Professional Documents
Culture Documents
Data Networks
Sharing data through the use of floppy disks is not an efficient or cost-effective manner in which to operate businesses. Businesses needed a solution that would successfully address the following three problems: How to avoid duplication of equipment and resources How to communicate efficiently How to set up and manage a network Businesses realized that networking technology could increase productivity while saving money.
3
Networking Devices
Equipment that connects directly to a network segment is referred to as a device. These devices are broken up into two classifications. end-user devices network devices End-user devices include computers, printers, scanners, and other devices that provide services directly to the user. Network devices include all the devices that connect the enduser devices together to allow them to communicate.
4
Repeater
A repeater is a network device used to regenerate a signal. Repeaters regenerate analog or digital signals distorted by transmission loss due to attenuation. A repeater does not perform intelligent routing.
Hub
Hubs concentrate connections. In other words, they take a group of hosts and allow the network to see them as a single unit. This is done passively, without any other effect on the data transmission. Active hubs not only concentrate hosts, but they also regenerate signals.
Bridge
Bridges convert network transmission data formats as well as perform basic data transmission management. Bridges, as the name implies, provide connections between LANs. Not only do bridges connect LANs, but they also perform a check on the data to determine whether it should cross the bridge or not. This makes each part of the network more efficient.
Workgroup Switch
Workgroup switches add more intelligence to data transfer management. Switches can determine whether data should remain on a LAN or not, and they can transfer the data to the connection that needs that data.
10
Router
Routers have all capabilities of the previous devices. Routers can regenerate signals, concentrate multiple connections, convert data transmission formats, and manage data transfers.They can also connect to a WAN, which allows them to connect LANs that are separated by great distances.
11
The Cloud
The cloud is used in diagrams to represent where the connection to the internet is. It also represents all of the devices on the internet.
12
Network Topologies
Network topology defines the structure of the network. One part of the topology definition is the physical topology, which is the actual layout of the wire or media. The other part is the logical topology,which defines how the media is accessed by the hosts for sending data.
13
Physical Topologies
14
Bus Topology
A bus topology uses a single backbone cable that is terminated at both ends. All the hosts connect directly to this backbone.
15
Ring Topology
A ring topology connects one host to the next and the last host to the first. This creates a physical ring of cable.
16
Star Topology
A star topology connects all cables to a central point of concentration.
17
18
Hierarchical Topology
A hierarchical topology is similar to an extended star.
19
Mesh Topology
A mesh topology is implemented to provide as much protection as possible from interruption of service. Each host has its own connections to all other hosts. Although the Internet has multiple paths to any one location, it does not adopt the full mesh topology.
20
22
LANs
23
24
25
WANs
26
SANs
A SAN is a dedicated, highperformance network used to move data between servers and storage resources. Because it is a separate, dedicated network, it avoids any traffic conflict between clients and servers.
27
28
Bandwidth
29
Measuring Bandwidth
30
31
32
The OSI Model will be used throughout your entire networking career!
Memorize it!
This layer deal with networking applications. Examples: Email Web browsers PDU - User Data
This layer is responsible for presenting the data in the required format which may include: Encryption Compression PDU - Formatted Data
39
40
After riding your new bicycle a few times in NewYork, you decide that you want to give it to a friend who lives in Munich,Germany. 42
Make sure you have the proper directions to disassemble and reassemble the bicycle.
43
Call your friend and make sure you have his correct address.
44
Disassemble the bicycle and put different pieces in different boxes. The boxes are labeled 1 of 3, 2 of 3, and 3 of 3. 45
Put your friend's complete mailing address (and yours) on each box.Since the packages are too big for your mailbox (and since you dont have enough stamps) you determine that you need to 46 go to the post office.
Upon examining the destination address, Munich post office determines that your boxes should be delivered to your written home address. 50
Your friend calls you and tells you he got all 3 boxes and he is having another friend named BOB reassemble the bicycle.
51
BOB is finished and presents the bicycle to your friend. Another way to say it is that your friend is finally getting him present.
53
Host Layers
7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical
55
These layers only exist in the source and destination host computers.
Media Layers
7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical These layers manage the information out in the LAN or WAN between the source and destination hosts.
56
57
Encapsulation Process
58
59
60
61
62
UTP Implementation
EIA/TIA specifies an RJ-45 connector for UTP cable. The RJ-45 transparent end connector shows eight colored wires. Four of the wires carry the voltage and are considered tip (T1 through T4). The other four wires are grounded and are called ring (R1 through R4). The wires in the first pair in a cable or a connector are designated as T1 & R1
63
Connection Media
The registered jack (RJ-45) connector and jack are the most common. In some cases the type of connector on a network interface card (NIC) does not match the media that it needs to connect to. The attachment unit interface (AUI) connector allows different media to connect when used with the appropriate transceiver. A transceiver is an adapter that converts one type of connection to another.
64
Ethernet Standards
The Ethernet standard specifies that each of the pins on an RJ-45 connector have a particular purpose. A NIC transmits signals on pins 1 & 2, and it receives signals on pins 3 & 6.
65
Remember
A straight-thru cable has T568B on both ends. A crossover (or cross-connect) cable has T568B on one end and T568A on the other. A console cable had T568B on one end and reverse T568B on the other, which is why it is also called a rollover cable.
66
Straight-Thru or Crossover
Use straight-through cables for the following cabling: Switch to router Switch to PC or server Hub to PC or server Use crossover cables for the following cabling: Switch to switch Switch to hub Hub to hub Router to router PC to PC Router to PC 67
68
69
Coaxial Cable
70
71
72
73
Cable Specifications
10BASE-T The T stands for twisted pair. 10BASE5 The 5 represents the fact that a signal can travel for approximately 500 meters 10BASE5 is often referred to as Thicknet. 10BASE2 The 2 represents the fact that a signal can travel for approximately 200 meters 10BASE2 is often referred to as Thinnet. All 3 of these specifications refer to the speed of transmission at 10 Mbps and a type of transmission that is baseband, or digitally interpreted. Thinnet and Thicknet are actually a type of networks, while 10BASE2 & 10BASE5 are the types of cabling used in these networks. 74
75
76
77
78
79
80
Repeater
A repeater is a network device used to regenerate a signal. Repeaters regenerate analog or digital signals distorted by transmission loss due to attenuation.Repeater is a Physical Layer device
82
This rule states that no more than four repeaters can be used between hosts on a LAN.
This rule is used to limit latency added to frame travel by each repeater.
83
Hub
Hubs concentrate connections.In other words, they take a group of hosts and allow the network to see them as a single unit. Hub is a physical layer device.
84
85
MAC Address
MAC address is 48 bits in length and expressed as twelve hexadecimal digits.MAC addresses are sometimes referred to as burned-in addresses (BIA) because they are burned into read-only memory (ROM) and are copied into random-access memory (RAM) when the NIC initializes.
86
Bridge
Bridges are Data Link layer devices.Connected host addresses are learned and stored on a MAC address table.Each bridge port has a unique MAC address
87
Bridges
88
Bridging Graphic
89
Switch
Switches are Data Link layer devices. Each Switch port has a unique MAC address. Connected host MAC addresses are learned and stored on a MAC address table.
90
Switching Modes
cut-through A switch starts to transfer the frame as soon as the destination MAC address is received. No error checking is available. Must use synchronous switching. store-and-forward At the other extreme, the switch can receive the entire frame before sending it out the destination port. This gives the switch software an opportunity to verify the Frame Check Sum (FCS) to ensure that the frame was reliably received before sending it to the destination. Must be used with asynchronous switching. fragment-free A compromise between the cut-through and store-and-forward modes. Fragment-free reads the first 64 bytes, which includes the frame header, and switching begins before the entire data field and checksum are read.
91
Full Duplex
Another capability emerges when only two nodes are connected. In a network that uses twisted-pair cabling, one pair is used to carry the transmitted signal from one node to the other node. A separate pair is used for the return or received signal. It is possible for signals to pass through both pairs simultaneously. The capability of communication in both directions at once is known as full duplex.
92
93
94
Microsegmentation
A switch is simply a bridge with many ports. When only one node is connected to a switch port, the collision domain on the shared media contains only two nodes. The two nodes in this small segment, or collision domain, consist of the switch port and the host connected to it. These small physical segments are called micro segments.
95
Peer-to-Peer Network
In a peer-to-peer network, networked computers act as equal partners, or peers. As peers, each computer can take on the client function or the server function. At one time, computer A may make a request for a file from computer B, which responds by serving the file to computer A. Computer A functions as client, while B functions as the server. At a later time, computers A and B can reverse roles. In a peer-to-peer network, individual users control their own resources. Peer-topeer networks are relatively easy to install and operate. As networks grow, peer-topeer relationships become increasingly difficult to coordinate.
96
Client/Server Network
In a client/server arrangement, network services are located on a dedicated computer called a server. The server responds to the requests of clients. The server is a central computer that is continuously available to respond to requests from clients for file, print, application, and other services. Most network operating systems adopt the form of a client/server relationship.
97
98
7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical Transport Internet Network Access Application
100
2 Models Side-By-Side
7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical Transport Internet Network Access
101
Application
102
The transport layer provides transport services from the source host to the destination host. It constitutes a logical connection between these endpoints of the network. Transport protocols segment and reassemble upper-layer applications into the same data stream between endpoints. The transport layer data stream provides end-to-end 103 transport services.
104
105
106
107
Flow Control
As the transport layer sends data segments, it tries to ensure that data is not lost. A receiving host that is unable to process data as quickly as it arrives could be a cause of data loss. Flow control avoids the problem of a transmitting host overflowing the buffers in the receiving host.
109
3-Way Handshake
TCP requires connection establishment before data transfer begins. For a connection to be established or initialized, the two hosts must synchronize their Initial Sequence Numbers (ISNs).
110
Basic Windowing
Data packets must be delivered to the recipient in the same order in which they were transmitted to have a reliable, connection-oriented data transfer. The protocol fails if any data packets are lost, damaged, duplicated, or received in a different order. An easy solution is to have a recipient acknowledge the receipt of each packet before the next packet is sent.
111
Sliding Window
112
113
114
TCP
Transmission Control Protocol (TCP) is a connection-oriented Layer 4 protocol that provides reliable full-duplex data transmission. TCP is part of the TCP/IP protocol stack. In a connection-oriented environment, a connection is established between both ends before the transfer of information can begin. TCP is responsible for breaking messages into segments, reassembling them at the destination station, resending anything that is not received, and reassembling messages from the segments.TCP supplies a virtual circuit between end-user applications. The protocols that use TCP include: FTP (File Transfer Protocol) HTTP (Hypertext Transfer Protocol) SMTP (Simple Mail Transfer Protocol) Telnet
115
116
UDP
User Datagram Protocol (UDP) is the connectionless transport protocol in the TCP/IP protocol stack. UDP is a simple protocol that exchanges datagrams, without acknowledgments or guaranteed delivery. Error processing and retransmission must be handled by higher layer protocols. UDP uses no windowing or acknowledgments so reliability, if needed, is provided by application layer protocols. UDP is designed for applications that do not need to put sequences of segments together. The protocols that use UDP include: TFTP (Trivial File Transfer Protocol) SNMP (Simple Network Management Protocol) DHCP (Dynamic Host Control Protocol) DNS (Domain Name System)
117
118
119
URL
120
121
122
123
125
127
Internet Addresses
IP Addressing is a hierarchical structure.An IP address combines two identifiers into one number. This number must be a unique number, because duplicate addresses would make routing impossible.The first part identifies the system's network address.The second part, called the host part, identifies which particular machine it is on the network.
128
IP Address Classes
IP addresses are divided into classes to define the large, medium, and small networks.
Class A addresses are assigned to larger networks. Class B addresses are used for medium-sized networks, & Class C for small networks.
129
130
131
132
Class A Addresses
The Class A address was designed to support extremely large networks, with more than 16 million host addresses available. Class A IP addresses use only the first octet to indicate the network address. The remaining three octets provide for host addresses.
133
Class B Addresses
The Class B address was designed to support the needs of moderate to large-sized networks.A Class B IP address uses the first two of the four octets to indicate the network address. The other two octets specify host addresses.
134
Class C Addresses
The Class C address space is the most commonly used of the original address classes.This address space was intended to support small networks with a maximum of 254 hosts.
135
Class D Addresses
The Class D address class was created to enable multicasting in an IP address. A multicast address is a unique network address that directs packets with that destination address to predefined groups of IP addresses. Therefore, a single station can simultaneously transmit a single stream of data to multiple recipients.
136
Class E Addresses
A Class E address has been defined. However, the Internet Engineering Task Force (IETF) reserves these addresses for its own research. Therefore, no Class E addresses have been released for use in the Internet.
137
IP Address Ranges
The graphic below shows the IP address range of the first octet both in decimal and binary for each IP address class.
138
IPv4
As early as 1992, the Internet Engineering Task Force (IETF) identified two specific concerns: Exhaustion of the remaining, unassigned IPv4 network addresses and the increase in the size of Internet routing tables. Over the past two decades, numerous extensions to IPv4 have been developed. Two of the more important of these are subnet masks and classless interdomain routing (CIDR).
139
140
Network Address
141
Broadcast Address
142
Public IP Addresses
Unique addresses are required for each device on a network. Originally, an organization known as the Internet Network Information Center (InterNIC) handled this procedure. InterNIC no longer exists and has been succeeded by the Internet Assigned Numbers Authority (IANA). No two machines that connect to a public network can have the same IP address because public IP addresses are global and standardized. All machines connected to the Internet agree to conform to the system. Public IP addresses must be obtained from an Internet service provider (ISP) or a registry at some expense.
144
Private IP Addresses
Private IP addresses are another solution to the problem of the impending exhaustion of public IP addresses.As mentioned, public networks require hosts to have unique IP addresses. However, private networks that are not connected to the Internet may use any host addresses, as long as each host within the private network is unique.
145
146
Introduction to Subnetting
Subnetting a network means to use the subnet mask to divide the network and break a large network up into smaller, more efficient and manageable segments, or subnets. With subnetting, the network is not limited to the default Class A, B, or C network masks and there is more flexibility in the network design. Subnet addresses include the network portion, plus a subnet field and a host field.The ability to decide how to divide the original host portion into the new subnet and host fields provides addressing flexibility for the network administrator.
147
148
149
150
151
152
ARP Request - Broadcast to all hosts What is the hardware address for IP address 128.0.10.4?
ARP Reply
SIE NS ME NIXDOR F SIEM ENS NIXDORF
153
Fig. 32 How does ARP work? (TI1332EU02TI_0004 The Network Layer, 47)
154
Fig. 33 The ARP command (TI1332EU02TI_0004 The Network Layer, 47)
Router
155
Fig. 34 Proxy-ARP concept (TI1332EU02TI_0004 The Network Layer, 49)
B A B
Broadcast Message to all: If your IP address matches B then please tell me your Ethernet address
Yes, I know the destination network, let me give you my Ethernet address
156
RARP
Reverse Address Resolution Protocol (RARP) associates a known MAC addresses with an IP addresses. A network device, such as a diskless workstation, might know its MAC address but not its IP address. RARP allows the device to make a request to learn its IP address. Devices using RARP require that a RARP server be present on the network to answer RARP requests.
157
BootP
The bootstrap protocol (BOOTP) operates in a client-server environment and only requires a single packet exchange to obtain IP information. However, unlike RARP, BOOTP packets can include the IP address, as well as the address of a router, the address of a server, and vendor-specific information. One problem with BOOTP, however, is that it was not designed to provide dynamic address assignment. With BOOTP, a network administrator creates a configuration file that specifies the parameters for each device.The administrator must add hosts and maintain the BOOTP database. Even though the addresses are dynamically assigned, there is still a one to one relationship between the number of IP addresses and the number of hosts. This means that for every host on the network there must be a BOOTP profile with an IP address assignment in it. No two profiles can have the same IP address.
158
DHCP
Dynamic host configuration protocol (DHCP) is the successor to BOOTP. Unlike BOOTP, DHCP allows a host to obtain an IP address dynamically without the network administrator having to set up an individual profile for each device. All that is required when using DHCP is a defined range of IP addresses on a DHCP server.As hosts come online, they contact the DHCP server and request an address. The DHCP server chooses an address and leases it to that host. With DHCP, the entire network configuration of a computer can be obtained in one message. This includes all of the data supplied by the BOOTP message, plus a leased IP address and a subnet mask. The major advantage that DHCP has over BOOTP is that it allows users to be mobile.
159
160
Introduction to Routers
A router is a special type of computer. It has the same basic components as a standard desktop PC. However, routers are designed to perform some very specific functions. Just as computers need operating systems to run software applications, routers need the Internetwork Operating System software (IOS) to run configuration files. These configuration files contain the instructions and parameters that control the flow of traffic in and out of the routers. The many parts of a router are shown below:
161
RAM
Random Access Memory, also called dynamic RAM (DRAM) RAM has the following characteristics and functions: Stores routing tables Holds ARP cache Holds fast-switching cache Performs packet buffering (shared RAM) Maintains packet-hold queues Provides temporary memory for the configuration file of the router while the router is powered on Loses content when router is powered down or restarted
162
NVRAM
Non-Volatile RAM NVRAM has the following characteristics and functions: Provides storage for the startup configuration file Retains content when router is powered down or restarted
163
Flash
Flash memory has the following characteristics and functions: Holds the operating system image (IOS) Allows software to be updated without removing and replacing chips on the processor Retains content when router is powered down or restarted Can store multiple versions of IOS software Is a type of electronically erasable, programmable ROM (EEPROM)
164
ROM
Read-Only Memory ROM has the following characteristics and functions: Maintains instructions for power-on self test (POST) diagnostics Stores bootstrap program and basic operating system software Requires replacing pluggable chips on the motherboard for software upgrades
165
Interfaces
Interfaces have the following characteristics and functions: Connect router to network for frame entry and exit Can be on the motherboard or on a separate module
Types of interfaces: Ethernet Fast Ethernet Serial Token ring ISDN BRI Loopback Console Aux
166
167
168
External Connections
169
Fixed Interfaces
When cabling routers for serial connectivity, the routers will either have fixed or modular ports. The type of port being used will affect the syntax used later to configure each interface. Interfaces on routers with fixed serial ports are labeled for port type and port number.
170
171
172
173
174
175
176
Cisco IOS
Cisco technology is built around the Cisco Internetwork Operating System (IOS), which is the software that controls the routing and switching functions of internetworking devices. A solid understanding of the IOS is essential for a network administrator.
177
179
Setup Mode
Setup is not intended as the mode for entering complex protocol features in the router. The purpose of the setup mode is to permit the administrator to install a minimal configuration for a router, unable to locate a configuration from another source. In the setup mode, default answers appear in square brackets [ ] following the question. Press the Enter key to use these defaults. During the setup process, Ctrl-C can be pressed at any time to terminate the process. When setup is terminated using Ctrl-C, all interfaces will be administratively shutdown. When the configuration process is completed in setup mode, the following options will be displayed: [0] Go to the IOS command prompt without saving this config. [1] Return back to the setup without saving this config. [2] Save this configuration to nvram and exit. 180 Enter your selection [2]:
181
182
185
186
187
188
189
190
191
192
Router Modes
193
194
195
196
When specific configuration modes are entered, the router prompt changes to indicate the current configuration mode. Typing exit from one of these specific configuration modes will return the router to global configuration mode. Pressing Ctrl-Z returns the router to all 197 the way back privileged EXEC mode.
199
200
201
202
Configuring Interfaces
An interface needs an IP Address and a Subnet Mask to be configured. All interfaces are shutdown by default. The DCE end of a serial interface needs a clock rate. Router#config t Router(config)#interface serial 0/1 Router(config-if)#ip address 200.100.50.75 255.255.255.240 Router(config-if)#clock rate 56000 (required for serial DCE only) Router(config-if)#no shutdown Router(config-if)#exit Router(config)#int f0/0 Router(config-if)#ip address 150.100.50.25 255.255.255.0 Router(config-if)#no shutdown Router(config-if)#exit Router(config)#exit Router# On older routers, Serial 0/1 would be just Serial 1 and f0/0 would be e0. s = serial e = Ethernet f = fast Ethernet
203
206
207
208
Ethernet Overview
Ethernet is now the dominant LAN technology in the world. Ethernet is not one technology but a family of LAN technologies. All LANs must deal with the basic issue of how individual stations (nodes) are named, and Ethernet is no exception. Ethernet specifications support different media, bandwidths, and other Layer 1 and 2 variations. However, the basic frame format and addressing scheme is the same for all varieties of Ethernet. 209
211
Layer 2 Framing
Framing is the Layer 2 encapsulation process. A frame is the Layer 2 protocol data unit. The frame format diagram shows different groupings of bits (fields) that perform other functions.
212
213
214
Collision Domains
To move data between one Ethernet station and another, the data often passes through a repeater. All other stations in the same collision domain see traffic that passes through a repeater. A collision domain is then a shared resource. Problems originating in one part of the collision domain will usually impact the entire collision domain.
215
CSMA/CD Graphic
216
Backoff
After a collision occurs and all stations allow the cable to become idle (each waits the full interframe spacing), then the stations that collided must wait an additional and potentially progressively longer period of time before attempting to retransmit the collided frame. The waiting period is intentionally designed to be random so that two stations do not delay for the same amount of time before retransmitting, which would result in more collisions.
217
218
219
In the IP network number that accompanies the network mask, when the host bits of the IP network number are:
All binary zeros that address is the bottom of the address range All binary ones that address is the top of the address range
Implementing VLSM
221
222
223
224
225
226
227
228
229
230
231
What Is CIDR?
Addresses are the same as in the route summarization figure, except that Class B network 172 has been replaced by Class C network 192. 232
CIDR Example
233
234
Anatomy of an IP Packet
IP packets consist of the data from upper layers plus an IP header. The IP header consists of the following:
235
Introducing Routing
Routing is the process that a router uses to forward packets toward the destination network. A router makes decisions based upon the destination IP address of a packet. All devices along the way use the destination IP address to point the packet in the correct direction so that the packet eventually arrives at its destination. In order to make the correct decisions, routers must learn the direction to remote networks.
236
237
238
Administrative Distance
The administrative distance is an optional parameter that gives a measure of the reliability of the route. The range of an AD is 0-255 where smaller numbers are more desireable. The default administrative distance when using next-hop address is 1, while the default administrative distance when using the outgoing interface is 0. You can statically assign an AD as follows:
242
243
Routing Protocol
Router
Switch
Router
244
Routing Protocols
Routing protocols includes the following: processes for sharing route information allows routers to communicate with other routers to update and maintain the routing tables Examples of routing protocols that support the IP routed protocol are: RIP, IGRP, OSPF, BGP, and EIGRP.
245
Routing Protocols
246
Routed Protocols
Protocols used at the network layer that transfer data from one host to another across a router are called routed or routable protocols. The Internet Protocol (IP) and Novell's Internetwork Packet Exchange (IPX) are examples of routed protocols. Routers use routing protocols to exchange routing tables and share routing information. In other words, routing protocols enable routers to route routed protocols.
247
Routed Protocols
248
Autonomous System
An Autonomous System (AS) is a group of IP networks, which has a single and clearly defined external routing policy.
EGP
Exterior Gateway Protocols are used for routing between Autonomous Systems
AS 1000
AS 3000
IGP AS 2000
Interior Gateway Protocols are used for routing decisions within an Autonomous System.
249
Fig. 48 IGP and EGP (TI1332EU02TI_0004 The Network Layer, 67)
AS 3000
AS 2000
250
Fig. 49 The use of IGP and EGP protocols (TI1332EU02TI_0004 The Network Layer, 67)
251
The distance vector routing approach determines the direction (vector) and distance to any link in the internetwork. The link-state approach, also called shortest path first, recreates the exact topology of the entire internetwork.
252
253
2 Hops 1 Hop
Router A Router B
1 Hop
Router C Router D
192.16.1.0
192.16.7.0
254
255
256
257
192.16.6.0
Router D
192.16.1.0
192.16.4.0
192.16.7.0
192.16.5.0
192.16.1.0 192.16.2.0
0 0
L L
0 0 0 0 0 0 1 1 1
L L L L L L A C C
0 0 0 0 0 0 1 1 1
L L L L L L B B D
192.16.6.0 192.16.7.0
0 0
L L
0 0 1 1
L L B B
0 0 1 1
L L C C
Locally connected
258
0 0 1 1 2 2 3
L L B B B B B
0 0 0 1 1 1 2
L L L A C C C
0 0 0 1 1 1 2
L L L B B D B
0 0 1 1 2 2 3
L L C C C C C
259
Fig. 53 Distribution of routing information with distance vector routing protocol (cont.) (TI1332EU02TI_0004 The Network Layer, 71)
RIPv1
Distance Vector Routing Protocol, classful Distribution of Routing Tables via broadcast to adjacent routers Only one kind of metric: Number of Hops Connections with different bandwidth can not be weighted Routing loops can occur -> bad convergence in case of a failure Count to infinity problem (infinity = 16) Maximum network size is limited by the number of hops
Fig. 59 Properties of RIPv1 (TI1332EU02TI_0004 The Network Layer, 81)
260
RIP Characteristics
261
RIP-1: 130.24.36.0
130.24.36.0/24
262
Fig. 60 RIP-1 permits only a single subnet mask (TI1332EU02TI_0004 The Network Layer, 83)
Router Configuration
The router command starts a routing process. The network command is required because it enables the routing process to determine which interfaces participate in the sending and receiving of routing updates. An example of a routing configuration is:
264
265
266
Routing loops can occur when inconsistent routing tables are not updated due to slow convergence in a changing network.
267
268
269
270
Route Poisoning
Route poisoning is used by various distance vector protocols in order to overcome large routing loops and offer explicit information when a subnet or network is not accessible. This is usually accomplished by setting the hop count to one more than the maximum.
271
Triggered Updates
New routing tables are sent to neighboring routers on a regular basis. For example, RIP updates occur every 30 seconds. However a triggered update is sent immediately in response to some change in the routing table. The router that detects a topology change immediately sends an update message to adjacent routers that, in turn, generate triggered updates notifying their adjacent neighbors of the change. When a route fails, an update is sent immediately rather than waiting on the update timer to expire. Triggered updates, used in conjunction with route poisoning, ensure that all routers know of failed routes before any holddown timers can expire.
272
273
274
IGRP
Interior Gateway Routing Protocol (IGRP) is a proprietary protocol developed by Cisco. Some of the IGRP key design characteristics emphasize the following: It is a distance vector routing protocol. Routing updates are broadcast every 90 seconds. Bandwidth, load, delay and reliability are used to create a composite metric.
275
Configuring IGRP
277
278
279
280
Router 1
281
282
2 4 Router B
Router E
A B C D E A C
B D E D E
C A B E
D C A B 283
285
286
287
288
Topology table:
Typically referred to as LSDB (routers and links in the area or network) All routers within an area have an identical LSDB
Routing table:
289
290
OSPF Terminology
The next several slides explain various OSPF terms -one per slide.
291
292
293
294
295
296
297
298
299
OSPF Areas
300
Area Terminology
301
LAN links:
Neighbors form an adjacency with the DR and BDR. Maintain two-way state with the other routers (DROTHERs).
Routing updates and topology information are only passed between adjacent routers.
302
OSPF Adjacencies
Routers build logical adjacencies between each other using the Hello Protocol. Once an adjacency is formed: LS database packets are exchanged to synchronize
each others LS databases. using these adjacencies.
304
306
307
Neighborship
308
309
310
311
312
313
314
315
316
317
Router OSPF subordinate command that defines the interfaces (by network number) that OSPF will run on. Each network number must be defined to a specific area.
322
323
show ip protocols
324
show ip ospf
Displays information about the OSPF neighbors, including Designated Router (DR) and Backup Designated Router (BDR) information on broadcast networks
325
326
327
328
show ip protocol
show ip route
329
330
331
Point-to-Point Links
Usually a serial interface running either PPP or HDLC May also be a point-to-point subinterface running Frame Relay or ATM No DR or BDR election required OSPF autodetects this interface type OSPF packets are sent using multicast 224.0.0.5
332
Generally LAN technologies like Ethernet and Token Ring DR and BDR selection required All neighbor routers form full adjacencies with the DR and BDR only Packets to the DR use 224.0.0.6 Packets from DR to all other routers use 224.0.0.5
333
Hello packets are exchanged via IP multicast. The router with the highest OSPF priority is selected as the DR. Use the OSPF router ID as the tie breaker. The DR election is nonpreemptive.
334
This interface configuration command assigns the OSPF priority to an interface. Different interfaces on a router may be assigned different values. The default priority is 1. The range is from 0 to 255. 0 means the router is a DROTHER; it cant be the DR or BDR.
335
336
Creation of Adjacencies
RouterA# debug ip ospf adj Point-to-point interfaces coming up: No election %LINK-3-UPDOWN: Interface Serial1, changed state to up OSPF: Interface Serial1 going Up OSPF: Rcv hello from 192.168.0.11 area 0 from Serial1 10.1.1.2 OSPF: End of hello processing OSPF: Build router LSA for area 0, router ID 192.168.0.10 OSPF: Rcv DBD from 192.168.0.11 on Serial1 seq 0x20C4 opt 0x2 flag 0x7 len 32 state INIT OSPF: 2 Way Communication to 192.168.0.11 on Serial1, state 2WAY OSPF: Send DBD to 192.168.0.11 on Serial1 seq 0x167F opt 0x2 flag 0x7 len 32 OSPF: NBR Negotiation Done. We are the SLAVE OSPF: Send DBD to 192.168.0.11 on Serial1 seq 0x20C4 opt 0x2 flag 0x2 len 72
337
338
339
Overview
Enhanced Interior Gateway Routing Protocol (EIGRP) is a Ciscoproprietary routing protocol based on Interior Gateway Routing Protocol (IGRP). Unlike IGRP, which is a classful routing protocol, EIGRP supports CIDR and VLSM. Compared to IGRP, EIGRP boasts faster convergence times, improved scalability, and superior handling of routing loops. Furthermore, EIGRP can replace Novell Routing Information Protocol (RIP) and AppleTalk Routing Table Maintenance Protocol (RTMP), serving both IPX and AppleTalk networks with powerful efficiency. EIGRP is often described as a hybrid routing protocol, offering the best of distance vector and link-state algorithms.
340
342
343
344
345
Neighbor Table
The neighbor table is the most important table in EIGRP. Each EIGRP router maintains a neighbor table that lists adjacent routers. This table is comparable to the adjacency database used by OSPF. There is a neighbor table for each protocol that EIGRP supports. When a neighbor sends a hello packet, it advertises a hold time. The hold time is the amount of time a router treats a neighbor as reachable and operational. In other words, if a hello packet is not heard within the hold time, then the hold time expires. When the hold time expires, the Diffusing Update Algorithm (DUAL), which is the EIGRP distance vector algorithm, is informed of the topology change and must recalculate the new topology.
346
Topology Table
The topology table is made up of all the EIGRP routing tables in the autonomous system. DUAL takes the information supplied in the neighbor table and the topology table and calculates the lowest cost routes to each destination. By tracking this information, EIGRP routers can identify and switch to alternate routes quickly. The information that the router learns from the DUAL is used to determine the successor route, which is the term used to identify the primary or best route. A copy is also placed in the topology table. Every EIGRP router maintains a topology table for each configured network protocol. All learned routes to a destination are maintained in the topology table.
347
Routing Table
The EIGRP routing table holds the best routes to a destination. This information is retrieved from the topology table. Each EIGRP router maintains a routing table for each network protocol. A successor is a route selected as the primary route to use to reach a destination.DUAL identifies this route from the information contained in the neighbor and topology tables and places it in the routing table. There can be up to four successor routes for any particular route. These can be of equal or unequal cost and are identified as the best loop-free paths to a given destination. A copy of the successor routes is also placed in the topology table. A feasible successor (FS) is a backup route.These routes are identified at the same time the successors are identified, but they are only kept in the topology table. Multiple feasible successors for a destination can be 348 retained in the topology table although it is not mandatory.
350
EIGRP Algorithm
The sophisticated DUAL algorithm results in the exceptionally fast convergence of EIGRP. Each router constructs a topology table that contains information about how to route to a destination network. Each topology table identifies the following: The routing protocol or EIGRP The lowest cost of the route, which is called Feasible Distance The cost of the route as advertised by the neighboring router, which is called Reported Distance The Topology heading identifies the preferred primary route, called the successor route (Successor), and, where identified, the backup route, called the feasible successor (FS). Note that it is not necessary to have an identified feasible successor.
351
352
DUAL Example
353
Configuring EIGRP
354
355
356
357
358
359
361
Administrative Distances
362
363
364
367
368
369
370
Creating ACLs
ACLs are created in the global configuration mode. There are many different types of ACLs including standard, extended, IPX, AppleTalk, and others. When configuring ACLs on a router, each ACL must be uniquely identified by assigning a number to it. This number identifies the type of access list created and must fall within the specific range of numbers that is valid for that type of list. Since IP is by far the most popular routed protocol, addition ACL numbers have been added to newer router IOSs. Standard IP: 1300-1999 Extended IP: 2000-2699 371
372
{ in | out }
373
ACL Example
374
377
378
379
380
381
382
Verifying ACLs
There are many show commands that will verify the content and placement of ACLs on the router. The show ip interface command displays IP interface information and indicates whether any ACLs are set. The show access-lists command displays the contents of all ACLs on the router. show access-list 1 shows just access-list 1. The show running-config command will also reveal the access lists on a router and the interface assignment information.
383
Standard ACLs
Standard ACLs check the source address of IP packets that are routed. The comparison will result in either permit or deny access for an entire protocol suite, based on the network, subnet, and host addresses. The standard version of the access-list global configuration command is used to define a standard ACL with a number in the range of 1 to 99 (also from 1300 to 1999 in recent IOS). If there is no wildcard mask. the default mask is used, which is 0.0.0.0. (This only works with Standard ACLs and is the same thing as using host.) The full syntax of the standard ACL command is:
Extended ACLs
Extended ACLs are used more often than standard ACLs because they provide a greater range of control. Extended ACLs check the source and destination packet addresses as well as being able to check for protocols and port numbers. The syntax for the extended ACL statement can get very long and often will wrap in the terminal window. The wildcards also have the option of using the host or any keywords in the command. At the end of the extended ACL statement, additional precision is gained from a field that specifies the optional Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) port number. Logical operations may be specified such as, equal (eq), not equal (neq), greater than (gt), and less than (lt), that the extended ACL will perform on specific protocols. Extended ACLs use an access-list-number in the range 100 to 199 (also from 2000 to 2699 in recent IOS). 385
386
387
ip access-group
The ip access-group command links an existing standard or extended ACL to an interface. Remember that only one ACL per interface, per direction, per protocol is allowed. The format of the command is:
389
Named ACLs
IP named ACLs were introduced in Cisco IOS Software Release 11.2, allowing standard and extended ACLs to be given names instead of numbers. The advantages that a named access list provides are: Intuitively identify an ACL using an alphanumeric name. Eliminate the limit of 798 simple and 799 extended ACLs Named ACLs provide the ability to modify ACLs without deleting them completely and then reconfiguring them. Named ACLs are not compatible with Cisco IOS releases prior to Release 11.2. The same name may not be used for multiple ACLs.
390
391
Placing ACLs
The general rule is to put the extended ACLs as close as possible to the source of the traffic denied. Standard ACLs do not specify destination addresses, so they should be placed as close to the destination as possible. For example, in the graphic a standard ACL should be placed on Fa0/0 of Router D to prevent traffic from Router A.
392
393
396
Subnet Mask is 255.255.255.0 Inverse Mask is 0.0.0.255 or subtract 150.75.129.0 from 150.75.129.255 to get 0.0.0.255 Router(config)# access-list 1 permit 150.75.129.0 0.0.0.255
400 (The implicit deny any ensures that everyone else is denied.)
Subnet Mask is 255.255.252.0 Inverse Mask is 0.0.3.255 or subtract 160.88.200.0 from 160.88.203.255 to get 0.0.3.255 Router(config)# access-list 1 deny 160.88.200.0 0.0.3.255 401 Router(config)# access-list 1 permit any
404
405
407
Permit 200.100.50.1,5,13,29,42,77
access-list 1 permit host 200.100.50.1 access-list 1 permit host 200.100.50.5 access-list 1 permit host 200.100.50.13 access-list 1 permit host 200.100.50.29 access-list 1 permit host 200.100.50.42 access-list 1 permit host 200.100.50.77
Sometimes a group of addresses has no pattern and the best way to deal with them is individually.
409 (The implicit deny any ensures that everyone else is denied.)
410
411
413
access-list 101 permit ip 200.100.50.0 0.0.0.255 150.75.0.0 0.0.255.255 Implicit deny ip any any
To allow 2 way traffic between the networks add this statement:
access-list 101 deny ip 200.100.50.0 0.0.0.255 150.75.0.0 0.0.255.255 access-list 101 permit ip any any
To deny 2 way traffic between the networks add this statement:
Deny FTP
Assume you do not want anyone FTPing on the network.
access-list 101 deny tcp any any eq 21 access-list 101 permit ip any any
or
access-list 101 deny tcp any any eq ftp access-list 101 permit ip any any
417
Deny Telnet
Assume you do not want anyone telnetting on the network.
access-list 101 deny tcp any any eq 23 access-list 101 permit ip any any
or
access-list 101 deny tcp any any eq telnet access-list 101 permit ip any any
418
access-list 101 deny tcp any any eq 80 access-list 101 permit ip any any
or
access-list 101 deny tcp any any eq www access-list 101 permit ip any any You can also use http instead of www.
419
Complicated Example #1
Suppose you have the following conditions: No one from Network 200.100.50.0 is allowed to FTP anywhere Only hosts from network 150.75.0.0 may telnet to network 50.0.0.0 Subnetwork 100.100.100.0/24 is not allowed to surf the internet
access-list 101 deny tcp 200.100.50.0 0.0.0.255 any eq 21 access-list 101 permit tcp 150.75.0.0 0.0.255.255 50.0.0.0 0.255.255.255 eq 23 access-list 101 deny tcp any any eq 23 access-list 101 deny tcp 100.100.100.0 0.0.0.255 any eq 80 access-list 101 permit ip any any
420
Complicated Example #2
Suppose you are the admin of network 200.100.50.0. You want to permit Email only between your network and network 150.75.0.0. You wish to place no restriction on other protocols like web surfing, ftp, telnet, etc. Email server send/receive Protocol: SMTP, port 25 User Check Email Protocol: POP3, port 110 This example assumes the your Email server is at addresses 200.100.50.25
access-list 101 permit tcp 200.100.50.0 0.0.0.255 150.75.0.0 0.0.255.255 eq 25 access-list 101 permit tcp 150.75.0.0 0.0.255.255 200.100.50.0 0.0.0.255 eq 25 access-list 101 permit tcp 200.100.50.0 0.0.0.255 200.100.50.0 0.0.0.255 eq 110 access-list 101 deny tcp any any smtp access-list 101 deny tcp any any pop3 421 access-list 101 permit ip any any
NAT
Network Address Translator
422
Fig. 3 NAT (TI1332EU02TI_0003 New Address Concepts, 7)
Private Network
Uses private address range (local addresses) Local addresses may not be used externally
Public Network
Uses public addresses Public addresses are globally unique 424
Fig. 4 How does NAT work? (TI1332EU02TI_0003 New Address Concepts, 9)
To be translated NAT
exclude
exclude
NAT Router
425
Fig. 5 Translation mechanism (TI1332EU02TI_0003 New Address Concepts, 9)
A timeout value (default 15 min) instructs NAT how long to keep an association in an idle state before returning the external IP address to the free NAT pool.
426
Fig. 8 How does NAT know when to return the public IP address to the pool? (TI1332EU02TI_0003 New Address Concepts, 15)
Inside Global
NAT uses an inside global address to represent the inside host as the packet is sent through the outside network, typically the Internet. A NAT router changes the source IP address of a packet sent by an inside host from an inside local address to an inside global address as the packet goes from the inside to the outside network.
427
Outside Local
NAT uses an outside local address to represent the outside host as the packet is sent through the private enterprise network. A NAT router changes a packets destination IP address, sent from an outside global address to an inside host, as the packet goes from the outside to the inside network.
428
WAN Router
Router
Router B
Router
Router LAN
Net B 192.50.20.0
192.50.20.5
429
Fig. 7 An example for NAT (TI1332EU02TI_0003 New Address Concepts, 13)
WAN
NAT with WAN interface: 138.76.28.4
Router SA = 138.76.28.4 DA =138.76.29.7 Router SA = 10.0.0.10 DA = 138.76.29.7 SA = 138.76.29.7 DA = 10.0.0.10 SA = 138.76.29.7 DA = 138.76.28.4 Router
138.76.29.7
Net A 10.0.0.0/8
10.0.0.10
430
Fig. 11 An example for NAPT (TI1332EU02TI_0003 New Address Concepts, 21)
Types Of NAT
There are different types of NAT that can be used, which are
Static NAT Dynamic NAT Overloading NAT with PAT (NAPT)
431
Static NAT
With static NAT, the NAT router simply configures a one-to-one mapping between the private address and the registered address that is used on its behalf.
432
Static NAT
433
Dynamic NAT
Like static NAT, the NAT router creates a oneto-one mapping between an inside local and inside global address and changes the IP addresses in packets as they exit and enter the inside network. However, the mapping of an inside local address to an inside global address happens dynamically.
434
Dynamic NAT
Dynamic NAT sets up a pool of possible inside global addresses and defines criteria for the set of inside local IP addresses whose traffic should be translated with NAT. The dynamic entry in the NAT table stays in there as long as traffic flows occasionally. If a new packet arrives, and it needs a NAT entry, but all the pooled IP addresses are in use, the router simply discards the packet.
435
PAT
Port Address Translator
436
Fig. 9 NAPT (TI1332EU02TI_0003 New Address Concepts, 17)
WAN
NAPT with WAN interface: 138.76.28.4
Router SA = 138.76.28.4, sport = 1024 DA =138.76.29.7, dpor t= 23 Router SA = 10.0.0.10, sport = 3017 DA = 138.76.29.7, dpor t= 23 SA = 138.76.29.7, spor t= 23 DA = 10.0.0.10, dport = 3017 SA = 138.76.29.7, spor t= 23 DA = 138.76.28.4, dport = 1024 Router
138.76.29.7
Net A 10.0.0.0/8
10.0.0.10
437
Fig. 11 An example for NAPT (TI1332EU02TI_0003 New Address Concepts, 21)
PAT with e.g. single public IP address PAT with e.g. aasingle public IP address
pool of TU port numbers local IP @, registered IP @, local TU port # mapping assigned TU port #
TU....TCP/UDP
438
Fig. 10 NAPT (TI1332EU02TI_0003 New Address Concepts, 19)
NAT&PAT
Network Address Translation & Port Address Transation
439
Fig. 3 NAT (TI1332EU02TI_0003 New Address Concepts, 7)
Private Network
Uses private address range (local addresses) Local addresses may not be used externally
Public Network
Uses public addresses Public addresses are globally unique 441
Fig. 4 How does NAT work? (TI1332EU02TI_0003 New Address Concepts, 9)
private addresses
translate reserve pool map
public addresses
To be translated NAT
exclude
exclude
NAT Router
442
Fig. 5 Translation mechanism (TI1332EU02TI_0003 New Address Concepts, 9)
A timeout value (default 15 min) instructs NAT how long to keep an association in an idle state before returning the external IP address to the free NAT pool.
443
Fig. 8 How does NAT know when to return the public IP address to the pool? (TI1332EU02TI_0003 New Address Concepts, 15)
WAN Router
Router
Router B
Router
Router LAN
Net B 192.50.20.0
192.50.20.5
445
Fig. 7 An example for NAT (TI1332EU02TI_0003 New Address Concepts, 13)
WAN
NAT with WAN interface: 138.76.28.4
Router SA = 138.76.28.4 DA =138.76.29.7 Router SA = 10.0.0.10 DA = 138.76.29.7 SA = 138.76.29.7 DA = 10.0.0.10 SA = 138.76.29.7 DA = 138.76.28.4 Router
138.76.29.7
Net A 10.0.0.0/8
10.0.0.10
446
Fig. 11 An example for NAPT (TI1332EU02TI_0003 New Address Concepts, 21)
Types Of NAT
There are different types of NAT that can be used, which are
Static NAT Dynamic NAT Overloading NAT with PAT (NAT Over PAT)
447
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
Static NAT
With static NAT, the NAT router simply configures a one-to-one mapping between the private address and the registered address that is used on its behalf.
448
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
Static NAT
449
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
See Example
450
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
Dynamic NAT
Like static NAT, the NAT router creates a oneto-one mapping between an inside local and inside global address and changes the IP addresses in packets as they exit and enter the inside network. However, the mapping of an inside local address to an inside global address happens dynamically.
451
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
Dynamic NAT
Dynamic NAT sets up a pool of possible inside global addresses and defines criteria for the set of inside local IP addresses whose traffic should be translated with NAT. The dynamic entry in the NAT table stays in there as long as traffic flows occasionally. If a new packet arrives, and it needs a NAT entry, but all the pooled IP addresses are in use, the router simply discards the packet.
452
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
See Example
453
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
PAT
Port Address Translator
454
Fig. 9 NAPT (TI1332EU02TI_0003 New Address Concepts, 17)
WAN
NAPT with WAN interface: 138.76.28.4
Router SA = 138.76.28.4, sport = 1024 DA =138.76.29.7, dpor t= 23 Router SA = 10.0.0.10, sport = 3017 DA = 138.76.29.7, dpor t= 23 SA = 138.76.29.7, spor t= 23 DA = 10.0.0.10, dport = 3017 SA = 138.76.29.7, spor t= 23 DA = 138.76.28.4, dport = 1024 Router
138.76.29.7
Net A 10.0.0.0/8
10.0.0.10
455
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
PAT with e.g. single public IP address PAT with e.g. aasingle public IP address
pool of TU port numbers local IP @, registered IP @, local TU port # mapping assigned TU port #
TU....TCP/UDP
456
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
PAT Configuration
Specify inside addresses to be translated
Router(config)#IP Nat inside source list [standard Access List number] pool [NAT Pool Name] overload
See Example
457
Fig. 2 Address shortage and possible solutions (TI1332EU02TI_0003 New Address Concepts, 5)
458
459
460
461
Today's LAN
462
463
464
Collision Domains
465
466
467
468
469
Switching Methods
1. Store-and-Forward The entire frame is received before any forwarding takes place. Filters are applied before the frame is forwarded. Most reliable and also most latency especially when frames are large. 2. Cut-Through The frame is forwarded through the switch before the entire frame is received. At a minimum the frame destination address must be read before the frame can be forwarded. This mode decreases the latency of the transmission, but also reduces error detection. 3. Fragment-Free Fragment-free switching filters out collision fragments before forwarding begins. Collision fragments are the majority of packet errors. In a properly functioning network, collision fragments must be smaller than 64 bytes. Anything > 64 bytes is a valid packet and is usually received without error.
470
471
Benefits of Switching
472
To compare the destination address with a table of addresses stored within it The CAM stores host MAC addresses and associated port numbers. The CAM compares the received destination MAC address against the CAM table contents. If the comparison yields a match, the port is provided, and switching control 474 forwards the packet to the correct port and address.
475
Microsegmentation of a Network
476
Microsegmentation
477
3 Methods of Communication
478
479
Broadcast Domain
480
481
Overview
To design reliable, manageable, and scalable networks, a network designer must realize that each of the major components of a network has distinct design requirements. Good network design will improve performance and also reduce the difficulties associated with network growth and evolution. The design of larger LANs includes identifying the following: An access layer that connects end users into the LAN A distribution layer that provides policy-based connectivity between end-user LANs A core layer that provides the fastest connection between the distribution points Each of these LAN design layers requires switches that are best 482 suited for specific tasks.
483
484
485
486
487
488
489
The System LED shows whether the system is receiving power and functioning correctly. The RPS LED indicates whether or not the remote power supply is in use. The Mode LEDs indicate the current state of the Mode button. The Port Status LEDs have different meanings, depending on the current 491 value of the Mode LED.
492
493
496
497
498
Overview
Redundancy in a network is extremely important because redundancy allows networks to be fault tolerant. Redundant topologies based on switches and bridges are susceptible to broadcast storms, multiple frame transmissions, and MAC address database instability. Therefore network redundancy requires careful planning and monitoring to function properly. The Spanning-Tree Protocol is used in switched networks to create a loop free logical topology from a physical topology that has loops.
499
500
Broadcast Storms
Broadcasts and multicasts can cause problems in a switched network. Multicasts are treated as broadcasts by the switches. Broadcasts and multicasts frames are flooded out all ports, except the one on which the frame was received. The switches continue to propagate broadcast traffic over and over. This is called a broadcast storm. This will continue until one of the switches is disconnected. The network will appear to be down or extremely slow.
501
502
503
504
505
NOTE:
Dont confuse Spanning Tree Protocol (STP) with Shielded Twisted Pair (STP).
506
507
508
BDPUs
BPDUs contain enough information so that all switches can do the following: Select a single switch that will act as the root of the spanning tree Calculate the shortest path from itself to the root switch Designate one of the switches as the closest one to the root, for each LAN segment. This bridge is called the designated switch. The designated switch handles all communication from that LAN towards the root bridge. Each non-root switch choose one of its ports as its root port, this is the interface that gives the best path to the root switch. Select ports that are part of the spanning tree, the designated ports. Non-designated ports are blocked.
510
511
512
514
515
VLANs
VLAN implementation combines Layer 2 switching and Layer 3 routing technologies to limit both collision domains and broadcast domains. VLANs can also be used to provide security by creating the VLAN groups according to function and by using routers to communicate between VLANs. A physical port association is used to implement VLAN assignment. Communication between VLANs can occur only through the router. This limits the size of the broadcast domains and uses the router to determine whether one VLAN can talk to another VLAN. NOTE: This is the only way a switch can break up a broadcast domain!
516
517
VLAN Communication
518
Static VLANs
All users attached to same switch port must be in the same VLAN.
520
521
522
523
524
Remote SPAN VLANs -----------------------------------------------------------------------------526 Primary Secondary Type Ports ------- --------- ----------------- ------------------------------------------
Displays the MAC address table information for the specified interface in the specified VLAN
527
528
2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.02-528
VLAN Trunking
529
530
ISL Encapsulation
Performed with ASIC Not intrusive to client stations; client does not see the header Effective between switches, and between routers and switches
531
532
VLANs allowed on trunk 1-1005 VLANs allowed and active in management domain 1-2,1002-1005 VLANs in spanning tree forwarding state and not pruned 1-2,1002-1005
534
802.1Q Trunking
535
Switch(config)#interface fastethernet 5/8 Switch(config-if)#shutdown Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport trunk allowed vlan 1,15,11,1002-1005 Switch(config-if)#switchport mode trunk Switch(config-if)#switchport nonegotiate Switch(config-if)#no shutdown
536
537
538
2003, Cisco Systems, Inc. All rights reserved. BCMSN 2.02-538
539
VTP Modes
Creates, modifies, and deletes VLANs Sends and forwards advertisements Synchronizes VLAN configurations Saves configuration in NVRAM Cannot create, change, or delete VLANs Forwards advertisements Synchronizes VLAN configurations Does not save in NVRAM
Creates, modifies, and deletes VLANs locally only Forwards advertisements Does not synchronize VLAN configurations Saves configuration in NVRAM 540
VTP Operation
VTP advertisements are sent as multicast frames. VTP servers and clients are synchronized to the latest update identified revision number. VTP advertisements are sent every 5 minutes or when there is a change.
541
VTP Pruning
Increases available bandwidth by reducing unnecessary flooded traffic Example: Station A sends broadcast, and broadcast is flooded only toward any switch with ports assigned to the red VLAN.
542
Be cautious when adding a new switch into an existing domain. Add a new switch in a Client mode to get the last up-to-date information from the network then convert it to Server mode. Add all new configurations to switch in transparent mode and check your configuration well then convert it to Server mode to prevent the switch from propagating incorrect VLAN information.
543
545
Switch#show vtp status VTP Version : 2 Configuration Revision : 247 Maximum VLANs supported locally : 1005 Number of existing VLANs : 33 VTP Operating Mode : Client VTP Domain Name : Lab_Network VTP Pruning Mode : Enabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80 Configuration last modified by 0.0.0.0 at 8-12-99 15:04:49 Switch#
546
Summary advts received from non-pruning-capable device ---------------- ---------------- ---------------- --------------------------Fa5/8 43071 42766 5 547
548
Contents
Remote access overview WAN Connection Types Defining WAN Encapsulation Protocols Determining the WAN Type to Use OSI Layer-2 Point-to-Point WANs
PPP HDLC Frame Relay
549
551
Circuit switching
Sets up line like a phone call. No data can transfer before the end-to-end connection is established.
552
Bandwidth
Determining usage over the WAN is important to evaluate the most cost-effective WAN service.
Cost
Making a compromise between the traffic you need to transfer and the type of service with the available cost that will suit you.
556
Application Traffic
Traffic may be as small as during a terminal session , or very large packets as during file transfer.
557
HDLC
HDLC performs OSI Layer-2 functions. It determines when it is appropriate to use the physical medium. Ensures that the correct recipient receives and processes the data that is sent. Determines whether the sent data was received correctly or not (error detection).
560
HDLC
HDLC Frame Format
The original HDLC didnt include any Protocol Type field, every company (including Cisco) added its own field, so it became a proprietary protocol that can be used between only Cisco routers.
561
563
564
PAP Authentication
565
CHAP Authentication
566
Compression
Compression enables higher data throughput across the link. Different compression schemes are available:
Predictor : checks if the data was already compressed. Stacker : it looks at the data stream and only sends each type of data once with information about where the type occurs and then the receiving side uses this information to reassemble the data stream. MPPC (Microsoft Point-to-Point Compression) : allows Cisco routers to compress data with Microsoft clients.
567
PPP Multilink
PPP Multilink provides load balancing over dialer interfaces-including ISDN, synchronous, and asynchronous interfaces. This can improve throughput and reduce latency between systems by splitting packets and sending fragments over parallel circuits.
568
Error Detection
PPP can take down a link based on the value of what is called LQM (Link Quality Monitor) as it gets the ratio of corrupted packets to the total number of sent packets, and according to a predetermined value, the link can be brought down if it is thought that its performance is beyond limits accepted.
569
To configure Compression
Router(Config-if)#compress [predictor|stack|mppc]
571
Frame Relay
572
2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.02-572
573
Frame Relay
The switch examines the frame sent by the router that has a header containing an address called DLCI (Data Link Control Identifier) and then switches the frame based on the DLCI till it reaches the router on the other side of the network.
574
Frame Relay
Frame Relay networks use permanent virtual circuits (PVCs) or switched virtual circuits (SVCs) but most nowadays Frame Relay networks use permanent virtual circuits (PVCs). The logical path between each pair of routers is called a Virtual Circuit (VC). VCs share the access link and the frame relay network.
Each VC is committed to a CIR (Committed Information Rate) which is a guarantee by the provider that a particular VC gets at least this much of BW.
575
PVC PC CPE Controller Router ISDN dial-up connection or direct connection (V.35, E1, RS232) Switch Port UNI PVC PVC SVC SVC
PBX
Video
Network access
576
LMI
The most important LMI message is the LMI status inquiry message. Status messages perform two key functions:
Perform a keepalive function between the DTE and DCE. If the access link has a problem, the absence of keepalive messages implies that the link is down. Signal whether a PVC is active or inactive. Even though each PVC is predefined, its status can change.
578
LMI
Three LMI protocol options are available in Cisco IOS software: Cisco, ITU, and ANSI. Each LMI option is slightly different and therefore is incompatible with the other two.
579
LAPF
A Frame Relay-connected router encapsulates each Layer 3 packet inside a Frame Relay header and trailer before it is sent out an access link. The header and trailer are defined by the Link Access Procedure Frame Bearer Services (LAPF) specification. The LAPF framing provides error detection with an FCS in the trailer, as well as the DLCI, DE, FECN, and BECN fields in the header.
580
LAPF
DTEs use and react to the fields specified by these two types of encapsulation, but Frame Relay switches ignore these fields. Because the frames flow from DTE to DTE, both DTEs must agree to the encapsulation used. However, each VC can use a different encapsulation. In the configuration, the encapsulation created by Cisco is called cisco, and the other one is called ietf.
581
DLCI=32
DLCI=17
FR-network
DLCI=16 DLCI=16 DLCI=21 R
584
586
Layer 3 Addressing
Ciscos Frame Relay implementation defines three different options for assigning subnets and IP addresses on Frame Relay interfaces:
One subnet containing all Frame Relay DTEs One subnet per VC A hybrid of the first two options
588
589
590
591
592
593
Hybrid Terminology
Point-to-point subinterfaces are used when a single VC is considered to be all that is in the groupfor instance, between Routers A and D and between Routers A and E. Multipoint subinterfaces are used when more than two routers are considered to be in the same group for instance, with Routers A, B, and C.
594
Hybrid Terminology
595
Hybrid Terminology
596
597
Mapping Methods
Mapping can be done either two ways: Dynamic Mapping
Using the Inverse ARP that is enabled by default on Cisco routers.
Static Mapping
Using the frame-relay map command but you should first disable the inverse arp using the command no frame-relay inverse-arp
598
599
600
601
602
2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.02-602
ISDN Protocols
603
604
605
607
609
611
612
613
Configuring SPIDs
You might need to configure the Service Profile Identifier (SPID) for one or both B channels, depending on the switchs expectations. When the telco switch has configured SPIDs, it might not allow the BRI line to work unless the router announces the correct SPID values to the switch. SPIDs, when used, provide a basic authentication feature.
616
618
619
Configuring a T1 or E1 Controller
Your service provider will tell you what encoding and framing to configure on the router. Also, in almost every case, you will use all 24 DS0 channels in the PRI23 B channels and the D channel.
620
622
623
With all my best wishes for you to succeed and distinguish in the CCNA International Exam, Keep In touch
624