSTN (Public Switched Telephone Network)
Integrated Services Digital Network

ISDN is the high-end circuit switching technology, which is designed for voice,
data and video. ISDN is the time division multiplexing technology, in which
multiple channels are used to transfer rate.
ISDN
PRI BRI
2 B Channels
1 D Channel
E1 T1
30 B Channels 23 B Channels
1 D Channel 1 D Channel
B Channel (Bearer Channel)

This channel carries data using data encapsulation.
D Channel (Data Channel)

This channel carries signal using signaling protocol.
Time Division Multiplexing in ISDN BRI
B1 S1 B2 S D Ch S B1 S B2 S --
T
B1 ------- 64 kbps
B2 ------- 64 kbps
D Ch ------- 16 kbps
S ------- 48 kbps
ISDN BRI Topology

ISDN
TE 1 NT 2 NT 1 Cloud
S T U 2 wire
TE 2 R TA
NT 1 Network Termination 1
Send/Receive ISDN BRI Signals
NT 2 Network Termination 2
Share ISDN between multiple users
TE 1 Terminal Equipment 1
ISDN compatible device
TE 2 Terminal Equipment 2
Non-ISDN device
TA Terminal Adapter
Connects ISDN line with Non-ISDN device
Topology 1: - Voice
ISDN ISDN
NT 1
Phone 1 4 2 wire Cloud
4
ISDN
Phone 2
Topology 2: - Voice
Phone 1
TA NT 1 ISDN
Cloud
Phone 1
Topology 3: - Voice + Data
USB ISDN
PC TA NT 1
Serial Cloud
Ph 1 Ph 2
Install TA in Pc, similar to External modem installation. Use “Dialup Networking”

to connect Remote location.
Topology 3: - Data
ISDN ISDN
Route BRI NT 1
r Cloud
S/T
ISDN
ISDN
RouterNT 1 Cloud
BRI
U
Configuring ISDN BRI
We will configure ISDN BRI for following two scenarios: -
(1)ISDN Branch office to Branch office connectivity.
(2)ISDN Branch office to ISP Connectivity.
ISDN Branch office to Branch office
Switch type Switch type

Basic-net3 ISDN ISDN Basic-ni
Switch ISDN Cloud Switch
306306 288288
192.168.10.5 192.168.10.6
R1 R2
Encapsulation - PPP
Authentication - CHAP
172.16.0.1 Hostname R1 - Chd 172.30.0.1
Hostname R2 - Del
Password – net123
Routing - Static
172.16.X.X 172.30.X.X
Demand Dial Routing

Steps: -
(1) Specify interesting Topic
(2) Configure Route
(3) Dial to Remote location
(4) Negotiate Parameters
(5) Transfer Data
(6) Monitor interesting traffic
(7) Disconnect the call
R1
Router#config ter
Router(config)#int eth0
Router(config)#ip route 192.168.0.6 255.255.255.255 BRI 0
Router(config)#dialer-list 5 protocol ip permit

Or
Router(config)#access-list 20 deny 172.16.0.32 0.0.0.15
Router(config)#access-list 20 deny 172.16.0.20
Router(config)#access-list 20 permit any
Router(config)#dialer-list 8 protocol ip list 20
Router(config)#isdn switch-type basic-net3

Router(config)#hostname Chd
Router(config)#username Del password net123
Router(config)#int bri 0
Router(config-if)#dialer map ip 192.168.10.6 name Del 288288
Router(config-if)#dialer hold-queue 10 (no. of packets range 1 – 100)
Router(config-if)#dialer-group 8
Router(config-if)#dialer idle-timeout 180
Router(config-if)#no sh (if no response from the dialer connection break)
R2
Router#config ter

Router(config)#ip route 192.168.0.5 255.255.255.255 BRI 0

Or
Router(config)#access-list 30 deny 172.30.0.32 0.0.0.15
Router(config)#access-list 30 deny 172.30.0.20
Router(config)#dialer-list 8 protocol ip list 30

Router(config)#hostname Del
Router(config)#username Chd password net123
Router(config-if)#dialer map ip 192.168.10.5 name Chd 306306
Router(config-if)#dialer hold-queue 10
Router(config-if)#dialer idle-timeout 180
ISDN Branch office to ISP
Internet
E1/T1
ISDN RAS
Cloud 383843
R
Basic-net3
NT1
DNS Authentication
Accounting
Route Authorization
r
ISP Parameter
Ph no.
Username
Password
ISDN Service Provider Switch Type
Router#config ter
Router(config)#int eth 0
Router(config)#ip route 0.0.0.0 0.0.0.0 bri 0

Router(config-if)#ip address negotiated
Router(config-if)#ppp authentication chap pap call in
Router(config-if)#ppp pap sent-username <ispuser> password <word>
Router(config-if)#ppp chap hostname <ispuser>
Router(config-if)#ppp chap password <word>
Router(config-if)#dialer string 383843
Router(config-if)#dialer-idle timeout 180
Router(config-if)#dialer hold-queue 10
NAT for ISDN dialup ISP connectivity

Router#conf ter
Router(config)#int eth 0
Router(config-if)#ip nat inside
Router(config-if)#int bri 0
Router(config-if)#ip nat outside
Router(config)#ip nat inside source list 50 interface bri 0 overload
Testing and Troubleshooting of ISDN

(i) To display present active call
Router#sh isdn active
(ii) To display history of calls

Router#sh isdn history
(iii) To display ISDN status

Router#sh isdn status
Layer1 = Active
Layer2 Multiple frame established
Layer3 1 Active layer call or
2 Active layer 3 call
(iv) To place ISDN test call

Router#isdn call interface <type> <no> <phone no>
(v) To disconnect a call

Router#isdn disconnect interface bri 0 <no> all
Debug Commands
Interesting traffic or dialer
Router#debug dialer events
Router#debug dialer packets
ISDN problem
Router#debug isdn events
Router#debug isdn 2921
Error code at cisco.com
Router#debug isdn 2931
PPP problem
Router#debug ppp negotiation
Router#debug ppp authentication
Router#debug ppp error
Configuring ISDN multi-link
An ISDN multiple channels can be combined to dial the same location and
transport data for this purpose. We will use PPP multi-link and Cisco bandwidth
on demand configuration.
Router#conf ter
Router(config-if)#ppp multilink
Router(config-if)#dialer load-throshold <value> either (inbound or outbound)
1-255
Packet Switching
Packet Switching is the wan technology in which all devices are connected to
the packet switching exchange. The devices will request packet switching
exchange to create a virtual connection then data is transferred over the virtual
connection. It is possible to create more than one virtual connection and
transfer data over them one by one.
Example of Packet Switching Technology are: -
(1) X.25 (2) Frame Relay
Frame Relay
Frame Relay is the Packet switching technology in which virtual connections are
established. The frame relay supports only permanent virtual connections.
Frame used special addresses called DLCI to create common and virtual
connections.
Frame Relay Topology FR SW
FR V.35
Modem 232
4 wire Tp 530
Line
Local loop
FR Line
Modem
V.35, RS232, EIA 530
DB-60, Smart Serial
Route
Virtual Circuit
r
In packet switching technology there are two types
of virtual circuits: -
(1) Switched Virtual Circuit (SVC)
(2) Permanent Virtual Circuit (PVC)
Switch Only PVC is supported in Frame Relay technology.
Frame Relay DLCI

DLCI stands for Data Link Control Identifier. It is used for addressing purpose. In
frame Relay Encapsulation, Virtual Circuits are established and data is
transferred on the basis of DLCI. DLCI addresses are different from general
addressing scheme. One DLCI address provided for each virtual circuit that we
want to create.
DLCI range 16 - 1017

Frame Relay Encapsulation
Frame Relay use special type of Encapsulation, Which is specifically designed
for this technology. There are two encapsulations are available: -
(1) Frame Relay Cisco
(2) Frame Relay IETF (Internet Engineering Task Force)
R R
Cisco FR
IETF FR
Cisco Cisco
R R
IETF FR
Non Cisco any
Frame Relay Local Management Interface

LMI are the keepalive signals, which are used to keep the virtual circuit up and
running. LMI are exchange between frame relay switch and router. We have to
set same LMI on router as specified by the service provider. There are three
types of LMI that we can use
(1) CISCO
(2) Q933a
(3) ANSI
R1
Router#config ter
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay lmi-type cisco
Router(config-if)#frame-relay interface-dlci 300
Router(config-dlci)#exit
Router(config-if)#frame-relay map ip 192.168.10.2 300
R2
Router#config ter
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay lmi-type cisco
Router(config-if)#frame-relay interface-dlci 400
Router(config-dlci)#exit
Router(config-if)#frame-relay map ip 192.168.10.1 400
Configuring Frame Relay Point to Point connectivity
Cisco SW SW ANSI
FR
M M
300 for R2 400 for R1
encap: - Cisco FR
M M
192.168.10.1 192.168.10.2
R1 R2
172.16.0.1 172.30.0.1
Network Address Translation
NAT is the feature that can be enable in a Router, Firewall or a Pc. With the help of NAT, we
are able to translate network layer addresses that are IP addresses of packets. With Port Address
Translation, we are also able to translate port numbers present in transport layer header.
Advantage of NAT
There are two reasons due to which we use NAT: -
(1) Conserve Live IP address

On Internet, there are limited no of IP addresses. If our Clients wants to communicate on
Internet then it should have a Live IP address assigned by our ISP. So that IP address request will
depend on no. of PCs that we want to connect on Internet. Due to this, there will be a lot of wastage
in IP addresses. To reduce wastage, we can share live IP addresses between multiple PCs with the
help of NAT.
(2) NAT enhances the network security by hiding PC & devices behind NAT.
NAT Terms:
Inside Interface: The interface connected to inside local network
Outside Interface: The interface connected to outside internet.
Inside Local: IP address assigned to local network by administrator from Private IP range.
Inside Global: IP address assigned by ISP for Local LAN from Public IP range.
Working of NAT & PAT
10.0.0.5
Internet
10.0.0.6 10.0.0.1 200.100.100.12
Switch NAT
10.0.0.7
10.0.0.8
10.0.0.5
200.100.100.12
1080
10.0.0.6
200.100.100.12
1085
10.0.0.7
200.100.100.12 Port Translation
1024 1100
10.0.0.8
200.100.100.12
1024
Types of NAT
Static NAT
This NAT is used for servers in which one Live IP is directly mapped to one Local IP. This NAT
will forward on the traffic for the Live IP to the Local PC in the n/w.
Static NAT
200.1.1.5 = 192.168.10.6
Internet
Route
r
Live 200.1.1.5
Local 192.168.10.6
Port Based Static NAT
This NAT is also used for servers. It provides port-based access to the servers with the help of NAT.
200.1.1.5:80 -> 192.168.10.6

200.1.1.5:53 -> 192.168.10.7 Internet
Route
r
Web DNS
192.168.10.6 192.168.10.7
Dynamic NAT using Pool

Dynamic NAT is used for clients, which want to access Internet. The request from multiple client IPs
are translated with the Live IP obtained from the Pool. It is also called Pool Based Dynamic NAT.
Pool => 200.1.1.8 – 200.1.1.12/28

Local address => 172.16.X.X
Internet
Except => 172.16.0.5
172.16.0.6
172.16.0.7
Route
r
Web Server DNS Full access 172.16.X.X

172.16.0.5 172.16.0.6 172.16.0.7
Pool allotted => 200.1.1.0 – 15/28

Server
Static => 200.1.1.3 = 172.16.0.7
Port Based Static NAT
200.1.1.4:53 = 172.16.0.6
200.1.1.4:80 = 172.16.0.5
Client
Dynamic NAT
Pool => 200.1.1.8 – 200.1.1.12/28
Local address => 172.16.0.X
Configuring NAT
Router#conf ter
Router(config-if)#ip nat outside
Router(config-if)#int eth 0
Router(config-if)#ip nat inside
Router(config)#ip nat inside source static 172.16.0.7 200.1.1.3

Router(config)#ip nat inside source static tcp 172.16.0.5 80 200.1.1.4 80
Router(config)#ip nat inside source static udp 172.16.0.6 53 200.1.1.4 53
Router(config)#ip nat pool abc 200.1.1.8 200.1.1.12 netmask 255.255.255.240

Router(config)#ip nat inside source list 30 pool abc overload
To display NAT translation

Router#sh ip nat translations
(after ping any address, it shows ping details)
To clear IP NAT Translation

Router#clear ip nat Translation *

CCNA New2

Enviado por

Dados do documento

Descrição original:

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

CCNA New2

Enviado por

Direitos autorais:

Formatos disponíveis

LOCAL AREA NETWORK

What Are Servers, Routers, and Firewalls?

Administrator model for Networks

Apache, Internet Explorer,

• Application Layer: -sales man

Connection Oriented Communication

Connection less Communication

(i) Error checking

(ii) Flow Control

(iv) Positive Acknowledgement and Response

Its other responsibilities are:

Data Link Layer

Data => Segment => Packet => Frames => Bits

Devices at different Layers

Ethernet at Logical Link Control

This algorithm runs when a collision created.

Detect the Collision

Stop transmitting receiving data

Generate a random Number

Try to communicate after delay

Problems of Ethernet technology

LAN segmentation using bridge.

1st collision domain 2nd collision domain 3rd collision domain

LAN segmentation using Switches

Switch’s working is similar to the bridge.

Lan segmentation using router

1st Broadcast Domain 2nd Broadcast Domain 3rd Broadcast

(2) Flash RAM

(5) BIOS ROM

Router & PC terms

Router Interfaces & Ports

AUI DB15 yellow 10 mbps To connect

Fast Ethernet RJ45 yellow 100 mbps To connect

Serial DB60 blue E1-2 mbps To connect WAN

BRI ISDN RJ45 orange 192 kbps To connect ISDN

VOIP RJ11 white - to connect

AUI – Attachment Unit Interface EPABX – Electronic Private Automatic Branch

Auxiliary RJ45 black depend on To connect

Virtual terminal - - - To connect

(2) E1/T1 controller RJ45 White E1-2048 kbps Connect

Access Router using console

Step 2 Select com port

Step 3 On the Port Settings tab, enter the following settings:

Router Access Modes

Line configuration mode

Interface configuration mode

Routing configuration mode

(1) Console Password (3) Auxiliary Password

(2) Vty Password (4) Enable Password

Encryption all passwords

Startup configuration is stored in the NVRAM. Startup configuration is used to

Running Configuration is present in the Primary RAM wherever we run a

To display running- To save configuration

CISCO command line editing & shortcuts

Configuring IP, Mask and Enabling the Interface

Eth 0 Slot 1 Slot 0

To configure Interface Configuring parameters on

Show interfaces command will display following parameters about an

Status Keep alive

Configuring sub interface

Managing Command Line History

To display log buffer