You are on page 1of 86

CISCO CERTIFIED NETWORK ASSOCIATE (640-802)

Introduction to CCNA Exam

Cisco Certified Network Associate (CCNA) 640-802


Interconnecting Cisco Network Devices -1 (ICND-1) 640-822
Interconnecting Cisco Network Devices -2 (ICND-2) 640-816
ICND-1 + ICND-2 CCNA
Pass ICND-1 Cisco Certified Entry-Level Network Technician
(CCENT)
CCENT + Pass ICND-2 CCNA
CCNA EXAM FEE 295 USD
ICND1 EXAM FEE 150 USD

ICND2 EXAM FEE 150 USD

Passing Score 825/1000


Questions 45-55
Duration 90 minutes

Cisco Icons and Symbols

OSI Model Overview


OSI was recommended by ISO in the early 1980s.
OSI facilitates products of different vendors could interoperable
in a network.

OSI Model Overview


The 7 layers of the OSI models can be divided into upper and
lower layers.
Application Layer

Presentation Layer

Upper Layer

Session Layer
Transport

Middle Layer

Network Layer

Data-Link

Bottom Layer

Physical
Protocol Data Units (PDUs) at different layer of OSI model:
Transport Segments
Network

Packets

Data-link Frames
Physical

Bits or raw bit stream

Layer 7: Application LayerNetwork Process to Application.


Functions:
1. Defines the interfaces for communication and data transfer.
2. Provides and support services such as job transfer, handles
network access, e-mail, supports user applications and error
recovery.
Protocols: FTP, DNS, SNMP, SMTP, FINGER, TELNET, TFTP, BOOTP,
HTTP and SMB.
Network Devices: Gateway network device.
Layer 6:Presentation Layer
Functions:
1. Presents the data into a uniform format.

2. Masks the difference of data format between two dissimilar


systems.
3. Translates the data from application to the network format.
4. Responsible for the protocol conversion, encryption,
decryption and data compression.
5. Best layer for cryptography.
Network Devices: Gateway Redirector.

Layer 5: Session Layer


Functions:
1. Establish and manages the session between the two users at
different ends in a network.
2. Manages who can transfer the data in a certain amount of
time and for how long.
3. Session layer reconnect the session if it disconnects.
4. It reports and logs the upper layer errors.
Protocols: NetBIOS, Mail Slots, Names Pipes, and RPC.
Network Devices: Gateway

Layer 4: Transport Layer

Functions:
1. Manages end to end message delivery in a network.
2. Provides the error checking and hence guarantees that no
duplication or errors are occurring in the data transfers
across the network.
3. Provides the acknowledgement of the successful data
transmission and retransmits the data if no error free data
was transferred.
4. Provides and error handling and connectionless oriented data
deliver in the network.
Protocols: TCP, SPX, NETBIOS, ATP and NWLINK.
Network Devices:

Brouter, Gateway and Cable tester.

Layer 3: Network Layer


Functions:
1. Determines that how data transmits between the network
devices.
2. Translates the logical address into the physical address
e.g. computer name/ip address into MAC address.
3. Responsible for defining the route, managing the network
problems and addressing.
4. Router works on the network layer and if a sending device
does not break the data into the smaller packets then
network layer split the data into the smaller units and at
the receiving end the network layer reassemble the data.
5. Network layer routes the packets according to the unique
network addresses.
Protocols: IP, ICMP, ARP, RIP, OSI, IPX and OSPF.
Network Devices: Router, Brouter, Frame Relay device, ATM switch
devices, and Layer-3 switch

Layer 2:Data Link Layer


Functions:
1. Defines procedures for operating the communication links.

2. Error Detection.
3. Frames packets.
4. Detects and corrects packets transmit errors (Cyclic

Redundancy Check).
Protocols:
Logical Link Control
error detection and flow control
manages link control.
Media Access Control
communicates with the adapter card
controls the type of media being used:
802.3 Carrier Sense Multiple Access/Collision Detection (CSMA/CD)
802.4 Token Bus (ARCnet)
802.5 Token Ring
802.12 Demand Priority

Network Devices: Bridge, Switch, ISDN Router, Intelligent Hub,


NIC, and Advanced Cable Tester
MAC address is a Hexadecimal 48 bit.
Physical address, hardware address, Burnt-in-Address (BIA)
First 24 bits OUI (Organizationally Unique Identifier)
Last 24 bits Vendor ID
http://standards.ieee.org/develop/regauth/oui/public.html
Layer 1: Physical Layer
Functions:
1. Defines and cables, network cards and physical aspects.
2. Defines raw bit stream on the physical media.
3. Provides the interface between network and network
communication devices.
4. Responsible for how many volts for 0 and how many for 1.
5. Checks the number of bits transmitted per second and two
ways or one way transmission.
6. Physical layer also dealing with the optical, mechanical and
electrical features.
Protocols: ISDN, IEEE 802 and IEEE 802.2
Network Devices: Hubs, Repeaters, Oscilloscope and Amplifier.
####Interview Questions####
1). What is "Segment"?
"Segment" is a PDU (Protocol Data Unit) of Transport layer of OSI
model
2). What is the PDU of "Network layer" and "Data link layer".

PDU for Network Layer is: "Packet" and PDU for Data Link Layer is
:"Frame"
3). You have one IP: 192.168.10.29. In which layer this IP works?
Network layer.
4). You are in home. But you need to access the office server
router. How can you do that?
By using "Telnet"
5). DNS uses which protocol? Why?
DNS uses both TCP or UDP or both. UDP can handle only 512bytes.
If data size is withing 512 bytes UDP is used, otherwise, TCP is
used.
6). Which layer is closer to the user?
Upper layer i.e. Application layer is closer to the user.

7). Differentiate between forward lookup and reverse lookup in


DNS?

Forward lookup is: name-to-ipaddress,

Reverse lookup is: ipaddress-to-name.

8). what are the difference between TCP and UDP?

TCP: Connection oriented protocol, acknowledged one, Point


to point communication.
UDP: Connection less protocol, unreliable, less traffic

9) What is IPSec?
IPSec is "Internet Protocol Security". It is a suite of protocols
for securing Internet Protocol(IP) communications.
10). What is the way to establish a TCP connection?

By using acknowledgement.
11). What is the difference between flow control and error
control?

Flow control: adjust and confirm data flow rate for


successful transmission.
Error Control: a way to recover corrupted data .

12). Mark one of the most important difference between TCP and
UDP.
TCP is a connection-oriented and UDP is a connection-less
protocol
13). Mention one real place to use TCP/IP.
LAN cards
14). what are the responsibilities of Network Layer?

Logical addressing

Best effort delivery

15). Data link layer is sub-divide into how many groups?

2 sub-divided groups: MAC Layer and LLC layer

MAC: Media Access Control/Medium Access Control

LLC: Logical Link Control

16). What is the port number of Telnet and DNS?


Telnet = 23 and DNS = 53
17). What is the port number of ftp(data) and ftp?
ftp(data) = 20 and ftp=21
18). ARP resolves what? Address or IP?
ARP stands for Address Resolution Protocol. It helps to find the
hardware address or MAC address when IP address is known.

19). Which layer of OSI is responsible for end-to-end


communication?
Transport layer.
20). Why we have to use router?
To communicate several networks, routers are used. Routers have
both broadcast domain and collision domain.
21). RARP resolves what? Address or IP?
RARP stands for Reverse Address Resolution Protocol. It helps to
find the IP address when physical or hardware or MAC address is
known.
22). What is the full form of OSI and TCP/IP model?

OSI stands for = Open Systems Interconnection (OSI) model

TCP/IP stands for = Transmission Control Protocol/ Internet


Protocol

23). What are the differences between OSI and TCP/IP model?
Important differences are:
OSI is a reference model and TCP/IP is an implementation of OSI
model.
OSI has 7 layers whereas TCP/IP has only 4 layers
The upper 3 layers of the OSI model is combined on the TCP/IP
model.
OSI has: physical layer, data link layer, network layer,
transport layer, session layer, presentation layer and
application layer TCP/IP has : Network layer, Internet layer,
transport layer and application layer.
24). What are the differences among router, switch, bridge and
hub?
All of them are devices and are used in network. Their
differences are:

Router: Layer 3 device, can work on physical, data and


network layer.

Switch: Layer 2 device, can work on data link layer

Bridge: Layer 2 device, can work on data link layer.

Hub: Layer 1device, just a multi-port repeater and works on


physical layer

25). Switch operates on which layer of OSI model?


Normal switch operates at Layer 2 i.e. data link layer and
Intelligent switch operates at Layer 3 i.e. network layer.
26). What is the upper layer name of OSI layer?
Application layer.
27). Name 4 example of application layer?
DNS, FTP, Telnet, http
28). How does ARP response the request?
ARP sents the request in broadcast, response is unicast
29). Error control is done in which layer?
Layer 4
30). Name the 2 sublayers of data link layer.
MAC sublayer and LLC sublayer
31). How is data send by IP layer?
IP layer PDU is "packet". So, data is send as packet.
32). What is the data unit of "Transport layer"?
Segment
33). What are the differences of MAC sublayer and LLC sublayer?

In fact, Data Link layer has 2 sublayes: MAC sublayer & LLC
sublayer.

MAC sublayer(802.3): defines how to transmit data on


physical layer

LLC sublayer(802.2): responsible for identifying different


protocol logically & encapsulate them.

34). As a CCNA candidate, you must know the various layers of the
OSI model. At which layers of the OSI Model do Wide Area Networks
operate in? (Choose two)
A. Physical Layer
B. Datalink Layer
C. Network Layer
D. Session Layer
E. Transport Layer
F. Presentation Layer
G. Application Layer
Ans: A and B

35). While troubleshooting a connectivity problem on the network,


you issue the ping command from your PC command prompt, but the
output shows "request times out." At which OSI layer is this
problem associated with?
A. The data link layer
B. The application layer
C. The access layer
D. The session layer
E. The network layer
Ans: E
36). You download a file from an FTP site on the Internet. What
is the highest layer in the OSI model used in this FTP operation?
A. Application
B. Presentation
C. Session
D. Transport
E. Internet
F. Data Link
G. Physical

Ans: A
37). A host computer has been correctly configured with a static
IP address, but the default gateway is incorrectly set. Which
layer of the OSI model will be first affected by this
configuration error?
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4
E. Layer 5
F. Layer 6
E. Layer 7
Ans: C38). Which layer of the OSI reference model is responsible
for ensuring reliable end-to-end delivery of data?
A.
B.
C.
D.
E.
F.

Application
Presentation
Session
Transport
Network
Data-Link

Ans: D
####IP ADDRESSING####
Internet protocol address is a logical address, assigned to ip
hosts for unique identification.
Number system
Binary 0 and 1
Decimal 0 to 9
Hexadecimal 0 to 9 and A to F
Convert decimal to binary
Convert binary to decimal
Convert binary to hexadecimal
Convert the following decimal numbers into binary

128 10000000
192 11000000
224 11100000
240 11110000
248 11111000
252 11111100
254 11111110
255 11111111
IP Addressing scheme was developed by Internet Assigned Numbers
Authority (IANA)
Two Versions of IP Address
IPV4 32 bit address
IPV6 128 bit address
IPV4 Address
It is a 32-bit logical address. Represented in decimal, binary,
or hexadecimal number system. Separated by period.
Eg: 192.168.10.20
11000000.10101000.00001010.00010100
Classes
Class A 1 to 126
Class B 128 to 191
Class C 192 to 223
Class D 224 to 239 Multicasting
Class E 240 to 255 R&D

0.0.0.0 reserved for Default routing


127 reserved for loopback diagnostic purpose

Bit variation
1.0.0.0
1.0.0.1
1.0.0.2

1.0.0.255
1.0.1.0
1.0.1.1
1.0.1.2
1.0.1.3

1.0.1.255
1.0.2.0
1.0.2.1

1.0.2.2
1.0.2.255

1.0.255.255
1.1.0.0

1.1.0.1
1.1.0.2

1.1.0.255
1.1.1.0
1.1.1.1
1.1.1.2

1.1.1.255
1.1.2.255

1.1.255.255
1.2.0.0

1.255.255.255
2.0.0.0

Default Subnet Mask:


Subnet mask defines the host portion and network portion of an ip
address.
0 bits are host bits
1 bits are network bits
Class A

NETWORK BIT

HOST BIT

HOST BIT

HOST BIT

11111111.00000000.00000000.00000000
255.0.0.0
Class B
NETWORK BIT

NETWORK BIT

HOST BIT

HOST BIT

11111111.11111111.00000000.00000000
255.255.0.0
Class C
NETWORK BIT

NETWORK BIT

NETWORK BIT

11111111.11111111.11111111.00000000
255.255.255.0

1)192.168.10.50
255.255.255.0

3)172.16.10.25
255.255.0.0

5)10.25.36.98
255.0.0.0

2)192.168.90.25
255.255.255.0

4)172.16.90.25
255.255.0.0

6)10.68.52.47
255.0.0.0

HOST BIT

Network Address: If all the host bit portion of an ip address is


zero, it is called network address
Eg: 192.168.20.0
255.255.255.0
Broadcast Address: If all the host bit portion of an ip address
is 1, it is called broadcast address
Eg: 192.168.20.255
255.255.255.0

Imp Note: We cannot assign network address and broadcast


addresses to the computers/hosts.
9.0.9.0
255.0.0.0
Ip address : 00001001.00000000.00001001.00000000
Subnet mask: 11111111.00000000.00000000.00000000

Private IP Address Range:


Class A 10.0.0.0 to 10.255.255.255
Class B 172.16.0.0 to 172.31.255.255
Class C 192.168.0.0 to 192.168.255.255
Note: Private ip addresses are non-routable ip addresses.
Non-registered IP addresses.

SUBNETTING:

It is a process of dividing one large network into smaller units


of sub-networks.
Efficient usage of ip-addressing scheme
Examples:
192.168.10.0
255.255.255.0
11111111.11111111.11111111.00000000
The above example can be represented in the following format
192.168.10.0/24
/24 Classless inter-domain routing (CIDR value)

Eg1:
192.168.10.0/26
11111111.11111111.11111111.11000000
255.255.255.192
No of sub-networks: 22 4 sub-networks
No of hosts per sub-network: 26 -2 62
Block size: 256-192 64
NW:

192.168.10.0 192.168.10.64 192.168.10.128 192.168.10.192

FH:

192.168.10.1

LH:

192.168.10.62

BA:

192.168.10.63 192.168.10.127 192.168.10.191 192.168.10.255

---------------------------------------------------------------Eg:
192.168.10.0/25
192.168.10.0/27
172.16.0.0/18
172.16.0.0/24
172.16.0.0/26
10.0.0.0/10
10.0.0.0/18
10.0.0.0/26

####Interview Questions####
1. What valid host range is the IP address 172.16.10.22
255.255.255.240 a part of?
A.
B.
C.
D.
E.

172.16.10.20 through 172.16.10.22


172.16.10.1 through 172.16.10.255
172.16.10.16 through 172.16.10.23
172.16.10.17 through 172.16.10.31
172.16.10.17 through 172.16.10.30

Ans: E

2. What is the broadcast address of the subnet address


172.16.8.159 255.255.255.192?
A. 172.16.255.255

B. 172.16.8.127
C. 172.16.8.191
D. 172.16.8.255
Ans: C
3. What is the broadcast address of the subnet address
192.168.10.33 255.255.255.248?
A.
B.
C.
D.

192.168.10.40
192.168.10.255
192.168.255.255
192.168.10.39

Ans: D
4. If you wanted to have 12 subnets with a Class C network ID,
which subnet mask would you use?
A.
B.
C.
D.

255.255.255.252
255.255.255.248
255.255.255.240
255.255.255.255

Ans: C
5. If you need to have a Class B network address subnetted into
exactly 512 subnets, what subnet mask would you assign?
A.
B.
C.
D.

255.255.255.252
255.255.255.128
255.255.255.0
255.255.255.192

Ans: B
6. If you are using a Class C network ID with two subnets and
need 31 hosts per network, which of the following masks should
you use?
A.
B.
C.
D.

255.255.255.0
255.255.255.192
255.255.255.224
255.255.255.248

Ans: B
7. How many subnets and hosts can you get from the network
192.168.254.0/26?
A.
B.
C.
D.

4 networks with 64 hosts


4 networks with 62 hosts
254 networks with 254 hosts
1 network with 254 hosts

Ans: B
8. You have the network 172.16.10.0/24. How many subnets and
hosts are available?
A.
B.
C.
D.

1 subnet with 10 hosts


1 subnet with 254 hosts
192 subnets with 10 hosts
256 subnets with 254 hosts

Ans: D

9. What mask would you assign to the network ID of 172.16.0.0 if


you needed about 100 subnets with about 500 hosts each?
A.
B.
C.
D.

255.255.255.0
255.255.254.0
255.255.252.0
255.255.0.0

Ans: B
10. You are the network administrator for RouterSim.com. A user
cannot reach the corporate server from their remote office. The
IP address of the host is 192.168.254.10/24, the default gateway
of the host is 192.168.254.1, and the server is 192.168.10.10/24.
You have the user type the following
from a DOS prompt: ping 192.168.254.10; this is unsuccessful. You
then have the user type: ping 127.0.0.1; this is also
unsuccessful. What could the problem be?

A.
B.
C.
D.

The router is down.


The server is down.
TCP/IP is not initialized on the host.
The Ethernet cable is unplugged from the Host

Ans: C
11. You have a Class C 192.168.10.0/28 network. How many usable
subnets and hosts do you have?
A.
B.
C.
D.

16
16
30
62

subnets,
subnets,
subnets,
subnets,

16 hosts
14 hosts
6 hosts
2 hosts

Ans: B
12. You have the network 192.168.10.0/24. How many subnets and
hosts are available?
A.
B.
C.
D.

1 subnet with 10 hosts


1 subnet with 254 hosts
192 subnets with 10 hosts
254 subnets with 254 hosts

Ans: B
13. You have a 255.255.255.240 mask. Which two of the following
are valid host IDs?
A.
B.
C.
D.
E.

192.168.10.210
192.168.10.32
192.168.10.94
192.168.10.112
192.168.10.127

Ans: A, C
14. You have a Class B network ID and need about 450 IP addresses
per subnet. What is the best mask for this network?
A.
B.
C.
D.

255.255.240.0
255.255.248.0
255.255.254.0
255.255.255.0

Ans: C
15. Which of the following is a valid host for network
192.168.10.32/28?
A.
B.
C.
D.

192.168.10.39
192.168.10.47
192.168.10.14
192.168.10.54

Ans: A
16. What is the valid host range that host 192.168.10.22/30 is a
part of?
A. 192.168.10.0
B. 192.168.10.16
C. 192.168.10.20
D. 192.168.0.0
Ans: C

Variable Length Subnet Mask(VLSM)


Facilitates efficient usage of Ip addressing scheme.

Rules for designing vlsm network


1.

First consider the network with highest number of hosts.

2.

Find out the number of hosts required in each network

3.

Find out block size and CIDR Value.

ROUTER INTERFACES:

Console Port:
It is a 8-pin modular.
It uses RJ-45 connector.
Used to access the router IOS
Connected to computers com/RS232 port.
Used to configure brand new routers.
We use some software application to gain access to router
Windows: hypertermial or teraterm
Linux: minicom
Ethernet Port:

It is a 8-pin modular.
It uses RJ-45 connector.
It is connected to the switch.
We can have either Ethernet, fastethernet or gigabit Ethernet
port
Ethernet(e)

10 Mbps.

FastEthernet(f)

100 Mbps.

GigabitEthernet(g) 1000 Mbps.


Serial Port / WIC:
It is connected to ISP (lease line/Frame relay line).
It is connected to ISP via CSU/DSU Modem.
CSU Channel Service Unit
DSU Data Service Unit
It is a 60-pin modular.
It uses Database (DB) connector.

BRI (Basic Rate Interface) Port:


It is 8-pin Modular.
It uses RJ-45 Connector.
It is used for ISDN Connection.
ISDN connection is used as backup line.
ISDN Integrated Services Digital Network
AUX Port:
It is 8-pin modular.

It uses RJ-45 connector.


It is connected to modem.
When the router is out-of-band, then the router can be accessed
via modem for troubleshooting.
AUI:
Attachment Unit interface.
It is a 15-pin modular.
It uses a DB connector.
It is connected to transceiver.
It is an alternate port to Ethernet port.

Many company manufacture routers:


Cisco
Nortel
Multicom
Cyclades
Juniper
Dax
Dlink
Fujitsu
Belkin
Alcatel
NetGear

ROUTER CONFIGURATION METHODS


Autosetup or initial configuration
Command line interface (CLI)
Security Device Manager (SDM)
Autosetup
It is used for brand-new routers.
Router will prompt for questions and we need to provide answers.
No command knowledge is required.
Only basic configuration can be done.
CLI
It requires command knowledge.
We can perform accurate configuration to the router.
We can perform troubleshooting stuff.
SDM
It is a GUI based configuration.
SDM is software.
It should be installed or preinstalled in the latest version of
the routers.
CLI Mode:
1.
2.

User execution mode/user mode, router>


Privileged mode, router#

3.

Global configuration mode, router(config)#

4.

Interface mode, router(config-if)#

BASIC ROUTER CONFIGURATION

Scenario 1: setting date and time


Router> enable
Router# show clock
Router# clock set 07:20:05 22 Aug 2011
Scenario 2: setting the hostname
By default router hostname is Router
Router> enable
Router# config t
Router(config)# hostname R1
R1(config)#
Scenario 3: Setting user mode passwords
Enable password plain text
Enable secret encrypted
R1> enable
R1#config t
R1(config)#enable password ccna
R1(config)#enable secret ccna1

Setting the telnet password


R1> enable

R1# config t
R1(config)# line vty 0 4
R1(config-line)# password ccna
R1(config-line)#login
Setting the console password
R1> enable
R1# config t
R1(config)# line console 0
R1(config-line)# password ccna
R1(config-line)#login
Encrypting all passwords
R1> enable
R1# config t
R1(config)# service password-encryption
R1(config)#exit
R1#show run
Scenario 4: Setting ip addresses to interfaces
Router> enable
Router# show ip int brief
Router# config t
Router(config)# int f0/0
Router(config-if)# ip add 10.0.0.100 255.0.0.0
Router(config-if)#no shut

Router(config-if)# ^z
Router# sh ip int bri
Scenario 5: Connecting to router via telnet

Line vty password


Secret password
Interface ip address
Router> enable
Router# config t

Router(config)# enable secret ccna


Router(config)# line vty 0 4
Router(config-line)# password ccna
Router(config-line)# login
Router(config-line)# exit
Router(config)# int f0/0
Router(config-if)# ip add 10.0.0.100 255.0.0.0
Router(config-if)#no shut
Scenario 6: Router does routing
Router> enable
Router# config t
Router(config)# int f0/0
Router(config-if)# ip add 10.0.0.100 255.0.0.0
Router(config-if)#no shut
Router(config-if)# int f0/1
Router(config-if)# ip add 20.0.0.100 255.0.0.0
Router(config-if)#no shutt

Scenario 7: Changing the ip address of an interface


Router>
Router>enable
Router#config t
Router(config)#int f0/0

Router(config-if)ip add 10.0.0.100 255.0.0.0


Router(config-if)#no ip address
Router(config-if)#ip add 10.0.0.10 255.0.0.0
Router(config-if)#no shut
Scenario 8: Removing enable secret
Router(config)# no enable secret
Scenario 9: Removing the hostname
Router(config)# no hostname
Scenario 10: Setting the banner
Message of the day (motd)
Login
Router>
Router> enable
Router# config t
Router(config)# banner motd *as usual you are late to office
today*
Router(config)# banner login *welcome to jetking mna6 ccna lab*
Router(config)#exit

Scenario 11: Configuring hostname to ip address


Router>
Router> enable
Router# config t
Router(config)# no ip domain-lookup

Router(config)# ip host pc1 10.0.0.1


Router(config)# ip host pc2 10.0.0.2
Scenario 12: Configuring DHCP service
Router>
Router> enable
Router# config t
Router(config)# ip dhcp excluded-address 10.0.0.50 10.0.0.60
Router(config)# ip dhcp pool testscope1
Router(dhcp-config)# network 10.0.0.0 255.0.0.0
Router(dhcp-config)# default-router 10.0.0.100
Router(dhcp-config)# dns-server 10.0.0.50
Router(dhcp-config)#lease 10
Router(dhcp-config)#domain-name jetking.com
COMPONENTS OF ROUTER
1. Flat SMPS
2. Processor
3. ROM
4. Flash Memory
5. RAM
6. NVRAM
7. Interfaces
8.

ROM

Circuit Board

ROM is used to store the router's bootstrap startup program,


operating system software (mini IOS), and power-on diagnostic
tests programs. In order to perform ROM upgrades you remove and
replace pluggable chips on the motherboard.
Flash Memory
It holds operating system image(s). Flash memory is erasable,
reprogrammable ROM (EEPROM). You can perform Cisco IOS software
upgrades without having to remove and replace chips. Flash
content is retained when you switch off or restart the router.
RAM
RAM is used to store operational information such as routing
tables, router's running configuration file.
RAM also provides caching and packet buffering capabilities. Its
contents are lost when you switch off or restart the router.
NVRAM
NVRAM (nonvolatile RAM), is used to store the router's startup
configuration file. It does not lose data when power is switched
off. So the contents of the startup configuration file are
maintained even when you switch off or restart the router.
Router's Startup Procedure

Each time you switch on the router, it goes through power-on


self-test diagnostics to verify basic operation of the CPU,
memory and network interfaces.
The system bootstrap software in ROM (boot image) executes and
searches for valid router operating system software (Cisco IOS
image). IOS is acronym for Internetwork Operating System.
There are three places to find the Cisco IOS image to load:
Flash memory
A TFTP server on the network
ROM
The source of the Cisco IOS image is determined from the boot
field setting of the router's configuration register.

Configuration Registration: A 16-bit register used to control how


the router boots up, where the IOS image, how to deal with the
NVRAM configuration, setting the console baud rate and enabling
or disabling the break function.
The default setting for the configuration register indicates that
the router should attempt to load a Cisco IOS image from flash
memory.
If the router finds a valid IOS image, it searches for a valid
configuration file. If your router does not find a valid system
image, or if its configuration file is corrupted at startup, and
the configuration register (bit 13) is set to enter ROM monitor
mode, the system will bypass the NVRAM setting and enters ROM
monitor mode. This also allows access to the router in the event
a password is lost.
The configuration file, saved in NVRAM, is loaded into main
memory and executed one line at a time. These configuration
commands start routing processes, supply addresses for
interfaces, and set media characteristics.
If no configuration file exists in NVRAM, the operating system
executes a question-driven initial configuration routine called
the system configuration dialog.
This special mode is also called the Setup mode.
ROUTER COMMANDS
To get to Privileged Mode Router>enable
To get back to User Mode Router#disable
To Exit the Router Router>exit or logoff
To auto-complete a command press tab key
To show the command buffer Router>show history
To set the command buffer size Router>terminal history size
To disable advanced editing features Router>terminal no
editing

To re-enable advanced editing features Router>terminal


editing
Viewing Router Information
View IOS version Router#show version
View current configuration file (RAM) Router#show runningconfig
View saved configuration file (NVRAM) Router#show startupconfig
View IOS version, size of IOS, and free space in FLASH
Router#show flash
View info about programs in RAM Router#show processes
Display interfaces on router and their status Router#show
interface
Display the ip interfaces on router and their status
Router#show ip interface
Display which protocols are configured on the router
Router#show protocol
Display ip protocol info Router#show ip protocol
Cisco Discovery Protocol
View info of neighboring Cisco devices (routers,
switches,etc) Router#show cdp neighbors [ show cdp neighbor
detail.
View interface info, default encap, cdp update and holdtime
freq Router#show cdp interface.
Run the initial configuration dialog Router#setup
Reboot the router and reload the startup config from NVRAM
Router#reload
Copy configuration file in RAM to NVRAM Router#copy runningconfig startup-config

Copy configuration file in NVRAM to RAM Router#copy startupconfig running-config


Erase the configuration file in NVRAM [run initial config
dialog] Router#erase startup-config
Copy startup config file from TFTP to NVRAM Router#copy tftp
startup-config
Copy startup config file from NVRAM to TFTP Router#copy
startup-config tftp
Copy startup config file from TFTP to RAM Router#copy tftp
running-config
Copy running config file from RAM to TFTP Router#copy
running-config tftp
Backup IOS to file server Router#copy flash tftp
Upgrade the IOS from the file server Router#copy tftp flash
Tell router which IOS file in Flash to boot from
Router(config)# boot system flash (ios_filename)
Tell router which IOS to request from the TFTP server
(fallback) Router(config)# boot system tftp (ios_filename)
tftp_ip_address

Config-Reg
ROM Monitor Mode [prompt will be either: > or rommon>]
Router(config)# Config-reg 0x0000
Boot from ROM and enter RXBOOT mode
[prompt will be: Router_Name(boot)> ]
Router(config)# Config-reg 0x0001

Boot from ROM & check NVRAM for startup [boot] commands
Router(config)# Config-reg 0x0002 [through to 0x000F]
RXBOOT (diagnostics mode, use b to continue boot)
Router(config)# Config-reg 0x2000
Boot from ROM, use NVRAM (upgrade flash in run-from-flash )
Router(config)# Config-reg 0x2101
Boot from ROM, skip NVRAM (disaster recovery)
Router(config)# Config-reg 0x2141
Boot from FLASH, use NVRAM (normal operation)
Router(config)# Config-reg 0x2102
Boot from FLASH, skip NVRAM (password recovery)
Router(config)# Config-reg 0x2142

Scenario 13: Saving the router configuration


Router> enable
Router# copy running-config startup-config
Or
Router# copy run start
Scenario 14: Breaking the router password
By default configuration registry value is 0x2102
Change the configuration registry value to 0x2142 to skip loading
the nvram content.
Reload/restart the router and press ctrl+break key to interrupt
the boot process.
rommon 1 >
rommon 2 > confreg 0x2142
rommon 3 > reset

Router# copy startup-config running-config


king(config)# enable secret ccna
king(config)# config-register 0x2102
king(config)#exit
king# copy running-config startup-config
king# reload

Routing
Routing is the act of moving information across an internetwork
from a source to a destination.
Three types:
1. Static Routing
2. Dynamic Routing
3. Default Routing

Static Routing
Routes to the different destination networks have to be
entered manually on all the routers by administrator.
Administrator has to update the routing table manually.
It is suitable for small networks.
Router CPU utilization is less.
Scenario 14: Two router configuration
R1-router Configuration

Router> enable
Router# config t
Router(config)#hostname R1
R1(config)# int f0/0
R1(config-if)# ip add 10.0.0.100 255.0.0.0
R1(config-if)# no shut
R1(config-if)# int s0/0
R1(config-if)# ip add 30.0.0.1 255.0.0.0
R1(config-if)# clock rate 64000
R1(config-if)# no shut
R1(config-if)#exit
R1(config)# ip route 20.0.0.0 255.0.0.0 30.0.0.2
R1(config)#exit
R1# Sh ip int brief
R1# sh ip route

R2-Router configuration
Router> enable
Router# config t
Router(config)# hostname R2
R2(config)# int f0/0
R2(config-if)# ip add 20.0.0.100 255.0.0.0

R2(config-if)# no shut
R2(config-if)# int s0/0
R2(config-if)# ip add 30.0.0.2 255.0.0.0
R2(config-if)# no shut
R2(config-if)# exit
R2(config)# ip route 10.0.0.0 255.0.0.0 30.0.0.1
R2(config)# exit
R2# Sh ip int brief
R2# sh ip route

Scenario 15: Three router configuration

R1-configuration
Router> enable
Router# config t
Router(config)# hostname R1
R1(config)# int f0/0
R1(config-if)# ip add 10.0.0.100 255.0.0.0
R1(config-if)# no shut
R1(config-if)# int s0/0
R1(config-if)# ip add 40.0.0.1 255.0.0.0
R1(config-if)# clock rate 64000

R1(config-if)# no shut
R1(config-if)# exit
R1(config)# ip route 20.0.0.0 255.0.0.0 40.0.0.2
R1(config)# ip route 50.0.0.0 255.0.0.0 40.0.0.2
R1(config)# ip route 30.0.0.0 255.0.0.0 40.0.0.2
R1(config)# exit
R2-configuration
Router> enable
Router# config t
Router(config)# hostname R2
R2(config)# int f0/0
R2(config-if)# ip add 20.0.0.100 255.0.0.0
R2(config-if)# no shut
R2(config-if)# int s0/0
R2(config-if)# ip add 40.0.0.2 255.0.0.0
R2(config-if)# no shut
R2(config-if)# int s0/1
R2(config-if)# ip add 50.0.0.1 255.0.0.0
R2(config-if)# clock rate 64000
R2(config-if)# no shut
R2(config-if)# exit
R2(config)# ip route 10.0.0.0 255.0.0.0 40.0.0.1
R2(config)# ip route 30.0.0.0 255.0.0.0 50.0.0.2

R2(config)# exit
R3-configuration
Router> enable
Router# config t
Router(config)# hostname R3
R3(config)# int f0/0
R3(config-if)# ip add 30.0.0.100 255.0.0.0
R3(config-if)# no shut
R3(config-if)# int s0/0
R3(config-if)# ip add 50.0.0.2 255.0.0.0
R3(config-if)# no shut
R3(config-if)# exit
R3(config)# ip route 20.0.0.0 255.0.0.0 50.0.0.1
R3(config)# ip route 40.0.0.0 255.0.0.0 50.0.0.1
R3(config)# ip route 10.0.0.0 255.0.0.0 50.0.0.1
R3(config)# exit

Default Routing

We use default routing to send packets with a remote


destination network not in the routing table, but to the nexthop router.
You can only use default routing on stub networks (those with
only one exit path out of the network).
Router(config)# ip route 0.0.0.0 0.0.0.0 s0/0
Dynamic Routing
Routing protocol: It is used by routers to dynamically find
all the networks in the internetwork and to ensure that all
routers have the same routing table. Basically, a routing
protocol determines the path of a packet through an
internetwork.
Examples: RIP, IGRP, EIGRP, and OSPF.
Routed Protocol: Once all routers know about all networks, a
routed protocol can be used to send user data (packets)
through the established enterprise. Routed protocols are
assigned to an interface and determine the method of packet
delivery.
Examples: IP and IPX.
Dynamic routing is when protocols are used to find networks
and update routing tables on routers.
There are two types of routing protocols:
1. Interior gateway protocols (IGPs).
2. Exterior gateway protocols (EGPs).
IGPs are used to exchange routing information with routers in
the same autonomous system (AS).
An AS is a collection of networks under a common
administrative domain, which basically means that all routers
sharing the same routing table information are in the same AS.
EGPs are used to communicate between AS.

Administrative Distances

The administrative distance (AD) is used to rate the


trustworthiness of routing information received on a router
from a neighbor router. An administrative distance is an
integer from 0 to 255, where 0 is the most trusted and 255
means no traffic will be passed via this route.
Default Administrative Distances
Connected interface

Static route

EIGRP

90

IGRP

100

OSPF

110

RIP

120

External EIGRP

170

Unknown

255 (this route will never be used)

Routing Protocols
There are three classes of routing protocols:
Distance vector: The distance-vector protocols find the best
path to a remote network by judging distance. Each time a
packet goes through a router, thats called a hop. The route
with the least number of hops to the network is determined to
be the best route.
Eg: RIP and IGRP
Link state: In link-state protocols, also called shortestpath-first protocols, the routers each create three separate
tables. One of these tables keeps track of directly attached
neighbors, one determines the topology of the entire
internetwork, and one is used as the routing table.
Eg: OSPF
Hybrid: Hybrid protocols use aspects of both distance vector
and link state.

Eg: EIGRP.

Routing Information Protocol


1.
2.
3.
4.
5.
6.

Does not use autonomous number system.


Works on multi-vendor routers.
Sends updates for every 30secs.
Hop count as a unit of metric.
Administrative distance is 120.
Has a maximum hop count of 16

Configuration:
R1(config)#router RIP
R1(config-router)#network 10.0.0.0
R1(config-router)#network 40.0.0.0
Router# show ip route
Router# debug ip rip It shows the updates sent to the neighbor
routers for every 30 sec.
Router# clear ip route * This allows the routing table to
switch to the new updates by clearing the old entries.
Router# Undebug all To stop all debug commands those are
active.
Router# debug ip routing Displays the dynamic changes made in
the routing table.
Version 2
R1#config t
R1(config)# router rip
R1(config-router)#version 2

R1(config-router)#network <network address>


Difference between rip v1 and rip v2
RIP V1 does not support VLSM. RIP V2 support VLSM
RIP V1 send broadcast. RIP V2 multicast 224.0.0.9
RIP V1 no authentication. RIP V2 authentication.
RIP V1 versioned specified V1. RIP Version is specified as
v2
####Enhanced Interior Gateway Protocol####
Hybrid(DV + LS).
Cisco Proprietary Protocol.
Supports multiple protocols like IP, IPX, Apple Talk etc.
through protocol dependant module (PDM).
Cost is calculated based on the Bandwidth, Delay etc.
Routing Table is sent.
For every 5 sec a Hello packet is sent.
Broadcast is sent only when there is a change in the Routing
table.
When the link goes down EIGRP proceeds with the Next Best
Path (Feasible Successor).
Autonomous System is used for administrative convenience of
a large network
DUAL (Diffusing Update Algorithm) is used to find the best
path.
It uses a multicast address 224.0.0.10 to send the multicast
updates to neighbor routers (RTP).
R1(config)#router EIGRP 100
R1(config-router)#network 10.0.0.0
R1(config-router)#network 20.0.0.0
Router# sh ip eigrp neighbors

Router# sh ip eigrp topology


Router# sh ip eigrp traffic

####Route Summarization####
Route summarization is a process of minimizing the routes on a
router. i.e. instead of specifying all the network address we
will summarize the networks, so that the routing table size is
minimized.
Example 1:
192.168.0.0/24

11000000.10101000.00000000.00000000

192.168.1.0/24

11000000.10101000.00000001.00000000.

192.168.2.0/24

11000000.10101000.00000010.00000000

192.168.3.0/24

11000000.10101000.00000011.00000000

192.168.4.0/24

11000000.10101000.00000100.00000000

192.168.5.0/24

11000000.10101000.00000101.00000000

192.168.6.0/24

11000000.10101000.00000110.00000000

192.168.7.0/24

11000000.10101000.00000111.00000000

192.168.8.0/24

11000000.10101000.00001000.00000000

192.168.9.0/24

11000000.10101000.00001001.00000000

192.168.10.0/24

11000000.10101000.00001010.00000000

192.168.11.0/24

11000000.10101000.00001011.00000000

192.168.12.0/24

11000000.10101000.00001100.00000000

192.168.13.0/24

11000000.10101000.00001101.00000000

192.168.14.0/24

11000000.10101000.00001110.00000000

192.168.15.0/24

11000000.10101000.00001111.00000000

Summary address is :192.168.0.0/20

Example 2:
192.168.10.0/24

11000000.10101000.00001010.00000000

192.168.11.0/24

11000000.10101000.00001011.00000000

192.168.12.0/24

11000000.10101000.00001100.00000000

192.168.13.0/24

11000000.10101000.00001101.00000000

192.168.14.0/24

11000000.10101000.00001110.00000000

192.168.15.0/24

11000000.10101000.00001111.00000000

Summary Address: 192.168.8.0/21


Example 3:
10.22.178.0/23
10.22.180.0/23
10.22.182.0/23
10.22.184.0/23
10.22.186.0/23
10.22.188.0/23
10.22.190.0/23
Summary Address: 10.22.176.0/20

OPEN SHORTEST PATH FIRST


OSPF provides the following features:

Consists of areas and autonomous systems


Minimizes routing update traffic

Allows scalability

Supports VLSM/CIDR

Has unlimited hop count

Allows multi-vendor deployment (open standard)

Characteristic

OSPF

RIPv2

RIPv1

Type of protocol

Link state

Distance
vector

Distance
vector

Classless
support

Yes

Yes

No

VLSM support

Yes

Yes

No

Autosummarization

No

Yes

Yes

Manual
summarization

Yes

No

No

Discontiguous
support

Yes

Yes

No

Route
propagation

Multicast on
change

Periodic
multicast

Periodic
broadcast

Path metric

Bandwidth

Hops

Hops

Hop count limit

None

15

15

Convergence

Fast

Slow

Slow

Peer
authentication

Yes

Yes

No

Hierarchical
network

Yes (using
areas)

No (flat
only)

No (flat
only)

Updates

Event
triggered

Route table
updates

Route table
updates

Route
computation

Dijkstra

Bellman-Ford

Bellman-Ford

OSPF has many features beyond the few that are listed in the
table, and all of them contribute to a fast, scalable, and
robust protocol that can be actively deployed in thousands of
production networks. OSPF is supposed to be designed in a
hierarchical fashion, which basically means that you can
separate the larger internetwork into smaller internetworks
called areas. This is the best design for OSPF.

The following are reasons for creating OSPF in a hierarchical


design:

To decrease routing overhead


To speed up convergence

To confine network instability to single areas of the


network

This does not make configuring OSPF easier, but more


elaborate and difficult. The diagram shows a typical OSPF
simple design. Notice how each router connects to the
backbone- called area 0, or the backbone area. OSPF must have
an area 0, and all other areas should connect to this area.
Routers that connect other areas to the backbone area within
an AS are called Area Border Routers (ABRs). Still, at least
one interface of the ABR must be in area 0.

Fig. 31

OSPF runs inside an autonomous system, but it can also


connect multiple autonomous systems together. The router that
connects these ASes is called an Autonomous System Boundary
Router (ASBR). Ideally, you would create other areas of
networks to help keep route updates to a minimum and to keep
problems from propagating throughout the network.

Wild Card Subnet Mask


Subnet mask 255.255.255.0
11111111.11111111.11111111.00000000
In wild card subnet mask 0 bits are care bits and 1 bits are no
care bits. Convert all 1 bits to zero and zero bits to 1 bit
Wild card subnet mask 00000000.00000000.00000000.11111111
0.0.0.255
SM 255.255.224.0 what is the wild card subnetmask

R1(config)#router OSPF 15
R1(config-router)#network 10.0.0.0

0.255.255.255 area 0

R1(config-router)#network 30.0.0.0

0.255.255.255 area 0

Access Control Lists (ACLs)

ACL is a packet filtering technology.


It works at layer 3 and 4 of the OSI reference Mode.
It does stateless inspection of packets.
Rules:
ACLS compared with each line in sequential order.
Once the packet matches the condition on a line of access
list, no further comparisons take place.
If a packet does not match the condition on any of the lines
in the access list, there is an implicit deny.
Types of Access Control Lists
Standard access lists: Standard access list considers only the
source address. Deny/Permit actions are applied on the source
address. Once the access list is defined, binding can be done at
any one of the interface (Ethernet or serial).
Source IP address
Created at Destination router
Access-list numbers 199 or 1300-1999 (expanded range)

R2#config t
R2(config)#access-list 10 deny 10.0.0.0 0.255.255.255
R2(config)#access-list 10 permit any
R2(config)#int f0/0
R2(config-if)#ip access-group 10 out

Extended Access Lists: This considers source address, Destination


address, protocol, destination ports etc .In Extended access list
we can specify the applications that are to be permitted or
denied from the source to destination
Source ip address

Destination ip address
Destination port number/protocol
Created at source router
Access-list range from 100 to 199 or 20002699 (expanded
range)
Blocking ICMP
R1(config)#access-list 100 deny icmp 10.0.0.0 0.255.255.255
20.0.0.0 0.255.255.255
R1(config)#access-list 100 permit ip any any
R1(config)#int f0/0
R1(config-if)#ip access
R1(config-if)#ip access-group 100 in
Blocking HTTP
R1(config)#Access-list 101 deny TCP 10.0.0.10 0.0.0.0 30.0.0.10
0.0.0.0 eq 80
R1(config)#Access-list 101 permit ip any any
R1(config)#int f0/0
R1(config-if)#ip access-group 101 in

Named Access Lists - As the name suggests, we can define an


access list using a name instead of number wherein we can modify
(or delete) the list by individual conditions which is not
possible in the numbered lists.
Standard
R1(config)#IP access-list

standard jetking

R1(config-std-nacl)#deny 20.0.0.1
R1(config-std-nacl)#permit any
R1(config)#int f0/0

0.0.0.0

R1(config-if)#ip access-group jetking out

Extended
R1(config)#ip access-list extended sun
R1(config-ext-nacl)#deny TCP 10.0.0.10 0.0.0.0 30.0.0.10
eq www

0.0.0.0

R1(config-ext-nacl)#permit ip any any


R1(config)#int f0/0
R1(config-if)#ip access-group sun in

NETWORK ADDRESS TRANSLATION (NAT)


Private IP Address Range:
Class A 10.0.0.0 to 10.255.255.255
Class B 172.16.0.0 to 172.31.255.255
Class C 192.168.0.0 to 192.168.255.255
Note: Private ip addresses are non-routable ip addresses.
Non-registered IP addresses.

Network Address Translation involves re-writing the source and


destination address of packets as they pass through a router. NAT
is done in order to enable multiple hosts on a private network to
access the Internet using a single public IP address
Types:
Static NAT.

Dynamic NAT.
NAT Overload/Port Address Translation(PAT).

Static NAT: One private IP Address will be mapped to One public


IP address. IP address mappings will be one-on-one basis.

Dynamic NAT: Client computers take the IP Address from an IP pool


and which will be stored in NAT table.

PAT: All client computers use one public IP Address but with
different port numbers and which will be stored in the NAT table.

Static NAT Configuration:


R2(config)#int f0/0
R2(config-if)#ip NAT inside
R2(config)#int s0/0
R2(config-if)#ip NAT outside
R2(config)#ip nat inside source static 20.0.0.10 40.0.0.50
R2#sh ip nat translations
Dynamic NAT configuring:
R1(config)#int f0/0
R1(config-if)#ip NAT inside
R1(config)#int s0/0
R1(config-if)#ip NAT outside
R1(config)#access-list 15 permit 10.0.0.0 0.255.255.255

R1(config)#IP NAT pool king 30.0.0.100 30.0.0.200 netmask


255.0.0.0
R1(config)#IP NAT inside source list 15 pool king
R1#sh ip nat translations
Port Address Translation:
R3(config)#int f0/0
R3(config-if)#ip NAT inside
R3(config)#int s0/0
R3(config-if)#ip NAT outside
R3(config)#access-list 25 permit 30.0.0.0 0.255.255.255
R3(config)#ip nat inside source list 25 int s0/0
R3(config)#do sh ip nat translations

WAN TECHNOLOGIES
If the routers are in different location we can connect them with
the help of ISP.
We need to purchase a WAN Link
The WAN link may be

DSL Line.
ISDN Line.
Lease Line.
Frame Relay Line.

DSL Line:
Digital Subscriber Line.
Broadband connection, sending multiple frequencies.
Exclusively used to provide the high speed internet
connection.
It offers a bandwidth upto 16 Mbps.
They are not used for connecting remote routers.
It is used in companies to provide internet.
DSL will not be available in all the localities.
It uses DSLAN switch.
For DSL connection you can assign the ip address by 2 ways.
Dynamic: No need to purchase public ip address.
ISP will provide the ip address from the DHCP server.
Static: We need to purchase a public ip address.
Globally you can access router.
DSL Flavors:
SDSL
Symmetric DSL.
Uploading and downloading speed are same.
SDSL Modem

ADSL
Asymmetric DSL
Uploading and downloading speed are different.
Downloading speed will be more than uploading speed.
ADSL Modem

ISDN LINE:
It carries the voice, video, and digital signal simultaneously.
ISDN line is used as a backup link or alternative link.
ISDN line uses BRI (Basic Rate Interface) or PRI (Primary Rate
Interface) port.
It uses RJ45 connector.
ISDN channel
B-channel
D-channel
B-channel
Barrier Channel.
Used for sending the data.
Data transfer rate 64 kbps.
D-channel
Delta channel.
Used for sending the control signals.
Data transfer rate 16 kbps.
Used for establishing and terminating the connection.
ISDN Interface:
BRI port:

2B+1D channel
2x64+16
128 kbps.
PRI Port:
23B+1D
23x64+16
1.47 Mbps
ISDN interface should be marked as passive interface. Updates
will be sent periodically to the ISDN line if you dont make it
passive.

LEASE LINE
It is also known as dedicated line.
It is used to connect one branch office router to another branch
office router.
It established a point to point communication.
DTE
R1

DCE
CSU/DSU

DCE
ISP

DTE

CSU/DSU

R2

CSU/DSU: Channel service unit /data service unit.


Lease line is a digital technology and it carries a digital
signal.
In CSU/DSU side DEC is present where ISP provides the bandwidth
and DTE side is the router.
Lease line is connected to the serial port of the router.
Lease line is used if you require a frequent communication
between the routers.
Lease line costs more.

T1 Line: 1.544 Mbps


T3 line: 44.376 Mbps
Lease line uses 2 major encapsulation protocols.
1. HDLC
2. PPP
HDLC:
High level data link control protocol.
It is a Cisco proprietary protocol.
Works only in Cisco router.
By default HDLC uses serial port.
By default all the Cisco router uses HDLC protocol.
To view HDLC encapsulation protocol
Router#show int s0/0
If you are using HDLC you cannot compress the packets.
It does not support authentication.
You can send only IP packets.
IPX, Appletalk are not supported by HDLC.
PPP:
Point to point protocol.
It supports multiple layer protocol.
It supports compression.
It is an open standard protocol.
It works with any vendor router.

PPP configuration
R1#config t
R1(config)#username user1 password jetking
R1(config)#int s0/0
R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication pap/chap
R1(config-if)#^z

FRAME-RELAY LINE
Most popular WAN link.
It offers bandwidth up to 44 mbps.
Depends upon customer requirement.
Frame-relay line is represented as cloud.
Frame relay line used to connect one branch office router to
another branch office outer.
It also uses CSU/DSU modem.
Frame relay line should be connected to serial interface of the
router.
DTE
R1

DCE
CSU/DS
U

DCE
cloud

CSU/DS
U

DTE
R2

Frame-relay Terminology:
1. CIR.
2. DLCI Number.
3. Virtual Circuit.
4. LMI type.

CIR:
Committed Information Rate.
CIR value is equal to customer bandwidth.
If you have more traffic in the cloud you will get the
bandwidth what is committed by ISP.
If you have less traffic in the cloud you will get more
bandwidth than what is committed by the ISP.

DLCI:
Data link connection identifier.
DLCI number is an integer value.
DLCI number will be given by ISP.
Every router port which is connected to a frame relay line
requires a DLCI number.
DLCI number is used to map to the remote router.

Virtual Circuit: It is used for establishing the virtual


connection.

Types of VC:
Permanent Virtual Circuit.
Switched Virtual Circuit.
PVC:
Virtual circuit connection will be permanent.
It is very fast.
It is very expensive.
SVC:
Virtual circuit connection will be temporary.
It is very slow.
It is less expensive.
Router establishes connection first and packets will be
sent, after that connection will be terminated.
LMI TYPE:
Local Management Interface.
LMI is used for maintaining the link statistics (fluctuations in
link, traffic etc)
It comes with various standards (Cisco, ANSI, IEEE/q933).
Configuring Frame-relay
R1#config t
R1(config)#int s0/0
R1(config-if)#encapsulation frame-relay
R1(config-if)#frame-relay interface-dlci 100
R1(config-if)#frame-relay lmi-type cisco
R1(config-if)#^z

IPv4

IPv6

Addresses are 32 bits (4 bytes)


in length.

Addresses are 128 bits (16


bytes) in length

Address (A) resource records in


DNS to map host names to IPv4
addresses.

Address (AAAA) resource records


in DNS to map host names to
IPv6 addresses.

Pointer (PTR) resource records


in the IN-ADDR.ARPA DNS domain
to map IPv4 addresses to host
names.

Pointer (PTR) resource records


in the IP6.ARPA DNS domain to
map IPv6 addresses to host
names.

IPSec is optional and should be


supported externally.

IPSec support is not optional.

Header does not identify packet


flow for QoS handling by
routers

Header contains Flow Label


field, which Identifies packet
flow for QoS handling by
router.

Both routers and the sending


host fragment packets.

Routers do not support packet


fragmentation. Sending host
fragments packets

Header includes a checksum.

Header does not include a


checksum

Header includes options

Optional data is supported as


extension headers

ARP uses broadcast ARP request


to resolve IP to MAC/Hardware
address

Multicast Neighbor Solicitation


messages resolve IP addresses
to MAC addresses

Broadcast addresses are used to


send traffic to all nodes on a
subnet.

IPv6 uses a link-local scope


all-nodes multicast address.

Must support a 576-byte packet


size (possibly fragmented).

Must support a 1280-byte packet


size (without fragmentation).

IPV4 AND IPV6 ADDRESS

IPV4 Address

IPV6 Address

32-bit address

128 bit address

Dotted decimal format

Hexadecimal Format

32-bit address divided into 4


octet

128-bit address divided into 8


blocks

Each octet consists of 8 bits

Each block consist of 16 bits

Each octet separated with


dot(.)

Each block separated with colon


(:)

Example: 192.168.10.100

Example:FE80:0010:0000:0010
:0088:28CB:0001:0281

Classes are class A, Class B,


Class C, Class D, Class E

IPV6 does not have any classes.

Loopback address

Loopback address

Ping 127.0.0.1

Ping ::1

In IPV4 address we have


subnetmask and you have to
define it separately.

IPV6 address have subnet mask


within the ip address, so
subnet mask need not be defined
separately.

It uses ICMP protocol for


checking the network
connectivity

ICMP v6 protocol is used for


checking the connectivity.

Larger Address Space


IPv4
32 bits = 4,294,967,296 possible addressable devices
IPv6
128 bits = 340,282,366,920,938,463,463,374,607,431,768,211,456
5 x 1028 addresses per person on the planet

IPV6 Address Representation:


16 bit fields in case insensitive colon hexadecimal
representation
2031:0000:130F:0000:0000:09C0:876A:130B
Leading zeros in a field are optional:
2031:0:130F:0:0:9C0:876A:130B
Successive fields of 0 represented as ::, but only once in an
address:
2031:0:130F::9C0:876A:130B is ok
2031::130F::9C0:876A:130B is NOT ok
0:0:0:0:0:0:0:1 ::1 (loopback address)
0:0:0:0:0:0:0:0 :: (unspecified address)
In a URL, it is enclosed in brackets (RFC3986)
http://[2001:db8:4f3a::206:ae14]:8080/index.html

Representation of prefix is same as for IPv4 CIDR


Address and then prefix length
IPv4 address:
198.10.0.0/16
IPv6 address:
2001:db8:12::/40

Address Types are :


Unicast : One to One (Global, Unique Local, Link local).
Anycast : One to Nearest (Allocated from Unicast).
Multicast : One to Many.

Router>enable
Router#config t
Router(config)#int f0/0
Router(config-if)#ipv6 enable
Router(config-if)#ipv6 address 2001:DB8:0:1::/64 eui-64
or
Router(config-if)#ipv6 address FE80::260:3EFF:FE11:6770 linklocal
Router# show ipv6 interface f0/0
SWITCHING
Switch works at data-link layer (layer-2 device).
Switches works with MAC address.
Switches forward the frame from one host to another host.
Switch ports varies from 8 ports, 16 ports, 20 ports, and 24
ports.
Switches available with different ports like ethernet port,
fastethernet port, and gigabit ethernet port.
Types of Switches:
Manageable switch.
Non-manageable switch.

Manageable switch:
Cisco switch
We can configure vlans*.
Console port is present.
Provides security.

L2-Switch:
It works only with MAC address.
It is a layer 2 device.
Routing cannot be performed.
Cannot act as router.
L3-Switch:
It works with both MAC and logical address.
Operates in layer 2 and 3.
Routing can be performed.
You can make L3 switch act as router.

Non-manageable switch:
Local brand
We cannot configure switch.
No console port.
No security.

Switch

Hub

Switch is a layer-2 component

Hub is a layer-1 component

Switch learn MAC address

Hub doesnt learn MAC address

Has one Broadcast Domain

Has one Broadcast domain

Has multiple collision domain

Has only one collision domain

Works in Full-Duplex

Works in Half-Duplex

Functions of Switch:
It performs 3 major tasks
Address Learning
Forwarding and filtering
Loop avoidance
Address Learning:
Switch port always starts with 1
Router port always start with 0
Mac address table will contain all port information
Switch will learn every computer MAC address and it will be
kept in the MAC address table.
Forwarding and filtering:
Unicast message one-to-one communication.
It will forward the frame based on MAC table entry.
Forwarding takes place by comparing destination MAC address
of the frame with the MAC table.
If destination MAC is not present it will broadcast message.
Switch will forward the broadcast message to all the active
port except from which it is received.
Loop Avoidance:
Every switch uses protocol called STP
It allows the redundant link in the network.
Avoid the loop in the network.

Different forwarding trends in switch?


Store & forward-- stores the frame, checks for the errors and
forwards only the error free frames.
Cut-through No error checking; just receives and forwards the
frames.
Fragment free is also called as Modified Cut-through. The
minimum ip packet size is of 64 bytes. The 1st 64 bytes of frame
is checked for errors, where this 64 bytes include the frame
header, Destination MAC add (DMAC), Source MAC add (SMAC) and
some data. So, if these 64 bytes seem to be a good frame set then
it is forwarded or else it dumps the packets.
Spanning tree protocol: Spanning-tree Protocol is been run to
avoid the routing loops in a switched network. It elects the Root
Bridge and the Non-Root Bridge with the help of bpdu. The one
with the lesser bpdu will be elected as the Root Bridge. Root
Bridge will be having every port in forwarding mode of a frame on
interface.

Different Spanning-tree port states:


Blocking: It wont forward frames, prevent looping and by
defaults all ports are blocked.
Listening: Listens no loop has formed on N/W before passing
frame.
Learning: Listens and learns all paths in the N/W and updates MAC
table.
Forwarding: Sends and receives frames.

Disabled: Does not participate in forwarding frame.


VLANS
Vlan is created to avoid unnecessary broadcasts
Vlans are created without changing the physical set up
By default each switch is in vlan 1
Only systems in same vlan will communicate
For inter-vlan communication we need Router/Layer 3
Switch
VLAN setup is controlled by VTP(VLAN Trunk Protocol)

Breaking Switch Password


Unplug the power cable
Holddown the mode button
Connect the power cable
Switch:flash_init
Switch:load_helper
Switch:dir flash:
Switch:rename flash:config.text flash:config.backup
Switch:boot
Would you like to enter initial configuration: no
Switch>enable
Switch#rename flash:config.backup config.text
Switch#copy flash:config.text system:running-configS

CONFIGURING SWITCH
Assigning IP address to administrative vlan:
Switch>enable

Switch#config t
Switch(config)#int vlan 1
By default all ports are in the VLAN1
Switch(config-if)#ip address 10.0.0.100 255.0.0.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Switch(config)#ip default gateway 10.0.0.1

Configuring different VLANs

Switch(config) #vlan 2
Switch(config-vlan)#name admin
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#name production
Switch(config-vlan)#exit
[VLAN-no ranges from 2 to 1001]
Allocating the ports to the VLANs

Switch(config)#int f0/1
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#int f0/2

Switch(config-if)#switchport access vlan 2


Switch(config-if)#exit

Configuring the trunk Port

Switch(config)#int f0/24
Switch(config-if)#switchport mode trunk
Switch(config-if)#exit
By default, trunk port of the switch is in VLAN1. So this port
should be configured as trunk port to carry all Vlan information.
VLAN Trunking Protocol
It makes administrative easy.
It sends VLAN information from one switch to another switch.
Maintains uniform VLAN configuration throughout the switch.
Server By default, all switches are in Server mode. Vlans can
configured in created in this mode.
Clients No changes can be made in client mode.
Transparent will not take any condition; it just forwards the
conditions to the other switches.
Switch(config)#VTP domain jetking
Switch(config)#VTP mode server/client/transparent
Switch(config)#do show vtp status

Inter-vlan communication

Configuring Router
Router(config)#int f0/0
Router (config-if)#no ip address
Router (config-if)#no shutdown
Router (config-if)#exit

Router(config)#int f0/0 .1
Router(config-subif)#encapsulation dot1q <vlan no.>
Router(config-subif)#encapsulation dot1q 2
Router(config-subif)#ip add 10.1.0.1 255.255.0.0

Router(config)#int f0/0 .2
Router(config-subif)#encapsulation dot1q <vlan no.>
Router(config-subif)#encapsulation dot1q 3
Router(config-subif)#ip add 10.2.0.1 255.255.0.0

Switch#sh MAC-address-table
Switch#sh vlan bri
Switch#sh VTP status
Switch#sh spanning-tree

VIRTUAL PRIVATE NETWORK (VPN)

A virtual private network (VPN) allows the creation of private


networks across the Internet. VPNs are used daily to give remote
users and disjointed networks connectivity over a public medium
like the Internet instead of using more expensive permanent
means.

Virtual private network is a method of encrypting pointto-point logical connections across a public network, such as the
Internet. This allows secure communications across a public
network.
Three typical categories of VPNs
Remote access VPNs
Site-to-site VPNs
Extranet VPNs

Remote access VPNs allow remote users like telecommuters to


securely access the corporate network wherever and whenever they
need to.
Site-to-site VPNs or intranet VPNs, allow a company to connect
its remote sites to the corporate backbone securely over a public
medium like the Internet instead of requiring more expensive WAN
connections like Frame Relay.
Extranet VPNs
allow an organizations suppliers, partners, and
customers to be connected to the corporate network in a limited
way for business-to-business (B2B) communications.

IPSec is an industry-wide standard suite of protocols and


algorithms that allows for secure data transmission over an IPbased network that functions at the layer 3 Network layer of the
OSI model.