Basic Understanding Of OSI Layers

The OSI Network Model Standard

The International Standards Organization (ISO) has defined a standard called the
Open Systems Interconnection (OSI) reference model. This is a seven layer
architecture listed below. Each layer is considered to be responsible for a different
part of the communications. This concept was developed to accommodate changes
in technology. The layers are arranged here from the lower levels starting with the
physical (hardware) to the higher levels.

1. Physical Layer - The actual hardware.

2. Data Link Layer - Data transfer method (802x ethernet). Puts data in frames
and ensures error free transmission. Also controls the timing of the network
transmission. Adds frame type, address, and error control information. IEEE
divided this layer into the two following sublayers.
1. Logical Link control (LLC) - Maintains the Link between two
computers by establishing Service Access Points (SAPs) which are a
series of interface points. IEEE 802.2.
2. Media Access Control (MAC) - Used to coordinate the sending of data
between computers. The 802.3, 4, 5, and 12 standards apply to this
layer. If you hear someone talking about the MAC address of a network
card, they are referring to the hardware address of the card.
3. Network Layer - IP network protocol. Routes messages using the best path
available.
4. Transport Layer - TCP, UDP. Ensures properly sequenced and error free
transmission.
5. Session Layer - The user's interface to the network. Determines when the
session is begun or opened, how long it is used, and when it is closed.
Controls the transmission of data during the session. Supports security and
name lookup enabling computers to locate each other.
6. Presentation Layer - ASCII or EBCDEC data syntax. Makes the type of data
transparent to the layers around it. Used to translate date to computer specific
format such as byte ordering. It may include compression. It prepares the data,
either for the network or the application depending on the direction it is going.
7. Application Layer - Provides services software applications need. Provides the
ability for user applications to interact with the network.
Many protocol stacks overlap the borders of the seven layer model by operating at
multiple layers of the model. File Transport Protocol (FTP) and telnet both work at
the application, presentation, and the session layers.

The Internet, TCP/IP, DOD Model

This model is sometimes called the DOD model since it was designed for the
department of defense It is also called the TCP/IP four layer protocol, or the internet
protocol. It has the following layers:

1. Link - Device driver and interface card which maps to the data link and
physical layer of the OSI model.
2. Network - Corresponds to the network layer of the OSI model and includes
the IP, ICMP, and IGMP protocols.
3. Transport - Corresponds to the transport layer and includes the TCP and UDP
protocols.
4. Application - Corresponds to the OSI Session, Presentation and Application
layers and includes FTP, Telnet, ping, Rlogin, rsh, TFTP, SMTP, SNMP, DNS,
your program, etc.

Please note the four layer TCP/IP protocol. Each layer has a set of data that it
generates.

1. The Link layer corresponds to the hardware, including the device driver and
interface card. The link layer has data packets associated with it depending on
the type of network being used such as ARCnet, Token ring or ethernet. In our
case, we will be talking about ethernet.
2. The network layer manages the movement of packets around the network and
includes IP, ICMP, and IGMP. It is responsible for making sure that packages
reach their destinations, and if they don't, reporting errors.
3. The transport layer is the mechanism used for two computers to exchange data
with regards to software. The two types of protocols that are the transport
mechanisms are TCP and UDP. There are also other types of protocols for
systems other than TCP/IP but we will talk about TCP and UDP in this
document.
4. The application layer refers to networking protocols that are used to support
various services such as FTP, Telnet, BOOTP, etc. Note here to avoid
confusion, that the application layer is generally referring to protocols such as
FTP, telnet, ping, and other programs designed for specific purposes which are
governed by a specific set of protocols defined with RFC's (request for
 comments). However a program that you may write can define its own data
structure to send between your client and server program so long as the
program you run on both the client and server machine understand your
protocol. For example when your program opens a socket to another machine,
it is using TCP protocol, but the data you send depends on how you structure
it.

Data Encapsulation, a Critical concept to be understood

When starting with protocols that work at the upper layers of the network models,
each set of data is wrapped inside the next lower layer protocol, similar to wrapping
letters inside an envelope. The application creates the data, then the transport layer
wraps that data inside its format, then the network layer wraps the data, and finally
the link (ethernet) layer encapsulates the data and transmits it.

To continue, you should understand the definition of a client and server with regards
to networking. If you are a server, you will provide services to a client, in much the
same way as a private investigator would provide services to their clients. A client
will contact the server, and ask for service, which the server will then provide. The
service may be as simple as sending a single block of data back to the client. Since
there are many clients, a server must be constantly ready to receive client requests,
even though it may already be working with other clients. Usually the client program
will operate on one computer, while the server program will operate on another
computer, although programs can be written to be both a client and a server.

Lets say you write a client chat program and a server chat program to be used by two
people to send messages between their machines. You run the server program on
machine B, and the client program on machine A. Tom is on machine A and George
is on machine B. George's machine is always ready to be contacted, but cannot
initiate a contact. Therefore if George wants to talk to Tom, he cannot, until Tom
contacts him. Tom, of course can initiate contact at any time. Now you decide to
solve the problem and merge the functionality of the two programs into one, so both
parties may contact the other. This program is now a client/server program which
operates both as a client and a server. You write your code so when one side initiates
contact, he will get a dialog box, and a dialog box will pop up on the other side. At
the time contact is initiated, a socket is opened between the two machines and a
virtual connection is established. The program will let the user (Tom) type text into
the dialog window, and hit send. When the user hits send, roughly the following will
happen.

1. Your program will pass Tom's typed text in a buffer, to the socket. This
happens on machine A.
2. The underlying software (Code in a library called by a function your program
used to send the data) supporting the socket puts the data inside a TCP data
packet. This means that a TCP header will be added to the data. This header
contains a source and destination port number along with some other
information and a checksum. Deamon programs (Daemon definition at the
bottom of this page) may also work at this level to sort packages based on port
number (hence the TCP wrapper program in UNIX and Linux).
3. The TCP packet will be placed inside an IP data packet with a source and
destination IP address along with some other data for network management.
This may be done by a combination of your library function, the operating
system and supporting programs.
4. The IP data packet is placed inside an ethernet data packet. This data packet
includes the destination and source address of the network interface cards
(NIC) on the two computers. The address here is the hardware address of the
respective cards and is called the MAC address.
 5. The ethernet packet is transmitted over the network line.
6. Assuming there is a direct connection between the two computers, the
network interface card on machine B, will recognize its MAC address and
grab the data.
7. The IP data packet will be extracted from the ethernet data packet. A
combination of deamons and the operating system will perform this operation.
8. The TCP data packet will be extracted from the IP data packet. A combination
of deamons, the operating system, and libraries called by your program will
perform this function.
9. The data will be extracted from the TCP packet. Your program will then
display the retrieved data (text) in the text display window for George to read.

Be aware that for the sake of simplicity, we are excluding details such as error
management, routing, and identifying the hardware address of the NIC on the
computer intended to receive the data. Also we are not mentioning the possible
rejection of service based on a packet's port number or sender's IP address.

A deamon program is a program that runs in the background on a computer

operating system. It is used to perform various tasks including server functions. It is
usually started when the operating system is booted, but a user or administrator may
be able to start or stop a daemon at any time.
 Network Devices
Repeaters, Bridges, Routers, and Gateways
Network Repeater

A repeater connects two segments of your network cable. It retimes and regenerates
the signals to proper amplitudes and sends them to the other segments. When talking
about, ethernet topology, you are probably talking about using a hub as a repeater.
Repeaters require a small amount of time to regenerate the signal. This can cause a
propagation delay which can affect network communication when there are several
repeaters in a row. Many network architectures limit the number of repeaters that can
be used in a row. Repeaters work only at the physical layer of the OSI network
model.

Bridge

A bridge reads the outermost section of data on the data packet, to tell where the
message is going. It reduces the traffic on other network segments, since it does not
send all packets. Bridges can be programmed to reject packets from particular
networks. Bridging occurs at the data link layer of the OSI model, which means the
bridge cannot read IP addresses, but only the outermost hardware address of the
packet. In our case the bridge can read the ethernet data which gives the hardware
address of the destination address, not the IP address. Bridges forward all broadcast
messages. Only a special bridge called a translation bridge will allow two networks
of different architectures to be connected. Bridges do not normally allow connection
of networks with different architectures. The hardware address is also called the
MAC (media access control) address. To determine the network segment a MAC
address belongs to, bridges use one of:

• Transparent Bridging - They build a table of addresses (bridging table) as they

receive packets. If the address is not in the bridging table, the packet is
forwarded to all segments other than the one it came from. This type of bridge
is used on ethernet networks.
• Source route bridging - The source computer provides path information inside
the packet. This is used on Token Ring networks.
Network Router

A router is used to route data packets between two networks. It reads the information
in each packet to tell where it is going. If it is destined for an immediate network it
has access to, it will strip the outer packet, readdress the packet to the proper
ethernet address, and transmit it on that network. If it is destined for another network
and must be sent to another router, it will re-package the outer packet to be received
by the next router and send it to the next router. The section on routing explains the
theory behind this and how routing tables are used to help determine packet
destinations. Routing occurs at the network layer of the OSI model. They can
connect networks with different architectures such as Token Ring and Ethernet.
Although they can transform information at the data link level, routers cannot
transform information from one data format such as TCP/IP to another such as
IPX/SPX. Routers do not send broadcast packets or corrupted packets. If the routing
table does not indicate the proper address of a packet, the packet is discarded.

Brouter

There is a device called a brouter which will function similar to a bridge for network
transport protocols that are not routable, and will function as a router for routable
protocols. It functions at the network and data link layers of the OSI network model.

Gateway

A gateway can translate information between different network data formats or

network architectures. It can translate TCP/IP to AppleTalk so computers supporting
TCP/IP can communicate with Apple brand computers. Most gateways operate at the
application layer, but can operate at the network or session layer of the OSI model.
Gateways will start at the lower level and strip information until it gets to the
required level and repackage the information and work its way back toward the
hardware layer of the OSI model. To confuse issues, when talking about a router that
is used to interface to another network, the word gateway is often used. This does
not mean the routing machine is a gateway as defined here, although it could be.

Network bridge
A network bridge connects multiple network segments at the data link layer (layer 2)
of the OSI model. Bridges are similar to repeaters or network hubs, devices that
connect network segments at the physical layer, however a bridge works by using
bridging where traffic from one network is managed rather than simply rebroadcast
to adjacent network segments. In Ethernet networks, the term "bridge" formally
means a device that behaves according to the IEEE 802.1D standard - this is most
often referred to as a network switch in marketing literature.
Since bridging takes place at the data link layer of the OSI model, a bridge processes
the information from each frame of data it receives. In an Ethernet frame, this
provides the MAC address of the frame's source and destination. Bridges use two
methods to resolve the network segment that a MAC address belongs to.
•Transparent bridging – This method uses a forwarding database to send frames
across network segments. The forwarding database is initially empty and entries
in the database are built as the bridge receives frames. If an address entry is not
found in the forwarding database, the frame is rebroadcast to all ports of the
bridge, forwarding the frame to all segments except the source address. By means
of these broadcast frames, the destination network will respond and a route will
be created. Along with recording the network segment to which a particular
frame is to be sent, bridges may also record a bandwidth metric to avoid looping
when multiple paths are available. Devices that have this transparent bridging
functionality are also known as adaptive bridges.
•Source route bridging – With source route bridging two frame types are used in
order to find the route to the destination network segment. Single-Route (SR)
frames comprise most of the network traffic and have set destinations, while All-
Route(AR) frames are used to find routes. Bridges send AR frames by
broadcasting on all network branches; each step of the followed route is
registered by the bridge performing it. Each frame has a maximum hop count,
which is determined to be greater than the diameter of the network graph, and is
decremented by each bridge. Frames are dropped when this hop count reaches
zero, to avoid indefinite looping of AR frames. The first AR frame which reaches
its destination is considered to have followed the best route, and the route can be
used for subsequent SR frames; the other AR frames are discarded. This method
of locating a destination network can allow for indirect load balancing among
multiple bridges connecting two networks. The more a bridge is loaded, the less
likely it is to take part in the route finding process for a new destination as it will
be slow to forward packets. A new AR packet will find a different route over a
less busy path if one exists. This method is very different from transparent bridge
usage, where redundant bridges will be inactivated; however, more overhead is
introduced to find routes, and space is wasted to store them in frames. A switch
with a faster backplane can be just as good for performance, if not for fault
tolerance
Advantages of network bridges
•Self configuring
•Primitive bridges are often inexpensive
•Reduce size of collision domain
•Transparent to protocols above the MAC layer
•Allows the introduction of management - performance information and access
control
•LANs interconnected are separate and physical constraints such as number of
stations, repeaters and segment length don't apply

Disadvantages of network bridges

•Does not limit the scope of broadcasts
•Does not scale to extremely large networks
•Buffering introduces store and forward delays - on average traffic destined for
bridge will be related to the number of stations on the rest of the LAN
•Bridging of different MAC protocols introduces errors
•Because bridges do more than repeaters by viewing MAC addresses, the extra
processing makes them slower than repeaters
•Bridges are more expensive than repeaters

Layer 1 Hubs versus Higher Layer Switches

An Ethernet hub, or repeater, is a fairly unsophisticated broadcast device, and

rapidly becoming obsolete. Hubs do not manage any of the traffic that comes
through them. Any packet entering a port is broadcast out or "repeated" on every
other port, save the port of entry. Since every packet is repeated on every other port,
packet collisions result--which slows down the network.
Hubs have actually become hard to find, due to the widespread use of switches.
There are specialized applications where a hub can be useful, such as copying traffic
to multiple network sensors. There is no longer any significant price difference
between a hub and a low-end switch.
Layer 2
A single LAN switch, operating at the MAC sublayer of the data link layer, may
interconnect a small number of devices in a home or office. This is a trivial case of
bridging, in which the switch learns the MAC address of each connected device.
Compared to shared-medium LANs, a switch using microsegmentation prevents
collisions on an Ethernet, and can provide effectively simultaneous paths among
multiple devices. Single switches also can provide extremely high performance in
specialized applications such as storage area networks
Switches may also interconnect using a spanning-tree protocol that allows the best
path to be found within the constraint that it is a tree. In contrast to routers, bridges
only can have topologies with one active path between two points. The older IEEE
802.1d spanning tree protocol could be quite slow, with forwarding stopping for 30-
90 seconds while the spanning tree reconverged. A Rapid Spanning Tree Protocol
was introduced as IEEE 802.1w, but the newest edition of IEEE 802.1d-2004, adopts
the 802.1w extensions as the base standard.
Once a layer 2 switch learns the topology through a spanning tree protocol, it
forwards data link layer frames using some variant of bridging. There are four
forwarding methods a Layer 2 switch can use:
Store and forward - The switch buffers and, typically, performs a checksum on each
frame before forwarding it on.
Cut through - The switch only reads up to the frame's hardware address before
starting to forward it. There is no error checking with this method.
Fragment free - A method which attempts to retain the benefits of both "Store and
Forward" and "Cut-through". Fragment Free checks the first 64 bytes of the frame,
where addressing information is stored. This way the frame will always reach its
intended destination. Error checking of the actual data in the packet is left for the
end device in Layer 3 or Layer 4 (OSI), typically a router.
Adaptive switching - A method of automatically switching between the other three
modes.
Note that "cut through" switches have to fall back to "store and forward" if the
outgoing port is busy at the time the packet arrives.
Note that these forwarding methods are not controlled by the user and are configured
only by the switch itself.
Layer 3
Layer 3 switch is a marketing term for a router, typically a router optimized for
Ethernet interfaces. Like other switches, it connects devices to single ports for
microsegmentation. The ports normally operate in full duplex.
Switches, even primarily layer 2 switches, can be aware of layer 3 multicast and
increase efficiency by delivering the traffic of a multicast group only to ports where
the attached device has signaled that it wants to listen to that group. In a switch not
aware of multicasting and broadcasting, frames are also forwarded on all ports of
each broadcast domain, but in the case of IP multicast this causes inefficient use of
bandwidth. To work around this problem some switches implement IGMP snooping.

Network Layer (Layer 3)

The third-lowest layer of the OSI Reference Model is the network layer. If the data
link layer is the one that basically defines the boundaries of what is considered a
network, the network layer is the one that defines how internetworks (interconnected
networks) function. The network layer is the lowest one in the OSI model that is
concerned with actually getting data from one computer to another even if it is on a
remote network; in contrast, the data link layer only deals with devices that are local
to each other.
While all of layers 2 through 6 in the OSI Reference Model serve to act as “fences”
between the layers below them and the layers above them, the network layer is
particularly important in this regard. It is at this layer that the transition really begins
from the more abstract functions of the higher layers—which don't concern
themselves as much with data delivery—into the specific tasks required to get data
to its destination. The transport layer, which is related to the network layer in a
number of ways, continues this “abstraction transition” as you go up the OSI
protocol stack.

Network Layer Functions :

Some of the specific jobs normally performed by the network layer include:

Logical Addressing: Every device that communicates over a network has associated
with it a logical address, sometimes called a layer three address. For example, on the
Internet, the Internet Protocol (IP) is the network layer protocol and every machine
has an IP address. Note that addressing is done at the data link layer as well, but
those addresses refer to local physical devices. In contrast, logical addresses are
independent of particular hardware and must be unique across an entire internet
work.
Routing: Moving data across a series of interconnected networks is probably the
defining function of the network layer. It is the job of the devices and software
routines that function at the network layer to handle incoming packets from various
sources, determine their final destination, and then figure out where they need to be
sent to get them where they are supposed to go. I discuss routing in the OSI model
more completely in this topic on the topic on indirect device connection, and show
how it works by way of an OSI model analogy.
Datagram Encapsulation: The network layer normally encapsulates messages
received from higher layers by placing them into datagrams (also called packets)
with a network layer header.
Fragmentation and Reassembly: The network layer must send messages down to
the data link layer for transmission. Some data link layer technologies have limits on
the length of any message that can be sent. If the packet that the network layer wants
to send is too large, the network layer must split the packet up, send each piece to the
data link layer, and then have pieces reassembled once they arrive at the network
layer on the destination machine. A good example is how this is done by the Internet
Protocol.
Error Handling and Diagnostics: Special protocols are used at the network layer to
allow devices that are logically connected, or that are trying to route traffic, to
exchange information about the status of hosts on the network or the devices
themselves.

Layer-specific functionality

A modular network switch with 3 network modules (a total of 24 Ethernet and 14

Fast Ethernet ports) and one power supply.
While switches may learn about topologies at many layers, and forward at one or
more layers, they do tend to have common features. Other than for computer-room
very high performance applications, modern commercial switches use primarily
Ethernet interfaces, which can have different input and output speeds of 10, 100,
1000 or 10000 megabits per second. Switch ports almost always default to full-
duplex operation, unless there is a requirement for interoperability with devices that
are strictly half duplex. Half-duplex means that the device can only send or receive
at any given time, whereas full-duplex can send and receive at the same time.
At any layer, a modern switch may implement Power over Ethernet (POE), which
avoids the need for attached devices, such as an IP telephone or Wireless Access
Point, to need a separate power supply. Since switches can have redundant power
circuits connected to uninterruptible power supplies, the connected device can
continue operating even when regular office power fails.

Network Routing
Simple Networking Routing and Routers
This section will explain routing in simple terms with some simple standard rules.
There may be exceptions to these rules, but for introductory purposes we will keep
the first example simple. Please be aware, that the examples in this section are
working examples, but more complexity may be added when a larger network is
considered, and multiple data routes become available.

Each network interface card (NIC) has a specific address which is an IP address or
number. When data is sent between two computers, the data must be sent in a
package that has the address of the intended receiver (IP) on it. It is like an envelope
(ethernet) with the sender's and recipient's address on it. There is somewhat of a
difference, however. When the computer intends to send a packet, it first checks its
routing table to see if the intended data must be sent through a gateway. Many
computers only have a simple routing table, which is built from the network mask
and the gateway information entered, when you set your computer up to do
networking. The computer, when set up for networking, must be assigned an IP
address, netmask, and default gateway. This may be done manually or done
automatically using Dynamic Host Configuration Protocol (DHCP) to assign this
information to the computer when it boots. DCHP is described in another section. If
the computer determines that the packet must be sent to a gateway, it puts it in a
special packet (ethernet) for that gateway, with the actual recipient's address
wrapped inside.
In the above paragraph, data packets are equated to a letter with an envelope. For
this type of thinking, the envelope would be similar to the ethernet, SLIP, or PPP
packet which encapsulates the IP packet. The IP packet and its encapsulated data
would similar to a letter. Here's generally what happens when a package is sent:

The sending computer checks the IP part of the package to see the
sender's IP address, and based on the address and instructions in its
routing table will do one of the following:

1. Send the packet to the ethernet address of the intended recipient. The
following will happen:
1. The ethernet card on the receiving computer will accept the packet.
2. The other network levels (IP, TCP) will open the packet and use it
according to filtering and other programming instructions.
2. Send the packet to the ethernet address of a router, depending on the
instructions in the routing table.
1. The ethernet card on the router will accept the packet.
2. The IP level of the router will look at the packet's IP address and
determine according to its routing table where to send the packet next.
It should send it to another router or to the actual recipient.
3. The router will encapsulate the IP packet in another ethernet packet
with the ethernet address of the next router or the intended recipient.
4. Router hops will continue until the packet is sent on a network where
the intended recipient is physically located unless the packet expires.
5. The ethernet card on the receiving computer will accept the packet.

The other network levels (IP, TCP) will open the packet and use it according to
filtering and other programming instructions.

Lets say you enter an IP address of 10.1.20.45 and a netmask of 255.255.0.0. This
means you are on the network 10.1.0.0 (I show it as 10.1.x.x, the X's mean don't care
conditions). The machine's IP address and netmask, together define the network, that
it's NIC is on. Therefore any machine that fits in the address range provided under
10.1.x.x can be accessed directly from your NIC, and any that are not in this number
range, such as 10.3.34.67 cannot be accessed directly and must be sent to a gateway
machine since it is on another network. Typically most machines will use their
netmask to make this determination which means if the address does not match their
known network, the package will be sent to that machine's default gateway in a
special package meant for a router. It works similar to a post office. When you send
a letter in your town, you put it in the local slot. It can be delivered to someone else
in your town (network), but if you are sending to another town (network), you put
the letter in the out of town slot (default gateway), then the mail personnel put it in a
special container or box and send it to a main town (gateway), which then decides
where to send it based on its address. Although this simple network and default
gateway may be common, specific computers or gateways can have much more
complex rules for routing that allow exceptions to this example.

Please be aware that in order to be forwarded, data packets must be addressed to a

router. They cannot just be sent to the recipient's address out to a network. The router
does not pick packets off the network and forward them. If a packet is sent on a
network and a valid recipient is not on that network, there will be no response. This
will be demonstrated in the next section where a subnetwork will be described.

To keep routing simple, most networks are structured as shown below. Generally, the
higher networks are 10.x.x.x, then the next are 10.0-254.x.x, then 10.0-254.0-254.x.
The number 10 is used as an example Class A network. This numbering scheme
keeps routing simple and is the least confusing but networks can be set up in other
ways. In the diagram below, only gateways and their networks are shown.
In my simple network example below I vary from convention and make network
192.168.2.x be below network 192.168.1.x. causing traffic between the internet and
192.168.2.x to go through the network 192.168.1.x. Normally the network
192.168.1.x would be 192.168.x.x, but this will show you that there can be many
variants that will work as long as you have thought your layout through well, and set
your routing tables up in your gateways correctly.

Display of some Commonly used Routers

Routers for Service Small, Midsized and Large Businesses

Routers for Service Providers

TYPES OF DEVICES:

ROUTER:

History
The very first device that acted as a router does today was called an IMP, which
stands for Interface Message Processor. The first functional IMP was placed at
UCLA on August 30, 1969 and was developed at BBN by the IMP team as part of
their contract to build out the original ARPANET. The IMP and the routers that
followed are what make the Internet possible.

The first multiprotocol router was created at Stanford University by a staff

researcher named William Yeager in January of 1980. As virtually all networking
now uses IP at the network layer, multiprotocol routers are largely obsolete. Routers
that handle both IPv4 and IPv6 arguably are multiprotocol, but in a far less variable
sense than a router that processed AppleTalk, DECnet, IP, and Xerox protocols.

In the original era of routing (from the mid-1970s through the 1980s), general-
purpose mini-computers served as routers. Although general-purpose computers can
perform routing, modern high-speed routers are highly specialized computers,
generally with extra hardware added to accelerate both common routing functions
such as packet forwarding and specialised functions such as IPsec encryption.

Still, there is substantial use of Linux and Unix machines, running open source
routing code, for routing research and selected other applications. While Cisco's
operating system was independently designed, other major router operating systems,
such as those from Juniper Networks and Extreme Networks, are extensively
modified but still have Unix ancestry.

Other changes also improve reliability, such as redundant control processors with
stateful failover, and using storage having no moving parts for program loading.
As much reliability comes from operational techniques for running critical
routers as it does to the router design itself. It is the best common practice, for
example, to use redundant uninterruptible power supplies for all critical network
elements, with generator backup for the batteries or flywheels of those power
supplies.

Contents
• 1) Function
• 2) Control Plane
2.1) Routing table

• 3) Application in network layer Routing

• 4)Types of routers
•4.1 Routers for Internet connectivity and internal use
•4.2 Small and Home Office (SOHO) connectivity
•4.3 Enterprise Routers
•4.3.1 Access
•4.3.2 Distribution
•4.3.3 Core

Function:
A more precise definition of a router is a computer networking device that
interconnects separate logical subnets. Routers are now available in many types,
though all are fundamentally doing the same job. A router is a computer whose
software and hardware are usually tailored to the tasks of routing and forwarding,
generally containing a specialized operating system (e.g. Cisco's IOS or Juniper
Networks JunOS or Extreme Networks XOS), RAM, NVRAM, flash memory, and
one or more processors. High-end routers contain many processors and specialized
ASICs and do a great deal of parallel processing. However, with the proper software
(such as XORP or Quagga), even commodity PCs can act as routers.
Routers connect to two or more logical subnets, which do not necessarily map one-
to-one to the physical interfaces of the router
The term switch or layer 3 switch or network switch often is used interchangeably
with router, but switch is really a marketing term without a rigorous technical
definition (though a switch is commonly understood as a network hub with switched
ports, which might or might not also perform additional routing functions).
Routers operate in two different planes:
•Control Plane, in which the router learns the outgoing interface that is most
appropriate for forwarding specific packets to specific destinations,
•Forwarding Plane, which is responsible for the actual process of sending a
packet received on a logical interface to an outbound logical interface.
To understand the role of a router, understand that it does not, in a network of any
real complexity, take you directly to the destination. Instead, your information will
pass through a series of routers and intermediate subnets, each getting you one "hop"
closer to the destination, until you reach the router that connects to the subnet that
contains your final destination.
As a simple analogy, assume that you want to travel from Washington DC to New
York City. Getting on a highway, you see an exit marked "US Capitol". That does
not get you closer to your destination, so you continue. Eventually, you see a sign
reading "Baltimore and New York". You take that exit, which leads you to another
freeway, where you pass a number of exits for destinations in suburban Maryland.
Eventually, you see an exit marked "Philadelphia and New York", and take that to
another highway. You repeat this process until you get into New York City, and then
take a local exit to your destination. In like manner, routers receive packets, look up
their destination addresses in routing tables that have entries that tell you the
interface that is one hop closer to the destination, and sends the packet out the
destination. This is characteristic of the Network Layer, which deals with hop-by-
hop communications as opposed to the end-to-end communications of the Transport
Layer.
For the pure Internet Protocol (IP) forwarding function, router design tries to
minimize the state information kept on individual packets. Routers do maintain state
on routes, but not packets. Once a packet is forwarded, the router should retain no
more than statistical information about it. It is the sending and receiving endpoint
that keeps information on such things as errored or missing packets.
Forwarding decisions can involve decisions at layers other than the IP internetwork
layer or OSI layer 3. Again, the marketing term switch can be applied to devices that
have these capabilities. A function that forwards based on data link layer, or OSI
layer 2, information, is properly called a bridge, or layer 2 switch. A physical device
called a router may also have the capability to forward based on information at other
layers.

Control Plane
Control Plane processing leads to the construction of what is variously called a
routing table or routing information base (RIB). The RIB may be used by the
Forwarding Plane to look up the outbound interface for a given packet, or,
depending on the router implementation, the Control Plane may populate a separate
Forwarding Information Base (FIB) with destination information. RIBs are
optimized for efficient updating with control mechanisms such as routing protocols,
while FIBs are optimized for the fastest possible lookup of the information needed to
select the outbound interface.
The Control Plane constructs the routing table from knowledge of the up/down
status of its local interfaces, from hard-coded static routes, and from exchanging
routing protocol information with other routers. It is not compulsory for a router to
use routing protocols to function, if for example it was configured solely with static
routes. The routing table stores the best routes to certain network destinations, the
"routing metrics" associated with those routes, and the path to the next hop router.
Routers do maintain state on the routes in the RIB/routing table, but this is quite
distinct from not maintaining state on individual packets that have been forwarded.

Applications in Network Layer Routing

Forwarding Information Base:

A Forwarding Information Base (FIB), also known as a forwarding table, is most
commonly used in network bridging, routing, and similar functions to find the
proper interface to which the input interface should send a packet to be transmitted
by the router. In contrast to Routing Information Base, or routing tables, FIBs are
optimized for fast lookup of destination addresses, while RIBs are optimized for
efficient updating by routing protocols and other Control Plane methods. To forward,
the router looks up a packet's destination address in the FIB.

FIBs in Ingress Filtering against Denial of Service

FIBs also play a role in an Internet Best Current Practice of ingress filtering. In the
basic form of ingress filtering[2], if a packet arrives on an interface, the ingress
filter, in an interface-specific FIB, looks up the source address of the packet. If the
interface has no route to the source address, the packet is assumed to be part of a
denial of service attack, using a false or spoofed source address, and the router
discards the packet.
When the router is multihomed, ingress filtering becomes more complex. There are
perfectly reasonable operational scenarios in which a packet could arrive on one
interface, but that specific interface might not have a route to the source address.
Ingress filtering for multihomed routers[3] will accept the packet if there is a route
back to its source address from any interface on the router. For this type of filtering,
the router may also maintain an adjacency table, also organized for fast lookup, that
keeps track of the router interface addresses that are on all directly connected
routers.

FIBs in Differentiated Services/Quality of Service Routing

IP Differentiated Services provides an additional method to select outgoing
interfaces, based on a field [4] that indicates the forwarding priority of the packet, as
well as the preference of the packet to be dropped in the presence of congestion.
Routers that support differentiated service not only have to look up the output
interface for the destination address, but need to send the packet to the interface that
best matches the Differentiated Services requirements. In other words, as well as
matching the destination address, the FIB has to match Differentiated Services Code
Points (DSCP).

FIB Information for Additional Processing

Specific router implementations may, when a destination address or other FIB
criterion is matched, specify other action to be done before forwarding (e.g.,
accounting or encryption), or applying an access control list that may cause the
packet to be dropped
 Types of various series routers:

Cisco 800 Series Router

Overview
Cisco 800 Series routers are secure broadband routers extending concurrent data,
security, and wireless services to to enterprise branch officers, teleworkers and small
businesses, helping to increase productivity and streamline operations.

Specifications
• Suitable for ISDN, serial connections (Frame Relay, leased lines, X.25 or
asynchronous dialup), IDSL, and ADSL connections
• Enhanced Security using VPNs with integrated stateful firewall and IPSec
encryption
• Cisco IOS software for lower total cost of ownership
• Field-upgradable memory options to allow easy migration to the latest
networking features

New & Used Cisco 800 Series

We sell new and used Cisco 800 Series Routers and other Cisco Networks gear at
significant discounts to list prices. Our used Cisco gear is extensively tested and
subject to a minimum 24-hour burn-in to ensure reliability.

All Cisco Networks products represented by Alpha Digital come with full
warranties and are guaranteed to be eligible for the manufacturers maintenance
program.
Overview of the 2500 series Router

lists the router models discussed in this publication and provides a summary
of the interfaces supported on each model. These router models are similar
in functionality, but differ in the number of interfaces supported.

Table 1-1 Summary of Router Interfaces

Token
Ethernet Ring (DB- Serial ISDN2 BRI3
Model AUI1 (DB-15) 9) (DB-60) (RJ-45)
Cisco 2501/ 1 - 2 -
CPA2501
Cisco 2502/ - 1 2 -
CPA2502
Cisco 2503/ 1 - 2 1
CPA2503
Cisco 2504/ - 1 2 1
CPA2504
Cisco 2513/ 1 1 2 -
CPA2513
Cisco 2514/ 2 - 2 -
CPA2514
Cisco 25154 - 2 2 -
1
AUI = attachment unit interface.
2
ISDN = Integrated Services Digital Network.
3
BRI = Basic Rate Interface.
4
A CPA2515 model is not available.
Note Throughout the remainder of the publication, one model number will
be used in text references. For example, references to the model 2501 router
will apply to both the Cisco 2501 and CPA2501 routers.

Hardware Features

In addition to the interfaces listed in , the routers include the following

hardware features:

• Dynamic random-access memory (DRAM) for main memory and shared

memory

• Nonvolatile random-access memory (NVRAM) for storing configuration

information

• Flash memory for running the Cisco IOS software

• EIA/TIA-232 console port for local system access using a console terminal

Note EIA/TIA-232 and EIA/TIA-449 were known as recommended

standards RS-232 and RS-449 before their acceptance as standards by the
Electronic Industries Association (EIA) and Telecommunications Industry
Association (TIA).

Figure 1-1 Model 2501 Router Rear Panel

Figure 1-2 Model 2502 Router Rear Panel

Figure 1-3 Model 2503 Router Rear Panel

Figure 1-4 Model 2504 Router Rear Panel

Figure 1-5 Model 2513 Router Rear Panel

Figure 1-6 Model 2514 Router Rear Panel

Figure 1-7 Model 2515 Router Rear Panel

System Specifications

The system specifications of the routers are listed in Table 1-2.

Table 1-2 System Specifications

Description Specification
Dimensions (H x 1.75 x 17.5 x 10.56 in.
W x D) (4.44 x 44.45 x 26.82 cm),
one rack unit
Weight 10 lb (4.5 kg)
Input voltage, AC 100 to 240 VAC
power supply 1.2 to 0.6A
Current 50/60 Hz
Frequency 40W (maximum), 135.5 Btus1 /hr
Power dissipation
Input voltage, DC 40W, 40 to 72 VDC
power supply 1.5 to 1.0A
Current 40W (maximum), 135.5 Btus/hr
Power dissipation
Processor 20-MHz Motorola 68EC030
Interfaces See for a list of interfaces supported on
each router model.
 • Ethernet AUI (IEEE2 802.3) (DB-15)

• Token Ring (IEEE 802.5) (DB-9)

• Synchronous serial3 (DB-60)

• ISDN BRI (RJ-45)4

• Console (RJ-45)

• Auxiliary (RJ-45)
Operating 32 to 104⋅F (0 to 40⋅C)
environment
Nonoperating -40 to 185⋅F (-40 to 85⋅C)
temperature
Operating 5 to 95%, noncondensing
humidity
Noise level 34 dBa @ 3 ft (0.914 m)
Regulatory FCC Class A and Canadian DOC Class A
compliance
For more regulatory information, refer to
the document that accompanied your
router.

Cisco 2600 Series Modular Access Router

Cisco Systems Extends Enterprise-Class Versatility, Integration, and Power to

Remote Branch Offices with the Cisco 2600 Series Modular Access Router
Family.
The Cisco 2600 series shares modular interfaces with the Cisco 1600 and 3600
series, providing a cost-effective solution to meet today's remote branch office needs
for applications such as:

• Secure Internet/intranet access with optional Firewall

• Multiservice voice/data integration
• Analog and digital dial access services
• Virtual Private Network (VPN) access
• Virtual LANs (VLANs)

The modular architecture of the Cisco 2600 series allows interfaces to be upgraded
to accommodate network expansion or changes in technology as new services and
applications are deployed. By integrating the functions of multiple separate devices
into a single, compact unit, the Cisco 2600 series reduces the complexity of
managing the remote network solution. Driven by a powerful RISC processor, the
Cisco 2600 series provides the extra power needed to support the advanced quality
of service (QoS) and security features required in today's remote branch offices.

The Cisco 2600 series is available in six base configurations:

• Cisco 2610---One Ethernet port

• Cisco 2611---Two Ethernet ports
• Cisco 2612---One Ethernet port, one Token Ring port
• Cisco 2613---One Token Ring port
• Cisco 2620---One autosensing 10/100 Mbps Ethernet port
• Cisco 2621---Two autosensing 10/100 Mbps Ethernet ports

Each model also has two WAN Interface Card (WIC) slots, one Network Module
slot, and an Advanced Integration Module (AIM) slot.

The WAN interface cards available for the Cisco 1600, 1720, 2600, and 3600 routers
support a variety of serial, Integrated Services Digital Network Basic Rate Interface
(ISDN BRI), and integrated channel service unit/data service unit (CSU/DSU)
options for primary and backup WAN connectivity. Network modules available for
the Cisco 2600 and 3600 series support a broad range of applications, including
multiservice voice/data integration, analog and ISDN dial access, and serial device
concentration. The internal Data Compression Advanced Integration Module for the
Cisco 2600 series off-loads the task of performing high-speed data compression.
From the 2600's main CPU, allowing compressed data throughput of up to 8-Mbps
while preserving external interface slots for other applications.
Figure 1: Cisco 2600 Series Modular Access Routers
Key Benefits

The Cisco 2600 series supports the value of end-to-end Cisco network solutions with
the following benefits:

• Inv estment protection---Because the Cisco

2600 series supports field-upgradable modular components, customers can
easily change network interfaces without a "forklift upgrade" of the entire
branch office network solution. The AIM slot of the Cisco 2600 platform
further protects investments by offering the expandability to support advanced
services such as hardware-assisted data compression and, in the future
hardware-assisted data encryption.
• Lower cost of ownership---By integrating the functions of CSU/DSUs, ISDN
Network Termination (NT1) devices, firewall modems, compression or
encryption devices, and other equipment found in branch office wiring closets
in a single, compact unit, the Cisco 2600 series provides a space-saving
solution that can be managed remotely using network management
applications such as CiscoWorks and CiscoView.
• Multiservice voice/data integration---The Cisco 2600 series reinforces
Cisco's commitment to integrate multiservice voice/data integration
capabilities to its product portfolio, allowing network managers to save long-
distance interoffice calling costs and enabling next-generation voice-enabled
applications such as integrated messaging and Web-based call centers. Using
the Voice/Fax modules, the Cisco 2600 may be deployed in both Voice over IP
(VoIP) and Voice over Frame Relay (VoFR) networks.
• Part of a Cisco end-to-end solution---As part of Cisco's comprehensive end-
to-end networking solution, the Cisco 2600 series allows businesses to extend
a cost-effective, seamless network infrastructure to the branch office.
Key Features and Benefits:
The Cisco 2600 series brings a cost-effective combination of versatility, integration,
and power to remote branch offices with the key features listed in Table 1.

Benefits
Table 1 Key Features and
Benefits of the Cisco 2600
Series Features

Versatility and Investment

Protection

Modular Architecture • Network interfaces are field-upgradable to

accommodate future technologies while
providing a solution to meet today's needs
• Additional interfaces can be added on a "pay as
you grow" basis to accommodate network
growth

• LAN and WAN interface configuration is

easily customized for individual needs

WAN Interface Cards and • Reduced cost of maintaining inventory of

Network Modules Shared Cisco 1600, 1700, 2600, and 3600 series
with Cisco 1600, 1700, and modular components
3600 Series Routers
• Lower training costs for support personnel

Advanced Integration • Expandability for integration of advanced high

Module Slot performance services such as hardware-
assisted data compression or encryption

DC Power Supply Option • Allows deployment in DC power environments

such as telecommunications carrier central
offices

Enterprise-Class
Performance

High-Performance RISC • Support for advanced QoS features such as the

Architecture Resource Reservation Protocol (RSVP),
Weighted Fair Queuing (WFQ), and IP
Precedence to reduce recurring WAN costs
• Enables security features such as data
encryption, tunneling, and user authentication
and authorization for VPN access
• ICSA-certified Cisco IOS Firewall feature sets
provide support for advanced security features
such as Context-Based Access Control
(CBAC), Java blocking, denial of service
protection, and audit trails
• Support for cost-effective, software-based data
compression and data encryption
• Integration of legacy networks via data link
switching plus (DLSW+) and Advanced Peer-
to-Peer Networking (APPN)

• High-speed routing performance of up to

25,000 packets per second for maximum
scalability

Full Cisco IOS® Software • Supports the same IOS software Feature Sets
Support as the Cisco 2500 and 3600 series

Simplified Management

Integrated CSU/DSU, • Enables remote management of all Customer

Analog Modem and NT1 Premise Equipment (CPE) elements for higher
Options network availability and lower operational
costs

Support for CiscoWorks and • Allows simplified management of all

CiscoView integrated and stackable components

Support for Cisco Voice • Reduces the cost of deploying and managing
Manager (CVM) integrated voice/data solutions

Enhanced Setup Feature • Context-sensitive questions guide the user

through the router configuration process,
allowing faster deployment

Support for Cisco AutoInstall • Configures remote routers automatically across

a WAN connection to save cost of sending
technical staff to the remote site

Part of Cisco's Enterprise • Can be stacked with LAN switches such as the
Stackable Solutions Catalyst® 1900 or 2820XL for simplified
management

VLAN Support • Enables inter-VLAN routing via Cisco's Inter-

Switch Link (ISL) protocol (Cisco 2620 and
2621)

Reliability

Redundant Power Supply • RPS can be shared with other network

Option components such as the Cisco Catalyst 1900
series to protect the network from downtime
due to power failures

Dial-on-Demand Routing • Allows automatic backup of WAN connection

in case of a primary link failure

Dual Bank Flash Memory • Backup copy of the Cisco IOS software can be
stored in Flash memory

Ergonomic Design

LED Status Indicators • Provide at-a-glance indications for power, RPS

status, network activity, and interface status

All Network Interfaces • Simplifies installation and cable management

Located on Back of Unit for maximum uptime

Easy-to-Open Chassis • Allows fast and easy access for installation of

Design memory or AIM

Multispeed Fan • Enables quiet operation in office environments

Figure 2: Cisco 2600 Series Back Panel View (Cisco 2611 shown)

Hardware/Software Options
Cisco 2600 series routers offer a choice of Ethernet, Token Ring, and autosensing
10/100 Ethernet LAN interfaces. In addition, each model features two WAN
Interface Card (WIC) slots, one Network Module slot, and an Advanced Integration
Module (AIM) slot.

WAN Interface Card Options:

The Cisco 2600 series supports all WAN Interface Cards available for the Cisco
1600, 1700 and 3600 series, as well as two new dual-port serial WAN interface cards
to maximize interface density and slot efficiency. The new dual-serial port WAN
interface cards feature Cisco's new, compact, high-density Smart Serial connector to
support a wide variety of electrical interfaces when used with the appropriate
transition cable.

Figure 3: Dual-Port High-Speed Serial WIC (up to 4 Mbps/port)

Figure 4: Dual-Port Async/Sync Serial WIC (up to 128 Kbps/port)

Table 2 WAN Interface Cards and Voice Interface Cards for Cisco 2600 Series
Part Number Description

WIC-1DSU-T1 T1/Fractional T1 CSU/DSU (requires IOS software version

11.3(4)T or later)

WIC-1DSU- One-port four-wire 56/64-kbps CSU/DSU

56K4

WIC-1T One-port high-speed serial

WIC 2T Dual high-speed serial

WIC-2A/S Two-port async/sync serial

WIC-1B-S/T One-port ISDN BRI

WIC-1B-U One-port ISDN BRI with NT1

Network Module Options

The Cisco 2600 series supports the Network Modules listed in Table 3; these
modules are shared with the Cisco 3600 series.

Description
Table 3 Network Modules for
Cisco 2600 Series Module
Serial Network Modules for Cisco 2600 series (requires IOS software release
11.3(2) or later)

NM-16A 16-port high density async network module

NM-32A 32-port high density async network module

NM-4A/S Four-port low speed (128 Kbps max)

async/sync serial network module

NM-8A/S Eight-port low speed (128 Kbps max)

async/sync serial network module

LAN Network Modules for Cisco 2600 series (requires IOS software release
11.3(4)T or later)

NM-1E One-port Ethernet network module

NM-4E Four-port Ethernet network module

NM-1ATM-251 One-port ATM 25Mbps network module

Dial, ISDN and Channelized Serial Network Modules for Cisco 2600 series
(requires IOS software release 11.3(4)T or later)

NM-1CT1 One-port channelized T1/ISDN PRI network

module

NM-1CT1-CSU One-port channelized T1/ISDN PRI with

CSU network module

NM-2CT1 Two-port channelized T1/ISDN PRI network

module

NM-2CT1-CSU Two-port channelized T1/ISDN PRI with

CSU network module
NM-1CE1B One-port channelized E1/ISDN PRI balanced
network module

NM-1CE1U One-port channelized E1/ISDN PRI

unbalanced network module

NM-2CE1B Two-port channelized E1/ISDN PRI balanced

network module

NM-2CE1U Two-port channelized E1/ISDN PRI

unbalanced network module

NM-4B-S/T Four-port ISDN BRI network module (S/T

interface)

NM-4B-U Four-port ISDN BRI with NT-1 network

module (U interface)

NM-8B-S/T Eight-port ISDN BRI network module (S/T

interface)

NM-8B-U Eight-port ISDN BRI with NT-1 network

module (U interface)

NM-8AM Eight analog modem network module

NM-16AM Sixteen analog modem network module

Voice/Fax Network Modules for Cisco 2600 series (requires IOS release 11.3(2) or
later)

Voice/Fax Network Modules for Cisco 2600 series (requires IOS release 11.3(2) or
later)

NM-1V1 One-slot voice/fax network module (up to 2

voice channels)
NM-2V1 Two-slot voice/fax network module (up to 4
voice channels)

1
The voice/fax and ATM-25 network modules require a Cisco IOS Plus feature set.

Advanced Integration Module Options

Description
Table 4 Voice Interface Cards for use
with the Voice/Fax Network Modules
Module

VIC-2FXS Two-port FXS voice/fax interface card for

voice/fax network module

VIC-2FXO Two-port FXO voice/fax interface card for

voice/fax network module

VIC-2FXO-EU Two-port FXO voice/fax interface card for

Europe

VIC-2FXO-M3 Two-port FXO voice/fax interface card for

Australia

VIC-2E/M Two-port E&M voice/fax interface card for

voice/fax network module

VIC-2BRI-S/T-TE1 Two-port BRI S/T terminal equipment

voice/fax interface card for voice/fax
network module

1
Supported on the Cisco 261x with Cisco IOS 12.0(2)XD and Cisco 262x on
12.0(3)T or later

The Data Compression AIM is the first product to take advantage of the Cisco 2600's
internal Advanced Integration Module slot, ensuring that external slots remain
available for components such as integrated CSU/DSUs, analog modems, or
Voice/Fax Network Modules. The Data Compression AIM for the Cisco 2600 series
delivers a cost-effective option for reducing recurring WAN costs and maximizing
the benefit of the advanced bandwidth management features of the Cisco IOS
software.

Table 5 Advanced Integration Module for the Cisco 2600 Series

Module Description

AIM- Data Compression AIM for the Cisco 2600 series (requires IOS
COMPR2 software release 12.0(2) or later)

Table 6 Cisco IOS Software Feature Sets and Memory Requirements for Cisco
2600 Series IOS release 12.0(2)
IP IP/IPX®/AT/D Remote Enterpri Enterpris
EC Access Servi se e/ APPN
ces

Base Feature 4-MB 8-MB Flash 4-MB Flash --- ---

Set Flash
20-MB DRAM 20-MB
20- DRAM
MB
DRA
M

Firewall only 4-MB --- --- --- ---

no encryption Flash

20-
MB
DRA
M

Plus Feature 8-MB 8-MB Flash --- 8-MB 8-MB

Sets
 Flash Flash Flash
24-MB DRAM
24- 32-MB 32-MB
MB DRAM DRAM
DRA
M

Firewall and --- 8-MB Flash --- --- ---

Plus Feature
Sets 24-MB DRAM

Plus 40 with 8-MB --- --- --- ---

Plus features Flash
and 40-
bit encryption 32-
MB
DRA
M

Plus IPSec 56 8-MB --- --- 8-MB 8-MB

with Plus Flash Flash Flash
features and
56-bit IPSec 24- 32-MB 32-MB
encryption MB DRAM DRAM
DRA
M

Plus IPSec 8-MB --- --- 8-MB 8-MB

3DES with Flash Flash Flash
Plus features
and triple 24- 32-MB 32-MB
DES 56 bit MB DRAM DRAM
IPSec DRA
encryption M

Firewall Plus 8-MB --- --- 8-MB ---

IPSec 56 Flash Flash
Feature Set
24- 32-MB
with Firewall,
Plus features MB DRAM
and 56-bit DRA
IPSec encrypt M
ion

Firewall Plus 8-MB --- --- 8-MB ---

IPSec 56 with Flash Flash
Firewall, Plus
features and 24- 32-MB
triple 56 bit MB DRAM
IPSec DRA
encryption M

Cisco IOS Software:

With support for the full range of available Cisco IOS feature sets, the Cisco 2600
series supports the broadest range of network services in the industry. Base feature
sets support popular protocols and standards such as NAT, OSPF, Border Gateway
Protocol (BGP), Remote Access Dial-In User Service (RADIUS), IP Multicast,
RMON, and WAN optimization features (such as Bandwidth on Demand; Custom,
Priority and Weighted Fair Queuing, Dial Back-up and RSVP). "Plus" feature sets
contain an additional number of value-added features such as legacy mainframe
protocols, DLSw, L2TP, L2F, Voice/Data integration, Asynchronous Transfer Mode
(ATM), VLANs, Netflow, etc. Additional feature sets include IPSec, and 3DES
encryption as well as ICSA certified Firewall capabilities.

The Cisco 2600 series supports Cisco IOS Release 11.3(2) and later. A detailed
listing of Cisco IOS feature set content can be found in the Cisco 2600 IOS release
notes as well as in the Cisco 2600 software features and memory requirements
product bulletin.

Technical Specifications
• Processor: Motorola MPC860 40 MHz (Cisco 261X), Motorola MPC860 50
MHz (Cisco 262x)
• Flash Memory: 4 to 16 MB (32MB max. on Cisco 262x)
 • System Memory (DRAM): 24 to 64 MB
• WAN Interface Card Slots: 2
• Network Module Slot: 1
• AIM Slot: 1
• Console/Aux Speed: 115.2-Kbps (maximum)
• Width: 17.5 in. (44.5 cm)
• Height: 1.69 in. (4.3 cm)
• Depth: 11.8 in. (30 cm)
• Weight (min): 8.85 lb. (4.02 kg)
• Weight (max): 10.25 lb. (4.66 kg)
• Power Dissipation: 72W (maximum)
• AC Input Voltage: 100 to 240 VAC
• Frequency: 47 to 64 Hz
• AC Input Current: 1.5 amps
• DC Input Voltage: -38V to -75V
• DC Input Current: 2 amps
• Operating Temperature: 32 to 104° F (0 to 40° C)
• Non-operating Temperature: -13 to 158° F (-25 to 70° C)
• Relative Humidity: 5 to 95% non-condensing
• Noise Level (min): 38-dbA
• Noise Level (max): 42-dbA

The Cisco 2600 series conforms to a number of safety, EMI, immunity and network
homologation standards. Details can be obtained through your Cisco reseller or
account manager.

Description
Nortel VPN
Router 1700 Request a
Series quick quote for
the:
Nortel VPN
Router 1700
Series
The Nortel VPN Router 1700 Series is
available from NexStor. NexStor
offers the most competitive prices for
Nortel Nortel products.
Routers
Nortel VPN Router 1700 Series
• Avici
Nortel VPN Router 1700 Series serves
Systems
several roles in enterprise and carrier
Core Routers
IP networks: basic IP access router,
• Nortel
dedicated VPN switch, or firewall --
Access Stack
and evolve from one to another
Node (ASN)
simply by licensing a software key.
• Nortel
Supporting up to 500 tunnels, VPN
Advanced
Router 1700 are ideal for office
Remote
centres, campuses, or large branch
Node (ARN)
offices with several hundred users.
• Nortel
Backbone
The VPN Router 1700 Series are
Concentrator
available in two models:
Node (BCN)
• Nortel • The VPN Router 1700 is a fully
Backbone featured platform with a single
Link Node hardware expansion slot. It
(BLN) addresses sites with limited need
• Nortel for optional LAN, WAN or hardware
Ethernet acceleration cards.
Routing • The VPN Router 1740, with up to
Switch 5520 four expansion slots, can integrate
• Nortel a range of LAN, WAN and
Multiprotocol acceleration cards for fan-out and
Router 2430 back-up purposes. It provides
• Nortel