You are on page 1of 1048

Only for individual use – not for distribute on Internet - November 2007

CCNA curriculum ver. 3.1


1 CISCO MODUL 1 ....................................................................................................................................... 16
1.1 Connecting to the Internet ..................................................................................................................... 17
1.1.1 Requirements for Internet connection............................................................................................ 17
1.1.2 PC basics ........................................................................................................................................ 18
1.1.3 Network interface card................................................................................................................... 20
1.1.4 NIC and modem installation .......................................................................................................... 20
1.1.5 Overview of high-speed and dial-up connectivity ......................................................................... 21
1.1.6 TCP/IP description and configuration ........................................................................................... 22
1.1.7 Testing connectivity with ping ...................................................................................................... 22
1.1.8 Web browser and plug-ins ............................................................................................................. 23
1.1.9 Troubleshooting Internet connection problems ............................................................................. 24
1.2 Network Math ....................................................................................................................................... 24
1.2.1 Binary presentation of data ............................................................................................................ 24
1.2.2 Bits and bytes ................................................................................................................................. 25
1.2.3 Base 10 number system ................................................................................................................. 26
1.2.4 Base 2 number system ................................................................................................................... 27
1.2.5 Converting decimal numbers to 8-bit binary numbers .................................................................. 27
1.2.6 Converting 8-bit binary numbers to decimal numbers .................................................................. 29
1.2.7 Four-octet dotted decimal representation of 32-bit binary numbers.............................................. 31
1.2.8 Hexadecimal .................................................................................................................................. 32
1.2.9 Boolean or binary logic.................................................................................................................. 35
1.2.10 IP addresses and network masks .................................................................................................... 36
2 CISCO MODUL 2 ....................................................................................................................................... 38
2.1 NETWORK TERMINOLOGY ............................................................................................................ 40
2.1.1 Data networks ................................................................................................................................ 40
2.1.2 Network history ............................................................................................................................. 41
2.1.3 Networking devices ....................................................................................................................... 44
2.1.4 Network Topology ......................................................................................................................... 46
2.1.5 Network protocols.......................................................................................................................... 47
2.1.6 Local-area networks (LANs) ......................................................................................................... 48
2.1.7 Wide-area networks (WANs) ........................................................................................................ 49
2.1.8 Metropolitan-area networks (MANs) ............................................................................................ 50
2.1.9 Storage-area networks (SANs) ...................................................................................................... 50
2.1.10 Virtual private network (VPN) ...................................................................................................... 51
2.1.11 Benefits of VPNs ........................................................................................................................... 52
2.1.12 Intranets and extranets ................................................................................................................... 52
2.2 Bandwidth ............................................................................................................................................. 53
2.2.1 Importance of bandwidth ............................................................................................................... 53
2.2.2 The desktop .................................................................................................................................... 54
2.2.3 Measurement .................................................................................................................................. 55
2.2.4 Limitations ..................................................................................................................................... 55
2.2.5 Throughput..................................................................................................................................... 57
2.2.6 Data transfer calculation ................................................................................................................ 58
2.2.7 Digital versus analog ..................................................................................................................... 59
2.3 Networking Models ............................................................................................................................... 60
2.3.1 Using layers to analyze problems in a flow of materials ............................................................... 60
2.3.2 Using layers to describe data communication ............................................................................... 61
2.3.3 OSI model ...................................................................................................................................... 62
2.3.4 OSI Layers ..................................................................................................................................... 63
2.3.5 Peer-to-peer communications ........................................................................................................ 64
2.3.6 TCP/IP model ................................................................................................................................ 65
2.3.7 Detailed encapsulation process ...................................................................................................... 68
3 CISCO MODUL 3 ....................................................................................................................................... 70
Only for individual use – not for distribute on Internet
3.1 COOPER MEDIA ................................................................................................................................. 70
3.1.1 Atoms and electrons....................................................................................................................... 71
3.1.2 Voltage ........................................................................................................................................... 73
3.1.3 Resistance and Impendance ( Insulators, Conductors, Semiconductors ) ..................................... 74
3.1.4 Current ........................................................................................................................................... 75
3.1.5 Circuits ........................................................................................................................................... 76
3.1.6 Cable specifications ....................................................................................................................... 77
3.1.7 Coaxial cable.................................................................................................................................. 78
3.1.8 STP cable ....................................................................................................................................... 79
3.1.9 UTP cable ...................................................................................................................................... 80
3.2 OPTICAL MEDIA ................................................................................................................................ 82
3.2.1 The electromagnetic spectrum ....................................................................................................... 82
3.2.2 Ray model of light ......................................................................................................................... 84
3.2.3 Reflection ....................................................................................................................................... 85
3.2.4 Refraction....................................................................................................................................... 85
3.2.5 Total internal reflection ................................................................................................................. 86
3.2.6 Multimode fiber ............................................................................................................................. 87
3.2.7 Single-mode fiber .......................................................................................................................... 89
3.2.8 Other optical components .............................................................................................................. 90
3.2.9 Signals and noise in optical fibers ................................................................................................. 92
3.2.10 Installation, care, and testing of optical fiber................................................................................. 93
3.3 Wireless Media...................................................................................................................................... 95
3.3.1 Wireless LAN organizations and standards ................................................................................... 95
3.3.2 Wireless devices and topologies .................................................................................................... 96
3.3.3 How wireless LANs communicate ................................................................................................ 98
3.3.4 Authentication and association ...................................................................................................... 99
3.3.5 The radio wave and microwave spectrums .................................................................................... 99
3.3.6 Signals and noise on a WLAN ..................................................................................................... 101
3.3.7 Wireless security .......................................................................................................................... 102
4 CISCO MODUL 4 ..................................................................................................................................... 104
4.1 Frequency-Based Cable Testing ......................................................................................................... 104
4.1.1 Waves........................................................................................................................................... 105
4.1.2 Sine waves and square waves ...................................................................................................... 106
4.1.3 Exponents and logarithms ............................................................................................................ 107
4.1.4 Decibels ....................................................................................................................................... 108
4.1.5 Time and frequency of signals ..................................................................................................... 108
4.1.6 Analog and digital signals............................................................................................................ 109
4.1.7 Noise in time and frequency ........................................................................................................ 110
4.1.8 Bandwidth .................................................................................................................................... 110
4.2 Signals and Noise ................................................................................................................................ 111
4.2.1 Signals over copper and fiber optic cables .................................................................................. 111
4.2.2 Attenuation and insertion loss on copper media .......................................................................... 112
4.2.3 Sources of noise on copper media ............................................................................................... 113
4.2.4 Types of crosstalk ........................................................................................................................ 114
4.2.5 Cable testing standards ................................................................................................................ 115
4.2.6 Other test parameters ................................................................................................................... 117
4.2.7 Time-based parameters ................................................................................................................ 117
4.2.8 Testing optical fiber ..................................................................................................................... 118
4.2.9 A new standard ............................................................................................................................ 119
5 Cabling LANs and WANs ......................................................................................................................... 121
5.1 Cablings LANs .................................................................................................................................... 123
5.1.1 LAN physical layer ...................................................................................................................... 123
5.1.2 Ethernet in the campus ................................................................................................................. 124
5.1.3 Ethernet media and connector requirements ................................................................................ 124
5.1.4 Connection media ........................................................................................................................ 125

2
Only for individual use – not for distribute on Internet
5.1.5 UTP implementation .................................................................................................................... 126
5.1.6 Repeaters ( first level of OSI model ) .......................................................................................... 128
5.1.7 Hubs ( first level of OSI model ) ................................................................................................. 129
5.1.8 Wireless ....................................................................................................................................... 130
5.1.9 Bridges ( second level of OSI model ) ........................................................................................ 131
5.1.10 Switches ( second level of OSI model ) ....................................................................................... 132
5.1.11 Host connectivity ......................................................................................................................... 134
5.1.12 Peer-to-peer .................................................................................................................................. 134
5.1.13 Client/server ................................................................................................................................. 136
5.1.14 WAN physical laye ...................................................................................................................... 137
5.2 Cabling WANs .................................................................................................................................... 137
5.2.1 WAN physical layer..................................................................................................................... 137
5.2.2 WAN serial connections .............................................................................................................. 138
5.2.3 Routers and serial connections .................................................................................................... 139
5.2.4 Routers and ISDN BRI connections ............................................................................................ 140
5.2.5 Routers and DSL connections...................................................................................................... 141
5.2.6 Routers and cable connections ..................................................................................................... 142
5.2.7 Setting up console connections .................................................................................................... 142
6 Ethernet Fundamentals .............................................................................................................................. 145
6.1 Ethernet Fundamentals ........................................................................................................................ 146
6.1.1 Introduction to Ethernet ............................................................................................................... 146
6.1.2 IEEE Ethernet naming rules ........................................................................................................ 147
6.1.3 Ethernet and the OSI model ......................................................................................................... 148
6.1.4 Naming......................................................................................................................................... 150
6.1.5 Layer 2 framing ........................................................................................................................... 150
6.1.6 Ethernet frame structure............................................................................................................... 152
6.1.7 Ethernet frame fields .................................................................................................................... 153
6.2 Ethernet Operation .............................................................................................................................. 154
6.2.1 MAC ( protocols ) ........................................................................................................................ 154
6.2.2 MAC rules and collision detection/backoff ................................................................................. 155
6.2.3 Ethernet timing ............................................................................................................................ 157
6.2.4 Interframe spacing and backoff ................................................................................................... 158
6.2.5 Error handling .............................................................................................................................. 159
6.2.6 Types of collisions ....................................................................................................................... 160
6.2.7 Ethernet errors.............................................................................................................................. 161
6.2.8 FCS and beyond ........................................................................................................................... 163
6.2.9 Ethernet auto-negotiation ............................................................................................................. 164
6.2.10 Link establishment and full and half duplex ................................................................................ 164
7 CISCO MODUL 7 ..................................................................................................................................... 167
7.1 10-Mbps and 100-Mbps Ethernet ....................................................................................................... 168
7.1.1 10-Mbps Ethernet ........................................................................................................................ 168
7.1.2 10Base5 ........................................................................................................................................ 170
7.1.3 10Base2 ........................................................................................................................................ 171
7.1.4 10 Base-T ..................................................................................................................................... 172
7.1.5 10BASE-T wiring and architecture ............................................................................................. 173
7.1.6 100-Mbps Ethernet ...................................................................................................................... 174
7.1.7 100BASE-TX............................................................................................................................... 175
7.1.8 100BASE-FX ............................................................................................................................... 176
7.1.9 Fast Ethernet architecture ............................................................................................................ 176
7.2 Gigabit and 10-Gigabit Ethernet ......................................................................................................... 177
7.2.1 1000-Mbps Ethernet .................................................................................................................... 177
7.2.2 1000BASE-T ............................................................................................................................... 178
7.2.3 1000BASE-SX and LX ................................................................................................................ 180
7.2.4 Gigabit Ethernet architecture ....................................................................................................... 181
7.2.5 10-Gigabit Ethernet...................................................................................................................... 182

3
Only for individual use – not for distribute on Internet
7.2.6 10-Gigabit Ethernet architectures ................................................................................................ 183
7.2.7 Future of Ethernet ........................................................................................................................ 184
8 CISCO MODUL 8 ..................................................................................................................................... 187
8.1 Ethernet Switching .............................................................................................................................. 187
8.1.1 Layer 2 bridging........................................................................................................................... 188
8.1.2 Layer 2 switching ( look to source address ) ............................................................................... 190
8.1.3 Switch operation .......................................................................................................................... 191
8.1.4 Latency......................................................................................................................................... 192
8.1.5 Switch modes ............................................................................................................................... 192
8.1.6 Spanning-Tree Protocol ............................................................................................................... 193
8.2 Collision Domains and Broadcast Domains ....................................................................................... 194
8.2.1 Shared media environments ......................................................................................................... 194
8.2.2 Collision domains ........................................................................................................................ 195
8.2.3 Segmentation ............................................................................................................................... 198
8.2.4 Layer 2 broadcasts ....................................................................................................................... 200
8.2.5 Broadcast domains ....................................................................................................................... 202
8.2.6 Introduction to data flow.............................................................................................................. 202
8.2.7 What is a network segment? ........................................................................................................ 203
9 CISCO MODUL 9 ..................................................................................................................................... 206
9.1 Introduction to TCP/IP ........................................................................................................................ 208
9.1.1 History and future of TCP/IP ....................................................................................................... 208
9.1.2 Application layer.......................................................................................................................... 209
9.1.3 Transport layer ............................................................................................................................. 209
9.1.4 Internet layer ................................................................................................................................ 210
9.1.5 Network access layer ................................................................................................................... 211
9.1.6 The OSI model and the TCP/IP model ........................................................................................ 212
9.1.7 Internet architecture ..................................................................................................................... 213
9.2 Internet Addresses ............................................................................................................................... 215
9.2.1 IP addressing ................................................................................................................................ 215
9.2.2 Decimal and binary conversion ................................................................................................... 216
9.2.3 IPv4 addressing ............................................................................................................................ 218
9.2.4 Class A, B, C, D, and E IP addresses........................................................................................... 220
9.2.5 Reserved IP addresses .................................................................................................................. 222
9.2.6 Public and private IP addresses ................................................................................................... 227
9.2.7 Introduction to subnetting ............................................................................................................ 229
9.2.8 IPv4 versus IPv6 .......................................................................................................................... 231
9.3 Obtaining an IP address ...................................................................................................................... 233
9.3.1 Obtaining an Internet address ...................................................................................................... 233
9.3.2 Static assignment of an IP address ............................................................................................... 234
9.3.3 RARP IP address assignment ...................................................................................................... 235
9.3.4 BOOTP IP address assignment .................................................................................................... 238
9.3.5 DHCP IP address management .................................................................................................... 244
9.3.6 Problems in address resolution .................................................................................................... 252
9.3.7 Address Resolution Protocol (ARP) ............................................................................................ 253
9.3.8 CSMA/CD ................................................................................................................................... 261
10 CISCO MODUL 10 ................................................................................................................................... 261
10.1 Routed Protocol ............................................................................................................................... 263
10.1.1 Routable and routed protocols ..................................................................................................... 263
10.1.2 IP as a routed protocol ................................................................................................................. 264
10.1.3 Packet propagation and switching within a router ....................................................................... 265
10.1.4 Connectionless and connection-oriented delivery ....................................................................... 267
10.1.5 Anatomy of an IP packet ............................................................................................................. 268
10.2 IP Routing Protocols........................................................................................................................ 269
10.2.1 Routing overview ......................................................................................................................... 269
10.2.2 Routing versus switching ............................................................................................................. 271

4
Only for individual use – not for distribute on Internet
10.2.3 Routed versus routing .................................................................................................................. 273
10.2.4 Path determination ....................................................................................................................... 275
10.2.5 Routing tables .............................................................................................................................. 276
10.2.6 Routing algorithms and metrics ................................................................................................... 277
10.2.7 IGP and EGP ................................................................................................................................ 278
10.2.8 Link state and distance vector ...................................................................................................... 279
10.2.9 Routing protocols ......................................................................................................................... 279
10.3 The Mechanics of Subnetting .......................................................................................................... 280
10.3.1 Classes of network IP addresses .................................................................................................. 280
10.3.2 Introduction to and reason for subnetting .................................................................................... 280
10.3.3 Establishing the subnet mask address .......................................................................................... 281
10.3.4 Applying the subnet mask............................................................................................................ 283
10.3.5 Subnetting Class A and B networks ............................................................................................ 284
10.3.6 Calculating the resident subnetwork through ANDing................................................................ 286
11 CISCO MODUL 11 ................................................................................................................................... 287
11.1 TCP/IP Transport Layer .................................................................................................................. 289
11.1.1 Introduction to the TCP/IP transport layer .................................................................................. 289
11.1.2 Flow control ................................................................................................................................. 290
11.1.3 Session establishment, maintenance, and termination ................................................................. 290
11.1.4 Three-way handshake .................................................................................................................. 292
11.1.5 Windowing................................................................................................................................... 293
11.1.6 Acknowledgment ......................................................................................................................... 294
11.1.7 TCP .............................................................................................................................................. 295
11.1.8 UDP ............................................................................................................................................. 296
11.1.9 TCP and UDP port numbers ........................................................................................................ 297
11.2 The Application Layer ..................................................................................................................... 300
11.2.1 Introduction to the TCP/IP application layer ............................................................................... 300
11.2.2 DNS ............................................................................................................................................. 300
11.2.3 FTP and TFTP ............................................................................................................................. 301
11.2.4 HTTP ........................................................................................................................................... 302
11.2.5 SMTP ........................................................................................................................................... 303
11.2.6 SNMP........................................................................................................................................... 304
11.2.7 TELNET ...................................................................................................................................... 304
12 MODULE 1 ............................................................................................................................................... 308
12.1 WANs .............................................................................................................................................. 308
12.1.1 Introduction to WANs ................................................................................................................. 308
12.1.2 Introduction to routers in a WAN ................................................................................................ 310
12.1.3 Router LANs and WANs ............................................................................................................. 312
12.1.4 Role of routers in a WAN ............................................................................................................ 314
12.1.5 Academy approach to hands-on labs ........................................................................................... 316
12.2 Routers ............................................................................................................................................. 316
12.2.1 Introduction to WANs ................................................................................................................. 316
12.2.2 Router physical characteristics .................................................................................................... 318
12.2.3 Router external connections......................................................................................................... 319
12.2.4 Management port connections ..................................................................................................... 319
12.2.5 Console port connections ............................................................................................................. 320
12.2.6 Connecting router LAN interfaces ............................................................................................... 321
12.2.7 Connecting WAN interfaces ( I and II OSI Layer ) .................................................................... 322
12.2.8 Module-1 Summary ..................................................................................................................... 324
13 MODULE 2 ............................................................................................................................................... 325
13.1 Operating Cisco IOS Software ........................................................................................................ 325
13.1.1 The purpose of Cisco IOS software ( IOS = Operating system for Routers ) .......................... 327
13.1.2 Router user interface .................................................................................................................... 328
13.1.3 Router user interface modes ........................................................................................................ 328
13.1.4 Cisco IOS software features ........................................................................................................ 329

5
Only for individual use – not for distribute on Internet
13.1.5 Operation of Cisco IOS software ................................................................................................. 332
13.2 Starting a Router .............................................................................................................................. 333
13.2.1 Initial startup of Cisco routers ..................................................................................................... 333
13.2.2 Router LED indicators ................................................................................................................. 335
13.2.3 The initial Router bootup ............................................................................................................. 335
13.2.4 Establish a console session .......................................................................................................... 337
13.2.5 Router login ................................................................................................................................. 337
13.2.6 Keyboard help in the router CLI .................................................................................................. 338
13.2.7 Enhanced editing commands ....................................................................................................... 343
13.2.8 Router command history.............................................................................................................. 343
13.2.9 Troubleshooting command line errors ......................................................................................... 344
13.2.10 The show version command..................................................................................................... 345
13.2.11 Module 2. Summary ................................................................................................................ 346
14 MODULE 3 ............................................................................................................................................... 347
14.1 Configure a Router .......................................................................................................................... 348
14.1.1 CLI command modes ................................................................................................................... 348
14.1.2 Configuring a router name ........................................................................................................... 349
14.1.3 Configuring router passwords ...................................................................................................... 349
14.1.4 Examining the show commands .................................................................................................. 350
14.1.5 Configuring a serial interface ...................................................................................................... 352
14.1.6 Making configuration changes..................................................................................................... 353
14.1.7 Configuring an Ethernet interface................................................................................................ 354
14.2 Finishing the Configuration ............................................................................................................. 355
14.2.1 Importance of configuration standards ........................................................................................ 355
14.2.2 Interface descriptions ................................................................................................................... 355
14.2.3 Configuring an interface description ........................................................................................... 355
14.2.4 Login banners .............................................................................................................................. 356
14.2.5 Configuring message-of-the-day (MOTD) .................................................................................. 357
14.2.6 Host name resolution ................................................................................................................... 357
14.2.7 Configuring host tables ................................................................................................................ 358
14.2.8 Configuration backup and documentation ................................................................................... 359
14.2.9 Backing up configuration files ..................................................................................................... 359
14.2.10 Module 3. Summary ................................................................................................................. 361
15 MODULE 4 ............................................................................................................................................... 361
15.1 Discovering and Connecting to Neighbors...................................................................................... 362
15.1.1 Introduction to CDP ..................................................................................................................... 362
15.1.2 Information obtained with CDP................................................................................................... 362
15.1.3 Implementation, monitoring, and maintenance of CDP .............................................................. 363
15.1.4 Creating a network map of the environment ............................................................................... 366
15.1.5 Disabling CDP ............................................................................................................................. 366
15.1.6 Troubleshooting CDP .................................................................................................................. 367
15.2 Getting Information about Remote Devices .................................................................................... 372
15.2.1 Telnet ........................................................................................................................................... 372
15.2.2 Establishing and verifying a Telnet connection ........................................................................... 373
15.2.3 Disconnecting and suspending Telnet sessions ........................................................................... 374
15.2.4 Advanced Telnet operation .......................................................................................................... 375
15.2.5 Alternative connectivity tests....................................................................................................... 376
15.2.6 Troubleshooting IP addressing issues .......................................................................................... 378
15.2.7 Summary ...................................................................................................................................... 378
16 MODULE 5 ............................................................................................................................................... 379
16.1 Router Boot Sequence and Verification .......................................................................................... 379
16.1.1 Stages of the router power-on boot sequence .............................................................................. 379
16.1.2 How a Cisco device locates and loads IOS.................................................................................. 380
16.1.3 Using the boot system command ................................................................................................. 381
16.1.4 Configuration register .................................................................................................................. 382

6
Only for individual use – not for distribute on Internet
16.1.5 Troubleshooting IOS boot failure ................................................................................................ 383
16.2 Managing the Cisco File System ..................................................................................................... 384
16.2.1 IOS file system overview ............................................................................................................. 384
16.2.2 The IOS naming convention ........................................................................................................ 386
16.2.3 Managing configuration files using TFTP ................................................................................... 387
16.2.4 Managing configuration files using copy and paste .................................................................... 388
16.2.5 Managing IOS images using TFTP ............................................................................................. 390
16.2.6 Managing IOS images using Xmodem ........................................................................................ 391
16.2.7 Environment variables ................................................................................................................. 393
16.2.8 File system verification ................................................................................................................ 395
16.2.9 Summary ...................................................................................................................................... 396
17 MODULE 6 ............................................................................................................................................... 397
17.1 Introduction to Static Routing ......................................................................................................... 397
17.1.1 Introduction to routing ................................................................................................................. 397
17.1.2 Static route operation ................................................................................................................... 398
17.1.3 Configuring static routes .............................................................................................................. 400
17.1.4 Configuring default route forwarding .......................................................................................... 402
17.1.5 Verifying static route configuration ............................................................................................. 403
17.1.6 Troubleshooting static route configuration .................................................................................. 404
17.2 Dynamic Routing Overview ............................................................................................................ 406
17.2.1 Introduction to routing protocols ................................................................................................. 406
17.2.2 Autonomous systems ................................................................................................................... 407
17.2.3 Purpose of a routing protocol and autonomous systems.............................................................. 408
17.2.4 Identifying the classes of routing protocols ................................................................................. 408
17.2.5 Distance vector routing protocol features .................................................................................... 409
17.2.6 Link-state routing protocol features ............................................................................................. 411
17.3 Routing Protocols Overview ........................................................................................................... 413
17.3.1 Path determination ....................................................................................................................... 413
17.3.2 Routing configuration .................................................................................................................. 416
17.3.3 Routing protocols ......................................................................................................................... 417
17.3.4 IGP versus EGP ........................................................................................................................... 418
17.3.5 Summary ...................................................................................................................................... 420
18 MODULE 7 ............................................................................................................................................... 421
18.1 Distance Vector Routing ................................................................................................................. 421
18.1.1 Distance vector routing updates ................................................................................................... 421
18.1.2 Distance vector routing loop issues ............................................................................................. 422
18.1.3 Defining a maximum count ......................................................................................................... 423
18.1.4 Elimination routing loops through split-horizon ......................................................................... 424
18.1.5 Route poisoning ........................................................................................................................... 425
18.1.6 Avoiding routing loops with triggered updates ........................................................................... 426
18.1.7 Preventing routing loops with holddown timers .......................................................................... 427
18.2 RIP ................................................................................................................................................... 428
18.2.1 RIP routing process ...................................................................................................................... 428
18.2.2 Configuring RIP ........................................................................................................................... 428
18.2.3 Using the ip classless command .................................................................................................. 430
18.2.4 Common RIP configuration issues .............................................................................................. 431
18.2.5 Verifying RIP configuration ........................................................................................................ 434
18.2.6 Troubleshooting RIP update issues.............................................................................................. 436
18.2.7 Preventing routing updates through an interface ......................................................................... 438
18.2.8 Load balancing with RIP ............................................................................................................. 438
18.2.9 Load balancing across multiple paths .......................................................................................... 439
18.2.10 Integrating static routes with RIP ............................................................................................. 441
18.3 IGRP ................................................................................................................................................ 443
18.3.1 IGRP features ............................................................................................................................... 443
18.3.2 IGRP metrics................................................................................................................................ 444

7
Only for individual use – not for distribute on Internet
18.3.3 IGRP routes.................................................................................................................................. 446
18.3.4 IGRP stability features ................................................................................................................. 446
18.3.5 Configuring IGRP ........................................................................................................................ 448
18.3.6 Migrating RIP to IGRP ................................................................................................................ 448
18.3.7 Verifying IGRP configuration ..................................................................................................... 452
18.3.8 Troubleshooting IGRP ................................................................................................................. 454
18.3.9 Summary ...................................................................................................................................... 457
19 MODULE 8 ............................................................................................................................................... 458
19.1 Overview of TCP/IP Error Message................................................................................................ 458
19.1.1 ICMP ............................................................................................................................................ 458
19.1.2 Error reporting and error correction............................................................................................. 459
19.1.3 ICMP message delivery ............................................................................................................... 460
19.1.4 Unreachable networks.................................................................................................................. 460
19.1.5 Use ping to test destination reachability ...................................................................................... 462
19.1.6 Detecting excessively long routes................................................................................................ 464
19.1.7 Echo messages ............................................................................................................................. 464
19.1.8 Destination unreachable message ................................................................................................ 465
19.1.9 Miscellaneous error reporting ...................................................................................................... 467
19.2 TCP/IP Suite Control Messages ...................................................................................................... 467
19.2.1 Introduction to control messages ................................................................................................. 467
19.2.2 ICMP redirect/change requests .................................................................................................... 468
19.2.3 Clock synchronization and transit time estimation ...................................................................... 470
19.2.4 Information requests and reply message formats ........................................................................ 471
19.2.5 Address mask requests ................................................................................................................. 471
19.2.6 Router discovery message ........................................................................................................... 473
19.2.7 Router solicitation message ......................................................................................................... 474
19.2.8 Congestion and flow control messages ........................................................................................ 475
19.2.9 Summary ...................................................................................................................................... 475
20 MODULE 9 ............................................................................................................................................... 476
20.1 Examining the Routing Table .......................................................................................................... 477
20.1.1 The show ip route command ........................................................................................................ 477
20.1.2 Determining the gateway of last resort ........................................................................................ 479
20.1.3 Determining route source and destination ................................................................................... 481
20.1.4 Determining L2 and L3 addresses ............................................................................................... 482
20.1.5 Determining the route administrative distance ............................................................................ 484
20.1.6 Determining the route metric ....................................................................................................... 485
20.1.7 Determining the route next hop ................................................................................................... 486
20.1.8 Determining the last routing update............................................................................................. 488
20.1.9 Observing multiple paths to destination ...................................................................................... 489
20.2 Network Testing .............................................................................................................................. 490
20.2.1 Introduction to network testing .................................................................................................... 490
20.2.2 Using a structured approach to troubleshooting .......................................................................... 491
20.2.3 Testing by OSI layers .................................................................................................................. 493
20.2.4 Layer 1 troubleshooting using indicators..................................................................................... 494
20.2.5 Layer 3 troubleshooting using ping ............................................................................................. 495
20.2.6 Layer 7 troubleshooting using Telnet .......................................................................................... 496
20.3 Troubleshooting Router Issues Overview ....................................................................................... 497
20.3.1 Troubleshooting Layer 1 using show interfaces .......................................................................... 497
20.3.2 Troubleshooting Layer 2 using show interfaces .......................................................................... 500
20.3.3 Troubleshooting using show cdp ................................................................................................. 501
20.3.4 Troubleshooting using traceroute ................................................................................................ 503
20.3.5 Troubleshooting routing issues .................................................................................................... 504
20.3.6 Troubleshooting using show controllers ...................................................................................... 505
20.3.7 Introduction to debug ................................................................................................................... 506
20.3.8 Summary ...................................................................................................................................... 509

8
Only for individual use – not for distribute on Internet
21 MODULE 10 ............................................................................................................................................. 510
21.1 TCP Operation ................................................................................................................................. 510
21.1.1 TCP operation .............................................................................................................................. 510
21.1.2 Synchronization or three-way handshake .................................................................................... 511
21.1.3 Denial of service attacks .............................................................................................................. 512
21.1.4 Windowing and window size....................................................................................................... 513
21.1.5 Sequencing numbers .................................................................................................................... 514
21.1.6 Positive acknowledgments........................................................................................................... 515
21.1.7 UDP operation ............................................................................................................................. 517
21.2 Overview of Transport Layer Ports ................................................................................................. 518
21.2.1 Multiple conversations between hosts ......................................................................................... 518
21.2.2 Ports for services .......................................................................................................................... 520
21.2.3 Ports for clients ............................................................................................................................ 522
21.2.4 Port numbering and well-known port numbers ........................................................................... 522
21.2.5 Example of multiple sessions between hosts ............................................................................... 523
21.2.6 Comparison of MAC addresses, IP addresses, and port numbers ............................................... 523
21.2.7 Summary ...................................................................................................................................... 524
22 MODULE 11 ............................................................................................................................................. 525
22.1 Access Control List Fundamentals .................................................................................................. 525
22.1.1 Introduction to ACLs ................................................................................................................... 525
22.1.2 How ACLs work .......................................................................................................................... 527
22.1.3 Creating ACLs ............................................................................................................................. 529
22.1.4 The function of a wildcard mask ................................................................................................. 531
22.1.5 Verifying ACLs ........................................................................................................................... 538
22.2 Access Control Lists (ACLs)........................................................................................................... 539
22.2.1 Standard ACLs ............................................................................................................................. 539
22.2.2 Extended ACLs ............................................................................................................................ 542
22.2.3 Named ACLs ............................................................................................................................... 549
22.2.4 Placing ACLs ............................................................................................................................... 551
22.2.5 Firewalls....................................................................................................................................... 555
22.2.6 Restricting virtual terminal access ............................................................................................... 555
22.2.7 Summary ...................................................................................................................................... 556
23 MODULE 1 ............................................................................................................................................... 558
23.1 VLSM .............................................................................................................................................. 558
23.1.1 What is VLSM and why is it used? ............................................................................................. 558
23.1.2 A waste of space .......................................................................................................................... 560
23.1.3 When to use VLSM ..................................................................................................................... 561
23.1.4 Calculating subnets with VLSM .................................................................................................. 563
23.1.5 Route aggregation with VLSM .................................................................................................... 566
23.1.6 Configuring VLSM ...................................................................................................................... 567
23.2 RIP version 2 ................................................................................................................................... 571
23.2.1 RIP history ................................................................................................................................... 571
23.2.2 RIP v2 features............................................................................................................................. 572
23.2.3 Comparing RIP v1 and v2 ........................................................................................................... 572
23.2.4 Configuring RIP v2 ...................................................................................................................... 574
23.2.5 Verifying RIP v2 .......................................................................................................................... 577
23.2.6 Troubleshooting RIP v2 ............................................................................................................... 578
23.2.7 Default routes ............................................................................................................................... 579
23.2.8 Module Summary ........................................................................................................................ 581
24 MODULE 2 ............................................................................................................................................... 582
24.1 Link-state Routing protocol ............................................................................................................. 583
24.1.1 Overview of link-state routing ..................................................................................................... 583
24.1.2 Link-state routing protocol features ............................................................................................. 584
24.1.3 How routing information is maintained ....................................................................................... 585
24.1.4 Link-state routing algorithms....................................................................................................... 586

9
Only for individual use – not for distribute on Internet
24.1.5 Advantages and disadvantages of link-state routing.................................................................... 588
24.1.6 Compare and contrast distance vector and link-state routing ...................................................... 588
24.2 Single-Area OSPF Concepts ........................................................................................................... 589
24.2.1 OSPF overview ............................................................................................................................ 589
24.2.2 OSPF terminology ....................................................................................................................... 591
24.2.3 Comparing OSPF with distance vector routing protocols ........................................................... 594
24.2.4 Shortest path algorithm ................................................................................................................ 597
24.2.5 OSPF network types .................................................................................................................... 598
24.2.6 OSPF Hello protocol .................................................................................................................... 600
24.2.7 Steps in the operation of OSPF .................................................................................................... 601
24.3 Single-Area OSPF Configuration .................................................................................................... 603
24.3.1 Configuring OSPF routing process .............................................................................................. 603
24.3.2 Configuring OSPF loopback address and router priority ............................................................ 604
24.3.3 Modifying OSPF cost metric ....................................................................................................... 607
24.3.4 Configuring OSPF authentication................................................................................................ 607
24.3.5 Configuring OSPF timers ............................................................................................................ 609
24.3.6 OSPF, propagating a default route ............................................................................................... 609
24.3.7 Common OSPF configuration issues ........................................................................................... 610
24.3.8 Verifying the OSPF configuration ............................................................................................... 611
24.3.9 Module Summary ........................................................................................................................ 611
25 MODULE 3 ............................................................................................................................................... 613
25.1.1 Comparing EIGRP and IGRP ...................................................................................................... 614
25.1.2 EIGRP concepts and terminology................................................................................................ 616
25.1.3 EIGRP design features ................................................................................................................. 621
25.1.4 EIGRP technologies ..................................................................................................................... 622
25.1.5 EIGRP data structure ................................................................................................................... 624
25.1.6 EIGRP algorithm ......................................................................................................................... 626
25.2 EIGRP Configuration ...................................................................................................................... 631
25.2.1 Configuring EIGRP ..................................................................................................................... 631
25.2.2 Configuring EIGRP summarization ............................................................................................ 632
25.2.3 Verifying basic EIGRP ................................................................................................................ 634
25.2.4 Building neighbor tables .............................................................................................................. 635
25.2.5 Discover routes ............................................................................................................................ 636
25.2.6 Select routes ................................................................................................................................. 637
25.2.7 Maintaining routing tables ........................................................................................................... 639
25.3 Troubleshooting Routing Protocols ................................................................................................. 641
25.3.1 Routing protocol troubleshooting process ................................................................................... 641
25.3.2 Troubleshooting RIP configuration ............................................................................................. 643
25.3.3 Troubleshooting IGRP configuration .......................................................................................... 644
25.3.4 Troubleshooting EIGRP configuration ........................................................................................ 646
25.3.5 Troubleshooting OSPF configuration .......................................................................................... 648
25.3.6 Module Summary ........................................................................................................................ 649
26 MODULE 4 ............................................................................................................................................... 651
26.1 Introduction to Ethernet/802.3 LANs .............................................................................................. 652
26.1.1 Ethernet/802.3 LAN development ............................................................................................... 652
26.1.2 Factors that impact network performance ................................................................................... 655
26.1.3 Elements of Ethernet/802.3 networks .......................................................................................... 655
26.1.4 Half-duplex networks .................................................................................................................. 657
26.1.5 Network congestion ..................................................................................................................... 657
26.1.6 Network latency ........................................................................................................................... 659
26.1.7 Ethernet 10BASE-T transmission time........................................................................................ 659
26.1.8 The benefits of using repeaters .................................................................................................... 660
26.1.9 Full-duplex transmitting .............................................................................................................. 661
26.2 Introduction to LAN Switching ....................................................................................................... 661
26.2.1 LAN segmentation ....................................................................................................................... 661

10
Only for individual use – not for distribute on Internet
26.2.2 LAN segmentation with bridges .................................................................................................. 662
26.2.3 LAN segmentation with routers ................................................................................................... 664
26.2.4 LAN segmentation with switches ................................................................................................ 665
26.2.5 Basic operations of a switch ........................................................................................................ 666
26.2.6 Ethernet switch latency ................................................................................................................ 668
26.2.7 Layer 2 and Layer 3 switching .................................................................................................... 669
26.2.8 Symmetric and asymmetric switching ......................................................................................... 670
26.2.9 Memory buffering ........................................................................................................................ 672
26.2.10 Two switching methods ........................................................................................................... 672
26.3 Switch Operation ............................................................................................................................. 674
26.3.1 Functions of Ethernet switches .................................................................................................... 674
26.3.2 Frame transmission modes........................................................................................................... 678
26.3.3 How switches and bridges learn addresses .................................................................................. 679
26.3.4 How switches and bridges filter frames ....................................................................................... 680
26.3.5 Why segment LANs? ................................................................................................................... 681
26.3.6 Microsegmentation implementation ............................................................................................ 683
26.3.7 Switches and collision domains ................................................................................................... 685
26.3.8 Switches and broadcast domains ................................................................................................. 687
26.3.9 Communication between switches and workstations .................................................................. 689
26.3.10 Module Summary ..................................................................................................................... 691
27 MODULE 5 ............................................................................................................................................... 692
27.1 LAN design goals ............................................................................................................................ 692
27.1.1 LAN design goals ........................................................................................................................ 692
27.1.2 LAN design considerations .......................................................................................................... 693
27.1.3 LAN design methodology ............................................................................................................ 695
27.1.4 Layer 1 design .............................................................................................................................. 700
27.1.5 Layer 2 design .............................................................................................................................. 704
27.1.6 Layer 3 design .............................................................................................................................. 708
27.2 LAN Switches ................................................................................................................................. 711
27.2.1 Switched LANs, access layer overview ....................................................................................... 711
27.2.2 Access layer switches .................................................................................................................. 712
27.2.3 Distribution layer overview ......................................................................................................... 713
27.2.4 Distribution layer switches .......................................................................................................... 714
27.2.5 Core layer overview ..................................................................................................................... 715
27.2.6 Core layer switches ...................................................................................................................... 715
27.2.7 Module Summary ........................................................................................................................ 716
28 MODULE 6 ............................................................................................................................................... 718
28.1 Starting the Switch .......................................................................................................................... 719
28.1.1 Physical startup of the Catalyst switch ........................................................................................ 719
28.1.2 Switch LED indicators ................................................................................................................. 719
28.1.3 Verifying port LEDs during switch POST .................................................................................. 720
28.1.4 Viewing initial bootup output from the switch ............................................................................ 721
28.1.5 Examining help in the switch CLI ............................................................................................... 724
28.1.6 Switch command modes .............................................................................................................. 725
28.2 Configuring the Switch.................................................................................................................... 726
28.2.1 Verifying the Catalyst switch default configuration .................................................................... 726
28.2.2 Configuring the Catalyst switch .................................................................................................. 730
28.2.3 Managing the MAC address table ............................................................................................... 732
28.2.4 Configuring static MAC addresses .............................................................................................. 734
28.2.5 Configuring port security ............................................................................................................. 735
28.2.6 Executing adds, moves, and changes ........................................................................................... 736
28.2.7 Managing switch operating system file ....................................................................................... 737
28.2.8 1900/2950 password recovery ..................................................................................................... 737
28.2.9 1900/2950 firmware upgrade ....................................................................................................... 737
28.2.10 Module Summary ..................................................................................................................... 738

11
Only for individual use – not for distribute on Internet
29 MODULE 7 ............................................................................................................................................... 739
29.1 Redundant Topologies ..................................................................................................................... 739
29.1.1 Redundancy ................................................................................................................................. 739
29.1.2 Redundant topologies .................................................................................................................. 740
29.1.3 Redundant switched topologies ................................................................................................... 742
29.1.4 Broadcast storms .......................................................................................................................... 743
29.1.5 Multiple frame transmissions....................................................................................................... 744
29.1.6 Media access control database instability .................................................................................... 744
29.2 Spanning-Tree Protocol ................................................................................................................... 745
29.2.1 Redundant topology and spanning tree ........................................................................................ 745
29.2.2 Spanning-tree protocol ................................................................................................................. 746
29.2.3 Spanning-tree operation ............................................................................................................... 748
29.2.4 Selecting the root bridge .............................................................................................................. 748
29.2.5 Stages of spanning-tree port states............................................................................................... 750
29.2.6 Spanning-tree recalculation ......................................................................................................... 751
29.2.7 Rapid spanning-tree protocol ....................................................................................................... 752
29.2.8 Summary ...................................................................................................................................... 753
30 MODULE 8 ............................................................................................................................................... 754
30.1 VLAN Concepts .............................................................................................................................. 755
30.1.1 VLAN introduction ...................................................................................................................... 755
30.1.2 Broadcast domains with VLANs and routers .............................................................................. 757
30.1.3 VLAN operation .......................................................................................................................... 759
30.1.4 Benefits of VLANs ...................................................................................................................... 762
30.1.5 VLAN types ................................................................................................................................. 763
30.2 VLAN Configuration....................................................................................................................... 765
30.2.1 VLAN basics................................................................................................................................ 765
30.2.2 Geographic VLANs ..................................................................................................................... 766
30.2.3 Configuring static VLANs ........................................................................................................... 767
30.2.4 Verifying VLAN configuration ................................................................................................... 768
30.2.5 Saving VLAN configuration ........................................................................................................ 770
30.2.6 Deleting VLANs .......................................................................................................................... 771
30.3 Troubleshooting VLANs ................................................................................................................. 772
30.3.1 Overview ...................................................................................................................................... 772
30.3.2 VLAN troubleshooting process ................................................................................................... 773
30.3.3 Preventing broadcast storms ........................................................................................................ 774
30.3.4 Troubleshooting VLANs ............................................................................................................. 776
30.3.5 VLAN troubleshooting scenarios ................................................................................................ 779
30.3.6 Summary ...................................................................................................................................... 781
31 MODULE 9 ............................................................................................................................................... 783
31.1 Trunking .......................................................................................................................................... 784
31.1.1 History of trunking....................................................................................................................... 784
31.1.2 Trunking concepts........................................................................................................................ 785
31.1.3 Trunking operation ...................................................................................................................... 786
31.1.4 VLANs and Trunking .................................................................................................................. 788
31.1.5 Trunking implementation ............................................................................................................ 789
31.2 VTP.................................................................................................................................................. 789
31.2.1 History of VTP............................................................................................................................. 789
31.2.2 VTP concepts ............................................................................................................................... 790
31.2.3 VTP operation .............................................................................................................................. 790
31.2.4 VTP implementation .................................................................................................................... 792
31.2.5 VTP configuration ....................................................................................................................... 795
31.3 Inter-VLAN Routing Overview ...................................................................................................... 797
31.3.1 VLAN basics................................................................................................................................ 797
31.3.2 Introducing inter-VLAN routing ................................................................................................. 799
31.3.3 Inter-VLAN issues and solutions................................................................................................. 800

12
Only for individual use – not for distribute on Internet
31.3.4 Physical and logical interfaces ..................................................................................................... 802
31.3.5 Dividing physical interfaces into subinterfaces ........................................................................... 803
31.3.6 Configuring inter-VLAN routing................................................................................................. 805
VLAN trunking mode ( five - 5 mode ) ..................................................................................................... 807
9.3.8 Summary .................................................................................................................................... 807
32 MODULE 1 ............................................................................................................................................... 835
32.1 Scaling IP Addresses ....................................................................................................................... 836
32.1.1 Private addressing ........................................................................................................................ 836
32.1.2 Introducing NAT and PAT .......................................................................................................... 836
32.1.3 Major NAT and PAT features ..................................................................................................... 838
32.1.4 Configuring NAT and PAT ......................................................................................................... 840
32.1.5 Verifying PAT configuration ....................................................................................................... 845
32.1.6 Troubleshooting NAT and PAT configuration ............................................................................ 847
32.1.7 Issues with NAT .......................................................................................................................... 848
32.2 DHCP .............................................................................................................................................. 850
32.2.1 Introducing DHCP ....................................................................................................................... 850
32.2.2 BOOTP and DHCP differences ................................................................................................... 852
32.2.3 Major DHCP features .................................................................................................................. 852
32.2.4 DHCP operation ........................................................................................................................... 853
32.2.5 Configuring DHCP ...................................................................................................................... 855
32.2.6 Verifying DHCP operation .......................................................................................................... 856
32.2.7 Troubleshooting DHCP ............................................................................................................... 857
32.2.8 DHCP Relay ................................................................................................................................ 857
32.2.9 Summary ...................................................................................................................................... 860
33 MODULE 2 ............................................................................................................................................... 861
33.1 WAN Technologies ......................................................................................................................... 861
33.1.1 WAN technology ......................................................................................................................... 861
33.1.2 WAN devices ............................................................................................................................... 864
33.1.3 WAN Standards ........................................................................................................................... 865
33.1.4 WAN encapsulation ..................................................................................................................... 867
33.1.5 Packet and circuit switching ........................................................................................................ 868
33.1.6 WAN link options ........................................................................................................................ 871
33.2 WAN Technologies ......................................................................................................................... 872
33.2.1 Analog dialup ............................................................................................................................... 872
33.2.2 ISDN ............................................................................................................................................ 873
33.2.3 Leased line ................................................................................................................................... 874
33.2.4 X.25.............................................................................................................................................. 875
33.2.5 Frame Relay ................................................................................................................................. 876
33.2.6 ATM Asynchronous Transfer Mode............................................................................................ 877
33.2.7 DSL Digital Subscriber Line ....................................................................................................... 877
33.2.8 Cable modem ............................................................................................................................... 879
33.3 WAN Design ................................................................................................................................... 881
33.3.1 WAN communication .................................................................................................................. 881
33.3.2 Steps in WAN design ................................................................................................................... 883
33.3.3 How to identify and select networking capabilities ..................................................................... 885
33.3.4 Three-layer design model ............................................................................................................ 887
33.3.5 Other layered design models........................................................................................................ 889
33.3.6 Other WAN design considerations .............................................................................................. 890
33.3.7 Summary ...................................................................................................................................... 891
34 MODULE 3 ............................................................................................................................................... 892
34.1 PPP .................................................................................................................................................. 893
34.1.1 Introduction to serial communication .......................................................................................... 893
34.1.2 Time-division multiplexing TDM ............................................................................................... 893
34.1.3 Demarcation point........................................................................................................................ 894
34.1.4 DTE/DCE..................................................................................................................................... 895

13
Only for individual use – not for distribute on Internet
34.1.5 HDLC encapsulation.................................................................................................................... 896
34.1.6 Configuring HDLC encapsulation ............................................................................................... 897
34.1.7 Troubleshooting a serial interface................................................................................................ 898
34.2 PPP Authentication.......................................................................................................................... 902
34.2.1 PPP layered architecture .............................................................................................................. 902
34.2.2 Establishing a PPP session........................................................................................................... 905
34.2.3 PPP authentication protocols ....................................................................................................... 907
34.2.4 Password Authentication Protocol (PAP) .................................................................................... 908
34.2.5 Challenge Handshake Authentication Protocol (CHAP) ............................................................. 909
34.2.6 PPP encapsulation and authentication process ............................................................................ 910
34.3 Configuring PPP .............................................................................................................................. 912
34.3.1 Introduction to configuring PPP .................................................................................................. 912
34.3.2 Configuring PPP .......................................................................................................................... 913
34.3.3 Configuring PPP authentication................................................................................................... 914
34.3.4 Verifying the serial PPP encapsulation configuration ................................................................. 916
34.3.5 Troubleshooting the serial encapsulation configuration .............................................................. 917
34.3.6 Summary ...................................................................................................................................... 918
35 MODULE 4 ............................................................................................................................................... 919
35.1 ISDN Concepts ................................................................................................................................ 919
35.1.1 Introducing ISDN ........................................................................................................................ 919
35.1.2 ISDN standards and access methods ........................................................................................... 921
35.1.3 ISDN 3-layer model and protocols .............................................................................................. 923
35.1.4 ISDN functions ............................................................................................................................ 925
35.1.5 ISDN reference points ................................................................................................................. 928
35.1.6 Determining the router ISDN interface ....................................................................................... 930
35.1.7 ISDN switch types ....................................................................................................................... 932
35.2 ISDN Configuration ........................................................................................................................ 933
35.2.1 Configuring ISDN BRI ................................................................................................................ 933
35.2.2 Configuring ISDN PRI ................................................................................................................ 935
35.2.3 Verifying ISDN configuration ..................................................................................................... 937
35.2.4 Troubleshooting the ISDN configuration .................................................................................... 939
35.3 DDR Configuration ......................................................................................................................... 940
35.3.1 DDR operation ............................................................................................................................. 940
35.3.2 Configuring legacy DDR ............................................................................................................. 942
35.3.3 Defining static routes for DDR .................................................................................................... 943
35.3.4 Specifying interesting traffic for DDR ........................................................................................ 944
35.3.5 Configuring DDR dialer information .......................................................................................... 944
35.3.6 Dialer profiles .............................................................................................................................. 947
35.3.7 Configuring dialer profiles........................................................................................................... 949
35.3.8 Verifying DDR configuration ...................................................................................................... 950
35.3.9 Troubleshooting the DDR configuration ..................................................................................... 952
35.3.10 Summary .................................................................................................................................. 955
36 MODULE 5 ............................................................................................................................................... 956
36.1 Frame Relay Concepts ..................................................................................................................... 956
36.1.1 Introducing Frame Relay ............................................................................................................. 956
36.1.2 Frame Relay terminology ............................................................................................................ 959
36.1.3 Frame Relay stack layered support .............................................................................................. 961
36.1.4 Frame Relay bandwidth and flow control.................................................................................... 961
36.1.5 Frame Relay address mapping and topology ............................................................................... 965
36.1.6 Frame Relay LMI ( Local Management Interface ) ..................................................................... 967
36.1.7 Stages of Inverse ARP and LMI operation .................................................................................. 968
36.2 Configuring Frame Relay ................................................................................................................ 970
36.2.1 Configuring basic Frame Relay ................................................................................................... 970
36.2.2 Configuring a static Frame Relay map ........................................................................................ 972
36.2.3 Reachability issues with routing updates in NBMA .................................................................... 972

14
Only for individual use – not for distribute on Internet
36.2.4 Frame Relay subinterfaces ........................................................................................................... 974
36.2.5 Configuring Frame Relay subinterfaces ...................................................................................... 975
36.2.6 Verifying the Frame Relay configuration .................................................................................... 976
36.2.7 Troubleshooting the Frame Relay configuration ......................................................................... 979
36.2.8 Summary ...................................................................................................................................... 979
37 MODULE 6 ............................................................................................................................................... 981
37.1 Workstations and Servers ................................................................................................................ 981
37.1.1 Workstations ................................................................................................................................ 981
37.1.2 Servers ......................................................................................................................................... 983
37.1.3 Client-server relationship ............................................................................................................. 985
37.1.4 Introduction to NOS..................................................................................................................... 986
37.1.5 Microsoft NT, 2000, and .NET .................................................................................................... 988
37.1.6 UNIX, Sun, HP, and LINUX ....................................................................................................... 989
37.1.7 Apple............................................................................................................................................ 992
37.1.8 Concept of service on servers ...................................................................................................... 992
37.2 Network Managment ....................................................................................................................... 995
37.2.1 Introduction to network management .......................................................................................... 995
37.2.2 OSI and network management model .......................................................................................... 997
37.2.3 SNMP and CMIP standards ......................................................................................................... 998
37.2.4 SNMP operation .......................................................................................................................... 999
37.2.5 Structure of management information and MIBs ...................................................................... 1003
37.2.6 SNMP protocol .......................................................................................................................... 1004
37.2.7 Configuring SNMP .................................................................................................................... 1008
37.2.8 RMON ....................................................................................................................................... 1009
37.2.9 Syslog......................................................................................................................................... 1011
37.2.10 Summary ................................................................................................................................ 1013

15
Only for individual use – not for distribute on Internet
Autor ovog materijala_ Ivan Cindric www.ic.ims.hr

Ovaj material namijenjen je za osobnu upotrebu i nitko nema dozvolu da


ga distribuira putem interneta za download

1 CISCO MODUL 1

OVERVIEW

To understand the role that computers play in a networking system, consider the Internet. Internet connections
are essential for businesses and education. Careful planning is required to build a network that will connect to
the Internet. Even for an individual personal computer (PC) to connect to the Internet, some planning and
decisions are required. Computer resources must be considered for Internet connection. This includes the type
of device that connects the PC to the Internet, such as a network interface card (NIC) or modem. Protocols, or
rules, must be configured before a computer can connect to the Internet. Proper selection of a Web browser is
also important.

This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams.

Students who complete this lesson should be able to perform the following tasks:

 Understand the physical connections needed for a computer to connect to the Internet
 Recognize the components of a computer
 Install and troubleshoot NICs and modems
 Configure the set of protocols needed for Internet connection
 Use basic procedures to test an Internet connection
 Demonstrate a basic ability to use Web browsers and plug-ins

Introduction to Networking

CCNA 640-801 Exam

16
Only for individual use – not for distribute on Internet

ICNA 640-811 Exam

INTRO 640-821 Exam

1.1 Connecting to the Internet

1.1.1 Requirements for Internet connection


This page will describe the physical and logical requirements for an Internet connection.

17
Only for individual use – not for distribute on Internet
The Internet is the largest data network on earth. The Internet consists of many large and small networks that
are interconnected. Individual computers are the sources and destinations of information through the Internet.
Connection to the Internet can be broken down into the physical connection, the logical connection, and
applications.

A physical connection is made by connecting an adapter card, such as a modem or a NIC, from a PC to a
network. The physical connection is used to transfer signals between PCs within the local-area network (LAN)
and to remote devices on the Internet.

The logical connection uses standards called protocols. A protocol is a formal description of a set of rules and
conventions that govern how devices on a network communicate. Connections to the Internet may use multiple
protocols. The Transmission Control Protocol/Internet Protocol (TCP/IP) suite is the primary set of protocols
used on the Internet. The TCP/IP suite works together to transmit and receive data, or information.

The last part of the connection are the applications, or software programs, that interpret and display data in an
understandable form. Applications work with protocols to send and receive data across the Internet. A Web
browser displays HTML as a Web page. Examples of Web browsers include Internet Explorer and Netscape.
File Transfer Protocol (FTP) is used to download files and programs from the Internet. Web browsers also use
proprietary plug-in applications to display special data types such as movies or flash animations.

This is an introductory view of the Internet, and it may seem to be a simplistic process. As the topic is explored
in greater depth, students will learn that data transmission across the Internet is a complicated task.

The next page will describe some PC components.

Requirements for Internet connection

1.1.2 PC basics

Computers are important building blocks in a network. Therefore, students must be able to identify the major
components of a PC. Many networking devices are special purpose computers, with many of the same
components as general purpose PCs.

A computer must work properly before it can be used to access information such as Web-based content. This
will require students to troubleshoot basic hardware and software problems. Therefore, students must be
familiar with the following small, discreet PC components:

Students should also be familiar with the following PC subsystems:

Transistor – Device that amplifies a signal or opens and closes a circuit.


Integrated circuit – Device made of semiconductor material that contains many transistors and performs a
specific task.
Resistor – An electrical component that limits or regulates the flow of electrical current in an electronic
circuit.
Capacitor – Electronic component that stores energy in the form of an electrostatic field that consists of two
conducting metal plates separated by an insulating material.

18
Only for individual use – not for distribute on Internet
Connector – The part of a cable that plugs into a port or interface.
Light emitting diode (LED) – Semiconductor device that emits light when a current passes through it.
Printed circuit board (PCB) – A circuit board which has conducting tracks superimposed, or printed, on one
or both sides. It may also contain internal signal layers and power and ground planes. Microprocessors, chips
and integrated circuits and other electronic components are mounted on the PCB.
CD-ROM drive – A device that can read information from a CD-ROM.
Central processing unit (CPU) – The part of a computer that controls the operation of all the other parts. It gets
instructions from memory and decodes them. It performs math and logic operations, and translates and
executes instructions.
Floppy disk drive – A computer drive that reads and writes data to a 3.5-inch, circular piece of metal-coated
plastic disk. A standard floppy disk can store approximately 1 MB of information.
Hard disk drive – A computer storage device that uses a set of rotating, magnetically coated disks called
platters to store data or programs. Hard drives come in different storage capacity sizes.
Microprocessor – A microprocessor is a processor which consists of a purpose-designed silicon chip and is
physically very small. The microprocessor utilizes Very Large-Scale Integration (VLSI) circuit technology to
integrate computer memory, logic, and control on a single chip. A microprocessor contains a CPU.
Motherboard – The main printed circuit board in a computer. The motherboard contains the bus, the
microprocessor, and integrated circuits used for controlling any built-in peripherals such as the keyboard, text
and graphics display, serial ports and parallel ports, joystick, and mouse interfaces.
Bus – A collection of wires on the motherboard through which data and timing signals are transmitted from
one part of a computer to another.
Random-access memory (RAM) – Also known as read-write memory because new data can be written to it
and stored data can be read from it. RAM requires electrical power to maintain data storage. If a computer is
turned off or loses power all data stored in RAM is lost.
Read-only memory (ROM) – Computer memory on which data has been prerecorded. Once data has been
written onto a ROM chip, it cannot be removed and can only be read.
System unit – The main part of a PC, which includes the chassis, microprocessor, main memory, bus, and
ports. The system unit does not include the keyboard, monitor, or any external devices connected to the
computer.
Expansion slot – A socket on the motherboard where a circuit board can be inserted to add new capabilities to
the computer. Figure shows Peripheral Component Interconnect (PCI) and Accelerated Graphics Port (AGP)
expansion slots. PCI is a fast connection for boards such as NICs, internal modems, and video cards. The AGP
port provides a high bandwidth connection between the graphics device and the system memory. AGP
provides a fast connection for 3-D graphics on computer systems.
Power supply – The component that supplies power to a computer.

The following backplane components are also important:

Backplane – A backplane is an electronic circuit board containing circuitry and sockets into which additional
electronic devices on other circuit boards or cards can be plugged; in a computer, generally synonymous with
or part of the motherboard.
Network interface card (NIC) – An expansion board inserted into a computer so that the computer can be
connected to a network.
Video card – A board that plugs into a PC to give it display capabilities.
Audio card – An expansion board that enables a computer to manipulate and output sounds.
Parallel port – An interface capable of transferring more than one bit simultaneously that is used to connect
external devices such as printers.
Serial port – An interface that can be used for serial communication in which only one bit is transmitted at a
time.
Mouse port – A port used to connect a mouse to a PC.
USB port – A Universal Serial Bus connector. A USB port connects devices such as a mouse or printer to the
computer quickly and easily.
Firewire – A serial bus interface standard offering high-speed communications and isochronous real-time data
services.

19
Only for individual use – not for distribute on Internet
Power cord – A cord used to connect an electrical device to an electrical outlet that provides power to the
device.
Think of the internal components of a PC as a network of devices that are all attached to the system bus.

The Lab Activity will help students find and identify the physical components of a PC.

The next page will provide more information about NICs.

1.1.3 Network interface card

1. INTERNAL NETWORK INTERFACE CARD ( NIC )


2. PCMCIA NETWORK INTERFACE CARD

This page will explain what a NIC is and how it works. Students will also learn how to select the best NIC for
a PC.

A NIC, or LAN adapter, provides network communication capabilities to and from a PC. On desktop
computer systems, it is a printed circuit board that resides in a slot on the motherboard and provides an
interface connection to the network media. On laptop computer systems, it is commonly integrated into the
laptop or available on a small, credit card-sized PCMCIA card. PCMCIA stands for Personal Computer
Memory Card International Association. PCMCIA cards are also known as PC cards. The type of NIC must
match the media and protocol used on the local network.

The NIC uses an interrupt request (IRQ), an input/output (I/O) address, and upper memory space to work with
the operating system. An IRQ value is an assigned location where the computer can expect a particular device
to interrupt it when the device sends the computer signals about its operation. For example, when a printer has
finished printing, it sends an interrupt signal to the computer. The signal momentarily interrupts the computer
so that it can decide what processing to do next. Since multiple signals to the computer on the same interrupt
line might not be understood by the computer, a unique value must be specified for each device and its path to
the computer. Prior to Plug-and Play (PnP) devices, users often had to set IRQ values manually, or be aware of
them, when adding a new device to a computer.

These considerations are important in the selection of a NIC:

Protocols – Ethernet, Token Ring, or FDDI


Types of media – Twisted-pair, coaxial, wireless, or fiber-optic
Type of system bus – PCI or ISA
Students can use the Interactive Media Activity to view a NIC.

The next page will explain how NICs and modems are installed.

1.1.4 NIC and modem installation

1. PC Card Modem
2. 56K External Modem
3. PCMCIA Network Cards
4. Internal NIC
5. USB 10/100 Network Adapter

This page will explain how an adapter card, which can be a modem or a NIC, provides Internet connectivity.
Students will also learn how to install a modem or a NIC.

A modem, or modulator-demodulator, is a device that provides the computer with connectivity to a telephone
line. A modem converts data from a digital signal to an analog signal that is compatible with a standard phone
20
Only for individual use – not for distribute on Internet
line. The modem at the receiving end demodulates the signal, which converts it back to digital. Modems may
be installed internally or attached externally to the computer using a phone line.

A NIC must be installed for each device on a network. A NIC provides a network interface for each host.
Different types of NICs are used for various device configurations. Notebook computers may have a built-in
interface or use a PCMCIA card. Figure shows PCMCIA wired, wireless network cards, and a Universal
Serial Bus (USB) Ethernet adapter. Desktop systems may use an internal network adapter , called a NIC, or an
external network adapter that connects to the network through a USB port.

Situations that require NIC installation include the following:

Installation of a NIC on a PC that does not already have one


Replacement of a malfunctioning or damaged NIC
Upgrade from a 10-Mbps NIC to a 10/100/1000-Mbps NIC
Change to a different type of NIC, such as wireless
Installation of a secondary, or backup, NIC for network security reasons
To perform the installation of a NIC or modem the following resources may be required:

Knowledge of how the adapter, jumpers, and plug-and-play software are configured
Availability of diagnostic tools
Ability to resolve hardware resource conflicts
The next page will describe the history of network connectivity.

1.1.5 Overview of high-speed and dial-up connectivity

This page will explain how modem connectivity has evolved into high-speed services.

In the early 1960s, modems were introduced to connect dumb terminals to a central computer. Many
companies used to rent computer time since it was too expensive to own an on-site system. The connection rate
was very slow. It was 300 bits per second (bps), which is about 30 characters per second.

As PCs became more affordable in the 1970s, bulletin board systems (BBSs) appeared. These BBSs allowed
users to connect and post or read messages on a discussion board. The 300-bps speed was acceptable since it
was faster than the speed at which most people could read or type. In the early 1980s, use of bulletin boards
increased exponentially and the 300 bps speed quickly became too slow for the transfer of large files and
graphics. In the 1990s, modems could operate at 9600 bps. By 1998, they reached the current standard of
56,000 bps, or 56 kbps.

Soon the high-speed services used in the corporate environment such as Digital Subscriber Line (DSL) and
cable modem access moved to the consumer market. These services no longer required expensive equipment or
a second phone line. These are "always on" services that provide instant access and do not require a connection
to be established for each session. This provides more reliability and flexibility and has simplified Internet
connection sharing in small office and home networks.

The next page will introduce an important set of network protocols.

21
Only for individual use – not for distribute on Internet

1.1.6 TCP/IP description and configuration

This page will introduce the Transmission Control Protocol/Internet Protocol (TCP/IP).
The PRIMARY FUNCTION of TCP is relability and flow control

Included in TCP header but not in UDP header is: sequence number, window size, acknowledgment number
TCP/IP is a set of protocols or rules that have been developed to allow computers to share resources across a
network. The operating system tools must be used to configure TCP/IP on a workstation. The process is very
similar for Windows or Mac operating systems.
The Lab Activity will teach students how to obtain basic TCP/IP configuration information.
The next page will introduce the ping command.

1.1.7 Testing connectivity with ping

This page will explain how the ping command is used to test network connectivity.

Ping is a basic program that verifies a particular IP address exists and can accept requests. The computer
acronym ping stands for Packet Internet or Inter-Network Groper. The name was contrived to match the
submariners' term for the sound of a returned sonar pulse from an underwater object.

The ping command works by sending special Internet Protocol (IP) packets, called Internet Control Message
Protocol (ICMP) Echo Request datagrams, to a specified destination. Each packet sent is a request for a reply.
The output response for a ping contains the success ratio and round-trip time to the destination. From this
information, it is possible to determine if there is connectivity to a destination. The ping command is used to
test the NIC transmit and receive function, the TCP/IP configuration, and network connectivity. The following
types of ping commands can be issued:

ping 127.0.0.1 – This is a unique ping and is called an internal loopback test. It is used to verify the TCP/IP
network configuration.

ping IP address of host computer – A ping to a host PC verifies the TCP/IP address configuration for the
local host and connectivity to the host.

ping default-gateway IP address – A ping to the default gateway indicates if the router that connects the local
network to other networks can be reached.

ping remote destination IP address – A ping to a remote destination verifies connectivity to a remote host.
Students will use the ping and tracert commands in the Lab Activity.

22
Only for individual use – not for distribute on Internet
The next page will discuss Web browsers.

1.1.8 Web browser and plug-ins


This page will explain what a Web browser is and how it performs the following functions:
 Contacts a Web server
 Requests information
 Receives information
 Displays the results on the screen
A Web browser is software that interprets HTML, which is one of the languages used to code Web page
content. Some new technologies use other markup languages with more advanced features. HTML, which is
the most common markup language, can display graphics or play sound, movies, and other multimedia files.
Hyperlinks that are embedded in a Web page provide a quick link to another location on the same page or a
different Internet address.
Two of the most popular Web browsers are Internet Explorer (IE) and Netscape Communicator. These
browsers perform the same tasks. However, there are differences between them. Some websites may not
support the use of one of these browsers. It is a good idea to have both programs installed.
Here are some features of Netscape Navigator:
 Was the first popular browser
 Uses less disk space
 Displays HTML files
 Performs e-mail and file transfers
Here are some features of IE:
 Is powerfully integrated with other Microsoft products
 Uses more disk space
 Displays HTML files
 Performs e-mail and file transfers
There are also many special, or proprietary, file types that standard Web browsers are not able to display. To
view these files the browser must be configured to use the plug-in applications. These applications work with
the browser to launch the programs required to view special files:
 Flash – Plays multimedia files created by Macromedia Flash
23
Only for individual use – not for distribute on Internet
 Quicktime – Plays video files created by Apple
 Real Player – Plays audio files
Use the following procedure to install the Flash plug-in:
Go to the Macromedia website.
Download the latest flash player installer file.
Run and install the plug-in in Netscape or IE.
Access the Cisco Academy website to verify the installation and proper operation.
Computers also perform many other useful tasks. Many employees use a set of applications in the form of an
office suite such as Microsoft Office. Office applications typically include the following:
 Spreadsheet software contains tables that consist of columns and rows and it is often used with
formulas to process and analyze data.
 Modern word processors allow users to create documents that include graphics and richly formatted
text.
 Database management software is used to store, maintain, organize, sort, and filter records. A record is
a collection of information identified by some common theme such as customer name.
 Presentation software is used to design and develop presentations to deliver at meetings, classes, or
sales presentations.
 A personal information manager includes an e-mail utility, contact lists, a calendar, and a to-do list.
Office applications are now a part of daily work, as typewriters were before PCs.
The Lab Activity will help students understand how a Web browser works.
The next page will discuss the troubleshooting process.

1.1.9 Troubleshooting Internet connection problems

The Lab Activity on this page will show students how to troubleshoot hardware, software, and network
configuration problems. The goal is to locate and repair the problems in a set amount of time to gain access to
the curriculum. This lab will demonstrate how complex it is to configure Internet access. This includes the
processes and procedures used to troubleshoot computer hardware, software, and network systems.
This page concludes this lesson. The next lesson will discuss computer number systems. The first page will
describe the binary system

1.2 Network Math

1.2.1 Binary presentation of data

24
Only for individual use – not for distribute on Internet
This page will explain how computers use the binary number system to represent data.

Computers work with and store data using electronic switches that are either ON or OFF. Computers can only
understand and use data that is in this two-state or binary format. The 1s and 0s are used to represent the two
possible states of an electronic component in a computer. 1 is represented by an ON state, and 0 is represented
by an OFF state. They are referred to as binary digits or bits.

American Standard Code for Information Interchange (ASCII) is the code that is most commonly used to
represent alpha-numeric data in a computer. ASCII uses binary digits to represent the symbols typed on the
keyboard. When computers send ON or OFF states over a network, electrical, light, or radio waves are used to
represent the 1s and 0s. Notice that each character is represented by a unique pattern of eight binary digits.

Because computers are designed to work with ON/OFF switches, binary digits and binary numbers are natural
to them. Humans use the decimal number system, which is relatively simple when compared to the long series
of 1s and 0s used by computers. So the computer binary numbers need to be converted to decimal numbers.

Sometimes binary numbers are converted to hexadecimal numbers. This reduces a long string of binary digits
to a few hexadecimal characters. It is easier to remember and to work with hexadecimal numbers.

The next page will discuss bits and bytes.

1.2.2 Bits and bytes

This page will explain what bits and bytes are.

A binary 0 might be represented by 0 volts of electricity.

A binary 1 might be represented by +5 volts of electricity.

Computers are designed to use groupings of eight bits. This grouping of eight bits is referred to as a byte. In a
computer, one byte represents a single addressable storage location. These storage locations represent a value
or single character of data, such as an ASCII code. The total number of combinations of the eight switches
being turned on and off is 256. The value range of a byte is from 0 to 255. So a byte is an important concept to
understand when working with computers and networks.

The next page will describe the Base 10 number system.

UNITS OF DATA STORAGE

25
Only for individual use – not for distribute on Internet

1.2.3 Base 10 number system

Numbering systems consist of symbols and rules for their use. This page will discuss the most commonly used
number system, which is decimal, or Base 10.
Base 10 uses the ten symbols 0, 1, 2, 3, 4, 5, 6, 7, 8, and 9. These symbols, can be combined to represent all
possible numeric values.
The decimal number system is based on powers of 10. Each column position of a value, from right to left, is
multiplied by the base number 10 raised to a power, which is the exponent. The power that 10 is raised to
depends on its position to the left of the decimal point. When a decimal number is read from right to left, the
first or rightmost position represents 100, which equals 1. The second position represents 101, which equals 10.
The third position represents 102, which equals 100. The seventh position to the left represents 106, which
equals 1,000,000. This is true no matter how many columns the number has.
Here is an example:
2134 = (2x103) + (1x102) + (3x101) + (4x100)
This review of the decimal system will help students understand the Base 2 and Base 16 number systems.
These systems use the same methods as the decimal system.

26
Only for individual use – not for distribute on Internet
1.2.4 Base 2 number system

This page will discuss the number system that computers use to recognize and process data, which is binary, or
Base 2.
The binary system uses only two symbols, which are 0 and 1. The position of each digit from right to left in a
binary number represents the base number 2 raised to a power or exponent. These place values are, from right
to left, 20, 21, 22, 23, 24, 25, 26, and 27, or 1, 2, 4, 8, 16, 32, 64, and 128 respectively.
Here is an example:
101102 = (1 x 24 = 16) + (0 x 23 = 0) + (1 x 22 = 4) + (1 x 21 = 2) + (0 x 20 = 0) = 22 (16 + 0 + 4 + 2 + 0)
This example shows that the binary number 10110 is equal to the decimal number 22.

1.2.5 Converting decimal numbers to 8-bit binary numbers

This page will teach students how to convert decimal numbers to binary numbers.
There are several ways to convert decimal numbers to binary numbers. The flowchart in Figure describes one
method. This method is one of several methods that can be used. It is best to select one method and practice
with it until it always produces the correct answer.
Conversion exercise:
Use the example below to convert the decimal number 168 to a binary number:
 128 is less than 168 so the left most bit in the binary number is a 1. 168 - 128 = 40.
 64 is not less than or equal to 40 so the second bit from the left is a 0.
 32 is less than 40 so the third bit from the left is a 1. 40 - 32 = 8.
 16 is not less than or equal to 8 so the fourth bit from the left is a 0.
 8 is equal to 8 so the fifth bit from the left is a 1. 8 - 8 = 0. Therefore, the bits to the right are all 0.
This example shows that the decimal number 168 is equal to the binary number 10101000.
The number converter activity in Figure will allow students to practice decimal to binary conversions.
In the Lab Activity, students will practice the conversion of decimal numbers to binary numbers.
The next page will discuss the conversion of binary numbers to decimal numbers.

Please see next page!!!!!!

27
Only for individual use – not for distribute on Internet

28
Only for individual use – not for distribute on Internet
1.2.6 Converting 8-bit binary numbers to decimal numbers

This page will teach students how to convert binary numbers to decimal numbers.
There are two basic ways to convert binary numbers to decimal numbers. The flowchart in Figure shows one
example.
Students can also multipy each binary digit by the base number of 2 raised to the exponent of its position.
Here is an example:
Convert the binary number 01110000 to a decimal number.
NOTE:
Work from right to left. Remember that anything raised to the 0 power is 1.

0 x 20 = 0
0 x 21 = 0
0 x 22 = 0
0 x 23 = 0
1 x 24 = 16
1 x 25 = 32
1 x 26 = 64
0 x 27 = 0
__________
= 112
The Lab Activity will let students practice the conversion of binary numbers to decimal numbers.
The next page will discuss dotted decimal notations

29
Only for individual use – not for distribute on Internet

30
Only for individual use – not for distribute on Internet
1.2.7 Four-octet dotted decimal representation of 32-bit binary numbers

This page will explain how binary numbers are represented in dotted decimal notation.
Currently, addresses assigned to computers on the Internet are 32-bit binary numbers. To make it easier to
work with these addresses, the 32-bit binary number is broken into a series of decimal numbers. First the
binary number is split into four groups of eight binary digits. Then each group of eight bits, or octet, is
converted into its decimal equivalent. This conversion can be performed as shown on the previous page.
When written, the complete binary number is represented as four groups of decimal digits separated by
periods. This is called dotted decimal notation and provides a compact and easy way to refer to 32-bit
addresses. This representation is used frequently later in this course, so it is necessary to understand it. For
dotted decimal to binary conversions, remember that each group of one to three decimal digits represents a
group of eight binary digits. If the decimal number that is being converted is less than 128, zeros will be
needed to be added to the left of the equivalent binary number until there are a total of eight bits.
Try the following conversions for practice:
Convert 200.114.6.51 to its 32-bit binary equivalent.
Convert 10000000 01011101 00001111 10101010 to its dotted decimal equivalent.
The next page will introduce the hexadecimal number system

DOTED DECIMAL NOTATION

DOTED DECIMAL TO BINARY CONVERSATION

BINARY TO DOTED DECIMAL CONVERSATION

31
Only for individual use – not for distribute on Internet

1.2.8 Hexadecimal

This page will teach students about the hexadecimal number system. Students will also learn how hexadecimal
is used to represent binary and decimal numbers.
The hexadecimal or Base 16 number system is commonly used to represent binary numbers in a more readable
form. Computers perform computations in binary. However, there are several instances when the binary
output of a computer is expressed in hexadecimal to make it easier to read.
The configuration register in Cisco routers often requires hexadecimal to binary and binary to hexadecimal
conversions. Cisco routers have a configuration register that is 16 bits long. The 16-bit binary number can be
represented as a four-digit hexadecimal number. For example, 0010000100000010 in binary equals 2102 in
hexadecimal. A hexadecimal number is often indicated with a 0x. For example, the hexadecimal number 2102
would be written as 0x2102.

32
Only for individual use – not for distribute on Internet
Like the binary and decimal systems, the hexadecimal system is based on the use of symbols, powers, and
positions. The symbols that hexadecimal uses are the digits 0 through 9 and the letters A through F.
All combinations of four binary digits can be represented with one hexadecimal symbol. These values require
one or two decimal symbols. Two hexadecimal digits can efficiently represent any combination of eight binary
digits. The decimal representation of an eight-bit binary number will require either two or three decimal digits.
Since one hexadecimal digit always represents four binary digits, hexadecimal symbols are easier to use than
decimal symbols when working with large binary numbers. Using hexadecimal representation also reduces the
confusion of reading long strings of binary numbers and the amount of space it takes to write binary numbers.
Remember that 0x may be used to indicate a hexadecimal value. The hexadecimal number 5D might be written
as 0x5D.
To convert to binary, simply expand each hexadecimal digit into its four-bit binary equivalent.
The Lab Activity will teach students how to convert hexadecimal numbers into decimal and binary values.
The next page will discuss Boolean logic.

BINARY AND HEXADECIMALNI NUMBER SYSTEMS

33
Only for individual use – not for distribute on Internet

BINARY , HEXADECIMALNI AND DECIMALNI NUMBER SYSTEMS

CONVERTING BINARY TO HEXADECIMALNI

34
Only for individual use – not for distribute on Internet
CONVERTING BINARY TO HEXADECIMALNI

1.2.9 Boolean or binary logic

This page will introduce Boolean logic and explain how it is used.
Boolean logic is based on digital circuitry that accepts one or two incoming voltages. Based on the input
voltages, output voltage is generated. For computers the voltage difference is represented as an ON or OFF
state. These two states are associated with a binary 1 or 0.
Boolean logic is a binary logic that allows two numbers to be compared and makes a choice based on the
numbers. These choices are the logical AND, OR, and NOT. With the exception of the NOT, Boolean
operations have the same function. They accept two numbers, which are 1 and 0, and generate a result based on
the logic rule.
The NOT operation takes the value that is presented and inverts it. A 1 becomes a 0 and a 0 becomes a 1.
Remember that the logic gates are electronic devices built specifically for this purpose. The logic rule that they
follow is whatever the input is, the output is the opposite.
The AND operation compares two input values. If both values are 1, the logic gate generates a 1 as the output.
Otherwise it outputs a 0. There are four combinations of input values. Three of these combinations generate a
0, and one combination generates a 1.
The OR operation also takes two input values. If at least one of the input values is 1, the output value is 1.
Again there are four combinations of input values. Three combinations generate a 1 and the fourth generates a
0.
The two networking operations that use Boolean logic are subnetwork and wildcard masking. The masking
operations are used to filter addresses. The addresses identify the devices on the network and can be grouped
together or controlled by other network operations. These functions will be explained in depth later in the
curriculum.
The next page will explain how network masks are used.
Logic gates

35
Only for individual use – not for distribute on Internet
Suprotan rezultat

I jedan i drugi ( obe znamenke moraju biti 1 da bi rezultat bio 1 )

Ili jedan ili drugi ( ako samo jedna znamenka je 1 onda je rezultat 1 )

1.2.10 IP addresses and network masks

This page will explain the relationship between IP addresses and network masks.
When IP addresses are assigned to computers, some of the bits on the left side of the 32-bit IP number
represent a network. The number of bits designated depends on the address class. The bits left over in the 32-
bit IP address identify a particular computer on the network. A computer is referred to as a host. The IP address
of a computer consists of a network and a host part.
To inform a computer how the 32-bit IP address has been split, a second 32-bit number called a subnetwork
mask is used. This mask is a guide that determines how the IP address is interpreted. It indicates how many of
the bits are used to identify the network of the computer. The subnetwork mask sequentially fills in the 1s from
the left side of the mask. A subnet mask will always be all 1s until the network address is identified and then it
will be all 0s to the end of the mask. The bits in the subnet mask that are 0 identify the computer or host.
Some examples of subnet masks are as follows:
11111111000000000000000000000000 written in dotted decimal as 255.0.0.0
11111111111111110000000000000000 written in dotted decimal as 255.255.0.0
In the first example, the first eight bits from the left represent the network portion of the address, and the last
24 bits represent the host portion of the address. In the second example the first 16 bits represent the network
portion of the address, and the last 16 bits represent the host portion of the address.

36
Only for individual use – not for distribute on Internet
The IP address 10.34.23.134 in binary form is 00001010.00100010.00010111.10000110.
A Boolean AND of the IP address 10.34.23.134 and the subnet mask 255.0.0.0 produces the network address
of this host:
00001010.00100010.00010111.10000110
11111111.00000000.00000000.00000000
00001010.00000000.00000000.00000000
The dotted decimal conversion is 10.0.0.0 which is the network portion of the IP address when the 255.0.0.0
mask is used.
A Boolean AND of the IP address 10.34.23.134 and the subnet mask 255.255.0.0 produces the network
address of this host:
00001010.00100010.00010111.10000110
11111111.11111111.00000000.00000000
00001010.00100010.00000000.00000000
The dotted decimal conversion is 10.34.0.0 which is the network portion of the IP address when the
255.255.0.0 mask is used.
This is a brief illustration of the effect that a network mask has on an IP address. The importance of masking
will become much clearer as more work with IP addresses is done. For right now it is only important that the
concept of the mask is understood.
This page concludes this lesson. The next page will summarize the main points from the module.

IP ADDRESS COMPONENT

37
Only for individual use – not for distribute on Internet
2 CISCO MODUL 2
OVERVIEW
Bandwidth decisions are among the most important considerations when a network is designed. This module
discusses the importance of bandwidth and explains how it is measured.
Layered models are used to describe network functions. This module covers the two most important models,
which are the Open System Interconnection (OSI) model and the Transmission Control Protocol/Internet
Protocol (TCP/IP) model. The module also presents the differences and similarities between the two models.
This module also includes a brief history of networking. Students will learn about network devices and
different types of physical and logical layouts. This module also defines and compares LANs, MANs, WANs,
SANs, and VPNs.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams.
Students who complete this module should be able to perform the following tasks:
 Explain the importance of bandwidth in networking
 Use an analogy to explain bandwidth
 Identify bps, kbps, Mbps, and Gbps as units of bandwidth
 Explain the difference between bandwidth and throughput
 Calculate data transfer rates
 Explain why layered models are used to describe data communication
 Explain the development of the OSI model
 List the advantages of a layered approach
 Identify each of the seven layers of the OSI model
 Identify the four layers of the TCP/IP model
 Describe the similarities and differences between the two models
 Briefly outline the history of networking
 Identify devices used in networking
 Understand the role of protocols in networking
 Define LAN, WAN, MAN, and SAN
 Explain VPNs and their advantages
 Describe the differences between intranets and extranets
1. Network Fundametals

38
Only for individual use – not for distribute on Internet
2. CCNA 640-801

3. ICND 640-811

4. INTRO 640-821

39
Only for individual use – not for distribute on Internet
2.1 NETWORK TERMINOLOGY

2.1.1 Data networks

This page will discuss the evolution of data networks.


Data networks developed as a result of business applications that were written for microcomputers. -1- The
microcomputers were not connected so there was no efficient way to share data among them. -2- It was not
efficient or cost-effective for businesses to use floppy disks to share data. Sneakernet created multiple copies of
the data. Each time a file was modified it would have to be shared again with all other people who needed that
file. If two people modified the file and then tried to share it, one of the sets of changes would be lost.
Businesses needed a solution that would successfully address the following three problems:
 How to avoid duplication of equipment and resources
 How to communicate efficiently
 How to set up and manage a network
Businesses realized that computer networking could increase productivity and save money. Networks were
added and expanded almost as rapidly as new network technologies and products were introduced. The early
development of networking was disorganized. However, a tremendous expansion occurred in the early 1980s.
In the mid 1980s, the network technologies that emerged were created with a variety of hardware and software
implementations. Each company that created network hardware and software used its own company standards.
These individual standards were developed because of competition with other companies. As a result, many of
the network technologies were incompatible with each other. It became increasingly difficult for networks that
used different specifications to communicate with each other. Network equipment often had to be replaced to
implement new technologies.
One early solution was the creation of local-area network (LAN) standards. 3 LAN standards provided an open
set of guidelines that companies used to create network hardware and software. As a result, the equipment from
different companies became compatible. This allowed for stability in LAN implementations.
In a LAN system, each department of the company is a kind of electronic island. As the use of computers in
businesses grew, LANs became insufficient. 4
A new technology was necessary to share information efficiently and quickly within a company and between
businesses. 5 The solution was the creation of metropolitan-area networks (MANs) and wide-area networks
(WANs). Because WANs could connect user networks over large geographic areas, it was possible for
businesses to communicate with each other across great distances. Figure 6 summarizes the relative sizes of
LANs and WANs.

1. Evolution of Networking 2. Sneakernet

3. LAN ( zvijezda ) 4. LAN

40
Only for individual use – not for distribute on Internet

5. WAN 6. Examples of Dana Network

2.1.2 Network history

This page presents a simplified view of how the Internet evolved.


The history of computer networking is complex. 1 It has involved many people from all over the world over
the past 35 years. Presented here is a simplified view of how the Internet evolved. The processes of invention
and commercialization are far more complicated, but it is helpful to look at the fundamental development.
In the 1940s computers were large electromechanical devices that were prone to failure. In 1947 the invention
of a semiconductor transistor opened up many possibilities for making smaller, more reliable computers. In the
1950s large institutions began to use mainframe computers, which were run by punched card programs. In the
late 1950s the integrated circuit that combined several, and now millions, of transistors on one small piece of
semiconductor was invented. In the 1960s mainframes with terminals and integrated circuits were widely used.
In the late 1960s and 1970s smaller computers called minicomputers were created. However, these
minicomputers were still very large by modern standards. In 1977 the Apple Computer Company introduced
the microcomputer, which was also known as the Mac. In 1981 IBM introduced its first PC. The user-friendly
Mac, the open-architecture IBM PC, and the further micro-miniaturization of integrated circuits led to
widespread use of personal computers in homes and businesses.
In the mid 1980s PC users began to use modems to share files with other computers. This was referred to as
point-to-point, or dial-up communication. This concept was expanded by the use of computers that were the
central point of communication in a dial-up connection. These computers were called bulletin boards. Users
would connect to the bulletin boards, leave and pick up messages, as well as upload and download files. The
drawback to this type of system was that there was very little direct communication and then only with those
who knew about the bulletin board. Another limitation was that the bulletin board computer required one
modem per connection. If five people connected simultaneously it would require five modems connected to

41
Only for individual use – not for distribute on Internet
five separate phone lines. As the number of people who wanted to use the system grew, the system was not
able to handle the demand. For example, imagine if 500 people wanted to connect at the same time.
From the 1960s to the 1990s the U.S. Department of Defense (DoD) developed large, reliable, wide-area
networks (WANs) for military and scientific reasons. This technology was different from the point-to-point
communication used in bulletin boards. It allowed multiple computers to be connected together through many
different paths. The network itself would determine how to move data from one computer to another. One
connection could be used to reach many computers at the same time. The WAN developed by the DoD
eventually became the Internet.

42
Only for individual use – not for distribute on Internet

43
Only for individual use – not for distribute on Internet
2.1.3 Networking devices

This page will introduce some important networking devices.

Equipment that connects directly to a network segment is referred to as a device. These devices are broken up
into two classifications. The first classification is end-user devices. End-user devices include computers,
printers, scanners, and other devices that provide services directly to the user. The second classification is
network devices. Network devices include all the devices that connect the end-user devices together to allow
them to communicate.

End-user devices that provide users with a connection to the network are also referred to as hosts. 1 These
devices allow users to share, create, and obtain information. The host devices can exist without a network, but
without the network the host capabilities are greatly reduced. NICs are used to physically connect host devices
to the network media. They use this connection to send e-mails, print reports, scan pictures, or access
databases. -2-

A NIC is a printed circuit board that fits into the expansion slot of a bus on a computer motherboard. It can also
be a peripheral device. NICs are sometimes called network adapters. Laptop or notebook computer NICs are
usually the size of a PCMCIA card. -3- Each NIC is identified by a unique code called a Media Access Control
(MAC) address. This address is used to control data communication for the host on the network. More about
the MAC address will be covered later. As the name implies, the NIC controls host access to the network.

There are no standardized symbols for end-user devices in the networking industry. -4- They appear similar to
the real devices to allow for quick recognition.

Network devices are used to extend cable connections, concentrate connections, convert data formats, and
manage data transfers. -5- Examples of devices that perform these functions are repeaters, hubs, bridges,
switches, and routers. All of the network devices mentioned here are covered in depth later in the course. For
now, a brief overview of networking devices will be provided.

A repeater is a network device used to regenerate a signal. Repeaters regenerate analog or digital signals that
are distorted by transmission loss due to attenuation. A repeater does not make intelligent decision concerning
forwarding packets like a router. -6-

Hubs concentrate connections. In other words, they take a group of hosts and allow the network to see them as
a single unit. This is done passively, without any other effect on the data transmission. Active hubs concentrate
hosts and also regenerate signals.

Bridges convert network data formats and perform basic data transmission management. -7- Bridges provide
connections between LANs. They also check data to determine if it should cross the bridge. This makes each
part of the network more efficient.

Workgroup switches add more intelligence to data transfer management. -8-They can determine if data should
remain on a LAN and transfer data only to the connection that needs it. Another difference between a bridge
and switch is that a switch does not convert data transmission formats.

Routers have all the capabilities listed above. -9- Routers can regenerate signals, concentrate multiple
connections, convert data transmission formats, and manage data transfers. They can also connect to a WAN,
which allows them to connect LANs that are separated by great distances. None of the other devices can
provide this type of connection.

The Interactive Media Activities will allow students to become more familiar with network devices.

The next page will introduce some common types of network topologies.

44
Only for individual use – not for distribute on Internet

1. Workstation 2. Network Interface Card ( NIC )

3. PCMCIA Ethernet adapter 4. End user device icons

5. Network Device Icons 6. Repeater

7. Bridges 8. Switches

45
Only for individual use – not for distribute on Internet
2.1.4 Network Topology

This page will introduce students to the most common physical and logical network topologies.
Network topology defines the structure of the network. One part of the topology definition is the physical
topology, which is the actual layout of the wire or media. The other part is the logical topology, which defines
how the hosts access the media to send data. The physical topologies that are commonly used are as follows: 1,
-2-
 A bus topology uses a single backbone cable that is terminated at both ends. All the hosts connect
directly to this backbone.
 A ring topology connects one host to the next and the last host to the first. This creates a physical ring
of cable.
 A star topology connects all cables to a central point.
 An extended star topology links individual stars together by connecting the hubs or switches.
 A hierarchical topology is similar to an extended star. However, instead of linking the hubs or switches
together, the system is linked to a computer that controls the traffic on the topology.
 A mesh topology is implemented to provide as much protection as possible from interruption of
service. For example, a nuclear power plant might use a mesh topology in the networked control
systems. As seen in the graphic, each host has its own connections to all other hosts. Although the
Internet has multiple paths to any one location, it does not adopt the full mesh topology.
The logical topology of a network determines how the hosts communicate across the medium. The two most
common types of logical topologies are broadcast and token passing.
The use of a broadcast topology indicates that each host sends its data to all other hosts on the network
medium. There is no order that the stations must follow to use the network. It is first come, first serve. Ethernet
works this way as will be explained later in the course.
The second logical topology is token passing. In this type of topology, an electronic token is passed
sequentially to each host. When a host receives the token, that host can send data on the network. If the host
has no data to send, it passes the token to the next host and the process repeats itself. Two examples of
networks that use token passing are Token Ring and Fiber Distributed Data Interface (FDDI). A variation of
Token Ring and FDDI is Arcnet. Arcnet is token passing on a bus topology.
The diagram in Figure 2 shows many different topologies connected by network devices. It shows a network of
moderate complexity that is typical of a school or a small business. The diagram includes many symbols and
networking concepts that will take time to learn.
1. Physical Topology

46
Only for individual use – not for distribute on Internet
2. Teaching Topologies

2.1.5 Network protocols

This page will explain what network protocols are and why they are important.
Protocol suites are collections of protocols that enable network communication between hosts. A protocol is a
formal description of a set of rules and conventions that govern a particular aspect of how devices on a network
communicate. Protocols determine the format, timing, sequencing, and error control in data communication.
Without protocols, the computer cannot make or rebuild the stream of incoming bits from another computer
into the original format. -1-
Protocols control all aspects of data communication, which include the following:
 How the physical network is built
 How computers connect to the network
 How the data is formatted for transmission
 How that data is sent
 How to deal with errors
These network rules are created and maintained by many different organizations and committees. Included in
these groups are the Institute of Electrical and Electronic Engineers (IEEE), American National Standards
Institute (ANSI), Telecommunications Industry Association (TIA), Electronic Industries Alliance (EIA) and
the International Telecommunications Union (ITU), formerly known as the Comité Consultatif International
Téléphonique et Télégraphique (CCITT).

47
Only for individual use – not for distribute on Internet

1. Computer Comunication Protocols

2.1.6 Local-area networks (LANs)

This page will explain the features and benefits of LANs. -1-
LANs consist of the following components:
 Computers
 Network interface cards
 Peripheral devices
 Networking media
 Network devices
LANs allow businesses to locally share computer files and printers efficiently and make internal
communications possible. A good example of this technology is e-mail. LANs manage data, local
communications, and computing equipment.
Some common LAN technologies include the following:
 Ethernet
 Token Ring
 FDDI

48
Only for individual use – not for distribute on Internet

1. LANs and LANs devices

2.1.7 Wide-area networks (WANs)

This page will explain the functions of a WAN. -1-


WANs interconnect LANs, which then provide access to computers or file servers in other locations. Because
WANs connect user networks over a large geographical area, they make it possible for businesses to
communicate across great distances. WANs allow computers, printers, and other devices on a LAN to be
shared with distant locations. WANs provide instant communications across large geographic areas.
Collaboration software provides access to real-time information and resources and allows meetings to be held
remotely. WANs have created a new class of workers called telecommuters. These people never have to leave
their homes to go to work.
WANs are designed to do the following:
 Operate over a large and geographically separated area
 Allow users to have real-time communication capabilities with other users
 Provide full-time remote resources connected to local services
 Provide e-mail, Internet, file transfer, and e-commerce services
Some common WAN technologies include the following:
 Modems
 Integrated Services Digital Network (ISDN)
 Digital subscriber line (DSL)
 Frame Relay
 T1, E1, T3, and E3
 Synchronous Optical Network (SONET)

49
Only for individual use – not for distribute on Internet

1. WANs and WAN Devices

2.1.8 Metropolitan-area networks (MANs)

This page will explain how MANs are used.


Wireless bridge technologies that send signals across public areas can also be used to create a MAN. A MAN
usually consists of two or more LANs in a common geographic area. -1- For example, a bank with multiple
branches may utilize a MAN. Typically, a service provider is used to connect two or more LAN sites using
private communication lines or optical services. A MAN can also be created using wireless bridge technology
by beaming signals across public areas.

1. Metropolitan Area Network

2.1.9 Storage-area networks (SANs)


1. Storage-Area Network
This page will discuss the features of SANs.
A storage-area network (SAN) is a dedicated, high-performance network used to move data between servers

50
Only for individual use – not for distribute on Internet
and storage resources. Because it is a separate, dedicated network, it avoids any traffic conflict between clients
and servers. -1-
SAN technology allows high-speed server-to-storage, storage-to-storage, or server-to-server connectivity. This
method uses a separate network infrastructure that relieves any problems associated with existing network
connectivity.
SANs offer the following features:
 Performance – SANs allow concurrent access of disk or tape arrays by two or more servers at high
speeds. This provides enhanced system performance.
 Availability – SANs have built-in disaster tolerance. Data can be duplicated on a SAN up to 10 km
(6.2 miles) away.
 Scalability – A SAN can use a variety of technologies. This allows easy relocation of backup data,
operations, file migration, and data replication between systems.

2.1.10 Virtual private network (VPN)


This page will explain what a VPN is and how it is used.
A vitual private network (VPN) is a private network that is constructed within a public network infrastructure
such as the global Internet. Using VPN, a telecommuter can remotely access the network of the company
headquarters. -1- Through the Internet, a secure tunnel can be built between the PC of the telecommuter and a
VPN router at the company headquarters.
1. VPN Connections

51
Only for individual use – not for distribute on Internet
2.1.11 Benefits of VPNs
This page will introduce the three main types of VPNs and explain how they work.
Cisco products support the latest in VPN technology. A VPN is a service that offers secure, reliable
connectivity over a shared public network infrastructure such as the Internet. -1- VPNs maintain the same
security and management policies as a private network. The use of a VPN is the most cost-effective way to
establish a point-to-point connection between remote users and an enterprise network.
The following are the three main types of VPNs:
 Access VPNs provide remote access for mobile and small office, home office (SOHO) users to an
Intranet or Extranet over a shared infrastructure. Access VPNs use analog, dialup, ISDN, DSL, mobile
IP, and cable technologies to securely connect mobile users, telecommuters, and branch offices.
 Intranet VPNs use dedicated connections to link regional and remote offices to an internal network over
a shared infrastructure. Intranet VPNs differ from Extranet VPNs in that they allow access only to the
employees of the enterprise.
Extranet VPNs use dedicated connections to link business partners to an internal network over a shared
infrastructure. Extranet VPNs differ from Intranet VPNs in that they allow access to users outside the
enterprise.

1. VPN Technologies

2.1.12 Intranets and extranets


This page will teach students about intranets and extranets.
One common configuration of a LAN is an intranet. Intranet Web servers differ from public Web servers in
that the public must have the proper permissions and passwords to access the intranet of an organization.
Intranets are designed to permit users who have access privileges to the internal LAN of the organization.
Within an intranet, Web servers are installed in the network. Browser technology is used as the common front
end to access information on servers such as financial, graphical, or text-based data.
Extranets refer to applications and services that are Intranet based, and use extended, secure access to external
users or enterprises. This access is usually accomplished through passwords, user IDs, and other application-
level security. An extranet is the extension of two or more intranet strategies with a secure interaction between
participant enterprises and their respective intranets. -1-
52
Only for individual use – not for distribute on Internet
This page concludes this lesson. The next lesson will discuss bandwidth. The first page will explain why
bandwidth is important.
1. Intranet and Extranet VPN

2.2 Bandwidth

2.2.1 Importance of bandwidth


This page will describe the four most important characteristics of bandwidth.
Bandwidth is defined as the amount of information that can flow through a network connection in a given
period of time. It is important to understand the concept of bandwidth for the following reasons. -1-
Bandwidth is finite. Regardless of the media used to build a network, there are limits on the network capacity
to carry information. Bandwidth is limited by the laws of physics and by the technologies used to place
information on the media. For example, the bandwidth of a conventional modem is limited to about 56 kbps by
both the physical properties of twisted-pair phone wires and by modem technology. DSL uses the same
twisted-pair phone wires. However, DSL provides much more bandwidth than conventional modems. So, even
the limits imposed by the laws of physics are sometimes difficult to define. Optical fiber has the physical
potential to provide virtually limitless bandwidth. Even so, the bandwidth of optical fiber cannot be fully
realized until technologies are developed to take full advantage of its potential.
Bandwidth is not free. It is possible to buy equipment for a LAN that will provide nearly unlimited bandwidth
over a long period of time. For WAN connections, it is usually necessary to buy bandwidth from a service
provider. In either case, individual users and businesses can save a lot of money if they understand bandwidth
and how the demand will change over time. A network manager needs to make the right decisions about the
kinds of equipment and services to buy.
Bandwidth is an important factor that is used to analyze network performance, design new networks, and
understand the Internet. A networking professional must understand the tremendous impact of bandwidth and
throughput on network performance and design. Information flows as a string of bits from computer to
computer throughout the world. These bits represent massive amounts of information flowing back and forth
across the globe in seconds or less.
The demand for bandwidth continues to grow. As soon as new network technologies and infrastructures are
built to provide greater bandwidth, new applications are created to take advantage of the greater capacity. The
delivery of rich media content such as streaming video and audio over a network requires tremendous amounts
of bandwidth. IP telephony systems are now commonly installed in place of traditional voice systems, which
further adds to the need for bandwidth. The successful networking professional must anticipate the need for
increased bandwidth and act accordingly.

1. Why is Bandwith Important

53
Only for individual use – not for distribute on Internet

2.2.2 The desktop

This page will present two analogies that may make it easier to visualize bandwidth in a network.
Bandwidth has been defined as the amount of information that can flow through a network in a given time. The
idea that information flows suggests two analogies that may make it easier to visualize bandwidth in a network.
Bandwidth is like the width of a pipe. 1 A network of pipes brings fresh water to homes and businesses and
carries waste water away. This water network is made up of pipes of different diameters. The main water pipes
of a city may be 2 meters in diameter, while the pipe to a kitchen faucet may have a diameter of only 2 cm. The
width of the pipe determines the water-carrying capacity of the pipe. Therefore, the water is like the data, and
the pipe width is like the bandwidth. Many networking experts say that they need to put in bigger pipes when
they wish to add more information-carrying capacity.
Bandwidth is like the number of lanes on a highway. 2 A network of roads serves every city or town. Large
highways with many traffic lanes are joined by smaller roads with fewer traffic lanes. These roads lead to
narrower roads that lead to the driveways of homes and businesses. When very few automobiles use the
highway system, each vehicle is able to move freely. When more traffic is added, each vehicle moves more
slowly. This is especially true on roads with fewer lanes. As more traffic enters the highway system, even
multi-lane highways become congested and slow. A data network is much like the highway system. The data
packets are comparable to automobiles, and the bandwidth is comparable to the number of lanes on the
highway. When a data network is viewed as a system of highways, it is easy to see how low bandwidth
connections can cause traffic to become congested all over the network.

1. Pipe Analogy for Bandwith

54
Only for individual use – not for distribute on Internet
2. Highway Analogy for Bandwith

2.2.3 Measurement
This page will explain how bandwidth is measured.
In digital systems, the basic unit of bandwidth is bits per second (bps). Bandwidth is the measure of how many
bits of information can flow from one place to another in a given amount of time. Although bandwidth can be
described in bps, a larger unit of measurement is generally used. Network bandwidth is typically described as
thousands of bits per second (kbps), millions of bits per second (Mbps), billions of bits per second (Gbps), and
trillions of bits per second (Tbps). 1 Although the terms bandwidth and speed are often used interchangeably,
they are not exactly the same thing. One may say, for example, that a T3 connection at 45 Mbps operates at a
higher speed than a T1 connection at 1.544 Mbps. However, if only a small amount of their data-carrying
capacity is being used, each of these connection types will carry data at roughly the same speed. For example,
a small amount of water will flow at the same rate through a small pipe as through a large pipe. Therefore, it is
usually more accurate to say that a T3 connection has greater bandwidth than a T1 connection. This is because
the T3 connection is able to carry more information in the same period of time, not because it has a higher
speed

1. Units of Bandwith

2.2.4 Limitations
This page describes the limitations of bandwidth.
Bandwidth varies depending upon the type of media as well as the LAN and WAN technologies used. The
physics of the media account for some of the difference. Signals travel through twisted-pair copper wire,
coaxial cable, optical fiber, and air. The physical differences in the ways signals travel result in fundamental
55
Only for individual use – not for distribute on Internet
limitations on the information-carrying capacity of a given medium. However, the actual bandwidth of a
network is determined by a combination of the physical media and the technologies chosen for signaling and
detecting network signals.
For example, current information about the physics of unshielded twisted-pair (UTP) copper cable puts the
theoretical bandwidth limit at over 1 Gbps. However, in actual practice, the bandwidth is determined by the use
of 10BASE-T, 100BASE-TX, or 1000BASE-TX Ethernet. The actual bandwidth is determined by the
signaling methods, NICs, and other network equipment that is chosen. Therefore, the bandwidth is not
determined solely by the limitations of the medium.
Figure 1 shows some common networking media types along with their distance and bandwidth limitations.
Figure 2 summarizes common WAN services and the bandwidth associated with each service.

1. Maximum Bandwith and Lenght of Limitations

56
Only for individual use – not for distribute on Internet
2. WAN services and Bandwith

2.2.5 Throughput
This page explains the concept of throughput.
Bandwidth is the measure of the amount of information that can move through the network in a given period of
time. Therefore, the amount of available bandwidth is a critical part of the specification of the network. A
typical LAN might be built to provide 100 Mbps to every desktop workstation, but this does not mean that
each user is actually able to move 100 megabits of data through the network for every second of use. This
would be true only under the most ideal circumstances.
Throughput refers to actual measured bandwidth, at a specific time of day, using specific Internet routes, and
while a specific set of data is transmitted on the network. Unfortunately, for many reasons, throughput is often
far less than the maximum possible digital bandwidth of the medium that is being used. The following are
some of the factors that determine throughput: 1
 Internetworking devices
 Type of data being transferred
 Network topology
 Number of users on the network
 User computer
 Server computer
 Power conditions
The theoretical bandwidth of a network is an important consideration in network design, because the network
bandwidth will never be greater than the limits imposed by the chosen media and networking technologies.
However, it is just as important for a network designer and administrator to consider the factors that may affect
actual throughput. By measuring throughput on a regular basis, a network administrator will be aware of

57
Only for individual use – not for distribute on Internet
changes in network performance and changes in the needs of network users. The network can then be adjusted
accordingly.

1. Variables that May affect Troughtput

2.2.6 Data transfer calculation


This page provides the formula for data transfer calculation.
Network designers and administrators are often called upon to make decisions regarding bandwidth. One
decision might be whether to increase the size of the WAN connection to accommodate a new database.
Another decision might be whether the current LAN backbone is of sufficient bandwidth for a streaming-video
training program. The answers to problems like these are not always easy to find, but one place to start is with
a simple data transfer calculation.
Using the formula transfer time = size of file / bandwidth (T=S/BW) allows a network administrator to
estimate several of the important components of network performance. If the typical file size for a given
application is known, dividing the file size by the network bandwidth yields an estimate of the fastest time that
the file can be transferred. 1
Two important points should be considered when doing this calculation.
 The result is an estimate only, because the file size does not include any overhead added by
encapsulation.
 The result is likely to be a best-case transfer time, because available bandwidth is almost never at the
theoretical maximum for the network type. A more accurate estimate can be attained if throughput is
substituted for bandwidth in the equation.
Although the data transfer calculation is quite simple, one must be careful to use the same units throughout the
equation. In other words, if the bandwidth is measured in megabits per second (Mbps), the file size must be in
megabits (Mb), not megabytes (MB). Since file sizes are typically given in megabytes, it may be necessary to
multiply the number of megabytes by eight to convert to megabits.
Try to answer the following question, using the formula T=S/BW. Be sure to convert units of measurement as
necessary.
Would it take less time to send the contents of a floppy disk full of data (1.44 MB) over an ISDN line, or to
send the contents of a ten GB hard drive full of data over an OC-48 line?

58
Only for individual use – not for distribute on Internet
1. Transfer Time Calculatin

2.2.7 Digital versus analog


This page will explain the differences between analog and digital signals.
Radio, television, and telephone transmissions have, until recently, been sent through the air and over wires
using electromagnetic waves. These waves are called analog because they have the same shapes as the light
and sound waves produced by the transmitters. As light and sound waves change size and shape, the electrical
signal that carries the transmission changes proportionately. In other words, the electromagnetic waves are
analogous to the light and sound waves.
Analog bandwidth is measured by how much of the electromagnetic spectrum is occupied by each signal. The
basic unit of analog bandwidth is hertz (Hz), or cycles per second. Typically, multiples of this basic unit of
analog bandwidth are used, just as with digital bandwidth. Units of measurement that are commonly seen are
kilohertz (KHz), megahertz (MHz), and gigahertz (GHz). These are the units used to describe the frequency of
cordless telephones, which usually operate at either 900 MHz or 2.4 GHz. These are also the units used to
describe the frequencies of 802.11a and 802.11b wireless networks, which operate at 5 GHz and 2.4 GHz. -1-
While analog signals are capable of carrying a variety of information, they have some significant
disadvantages in comparison to digital transmissions. The analog video signal that requires a wide frequency
range for transmission cannot be squeezed into a smaller band. Therefore, if the necessary analog bandwidth is
not available, the signal cannot be sent.
In digital signaling all information is sent as bits, regardless of the kind of information it is. Voice, video, and
data all become streams of bits when they are prepared for transmission over digital media. This type of
transmission gives digital bandwidth an important advantage over analog bandwidth. Unlimited amounts of
information can be sent over the smallest or lowest bandwidth digital channel. Regardless of how long it takes
for the digital information to arrive at its destination and be reassembled, it can be viewed, listened to, read, or
processed in its original form.
It is important to understand the differences and similarities between digital and analog bandwidth. Both types
of bandwidth are regularly encountered in the field of information technology. However, because this course is
concerned primarily with digital networking, the term ‗bandwidth‘ will refer to digital bandwidth.
This page concludes this lesson. The next lesson will discuss networking models. The first page will discuss
the concept of layers.

59
Only for individual use – not for distribute on Internet
1. Audio Analogy for Bandwith

2.3 Networking Models

2.3.1 Using layers to analyze problems in a flow of materials

This page explains how layers are used to describe communications between computers.
The concept of layers is used to describe communication from one computer to another. Figure -1- shows a set
of questions that are related to flow, which is defined as the motion through a system of either physical or
logical objects. These questions show how the concept of layers helps describe the details of the flow process.
This process could be any kind of flow, from the flow of traffic on a highway system to the flow of data
through a network. Figure -2- shows several examples of flow and ways that the flow process can be broken
down into details or layers.
A conversation between two people provides a good opportunity to use a layered approach to analyze
information flow. In a conversation, each person wishing to communicate begins by creating an idea. Then a
decision is made on how to properly communicate the idea. For example, a person could decide to speak, sing
or shout, and what language to use. Finally the idea is delivered. For example, the person creates the sound
which carries the message.
This process can be broken into separate layers that may be applied to all conversations. The top layer is the
idea that will be communicated. The middle layer is the decision on how the idea is to be communicated. The
bottom layer is the creation of sound to carry the communication.
The same method of layering explains how a computer network distributes information from a source to a
destination. When computers send information through a network, all communications originate at a source
then travel to a destination Figure -3-.
The information that travels on a network is generally referred to as data or a packet. A packet is a logically
grouped unit of information that moves between computer systems. As the data passes between layers, each
layer adds additional information that enables effective communication with the corresponding layer on the
other computer.
The OSI and TCP/IP models have layers that explain how data is communicated from one computer to another.
The models differ in the number and function of the layers. However, each model can be used to help describe
and provide details about the flow of information from a source to a destination.

60
Only for individual use – not for distribute on Internet

1. Analyzing Network in Layers 3. Network Communication

2. Network Comparisons

2.3.2 Using layers to describe data communication


This page describes the importance of layers in data communication.
In order for data packets to travel from a source to a destination on a network, it is important that all the
devices on the network speak the same language or protocol. A protocol is a set of rules that make
communication on a network more efficient. For example, while flying an airplane, pilots obey very specific
rules for communication with other airplanes and with air traffic control.
A data communications protocol is a set of rules or an agreement that determines the format and transmission
of data.
Layer 4 on the source computer communicates with Layer 4 on the destination computer. 1 The rules and
conventions used for this layer are known as Layer 4 protocols. It is important to remember that protocols
prepare data in a linear fashion. A protocol in one layer performs a certain set of operations on data as it
prepares the data to be sent over the network. The data is then passed to the next layer where another protocol
performs a different set of operations.
Once the packet has been sent to the destination, the protocols undo the construction of the packet that was
done on the source side. This is done in reverse order. The protocols for each layer on the destination return the
information to its original form, so the application can properly read the data.

1. Layer Communication
61
Only for individual use – not for distribute on Internet

2.3.3 OSI model


This page discusses how and why the OSI model was developed.
The early development of networks was disorganized in many ways. The early 1980s saw tremendous
increases in the number and size of networks. As companies realized the advantages of using networking
technology, networks were added or expanded almost as rapidly as new network technologies were introduced.
By the mid-1980s, these companies began to experience problems from the rapid expansion. Just as people
who do not speak the same language have difficulty communicating with each other, it was difficult for
networks that used different specifications and implementations to exchange information. The same problem
occurred with the companies that developed private or proprietary networking technologies. Proprietary means
that one or a small group of companies controls all usage of the technology. Networking technologies strictly
following proprietary rules could not communicate with technologies that followed different proprietary rules.
To address the problem of network incompatibility, the International Organization for Standardization (ISO)
researched networking models like Digital Equipment Corporation net (DECnet), Systems Network
Architecture (SNA), and TCP/IP in order to find a generally applicable set of rules for all networks. Using this
research, the ISO created a network model that helps vendors create networks that are compatible with other
networks.
The Open System Interconnection (OSI) reference model released in 1984 was the descriptive network model
that the ISO created. It provided vendors with a set of standards that ensured greater compatibility and
interoperability among various network technologies produced by companies around the world. 1
The OSI reference model has become the primary model for network communications. Although there are
other models in existence, most network vendors relate their products to the OSI reference model. This is
especially true when they want to educate users on the use of their products. It is considered the best tool
available for teaching people about sending and receiving data on a network.
In the Interactive Media Activity, students will identify the benefits of the OSI model.

62
Only for individual use – not for distribute on Internet
1. Benefits of the OSI model

2.3.4 OSI Layers


This page discusses the seven layers of the OSI model.
The OSI reference model is a framework that is used to understand how information travels throughout a
network. The OSI reference model explains how packets travel through the various layers to another device on
a network, even if the sender and destination have different types of network media.
In the OSI reference model, there are seven numbered layers, each of which illustrates a particular network
function. 17- Dividing the network into seven layers provides the following advantages:
 It breaks network communication into smaller, more manageable parts.
 It standardizes network components to allow multiple vendor development and support.
 It allows different types of network hardware and software to communicate with each other.
 It prevents changes in one layer from affecting other layers.
 It divides network communication into smaller parts to make learning it easier to understand.
In the following Interactive Media Activity, the student will identify the seven layers of the OSI model.
The next page discusses peer-to-peer communications through the OSI model.
1. The OSI Model PHYSICAL 2. The OSI Model DATA LINK

63
Only for individual use – not for distribute on Internet
3. The OSI Model NETWORK 4. The OSI Model TRANSPORT

5. The OSI Model SESION 6. The OSI Model PRESENTATION

7. The OSI Model DATA LINK

2.3.5 Peer-to-peer communications


This page explains the concept of peer-to-peer communications.
In order for data to travel from the source to the destination, each layer of the OSI model at the source must
communicate with its peer layer at the destination. This form of communication is referred to as peer-to-peer.
During this process, the protocols of each layer exchange information, called protocol data units (PDUs). Each
layer of communication on the source computer communicates with a layer-specific PDU, and with its peer
layer on the destination computer as illustrated in Figure 1.
Data packets on a network originate at a source and then travel to a destination. Each layer depends on the
service function of the OSI layer below it. To provide this service, the lower layer uses encapsulation to put the
PDU from the upper layer into its data field. Then it adds whatever headers and trailers the layer needs to
perform its function. Next, as the data moves down through the layers of the OSI model, additional headers and
trailers are added. After Layers 7, 6, and 5 have added their information, Layer 4 adds more information. This
grouping of data, the Layer 4 PDU, is called a segment. -2-
The network layer provides a service to the transport layer, and the transport layer presents data to the
internetwork subsystem. The network layer has the task of moving the data through the internetwork. It
accomplishes this task by encapsulating the data and attaching a header creating a packet (the Layer 3 PDU).
64
Only for individual use – not for distribute on Internet
The header contains information required to complete the transfer, such as source and destination logical
addresses.
The data link layer provides a service to the network layer. It encapsulates the network layer information in a
frame (the Layer 2 PDU). The frame header contains information (for example, physical addresses) required to
complete the data link functions. The data link layer provides a service to the network layer by encapsulating
the network layer information in a frame.
The physical layer also provides a service to the data link layer. The physical layer encodes the data link frame
into a pattern of 1s and 0s (bits) for transmission on the medium (usually a wire) at Layer 1.
1. Peer to Peer Communication 1. Peer to Peer Communication

2.3.6 TCP/IP model


This page discusses the TCP/IP reference model, which is the historical and technical standard of the Internet.
The U.S. Department of Defense (DoD) created the TCP/IP reference model, because it wanted to design a
network that could survive any conditions, including a nuclear war. In a world connected by different types of
communication media such as copper wires, microwaves, optical fibers and satellite links, the DoD wanted
transmission of packets every time and under any conditions. This very difficult design problem brought about
the creation of the TCP/IP model.
Unlike the proprietary networking technologies mentioned earlier, TCP/IP was developed as an open standard.
This meant that anyone was free to use TCP/IP. This helped speed up the development of TCP/IP as a
standard.
The TCP/IP model has the following four layers:
 Application layer
 Transport layer
 Internet layer
 Network access layer 1
Although some of the layers in the TCP/IP model have the same name as layers in the OSI model, the layers of
the two models do not correspond exactly. Most notably, the application layer has different functions in each
model.
The designers of TCP/IP felt that the application layer should include the OSI session and presentation layer
details. They created an application layer that handles issues of representation, encoding, and dialog control.
The transport layer deals with the quality of service issues of reliability, flow control, and error correction. One
of its protocols, the transmission control protocol (TCP), provides excellent and flexible ways to create
reliable, well-flowing, low-error network communications.

65
Only for individual use – not for distribute on Internet
TCP is a connection-oriented protocol. It maintains a dialogue between source and destination while packaging
application layer information into units called segments. Connection-oriented does not mean that a circuit
exists between the communicating computers. It does mean that Layer 4 segments travel back and forth
between two hosts to acknowledge the connection exists logically for some period.
The purpose of the Internet layer is to divide TCP segments into packets and send them from any network. The
packets arrive at the destination network independent of the path they took to get there. The specific protocol
that governs this layer is called the Internet Protocol (IP). Best path determination and packet switching occur
at this layer.
The relationship between IP and TCP is an important one. IP can be thought to point the way for the packets,
while TCP provides a reliable transport.
The name of the network access layer is very broad and somewhat confusing. It is also known as the host-to-
network layer. This layer is concerned with all of the components, both physical and logical, that are required
to make a physical link. It includes the networking technology details, including all the details in the OSI
physical and data link layers.
Figure -2- illustrates some of the common protocols specified by the TCP/IP reference model layers. Some of
the most commonly used application layer protocols include the following:
 File Transfer Protocol (FTP)
 Hypertext Transfer Protocol (HTTP)
 Simple Mail Transfer Protocol (SMTP)
 Domain Name System (DNS)
 Trivial File Transfer Protocol (TFTP)
The common transport layer protocols include:
 Transport Control Protocol (TCP)
 User Datagram Protocol (UDP)
The primary protocol of the Internet layer is:
 Internet Protocol (IP)
The network access layer refers to any particular technology used on a specific network.
Regardless of which network application services are provided and which transport protocol is used, there is
only one Internet protocol, IP. This is a deliberate design decision. IP serves as a universal protocol that allows
any computer anywhere to communicate at any time.
A comparison of the OSI model and the TCP/IP model will point out some similarities and differences. -3-
Similarities include:
 Both have layers.
 Both have application layers, though they include very different services.
 Both have comparable transport and network layers.
 Both models need to be known by networking professionals.
 Both assume packets are switched. This means that individual packets may take different paths to reach
the same destination. This is contrasted with circuit-switched networks where all the packets take the
same path.
Differences include:
 TCP/IP combines the presentation and session layer issues into its application layer.
 TCP/IP combines the OSI data link and physical layers into the network access layer.
 TCP/IP appears simpler because it has fewer layers.

66
Only for individual use – not for distribute on Internet
 TCP/IP protocols are the standards around which the Internet developed, so the TCP/IP model gains
credibility just because of its protocols. In contrast, networks are not usually built on the OSI protocol,
even though the OSI model is used as a guide.
Although TCP/IP protocols are the standards with which the Internet has grown, this curriculum will use the
OSI model for the following reasons:
 It is a generic, protocol-independent standard.
 It has more details, which make it more helpful for teaching and learning.
 It has more details, which can be helpful when troubleshooting.
Networking professionals differ in their opinions on which model to use. Due to the nature of the industry it is
necessary to become familiar with both. Both the OSI and TCP/IP models will be referred to throughout the
curriculum. The focus will be on the following:
 TCP as an OSI Layer 4 protocol
 IP as an OSI Layer 3 protocol
 Ethernet as a Layer 2 and Layer 1 technology
Remember that there is a difference between a model and an actual protocol that is used in networking. The
OSI model will be used to describe TCP/IP protocols. -4-
Students will identify the differences between the OSI model and the TCP/IP model in the Lab Activity.
In the Interactive Media Activity, students will identify the layers of the TCP/IP reference model.
The next page explains the encapsulation process.
1. The TCP/IP Model 2. Common TCP/IP Protocols

3. Comparing TCP/IP with OSI Model 3. Focus of The CCNA Curriculum

67
Only for individual use – not for distribute on Internet
2.3.7 Detailed encapsulation process
This page describes the process of encapsulation.
All communications on a network originate at a source, and are sent to a destination. The information sent on a
network is referred to as data or data packets. If one computer (host A) wants to send data to another computer
(host B), the data must first be packaged through a process called encapsulation.
Encapsulation wraps data with the necessary protocol information before network transit. Therefore, as the
data packet moves down through the layers of the OSI model, it receives headers, trailers, and other
information.
To see how encapsulation occurs, examine the manner in which data travels through the layers as illustrated in
Figure 1 . Once the data is sent from the source, it travels through the application layer down through the other
layers. The packaging and flow of the data that is exchanged goes through changes as the layers perform their
services for end users. As illustrated in Figure -2- , networks must perform the following five conversion steps
in order to encapsulate data:
Build the data – As a user sends an e-mail message, its alphanumeric characters are converted to data that
can travel across the internetwork.
Package the data for end-to-end transport – The data is packaged for internetwork transport. By using
segments, the transport function ensures that the message hosts at both ends of the e-mail system can
reliably communicate.
Add the network IP address to the header – The data is put into a packet or datagram that contains a
packet header with source and destination logical addresses. These addresses help network devices send
the packets across the network along a chosen path.
Add the data link layer header and trailer – Each network device must put the packet into a frame. The
frame allows connection to the next directly-connected network device on the link. Each device in the
chosen network path requires framing in order for it to connect to the next device.
Convert to bits for transmission – The frame must be converted into a pattern of 1s and 0s (bits) for
transmission on the medium. A clocking function enables the devices to distinguish these bits as they
travel across the medium. The medium on the physical internetwork can vary along the path used. For
example, the e-mail message can originate on a LAN, cross a campus backbone, and go out a WAN
link until it reaches its destination on another remote LAN.
The Lab Activity will provide an in depth review of the OSI model.
The Interactive Media Activity requires students to complete an encapsulation process flowchart.
1. Data Encapsulation 2. Data Encapsulation Examp

Summary
This page summarizes the topics discussed in this module.

68
Only for individual use – not for distribute on Internet
Computer networks developed in response to business and government computing needs. Applying standards
to network functions provided a set of guidelines for creating network hardware and software and provided
compatibility among equipment from different companies. Information could move within a company and
from one business to another.
Network devices, such as repeaters, hubs, bridges, switches and routers connect host devices together to allow
them to communicate. Protocols provide a set of rules for communication.
The physical topology of a network is the actual layout of the wire or media. The logical topology defines how
host devices access the media. The physical topologies that are commonly used are bus, ring, star, extended
star, hierarchical, and mesh. The two most common types of logical topologies are broadcast and token
passing.
A local-area network (LAN) is designed to operate within a limited geographical area. LANs allow multi-
access to high-bandwidth media, control the network privately under local administration, provide full-time
connectivity to local services and connect physically adjacent devices.
A wide-area network (WAN) is designed to operate over a large geographical area. WANs allow access over
serial interfaces operating at lower speeds, provide full-time and part-time connectivity and connect devices
separated over wide areas.
A metropolitan-area network (MAN) is a network that spans a metropolitan area such as a city or suburban
area. A MAN usually consists of two or more LANs in a common geographic area.
A storage-area network (SAN) is a dedicated, high-performance network used to move data between servers
and storage resources. A SAN provides enhanced system performance, is scalable, and has disaster tolerance
built in.
A virtual private network (VPN) is a private network that is constructed within a public network infrastructure.
Three main types of VPNs are access, Intranet, and Extranet VPNs. Access VPNs provide mobile workers or
small office/home office (SOHO) users with remote access to an Intranet or Extranet. Intranets are only
available to users who have access privileges to the internal network of an organization. Extranets are designed
to deliver applications and services that are Intranet based to external users or enterprises.
The amount of information that can flow through a network connection in a given period of time is referred to
as bandwidth. Network bandwidth is typically measured in thousands of bits per second (kbps), millions of bits
per second (Mbps), billions of bits per second (Gbps) and trillions of bits per second (Tbps). The theoretical
bandwidth of a network is an important consideration in network design. If the theoretical bandwidth of a
network connection is known, the formula T=S/BW (transfer time = size of file / bandwidth) can be used to
calculate potential data transfer time. However the actual bandwidth, referred to as throughput, is affected by
multiple factors such as network devices and topology being used, type of data, number of users, hardware and
power conditions.
Data can be encoded on analog or digital signals. Analog bandwidth is a measure of how much of the
electromagnetic spectrum is occupied by each signal. For instance an analog video signal that requires a wide
frequency range for transmission cannot be squeezed into a smaller band. If the necessary analog bandwidth is
not available the signal cannot be sent. In digital signaling all information is sent as bits, regardless of the kind
of information it is. Unlimited amounts of information can be sent over the smallest digital bandwidth channel.
The concept of layers is used to describe communication from one computer to another. Dividing the network
into layers provides the following advantages:
 Reduces complexity
 Standardizes interfaces
 Facilitates modular engineering
 Ensures interoperability
 Accelerates evolution
 Simplifies teaching and learning
Two such layered models are the Open System Interconnection (OSI) and the TCP/IP networking models. In
the OSI reference model, there are seven numbered layers, each of which illustrates a particular network
69
Only for individual use – not for distribute on Internet
function: application, presentation, session, transport, network, data link, and physical. The TCP/IP model has
the following four layers: application, transport, Internet, and network access.
Although some of the layers in the TCP/IP model have the same name as layers in the OSI model, the layers of
the two models do not correspond exactly. The TCP/IP application layer is equivalent to the OSI application,
presentation, and session layers. The TCP/IP model combines the OSI data link and physical layers into the
network access layer.
No matter which model is applied, networks layers perform the following five conversion steps in order to
encapsulate and transmit data:
Images and text are converted to data.
The data is packaged into segments.
The data segment is encapsulated in a packet with the source and destination addresses.
The packet is encapsulated in a frame with the MAC address of the next directly connected device.
The frame is converted to a pattern of ones and zeros (bits) for transmission on the media.

3 CISCO MODUL 3
3.1 COOPER MEDIA

Overview
Copper cable is used in almost every LAN. Many different types of copper cable are available. Each type has
advantages and disadvantages. Proper selection of cabling is key to efficient network operation. Since copper
uses electrical currents to transmit information, it is important to understand some basics of electricity.
Optical fiber is the most frequently used medium for the longer, high bandwidth, point-to-point transmissions
required on LAN backbones and on WANs. Optical media uses light to transmit data through thin glass or
plastic fiber. Electrical signals cause a fiber-optic transmitter to generate the light signals sent down the fiber.
The receiving host receives the light signals and converts them to electrical signals at the far end of the fiber.
However, there is no electricity in the fiber-optic cable. In fact, the glass used in fiber-optic cable is a very
good electrical insulator.
Physical connectivity allows users to share printers, servers, and software, which can increase productivity.
Traditional networked systems require the workstations to remain stationary and permit moves only within the
limits of the media and office area.
The introduction of wireless technology removes these restraints and brings true portability to computer
networks. Currently, wireless technology does not provide the high-speed transfers, security, or uptime
reliability of cabled networks. However, flexibility of wireless has justified the trade off.
Administrators often consider wireless when they install or upgrade a network. A simple wireless network
could be working just a few minutes after the workstations are turned on. Connectivity to the Internet is
provided through a wired connection, router, cable, or DSL modem and a wireless access point that acts as a
hub for the wireless nodes. In a residential or small office environment these devices may be combined into a
single unit.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -2-
Students who complete this module should be able to perform the following tasks: -1-
 Discuss the electrical properties of matter
 Define voltage, resistance, impedance, current, and circuits
 Describe the specifications and performances of different types of cable
 Describe coaxial cable and its advantages and disadvantages compared to other types of cable
70
Only for individual use – not for distribute on Internet
 Describe STP cable and its uses
 Describe UTP cable and its uses
 Discuss the characteristics of straight-through, crossover, and rollover cables and where each is used
 Explain the basics of fiber-optic cable
 Describe how fiber-optic cables can carry light signals over long distances
 Describe multimode and single-mode fiber
 Describe how fiber is installed
 Describe the type of connectors and equipment used with fiber-optic cable
 Explain how fiber is tested to ensure that it will function properly
 Discuss safety issues related to fiber optics
1. Network media

2. INTRO 640-821

3.1.1 Atoms and electrons

This lesson discusses the copper media used in networking. Since all matter is composed of atoms, this page
begins with a detailed explanation of atoms and electrons.
All matter is composed of atoms. The Periodic Table of Elements lists all known types of atoms and their
properties. The atom is comprised of three basic particles:
 Electrons – Particles with a negative charge that orbit the nucleus
71
Only for individual use – not for distribute on Internet
 Protons – Particles with a positive charge
 Neutrons – Neutral particles with no charge
The protons and neutrons are combined together in a small group called a nucleus.
To better understand the electrical properties of different elements, locate helium (He) on the periodic table. -1-
Helium has an atomic number of 2, which means that helium has two protons and two electrons. It has an
atomic weight of 4. If the atomic number of 2 is subtracted from the atomic weight of 4, the result shows that
helium also has two neutrons.
The Danish physicist, Niels Bohr, developed a simplified model to illustrate the atom. -2- This illustration
shows the model for a helium atom. If the protons and neutrons of an atom were the size of adult soccer balls
in the middle of a soccer field, the only thing smaller than the balls would be the electrons. The electrons
would be the size of cherries that would be in orbit near the outer-most seats of the stadium. The overall
volume of this atom would be about the size of the stadium. The nucleus would be the size of the soccer balls.
Coulomb's Electric Force Law states that opposite charges react to each other with a force that causes them to
be attracted to each other. Like charges react to each other with a force that causes them to repel each other. In
the case of opposite and like charges, the force increases as the charges move closer to each other. The force is
inversely proportional to the square of the separation distance. When particles get extremely close together,
nuclear force overrides the repulsive electrical force and keeps the nucleus together. That is why a nucleus
does not fly apart. -3-
Examine the Bohr model of the helium atom. If Coulomb's law is true and the Bohr model describes helium
atoms as stable, then there must be other laws of nature at work. Review both theories to see how they conflict
with each other:
 Coulomb's law – Opposite charges attract and like charges repel.
 The Bohr model – Protons have positive charges and electrons have negative charges. There is more
than one proton in the nucleus.
Electrons stay in orbit, even though the protons attract the electrons. The electrons have just enough velocity to
keep orbiting and not be pulled into the nucleus, just like the moon around the Earth.
Protons do not fly apart from each other because of a nuclear force that is associated with neutrons. The
nuclear force is an incredibly strong force that acts as a kind of glue to hold the protons together.
Electrons are bound to their orbit around the nucleus by a weaker force than nuclear force. Electrons in certain
atoms, such as metals, can be pulled free from the atom and made to flow. This sea of electrons, loosely bound
to the atoms, is what makes electricity possible. Electricity is a free flow of electrons.
Loosened electrons that do not move and have a negative charge are called static electricity. -4- If these static
electrons have an opportunity to jump to a conductor, this can lead to electrostatic discharge (ESD).
Conductors will be discussed later in this module.
ESD is usually harmless to people. However, ESD can create serious problems for sensitive electronic
equipment. A static discharge can randomly damage computer chips, data, or both. The logical circuitry of
computer chips is extremely sensitive to ESD. Students should take safety precautions before they work inside
computers, routers, and similar devices.
Atoms, or groups of atoms called molecules, can be referred to as materials. Materials are classified into three
groups based on how easily free electrons flow through them.
The basis for all electronic devices is the knowledge of how insulators, conductors, and semiconductors control
the flow of electrons and work together.
The Lab Activity reviews the proper way to handle a multimeter.
1. Periodic Table of elements

72
Only for individual use – not for distribute on Internet

2. Helium Atom

3. Forces within the Atom

3.1.2 Voltage
This page discusses voltage.
Voltage is sometimes referred to as electromotive force (EMF). EMF is related to an electrical force, or
pressure, that occurs when electrons and protons are separated. The force that is created pushes toward the
opposite charge and away from the like charge. This process occurs in a battery, where chemical action causes
electrons to be freed from the negative terminal of the battery. The electrons then travel to the opposite, or
positive, terminal through an external circuit. The electrons do not travel through the battery. Remember that
the flow of electricity is really the flow of electrons. Voltage can also be created in three other ways. The first
is by friction, or static electricity. The second way is by magnetism, or an electric generator. The last way that
voltage can be created is by light, or a solar cell.
73
Only for individual use – not for distribute on Internet
Voltage is represented by the letter V, and sometimes by the letter E, for electromotive force. The unit of
measurement for voltage is volt (V). -1- A volt is defined as the amount of work, per unit charge, that is needed
to separate the charges.
In the Lab Activity, students will measure voltage.
The next page describes resistance and impedance.

1. Voltage

3.1.3 Resistance and Impendance ( Insulators, Conductors, Semiconductors )

This page explains the concepts of resistance and impedance.


The materials through which current flows vary in their resistance to the movement of the electrons. The
materials that offer very little or no resistance are called conductors. Those materials that do not allow the
current to flow, or severely restrict its flow, are called insulators. The amount of resistance depends on the
chemical composition of the materials.
All materials that conduct electricity have a measure of resistance to the flow of electrons through them. These
materials also have other effects called capacitance and inductance that relate to the flow of electrons.
Impedance includes resistance, capacitance, and inductance and is similar to the concept of resistance.
Attenuation is important in relation to networks. Attenuation refers to the resistance to the flow of electrons
and explains why a signal becomes degraded as it travels along the conduit.
The letter R represents resistance. The unit of measurement for resistance is the ohm (Ω). The symbol comes
from the Greek letter omega.
Electrical insulators are materials that are most resistant to the flow of electrons through them. Examples of
electrical insulators include plastic, glass, air, dry wood, paper, rubber, and helium gas. These materials have
very stable chemical structures and the electrons are tightly bound within the atoms.
Electrical conductors are materials that allow electrons to flow through them easily. The outermost electrons
are bound very loosely to the nucleus and are easily freed. At room temperature, these materials have a large
number of free electrons that can provide conduction. The introduction of voltage causes the free electrons to
move, which results in a current flow.
The periodic table categorizes some groups of atoms in the form of columns. The atoms in each column belong
to particular chemical families. Although they may have different numbers of protons, neutrons, and electrons,
their outermost electrons have similar orbits and interactions with other atoms and molecules. The best
conductors are metals such as copper (Cu), silver (Ag), and gold (Au). These metals have electrons that are
easily freed. Other conductors include solder, which is a mixture of lead (Pb) and tin (Sn), and water with
ions. An ion is an atom that has a different number of electrons than the number of protons in the nucleus. The
human body is made of approximately 70 percent water with ions, which means that it is a conductor.
Semiconductors are materials that allow the amount of electricity they conduct to be precisely controlled.
These materials are listed together in one column of the periodic chart. Examples include carbon (C),
germanium (Ge), and the alloy gallium arsenide (GaAs). Silicon (Si) is the most important semiconductor
because it makes the best microscopic-sized electronic circuits.
Silicon is very common and can be found in sand, glass, and many types of rocks. The region around San Jose,
California is known as Silicon Valley because the computer industry, which depends on silicon microchips,
started in that area. -1-
The Lab Activity demonstrates how to measure resistance and continuity.

74
Only for individual use – not for distribute on Internet
The Interactive Media Activity identifies the resistance and impedance characteristics of different types of
material.

1. Insulators, Conductors, Semiconductors

3.1.4 Current
This page provides a detailed explanation of current.
Electrical current is the flow of charges created when electrons move. In electrical circuits, the current is
caused by a flow of free electrons. When voltage is applied and there is a path for the current, electrons move
from the negative terminal along the path to the positive terminal. -1- The negative terminal repels the electrons
and the positive terminal attracts the electrons. The letter I represents current. The unit of measurement for
current is Ampere (A). An ampere is defined as the number of charges per second that pass by a point along a
path.
Current can be thought of as the amount or volume of electron traffic that flows. Voltage can be thought of as
the speed of the electron traffic. The combination of amperage and voltage equals wattage. Electrical devices
such as light bulbs, motors, and computer power supplies are rated in terms of watts. Wattage indicates how
much power a device consumes or produces.
It is the current or amperage in an electrical circuit that really does the work. For example, static electricity has
such a high voltage that it can jump a gap of an inch or more. However, it has very low amperage and as a
result can create a shock but not permanent injury. The starter motor in an automobile operates at a relatively
low 12 volts but requires very high amperage to generate enough energy to turn over the engine. Lightning has
very high voltage and high amperage and can cause severe damage or injury.

75
Only for individual use – not for distribute on Internet
3.1.5 Circuits
This page explains circuits.
Current flows in closed loops called circuits. These circuits must be made of conductive materials and must
have sources of voltage. Voltage causes current to flow. Resistance and impedance oppose it. Current consists
of electrons that flow away from negative terminals and toward positive terminals. These facts allow people to
control the flow of current.
Electricity will naturally flow to the earth if there is a path. Current also flows along the path of least
resistance. If a human body provides the path of least resistance, the current will flow through it. When an
electric appliance has a plug with three prongs, one of the prongs acts as the ground, or 0 volts. The ground
provides a conductive path for the electrons to flow to the earth. The resistance of the body would be greater
than the resistance of the ground.
Ground typically means the 0-volts level in reference to electrical measurements. Voltage is created by the
separation of charges, which means that voltage measurements must be made between two points.
A water analogy can help explain the concept of electricity. The higher the water and the greater the pressure,
the more the water will flow. The water current also depends on the size of the space it must flow through.
Similarly, the higher the voltage and the greater the electrical pressure, the more current will be produced. The
electric current then encounters resistance that, like the water tap, reduces the flow. If the electric current is in
an AC circuit, then the amount of current will depend on how much impedance is present. If the electric
current is in a DC circuit, then the amount of current will depend on how much resistance is present. The pump
is like a battery. It provides pressure to keep the flow moving. -1-
The relationship among voltage, resistance, and current is voltage (V) equals current (I) multiplied by
resistance (R). In other words, V=I*R. This is Ohm‘s law, named after the scientist who explored these issues.
Two ways in which current flows are alternating current (AC) and direct current (DC). AC voltages change
their polarity, or direction, over time. AC flows in one direction, then reverses its direction and flows in the
other direction, and then repeats the process. AC voltage is positive at one terminal, and negative at the other.
Then the AC voltage reverses its polarity, so that the positive terminal becomes negative, and the negative
terminal becomes positive. This process repeats itself continuously.
DC always flows in the same direction and DC voltages always have the same polarity. One terminal is always
positive, and the other is always negative. They do not change or reverse.
An oscilloscope is an electronic device used to measure electrical signals relative to time. An oscilloscope
graphs the electrical waves, pulses, and patterns. An oscilloscope has an x-axis that represents time, and a y-
axis that represents voltage. -2- There are usually two y-axis voltage inputs so that two waves can be observed
and measured at the same time.
Power lines carry electricity in the form of AC because it can be delivered efficiently over large distances. DC
can be found in flashlight batteries, car batteries, and as power for the microchips on the motherboard of a
computer, where it only needs to go a short distance.
Electrons flow in closed circuits, or complete loops. Figure -3- shows a simple circuit. The chemical processes
in the battery cause charges to build up. This provides a voltage, or electrical pressure, that enables electrons to
flow through various devices. The lines represent a conductor, which is usually copper wire. Think of a switch
as two ends of a single wire that can be opened or broken to prevent the flow of electrons. When the two ends
are closed, fixed, or shorted, electrons are allowed to flow. Finally, a light bulb provides resistance to the flow
of electrons, which causes the electrons to release energy in the form of light. The circuits in networks use a
much more complex version of this simple circuit.
For AC and DC electrical systems, the flow of electrons is always from a negatively charged source to a
positively charged source. However, for the controlled flow of electrons to occur, a complete circuit is
required. Figure -4- shows part of the electrical circuit that brings power to a home or office.
The Lab Activity explores the basic properties of series circuits.

1. Water Analogy for Electricy 2. Osciloscope

76
Only for individual use – not for distribute on Internet

3. Series circuit Flashlight 4. Groundung and network Equipment

3.1.6 Cable specifications

This page discusses cable specifications and expectations.


Cables have different specifications and expectations. Important considerations related to performance are
as follows:
 What speeds for data transmission can be achieved? The speed of bit transmission through the cable is
extremely important. The speed of transmission is affected by the kind of conduit used.
 Will the transmissions be digital or analog? Digital or baseband transmission and analog or broadband
transmission require different types of cable.
 How far can a signal travel before attenuation becomes a concern? If the signal is degraded, network
devices might not be able to receive and interpret the signal. The distance the signal travels through the
cable affects attenuation of the signal. Degradation is directly related to the distance the signal travels
and the type of cable used.
The following Ethernet specifications relate to cable type:
 10BASE-T
 10BASE5
 10BASE2

77
Only for individual use – not for distribute on Internet
10BASE-T refers to the speed of transmission at 10 Mbps. -1- The type of transmission is baseband, or
digitally interpreted. The T stands for twisted pair.
10BASE5 refers to the speed of transmission at 10 Mbps. The type of transmission is baseband, or digitally
interpreted. The 5 indicates that a signal can travel for approximately 500 meters before attenuation could
disrupt the ability of the receiver to interpret the signal. 10BASE5 is often referred to as Thicknet. Thicknet is a
type of network and 10BASE5 is the Ethernet specification used in that network.
10BASE2 refers to the speed of transmission at 10 Mbps. The type of transmission is baseband, or digitally
interpreted. The 2, in 10BASE2, refers to the approximate maximum segment length being 200 meters before
attenuation could disrupt the ability of the receiver to appropriately interpret the signal being received. The
maximum segment length is actually 185 meters. 10BASE2 is often referred to as Thinnet. Thinnet is a type of
network and 10BASE2 is the Ethernet specification used in that network.

1. Cable specification

3.1.7 Coaxial cable


This page provides detailed information about coaxial cable.
Coaxial cable consists of a copper conductor surrounded by a layer of flexible insulation. -1- The center
conductor can also be made of tin plated aluminium cable allowing for the cable to be manufactured
inexpensively. Over this insulating material is a woven copper braid or metallic foil that acts as the second wire
in the circuit and as a shield for the inner conductor. This second layer, or shield also reduces the amount of
outside electromagnetic interference. Covering this shield is the cable jacket.
For LANs, coaxial cable offers several advantages. It can be run longer distances than shielded twisted
pair, STP, unshielded twisted pair, UTP, and screened twisted pair, ScTP, cable without the need for
repeaters. Repeaters regenerate the signals in a network so that they can cover greater distances. Coaxial cable
is less expensive than fiber-optic cable and the technology is well known. It has been used for many years for
many types of data communication such as cable television.
It is important to consider the size of a cable. As the thickness increases, it becomes more difficult to work
with a cable. Remember that cable must be pulled through conduits and troughs that are limited in size.
Coaxial cable comes in a variety of sizes. The largest diameter was specified for use as Ethernet backbone
cable since it has greater transmission lengths and noise rejection characteristics. This type of coaxial cable is
frequently referred to as Thicknet. This type of cable can be too rigid to install easily in some situations.
Generally, the more difficult the network media is to install, the more expensive it is to install. Coaxial cable is
more expensive to install than twisted-pair cable. Thicknet cable is rarely used anymore aside from special
purpose installations.
In the past, Thinnet coaxial cable with an outside diameter of only 0.35 cm was used in Ethernet networks. It
was especially useful for cable installations that required the cable to make many twists and turns. Since
Thinnet was easier to install, it was also cheaper to install. This led some people to refer to it as Cheapernet.
The outer copper or metallic braid in coaxial cable comprises half the electric circuit. A solid electrical
78
Only for individual use – not for distribute on Internet
connection at both ends is important to properly ground the cable. Poor shield connection is one of the biggest
sources of connection problems in the installation of coaxial cable. Connection problems result in electrical
noise that interferes with signal transmission. For this reason Thinnet is no longer commonly used nor
supported by latest standards, 100 Mbps and higher, for Ethernet networks.

1. Coaxial Cable

3.1.8 STP cable


This page provides detailed information about STP cable.
STP cable combines the techniques of cancellation, shielded, and twisted wires. -1- Each pair of wires is
wrapped in metallic foil. The two pairs of wires are wrapped in an overall metallic braid or foil. It is usually
150-ohm cable. As specified for use in Token Ring network installations, STP reduces electrical noise within
the cable such as pair to pair coupling and crosstalk. STP also reduces electronic noise from outside the cable
such as electromagnetic interference (EMI) and radio frequency interference (RFI). STP cable shares many of
the advantages and disadvantages of UTP cable. STP provides more protection from all types of external
interference. However, STP is more expensive and difficult to install than UTP.
A new hybrid of UTP is Screened UTP (ScTP), which is also known as foil screened twisted pair (FTP). -2-
ScTP is essentially UTP wrapped in a metallic foil shield, or screen. ScTP, like UTP, is also 100-ohm cable.
Many cable installers and manufacturers may use the term STP to describe ScTP cabling. It is important to
understand that most references made to STP today actually refer to four-pair shielded cabling. It is highly
unlikely that true STP cable will be used during a cable installation job.
The metallic shielding materials in STP and ScTP need to be grounded at both ends. If improperly grounded
or if there are any discontinuities in the entire length of the shielding material, STP and ScTP can become
susceptible to major noise problems. They are susceptible because they allow the shield to act like an antenna
that picks up unwanted signals. However, this effect works both ways. Not only does the shield prevent
incoming electromagnetic waves from causing noise on data wires, but it also minimizes the outgoing radiated
electromagnetic waves. These waves could cause noise in other devices. STP and ScTP cable cannot be run as
far as other networking media, such as coaxial cable or optical fiber, without the signal being repeated. More
insulation and shielding combine to considerably increase the size, weight, and cost of the cable. The shielding
materials make terminations more difficult and susceptible to poor workmanship. However, STP and ScTP still
have a role, especially in Europe or installations where there is extensive EMI and RFI near the cabling.

79
Only for individual use – not for distribute on Internet
1. Shielded Twisted-pair Cable 2. ScTP ( Screened Twisted Pair )

3.1.9 UTP cable


This page provides detailed information about UTP cable.
UTP -1- is a four-pair wire medium used in a variety of networks. Each of the eight copper wires in the UTP
cable is covered by insulating material. In addition, each pair of wires is twisted around each other. This type
of cable relies on the cancellation effect produced by the twisted wire pairs to limit signal degradation caused
by EMI and RFI. To further reduce crosstalk between the pairs in UTP cable, the number of twists in the wire
pairs varies. Like STP cable, UTP cable must follow precise specifications as to how many twists or braids are
permitted per foot of cable.
TIA/EIA-568-B.2 contains specifications that govern cable performance. It involves the connection of two
cables, one for voice and one for data, to each outlet. The cable for voice must be four-pair UTP. Category 5e
is the cable most frequently recommended and implemented in installations. However, analyst predictions and
independent polls indicate that Category 6 cable will supersede Category 5e cable in network installations. The
fact that Category 6 link and channel requirements are backward compatible to Category 5e makes it very easy
for customers to choose Category 6 and supersede Category 5e in their networks. Applications that work over
Category 5e will work over Category 6.
UTP cable has many advantages. It is easy to install and is less expensive than other types of networking
media. In fact, UTP costs less per meter than any other type of LAN cabling. -2- However, the real advantage
is the size. Since it has such a small external diameter, UTP does not fill up wiring ducts as rapidly as other
types of cable. This can be an extremely important factor to consider, particularly when a network is installed
in an older building. When UTP cable is installed with an RJ-45 connector, potential sources of network noise
are greatly reduced and a good solid connection is almost guaranteed.
There are some disadvantages of twisted-pair cabling. UTP cable is more prone to electrical noise and
interference than other types of networking media, and the distance between signal boosts is shorter for UTP
than it is for coaxial and fiber optic cables.
Twisted pair cabling was once considered to have a slower data rate than other types of cable. This is no longer
true. In fact, today, twisted pair is considered to have the fastest data rate of any copper-based media.
For communication to occur the signal that is transmitted by the source needs to be understood by the
destination. This is true from both a software and physical perspective. The transmitted signal needs to be
properly received by the circuit connection designed to receive signals. The transmit pin of the source needs to
ultimately connect to the receiving pin of the destination. The following are the types of cable connections
used between internetwork devices.
In Figure -3- , a LAN switch is connected to a computer. The cable that connects from the switch port to the
computer NIC port is called a straight-through cable.
In Figure -5- , two switches are connected together. The cable that connects from one switch port to another
switch port is called a crossover cable.

80
Only for individual use – not for distribute on Internet
In Figure -7- , the cable that connects the RJ-45 adapter on the com port of the computer to the console port of
the router or switch is called a rollover cable.
The cables are defined by the type of connections, or pinouts, from one end to the other end of the cable. See
Figures -4- , -6- , and -8- . A technician can compare both ends of the same cable by placing them next to each
other, provided the cable has not yet been placed in a wall. The technician observes the colors of the two RJ-45
connections by placing both ends with the clip placed into the hand and the top of both ends of the cable
pointing away from the technician. A straight-through cable should have both ends with identical color
patterns. While comparing the ends of a cross-over cable, the color of pins #1 and #2 will appear on the other
end at pins #3 and #6, and vice-versa. This occurs because the transmit and receive pins are in different
locations. On a rollover cable, the color combination from left to right on one end should be exactly opposite to
the color combination on the other end.
In the first Lab Activity, a simple communication system is designed, built, and tested.
In the next Lab Activity, students will use a cable tester to determine if a straight-through or crossover cable is
good or bad.
The next three Lab Activities will provides hands-on experience with straight-through, rollover, and crossover
cable construction.
In the final Lab Activity, students will research cable costs.

1. Unshielded twisted Pair Cable 2. UTP Cabling

3. Connecting Diferent Devices 4. Straight-trough Cable Pinout

5. Connecting similar Devices 7. Connecting to a Console Port

6. Cross-over Cable

81
Only for individual use – not for distribute on Internet

8. Rollover Cable

3.2 OPTICAL MEDIA

3.2.1 The electromagnetic spectrum

This page introduces the electromagnetic spectrum.


The light used in optical fiber networks is one type of electromagnetic energy. When an electric charge moves
back and forth, or accelerates, a type of energy called electromagnetic energy is produced. This energy in the
form of waves can travel through a vacuum, the air, and through some materials like glass. An important
property of any energy wave is the wavelength. -1-
Radio, microwaves, radar, visible light, x-rays, and gamma rays seem to be very different things. However,
they are all types of electromagnetic energy. If all the types of electromagnetic waves are arranged in order
from the longest wavelength down to the shortest wavelength, a continuum called the electromagnetic
spectrum is created. -2-
The wavelength of an electromagnetic wave is determined by how frequently the electric charge that generates
the wave moves back and forth. If the charge moves back and forth slowly, the wavelength it generates is a
long wavelength. Visualize the movement of the electric charge as like that of a stick in a pool of water. If the
stick is moved back and forth slowly, it will generate ripples in the water with a long wavelength between the
tops of the ripples. If the stick is moved back and forth more rapidly, the ripples will have a shorter
wavelength.
Because electromagnetic waves are all generated in the same way, they share many of the same properties. The
waves all travel at the same rate of speed though a vacuum. The rate is approximately 300,000 kilometers per
second or 186,283 miles per second. This is also the speed of light.

82
Only for individual use – not for distribute on Internet
Human eyes were designed to only sense electromagnetic energy with wavelengths between 700 nanometers
and 400 nanometers (nm). A nanometer is one billionth of a meter (0.000000001 meter) in length.
Electromagnetic energy with wavelengths between 700 and 400 nm is called visible light. The longer
wavelengths of light that are around 700 nm are seen as the color red. The shortest wavelengths that are around
400 nm appear as the color violet. This part of the electromagnetic spectrum is seen as the colors in a rainbow.
-3-
Wavelengths that are not visible to the human eye are used to transmit data over optical fiber. These
wavelengths are slightly longer than red light and are called infrared light. Infrared light is used in TV remote
controls. The wavelength of the light in optical fiber is either 850 nm, 1310 nm, or 1550 nm. These
wavelengths were selected because they travel through optical fiber better than other wavelengths.

1. Wavwlenght

2. Electromagnetic spectrum

83
Only for individual use – not for distribute on Internet
3. Visible spectrum

3.2.2 Ray model of light


This page describes the properties of light rays.
When electromagnetic waves travel out from a source, they travel in straight lines. These straight lines pointing
out from the source are called rays. -1-
Think of light rays as narrow beams of light like those produced by lasers. In the vacuum of empty space, light
travels continuously in a straight line at 300,000 kilometers per second. However, light travels at different,
slower speeds through other materials like air, water, and glass. When a light ray called the incident ray,
crosses the boundary from one material to another, some of the light energy in the ray will be reflected back.
That is why you can see yourself in window glass. The light that is reflected back is called the reflected ray.
The light energy in the incident ray that is not reflected will enter the glass. The entering ray will be bent at an
angle from its original path. This ray is called the refracted ray. How much the incident light ray is bent
depends on the angle at which the incident ray strikes the surface of the glass and the different rates of speed at
which light travels through the two substances.
The bending of light rays at the boundary of two substances is the reason why light rays are able to travel
through an optical fiber even if the fiber curves in a circle.
The optical density of the glass determines how much the rays of light in the glass bends. Optical density refers
to how much a light ray slows down when it passes through a substance. The greater the optical density of a
material, the more it slows light down from its speed in a vacuum. The index of refraction is defined as the
speed of light in vacuum divided by the speed of light in the medium. Therefore, the measure of the optical
density of a material is the index of refraction of that material. A material with a large index of refraction is
more optically dense and slows down more light than a material with a smaller index of refraction. -2-
For a substance like glass, the Index of Refraction, or the optical density, can be made larger by adding
chemicals to the glass. Making the glass very pure can make the index of refraction smaller. The next lessons
will provide further information about reflection and refraction, and their relation to the design and function of
optical fiber.
The Interactive Media Activity demonstrates how light travels.

1. The Ray model of light

84
Only for individual use – not for distribute on Internet
2. Indeks of Refraction

3.2.3 Reflection
This page provides an overview of reflection.
When a ray of light (the incident ray) strikes the shiny surface of a flat piece of glass, some of the light energy
in the ray is reflected. -1- The angle between the incident ray and a line perpendicular to the surface of the glass
at the point where the incident ray strikes the glass is called the angle of incidence. The perpendicular line is
called the normal. It is not a light ray but a tool to allow the measurement of angles. The angle between the
reflected ray and the normal is called the angle of reflection. The Law of Reflection states that the angle of
reflection of a light ray is equal to the angle of incidence. In other words, the angle at which a light ray strikes a
reflective surface determines the angle that the ray will reflect off the surface. -2-
The Interactive Media Activity demonstrates the laws of reflection.

1. Reflection 2. Reflection

3.2.4 Refraction
This page provides an overview of refraction.
When a light strikes the interface between two transparent materials, the light divides into two parts. Part of the
light ray is reflected back into the first substance, with the angle of reflection equaling the angle of incidence.
The remaining energy in the light ray crosses the interface and enters into the second substance.
If the incident ray strikes the glass surface at an exact 90-degree angle, the ray goes straight into the glass. The
ray is not bent. However, if the incident ray is not at an exact 90-degree angle to the surface, then the
transmitted ray that enters the glass is bent. The bending of the entering ray is called refraction. How much the
ray is refracted depends on the index of refraction of the two transparent materials. If the light ray travels from
a substance whose index of refraction is smaller, into a substance where the index of refraction is larger, the
refracted ray is bent towards the normal. If the light ray travels from a substance where the index of refraction
is larger into a substance where the index of refraction is smaller, the refracted ray is bent away from the
normal. -1-
Consider a light ray moving at an angle other than 90 degrees through the boundary between glass and a
diamond. -2- The glass has an index of refraction of about 1.523. The diamond has an index of refraction of
about 2.419. Therefore, the ray that continues into the diamond will be bent towards the normal. When that

85
Only for individual use – not for distribute on Internet
light ray crosses the boundary between the diamond and the air at some angle other than 90 degrees, it will be
bent away from the normal. The reason for this is that air has a lower index of refraction, about 1.000 less than
the index of refraction of the diamond.
The Interactive Media Activity shows how refraction works.
1. Refraction 2. Refraction

3.2.5 Total internal reflection


This page explains total internal refraction as it relates to optical media.
A light ray that is being turned on and off to send data (1s and 0s) into an optical fiber must stay inside the
fiber until it reaches the far end. The ray must not refract into the material wrapped around the outside of the
fiber. The refraction would cause the loss of part of the light energy of the ray. A design must be achieved for
the fiber that will make the outside surface of the fiber act like a mirror to the light ray moving through the
fiber. If any light ray that tries to move out through the side of the fiber were reflected back into the fiber at an
angle that sends it towards the far end of the fiber, this would be a good "pipe" or "wave guide" for the light
waves. -1-
The laws of reflection and refraction illustrate how to design a fiber that guides the light waves through the
fiber with a minimum energy loss. The following two conditions must be met for the light rays in a fiber to be
reflected back into the fiber without any loss due to refraction:
 The core of the optical fiber has to have a larger index of refraction (n) than the material that surrounds
it. The material that surrounds the core of the fiber is called the cladding.
 The angle of incidence of the light ray is greater than the critical angle for the core and its cladding. -2-
When both of these conditions are met, the entire incident light in the fiber is reflected back inside the fiber.
This is called total internal reflection, which is the foundation upon which optical fiber is constructed. Total
internal reflection causes the light rays in the fiber to bounce off the core-cladding boundary and continue its
journey towards the far end of the fiber. The light will follow a zigzag path through the core of the fiber.
A fiber that meets the first condition can be easily created. In addition, the angle of incidence of the light rays
that enter the core can be controlled. Restricting the following two factors controls the angle of incidence:
 The numerical aperture of the fiber – The numerical aperture of a core is the range of angles of
incident light rays entering the fiber that will be completely reflected.
 Modes – The paths which a light ray can follow when traveling down a fiber. -3-, -4-
By controlling both conditions, the fiber run will have total internal reflection. This gives a light wave guide
that can be used for data communications.

86
Only for individual use – not for distribute on Internet
1. Total Internal Reflection 2. Total Internal Reflection

3. Numerical Aperture 4. Critical Angle

3.2.6 Multimode fiber


This page will introduce multimode fiber.
The part of an optical fiber through which light rays travel is called the core of the fiber. -1- Light rays can only
enter the core if their angle is inside the numerical aperture of the fiber. Likewise, once the rays have entered
the core of the fiber, there are a limited number of optical paths that a light ray can follow through the fiber.
These optical paths are called modes. If the diameter of the core of the fiber is large enough so that there are
many paths that light can take through the fiber, the fiber is called "multimode" fiber. Single-mode fiber has a
much smaller core that only allows light rays to travel along one mode inside the fiber. -2-, -3-
Every fiber-optic cable used for networking consists of two glass fibers encased in separate sheaths. One
fiber carries transmitted data from device A to device B. -4- The second fiber carries data from device B to
device A. The fibers are similar to two one-way streets going in opposite directions. This provides a full-
duplex communication link. Copper twisted-pair uses a wire pair to transmit and a wire pair to receive. Fiber-
optic circuits use one fiber strand to transmit and one to receive. Typically, these two fiber cables will be in a
single outer jacket until they reach the point at which connectors are attached. -5-
Until the connectors are attached, there is no need for shielding, because no light escapes when it is inside a
fiber. This means there are no crosstalk issues with fiber. It is very common to see multiple fiber pairs
encased in the same cable. This allows a single cable to be run between data closets, floors, or buildings. One
cable can contain 2 to 48 or more separate fibers. With copper, one UTP cable would have to be pulled for
each circuit. Fiber can carry many more bits per second and carry them farther than copper can.
Usually, five parts make up each fiber-optic cable. The parts are the core, the cladding, a buffer, a strength
material, and an outer jacket. -6-
The core is the light transmission element at the center of the optical fiber. All the light signals travel through
the core. A core is typically glass made from a combination of silicon dioxide (silica) and other elements.
Multimode uses a type of glass, called graded index glass for its core. This glass has a lower index of refraction
towards the outer edge of the core. Therefore, the outer area of the core is less optically dense than the center
and light can go faster in the outer part of the core. This design is used because a light ray following a mode
87
Only for individual use – not for distribute on Internet
that goes straight down the center of the core does not have as far to travel as a ray following a mode that
bounces around in the fiber. All rays should arrive at the end of the fiber together. Then the receiver at the end
of the fiber receives a strong flash of light rather than a long, dim pulse.
Surrounding the core is the cladding. Cladding is also made of silica but with a lower index of refraction than
the core. Light rays traveling through the fiber core reflect off this core-to-cladding interface as they move
through the fiber by total internal reflection. Standard multimode fiber-optic cable is the most common type of
fiber-optic cable used in LANs. A standard multimode fiber-optic cable uses an optical fiber with either a 62.5
or a 50-micron core and a 125-micron diameter cladding. This is commonly designated as 62.5/125 or 50/125
micron optical fiber. A micron is one millionth of a meter (1µ).
Surrounding the cladding is a buffer material that is usually plastic. The buffer material helps shield the core
and cladding from damage. There are two basic cable designs. They are the loose-tube and the tight-buffered
cable designs. -7- Most of the fiber used in LANs is tight-buffered multimode cable. Tight-buffered cables have
the buffering material that surrounds the cladding in direct contact with the cladding. The most practical
difference between the two designs is the applications for which they are used. Loose-tube cable is primarily
used for outside-building installations, while tight-buffered cable is used inside buildings.
The strength material surrounds the buffer, preventing the fiber cable from being stretched when installers pull
it. The material used is often Kevlar, the same material used to produce bulletproof vests.
The final element is the outer jacket. The outer jacket surrounds the cable to protect the fiber against abrasion,
solvents, and other contaminants. The color of the outer jacket of multimode fiber is usually orange, but
occasionally another color.
Infrared Light Emitting Diodes (LEDs) or Vertical Cavity Surface Emitting Lasers (VCSELs) are two types of
light source usually used with multimode fiber. Use one or the other. LEDs are a little cheaper to build and
require somewhat less safety concerns than lasers. However, LEDs cannot transmit light over cable as far as
the lasers. Multimode fiber (62.5/125) can carry data distances of up to 2000 meters (6,560 ft).

1. Fiber Optic 1. Single-mode versus Multimode

3. Multimode and Single-mode 4. Duplex Fiber

88
Only for individual use – not for distribute on Internet
5. Fiber-Optic Cable Connector 6. Cross-section showing the Layers

7. Cross-section showing the Layers

3.2.7 Single-mode fiber


This page will introduce single-mode fiber.
Single-mode fiber consists of the same parts as multimode. The outer jacket of single-mode fiber is usually
yellow. The major difference between multimode and single-mode fiber is that single-mode allows only one
mode of light to propagate through the smaller, fiber-optic core. The single-mode core is eight to ten microns
in diameter. Nine-micron cores are the most common. A 9/125 marking on the jacket of the single-mode fiber
indicates that the core fiber has a diameter of 9 microns and the surrounding cladding is 125 microns in
diameter.
An infrared laser is used as the light source in single-mode fiber. The ray of light it generates enters the core at
a 90-degree angle. As a result, the data carrying light ray pulses in single-mode fiber are essentially transmitted
in a straight line right down the middle of the core. -1- This greatly increases both the speed and the distance
that data can be transmitted.
Because of its design, single-mode fiber is capable of higher rates of data transmission (bandwidth) and greater
cable run distances than multimode fiber. Single-mode fiber can carry LAN data up to 3000 meters. Although
this distance is considered a standard, newer technologies have increased this distance and will be discussed in
a later module. Multimode is only capable of carrying up to 2000 meters. Lasers and single-mode fibers are
more expensive than LEDs and multimode fiber. Because of these characteristics, single-mode fiber is often
used for inter-building connectivity.
Warming: The laser light used with single-mode has a longer wavelength than can be seen. The laser is so
strong that it can seriously damage eyes. Never look at the near end of a fiber that is connected to a device at

89
Only for individual use – not for distribute on Internet
the far end. Never look into the transmit port on a NIC, switch, or router. Remember to keep protective covers
over the ends of fiber and inserted into the fiber-optic ports of switches and routers. Be very careful.
Figure -2- compares the relative sizes of the core and cladding for both types of fiber optic in different sectional
views. The much smaller and more refined fiber core in single-mode fiber is the reason single-mode has a
higher bandwidth and cable run distance than multimode fiber. However, it entails more manufacturing costs.
1. Single-mode Fiber

2. Single mode and Multimode Fiber

3.2.8 Other optical components


This page explains how optical devices are used to transmit data.
Most of the data sent over a LAN is in the form of electrical signals. However, optical fiber links use light to
send data. Something is needed to convert the electricity to light and at the other end of the fiber convert the
light back to electricity. This means that a transmitter and a receiver are required. -1-
The transmitter receives data to be transmitted from switches and routers. This data is in the form of electrical
signals. The transmitter converts the electronic signals into their equivalent light pulses. There are two types
of light sources used to encode and transmit the data through the cable:
 A light emitting diode (LED) producing infrared light with wavelengths of either 850 nm or 1310 nm.
These are used with multimode fiber in LANs. Lenses are used to focus the infrared light on the end of
the fiber.
 Light amplification by stimulated emission radiation (LASER) a light source producing a thin beam of
intense infrared light usually with wavelengths of 1310nm or 1550 nm. Lasers are used with single-
mode fiber over the longer distances involved in WANs or campus backbones. Extra care should be
exercised to prevent eye injury.
Each of these light sources can be lighted and darkened very quickly to send data (1s and 0s) at a high number
of bits per second.
At the other end of the optical fiber from the transmitter is the receiver. The receiver functions something like
the photoelectric cell in a solar powered calculator. When light strikes the receiver, it produces electricity. The
first job of the receiver is to detect a light pulse that arrives from the fiber. Then the receiver converts the light
pulse back into the original electrical signal that first entered the transmitter at the far end of the fiber. Now the
signal is again in the form of voltage changes. The signal is ready to be sent over copper wire into any
90
Only for individual use – not for distribute on Internet
receiving electronic device such as a computer, switch, or router. The semiconductor devices that are usually
used as receivers with fiber-optic links are called p-intrinsic-n diodes (PIN photodiodes).
PIN photodiodes are manufactured to be sensitive to 850, 1310, or 1550 nm of light that are generated by the
transmitter at the far end of the fiber. When struck by a pulse of light at the proper wavelength, the PIN
photodiode quickly produces an electric current of the proper voltage for the network. It instantly stops
producing the voltage when no light strikes the PIN photodiode. This generates the voltage changes that
represent the data 1s and 0s on a copper cable.
Connectors are attached to the fiber ends so that the fibers can be connected to the ports on the transmitter and
receiver. The type of connector most commonly used with multimode fiber is the Subscriber Connector (SC).
On single-mode fiber, the Straight Tip (ST) connector is frequently used. -2-, -3-
In addition to the transmitters, receivers, connectors, and fibers that are always required on an optical network,
repeaters and fiber patch panels are often seen.
Repeaters are optical amplifiers that receive attenuating light pulses traveling long distances and restore them
to their original shapes, strengths, and timings. The restored signals can then be sent on along the journey to
the receiver at the far end of the fiber.
Fiber patch panels similar to the patch panels used with copper cable. These panels increase the flexibility of
an optical network by allowing quick changes to the connection of devices like switches or routers with various
available fiber runs, or cable links. -4-, -5-
The Lab Activity will teach students about the price of different types of fiber cables.

1. Transmission devices

2. ST and SC Connectors

91
Only for individual use – not for distribute on Internet
3. Fiber-Optic Connectors

4. Fiber-Optic Patch Panels

5. Fiber-Optic Patch Panels

3.2.9 Signals and noise in optical fibers

This page explains some factors that reduce signal strength in optical media.
Fiber-optic cable is not affected by the sources of external noise that cause problems on copper media because
external light cannot enter the fiber except at the transmitter end. The cladding is covered by a buffer and an
outer jacket that stops light from entering or leaving the cable.
Furthermore, the transmission of light on one fiber in a cable does not generate interference that disturbs
transmission on any other fiber. This means that fiber does not have the problem with crosstalk that copper
media does. In fact, the quality of fiber-optic links is so good that the recent standards for gigabit and ten
92
Only for individual use – not for distribute on Internet
gigabit Ethernet specify transmission distances that far exceed the traditional two-kilometer reach of the
original Ethernet. Fiber-optic transmission allows the Ethernet protocol to be used on metropolitan-area
networks (MANs) and wide-area networks (WANs).
Although fiber is the best of all the transmission media at carrying large amounts of data over long distances,
fiber is not without problems. When light travels through fiber, some of the light energy is lost. The farther a
light signal travels through a fiber, the more the signal loses strength. This attenuation of the signal is due to
several factors involving the nature of fiber itself. The most important factor is scattering. The scattering of
light in a fiber is caused by microscopic non-uniformity (distortions) in the fiber that reflects and scatters some
of the light energy.
Absorption is another cause of light energy loss. When a light ray strikes some types of chemical impurities in
a fiber, the impurities absorb part of the energy. This light energy is converted to a small amount of heat
energy. Absorption makes the light signal a little dimmer.
Another factor that causes attenuation of the light signal is manufacturing irregularities or roughness in the
core-to-cladding boundary. Power is lost from the light signal because of the less than perfect total internal
reflection in that rough area of the fiber. Any microscopic imperfections in the thickness or symmetry of the
fiber will cut down on total internal reflection and the cladding will absorb some light energy.
Dispersion of a light flash also limits transmission distances on a fiber. Dispersion is the technical term for the
spreading of pulses of light as they travel down the fiber. -1-
Graded index multimode fiber is designed to compensate for the different distances the various modes of light
have to travel in the large diameter core. Single-mode fiber does not have the problem of multiple paths that
the light signal can follow. However, chromatic dispersion is a characteristic of both multimode and single-
mode fiber. When wavelengths of light travel at slightly different speeds through glass than do other
wavelengths, chromatic dispersion is caused. That is why a prism separates the wavelengths of light. Ideally,
an LED or Laser light source would emit light of just one frequency. Then chromatic dispersion would not be a
problem.
Unfortunately, lasers, and especially LEDs generate a range of wavelengths so chromatic dispersion limits the
distance that can be transmitted on a fiber. If a signal is transmitted too far, what started as a bright pulse of
light energy will be spread out, separated, and dim when it reaches the receiver. The receiver will not be able to
distinguish a one from a zero.
1. Dispersion in Optical Fibers

3.2.10 Installation, care, and testing of optical fiber

This page will teach students how to troubleshoot optical fiber.


A major cause of too much attenuation in fiber-optic cable is improper installation. If the fiber is stretched or
curved too tightly, it can cause tiny cracks in the core that will scatter the light rays. Bending the fiber in too
tight a curve can change the incident angle of light rays striking the core-to-cladding boundary. Then the
incident angle of the ray will become less than the critical angle for total internal reflection. Instead of
reflecting around the bend, some light rays will refract into the cladding and be lost. -1-, -2-

93
Only for individual use – not for distribute on Internet
To prevent fiber bends that are too sharp, fiber is usually pulled through a type of installed pipe called
interducting. The interducting is much stiffer than fiber and cannot be bent so sharply that the fiber inside the
interducting has too tight a curve. The interducting protects the fiber, makes it easier to pull the fiber, and
ensures that the bending radius (curve limit) of the fiber is not exceeded.
When the fiber has been pulled, the ends of the fiber must be cleaved (cut) and properly polished to ensure that
the ends are smooth. -3- A microscope or test instrument with a built in magnifier is used to examine the end of
the fiber and verify that it is properly polished and shaped. Then the connector is carefully attached to the fiber
end. Improperly installed connectors, improper splices, or the splicing of two cables with different core sizes
will dramatically reduce the strength of a light signal. -4-, -5-
Once the fiber-optic cable and connectors have been installed, the connectors and the ends of the fibers must be
kept spotlessly clean. The ends of the fibers should be covered with protective covers to prevent damage to the
fiber ends. When these covers are removed prior to connecting the fiber to a port on a switch or a router, the
fiber ends must be cleaned. Clean the fiber ends with lint free lens tissue moistened with pure isopropyl
alcohol. The fiber ports on a switch or router should also be kept covered when not in use and cleaned with
lens tissue and isopropyl alcohol before a connection is made. Dirty ends on a fiber will cause a big drop in the
amount of light that reaches the receiver.
Scattering, absorption, dispersion, improper installation, and dirty fiber ends diminish the strength of the light
signal and are referred to as fiber noise. Before using a fiber-optic cable, it must be tested to ensure that enough
light actually reaches the receiver for it to detect the zeros and ones in the signal.
When a fiber-optic link is being planned, the amount of signal power loss that can be tolerated must be
calculated. This is referred to as the optical link loss budget. Imagine a monthly financial budget. After all of
the expenses are subtracted from initial income, enough money must be left to get through the month.
The decibel (dB) is the unit used to measure the amount of power loss. It tells what percent of the power that
leaves the transmitter actually enters the receiver.
Testing fiber links is extremely important and records of the results of these tests must be kept. Several types
of fiber-optic test equipment are used. Two of the most important instruments are Optical Loss Meters and
Optical Time Domain Reflectometers (OTDRs). -6-
These meters both test optical cable to ensure that the cable meets the TIA standards for fiber. They also test to
verify that the link power loss does not fall below the optical link loss budget. OTDRs can provide much
additional detailed diagnostic information about a fiber link. They can be used to trouble shoot a link when
problems occur.
This page concludes this lesson. The next lesson will discuss wireless media. The first page will discuss
Wireless LAN organizations and standards.

1. Scattering 2. Bending

3. Fiber and Face Finishes 4. Fiber and Face Polishing Techniques

94
Only for individual use – not for distribute on Internet

5. Splicing 6. Calibrated Light Sources and Light Meter

3.3 Wireless Media

3.3.1 Wireless LAN organizations and standards


This page will introduce the regulations and standards that apply to wireless technology. These standards
ensure that deployed networks are interoperable and in compliance.
Just as in cabled networks, IEEE is the prime issuer of standards for wireless networks. The standards have
been created within the framework of the regulations created by the Federal Communications Commission
(FCC). -1-
A key technology contained within the 802.11 standard is Direct Sequence Spread Spectrum (DSSS). DSSS
applies to wireless devices operating within a 1 to 2 Mbps range. A DSSS system may operate at up to 11
Mbps but will not be considered compliant above 2 Mbps. The next standard approved was 802.11b, which
increased transmission capabilities to 11 Mbps. Even though DSSS WLANs were able to interoperate with the
Frequency Hopping Spread Spectrum (FHSS) WLANs, problems developed prompting design changes by the
manufacturers. In this case, IEEE‘s task was simply to create a standard that matched the manufacturer‘s
solution.
802.11b may also be called Wi-Fi™ or high-speed wireless and refers to DSSS systems that operate at 1, 2, 5.5
and 11 Mbps. All 802.11b systems are backward compliant in that they also support 802.11 for 1 and 2 Mbps
data rates for DSSS only. This backward compatibility is extremely important as it allows upgrading of the
wireless network without replacing the NICs or access points.
802.11b devices achieve the higher data throughput rate by using a different coding technique from 802.11,
allowing for a greater amount of data to be transferred in the same time frame. The majority of 802.11b devices
still fail to match the 11 Mbps bandwidth and generally function in the 2 to 4 Mbps range.
802.11a covers WLAN devices operating in the 5 GHZ transmission band. Using the 5 GHZ range disallows
interoperability of 802.11b devices as they operate within 2.4 GHZ. 802.11a is capable of supplying data

95
Only for individual use – not for distribute on Internet
throughput of 54 Mbps and with proprietary technology known as "rate doubling" has achieved 108 Mbps. In
production networks, a more standard rating is 20-26 Mbps.
802.11g provides the same bandwidth as 802.11a but with backwards compatibility for 802.11b devices using
Orthogonal Frequency Division Multiplexing (OFDM) modulation technology and operating in the 2.4 GHZ
transmission band. Cisco has developed an access point that permits 802.11b and 802.11a devices to coexist on
the same WLAN. The access point supplies ‗gateway‘ services allowing these otherwise incompatible devices
to communicate.
1. Wireless LAN Standards

3.3.2 Wireless devices and topologies


This page describes the devices and related topologies for a wireless network.
A wireless network may consist of as few as two devices. -1 – 3- The nodes could simply be desktop
workstations or notebook computers. Equipped with wireless NICs, an ‗ad hoc‘ network could be established
which compares to a peer-to-peer wired network. Both devices act as servers and clients in this environment.
Although it does provide connectivity, security is at a minimum along with throughput. Another problem with
this type of network is compatibility. Many times NICs from different manufacturers are not compatible.
To solve the problem of compatibility, an access point (AP) is commonly installed to act as a central hub for
the WLAN infrastructure mode. -4- The AP is hard wired to the cabled LAN to provide Internet access and
connectivity to the wired network. APs are equipped with antennae and provide wireless connectivity over a
specified area referred to as a cell. -5- Depending on the structural composition of the location in which the AP
is installed and the size and gain of the antennae, the size of the cell could greatly vary. Most commonly, the
range will be from 91.44 to 152.4 meters (300 to 500 feet). To service larger areas, multiple access points may
be installed with a degree of overlap. The overlap permits "roaming" between cells. -6- This is very similar to
the services provided by cellular phone companies. Overlap, on multiple AP networks, is critical to allow for
movement of devices within the WLAN. Although not addressed in the IEEE standards, a 20-30% overlap is
desirable. This rate of overlap will permit roaming between cells, allowing for the disconnect and reconnect
activity to occur seamlessly without service interruption.
When a client is activated within the WLAN, it will start "listening" for a compatible device with which to
"associate". This is referred to as "scanning" and may be active or passive.
Active scanning causes a probe request to be sent from the wireless node seeking to join the network. The
probe request will contain the Service Set Identifier (SSID) of the network it wishes to join. When an AP with
the same SSID is found, the AP will issue a probe response. The authentication and association steps are
completed.
Passive scanning nodes listen for beacon management frames (beacons), which are transmitted by the AP
(infrastructure mode) or peer nodes (ad hoc). When a node receives a beacon that contains the SSID of the
network it is trying to join, an attempt is made to join the network. Passive scanning is a continuous process
and nodes may associate or disassociate with APs as signal strength changes.
The first Interactive Media Activity shows the levels of the OSI reference model and the related networking
devices.
The second Interactive Media Activity shows the addition of a wireless hub to a wired network.

1. Internal Wireless NIC for Desktop or Server 2. PCMCIA NIC for Laptop

96
Only for individual use – not for distribute on Internet

3. External USB Wireless NIC 4. Access Point

5. Wireless LAN 5. Roaming

Classifies networking nevices by the OSI layer upon which they


operate

97
Only for individual use – not for distribute on Internet

3.3.3 How wireless LANs communicate


This page explains the communication process of a WLAN.
After establishing connectivity to the WLAN, a node will pass frames in the same manner as on any other
802.x network. WLANs do not use a standard 802.3 frame. Therefore, using the term wireless Ethernet is
misleading. There are three types of frames: control, management, and data. -1- Only the data frame type is
similar to 802.3 frames. The payload of wireless and 802.3 frames is 1500 bytes; however, an Ethernet frame
may not exceed 1518 bytes whereas a wireless frame could be as large as 2346 bytes. Usually the WLAN
frame size will be limited to 1518 bytes as it is most commonly connected to a wired Ethernet network.
Since radio frequency (RF) is a shared medium, collisions can occur just as they do on wired shared medium.
The major difference is that there is no method by which the source node is able to detect that a collision
occurred. For that reason WLANs use Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA). This
is somewhat like Ethernet CSMA/CD.
When a source node sends a frame, the receiving node returns a positive acknowledgment (ACK). This can
cause consumption of 50% of the available bandwidth. This overhead when combined with the collision
avoidance protocol overhead reduces the actual data throughput to a maximum of 5.0 to 5.5 Mbps on an
802.11b wireless LAN rated at 11 Mbps.
Performance of the network will also be affected by signal strength and degradation in signal quality due to
distance or interference. As the signal becomes weaker, Adaptive Rate Selection (ARS) may be invoked. The
transmitting unit will drop the data rate from 11 Mbps to 5.5 Mbps, from 5.5 Mbps to 2 Mbps or 2 Mbps to 1
Mbps. -2 -

1. IEEE 802.11 Frame Types 2. Adaptive Rate Selection

98
Only for individual use – not for distribute on Internet
3.3.4 Authentication and association
This page describes WLAN authentication and association.

WLAN authentication occurs at Layer 2. It is the process of authenticating the device not the user. This is a
critical point to remember when considering WLAN security, troubleshooting and overall management.

Authentication may be a null process, as in the case of a new AP and NIC with default configurations in place.
The client will send an authentication request frame to the AP and the frame will be accepted or rejected by the
AP. The client is notified of the response via an authentication response frame. The AP may also be configured
to hand off the authentication task to an authentication server, which would perform a more thorough
credentialing process. -1-

Association, performed after authentication, is the state that permits a client to use the services of the AP to
transfer data.

Authentication and Association types


 Unauthenticated and unassociated
 The node is disconnected from the network and not associated to an access point.
 Authenticated and unassociated
 The node has been authenticated on the network but has not yet associated with the access point.
 Authenticated and associated
 The node is connected to the network and able to transmit and receive data through the access point.

Methods of authentication
IEEE 802.11 lists two types of authentication processes.

The first authentication process is the open system. This is an open connectivity standard in which only the
SSID must match. This may be used in a secure or non-secure environment although the ability of low level
network ‗sniffers‘ to discover the SSID of the WLAN is high.

The second process is the shared key. This process requires the use of Wired Equivalent Privacy (WEP)
encryption. WEP is a fairly simple algorithm using 64 and 128 bit keys. The AP is configured with an
encrypted key and nodes attempting to access the network through the AP must have a matching key. Statically
assigned WEP keys provide a higher level of security than the open system but are definitely not hack proof.

The problem of unauthorized entry into WLANs is being addressed by a number of new security solution
technologies.

3.3.5 The radio wave and microwave spectrums


This page describes radio waves and modulation.
Computers send data signals electronically. Radio transmitters convert these electrical signals to radio waves.
Changing electric currents in the antenna of a transmitter generates the radio waves. These radio waves radiate
out in straight lines from the antenna. -1- However, radio waves attenuate as they move out from the
transmitting antenna. In a WLAN, a radio signal measured at a distance of just 10 meters (30 feet) from the
transmitting antenna would be only 1/100th of its original strength. Like light, radio waves can be absorbed by
some materials and reflected by others. When passing from one material, like air, into another material, like a
plaster wall, radio waves are refracted. Radio waves are also scattered and absorbed by water droplets in the
air.
These qualities of radio waves are important to remember when a WLAN is being planned for a building or for
a campus. The process of evaluating a location for the installation of a WLAN is called making a Site Survey.
Because radio signals weaken as they travel away from the transmitter, the receiver must also be equipped with
an antenna. When radio waves hit the antenna of a receiver, weak electric currents are generated in that

99
Only for individual use – not for distribute on Internet
antenna. These electric currents, caused by the received radio waves, are equal to the currents that originally
generated the radio waves in the antenna of the transmitter. The receiver amplifies the strength of these weak
electrical signals. -2-
In a transmitter, the electrical (data) signals from a computer or a LAN are not sent directly into the antenna of
the transmitter. Rather, these data signals are used to alter a second, strong signal called the carrier signal.
The process of altering the carrier signal that will enter the antenna of the transmitter is called modulation.
There are three basic ways in which a radio carrier signal can be modulated. For example, Amplitude
Modulated (AM) radio stations modulate the height (amplitude) of the carrier signal. Frequency Modulated
(FM) radio stations modulate the frequency of the carrier signal as determined by the electrical signal from the
microphone. In WLANs, a third type of modulation called phase modulation is used to superimpose the data
signal onto the carrier signal that is broadcast by the transmitter. -3-
In this type of modulation, the data bits in the electrical signal change the phase of the carrier signal.
A receiver demodulates the carrier signal that arrives from its antenna. The receiver interprets the phase
changes of the carrier signal and reconstructs from it the original electrical data signal.
The first Interactive Media Activity explains electromagnetic fields and polarization.
The second Interactive Media Activity shows the names, devices, frequencies, and wavelengths of the EM
spectrum.

1. Radio Wave 2. Radio Wave

3. Modulation

Electromagnetic Fields and Polarization

100
Only for individual use – not for distribute on Internet

Antenna Polarization

3.3.6 Signals and noise on a WLAN


This page discusses how signals and noise can affect a WLAN.
On a wired Ethernet network, it is usually a simple process to diagnose the cause of interference. When using
RF technology many kinds of interference must be taken into consideration.
Narrowband is the opposite of spread spectrum technology. As the name implies narrowband does not affect
the entire frequency spectrum of the wireless signal. One solution to a narrowband interference problem could
be simply changing the channel that the AP is using. Actually diagnosing the cause of narrowband interference
can be a costly and time-consuming experience. To identify the source requires a spectrum analyzer and even a
low cost model is relatively expensive.
All band interference affects the entire spectrum range. Bluetooth™ technologies hops across the entire 2.4
GHz many times per second and can cause significant interference on an 802.11b network. It is not uncommon
to see signs in facilities that use wireless networks requesting that all Bluetooth™ devices be shut down before
entering. In homes and offices, a device that is often overlooked as causing interference is the standard
microwave oven. Leakage from a microwave of as little as one watt into the RF spectrum can cause major
network disruption. Wireless phones operating in the 2.4GHZ spectrum can also cause network disorder.
Generally the RF signal will not be affected by even the most extreme weather conditions. However, fog or
very high moisture conditions can and do affect wireless networks. Lightning can also charge the atmosphere
and alter the path of a transmitted signal.
The first and most obvious source of a signal problem is the transmitting station and antenna type. A higher
output station will transmit the signal further and a parabolic dish antenna that concentrates the signal will
increase the transmission range.
In a SOHO environment most access points will utilize twin omnidirectional antennae that transmit the signal
in all directions thereby reducing the range of communication. -1-

1. Omnidirectional Antenna

101
Only for individual use – not for distribute on Internet

3.3.7 Wireless security


This page will explain how wireless security can be achieved.
Where wireless networks exist there is little security. This has been a problem from the earliest days of
WLANs. Currently, many administrators are weak in implementing effective security practices.
A number of new security solutions and protocols, such as Virtual Private Networking (VPN) and Extensible
Authentication Protocol (EAP) are emerging. With EAP, the access point does not provide authentication to
the client, but passes the duties to a more sophisticated device, possibly a dedicated server, designed for that
purpose. Using an integrated server VPN technology creates a tunnel on top of an existing protocol such as IP.
This is a Layer 3 connection as opposed to the Layer 2 connection between the AP and the sending node. -
 EAP-MD5 Challenge – Extensible Authentication Protocol is the earliest authentication type, which is
very similar to CHAP password protection on a wired network.
 LEAP (Cisco) – Lightweight Extensible Authentication Protocol is the type primarily used on Cisco
WLAN access points. LEAP provides security during credential exchange, encrypts using dynamic
WEP keys, and supports mutual authentication.
 User authentication – Allows only authorized users to connect, send and receive data over the wireless
network.
 Encryption – Provides encryption services further protecting the data from intruders.
 Data authentication – Ensures the integrity of the data, authenticating source and destination devices.
VPN technology effectively closes the wireless network since an unrestricted WLAN will automatically
forward traffic between nodes that appear to be on the same wireless network. WLANs often extend outside
the perimeter of the home or office in which they are installed and without security intruders may infiltrate the
network with little effort. Conversely it takes minimal effort on the part of the network administrator to provide
low-level security to the WLAN.
Summary
This page summarizes the topics discussed in this module.
Copper cable carries information using electrical current. The electrical specifications of a cable determines the
kind of signal a particular cable can transmit, the speed at which the signal is transmitted and the distance the
signal will travel.
An understanding of the following electrical concepts is helpful when working with computer networks:
 Voltage – the pressure that moves electrons through a circuit from one place to another
 Resistance – opposition to the flow of electrons and why a signal becomes degraded as it travels along
the conduit
 Current – flow of charges created when electrons move
 Circuits – a closed loop through which an electrical current flows
Circuits must be composed of conducting materials, and must have sources of voltage. Voltage causes current
to flow, while resistance and impedance oppose it. A multimeter is used to measure voltage, current, resistance,
and other electrical quantities expressed in numeric form.

102
Only for individual use – not for distribute on Internet
Coaxial cable, unshielded twisted pair (UTP) and shielded twisted pair (STP) are types of copper cables that
can be used in a network to provide different capabilities. Twisted-pair cable can be configured for straight
through, crossover, or rollover signaling. These terms refer to the individual wire connections, or pinouts, from
one end to the other end of the cable. A straight-through cable is used to connect unlike devices such as a
switch and a PC. A crossover cable is used to connect similar devices such as two switches. A rollover
cable is used to connect a PC to the console port of a router. Different pinouts are required because the
transmit and receive pins are in different locations on each of these devices.
Optical fiber is the most frequently used medium for the longer, high-bandwidth, point-to-point transmissions
required on LAN backbones and on WANs. Light energy is used to transmit large amounts of data securely
over relatively long distances The light signal carried by a fiber is produced by a transmitter that converts an
electrical signal into a light signal. The receiver converts the light that arrives at the far end of the cable back to
the original electrical signal.
Every fiber-optic cable used for networking consists of two glass fibers encased in separate sheaths. Just as
copper twisted-pair uses separate wire pairs to transmit and receive, fiber-optic circuits use one fiber strand to
transmit and one to receive.
The part of an optical fiber through which light rays travel is called the core of the fiber. Surrounding the core
is the cladding. Its function is to reflect the signal back towards the core. Surrounding the cladding is a buffer
material that helps shield the core and cladding from damage. A strength material surrounds the buffer,
preventing the fiber cable from being stretched when installers pull it. The material used is often Kevlar. The
final element is the outer jacket that surrounds the cable to protect the fiber against abrasion, solvents, and
other contaminants.
The laws of reflection and refraction are used to design fiber media that guides the light waves through the
fiber with minimum energy and signal loss. Once the rays have entered the core of the fiber, there are a limited
number of optical paths that a light ray can follow through the fiber. These optical paths are called modes. If
the diameter of the core of the fiber is large enough so that there are many paths that light can take through the
fiber, the fiber is called multimode fiber. Single-mode fiber has a much smaller core that only allows light rays
to travel along one mode inside the fiber. Because of its design, single-mode fiber is capable of higher rates of
data transmission and greater cable run distances than multimode fiber.
Fiber is described as immune to noise because it is not affected by external noise or noise from other cables.
Light confined in one fiber has no way of inducing light in another fiber. Attenuation of a light signal becomes
a problem over long cables especially if sections of cable are connected at patch panels or spliced.
Both copper and fiber media require that devices remains stationary permitting moves only within the limits of
the media. Wireless technology removes these restraints. Understanding the regulations and standards that
apply to wireless technology will ensure that deployed networks will be interoperable and in compliance with
IEEE 802.11 standards for WLANs.
A wireless network may consist of as few as two devices. The wireless equivalent of a peer-to-peer network
where end-user devices connect directly is referred to as an ad-hoc wireless topology. To solve compatibility
problems among devices, an infrastructure mode topology can be set up using an access point (AP) to act as a
central hub for the WLAN. Wireless communication uses three types of frames: control, management, and
data frames. To avoid collisions on the shared radio frequency media WLANs use Carrier Sense Multiple
Access/Collision Avoidance (CSMA/CA).

WLAN authentication is a Layer 2 process that authenticates the device, not the user. Association, performed
after authentication, permits a client to use the services of the access point to transfer data.

103
Only for individual use – not for distribute on Internet
4 CISCO MODUL 4
4.1 Frequency-Based Cable Testing
Overview
Networking media is the backbone of a network. Networking media is literally and physically the backbone of
a network. Inferior quality of network cabling results in network failures and unreliable performance. Copper,
optical fiber, and wireless networking media all require testing to ensure that they meet strict specification
guidelines. These tests involve certain electrical and mathematical concepts and terms such as signal, wave,
frequency, and noise. These terms will help students understand networks, cables, and cable testing.
The first lesson in this module will provide some basic definitions to help students understand the cable testing
concepts presented in the second lesson.
The second lesson of this module describes issues related to cable testing for physical layer connectivity in
LANs. In order for the LAN to function properly, the physical layer medium should meet the industry standard
specifications.
Attenuation, which is signal deterioration, and noise, which is signal interference, can cause problems in
networks because the data sent may be interpreted incorrectly or not recognized at all after it has been received.
Proper termination of cable connectors and proper cable installation are important. If standards are followed
during installations, repairs, and changes, attenuation and noise levels should be minimized.
After a cable has been installed, a cable certification meter can verify that the installation meets TIA/EIA
specifications. This module also describes some important tests that are performed.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -2-, -3-
Students who complete this module should be able to perform the following tasks: -1-
 Differentiate between sine waves and square waves
 Define and calculate exponents and logarithms
 Define and calculate decibels
 Define basic terminology related to time, frequency, and noise
 Differentiate between digital bandwidth and analog bandwidth
 Compare and contrast noise levels on various types of cabling
 Define and describe the affects of attenuation and impedance mismatch
 Define crosstalk, near-end crosstalk, far-end crosstalk, and power sum near-end crosstalk
 Describe how twisted pairs help reduce noise
 Describe the ten copper cable tests defined in TIA/EIA-568-B
 Describe the difference between Category 5 and Category 6 cable

1. Cable testing

104
Only for individual use – not for distribute on Internet
2. CCNA 640-801 Exam

3. INTRO 640-821 Exam

4.1.1 Waves
This lesson provides definitions that relate to frequency-based cable testing. This page defines waves.
A wave is energy that travels from one place to another. There are many types of waves, but all can be
described with similar vocabulary.
It is helpful to think of waves as disturbances. A bucket of water that is completely still does not have waves
since there are no disturbances. Conversely, the ocean always has some sort of detectable waves due to
disturbances such as wind and tide.
Ocean waves can be described in terms of their height, or amplitude, which could be measured in meters. They
can also be described in terms of how frequently the waves reach the shore, which relates to period and
frequency. The period of the waves is the amount of time between each wave, measured in seconds. The
frequency is the number of waves that reach the shore each second, measured in hertz (Hz). 1 Hz is equal to 1
wave per second, or 1 cycle per second. To experiment with these concepts, adjust the amplitude and
frequency in Figure -1-.
Networking professionals are specifically interested in voltage waves on copper media, light waves in optical
fiber, and alternating electric and magnetic fields called electromagnetic waves. The amplitude of an electrical
signal still represents height, but it is measured in volts (V) instead of meters (m). The period is the amount of
time that it takes to complete 1 cycle. This is measured in seconds. The frequency is the number of complete
cycles per second. This is measured in Hz.
If a disturbance is deliberately caused, and involves a fixed, predictable duration, it is called a pulse. Pulses are
an important part of electrical signals because they are the basis of digital transmission. The pattern of the
pulses represents the value of the data being transmitted.

105
Only for individual use – not for distribute on Internet
1. Amplitude and Frequency

4.1.2 Sine waves and square waves


This page defines sine waves and square waves.
Sine waves, or sinusoids, are graphs of mathematical functions. -1- Sine waves are periodic, which means that
they repeat the same pattern at regular intervals. Sine waves vary continuously, which means that no adjacent
points on the graph have the same value.
Sine waves are graphical representations of many natural occurrences that change regularly over time. Some
examples of these occurrences are the distance from the earth to the sun, the distance from the ground while
riding a Ferris wheel, and the time of day that the sun rises. Since sine waves vary continuously, they are
examples of analog waves.
Square waves, like sine waves, are periodic. -2- However, square wave graphs do not continuously vary with
time. The wave maintains one value and then suddenly changes to a different value. After a short amount of
time it changes back to the original value. Square waves represent digital signals, or pulses. Like all waves,
square waves can be described in terms of amplitude, period, and frequency.

1. Analog Signals

106
Only for individual use – not for distribute on Internet
2. Digital Signals

4.1.3 Exponents and logarithms


This page explains exponents and logarithms.
In networking, there are three important number systems:
 Base 2 – binary
 Base 10 – decimal
 Base 16 – hexadecimal
Recall that the base of a number system refers to the number of different symbols that can occupy one position.
For example, binary numbers have only two placeholders, which are zero and one. Decimal numbers have ten
different placeholders, the numbers 0 to 9. Hexadecimal numbers have 16 different placeholders, the numbers
0 to 9 and the letters A to F.
Remember that 10 x 10 can be written as 102. 102 means ten squared or ten raised to the second power. 10 is
the base of the number and 2 is the exponent of the number. 10 x 10 x 10 can be written as 103. 103 means ten
cubed or ten raised to the third power. The base is ten and the exponent is three. Use the Interactive Media
Activity to calculate exponents. Enter a value for x to calculate y or a value for y to calculate x.
The base of a number system also refers to the value of each digit. The least significant digit has a value of
base0, or one. The next digit has a value of base1. This is equal to 2 for binary numbers, 10 for decimal
numbers, and 16 for hexadecimal numbers.
Numbers with exponents are used to easily represent very large or very small numbers. It is much easier and
less error-prone to represent one billion numerically as 109 than as 1000000000. Many cable-testing
calculations involve numbers that are very large and require exponents. Use the Interactive Media Activity to
learn more about exponents.
One way to work with the very large and very small numbers is to transform the numbers based on the
mathematical rule known as a logarithm. Logarithm is abbreviated as "log". Any number may be used as a base
for a system of logarithms. However, base 10 has many advantages not obtainable in ordinary calculations with
other bases. Base 10 is used almost exclusively for ordinary calculations. Logarithms with 10 as a base are
called common logarithms. It is not possible to obtain the logarithm of a negative number.
To take the log of a number use a calculator or the Interactive Media Activity. For example, the log of (109) =
9. It is possible to take the logarithm of numbers that are not powers of ten. It is not possible to determine the
logarithm of a negative number. The study of logarithms is beyond the scope of this course. However, the
terminology is often used to calculate decibels and measure signal intensity on copper, optical, and wireless
media.

107
Only for individual use – not for distribute on Internet
1. Numbering System

4.1.4 Decibels
This page provides an overview of decibels.
The study of logarithms is beyond the scope of this course. However, the terminology is often used to calculate
decibels and measure signals on copper, optical, and wireless media. The decibel is related to the exponents
and logarithms described in prior sections. There are two formulas that are used to calculate decibels:
dB = 10 log10 (Pfinal / Pref)
dB = 20 log10 (Vfinal / Vref)
In these formulas, dB represents the loss or gain of the power of a wave. Decibels can be negative values
which would represent a loss in power as the wave travels or a positive value to represent a gain in power if the
signal is amplified.
The log10 variable implies that the number in parentheses will be transformed with the base 10 logarithm rule.
Pfinal is the delivered power measured in watts.
Pref is the original power measured in watts.
Vfinal is the delivered voltage measured in volts.
Vref is the original voltage measured in volts.
The first formula describes decibels in terms of power (P), and the second in terms of voltage (V). The power
formula is often used to measure light waves on optical fiber and radio waves in the air. The voltage formula is
used to measure electromagnetic waves on copper cables. These formulas have several things in common.
In the formula dB = 10 log10 (Pfinal / Pref), enter values for dB and Pref to discover the delivered power. This
formula could be used to see how much power is left in a radio wave after it travels through different materials
and stages of electronic systems such as radios. Try the following examples with the Interactive Media
Activities:
 If the source power of the original laser, or Pref is seven microwatts (1 x 10-6 Watts), and the total loss
of a fiber link is 13 dB, how much power is delivered?
 If the total loss of a fiber link is 84 dB and the source power of the original laser, or Pref is 1 milliwatt,
how much power is delivered?
 If 2 microvolts, or 2 x 10-6 volts, are measured at the end of a cable and the source voltage was 1 volt,
what is the gain or loss in decibels? Is this value positive or negative? Does the value represent a gain
or a loss in voltage?

1. Calculating Decibels

Pfinal=Pref*10(dB/10)
4.1.5 Time and frequency of signals
This page will teach students how to analyze and view signals.
One of the most important facts of the information age is that characters, words, pictures, video, or music can
be represented electrically by voltage patterns on wires and in electronic devices. The data represented by these
voltage patterns can be converted to light waves or radio waves, and then back to voltage waves. Consider the
example of an analog telephone. The sound waves of the caller‘s voice enter a microphone in the telephone.
108
Only for individual use – not for distribute on Internet
The microphone converts the patterns of sound energy into voltage patterns of electrical energy that represent
the voice.
If the voltage is graphed over time, the patterns that represent the voice will be displayed. -1- An oscilloscope is
an important electronic device used to view electrical signals such as voltage waves and pulses. The x-axis on
the display represents time and the y-axis represents voltage or current. There are usually two y-axis inputs, so
two waves can be observed and measured at the same time.
The analysis of signals with an oscilloscope is called time-domain analysis. The x-axis or domain of the
mathematical function represents time. Engineers also use frequency-domain analysis to study signals. In
frequency-domain analysis, the x-axis represents frequency. An electronic device called a spectrum analyzer
creates graphs for frequency-domain analysis.
Electromagnetic signals use different frequencies for transmission so that different signals do not interfere with
each other. Frequency modulation (FM) radio signals use frequencies that are different from television or
satellite signals. When listeners change the station on a radio, they change the frequency that the radio
receives.
1. Oscilloscope

4.1.6 Analog and digital signals


This page will explain how analog signals vary with time and with frequency.
First, consider a single-frequency electrical sine wave, whose frequency can be detected by the human ear. If
this signal is transmitted to a speaker, a tone can be heard.
Next, imagine the combination of several sine waves. -1- This will create a wave that is more complex than a
pure sine wave. This wave will include several tones. A graph of the tones will show several lines that
correspond to the frequency of each tone.
Finally, imagine a complex signal, like a voice or a musical instrument. If many different tones are present, the
graph will show a continuous spectrum of individual tones.
The Interactive Media Activity draws sine waves and complex waves based on amplitude, frequency, and the
phase.

1. Fourier Syintesis of a Square Wave

109
Only for individual use – not for distribute on Internet
4.1.7 Noise in time and frequency
This page will describe the sources and effects of noise.
Noise is an important concept in networks such as LANs. -1- Noise usually refers to sounds. However, noise
related to communications refers to undesirable signals. Noise can originate from natural or technological
sources and is added to the data signals in communications systems.
All communications systems have some amount of noise. Even though noise cannot be eliminated, its effects
can be minimized if the sources of the noise are understood. There are many possible sources of noise:
 Nearby cables that carry data signals
 RFI from other signals that are transmitted nearby
 EMI from nearby sources such as motors and lights
 Laser noise at the transmitter or receiver of an optical signal
Noise that affects all transmission frequencies equally is called white noise. Noise that only affects small
ranges of frequencies is called narrowband interference. White noise on a radio receiver would interfere with
all radio stations. Narrowband interference would affect only a few stations whose frequencies are close
together. When detected on a LAN, white noise could affect all data transmissions, but narrowband
interference might disrupt only certain signals.
The Interactive Media Activity will allow students to generate white noise and narrowband noise.

1. Digital Signal and Electrical Noise

4.1.8 Bandwidth
This page will describe bandwidth, which is an extremely important concept in networks.
Two types of bandwidth that are important for the study of LANs are analog and digital.
Analog bandwidth typically refers to the frequency range of an analog electronic system. Analog bandwidth
could be used to describe the range of frequencies transmitted by a radio station or an electronic amplifier. The
unit of measurement for analog bandwidth is hertz (Hz), the same as the unit of frequency.
Digital bandwidth measures how much information can flow from one place to another in a given amount of
time. -1- The fundamental unit of measurement for digital bandwidth is bps. Since LANs are capable of speeds
of thousands or millions of bits per second, measurement is expressed in kbps or Mbps. Physical media,
current technologies, and the laws of physics limit bandwidth.
During cable testing, analog bandwidth is used to determine the digital bandwidth of a copper cable. The
digital waveforms are made up of many sinewaves (analog waves). Analog frequencies are transmitted from
one end and received on the opposite end. The two signals are then compared, and the amount of attenuation of
the signal is calculated. In general, media that will support higher analog bandwidths without high degrees of
attenuation will also support higher digital bandwidths.

1. Units of Digital Bandwith


110
Only for individual use – not for distribute on Internet
4.2 Signals and Noise

4.2.1 Signals over copper and fiber optic cables


This page discusses signals over copper and fiber optic cables.
On copper cable, data signals are represented by voltage levels that represent binary ones and zeros. The
voltage levels are measured based on a reference level of 0 volts at both the transmitter and the receiver. This
reference level is called the signal ground. It is important for devices that transmit and receive data to have the
same 0-volt reference point. When they do, they are said to be properly grounded.
For a LAN to operate properly, the devices that receive data must be able to accurately interpret the binary
ones and zeros transmitted as voltage levels. Since current Ethernet technology supports data rates of billions
of bps, each bit must be recognized and the duration of each bit is very small. This means that as much of the
original signal strength as possible must be retained, as the signal moves through the cable and passes through
the connectors. In anticipation of faster Ethernet protocols, new cable installations should be made with the
best cable, connectors, and interconnect devices such as punch-down blocks and patch panels.
The two basic types of copper cable are shielded and unshielded. In shielded cable, shielding material
protects the data signal from external sources of noise and from noise generated by electrical signals within the
cable.
Coaxial cable is a type of shielded cable. -1- It consists of a solid copper conductor surrounded by insulating
material and a braided conductive shield. In LAN applications, the braided shielding is electrically grounded to
protect the inner conductor from external electrical noise. The shield also keeps the transmitted signal confined
to the cable, which reduces signal loss. This helps make coaxial cable less noisy than other types of copper
cabling, but also makes it more expensive. The need to ground the shielding and the bulky size of coaxial cable
make it more difficult to install than other copper cabling.
Two types of twisted-pair cable are shielded twisted-pair (STP) and unshielded twisted pair (UTP). -2-, -
3-
STP cable contains an outer conductive shield that is electrically grounded to insulate the signals from external
electrical noise. STP also uses inner foil shields to protect each wire pair from noise generated by the other
pairs. STP cable is sometimes called screened twisted pair (ScTP) in error. ScTP generally refers to Category 5
or Category 5e twisted pair cabling, while STP refers to an IBM specific cable containing only two pairs of
conductors. ScTP cable is more expensive, more difficult to install, and less frequently used than UTP. UTP
contains no shielding and is more susceptible to external noise but is the most frequently used because it is
inexpensive and easier to install.
Fiber-optic cable increases and decreases the intensity of light to represent binary ones and zeros in data
transmissions. -4- The strength of a light signal does not diminish as much as the strength of an electrical signal
does over an identical run length. Optical signals are not affected by electrical noise and optical fiber does not
need to be grounded unless the jacket contains a metal or a metalized strength member. Therefore, optical fiber
is often used between buildings and between floors within a building. As costs decrease and speeds increase,
optical fiber may become a more commonly used LAN media.

1. Coaxial Cable

2. Shielded Twisted-Pair 3. Unshielded Twisted-Pair


111
Only for individual use – not for distribute on Internet

4. Fiber Optic Cable

4.2.2 Attenuation and insertion loss on copper media


This page explains insertion loss caused by signal attenuation and impedance discontinuities.
Attenuation is the decrease in signal amplitude over the length of a link. -1- Long cable lengths and high
signal frequencies contribute to greater signal attenuation. For this reason, attenuation on a cable is measured
by a cable tester with the highest frequencies that the cable is rated to support. Attenuation is expressed in dBs
with negative numbers. Smaller negative dB values are an indication of better link performance.
There are several factors that contribute to attenuation. The resistance of the copper cable converts some of the
electrical energy of the signal to heat. Signal energy is also lost when it leaks through the insulation of the
cable and by impedance caused by defective connectors.
Impedance is a measurement of the resistance of the cable to alternating current (AC) and is measured in ohms.
The normal impedance of a Category 5 cable is 100 ohms. If a connector is improperly installed on Category
5, it will have a different impedance value than the cable. This is called an impedance discontinuity or an
impedance mismatch.
Impedance discontinuities cause attenuation because a portion of a transmitted signal is reflected back, like an
echo, and does not reach the receiver. This effect is compounded if multiple discontinuities cause additional
portions of the signal to be reflected back to the transmitter. When the reflected signal strikes the first
discontinuity, some of the signal rebounds in the original direction, which creates multiple echo effects. The
echoes strike the receiver at different intervals. This makes it difficult for the receiver to detect data values.
This is called jitter and results in data errors.
The combination of the effects of signal attenuation and impedance discontinuities on a communications link is
called insertion loss. Proper network operation depends on constant characteristic impedance in all cables and
connectors, with no impedance discontinuities in the entire cable system.

112
Only for individual use – not for distribute on Internet
1. Attenuation ( decrased signal strength over the media )

4.2.3 Sources of noise on copper media


This page will describe the sources of noise on copper cables.
Noise is any electrical energy on the transmission cable that makes it difficult for a receiver to interpret the
data sent from the transmitter. TIA/EIA-568-B certification now requires cables to be tested for a variety of
types of noise.
Crosstalk involves the transmission of signals from one wire to a nearby wire. When voltages change on a
wire, electromagnetic energy is generated. This energy radiates outward from the wire like a radio signal from
a transmitter. Adjacent wires in the cable act like antennas and receive the transmitted energy, which interferes
with data on those wires. Crosstalk can also be caused by signals on separate, nearby cables. When crosstalk is
caused by a signal on another cable, it is called alien crosstalk. Crosstalk is more destructive at higher
transmission frequencies.
Cable testing instruments measure crosstalk by applying a test signal to one wire pair. The cable tester then
measures the amplitude of the unwanted crosstalk signals on the other wire pairs in the cable.
Twisted-pair cable is designed to take advantage of the effects of crosstalk in order to minimize noise. In
twisted-pair cable, a pair of wires is used to transmit one signal. The wire pair is twisted so that each wire
experiences similar crosstalk. Because a noise signal on one wire will appear identically on the other wire, this
noise be easily detected and filtered at the receiver.
Twisted wire pairs in a cable are also more resistant to crosstalk or noise signals from adjacent wire
pairs. Higher categories of UTP require more twists on each wire pair in the cable to minimize crosstalk at
high transmission frequencies. When connectors are attached to the ends of UTP cable, the wire pairs should
be untwisted as little as possible to ensure reliable LAN communications. -1-

1. Wire Connections

113
Only for individual use – not for distribute on Internet
4.2.4 Types of crosstalk
This page defines the three types of crosstalk:
 Near-end Crosstalk (NEXT)
 Far-end Crosstalk (FEXT)
 Power Sum Near-end Crosstalk (PSNEXT)
Near-end crosstalk (NEXT) is computed as the ratio of voltage amplitude between the test signal and the
crosstalk signal when measured from the same end of the link. -1- This difference is expressed in a negative
value of decibels (dB). Low negative numbers indicate more noise, just as low negative temperatures indicate
more heat. By tradition, cable testers do not show the minus sign indicating the negative NEXT values. A
NEXT reading of 30 dB (which actually indicates -30 dB) indicates less NEXT noise and a cleaner signal than
does a NEXT reading of 10 dB.
NEXT needs to be measured from each pair to each other pair in a UTP link, and from both ends of the link.
To shorten test times, some cable test instruments allow the user to test the NEXT performance of a link by
using larger frequency step sizes than specified by the TIA/EIA standard. The resulting measurements may not
comply with TIA/EIA-568-B, and may overlook link faults. To verify proper link performance, NEXT should
be measured from both ends of the link with a high-quality test instrument. This is also a requirement for
complete compliance with high-speed cable specifications.
Due to attenuation, crosstalk occurring further away from the transmitter creates less noise on a cable than
NEXT. This is called far-end crosstalk, or FEXT. -2- The noise caused by FEXT still travels back to the
source, but it is attenuated as it returns. Thus, FEXT is not as significant a problem as NEXT.
Power Sum NEXT (PSNEXT) measures the cumulative effect of NEXT from all wire pairs in the cable. -3-
PSNEXT is computed for each wire pair based on the NEXT effects of the other three pairs. The combined
effect of crosstalk from multiple simultaneous transmission sources can be very detrimental to the signal.
TIA/EIA-568-B certification now requires this PSNEXT test.
Some Ethernet standards such as 10BASE-T and 100BASE-TX receive data from only one wire pair in each
direction. However, for newer technologies such as 1000BASE-T that receive data simultaneously from
multiple pairs in the same direction, power sum measurements are very important tests.
1. Near-End Crosstalk ( Crosstalk signal measured near the transmitter )

2. Far-End Crosstalk ( Crosstalk occurring away from the transmitter )

114
Only for individual use – not for distribute on Internet
2. Power Sum NEXT ( PSNEXT ) ( measure the cumulative effect of NEXT )

4.2.5 Cable testing standards


This page will describe the TIA/EIA-568-B standard. This standard specifies ten tests that a copper cable must
pass if it will be used for modern, high-speed Ethernet LANs.
All cable links should be tested to the maximum rating that applies for the category of cable being installed.
The ten primary test parameters that must be verified for a cable link to meet TIA/EIA standards are:
 Wire map ( insures that no open/short cable circuits exist )
 Insertion loss ( impedance discontinuities on a cable link )
 Near-end crosstalk (NEXT)
 Power sum near-end crosstalk (PSNEXT)
 Equal-level far-end crosstalk (ELFEXT)
 Power sum equal-level far-end crosstalk (PSELFEXT)
 Return loss
 Propagation delay
 Cable length
 Delay skew
The Ethernet standard specifies that each of the pins on an RJ-45 connector have a particular purpose. -1- A
NIC transmits signals on pins 1 and 2, and it receives signals on pins 3 and 6. The wires in UTP cable must be
connected to the proper pins at each end of a cable. -2- The wire map test insures that no open or short
circuits exist on the cable. An open circuit occurs if the wire does not attach properly at the connector. A
short circuit occurs if two wires are connected to each other.
The wire map test also verifies that all eight wires are connected to the correct pins on both ends of the cable.
There are several different wiring faults that the wire map test can detect. -3- The reversed-pair fault occurs
when a wire pair is correctly installed on one connector, but reversed on the other connector. If the
white/orange wire is terminated on pin 1 and the orange wire is terminated on pin 2 at one end of a cable, but
reversed at the other end, then the cable has a reversed-pair fault. This example is shown in the graphic.
A split-pair wiring fault occurs when one wire from one pair is switched with one wire from a different pair at
both ends. Look carefully at the pin numbers in the graphic to detect the wiring fault. A split pair creates two
transmit or receive pairs each with two wires that are not twisted together. This mixing hampers the cross-
cancellation process and makes the cable more susceptible to crosstalk and interference. Contrast this with a
reversed-pair, where the same pair of pins is used at both ends.

ETHERNET NIC Receive signals on3 and 6 pair of pins


ETHERNET NIC Transmit signals on 1 and 2 pair of pins

115
Only for individual use – not for distribute on Internet
1. Ethernet Standard

2. Cable Testing Standard

3. Wiring Fault

116
Only for individual use – not for distribute on Internet
4.2.6 Other test parameters
This page will explain how cables are tested for crosstalk and attenuation. -1-
The combination of the effects of signal attenuation and impedance discontinuities on a communications link is
called insertion loss. Insertion loss is measured in decibels at the far end of the cable. The TIA/EIA standard
requires that a cable and its connectors pass an insertion loss test before the cable can be used as a
communications link in a LAN.
Crosstalk is measured in four separate tests. A cable tester measures NEXT by applying a test signal to one
cable pair and measuring the amplitude of the crosstalk signals received by the other cable pairs. The NEXT
value, expressed in decibels, is computed as the difference in amplitude between the test signal and the
crosstalk signal measured at the same end of the cable. Remember, because the number of decibels that the
tester displays is a negative number, the larger the number, the lower the NEXT on the wire pair. As previously
mentioned, the PSNEXT test is actually a calculation based on combined NEXT effects.
The equal-level far-end crosstalk (ELFEXT) test measures FEXT. Pair-to-pair ELFEXT is expressed in dB as
the difference between the measured FEXT and the insertion loss of the wire pair whose signal is disturbed by
the FEXT. ELFEXT is an important measurement in Ethernet networks using 1000BASE-T technologies.
Power sum equal-level far-end crosstalk (PSELFEXT) is the combined effect of ELFEXT from all wire pairs.
Return loss is a measure in decibels of reflections that are caused by the impedance discontinuities at all
locations along the link. Recall that the main impact of return loss is not on loss of signal strength. The
significant problem is that signal echoes caused by the reflections from the impedance discontinuities will
strike the receiver at different intervals causing signal jitter.

1. Crosstalk

4.2.7 Time-based parameters


This page will discuss propegation delay and how it is measured. -1-
Propagation delay is a simple measurement of how long it takes for a signal to travel along the cable being
tested. The delay in a wire pair depends on its length, twist rate, and electrical properties. Delays are measured
in hundredths of nanoseconds. One nanosecond is one-billionth of a second, or 0.000000001 second. The
TIA/EIA-568-B standard sets a limit for propagation delay for the various categories of UTP.
Propagation delay measurements are the basis of the cable length measurement. TIA/EIA-568-B.1 specifies
that the physical length of the link shall be calculated using the wire pair with the shortest electrical delay.
Testers measure the length of the wire based on the electrical delay as measured by a Time Domain
Reflectometry (TDR) test, not by the physical length of the cable jacket. Since the wires inside the cable are
twisted, signals actually travel farther than the physical length of the cable. When a cable tester makes a TDR
measurement, it sends a pulse signal down a wire pair and measures the amount of time required for the pulse
to return on the same wire pair.
The TDR test is used not only to determine length, but also to identify the distance to wiring faults such as
shorts and opens. When the pulse encounters an open, short, or poor connection, all or part of the pulse energy
is reflected back to the tester. This can be used to calculate the approximate distance to the wiring fault. The
approximate distance can be helpful in locating a faulty connection point along a cable run, such as a wall jack.
The propagation delays of different wire pairs in a single cable can differ slightly because of differences in the
number of twists and electrical properties of each wire pair. The delay difference between pairs is called delay
skew. Delay skew is a critical parameter for high-speed networks in which data is simultaneously transmitted
over multiple wire pairs, such as 1000BASE-T Ethernet. If the delay skew between the pairs is too great, the
bits arrive at different times and the data cannot be properly reassembled. Even though a cable link may not be
117
Only for individual use – not for distribute on Internet
intended for this type of data transmission, testing for delay skew helps ensure that the link will support future
upgrades to high-speed networks.
All cable links in a LAN must pass all of the tests previously mentioned as specified in the TIA/EIA-568-B
standard in order to be considered standards compliant. A certification meter must be used to ensure that all of
the tests are passed in order to be considered standards compliant. These tests ensure that the cable links will
function reliably at high speeds and frequencies. Cable tests should be performed when the cable is installed
and afterward on a regular basis to ensure that LAN cabling meets industry standards. High quality cable test
instruments should be correctly used to ensure that the tests are accurate. Test results should also be carefully
documented.

1. Time-based Paremeters

4.2.8 Testing optical fiber


This page will explain how optical fiber is tested.
A fiber link consists of two separate glass fibers functioning as independent data pathways. One fiber carries
transmitted signals in one direction, while the second carries signals in the opposite direction. Each glass fiber
is surrounded by a sheath that light cannot pass through, so there are no crosstalk problems on fiber optic cable.
External electromagnetic interference or noise has no affect on fiber cabling. Attenuation does occur on fiber
links, but to a lesser extent than on copper cabling.
Fiber links are subject to the optical equivalent of UTP impedance discontinuities. -1- When light encounters an
optical discontinuity, like an impurity in the glass or a micro-fracture, some of the light signal is reflected back
in the opposite direction. This means only a fraction of the original light signal will continue down the fiber
towards the receiver. This results in a reduced amount of light energy arriving at the receiver, making signal
recognition difficult. Just as with UTP cable, improperly installed connectors are the main cause of light
reflection and signal strength loss in optical fiber.
Because noise is not an issue when transmitting on optical fiber, the main concern with a fiber link is the
strength of the light signal that arrives at the receiver. If attenuation weakens the light signal at the receiver,
then data errors will result. Testing fiber optic cable primarily involves shining a light down the fiber and
measuring whether a sufficient amount of light reaches the receiver.
On a fiber optic link, the acceptable amount of signal power loss that can occur without dropping below the
requirements of the receiver must be calculated. This calculation is referred to as the optical link loss budget. A
fiber test instrument, known as a light source and power meter, checks whether the optical link loss budget has
been exceeded. -2- If the fiber fails the test, another cable test instrument can be used to indicate where the
optical discontinuities occur along the length of the cable link. An optical TDR known as an OTDR is capable
of locating these discontinuities. Usually, the problem is one or more improperly attached connectors. The
OTDR will indicate the location of the faulty connections that must be replaced. When the faults are corrected,
the cable must be retested.

1. Discontinuity
118
Only for individual use – not for distribute on Internet
2. Calibrated Light Source and Power Meter

4.2.9 A new standard


This page discusses the new test standards for Category 6 cable.
On June 20, 2002, the Category 6 addition to the TIA-568 standard was published. The official title of the
standard is ANSI/TIA/EIA-568-B.2-1. This new standard specifies the original set of performance parameters
that need to be tested for Ethernet cabling as well as the passing scores for each of these tests. Cables certified
as Category 6 cable must pass all ten tests.
Although the Category 6 tests are essentially the same as those specified by the Category 5 standard, Category
6 cable must pass the tests with higher scores to be certified. Category 6 cable must be capable of carrying
frequencies up to 250 MHz and must have lower levels of crosstalk and return loss.
A quality cable tester similar to the Fluke DSP-4000 series or Fluke OMNIScanner2 can perform all the test
measurements required for Category 5, Category 5e, and Category 6 cable certifications of both permanent
links and channel links. Figure -1- shows the Fluke DSP-4100 Cable Analyzer with a DSP-LIA013
Channel/Traffic Adapter for Category 5e.
The Lab Activities will teach students how to use a cable tester.

1. Fluke DSP-LIA013 Channel/Traffic Adapter

Summary

This page summarizes the topics discussed in this module.


Data symbolizing characters, words, pictures, video, or music can be represented electrically by voltage
patterns on wires and in electronic devices. The data represented by these voltage patterns can be converted to
light waves or radio waves, and then back to voltage patterns. Waves are energy traveling from one place to
another, and are created by disturbances. All waves have similar attributes such as amplitude, period, and
frequency. Sine waves are periodic, continuously varying functions. Analog signals look like sine waves.
Square waves are periodic functions whose values remain constant for a period of time and then change
abruptly. Digital signals look like square waves.
Exponents are used to represent very large or very small numbers. The base of a number raised to a positive
exponent is equal to the base multiplied by itself exponent times. For example, 103 = 10x10x10 = 1000.
119
Only for individual use – not for distribute on Internet
Logarithms are similar to exponents. A logarithm to the base of 10 of a number equals the exponent to
which 10 would have to be raised in order to equal the number. For example, log10 1000 = 3 because 103 =
1000.
Decibels are measurements of a gain or loss in the power of a signal. Negative values represent losses and
positive values represent gains. Time and frequency analysis can both be used to graph the voltage or power of
a signal.
Undesirable signals in a communications system are called noise. Noise originates from other cables, radio
frequency interference (RFI), and electromagnetic interference (EMI). Noise may affect all signal frequencies
or a subset of frequencies.
Analog bandwidth is the frequency range that is associated with certain analog transmission, such as
television or FM radio. Digital bandwidth measures how much information can flow from one place to another
in a given amount of time. Its units are in various multiples of bits per second.
On copper cable, data signals are represented by voltage levels that correspond to binary ones and zeros.
In order for the LAN to operate properly, the receiving device must be able to accurately interpret the bit
signal. Proper cable installation according to standards increases LAN reliability and performance.
Signal degradation is due to various factors such as attenuation, impedance mismatch, noise, and several types
of crosstalk. Attenuation is the decrease in signal amplitude over the length of a link. Impedance is a
measurement of resistance to the electrical signal. Cables and the connectors used on them must have similar
impedance values or some of the data signal may be reflected back from a connector. This is referred to as
impedance mismatch or impedance discontinuity. Noise is any electrical energy on the transmission cable that
makes it difficult for a receiver to interpret the data sent from the transmitter. Crosstalk involves the
transmission of signals from one wire to a nearby wire. There are three distinct types of crosstalk: Near-end
Crosstalk (NEXT), Far-end Crosstalk (FEXT), Power Sum Near-end Crosstalk (PSNEXT).
STP and UTP cable are designed to take advantage of the effects of crosstalk in order to minimize noise.
Additionally, STP contains an outer conductive shield and inner foil shields that make it less susceptible to
noise. UTP contains no shielding and is more susceptible to external noise but is the most frequently used
because it is inexpensive and easier to install.
Fiber-optic cable is used to transmit data signals by increasing and decreasing the intensity of light to
represent binary ones and zeros. The strength of a light signal does not diminish like the strength of an
electrical signal does over an identical run length. Optical signals are not affected by electrical noise, and
optical fiber does not need to be grounded. Therefore, optical fiber is often used between buildings and
between floors within a building.
The TIA/EIA-568-B standard specifies ten tests that a copper cable must pass if it will be used for modern,
high-speed Ethernet LANs. Optical fiber must also be tested according to networking standards. Category 6
cable must meet more rigorous frequency testing standards than Category 5 cable.

120
Only for individual use – not for distribute on Internet
Test 1

5 Cabling LANs and WANs

Overview
Even though each LAN is unique, there are many design aspects that are common to all LANs. For example,
most LANs follow the same standards and use the same components. This module presents information on
elements of Ethernet LANs and common LAN devices.
There are several types of WAN connections. They range from dial-up to broadband access and differ in
bandwidth, cost, and required equipment. This module presents information on the various types of WAN
connections.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams.
Students who complete this module should be able to perform the following tasks:
 Identify characteristics of Ethernet networks
 Identify straight-through, crossover, and rollover cables
 Describe the function, advantages, and disadvantages of repeaters, hubs, bridges, switches, and wireless
network components
 Describe the function of peer-to-peer networks
 Describe the function, advantages, and disadvantages of client-server networks
 Describe and differentiate between serial, ISDN, DSL, and cable modem WAN connections
 Identify router serial ports, cables, and connectors
 Identify and describe the placement of equipment used in various WAN configurations

1. Cabling LANs and WANs

121
Only for individual use – not for distribute on Internet
2. CCNA 640-801 Exam

3. ICND 640-811 Exam

4. INTRO 640-821 Exam

122
Only for individual use – not for distribute on Internet
5.1 Cablings LANs

5.1.1 LAN physical layer


This page describes the LAN physical layer.
Various symbols are used to represent media types. Token Ring is represented by a circle. FDDI is represented
by two concentric circles and the Ethernet symbol is represented by a straight line. Serial connections are
represented by a lightning bolt.
Each computer network can be built with many different media types. The function of media is to carry a flow
of information through a LAN. Wireless LANs use the atmosphere, or space, as the medium. Other networking
media confine network signals to a wire, cable, or fiber. Networking media are considered Layer 1, or physical
layer, components of LANs.
Each type of media has advantages and disadvantages. These are based on the following factors:
 Cable length
 Cost
 Ease of installation
 Susceptibility to interference
Coaxial cable, optical fiber, and space can carry network signals. This module will focus on Category 5 UTP,
which includes the Category 5e family of cables.
Many topologies support LANs, as well as many different physical media. Figure -1- shows a subset of
physical layer implementations that can be deployed to support Ethernet.

1. Media

2. LAN Physical Layer Implementation

123
Only for individual use – not for distribute on Internet
5.1.2 Ethernet in the campus
This page will discuss Ethernet.
Ethernet is the most widely used LAN technology. Ethernet was first implemented by the Digital, Intel, and
Xerox group (DIX). DIX created and implemented the first Ethernet LAN specification, which was used as the
basis for the Institute of Electrical and Electronics Engineers (IEEE) 802.3 specification, released in 1980.
IEEE extended 802.3 to three new committees known as 802.3u for Fast Ethernet, 802.3z for Gigabit Ethernet
over fiber, and 802.3ab for Gigabit Ethernet over UTP.
A network may require an upgrade to one of the faster Ethernet topologies. Most Ethernet networks support
speeds of 10 Mbps and 100 Mbps.
The new generation of multimedia, imaging, and database products can easily overwhelm a network that
operates at traditional Ethernet speeds of 10 and 100 Mbps. Network administrators may choose to provide
Gigabit Ethernet from the backbone to the end user. -1- Installation costs for new cables and adapters can make
this prohibitive.
There are several ways that Ethernet technologies can be used in a campus network:
 An Ethernet speed of 10 Mbps can be used at the user level to provide good performance. Clients or
servers that require more bandwidth can use 100-Mbps Ethernet.
 Fast Ethernet is used as the link between user and network devices. It can support the combination of
all traffic from each Ethernet segment.
 Fast Ethernet can be used to connect enterprise servers. This will enhance client-server performance
across the campus network and help prevent bottlenecks.
 Fast Ethernet or Gigabit Ethernet should be implemented between backbone devices, based on
affordability.

1. Ethernet in the Campus

5.1.3 Ethernet media and connector requirements


This page provides important considerations for an Ethernet implementation. These include the media and
connector requirements and the level of network performance.

124
Only for individual use – not for distribute on Internet
The cables and connector specifications used to support Ethernet implementations are derived from the
EIA/TIA standards. The categories of cabling defined for Ethernet are derived from the EIA/TIA-568 SP-2840
Commercial Building Telecommunications Wiring Standards.
Figure -1- compares the cable and connector specifications for the most popular Ethernet implementations. It is
important to note the difference in the media used for 10-Mbps Ethernet versus 100-Mbps Ethernet. Networks
with a combination of 10- and 100-Mbps traffic use Category 5 UTP to support Fast Ethernet.

1. Ethernet media and connector requirements

5.1.4 Connection media


This page describes the different connection types used by each physical layer implementation, as shown in
Figure -1- . The RJ-45 connector and jack are the most common. RJ-45 connectors are discussed in more detail
in the next section.
The connector on a NIC may not match the media to which it needs to connect. As shown in Figure -2- , an
interface may exist for the 15-pin attachment unit interface (AUI) connector. The AUI connector allows
different media to connect when used with the appropriate transceiver. A transceiver is an adapter that converts
one type of connection to another. A transceiver will usually convert an AUI to an RJ-45, a coax, or a fiber
optic connector. On 10BASE5 Ethernet, or Thicknet, a short cable is used to connect the AUI with a
transceiver on the main cable.

1. Diferentiating betwen Connections

125
Only for individual use – not for distribute on Internet
5.1.5 UTP implementation
This page provides detailed information for a UTP implementation.
EIA/TIA specifies an RJ-45 connector for UTP cable. The letters RJ stand for registered jack and the number
45 refers to a specific wiring sequence. The RJ-45 transparent end connector shows eight colored wires. Four
of the wires, T1 through T4, carry the voltage and are called tip. The other four wires, R1 through R4, are
grounded and are called ring. Tip and ring are terms that originated in the early days of the telephone. Today,
these terms refer to the positive and the negative wire in a pair. The wires in the first pair in a cable or a
connector are designated as T1 and R1. The second pair is T2 and R2, the third is T3 and R3, and the fourth is
T4 and R4.
The RJ-45 connector is the male component, which is crimped on the end of the cable. When a male connector
is viewed from the front, the pin locations are numbered from 8 on the left to 1 on the right as seen in Figure -
1- .
The jack, as seen in Figure -2- , is the female component in a network device, wall outlet, or patch panel.
Figure -3- shows the punch-down connections at the back of the jack where the Ethernet UTP cable connects.
For electricity to run between the connector and the jack, the order of the wires must follow T568A or T568B
color code found in the EIA/TIA-568-B.1 standard, as shown in Figure -4- . To determine the EIA/TIA
category of cable that should be used to connect a device, refer to the documentation for that device or look for
a label on the device near the jack. If there are no labels or documentation available, use Category 5E or
greater as higher categories can be used in place of lower ones. Then determine whether to use a straight-
through cable or a crossover cable.
If the two RJ-45 connectors of a cable are held side by side in the same orientation, the colored wires will be
seen in each. If the order of the colored wires is the same at each end, then the cable is a straight-through, as
seen in Figure -5- .
In a crossover cable, the RJ-45 connectors on both ends show that some of the wires are connected to different
pins on each side of the cable. Figure -6- shows that pins 1 and 2 on one connector connect to pins 3 and 6 on
the other.
Figure -7- shows the guidelines that are used to determine the type of cable that is required to connect Cisco
devices.
Use straight-through cables for the following connections:
 Switch to router
 Switch to PC or server
 Hub to PC or server
Use crossover cables for the following connections:
 Switch to switch
 Switch to hub
 Hub to hub
 Router to router
 PC to PC
 Router to PC
Figure -8- illustrates how a variety of cable types may be required in a given network. The category of UTP
cable required is based on the type of Ethernet that is chosen.
The Lab Activity shows the termination process for an RJ-45 jack.
The Interactive Media Activities provide detailed views of a straight-through and crossover cable.

126
Only for individual use – not for distribute on Internet
1. RJ-45 Connector 2. RJ-45 Jack ( front view )

3. RJ-45 Jack 4. T568-A and T568-B Color Code

5. UTP implementation – Straight-Trough 6. Interconnecting Devices Using CROSSOVER Cable

7. UTP implementation – CROSSOVER 8. Interconnecting Devices Using CROSSOVER Cable

127
Only for individual use – not for distribute on Internet

5.1.6 Repeaters ( first level of OSI model )


This page will discuss how a repeater is used on a network.
The term repeater comes from the early days of long distance communication. A repeater was a person on one
hill who would repeat the signal that was just received from the person on the previous hill. The process would
repeat until the message arrived at its destination. Telegraph, telephone, microwave, and optical
communications use repeaters to strengthen signals sent over long distances.
A repeater receives a signal, regenerates it, and passes it on. It can regenerate and retime network signals at the
bit level to allow them to travel a longer distance on the media. -1- Ethernet and IEEE 802.3 implement a rule,
known as the 5-4-3 rule, for the number of repeaters and segments on shared access Ethernet backbones in a
tree topology. The 5-4-3 rule divides the network into two types of physical segments: populated (user)
segments, and unpopulated (link) segments. User segments have users' systems connected to them. Link
segments are used to connect the network repeaters together. The rule mandates that between any two nodes on

128
Only for individual use – not for distribute on Internet
the network, there can only be a maximum of five segments, connected through four repeaters, or
concentrators, and only three of the five segments may contain user connections.
The Ethernet protocol requires that a signal sent out over the LAN reach every part of the network within a
specified length of time. The 5-4-3 rule ensures this. Each repeater that a signal goes through adds a small
amount of time to the process, so the rule is designed to minimize transmission times of the signals. Too much
latency on the LAN increases the number of late collisions and makes the LAN less efficient.
The rule 5-4-3 ( 5 = max 5 segments, 4 = max 4 REPEATERs between segments, 3 = max 3 users per
segments

1. Repeaters

5.1.7 Hubs ( first level of OSI model )


This page will describe the three types of hubs.
Hubs are actually multiport repeaters. The difference between hubs and repeaters is usually the number of ports
that each device provides. A typical repeater usually has two ports. A hub generally has from 4 to 24 ports. -1-
Hubs are most commonly used in Ethernet 10BASE-T or 100BASE-T networks.
The use of a hub changes the network from a linear bus with each device plugged directly into the wire to a
star topology. Data that arrives over the cables to a hub port is electrically repeated on all the other ports
connected to the network segment.
HUB come in three basic types:
 Passive – A passive hub serves as a physical connection point only. It does not manipulate or view the
traffic that crosses it. It does not boost or clean the signal. A passive hub is used only to share the
physical media. A passive hub does not need electrical power.
 Active – An active hub must be plugged into an electrical outlet because it needs power to amplify a
signal before it is sent to the other ports.
 Intelligent – Intelligent hubs are sometimes called smart hubs. They function like active hubs with
microprocessor chips and diagnostic capabilities. Intelligent hubs are more expensive than active hubs.
They are also more useful in troubleshooting situations.
Devices attached to a hub receive all traffic that travels through the hub. If many devices are attached to the
hub, collisions are more likely to occur. A collision occurs when two or more workstations send data over the
network wire at the same time. All data is corrupted when this occurs. All devices that are connected to the
same network segment are members of the same collision domain.
129
Only for individual use – not for distribute on Internet
Sometimes hubs are called concentrators since they are central connection points for Ethernet LANs.
The Lab Activity will teach students about the price of different network components.

1. 8 Port HUB

5.1.8 Wireless
This page will explain how a wireless network can be created with much less cabling than other networks.
Wireless signals are electromagnetic waves that travel through the air. Wireless networks use radio
frequency (RF), laser, infrared (IR), satellite, or microwaves to carry signals between computers without
a permanent cable connection. The only permanent cabling can be to the access points for the network.
Workstations within the range of the wireless network can be moved easily without the need to connect and
reconnect network cables.
A common application of wireless data communication is for mobile use. Some examples of mobile use
include commuters, airplanes, satellites, remote space probes, space shuttles, and space stations.
At the core of wireless communication are devices called transmitters and receivers. The transmitter converts
source data to electromagnetic waves that are sent to the receiver. The receiver then converts these
electromagnetic waves back into data for the destination. For two-way communication, each device requires a
transmitter and a receiver. Many networking device manufacturers build the transmitter and receiver into a
single unit called a transceiver or wireless network card. -1- All devices in a WLAN must have the correct
wireless network card installed.
The two most common wireless technologies used for networking are IR and RF. IR technology has its
weaknesses. Workstations and digital devices must be in the line of sight of the transmitter to work correctly.
An infrared-based network can be used when all the digital devices that require network connectivity are in one
room. IR networking technology can be installed quickly. However, the data signals can be weakened or
obstructed by people who walk across the room or by moisture in the air. New IR technologies will be able to
work out of sight.
RF technology allows devices to be in different rooms or buildings. The limited range of radio signals restricts
the use of this kind of network. RF technology can be on single or multiple frequencies. A single radio
frequency is subject to outside interference and geographic obstructions. It is also easily monitored by others,
which makes the transmissions of data insecure. Spread spectrum uses multiple frequencies to increase the
immunity to noise and to make it difficult for outsiders to intercept data transmissions.
Two approaches that are used to implement spread spectrum for WLAN transmissions are Frequency Hopping
Spread Spectrum (FHSS) and Direct Sequence Spread Spectrum (DSSS). The technical details of how these
technologies work are beyond the scope of this course.
A large LAN can be broken into smaller segments

130
Only for individual use – not for distribute on Internet
1. Wireless Media

5.1.9 Bridges ( second level of OSI model )


This page will explain the function of bridges in a LAN.
There are times when it is necessary to break up a large LAN into smaller and more easily managed segments.
-1- This decreases the amount of traffic on a single LAN and can extend the geographical area past what a
single LAN can support. The devices that are used to connect network segments together include bridges,
switches, routers, and gateways. Switches and bridges operate at the data link layer of the OSI model. The
function of the bridge is to make intelligent decisions about whether or not to pass signals on to the next
segment of a network.
When a bridge receives a frame on the network, the destination MAC address is looked up in the bridge table
to determine whether to filter, flood, or copy the frame onto another segment. This decision process occurs as
follows: -2-, -3-
 If the destination device is on the same segment as the frame, the bridge will not send the frame onto
other segments. This process is known as filtering.
 If the destination device is on a different segment, the bridge forwards the frame to the appropriate
segment.
 If the destination address is unknown to the bridge, the bridge forwards the frame to all segments
except the one on which it was received. This process is known as flooding.
If placed strategically, a bridge can greatly improve network performance.

1. Bridges Segmenting a Network


131
Only for individual use – not for distribute on Internet

2. Bridges Segmenting a Network

2. Bridges Segmenting a Network

5.1.10 Switches ( second level of OSI model )


This page will explain the function of switches.

A switch is sometimes described as a multiport bridge. -1- A typical bridge may have only two ports that link
two network segments. A switch can have multiple ports based on the number of network segments that need
to be linked. Like bridges, switches learn information about the data frames that are received from computers
on the network. Switches use this information to build tables to determine the destination of data that is sent
between computers on the network. -2-

Although there are some similarities between the two, a switch is a more sophisticated device than a bridge. A
bridge determines whether the frame should be forwarded to the other network segment based on the
destination MAC address. A switch has many ports with many network segments connected to them. A
switch chooses the port to which the destination device or workstation is connected. Ethernet switches are
popular connectivity solutions because they improve network speed, bandwidth, and performance.

Switching is a technology that alleviates congestion in Ethernet LANs. Switches reduce traffic and increase
bandwidth. Switches can easily replace hubs because switches work with the cable infrastructures that are
already in place. This improves performance with minimal changes to a network.

All switching equipment perform two basic operations. The first operation is called switching data frames.
This is the process by which a frame is received on an input medium and then transmitted to an output
medium. The second is the maintenance of switching operations where switches build and maintain switching
tables and search for loops.

Switches operate at much higher speeds than bridges and can support new functionality, such as virtual LANs.

132
Only for individual use – not for distribute on Internet
An Ethernet switch has many benefits. One benefit is that it allows many users to communicate at the same
time through the use of virtual circuits and dedicated network segments in a virtually collision-free
environment. -3- This maximizes the bandwidth available on the shared medium. Another benefit is that a
switched LAN environment is very cost effective since the hardware and cables in place can be reused.

The Lab activity will help students understand the price of a LAN switch.

1. Cisco 2900 series Switch

2. Switching Table

3. Microsegmentation of the Network

133
Only for individual use – not for distribute on Internet
5.1.11 Host connectivity
This page will explain how NICs provide network connectivity.
The function of a NIC is to connect a host device to the network medium. A NIC is a printed circuit board that
fits into the expansion slot on the motherboard or peripheral device of a computer. -1-, -2- The NIC is also
referred to as a network adapter. On laptop or notebook computers a NIC is the size of a credit card.
NICs are considered Layer 2 devices because each NIC carries a unique code called a MAC address. This
address is used to control data communication for the host on the network. More will be learned about the
MAC address later. NICs control host access to the medium.
In some cases the type of connector on the NIC does not match the type of media that needs to be connected to
it. A good example is a Cisco 2500 router. This router has an AUI connector. That AUI connector needs to
connect to a UTP Category 5 Ethernet cable. A transceiver is used to do this. A transceiver converts one type
of signal or connector to another. For example, a transceiver can connect a 15-pin AUI interface to an RJ-
45 jack. It is considered a Layer 1 device because it only works with bits and not with any address information
or higher-level protocols.
NICs have no standardized symbol. It is implied that, when networking devices are attached to network media,
there is a NIC or NIC-like device present. A dot on a topology map represents either a NIC interface or port,
which acts like a NIC.

1. Network Interface Card ( NIC ) ( second Level OSI Models )

5.1.12 Peer-to-peer
This page covers peer-to-peer networks.
When LAN and WAN technologies are used, many computers are interconnected to provide services to their
users. To accomplish this, networked computers take on different roles or functions in relation to each other. -
1- Some types of applications require computers to function as equal partners. Other types of applications
distribute their work so that one computer functions to serve a number of others in an unequal relationship.
Two computers generally use request and response protocols to communicate with each other. One computer
issues a request for a service, and a second computer receives and responds to that request. The requestor acts
like a client and the responder acts like a server.
In a peer-to-peer network, networked computers act as equal partners, or peers. As peers, each computer can
take on the client function or the server function. Computer A may request for a file from Computer B, which
then sends the file to Computer A. Computer A acts like the client and Computer B acts like the server. At a
later time, Computers A and B can reverse roles.
In a peer-to-peer network, individual users control their own resources. The users may decide to share certain
files with other users. -2-, -3- The users may also require passwords before they allow others to access their
resources. Since individual users make these decisions, there is no central point of control or administration in

134
Only for individual use – not for distribute on Internet
the network. In addition, individual users must back up their own systems to be able to recover from data loss
in case of failures. When a computer acts as a server, the user of that machine may experience reduced
performance as the machine serves the requests made by other systems.
Peer-to-peer networks are relatively easy to install and operate. No additional equipment is necessary beyond a
suitable operating system installed on each computer. Since users control their own resources, no dedicated
administrators are needed.
As networks grow, peer-to-peer relationships become increasingly difficult to coordinate. A peer-to-peer
network works well with ten or fewer computers. Since peer-to-peer networks do not scale well, their
efficiency decreases rapidly as the number of computers on the network increases. Also, individual users
control access to the resources on their computers, which means security may be difficult to maintain. The
client/server model of networking can be used to overcome the limitations of the peer-to-peer network.
Students will create a simple peer-to-peer network in the Lab Activity.

1. Peer-to-Peer

2. Shared Access

135
Only for individual use – not for distribute on Internet
5.1.13 Client/server
This page will describe a client/server environment.
In a client/server arrangement, network services are located on a dedicated computer called a server. The server
responds to the requests of clients. -1- The server is a central computer that is continuously available to respond
to requests from clients for file, print, application, and other services. Most network operating systems adopt
the form of a client/server relationship. Typically, desktop computers function as clients and one or more
computers with additional processing power, memory, and specialized software function as servers. -2-
Servers are designed to handle requests from many clients simultaneously. Before a client can access the server
resources, the client must be identified and be authorized to use the resource. Each client is assigned an
account name and password that is verified by an authentication service. The authentication service guards
access to the network. With the centralization of user accounts, security, and access control, server-based
networks simplify the administration of large networks.
The concentration of network resources such as files, printers, and applications on servers also makes it easier
to back-up and maintain the data. Resources can be located on specialized, dedicated servers for easier access.
Most client/server systems also include ways to enhance the network with new services that extend the
usefulness of the network.
The centralized functions in a client/server network has substantial advantages and some disadvantages.
Although a centralized server enhances security, ease of access, and control, it introduces a single point of
failure into the network. Without an operational server, the network cannot function at all. Servers require a
trained, expert staff member to administer and maintain. Server systems also require additional hardware and
specialized software that add to the cost.
Figures -3- and -4- summarize the advantages and disadvantages of peer-to-peer and client/server networks.
In the Lab Activities, students will build a hub-based network and a switch-based network. This page
concludes this lesson.

1. Client/Server

2. Client/Server

136
Only for individual use – not for distribute on Internet
3. Peer-to-Peer versus Client/Server - ADVANTAGES

4. Peer-to-Peer versus Client/Server - DISANDVATAGES

5.1.14 WAN physical laye


This page describes the WAN physical layer.
The physical layer implementations vary based on the distance of the equipment from each service, the speed,
and the type of service. Serial connections are used to support WAN services such as dedicated leased lines
that run PPP or Frame Relay. The speed of these connections ranges from 2400 bps to T1 service at 1.544
Mbps and E1 service at 2.048 Mbps.
ISDN offers dial-on-demand connections or dial backup services. An ISDN Basic Rate Interface (BRI) is
composed of two 64 kbps bearer channels (B channels) for data, and one delta channel (D channel) at 16 kbps
used for signaling and other link-management tasks. PPP is typically used to carry data over the B channels.
As the demand for residential broadband high-speed services has increased, DSL and cable modem
connections have become more popular. Typical residential DSL service can achieve T1/E1 speeds over the
telephone line. Cable services use the coaxial cable TV line. A coaxial cable line provides high-speed
connectivity that matches or exceeds DSL. DSL and cable modem service will be covered in more detail in a
later module.
Students can identify the WAN physical layer components in the Interactive Media Activity.

5.2 Cabling WANs

5.2.1 WAN physical layer


This page describes the WAN physical layer.
The physical layer implementations vary based on the distance of the equipment from each service, the speed,
and the type of service. -1- Serial connections are used to support WAN services such as dedicated leased lines
that run PPP or Frame Relay. The speed of these connections ranges from 2400 bps to T1 service at 1.544
Mbps and E1 service at 2.048 Mbps.
ISDN offers dial-on-demand connections or dial backup services. An ISDN Basic Rate Interface (BRI) is
composed of two 64 kbps bearer channels (B channels) for data, and one delta channel (D channel) at 16 kbps
used for signaling and other link-management tasks. PPP is typically used to carry data over the B channels.

137
Only for individual use – not for distribute on Internet
As the demand for residential broadband high-speed services has increased, DSL and cable modem
connections have become more popular. Typical residential DSL service can achieve T1/E1 speeds over the
telephone line. Cable services use the coaxial cable TV line. A coaxial cable line provides high-speed
connectivity that matches or exceeds DSL. DSL and cable modem service will be covered in more detail in a
later module.
Students can identify the WAN physical layer components in the Interactive Media Activity.

1. Types of WAN Service

5.2.2 WAN serial connections


This page will discuss WAN serial connections.
For long distance communication, WANs use serial transmission. This is a process by which bits of data are
sent over a single channel. This process provides reliable long distance communication and the use of a
specific electromagnetic or optical frequency range.
Frequencies are measured in terms of cycles per second and expressed in Hz. Signals transmitted over voice
grade telephone lines use 4 kHz. The size of the frequency range is referred to as bandwidth. In networking,
bandwidth is a measure of the bits per second that are transmitted. -1-
For a Cisco router, physical connectivity at the customer site is provided by one of two types of serial
connections. The first type is a 60-pin connector. The second is a more compact ‗smart serial‘ connector. The
provider connector will vary depending on the type of service equipment. -2-
If the connection is made directly to a service provider, or a device that provides signal clocking such as a
channel/data service unit (CSU/DSU), the router will be a data terminal equipment (DTE) and use a DTE serial
cable. Typically this is the case. However, there are occasions where the local router is required to provide the
clocking rate and therefore will use a data communications equipment (DCE) cable. In the curriculum router
labs one of the connected routers will need to provide the clocking function. Therefore, the connection will
consist of a DCE and a DTE cable.

1. Comparison of Physical Standards

138
Only for individual use – not for distribute on Internet
2. WAN Serial Connections Options

5.2.3 Routers and serial connections


This page will describe how routers and serial connections are used in a WAN.
Routers are responsible for routing data packets from source to destination within the LAN, and for providing
connectivity to the WAN. Within a LAN environment the router contains broadcasts, provides local address
resolution services, such as ARP and RARP, and may segment the network using a subnetwork structure. In
order to provide these services the router must be connected to the LAN and WAN.
In addition to determining the cable type, it is necessary to determine whether DTE or DCE connectors are
required. The DTE is the endpoint of the user‘s device on the WAN link. The DCE is typically the point where
responsibility for delivering data passes into the hands of the service provider.
When connecting directly to a service provider, or to a device such as a CSU/DSU that will perform signal
clocking, the router is a DTE and needs a DTE serial cable. -1- This is typically the case for routers. However,
there are cases when the router will need to be the DCE. When performing a back-to-back router scenario in a
test environment, one of the routers will be a DTE and the other will be a DCE. -2-
When cabling routers for serial connectivity, the routers will either have fixed or modular ports. The type of
port being used will affect the syntax used later to configure each interface.
Interfaces on routers with fixed serial ports are labeled for port type and port number. -3-
Interfaces on routers with modular serial ports are labeled for port type, slot, and port number. -4-The slot is the
location of the module. To configure a port on a modular card, it is necessary to specify the interface using the
syntax ―port type slot number/port number‖. Use the label ―serial 1/0‖, when the interface is serial, the slot
number where the module is installed is slot 1, and the port that is being referenced is port 0.
The first Lab Activity will require students to identify the Ethernet or Fast Ethernet interfaces on a router.
In the next two Lab Activities, students will create and troubleshoot a basic WAN.
1. Serial Implementation of DTE and DCE

139
Only for individual use – not for distribute on Internet
2. Back-to-Back Serial Connection

3. Fixed Interfaces

4. Modular Serial Port Interfaces

5.2.4 Routers and ISDN BRI connections


This page will help students understand ISDN BRI connections.

140
Only for individual use – not for distribute on Internet
With ISDN BRI, two types of interfaces may be used, BRI S/T and BRI U. Determine who is providing the
Network Termination 1 (NT1) device in order to determine which interface type is needed.
An NT1 is an intermediate device located between the router and the service provider ISDN switch. The NT1
is used to connect four-wire subscriber wiring to the conventional two-wire local loop. In North America, the
customer typically provides the NT1, while in the rest of the world the service provider provides the NT1
device.
It may be necessary to provide an external NT1 if the device is not already integrated into the router.
Reviewing the labeling on the router interfaces is usually the easiest way to determine if the router has an
integrated NT1. A BRI interface with an integrated NT1 is labeled BRI U. A BRI interface without an
integrated NT1 is labeled BRI S/T. Because routers can have multiple ISDN interface types, determine which
interface is needed when the router is purchased. The type of BRI interface may be determined by looking at
the port label. -1- To interconnect the ISDN BRI port to the service-provider device, use a UTP Category 5
straight-through cable.

CAUTION:
It is important to insert the cable running from an ISDN BRI port only to an ISDN jack or an
ISDN switch. ISDN BRI uses voltages that can seriously damage non-ISDN devices.

1. Cabling Routers for ISDN Connections

5.2.5 Routers and DSL connections


This page describes routers and DSL connections.
The Cisco 827 ADSL router has one asymmetric digital subscriber line (ADSL) interface. -1- To connect
an ADSL line to the ADSL port on a router, do the following:
 Connect the phone cable to the ADSL port on the router.
 Connect the other end of the phone cable to the phone jack.
To connect a router for DSL service, use a phone cable with RJ-11 connectors. DSL works over standard
telephone lines using pins 3 and 4 on a standard RJ-11 connector.

141
Only for individual use – not for distribute on Internet
1. Cisco 827-4V Router

5.2.6 Routers and cable connections


This page will explain how routers are connected to cable systems.
The Cisco uBR905 cable access router provides high-speed network access on the cable television system to
residential and small office, home office (SOHO) subscribers. The uBR905 router has a coaxial cable, or F-
connector, interface that connects directly to the cable system. Coaxial cable and an F connector are used to
connect the router and cable system.
Use the following steps to connect the Cisco uBR905 cable access router to the cable system:
 Verify that the router is not connected to power.
 Locate the RF coaxial cable coming from the coaxial cable (TV) wall outlet.
 Install a cable splitter/directional coupler, if needed, to separate signals for TV and computer use. If
necessary, also install a high-pass filter to prevent interference between the TV and computer signals.
 Connect the coaxial cable to the F connector of the router. -1- Hand-tighten the connector, making
sure that it is finger-tight, and then give it a 1/6 turn with a wrench.
 Make sure that all other coaxial cable connectors, all intermediate splitters, couplers, or ground blocks,
are securely tightened from the distribution tap to the Cisco uBR905 router.

CAUTION:
Do not over tighten the connector. Over tightening may break off the connector. Do not
use a torque wrench because of the danger of tightening the connector more than the
recommended 1/6 turns after it is finger-tight.

1. Cisco uBR 905 Router

5.2.7 Setting up console connections


This page will explain how console connections are set up.

142
Only for individual use – not for distribute on Internet
To initially configure the Cisco device, a management connection must be directly connected to the device. For
Cisco equipment this management attachment is called a console port. The console port allows monitoring and
configuration of a Cisco hub, switch, or router.

The cable used between a terminal and a console port is a rollover cable, with RJ-45 connectors. The rollover
cable, also known as a console cable, has a different pinout than the straight-through or crossover RJ-45 cables
used with Ethernet or the ISDN BRI. The pinout for a rollover is as follows:

1 to 8
2 to 7
3 to 6
4 to 5
5 to 4
6 to 3
7 to 2
8 to 1
To set up a connection between the terminal and the Cisco console port, perform two steps. First, connect the
devices using a rollover cable from the router console port to the workstation serial port. An RJ-45-to-DB-9 or
an RJ-45-to-DB-25 adapter may be required for the PC or terminal. -1- Next, configure the terminal emulation
application with the following common equipment (COM) port settings: 9600 bps, 8 data bits, no parity, 1 stop
bit, and no flow control.

The AUX port is used to provide out-of-band management through a modem. The AUX port must be
configured by way of the console port before it can be used. The AUX port also uses the settings of 9600 bps,
8 data bits, no parity, 1 stop bit, and no flow control.

In the Lab Activity, students will establish a console connection to a router or switch.
The Interactive Media Activity provides a detailed view of a console cable.

1. Setting UP Console Connections

Summary
This page summarizes the topics discussed in this module.
Ethernet is the most widely used LAN technology and can be implemented on a variety of media. Ethernet
technologies provide a variety of network speeds, from 10 Mbps to Gigabit Ethernet, which can be applied to
appropriate areas of a network. Media and connector requirements differ for various Ethernet implementations.
The connector on a network interface card (NIC) must match the media. A bayonet nut connector (BNC)
connector is required to connect to coaxial cable. A fiber connector is required to connect to fiber media. The
registered jack (RJ-45) connector used with twisted-pair wire is the most common type of connector used in
LAN implementations. Ethernet
143
Only for individual use – not for distribute on Internet
When twisted-pair wire is used to connect devices, the appropriate wire sequence, or pinout, must be
determined as well. A crossover cable is used to connect two similar devices, such as two PCs. A straight-
through cable is used to connect different devices, such as connections between a switch and a PC. A rollover
cable is used to connect a PC to the console port of a router.
Repeaters regenerate and retime network signals and allow them to travel a longer distance on the media. Hubs
are multi-port repeaters. Data arriving at a hub port is electrically repeated on all the other ports connected to
the same network segment, except for the port on which the data arrived. Sometimes hubs are called
concentrators, because hubs often serve as a central connection point for an Ethernet LAN.
A wireless network can be created with much less cabling than other networks. The only permanent cabling
might be to the access points for the network. At the core of wireless communication are devices called
transmitters and receivers. The transmitter converts source data to electromagnetic (EM) waves that are passed
to the receiver. The receiver then converts these electromagnetic waves back into data for the destination. The
two most common wireless technologies used for networking are infrared (IR) and radio frequency (RF).
There are times when it is necessary to break up a large LAN into smaller, more easily managed segments. The
devices that are used to define and connect network segments include bridges, switches, routers, and gateways.
A bridge uses the destination MAC address to determine whether to filter, flood, or copy the frame onto
another segment. If placed strategically, a bridge can greatly improve network performance.
A switch is sometimes described as a multi-port bridge. Although there are some similarities between the two,
a switch is a more sophisticated device than a bridge. Switches operate at much higher speeds than bridges and
can support new functionality, such as virtual LANs.
Routers are responsible for routing data packets from source to destination within the LAN, and for providing
connectivity to the WAN. Within a LAN environment the router controls broadcasts, provides local address
resolution services, such as ARP and RARP, and may segment the network using a subnetwork structure.
Computers typically communicate with each other by using request/response protocols. One computer issues a
request for a service, and a second computer receives and responds to that request. In a peer-to-peer network,
networked computers act as equal partners, or peers. As peers, each computer can take on the client function or
the server function. In a client/server arrangement, network services are located on a dedicated computer called
a server. The server responds to the requests of clients.
WAN connection types include high-speed serial links, ISDN, DSL, and cable modems. Each of these requires
a specific media and connector. To interconnect the ISDN BRI port to the service-provider device, a UTP
Category 5 straight-through cable with RJ-45 connectors, is used. A phone cable and an RJ-11 connector are
used to connect a router for DSL service. Coaxial cable and a BNC connector are used to connect a router for
cable service.
In addition to the connection type, it is necessary to determine whether DTE or DCE connectors are required
on internetworking devices. The DTE is the endpoint of the user‘s private network on the WAN link. The DCE
is typically the point where responsibility for delivering data passes to the service provider. When connecting
directly to a service provider, or to a device such as a CSU/DSU that will perform signal clocking, the router is
a DTE and needs a DTE serial cable. This is typically the case for routers. However, there are cases when the
router will need to be the DCE.

144
Only for individual use – not for distribute on Internet
6 Ethernet Fundamentals
Overview
Ethernet is now the dominant LAN technology in the world. Ethernet is a family of LAN technologies that may
be best understood with the OSI reference model. All LANs must deal with the basic issue of how individual
stations, or nodes, are named. Ethernet specifications support different media, bandwidths, and other Layer 1
and 2 variations. However, the basic frame format and address scheme is the same for all varieties of Ethernet.
Various MAC strategies have been invented to allow multiple stations to access physical media and network
devices. It is important to understand how network devices gain access to the network media before students
can comprehend and troubleshoot the entire network.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -2-, -3-, -4-
Students who complete this module should be able to perform the following tasks: -1-
 Describe the basics of Ethernet technology
 Explain naming rules of Ethernet technology
 Explain how Ethernet relates to the OSI model
 Describe the Ethernet framing process and frame structure
 List Ethernet frame field names and purposes
 Identify the characteristics of CSMA/CD
 Describe Ethernet timing, interframe spacing, and backoff time after a collision
 Define Ethernet errors and collisions
Explain the concept of auto-negotiation in relation to speed and duplex

1. Ethernet Fundamentals

2. CCNA 640-801 Exam

3. ICND 640-811 Exam

145
Only for individual use – not for distribute on Internet
4. INTRO 640-821 Exam

6.1 Ethernet Fundamentals

6.1.1 Introduction to Ethernet


This page provides an introduction to Ethernet. Most of the traffic on the Internet originates and ends with
Ethernet connections. Since it began in the 1970s, Ethernet has evolved to meet the increased demand for high-
speed LANs. When optical fiber media was introduced, Ethernet adapted to take advantage of the superior
bandwidth and low error rate that fiber offers. Now the same protocol that transported data at 3 Mbps in 1973
can carry data at 10 Gbps.
The success of Ethernet is due to the following factors:
 Simplicity and ease of maintenance
 Ability to incorporate new technologies
 Reliability
 Low cost of installation and upgrade
The introduction of Gigabit Ethernet has extended the original LAN technology to distances that make
Ethernet a MAN and WAN standard.
The original idea for Ethernet was to allow two or more hosts to use the same medium with no interference
between the signals. This problem of multiple user access to a shared medium was studied in the early 1970s at
the University of Hawaii. A system called Alohanet was developed to allow various stations on the Hawaiian
Islands structured access to the shared radio frequency band in the atmosphere. -1- This work later formed the
basis for the Ethernet access method known as CSMA/CD.

146
Only for individual use – not for distribute on Internet
The first LAN in the world was the original version of Ethernet. Robert Metcalfe and his coworkers at Xerox
designed it more than thirty years ago. The first Ethernet standard was published in 1980 by a consortium of
Digital Equipment Corporation, Intel, and Xerox (DIX). Metcalfe wanted Ethernet to be a shared standard
from which everyone could benefit, so it was released as an open standard. The first products that were
developed from the Ethernet standard were sold in the early 1980s. Ethernet transmitted at up to 10 Mbps over
thick coaxial cable up to a distance of 2 kilometers (km). This type of coaxial cable was referred to as thicknet
and was about the width of a small finger.
In 1985, the IEEE standards committee for Local and Metropolitan Networks published standards for LANs.
These standards start with the number 802. The standard for Ethernet is 802.3. The IEEE wanted to make sure
that its standards were compatible with the International Standards Organization (ISO) and OSI model. To do
this, the IEEE 802.3 standard had to address the needs of Layer 1 and the lower portion of Layer 2 of the OSI
model. As a result, some small modifications to the original Ethernet standard were made in 802.3.
The differences between the two standards were so minor that any Ethernet NIC can transmit and receive both
Ethernet and 802.3 frames. Essentially, Ethernet and IEEE 802.3 are the same standards.
The 10-Mbps bandwidth of Ethernet was more than enough for the slow PCs of the 1980s. By the early 1990s
PCs became much faster, file sizes increased, and data flow bottlenecks occurred. Most were caused by the low
availability of bandwidth. In 1995, IEEE announced a standard for a 100-Mbps Ethernet. This was followed by
standards for Gigabit Ethernet in 1998 and 1999.
All the standards are essentially compatible with the original Ethernet standard. An Ethernet frame could leave
an older coax 10-Mbps NIC in a PC, be placed onto a 10-Gbps Ethernet fiber link, and end up at a 100-Mbps
NIC. As long as the frame stays on Ethernet networks it is not changed. For this reason Ethernet is considered
very scalable. The bandwidth of the network could be increased many times while the Ethernet technology
remains the same.
The original Ethernet standard has been amended many times to manage new media and higher transmission
rates. These amendments provide standards for new technologies and maintain compatibility between Ethernet
variations.

6.1.2 IEEE Ethernet naming rules


This page focuses on the Ethernet naming rules developed by IEEE.
Ethernet is not one networking technology, but a family of networking technologies that includes Legacy, Fast
Ethernet, and Gigabit Ethernet. Ethernet speeds can be 10, 100, 1000, or 10,000 Mbps. The basic frame format
and the IEEE sublayers of OSI Layers 1 and 2 remain consistent across all forms of Ethernet.
When Ethernet needs to be expanded to add a new medium or capability, the IEEE issues a new supplement to
the 802.3 standard. The new supplements are given a one or two letter designation such as 802.3u. An
abbreviated description, called an identifier, is also assigned to the supplement. -1-
The abbreviated description consists of the following elements:
 A number that indicates the number of Mbps transmitted
 The word base to indicate that baseband signaling is used
 One or more letters of the alphabet indicating the type of medium used. For example, F = fiber
optical cable and T = copper unshielded twisted pair
Ethernet relies on baseband signaling, which uses the entire bandwidth of the transmission medium. The data
signal is transmitted directly over the transmission medium.
In broadband signaling, the data signal is no longer placed directly on the transmission medium. Ethernet used
broadband signaling in the 10BROAD36 standard. 10BROAD36 is the IEEE standard for an 802.3 Ethernet
network using broadband transmission with thick coaxial cable running at 10 Mbps. 10BROAD36 is now
considered obsolete. An analog or carrier signal is modulated by the data signal and then transmitted. Radio
broadcasts and cable TV use broadband signaling.
IEEE cannot force manufacturers to fully comply with any standard. IEEE has two main objectives:
 Supply the information necessary to build devices that comply with Ethernet standards
147
Only for individual use – not for distribute on Internet
 Promote innovation among manufacturers
Students will identify the IEEE 802 standards in the Interactive Media Activity.

1. Ethernet Technologies Have Three Part Name

6.1.3 Ethernet and the OSI model


This page will explain how Ethernet relates to the OSI model.

Ethernet operates in two areas of the OSI model. These are the lower half of the data link layer, which is
known as the MAC sublayer, and the physical layer. -1-

Data that moves from one Ethernet station to another often passes through a repeater. All stations in the same
collision domain see traffic that passes through a repeater. -2- A collision domain is a shared resource.
Problems that originate in one part of a collision domain will usually impact the entire collision domain.

A repeater forwards traffic to all other ports. A repeater never sends traffic out the same port from which it was
received. Any signal detected by a repeater will be forwarded. If the signal is degraded through attenuation or
noise, the repeater will attempt to reconstruct and regenerate the signal.

To guarantee minimum bandwidth and operability, standards specify the maximum number of stations per
segment, maximum segment length, and maximum number of repeaters between stations. Stations separated by
bridges or routers are in different collision domains.
Figure -3- maps a variety of Ethernet technologies to the lower half of OSI Layer 2 and all of Layer 1.
Ethernet at Layer 1 involves signals, bit streams that travel on the media, components that put signals on
media, and various topologies. Ethernet Layer 1 performs a key role in the communication that takes place
between devices, but each of its functions has limitations. Layer 2 addresses these limitations. -4-

Data link sublayers contribute significantly to technological compatibility and computer communications. The
MAC sublayer is concerned with the physical components that will be used to communicate the information.
The Logical Link Control (LLC) sublayer remains relatively independent of the physical equipment that will
be used for the communication process.
Figure -5- maps a variety of Ethernet technologies to the lower half of OSI Layer 2 and all of Layer 1. While
there are other varieties of Ethernet, the ones shown are the most widely used.

1. 802.3 Ethernet in Relation of The OSI Model

148
Only for individual use – not for distribute on Internet
2. A Repeater as Seen by the OSI Model

3. IEEE 802.x Standards

4. Layer 1 versus Layer 2

5. Ethernet Tehnologies Mapped to the OSI Model

149
Only for individual use – not for distribute on Internet
6.1.4 Naming
This page will discuss the MAC addresses used by Ethernet networks.
An address system is required to uniquely identify computers and interfaces to allow for local delivery of
frames on the Ethernet. -1- Ethernet uses MAC addresses that are 48 bits in length and expressed as 12
hexadecimal digits. The first six hexadecimal digits, which are administered by the IEEE, identify the
manufacturer or vendor. This portion of the MAC address is known as the Organizational Unique Identifier
(OUI). The remaining six hexadecimal digits represent the interface serial number or another value
administered by the manufacturer. -2- MAC addresses are sometimes referred to as burned-in MAC addresses
(BIAs) because they are burned into ROM and are copied into RAM when the NIC initializes.
At the data link layer MAC headers and trailers are added to upper layer data. The header and trailer contain
control information intended for the data link layer in the destination system. The data from upper layers is
encapsulated within the data link frame, between the header and trailer, and then sent out on the network.
The NIC uses the MAC address to determine if a message should be passed on to the upper layers of the OSI
model. The NIC does not use CPU processing time to make this assessment. This enables better
communication times on an Ethernet network.
When a device sends data on an Ethernet network, it can use the destination MAC address to open a
communication pathway to the other device. The source device attaches a header with the MAC address of the
intended destination and sends data through the network. As this data travels along the network media the NIC
in each device checks to see if the MAC address matches the physical destination address carried by the data
frame. If there is no match, the NIC discards the data frame. When the data reaches the destination node, the
NIC makes a copy and passes the frame up the OSI layers. On an Ethernet network, all nodes must examine
the MAC header.
All devices that are connected to the Ethernet LAN have MAC addressed interfaces. This includes
workstations, printers, routers, and switches.

1. Nameless Computers of on a Network

2. MAC Address Format

6.1.5 Layer 2 framing


This page will explain how frames are created at Layer 2 of the OSI model.
Encoded bit streams, or data, on physical media represent a tremendous technological accomplishment, but
they, alone, are not enough to make communication happen. Framing provides essential information that could
not be obtained from coded bit streams alone. This information includes the following:
 Which computers are in communication with each other
 When communication between individual computers begins and when it ends

150
Only for individual use – not for distribute on Internet
 Which errors occurred while the computers communicated
 Which computer will communicate next
Framing is the Layer 2 encapsulation process. A frame is the Layer 2 protocol data unit.
A voltage versus time graph could be used to visualize bits. However, it may be too difficult to graph address
and control information for larger units of data. Another type of diagram that could be used is the frame format
diagram, which is based on voltage versus time graphs. Frame format diagrams are read from left to right, just
like an oscilloscope graph. The frame format diagram shows different groupings of bits, or fields, that perform
other functions. -1-
There are many different types of frames described by various standards. A single generic frame has sections
called fields. Each field is composed of bytes. -2- The names of the fields are as follows:
 Start Frame field
 Address field
 Length/Type field
 Data field
 Frame Check Sequence (FCS) field
When computers are connected to a physical medium, there must be a way to inform other computers when
they are about to transmit a frame. Various technologies do this in different ways. Regardless of the
technology, all frames begin with a sequence of bytes to signal the data transmission.
All frames contain naming information, such as the name of the source node, or source MAC address, and the
name of the destination node, or destination MAC address.
Most frames have some specialized fields. In some technologies, a Length field specifies the exact length of a
frame in bytes. Some frames have a Type field, which specifies the Layer 3 protocol used by the device that
wants to send data.
Frames are used to send upper-layer data and ultimately the user application data from a source to a
destination. The data package includes the message to be sent, or user application data. Extra bytes may be
added so frames have a minimum length for timing purposes. LLC bytes are also included with the Data field
in the IEEE standard frames. The LLC sublayer takes the network protocol data, which is an IP packet, and
adds control information to help deliver the packet to the destination node. Layer 2 communicates with the
upper layers through LLC.
All frames and the bits, bytes, and fields contained within them, are susceptible to errors from a variety of
sources. The FCS field contains a number that is calculated by the source node based on the data in the frame.
This number is added to the end of a frame that is sent. When the destination node receives the frame the FCS
number is recalculated and compared with the FCS number included in the frame. If the two numbers are
different, an error is assumed, the frame is discarded.
Because the source cannot detect that the frame has been discarded, retransmission has to be initiated by higher
layer connection-oriented protocols providing data flow control. Because these protocols, such as TCP, expect
frame acknowledgment, ACK, to be sent by the peer station within a certain time, retransmission usually
occurs.
There are three primary ways to calculate the FCS number:
 Cyclic redundancy check (CRC) – performs calculations on the data.
 Two-dimensional parity – places individual bytes in a two-dimensional array and performs
redundancy checks vertically and horizontally on the array, creating an extra byte resulting in an even
or odd number of binary 1s.
 Internet checksum – adds the values of all of the data bits to arrive at a sum.
The node that transmits data must get the attention of other devices to start and end a frame. The Length field
indicates where the frame ends. The frame ends after the FCS. Sometimes there is a formal byte sequence
referred to as an end-frame delimiter.

151
Only for individual use – not for distribute on Internet
1. From Frames to Bits

2. Generic Frame Format

6.1.6 Ethernet frame structure


This page will describe the frame structure of Ethernet networks.
At the data link layer the frame structure is nearly identical for all speeds of Ethernet from 10 Mbps to
10,000 Mbps. -1- However, at the physical layer almost all versions of Ethernet are very different. Each speed
has a distinct set of architecture design rules.
In the version of Ethernet that was developed by DIX prior to the adoption of the IEEE 802.3 version of
Ethernet, the Preamble and Start-of-Frame (SOF) Delimiter were combined into a single field. The binary
pattern was identical. The field labeled Length/Type was only listed as Length in the early IEEE versions and
only as Type in the DIX version. These two uses of the field were officially combined in a later IEEE version
since both uses were common. -2-
The Ethernet II Type field is incorporated into the current 802.3 frame definition. When a node receives a
frame it must examine the Length/Type field to determine which higher-layer protocol is present. If the two-
octet value is equal to or greater than 0x0600 hexadecimal, 1536 decimal, then the contents of the Data Field
are decoded according to the protocol indicated. -3- Ethernet II is the Ethernet frame format that is used in
TCP/IP networks.
IEEE 802.3
IEEE LAN protocol that specifies an implementation of the physical layer and the MAC sublayer of the
data-link layer. IEEE 802.3 uses CSMA/CD access at a variety of speeds over a variety of physical media.
Extensions to the IEEE 802.3 standard specify implementations for Fast Ethernet. Physical variations of the
original IEEE 802.3 specification include 10BASE2, 10BASE5, 10BASE-F, 10BASE-T, and 10Broad36.
Physical variations for Fast Ethernet include 100BASE-T, 100BASE-T4, and 100BASE-X.

152
Only for individual use – not for distribute on Internet
1. IEEE 802.3 Ethernet

2. Ethernet II Frame Format

3. Ethernet II

6.1.7 Ethernet frame fields


This page defines the fields that are used in a frame.
Some of the fields permitted or required in an 802.3 Ethernet frame are as follows: -1-
 Preamble
 SOF Delimiter
 Destination Address
 Source Address
 Length/Type
 Header and Data
 FCS
 Extension

153
Only for individual use – not for distribute on Internet
The preamble is an alternating pattern of ones and zeros used to time synchronization in 10 Mbps and slower
implementations of Ethernet. Faster versions of Ethernet are synchronous so this timing information is
unnecessary but retained for compatibility. -2-
A SOF delimiter consists of a one-octet field that marks the end of the timing information and contains the bit
sequence 10101011.
The destination address can be unicast, multicast, or broadcast.
The Source Address field contains the MAC source address. The source address is generally the unicast
address of the Ethernet node that transmitted the frame. However, many virtual protocols use and sometimes
share a specific source MAC address to identify the virtual entity.
The Length/Type field supports two different uses. If the value is less than 1536 decimal, 0x600 hexadecimal,
then the value indicates length. The length interpretation is used when the LLC layer provides the protocol
identification. The type value indicates which upper-layer protocol will receive the data after the Ethernet
process is complete. The length indicates the number of bytes of data that follows this field.
The Data field and padding if necessary, may be of any length that does not cause the frame to exceed the
maximum frame size. The maximum transmission unit (MTU) for Ethernet is 1500 octets, so the data should
not exceed that size. The content of this field is unspecified. An unspecified amount of data is inserted
immediately after the user data when there is not enough user data for the frame to meet the minimum frame
length. This extra data is called a pad. Ethernet requires each frame to be between 64 and 1518 octets.
A FCS contains a 4-byte CRC value that is created by the device that sends data and is recalculated by the
destination device to check for damaged frames. The corruption of a single bit anywhere from the start of the
Destination Address through the end of the FCS field will cause the checksum to be different. Therefore, the
coverage of the FCS includes itself. It is not possible to distinguish between corruption of the FCS and
corruption of any other field used in the calculation.
2. Preamble

1. IEEE 802.3 and Ethernet III Frame format

6.2 Ethernet Operation


6.2.1 MAC ( protocols )
This page will define MAC and provide examples of deterministic and non-deterministic MAC protocols.
MAC refers to protocols that determine which computer in a shared-media environment, or collision domain, is
allowed to transmit data. MAC and LLC comprise the IEEE version of the OSI Layer 2. MAC and LLC are
sublayers of Layer 2. The two broad categories of MAC are deterministic and non-deterministic.
Examples of deterministic protocols include Token Ring and FDDI. In a Token Ring network, hosts are
arranged in a ring and a special data token travels around the ring to each host in sequence. When a host wants

154
Only for individual use – not for distribute on Internet
to transmit, it seizes the token, transmits the data for a limited time, and then forwards the token to the next
host in the ring. Token Ring is a collisionless environment since only one host can transmit at a time.
Non-deterministic MAC protocols use a first-come, first-served approach. Carrier Sense Multiple Access
with Collision Detection (CSMA/CD) is a simple system. The NIC listens for the absence of a signal on the
media and begins to transmit. If two nodes transmit at the same time a collision occurs and none of the nodes
are able to transmit.
Three common Layer 2 technologies are Token Ring, FDDI, and Ethernet. All three specify Layer 2 issues,
LLC, naming, framing, and MAC, as well as Layer 1 signaling components and media issues. The specific
technologies for each are as follows: -1-
 Ethernet – uses a logical bus topology to control information flow on a linear bus and a physical star or
extended star topology for the cables
 Token Ring – uses a logical ring topology to control information flow and a physical star topology
 FDDI – uses a logical ring topology to control information flow and a physical dual-ring topology

1. Common LAN Technologies

6.2.2 MAC rules and collision detection/backoff


This page describes collision detection and avoidance in a CSMA/CD network.
Ethernet is a shared-media broadcast technology. The access method CSMA/CD used in Ethernet
performs three functions: -1-
 Transmitting and receiving data frames
 Decoding data frames and checking them for valid addresses before passing them to the upper
layers of the OSI model
 Detecting errors within data frames or on the network
In the CSMA/CD access method, networking devices with data to transmit work in a listen-before-transmit
mode. This means when a node wants to send data, it must first check to see whether the networking media is
busy. If the node determines the network is busy, the node will wait a random amount of time before retrying.
If the node determines the networking media is not busy, the node will begin transmitting and listening. The
node listens to ensure no other stations are transmitting at the same time. After completing data transmission
the device will return to listening mode. -2-
Networking devices detect a collision has occurred when the amplitude of the signal on the networking media
increases. When a collision occurs, each node that is transmitting will continue to transmit for a short time to
155
Only for individual use – not for distribute on Internet
ensure that all nodes detect the collision. When all nodes have detected the collision, the backoff algorithm is
invoked and transmission stops. The nodes stop transmitting for a random period of time, determined by the
backoff algorithm. When the delay periods expire, each node can attempt to access the networking media. The
devices that were involved in the collision do not have transmission priority.
The Interactive Media Activity shows the procedure for collision detection in an Ethernet network.

1. CSMA/CD ……... IMPORTANT !!

2. CSMA/CD Process ………IMPORTANT !!

156
Only for individual use – not for distribute on Internet
6.2.3 Ethernet timing
This page explains the importance of slot times in an Ethernet network.

The basic rules and specifications for proper operation of Ethernet are not particularly complicated, though
some of the faster physical layer implementations are becoming so. Despite the basic simplicity, when a
problem occurs in Ethernet it is often quite difficult to isolate the source. Because of the common bus
architecture of Ethernet, also described as a distributed single point of failure, the scope of the problem usually
encompasses all devices within the collision domain. In situations where repeaters are used, this can include
devices up to four segments away.

Any station on an Ethernet network wishing to transmit a message first “listens” to ensure that no other station
is currently transmitting. If the cable is quiet, the station will begin transmitting immediately. The electrical
signal takes time to travel down the cable (delay), and each subsequent repeater introduces a small amount of
latency in forwarding the frame from one port to the next. Because of the delay and latency, it is possible for
more than one station to begin transmitting at or near the same time. This results in a collision.

If the attached station is operating in full duplex then the station may send and receive simultaneously and
collisions should not occur. Full-duplex operation also changes the timing considerations and eliminates the
concept of slot time. Full-duplex operation allows for larger network architecture designs since the timing
restriction for collision detection is removed.

In half duplex, assuming that a collision does not occur, the sending station will transmit 64 bits of timing
synchronization information that is known as the preamble. The sending station will then transmit the
following information:

Destination and source MAC addressing information


Certain other header information
The actual data payload
Checksum (FCS) used to ensure that the message was not corrupted along the way
Stations receiving the frame recalculate the FCS to determine if the incoming message is valid and then pass
valid messages to the next higher layer in the protocol stack.

10 Mbps and slower versions of Ethernet are asynchronous. Asynchronous means that each receiving station
will use the eight octets of timing information to synchronize the receive circuit to the incoming data, and then
discard it. 100 Mbps and higher speed implementations of Ethernet are synchronous. Synchronous means the
timing information is not required, however for compatibility reasons the Preamble and Start Frame Delimiter
(SFD) are present.

For all speeds of Ethernet transmission at or below 1000 Mbps, the standard describes how a transmission may
be no smaller than the slot time. Slot time for 10 and 100-Mbps Ethernet is 512 bit-times, or 64 octets. Slot
time for 1000-Mbps Ethernet is 4096 bit-times, or 512 octets. Slot time is calculated assuming maximum cable
lengths on the largest legal network architecture. All hardware propagation delay times are at the legal
maximum and the 32-bit jam signal is used when collisions are detected.

The actual calculated slot time is just longer than the theoretical amount of time required to travel between the
furthest points of the collision domain, collide with another transmission at the last possible instant, and then
have the collision fragments return to the sending station and be detected. For the system to work the first
station must learn about the collision before it finishes sending the smallest legal frame size. To allow 1000-
Mbps Ethernet to operate in half duplex the extension field was added when sending small frames purely to
keep the transmitter busy long enough for a collision fragment to return. This field is present only on 1000-
Mbps, half-duplex links and allows minimum-sized frames to be long enough to meet slot time requirements.
Extension bits are discarded by the receiving station.

On 10-Mbps Ethernet one bit at the MAC layer requires 100 nanoseconds (ns) to transmit. At 100 Mbps that
same bit requires 10 ns to transmit and at 1000 Mbps only takes 1 ns. As a rough estimate, 20.3 cm (8 in) per
157
Only for individual use – not for distribute on Internet
nanosecond is often used for calculating propagation delay down a UTP cable. For 100 meters of UTP, this
means that it takes just under 5 bit-times for a 10BASE-T signal to travel the length the cable. -1-

For CSMA/CD Ethernet to operate, the sending station must become aware of a collision before it has
completed transmission of a minimum-sized frame. At 100 Mbps the system timing is barely able to
accommodate 100 meter cables. At 1000 Mbps special adjustments are required as nearly an entire minimum-
sized frame would be transmitted before the first bit reached the end of the first 100 meters of UTP cable. For
this reason half duplex is not permitted in 10-Gigabit Ethernet.

The Interactive Media Activity will help students identify the bit time of different Ethernet speeds.

1. BIT Time ………….IMPORTANT!

6.2.4 Interframe spacing and backoff


This page explains how spacing is used in an Ethernet network for data transmission.

The minimum spacing between two non-colliding frames is also called the interframe spacing. This is
measured from the last bit of the FCS field of the first frame to the first bit of the preamble of the second
frame. -1-

After a frame has been sent, all stations on a 10-Mbps Ethernet are required to wait a minimum of 96 bit-times
(9.6 microseconds) before any station may legally transmit the next frame. On faster versions of Ethernet the
spacing remains the same, 96 bit-times, but the time required for that interval grows correspondingly shorter.
This interval is referred to as the spacing gap. The gap is intended to allow slow stations time to process the
previous frame and prepare for the next frame.

A repeater is expected to regenerate the full 64 bits of timing information, which is the preamble and SFD, at
the start of any frame. This is despite the potential loss of some of the beginning preamble bits because of slow
synchronization. Because of this forced reintroduction of timing bits, some minor reduction of the interframe
gap is not only possible but expected. Some Ethernet chipsets are sensitive to a shortening of the interframe
spacing, and will begin failing to see frames as the gap is reduced. With the increase in processing power at the
desktop, it would be very easy for a personal computer to saturate an Ethernet segment with traffic and to
begin transmitting again before the interframe spacing delay time is satisfied.

After a collision occurs and all stations allow the cable to become idle (each waits the full interframe spacing),
then the stations that collided must wait an additional and potentially progressively longer period of time
before attempting to retransmit the collided frame. The waiting period is intentionally designed to be
random so that two stations do not delay for the same amount of time before retransmitting, which would result
in more collisions. This is accomplished in part by expanding the interval from which the random
retransmission time is selected on each retransmission attempt. The waiting period is measured in increments
of the parameter slot time. -2-

If the MAC layer is unable to send the frame after sixteen attempts, it gives up and generates an error to the
network layer. Such an occurrence is fairly rare and would happen only under extremely heavy network loads,
or when a physical problem exists on the network.

158
Only for individual use – not for distribute on Internet
1. Interframe Spacing

2. Slot Time Parametar

6.2.5 Error handling


This page will describe collisions and how they are handled on a network.
The most common error condition on Ethernet networks are collisions. -1- Collisions are the mechanism for
resolving contention for network access. A few collisions provide a smooth, simple, low overhead way for
network nodes to arbitrate contention for the network resource. When network contention becomes too great,
collisions can become a significant impediment to useful network operation.
Collisions result in network bandwidth loss that is equal to the initial transmission and the collision jam signal.
This is consumption delay and affects all network nodes possibly causing significant reduction in network
throughput.
The considerable majority of collisions occur very early in the frame, often before the SFD. Collisions
occurring before the SFD are usually not reported to the higher layers, as if the collision did not occur. As soon
as a collision is detected, the sending stations transmit a 32-bit ―jam‖ signal that will enforce the collision. This
is done so that any data being transmitted is thoroughly corrupted and all stations have a chance to detect the
collision.
In Figure -1- two stations listen to ensure that the cable is idle, then transmit. Station 1 was able to transmit a
significant percentage of the frame before the signal even reached the last cable segment. Station 2 had not
received the first bit of the transmission prior to beginning its own transmission and was only able to send
several bits before the NIC sensed the collision. Station 2 immediately truncated the current transmission,
substituted the 32-bit jam signal and ceased all transmissions. During the collision and jam event that Station 2
was experiencing, the collision fragments were working their way back through the repeated collision domain
toward Station 1. Station 2 completed transmission of the 32-bit jam signal and became silent before the
collision propagated back to Station 1 which was still unaware of the collision and continued to transmit. When
the collision fragments finally reached Station 1, it also truncated the current transmission and substituted a 32-
bit jam signal in place of the remainder of the frame it was transmitting. Upon sending the 32-bit jam signal
Station 1 ceased all transmissions.
A jam signal may be composed of any binary data so long as it does not form a proper checksum for the
portion of the frame already transmitted. The most commonly observed data pattern for a jam signal is simply a
repeating one, zero, one, zero pattern, the same as Preamble. When viewed by a protocol analyzer this pattern
appears as either a repeating hexadecimal 5 or A sequence. The corrupted, partially transmitted messages are
often referred to as collision fragments or runts. Normal collisions are less than 64 octets in length and
therefore fail both the minimum length test and the FCS checksum test.

159
Only for individual use – not for distribute on Internet
1. Routine Error Handling in a 10 Mbps Collision Domain

6.2.6 Types of collisions


This page covers the different types of collisions and their characteristics.
Collisions typically take place when two or more Ethernet stations transmit simultaneously within a
collision domain. A single collision is a collision that was detected while trying to transmit a frame, but on the
next attempt the frame was transmitted successfully. Multiple collisions indicate that the same frame collided
repeatedly before being successfully transmitted. The results of collisions, collision fragments, are partial or
corrupted frames that are less than 64 octets and have an invalid FCS. Three types of collisions are: -1-
 Local ( A collision that occurs after the first 64 octets of data has be sent. The NIC will not
automatically retransmit for this type of collision )
 Remote ( A collision where the frame size is less than the minimum bites has an invalid FCS. It also
occurs on the far side of a repeater )
 Late ( A collision where a signal is detected at the RX and at the TX at the same time )
To create a local collision on coax cable (10BASE2 and 10BASE5), the signal travels down the cable until it
encounters a signal from the other station. The waveforms then overlap, canceling some parts of the signal out
and reinforcing or doubling other parts. The doubling of the signal pushes the voltage level of the signal
beyond the allowed maximum. This over-voltage condition is then sensed by all of the stations on the local
cable segment as a collision.
In the beginning the waveform in Figure -2- represents normal Manchester encoded data. A few cycles into the
sample the amplitude of the wave doubles. That is the beginning of the collision, where the two waveforms are
overlapping. Just prior to the end of the sample the amplitude returns to normal. This happens when the first
station to detect the collision quits transmitting, and the jam signal from the second colliding station is still
observed. -2-
On UTP cable, such as 10BASE-T, 100BASE-TX and 1000BASE-T, a collision is detected on the local
segment only when a station detects a signal on the RX pair at the same time it is sending on the TX pair.
Since the two signals are on different pairs there is no characteristic change in the signal. Collisions are only
recognized on UTP when the station is operating in half duplex. The only functional difference between
half and full duplex operation in this regard is whether or not the transmit and receive pairs are permitted to be
used simultaneously. If the station is not engaged in transmitting it cannot detect a local collision. Conversely,

160
Only for individual use – not for distribute on Internet
a cable fault such as excessive crosstalk can cause a station to perceive its own transmission as a local
collision.
The characteristics of a remote collision are a frame that is less than the minimum length, has an invalid FCS
checksum, but does not exhibit the local collision symptom of over-voltage or simultaneous RX/TX activity.
This sort of collision usually results from collisions occurring on the far side of a repeated connection. A
repeater will not forward an over-voltage state, and cannot cause a station to have both the TX and RX pairs
active at the same time. The station would have to be transmitting to have both pairs active, and that would
constitute a local collision. On UTP networks this is the most common sort of collision observed.
There is no possibility remaining for a normal or legal collision after the first 64 octets of data has been
transmitted by the sending stations. Collisions occurring after the first 64 octets are called ―late collisions". The
most significant difference between late collisions and collisions occurring before the first 64 octets is that
the Ethernet NIC will retransmit a normally collided frame automatically, but will not automatically
retransmit a frame that was collided late. As far as the NIC is concerned everything went out fine, and the
upper layers of the protocol stack must determine that the frame was lost. Other than retransmission, a station
detecting a late collision handles it in exactly the same way as a normal collision.
1. Summary of Collision Types: Local, Remote and Late

2. 10BaseSE2 / 10BaseSE5 Local Collision

Types of Collision

6.2.7 Ethernet errors


This page will define common Ethernet errors.
Knowledge of typical errors is invaluable for understanding both the operation and troubleshooting of Ethernet
networks.
The following are the sources of Ethernet error:
161
Only for individual use – not for distribute on Internet
 Collision or runt – Simultaneous transmission occurring before slot time has elapsed
 Late collision – Simultaneous transmission occurring after slot time has elapsed
 Jabber, long frame and range errors – Excessively or illegally long transmission
 Short frame, collision fragment or runt – Illegally short transmission
 FCS error – Corrupted transmission
 Alignment error – Insufficient or excessive number of bits transmitted
 Range error – Actual and reported number of octets in frame do not match
 Ghost or jabber – Unusually long Preamble or Jam event
While local and remote collisions are considered to be a normal part of Ethernet operation, late collisions are
considered to be an error. The presence of errors on a network always suggests that further investigation is
warranted. The severity of the problem indicates the troubleshooting urgency related to the detected errors. A
handful of errors detected over many minutes or over hours would be a low priority. Thousands detected over a
few minutes suggest that urgent attention is warranted.
Jabber is defined in several places in the 802.3 standard as being a transmission of at least 20,000 to 50,000 bit
times in duration. However, most diagnostic tools report jabber whenever a detected transmission exceeds the
maximum legal frame size, which is considerably smaller than 20,000 to 50,000 bit times. Most references to
jabber are more properly called long frames. -1-
A long frame is one that is longer than the maximum legal size, and takes into consideration whether or not the
frame was tagged. It does not consider whether or not the frame had a valid FCS checksum. This error usually
means that jabber was detected on the network.
A short frame is a frame smaller than the minimum legal size of 64 octets, with a good frame check sequence.
Some protocol analyzers and network monitors call these frames ―runts". In general the presence of short
frames is not a guarantee that the network is failing. -2-
The term runt is generally an imprecise slang term that means something less than a legal frame size. It may
refer to short frames with a valid FCS checksum although it usually refers to collision fragments.
1. Long Frame

2. Short Frame

162
Only for individual use – not for distribute on Internet
Test

6.2.8 FCS and beyond


This page will focus on additional errors that occur on an Ethernet network.
A received frame that has a bad Frame Check Sequence, also referred to as a checksum or CRC error, differs
from the original transmission by at least one bit. In an FCS error frame the header information is probably
correct, but the checksum calculated by the receiving station does not match the checksum appended to the end
of the frame by the sending station. -1- The frame is then discarded.
High numbers of FCS errors from a single station usually indicates a faulty NIC and/or faulty or corrupted
software drivers, or a bad cable connecting that station to the network. If FCS errors are associated with many
stations, they are generally traceable to bad cabling, a faulty version of the NIC driver, a faulty hub port, or
induced noise in the cable system.
A message that does not end on an octet boundary is known as an alignment error. Instead of the correct
number of binary bits forming complete octet groupings, there are additional bits left over (less than eight).
Such a frame is truncated to the nearest octet boundary, and if the FCS checksum fails, then an alignment error
is reported. This is often caused by bad software drivers, or a collision, and is frequently accompanied by a
failure of the FCS checksum.
A frame with a valid value in the Length field but did not match the actual number of octets counted in the data
field of the received frame is known as a range error. This error also appears when the length field value is
less than the minimum legal unpadded size of the data field. A similar error, Out of Range, is reported when
the value in the Length field indicates a data size that is too large to be legal.
Fluke Networks has coined the term ghost to mean energy (noise) detected on the cable that appears to be a
frame, but is lacking a valid SFD. To qualify as a ghost, the frame must be at least 72 octets long, including the
preamble. Otherwise, it is classified as a remote collision. Because of the peculiar nature of ghosts, it is
important to note that test results are largely dependent upon where on the segment the measurement is made.
Ground loops and other wiring problems are usually the cause of ghosting error. Most network monitoring
tools do not recognize the existence of ghosts for the same reason that they do not recognize preamble
collisions. The tools rely entirely on what the chipset tells them. Software-only protocol analyzers, many
hardware-based protocol analyzers, hand held diagnostic tools, as well as most remote monitoring (RMON)
probes do not report these events.
The Interactive Media Activity will help students become familiar with the terms and definitions of Ethernet
errors.
1. FCS Errors

163
Only for individual use – not for distribute on Internet
6.2.9 Ethernet auto-negotiation
This page explains auto-negotiation and how it is accomplished.
As Ethernet grew from 10 to 100 and 1000 Mbps, one requirement was to make each technology interoperable,
even to the point that 10, 100, and 1000 interfaces could be directly connected. A process called Auto-
Negotiation of speeds at half or full duplex was developed. Specifically, at the time that Fast Ethernet was
introduced, the standard included a method of automatically configuring a given interface to match the speed
and capabilities of the link partner. This process defines how two link partners may automatically negotiate a
configuration offering the best common performance level. It has the additional advantage of only involving
the lowest part of the physical layer.
10BASE-T required each station to transmit a link pulse about every 16 milliseconds, whenever the station was
not engaged in transmitting a message. Auto-Negotiation adopted this signal and renamed it a Normal Link
Pulse (NLP). When a series of NLPs are sent in a group for the purpose of Auto-Negotiation, the group is
called a Fast Link Pulse (FLP) burst. Each FLP burst is sent at the same timing interval as an NLP, and is
intended to allow older 10BASE-T devices to operate normally in the event they should receive an FLP burst. -
-1-
Auto-Negotiation is accomplished by transmitting a burst of 10BASE-T Link Pulses from each of the two link
partners. The burst communicates the capabilities of the transmitting station to its link partner. After both
stations have interpreted what the other partner is offering, both switch to the highest performance common
configuration and establish a link at that speed. If anything interrupts communications and the link is lost, the
two link partners first attempt to link again at the last negotiated speed. If that fails, or if it has been too long
since the link was lost, the Auto-Negotiation process starts over. The link may be lost due to external
influences, such as a cable fault, or due to one of the partners issuing a reset.-2-

1. NLP versus FLP Timing

2. Actual FLP Auto-Negotiation Burst

6.2.10 Link establishment and full and half duplex


This page will explain how links are established through Auto-Negotiation and introduce the two duplex
modes.
Link partners are allowed to skip offering configurations of which they are capable. This allows the network
administrator to force ports to a selected speed and duplex setting, without disabling Auto-Negotiation.
Auto-Negotiation is optional for most Ethernet implementations. Gigabit Ethernet requires its implementation,
though the user may disable it. Auto-Negotiation was originally defined for UTP implementations of Ethernet
and has been extended to work with other fiber optic implementations.
When an Auto-Negotiating station first attempts to link it is supposed to enable 100BASE-TX to attempt to
immediately establish a link. If 100BASE-TX signaling is present, and the station supports 100BASE-TX, it
will attempt to establish a link without negotiating. If either signaling produces a link or FLP bursts are
received, the station will proceed with that technology. If a link partner does not offer an FLP burst, but instead
offers NLPs, then that device is automatically assumed to be a 10BASE-T station. During this initial interval of
164
Only for individual use – not for distribute on Internet
testing for other technologies, the transmit path is sending FLP bursts. The standard does not permit parallel
detection of any other technologies.
If a link is established through parallel detection, it is required to be half duplex. There are only two methods
of achieving a full-duplex link. One method is through a completed cycle of Auto-Negotiation, and the other is
to administratively force both link partners to full duplex. If one link partner is forced to full duplex, but the
other partner attempts to Auto-Negotiate, then there is certain to be a duplex mismatch. This will result in
collisions and errors on that link. Additionally if one end is forced to full duplex the other must also be forced.
The exception to this is 10-Gigabit Ethernet, which does not support half duplex.
Many vendors implement hardware in such a way that it cycles through the various possible states. It transmits
FLP bursts to Auto-Negotiate for a while, then it configures for Fast Ethernet, attempts to link for a while, and
then just listens. Some vendors do not offer any transmitted attempt to link until the interface first hears an FLP
burst or some other signaling scheme.
There are two duplex modes, half and full. For shared media, the half-duplex mode is mandatory. All coaxial
implementations are half duplex in nature and cannot operate in full duplex. UTP and fiber implementations
may be operated in half duplex. 10-Gbps implementations are specified for full duplex only.
In half duplex only one station may transmit at a time. For the coaxial implementations a second station
transmitting will cause the signals to overlap and become corrupted. Since UTP and fiber generally transmit on
separate pairs the signals have no opportunity to overlap and become corrupted. Ethernet has established
arbitration rules for resolving conflicts arising from instances when more than one station attempts to transmit
at the same time. Both stations in a point-to-point full-duplex link are permitted to transmit at any time,
regardless of whether the other station is transmitting.
Auto-Negotiation avoids most situations where one station in a point-to-point link is transmitting under half-
duplex rules and the other under full-duplex rules.
In the event that link partners are capable of sharing more than one common technology, refer to the list in
Figure -1- . This list is used to determine which technology should be chosen from the offered configurations.
Fiber-optic Ethernet implementations are not included in this priority resolution list because the interface
electronics and optics do not permit easy reconfiguration between implementations. It is assumed that the
interface configuration is fixed. If the two interfaces are able to Auto-Negotiate then they are already using the
same Ethernet implementation. However, there remain a number of configuration choices such as the duplex
setting, or which station will act as the Master for clocking purposes, that must be determined.

1. Transmission Priority Rank

165
Only for individual use – not for distribute on Internet
Summary
Ethernet is not one networking technology, but a family of LAN technologies that includes Legacy, Fast
Ethernet, and Gigabit Ethernet. When Ethernet needs to be expanded to add a new medium or capability, the
IEEE issues a new supplement to the 802.3 standard. The new supplements are given a one or two letter
designation such as 802.3u. Ethernet relies on baseband signaling, which uses the entire bandwidth of the
transmission medium. Ethernet operates at two layers of the OSI model, the lower half of the data link layer,
known as the MAC sublayer and the physical layer. Ethernet at Layer 1 involves interfacing with media,
signals, bit streams that travel on the media, components that put signals on media, and various physical
topologies. Layer 1 bits need structure so OSI Layer 2 frames are used. The MAC sublayer of Layer 2
determines the type of frame appropriate for the physical media.
The one thing common to all forms of Ethernet is the frame structure. This is what allows the interoperability
of the different types of Ethernet.

Some of the fields permitted or required in an 802.3 Ethernet Frame are:


 Preamble
 Start Frame Delimiter
 Destination Address
 Source Address
 Length/Type
 Data and Pad
 Frame Check Sequence
In 10 Mbps and slower versions of Ethernet, the Preamble provides timing information the receiving node
needs in order to interpret the electrical signals it is receiving. The Start Frame Delimiter marks the end of the
timing information. 10 Mbps and slower versions of Ethernet are asynchronous. That is, they will use the
preamble timing information to synchronize the receive circuit to the incoming data. 100 Mbps and higher
speed implementations of Ethernet are synchronous. Synchronous means the timing information is not
required, however for compatibility reasons the Preamble and SFD are present. The address fields of the
Ethernet frame contain Layer 2, or MAC, addresses.
All frames are susceptible to errors from a variety of sources. The Frame Check Sequence (FCS) field of an
ethernet frame contains a number that is calculated by the source node based on the data in the frame. At the
destination it is recalculated and compared to determine that the data received is complete and error free.
Once the data is framed the Media Access Control (MAC) sublayer is also responsible to determine which
computer on a shared-medium environment, or collision domain, is allowed to transmit the data. There are two
broad categories of Media Access Control, deterministic (taking turns) and non-deterministic (first come, first
served).
Examples of deterministic protocols include Token Ring and FDDI. The carrier sense multiple access with
collision detection (CSMA/CD) access method is a simple non-deterministic system. The NIC listens for an
absence of a signal on the media and starts transmitting. If two nodes or more nodes transmit at the same time a
collision occurs. If a collision is detected the nodes wait a random amount of time and retransmit.
The minimum spacing between two non-colliding frames is also called the interframe spacing. Interframe
spacing is required to insure that all stations have time to process the previous frame and prepare for the next
frame.
Collisions can occur at various points during transmission. A collision where a signal is detected on the receive
and transmit circuits at the same time is referred to as a local collision. A collision that occurs before the
minimum number of bytes can be transmitted is called a remote collision. A collision that occurs after the first
sixty-four octets of data have been sent is considered a late collision. The NIC will not automatically retransmit
for this type of collision.
While local and remote collisions are considered to be a normal part of Ethernet operation, late collisions are
considered to be an error. Ethernet errors result from detection of frames sizes that are longer or shorter than
standards allow or excessively long or illegal transmissions called jabber. Runt is a slang term that refers to
something less than the legal frame size.

166
Only for individual use – not for distribute on Internet
Auto-Negotiation detects the speed and duplex mode, half-duplex or full-duplex, of the device on the other end
of the wire and adjusts to match those settings.

7 CISCO MODUL 7
Overview
Ethernet has been the most successful LAN technology mainly because of how easy it is to implement.
Ethernet has also been successful because it is a flexible technology that has evolved as needs and media
capabilities have changed. This module will provide details about the most important types of Ethernet. The
goal is to help students understand what is common to all forms of Ethernet.
Changes in Ethernet have resulted in major improvements over the 10-Mbps Ethernet of the early 1980s. The
10-Mbps Ethernet standard remained virtually unchanged until 1995 when IEEE announced a standard for a
100-Mbps Fast Ethernet. In recent years, an even more rapid growth in media speed has moved the transition
from Fast Ethernet to Gigabit Ethernet. The standards for Gigabit Ethernet emerged in only three years. A
faster Ethernet version called 10-Gigabit Ethernet is now widely available and faster versions will be
developed.
MAC addresses, CSMA/CD, and the frame format have not been changed from earlier versions of
Ethernet. However, other aspects of the MAC sublayer, physical layer, and medium have changed. Copper-
based NICs capable of 10, 100, or 1000 Mbps are now common. Gigabit switch and router ports are becoming
the standard for wiring closets. Optical fiber to support Gigabit Ethernet is considered a standard for backbone
cables in most new installations.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -2-
Students who complete this module should be able to perform the following tasks: -1-
 Describe the differences and similarities among 10BASE5, 10BASE2, and 10BASE-T Ethernet
 Define Manchester encoding
 List the factors that affect Ethernet timing limits
 List 10BASE-T wiring parameters
 Describe the key characteristics and varieties of 100-Mbps Ethernet
 Describe the evolution of Ethernet
 Explain the MAC methods, frame formats, and transmission process of Gigabit Ethernet
 Describe the uses of specific media and encoding with Gigabit Ethernet
 Identify the pinouts and wiring typical to the various implementations of Gigabit Ethernet
 Describe the similarities and differences between Gigabit and 10-Gigabit Ethernet
 Describe the basic architectural considerations of Gigabit and 10-Gigabit Ethernet

1. Ethernet Technology

167
Only for individual use – not for distribute on Internet
2. Intro 640-821 Exam

7.1 10-Mbps and 100-Mbps Ethernet


7.1.1 10-Mbps Ethernet
This page will discuss 10-Mbps Ethernet technologies.
10BASE5, 10BASE2, and 10BASE-T Ethernet are considered Legacy Ethernet. -1- The four common features
of Legacy Ethernet are timing parameters, the frame format, transmission processes, and a basic design rule.
Figure -2- displays the parameters for 10-Mbps Ethernet operation. 10-Mbps Ethernet and slower versions are
asynchronous. Each receiving station uses eight octets of timing information to synchronize its receive circuit
to the incoming data. 10BASE5, 10BASE2, and 10BASE-T all share the same timing parameters. For
example, 1 bit time at 10 Mbps = 100 nanoseconds (ns) = 0.1 microseconds = 1 10-millionth of a second. This
means that on a 10-Mbps Ethernet network, 1 bit at the MAC sublayer requires 100 ns to transmit.
For all speeds of Ethernet transmission 1000 Mbps or slower, transmission can be no slower than the slot time.
Slot time is just longer than the time it theoretically can take to go from one extreme end of the largest legal
Ethernet collision domain to the other extreme end, collide with another transmission at the last possible
instant, and then have the collision fragments return to the sending station to be detected.
10BASE5, 10BASE2, and 10BASE-T also have a common frame format. -3-
The Legacy Ethernet transmission process is identical until the lower part of the OSI physical layer. As the
frame passes from the MAC sublayer to the physical layer, other processes occur before the bits move from the
physical layer onto the medium. One important process is the signal quality error (SQE) signal. The SQE is a
transmission sent by a transceiver back to the controller to let the controller know whether the collision
circuitry is functional. The SQE is also called a heartbeat. The SQE signal is designed to fix the problem in
earlier versions of Ethernet where a host does not know if a transceiver is connected. SQE is always used in
half-duplex. SQE can be used in full-duplex operation but is not required. SQE is active in the following
instances:
 Within 4 to 8 microseconds after a normal transmission to indicate that the outbound frame was
successfully transmitted
 Whenever there is a collision on the medium

168
Only for individual use – not for distribute on Internet
 Whenever there is an improper signal on the medium, such as jabber, or reflections that result from a
cable short
 Whenever a transmission has been interrupted
All 10-Mbps forms of Ethernet take octets received from the MAC sublayer and perform a process called line
encoding. Line encoding describes how the bits are actually signaled on the wire. The simplest encodings have
undesirable timing and electrical characteristics. Therefore, line codes have been designed with desirable
transmission properties. This form of encoding used in 10-Mbps systems is called Manchester encoding.
Manchester encoding uses the transition in the middle of the timing window to determine the binary value for
that bit period. In Figure -4- , the top waveform moves to a lower position so it is interpreted as a binary zero.
The second waveform moves to a higher position and is interpreted as a binary one. The third waveform has an
alternating binary sequence. When binary data alternates, there is no need to return to the previous voltage
level before the next bit period. The wave forms in the graphic show that the binary bit values are determined
based on the direction of change in a bit period. The voltage levels at the start or end of any bit period are not
used to determine binary values.
Legacy Ethernet has common architectural features. Networks usually contain multiple types of media. The
standard ensures that interoperability is maintained. The overall architectural design is most important in
mixed-media networks. It becomes easier to violate maximum delay limits as the network grows. The timing
limits are based on the following types of parameters:
 Cable length and propagation delay
 Delay of repeaters
 Delay of transceivers
 Interframe gap shrinkage
 Delays within the station
10-Mbps Ethernet operates within the timing limits for a series of up to five segments separated by up to four
repeaters. This is known as the 5-4-3 rule. No more than four repeaters can be used in series between any two
stations. There can also be no more than three populated segments between any two stations.

1. Types of Ethernet

2. Parameters for 10 Mbps Ethernet Operation

169
Only for individual use – not for distribute on Internet
3. Ethernet Frame

4. Manchester Encoding Examples

7.1.2 10Base5
This page will discuss the original 1980 Ethernet product, which is 10BASE5. 10BASE5 transmitted 10 Mbps
over a single thin coaxial cable bus.
10BASE5 is important because it was the first medium used for Ethernet. 10BASE5 was part of the original
802.3 standard. The primary benefit of 10BASE5 was length. 10BASE5 may be found in legacy installations.
It is not recommended for new installations. 10BASE5 systems are inexpensive and require no configuration.
Two disadvantages are that basic components like NICs are very difficult to find and it is sensitive to signal
reflections on the cable. 10BASE5 systems also represent a single point of failure.
10BASE5 uses Manchester encoding. It has a solid central conductor. Each segment of thick coax may be up
to 500 m (1640.4 ft) in length. The cable is large, heavy, and difficult to install. However, the distance
limitations were favorable and this prolonged its use in certain applications.
When the medium is a single coaxial cable, only one station can transmit at a time or a collision will occur.
Therefore, 10BASE5 only runs in half-duplex with a maximum transmission rate of 10 Mbps.
Figure -1- illustrates a configuration for an end-to-end collision domain with the maximum number of segments
and repeaters. Remember that only three segments can have stations connected to them. The other two repeated
segments are used to extend the network.

170
Only for individual use – not for distribute on Internet
1. 10BASE5 Architecture Example

2. Characteristics of 10Base5 technology ( Thick Coax Cable )

7.1.3 10Base2
This page covers 10BASE2, which was introduced in 1985.
Installation was easier because of its smaller size, lighter weight, and greater flexibility. 10BASE2 still exists
in legacy networks. Like 10BASE5, it is no longer recommended for network installations. It has a low cost
and does not require hubs.
10BASE2 also uses Manchester encoding. Computers on a 10BASE2 LAN are linked together by an unbroken
series of coaxial cable lengths. These lengths are attached to a T-shaped connector on the NIC with BNC
connectors.
10BASE2 has a stranded central conductor. Each of the maximum five segments of thin coaxial cable may be
up to 185 m (607 ft) long and each station is connected directly to the BNC T-shaped connector on the coaxial
cable.
Only one station can transmit at a time or a collision will occur. 10BASE2 also uses half-duplex. The
maximum transmission rate of 10BASE2 is 10 Mbps.
There may be up to 30 stations on a 10BASE2 segment. Only three out of five consecutive segments between
any two stations can be populated. -1-

171
Only for individual use – not for distribute on Internet
1. 10BASE2 Network Design Limits

2. Characteristics of 10Base2 technology ( Thin Coax Cable with BNC )

7.1.4 10 Base-T
This page covers 10BASE-T, which was introduced in 1990.
10BASE-T used cheaper and easier to install Category 3 UTP copper cable instead of coax cable. The cable
plugged into a central connection device that contained the shared bus. This device was a hub. It was at the
center of a set of cables that radiated out to the PCs like the spokes on a wheel. This is referred to as a star
topology. As additional stars were added and the cable distances grew, this formed an extended star topology.
Originally 10BASE-T was a half-duplex protocol, but full-duplex features were added later. The explosion in
the popularity of Ethernet in the mid-to-late 1990s was when Ethernet came to dominate LAN technology.
10BASE-T also uses Manchester encoding. A 10BASE-T UTP cable has a solid conductor for each wire. The
maximum cable length is 90 m (295 ft). UTP cable uses eight-pin RJ-45 connectors. Though Category 3
cable is adequate for 10BASE-T networks, new cable installations should be made with Category 5e or better.
All four pairs of wires should be used either with the T568-A or T568-B cable pinout arrangement. This type
of cable installation supports the use of multiple protocols without the need to rewire. Figure -1- shows the
pinout arrangement for a 10BASE-T connection. The pair that transmits data on one device is connected to the
pair that receives data on the other device.
Half duplex or full duplex is a configuration choice. 10BASE-T carries 10 Mbps of traffic in half-duplex mode
and 20 Mbps in full-duplex mode
172
Only for individual use – not for distribute on Internet
1. 10Base-T Modular Jack Pinout

2. Characteristics of 10Base2 technology CAT5 UTP Cable with RJ-45 connector )

7.1.5 10BASE-T wiring and architecture


This page explains the wiring and architecture of 10BASE-T.
A 10BASE-T link generally connects a station to a hub or switch. Hubs are multi-port repeaters and count
toward the limit on repeaters between distant stations. Hubs do not divide network segments into separate
collision domains. Bridges and switches divide segments into separate collision domains. The maximum
distance between bridges and switches is based on media limitations.
Although hubs may be linked, it is best to avoid this arrangement. A network with linked hubs may exceed the
limit for maximum delay between stations. Multiple hubs should be arranged in hierarchical order like a tree
structure. Performance is better if fewer repeaters are used between stations.
An architectural example is shown in Figure -1-. The distance from one end of the network to the other places
the architecture at its limit. The most important aspect to consider is how to keep the delay between distant
stations to a minimum, regardless of the architecture and media types involved. A shorter maximum delay will
provide better overall performance.
10BASE-T links can have unrepeated distances of up to 100 m (328 ft). While this may seem like a long
distance, it is typically maximized when wiring an actual building. Hubs can solve the distance issue but will
allow collisions to propagate. The widespread introduction of switches has made the distance limitation less
important. If workstations are located within 100 m (328 ft) of a switch, the 100-m distance starts over at the
switch.

173
Only for individual use – not for distribute on Internet
1. 10BASE-T Repeated Network Design Limits

7.1.6 100-Mbps Ethernet


This page will discuss 100-Mbps Ethernet, which is also known as Fast Ethernet. The two technologies that
have become important are 100BASE-TX, which is a copper UTP medium and 100BASE-FX, which is a
multimode optical fiber medium.
Three characteristics common to 100BASE-TX and 100BASE-FX are the timing parameters, the frame format,
and parts of the transmission process. 100BASE-TX and 100BASE-FX both share timing parameters. Note
that one bit time at 100-Mbps = 10 ns = .01 microseconds = 1 100-millionth of a second. -1-
The 100-Mbps frame format is the same as the 10-Mbps frame. -2-
Fast Ethernet is ten times faster than 10BASE-T. The bits that are sent are shorter in duration and occur more
frequently. These higher frequency signals are more susceptible to noise. In response to these issues, two
separate encoding steps are used by 100-Mbps Ethernet. The first part of the encoding uses a technique called
4B/5B, the second part of the encoding is the actual line encoding specific to copper or fiber.

1. Parameters for 100 Mbps Ethernet Operation

2. Ethernet Frame

174
Only for individual use – not for distribute on Internet
7.1.7 100BASE-TX
This page will describe 100BASE-TX.
In 1995, 100BASE-TX was the standard, using Category 5 UTP cable, which became commercially
successful.
The original coaxial Ethernet used half-duplex transmission so only one device could transmit at a time. In
1997, Ethernet was expanded to include a full-duplex capability that allowed more than one PC on a network
to transmit at the same time. Switches replaced hubs in many networks. These switches had full-duplex
capabilities and could handle Ethernet frames quickly.
100BASE-TX uses 4B/5B encoding, which is then scrambled and converted to Multi-Level Transmit (MLT-3)
encoding. Figure -1- shows four waveform examples. The top waveform has no transition in the center of the
timing window. No transition indicates a binary zero. The second waveform shows a transition in the center of
the timing window. A transition represents a binary one. The third waveform shows an alternating binary
sequence. The fourth wavelength shows that signal changes indicate ones and horizontal lines indicate zeros.
Figure -2- shows the pinout for a 100BASE-TX connection. Notice that the two separate transmit-receive paths
exist. This is identical to the 10BASE-T configuration.
100BASE-TX carries 100 Mbps of traffic in half-duplex mode. In full-duplex mode, 100BASE-TX can
exchange 200 Mbps of traffic. The concept of full duplex will become more important as Ethernet speeds
increase.

1. MLT-3 Encoding Examples

2. 100Base-T Modular Jack Pinout

175
Only for individual use – not for distribute on Internet
7.1.8 100BASE-FX
This page covers 100BASE-FX.
When copper-based Fast Ethernet was introduced, a fiber version was also desired. A fiber version could be
used for backbone applications, connections between floors, buildings where copper is less desirable, and
also in high-noise environments. 100BASE-FX was introduced to satisfy this desire. However, 100BASE-FX
was never adopted successfully. This was due to the introduction of Gigabit Ethernet copper and fiber
standards. Gigabit Ethernet standards are now the dominant technology for backbone installations, high-speed
cross-connects, and general infrastructure needs.
The timing, frame format, and transmission are the same in both copper and fiber versions of 100-Mbps
Fast Ethernet. 100BASE-FX, however, uses NRZI encoding, which is shown in Figure -1- . The top
waveform has no transition, which indicates a binary 0. In the second waveform, the transition in the center of
the timing window indicates a binary 1. In the third waveform, there is an alternating binary sequence. In the
third and fourth waveforms it is more obvious that no transition indicates a binary zero and the presence of a
transition is a binary one.
Figure -2- summarizes a 100BASE-FX link and pinouts. A fiber pair with either ST or SC connectors is
most commonly used.
The separate Transmit (Tx) and Receive (Rx) paths in 100BASE-FX optical fiber allow for 200-Mbps
transmission.

1. NRZI Encoding Examples

2. 100BASE-FX Pinout ( Fiber Optic Cable )

7.1.9 Fast Ethernet architecture


This page describes the architecture of Fast Ethernet.
Fast Ethernet links generally consist of a connection between a station and a hub or switch. Hubs are
considered multi-port repeaters and switches are considered multi-port bridges. These are subject to the 100-m
(328 ft) UTP media distance limitation.
A Class I repeater may introduce up to 140 bit-times latency. Any repeater that changes between one Ethernet
implementation and another is a Class I repeater. A Class II repeater is restricted to smaller timing delays, 92
176
Only for individual use – not for distribute on Internet
bit times, because it immediately repeats the incoming signal to all other ports without a translation process. To
achieve a smaller timing delay, Class II repeaters can only connect to segment types that use the same
signaling technique.
As with 10-Mbps versions, it is possible to modify some of the architecture rules for 100-Mbps versions.
Modification of the architecture rules is strongly discouraged for 100BASE-TX. 100BASE-TX cable between
Class II repeaters may not exceed 5 m (16 ft). Links that operate in half duplex are not uncommon in Fast
Ethernet. However, half duplex is undesirable because the signaling scheme is inherently full duplex.
Figure -1- shows architecture configuration cable distances. 100BASE-TX links can have unrepeated distances
up to 100 m. Switches have made this distance limitation less important. Most Fast Ethernet implementations
are switched.

1. Example of Architecture Configuration and Cable Distances……..( IMPORTANT )

7.2 Gigabit and 10-Gigabit Ethernet


7.2.1 1000-Mbps Ethernet
This page covers the 1000-Mbps Ethernet or Gigabit Ethernet standards. These standards specify both fiber
and copper media for data transmissions. -1- The 1000BASE-T standard, IEEE 802.3ab, uses Category 5, or
higher, balanced copper cabling. The 1000BASE-X standard, IEEE 802.3z, specifies 1 Gbps full duplex over
optical fiber.
1000BASE-TX, 1000BASE-SX, and 1000BASE-LX use the same timing parameters, as shown in Figure -2-.
They use a 1 ns, 0.000000001 of a second, or 1 billionth of a second bit time. The Gigabit Ethernet frame has
the same format as is used for 10 and 100-Mbps Ethernet. Some implementations of Gigabit Ethernet may use
different processes to convert frames to bits on the cable. Figure -3- shows the Ethernet frame fields.
The differences between standard Ethernet, Fast Ethernet and Gigabit Ethernet occur at the physical layer. Due
to the increased speeds of these newer standards, the shorter duration bit times require special considerations.
Since the bits are introduced on the medium for a shorter duration and more often, timing is critical. This high-
speed transmission requires higher frequencies. This causes the bits to be more susceptible to noise on
copper media.
These issues require Gigabit Ethernet to use two separate encoding steps. Data transmission is more efficient
when codes are used to represent the binary bit stream. The encoded data provides synchronization, efficient
usage of bandwidth, and improved signal-to-noise ratio characteristics.

177
Only for individual use – not for distribute on Internet
At the physical layer, the bit patterns from the MAC layer are converted into symbols. The symbols may also
be control information such as start frame, end frame, and idle conditions on a link. The frame is coded into
control symbols and data symbols to increase in network throughput.
Fiber-based Gigabit Ethernet, or 1000BASE-X, uses 8B/10B encoding, which is similar to the 4B/5B concept.
This is followed by the simple nonreturn to zero (NRZ) line encoding of light on optical fiber. This encoding
process is possible because the fiber medium can carry higher bandwidth signals.

1. Types of Ethernet

2. Parameters for GIGABIT Ethernet Operation

3. Ethernet Frame

7.2.2 1000BASE-T
This page will describe 1000BASE-T.
As Fast Ethernet was installed to increase bandwidth to workstations, this began to create bottlenecks upstream
in the network. The 1000BASE-T standard, which is IEEE 802.3ab, was developed to provide additional
bandwidth to help alleviate these bottlenecks. It provided more throughput for devices such as intra-building
backbones, inter-switch links, server farms, and other wiring closet applications as well as connections for
high-end workstations. Fast Ethernet was designed to function over Category 5 copper cable that passes the
Category 5e test. Most installed Category 5 cable can pass the Category 5e certification if properly terminated.
It is important for the 1000BASE-T standard to be interoperable with 10BASE-T and 100BASE-TX.
Since Category 5e cable can reliably carry up to 125 Mbps of traffic, 1000 Mbps or 1 Gigabit of bandwidth
was a design challenge. The first step to accomplish 1000BASE-T is to use all four pairs of wires instead of the
178
Only for individual use – not for distribute on Internet
traditional two pairs of wires used by 10BASE-T and 100BASE-TX. This requires complex circuitry that
allows full-duplex transmissions on the same wire pair. This provides 250 Mbps per pair. With all four-wire
pairs, this provides the desired 1000 Mbps. Since the information travels simultaneously across the four paths,
the circuitry has to divide frames at the transmitter and reassemble them at the receiver.
The 1000BASE-T encoding with 4D-PAM5 line encoding is used on Category 5e, or better, UTP. That means
the transmission and reception of data happens in both directions on the same wire at the same time. As might
be expected, this results in a permanent collision on the wire pairs. These collisions result in complex voltage
patterns. With the complex integrated circuits using techniques such as echo cancellation, Layer 1 Forward
Error Correction (FEC), and prudent selection of voltage levels, the system achieves the 1-Gigabit throughput.
In idle periods there are nine voltage levels found on the cable, and during data transmission periods there are
17 voltage levels found on the cable. -1- With this large number of states and the effects of noise, the signal on
the wire looks more analog than digital. Like analog, the system is more susceptible to noise due to cable and
termination problems.
The data from the sending station is carefully divided into four parallel streams, encoded, transmitted and
detected in parallel, and then reassembled into one received bit stream. Figure -2- represents the simultaneous
full duplex on four-wire pairs. 1000BASE-T supports both half-duplex as well as full-duplex operation. The
use of full-duplex 1000BASE-T is widespread.

1. Outbond ( Tx ) 1000BASE-T signal

2. Actual 1000BASE-T Signal Transmission

179
Only for individual use – not for distribute on Internet
7.2.3 1000BASE-SX and LX
This page will discuss single-mode and multimode optical fiber.
The IEEE 802.3 standard recommends that Gigabit Ethernet over fiber be the preferred backbone technology. -
-1-
The timing, frame format, and transmission are common to all versions of 1000 Mbps. Two signal-encoding
schemes are defined at the physical layer. -2- The 8B/10B scheme is used for optical fiber and shielded copper
media, and the pulse amplitude modulation 5 (PAM5) is used for UTP.
1000BASE-X uses 8B/10B encoding converted to non-return to zero (NRZ) line encoding. NRZ encoding
relies on the signal level found in the timing window to determine the binary value for that bit period. Unlike
most of the other encoding schemes described, this encoding system is level driven instead of edge driven.
That is the determination of whether a bit is a zero or a one is made by the level of the signal rather than when
the signal changes levels.
The NRZ signals are then pulsed into the fiber using either short-wavelength or long-wavelength light sources.
The short-wavelength uses an 850 nm laser or LED source in multimode optical fiber (1000BASE-SX). It is
the lower-cost of the options but has shorter distances. The long-wavelength 1310 nm laser source uses either
single-mode or multimode optical fiber (1000BASE-LX). Laser sources used with single-mode fiber can
achieve distances of up to 5000 meters. Because of the length of time to completely turn the LED or laser on
and off each time, the light is pulsed using low and high power. A logic zero is represented by low power, and
a logic one by high power.
The Media Access Control method treats the link as point-to-point. Since separate fibers are used for
transmitting (Tx) and receiving (Rx) the connection is inherently full duplex. Gigabit Ethernet permits only
a single repeater between two stations. Figure -3- is a 1000BASE Ethernet media comparison chart.

1. Benefits of Gigabit Ethernet on Fiber

2. Gigabit Ethernet Layer

180
Only for individual use – not for distribute on Internet
3. Gigabit Ethernet Media Comparison …( IMPORTANT )

4. Gigabit Ethernet on a Fiber that are true

7.2.4 Gigabit Ethernet architecture


This page will discuss the architecture of Gigabit Ethernet.
The distance limitations of full-duplex links are only limited by the medium, and not the round-trip
delay. Since most Gigabit Ethernet is switched, the values in Figures -1- and -2- are the practical limits between
devices. Daisy-chaining, star, and extended star topologies are all allowed. The issue then becomes one of
logical topology and data flow, not timing or distance limitations.
A 1000BASE-T UTP cable is the same as 10BASE-T and 100BASE-TX cable, except that link performance
must meet the higher quality Category 5e or ISO Class D (2000) requirements.
Modification of the architecture rules is strongly discouraged for 1000BASE-T. At 100 meters, 1000BASE-T
is operating close to the edge of the ability of the hardware to recover the transmitted signal. Any cabling
problems or environmental noise could render an otherwise compliant cable inoperable even at distances that
are within the specification.
It is recommended that all links between a station and a hub or switch be configured for Auto-
Negotiation to permit the highest common performance. This will avoid accidental misconfiguration of the
other required parameters for proper Gigabit Ethernet operation.

181
Only for individual use – not for distribute on Internet
1. Maximum 1000BASE-SX Cable Distances….. ( IMPORTANT )

2. Maximum 1000BASE-LX Cable Distances….. ( IMPORTANT )

7.2.5 10-Gigabit Ethernet


This page will describe 10-Gigabit Ethernet and compare it to other versions of Ethernet.
IEEE 802.3ae was adapted to include 10 Gbps full-duplex transmission over fiber optic cable. The basic
similarities between 802.3ae and 802.3, the original Ethernet are remarkable. This 10-Gigabit Ethernet
(10GbE) is evolving for not only LANs, but also MANs, and WANs.
With the frame format and other Ethernet Layer 2 specifications compatible with previous standards, 10GbE
can provide increased bandwidth needs that are interoperable with existing network infrastructure.
A major conceptual change for Ethernet is emerging with 10GbE. Ethernet is traditionally thought of as a LAN
technology, but 10GbE physical layer standards allow both an extension in distance to 40 km over single-mode
fiber and compatibility with synchronous optical network (SONET) and synchronous digital hierarchy (SDH)
networks. Operation at 40 km distance makes 10GbE a viable MAN technology. Compatibility with
SONET/SDH networks operating up to OC-192 speeds (9.584640 Gbps) make 10GbE a viable WAN
technology. 10GbE may also compete with ATM for certain applications.
To summarize, how does 10GbE compare to other varieties of Ethernet? -1-
 Frame format is the same, allowing interoperability between all varieties of legacy, fast, gigabit,
and 10 gigabit, with no reframing or protocol conversions.
 Bit time is now 0.1 nanoseconds. All other time variables scale accordingly.
 Since only full-duplex fiber connections are used, CSMA/CD is not necessary.
 The IEEE 802.3 sublayers within OSI Layers 1 and 2 are mostly preserved, with a few additions
to accommodate 40 km fiber links and interoperability with SONET/SDH technologies.
 Flexible, efficient, reliable, relatively low cost end-to-end Ethernet networks become possible.
 TCP/IP can run over LANs, MANs, and WANs with one Layer 2 transport method.
The basic standard governing CSMA/CD is IEEE 802.3. An IEEE 802.3 supplement, entitled 802.3ae, governs
the 10GbE family. As is typical for new technologies, a variety of implementations are being considered,
including:
 10GBASE-SR – Intended for short distances over already-installed multimode fiber, supports a range
between 26 m to 82 m
 10GBASE-LX4 – Uses wavelength division multiplexing (WDM), supports 240 m to 300 m over
already-installed multimode fiber and 10 km over single-mode fiber
 10GBASE-LR and 10GBASE-ER – Support 10 km and 40 km over single-mode fiber

182
Only for individual use – not for distribute on Internet
 10GBASE-SW, 10GBASE-LW, and 10GBASE-EW – Known collectively as 10GBASE-W, intended
to work with OC-192 synchronous transport module SONET/SDH WAN equipment
The IEEE 802.3ae Task force and the 10-Gigabit Ethernet Alliance (10 GEA) are working to standardize these
emerging technologies.
10-Gbps Ethernet (IEEE 802.3ae) was standardized in June 2002. It is a full-duplex protocol that uses only
optic fiber as a transmission medium. The maximum transmission distances depend on the type of fiber
being used. When using single-mode fiber as the transmission medium, the maximum transmission distance
is 40 kilometers (25 miles). Some discussions between IEEE members have begun that suggest the possibility
of standards for 40, 80, and even 100-Gbps Ethernet.
1. Parameters for 10-Gbps Ethernet Operation

7.2.6 10-Gigabit Ethernet architectures


This page describes the 10-Gigabit Ethernet architectures.
As with the development of Gigabit Ethernet, the increase in speed comes with extra requirements. The shorter
bit time duration because of increased speed requires special considerations. For 10 GbE transmissions, each
data bit duration is 0.1 nanosecond. This means there would be 1,000 GbE data bits in the same bit time as one
data bit in a 10-Mbps Ethernet data stream. Because of the short duration of the 10 GbE data bit, it is often
difficult to separate a data bit from noise. 10 GbE data transmissions rely on exact bit timing to separate the
data from the effects of noise on the physical layer. This is the purpose of synchronization.
In response to these issues of synchronization, bandwidth, and Signal-to-Noise Ratio, 10-Gigabit Ethernet uses
two separate encoding steps. By using codes to represent the user data, transmission is made more efficient.
The encoded data provides synchronization, efficient usage of bandwidth, and improved Signal-to-Noise Ratio
characteristics.
Complex serial bit streams are used for all versions of 10GbE except for 10GBASE-LX4, which uses Wide
Wavelength Division Multiplex (WWDM) to multiplex four bit simultaneous bit streams as four wavelengths
of light launched into the fiber at one time.
Figure -1- represents the particular case of using four slightly different wavelength, laser sources. Upon receipt
from the medium, the optical signal stream is demultiplexed into four separate optical signal streams. The four
optical signal streams are then converted back into four electronic bit streams as they travel in approximately
the reverse process back up through the sublayers to the MAC layer.
Currently, most 10GbE products are in the form of modules, or line cards, for addition to high-end switches
and routers. As the 10GbE technologies evolve, an increasing diversity of signaling components can be
expected. As optical technologies evolve, improved transmitters and receivers will be incorporated into these
products, taking further advantage of modularity. All 10GbE varieties use optical fiber media. Fiber types
183
Only for individual use – not for distribute on Internet
include 10µ single-mode Fiber, and 50µ and 62.5µ multimode fibers. A range of fiber attenuation and
dispersion characteristics is supported, but they limit operating distances.
Even though support is limited to fiber optic media, some of the maximum cable lengths are surprisingly short.
-2- No repeater is defined for 10-Gigabit Ethernet since half duplex is explicitly not supported.
As with 10 Mbps, 100 Mbps and 1000 Mbps versions, it is possible to modify some of the architecture rules
slightly. Possible architecture adjustments are related to signal loss and distortion along the medium. Due to
dispersion of the signal and other issues the light pulse becomes undecipherable beyond certain distances.

1. 10GBASE-LX4 Signal Multiplexing

2. 10-Gigabit Ethernet Implementation

7.2.7 Future of Ethernet


This page will teach students about the future of Ethernet.
Ethernet has gone through an evolution from Legacy —> Fast —> Gigabit —> MultiGigabit technologies.
While other LAN technologies are still in place (legacy installations), Ethernet dominates new LAN
installations. So much so that some have referred to Ethernet as the LAN ―dial tone‖. Ethernet is now the

184
Only for individual use – not for distribute on Internet
standard for horizontal, vertical, and inter-building connections. Recently developing versions of Ethernet are
blurring the distinction between LANs, MANs, and WANs. -1-
While 1-Gigabit Ethernet is now widely available and 10-Gigabit products becoming more available, the IEEE
and the 10-Gigabit Ethernet Alliance are working on 40, 100, or even 160 Gbps standards. The technologies
that are adopted will depend on a number of factors, including the rate of maturation of the technologies and
standards, the rate of adoption in the market, and cost.
Proposals for Ethernet arbitration schemes other than CSMA/CD have been made. The problem of collisions
with physical bus topologies of 10BASE5 and 10BASE2 and 10BASE-T and 100BASE-TX hubs is no longer
common. Using UTP and optical fiber with separate Tx and Rx paths, and the decreasing costs of switches
make single shared media, half-duplex media connections much less important.
The future of networking media is three-fold:
Copper (up to 1000 Mbps, perhaps more)
Wireless (approaching 100 Mbps, perhaps more)
Optical fiber (currently at 10,000 Mbps and soon to be more)
Copper and wireless media have certain physical and practical limitations on the highest frequency signals that
can be transmitted. This is not a limiting factor for optical fiber in the foreseeable future. The bandwidth
limitations on optical fiber are extremely large and are not yet being threatened. In fiber systems, it is the
electronics technology (such as emitters and detectors) and fiber manufacturing processes that most limit the
speed. Upcoming developments in Ethernet are likely to be heavily weighted towards Laser light sources and
single-mode optical fiber.
When Ethernet was slower, half-duplex, subject to collisions and a ―democratic‖ process for prioritization, was
not considered to have the Quality of Service (QoS) capabilities required to handle certain types of traffic. This
included such things as IP telephony and video multicast.
The full-duplex high-speed Ethernet technologies that now dominate the market are proving to be sufficient at
supporting even QoS-intensive applications. This makes the potential applications of Ethernet even wider.
Ironically end-to-end QoS capability helped drive a push for ATM to the desktop and to the WAN in the mid-
1990s, but now it is Ethernet, not ATM that is approaching this goal.

1. The Expanding Scope of Ethernet

185
Only for individual use – not for distribute on Internet
Summary

This page summarizes the topics discussed in this module.


Ethernet is a technology that has increased in speed one thousand times, from 10 Mbps to 10,000 Mbps, in less
than a decade. All forms of Ethernet share a similar frame structure and this leads to excellent interoperability.
Most Ethernet copper connections are now switched full duplex, and the fastest copper-based Ethernet is
1000BASE-T, or Gigabit Ethernet. 10 Gigabit Ethernet and faster are exclusively optical fiber-based
technologies.
10BASE5, 10BASE2, and 10BASE-T Ethernet are considered Legacy Ethernet. The four common features of
Legacy Ethernet are timing parameters, frame format, transmission process, and a basic design rule.
Legacy Ethernet encodes data on an electrical signal. The form of encoding used in 10 Mbps systems is called
Manchester encoding. Manchester encoding uses a change in voltage to represent the binary numbers zero and
one. An increase or decrease in voltage during a timed period, called the bit period, determines the binary value
of the bit.
In addition to a standard bit period, Ethernet standards set limits for slot time and interframe spacing. Different
types of media can affect transmission timing and timing standards ensure interoperability. 10 Mbps Ethernet
operates within the timing limits offered by a series of no more than five segments separated by no more than
four repeaters.
A single thick coaxial cable was the first medium used for Ethernet. 10BASE2, using a thinner coax cable, was
introduced in 1985. 10BASE-T, using twisted-pair copper wire, was introduced in 1990. Because it used
multiple wires 10BASE-T offered the option of full-duplex signaling. 10BASE-T carries 10 Mbps of traffic in
half-duplex mode and 20 Mbps in full-duplex mode.
10BASE-T links can have unrepeated distances up to 100 m. Beyond that network devices such as repeaters,
hub, bridges and switches are used to extend the scope of the LAN. With the advent of switches, the 4-repeater
rule is not so relevant. You can extend the LAN indefinitely by daisy-chaining switches. Each switch-to-switch
connection, with maximum length of 100m, is essentially a point-to-point connection without the media
contention or timing issues of using repeaters and hubs.
100-Mbps Ethernet, also known as Fast Ethernet, can be implemented using twisted-pair copper wire, as in
100BASE-TX, or fiber media, as in 100BASE-FX. 100 Mbps forms of Ethernet can transmit 200 Mbps in full
duplex.
Because the higher frequency signals used in Fast Ethernet are more susceptible to noise, two separate
encoding steps are used by 100-Mbps Ethernet to enhance signal integrity.
Gigabit Ethernet over copper wire is accomplished by the following:
 Category 5e UTP cable and careful improvements in electronics are used to boost 100 Mbps per wire
pair to 125 Mbps per wire pair.
 All four wire pairs instead of just two. This allows 125 Mbps per wire pair, or 500 Mbps for the four
wire pairs.
 Sophisticated electronics allow permanent collisions on each wire pair and run signals in full duplex,
doubling the 500 Mbps to 1000 Mbps.
On Gigabit Ethernet networks bit signals occur in one tenth of the time of 100 Mbps networks and 1/100 of the
time of 10 Mbps networks. With signals occurring in less time the bits become more susceptible to noise. The
issue becomes how fast the network adapter or interface can change voltage levels to signal bits and still be
detected reliably one hundred meters away at the receiving NIC or interface. At this speed encoding and
decoding data becomes even more complex.
The fiber versions of Gigabit Ethernet, 1000BASE-SX and 1000BASE-LX offer the following advantages:
noise immunity, small size, and increased unrepeated distances and bandwidth. The IEEE 802.3 standard
recommends that Gigabit Ethernet over fiber be the preferred backbone technology

186
Only for individual use – not for distribute on Internet
8 CISCO MODUL 8
8.1 Ethernet Switching
Overview
Shared Ethernet works extremely well under ideal conditions. If the number of devices that try to access the
network is low, the number of collisions stays well within acceptable limits. However, when the number of
users on the network increases, the number of collisions can significantly reduce performance. Bridges were
developed to help correct performance problems that arose from increased collisions. Switches evolved from
bridges to become the main technology in modern Ethernet LANs.
Collisions and broadcasts are expected events in modern networks. They are engineered into the design of
Ethernet and higher layer technologies. However, when collisions and broadcasts occur in numbers that are
above the optimum, network performance suffers. Collision domains and broadcast domains should be
designed to limit the negative effects of collisions and broadcasts. This module explores the effects of
collisions and broadcasts on network traffic and then describes how bridges and routers are used to segment
networks for improved performance.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -2-, -3-, -4-.
Students who complete this module should be able to perform the following tasks: -1-
 Define bridging and switching
 Define and describe the content-addressable memory (CAM) table
 Define latency
 Describe store-and-forward and cut-through packet switching modes
 Explain Spanning-Tree Protocol (STP)
 Define collisions, broadcasts, collision domains, and broadcast domains
 Identify the Layers 1, 2, and 3 devices used to create collision domains and broadcast domains
 Discuss data flow and problems with broadcasts
 Explain network segmentation and list the devices used to create segments

1. Ethernet Switching

2. CCNA 604-801 Exam

187
Only for individual use – not for distribute on Internet

3. ICND 604-811 Exam

4. INTRO 604-821 Exam

8.1.1 Layer 2 bridging


This page will discuss the operation of Layer 2 bridges.
As more nodes are added to an Ethernet segment, use of the media increases. Ethernet is a shared media, which
means only one node can transmit data at a time. The addition of more nodes increases the demands on the
available bandwidth and places additional loads on the media. This also increases the probability of collisions,
which results in more retransmissions. A solution to the problem is to break the large segment into parts and
separate it into isolated collision domains.
188
Only for individual use – not for distribute on Internet
To accomplish this a bridge keeps a table of MAC addresses and the associated ports. The bridge then
forwards or discards frames based on the table entries. The following steps illustrate the operation of a
bridge: -1-
 The bridge has just been started so the bridge table is empty. The bridge just waits for traffic on the
segment. When traffic is detected, it is processed by the bridge.
 Host A pings Host B. Since the data is transmitted on the entire collision domain segment, both the
bridge and Host B process the packet.
 The bridge adds the source address of the frame to its bridge table. Since the address was in the source
address field and the frame was received on Port 1, the frame must be associated with Port 1 in the
table.
 The destination address of the frame is checked against the bridge table. Since the address is not in the
table, even though it is on the same collision domain, the frame is forwarded to the other segment. The
address of Host B has not been recorded yet.
 Host B processes the ping request and transmits a ping reply back to Host A. The data is transmitted
over the whole collision domain. Both Host A and the bridge receive the frame and process it.
 The bridge adds the source address of the frame to its bridge table. Since the source address was not in
the bridge table and was received on Port 1, the source address of the frame must be associated with
Port 1 in the table.
 The destination address of the frame is checked against the bridge table to see if its entry is there. Since
the address is in the table, the port assignment is checked. The address of Host A is associated with the
port the frame was received on, so the frame is not forwarded.
 Host A pings Host C. Since the data is transmitted on the entire collision domain segment, both the
bridge and Host B process the frame. Host B discards the frame since it was not the intended
destination.
 The bridge adds the source address of the frame to its bridge table. Since the address is already entered
into the bridge table the entry is just renewed.
 The destination address of the frame is checked against the bridge table. Since the address is not in the
table, the frame is forwarded to the other segment. The address of Host C has not been recorded yet.
 Host C processes the ping request and transmits a ping reply back to Host A. The data is transmitted
over the whole collision domain. Both Host D and the bridge receive the frame and process it. Host D
discards the frame since it is not the intended destination.
 The bridge adds the source address of the frame to its bridge table. Since the address was in the source
address field and the frame was received on Port 2, the frame must be associated with Port 2 in the
table.
 The destination address of the frame is checked against the bridge table to see if its entry is present. The
address is in the table but it is associated with Port 1, so the frame is forwarded to the other segment.
 When Host D transmits data, its MAC address will also be recorded in the bridge table. This is how the
bridge controls traffic between to collision domains.
These are the steps that a bridge uses to forward and discard frames that are received on any of its
ports.

1. Bridge Operation ( Learning where are MAC address )

189
Only for individual use – not for distribute on Internet

8.1.2 Layer 2 switching ( look to source address )


This page will discuss Layer 2 switches.
Generally, a bridge has only two ports and divides a collision domain into two parts. All decisions made by a
bridge are based on MAC or Layer 2 addresses and do not affect the logical or Layer 3 addresses. A bridge
will divide a collision domain but has no effect on a logical or broadcast domain. If a network does not
have a device that works with Layer 3 addresses, such as a router, the entire network will share the same
logical broadcast address space. A bridge will create more collision domains but will not add broadcast
domains. -1-
A switch is essentially a fast, multi-port bridge that can contain dozens of ports. Each port creates its own
collision domain. In a network of 20 nodes, 20 collision domains exist if each node is plugged into its own
switch port. If an uplink port is included, one switch creates 21 single-node collision domains. A switch
dynamically builds and maintains a content-addressable memory (CAM) table, which holds all of the
necessary MAC information for each port.

1. Bridges

190
Only for individual use – not for distribute on Internet
8.1.3 Switch operation
This page describes the operation of a switch.
A switch is simply a bridge with many ports. When only one node is connected to a switch port, the collision
domain on the shared media contains only two nodes. The two nodes in this small segment, or collision
domain, consist of the switch port and the host connected to it. These small physical segments are called
microsegments. -1- Another capability emerges when only two nodes are connected. In a network that uses
twisted-pair cabling, one pair is used to carry the transmitted signal from one node to the other node. A
separate pair is used for the return or received signal. It is possible for signals to pass through both pairs
simultaneously. The ability to communicate in both directions at once is known as full duplex. -2- Most
switches are capable of supporting full duplex, as are most NICs. In full duplex mode, there is no contention
for the media. A collision domain no longer exists. In theory, the bandwidth is doubled when full duplex is
used.
In addition to faster microprocessors and memory, two other technological advances made switches possible.
CAM is memory that works backward compared to conventional memory. When data is entered into the
memory it will return the associated address. CAM allows a switch to find the port that is associated with a
MAC address without search algorithms. An application-specific integrated circuit or ASIC comprises an
integrated circuit (IC) with functionality customized for a particular use (equipment or project), rather than
serving for general-purpose use. An ASIC allows some software operations to be done in hardware. These
technologies greatly reduced the delays caused by software processes and enabled a switch to keep up with the
data demands of many microsegments and high bit rates.

1. Switch Operation

2. Full Duplex

191
Only for individual use – not for distribute on Internet
8.1.4 Latency
This page will discuss some situations that cause latency.
Latency is the delay between the time a frame begins to leave the source device and when the first part of the
frame reaches its destination. -1- A variety of conditions can cause delays:
 Media delays may be caused by the finite speed that signals can travel through the physical media.
 Circuit delays may be caused by the electronics that process the signal along the path.
 Software delays may be caused by the decisions that software must make to implement switching and
protocols.
 Delays may be caused by the content of the frame and the location of the frame switching decisions.
For example, a device cannot route a frame to a destination until the destination MAC address has been
read. -1-
1. Network Latency

8.1.5 Switch modes


This page will introduce the three switch modes.
How a frame is switched to the destination port is a trade off between latency and reliability. A switch can
start to transfer the frame as soon as the destination MAC address is received. This is called cut-through
packet switching and results in the lowest latency through the switch. -1- However, no error checking is
available. The switch can also receive the entire frame before it is sent to the destination port. This gives the
switch software an opportunity to verify the Frame Check Sequence (FCS). If the frame is invalid, it is
discarded at the switch. Since the entire frame is stored before it is forwarded, this is called store-and-
forward packet switching. -2- A compromise between cut-through and store-and-forward packet switching is
the fragment-free mode. Fragment-free packet switching reads the first 64 bytes, which includes the frame
header, and starts to send out the packet before the entire data field and checksum are read. This mode verifies
the reliability of the addresses and LLC protocol information to ensure the data will be handled properly and
arrive at the correct destination.
When cut-through packet switching is used, the source and destination ports must have the same bit rate to
keep the frame intact. This is called symmetric switching. If the bit rates are not the same, the frame must be
stored at one bit rate before it is sent out at the other bit rate. This is known as asymmetric switching. Store-
and-forward mode must be used for asymmetric switching.
Asymmetric switching provides switched connections between ports with different bandwidths. Asymmetric
switching is optimized for client/server traffic flows in which multiple clients communicate with a server at
once. More bandwidth must be dedicated to the server port to prevent a bottleneck.

192
Only for individual use – not for distribute on Internet
1. Cut-Trough 2. Store and Forward

8.1.6 Spanning-Tree Protocol


This page will introduce STP.
When multiple switches are arranged in a simple hierarchical tree, switching loops are unlikely to occur.
However, switched networks are often designed with redundant paths to provide for reliability and fault
tolerance. -1- Redundant paths are desirable but they can have undesirable side effects such as switching loops.
Switching loops are one such side effect. Switching loops can occur by design or by accident, and they can
lead to broadcast storms that will rapidly overwhelm a network. STP is a standards-based protocol that is used
to avoid switching loops. Each switch in a LAN that uses STP sends messages called Bridge Protocol Data
Units (BPDUs) out all its ports to let other switches know of its existence. This information is used to elect a
root bridge for the network. The switches use the spanning-tree algorithm (STA) to resolve and shut down the
redundant paths.
Each port on a switch that uses STP exists in one of the following five states: -2-
 Blocking
 Listening
 Learning
 Forwarding
 Disabled
A port moves through these five states as follows:
 From initialization to blocking
 From blocking to listening or to disabled
 From listening to learning or to disabled

193
Only for individual use – not for distribute on Internet
 From learning to forwarding or to disabled
 From forwarding to disabled
STP is used to create a logical hierarchical tree with no loops. However, the alternate paths are still available if
necessary.
1. Spanning Tree Operation
ADVANTAGES: GOOD SECURITY
DISADVANTAGES: LOOP

2. STP States

8.2 Collision Domains and Broadcast Domains


8.2.1 Shared media environments
This page explains Layer 1 media and topologies to help students understand collisions and collision domains.
Here are some examples of shared media and directly connected networks: -1-
 Shared media environment – This occurs when multiple hosts have access to the same medium. For
example, if several PCs are attached to the same physical wire or optical fiber, they all share the same
media environment.
 Extended shared media environment – This is a special type of shared media environment in which
networking devices can extend the environment so that it can accommodate multiple access or longer
cable distances.
 Point-to-point network environment – This is widely used in dialup network connections and is most
common for home users. It is a shared network environment in which one device is connected to only
one other device. An example is a PC that is connected to an Internet service provider through a modem
and a phone line.
Collisions only occur in a shared environment. A highway system is an example of a shared environment in
which collisions can occur because multiple vehicles use the same roads. As more vehicles enter the system,
collisions become more likely. A shared data network is much like a highway. Rules exist to determine who
has access to the network medium. However, sometimes the rules cannot handle the traffic load and collisions
occur.
194
Only for individual use – not for distribute on Internet
1. Types of Network

8.2.2 Collision domains


This page will define collision domains. Collision domains are the connected physical network segments where
collisions can occur. -1- Collisions cause the network to be inefficient. Every time a collision happens on a
network, all transmission stops for a period of time. The length of this period of time varies and is determined
by a backoff algorithm for each network device.
The types of devices that interconnect the media segments define collision domains. -2- These devices have
been classified as OSI Layer 1, 2 or 3 devices. Layer 2 and Layer 3 devices break up collision domains.
This process is also known as segmentation.
Layer 1 devices such as repeaters and hubs are mainly used to extend the Ethernet cable segments. -3- This
allows more hosts to be added. However, every host that is added increases the amount of potential traffic on
the network. Layer 1 devices forward all data that is sent on the media. As more traffic is transmitted within a
collision domain, collisions become more likely. This results in diminished network performance, which will
be even more pronounced if all the computers use large amounts of bandwidth. Layer 1 devices can cause the
length of a LAN to be overextended and result in collisions.
The four repeater rule in Ethernet states that no more than four repeaters or repeating hubs can be between any
two computers on the network. -4- For a repeated 10BASE-T network to function properly, the round-trip delay
calculation must be within certain limits. This ensures that all the workstations will be able to hear all the
collisions on the network. Repeater latency, propagation delay, and NIC latency all contribute to the four
repeater rule. -5- If the four repeater rule is violated, the maximum delay limit may be exceeded. A late
collision is when a collision happens after the first 64 bytes of the frame are transmitted. The chipsets in NICs
are not required to retransmit automatically when a late collision occurs. These late collision frames add delay
that is referred to as consumption delay. As consumption delay and latency increase, network performance
decreases.
The 5-4-3-2-1 rule requires that the following guidelines should not be exceeded:
 Five segments of network media
 Four repeaters or hubs
 Three host segments of the network
 Two link sections with no hosts
 One large collision domain
The 5-4-3-2-1 rule also provides guidelines to keep round-trip delay time within acceptable limits.

195
Only for individual use – not for distribute on Internet
1. Collisions in Collision Domain

2. Collision Domain Segmentation ( II and III Layer is BREAK up Collision Domain ))

3. Increasing a Collision Domain

196
Only for individual use – not for distribute on Internet

4. Four Repeater Rule ( 5-4-3 )

5. Round Trip Delay Calculation

197
Only for individual use – not for distribute on Internet
8.2.3 Segmentation
This page will explain how Layer 2 and 3 devices are used to segment a network.
The history of how Ethernet handles collisions and collision domains dates back to research at the University
of Hawaii in 1970. In its attempts to develop a wireless communication system for the islands of Hawaii,
university researchers developed a protocol called Aloha. The Ethernet protocol is actually based on the Aloha
protocol.
One important skill for a networking professional is the ability to recognize collision domains. -1- A collision
domain is created when several computers are connected to a single shared-access medium that is not attached
to other network devices. This situation limits the number of computers that can use the segment. Layer 1
devices extend but do not control collision domains.
Layer 2 devices segment or divide collision domains. -2- They use the MAC address assigned to every Ethernet
device to control frame propagation. Layer 2 devices are bridges and switches. They keep track of the MAC
addresses and their segments. This allows these devices to control the flow of traffic at the Layer 2 level. This
function makes networks more efficient. It allows data to be transmitted on different segments of the LAN at
the same time without collisions. Bridges and switches divide collision domains into smaller parts. Each part
becomes its own collision domain.
These smaller collision domains will have fewer hosts and less traffic than the original domain. -3- The fewer
hosts that exist in a collision domain, the more likely the media will be available. If the traffic between bridged
segments is not too heavy a bridged network works well. Otherwise, the Layer 2 device can slow down
communication and become a bottleneck.
Layer 2 and 3 devices do not forward collisions. Layer 3 devices divide collision domains into smaller
domains.
Layer 3 devices also perform other functions. These functions will be covered in the section on broadcast
domains.
1. Layer 1 Devices Extended Collision Domain

198
Only for individual use – not for distribute on Internet
2. Limiting the Collision Domain

2. Segmentig a Collision Domain with a Bridge

199
Only for individual use – not for distribute on Internet
8.2.4 Layer 2 broadcasts
This page will explain how Layer 2 broadcasts are used.
To communicate with all collision domains, protocols use broadcast and multicast frames at Layer 2 of the OSI
model. -1- When a node needs to communicate with all hosts on the network, it sends a broadcast frame with a
destination MAC address 0xFFFFFFFFFFFF. This is an address to which the NIC of every host must respond.
Layer 2 devices must flood all broadcast and multicast traffic. The accumulation of broadcast and multicast
traffic from each device in the network is referred to as broadcast radiation. In some cases, the circulation of
broadcast radiation can saturate the network so that there is no bandwidth left for application data. In this case,
new network connections cannot be made and established connections may be dropped. This situation is called
a broadcast storm. The probability of broadcast storms increases as the switched network grows.
A NIC must rely on the CPU to process each broadcast or multicast group it belongs to. Therefore, broadcast
radiation affects the performance of hosts in the network. Figure -2- shows the results of tests that Cisco
conducted on the effect of broadcast radiation on the CPU performance of a Sun SPARCstation 2 with a
standard built-in Ethernet card. The results indicate that an IP workstation can be effectively shut down by
broadcasts that flood the network. Although extreme, broadcast peaks of thousands of broadcasts per second
have been observed during broadcast storms. Tests in a controlled environment with a range of broadcasts and
multicasts on the network show measurable system degradation with as few as 100 broadcasts or multicasts per
second.
A host does not usually benefit if it processes a broadcast when it is not the intended destination. The host is
not interested in the service that is advertised. High levels of broadcast radiation can noticeably degrade host
performance. The three sources of broadcasts and multicasts in IP networks are workstations, routers, and
multicast applications.
Workstations broadcast an Address Resolution Protocol (ARP) request every time they need to locate a MAC
address that is not in the ARP table. -3- Although the numbers in the figure might appear low, they represent an
average, well-designed IP network. When broadcast and multicast traffic peak due to storm behavior, peak
CPU loss can be much higher than average. Broadcast storms can be caused by a device that requests
information from a network that has grown too large. So many responses are sent to the original request that
the device cannot process them, or the first request triggers similar requests from other devices that effectively
block normal traffic flow on the network.
As an example, the command telnet mumble.com translates into an IP address through a Domain Name
System (DNS) search. An ARP request is broadcast to locate the MAC address. Generally, IP workstations
cache 10 to 100 addresses in their ARP tables for about 2 hours. The ARP rate for a typical workstation might
be about 50 addresses every 2 hours or 0.007 ARPs per second. Therefore, 2000 IP end stations will produce
about 14 ARPs per second.
The routing protocols that are configured on a network can increase broadcast traffic significantly. Some
administrators configure all workstations to run Routing Information Protocol (RIP) as a redundancy and
reachability policy. Every 30 seconds, RIPv1 uses broadcasts to retransmit the entire RIP routing table to other
RIP routers. If 2000 workstations were configured to run RIP and, on average, 50 packets were required to
transmit the routing table, the workstations would generate 3333 broadcasts per second. Most network
administrators only configure RIP on five to ten routers. For a routing table that has a size of 50 packets, 10
RIP routers would generate about 16 broadcasts per second.
IP multicast applications can adversely affect the performance of large, scaled, switched networks.
Multicasting is an efficient way to send a stream of multimedia data to many users on a shared-media hub.
However, it affects every user on a flat switched network. A packet video application could generate a 7-MB
stream of multicast data that would be sent to every segment. This would result in severe congestion.

200
Only for individual use – not for distribute on Internet
1. Broadcast in a Brdiged Environment

2. Effect of Broadcast radiation on Hosts in a IP Network

3. Average Number of Broadcast and Multicast for IP

201
Only for individual use – not for distribute on Internet
8.2.5 Broadcast domains
This page will explain the features of a broadcast domain.
A broadcast domain is a group of collision domains that are connected by Layer 2 devices. -1- When a
LAN is broken up into multiple collision domains, each host in the network has more opportunities to gain
access to the media. This reduces the chance of collisions and increases available bandwidth for every host.
Broadcasts are forwarded by Layer 2 devices. Excessive broadcasts can reduce the efficiency of the entire
LAN. Broadcasts have to be controlled at Layer 3 since Layers 1 and 2 devices cannot control them. A
broadcast domain includes all of the collision domains that process the same broadcast frame. This includes all
the nodes that are part of the network segment bounded by a Layer 3 device. Broadcast domains are
controlled at Layer 3 because routers do not forward broadcasts. Routers actually work at Layers 1, 2, and
3. Like all Layer 1 devices, routers have a physical connection and transmit data onto the media. Routers also
have a Layer 2 encapsulation on all interfaces and perform the same functions as other Layer 2 devices. Layer
3 allows routers to segment broadcast domains.
In order for a packet to be forwarded through a router it must have already been processed by a Layer 2 device
and the frame information stripped off. Layer 3 forwarding is based on the destination IP address and not
the MAC address. For a packet to be forwarded it must contain an IP address that is outside of the range of
addresses assigned to the LAN and the router must have a destination to send the specific packet to in its
routing table.
1. Broadcast Domain Segmentation

8.2.6 Introduction to data flow


This page discusses data flow.
Data flow in the context of collision and broadcast domains focuses on how data frames propagate through a
network. It refers to the movement of data through Layers 1, 2 and 3 devices and how data must be
encapsulated to effectively make that journey. Remember that data is encapsulated at the network layer with an
IP source and destination address, and at the data-link layer with a MAC source and destination address. -1-
A good rule to follow is that a Layer 1 device always forwards the frame, while a Layer 2 device wants to
forward the frame. In other words, a Layer 2 device will forward the frame unless something prevents it from
doing so. A Layer 3 device will not forward the frame unless it has to. Using this rule will help identify how
data flows through a network.

202
Only for individual use – not for distribute on Internet
Layer 1 devices do no filtering, so everything that is received is passed on to the next segment. The frame is
simply regenerated and retimed and thus returned to its original transmission quality. Any segments connected
by Layer 1 devices are part of the same domain, both collision and broadcast.
Layer 2 devices filter data frames based on the destination MAC address. A frame is forwarded if it is going to
an unknown destination outside the collision domain. The frame will also be forwarded if it is a broadcast,
multicast, or a unicast going outside of the local collision domain. The only time that a frame is not
forwarded is when the Layer 2 device finds that the sending host and the receiving host are in the same
collision domain. A Layer 2 device, such as a bridge, creates multiple collision domains but maintains only one
broadcast domain.
Layer 3 devices filter data packets based on IP destination address. The only way that a packet will be
forwarded is if its destination IP address is outside of the broadcast domain and the router has an identified
location to send the packet. A Layer 3 device creates multiple collision and broadcast domains.
Data flow through a routed IP based network, involves data moving across traffic management devices at
Layers 1, 2, and 3 of the OSI model. Layer 1 is used for transmission across the physical media, Layer 2 for
collision domain management, and Layer 3 for broadcast domain management.
1. Data Flow Trough a Network ( Encapsulation – Decapsulation )

8.2.7 What is a network segment?


This page explains what a network segment is.
As with many terms and acronyms, segment has multiple meanings. The dictionary definition of the
term is as follows:
 A separate piece of something
 One of the parts into which an entity, or quantity is divided or marked off by or as if by natural
boundaries
In the context of data communication, the following definitions are used:
 Section of a network that is bounded by bridges, routers, or switches.
 In a LAN using a bus topology, a segment is a continuous electrical circuit that is often connected to
other such segments with repeaters.

203
Only for individual use – not for distribute on Internet
 Term used in the TCP specification to describe a single transport layer unit of information. The terms
datagram, frame, message, and packet are also used to describe logical information groupings at various
layers of the OSI reference model and in various technology circles.
To properly define the term segment, the context of the usage must be presented with the word. If segment is
used in the context of TCP, it would be defined as a separate piece of the data. If segment is being used in the
context of physical networking media in a routed network, it would be seen as one of the parts or sections of
the total network.
1. Segments

204
Only for individual use – not for distribute on Internet
Summary
This page summarizes the topics discussed in this module.
Ethernet is a shared media, baseband technology, which means only one node can transmit data at a
time. Increasing the number of nodes on a single segment increases demand on the available bandwidth. This
in turn increases the probability of collisions. A solution to the problem is to break a large network segment
into parts and separate it into isolated collision domains. Bridges and switches are used to segment the network
into multiple collision domains.
A bridge builds a bridge table from the source addresses of packets it processes. An address is associated with
the port the frame came in on. Eventually the bridge table contains enough address information to allow the
bridge to forward a frame out a particular port based on the destination address. This is how the bridge controls
traffic between two collision domains.
Switches learn in much the same way as bridges but provide a virtual connection directly between the source
and destination nodes, rather than the source collision domain and destination collision domain. Each port
creates its own collision domain. A switch dynamically builds and maintains a Content-Addressable Memory
(CAM) table, holding all of the necessary MAC information for each port. CAM is memory that essentially
works backwards compared to conventional memory. Entering data into the memory will return the associated
address.
Two devices connected through a switch port become a small collision domain. These small physical
segments are called microsegments. Microsegments connected using twisted pair cabling are capable of full-
duplex communications. In full duplex mode, when separate wires are used for transmitting and receiving
between two hosts, there is no contention for the media. Thus, a collision domain no longer exists.
There is a propagation delay for the signals traveling along transmission medium. Additionally, as signals are
processed by network devices further delay, or latency, is introduced.
How a frame is switched affects latency and reliability. A switch can start to transfer the frame as soon as
the destination MAC address is received. Switching at this point is called cut-through switching and results
in the lowest latency through the switch. However, cut-through switching provides no error checking. At the
other extreme, the switch can receive the entire frame before sending it out the destination port. This is called
store-and-forward switching. Fragment-free switching reads and checks the first sixty-four bytes of the frame
before forwarding it to the destination port.
Switched networks are often designed with redundant paths to provide for reliability and fault tolerance.
Switches use the Spanning-Tree Protocol (STP) to identify and shut down redundant paths through the
network. The result is a logical hierarchical path through the network with no loops.
Using Layer 2 devices to break up a LAN into multiple collision domains increases available bandwidth for
every host. But Layer 2 devices forward broadcasts, such as ARP requests. A Layer 3 device is required to
control broadcasts and define broadcast domains.
Data flow through a routed IP network, involves data moving across traffic management devices at Layers 1, 2,
and 3 of the OSI model. Layer 1 is used for transmission across the physical media, Layer 2 for collision
domain management, and Layer 3 for broadcast domain management

205
Only for individual use – not for distribute on Internet
9 CISCO MODUL 9
Overview
The Internet was developed to provide a communication network that could function in wartime. Although the
Internet has evolved from the original plan, it is still based on the TCP/IP protocol suite. The design of TCP/IP
is ideal for the decentralized and robust Internet. Many common protocols were designed based on the four-
layer TCP/IP model.
It is useful to know both the TCP/IP and OSI network models. Each model uses its own structure to explain
how a network works. However, there is much overlap between the two models. A system administrator should
be familiar with both models to understand how a network functions.
Any device on the Internet that wants to communicate with other Internet devices must have a unique
identifier. The identifier is known as the IP address because routers use a Layer 3 protocol called the IP
protocol to find the best route to that device. The current version of IP is IPv4. This was designed before there
was a large demand for addresses. Explosive growth of the Internet has threatened to deplete the supply of IP
addresses. Subnets, Network Address Translation (NAT), and private addresses are used to extend the supply
of IP addresses. IPv6 improves on IPv4 and provides a much larger address space. Administrators can use IPv6
to integrate or eliminate the methods used to work with IPv4.
In addition to the physical MAC address, each computer needs a unique IP address to be part of the Internet.
This is also called the logical address. There are several ways to assign an IP address to a device. Some devices
always have a static address. Others have a temporary address assigned to them each time they connect to the
network. When a dynamically assigned IP address is needed, a device can obtain it several ways.
For efficient routing to occur between devices, issues such as duplicate IP addresses must be resolved.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams.
Students who complete this module should be able to perform the following tasks:
 Explain why the Internet was developed and how TCP/IP fits the design of the Internet
 List the four layers of the TCP/IP model
 Describe the functions of each layer of the TCP/IP model
 Compare the OSI model and the TCP/IP model
 Describe the function and structure of IP addresses
 Understand why subnetting is necessary
 Explain the difference between public and private addressing
 Understand the function of reserved IP addresses
 Explain the use of static and dynamic addressing for a device
 Understand how dynamic addresses can be assigned with RARP, BootP, and DHCP
 Use ARP to obtain the MAC address to send a packet to another device
 Understand the issues related to addressing between networks

1. TCP/IP Protocol Suite and IP Addressing

206
Only for individual use – not for distribute on Internet
2. CCNA 640-801 Exam

3. ICND 640-811 Exam

4. INTRO 640-821 Exam

207
Only for individual use – not for distribute on Internet

9.1 Introduction to TCP/IP


9.1.1 History and future of TCP/IP
This page discusses the history and the future of TCP/IP.
The U.S. Department of Defense (DoD) created the TCP/IP reference model because it wanted a network that
could survive any conditions. To illustrate further, imagine a world, crossed by multiple cable runs, wires,
microwaves, optical fibers, and satellite links. Then imagine a need for data to be transmitted without regard
for the condition of any particular node or network. The U.S. DoD required reliable data transmission to any
destination on the network under any circumstances. The creation of the TCP/IP model helped to solve this
difficult design problem. The TCP/IP model has since become the standard on which the Internet is based.
Think about the layers of the TCP/IP model layers in relation to the original intent of the Internet. This will
help reduce confusion. The four layers of the TCP/IP model are the application layer, transport layer, Internet
layer, and network access layer. -1- Some of the layers in the TCP/IP model have the same name as layers in
the OSI model. It is critical not to confuse the layer functions of the two models because the layers include
different functions in each model. The present version of TCP/IP was standardized in September of 1981.
1. TCP/IP Model

208
Only for individual use – not for distribute on Internet
9.1.2 Application layer
This page describes the functions of the TCP/IP application layer.
The application layer handles high-level protocols, representation, encoding, and dialog control. The TCP/IP
protocol suite combines all application related issues into one layer. It ensures that the data is properly
packaged before it is passed on to the next layer. TCP/IP includes Internet and transport layer specifications
such as IP and TCP as well as specifications for common applications. TCP/IP has protocols to support file
transfer, e-mail, and remote login, in addition to the following: -1-
 File Transfer Protocol (FTP) – FTP is a reliable, connection-oriented service that uses TCP to transfer
files between systems that support FTP. It supports bi-directional binary file and ASCII file transfers.
 Trivial File Transfer Protocol (TFTP) – TFTP is a connectionless service that uses the User
Datagram Protocol (UDP). TFTP is used on the router to transfer configuration files and Cisco IOS
images, and to transfer files between systems that support TFTP. It is useful in some LANs because it
operates faster than FTP in a stable environment.
 Network File System (NFS) – NFS is a distributed file system protocol suite developed by Sun
Microsystems that allows file access to a remote storage device such as a hard disk across a network.
 Simple Mail Transfer Protocol (SMTP) – SMTP administers the transmission of e-mail over
computer networks. It does not provide support for transmission of data other than plain text.
 Telnet – Telnet provides the capability to remotely access another computer. It enables a user to log
into an Internet host and execute commands. A Telnet client is referred to as a local host. A Telnet
server is referred to as a remote host.
 Simple Network Management Protocol (SNMP) – SNMP is a protocol that provides a way to
monitor and control network devices. SNMP is also used to manage configurations, statistics,
performance, and security.
 Domain Name System (DNS) – DNS is a system used on the Internet to translate domain names and
publicly advertised network nodes into IP addresses.

1. TCP/IP Application

9.1.3 Transport layer


This page will explain how the transport layer provides transport services from the source host to the
destination host.
The transport layer provides a logical connection between a source host and a destination host. 1- Transport
protocols segment and reassemble data sent by upper-layer applications into the same data stream, or logical
connection, between end points.
The Internet is often represented by a cloud. The transport layer sends data packets from a source to a
destination through the cloud. -2-, -3- The primary duty of the transport layer is to provide end-to-end
control and reliability as data travels through this cloud. This is accomplished through the use of sliding
209
Only for individual use – not for distribute on Internet
windows, sequence numbers, and acknowledgments. The transport layer also defines end-to-end connectivity
between host applications. Transport layer protocols include TCP and UDP.
The functions of TCP and UDP are as follows:
 Segment upper-layer application data
 Send segments from one end device to another
The functions of TCP are as follows:
 Establish end-to-end operations
 Provide flow control through the use of sliding windows
 Ensure reliability through the use of sequence numbers and acknowledgments

1. Transport Layer Protocols

2. Transport Layer Protocols 3. Transport Layer Protocols

Test: Select the statements that are true for both TCP and UDP in the transport Layer

9.1.4 Internet layer


This page explains the functions of the TCP/IP Internet layer.
The purpose of the Internet layer is to select the best path through the network for packets to travel. The
main protocol that functions at this layer is IP. Best path determination and packet switching occur at this
layer.

210
Only for individual use – not for distribute on Internet
The following protocols operate at the TCP/IP Internet layer: -1-
 IP provides connectionless, best-effort delivery routing of packets. IP is not concerned with the content
of the packets but looks for a path to the destination.
 Internet Control Message Protocol (ICMP) provides control and messaging capabilities.
 Address Resolution Protocol (ARP) determines the data link layer address, or MAC address, for known
IP addresses.
 Reverse Address Resolution Protocol (RARP) determines the IP address for a known MAC address.
IP performs the following operations: -2-
 Defines a packet and an addressing scheme
 Transfers data between the Internet layer and network access layer
 Routes packets to remote hosts
IP is sometimes referred to as an unreliable protocol. This does not mean that IP will not accurately deliver
data across a network. IP is unreliable because it does not perform error checking and correction. That function
is handled by upper layer protocols from the transport or application layers.
1. Internet Layer Protocols

2. Internet Path Determination

9.1.5 Network access layer


This page will discuss the TCP/IP network access layer, which is also called the host-to-network layer.
The network access layer allows an IP packet to make a physical link to the network media. It includes the
LAN and WAN technology details and all the details contained in the OSI physical and data link layers. -1-
Drivers for software applications, modem cards, and other devices operate at the network access layer. The
network access layer defines the procedures used to interface with the network hardware and access the
transmission medium. Modem protocol standards such as Serial Line Internet Protocol (SLIP) and Point-to-
Point Protocol (PPP) provide network access through a modem connection. Many protocols are required to
determine the hardware, software, and transmission-medium specifications at this layer. This can lead to
confusion for users. Most of the recognizable protocols operate at the transport and Internet layers of the
TCP/IP model.

211
Only for individual use – not for distribute on Internet
Network access layer protocols also map IP addresses to physical hardware addresses and encapsulate IP
packets into frames. The network access layer defines the physical media connection based on the hardware
type and network interface.
Here is an example of a network access layer configuration that involves a Windows system set up with a third
party NIC. The NIC would automatically be detected by some versions of Windows and then the proper
drivers would be installed. In an older version of Windows, the user would have to specify the network card
driver. The card manufacturer supplies these drivers on disks or CD-ROMs.
1. Network Access Protocol

9.1.6 The OSI model and the TCP/IP model


This page provides a comparison of the OSI model and the TCP/IP model. -1-
The OSI and TCP/IP models have many similarities:
 Both have layers.
 Both have application layers, though they include different services.
 Both have comparable transport and network layers.
 Both use packet-switched instead of circuit-switched technology.
 Networking professionals need to know both models.
Here are some differences of the OSI and TCP/IP models:
 TCP/IP combines the OSI application, presentation, and session layers into its application layer.
 TCP/IP combines the OSI data link and physical layers into its network access layer.
 TCP/IP appears simpler because it has fewer layers.
 When the TCP/IP transport layer uses UDP it does not provide reliable delivery of packets. The
transport layer in the OSI model always does.
The Internet was developed based on the standards of the TCP/IP protocols. The TCP/IP model gains
credibility because of its protocols. The OSI model is not generally used to build networks. The OSI model is
used as a guide to help students understand the communication process.

212
Only for individual use – not for distribute on Internet
1. Comparing TCP/IP with OSI

9.1.7 Internet architecture


This page will examine the basic architecture of the Internet.
The Internet enables nearly instantaneous worldwide data communications between anyone, anywhere, at any
time.
LANs are networks within limited geographic areas. However, LANs are limited in scale. Although there have
been technological advances to improve the speed of communications, such as Metro Optical, Gigabit, and 10-
Gigabit Ethernet, distance is still a problem.
Students can focus on the communications between source and destination computers or intermediate
computers at the application layer to get an overview of the Internet architecture. Identical instances of an
application could be placed on all the computers in a network to ease the delivery of messages. However, this
does not scale well. New software would require new applications to be installed on every computer in the
network. For new hardware to function properly, the software would need to be modified. Any failure of an
intermediate computer or computer application would cause a break in the chain of the messages that are
passed.
The Internet uses the principle of network layer interconnection. The goal is to build the functionality of the
network in independent modules. This allows a diversity of LAN technologies at Layers 1 and 2 of the OSI
model and a diversity of applications at Layers 5, 6, and 7. The OSI model provides a mechanism where the
details of the lower and the upper layers are separated. This allows intermediate networking devices to relay
traffic without details about the LAN.
This leads to the concept of internetworks, or networks that consist of many networks. A network of networks
is called an internetwork, which is indicated with the lowercase i. The network on which the World Wide Web
(www) runs is the Internet, which is indicated with a capital I. Internetworks must be scalable with regard to
the number of networks and computers attached. They must also be able to handle the transport of data across
vast distances. An internetwork must be flexible to account for constant technological innovations. It must be
able to adjust to dynamic conditions on the network. And internetworks must be cost-effective. Internetworks
must be designed to permit data communications to anyone, anywhere, at any time.
Figure -1- summarizes the connection of one physical network to another through a special purpose computer
called a router. These networks are described as directly connected to the router. The router is needed to handle
any path decisions required for the two networks to communicate. Many routers are needed to handle large
volumes of network traffic.
Figure -2- extends the idea to three physical networks connected by two routers. Routers make complex
decisions to allow users on all the networks to communicate with each other. Not all networks are directly
connected to one another. The router must have some method to handle this situation.
One option is for a router to keep a list of all computers and all the paths to them. The router would then decide
how to forward data packets based on this reference table. Packets would be forwarded based on the IP address
213
Only for individual use – not for distribute on Internet
of the destination computer. This option would become difficult as more users were added to the network.
Scalability is introduced when the router keeps a list of all networks, but leaves the local delivery details to the
local physical networks. In this situation, the routers pass messages to other routers. Each router shares
information about its connected network.
Figure -3- shows the transparency that users require. However, the physical and logical structures inside the
Internet cloud can be extremely complex as shown in Figure -4-. The Internet has grown rapidly to allow more
and more users. The fact that the Internet has grown so large, with more than 90,000 core routes and
300,000,000 end users, proves the effectiveness of the Internet architecture.
Two computers located anywhere in the world that follow certain hardware, software, and protocol
specifications can communicate reliably. The standardization of ways to move data across networks has made
the Internet possible.
1. Router Connects Two Network

2. Router Connect Local and Remote Networks

3. Users See TCP/IP Cloud 4. Phisical Details Hiden from Users

214
Only for individual use – not for distribute on Internet
9.2 Internet Addresses
9.2.1 IP addressing
This page will describe IP addressing.
For any two systems to communicate, they must be able to identify and locate each other. The addresses in
Figure -1- are not actual network addresses. They represent and show the concept of address grouping.
A computer may be connected to more than one network. -2- In this situation, the system must be given more
than one address. Each address will identify the connection of the computer to a different network. Each
connection point, or interface, on a device has an address to a network. This will allow other computers to
locate the device on that particular network. The combination of the network address and the host address
creates a unique address for each device on a network. Each computer in a TCP/IP network must be given a
unique identifier, or IP address. This address, which operates at Layer 3, allows one computer to locate another
computer on a network. All computers also have a unique physical address, which is known as a MAC address.
These are assigned by the manufacturer of the NIC. MAC addresses operate at Layer 2 of the OSI model.
An IP address is a 32-bit sequence of ones and zeros. Figure -3- shows a sample 32-bit number. To make the IP
address easier to work with, it is usually written as four decimal numbers separated by periods. For example,
an IP address of one computer is 192.168.1.2. Another computer might have the address 128.10.2.1. This is
called the dotted decimal format. Each part of the address is called an octet because it is made up of eight
binary digits. For example, the IP address 192.168.1.8 would be 11000000.10101000.00000001.00001000 in
binary notation. The dotted decimal notation is an easier method to understand than the binary ones and zeros
method. This dotted decimal notation also prevents a large number of transposition errors that would result if
only the binary numbers were used.
Both the binary and decimal numbers in Figure -4- represent the same values. However, the address is easier to
understand in dotted decimal notation. This is one of the common problems associated with binary numbers.
The long strings of repeated ones and zeros make errors more likely.
It is easy to see the relationship between the numbers 192.168.1.8 and 192.168.1.9. The binary values
11000000.10101000.00000001.00001000 and 11000000.10101000.00000001.00001001 are not as easy to
recognize. It is more difficult to determine that the binary values are consecutive numbers.

1. Host Address

215
Only for individual use – not for distribute on Internet

2. Dual-homed Computer

3. IP Addressing Format

4. Consecutive Decimal and Binary Value

9.2.2 Decimal and binary conversion


There are several ways to convert decimal numbers to binary numbers. This page will describe one method.
The student may find other methods easier. It is a matter of personal preference.
When converting a decimal number to binary, the biggest power of two that will fit into the decimal number
must be determined. -1- If this process is designed to be working with computers, the most logical place to start
is with the largest values that will fit into a byte or two bytes. As mentioned earlier, the most common
grouping of bits is eight, which make up one byte. However, sometimes the largest value that can be held in
216
Only for individual use – not for distribute on Internet
one byte is not large enough for the values needed. To accommodate this, bytes are combined. Instead of
having two 8-bit numbers, one 16-bit number is created. Instead of three eight-bit numbers, one 24-bit
number is created. The same rules apply as they did for eight-bit numbers. Multiply the previous position
value by two to get the present column value.
Since working with computers often is referenced by bytes it is easiest to start with byte boundaries and
calculate from there. -2- Start by calculating a couple of examples, the first being 6,783. Since this number is
greater than 255, the largest value possible in a single byte, two bytes will be used. Start calculating from 215.
The binary equivalent of 6,783 is 00011010 01111111.
The second example is 104. Since this number is less than 255, it can be represented by one byte. The binary
equivalent of 104 is 01101000. -3-
This method works for any decimal number. Consider the decimal number one million. Since one million is
greater than the largest value that can be held in two bytes, 65535, at least three bytes will be needed. By
multiplying by two until 24 bits, three bytes, is reached, the value will be 16,777,215. This means that the
largest value that 24 bits can hold is 16,777,215. So starting at the 24-bit, follow the process until zero is
reached. Continuing with the procedure described, it is determined that the decimal number one million is
equal to the binary number 00001111 01000010 01000000.
Figure -4- includes some decimal to binary conversion exercises.
Binary to decimal conversion is just the opposite. Simply place the binary in the table and if there is a one in a
column position add that value into the total. -5- Convert 00000100 00011101 to decimal. The answer is 1053.
Figure -6- includes some binary to decimal conversion exercises.

1. 2 Bytes ( 16 Bit Number )

2. 2 Bytes ( 16 Bit Number ) Convert DEC to BIN

3. 1 Byte ( 8 Bit Number ) Convert DEC to BIN

4.
5. 2 Bytes ( 16 Bit Number ) Convert BIN to DEC

217
Only for individual use – not for distribute on Internet
6. 2 Bytes ( 16 Bit Number ) Convert BIN to DEC

9.2.3 IPv4 addressing


This page will discuss IPv4 addressing.
A router uses IP to forward packets from the source network to the destination network. The packets must
include an identifier for both the source and destination networks. -1- A router uses the IP address of the
destination network to deliver a packet to the correct network. When the packet arrives at a router connected to
the destination network, the router uses the IP address to locate the specific computer on the network. This
system works in much the same way as the national postal system. When the mail is routed, the zip code is
used to deliver it to the post office at the destination city. That post office must use the street address to locate
the final destination in the city.
Every IP address also has two parts. -2- The first part identifies the network where the system is connected
and the second part identifies the system. As is shown Figure -3-, each octet ranges from 0 to 255. Each one of
the octets breaks down into 256 subgroups and they break down into another 256 subgroups with 256
addresses in each. By referring to the group address directly above a group in the hierarchy, all of the groups
that branch from that address can be referenced as a single unit.
This kind of address is called a hierarchical address, because it contains different levels. An IP address
combines these two identifiers into one number. This number must be a unique number, because duplicate
addresses would make routing impossible. The first part identifies the system's network address. The second
part, called the host part, identifies which particular machine it is on the network.
IP addresses are divided into classes to define the large, medium, and small networks. Class A addresses are
assigned to larger networks. Class B addresses are used for medium-sized networks, and Class C for small
networks. -4-, -5- The first step in determining which part of the address identifies the network and which part
identifies the host is identifying the class of an IP address.

1. Network Layer Communnication Path

2. Network and Hosts Addressing


Network Host
1 1
2
3
2 1
3 1

218
Only for individual use – not for distribute on Internet
3. Internet Address

4. IP Address Classess……IMPORTANT

5. Identifying Address Classess…….IMPORTANT

Class Start address Finish address


A 0.0.0.0 126.255.255.255
B 128.0.0.0 191.255.255.255
C 192.0.0.0 223.255.255.255
D 224.0.0.0 239.255.255.255
E 240.0.0.0 255.255.255.255

219
Only for individual use – not for distribute on Internet
Class Private Start Address Private End Address
A 10.0.0.0 10.255.255.255
B 172.16.0.0 172.31.255.255
C 192.168.0.0 192.168.255.255

9.2.4 Class A, B, C, D, and E IP addresses


This page will describe the five IP address classes.
To accommodate different size networks and aid in classifying these networks, IP addresses are divided into
groups called classes. -1 This is known as classful addressing. Each complete 32-bit IP address is broken down
into a network part and a host part. -2- A bit or bit sequence at the start of each address determines the class of
the address. There are five IP address classes as shown in Figure -8- .
The Class A address was designed to support extremely large networks, with more than 16 million host
addresses available. -3- Class A IP addresses use only the first octet to indicate the network address. The
remaining three octets provide for host addresses.
The first bit of a Class A address is always 0. With that first bit a 0, the lowest number that can be represented
is 00000000, decimal 0. The highest number that can be represented is 01111111, decimal 127. The numbers 0
and 127 are reserved and cannot be used as network addresses. Any address that starts with a value between 1
and 126 in the first octet is a Class A address.
The 127.0.0.0 network is reserved for loopback testing. Routers or local machines can use this address to
send packets back to themselves. Therefore, this number cannot be assigned to a network.
The Class B address was designed to support the needs of moderate to large-sized networks. -4- A Class B IP
address uses the first two of the four octets to indicate the network address. The other two octets specify host
addresses.
The first two bits of the first octet of a Class B address are always 10. The remaining six bits may be
populated with either 1s or 0s. Therefore, the lowest number that can be represented with a Class B address is
10000000, decimal 128. The highest number that can be represented is 10111111, decimal 191. Any address
that starts with a value in the range of 128 to 191 in the first octet is a Class B address.
The Class C address space is the most commonly used of the original address classes. -5- This address space
was intended to support small networks with a maximum of 254 hosts.
A Class C address begins with binary 110. Therefore, the lowest number that can be represented is 11000000,
decimal 192. The highest number that can be represented is 11011111, decimal 223. If an address contains a
number in the range of 192 to 223 in the first octet, it is a Class C address.
The Class D address class was created to enable multicasting in an IP address. -6- A multicast address is a
unique network address that directs packets with that destination address to predefined groups of IP addresses.
Therefore, a single station can simultaneously transmit a single stream of data to multiple recipients.
The Class D address space, much like the other address spaces, is mathematically constrained. The first four
bits of a Class D address must be 1110. Therefore, the first octet range for Class D addresses is 11100000 to
11101111, or 224 to 239. An IP address that starts with a value in the range of 224 to 239 in the first octet is a
Class D address.
A Class E address has been defined. -7- However, the Internet Engineering Task Force (IETF) reserves these
addresses for its own research. Therefore, no Class E addresses have been released for use in the Internet. The
first four bits of a Class E address are always set to 1s. Therefore, the first octet range for Class E addresses is
11110000 to 11111111, or 240 to 255.
Figure -8- shows the IP address range of the first octet both in decimal and binary for each IP address class.

220
Only for individual use – not for distribute on Internet
1. Addressess Class Prefix …IMPORTANT

2. Network and Host Division

3. Class A Address

4. Class B Address

5. Class C Address

6. Class D Address Architecture

221
Only for individual use – not for distribute on Internet

7. Class E Address Architecture

IP ……… ………….100.20.5.5 IP ……… ………….150.25.15.10


Class A => N.H.H.H Class B => N.N.H.H
Network Address => 100.0.0.0 Network Address => 100.25.0.0
Broadcast Address => 100.255.255.255 Broadcast Address => 100.25.255. 255

IP ……… ………….220.60.45.12
Class C => N.N.N.H
Network Address => 220.60.45.0
Broadcast Address => 220.60.45.255

8. IP Address Range ….IMPORTANT

9.2.5 Reserved IP addresses


This page will describe the types of reserved IP addresses.
Certain host addresses are reserved and cannot be assigned to devices on a network. These reserved host
addresses include the following:
 Network address – Used to identify the network itself
In Figure -1- , the section that is identified by the upper box represents the 198.150.11.0 network address.
Data that is sent to any host on that network (198.150.11.1- 198.150.11.254) will be seen outside of the local
area network as 198.159.11.0. The only time that the host numbers matter is when the data is on the local area
network. The LAN that is contained in the lower box is treated the same as the upper LAN, except that its
network number is 198.150.12.0.
 Broadcast address – Used for broadcasting packets to all the devices on a network
In Figure -2- , the section that is identified by the upper box represents the 198.150.11.255 broadcast address.
Data that is sent to the broadcast address will be read by all hosts on that network (198.150.11.1-
198.150.11.254). The LAN that is contained in the lower box is treated the same as the upper LAN, except that
its broadcast address is 198.150.12.255.
An IP address that has binary 0s in all host bit positions is reserved for the network address. In a Class A
network example, 113.0.0.0 is the IP address of the network, known as the network ID, containing the host
222
Only for individual use – not for distribute on Internet
113.1.2.3. A router uses the network IP address when it forwards data on the Internet. In a Class B network
example, the address 176.10.0.0 is a network address, as shown in Figure -3-.
In a Class B network address, the first two octets are designated as the network portion. The last two
octets contain 0s because those 16 bits are for host numbers and are used to identify devices that are attached to
the network. The IP address, 176.10.0.0, is an example of a network address. This address is never assigned as
a host address. A host address for a device on the 176.10.0.0 network might be 176.10.16.1. In this example,
―176.10‖ is the network portion and ―16.1‖ is the host portion. -4-
To send data to all the devices on a network, a broadcast address is needed. -5- A broadcast occurs when a
source sends data to all devices on a network. To ensure that all the other devices on the network process the
broadcast, the sender must use a destination IP address that they can recognize and process. Broadcast IP
addresses end with binary 1s in the entire host part of the address.
In the network example, 176.10.0.0, the last 16 bits make up the host field or host part of the address. -6- The
broadcast that would be sent out to all devices on that network would include a destination address of
176.10.255.255. This is because 255 is the decimal value of an octet containing 11111111.

1. Network Address

223
Only for individual use – not for distribute on Internet
2. Broadcast Address

3. Network Address

224
Only for individual use – not for distribute on Internet
4. Unicast Transmission

225
Only for individual use – not for distribute on Internet
5. Broadcast Address

5. Broadcast Transmission

226
Only for individual use – not for distribute on Internet

9.2.6 Public and private IP addresses


This page describes public and private IP addresses.
The stability of the Internet depends directly on the uniqueness of publicly used network addresses. In Figure -
1- , there is an issue with the network addressing scheme. In looking at the networks, both have a network
address of 198.150.11.0. The router in this illustration will not be able to forward the data packets correctly.
Duplicate network IP addresses prevent the router from performing its job of best path selection. Unique
addresses are required for each device on a network.
A procedure was needed to make sure that addresses were in fact unique. Originally, an organization known as
the Internet Network Information Center (InterNIC) handled this procedure. InterNIC no longer exists and has
been succeeded by the Internet Assigned Numbers Authority (IANA). IANA carefully manages the remaining
supply of IP addresses to ensure that duplication of publicly used addresses does not occur. Duplication would
cause instability in the Internet and compromise its ability to deliver datagrams to networks.
Public IP addresses are unique. No two machines that connect to a public network can have the same IP
address because public IP addresses are global and standardized. All machines connected to the Internet agree
to conform to the system. Public IP addresses must be obtained from an Internet service provider (ISP) or a
registry at some expense.
With the rapid growth of the Internet, public IP addresses were beginning to run out. New addressing schemes,
such as classless interdomain routing (CIDR) and IPv6 were developed to help solve the problem. CIDR and
IPv6 are discussed later in the course.
Private IP addresses are another solution to the problem of the impending exhaustion of public IP addresses.
As mentioned, public networks require hosts to have unique IP addresses. However, private networks that are
not connected to the Internet may use any host addresses, as long as each host within the private network is
unique. Many private networks exist alongside public networks. However, a private network using just any
address is strongly discouraged because that network might eventually be connected to the Internet. RFC 1918
sets aside three blocks of IP addresses for private, internal use. -2- These three blocks consist of one Class A, a
range of Class B addresses, and a range of Class C addresses. Addresses that fall within these ranges are not
routed on the Internet backbone. Internet routers immediately discard private addresses. If addressing a
nonpublic intranet, a test lab, or a home network, these private addresses can be used instead of globally unique
addresses. -3- Private IP addresses can be intermixed, as shown in the graphic, with public IP addresses. This
will conserve the number of addresses used for internal connections.
Connecting a network using private addresses to the Internet requires translation of the private addresses to
public addresses. This translation process is referred to as Network Address Translation (NAT). A router
usually is the device that performs NAT. NAT, along with CIDR and IPv6 are covered in more depth later in
the curriculum.

227
Only for individual use – not for distribute on Internet
1. Required Unique Addresses

Problem with IP address


2. Private IP Addresses…IMPORTANT ! ( RFC 1918 )

TCP/IP addresses reserved for 'private' networks are:

10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
and as of July 2001
169.254.0.0 to 169.254.255.255 rfc

3. Using Private Address in the WAN

228
Only for individual use – not for distribute on Internet
9.2.7 Introduction to subnetting
This page will explain how subnetting is used to manage IP addresses.
Subnetting is one method used to manage IP addresses, as shown in example -1- , the 131.108.0.0 network is
subnetted into the 131.108.1.0, 131.108.2.0 and 131.108.3.0 subnets. This method of dividing full network
address classes into smaller pieces has prevented complete IP address exhaustion. It is impossible to cover
TCP/IP without mentioning subnetting. As a system administrator it is important to understand subnetting as a
means of dividing and identifying separate networks throughout the LAN. It is not always necessary to subnet
a small network. However, for large or extremely large networks, subnetting is required. -2- Subnetting a
network means to use the subnet mask to divide the network and break a large network up into smaller, more
efficient and manageable segments, or subnets. An example would be the U.S. telephone system which is
broken into area codes, exchange codes, and local numbers.
The system administrator must resolve these issues when adding and expanding the network. It is important to
know how many subnets or networks are needed and how many hosts will be needed on each network. With
subnetting, the network is not limited to the default Class A, B, or C network masks and there is more
flexibility in the network design.
Subnet addresses include the network portion, plus a subnet field and a host field. The subnet field and the host
field are created from the original host portion for the entire network. The ability to decide how to divide the
original host portion into the new subnet and host fields provides addressing flexibility for the network
administrator.
To create a subnet address, a network administrator borrows bits from the host field and designates them as the
subnet field. -3- The minimum number of bits that can be borrowed is two. When creating a subnet, where only
one bit was borrowed the network number would be the .0 network. The broadcast number would then be the
.255 network. The maximum number of bits that can be borrowed can be any number that leaves at least two
bits remaining, for the host number.
The Lab Activity will help students become familiar with the different classes of IP addresses.

1. Addressing With Subnets ( Example Class "B" )

229
Only for individual use – not for distribute on Internet
2. Subnet Address

3. Quick Reference Subnetting Chart

230
Only for individual use – not for distribute on Internet
Ip Address Class C , default subnet mask 255.255.255.0

IP……..210.189.137.100
210 189 137 100
11010010 10111101 10001001 01100100

Subnet Mask…………. 255.255.255.240


255 255 255 240
11111111 11111111 11111111 11110000

As Follow
IP Network Address……..210.189.137.100
210 189 137 100
11010010 10111101 10001001 01100100

Result for Subnet Address ( Host Change Last Bits in to 0000 )


11010010 10111101 10001001 01100000
100
0110 0100

100 – 4 Bits = 96
4 Bits Host

Result for Network Address


210 189 137 96

Result for Broadcast Address


210 189 137 111
11010010 10111101 10001001 01101111
01101111 Bin = 111 Dec
9.2.8 IPv4 versus IPv6
This page will compare IPv4 and IPv6.
When TCP/IP was adopted in the 1980s, it relied on a two-level addressing scheme. At the time this offered
adequate scalability. Unfortunately, the designers of TCP/IP could not have predicted that their protocol would
eventually sustain a global network of information, commerce, and entertainment. Over twenty years ago, IP
Version 4 (IPv4) offered an addressing strategy that, although scalable for a time, resulted in an inefficient
allocation of addresses.
The Class A and B addresses make up 75 percent of the IPv4 address space, however fewer than 17,000
organizations can be assigned a Class A or B network number. -1- Class C network addresses are far more
numerous than Class A and Class B addresses, although they account for only 12.5 percent of the possible four
billion IP addresses.
Unfortunately, Class C addresses are limited to 254 usable hosts. This does not meet the needs of larger
organizations that cannot acquire a Class A or B address. Even if there were more Class A, B, and C addresses,
too many network addresses would cause Internet routers to come to a stop under the burden of the enormous
size of routing tables required to store the routes to reach each of the networks.
As early as 1992, the Internet Engineering Task Force (IETF) identified the following two specific concerns:
 Exhaustion of the remaining, unassigned IPv4 network addresses. At the time, the Class B space was on
the verge of depletion.

231
Only for individual use – not for distribute on Internet
 The rapid and large increase in the size of Internet routing tables occurred as more Class C networks
came online. The resulting flood of new network information threatened the ability of Internet routers
to cope effectively.
Over the past two decades, numerous extensions to IPv4 have been developed. These extensions are
specifically designed to improve the efficiency with which the 32-bit address space can be used. Two of the
more important of these are subnet masks and classless interdomain routing (CIDR), which are discussed in
more detail in later lessons.
Meanwhile, an even more extendible and scalable version of IP, IP Version 6 (IPv6), has been defined and
developed. -2- IPv6 uses 128 bits rather than the 32 bits currently used in IPv4. IPv6 uses hexadecimal numbers
to represent the 128 bits. IPv6 provides 640 sextrillion addresses. This version of IP should provide enough
addresses for future communication needs.
Figure -3- shows an IPv4 address and an IPv6 address. IPv4 addresses are 32 bits long, written in decimal form,
and separated by periods. IPv6 addresses are 128-bits long and are identifiers for individual interfaces and sets
of interfaces. IPv6 addresses are assigned to interfaces, not nodes. Since each interface belongs to a single
node, any of the unicast addresses assigned to the interfaces of the node may be used as an identifier for the
node. IPv6 addresses are written in hexadecimal, and separated by colons. IPv6 fields are 16 bits long. To
make the addresses easier to read, leading zeros can be omitted from each field. The field :0003: is written :3:.
IPv6 shorthand representation of the 128 bits uses eight 16-bit numbers, shown as four hexadecimal digits.
After years of planning and development, IPv6 is slowly being implemented in select networks. Eventually,
IPv6 may replace IPv4 as the dominant Internet protocol.

1. IPv4 Address Alocation

2. IPv4 and IPv6

232
Only for individual use – not for distribute on Internet
3. IPv4 and IPv6 Addresses

9.3 Obtaining an IP address


9.3.1 Obtaining an Internet address
This page will explain how an Internet address is obtained.
A network host needs to obtain a globally unique address in order to function on the Internet. The physical or
MAC address that a host has is only locally significant, identifying the host within the local area network.
Since this is a Layer 2 address, the router does not use it to forward outside the LAN.
IP addresses are the most commonly used addresses for Internet communications. This protocol is a
hierarchical addressing scheme that allows individual addresses to be associated together and treated as groups.
These groups of addresses allow efficient transfer of data across the Internet. -1-
Network administrators use two methods to assign IP addresses. These methods are static and dynamic. Later
in this lesson, static addressing and three variations of dynamic addressing will be covered. Regardless of
which addressing scheme is chosen, no two interfaces can have the same IP address. Two hosts that have the
same IP address could create a conflict that might cause both of the hosts involved not to operate properly. As
shown in Figure -2-, the hosts have a physical address by having a network interface card that allows
connection to the physical medium.

1. Internet Addresses

233
Only for individual use – not for distribute on Internet
2. Assigning IP Address

9.3.2 Static assignment of an IP address


This page will discuss static assignments.
Static assignment works best on small, infrequently changing networks. The system administrator manually
assigns and tracks IP addresses for each computer, printer, or server on the intranet. -1- Good recordkeeping is
critical to prevent problems which occur with duplicate IP addresses. This is possible only when there are a
small number of devices to track.
Servers should be assigned a static IP address so workstations and other devices will always know how to
access needed services. -2- Consider how difficult it would be to phone a business that changed its phone
number every day.
Other devices that should be assigned static IP addresses are network printers, application servers, and routers.
1. TCP/IP Configuration for Windows 98 SE

234
Only for individual use – not for distribute on Internet
9.3.3 RARP IP address assignment
This page will discuss RARP address assignment.
Reverse Address Resolution Protocol (RARP) associates a known MAC addresses with an IP addresses. This
association allows network devices to encapsulate data before sending the data out on the network. A network
device, such as a diskless workstation, might know its MAC address but not its IP address. RARP allows the
device to make a request to learn its IP address. Devices using RARP require that a RARP server be present
on the network to answer RARP requests.
Consider an example where a source device wants to send data to another device. In this example, the source
device knows its own MAC address but is unable to locate its own IP address in the ARP table. The source
device must include both its MAC address and IP address in order for the destination device to retrieve data,
pass it to higher layers of the OSI model, and respond to the originating device. Therefore, the source initiates
a process called a RARP request. This request helps the source device detect its own IP address. RARP
requests are broadcast onto the LAN and are responded to by the RARP server which is usually a router.
RARP uses the same packet format as ARP. However, in a RARP request, the MAC headers and operation
code are different from an ARP request. -1-, -2- The RARP packet format contains places for MAC addresses of
both the destination and source devices. The source IP address field is empty. The broadcast goes to all devices
on the network. Figures -4-, -5-, and -3- depict the destination MAC address as FF:FF:FF:FF:FF:FF.
Workstations running RARP have codes in ROM that direct them to start the RARP process. A step-by-step
layout of the RARP process is illustrated in Figures through .
1. ARP/RARP Message Structure

2. ARP/RARP Message Structure Field Description

235
Only for individual use – not for distribute on Internet
3. RARP Network Segment

4. RARP Request Generation

5. RARP Request Transmission

236
Only for individual use – not for distribute on Internet
6. RARP Request Verification

7. RARP Request Verification

8. RARP Reply Transmission

237
Only for individual use – not for distribute on Internet

9. RARP Reply Evaluation

10. RARP Data Storage

9.3.4 BOOTP IP address assignment


This page will introduce BOOTP.
The bootstrap protocol (BOOTP) operates in a client-server environment and only requires a single packet
exchange to obtain IP information. -1-, -2- However, unlike RARP, BOOTP packets can include the IP address,
as well as the address of a router, the address of a server, and vendor-specific information.
One problem with BOOTP, however, is that it was not designed to provide dynamic address assignment. With
BOOTP, a network administrator creates a configuration file that specifies the parameters for each device. The
administrator must add hosts and maintain the BOOTP database. Even though the addresses are dynamically
assigned, there is still a one to one relationship between the number of IP addresses and the number of hosts.
This means that for every host on the network there must be a BOOTP profile with an IP address assignment in
it. No two profiles can have the same IP address. Those profiles might be used at the same time and that would
mean that two hosts have the same IP address.
A device uses BOOTP to obtain an IP address when starting up. BOOTP uses UDP to carry messages. The
UDP message is encapsulated in an IP packet. A computer uses BOOTP to send a broadcast IP packet
using a destination IP address of all 1s, 255.255.255.255 in dotted decimal notation. A BOOTP server
receives the broadcast and then sends back a broadcast. The client receives a frame and checks the MAC
address. If the client finds its own MAC address in the destination address field and a broadcast in the IP
destination field, it takes and stores the IP address and other information supplied in the BOOTP reply
message. A step-by-step description of the process is shown in Figures -3- through -10-.

238
Only for individual use – not for distribute on Internet
1. BOOTP Message Structure

2. BOOTP Message Structure Field Description

3. BOOTP Network Segment

239
Only for individual use – not for distribute on Internet

4. BOOTP Request Creation

5. BOOTP Request Transmission

240
Only for individual use – not for distribute on Internet

6. BOOTP Request Verification

241
Only for individual use – not for distribute on Internet
7. BOOTP Reply Creation

See next page

8. BOOTP Reply Transmission

242
Only for individual use – not for distribute on Internet
9. BOOTP Reply Verified

10. BOOTP Data Storage

243
Only for individual use – not for distribute on Internet
9.3.5 DHCP IP address management
This page will explain the features and benefits of DHCP.
Dynamic host configuration protocol (DHCP) is the successor to BOOTP. Unlike BOOTP, DHCP allows a
host to obtain an IP address dynamically without the network administrator having to set up an individual
profile for each device. All that is required when using DHCP is a defined range of IP addresses on a DHCP
server. As hosts come online, they contact the DHCP server and request an address. The DHCP server chooses
an address and leases it to that host. With DHCP, the entire network configuration of a computer can be
obtained in one message. -1-, -2- This includes all of the data supplied by the BOOTP message, plus a leased IP
address and a subnet mask.
The major advantage that DHCP has over BOOTP is that it allows users to be mobile. This mobility allows the
users to freely change network connections from location to location. It is no longer required to keep a fixed
profile for every device attached to the network as was required with the BOOTP system. The importance to
this DHCP advancement is its ability to lease an IP address to a device and then reclaim that IP address for
another user after the first user releases it. This means that DHCP offers a one to many ratio of IP addresses
and that an address is available to anyone who connects to the network. A step-by-step description of the
process is shown in Figures -3- through -17-.
The Lab Activity will help students set up a network computer as a DHCP client.
1. DHCP Message Structure

2. DHCP Message Structure Field Description

244
Only for individual use – not for distribute on Internet
3. DHCP Host Boots

4. DHCP Message Structure Field Description

5. DHCP Request Transmited

245
Only for individual use – not for distribute on Internet
6. DHCP Request Evaluated

7. DHCP : DHCP Offer Prepared

246
Only for individual use – not for distribute on Internet
8. DHCP : DHCP Offer Transmited

9. DHCP : DHCP Offer Evaluated

247
Only for individual use – not for distribute on Internet
10. DHCP : DHCP Offer Transmited

11. DHCP : DHCP Offer Evaluated

248
Only for individual use – not for distribute on Internet
12. DHCP : DHCP Request Generated

13. DHCP : DHCP Request Transmited

249
Only for individual use – not for distribute on Internet
14. DHCP: DHCPACK Created

15. DHCP: DHCPACK Transmited

250
Only for individual use – not for distribute on Internet
16. DHCP: DHCPACK Evaluated

16. DHCP: DHCPACK Created

251
Only for individual use – not for distribute on Internet
9.3.6 Problems in address resolution
This page will discuss address resolution problems.
One of the major problems in networking is how to communicate with other network devices. -1- In TCP/IP
communications, a datagram on a local-area network must contain both a destination MAC address and a
destination IP address. These addresses must be correct and match the destination MAC and IP addresses of
the host device. If it does not match, the datagram will be discarded by the destination host. Communications
within a LAN segment require two addresses. There needs to be a way to automatically map IP to MAC
addresses. It would be too time consuming for the user to create the maps manually. The TCP/IP suite has a
protocol, called Address Resolution Protocol (ARP), which can automatically obtain MAC addresses for local
transmission. Different issues are raised when data is sent outside of the local area network. -2-
Communications between two LAN segments have an additional task. Both the IP and MAC addresses are
needed for both the destination host and the intermediate routing device. TCP/IP has a variation on ARP called
Proxy ARP that will provide the MAC address of an intermediate device for transmission outside the LAN to
another network segment.
1. LAN Transmission Address Resolution Issues

See next page

252
Only for individual use – not for distribute on Internet

2. Non-local Address Resolution Issues

9.3.7 Address Resolution Protocol (ARP)


This page provides an explanation of how ARP works.
With TCP/IP networking, a data packet must contain both a destination MAC address and a destination IP
address. If the packet is missing either one, the data will not pass from Layer 3 to the upper layers. In this way,
MAC addresses and IP addresses act as checks and balances for each other. After devices determine the IP
addresses of the destination devices, they can add the destination MAC addresses to the data packets.
253
Only for individual use – not for distribute on Internet
Some devices will keep tables that contain MAC addresses and IP addresses of other devices that are
connected to the same LAN. -1- These are called Address Resolution Protocol (ARP) tables. ARP tables are
stored in RAM memory, where the cached information is maintained automatically on each of the devices. It is
very unusual for a user to have to make an ARP table entry manually. Each device on a network maintains its
own ARP table. When a network device wants to send data across the network, it uses information provided by
the ARP table.
When a source determines the IP address for a destination, it then consults the ARP table in order to locate the
MAC address for the destination. If the source locates an entry in its table, destination IP address to destination
MAC address, it will associate the IP address to the MAC address and then uses it to encapsulate the data. The
data packet is then sent out over the networking media to be picked up by the destination device.
There are two ways that devices can gather MAC addresses that they need to add to the encapsulated data. One
way is to monitor the traffic that occurs on the local network segment. -2- All stations on an Ethernet network
will analyze all traffic to determine if the data is for them. Part of this process is to record the source IP and
MAC address of the datagram to an ARP table. So as data is transmitted on the network, the address pairs
populate the ARP table. Another way to get an address pair for data transmission is to broadcast an ARP
request. -3-, -4-
The computer that requires an IP and MAC address pair broadcasts an ARP request. All the other devices on
the local area network analyze this request. If one of the local devices matches the IP address of the request, it
sends back an ARP reply that contains its IP-MAC pair. If the IP address is for the local area network and the
computer does not exist or is turned off, there is no response to the ARP request. In this situation, the source
device reports an error. If the request is for a different IP network, there is another process that can be used.
Routers do not forward broadcast packets. If the feature is turned on, a router performs a proxy ARP. -5- Proxy
ARP is a variation of the ARP protocol. In this variation, a router sends an ARP response with the MAC
address of the interface on which the request was received, to the requesting host. The router responds with the
MAC addresses for those requests in which the IP address is not in the range of addresses of the local subnet.
Another method to send data to the address of a device that is on another network segment is to set up a default
gateway. -6- The default gateway is a host option where the IP address of the router interface is stored in the
network configuration of the host. The source host compares the destination IP address and its own IP address
to determine if the two IP addresses are located on the same segment. If the receiving host is not on the same
segment, the source host sends the data using the actual IP address of the destination and the MAC address of
the router. The MAC address for the router was learned from the ARP table by using the IP address of that
router.
If the default gateway on the host or the proxy ARP feature on the router is not configured, no traffic can leave
the local area network. One or the other is required to have a connection outside of the local area network.
The Lab Activity will introduce the arp -a command.
The Interactive Media Activity will help students understand the ARP process.

1. ARP Table Entry

254
Only for individual use – not for distribute on Internet
2. ARP Table Functions

See next page

255
Only for individual use – not for distribute on Internet

3. The ARP Proccess….IMPORTANT

256
Only for individual use – not for distribute on Internet
4. ARP Request

257
Only for individual use – not for distribute on Internet
5. Proxy ARP Request

258
Only for individual use – not for distribute on Internet
6. Default Gatwey

Summary
This page summarizes the topics discussed in this module.
The U.S. Department of Defense (DoD) TCP/IP reference model has four layers: the application layer,
transport layer, Internet layer, and the network access layer. The application layer handles high-level protocols,
issues of representation, encoding, and dialog control. The transport layer provides transport services from the
source host to the destination host. The purpose of the Internet layer is to select the best path through the
network for packet transmissions. The network access layer is concerned with the physical link to the network
media.
Although some layers of the TCP/IP reference model correspond to the seven layers of the OSI model, there
are differences. The TCP/IP model combines the presentation and session layer into its application layer. The
TCP/IP model combines the OSI data link and physical layers into its network access layer.

259
Only for individual use – not for distribute on Internet
Routers use the IP address to move data packets between networks. IP addresses are thirty-two bits long
according to the current version IPv4 and are divided into four octets of eight bits each. They operate at the
network layer, Layer 3, of the OSI model, which is the Internet layer of the TCP/IP model.
The IP address of a host is a logical address and can be changed. The Media Access Control (MAC) address of
the workstation is a 48-bit physical address. This address is usually burned into the network interface card
(NIC) and cannot change unless the NIC is replaced. TCP/IP communications within a LAN segment require
both a destination IP address and a destination MAC address for delivery. While IP address are unique and
routable throughout the Internet, when a packet arrives at the destination network there needs to be a way to
automatically map the IP address to a MAC address. The TCP/IP suite has a protocol, called Address
Resolution Protocol (ARP), which can automatically obtain MAC addresses for local transmission. A variation
on ARP called Proxy ARP will provide the MAC address of an intermediate device for transmission to another
network segment.
There are five classes of IP addresses, A through E. Only the first three classes are used commercially.
Depending on the class, the network and host part of the address will use a different number of bits. The Class
D address is used for multicast groups. Class E addresses are reserved for research use only.
An IP address that has binary zeros in all host bit positions is used to identify the network itself. An address in
which all of the host bits are set to one is the broadcast address and is used for broadcasting packets to all the
devices on a network.
Public IP addresses are unique. No two machines that connect to a public network can have the same IP
address because public IP addresses are global and standardized. Private networks that are not connected to the
Internet may use any host addresses, as long as each host within the private network is unique. Three blocks of
IP addresses are reserved for private, internal use. These three blocks consist of one Class A, a range of Class
B addresses, and a range of Class C addresses. Addresses that fall within these ranges are discarded by routers
and not routed on the Internet backbone.
Subnetting is another means of dividing and identifying separate networks throughout the LAN. Subnetting a
network means to use the subnet mask to divide the network and break a large network up into smaller, more
efficient and manageable segments, or subnets. Subnet addresses include the network portion, plus a subnet
field and a host field. The subnet field and the host field are created from the original host portion for the entire
network.
A more extendible and scalable version of IP, IP Version 6 (IPv6), has been defined and developed. IPv6 uses
128 bits rather than the 32 bits currently used in IPv4. IPv6 uses hexadecimal numbers to represent the 128
bits. IPv6 is being implemented in select networks and may eventually replace IPv4 as the dominant Internet
protocol.
IP addresses are assigned to hosts in the following ways:
 Statically – manually, by a network administrator
 Dynamically – automatically, using reverse address resolution protocol, bootstrap protocol (BOOTP),
or Dynamic Host Configuration Protocol (DHCP)

260
Only for individual use – not for distribute on Internet
9.3.8 CSMA/CD
carrier sense multiple access collision detect
Media-access mechanism where in devices ready to transmit data first check the channel for a carrier. If no
carrier is sensed for a specific period of time, a device can transmit. If two devices transmit at once, a collision
occurs and is detected by all colliding devices. This collision subsequently delays retransmissions from those
devices for some random length of time. CSMA/CD access is used by Ethernet and IEEE 802.3.

10 CISCO MODUL 10

Overview
Internet Protocol (IP) is the main routed protocol of the Internet. IP addresses are used to route packets from a
source to a destination through the best available path. The propagation of packets, encapsulation changes, and
connection-oriented and connectionless protocols are also critical to ensure that data is properly transmitted to
its destination. This module will provide an overview for each.
The difference between routing and routed protocols is a common source of confusion. The two words sound
similar but are quite different. Routers use routing protocols to build tables that are used to determine the best
path to a host on the Internet.
Not all organizations can fit into the three class system of A, B, and C addresses. Flexibility exists within the
class system through subnets. Subnets allow network administrators to determine the size of the network they
will work with. After they decide how to segment their networks, they can use subnet masks to determine the
location of each device on a network.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -2-, -3-, -4-.
Students who complete this module should be able to perform the following tasks: -1-
 Describe routed protocols
 List the steps of data encapsulation in an internetwork as data is routed to Layer 3 devices
 Describe connectionless and connection-oriented delivery
 Name the IP packet fields
 Describe how data is routed
 Compare and contrast different types of routing protocols
 List and describe several metrics used by routing protocols
 List several uses for subnetting
 Determine the subnet mask for a given situation
 Use a subnet mask to determine the subnet ID

1.

261
Only for individual use – not for distribute on Internet

2.

3.

4.

262
Only for individual use – not for distribute on Internet
10.1 Routed Protocol
10.1.1 Routable and routed protocols
This page will define routed and routable protocols.
A protocol is a set of rules that determines how computers communicate with each other across networks.
Computers exchange data messages to communicate with each other. To accept and act on these messages,
computers must have sets of rules that determine how a message is interpreted. Examples include messages
used to establish a connection to a remote machine, e-mail messages, and files transferred over a network.
A protocol describes the following:
 The required format of a message
 The way that computers must exchange messages for specific activities
A routed protocol allows the router to forward data between nodes on different networks. -1- A routable
protocol must provide the ability to assign a network number and a host number to each device. Some
protocols, such as IPX, require only a network number. These protocols use the MAC address of the host
for the host number. Other protocols, such as IP, require an address with a network portion and a host
portion. These protocols also require a network mask to differentiate the two numbers. The network address is
obtained by ANDing the address with the network mask.
The reason that a network mask is used is to allow groups of sequential IP addresses to be treated as a single
unit. -2- If this grouping were not allowed, each host would have to be mapped individually for routing. This
would be impossible, because according to the Internet Software Consortium there are approximately
250,000,000 hosts on the Internet.

1. IP Address

263
Only for individual use – not for distribute on Internet
2. IP Address Grouping

Host Address Network Address


192.168.10.1
192.168.10.2
192.168.10.3
192.168.10.4
192.168.10.5
….. 192.168.10.0
……
….
192.168.10.252
192.168.10.253
192.168.10.254

10.1.2 IP as a routed protocol

This page describes the features and functions of IP.


IP is the most widely used implementation of a hierarchical network-addressing scheme. IP is a
connectionless, unreliable, best-effort delivery protocol. The term connectionless means that no dedicated
circuit connection is established prior to transmission. IP determines the most efficient route for data based on
the routing protocol. The terms unreliable and best-effort do not imply that the system is unreliable and does
not work well. They indicate that IP does not verify that data sent on the network reaches its destination. If
required, verification is handled by upper layer protocols. -1-
As information flows down the layers of the OSI model, the data is processed at each layer. -2- At the network
layer, the data is encapsulated into packets. These packets are also known as datagrams. -3-
IP determines the contents of the IP packet header, which includes address information. However, it is
not concerned with the actual data. IP accepts whatever data is passed down to it from the upper layers.
1. Routed Protocols

264
Only for individual use – not for distribute on Internet
2. Data Encapsulation

3. IP Packet Header

10.1.3 Packet propagation and switching within a router


This page will explain the process that occurs as a packet moves through a network.
As a packet travels through an internetwork to its final destination, the Layer 2 frame headers and trailers are
removed and replaced at every Layer 3 device. -1-This is because Layer 2 data units, or frames, are for
local addressing. Layer 3 data units, or packets, are for end-to-end addressing. -2-
Layer 2 Ethernet frames are designed to operate within a broadcast domain with the MAC address that
is burned into the physical device. Other Layer 2 frame types include PPP serial links and Frame Relay
connections, which use different Layer 2 addressing schemes. Regardless of the type of Layer 2 addressing
used, frames are designed to operate within a Layer 2 broadcast domain. When the data is sent to a Layer 3
device the Layer 2 information changes.
As a frame is received at a router interface, the destination MAC address is extracted. The address is checked
to see if the frame is directly addressed to the router interface, or if it is a broadcast. In either situation, the
frame is accepted. Otherwise, the frame is discarded since it is destined for another device on the collision
domain.
The CRC information is extracted from the frame trailer of an accepted frame. The CRC is calculated to verify
that the frame data is without error.
If the check fails, the frame is discarded. If the check is valid, the frame header and trailer are removed
and the packet is passed up to Layer 3. The packet is then checked to see if it is actually destined for the
router, or if it is to be routed to another device in the internetwork. If the destination IP address matches one of
the router ports, the Layer 3 header is removed and the data is passed up to the Layer 4. If the packet is to be
routed, the destination IP address will be compared to the routing table. If a match is found or there is a
default route, the packet will be sent to the interface specified in the matched routing table statement. When the
packet is switched to the outgoing interface, a new CRC value is added as a frame trailer, and the proper frame
header is added to the packet. The frame is then transmitted to the next broadcast domain on its trip to the final
destination.

265
Only for individual use – not for distribute on Internet
1. Network Layer Devices in Data Flow

2. Router Protocol Stripping

266
Only for individual use – not for distribute on Internet

10.1.4 Connectionless and connection-oriented delivery


This page will introduce two types of delivery systems, which are connectionless and connection-oriented.
These two services provide the actual end-to-end delivery of data in an internetwork.
Most network services use a connectionless delivery system. -1- Different packets may take different paths to
get through the network. The packets are reassembled after they arrive at the destination. In a connectionless
system, the destination is not contacted before a packet is sent. A good comparison for a connectionless system
is a postal system. The recipient is not contacted to see if they will accept the letter before it is sent. Also, the
sender does not know if the letter arrived at the destination.
In connection-oriented systems, a connection is established between the sender and the recipient before any
data is transferred. -2- An example of a connection-oriented network is the telephone system. The caller places
the call, a connection is established, and then communication occurs.
Connectionless network processes are often referred to as packet-switched processes. As the packets pass from
source to destination, packets can switch to different paths, and possibly arrive out of order. Each packet
contains the instructions, such as destination address and order in a message, that coordinate its arrival with
other associated packets. Packets are reassembled into the proper sequence at the destination. Devices make the
path determination for each packet based on a variety of criteria. Some of the criteria, such as available
bandwidth, may differ from packet to packet.
Connection-oriented network processes are often referred to as circuit-switched processes. A dedicated
connection between the originator and the recipient is first established, and then data transfer begins. All
packets travel sequentially across the same physical or virtual circuit in one continuous stream.
The Internet is a gigantic, connectionless network in which the majority of packet deliveries are handled
by IP. TCP adds Layer 4 connection-oriented reliability services to connectionless IP communications.

267
Only for individual use – not for distribute on Internet
1. Connectionless Network Services

10.1.5 Anatomy of an IP packet


IP packets consist of the data from upper layers plus an IP header. This page will discuss the information
contained in the IP header: -1-
 Version – Specifies the format of the IP packet header. The 4-bit version field contains the number 4 if
it is an IPv4 packet and 6 if it is an IPv6 packet. However, this field is not used to distinguish between
IPv4 and IPv6 packets. The protocol type field present in the Layer 2 envelope is used for that.
 IP header length (HLEN) – Indicates the datagram header length in 32-bit words. This is the total
length of all header information and includes the two variable-length header fields.
 Type of service (ToS) – 8 bits that specify the level of importance that has been assigned by a
particular upper-layer protocol.
 Total length – 16 bits that specify the length of the entire packet in bytes. This includes the data and
header. To get the length of the data payload subtract the HLEN from the total length.
 Identification – 16 bits that identify the current datagram. This is the sequence number.
 Flags – A 3-bit field in which the two low-order bits control fragmentation. One bit specifies if the
packet can be fragmented and the other indicates if the packet is the last fragment in a series of
fragmented packets.
 Fragment offset – 13 bits that are used to help piece together datagram fragments. This field allows the
previous field to end on a 16-bit boundary.
 Time to Live (TTL) – A field that specifies the number of hops a packet may travel. This number is
decreased by one as the packet travels through a router. When the counter reaches zero the packet is
discarded. This prevents packets from looping endlessly.
 Protocol – 8 bits that indicate which upper-layer protocol such as TCP or UDP receives incoming
packets after the IP processes have been completed.
 Header checksum – 16 bits that help ensure IP header integrity.
 Source address – 32 bits that specify the IP address of the node from which the packet was sent.
 Destination address – 32 bits that specify the IP address of the node to which the data is sent.
 Options – Allows IP to support various options such as security. The length of this field varies.
 Padding – Extra zeros are added to this field to ensure that the IP header is always a multiple of 32
bits.
 Data – Contains upper-layer information and has a variable length of up to 64 bits.
While the IP source and destination addresses are important, the other header fields have made IP very flexible.
The header fields list the source and destination address information of the packet and often indicate the length
268
Only for individual use – not for distribute on Internet
of the message data. The information for routing the message is also contained in IP headers, which can get
long and complex

1. Network Layer Field

10.2 IP Routing Protocols


10.2.1 Routing overview
This page will discuss routing and the two main functions of a router.
Routing is an OSI Layer 3 function. -1- Routing is a hierarchical organizational scheme that allows
individual addresses to be grouped together. These individual addresses are treated as a single unit until the
destination address is needed for final delivery of the data. -2- Routing finds the most efficient path from one
device to another. The primary device that performs the routing process is the router.
The following are the two key functions of a router:
 Routers must maintain routing tables and make sure other routers know of changes in the network
topology. They use routing protocols to communicate network information with other routers.
 When packets arrive at an interface, the router must use the routing table to determine where to send
them. The router switches the packets to the appropriate interface, adds the frame information for the
interface, and then transmits the frame.
A router is a network layer device that uses one or more routing metrics to determine the optimal path along
which network traffic should be forwarded. Routing metrics are values that are used to determine the
advantage of one route over another. -3- Routing protocols use various combinations of metrics to determine
the best path for data.
Routers interconnect network segments or entire networks. Routers pass data frames between networks based
on Layer 3 information. Routers make logical decisions about the best path for the delivery of data.
Routers then direct packets to the appropriate output port to be encapsulated for transmission. -4- Stages of the
encapsulation and de-encapsulation process occur each time a packet transfers through a router. The router
must de-encapsulate the Layer 2 data frame to access and examine the Layer 3 address. As shown in
Figure -5- , the complete process of sending data from one device to another involves encapsulation and de-
encapsulation on all seven OSI layers. The encapsulation process breaks up the data stream into segments, adds
the appropriate headers and trailers, and then transmits the data. The de-encapsulation process removes the
headers and trailers and then recombines the data into a seamless stream.
This course focuses on the most common routable protocol, which is IP. Other examples of routable protocols
include IPX/SPX and AppleTalk. These protocols provide Layer 3 support. Non-routable protocols do not
provide Layer 3 support. The most common non-routable protocol is NetBEUI. NetBEUI is a small, fast, and
efficient protocol that is limited to frame delivery within one segment.

269
Only for individual use – not for distribute on Internet
1. The Network Layer

2. Routing

3. Routing Metrics

270
Only for individual use – not for distribute on Internet
4. Data Encapsulation

10.2.2 Routing versus switching


This page will compare and contrast routing and switching. -1- Routers and switches may seem to perform the
same function. The primary difference is that switches operate at Layer 2 of the OSI model and routers
operate at Layer 3. This distinction indicates that routers and switches use different information to send data
from a source to a destination.
The relationship between switching and routing can be compared to local and long-distance telephone calls.
When a telephone call is made to a number within the same area code, a local switch handles the call. The local
switch can only keep track of its local numbers. The local switch cannot handle all the telephone numbers in
the world. When the switch receives a request for a call outside of its area code, it switches the call to a higher-
level switch that recognizes area codes. The higher-level switch then switches the call so that it eventually gets
to the local switch for the area code dialed. -2-
The router performs a function similar to that of the higher-level switch in the telephone example. Figure -3-
shows the ARP tables for Layer 2 MAC addresses and routing tables for Layer 3 IP addresses. Each
computer and router interface maintains an ARP table for Layer 2 communication. The ARP table is only
effective for the broadcast domain to which it is connected. The router also maintains a routing table that
allows it to route data outside of the broadcast domain. Each ARP table entry contains an IP-MAC address
pair.
The Layer 2 switch builds its forwarding table using MAC addresses. When a host has data for a non-local
IP address, it sends the frame to the closest router. This router is also known as its default gateway. The host
uses the MAC address of the router as the destination MAC address.
A switch interconnects segments that belong to the same logical network or subnetwork. -2- For non-local
hosts, the switch forwards the frame to the router based on the destination MAC address. The router examines
the Layer 3 destination address of the packet to make the forwarding decision. Host X knows the IP address of
the router because the IP configuration of the host contains the IP address of the default gateway.
Just as a switch keeps a table of known MAC addresses, the router keeps a table of IP addresses known as
a routing table. -3- MAC addresses are not logically organized. IP addresses are organized in a hierarchy. A
switch can handle a limited number of unorganized MAC addresses since it only has to search its table for
addresses within its segment. Routers require an organized address system that can group similar addresses
together and treat them as a single network unit until the data reaches the destination segment.
If IP addresses were not organized, the Internet would not work. This could be compared to a library that
contained millions of individual pages of printed material in a large pile. This material is useless because it is
impossible to locate an individual document. If the pages are identified and organized into books and each
book is listed in a book index, it will be a lot easier to locate and use the data.
Another difference between switched and routed networks is switched networks do not block
broadcasts. -4- As a result, switches can be overwhelmed by broadcast storms. Routers block LAN broadcasts,

271
Only for individual use – not for distribute on Internet
so a broadcast storm only affects the broadcast domain from which it originated. Since routers block
broadcasts, they also provide a higher level of security and bandwidth control than switches.
1. The Network Layer

2. Layer 2 Switching and Layer 3 Routing

3. ARP Tables and Routing Tables

See next page

272
Only for individual use – not for distribute on Internet

4. Router and Switch Feature Comparison

10.2.3 Routed versus routing


This page explains the differences between routing protocols and routed protocols.
Routed or routable protocols are used at the network layer to transfer data from one host to another across a
router. Routed protocols transport data across a network. Routing protocols allow routers to choose the
best path for data from a source to a destination.
Some functions of a routed protocol are as follows: -1-
 Includes any network protocol suite that provides enough information in its network layer address to
allow a router to forward it to the next device and ultimately to its destination
 Defines the format and use of the fields within a packet
The Internet Protocol (IP) and Novell Internetwork Packet Exchange (IPX) are examples of routed protocols.
Other examples include DECnet, AppleTalk, Banyan VINES, and Xerox Network Systems (XNS).
Routers use routing protocols to exchange routing tables and share routing information. In other words, routing
protocols enable routers to route routed protocols.
Some functions of a routing protocol are as follows: -2-
 Provides processes used to share route information
 Allows routers to communicate with other routers to update and maintain the routing tables
Examples of routing protocols that support the IP routed protocol include RIP, IGRP, OSPF, BGP, and
EIGRP.

273
Only for individual use – not for distribute on Internet
1. Routed Protocol

2. Routing Protocol

274
Only for individual use – not for distribute on Internet
10.2.4 Path determination
This page will explain how path determination occurs.
Path determination occurs at the network layer. -1- A router uses path determination to compare a
destination address to the available routes in its routing table and select the best path. The routers learn of
these available routes through static routing or dynamic routing. Routes configured manually by the
network administrator are static routes. Routes learned by others routers using a routing protocol are dynamic
routes.
The router uses path determination to decide which port to send a packet out of to reach its destination.
-2- This process is also referred to as routing the packet. Each router that the packet encounters along the way
is called a hop. The hop count is the distanced traveled. Path determination can be compared to a person who
drives from one location in a city to another. The driver has a map that shows which streets lead to the
destination, just as a router has a routing table. The driver travels from one intersection to another just as a
packet travels from one router to another in each hop. At any intersection, the driver can choose to turn left,
turn right, or go straight ahead. This is similar to how a router chooses the outbound port through which a
packet is sent.
The decisions of a driver are influenced by factors such as traffic, the speed limit, the number of lanes, tolls,
and whether or not a road is frequently closed. Sometimes it is faster to take a longer route on a smaller, less
crowded back street instead of a highway with a lot of traffic. Similarly, routers can make decisions based on
the load, bandwidth, delay, cost, and reliability of a network link.
The following process is used to determine the path for every packet that is routed: -3-
 The router compares the IP address of the packet that it received to the IP tables that it has.
 The destination address is obtained from the packet.
 The mask of the first entry in the routing table is applied to the destination address.
 The masked destination and the routing table entry are compared.
 If there is a match, the packet is forwarded to the port that is associated with that table entry.
 If there is not a match, the next entry in the table is checked.
 If the packet does not match any entries in the table, the router checks to see if a default route has been
set.
 If a default route has been set, the packet is forwarded to the associated port. A default route is a route
that is configured by the network administrator as the route to use if there are no matches in the routing
table.
 If there is no default route, the packet is discarded. A message is often sent back to the device that sent
the data to indicate that the destination was unreachable.

1. Path Determination

275
Only for individual use – not for distribute on Internet
3. The Routing Process

10.2.5 Routing tables


This page will describe the functions of a routing table.
Routers use routing protocols to build and maintain routing tables that contain route information. This
aids in the process of path determination. Routing protocols fill routing tables with a variety of route
information. This information varies based on the routing protocol used. Routing tables contain the information
necessary to forward data packets across connected networks. Layer 3 devices interconnect broadcast
domains or LANs. A hierarchical address scheme is required for data transfers. -1-
Routers keep track of the following information in their routing tables:
 Protocol type – Identifies the type of routing protocol that created each entry.
 Next-hop associations – Tell a router that a destination is either directly connected to the router or that
it can be reached through another router called the next-hop on the way to the destination. When a
router receives a packet, it checks the destination address and attempts to match this address with a
routing table entry.
 Routing metric – Different routing protocols use different routing metrics. Routing metrics are used to
determine the desirability of a route. For example, RIP uses hop count as its only routing metric. IGRP
uses bandwidth, load, delay, and reliability metrics to create a composite metric value.
 Outbound interfaces – The interface that the data must be sent out of to reach the final destination.
Routers communicate with one another to maintain their routing tables through the transmission of routing
update messages. Some routing protocols transmit update messages periodically. Other protocols send them
only when there are changes in the network topology. Some protocols transmit the entire routing table in each
update message and some transmit only routes that have changed. Routers analyze the routing updates from
directly-connected routers to build and maintain their routing tables.

276
Only for individual use – not for distribute on Internet
1. Routing Tables

10.2.6 Routing algorithms and metrics


This page will define algorithms and metrics as they relate to routers.
An algorithm is a detailed solution to a problem. Different routing protocols use different algorithms to choose
the port to which a packet should be sent. Routing algorithms depend on metrics to make these decisions.
Routing protocols often have one or more of the following design goals:
 Optimization – This is the capability of a routing algorithm to select the best route. The route will
depend on the metrics and metric weights used in the calculation. For example, one algorithm may use
both hop count and delay metrics, but may consider delay metrics as more important in the calculation.
 Simplicity and low overhead – The simpler the algorithm, the more efficiently it will be processed by
the CPU and memory in the router. This is important so that the network can scale to large proportions,
such as the Internet.
 Robustness and stability – A routing algorithm should perform correctly when confronted by unusual
or unforeseen circumstances, such as hardware failures, high load conditions, and implementation
errors.
 Flexibility – A routing algorithm should quickly adapt to a variety of network changes. These changes
include router availability, router memory, changes in bandwidth, and network delay.
 Rapid convergence – Convergence is the process of agreement by all routers on available routes.
When a network event causes changes in router availability, updates are needed to reestablish network
connectivity. Routing algorithms that converge slowly can cause data to be undeliverable.
Routing algorithms use different metrics to determine the best route. -1- Each routing algorithm interprets
what is best in its own way. A routing algorithm generates a number called a metric value for each path
through a network. Sophisticated routing algorithms base route selection on multiple metrics that are combined
in a composite metric value. Typically, smaller metric values indicate preferred paths.
Metrics can be based on a single characteristic of a path, or can be calculated based on several
characteristics.
The following metrics are most commonly used by routing protocols:
 Bandwidth – Bandwidth is the data capacity of a link. Normally, a 10-Mbps Ethernet link is preferable
to a 64-kbps leased line.
 Delay – Delay is the length of time required to move a packet along each link from a source to a
destination. Delay depends on the bandwidth of intermediate links, the amount of data that can be
temporarily stored at each router, network congestion, and physical distance.
 Load – Load is the amount of activity on a network resource such as a router or a link.

277
Only for individual use – not for distribute on Internet
 Reliability – Reliability is usually a reference to the error rate of each network link.
 Hop count – Hop count is the number of routers that a packet must travel through before reaching its
destination. Each router is equal to one hop. A hop count of four indicates that data would have to pass
through four routers to reach its destination. If multiple paths are available to a destination, the path
with the least number of hops is preferred.
 Ticks – The delay on a data link using IBM PC clock ticks. One tick is approximately 1/18 second.
 Cost – Cost is an arbitrary value, usually based on bandwidth, monetary expense, or other
measurement, that is assigned by a network administrator.
1. Routing Algorithms and Metrics

10.2.7 IGP and EGP


This page will introduce two types of routing protocols.
An autonomous system is a network or set of networks under common administrative control, such as the
cisco.com domain. An autonomous system consists of routers that present a consistent view of routing to the
external world.
Two families of routing protocols are Interior Gateway Protocols (IGPs) and Exterior Gateway Protocols
(EGPs). -1-
IGPs route data within an autonomous system:
 RIP and RIPv2
 IGRP
 EIGRP
 OSPF
 Intermediate System-to-Intermediate System (IS-IS) protocol
EGPs route data between autonomous systems. An example of an EGP is BGP.

1. Interior and Exterior Gatway Protocols

278
Only for individual use – not for distribute on Internet
10.2.8 Link state and distance vector
Routing protocols can be classified as either IGPs or EGPs. Which type is used depends on whether a group
of routers is under a single administration or not. IGPs can be further categorized as either distance-vector or
link-state protocols. -1- This page describes distance-vector and link-state routing and explains when each type
of routing protocol is used.
The distance-vector routing approach determines the distance and direction, vector, to any link in the
internetwork. The distance may be the hop count to the link. Routers using distance-vector algorithms send
all or part of their routing table entries to adjacent routers on a periodic basis. This happens even if there
are no changes in the network. By receiving a routing update, a router can verify all the known routes and
make changes to its routing table. This process is also known as ―routing by rumor‖. The understanding that a
router has of the network is based upon the perspective of the adjacent router of the network topology.
Examples of distance-vector protocols include the following:
 Routing Information Protocol (RIP) – The most common IGP in the Internet, RIP uses hop count as
its only routing metric.
 Interior Gateway Routing Protocol (IGRP) – This IGP was developed by Cisco to address issues
associated with routing in large, heterogeneous networks.
 Enhanced IGRP (EIGRP) – This Cisco-proprietary IGP includes many of the features of a link-state
routing protocol. Because of this, it has been called a balanced-hybrid protocol, but it is really an
advanced distance-vector routing protocol.
Link-state routing protocols were designed to overcome limitations of distance vector routing protocols. Link-
state routing protocols respond quickly to network changes sending trigger updates only when a network
change has occurred. Link-state routing protocols send periodic updates, known as link-state refreshes, at
longer time intervals, such as every 30 minutes.
When a route or link changes, the device that detected the change creates a link-state advertisement (LSA)
concerning that link. The LSA is then transmitted to all neighboring devices. Each routing device takes a copy
of the LSA, updates its link-state database, and forwards the LSA to all neighboring devices. This flooding of
LSAs is required to ensure that all routing devices create databases that accurately reflect the network topology
before updating their routing tables.
Link-state algorithms typically use their databases to create routing table entries that prefer the shortest path.
Examples of link-state protocols include Open Shortest Path First (OSPF) and Intermediate System-to-
Intermediate System (IS-IS).

10.2.9 Routing protocols


This page will describe different types of router protocols.
RIP is a distance vector routing protocol that uses hop count as its metric to determine the direction and
distance to any link in the internetwork. If there are multiple paths to a destination, RIP selects the path with
the least number of hops. However, because hop count is the only routing metric used by RIP, it does not
always select the fastest path to a destination. Also, RIP cannot route a packet beyond 15 hops. RIP Version
1 (RIPv1) requires that all devices in the network use the same subnet mask, because it does not include subnet
mask information in routing updates. This is also known as classful routing.
RIP Version 2 (RIPv2) provides prefix routing, and does send subnet mask information in routing updates.
This is also known as classless routing. With classless routing protocols, different subnets within the same
network can have different subnet masks. The use of different subnet masks within the same network is
referred to as variable-length subnet masking (VLSM).
IGRP is a distance-vector routing protocol developed by Cisco. IGRP was developed specifically to address
problems associated with routing in large networks that were beyond the range of protocols such as RIP. IGRP
can select the fastest available path based on delay, bandwidth, load, and reliability. IGRP also has a much
higher maximum hop count limit than RIP. IGRP uses only classful routing.

279
Only for individual use – not for distribute on Internet
OSPF is a link-state routing protocol developed by the Internet Engineering Task Force (IETF) in 1988. OSPF
was written to address the needs of large, scalable internetworks that RIP could not.
Intermediate System-to-Intermediate System (IS-IS) is a link-state routing protocol used for routed protocols
other than IP. Integrated IS-IS is an expanded implementation of IS-IS that supports multiple routed protocols
including IP.
Like IGRP, EIGRP is a proprietary Cisco protocol. EIGRP is an advanced version of IGRP. Specifically,
EIGRP provides superior operating efficiency such as fast convergence and low overhead bandwidth. EIGRP
is an advanced distance-vector protocol that also uses some link-state protocol functions. Therefore, EIGRP
is sometimes categorized as a hybrid routing protocol.
Border Gateway Protocol (BGP) is an example of an External Gateway Protocol (EGP). BGP exchanges
routing information between autonomous systems while guaranteeing loop-free path selection. BGP is
the principal route advertising protocol used by major companies and ISPs on the Internet. BGP4 is the first
version of BGP that supports classless interdomain routing (CIDR) and route aggregation. Unlike common
Internal Gateway Protocols (IGPs), such as RIP, OSPF, and EIGRP, BGP does not use metrics like hop count,
bandwidth, or delay. Instead, BGP makes routing decisions based on network policies, or rules using various
BGP path attributes.

10.3 The Mechanics of Subnetting


10.3.1 Classes of network IP addresses
This page will review the classes of IP addresses.
The combined classes of IP addresses offer a range from 256 to 16.8 million hosts.
To efficiently manage a limited supply of IP addresses, all classes can be subdivided into smaller subnetworks.
Figure -1- provides an overview of the division between networks and hosts.

1. IP Address Bit Patterns

10.3.2 Introduction to and reason for subnetting


This page will describe how subnetting works and why it is important.
To create the subnetwork structure, host bits must be reassigned as network bits. This is often referred to
as ‗borrowing’ bits. However, a more accurate term would be ‗lending’ bits. The starting point for this
process is always the leftmost host bit, the one closest to the last network octet.

280
Only for individual use – not for distribute on Internet
Subnet addresses include the Class A, Class B, and Class C network portion, plus a subnet field and a host
field. The subnet field and the host field are created from the original host portion of the major IP address. This
is done by re-assigning bits from the host portion to the original network portion of the address. -1- 3- The
ability to divide the original host portion of the address into the new subnet and host fields provides
addressing flexibility for the network administrator.
In addition to the need for manageability, subnetting enables the network administrator to provide broadcast
containment and low-level security on the LAN. Subnetting provides some security since access to other
subnets is only available through the services of a router. Further, access security may be provided through the
use of access lists. These lists can permit or deny access to a subnet, based on a variety of criteria, thereby
providing more security. Access lists will be studied later in the curriculum. Some owners of Class A and B
networks have also discovered that subnetting creates a revenue source for the organization through the leasing
or sale of previously unused IP addresses.
Subnetting is an internal function of a network. From the outside, a LAN is seen as a single network with no
details of the internal network structure. This view of the network keeps the routing tables small and efficient.
Given a local node address of 147.10.43.14 on subnet 147.10.43.0, the world outside the LAN sees only the
advertised major network number of 147.10.0.0. The reason for this is that the local subnet address of
147.10.43.0 is only valid within the LAN where subnetting is applied.

1. Subdividing the Host Octets of a Class C Address

2. Subdividing the Host Octets of a Class B Address

3. Subdividing the Host Octets of a Class A Address

10.3.3 Establishing the subnet mask address


This page provides detailed information about subnet masks and how they are established on a network.
Selecting the number of bits to use in the subnet process will depend on the maximum number of hosts
required per subnet. An understanding of basic binary math and the position value of the bits in each octet is
necessary when calculating the number of subnetworks and hosts created when bits were borrowed. -1-
The last two bits in the last octet, regardless of the IP address class, may never be assigned to the
subnetwork. These bits are referred to as the last two significant bits. Use of all the available bits to create
subnets, except these last two, will result in subnets with only two usable hosts. This is a practical address
281
Only for individual use – not for distribute on Internet
conservation method for addressing serial router links. However, for a working LAN this would result in
prohibitive equipment costs.
The subnet mask gives the router the information required to determine in which network and subnet a
particular host resides. -2- The subnet mask is created by using binary ones in the network bit positions. The
subnet bits are determined by adding the position value of the bits that were borrowed. If three bits were
borrowed, the mask for a Class C address would be 255.255.255.224. -3- This mask may also be
represented, in the slash format, as /27. The number following the slash is the total number of bits that were
used for the network and subnetwork portion.
To determine the number of bits to be used, the network designer needs to calculate how many hosts the largest
subnetwork requires and the number of subnetworks needed. As an example, the network requires six
subnetworks of 25 hosts each. A shortcut to determine how many bits to reassign is by using the subnetting
chart. -4- By consulting the row titled ‖Usable Subnets‖, the chart indicates that for six usable subnets three
additional bits are required in the subnet mask. The chart also shows that this creates 30 usable hosts per
subnet, which will satisfy the requirements of this scheme. The difference between usable hosts and total
hosts is a result of using the first available address as the ID and the last available address as the broadcast for
each subnetwork. Borrowing the appropriate number of bits to accommodate required subnetworks and hosts
per subnetwork can be a balancing act and may result in unused host addresses in multiple subnetworks. The
ability to use these addresses is not provided with classful routing. However, classless routing, which will be
covered later in the course can recover many of these lost addresses.
The method that was used to create the subnet chart can be used to solve all subnetting problems. This
method uses the following formula:
Number of usable subnets = two to the power of the assigned subnet bits or borrowed bits, minus two. The
minus two is for the reserved addresses of network ID and network broadcast.
power of borrowed bits
2 - 2 = usable subnets
23-2=6
Number of usable hosts = two to the power of the bits remaining, minus two (reserved addresses for subnet id
and subnet broadcast).
power of remaining host bits
2 - 2 = usable hosts
2 5 - 2 = 30
1. Subneting Chart ( Bit Position and Value )

2. Subneting Chart ( Subnet Mask Identifier )

282
Only for individual use – not for distribute on Internet
3. Subneting

4. Subneting Chart

10.3.4 Applying the subnet mask


This page will teach students how to apply a subnet mask.
Once the subnet mask has been established it then can be used to create the subnet scheme. The chart in
Figure -1- is an example of the subnets and addresses created by assigning three bits to the subnet field.
This will create eight subnets with 32 hosts per subnet. Start with zero (0) when numbering subnets. The first
subnet is always referenced as the zero subnet.
When filling in the subnet chart three of the fields are automatic, others require some calculation. The
subnetwork ID of subnet zero is the same as the major network number, in this case 192.168.10.0. The
broadcast ID for the whole network is the largest number possible, in this case 192.168.10.255. The third
number that is given is the subnetwork ID for subnet number seven. This number is the three network
octets with the subnet mask number inserted in the fourth octet position. Three bits were assigned to the subnet
field with a cumulative value of 224. -2- The ID for subnet seven is 192.168.10.224. By inserting these
numbers, checkpoints have been established that will verify the accuracy when the chart is completed.
When consulting the subnetting chart or using the formula, the three bits assigned to the subnet field will result
in 32 total hosts assigned to each subnet. -2- This information provides the step count for each subnetwork ID.
Adding 32 to each preceding number, starting with subnet zero, the ID for each subnet is established. -1- Notice
that the subnet ID has all binary 0s in the host portion.
The broadcast field is the last number in each subnetwork, and has all binary ones in the host portion. This
address has the ability to broadcast only to the members of a single subnet. -1- Since the subnetwork ID for
subnet zero is 192.168.10.0 and there are 32 total hosts the broadcast ID would be 192.168.10.31. Starting at
zero the 32nd sequential number is 31. It is important to remember that zero (0) is a real number in the world
of networking.
The balance of the broadcast ID column can be filled in using the same process that was used in the
subnetwork ID column. Simply add 32 to the preceding broadcast ID of the subnet. Another option is to
start at the bottom of this column and work up to the top by subtracting one from the preceding subnetwork ID.

283
Only for individual use – not for distribute on Internet
1. Subnet Scheme

2. Subneting Chart

10.3.5 Subnetting Class A and B networks


This page will describe the process used to subnet Class A, B, and C networks.
The Class A and B subnetting procedure is identical to the process for Class C, except there may be
significantly more bits involved. The available bits for assignment to the subnet field in a Class A address is
22 bits while a Class B address has 14 bits. -1-, -2-
Assigning 12 bits of a Class B address to the subnet field creates a subnet mask of 255.255.255.240 or /28. All
eight bits were assigned in the third octet resulting in 255, the total value of all eight bits. Four bits were
assigned in the fourth octet resulting in 240. Recall that the slash mask is the sum total of all bits assigned to
the subnet field plus the fixed network bits. -3-
Assigning 20 bits of a Class A address to the subnet field creates a subnet mask of 255.255.255.240 or /28. All
eight bits of the second and third octets were assigned to the subnet field and four bits from the fourth octet.
In this situation, it is apparent that the subnet mask for the Class A and Class B addresses appear identical.
Unless the mask is related to a network address it is not possible to decipher how many bits were assigned to
the subnet field.
Whichever class of address needs to be subnetted, the following rules are the same:
Total subnets = 2 to the power of the bits borrowed
Total hosts = 2 to the power of the bits remaining
Usable subnets = 2 to the power of the bits borrowed minus 2
Usable hosts = 2 to the power of the bits remaining minus 2
284
Only for individual use – not for distribute on Internet
1. Subdividing the Host Octets off a Class B Network

2. Subdividing the Host Octets off a Class A Network

3. Subneting

4. Class A and B Host

285
Only for individual use – not for distribute on Internet
10.3.6 Calculating the resident subnetwork through ANDing
This page will explain the concept of ANDing.
Routers use subnet masks to determine the home subnetwork for individual nodes. This process is referred to
as logical ANDing. ANDing is a binary process by which the router calculates the subnetwork ID for an
incoming packet. -1- ANDing is similar to multiplication.
This process is handled at the binary level. Therefore, it is necessary to view the IP address and mask in
binary. -2- The IP address and the subnetwork address are ANDed with the result being the subnetwork ID. The
router then uses that information to forward the packet across the correct interface.
Subnetting is a learned skill. It will take many hours performing practice exercises to gain a development of
flexible and workable schemes. A variety of subnet calculators are available on the web. However, a network
administrator must know how to manually calculate subnets in order to effectively design the network scheme
and assure the validity of the results from a subnet calculator. The subnet calculator will not provide the initial
scheme, only the final addressing. Also, no calculators, of any kind, are permitted during the certification
exam.

1. The Logical ANDing process

2. Calculating the Subnet ID

Summary
This page summarizes the topics discussed in this module.
IP is referred to as a connectionless protocol because no dedicated circuit connection is established
between source and destination prior to transmission, IP is referred to as unreliable because does not
verify that the data reached its destination. If verification of delivery is required then a combination of IP
and a connection-oriented transport protocol such as TCP is required. If verification of error-free delivery is
not required IP can be used in combination with a connectionless transport protocol such as UDP.
Connectionless network processes are often referred to as packet switched processes. Connection-oriented
network processes are often referred to as circuit switched processes.
Protocols at each layer of the OSI model add control information to the data as it moves through the network.
Because this information is added at the beginning and end of the data, this process is referred to as
encapsulating the data. Layer 3 adds network, or logical, address information to the data and Layer 2 adds
local, or physical, address information.
Layer 3 routing and Layer 2 switching are used to direct and deliver data throughout the network.
Initially, the router receives a Layer 2 frame with a Layer 3 packet encapsulated within it. The router must strip
off the Layer 2 frame and examine the Layer 3 packet. If the packet is destined for local delivery the router
must encapsulate it in a new frame with the correct local MAC address as the destination. If the data must be
286
Only for individual use – not for distribute on Internet
forwarded to another broadcast domain, the router must encapsulate the Layer 3 packet in a new Layer 2
frame that contains the MAC address of the next internetworking device. In this way a frame is
transmitted through networks from broadcast domain to broadcast domain and eventually delivered to the
correct host.
Routed protocols, such as IP, transport data across a network. Routing protocols allow routers to choose
the best path for data from source to destination. These routes can be either static routes, which are entered
manually, or dynamic routes, which are learned through routing protocols. When dynamic routing protocols
are used, routers use routing update messages to communicate with one another and maintain their routing
tables. Routing algorithms use metrics to process routing updates and populate the routing table with the
best routes. Convergence describes the speed at which all routers agree on a change in the network.
Interior gateway protocols (IGP) are routing protocols that route data within autonomous systems, while
exterior gateway protocols (EGP) route data between autonomous systems. IGPs can be further categorized as
either distance-vector or link-state protocols. Routers using distance-vector routing protocols periodically send
routing updates consisting of all or part of their routing tables. Routers using link-state routing protocols use
link-state advertisements (LSAs) to send updates only when topological changes occur in the network, and
send complete routing tables much less frequently.
As a packet travels through the network devices need a method of determining what portion of the IP address
identifies the network and what portion identifies the host. A 32-bit address mask, called a subnet mask, is used
to indicate the bits of an IP address that are being used for the network address. The default subnet mask for a
Class A address is 255.0.0.0. For a Class B address, the subnet mask always starts out as 255.255.0.0, and a
Class C subnet mask begins as 255.255.255.0. The subnet mask can be used to split up an existing network into
subnetworks, or subnets.
Subnetting reduces the size of broadcast domains, allows LAN segments in different geographical locations to
communicate through routers and provides improved security by separating one LAN segment from another.
Custom subnet masks use more bits than the default subnet masks by borrowing these bits from the host
portion of the IP address.
This creates a three-part address:
 The original network address
 The subnet address made up of the bits borrowed
 The host address made up of the bits left after borrowing some for subnets
Routers use subnet masks to determine the subnetwork portion of an address for an incoming packet. This
process is referred to as logical ANDing.

11 CISCO MODUL 11

Overview
The TCP/IP transport layer transports data between applications on source and destination devices. Familiarity
with the transport layer is essential to understand modern data networks. This module will describe the
functions and services of this layer.
Many of the network applications that are found at the TCP/IP application layer are familiar to most network
users. HTTP, FTP, and SMTP are acronyms that are commonly seen by users of Web browsers and e-mail
clients. This module also describes the function of these and other applications from the TCP/IP networking
model.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams.
Students who complete this module should be able to perform the following tasks:
 Describe the functions of the TCP/IP transport layer

287
Only for individual use – not for distribute on Internet
 Describe flow control
 Explain how a connection is established between peer systems
 Describe windowing
 Describe acknowledgment
 Identify and describe transport layer protocols
 Describe TCP and UDP header formats
 Describe TCP and UDP port numbers
 List the major protocols of the TCP/IP application layer
 Provide a brief description of the features and operation of well-known TCP/IP applications

1.

2.

3.

288
Only for individual use – not for distribute on Internet

4.

11.1 TCP/IP Transport Layer


11.1.1 Introduction to the TCP/IP transport layer
This page will describe the functions of the transport layer. -1-
The primary duties of the transport layer are to transport and regulate the flow of information from a source to
a destination, reliably and accurately. End-to-end control and reliability are provided by sliding windows,
sequencing numbers, and acknowledgments.
To understand reliability and flow control, think of someone who studies a foreign language for one year and
then visits the country where that language is used. In conversation, words must be repeated for reliability.
People must also speak slowly so that the conversation is understood, which relates to flow control. -2-
The transport layer establishes a logical connection between two endpoints of a network. Protocols in the
transport layer segment and reassemble data sent by upper-layer applications into the same transport layer data
stream. This transport layer data stream provides end-to-end transport services.
The two primary duties of the transport layer are to provide flow control and reliability. The transport layer
defines end-to-end connectivity between host applications.
Some basic transport services are as follows:
 Segmentation of upper-layer application data
 Establishment of end-to-end operations
 Transportation of segments from one end host to another
 Flow control provided by sliding windows
 Reliability provided by sequence numbers and acknowledgments
TCP/IP is a combination of two individual protocols. IP operates at Layer 3 of the OSI model and is a
connectionless protocol that provides best-effort delivery across a network. TCP operates at the transport
layer and is a connection-oriented service that provides flow control and reliability. When these protocols are
combined they provide a wider range of services. The combined protocols are the basis for the TCP/IP protocol
suite. The Internet is built upon this TCP/IP protocol suite.
1. Transport Layer

289
Only for individual use – not for distribute on Internet

1. Transport Layer Analogies

11.1.2 Flow control


This page will describe how the transport layer provides flow control.
As the transport layer sends data segments, it tries to ensure that data is not lost. Data loss may occur if a
host cannot process data as quickly as it arrives. The host is then forced to discard the data. Flow control
ensures that a source host does not overflow the buffers in a destination host. To provide flow control, TCP
allows the source and destination hosts to communicate. The two hosts then establish a data-transfer rate
that is agreeable to both.
1. Flow Control

11.1.3 Session establishment, maintenance, and termination


This page discusses transport functionality and how it is accomplished on a segment-by-segment basis.
Applications can send data segments on a first-come, first-served basis. The segments that arrive first will be
taken care of first. These segments can be routed to the same or different destinations. Multiple applications
can share the same transport connection in the OSI reference model. This is referred to as the multiplexing of
upper-layer conversations. -1- Numerous simultaneous upper-layer conversations can be multiplexed over a
single connection.
One function of the transport layer is to establish a connection-oriented session between similar devices at
the application layer. For data transfer to begin, the source and destination applications inform the operating
systems that a connection will be initiated. One node initiates a connection that must be accepted by the other.
Protocol software modules in the two operating systems exchange messages across the network to verify that
the transfer is authorized and that both sides are ready.
The connection is established and the transfer of data begins after all synchronization has occurred. The two
machines continue to communicate through their protocol software to verify that the data is received correctly.
Figure -2- shows a typical connection between two systems. The first handshake requests synchronization. The
second handshake acknowledge the initial synchronization request, as well as synchronizing connection
parameters in the opposite direction. The third handshake segment is an acknowledgment used to inform the
290
Only for individual use – not for distribute on Internet
destination that both sides agree that a connection has been established. After the connection has been
established, data transfer begins.
Congestion can occur for two reasons:
 First, a high-speed computer might generate traffic faster than a network can transfer it.
 Second, if many computers simultaneously need to send datagrams to a single destination, that
destination can experience congestion, although no single source caused the problem.
When datagrams arrive too quickly for a host or gateway to process, they are temporarily stored in
memory. If the traffic continues, the host or gateway eventually exhausts its memory and must discard
additional datagrams that arrive.
Instead of allowing data to be lost, the TCP process on the receiving host can issue a ―not ready‖ indicator to
the sender. This indicator signals the sender to stop data transmission. When the receiver can handle additional
data, it sends a ―ready‖ transport indicator. When this indicator is received, the sender can resume the segment
transmission. -3-
At the end of data transfer, the source host sends a signal that indicates the end of the transmission. The
destination host acknowledges the end of transmission and the connection is terminated.

1. Multiplexing of Upper-layer Conversations

1. Establishing a Connection with a Peer System

291
Only for individual use – not for distribute on Internet
3. Flow Control

11.1.4 Three-way handshake


This page will explain how TCP uses three-way handshakes for data transmission.
TCP is a connection-oriented protocol. TCP requires a connection to be established before data transfer
begins. The two hosts must synchronize their initial sequence numbers to establish a connection.
Synchronization occurs through an exchange of segments that carry a synchronize (SYN) control bit and the
initial sequence numbers. This solution requires a mechanism that picks the initial sequence numbers and a
handshake to exchange them.
The synchronization requires each side to send its own initial sequence number (INS) and to receive a
confirmation of exchange in an acknowledgment (ACK) from the other side. Each side must also receive the
INS from the other side and send a confirming ACK. The sequence is as follows:
The sending host (A) initiates a connection by sending a SYN packet to the receiving host (B) indicating
its INS = X:
A - > B SYN, seq of A = X
B receives the packet, records that the seq of A = X, replies with an ACK of X + 1, and indicates that its
INS = Y. The ACK of X + 1 means that host B has received all octets up to and including X and is
expecting X + 1 next:
B - > A ACK, seq of A = X, SYN seq of B = Y, ACK = X + 1
A receives the packet from B, it knows that the seq of B = Y, and responds with an ACK of Y + 1, which
finalizes the connection process:
A - > B ACK, seq of B = Y, ACK = Y + 1
This exchange is called the three-way handshake.
A three-way handshake is necessary because sequence numbers are not based on a global clock in the
network and TCP protocols may use different mechanisms to choose the initial sequence numbers. The
receiver of the first SYN would not know if the segment was delayed unless it kept track of the last sequence
number used on the connection. If the receiver does not have this information, it must ask the sender to verify
the SYN.

292
Only for individual use – not for distribute on Internet

1. Three-Way Handsake

11.1.5 Windowing
This page will explain how windows are used to transmit data.
Data packets must be delivered to the recipient in the same order in which they were transmitted to have
a reliable, connection-oriented data transfer. The protocol fails if any data packets are lost, damaged,
duplicated, or received in a different order. An easy solution is to have a recipient acknowledge the receipt of
each packet before the next packet is sent. -1-
If a sender had to wait for an ACK after each packet was sent, throughput would be low. Therefore, most
connection-oriented, reliable protocols allow multiple packets to be sent before an ACK is received. The time
interval after the sender transmits a data packet and before the sender processes any ACKs is used to transmit
more data. The number of data packets the sender can transmit before it receives an ACK is known as the
window size, or window.
TCP uses expectational ACKs. This means that the ACK number refers to the next packet that is expected.
Windowing refers to the fact that the window size is negotiated dynamically in the TCP session.
Windowing is a flow-control mechanism. Windowing requires the source device to receive an ACK from the
destination after a certain amount of data is transmitted. The destination host reports a window size to the
source host. This window specifies the number of packets that the destination host is prepared to receive. The
first packet is the ACK.
With a window size of three, the source device can send three bytes to the destination. The source device must
then wait for an ACK. If the destination receives the three bytes, it sends an acknowledgment to the source
device, which can now transmit three more bytes. If the destination does not receive the three bytes, because of
overflowing buffers, it does not send an acknowledgment. Because the source does not receive an
acknowledgment, it knows that the bytes should be retransmitted, and that the transmission rate should be
decreased.
In Figure -2-, the sender sends three packets before it expects an ACK. If the receiver can handle only two
packets, the window drops packet three, specifies three as the next packet, and indicates a new window size of
two. The sender sends the next two packets, but still specifies a window size of three. This means that the
sender will still expect a three-packet ACK from the receiver. The receiver replies with a request for packet
five and again specifies a window size of two.

293
Only for individual use – not for distribute on Internet
1. TCP Basic Window

2. TCP Sliding Window

11.1.6 Acknowledgment
This page will discuss acknowledgments and the sequence of segments.
Reliable delivery guarantees that a stream of data sent from one device is delivered through a data link to
another device without duplication or data loss. Positive acknowledgment with retransmission is one technique
that guarantees reliable delivery of data. Positive acknowledgment requires a recipient to communicate
with the source and send back an ACK when the data is received. The sender keeps a record of each data
packet, or TCP segment, that it sends and expects an ACK. The sender also starts a timer when it sends a
segment and will retransmit a segment if the timer expires before an ACK arrives.
Figure -1- shows a sender that transmits data packets 1, 2, and 3. The receiver acknowledges receipt of the
packets with a request for packet 4. When the sender receives the ACK, it sends packets 4, 5, and 6. If packet 5
does not arrive at the destination, the receiver acknowledges with a request to resend packet 5. The sender
resends packet 5 and then receives an ACK to continue with the transmission of packet 7.
TCP provides sequencing of segments with a forward reference acknowledgment. Each segment is numbered
before transmission. -2- At the destination, TCP reassembles the segments into a complete message. If a
sequence number is missing in the series, that segment is retransmitted. Segments that are not acknowledged
within a given time period will result in a retransmission

294
Only for individual use – not for distribute on Internet

1. TCP Sliding Window

2. TCP Sequence and Acknowledgment

11.1.7 TCP
This page will discuss the protocols that use TCP and the fields included in a TCP segment.
TCP is a connection-oriented transport layer protocol that provides reliable full-duplex data
transmission. TCP is part of the TCP/IP protocol stack. In a connection-oriented environment, a connection is
established between both ends before the transfer of information can begin. TCP breaks messages into
segments, reassembles them at the destination, and resends anything that is not received.
TCP supplies a virtual circuit between end-user applications.
The following protocols use TCP:
 FTP
 HTTP
 SMTP
 Telnet

295
Only for individual use – not for distribute on Internet

The following are the definitions of the fields in the TCP segment: -1-
 Source port – Number of the port that sends data
 Destination port – Number of the port that receives data
 Sequence number – Number used to ensure the data arrives in the correct order
 Acknowledgment number – Next expected TCP octet
 HLEN – Number of 32-bit words in the header
 Reserved – Set to zero
 Code bits – Control functions, such as setup and termination of a session
 Window – Number of octets that the sender will accept
 Checksum – Calculated checksum of the header and data fields
 Urgent pointer – Indicates the end of the urgent data
 Option – One option currently defined, maximum TCP segment size
 Data – Upper-layer protocol data
1. TCP Segment Format

11.1.8 UDP
This page will discuss UDP. UDP is the connectionless transport protocol in the TCP/IP protocol stack.
UDP is a simple protocol that exchanges datagrams without guaranteed delivery. It relies on higher-layer
protocols to handle errors and retransmit data.
UDP does not use windows or ACKs. Reliability is provided by application layer protocols. UDP is designed
for applications that do not need to put sequences of segments together.
The following protocols use UDP:
 TFTP
 SNMP
 DHCP
 DNS
The following are the definitions of the fields in the UDP segment:
296
Only for individual use – not for distribute on Internet
 Source port – Number of the port that sends data
 Destination port – Number of the port that receives data
 Length – Number of bytes in header and data
 Checksum – Calculated checksum of the header and data fields
 Data – Upper-layer protocol data

1. UDP Segment Format

11.1.9 TCP and UDP port numbers


This page examines port numbers.
Both TCP and UDP use port numbers to pass information to the upper layers. Port numbers are used to keep
track of different conversations that cross the network at the same time.
Application software developers agree to use well-known port numbers that are issued by the Internet
Assigned Numbers Authority (IANA). -1- Any conversation bound for the FTP application uses the standard
port numbers 20 and 21. Port 20 is used for the data portion and Port 21 is used for control. Conversations
that do not involve an application with a well-known port number are assigned port numbers randomly from
within a specific range above 1023. Some ports are reserved in both TCP and UDP. However, applications
might not be written to support them. -2-
Port numbers have the following assigned ranges:
 Numbers below 1024 are considered well-known ports numbers.
 Numbers above 1023 are dynamically-assigned ports numbers.
 Registered port numbers are for vendor-specific applications. Most of these are above 1024.
End systems use port numbers to select the proper application. The source host dynamically assigns source port
numbers. These numbers are always greater than 1023. -3-

297
Only for individual use – not for distribute on Internet

1. Port Numbers

3. Port Numbers

298
Only for individual use – not for distribute on Internet

2. Reserved TCP and UDP Port Numbers

299
Only for individual use – not for distribute on Internet
11.2 The Application Layer
11.2.1 Introduction to the TCP/IP application layer
This page will introduce some TCP/IP application layer protocols.
The session, presentation, and application layers of the OSI model are bundled into the application layer of the
TCP/IP model. This means that representation, encoding, and dialog control are all handled in the TCP/IP
application layer. This design ensures that the TCP/IP model provides maximum flexibility at the application
layer for software developers.
The TCP/IP protocols that support file transfer, e-mail, and remote login are probably the most familiar to
users of the Internet. -1-
These protocols include the following applications:
 DNS
 FTP
 HTTP
 SMTP
 SNMP
 Telnet

1. Application Layer

11.2.2 DNS
This page will describe DNS.
The Internet is built on a hierarchical addressing scheme. This scheme allows for routing to be based on classes
of addresses rather than based on individual addresses. The problem this creates for the user is associating the
correct address with the Internet site. It is very easy to forget an IP address to a particular site because there is
nothing to associate the contents of the site with the address. Imagine the difficulty of remembering the IP
addresses of tens, hundreds, or even thousands of Internet sites.
A domain naming system was developed in order to associate the contents of the site with the address of that
site. The Domain Name System (DNS) is a system used on the Internet for translating names of domains and
their publicly advertised network nodes into IP addresses. A domain is a group of computers that are associated
by their geographical location or their business type. A domain name is a string of characters, number, or both.
Usually a name or abbreviation that represents the numeric address of an Internet site will make up the domain
name. There are more than 200 top-level domains on the Internet, examples of which include the following:

300
Only for individual use – not for distribute on Internet
.us – United States
.uk – United Kingdom
There are also generic names, which examples include the following:
.edu – educational sites
.com – commercial sites
.gov – government sites
.org – non-profit sites
.net – network service
See Figure -1- for a detailed explanation of these domains

11.2.3 FTP and TFTP


This page will describe the features of FTP and TFPT.
FTP is a reliable, connection-oriented service that uses TCP to transfer files between systems that
support FTP. The main purpose of FTP is to transfer files from one computer to another by copying and
moving files from servers to clients, and from clients to servers. When files are copied from a server, FTP first
301
Only for individual use – not for distribute on Internet
establishes a control connection between the client and the server. Then a second connection is established,
which is a link between the computers through which the data is transferred. Data transfer can occur in ASCII
mode or in binary mode. These modes determine the encoding used for data file, which in the OSI model is a
presentation layer task. After the file transfer has ended, the data connection terminates automatically. When
the entire session of copying and moving files is complete, the command link is closed when the user logs off
and ends the session. -1-
TFTP is a connectionless service that uses User Datagram Protocol (UDP). TFTP is used on the router to
transfer configuration files and Cisco IOS images and to transfer files between systems that support TFTP.
TFTP is designed to be small and easy to implement. Therefore, it lacks most of the features of FTP. TFTP can
read or write files to or from a remote server but it cannot list directories and currently has no provisions for
user authentication. It is useful in some LANs because it operates faster than FTP and in a stable environment
it works reliably.
1. FTP Application

11.2.4 HTTP
This page will describe the features of HTTP.
Hypertext Transfer Protocol (HTTP) works with the World Wide Web, which is the fastest growing and most
used part of the Internet. One of the main reasons for the extraordinary growth of the Web is the ease with
which it allows access to information. A Web browser is a client-server application, which means that it
requires both a client and a server component in order to function. A Web browser presents data in multimedia
formats on Web pages that use text, graphics, sound, and video. The Web pages are created with a format
language called Hypertext Markup Language (HTML). HTML directs a Web browser on a particular Web
page to produce the appearance of the page in a specific manner. In addition, HTML specifies locations for the
placement of text, files, and objects that are to be transferred from the Web server to the Web browser.
Hyperlinks make the World Wide Web easy to navigate. A hyperlink is an object, word, phrase, or picture, on
a Web page. When that hyperlink is clicked, it directs the browser to a new Web page. The Web page contains,
often hidden within its HTML description, an address location known as a Uniform Resource Locator (URL).
In the URL http://www.cisco.com/edu/, the "http://" tells the browser which protocol to use. The second part,
"www", is the hostname or name of a specific machine with a specific IP address. The last part, /edu/ identifies
the specific folder location on the server that contains the default web page. -1-
A Web browser usually opens to a starting or "home" page. The URL of the home page has already been stored
in the configuration area of the Web browser and can be changed at any time. From the starting page, click on
one of the Web page hyperlinks, or type a URL in the address bar of the browser. The Web browser examines
the protocol to determine if it needs to open another program, and then determines the IP address of the Web
server using DNS. Then the transport layer, network layer, data link layer, and physical layer work together to
initiate a session with the Web server. The data that is transferred to the HTTP server contains the folder name

302
Only for individual use – not for distribute on Internet
of the Web page location. The data can also contain a specific file name for an HTML page. If no name is
given, then the default name as specified in the configuration on the server is used.
The server responds to the request by sending to the Web client all of the text, audio, video, and graphic files
specified in the HTML instructions. The client browser reassembles all the files to create a view of the Web
page, and then terminates the session. If another page that is located on the same or a different server is
clicked, the whole process begins again.
1. URL

11.2.5 SMTP
This page will discuss the features of SMTP.
Email servers communicate with each other using the Simple Mail Transfer Protocol (SMTP) to send and
receive mail. The SMTP protocol transports email messages in ASCII format using TCP.
When a mail server receives a message destined for a local client, it stores that message and waits for the client
to collect the mail. -1- There are several ways for mail clients to collect their mail. They can use programs that
access the mail server files directly or collect their mail using one of many network protocols. The most
popular mail client protocols are POP3 and IMAP4, which both use TCP to transport data. Even though mail
clients use these special protocols to collect mail, they almost always use SMTP to send mail. Since two
different protocols, and possibly two different servers, are used to send and receive mail, it is possible that mail
clients can perform one task and not the other. Therefore, it is usually a good idea to troubleshoot e-mail
sending problems separately from e-mail receiving problems.
When checking the configuration of a mail client, verify that the SMTP and POP or IMAP settings are
correctly configured. A good way to test if a mail server is reachable is to Telnet to the SMTP port (25) or to
the POP3 port (110). The following command format is used at the Windows command line to test the ability
to reach the SMTP service on the mail server at IP address 192.168.10.5:
C:\>telnet 192.168.10.5 25
The SMTP protocol does not offer much in the way of security and does not require any authentication.
Administrators often do not allow hosts that are not part of their network to use their SMTP server to send or
relay mail. This is to prevent unauthorized users from using their servers as mail relays.
1. E-mail Message Path

303
Only for individual use – not for distribute on Internet
11.2.6 SNMP
This page will define SNMP.
The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the
exchange of management information between network devices. SNMP enables network administrators to
manage network performance, find and solve network problems, and plan for network growth. SNMP uses
UDP as its transport layer protocol.
An SNMP managed network consists of the following three key components:
 Network management system (NMS) – NMS executes applications that monitor and control managed
devices. The bulk of the processing and memory resources required for network management are
provided by NMS. One or more NMSs must exist on any managed network.
 Managed devices – Managed devices are network nodes that contain an SNMP agent and that reside
on a managed network. Managed devices collect and store management information and make this
information available to NMSs using SNMP. Managed devices, sometimes called network elements,
can be routers, access servers, switches, and bridges, hubs, computer hosts, or printers.
 Agents – Agents are network-management software modules that reside in managed devices. An agent
has local knowledge of management information and translates that information into a form compatible
with SNMP.

1. SNMP – Manage Network

11.2.7 TELNET
This page will explain the features of Telnet.
Telnet client software provides the ability to login to a remote Internet host that is running a Telnet server
application and then to execute commands from the command line. A Telnet client is referred to as a local host.
Telnet server, which uses special software called a daemon, is referred to as a remote host.
To make a connection from a Telnet client, the connection option must be selected. A dialog box typically
prompts for a host name and terminal type. The host name is the IP address or DNS name of the remote
computer. The terminal type describes the type of terminal emulation that the Telnet client should perform.
The Telnet operation uses none of the processing power from the transmitting computer. Instead, it transmits
the keystrokes to the remote host and sends the resulting screen output back to the local monitor. All
processing and storage take place on the remote computer.
Telnet works at the application layer of the TCP/IP model. Therefore, Telnet works at the top three layers of
the OSI model. The application layer deals with commands. The presentation layer handles formatting, usually
ASCII. The session layer transmits. In the TCP/IP model, all of these functions are considered to be part of the
application layer.
304
Only for individual use – not for distribute on Internet
1. Telnet

Summary
This page summarizes the topics discussed in this module.
The primary duties of the transport layer, Layer 4 of the OSI model, are to transport and regulate the flow of
information from the source to the destination reliably and accurately.
The transport layer multiplexes data from upper layer applications into a stream of data packets. It uses port
(socket) numbers to identify different conversations and delivers the data to the correct application.
The Transmission Control Protocol (TCP) is a connection-oriented transport protocol that provides flow
control as well as reliability. TCP uses a three-way handshake to establish a synchronized circuit between
end-user applications. Each datagram is numbered before transmission. At the receiving station, TCP
reassembles the segments into a complete message. If a sequence number is missing in the series, that segment
is retransmitted.
Flow control ensures that a transmitting node does not overwhelm a receiving node with data. The simplest
method of flow control used by TCP involves a ―not ready‖ signal that notifies the transmitting device that the
buffers on the receiving device are full. When the receiver can handle additional data, the receiver sends a
―ready‖ transport indicator.
Positive acknowledgment with retransmission is another TCP protocol technique that guarantees reliable
delivery of data. Because having to wait for an acknowledgment after sending each packet would negatively
impact throughput, windowing is used to allow multiple packets to be transmitted before an acknowledgment
is received. TCP window sizes are variable during the lifetime of a connection.
Positive acknowledgment with retransmission is another TCP protocol technique that guarantees reliable
delivery of data. Because having to wait for an acknowledgment after sending each packet would negatively
impact throughput, windowing is used to allow multiple packets to be transmitted before an acknowledgment
is received. TCP window sizes are variable during the lifetime of a connection.
If an application does not require flow control or an acknowledgment, as in the case of a broadcast
transmission, User Datagram Protocol (UDP) can be used instead of TCP. UDP is a connectionless transport
protocol in the TCP/IP protocol stack that allows multiple conversations to occur simultaneously but does not
provide acknowledgments or guaranteed delivery. A UDP header is much smaller than a TCP header because
of the lack of control information it must contain.

305
Only for individual use – not for distribute on Internet
Some of the protocols and applications that function at the application level are well known to Internet users:
 Domain Name System (DNS) - Used in IP networks to translate names of network nodes into IP
addresses
 File Transfer Protocol (FTP) - Used for transferring files between networks
 Hypertext Transfer Protocol (HTTP) - Used to deliver hypertext markup language (HTML)
documents to a client application, such as a WWW browser
 Simple Mail Transfer Protocol (SMTP) - Used to provide electronic mail services
 Simple Network Management Protocol (SNMP) - Used to monitor and control network devices and
to manage configurations, statistics collection, performance and security
 Telnet - Used to login to a remote host that is running a Telnet server application and then to execute
commands from the command line

CISCO MODUL CS
Structured Cabling Case Study

Threaded Case Study

Structured Cabling Case Study


Curriculum and lab exercises in seven areas:
 Structured Cabling Systems
 Structured Cabling Standards and Codes
 Safety
 Tools of the Trade
 Installation Process
 Finish Phase
 The Cabling Business

306
Only for individual use – not for distribute on Internet

Structured cabling skills are crucial for any networking professional. Structured cabling creates a physical
topology where telecommunications cabling is organized into hierarchical termination and interconnection
structures according to standards. The word telecommunications is used to express the necessity of dealing
with electrical power wires, telephone wires, and cable television coaxial cable in addition to copper and
optical networking media.
Structured cabling is an OSI Layer 1 issue. Without Layer 1 connectivity, the Layer 2 switching and Layer 3
routing process that makes data transfer across large networks possible cannot occur. Especially for people
new to the networking workforce, many of the day-to-day jobs deal with structured cabling.
Many different standards are used to define the rules of structured cabling. These standards vary around the
world. Three standards of central importance in structured cabling are ANSI TIA/EIA-568-B, ISO/IEC 11801,
and IEEE 802.x.
The instructor will provide the materials for a structured cabling case study and installation project
appropriate to your region of the world. It is recommended to complete a structured cabling case study on
paper, and a hands-on structured cabling installation project. Understanding structured cabling is essential for
network administrators, network technicians, and network engineers.

307
Only for individual use – not for distribute on Internet

12 MODULE 1
12.1 WANs
Module Overview
A wide-area network (WAN) is a data communications network that connects user networks over a large
geographical area. WANs have several important characteristics that distinguish them from LANs. The first
lesson in this module will provide an overview of WAN technologies and protocols. It will also explain how
WANs and LANs are different, and ways in which they are similar.
It is important to understand the physical layer components of a router. This knowledge builds a foundation for
other information and skills that are needed to configure routers and manage routed networks. This module
provides a close examination of the internal and external physical components of the router. The module also
describes techniques for physically connecting the various router interfaces.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -1-
-Students who complete this module should be able to perform the following tasks:
 Identify organizations responsible for WAN standards
 Explain the difference between a WAN and LAN and the type of standards and protocols each uses
 Describe the role of a router in a WAN
 Identify internal components of the router and describe their functions
 Describe the physical characteristics of the router
 Identify LAN and management ports on a router
 Properly connect Ethernet, serial WAN, and console ports

12.1.1 Introduction to WANs


A WAN is a data communications network that spans a large geographic area such as a state, province, or
country. WANs often use transmission facilities provided by common carriers such as telephone companies.
These are the major characteristics of WANs:
 They connect devices that are separated by wide geographical areas.
 They use the services of carriers such as the Regional Bell Operating Companies (RBOCs), Sprint,
MCI, and VPM Internet Services, Inc. to establish the link or connection between sites.
 They use serial connections of various types to access bandwidth over large geographic areas.
A WAN differs from a LAN in several ways. For example, unlike a LAN, which connects workstations,
peripherals, terminals, and other devices in a single building, a WAN makes data connections across a broad
geographic area. Companies use a WAN to connect various company sites so that information can be
exchanged between distant offices.
A WAN operates at the physical layer and the data link layer of the OSI reference model. It interconnects
LANs that are usually separated by large geographic areas. WANs provide for the exchange of data packets
and frames between routers and switches and the LANs they support.
The following devices are used in WANs: -2-, -3-

 Routers offer many services, including internetworking and WAN interface ports.
 Modems include interface voice-grade services, channel service units/digital service units
(CSU/DSUs) that interface T1/E1 services, and Terminal Adapters/Network Termination 1 (TA/NT1s)
that interface Integrated Services Digital Network (ISDN) services.
 Communication servers concentrate dial in and dial out user communication.
308
Only for individual use – not for distribute on Internet
The Interactive Media Activity will help students become more familiar with WAN devices.
WAN data link protocols describe how frames are carried between systems on a single data link.
They include protocols designed to operate over dedicated point-to-point, multipoint, and multi-access
switched services such as Frame Relay. WAN standards are defined and managed by a number of recognized
authorities, including the following agencies:
 International Telecommunication Union-Telecommunication Standardization Sector (ITU-T), formerly
the Consultative Committee for International Telegraph and Telephone (CCITT)
 International Organization for Standardization (ISO)
 Internet Engineering Task Force (IETF)
 Electronic Industries Association (EIA)
The next page will describe routers. This information is important to further understand WANs.

LAN

MAN

WAN – I and II OSI Layer

309
Only for individual use – not for distribute on Internet

12.1.2 Introduction to routers in a WAN


This page will provide a brief review of routers.
A router is a special type of computer. It has the same basic components as a standard desktop PC. It has a
CPU, memory, a system bus, and various input/output interfaces. However, routers are designed to perform
some very specific functions that are not typically performed by desktop computers. For example, routers
connect and allow communication between two networks and determine the best path for data to travel through
the connected networks.
Just as computers need operating systems to run software applications, routers need the Internetwork
Operating System (IOS) software to run configuration files. These configuration files contain the
instructions and parameters that control the flow of traffic in and out of the routers. Routers use routing
protocols to determine the best path for packets. The configuration file specifies all the information for the
correct setup and use of the selected, or enabled, routing and routed protocols on a router.
This course will demonstrate how to build configuration files from the IOS commands in order to get the router
to perform many essential network functions. The router configuration file may seem complex at first, but it
will be easier to understand by the end of the course.
The main internal components of the router are random-access memory (RAM), nonvolatile random-access
memory (NVRAM), flash memory, read-only memory (ROM), and interfaces.
RAM has the following characteristics and functions:
 Stores routing tables
 Holds ARP cache
 Holds fast-switching cache
 Performs packet buffering as shared RAM
 Maintains packet-hold queues
 Provides temporary memory for the configuration file of a router while the router is powered on
 Loses content when a router is powered down or restarted
NVRAM has the following characteristics and functions:
 Provides storage for the startup configuration file
 Retains content when a router is powered down or restarted
Flash memory has the following characteristics and functions:
 Holds the IOS image
 Allows software to be updated without removing and replacing chips on the processor
310
Only for individual use – not for distribute on Internet
 Retains content when a router is powered down or restarted
 Can store multiple versions of IOS software
 Is a type of electrically erasable programmable read-only memory (EEPROM)
ROM has the following characteristics and functions:
 Maintains instructions for power-on self test (POST) diagnostics
 Stores bootstrap program and basic operating system software
 Requires replacing pluggable chips on the motherboard for software upgrades
Interfaces have the following characteristics and functions:
 Connect routers to a network for packet entry and exit
 Can be on the motherboard or on a separate module

311
Only for individual use – not for distribute on Internet

12.1.3 Router LANs and WANs


Routers can be used to segment LANs, but they are mainly used as WAN devices. This page will explain how
routers are used in a network.

Routers have both LAN and WAN interfaces. WAN technologies are frequently used to connect routers.
Routers use WAN connections to communicate with each other.
Routers are the backbone devices of large intranets and of the Internet. They operate at Layer 3 of the OSI
model, making decisions based on network addresses. The two main functions of a router are the selection of
best path and the switching of packets to the proper interface. To accomplish this, routers build routing tables
and exchange network information with other routers.
An administrator can configure static routes to maintain routing tables. However, most routing tables are
maintained dynamically through the use of a routing protocol that exchanges network topology information
with other routers.
For example, if Computer X needs to communicate with Computer Y and Computer Z in Figure
, this requires a routing feature for information flow and redundant paths for reliability. Many network design
decisions and technologies can be traced to this desire for Computers X, Y, and Z to communicate.
A correctly configured internetwork provides the following:
 Consistent end-to-end addressing
 Addresses that represent network topologies
 Best path selection
 Dynamic or static routing
 Switching ( Routers work switching on Layer 2 )

312
Only for individual use – not for distribute on Internet

313
Only for individual use – not for distribute on Internet

12.1.4 Role of routers in a WAN


This page will review WANs in relation to the OSI model and explain the functions of a router.
The standards and protocols or primary functions of a WAN operate at the physical layer and at the data link
layer. This does not mean that the other five layers of the OSI model are not found in a WAN. It simply means
that the standards and protocols that define a WAN connection are typically found at the physical and data link
layers. In other words, the Layer 1 and Layer 2 WAN standards and protocols are different than the Layer 1
and Layer 2 LAN standards and protocols.
The WAN physical layer describes the interface between the data terminal equipment (DTE) and the data
circuit-terminating equipment (DCE). Generally, the DCE is the service provider and the DTE is the attached
device. In this model, the services offered to the DTE are made available through a modem or a CSU/DSU.
The main function of a router is to transmit data using Layer 3 addresses. This process is also called routing.
Routing occurs at the network layer, which is Layer 3. If a WAN operates at Layers 1, 2, and 3, is a router a
LAN device or a WAN device? The answer is both, as is so often the case in the field of networking. A router
may be exclusively a LAN device, it may be exclusively a WAN device, or it may sit at the boundary between
a LAN and a WAN and be a LAN and WAN device at the same time.

One of the roles of a router in a WAN is to route packets at Layer 3, but this is also a role of a router in a LAN.
Therefore routing is not strictly a WAN role of a router. When a router uses the physical and data link layer
standards and protocols that are associated with WANs, it is operating as a WAN device. Therefore, the
main role of a router in a WAN is not to route. It is to provide connections between the various WAN
physical and data-link standards. These standards and protocols that define and structure a WAN connection
operate at Layers 1 and 2. For example, a router may have an ISDN interface that uses PPP encapsulation and
a serial interface at the end of a T1 line that uses Frame Relay encapsulation. The router must be able to move
a stream of bits from one type of service, such as ISDN, to another, such as a T1, and change the data link
encapsulation from PPP to Frame Relay.
Many of the details of WAN Layer 1 and Layer 2 protocols will be covered later in the course, but some of the
key WAN protocols and standards are listed here for reference.
Here is a list of WAN physical layer standards and protocols:
 EIA/TIA-232
 EIA/TIA-449
 V.24
 V.35
 X.21
 G.703
 EIA-530

314
Only for individual use – not for distribute on Internet
 ISDN
 T1, T3, E1, and E3
 xDSL
 SONET (OC-3, OC-12, OC-48, OC-192)
Here is a list of WAN data link layer standards and protocols:
 High-level data link control (HDLC)
 Frame Relay
 Point-to-Point Protocol (PPP)
 Synchronous Data Link Control (SDLC)
 Serial Line Internet Protocol (SLIP)
 X.25
 ATM
 LAPB
 LAPD
 LAPF

315
Only for individual use – not for distribute on Internet
12.1.5 Academy approach to hands-on labs
This page will help students understand how a lab is configured to simulate a WAN.
In the academy lab, all the networks will be connected with serial or Ethernet cables and the students can see
and physically touch all the equipment.
Unlike the academy lab setup, the serial cables in the real world are not connected back to back. In a real world
situation, one router could be in New York, while another router could be in Sydney, Australia. An
administrator located in Sydney would have to connect to the router in New York through the WAN cloud in
order to troubleshoot the New York router.
In the academy lab, devices that make up the WAN cloud are simulated by the connection between the back-
to-back DTE-DCE cables.
The connection from one router interface s0/0 to another router interface s0/1 simulates the whole circuit
cloud.
Students can use the Interactive Media Activity to practice the connection of lab devices.

12.2 Routers

12.2.1 Introduction to WANs


While the exact architecture of the router varies between router models, this page will introduce the major
internal components. Figures
and
show the internal components of some of the Cisco router models. The common components are covered in the
paragraphs below.
CPU – The Central Processing Unit (CPU) executes instructions in the operating system. Among these
functions are system initialization, routing functions, and network interface control. The CPU is a
microprocessor. Large routers may have multiple CPUs.
RAM – RAM is used for routing table information, fast switching caches, running configurations, and packet

316
Only for individual use – not for distribute on Internet
queues. In most routers the RAM provides run time space for executable Cisco IOS software and its
subsystems. RAM is usually logically divided into main processor memory and shared input/output (I/O)
memory. Shared I/O memory is shared among interfaces for temporary storage of packets. The contents of
RAM are lost when power is removed. RAM is generally dynamic random-access memory (DRAM) and can
be upgraded with the addition of dual in-line memory modules (DIMMs).
Flash – Flash memory is used for storage of a full Cisco IOS software image. The router normally acquires
the default IOS from flash. These images can be upgraded by loading a new image into flash. The IOS may be
in uncompressed or compressed form. In most routers an executable copy of the IOS is transferred to RAM
during the boot process. In other routers the IOS may be run directly from flash. The flash single in-line
memory modules (SIMMs) or PCMCIA cards can be added or replaced to upgrade the amount of flash.
NVRAM – NVRAM is used to store the startup configuration. In some devices, EEPROMs can be used to
implement NVRAM. In other devices it is implemented in the same flash device from which the boot code is
loaded. In either case these devices retain contents when power is removed.
Buses – Most routers contain a system bus and a CPU bus. The system bus is used to communicate between
the CPU and the interfaces or expansion slots. This bus transfers the packets to and from the interfaces.
The CPU bus is used by the CPU for accessing components from router storage. This bus transfers instructions
and data to or from specified memory addresses.
ROM – ROM is used to permanently store the startup diagnostic code, which is called the ROM monitor.
The main tasks for ROM are hardware diagnostics during router bootup and loading the Cisco IOS software
from flash to RAM. Some routers also have a scaled down version of the IOS that can be used as an alternative
boot source. ROMs are not erasable. They can only be upgraded by replacing the ROM chips in the sockets.
Interfaces – The interfaces are the router connections to the outside. The three types of interfaces are LANs,
WANs, and console or auxiliary (AUX). The LAN interfaces are usually one of several different varieties of
Ethernet or Token Ring. These interfaces have controller chips that provide the logic for connecting the system
to the media. The LAN interfaces may be a fixed configuration or modular.
The WAN interfaces include serial, ISDN, and integrated CSUs. As with LAN interfaces, WAN interfaces also
have special controller chips for the interfaces. The WAN interfaces may be a fixed configuration or modular.
The console and AUX ports are serial ports that are used primarily for the initial configuration of a router.
They are used for terminal sessions from the communication ports on the computer or through a modem.
Power Supply – The power supply provides the necessary power to operate the internal components. Larger
routers may use multiple or modular power supplies. In some of the smaller routers the power supply may be
external to the router.
Students can use the Interactive Media Activity to test their knowledge of router components.

317
Only for individual use – not for distribute on Internet

12.2.2 Router physical characteristics


This page will help students identify the location of different components on a router.
It is not critical to know the location of the physical components inside the router to understand how to use the
router. However in some situations, such as adding memory, it can be very helpful.
The exact components used and their location varies between router models. Figure
identifies the internal components of a 2600 router.
Figure
shows some of the external connectors on a 2600 router.
Students can use the Interactive Media Activities to learn more about the Cisco 1721 and 2621 routers.

318
Only for individual use – not for distribute on Internet

12.2.3 Router external connections


This page will describe the three basic types of connections on a router, which are LAN interfaces, WAN
interfaces, and management ports.
LAN interfaces allow routers to connect to the LAN media. This is usually some form of Ethernet. However, it
could be some other LAN technology such as Token Ring or FDDI.
WANs provide connections through a service provider to a distant site or to the Internet. These may be serial
connections or any number of other WAN interfaces. With some types of WAN interfaces, an external device
such as a CSU is required to connect the router to the local connection of the service provider. With other types
of WAN connections, the router may be directly connected to the service provider.
The function of management ports is different from the other connections. The LAN and WAN connections
provide network connections through which packets are forwarded. The management port provides a text-
based connection for the configuration and troubleshooting of the router. The common management interfaces
are the console and auxiliary ports. These are EIA-232 asynchronous serial ports. They are connected to a
communications port on a computer. The computer must run a terminal emulation program to provide a text-
based session with the router. Through this session the network administrator can manage the device.

12.2.4 Management port connections


This page will introduce the console and auxiliary (AUX) ports, which are also known as the management
ports. These asynchronous serial ports are not designed as networking ports. The console port is required for
the configuration of the router. Not all routers have an auxiliary port.
When the router is first put into service, there are no networking parameters configured.
Therefore the router cannot communicate with any network. To prepare for initial startup and configuration,
attach an RS-232 ASCII terminal, or attach the rollover cable to a personal computer running terminal
emulating software such as HyperTerminal, to the system console port. Then configuration commands can be
entered to set up the router.
After the initial configuration is entered into the router through the console or auxiliary port, the router can be

319
Only for individual use – not for distribute on Internet
connected to the network to troubleshoot or monitor it.
The router can also be remotely configured through the configuration port across an IP network using Telnet or
by dialing to a modem connected to the console or auxiliary port on the router.
The console port is also preferred over the auxiliary port for troubleshooting. This is because it displays router
startup, debugging, and error messages by default. The console port can also be used when the networking
services have not been started or have failed. Therefore, the console port can be used for disaster and password
recovery procedures.

12.2.5 Console port connections


This page will provide more information about the console port.
The console port is a management port that is used to provide out-of-band access to a router. It is used to set up
the initial configuration of a router and to monitor it. The console port is also used for disaster recovery
procedures.
A rollover cable and an RJ-45 to DB-9 adapter are used to connect a PC to the console port.
320
Only for individual use – not for distribute on Internet
Cisco supplies the necessary adapter to connect to the console port.
The PC or terminal must support VT100 terminal emulation. Terminal emulation software such as
HyperTerminal is usually used.

The following are steps to connect a PC to a router:


Configure terminal emulation software on the PC
for the following:
 The appropriate COM port
 9600 baud
 8 data bits
 No parity
 1 stop bit
 No flow control
Connect the RJ-45 connector of the rollover cable
to the router console port.
Connect the other end of the rollover cable to the
RJ-45 to DB-9 adapter.
Attach the female DB-9 adapter to a PC.
Students can use the Lab Activity to further practice
the steps listed above.

12.2.6 Connecting router LAN interfaces


This page will teach students how to connect LAN interfaces.
A router is usually connected to a LAN through an Ethernet or Fast Ethernet interface. The router is a host that
communicates with the LAN through a hub or a switch. A straight-through cable is used to make this
connection. A 10BASE-TX or 100BASE-TX router interface requires Category 5, or better, unshielded
twisted-pair (UTP) cable, regardless of the router type.
In some cases the Ethernet connection of the router is connected directly to the computer or to another router.
For this type of connection, a crossover cable is required.
The correct interface must be used. If the wrong interface is connected, it can damage the router or other
networking devices. Many different types of connections use the same style of connector. For example
Ethernet, ISDN BRI, console, AUX, integrated CSU/DSU, and Token Ring interfaces use the same eight-pin
321
Only for individual use – not for distribute on Internet
connector, which is RJ-45, RJ-48, or RJ-49. Students can use the Lab Activity and the Interactive Media
Activity to practice LAN interface connections.
Cisco uses a color code scheme to help distinguish the connections that are used on a router. Figure
shows some of these for a 2600 router.

12.2.7 Connecting WAN interfaces ( I and II OSI Layer )


This page discusses the different forms of WAN connections.
A WAN uses many different technologies to make data connections across a broad geographic area. WAN
communication services are usually leased from service providers. WAN connection types include leased line,
circuit-switched, and packet-switched.
For each type of WAN service, the customer premises equipment (CPE), which is often a router, is the DTE.
This is connected to the service provider through a DCE device, which is commonly a modem or CSU/DSU.
This device is used to convert the data from the DTE into a form acceptable to the WAN service provider.
Perhaps the most commonly used router interfaces for WAN services are serial interfaces. Answer the
following questions to select the proper serial cable:
 What is the type of connection to the Cisco device? Cisco routers may use different connectors for the
serial interfaces.
The interface on the left is a Smart Serial interface. The interface on the right is a DB-60 connection. It
is important to select the correct serial cable to connect the network system to the serial devices. This is
a critical part in setting up a WAN.
 Is the network system connected to a DTE or DCE device? DTE and DCE are the two types of serial
322
Only for individual use – not for distribute on Internet
interfaces that devices use to communicate. The key difference between these two is that the DCE
device provides the clock signal for the communications on the bus. The device documentation should
specify whether it is DTE or DCE.
 Which signaling standard does the device require?
For each different device, a different serial standard could be used. Each standard defines the signals on
the cable and specifies the connector at the end of the cable. Device documentation should always be
consulted for the signaling standard.
 Is a male or female connector required on the cable?
If the connector has visible projecting pins, it is male. If the connector has sockets for projecting pins, it
is female.
Students can use the Lab Activity and the Interactive Media Activity to practice WAN connections.

323
Only for individual use – not for distribute on Internet

12.2.8 Module-1 Summary


This page summarizes the topics discussed in this module.
The major difference between a WAN and a LAN is the geographical area that is covered. A LAN connects
workstations, printers, servers, and other devices within a building or other small area. A WAN is used to
connect multiple LANs, typically over a large geographical area. The primary characteristics of a WAN
include the ability to connect devices separated by wide geographical areas, the use of service companies to
make these connections, and the serial connections used to access bandwidth.
There are several organizations that define and manage the standards used for WAN design such as ITU-T,
ISO, IETF, and EIA.
WANs operate at the physical layer and the data link layer, which are Layers 1 and 2 of the OSI
reference model. The devices used in a WAN, such as routers, CSU/DSUs, modems, and communication
324
Only for individual use – not for distribute on Internet
servers, operate at the physical layer. At the data link layer, the protocols determine how frames are
carried between systems. A router can act as a LAN or a WAN device because it operates at the network
layer, which is Layer 3.
Routers are specialized computers that use the Cisco IOS software to run configuration files. The main
internal components of a router are as follows:
 The CPU, which executes instructions in the operating system
 RAM or DRAM to store the routing tables
 NVRAM to provide storage for the startup configuration file
 Flash memory to hold the IOS
 ROM for the POST
 Interfaces to connect to a PC or modem
There are three ( 3 ) basic external connections on a router:
 LAN interface
 WAN interface
 Management interface
Management is used for the initial setup of the router and for troubleshooting. Most routers provide a console
port, which is an EIA-232 asynchronous serial port. Some routers include an auxiliary port. A rollover cable
and an RJ-45 to DB-9 adapter are used to connect the router console port to a PC.
In a LAN environment, the router is a host that communicates with the LAN through a hub or a switch. It is
connected using a straight-through cable. A WAN is a little more complicated. The DTE is connected from the
CPE to the service provider through a DCE device, which is typically a modem or CSU/DSU. This device
converts the data from the DTE to a form recognized by the service provider. WAN services include leased
line, circuit-switched, or packet-switched. Four considerations are used to select the proper cable:
 The type of connection to the Cisco device
 The type of network system that will be connected, which is DTE or DCE
 The signaling standard
 The type of connector on the cable

13 MODULE 2
13.1 Operating Cisco IOS Software
Overview
Cisco technology is based on the Cisco IOS, which is the software that controls the routing and switching
functions of network devices. A solid understanding of the IOS is essential for a network administrator. This
module will introduce the main features of the IOS and will provide practice in working with the IOS. All
network configuration tasks, from the most basic to the most complex, require a strong foundation in the basics
of router configuration. This module will provide the tools and techniques for basic router configuration that
will be used throughout this course.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -
Students who complete this module should be able to perform the following tasks:
 Describe the purpose of the IOS
 Describe the basic operation of the IOS
 Identify various IOS features
325
Only for individual use – not for distribute on Internet
 Identify the methods to establish a command-line interface (CLI) session with the router
 Alternate between the user executive (EXEC) and privileged EXEC modes
 Establish a HyperTerminal session on a router
 Log into a router
 Use the help feature in the command line interface
 Troubleshoot command errors

Char Hex Dec Name Char Hex Dec Name


NUL 00 0 Null @ 40 64 Commercial At

SOH 01 1 Start of Header A 41 65

STX 02 2 Start of Text B 42 66

ETX 03 3 End of Text C 43 67

EOT 04 4 End of Transmission D 44 68

ENQ 05 5 Enquire E 45 69

ACK 06 6 Acknowledge F 46 70

BEL 07 7 Bell G 47 71

BS 08 8 Backspace H 48 72

HT 09 9 Horizontal Tab I 49 73

LF 0A 10 Line Feed J 4A 74

VT 0B 11 Vertical Tab K 4B 75

FF 0C 12 Form Feed L 4C 76

CR 0D 13 Carriage Return M 4D 77

SO 0E 14 Shift Out N 4E 78

SI 0F 15 Shift In O 4F 79 Letter O

DLE 10 16 Data Link Escape P 50 80

DC1 11 17 Device Control 1 Q 51 81 Letter Q

DC2 12 18 Device Control 2 R 52 82

DC3 13 19 Device Control 3 S 53 83

DC4 14 20 Device Control 4 T 54 84

NAK 15 21 Negative Acknowledge U 55 85

SYN 16 22 Synchronous Idle V 56 86

ETB 17 23 End of Transmission block W 57 87

CAN 18 24 Cancel X 58 88

EM 19 25 End of Medium Y 59 89

SUB 1A 26 Substitute Z 5A 90

ESC 1B 27 Escape [ 5B 91 Open Square Bracket

FS 1C 28 File Separator \ 5C 92 Back slash

GS 1D 29 Group Separator ] 5D 93 Close Square Bracket

RS 1E 30 Record Separator ^ 5E 94 Circumflex/caret

US 1F 31 Unit Separator _ 5F 95 Underscore

SP 20 32 Space or Blank ' 60 96 Single Quote

! 21 33 Exclamation Point a 61 97

" 22 34 Quotation Mark b 62 98

326
Only for individual use – not for distribute on Internet
# 23 35 Number sign (Pound sign) c 63 99

$ 24 36 Dollar Sign d 64 100

% 25 37 Percent Sign e 65 101

& 26 38 Ampersand f 66 102

' 27 39 Apostrophe (Single quote) g 67 103

( 28 40 Opening Parenthesis h 68 104

) 29 41 Closing Parenthesis i 69 105

* 2A 42 Asterisk (Star sign) j 6A 106

+ 2B 43 Plus Sign k 6B 107

, 2C 44 Comma l 6C 108

- 2D 45 Hyphen (Minus) m 6D 109

. 2E 46 Dot (Period) n 6E 110

/ 2F 47 Forward Slash o 6F 111 lower case o

0 30 48 Zero p 70 112

1 31 49 q 71 113

2 32 50 r 72 114

3 33 51 s 73 115

4 34 52 t 74 116

5 35 53 u 75 117

6 36 54 v 76 118

7 37 55 w 77 119

8 38 56 x 78 120

9 39 57 y 79 121

: 3A 58 Colon z 7A 122

; 3B 59 Semi Colon { 7B 123 Open Curly Bracket

< 3C 60 Less Than | 7C 124 OR (Pipe)

= 3D 61 Equality } 7D 125 Close Curly Bracket

> 3E 62 Greater Than ~ 7E 126 Equivalence (tilde)

? 3F 63 Question Mark DEL 7F 127 Delete

13.1.1 The purpose of Cisco IOS software ( IOS = Operating system for Routers
)
As with a computer, a router or switch cannot function without an operating system. This page will review the
Cisco IOS. It is the embedded software architecture in all of the Cisco routers and is also the operating system
of the Catalyst switches. Without an operating system, the hardware does not have any capabilities.
The Cisco IOS provides the following network services:
 Basic routing and switching functions
 Reliable and secure access to networked resources
 Network scalability

327
Only for individual use – not for distribute on Internet

13.1.2 Router user interface


This page will review the Cisco IOS. The IOS is a core technology that extends across most of the Cisco
product line. Its operation details may vary on different internetworking devices.
The CLI environment can be accessed several ways. Typically, the CLI is accessed through a console session.
A console uses a low speed serial connection directly from a computer or terminal to the console connection on
the router. A CLI session can also be accessed remotely through a dialup connection using a modem connected
to the router AUX port. Neither of these methods require that the router have any IP services configured.
A third method of accessing a CLI session is to Telnet to the router. To establish a Telnet session to the router,
at least one interface must be configured with an IP address, and virtual terminal sessions must be configured
for login and passwords.

13.1.3 Router user interface modes


This page will introduce two user interface modes that can be configured for Cisco IOS.
The Cisco CLI uses a hierarchical structure. This structure requires entry into different modes to accomplish
particular tasks. For example, to configure a router interface, the user must enter interface configuration mode.
All configurations that are entered in interface configuration mode apply only to that interface. Each
configuration mode is indicated with a distinctive prompt and allows only commands that are appropriate for
that mode.
The IOS provides a command interpreter service known as the command executive ( EXEC ). After each
command is entered, the EXEC validates and executes the command.
As a security feature the Cisco IOS software separates the EXEC sessions into two access levels. These levels
are user EXEC mode and privileged EXEC mode. The privileged EXEC mode is also known as enable mode.
The following are the features of the user EXEC mode and privileged EXEC mode:
 The user EXEC mode allows only a limited number of basic monitoring commands. This is often
referred to as a view only mode. The user EXEC level does not allow any commands that might change
the configuration of the router. The user EXEC mode can be identified by the > prompt.
 The privileged EXEC mode provides access to all router commands. This mode can be configured to
require a password. For added protection, it can also be configured to require a user ID. This allows
only authorized users to access the router. Configuration and management commands require that the
network administrator be at the privileged EXEC level. Global configuration mode and all other more
specific configuration modes can only be reached from the privileged EXEC mode. The privileged
328
Only for individual use – not for distribute on Internet
EXEC mode can be identified by the # prompt.
To access the privileged EXEC level from the user EXEC level, enter the enable command at the > prompt.
If a password is configured, the router will then ask for that password. For security reasons, a Cisco network
device will not show the password that is entered. When the correct password is entered, the router prompt
will change to # . This indicates that the user is at the privileged EXEC level. When a question mark, ? , is
entered at the privileged EXEC level, it will reveal many more command options than available at the user
EXEC level.
The Lab Activities on this page will allow students to access the CLI and configure different user modes on the
Cisco IOS.

13.1.4 Cisco IOS software features


This page will introduce some IOS images that are provided by Cisco for devices that span a wide range of
network product platforms.
Cisco continues to develop different IOS software images to optimize the Cisco IOS software that these
various platforms require. Each image represents a different feature set that serves the various device
platforms, available memory resources, and customer needs.
Although there are numerous IOS images for different Cisco device models and feature sets, the basic
configuration command structure is the same. The configuration and troubleshooting skills that are acquired for
any device will apply to a wide range of products.
The naming convention for the different Cisco IOS releases contains three parts:
 The platform on which the image runs
 The special features supported in the image
 Where the image runs and whether it has been zipped or compressed
One of the main considerations when selecting a new IOS image is compatibility with the router flash and
RAM memory. In general, the newer the release and the more features that it provides, the more flash and
RAM memory it requires. Use the show version command on the Cisco device to check the current image and
available flash.
The Cisco support site has tools available to help determine the amount of flash and RAM required for each
329
Only for individual use – not for distribute on Internet
image. For example, specific IOS features can be selected using the Cisco Software Advisor, which is available
to registered Cisco.com users. The Cisco Software Advisor is an interactive tool that provides the most current
information and allows users to select options that meet network requirements.
Before installing a new Cisco IOS software image on the router, check to see if the router meets the RAM
memory and flash requirements for that image. To see the amount of RAM, issue the show version command:
…<output omitted>…
cisco 2620 (MPC860) processor (revision 0x102) with 59392K/6144K bytes of memory
This line shows how much main and shared memory is installed in the router. Some platforms use a fraction of
DRAM as shared memory. The memory requirements take this into account, so both numbers have to be added
together to find the amount of DRAM installed on the router.
To find out the amount of flash memory, issue the show flash command:
Router> show flash
…<output omitted>…
[12655376 bytes used, 4121840 available, 16777216 total] 16384K bytes of processor board System
flash (Read/Write)

330
Only for individual use – not for distribute on Internet

331
Only for individual use – not for distribute on Internet

13.1.5 Operation of Cisco IOS software


This page will introduce the three distinct operating environments, or modes, of Cisco IOS devices:
The Cisco IOS devices have three distinct operating environments or modes:
 ROM monitor
 Boot ROM
 Cisco IOS
At startup, a Cisco router normally loads into RAM and executes one of these operating environments. A
system administrator can use the configuration register setting to control the default startup mode for a router.
The ROM monitor performs the bootstrap process and provides low-level functionality and diagnostics. It is
used to recover from system failures and to recover a lost password. The ROM monitor cannot be accessed
through any of the network interfaces. It can only be accessed by way of a direct, physical connection
through the console port.
When the router is running in boot ROM mode, only a limited subset of the Cisco IOS feature set is available.
332
Only for individual use – not for distribute on Internet
Boot ROM allows write operations to flash memory and is used primarily to replace the Cisco IOS image that
is stored in flash. The Cisco IOS image can be modified in boot ROM with the copy tftp flash command.
This command copies an IOS image that is stored on a TFTP server into the flash memory of a router.
The normal operation of a router requires use of the full Cisco IOS image as stored in flash. In some devices,
the IOS is executed directly from flash. However, most Cisco routers require a copy of the IOS to be loaded
into RAM and also executed from RAM. Some IOS images are stored in flash in a compressed format and
have to be expanded when copied to RAM.
To see the IOS image and version that is running, use the show version command, which also indicates
the configuration register setting. The show flash command is used to verify that the system has sufficient
memory to load a new Cisco IOS image.
The Lab Activity on this page will show students how to load a new Cisco IOS image on a router.
This page concludes the discussion about Cisco IOS.

13.2 Starting a Router

13.2.1 Initial startup of Cisco routers


This page will explain the startup process for Cisco routers.
A router initializes by loading the bootstrap, the operating system, and a configuration file. If the router cannot
find a configuration file, it enters setup mode. Upon completion of the setup mode, a backup copy of the
configuration file may be saved to NVRAM.
The goal of the startup routines for Cisco IOS software is to start the router operations. To do this, the
startup routines must accomplish the following:
 Verify that the router hardware is tested and functional.
 Find and load the Cisco IOS software.
 Find and apply the startup configuration file or enter the setup mode.
When a Cisco router powers up, it performs a power-on self test (POST). During this self test, the router
executes diagnostics from ROM on all hardware modules. These diagnostics verify the basic operation of the
CPU, memory, and network interface ports. After verifying the hardware functions, the router proceeds with
software initialization.
After the POST, the following events occur as the router initializes:
333
Only for individual use – not for distribute on Internet
1. The generic bootstrap loader in ROM executes. A bootstrap is a simple set of instructions that tests
hardware and initializes the IOS for operation.
2. The IOS can be found in several places. The boot field of the configuration register determines the
location that is used to load the IOS. If the boot field indicates a flash or network load, boot system
commands in the configuration file indicate the exact name and location of the image.
3. The operating system image is loaded. When the IOS is loaded and operational, a listing of the
available hardware and software components is sent to the console terminal screen.
4. The configuration file saved in NVRAM is loaded into main memory and executed one line at a
time. The configuration commands start routing processes, supply addresses for interfaces, and
define other operating characteristics of the router.
5. If no valid configuration file exists in NVRAM, the operating system searches for an available
TFTP server. If no TFTP server is found, the setup dialog is initiated.
Setup mode is not intended to be used to enter complex protocol features in a router. The purpose of the setup
mode is to permit administrators to install a basic configuration for routers when a configuration cannot be
obtained from another source.
In the setup mode, default answers appear in square brackets [ ] following the question.
Press the Enter key to use these defaults. During the setup process, Ctrl-C can be pressed at any time to
terminate the process. When Ctrl-C is used to terminate setup, all interfaces are administratively shut down.
When the configuration process is completed in setup mode, the following options will be displayed:
[0] Go to the IOS command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration to nvram and exit. Enter your selection [2]:
Students can use the Lab Activity to practice configurations in setup mode.
The next page will discuss router LED indicators.

334
Only for individual use – not for distribute on Internet

13.2.2 Router LED indicators


This page will explain how routers use LED indicators.
Cisco routers use LED indicators to provide status information. LED indicators will vary for different Cisco
router models.
An interface LED indicates the activity of the corresponding interface. A problem may be indicated if an LED
is off when the interface is active and the interface is correctly connected. If an interface is extremely busy, its
LED will always be on. The green OK LED to the right of the AUX port will be on after the system initializes
correctly. The next page will examine the initial router bootup.

13.2.3 The initial Router bootup


This page will discuss the information and messages that are displayed during the initial router bootup. This
information will vary, depending on the interfaces in the router and the Cisco IOS release. The screens
displayed on this page are for reference only and may not reflect what the screen displays on the console.
In Figure 1, the statement ―NVRAM invalid, possibly due to write erase‖, tells the user that this router has not
been configured yet or that the NVRAM has been erased. In order for the NVRAM to be valid after a router is
configured and the configuration file is saved to NVRAM, the router must be configured to use the NVRAM
configuration file. The factory-default setting for the configuration register is 0x2102, which indicates that the
router should attempt to load a Cisco IOS image from flash memory.

In Figure 2, the user can determine the bootstrap version and the IOS version the router is using as well as the
router model, processor, and the amount of memory the router contains. The figure also includes the following
information:
335
Only for individual use – not for distribute on Internet
 The number of interfaces
 The types of interfaces
 The amount of NVRAM
 The amount of flash memory
In Figure 3, the user has the option to enter setup mode. Remember, the primary purpose of the setup mode is
to permit an administrator to install a basic router configuration when it cannot be obtained from another
source.The next page will teach students how to establish a console session with a router

336
Only for individual use – not for distribute on Internet
13.2.4 Establish a console session
This page will explain how a console session is established with a router.
All Cisco routers include a TIA/EIA-232 asynchronous serial console port. The console port is an RJ-45.
Cables and adapters are needed to connect a console terminal to the console port. A console terminal is an
ASCII terminal or PC that runs terminal-emulation software such as HyperTerminal. Use an RJ-45 to RJ-45
rollover cable with a female RJ-45 to DB-9 adapter to connect this type of a PC to the console port.
The default parameters for the console port are 9600 baud, 8 data bits, no parity, 1 stop bit, and no flow
control. The console port does not support hardware flow control.
Take the following steps to connect a terminal to the console port on a router:
1. Connect the terminal using the RJ-45 to RJ-45 rollover cable and an RJ-45 to DB-9 adapter. 1
2. Configure the terminal or PC terminal emulation software for 9600 baud, 8 data bits, no parity,
1 stop bit, and no flow control.
Figure 2 shows a list of operating systems and the terminal emulation software that may be used.
In the Lab Activity, students will use HyperTerminal to establish a console session with a router.
The next page will teach students how to log into a router.

13.2.5 Router login


To enter commands and configure a Cisco router, a user must log into the router to access the user interface.
This page will show students how to log into a router.
For security purposes, a Cisco router has two levels of access to commands:
 User EXEC mode – Typical tasks include commands that check the status of a router.
 Privileged EXEC mode –Typical tasks include commands that change the router configuration.
The user EXEC mode prompt is displayed upon login to a router, as shown in Figure
.
To enter privileged EXEC mode, type enable at the > prompt. If a password has been set, enter it at the
password: prompt. The two commands that can be used to set a password for privileged EXEC mode are
enable password and enable secret . Two commands can be used to set a password used to access privileged
EXEC mode: enable password and enable secret . If both commands are used, the enable secret command
takes precedence. After the login steps have been completed, the prompt changes to a # . This indicates that the
privileged EXEC mode has been entered. The global configuration mode can only be accessed from the

337
Only for individual use – not for distribute on Internet
privileged EXEC mode. The following are specific modes that can also be accessed from the global
configuration mode:
 Interface
 Subinterface
 Line
 Router
 Route-map
To return to the user EXEC mode from the privileged EXEC mode, the disable command may be entered.
Type exit or end or press Ctrl-Z to return to privileged EXEC mode from global configuration mode. Ctrl-Z
may also be used to return directly to the privileged EXEC mode from any sub-mode of global configuration.
The next page covers some help functions of the Cisco IOS.

13.2.6 Keyboard help in the router CLI


This page will introduce some router help functions.
A question mark, ? , can be entered at the user EXEC or privileged EXEC mode prompt to display a list of
available commands.
-1- Notice the --More-- at the bottom of the display in Figure
-1-The --More-- prompt indicates that there are multiple screens of output. When a --More-- prompt appears,
press the Spacebar to view the next available screen. To display just the next line, press the Return or Enter
key. Press any other key to return to the prompt. -1-
To access privileged EXEC mode, type enable or the abbreviation en or ena . This might cause the router to
prompt the user for a password if one has been set. Figure -2- lists the commands that are available in
privileged EXEC mode.
Screen output varies, depending on Cisco IOS software level and router configuration.
The help function, or question mark, ? , can be used to display the commands that are used to perform certain
tasks. -3- The following exercise illustrates one of the many uses of the help function.
If a user wants to set the router clock and does not know the command, the help function can be used as
follows:
1. Use ? to find the command for setting the clock. The help output shows that the clock command is
required.
2. Check the syntax for changing the time.
3. Enter the current time by using hours, minutes, and seconds, as shown in Figure -4-. The system
indicates that additional information needs to be provided to complete the command.
338
Only for individual use – not for distribute on Internet
4. Press Ctrl-P or the Up Arrow to repeat the previous command entry. Then add a space and a
question mark (?) to reveal the additional arguments. Now the command entry can be completed.
5. The caret symbol (^) and help response indicate an error. The placement of the caret symbol shows
where the possible problem is located. To input the correct syntax, re-enter the command up to the
point where the caret symbol is located and then enter a question mark (?).
6. Enter the year, using the correct syntax, and press Return or Enter to execute the command.
The Lab Activities on this page will help students become more familiar with the keyboard help features in the
Cisco IOS.
As demonstrated in the IOS Auto-Completion e-Lab, typing an abbreviated command, such as sh , followed by
the Tab key completes a partial command name.
The next page will introduce some enhanced editing commands that are available in the Cisco IOS.

339
Only for individual use – not for distribute on Internet

340
Only for individual use – not for distribute on Internet

341
Only for individual use – not for distribute on Internet

342
Only for individual use – not for distribute on Internet
13.2.7 Enhanced editing commands
This page will introduce the enhanced editing mode that is available in the Cisco IOS user interface. This mode
provides a set of editing key functions that allows a user to edit a command line as it is being typed.
The key sequences indicated in Figure -1- can be used to move the cursor on the command line for corrections
or changes. Although enhanced editing mode is automatically enabled with the current software release, it can
be disabled if it interferes with the interaction of written scripts. To disable enhanced editing mode, type
terminal no editing at the privileged EXEC mode prompt.
The editing command set provides a horizontal scrolling feature for commands that extend beyond a single line
on the screen. When the cursor reaches the right margin, the command line shifts ten spaces to the left. The
first ten characters of the line cannot be seen, but a user can scroll back and check the syntax at the beginning
of the command. To scroll back, press Ctrl-B or the Left Arrow key repeatedly until the beginning of the
command entry is reached. Ctrl-A will return a user directly to the beginning of the line.
In the example shown in Figure -2-, the command entry extends beyond one line. When the cursor first reaches
the end of the line, the line is shifted ten spaces to the left and redisplayed. The dollar sign ($) indicates that the
line has been scrolled to the left. Each time the cursor reaches the end of the line, the line is again shifted ten
spaces to the left.
Ctrl-Z is a command used to back out of configuration mode. This will return the user to the privileged EXEC
mode prompt.
Students can use the Interactive Media Activity on this page to test their knowledge of the enhanced editing
commands.

13.2.8 Router command history


The user interface provides a history or record of commands that have been entered. This page will explain the
use and benefits of this feature. This feature is particularly useful for recalling long or complex commands or
entries. The command history feature can be used to perform the following tasks:
 Set the command history buffer size
 Recall commands
 Disable the command history feature
The command history is enabled by default and the system records ten command lines in its history buffer. To
change the number of command lines the system records during a terminal session, use the terminal history
size or the history size command.
The maximum number of commands is 256.

343
Only for individual use – not for distribute on Internet
To recall the most recent command in the history buffer, press Ctrl-P or the Up Arrow key. Repeat this
process to recall successively older commands. To return to a more recent command in the history buffer, press
Ctrl-N or the Down Arrow key. Repeat this process to recall successively more recent commands.
When typing commands, as a shortcut, the unique characters may be entered for a command. Press the Tab
key, and the interface will finish the entry. When the typed letters uniquely identify the command, the Tab key
simply acknowledges visually that the router has understood the specific command that was intended.
On most computers additional select and copy functions are available. A previous command string may be
copied and then pasted or inserted as the current command entry.
Students can use the Interactive Media Activity to match keystroke combinations with the correct router
commands. The next page will teach students how to troubleshoot command line errors.

13.2.9 Troubleshooting command line errors


This page will show students how to locate and fix command line errors.
Command line errors occur primarily from typing mistakes. If a command keyword is incorrectly typed, the
user interface uses the caret symbol ( ^ ) to identify and isolate the error. The ^ appears at the point in the
command string where an incorrect command, keyword, or argument was entered. The error location indicator
and interactive help system allow the user to easily find and correct syntax errors.
Router#clock set 13:32:00 23 February
99
^
% Invalid input detected at '^' marker.
The caret symbol (^) and help response indicate an error at 99. To list the correct syntax, enter the command up
to the point where the error occurred and then enter a question mark ( ? ):
Router#clock set 13:32:00 23 February ?
<1993-2035> Year
Router#clock set 13:32:00 23 February
Use the correct syntax to add the year and press Enter or Return to execute the command.
Router#clock set 13:32:00 23 February 1999
If a command line is entered incorrectly, and the Enter key is pressed, the Up Arrow can be pressed to repeat
the last command. Use the Right Arrow and Left Arrow keys to move the cursor to the location where the
mistake was made. Then make the correction. If something needs to be deleted, use the Backspace key.
The Lab Activity on this page will allow students to use some basic router commands to determine how a
router is configured. The next page will discuss the show version command.

344
Only for individual use – not for distribute on Internet

13.2.10 The show version command


This page will discuss the show version command. This command displays information about the Cisco IOS
software version that is installed on the router. This includes the configuration register and the boot field
settings.
Figure -1- shows the following information from the show version command:
 IOS version and descriptive information
 Bootstrap ROM version
 Boot ROM version
 Router up time
 Last restart method
 System image file and location
 Router platform
 Configuration register setting
Use the show version command to identify a router IOS image and boot source.
This page concludes the lesson on basic router commands. The next page will summarize the main points from
this module.

345
Only for individual use – not for distribute on Internet

13.2.11 Module 2. Summary


This page summarizes the topics discussed in this module.
The Cisco IOS is embedded in all Cisco routers. The purpose of the Cisco IOS software is to provide basic
routing and switching functions, to give the network scalability, and to provide a reliable and secure way to
access the network resources.
The Cisco IOS software uses a command-line interface accessed through a console session or by using a dial-
up connection through a modem connected to the router AUX port. A Telnet session to the router can be
established remotely if at least one interface is configured with an IP address.
Cisco IOS software provides a command interpreter service known as the command EXEC. After each
command is entered, the EXEC validates and executes the command.
There are two access levels available for added security. The user EXEC mode, which is identified by a >
prompt, provides basic monitoring commands. From user EXEC mode, a user can run basic commands. For
example, the user can view router properties or make temporary changes to the terminal settings. No password
is required to access the user EXEC mode.

346
Only for individual use – not for distribute on Internet
The privileged EXEC mode, which is identified by a # prompt, is the global configuration and management
mode. This mode allows access to all router commands. Within privileged EXEC mode, a user can configure
the router interfaces, connect to external sources, load protocols, and move or delete files.
The enable command is used to access privileged EXEC mode. Privileged EXEC mode can also be configured
with user name and password for more security.
Enter ? to view a list of available commands in a given mode. If the system detects any errors in a command, a
carat symbol (^) will display as a marker. In addition, the enhanced editing mode provides a set of editing key
functions that allows the user to edit a command line as it is being typed.
Compatibility issues with the router flash and RAM memory are major considerations before a newer release
of the Cisco IOS software can be installed. Use the show version command to check current resources and
available memory. Newer releases with more features will typically require more memory. The show flash
command is used to verify that the system has sufficient memory to load a new Cisco IOS image. Use of the
Cisco Software Advisor provides the most current information and allows the selection of options that meet
network requirements.

14 MODULE 3
Module Overview
The initial steps that are used to configure a router are not very difficult. If students become familiar with these
steps and learn how to move between the router user modes, it will be easier to perform complex router
configurations. This module introduces the basic configuration modes of the router and provides opportunities
to practice simple configurations.
A clear, easy to understand router configuration that is backed up regularly should be a goal of all network
administrators. The Cisco IOS provides many tools that an administrator can use to add information to the
configuration file for documentation purposes. A network administrator should provide as much information as
possible in case another person becomes responsible for the network.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams.
-
Students who complete this module should be able to perform the following tasks:
 Name a router
 Set passwords
 Examine show commands
 Configure a serial interface
 Configure an Ethernet interface
 Execute changes to a router
 Save changes to a router
 Configure an interface description
 Configure a message-of-the-day banner

347
Only for individual use – not for distribute on Internet
 Configure host tables
 Understand the importance of backups and documentation

14.1 Configure a Router

14.1.1 CLI command modes


This page will discuss some features that are available from global configuration mode.
All CLI configuration changes to a Cisco router are made from global configuration mode, which is sometimes
called global config. Global config is the primary configuration mode. Specific modes are used for various
configuration changes, but these modes are all subsets of the global configuration mode.
Global configuration mode commands are used in a router to apply configuration statements that affect the
system as a whole. The following command moves the router into global configuration mode and allows entry
of commands from the terminal:
NOTE
The prompt changes to indicate that the router is now in global configuration
mode.
Router#configure terminal
Router(config)#
The prompt will change to indicate that the router is in global configuration mode. Here are a few of the modes
that can be entered from global configuration mode:
 Interface mode
 Line mode
 Router mode
 Subinterface mode
 Controller mode
When these specific modes are entered, the router prompt changes to indicate the current configuration mode.
Any configuration changes that are made will apply only to the interfaces or processes covered by the
particular mode. Type exit from one of the specific modes to return a router to global configuration mode.
Pressing Ctrl-Z leaves the configuration modes completely and returns the router to privileged EXEC mode.

348
Only for individual use – not for distribute on Internet
14.1.2 Configuring a router name
This page will explain how a router name is configured.
A router should be given a unique name as one of the first configuration tasks. This task is accomplished in
global configuration mode with the following command:
Router(config)#hostname Tokyo
Tokyo(config)#
When the Enter key is pressed, the prompt will change from the default host name, which is Router, to the
newly configured host name, which is Tokyo.
The Lab Activity will help students identify and access two basic router command modes. The next page will
show students how to configure router passwords.

14.1.3 Configuring router passwords


This page will explain how router passwords are configured and why they are important.
Passwords restrict access to routers. Passwords should always be configured for virtual terminal (vty) lines and
the console line. Passwords are also used to control access to privileged EXEC mode so that only authorized
users may make changes to the configuration file.
The following commands are used to set an optional but recommended password on the console line:
Router(config)#line console 0
Router(config-line)#login
Router(config-line)#password <password >
A password must be set on one or more of the vty lines for users to gain remote access to a router through
Telnet. Most Cisco routers support five ( 5 ) vty lines numbered 0 through 4. Other hardware platforms
support different numbers of vty connections. The same password is generally used for all vty lines. However,
a unique password can be set for one line to provide a fall-back entry to the router if the other four connections
are in use. The following commands are used to set a password on vty lines:
Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password <password >
The enable password and enable secret commands are used to restrict access to the privileged EXEC mode.
The enable password is only used if the enable secret has not been set. The enable secret command should
be used because the enable secret command is encrypted. The enable password command is not encrypted.
The following commands are used to set the passwords:
Router(config)#enable password <password >
Router(config)#enable secret <password >
Sometimes it is undesirable for passwords to be shown in clear text in the output from the show running-
config or show startup-config commands. This command is used to encrypt passwords in configuration
output:
Router(config)#service password-encryption
The service password-encryption command applies a weak encryption to all unencrypted passwords. The
enable secret <password > command uses a strong MD5 algorithm for encryption.
The Lab Activities on this page will help students configure passwords and enter CLI command modes.

349
Only for individual use – not for distribute on Internet

14.1.4 Examining the show commands


This page will introduce some show commands. Many of these commands can be used to examine the contents
of files in the router and for troubleshooting. In both privileged EXEC and user EXEC modes, the command
show ? provides a list of available show commands. The list is considerably longer in privileged EXEC mode
than it is in user EXEC mode.
Students should learn the functions of the following commands:
 show interfaces – Displays statistics for all interfaces on a router. To view the statistics for a specific
interface, enter the show interfaces command followed by the specific interface slot/port number. This
is shown in the following example:
Router#show interfaces serial 0/1
 show controllers serial - Displays information that is specific to the interface hardware. This command
must also include the port or slot/port number of the serial interface. For example:
Router#show controllers serial 0/1
 show clock - Shows the time set in the router
 show hosts - Displays a cached list of host names and addresses
 show users - Displays all users who are connected to the router
 show history - Displays a history of commands that have been entered
 show flash - Displays information about flash memory and what IOS files are stored there
 show version - Displays information about the currently loaded software version along with hardware
and device information.
 show arp - Displays the ARP table of the router
 show protocols - Displays the global and interface-specific status of any configured Layer 3 protocols
 show startup-config - Displays the saved configuration located in NVRAM
 show running-config - Displays the contents of the currently running configuration file or the
configuration for a specific interface, or map class information.
The Lab Activities on this page will teach students how to view router configurations with the show
commands.

350
Only for individual use – not for distribute on Internet

351
Only for individual use – not for distribute on Internet
SHOW INTERFACE ……Important command

14.1.5 Configuring a serial interface


This page will explain how a serial interface can be configured from the console or through a virtual terminal
line. To configure a serial interface follow these steps:
 Enter global configuration mode.
 Enter interface mode.
 Specify the interface address and subnet mask.
 Set clock rate if a DCE cable is connected. Skip this step if a DTE cable is connected.
 Turn on the interface.
Each connected serial interface must have an IP address and subnet mask to route IP packets. Configure the IP
address with the following commands:

Router(config)#interface serial 0/0


Router(config-if)#ip address <ip address > <netmask >
Serial interfaces require a clock signal to control the timing of the communications. In most environments, a
352
Only for individual use – not for distribute on Internet
DCE device such as a CSU/DSU will provide the clock. By default, Cisco routers are DTE devices but they
can be configured as DCE devices.
On serial links that are directly interconnected, as in a lab environment, one side must be considered a DCE
and provide a clocking signal. The clock is enabled and speed is specified with the clock rate command. The
available clock rates in bits per second are 1200, 2400, 9600, 19200, 38400, 56000, 64000, 72000, 125000,
148000, 500000, 800000, 1000000, 1300000, 2000000, or 4000000. Some bit rates might not be available on
certain serial interfaces. This depends on the capacity of each interface.
By default, interfaces are turned off, or disabled. To turn on or enable an interface, the command no shutdown
is entered. If an interface needs to be administratively disabled for maintenance or troubleshooting, the
shutdown command used to turn off the interface.
In the lab environment, the clockrate setting that will be used is 56000. The commands that are used to set a
clock rate and enable a serial interface are as follows:
Router(config)#interface serial 0/0
Router(config-if)#clock rate 56000
Router(config-if)#no shutdown
Students can use the Lab Activities on this page to configure serial interfaces.

14.1.6 Making configuration changes


This page will explain how configuration variables can be changed in different modes.
If a configuration requires modification, go to the appropriate mode and enter the proper command. For
example, if an interface must be enabled, enter global configuration mode, enter interface mode, and issue the
command no shutdown .
To verify changes, use the show running-config command. This command will display the current
configuration. If the variables displayed are not correct, the environment can be changed in the following
ways:
 Issue the no form of a configuration command.
 Reload the system to return to the original configuration file from NVRAM.
 Copy an archived configuration file from a TFTP server.

353
Only for individual use – not for distribute on Internet
 Remove the startup configuration file with the erase startup-config , then restart the router and enter
setup mode.
To save the configuration variables to the startup configuration file in NVRAM, enter the following command
at the privileged EXEC prompt:
Router#copy running-config startup-config
Students can use the Lab Activity to practice some basic configuration changes.

14.1.7 Configuring an Ethernet interface


This page will explain how an Ethernet interface can be configured from the console or a virtual terminal line.
Each Ethernet interface must have an IP address and subnet mask to route IP packets.
To configure an Ethernet interface follow these steps:
 Enter global configuration mode.
 Enter interface configuration mode.
 Specify the interface address and subnet mask.
 Enable the interface.
By default, interfaces are turned off, or disabled. To turn on or enable an interface, the command no shutdown
is entered. If an interface needs to be disabled for maintenance or troubleshooting, use the shutdown command
to turn off the interface. The Lab Activities will allow students to configure Ethernet interfaces on a router.

354
Only for individual use – not for distribute on Internet
14.2 Finishing the Configuration

14.2.1 Importance of configuration standards


This page explains why it is important to develop standards for configuration files within an organization.
Configuration standards can be used to control of the number of configuration files that must be maintained,
how the files are stored, and where the files are stored.
A standard is a set of rules or procedures that are either widely used or officially specified. If an organization
does not have standards, the network will be in chaos if a service interruption occurs.
Network management requires a centralized support standard. Configuration, security, performance, and other
issues must be addressed for the network to function properly. The creation of standards for network
consistency helps reduce network complexity, unplanned downtime, and events that may affect network
performance. The next page will discuss interface descriptions.

14.2.2 Interface descriptions


This page will explain what interface descriptions are and why they are used.
An interface description should identify important information such as a router, a circuit number, or a specific
network segment. A description of an interface can help a network user remember specific information about
the interface, such as what network the interface services.
The description will appear in the configuration files that exist in the router memory. However, it will not
affect the operation of a router. A description only provides information about an interface. Descriptions are
created by following a standard format that applies to each interface. The description may include the purpose
and location of the interface, other devices or locations connected to the interface, and circuit identifiers.
Descriptions allow support personnel to better understand the scope of problems related to an interface and
allow for faster resolution of problems

14.2.3 Configuring an interface description


This page will teach students how to configure an interface description.
To configure an interface description, enter global configuration mode. From global configuration mode, enter
interface configuration mode. Use the command description followed by the information.
The steps to configure an interface description are as follows:
Use the configure terminal command to enter global configuration mode.
Enter a specific interface mode such as interface ethernet 0 .

355
Only for individual use – not for distribute on Internet
Enter the command description followed by the information that is to be displayed, such as XYZ Network,
Building 18.
Use Ctrl-Z to exit interface mode and return to privileged EXEC mode.
Use the copy running-config startup-config command to save the configuration changes to NVRAM.
Here are two examples of interface descriptions:
interface ethernet 0
description LAN Engineering, Bldg.2
interface serial 0
description ABC network 1, Circuit 1
The Lab Activity on this page will allow students to choose and configure interface descriptions.
The next page will describe login banners.

14.2.4 Login banners


This page will explain what login banners are and why they are used.
A login banner is a message that is displayed at login. Login banners can be used to convey messages that
affect all network users, such as scheduled system shutdowns.
Login banners can be seen by anyone. Therefore, a banner message should be worded carefully. ―Welcome‖ is
an invitation for anyone to enter a router and is probably not an appropriate message.
A login banner should warn users not to attempt login unless they are authorized. A message such as ―This is a
secure system, authorized access only!‖ informs unwanted visitors that any further intrusion is illegal.
The next page will explain how message-of-the-day banners are configured.

356
Only for individual use – not for distribute on Internet

14.2.5 Configuring message-of-the-day (MOTD)


This page will explain how a message-of-the-day (MOTD) banner can be configured and displayed on all
connected terminals.
Enter global configuration mode to configure an MOTD banner. Use the banner motd command, followed by
a space and a delimiting character, such as the pound sign (#). Add an MOTD followed by a space and the
delimiting character again.
Follow these steps to create and display a message-of-the-day:
 Use the configure terminal command to enter global configuration mode.
 Enter the command banner motd # <message of the day > # .
 Issue the copy running-config startup-config command to save the changes.
Students can use the Lab Activities to configure basic router settings such as the MOTD.
The next page will discuss host name resolution.

14.2.6 Host name resolution


This page will explain how Cisco IOS performs host name resolution.
Host name resolution is the process that a computer system uses to associate a host name with an IP address.
In order to use host names to communicate with other IP devices, network devices such as routers must be able
to associate the host names with IP addresses. A list of host names and their associated IP addresses is called a
host table.
A host table might include all devices in a network organization. Each unique IP address can have a host name
associated with it. The Cisco IOS software maintains a cache of host name-to-address mappings for use by
EXEC commands. This cache speeds up the process of converting names to addresses.

357
Only for individual use – not for distribute on Internet
Host names, unlike DNS names, are significant only on the router on which they are configured. The host table
will allow the network administrator to type either the host name such as Auckland or the IP address to Telnet
to a remote host. The next page will explain how host tables are configured.

14.2.7 Configuring host tables


This page will teach students how to configure a host table.
To assign host names to addresses, first enter global configuration mode. Issue the command ip host followed
by the name of the destination and all IP addresses where the device can be reached. This maps the host name
to each of its interface IP addresses. To test connectivity to the host, use a telnet or ping command with the
name of the router or an IP address that is associated with the router name.
The procedure to configure a host table is as follows:
 Enter global configuration mode.
 Enter the ip host command followed by the name of the router and all IP addresses associated with
the router interfaces.
 Repeat Step 2 until all routers in the network are entered.
 Save the configuration to NVRAM.
In the Lab Activities, students will configure host tables that identify routers and interfaces. The next page
explains how configuration files should be managed.

358
Only for individual use – not for distribute on Internet

14.2.8 Configuration backup and documentation


This page will discuss the backup and documentation of configuration files.
The configuration of network devices determines how the network will behave. Management of device
configuration includes the following tasks:
 List and compare configuration files on running devices.
 Store configuration files on network servers.
 Perform software installations and upgrades.
Configuration files should be stored as backup files in the event of a problem. Configuration files can be stored
on a network server, on a TFTP server, or on a disk stored in a safe place.
-1- Include documentation with the offline information. The next page will explain how configuration files can
be copied and implemented.

14.2.9 Backing up configuration files


This page will teach students how to backup and restore configuration files using tftp.
A current copy of the configuration can be stored on a TFTP server. The copy running-config tftp command
can be used to store the current configuration on a network TFTP server, as shown in Figure -1- . To do so,
complete the following tasks:
1. Enter the copy running-config tftp command.
2. Enter the IP address of the host where the configuration file will be stored.
3. Enter the name to assign to the configuration file.

359
Only for individual use – not for distribute on Internet
4. Answer yes to confirm each choice.
A configuration file stored on one of the network servers can be used to configure a router. To do so, complete
the following tasks:
1. Use the copy tftp running-config command to enter configuration mode, as shown in Figure -2-
2. Select a host or network configuration file at the system prompt. The network configuration file
contains commands that apply to all routers and terminal servers on the network. The host
configuration file contains commands that apply to one router in particular. At the system prompt,
enter the IP address of the remote host where the TFTP server is located. In this example, the router
is configured from the TFTP server at IP address 131.108.2.155.
3. Enter the name of the configuration file or accept the default name. The filename convention is
UNIX-based. The default filename is hostname-config for the host file and network-config for the
network configuration file. In the DOS environment, filenames are limited to eight characters plus a
three-character extension, such as router.cfg. Confirm the configuration filename and the tftp
server address that the system supplies. Notice in Figure
that the router prompt changes to tokyo immediately. This is evidence that the reconfiguration
happens as soon as the new file is downloaded.
To save a router configuration to a disk or hard drive, capture text in the router and save it. If the file needs to
be copied back to the router, use the standard edit features of a terminal emulator program to paste the
command file into the router.
The Lab Activity on this page will allow students to capture the running configuration of a router.
This page concludes the lesson about router configurations. The next page will summarize the main points
from this module.

360
Only for individual use – not for distribute on Internet
14.2.10 Module 3. Summary
This page summarizes the topics discussed in this module.
A router has several modes that are used to accomplish specific tasks. The user EXEC mode is used primarily
to check the status of a router. The privileged EXEC mode allows administrators to set usernames and
passwords for access to router commands. Global configuration mode is used to apply configuration statements
that affect a whole system.
One of the first configuration tasks is to give a unique name to a router. For security purposes, passwords and
user IDs for authorized users should be set. The show command is used to examine the contents of files and for
troubleshooting.
Serial interfaces require a clock signal to control the timing of the communications. An interface must have an
IP address and subnet mask to route IP packets. By default, interfaces are turned off or disabled. Use the no
shutdown command to turn on an interface. Use the show running-config command to display the current
running configuration to verify any modifications.
Configuration standards are developed for consistency, to reduce network complexity, to reduce downtime,
and to maximize network performance. Some standards for configuration files include the number of files to
maintain, how they are stored, and where they are stored. Interface descriptions, login banners, and MOTDs
can be standardized to inform users about events such as downtime and to warn unauthorized users.
Host name resolution translates names to IP addresses. The Cisco IOS software maintains a cache of host
name-to-address mappings for use by EXEC commands. The cache speeds up the conversion process. Unlike
DNS, host names are only significant to the router on which they are configured. Host names are entered in
global configuration mode.
Configuration backup can be stored on a TFTP server, on a network server, or on a disk. A specific backup
plan will ensure that the files are available if a problem occurs.

15 MODULE 4
Module Overview
Sometimes network documentation is incomplete or inaccurate. Cisco Discovery Protocol (CDP) is a useful
tool in these situations because it can build a basic picture of a network. CDP is a media and protocol
independent, Cisco proprietary protocol used for neighbor discovery. CDP will only show information about
directly connected neighbors but it is still a powerful tool.
After a router is initially configured it is often difficult to connect directly to the router for configuration
changes or other activities. Telnet is a TCP/IP-based application that allows remote connection to the router
command-line interface (CLI) for configuration, monitoring, and troubleshooting purposes. Telnet is an
essential tool for network professionals.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -
Students who complete this module should be able to perform the following tasks:
 Enable and disable CDP
 Use the show cdp neighbors command
 Determine which neighbor devices are connected to each local interface
 Gather network address information about neighbor devices that use CDP
 Establish a Telnet connection
 Verify a Telnet connection
 Disconnect from a Telnet session
 Suspend a Telnet session
 Perform alternative connectivity tests
 Troubleshoot remote terminal connections
361
Only for individual use – not for distribute on Internet
15.1 Discovering and Connecting to Neighbors

15.1.1 Introduction to CDP


This page will introduce Cisco Discovery Protocol (CDP). CDP is a Layer 2 protocol on the OSI that
connects lower physical media and upper network layer protocols, as shown in Figure -1-. CDP is used to
obtain information about neighboring Cisco devices, such as the types of devices connected, the router
interfaces they are connected to, the interfaces used to make the connections, and the model numbers of the
devices. CDP is media and protocol independent, and runs on all Cisco equipment over the Subnetwork Access
Protocol (SNAP).
CDP Version 2 (CDPv2) is the most recent release of the protocol. Cisco IOS Release 12.0(3)T or later
supports CDPv2. CDP Version 1 (CDPv1) is enabled by default with Cisco IOS Release 10.3 to 12.0(3)T.
When a Cisco device boots up, CDP starts up automatically and allows the device to detect neighbor devices
that use CDP. CDP operates at the data link layer and allows two systems to learn about each other, even if
they use different network layer protocols.
Each device that is configured for CDP sends periodic messages, which are known as advertisements, to
directly connected Cisco devices. Each device advertises at least one address at which it can receive Simple
Network Management Protocol (SNMP) messages. The advertisements also contain time-to-live or holdtime
information, which indicates the length of time that receiving devices should hold CDP information before
they discard it. Each device also listens to periodic CDP messages that are sent by others to learn about
neighbor devices.

15.1.2 Information obtained with CDP


This page will explain how CDP is used to obtain information about network devices.
The primary use of CDP is to discover all Cisco devices that are directly connected to a local device. Use the
show cdp neighbors command to display CDP updates on the local device.
Figure -1- displays an example of how CDP delivers its collection of information to a network administrator.
Each router that uses CDP exchanges protocol information with its neighbors. The network administrator can
display the results of this CDP information exchange on a console that is connected to a local router.
An administrator can use the show cdp neighbors command to display information about the networks that are
directly connected to a router. CDP transmits type length values (TLVs) to provide information about each
CDP neighbor device. TLVs are blocks of information embedded in CDP advertisements.
Device TLVs displayed by the show cdp neighbors command include the following:
 Device ID

362
Only for individual use – not for distribute on Internet
 Local Interface
 Holdtime
 Capability
 Platform
 Port ID
The following TLVs are only included in CDPv2:
 VTP management domain name
 Native VLAN
 Full or half-duplex
Notice that the router at the bottom of Figure is not directly connected to the console router that is used by
the administrator. To obtain CDP information about this device, the administrator would need to Telnet to a
router that is directly connected to this device.

15.1.3 Implementation, monitoring, and maintenance of CDP


This page will introduce the commands that are used to implement, monitor, and maintain CDP information:
 cdp run
 cdp enable
 show cdp traffic

363
Only for individual use – not for distribute on Internet
 clear cdp counters
 show cdp
 show cdp entry {*|device-name [*][protocol | version]}
 show cdp interface [type number]
 show cdp neighbors [type number] [detail]
The cdp run command is used to enable CDP globally on a router. By default, CDP is globally enabled. The
cdp enable command is used to enable CDP on a particular interface. On Cisco IOS Release 10.3 or higher,
CDP is enabled by default on all supported interfaces to send and receive CDP information. CDP can be
enabled on all device interfaces with the cdp enable command.
The Lab Activity on this page will teach students about some basic CDP commands.

364
Only for individual use – not for distribute on Internet

365
Only for individual use – not for distribute on Internet

15.1.4 Creating a network map of the environment


This page will explain how the information that is obtained by CDP can be used to create a network map.
CDP was designed and implemented as a simple, low-overhead protocol. Though a CDP frame can be small, it
can retrieve a lot of useful information about directly connected Cisco devices.
This information can be used to create a network map of the connected devices. To discover devices that are
connected to neighbor devices, use Telnet to connect to the neighbors. Then use the show cdp neighbors
command.
The Lab Activity will show students how to use CDP commands to learn about neighboring network devices.

15.1.5 Disabling CDP


This page will show students how to disable CDP.
To disable CDP at the global level, use the no cdp run command in global configuration mode. If CDP is
disabled globally, individual interfaces cannot be enabled for CDP.

366
Only for individual use – not for distribute on Internet
On Cisco IOS Release 10.3 or higher, CDP is enabled by default on all supported interfaces to send and receive
CDP information. However, on some interfaces, such as asynchronous interfaces, CDP is disabled by default.
If CDP is disabled use the cdp enable command in interface configuration mode. To disable CDP on a specific
interface after it has been enabled, use the no cdp enable command in interface configuration mode

15.1.6 Troubleshooting CDP


This page will introduce some commands that can be used to show the version and update CDP information,
tables, and traffic:
 clear cdp table
 clear cdp counters
 show cdp traffic
 show debugging
 debug cdp adjacency
 debug cdp events
 debug cdp ip
 debug cdp packets
 cdp timer
 cdp holdtime
 show cdp
The Lab Activities on this page will require students to use CDP commands to learn about other devices.

367
Only for individual use – not for distribute on Internet

368
Only for individual use – not for distribute on Internet

369
Only for individual use – not for distribute on Internet

370
Only for individual use – not for distribute on Internet

371
Only for individual use – not for distribute on Internet

15.2 Getting Information about Remote Devices

15.2.1 Telnet
This page will introduce Telnet.
Telnet is a virtual terminal protocol that is part of the TCP/IP protocol suite. It allows connections to be made
to remote hosts. Telnet provides a network terminal or remote login capability. Telnet is an IOS EXEC
command used to verify the application layer software between source and destination. This is the most
complete test mechanism available.
Telnet functions at the application layer of the OSI model. -1- Telnet depends on TCP to guarantee the correct
and orderly delivery of data between the client and server.
A router can have simultaneous incoming Telnet sessions. The numbers zero through 4 are used to specify 5
vty or Telnet lines.
The verification of application layer connectivity is a by-product of Telnet. Telnet is mainly used to establish
remote connections to network devices. Telnet is a simple and universal application program.

372
Only for individual use – not for distribute on Internet

15.2.2 Establishing and verifying a Telnet connection


This page will show students how to establish and test a Telnet connection.
The Telnet IOS EXEC command allows a user to Telnet from one Cisco device to another. In the Cisco
implementation of TCP/IP, it is not necessary to enter the connect or telnet commands to establish a Telnet
connection. The hostname or the IP address of the remote router may be entered. To end a Telnet session, use
the EXEC commands exit or logout.
To initiate a Telnet session any of the following alternatives can be used:
Denver>connect paris
Denver>paris
Denver>131.108.100.152
Denver>telnet paris
A hostname table or access to DNS for Telnet must be present for a name to work. Otherwise, the IP address of
the remote router must be entered.
Telnet can be used to determine if a remote router can be accessed. As shown in Figure -3-, if Telnet is used
successfully to connect the York router to the Paris router, then a basic test of the network connection is
successful. This operation can be performed at either the user or privileged EXEC levels.
If remote access can be obtained through another router, then at least one TCP/IP application can reach the
remote router. A successful Telnet connection indicates that the upper-layer application functions properly.
If Telnet to one router is successful, failure to another router is likely caused by addressing, naming, or access
permission problems. The problem may exist on the original router or on the router that failed as a Telnet
target. The next step is to use the ping command, which is covered later in this lesson. The ping command can
be used to test end-to-end connections at the network layer.
Once the Telnet is completed, log off the host. The Telnet connection will terminate after ten ( 10 ) minutes
of inactivity by default or when the exit command is entered at the EXEC prompt.
Students can use the Lab Activity on this page to establish and verify a Telnet connection.

373
Only for individual use – not for distribute on Internet

15.2.3 Disconnecting and suspending Telnet sessions


This page will introduce two important features of the telnet command. These are the disconnect feature and
the suspend feature.
A potential problem exists when a Telnet session is suspended and the Enter key is pressed. Cisco IOS
software resumes the connection to the most recently suspended Telnet connection. The Enter key is used
frequently. With a suspended Telnet session, it is possible to reconnect to another router. This is dangerous
when changes are made to the configuration or EXEC commands are used. Always check which router is
connected when the suspended Telnet feature is used.
The show sessions command will show which Telnet sessions are active.
The procedure that is used to disconnect a Telnet session is as follows:
 Enter the disconnect command.
 Follow the command with the name or IP address of the router or the session number. An example is as
follows:
Denver>disconnect paris
The procedure that is used to suspend a Telnet session is as follows:
 Press Ctrl-Shift-6, then x.
 Enter the name of the router or IP address.
The Lab Activity will instruct students on how to suspend a Telnet session.

374
Only for individual use – not for distribute on Internet

15.2.4 Advanced Telnet operation


This page will describe some features that can be used when several Telnet sessions are open at the same time.
A user may switch back and forth between these sessions. The number of open sessions that are allowed at one
time is defined by the session limit command.
Use the commands shown in Figure to escape from one session and resume a previously opened session.
A new connection can be made from the EXEC prompt.
Multiple Telnet sessions can be used and suspended with the Ctrl-Shift-6, then x sequence. The session can be
resumed with the Enter key. When the Enter key is used, the Cisco IOS will resume the connection to the
most recently suspended Telnet connection. If the resume command is used it requires a connection ID. Use
the show sessions command to view the connection ID, as shown in Figure .
The Lab Activity on this page will show students how to use Telnet to remotely access routers.

375
Only for individual use – not for distribute on Internet

15.2.5 Alternative connectivity tests


This page will introduce some tools that are used to verify basic network connectivity.
Many network protocols support an echo protocol. Echo protocols are used to test if protocol packets are
routed. The ping command sends a packet to the destination host and then waits for a reply packet from that
host. Results from this echo protocol can help evaluate the path-to-host reliability, delays over the path, and
whether the host can be reached or is functional. This is a basic test mechanism. This operation can be
performed at either the user or privileged EXEC modes.
In Figure -1-, the ping target 172.16.1.5 responded to all five datagrams that were sent. Each exclamation point
(!) indicates a successful echo. Each period (.) on the display indicates that the application on the router timed
out while it waited for a packet echo from a target. The ping user EXEC command can be used to diagnose
basic network connectivity. The ping command uses Internet Control Message Protocol (ICMP). -2-
The traceroute command, which is often referred to as the trace command in reference materials, can be used
to find where data is sent in a network. The traceroute command is similar to the ping command. The main
difference is that ping tests end-to-end connectivity and traceroute tests each step along the way. This operation
can be performed at either the user or privileged EXEC levels.
In Figure -3-, the path from York to Rome is traced. Along the way the path must go through London and Paris.
If one of these routers is unreachable, three asterisks (*) will be returned instead of the name of the router. The
traceroute command will attempt to reach the next step until the Ctrl-Shift-6 escape sequence is used. -3-
A basic verification test also focuses on the network layer. Use the show ip route command to see if a routing
table entry exists for the target network. This command will be discussed in more detail in a later module of
this course.
The procedure to use the ping command is as follows:
 Enter the ping [IP address or name of destination ] command.
 Press the Enter key.
The procedure to use the traceroute command is as follows:
 Enter the traceroute [IP address or name of destination ] command.
 Press the Enter key.
The Lab Activities on this page will allow students to practice three network connectivity tests.

376
Only for individual use – not for distribute on Internet

377
Only for individual use – not for distribute on Internet
15.2.6 Troubleshooting IP addressing issues
IP address-related problems are the most common problems that occur on IP networks. This page will describe
three commands that are used to perform address-related troubleshooting:
 ping uses the ICMP protocol to verify the hardware connection and the IP address of the network layer.
This is a basic test mechanism.
 telnet verifies the application layer software between a source and a destination. This is the most
complete test mechanism available.
 traceroute locates failures in a path from a source to a destination. This command uses Time to Live
values to generate messages from each router along a path.
The Lab Activity will require students to configure devices in a WAN and then troubleshoot IP address issues.

15.2.7 Summary
This page summarizes the topics discussed in this module.
CDP is used to obtain information about directly connected Cisco devices. This includes the router interfaces
the devices are connected to, the interfaces used to make the connections, and the model numbers of the
devices. CDP is media and protocol independent, and runs on all Cisco equipment over SNAP. It is a Layer 2
protocol that connects lower physical media and upper network layer protocols.
When a Cisco device boots up, CDP starts up automatically and allows the device to detect directly connected
Cisco devices that also use CDP. It operates at the data link layer and allows two systems to learn about each
other, even if they use different network layer protocols. The show cdp neighbors command is used to display
information about the networks that are directly connected to a router.
The cdp run command is used to enable CDP globally on a router. The cdp enable command is used to enable
CDP on a particular interface. To disable CDP at the global level, use the no cdp run command in global
configuration mode.
The telnet command may be run from the user or privileged EXEC mode. It allows a user to remotely access
another device. It is not necessary to enter the command connect or telnet to establish a Telnet connection. To
end a Telnet session, use the exit or logout commands. Once the Telnet session is completed, log off the host.
The Telnet connection will terminate after ten ( 10 ) minutes of inactivity by default or when the exit
command is entered at the user or privileged EXEC prompt.
Other connectivity tests include ping and traceroute. The ping command sends a packet to the destination host
and then waits for a reply packet from that host. Results from this echo protocol can help determine the path-
to-host reliability, delays over the path, and if the host can be reached or is functional. The traceroute
command is similar to the ping command, except that instead of testing end-to-end connectivity, traceroute
tests each step along the way. This operation can be performed at either the user or privileged EXEC levels.
378
Only for individual use – not for distribute on Internet

16 MODULE 5

Module Overview
This page summarizes the topics discussed in this module.
A Cisco router cannot operate without the Cisco IOS. Each Cisco router has a predetermined boot-up sequence
that is used to locate and load the Cisco IOS. This module will describe the stages and importance of this
bootup procedure.
Cisco internetworking devices use several different files to operate, such as Cisco IOS images and
configuration files. A network administrator must manage these files to ensure that the proper versions are used
and that necessary backups are performed. This module also describes the Cisco file system and provides the
tools to manage it effectively.
This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -
Students who complete this module should be able to perform the following tasks:
 Identify the stages of the router boot sequence
 Determine how a Cisco device locates and loads the Cisco IOS
 Use the boot system command
 Identify the configuration register values
 Briefly describe the files used by the Cisco IOS and their functions
 List the locations of the different file types on a router
 Briefly describe the parts of the IOS name
 Use TFTP and copy-and-paste to save and restore configuration files
 Use TFTP to load an IOS image
 Use XModem to load an IOS image
Use show commands to verify the file system

16.1 Router Boot Sequence and Verification

16.1.1 Stages of the router power-on boot sequence


This page will describe the router startup sequence.
The goal of the startup routines for Cisco IOS software is to start the router operations. A router must reliably
connect any configured networks. To do this, the startup routines must do the following:
 Test the router hardware
379
Only for individual use – not for distribute on Internet
 Find and load the Cisco IOS software
 Find and apply configuration statements such as protocol functions and interface addresses
Figure illustrates the sequence and services that are used to initialize a router.
Students can use the Interactive Media Activity to test their familiarity with the router boot sequence.

16.1.2 How a Cisco device locates and loads IOS


The page will explain how a Cisco device finds and loads Cisco IOS.
The default source for Cisco IOS software depends on the hardware platform. Most routers use the boot system
commands saved in NVRAM. Cisco IOS software allows several alternatives to be used. Other sources can be
specified for the software, or the router can use its own fallback sequence to load the software.
The settings in the configuration register enable the following alternatives:
 Global configuration mode boot system commands can be specified to enter fallback sources for a
router to use in sequence. The router will use these commands as needed when it restarts.
 If NVRAM lacks boot system commands that a router can use, the system will use the Cisco IOS
software in flash memory by default.
 If flash memory is empty, a router will try to use TFTP to load an IOS image from the network. The
router will use the configuration register value to form a filename from which to boot a default system
image that is stored on a network server.
 If a TFTP server is unavailable, the router will load the limited version Cisco IOS software image
stored in ROM.
The Interactive Media Activity will help students become familiar with the process a Cisco device uses to find
and load IOS.

380
Only for individual use – not for distribute on Internet

16.1.3 Using the boot system command


This page will explain how boot system commands are used to specify the fallback boot-up sequence for Cisco
IOS software.
The three figures show boot system entries. These entries specify that a Cisco IOS software image will load
first from flash memory, then from a network server, and finally from ROM:
 Flash memory - A system image can be loaded from flash memory. Information stored in flash
memory is not vulnerable to network failures that can occur when system images are loaded from TFTP
servers.
 Network server - If flash memory is corrupted, a system image can be loaded from a TFTP server.
 ROM - The final bootstrap option is to boot from ROM. However, a system image in ROM is usually a
subset of the Cisco IOS that lacks the protocols, features, and configurations of the full Cisco IOS.
Also, if the software has been updated, a router may have an older version stored in ROM.
The command copy running-config startup-config saves the commands in NVRAM. The router will execute
the boot system commands as needed in the order in which they were originally entered into configuration
mode.
In the Lab Activities, students will use boot system commands to display information about the Cisco IOS
image and boot procedure of a router.

381
Only for individual use – not for distribute on Internet

16.1.4 Configuration register

This page will explain how a router uses the configuration register. Students will also learn how to change the
boot field.

The order in which the router looks for system bootstrap information depends on the boot field setting in the
configuration register. The default configuration register setting can be changed with the global configuration
mode command config-register. Use a hexadecimal number as the argument for this command.

The configuration register is a 16-bit register in NVRAM that is represented as 4 hexadecimal digits. The
lowest four bits of the configuration register form the boot field. To ensure that the upper 12 bits are not
changed, first use the show version command to retrieve the current values of the configuration register.
Then use the config-register command and change only the value of the last hexadecimal digit.

To change the boot field in the configuration register, follow these guidelines:

 To enter the ROM monitor mode, set the configuration register value to 0xnnn0, where nnn represents
the previous value of the non-boot field digits. This value sets the boot field bits to 0000 binary. After a
reload or power cycle, the device will boot to ROM monitor prompt. Use the b command to boot the
operating system manually.
 To boot from the first image in Flash or to boot to the IOS in ROM (platform dependant), set the
configuration register to 0xnnn1, where nnn represents the previous value of the non-boot field digits.
This value sets the boot field bits to 0001 binary. Older platforms, such as Cisco 1600 and 2500 routers,
will boot to a limited IOS in ROM. Newer platforms, such as Cisco 1700, 2600 and high end routers,
will boot from the first image in Flash.
 To configure the system to use the boot system commands in NVRAM, set the configuration register to
any value from 0xnnn2 to 0xnnnF, where nnn represents the previous value of the non-boot field digits.
These values set the boot field bits to a value between 0010 and 1111 binary. The router sequentially
processes each boot system command in NVRAM until the process is successful or the end of the list is
reached. If there are no boot system commands in the startup configuration file, the router attempts to
boot the first file in flash memory.

The Lab Activity will require students to change the boot process of a router

382
Only for individual use – not for distribute on Internet

16.1.5 Troubleshooting IOS boot failure

This page will explain why a router may not boot properly and show students what to do when this occurs.

There are several reasons that a router may not boot properly:

 Configuration file has missing or incorrect boot system statement


 Incorrect configuration register value
 Corrupted flash image
 Hardware failure

When a router boots, it looks in the startup configuration file for a boot system statement. This boot system
statement can force the router to boot from another image instead of the IOS in flash. Use the show version
command to look for the line that identifies the boot image source.

Use the show running-config command and look for a boot system statement near the top of the
configuration. If the boot system statement points to an incorrect IOS image, use the no version of the
command to delete the statement.

If the configuration register setting is incorrect, the IOS cannot load from flash. The value in the configuration
register tells the router where to get the IOS. To confirm this, use the show version command and look at the
last line for the configuration register. The correct value varies for different hardware platforms. A part of the
documentation of the internetwork should be a printed copy of the show version output. If that documentation

383
Only for individual use – not for distribute on Internet
is not available, there are resources on the Cisco documentation CD or Cisco website to identify the correct
configuration register value. To correct this, change the configuration register and save this as the start-up
configuration.

If there is still a problem, the router may have a corrupted flash image file. If this is the case, an error message
should be displayed during boot. That message may take one of several forms. Some examples are as follows:

 open: read error...requested 0x4 bytes, got 0x0


 trouble reading device magic number
 boot: cannot open "flash:"
 boot: cannot determine first file name on device "flash:"

If the flash image is corrupt, a new IOS should be uploaded into the router.

If none of the above appears to be the problem, the router could have a hardware failure. If this occurs, contact
the Cisco Technical Assistance Center (TAC). Although hardware failures are rare, they do occur.

The value of the configuration register is not displayed by the show running-config or show startup-config
commands.

Students can use the Lab Activities to troubleshoot IOS boot failure and document configuration register
settings

16.2 Managing the Cisco File System

16.2.1 IOS file system overview

This page will introduce the Cisco IOS File System.

Routers and switches depend on software for their operation. The two types of software required are operating
systems and configuration.

The operating system used in almost all Cisco devices is the Cisco IOS. The Cisco IOS is the software that
allows the hardware to function as a router or switch. The IOS file is several megabytes.

The software a router or switch uses is referred to as the configuration file or the config. The configuration
contains the instructions that define how the device is to route or switch. A network administrator creates a
configuration that defines the desired functionality of a Cisco device. The functions that can be specified by the
configuration are the IP addresses of the interfaces, routing protocols, and networks to be advertised. The
configuration file typically is a few hundred to a few thousand bytes.

Each of the software components is stored in memory as a separate file. These files are also stored in different
types of memory.

384
Only for individual use – not for distribute on Internet
The IOS is stored in a memory area called flash. Flash memory provides non-volatile storage of an IOS that
can be used as an operating system at startup. The flash allows the IOS to be upgraded or stores multiple IOS
files. In many router architectures, the IOS is copied into and run from RAM.

A copy of the configuration file is stored in NVRAM to be used during startup. This is referred to as the startup
configuration or startup config. The configuration in RAM is used to operate a router. It is referred to as the
running configuration or running config.

Version 12 and later releases of the IOS provide a single interface to all the file systems that a router uses. This
is referred to as the Cisco IOS File System (IFS). The IFS provides a single method to perform all the file
system management for a router. This includes the flash memory file systems, the network file systems, such
as TFTP and FTP, and read or write data, such as NVRAM, the running configuration, and ROM. The IFS uses
a common set of prefixes to specify file system devices.

The IFS uses the URL convention to specify files on network devices and the network. The URL convention
identifies the location of the configuration files following the colon as [[[//location]/directory]/filename]. The
IFS also supports FTP file transfers.

The Interactive Media Activity will help students become familiar with the IFS configuration files and their
locations

385
Only for individual use – not for distribute on Internet

16.2.2 The IOS naming convention

This page will introduce the Cisco IOS naming convention. Students will learn why it is used and what each
field represents.

There are many different versions of the Cisco IOS. The IOS supports varied hardware platforms and features.
New versions of the IOS are continuously developed and released.

To identify the different versions, there is a naming convention for IOS files. This IOS naming convention uses
different fields in the name. The fields include the hardware platform identification, the feature set
identification, and the numerical release.

The first part of the Cisco IOS file name identifies the hardware platform for which an image is designed.

386
Only for individual use – not for distribute on Internet
The second part of the IOS file name identifies the various features that a file contains. There are many
different features to choose from. These features are packaged in software images. Each feature set contains a
specific subset of Cisco IOS features. Here are some examples of feature-set categories:

 Basic - A basic feature set for a hardware platform such as IP and IP/FW
 Plus - A basic feature set plus additional features such as IP Plus, IP/FW Plus, and Enterprise Plus
 Encryption - A 56-bit data encryption feature set, such as Plus 56, that is combined with a basic or plus
feature set. Examples include IP/ATM PLUS IPSEC 56 or Enterprise Plus 56.

The encryption designators for Cisco IOS Release 12.2 or later are k8 and k9:
—k8 - Less than or equal to 64-bit encryption in IOS version 12.2 and later
—k9 - Greater than 64-bit encryption in IOS version 12.2 and later

The third part of the file name indicates the file format. It specifies if the IOS is stored in flash in a compressed
format and whether the IOS is relocatable. If the flash image is compressed, the IOS must be expanded during
boot as it is copied to RAM. A relocatable image is copied from flash into RAM to run. A non-relocatable
image is run directly from flash.

The fourth part of the file name identifies the release of the IOS. The numerical version number increases for
newer versions of the IOS. The Interactive Media Activity will help students become familiar with the fields in
an IOS image name

16.2.3 Managing configuration files using TFTP

This page will explain how a TFTP server can be used to back up the configuration files for a Cisco device.

In a Cisco router or switch, the active configuration is in RAM and the default location for the startup
configuration is NVRAM. The startup configuration should be backed up in case the configuration is lost. One
of these backup copies of the configuration can be stored on a TFTP server. The copy running-config tftp
command can be used to do this. The steps for this process are listed below:

 Enter the command copy running-config tftp.


 Enter the IP address of the TFTP server to store the configuration file.
 Enter the name to assign to the configuration file or accept the default name.
 Type yes to confirm each choice.

387
Only for individual use – not for distribute on Internet
The backup configuration file can be loaded from a TFTP server to restore the router configuration. The steps
below outline this process:

 Enter the command copy tftp running-config.


 Select a host or network configuration file at the prompt.
 Enter the IP address of the TFTP server where the configuration file is located.
 Enter the name of the configuration file or accept the default name.
 Confirm the configuration filename and the server address that the system supplies.

The Lab Activity on this page will teach students how to back up a copy of a router configuration file and load
it from a TFTP file server.

16.2.4 Managing configuration files using copy and paste

This page will explain how HyperTerminal can be used to copy a configuration. The file is then edited and
pasted back into the router.

Another way to create a backup copy of the configuration is to capture the output of the show running-config
command. To do this from the terminal session, copy the output, paste it into a text file, and then save the text
file. This file will need to be edited before it can be used to restore the router configuration.

Perform the following steps to capture the configuration from a HyperTerminal screen:

1. Select Transfer.
2. Select Capture Text.
3. Specify a name for the text file to capture the configuration.
4. Select Start to start capturing text.
5. Use the show running-config command to display the configuration on the screen.
6. Press the Spacebar when each "-More -" prompt appears.
388
Only for individual use – not for distribute on Internet
After the complete configuration has been displayed, use the following steps to stop the capture:

1. Select Transfer.
2. Select Capture Text.
3. Select Stop.

After the capture is complete, the configuration file needs to be edited to remove extra text. Remove any
unnecessary information from the captured configuration so it can be pasted back into the router. Comments
may also be added to explain the various parts of the configuration. To add a comment, begin a line with an
exclamation mark (!).

The configuration file can be edited from a text editor such as Notepad. To edit the file from Notepad click on
File > Open. Find the captured file and select it. Click Open.

The lines that need to be deleted contain the following information:

 show running-config
 Building configuration...
 Current configuration:
 - More -
 Any lines that appear after the word "End"

Add the no shutdown command to the end of each interface section. Click File > Save to save a clean version
of the configuration.

The backup configuration can be restored from a HyperTerminal session. Before the configuration is restored
any remaining configuration should be removed from the router. To do this, enter the erase startup-config
command at the privileged EXEC prompt and then enter the reload command to restart the router.

HyperTerminal can be used to restore a configuration. Use the following steps to copy a clean backup of the
configuration into a router:

1. Enter router global configuration mode.


2. Click on Transfer > Send Text File in HyperTerminal.
3. Select the name of the file for the saved backup configuration.
4. Watch as the lines of the file are entered into the router.
5. Observe any errors.
6. Press Ctrl-Z to exit global configuration mode after the configuration is entered.
7. Restore the startup configuration with the copy running-config startup-config command.

389
Only for individual use – not for distribute on Internet

16.2.5 Managing IOS images using TFTP

The page will show students how to store IOS images on a TFTP server.

The IOS may need to be backed up, upgraded, or restored using the copy command. When a router first
arrives, the IOS should be backed up. The IOS backup can be initiated from the privileged EXEC mode with
the copy flash tftp command. This IOS image can be stored in a central server with other IOS images. These
images can be used to restore or upgrade the IOS on the routers and switches in a network. This server should
have a TFTP service running. The router will prompt the user to enter the IP address of the TFTP server and to
specify a destination filename.

To restore or upgrade the IOS from the server use the copy tftp flash command as shown in Figure . The
router will prompt the user to enter the IP address of the TFTP server. Next, the router will prompt the user for
the filename of the IOS image on the server. The router may then prompt the user to erase flash. This often
happens if there is not sufficient flash available for the new image. As the image is erased from flash, a series
of e‘s will appear to show the erase process.

As each datagram of the IOS image file is downloaded, an exclamation mark (!) will be displayed. This IOS
image is several megabytes and may take a long time to download.

The new flash image will be verified after it is downloaded. The router is now ready to be reloaded to use the
new IOS image. The Lab Activity will allow students to back up a copy of a router IOS onto a TFTP server.

390
Only for individual use – not for distribute on Internet

16.2.6 Managing IOS images using Xmodem


This page will explain how ROMmon and Xmodem can be used to restore IOS software images.

If the IOS image in flash has been erased or corrupted, the IOS may need to be restored from the ROM
monitor mode (ROMmon). In many of the Cisco hardware architectures, the ROMmon mode is identified by
the rommon 1> prompt.

This first step in this process is to identify why the IOS image did not load from flash. This could be due to a
corrupt or missing image. The flash should be examined with the dir flash: command.

If an image is located that appears to be valid, the user should attempt to boot from that image. This is done
with the boot flash: command. For example if the image name is c2600-is-mz.121-5, the command is as
follows:

rommon 1>boot flash:c2600-is-mz.121-5

If the router boots properly, the user should check two items to determine why the router did not use the IOS
image from flash and booted to the ROMmon instead. First, use the show version command to check the
configuration register to ensure that it is configured for the default boot sequence. If the configuration
register value is correct, use the show startup-config command to see if there is a boot system command
that instructs the router to use the IOS for ROMmon.

If the router will not properly boot from the image or there is no IOS image, a new IOS will need to be
downloaded. To recover the IOS file, a user can use Xmodem to restore the image through the console or use
TFTP to download the image from the ROMmon mode.

Download with Xmodem from ROMmon


To restore the IOS through the console, the local PC needs to have a copy of the IOS file to restore and a
terminal emulation program such as HyperTerminal. The IOS can be restored with the default console speed
of 9600 bps. The baud rate can be changed to 115200 bps to speed up the download. Use the confreg
command to change the console speed from ROMmon mode. After the confreg command is entered, the
router will prompt for the parameters that can be changed.

When the ―change console baud rate? y/n [n]:‖ prompt appears, if the user selects y, the router will prompt
the user to select the new speed. After the console speed is changed, restart the router into ROMmon mode.
The terminal session at 9600 bps is terminated and a new session is started at 115200 bps to match the

391
Only for individual use – not for distribute on Internet
console speed.

The xmodem command can be used from the ROMmon mode to restore an IOS software image from the
PC. The format of the command is xmodem -c image_file_name. For example, to restore an IOS image file
named c2600-is-mz.122-10a.bin, use the following command:

xmodem -c c2600-is-mz.122-10a.bin

The -c instructs the Xmodem process to use cyclic redundancy check (CRC) for error checking during the
download.

The router will prompt the user to not begin the transfer and present a warning message. The warning
message will inform the user that the bootflash will be erased and will ask for confirmation to continue.
When the process is continued, the router will then prompt to start the transfer.

Now the Xmodem transfer needs to be started from the terminal emulator. In HyperTerminal, select
Transfer > Send File. In the Send File popup specify the image name and location, select Xmodem as the
protocol, and start the transfer. The Sending File popup will display the status of the transfer.

After the transfer is complete, a message will indicate that flash is being erased. This is followed by the
―Download Complete!‖ message. Before the router is restarted, set the console speed back to 9600 and the
config register back to 0x2102. Enter the command config-register 0x2102 at the privileged EXEC prompt.

While the router reboots, end the 115200 bps terminal session and begin a 9600 bps session.

The Lab Activities will teach students how to gain access to a router to recover a password and how to
manage IOS images with ROMmon and Xmodem

392
Only for individual use – not for distribute on Internet

16.2.7 Environment variables

This page will explain what the ROMmon environment variables are and how they are used.

The IOS can also be restored from a TFTP session. The fastest way to restore an IOS image to the router is to
use TFTP from ROMmon to download the image. To do this, set the environmental variables and then use the
tftpdnld command.

Since the ROMmon has very limited functions, no configuration file is loaded during boot. As a result, the
router has no IP or interface configuration. The environmental variables provide a minimal configuration to
allow for the TFTP of the IOS. The ROMmon TFTP transfer works only on the first LAN port so a simple set
of IP parameters are set for this interface. To set a ROMmon environment variable, type the variable name,

393
Only for individual use – not for distribute on Internet
then the equal sign (=), and the value for the variable. For example, to set the IP address to 10.0.0.1, type
IP_ADDRESS=10.0.0.1 at the ROMmon prompt.

NOTE:
All variable names are case censitive.

The minimum variables required to use tftpdnld are as follows:

 IP_ADDRESS - The IP address on the LAN interface


 IP_SUBNET_MASK - The subnet mask for the LAN interface
 DEFAULT_GATEWAY - The default gateway for the LAN interface
 TFTP_SERVER - The IP address of the TFTP server
 TFTP_FILE - The IOS filename on the server

Use the set command to check the ROMmon environment variables.

Once the variables are set for the IOS download, the tftpdnld command is entered with no arguments. The
ROMmon will echo the variables and then a confirmation prompt will appear with a warning that this will
erase the flash.

As each datagram of the IOS file is received, an exclamation point (!) will be displayed. When the complete
IOS file has been received, the flash will be erased and the new IOS image file written. Appropriate messages
will be displayed as the process is completed.

When the new image is written into flash and the ROMmon prompt is displayed, the router can be restarted by
entering the reset command or typing i. The router should now boot from the new IOS image in flash

394
Only for individual use – not for distribute on Internet
16.2.8 File system verification

This page will review some commands that can be used to verify the router file system. One of these is the
show version command. The show version command can be used to check the current image and the total
amount of flash. It also verifies two other items that relate to how the IOS is loaded. It identifies the source of
the IOS image that the router used to boot and displays the configuration register. Check the boot field setting
of the configuration register to determine the location from which the router will load the IOS. If these do not
agree, there may be a corrupt or missing IOS image in flash or there may be boot system commands in the
startup configuration.

The show flash command can also be used to verify the file system. This command is used to identify IOS
images in flash and the amount of flash that is available. This command is often used to confirm that there is
ample space to store a new IOS image.

As previously mentioned, the configuration file may contain boot system commands. These commands can be
used to identify the source of the desired IOS boot image. Multiple boot system commands may be used to
create a fallback sequence to discover and load an IOS. These boot system commands will be processed in the
order of their appearance in the configuration file

395
Only for individual use – not for distribute on Internet
16.2.9 Summary

This page summarizes the topics discussed in this module.

The default configuration register setting can be changed with the global configuration mode command config-
register.

The boot sequence for the Cisco IOS can specify the fallback sequence that is used to boot Cisco IOS software.
A common fallback sequence would be to load first from flash memory, which is not vulnerable to network
failures. The network server would be used next if the flash memory were corrupt. Finally if the first two
methods failed the router would boot from ROM. However, the system image in ROM will likely be a subset
of the full Cisco IOS image.

The command copy running-config startup-config saves the configuration commands in NVRAM. The
router will execute the boot system commands as needed in the order in which they were originally entered in
the configuration mode. If a configuration register setting is incorrect, the Cisco IOS will not load from flash.

To troubleshoot the boot sequence, use the show running-config command and look for a boot system
statement near the top of the configuration. If the boot system statement points to an incorrect IOS image, use
the no form of the command to delete the statement.

The two types of software required to operate a router and a switch are the operating systems and the
configuration. The Cisco IOS allows the hardware to function. The configuration file or config is the software
that contains the instructions that define how the device is to route or switch the packets that enter the device.

The naming convention for Cisco IOS files includes four parts. The first part of the Cisco IOS file name
identifies the hardware platform for which this image is designed. The second part of the Cisco IOS file name
identifies the various features that this file contains. The third part of the file name indicates the file format. It
specifies if the Cisco IOS is stored in flash in a compressed format and whether it is relocatable. The fourth
part of the file name identifies the release of the Cisco IOS. As newer versions of the Cisco IOS are developed,
the numerical version number increases.

The active configuration for a Cisco router is maintained in RAM and the default location for the startup
configuration is NVRAM. The copy running-config tftp command can be used to back up copies of the
configuration to a TFTP server.

Another way to create a backup copy of the configuration is to capture the output of the show running-config
command. To do this from the terminal session, copy the output, paste it to a text file, and then save the text
file. After the capture is complete, the configuration file needs to be edited to remove extra text. To add a
comment, begin a line with an exclamation mark (!).

396
Only for individual use – not for distribute on Internet
17 MODULE 6
Module Overview

Routing is a set of directions to get from one network to another. These directions, also known as routes, can
be dynamically given to the router by another router, or they can be statically assigned to the router by an
administrator.

This module introduces the concept of dynamic routing protocols, describes the classes of dynamic routing
protocols, and gives examples of protocols in each class.

A network administrator chooses a dynamic routing protocol based upon many considerations. These include
the size of the network, the bandwidth of available links, the processing power of the routers, the brands and
models of the routers, and the protocols that are used in the network. This module will provide more details
about the differences between routing protocols that help network administrators make a choice.

This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -

Students who complete this module should be able to perform the following tasks:

 Explain the significance of static routing


 Configure static and default routes
 Verify and troubleshoot static and default routes
 Identify the classes of routing protocols
 Identify distance vector routing protocols
 Identify link-state routing protocols
 Describe the basic characteristics of common routing protocols
 Identify interior gateway protocols
 Identify exterior gateway protocols
 Enable Routing Information Protocol (RIP) on a router

17.1 Introduction to Static Routing

17.1.1 Introduction to routing

This page will describe routing and explain the differences between static and dynamic routing.

Routing is the process that a router uses to forward packets toward the destination network. A router makes
decisions based upon the destination IP address of a packet. All devices along the way use the destination IP
address to send the packet in the right direction to reach its destination. To make the correct decisions, routers
must learn how to reach remote networks. When routers use dynamic routing, this information is learned from
other routers. When static routing is used, a network administrator configures information about remote
networks manually.

Since static routes are configured manually, network administrators must add and delete static routes to reflect
any network topology changes. In a large network, the manual maintenance of routing tables could require a lot
397
Only for individual use – not for distribute on Internet
of administrative time. On small networks with few possible changes, static routes require very little
maintenance. Static routing is not as scalable as dynamic routing because of the extra administrative
requirements. Even in large networks, static routes that are intended to accomplish a specific purpose are often
configured in conjunction with a dynamic routing protocol.

17.1.2 Static route operation

This page will explain how static routes operate and how they are created.

Static route operations can be divided into these three parts:

 Network administrator configures the route


 Router installs the route in the routing table
 The static route is used to route packets.

An administrator must use the ip route command to manually configure a static route. The correct syntax for
the ip route command is shown in Figure .

In Figures and , the network administrator of the Hoboken router needs to configure a static route to the
172.16.1.0/24 and 172.16.5.0/24 networks on the other routers. The administrator could enter either of two
commands to accomplish this objective. The method in Figure specifies the outgoing interface. The method
in Figure specifies the next-hop IP address of the adjacent router. Either of the commands will install a static
route in the routing table of Hoboken.

The administrative distance is an optional parameter that indicates the reliability of a route. A lower value for
the administrative distance indicates a more reliable route. A route with a lower administrative distance will be
installed before a similar route with a higher administrative distance. The default administrative distance when
using a static route is 1. In the routing table, it will show the static route with the outgoing interface option as
being directly connected. This is sometimes confusing, since a true directly connected route has an
administrative distance of 0. To verify the administrative distance of a particular route, use the show ip
routeaddress command, where the ip address of the particular route is inserted for the address option. If an
administrative distance other than the default is desired, a value between 0 and 255 is entered after the next-
hop or outgoing interface as follows:

waycross(config)#ip route 172.16.3.0 255.255.255.0 172.16.4.1 130

398
Only for individual use – not for distribute on Internet
If the router cannot reach the outgoing interface that is being used in a route, the route will not be installed in
the routing table. This means if that interface is down, the route will not be placed in the routing table.

Sometimes static routes are used for backup purposes. A static route can be configured on a router that will
only be used when the dynamically learned route has failed. To use a static route as a backup, set a higher
administrative distance than the dynamic routing protocol. The Lab Activities will show students how static
routes are created and used to troubleshoot networks

399
Only for individual use – not for distribute on Internet

17.1.3 Configuring static routes

This page lists the steps used to configure static routes and gives an example of a simple network for which
static routes might be configured.

Use the following steps to configure static routes:

Step 1 Determine all desired prefixes, masks, and addresses. The address can be either a local interface or a
next hop address that leads to the desired destination.

Step 2 Enter global configuration mode.

Step 3 Type the ip route command with a prefix and mask followed by the corresponding address from Step 1.
The administrative distance is optional.

Step 4 Repeat Step 3 for all the destination networks that were defined in Step 1.

Step 5 Exit global configuration mode.

Step 6 Use the copy running-config startup-config command to save the active configuration to NVRAM.

The example network is a simple three-router configuration. Hoboken must be configured so that it can reach
the 172.16.1.0 network and the 172.16.5.0 network. Both of these networks have a subnet mask of
255.255.255.0.

Packets that have a destination network of 172.16.1.0 need to be routed to Sterling and packets that have a
destination address of 172.16.5.0 need to be routed to Waycross. Static routes can be configured to accomplish
this task.

400
Only for individual use – not for distribute on Internet
Both static routes will first be configured to use a local interface as the gateway to the destination networks.
Since the administrative distance was not specified, it will default to 1 when the route is installed in the routing
table.

The same two static routes can also be configured with a next-hop address as their gateway. The first route to
the 172.16.1.0 network has a gateway of 172.16.2.1. The second route to the 172.16.5.0 network has a gateway
of 172.16.4.2. Since the administrative distance was not specified, it defaults to 1. The Lab Activity will help
students learn how to configure static routes.

401
Only for individual use – not for distribute on Internet
17.1.4 Configuring default route forwarding

This page will show students how to configure default static routes.

Default routes are used to route packets with destinations that do not match any of the other routes in the
routing table. Routers are typically configured with a default route for Internet-bound traffic, since it is often
impractical and unnecessary to maintain routes to all networks in the Internet. A default route is actually a
special static route that uses this format:

ip route 0.0.0.0 0.0.0.0 [next-hop-address | outgoing interface ]

The 0.0.0.0 mask, when logically ANDed to the destination IP address of the packet to be routed, will always
yield the network 0.0.0.0. If the packet does not match a more specific route in the routing table, it will be
routed to the 0.0.0.0 network.

Use the following steps to configure default routes:

Step 1 Enter global configuration mode.

Step 2 Type the ip route command with 0.0.0.0 for the prefix and 0.0.0.0 for the mask. The address option for
the default route can be either the local router interface that connects to the outside networks or the IP address
of the next-hop router.

Step 3 Exit global configuration mode.

Step 4 Use the copy running-config startup-config command to save the active configuration to NVRAM.

On the previous page, static routes were configured on Hoboken to access networks 172.16.1.0 on Sterling and
172.16.5.0 on Waycross. It should now be possible to route packets to both of these networks from Hoboken.
However, Sterling and Waycross will not know how to return packets to any network that is not directly
connected. A static route could be configured on Sterling and Waycross for each of these destination networks.
This would not be a scalable solution on a larger network.

Sterling connects to all networks that are not directly connected through interface Serial 0. Waycross has only
one connection to all non-directly connected networks. This is through interface Serial 1. A default route on
Sterling and Waycross will be used to route all packets that are destined for networks that are not directly
connected. In the Lab Activity, students will configure a default static route.

402
Only for individual use – not for distribute on Internet

17.1.5 Verifying static route configuration

This page will teach students the process that is used to verify static route configurations.

After static routes are configured it is important to verify that they are present in the routing table and that
routing is working as expected. The command show running-config is used to view the active configuration in
RAM to verify that the static route was entered correctly. The show ip route command is used to make sure
that the static route is present in the routing table.

Use the following steps to verify static route configuration:

403
Only for individual use – not for distribute on Internet
 Enter the show running-config command in privileged mode to view the active configuration.
 Verify that the static route has been correctly entered. If the route is not correct, it will be necessary to
go back into global configuration mode to remove the incorrect static route and enter the correct one.
 Enter the command show ip route.
 Verify that the route that was configured is in the routing table.

The Lab Activity will show students how to verify default static route configurations.

17.1.6 Troubleshooting static route configuration

This page will show students how to troubleshoot a static route configuration.

404
Only for individual use – not for distribute on Internet
On an earlier page, students configured static routes on Hoboken to access networks on Sterling and Waycross.
In this configuration, nodes on the Sterling 172.16.1.0 network cannot reach nodes on the Waycross
172.16.5.0 network.

From privileged EXEC mode on the Sterling router, ping to a node on the 172.16.5.0 network. The ping
fails. Now use the traceroute command from Sterling to the address that was used in the ping statement.
Note where the traceroute fails. The traceroute indicates that the ICMP packet was returned from Hoboken
but not from Waycross. This implies that the trouble exists either on Hoboken or Waycross.

Telnet to the Hoboken router. Try again to ping the node on the 172.16.5.0 network connected to the Waycross
router. This ping should succeed because Hoboken is directly connected to Waycross.

The Lab Activities on this page will teach students how to configure static routes for data transfer without
dynamic routing protocols.

405
Only for individual use – not for distribute on Internet

17.2 Dynamic Routing Overview

17.2.1 Introduction to routing protocols

This page will introduce routing protocols and how they are used. Routing protocols are different from routed
protocols in both function and task.

A routing protocol is the communication used between routers. A routing protocol allows routers to share
information about networks and their proximity to each other. Routers use this information to build and
maintain routing tables.

Examples of routing protocols are as follows:

 Routing Information Protocol (RIP)


 Interior Gateway Routing Protocol (IGRP)
406
Only for individual use – not for distribute on Internet
 Enhanced Interior Gateway Routing Protocol (EIGRP)
 Open Shortest Path First (OSPF)

A routed protocol is used to direct user traffic. A routed protocol provides enough information in its network
layer address to allow a packet to be forwarded from one host to another based on the addressing scheme.

Examples of routed protocols are as follows:

 Internet Protocol (IP)


 Internetwork Packet Exchange (IPX)

17.2.2 Autonomous systems

This page will define an autonomous system (AS). An AS is a collection of networks under a common
administration that share a common routing strategy. To the outside world, an AS is viewed as a single entity.
The AS may be run by one or more operators while it presents a consistent view of routing to the external
world. The American Registry of Internet Numbers (ARIN), a service provider, or an administrator assigns a
16-bit identification number to each AS. This autonomous system number is a 16 bit number. Routing
protocols, such as Cisco IGRP, require the assignment of a unique, AS number

407
Only for individual use – not for distribute on Internet
17.2.3 Purpose of a routing protocol and autonomous systems

This page will explain why routing protocols and autonomous systems are used.

The goal of a routing protocol is to build and maintain a routing table. This table contains the learned networks
and associated ports for those networks. Routers use routing protocols to manage information received from
other routers and its interfaces, as well as manually configured routes.

The routing protocol learns all available routes, places the best routes into the routing table, and removes routes
when they are no longer valid. The router uses the information in the routing table to forward routed protocol
packets.

The routing algorithm is fundamental to dynamic routing. Whenever the topology of a network changes
because of growth, reconfiguration, or failure, the network knowledgebase must also change. The network
knowledgebase needs to reflect an accurate view of the new topology.

When all routers in an internetwork operate with the same knowledge, the internetwork is said to have
converged. Fast convergence is desirable because it reduces the period of time in which routers would continue
to make incorrect routing decisions.

Autonomous systems divide the global internetwork into smaller and more manageable networks. Each AS has
its own set of rules and policies and an AS number that will distinguish it from all other autonomous systems

17.2.4 Identifying the classes of routing protocols

This page will introduce two classes of routing protocols. Students will also learn the differences between
them. Most routing algorithms can be classified into one of two categories:

 Distance vector
 Link-state

The distance vector routing approach determines the direction, or vector, and distance to any link in an
internetwork. The link-state approach recreates the exact topology of an entire internetwork

408
Only for individual use – not for distribute on Internet

17.2.5 Distance vector routing protocol features

This page will explain how the distance vector routing protocol is used.

The distance vector routing algorithm passes periodic copies of a routing table from router to router. These
regular updates between routers communicate topology changes. The distance vector routing algorithm is also
known as the Bellman-Ford algorithm.

Each router receives a routing table from its directly connected neighbor routers. Router B receives
information from Router A. Router B adds a distance vector number, such as a number of hops. This number
increases the distance vector. Then Router B passes this new routing table to its other neighbor, Router C. This
same step-by-step process occurs in all directions between neighbor routers.

The algorithm eventually accumulates network distances so that it can maintain a database of network topology
information. However, the distance vector algorithm does not allow a router to know the exact topology of an
internetwork since each router only sees its neighbor routers.

Each router that uses distance vector routing first identifies its neighbors. The interface that leads to each
directly connected network has a distance of 0. As the distance vector discovery process proceeds, routers
discover the best path to destination networks based on the information they receive from each neighbor.
Router A learns about other networks based on the information that it receives from Router B. Each of the
other network entries in the routing table has an accumulated distance vector to show how far away that
network is in a given direction.

Routing table updates occur when the topology changes. As with the network discovery process, topology
change updates proceed step-by-step from router to router. Distance vector algorithms call for each router to
send its entire routing table to each of its adjacent neighbors. The routing tables include information about the
total path cost as defined by its metric and the logical address of the first router on the path to each network
contained in the table.

An analogy of distance vector could be the signs found at a highway intersection. A sign points toward a
destination and indicates the distance to the destination. Further down the highway, another sign points toward
the destination, but now the distance is shorter. As long as the distance is shorter, the traffic is on the best path
409
Only for individual use – not for distribute on Internet

410
Only for individual use – not for distribute on Internet

17.2.6 Link-state routing protocol features


The other basic algorithm that is used for routing is the link-state algorithm. This page will explain how the
link-state algorithm works.

The link-state algorithm is also known as Dijkstra's algorithm or as the shortest path first (SPF) algorithm.
The link-state routing algorithm maintains a complex database of topology information. The distance vector
algorithm has nonspecific information about distant networks and no knowledge of distant routers. The link-
state routing algorithm maintains full knowledge of distant routers and how they interconnect.

Link-state routing uses the following features: -1-

 Link-state advertisement (LSA) - a small packet of routing information that is sent between routers
 Topological database - a collection of information gathered from LSAs
 SPF algorithm - a calculation performed on the database that results in the SPF tree
 Routing table - a list of the known paths and interfaces

Network discovery processes for link state routing


When routers exchange LSAs, they begin with directly connected networks for which they have information.
Each router constructs a topological database that consists of all the exchanged LSAs.

The SPF algorithm computes network reachability. The router constructs this logical topology as a tree, with
itself as the root. This topology consists of all possible paths to each network in the link-state protocol
internetwork. The router then uses SPF to sort these paths. The router lists the best paths and the interfaces to
these destination networks in the routing table. It also maintains other databases of topology elements and
status details.

The first router that learns of a link-state topology change forwards the information so that all other routers
can use it for updates. Common routing information is sent to all routers in the internetwork. To achieve
convergence, each router learns about its neighbor routers. This includes the name of each neighbor router,
the interface status, and the cost of the link to the neighbor. The router constructs an LSA packet that lists
this information along with new neighbors, changes in link costs, and links that are no longer valid. The LSA
packet is then sent out so that all other routers receive it.

When a router receives an LSA, it updates the routing table with the most recent information. The
accumulated data is used to create a map of the internetwork and the SPF algorithm is used to calculate the

411
Only for individual use – not for distribute on Internet
shortest path to other networks. Each time an LSA packet causes a change to the link-state database, SPF
recalculates the best paths and updates the routing table.

There are three main concerns related to link-state protocols:

 Processor overhead
 Memory requirements
 Bandwidth consumption

Routers that use link-state protocols require more memory and process more data than routers that use
distance vector routing protocols. Link-state routers need enough memory to hold all of the information from
the various databases, the topology tree, and the routing table. Initial link-state packet flooding consumes
bandwidth. In the initial discovery process, all routers that use link-state routing protocols send LSA packets
to all other routers. This action floods the internetwork and temporarily reduces the bandwidth available for
routed traffic that carries user data. After this initial flooding, link-state routing protocols generally require
minimal bandwidth to send infrequent or event-triggered LSA packets that reflect topology changes.

412
Only for individual use – not for distribute on Internet

17.3 Routing Protocols Overview

17.3.1 Path determination

This page will explain how a router determines the path of a packet from one data link to another. The router
uses two basic functions:

 A path determination function


 A switching function
413
Only for individual use – not for distribute on Internet
Path determination occurs at the network layer. The path determination function enables a router to evaluate
the paths to a destination and to establish the preferred way to handle a packet. The router uses the routing
table to determine the best path and then uses the switching function to forward the packet. -

The switching function is the internal process used by a router to accept a packet on one interface and forward
it to a second interface on the same router. A key responsibility of the switching function of the router is to
encapsulate packets in the appropriate frame type for the next data link.

Figure illustrates how routers use addressing for these routing and switching functions. The router uses the
network portion of the address to make path selections to pass the packet to the next router along the path.

414
Only for individual use – not for distribute on Internet

415
Only for individual use – not for distribute on Internet
17.3.2 Routing configuration

This page will explain the steps that are used to configure a routing protocol.

To enable an IP routing protocol on a router, global and routing parameters need to be set. Global tasks include
the selection of a routing protocol such as RIP, IGRP, EIGRP, or OSPF. The major task in the routing
configuration mode is to indicate IP network numbers. Dynamic routing uses broadcasts and multicasts to
communicate with other routers.

The router command starts a routing process.

The network command enables the routing process to determine which interfaces send and receive routing
updates.

An example of a routing configuration is as follows:

GAD(config)#router rip
GAD(config-router)#network 172.16.0.0

For RIP and IGRP, the network numbers are based on the network class addresses, not subnet addresses or
individual host addresses.The Lab Activity will help students configure routers to start a routing process.

416
Only for individual use – not for distribute on Internet

17.3.3 Routing protocols

This page will give some examples of routing protocols and how they are used.

At the Internet layer of the TCP/IP suite of protocols, a router can use an IP routing protocol to accomplish
routing through the implementation of a specific routing algorithm. Examples of IP routing protocols include
the following:

 RIP - a distance vector interior routing protocol


 IGRP - the Cisco distance vector interior routing protocol
 OSPF - a link-state interior routing protocol
 EIGRP - the advanced Cisco distance vector interior routing protocol
 BGP - a distance vector exterior routing protocol

RIP was originally specified in RFC 1058. Its key characteristics include the following:

 It is a distance vector routing protocol.


 Hop count is used as the metric for path selection.
 If the hop count is greater than 15, the packet is discarded.
 Routing updates are broadcast every 30 seconds, by default.

IGRP is a proprietary protocol developed by Cisco. Some of the IGRP key design characteristics are as
follows:

 It is a distance vector routing protocol.


 Bandwidth, load, delay and reliability are used to create a composite metric.
 Routing updates are broadcast every 90 seconds, by default.

OSPF is a nonproprietary link-state routing protocol.

 It is a link-state routing protocol.

417
Only for individual use – not for distribute on Internet
 It is an open standard routing protocol described in RFC 2328.
 The SPF algorithm is used to calculate the lowest cost to a destination.
 Routing updates are flooded as topology changes occur.

EIGRP is a Cisco proprietary enhanced distance vector routing protocol. The key characteristics of EIGRP are
as follows:

 It is an enhanced distance vector routing protocol.


 It uses unequal cost load balancing.
 It uses a combination of distance vector and link-state features.
 It uses Diffused Update Algorithm ( DUAL ) to calculate the shortest path.
 Routing updates are multicast using 224.0.0.10 triggered by topology changes.

Border Gateway Protocol ( BGP ) is an exterior routing protocol. key characteristics of BGP are as follows:

 It is a distance vector exterior routing protocol.


 It is used between ISPs or ISPs and clients.
 It is used to route Internet traffic between autonomous systems.

The Interactive Media Activity will help students recognize link-state and distance vector routing protocols

17.3.4 IGP versus EGP

This page will help students understand the differences between interior and exterior routing protocols.

Interior routing protocols are designed for use in a network that is controlled by a single organization. The
design criteria for an interior routing protocol require it to find the best path through the network. In other
words, the metric and how that metric is used is the most important element in an interior routing protocol.

An exterior routing protocol is designed for use between two different networks that are under the control of
two different organizations. These are typically used between ISPs or between a company and an ISP. For
418
Only for individual use – not for distribute on Internet
example, a company would run BGP, an exterior routing protocol, between one of its routers and a router
inside an ISP. IP exterior gateway protocols require the following three sets of information before routing
can begin:

 A list of neighbor routers with which to exchange routing information


 A list of networks to advertise as directly reachable
 The autonomous system number of the local router

An exterior routing protocol must isolate autonomous systems. Remember, autonomous systems are managed
by different administrations. Networks must have a protocol to communicate between these different systems.
Each AS must have a 16-bit identification number, which is assigned by ARIN or a provider, to use routing
protocols such as IGRP and EIGRP. The Interactive Media Activity will help students identify interior and
exterior routing protocols.

419
Only for individual use – not for distribute on Internet
17.3.5 Summary

This page summarizes the topics discussed in this module.

The process that a router uses to forward packets toward the destination network is called routing. Decisions
are based upon the destination IP address of each packet. When routers use dynamic routing, they learn about
remote networks from other routers. When static routing is used, a network administrator configures
information about remote networks manually.
Static route operations can be divided into these three parts. First a network administrator uses the ip route
command to configure a static route. Then the router installs the route in the routing table. Finally, the route is
used to route packets.
Static routes can be used for backup purposes. A static route can be configured on a router that will only be
used when the dynamically learned route has failed.
After static routes are configured, verify they are present in the routing table and that routing works as
expected. Use the command show running-config to view the active configuration in RAM. The show ip
route command is used to make sure that the static route is present in the routing table.
The communication used between routers is referred to as a routing protocol. The goal of a routing protocol is
to build and maintain the routing table.
A routed protocol is used to direct user traffic. A routed protocol provides enough information in its network
layer address to allow a packet to be forwarded from one host to another based on the addressing scheme.
An AS is a collection of networks under the same administration that share a common routing strategy.
Autonomous systems divide the global internetwork into smaller and more manageable networks. Each AS has
its own set of rules and policies and a number that distinguishes it from all other autonomous systems.

The distance vector routing approach determines the direction, or vector, and distance to any link in an
internetwork. The link-state approach recreates the exact topology of an entire internetwork.

Distance vector routing algorithms pass periodic copies of a routing table from router to router. These regular
updates between routers communicate topology changes. The distance vector routing algorithm is also known
as the Bellman-Ford algorithm.

The second basic algorithm used for routing is the link-state algorithm. The link-state algorithm is also known
as the Dijkstra algorithm or as the SPF algorithm. Link-state routing algorithms maintain a complex database
of topology information. The distance vector algorithm has nonspecific information about distant networks and
no knowledge of distant routers. A link-state routing algorithm maintains full knowledge of distant routers and
how they interconnect.

Interior routing protocols are designed for use in a network whose parts are under the control of a single
organization. An exterior routing protocol is designed for use between two different networks that are under
the control of two different organizations. These are typically used between ISPs or between a company and an
ISP.

420
Only for individual use – not for distribute on Internet
18 MODULE 7
Module Overview

Dynamic routing makes it possible to avoid the configuration of static routes. Dynamic routing makes it
possible to avoid the time-consuming and exacting process of configuring static routes. Dynamic routing also
makes it possible for routers to react to changes in the network and to adjust their routing tables accordingly,
without the intervention of the network administrator. However, dynamic routing can cause problems. Some of
the problems associated with dynamic distance vector routing protocols are discussed in this module, along
with some of the steps that designers of the protocols have taken to solve the problems.

RIP is a distance vector routing protocol that is used in thousands of networks throughout the world. The fact
that RIP is based on open standards and is easy to implement makes it attractive to some network
administrators. However, RIP lacks the power and features of more advanced routing protocols. Because of its
simplicity, RIP is a good basic protocol for networking students. This module will also introduce RIP
configuration and troubleshooting.

IGRP is another distance vector routing protocol. Unlike RIP, IGRP is a Cisco-proprietary protocol rather than
a standards-based protocol. IGRP is also very simple to implement. However, IGRP is a more complex routing
protocol than RIP and can use many factors to determine the best route to a destination network. This module
will introduce IGRP configuration and troubleshooting. This module covers some of the objectives for the
CCNA 640-801, INTRO 640-821, and ICND 640-811 exams. - Students who complete this module should
be able to perform the following tasks:

 Describe how routing loops can occur in distance vector routing


 Describe several methods used by distance vector routing protocols to ensure that routing information
is accurate
 Configure RIP
 Use the ip classless command
 Troubleshoot RIP
 Configure RIP for load balancing
 Configure static routes for RIP
 Verify RIP
 Configure IGRP
 Verify IGRP operation
 Troubleshoot IGRP

7.1 Distance vector routing


7.2 RIP
7.3 IGRP

18.1 Distance Vector Routing

18.1.1 Distance vector routing updates

This page will explain how distance vector routing updates occur.

Routing table updates occur periodically or when the topology in a distance vector protocol network changes.
It is important for a routing protocol to update the routing tables efficiently. As with the network discovery
process, topology change updates proceed systematically from router to router. Distance vector algorithms
call for each router to send its entire routing table to each of its adjacent neighbors. The routing tables include
information about the total path cost. The path cost is defined by the metrics and the logical address of the first
router on the path to each network in the table.

421
Only for individual use – not for distribute on Internet

18.1.2 Distance vector routing loop issues

This page will help students understand routing loops.

Routing loops can occur when inconsistent routing tables are not updated due to slow convergence in a
changing network. -1-

An example is as follows:

1. Just before the failure of Network 1, all routers have consistent knowledge and correct routing tables.
The network is said to have converged. For Router C, the preferred path to Network 1 is by way of
Router B, and the distance from Router C to Network 1 is 3.
422
Only for individual use – not for distribute on Internet
2. When Network 1 fails, Router E sends an update to Router A. Router A stops routing packets to
Network 1, but Routers B, C, and D continue to do so because they have not yet been informed of the
failure. When Router A sends out its update, Routers B and D stop routing to Network 1. However,
Router C has not received an update. For Router C, Network 1 can still be reached through Router B.
3. Now Router C sends a periodic update to Router D, which indicates a path to Network 1 by way of
Router B. Router D changes its routing table to reflect this incorrect information, and sends the
information to Router A. Router A sends the information to Routers B and E, and the process
continues. Any packet destined for Network 1 will now loop from Router C to B to A to D and back to
again to C.

18.1.3 Defining a maximum count

This page will teach students how to define a maximum count to prevent routing loops.

The invalid updates of Network 1 will continue to loop until some other process stops the looping. This
condition, which is called count to infinity, loops packets around the network in spite of the fact that the
destination network, which is Network 1, is down. While the routers count to infinity, the invalid information
allows a routing loop to exist.

Without countermeasures to stop the count to infinity process, the distance vector metric of hop count increases
each time the packet passes through another router. These packets loop through the network because of
incorrect information in the routing tables.

Distance vector routing algorithms are self-correcting, but a routing loop problem can require a count to
infinity. To avoid this prolonged problem, distance vector protocols define infinity as a specific maximum
number. This number refers to a routing metric, which may simply be the hop count.

With this approach, the routing protocol permits the routing loop to continue until the metric exceeds its
maximum allowed value. The graphic shows the metric value as 16 hops. This exceeds the distance vector
default maximum of 15 hops so the packet is discarded by the router. When the metric value exceeds the
maximum value, Network 1 is considered unreachable

423
Only for individual use – not for distribute on Internet

18.1.4 Elimination routing loops through split-horizon

This page will explain how split horizon can be used to avoid routing loops.

Some routing loops occur when incorrect information that is sent back to a router contradicts the correct
information that the router originally distributed. An example is as follows:

1. Router A passes an update to Router B and Router D, which indicates that Network 1 is down.
However, Router C transmits an update to Router B, which indicates that Network 1 is available at a
distance of 4, by way of Router D. This does not violate split horizon rules.
2. Router B concludes, incorrectly, that Router C still has a valid path to Network 1, although at a much
less favorable metric. Router B sends an update to Router A, which informs Router A of the new route
to Network 1.

424
Only for individual use – not for distribute on Internet
3. Router A now determines that it can send to Network 1 by way of Router B. Router B determines that it
can send to Network 1 by way of Router C. Router C determines that it can send to Network 1 by way
of Router D. Any packet introduced into this environment will loop between routers.
4. Split horizon is used to avoid this situation. If a routing update about Network 1 arrives from Router A,
Router B or Router D cannot send information about Network 1 back to Router A. Split horizon
reduces incorrect routing information and routing overhead.

18.1.5 Route poisoning

This page will explain what route poisoning is and why it is used.

425
Only for individual use – not for distribute on Internet
Route poisoning is used by various distance vector protocols to overcome large routing loops and offer detailed
information when a subnet or network is not accessible. To accomplish this, the hop count is usually set to one
more than the maximum.

One way to avoid inconsistent updates is route poisoning. When Network 5 goes down, Router E will set a
distance of 16 for Network 5 to poison the route. This indicates that the network is unreachable. When the
route is poisoned, Router C is not affected by incorrect updates about the route to Network 5. After Router C
receives a route poisoning from Router E, it sends an update, which is called a poison reverse, back to Router
E. This makes sure all routers on the segment have received the poisoned route information.

When route poisoning is used with triggered updates it will speed up convergence time because neighboring
routers do not have to wait 30 seconds before they advertise the poisoned route.

Route poisoning causes a routing protocol to advertise infinite-metric routes for a failed route. Route poisoning
does not break split horizon rules. Split horizon with poison reverse is route poisoning that is placed on links
that split horizon would not normally allow routing information to flow across. In either case, the result is that
failed routes are advertised with infinite metrics.

18.1.6 Avoiding routing loops with triggered updates

This page will explain how triggered updates can be used to prevent routing loops.

New routing tables are sent to neighbor routers on a regular basis. For example, RIP updates occur every 30
seconds. However a triggered update is sent immediately in response to some change in the routing table. The
router that detects a topology change immediately sends an update message to adjacent routers. These routers
generate triggered updates to notify their adjacent neighbors of the change. When a route fails, an update is
sent immediately. Triggered updates, used in conjunction with route poisoning, ensure that all routers know of
failed routes before any holddown timers can expire.

Triggered updates do not wait for update timers to expire. They are sent when routing information has
changed. A router will immediately send a routing update on its other interfaces. This forwards the information
about the route that has changed and starts the holddown timers sooner on the neighbor routers. The wave of
updates propagates throughout the network.

Router C issues a triggered update, which announces that network 10.4.0.0 is unreachable. Upon receipt of
this information, Router B announces through interface S0/1 that network 10.4.0.0 is down. In turn, Router A
sends an update out interface Fa0/0.

426
Only for individual use – not for distribute on Internet

18.1.7 Preventing routing loops with holddown timers

This page will explain how holddown timers can be used to avoid a count to infinity problem:

 When a router receives an update from a neighbor, which indicates that a previously accessible network
is now inaccessible, the router marks the route as inaccessible and starts a holddown timer. Before the
holddown timer expires, if an update is received from the same neighbor, which indicates that the
network is accessible, the router marks the network as accessible and removes the holddown timer.
 If an update arrives from a different neighbor router with a better metric for the network, the router
marks the network as accessible and removes the holddown timer.
 If an update is received from a different router with a higher metric before the holddown timer expires,
the update is ignored. This update is ignored to allow more time for the knowledge of a disruptive
change to propagate through the entire network.

427
Only for individual use – not for distribute on Internet
18.2 RIP

18.2.1 RIP routing process

This page will provide an overview of the RIP routing process.

The modern open standard version of RIP, which is sometimes referred to as IP RIP, is formally detailed in
two separate documents. The first is known as Request for Comments (RFC) 1058 and the other as Internet
Standard (STD) 56.

RIP has evolved over the years from a Classful Routing Protocol, RIP Version 1 (RIP v1), to a Classless
Routing Protocol, RIP Version 2 (RIP v2). RIP v2 enhancements include the following:

 Ability to carry additional packet routing information


 Authentication mechanism to secure table updates
 Support for variable-length subnet mask (VLSM)

To prevent indefinite routing loops, RIP implements a limit on the number of hops allowed in a path from a
source to a destination. The maximum number of hops in a path is 15. When a router receives a routing update
that contains a new or changed entry, the metric value is increased by 1 to account for itself as a hop in the
path. If this causes the metric to be higher than 15, the network destination is considered unreachable. RIP
includes a number of features that are common in other routing protocols. For example, RIP implements split
horizon and holddown mechanisms to prevent the propagation of incorrect routing information.

18.2.2 Configuring RIP

This page will explain how RIP is configured.

The router rip command enables RIP as the routing protocol. The network command is then used to tell the
router on which interfaces to run RIP. The routing process associates specific interfaces with the network
addresses and begins to send and receive RIP updates on these interfaces.

RIP sends routing-update messages at regular intervals. When a router receives a routing update that includes
changes to an entry, it updates its routing table to reflect the new route. The received metric value for the path
is increased by 1, and the source interface of the update is indicated as the next hop in the routing table. RIP
routers maintain only the best route to a destination but can maintain multiple equal-cost paths to the
destination. Most routing protocols use a combination of time-driven and event-driven updates. RIP is time-
driven, but the Cisco implementation of RIP sends triggered updates whenever a change is detected. Topology
changes also trigger immediate updates in IGRP routers, regardless of the update timer. Without triggered
updates, RIP and IGRP will not perform. After updating its routing table due to a configuration change, the
router immediately begins transmitting routing updates in order to inform other network routers of the change.
These updates, called triggered updates, are sent independently of the regularly scheduled updates that RIP
routers forward. The descriptions for the commands used to configure router BHM shown in the figure are as
follows:

428
Only for individual use – not for distribute on Internet
 BHM(config)#router rip – Selects RIP as the routing protocol
 BHM(config-router)#network 10.0.0.0 – Specifies a directly connected network
 BHM(config-router)#network 192.168.13.0 – Specifies a directly connected network

The Cisco router interfaces that are connected to networks 10.0.0.0 and 192.168.13.0 send and receive RIP
updates. These routing updates allow the router to learn the network topology from a directly connected router
that also runs RIP.

RIP must be enabled and the networks must be specified. All other tasks are optional. These optional tasks
include the following:

 Apply offsets to routing metrics


 Adjust timers
 Specify a RIP version
 Enable RIP authentication
 Configure route summarization on an interface
 Verify IP route summarization
 Disable automatic route summarization
 Run IGRP and RIP concurrently
 Disable the validation of source IP addresses
 Enable or disable split horizon
 Connect RIP to a WAN

To enable RIP, use the following commands in global configuration mode:

 Router(config)#router rip – Enables the RIP routing process


 Router(config-router)#networknetwork-number – Associates a network with the RIP routing process

The Lab Activities will let students examine a router topology and configure RIP

429
Only for individual use – not for distribute on Internet
18.2.3 Using the ip classless command

This page will explain what the ip classless command is and how it is used.

Sometimes a router receives packets destined for an unknown subnet of a network that has directly connected
subnets. Use the ip classless global configuration command to instruct the Cisco IOS software to forward these
packets to the best supernet route. A supernet route is a route that covers a greater range of subnets with a
single entry. For example, if an enterprise uses the entire subnet 10.10.0.0 /16, then a supernet route for
10.10.10.0 /24 would be 10.10.0.0 /16. The ip classless command is enabled by default in Cisco IOS Software
Release 11.3 and later. To disable this feature, use the no form of this command.

When this feature is disabled any packets received that are destined for a subnet that falls within the
subnetwork addressing scheme of the router will be discarded.

IP classless only affects the operation of the forwarding processes in IOS. IP classless does not affect the way
the routing table is built. This is the essence of classful routing. If one part of a major network is known, but
the subnet toward which the packet is destined within that major network is unknown, the packet is dropped.

The most confusing aspect of this rule is that the router only uses the default route if the major network
destination does not exist in the routing table. A router by default assumes that all subnets of a directly
connected network should be present in the routing table. If a packet is received with an unknown destination
address within an unknown subnet of a directly attached network, the router assumes that the subnet does not
exist. So the router will drop the packet even if there is a default route. To resolve this problem, configure ip
classless on the router. This allows the router to ignore the classful boundaries of the networks in its routing
table and simply route to the default route. - The Lab Activity will help students become more familiar
with the ip classless command.

430
Only for individual use – not for distribute on Internet

18.2.4 Common RIP configuration issues

This page will provide some more information about the methods that are used to reduce routing loops.

RIP routers must rely on neighbor routers for some types of network information. A common term used to
describe this functionality is Routing by Rumor. RIP uses a distance vector routing algorithm. All distance
vector routing protocols have issues that are primarily created by slow convergence. Convergence is when all
routers in a network have the same routing information.

Among these issues are routing loops and counting to infinity. These result in inconsistencies due to update
messages with incorrect routes that are propagated around the network.

To reduce routing loops and counting to infinity, RIP uses the following techniques:

 Split horizon
 Poison reverse
 Holddown counters
 Triggered updates

Some of these methods may need to be configured.

RIP permits a maximum hop count of 15. Any destination greater that 15 hops away is tagged as unreachable.
This maximum hop count greatly restricts the use of RIP in large internetworks but prevents counts to infinity
and endless network routing loops.

431
Only for individual use – not for distribute on Internet
The split horizon rule is based on the theory that it is not useful to send information about a route back in the
direction from which it came. In some network configurations, it may be necessary to disable split horizon.

The following command is used to disable split horizon:

GAD(config-if)#no ip split-horizon

The holddown timer is another mechanism that may need to be configured. Holddown timers help prevent
counting to infinity but also increase convergence time. The default holddown for RIP is 180 seconds. This
will prevent any inferior route from being updated but may also prevent a valid alternative route from being
installed. The holddown timer can be decreased to speed up convergence but should be done with caution.
Ideally, the timer should be set just longer than the longest possible update time for the internetwork. In the
example in Figure , the loop consists of four routers. If each router has an update time of 30 seconds, the
longest loop would be 120 seconds. Therefore, the holddown timer should be set to slightly more than 120
seconds.

Use the following command to change the holddown timer as well as the update, invalid, and flush timers:

Router(config-router)#timers basicupdate invalid holddown flush [sleeptime ]

Another configurable item that affects convergence time is the update interval. The default RIP update interval
in Cisco IOS is 30 seconds. This can be configured for longer intervals to conserve bandwidth, or for shorter
intervals to decrease convergence time.

Another issue with routing protocols is the unwanted advertisement of routing updates out a particular
interface. When a network command is issued for a given network, RIP will immediately begin to send
advertisements out all interfaces within the specified network address range. A network administrator can use
the passive-interface command to disable routing updates on specified interfaces.

Because RIP is a broadcast protocol, the network administrator may have to configure RIP to exchange
routing information in a non-broadcast network such as Frame Relay. In this type of network, RIP must be
informed of neighbor RIP routers. To do this use the neighbor command displayed in Figure .

By default, the Cisco IOS software receives RIP Version 1 and Version 2 packets, but sends only Version 1
packets. The network administrator can configure the router to only receive and send Version 1 packets or the
administrator can configure the router to send only Version 2 packets. To configure the router to send and
receive packets from only one version, use the commands in Figure .

To control how packets received from an interface are processed, use the commands in Figure .

432
Only for individual use – not for distribute on Internet

433
Only for individual use – not for distribute on Internet

18.2.5 Verifying RIP configuration

This page will describe several commands that can be used to verify that RIP is properly configured. Two of
the most common are the show ip route command and the show ip protocols command.

The show ip protocols command shows which routing protocols carry IP traffic on the router. This output
can be used to verify most if not all of the RIP configuration. Some of the most common configuration items to
verify are as follows:

 RIP routing is configured.


 The correct interfaces send and receive RIP updates.
 The router advertises the correct networks.

The show ip route command can be used to verify that routes received by RIP neighbors are installed in the
routing table. Examine the output of the command and look for RIP routes signified by "R". Remember that
the network will take some time to converge so the routes may not appear immediately.

434
Only for individual use – not for distribute on Internet
Additional commands to check RIP configuration are as follows:

 show interfaceinterface
 show ip interfaceinterface
 show running-config

The Lab Activity on this page will teach students how to use the show commands to verify the configuration of
a router

435
Only for individual use – not for distribute on Internet
18.2.6 Troubleshooting RIP update issues

This page will teach students how to troubleshoot RIP update issues.

Most of the RIP configuration errors involve an incorrect network statement, discontiguous subnets, or split
horizons. An effective command that is used to find RIP update issues is the debug ip rip command.

The debug ip rip command displays RIP routing updates as they are sent and received. The example in Figure
shows the output from the debug ip rip command after a router receives a RIP update. After the router
receives and processes the update, it sends the updated information out its two RIP interfaces. The output
shows the router uses RIP v1 and broadcasts the update with the broadcast address 255.255.255.255. The
number in parenthesis represents the source address encapsulated into the IP header of the RIP update.

There are several key indicators to look for in the output of the debug ip rip command. Problems such as
discontiguous subnetworks or duplicate networks can be diagnosed with this command. A symptom of these
issues would be a router that advertises a route with a metric that is less than the metric it received for that
network.

The following commands can also be used to troubleshoot RIP:

 show ip rip database


 show ip protocols {summary}
 show ip route
 debug ip rip {events}
 show ip interface brief

The Lab Activities on this page will teach students how to configure and troubleshoot RIP

436
Only for individual use – not for distribute on Internet

437
Only for individual use – not for distribute on Internet
18.2.7 Preventing routing updates through an interface

This page will teach students how to prevent routing updates.

Route filtering regulates the routes that are entered into or advertised out of a route table. These have different
effects on link-state routing protocols than they do on distance vector protocols. A router that runs a distance
vector protocol advertises routes based on what is in its route table. As a result, a route filter influences which
routes the router advertises to its neighbors.

Routers that run link-state protocols determine routes based on information in the link-state database, rather
than the route entries advertised by neighbor routers. Route filters have no effect on link-state advertisements
or the link-state database. For this reason, the information on this page only applies to distance vector IP
routing protocols such as RIP and IGRP.

The passive-interface command prevents the transmission of routing updates through a router interface. When
update messages are not sent through a router interface, other systems on the network cannot learn about routes
dynamically. In Figure , Router E uses the passive-interface command to prevent routing updates from
being sent.

For RIP and IGRP, the passive-interface command stops the router from sending updates to a particular
neighbor, but the router continues to listen and use routing updates from that neighbor.

The Lab Activities will instruct students on how to prevent routing updates through an interface

18.2.8 Load balancing with RIP

This page will describe load balancing and explain how RIP uses this feature.

Load balancing is a concept that allows a router to take advantage of multiple best paths to a given destination.
These paths are either statically defined by a network administrator or calculated by a dynamic routing
protocol such as RIP.

RIP is capable of load balancing over as many as six equal-cost paths. The default is four paths. RIP performs
what is referred to as ―round robin‖ load balancing. This means that RIP takes turns forwarding packets over
the parallel paths.

Figure shows an example of RIP routes with four equal cost paths. The router will start with an interface
pointer to the interface connected to Router 1. Then the interface pointer cycles through the interfaces and
438
Only for individual use – not for distribute on Internet
routes in a deterministic fashion such as 1-2-3-4-1-2-3-4-1 and so on. Since the metric for RIP is hop count, the
speed of the links is not considered. Therefore, the 56-Kbps path will be given the same preference as the 155-
Mbps path.

The show ip route command can be used to find equal cost routes. For example, Figure is a display of the
output show ip route to a particular subnet with multiple routes.

Notice there are two routing descriptor blocks. Each block is one route. There is also an asterisk (*) next to one
of the block entries. This corresponds to the active route that is used for new traffic.

18.2.9 Load balancing across multiple paths

This page will further explain how routers use load balancing to transmit packets to a destination IP address
over multiple paths. The paths are derived either statically or with dynamic protocols, such as RIP, EIGRP,
OSPF, and IGRP.

When a router learns multiple routes to a specific network, the route with the lowest administrative distance is
installed in the routing table. Sometimes the router must select a route from among many, learned through
the same routing process with the same administrative distance. In this case, the router chooses the path with
439
Only for individual use – not for distribute on Internet
the lowest cost or metric to the destination. Each routing process calculates its cost differently and the costs
may need to be manually configured in order to achieve load balancing.

If the router receives and installs multiple paths with the same administrative distance and cost to a destination,
load-balancing can occur. Cisco IOS imposes a limit of up to six equal cost routes in a routing table, but some
IGPs have their own limitations. EIGRP allows up to four equal cost routes.

By default, most IP routing protocols install a maximum of four parallel routes in a routing table. Static routes
always install six routes. The exception is BGP, which by default allows only one path to a destination.

The range of maximum paths is one to six paths. To change the maximum number of parallel paths allowed,
use the following command in router configuration mode:

Router(config-router)#maximum-paths [number ]

IGRP can load balance up to six unequal links. RIP networks must have the same hop count to load balance,
whereas IGRP uses bandwidth to determine how to load balance.

In Figure , there are three ways to reach Network X:

 E to B to A with a metric of 30
 E to C to A with a metric of 20
 E to D to A with a metric of 45

Router E chooses the second path, E to C to A with a metric of 20, since it is a lower cost than 30 and 45.

Cisco IOS supports two methods of load balancing for IP packets. These are per-packet and per-destination
load balancing. If process switching is enabled, the router will alternate paths on a per-packet basis. If fast
switching is enabled, only one alternate route will be cached for the destination address. All packets that are
bound for a specific host will take the same path. Packets bound for a different host on the same network may
use an alternate route. Traffic is load balanced on a per-destination basis.

By default the router uses per-destination load balancing, also called fast switching. The route cache allows
outgoing packets to be load-balanced on a per-destination basis rather than on a per-packet basis. To disable
fast switching, use the no ip route-cache command. Using this command will cause traffic to be load balanced
on a per-packet basis. In the Lab Activities, students will configure and observe load balancing.

440
Only for individual use – not for distribute on Internet

18.2.10 Integrating static routes with RIP

This page will explain how static routes can be configured on a router that uses RIP.

Static routes are user-defined routes that force packets to take a set path from a source to a destination. Static
routes become very important if the Cisco IOS software does not learn a route to a particular destination. They
are also used to specify a gateway of last resort, which is commonly referred to as a default route. If a packet is
destined for a subnet that is not explicitly listed in the routing table, the packet is forwarded to the default
route.

A router that runs RIP can receive a default route through an update from another router that runs RIP. Another
option is for the router to generate the default route itself.

Use the no ip route global configuration command to remove static routes. The administrator can override a
static route with dynamic routing information by adjusting the administrative distance values. Each dynamic
routing protocol has a default administrative distance (AD). A static route can be defined as less desirable than
a dynamically learned route, as long as the AD of the static route is higher than that of the dynamic route. Note
that after the static route to network 172.16.0.0 through 192.168.14.2 was entered, the routing table does not
show it. Only the dynamic route learned through RIP is present. This is because the AD of 130 is higher for the
static route, and unless the RIP route through S0/0 goes down, the static route will not be installed in the
routing table.

Static routes that point out an interface will be advertised by the RIP router that owns the static route and
propagated throughout the internetwork. This is because static routes that point to an interface are considered
in the routing table to be connected and thus lose their static nature in the update. If a static route is assigned to
an interface that is not defined in a network command, a redistribute static command must be specified in the
RIP process before RIP will advertise the route.

When an interface goes down, all static routes pointing out that interface are removed from the IP routing
table. Likewise, when the software can no longer find a valid next hop for the address specified in the static
route, then the static route is removed from the IP routing table.

441
Only for individual use – not for distribute on Internet
In Figure a static route has been configured on the GAD router to take the place of the RIP route in the event
that the RIP routing process fails. This is referred to as a floating static route. To configure the floating static
route, an AD of 130 was defined on the static route. This is greater than the default AD of RIP, which is 120.
The BHM router would also need to be configured with a default route.

To configure a static route, use the command shown in Figure in global configuration mode. The Lab
Activity will teach students how to define static routes when RIP is used.

figure. 3

442
Only for individual use – not for distribute on Internet

figure 2

18.3 IGRP

18.3.1 IGRP features

This page will explain the main features and functions of IGRP.

IGRP is a distance vector IGP. Distance vector routing protocols measure distances to mathematically compare
routes. This measurement is known as the distance vector. Routers that use distance vector protocols must send
all or a portion of their routing table in a routing update message at regular intervals to each neighbor router.
As routing information spreads throughout the network, routers perform the following functions:

 Identify new destinations


 Learn of failures

IGRP is a distance vector routing protocol developed by Cisco. IGRP sends routing updates at 90 second
intervals. These updates advertise all the networks for a particular AS.
Key design characteristics of IGRP are a follows:

 The versatility to automatically handle indefinite, complex topologies


443
Only for individual use – not for distribute on Internet
 The flexibility needed to segment with different bandwidth and delay characteristics
 Scalability for functioning in very large networks

By default, the IGRP routing protocol uses bandwidth and delay as metrics. Additionally, IGRP can be
configured to use a combination of variables to determine a composite metric. These variables are as follows:

 Bandwidth
 Delay
 Load
 Reliability

The Interactive Media Activity will help students identify the features of RIP and IGRP.

18.3.2 IGRP metrics

This page will describe the metrics that IGRP uses.

The show ip protocols command displays parameters, filters, and network information about the routing
protocols in use on the router. The algorithm used to calculate the routing metric for IGRP is shown in the
graphic. It defines the value of the K1 to K5 metrics and provides information about the maximum hop count.
The metric K1 represents bandwidth and the metric K3 represents delay. By default the values of the metrics
K1 and K3 are set to 1, and K2, K4, and K5 are set to 0.

This composite metric is more accurate than the hop count metric that RIP uses to choose a path to a
destination. The path that has the smallest metric value is the best route.

IGRP uses the following metrics:

 Bandwidth – The lowest bandwidth value in the path


 Delay – The cumulative interface delay along the path
 Reliability – The reliability on the link toward the destination as determined by the exchange of
keepalives
 Load – The load on a link toward the destination based on bits per second

IGRP uses a composite metric. This metric is calculated as a function of bandwidth, delay, load, and reliability.
By default, only bandwidth and delay are considered. The other parameters are considered only if enabled

444
Only for individual use – not for distribute on Internet
through configuration. Delay and bandwidth are not measured values, but are set with the delay and
bandwidth interface commands. The show ip route command in the example shows the IGRP metric values
in brackets. A link with a higher bandwidth will have a lower metric and a route with a lower cumulative delay
will have a lower metric.

445
Only for individual use – not for distribute on Internet
18.3.3 IGRP routes

This page will introduce the three types of routes that IGRP advertises:

 Interior
 System
 Exterior

Interior
Interior routes are routes between subnets of a network attached to a router interface. If the network attached to
a router is not subnetted, IGRP does not advertise interior routes.

System
System routes are routes to networks within an autonomous system. The Cisco IOS software derives system
routes from directly connected network interfaces and system route information provided by other IGRP
routers or access servers. System routes do not include subnet information.

Exterior
Exterior routes are routes to networks outside the autonomous system that are considered when a gateway of
last resort is identified. The Cisco IOS software chooses a gateway of last resort from the list of exterior routes
that IGRP provides. The software uses the gateway of last resort if a better route is not found and the
destination is not a connected network. If the autonomous system has more than one connection to an external
network, different routers can choose different exterior routers as the gateway of last resort.
The Interactive Media Activity will help students understand the different types of IGRP routes

18.3.4 IGRP stability features

This page will describe three features that are designed to enhance the stability of IGRP:

 Holddowns
 Split horizons
 Poison reverse updates

446
Only for individual use – not for distribute on Internet
Holddowns
Holddowns are used to prevent regular update messages from reinstating a route that may not be up. When a
router goes down, neighbor routers detect this from the lack of regularly scheduled update messages.

Split horizons
Split horizons are derived from the premise that it is not useful to send information about a route back in the
direction from which it came. The split horizon rule helps prevent routing loops between adjacent routers.

Poison reverse updates


Poison reverse updates are used to prevent larger routing loops. Increases in routing metrics usually indicate
routing loops. Poison reverse updates then are sent to remove the route and place it in holddown. With IGRP,
poison reverse updates are sent only if a route metric has increased by a factor of 1.1 or greater.

IGRP also maintains many timers and variables that contain time intervals. These include an update timer, an
invalid timer, a holddown timer, and a flush timer.
The update timer specifies how frequently routing update messages should be sent. The IGRP default for this
variable is 90 seconds.
The invalid timer specifies how long a router should wait in the absence of routing-update messages about a
route before it declares that route invalid. The IGRP default for this variable is three times the update period.
The holddown timer specifies the amount of time for which information about poorer routes is ignored. The
IGRP default for this variable is three times the update timer period plus 10 seconds.
Finally, the flush timer indicates how much time should pass before a route is flushed from the routing table.
The IGRP default is seven times the routing update timer.
IGRP lacks support for VLSM. Cisco has created Enhanced IGRP to correct this problem

447
Only for individual use – not for distribute on Internet
18.3.5 Configuring IGRP

This page will introduce the commands that are used to configure IGRP.

To configure the IGRP routing process, use the router igrp configuration command. To shut down an IGRP
routing process, use the no form of this command.

The command syntax is as follows:

RouterA(config)#router igrpas-number
RouterA(config)#no router igrpas-number

The AS number identifies the IGRP process.

To specify a list of networks for IGRP routing processes, use the network router configuration command. To
remove an entry, use the no form of the command.

Figure shows an example of how to configure IGRP for AS 101. The Lab Activities will help students
configure IGRP

18.3.6 Migrating RIP to IGRP

This page will teach students how to convert a router from RIP to IGRP.

When Cisco created IGRP in the early 1980s, it was the first company to solve the problems associated with
the use of RIP to route datagrams between interior routers. IGRP examines the bandwidth and delay of the
networks between routers to determine the best path through an internetwork. IGRP converges faster than RIP.
This prevents routing loops that are caused by disagreement over the next routing hop. Further, IGRP does not
share the hop count limitation of RIP. As a result of this and other improvements over RIP, IGRP enabled
many large, complex, topologically diverse internetworks to be deployed.

Use the following steps to convert from RIP to IGRP:

1. Enter show ip route to verify that RIP is the routing protocol on the routers to be converted.
2. Configure IGRP on Router A and Router B.
448
Only for individual use – not for distribute on Internet
3. Enter show ip protocols on Router A and Router B.
4. Enter show ip route on Router A and Router B.

The Lab Activities will show students how to configure a default route, use RIP to propagate the information,
and then convert the router to IGRP

449
Only for individual use – not for distribute on Internet

450
Only for individual use – not for distribute on Internet

451
Only for individual use – not for distribute on Internet
18.3.7 Verifying IGRP configuration

This page will teach students how to verify an IGRP configuration. To verify that IGRP has been configured
properly, enter the show ip route command and look for IGRP routes signified by an "I".

Additional commands for checking IGRP configuration are as follows:

 show interfaceinterface
 show running-config
 show running-config interfaceinterface
 show running-config | begin interfaceinterface
 show running-config | begin igrp
 show ip protocols

To verify that the Ethernet interface is properly configured, enter the show interface fa0/0 command. Figure
illustrates the output.

To see if IGRP is enabled on the router, enter the show ip protocols command. Figure illustrates the output.
The commands illustrated in Figures - verify the network statements, IP addressing, and routing tables. In
the Lab Activities, students will verify an IGRP configuration and then use IGRP to set up dynamic routing

Figure 1
452
Only for individual use – not for distribute on Internet

Figure 2

Figure 3

453
Only for individual use – not for distribute on Internet

Figure 4

Figure 5

18.3.8 Troubleshooting IGRP

This page will introduce some commands that can be used to troubleshoot IGRP.

Most IGRP configuration errors involve a mistyped network statement, discontiguous subnets, or an incorrect
AS Number.

The following commands are used to troubleshoot IGRP:

 show ip protocols
 show ip route
 debug ip igrp events
 debug ip igrp transactions
 ping
 traceroute
454
Only for individual use – not for distribute on Internet
Figure shows output from the debug ip igrp events command.

Figure shows output from the debug ip igrp transactions command.

If the AS number is wrong and then corrected, it results in the output shown in Figure .

The Lab Activity will show students how to use the IGRP debug commands.

Figure 1

Figure 2

455
Only for individual use – not for distribute on Internet

Figure 3
456
Only for individual use – not for distribute on Internet
18.3.9 Summary

This page summarizes the topics discussed in this module.

Distance vector algorithms call for each router to send its entire routing table to each of its adjacent neighbors.
The routing tables include information about the total path cost as defined by the metrics and the logical
address of the first router on the path to each network contained in the table.

RIP uses many techniques to reduce routing loops and counting to infinity. RIP permits a maximum hop count
of 15. A destination greater than 15 hops away is tagged as unreachable.

The split horizon rule specifies that it is not useful to send information about a route back in the direction from
which it came. In some network configurations, it may be necessary to disable split horizon.

Route poisoning is used to overcome large routing loops and provide information when a network is down. It
also keeps a router from receiving incorrect updates.

Holddown timers help prevent counting to infinity but also increase convergence time. The default holddown
for RIP is 180 seconds. Triggered updates are also sent if routing information changes. The router sends
triggered routing update on its other interfaces rather than waiting on the routing update timer to expire.

RIP v2 enhancements include the ability to carry additional packet routing information, an authentication
mechanism to secure table updates, and support for VLSM. By default, routing updates are broadcast every 30
seconds.

RIP is enabled with the router rip command. The network command is then used to tell the router on which
interfaces to run RIP.

A supernet route is a route that covers a greater range of subnets with a single entry. The ip classless global
configuration command is used to forward packets to the best supernet route when a router receives packets
destined for an unknown subnet of a network.

The two most common commands used to verify that RIP is properly configured are the show ip route and
show ip protocols commands. The show ip route command shows the routes that are installed in the routing
table and the status of each route. The show ip protocols command is used to verify the state of the active
routing protocol as well as the installed routes specific to the protocol.

To display RIP routing updates as they are sent and received, use the debug ip rip command.

The passive-interface command prevents routers from sending routing updates through a router interface. This
keeps update messages from being sent through a router interface so that other systems on a network will not
learn about routes dynamically.

The show ip route command is used to find equal cost routes for load balancing. RIP uses round robin load
balancing. Routers take turns to forward packets over equal cost paths.

IGRP is a distance vector routing protocol that measures distances to mathematically compare routes. It sends
routing updates at 90 second intervals to advertise networks for an AS. IGRP uses a composite metric. This
metric is calculated as a function of bandwidth, delay, load, and reliability.

IGRP advertises three types of routes. These include interior, system, and exterior. There are many features
such as holddowns and split horizons that provide stability.

Use the show ip protocols and the show ip route commands to verify that IGRP is properly configured. In
addition, the ping and trace commands are used to troubleshoot errors.
457
Only for individual use – not for distribute on Internet

19 MODULE 8

Module Overview

IP is limited because it is a best effort delivery system. It has no mechanism to ensure that data is delivered
over a network. Data may fail to reach its destination for a variety of reasons such as hardware failure,
improper configuration, or incorrect routing information. To help identify these failures, IP uses the Internet
Control Message Protocol (ICMP) to notify the sender of the data that there was an error in the delivery
process. This module describes the various types of ICMP error messages and some of the ways they are used.

Because IP does not have a built-in mechanism for sending error and control messages, it uses ICMP to send
and receive error and control messages to hosts on a network. This module focuses on control messages, which
are messages that provide information or configuration parameters to hosts. Knowledge of ICMP control
messages is an essential part of network troubleshooting and is important to fully understand IP networks.

This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -2- … -4-

Students who complete this module should be able to perform the following tasks:

 Describe ICMP
 Describe ICMP message format
 Identify ICMP error message types
 Identify potential causes of specific ICMP error messages
 Describe ICMP control messages
 Identify a variety of ICMP control messages used in networks
 Determine the causes for ICMP control messages

19.1 Overview of TCP/IP Error Message

19.1.1 ICMP

This page will introduce a protocol that addresses the limitations of IP.

458
Only for individual use – not for distribute on Internet
IP is an unreliable method for the delivery of network data. It is known as a best effort delivery mechanism. It
has no built-in process to ensure that data is delivered if problems exist with network communication. If an
intermediary device such as a router fails, or if a destination device is disconnected from the network, data
cannot be delivered. Additionally, nothing in its basic design allows IP to notify the sender that a data
transmission has failed. ICMP is the component of the TCP/IP protocol stack that addresses this basic
limitation of IP. ICMP does not overcome the unreliability issues in IP. Reliability is provided by upper layer
protocols.

19.1.2 Error reporting and error correction

This page will explain how ICMP reports errors for IP. When datagram delivery errors occur, ICMP is used to
report these errors back to the source of the datagram. Look at the example in Figure -1-. Workstation 1 tries to
send a datagram to Workstation 6, but interface Fa0/0 on Router C goes down. Router C uses ICMP to send a
message back to Workstation 1. The message indicates that the datagram could not be delivered. ICMP does
not correct any network problems that it encounters, it only reports them.

When Router C receives the datagram from Workstation 1, it knows only the source and destination IP
addresses of the datagram. It does not know the exact path that the datagram took. Therefore, Router C can
only notify Workstation 1 of the failure and no ICMP messages are sent to Router A and Router B. ICMP
reports on the status of the delivered packet only to the source device. It does not send information about
network changes to other routers.

459
Only for individual use – not for distribute on Internet

19.1.3 ICMP message delivery

This page will describe the delivery method that is used by ICMP.

ICMP messages are encapsulated into datagrams in the same way any other data is delivered when IP is used.
Figure displays the encapsulation of ICMP data within an IP datagram.

Since ICMP messages are transmitted in the same way as any other data, they are subject to the same delivery
failures. This creates a scenario where error reports could generate more error reports and cause increased
congestion on a network. For this reason, errors created by ICMP messages do not generate their own ICMP
messages. Therefore, it is possible to have a datagram delivery error that is never reported back to the sender of
the data.

19.1.4 Unreachable networks

This page will explain why some networks are unreachable.

Network communication depends on some basic conditions that must be met. First, the TCP/IP protocol must
be properly configured for devices that send and receive data. This includes the installation of the TCP/IP
protocol and proper configuration of an IP address and subnet mask. A default gateway must also be
configured if datagrams are to travel outside of the local network. Second, intermediary devices must be in
place to route the datagram from the source device and its network to the destination network. Routers perform
this function. A router also must have the TCP/IP protocol properly configured on its interfaces, and it must
use an appropriate routing protocol.

460
Only for individual use – not for distribute on Internet
If these conditions are not met, then network communication cannot take place. For instance, the sending
device may address the datagram to a non-existent IP address or to a destination device that is disconnected
from its network. Routers can also be points of failure if a connecting interface is down or if the router does not
have the information necessary to find the destination network. If a destination network is not accessible, it is
said to be an unreachable network.

Figures -1- and -2- show a router that receives a packet that cannot be delivered. The packet is undeliverable
because there is no known route to the destination. Because of this, the router sends an ICMP host unreachable
message to the source.

461
Only for individual use – not for distribute on Internet

19.1.5 Use ping to test destination reachability

This page will explain how the ping command can be used to test the reachability of a network.

The ICMP protocol can be used to test the availability of a particular destination. Figure -1- shows ICMP being
used to issue an echo request message to the destination device. If the destination device receives the ICMP
echo request, it formulates an echo reply message to send back to the source of the echo request. If the sender
receives the echo reply, this confirms that the destination device can be reached using the IP protocol.

The echo request message is typically initiated with the ping command as shown in Figure -2-. In this
example, the command is used with the IP address of the destination device. The command can also be entered
with the IP address of the destination device as shown in Figure . In these examples, the ping command

462
Only for individual use – not for distribute on Internet
issues four echo requests and receives four echo replies. This confirms IP connectivity between the two
devices.

As seen in Figure , the echo reply includes a time-to-live (TTL) value. TTL is a field in the IP packet header
used by IP to provide a limitation on packet forwarding. As each router processes the packet, it decreases the
TTL value by one ( 1 ). When a router receives a packet with a TTL value of 1, it will decrement the TTL
value to 0 and the packet cannot be forwarded. An ICMP message may be generated and sent back to the
source machine, and the undeliverable packet is dropped.

463
Only for individual use – not for distribute on Internet
19.1.6 Detecting excessively long routes

This page will explain how excessively long routes are created.

Situations can occur in network communication where a datagram travels in a circle, never reaching its
destination. This might occur if two routers continually route a datagram back and forth between them,
thinking the other should be the next hop to the destination. When there are several routers involved, a routing
cycle is created. In a routing cycle, a router sends the datagram to the next hop router and thinks the next hop
router will route the datagram to the correct destination. The next hop router then routes the datagram to the
next router in the cycle. This can be caused by incorrect routing information. -1-

The limitations of the routing protocol can result in unreachable destinations. -1-The hop limit of RIP is 15,
which means that networks that are greater than 15 hops will not be learned through RIP.

In either of these cases, an excessively long route exists. Whether the actual path includes a circular routing
path or too many hops, the packet will eventually exceed the maximum hop count.

19.1.7 Echo messages

This page will provide information about ICMP messages.As with any type of packet, ICMP messages have
special formats. Each ICMP message type shown in Figure -1- has its own unique characteristics. All ICMP
message formats start with the same three fields:

 Type
 Code
 Checksum

464
Only for individual use – not for distribute on Internet
The type field indicates the type of ICMP message being sent. The code field includes further information
specific to the message type. The checksum field, as in other types of packets, is used to verify the integrity of
the data.

Figure -2- shows the message format for the ICMP echo request and echo reply messages. The relevant type
and code numbers are shown for each message type. The identifier and sequence number fields are unique to
the echo request and echo reply messages. The identifier and sequence fields are used to match the echo replies
to the corresponding echo request. The data field contains additional information that may be a part of the echo
reply or echo request message.

The Interactive Media Activity will test the ability of students to place the ICMP message fields in the correct
order

19.1.8 Destination unreachable message

This page will explain what a destination unreachable message is and why it occurs.

Datagrams cannot always be forwarded to their destinations. -1- Hardware failures, improper protocol
configuration, down interfaces, and incorrect routing information are some of the factors that prevent
successful delivery. In these cases, ICMP sends the sender a destination unreachable message, which indicates
that the datagram could not be forwarded.

Figure shows an ICMP destination unreachable message header. The value of 3 in the type field indicates it
is a destination unreachable message. The code value indicates the reason the packet could not be delivered.

465
Only for individual use – not for distribute on Internet
Figure has a code value of 0, which indicates that the network was unreachable. Figure shows the meaning
for each possible code value in a destination unreachable message.

A destination unreachable message may also be sent when packet fragmentation is required to forward a
packet. Fragmentation is usually necessary when a datagram is forwarded from a Token Ring network to an
Ethernet network. If the datagram does not allow fragmentation, the packet cannot be forwarded, so a
destination unreachable message will be sent. Destination unreachable messages may also be generated if IP-
related services such as FTP or Web services are unavailable. To effectively troubleshoot an IP network, it is
necessary to understand the various causes of ICMP destination unreachable messages

466
Only for individual use – not for distribute on Internet

19.1.9 Miscellaneous error reporting

This page will explain what a parameter problem message is and why it occurs.

Devices that process datagrams may not be able to forward a datagram due to an error in the header parameter.
This error does not relate to the state of the destination host or network but still prevents the datagram from
being processed and delivered, and because of that, the datagram is discarded. In this case, an ICMP type 12
parameter problem message is sent to the source of the datagram. Figure shows the parameter problem
message header.

The parameter problem message includes the pointer field in the header. When the code value is 0, the pointer
field indicates the octet of the datagram that produced the error.

This page concludes this lesson. The next lesson will describe TCP/IP suite control messages. The first page
will provide an overview of control messages

19.2 TCP/IP Suite Control Messages

19.2.1 Introduction to control messages

This page will provide an overview of TCP/IP control messages.

ICMP is an important part of the TCP/IP protocol suite. All IP implementations must include ICMP support.
The reasons for this are simple. Since IP does not guarantee delivery, it cannot inform hosts when errors occur.
Second, IP has no built-in method to provide informational or control messages to hosts.

Unlike error messages, control messages are not the results of lost packets or error conditions that occur during
packet transmission. Instead, they are used to inform hosts of conditions such as network congestion or the

467
Only for individual use – not for distribute on Internet
existence of a better gateway to a remote network. ICMP uses the basic IP header to travel through multiple
networks.

Multiple types of control messages are used by ICMP. Some of the most common are shown in Figure -1-.
Many of these are discussed in this lesson.

19.2.2 ICMP redirect/change requests

This page will introduce the ICMP redirect request, which is a common ICMP control message. This type of
message can only be initiated by a gateway, which is a term commonly used to describe a router. All hosts that
communicate with multiple IP networks must be configured with a default gateway. This default gateway is the
address of a router port connected to the same network as the host. Figure displays a host connected to a
router that has access to the Internet. After Host B is configured with the IP address of FastEthernet 0/0 as its
default gateway, it uses that IP address to reach any network that is not directly connected. Normally, Host B is
connected to a single gateway. However, a host may be connected to a segment that has two or more directly
connected routers. In this case, the default gateway of the host may need to use a redirect/change request to
inform the host of the best path to a certain network.

Figure shows a network where ICMP redirects would be used. Host B sends a packet to Host C on network
10.0.0.0/8. Since Host B is not directly connected to the same network, it forwards the packet to its default
gateway, Router A. Router A finds the correct route to network 10.0.0.0/8 by looking into its route table. It
determines that the path to the network is back out the same interface the request to forward the packet came
from. It forwards the packet and sends an ICMP redirect/change request to Host B. The request instructs Host
B to use Router B as the gateway to forward all future requests to network 10.0.0.0/8.

Default gateways only send ICMP redirect/change request messages if the following conditions are met:

 The interface on which the packet comes into the router is the same interface on which the packet gets
routed out.
 The subnet/network of the source IP address is the same subnet/network of the next-hop IP address of
the routed packet.
 The datagram is not source-routed.
 The route for the redirect is not another ICMP redirect or a default route.

468
Only for individual use – not for distribute on Internet
 The router is configured to send redirects. By default, Cisco routers send ICMP redirects. The interface
subcommand no ip redirects will disable ICMP redirects.

The ICMP redirect/change request uses the format shown in Figure . It has an ICMP type code of 5. In
addition, it has a code value of 0, 1, 2, or 3.

The Router Internet Address field in the ICMP redirect is the IP address that should be used as the default
gateway for a particular network. In the example in Figure -4-, the ICMP redirect sent from Router A to Host B
would have a Router Internet Address field value of 172.16.1.200, which is the IP address of E0 on Router B.

469
Only for individual use – not for distribute on Internet

19.2.3 Clock synchronization and transit time estimation

This page explains how ICMP timestamps are used to solve clock synchronization issues.

The TCP/IP protocol suite allows systems to connect to one another over vast distances through multiple
networks. Each network provides clock synchronization in its own way. As a result, hosts on different
networks who attempt to communicate with software that requires time synchronization can encounter
problems. The ICMP timestamp message type is designed to help alleviate this problem.

The ICMP timestamp request message allows a host to ask for the current time according to the remote host.
The remote host uses an ICMP timestamp reply message to respond to the request.

The type field on an ICMP timestamp message can be either 13 for a timestamp request or 14 for a timestamp
reply. The code field value is always set to 0 because there are no additional parameters available. The ICMP
timestamp request contains an originate timestamp, which is the time on the requesting host just before the
timestamp request is sent. The receive timestamp is the time that the destination host receives the ICMP
timestamp request. The transmit timestamp is filled in just before the ICMP timestamp reply is returned.
Originate, receive, and transmit timestamps are computed in milliseconds elapsed since midnight Universal
Time (UT).

All ICMP timestamp reply messages contain the originate, receive, and transmit timestamps. Using these three
timestamps, the host can determine transit time across the network by subtracting the originate time from the
receive time. Or it could determine transit time in the return direction by subtracting the transmit time from the
current time. The host that originated the timestamp request can also estimate the local time on the remote
computer.
While ICMP timestamp messages provide a simple way to estimate time on a remote host and total network
transmit time, this is not the best way to obtain this information. Instead, more robust protocols such as
Network Time Protocol (NTP) at the upper layers of the TCP/IP protocol stack perform clock synchronization
in a more reliable manner.

470
Only for individual use – not for distribute on Internet
19.2.4 Information requests and reply message formats

This page will describe the format of ICMP information request and reply messages.

The ICMP information request and reply messages were originally intended to allow a host to determine its
network number. Figure shows the format for an ICMP information request and reply message.

Two type codes are available in this message. Type 15 signifies an information request message and type 16 is
an information reply message. This particular ICMP message type is considered obsolete. Other protocols such
as BOOTP, Reverse Address Resolution Protocol (RARP), and Dynamic Host Configuration Protocol (DHCP)
are now used to allow hosts to obtain their network numbers

19.2.5 Address mask requests

This page will explain address mask request messages and how they are used.

When a network administrator uses the process of subnetting to divide a major IP address into multiple
subnets, a new subnet mask is created. This new subnet mask is important to identify network, subnet, and host
bits in an IP address. If a host does not know the subnet mask, it may send an address mask request to the local
router. If the address of the router is known, this request may be sent directly to the router. Otherwise, the
request will be broadcast. When the router receives the request, it will respond with an address mask reply.
This address mask reply will identify the correct subnet mask. For example, assume that a host is located
within a Class B network and has an IP address of 172.16.5.2. This host does not know the subnet mask so it
broadcasts an address mask request:

Source address: 172.16.5.2

Destination address: 255.255.255.255

Protocol: ICMP = 1

Type: Address Mask Request = AM1

Code: 0

Mask: 255.255.255.0

This broadcast is received by 172.16.5.1, the local router. The router responds with the address mask reply:

Source address: 172.16.5.1

Destination address: 172.16.5.2

Protocol: ICMP = 1

Type: Address Mask Reply = AM2

Code: 0
471
Only for individual use – not for distribute on Internet
Mask: 255.255.255.0

The frame format for the address mask request and reply is shown in Figure . Figure shows the descriptions
for each field in the address mask request message. Note that the same frame format is used for both the
address mask request and the reply. However, an ICMP type number of 17 is assigned to the request and 18 is
assigned to the reply.

472
Only for individual use – not for distribute on Internet
19.2.6 Router discovery message

This page will explain what the router discovery message is and how it is used.

When a host on the network boots, and the host has not been manually configured with a default gateway, it
can learn of available routers through the process of router discovery. This process begins when the host sends
a router solicitation message to all routers and uses the multicast address 224.0.0.2 as the destination address.
Figure -1- shows the ICMP router discovery message. The router discovery message can also be broadcast to
include routers that are not configured for multicasts. If a router discovery message is sent to a router that does
not support the discovery process, the solicitation will go unanswered.

When a router that supports the discovery process receives the router discovery message, a router
advertisement is sent in return. The router advertisement frame format is shown in Figure -1-and an
explanation of each field is shown in Figure -2-.

473
Only for individual use – not for distribute on Internet
19.2.7 Router solicitation message

This page will explain why router solicitation messages are used.

A host generates an ICMP router solicitation message in response to a missing default gateway. -1- This
message is sent using multicast and it is the first step in the router discovery process. A local router will
respond with a router advertisement that identifies the default gateway for the local host. Figure -2- identifies
the frame format and Figure gives an explanation of each field.

474
Only for individual use – not for distribute on Internet
19.2.8 Congestion and flow control messages

This page will explain how source quench messages are used to solve problems related to network congestion.

If multiple computers try to access the same destination at the same time, the destination computer can be
overwhelmed with traffic. Congestion can also occur when traffic from a high speed LAN reaches a slower
WAN connection. Dropped packets occur when there is too much congestion on a network. ICMP source
quench messages are used to reduce the amount of data lost. The source quench message asks senders to
reduce the rate at which they transmit packets. Congestion will usually subside after a short period of time and
the source will slowly increase the transmission rate if no other source quench messages are received. Most
Cisco routers do not send source quench messages by default, because the source quench message may add to
the network congestion.

A small office, home office (SOHO) is a scenario where ICMP source quench messages might be used
effectively. A SOHO could consist of four computers that are networked with CAT-5 cable and have a shared
Internet connection over a 56K modem. The 10-Mbps bandwidth of the SOHO LAN could quickly overwhelm
the 56K bandwidth of the WAN link, which would result in data loss and retransmissions. The gateway host
can use an ICMP source quench message to request that the other hosts reduce their transmission rates to
prevent continued data loss. A network where congestion on the WAN link could cause communication
problems is shown in Figure .

19.2.9 Summary

This page summarizes the topics discussed in this module.

IP is an unreliable method for delivery of network data. ICMP is an error reporting protocol for IP. When
datagram delivery errors occur, ICMP is used to report these errors back to the source of the datagram. ICMP
echo request and echo reply messages allow the network administrator to test IP connectivity to aid in the
troubleshooting process.

Network communication depends on the proper configuration of TCP/IP for both sending and receiving
devices. A router also must have the TCP/IP protocol properly configured on its interfaces, and it must use an
appropriate routing protocol. To test the availability of a destination use the ICMP ping command.

Incorrect routing information can cause a datagram to travel in a circle. The datagram will not reach its
destination within the maximum hop count defined by the routing protocol. This is also known as the TTL. The
ICMP message format starts with the type, code, and checksum fields. The type field indicates the type of

475
Only for individual use – not for distribute on Internet
ICMP message being sent. The code field includes further information specific to the message type. The
checksum field, as in other types of packets, is used to verify the integrity of the data.

Destination unreachable messages are delivered to the sender when a datagram cannot be forwarded. Codes in
the message header provide information about the problem. When a datagram is not forwarded due to an error
in the header, an ICMP type 12 parameter problem message is sent to the source of the datagram.

Control messages inform hosts of conditions such as network congestion or the existence of a better gateway to
a remote network. The ICMP redirect/change request is a common control message. It is initiated by a
gateway, which is a term commonly used to describe a router.

The following situations will cause default gateways to send ICMP redirect/change request messages:

 A packet enters a router and leaves from the same interface.


 The subnet/network of the source IP address is the same as the subnet/network of the next-hop IP
address of the routed packet.
 The datagram is not source-routed.
 The route for the redirect is not another ICMP redirect or a default route.

All ICMP timestamp reply messages contain the originate, receive, and transmit timestamps. The host can
subtract the originate time from the transit time to estimate transit time across the network. Transit time will
vary based on traffic and congestion on a network

20 MODULE 9

Module Overview

A router uses a dynamic routing protocol to learn about routes to destination networks. Most routers use a
combination of dynamic routing and manually configured static routes. Regardless of the method used, when a
router determines that a route is the best path to a destination, it installs that route in its routing table. This
module will describe methods that are used to examine and interpret the contents of the routing table.

Network testing and troubleshooting are perhaps the most time consuming components of every network
administrator‘s job. Efficient testing and troubleshooting must be done in a logical, orderly, and well-
documented fashion. Otherwise, the same problems will reoccur, and the network administrator will never
truly understand the network. This module describes a structured approach to network troubleshooting and
provides some tools to use in the troubleshooting process.

Routing problems are among the most common and difficult for network administrators to diagnose. There are
many tools that make it easier to identify and solve routing problems. This module will introduce several of the
most important of these tools and provide practice in their use.

This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -2-…-4-Students who complete this module should be able to perform the following tasks:

 Use the show ip route command to gather detailed information about the routes installed on the router
476
Only for individual use – not for distribute on Internet
 Configure a default route or default network
 Understand how a router uses both Layer 2 and Layer 3 addressing to move data through the network
 Use the ping command to perform basic network connectivity tests
 Use the telnet command to verify the application layer software between source and destination
stations
 Troubleshoot by sequential testing of OSI layers
 Use the show interfaces command to confirm Layer 1 and Layer 2 problems
 Use the show ip route and show ip protocol commands to identify routing issues
 Use the show cdp command to verify Layer 2 connectivity
 Use the traceroute command to identify the path packets take between networks
 Use the show controllers serial command to ensure the proper cable is attached
 Use basicdebugcommands to monitor router activity

20.1 Examining the Routing Table

20.1.1 The show ip route command

This page will explain the functions of the show ip route command.

One of the primary functions of a router is to determine the best path to a given destination. A router learns
paths, which are also called routes, from the configurations entered by an administrator or from other routers
through routing protocols. Routers store this routing information in routing tables using on-board random
access memory (RAM). A routing table contains a list of the best available routes. Routers use the routing table
to make packet forwarding decisions.

The show ip route command displays the contents of the IP routing table. This table contains entries for all
known networks and subnetworks, as well as a code that indicates how that information was learned. The
following are some additional commands that can be used with the show ip route command:

 show ip route connected


 show ip route address
 show ip route rip
 show ip route igrp
 show ip route static

A routing table maps network prefixes to an outbound interface. When RTA receives a packet destined for
192.168.4.46, it looks for the prefix 192.168.4.0/24 in its table. RTA then forwards the packet out interface
Ethernet0 based on the routing table entry. If RTA receives a packet destined for 10.3.21.5, it sends that packet
out Serial 0/0.
The example routing table shows four routes for directly connected networks. These routes are labeled with a
C. RTA drops any packet destined for a network that is not listed in the routing table. The routing table for
RTA will have to include more routes before it can forward to other destinations. There are two ways to add
new routes:

 Static routing - An administrator manually defines routes to one or more destination networks.
 Dynamic routing - Routers follow rules defined by a routing protocol to exchange routing information
and independently select the best path.

Administratively defined routes are said to be static because they do not change until a network administrator
manually programs the changes. Routes learned from other routers are dynamic because they change
automatically as directly connected routers update each other with new information. Each method has
fundamental advantages and disadvantages. The Lab Activity will allow students to use the show ip
route command to examine routing tables.

477
Only for individual use – not for distribute on Internet

478
Only for individual use – not for distribute on Internet
20.1.2 Determining the gateway of last resort

This page will teach students how to configure a gateway of last resort and why it is used.

It is not feasible, or even desirable, for a router to maintain routes to every possible destination. Instead, routers
keep a default route, or a gateway of last resort. Default routes are used when the router is unable to match a
destination network with a more specific entry in the routing table. The router uses this default route to reach
the gateway of last resort in an effort to forward the packet.

A key scalability feature is that default routes keep routing tables as lean as possible. They make it possible for
routers to forward packets destined to any Internet host without having to maintain a table entry for every
Internet network. Default routes can be statically entered by an administrator or dynamically learned using a
routing protocol.

Default routing begins with the administrator. Before routers can dynamically exchange information, an
administrator must configure at least one router with a default route. Depending on the desired results, an
administrator can use either of the following commands to statically configure a default route:

ip default-network
or
ip route 0.0.0.0 0.0.0.0

The ip default-network command is used to establish a default route in networks that use dynamic routing
protocols. The ip default-network command is classful, which means if the router has a route to the subnet
indicated by this command, it installs the route to the major net. The ip default-network command must be
issued using the major net, in order to flag the candidate default route.

The global command ip default-network 192.168.17.0 defines the Class C network 192.168.17.0 as the
destination path for packets that have no routing table entries. Any routes to a network configured with ip
default-network will be flagged as a candidate for the default route.

The ip route 0.0.0.0/0 command can also be used to configure a default route.

Router(config)#ip route prefix mask {address 1 interface } [distance ]

After configuring a default route or default network, the command show ip route will show the following:

Gateway of last resort is 172.16.1.2 to network 0.0.0.0 The Lab Activity will show students how to
configure a gateway of last resort

479
Only for individual use – not for distribute on Internet

480
Only for individual use – not for distribute on Internet

20.1.3 Determining route source and destination

This page will explain how a router chooses a path for packet delivery.

For traffic going through a network cloud, path determination occurs at the network layer. The path
determination function enables a router to evaluate the available paths to a destination and to establish the
preferred handling of a packet. Routing services use network topology information to evaluate network paths.
This information can be configured by the network administrator or collected through dynamic processes that
are used in the network.

The network layer provides best-effort, end-to-end, packet delivery across interconnected networks. The
network layer uses the IP routing table to send packets from the source network to the destination network.
After the router determines which path to use, it forwards the packet from one interface to the interface or port
that leads to the destination. -1-, -2-

481
Only for individual use – not for distribute on Internet

20.1.4 Determining L2 and L3 addresses

This page will explain how Layer 2 and Layer 3 addresses are used to route a packet.

For a packet to get from the source to the destination, both Layer 2 and Layer 3 addresses are used. Figure
explains the process that occurs as a packet moves through a network.

The Layer 3 address is used to route the packet from the source network to the destination network. The source
and destination IP addresses remain the same. The MAC address changes at each hop or router. A data link
layer address is necessary because delivery within the network is determined by the address in the Layer 2
frame header. The Interactive Media Activity will help students recognize physical and logical addresses

482
Only for individual use – not for distribute on Internet

483
Only for individual use – not for distribute on Internet

20.1.5 Determining the route administrative distance

This page will teach students what the administrative distance of a route is and how it is used.

A router can discover routes through dynamic routing protocols or routes can be configured manually. After
the routes are discovered or configured, the router must choose the best routes to other networks.

The router uses the administrative distance of each route to determine the best path to a particular destination.
The administrative distance is a number that measures the trustworthiness of the source of the route
information. The lower the administrative distance, the more trustworthy the source.

Different routing protocols have different default administrative distances. The path with the lowest
administrative distance is installed in the routing table. In the Lab Activity, students will analyze two routing
protocols.

484
Only for individual use – not for distribute on Internet

20.1.6 Determining the route metric

This page will explain what route metrics are and how they are used. Students will also learn how IGRP
calculates route metrics.

Routing protocols use metrics to determine the best route to a destination. The metric is a value that measures
the desirability of a route. Some routing protocols use only one factor to calculate a metric. For example, RIP
v1 uses hop count as the only factor to determine the metric of a route. Other protocols base their metric on
hop count, bandwidth, delay, load, reliability, and cost.

Each routing algorithm interprets what is best in its own way. The algorithm generates a number, called the
metric value, for each path through the network. A lower metric number generally indicates a better path.

Factors such as bandwidth and delay are static because they remain the same for each interface until the router
is reconfigured or the network is redesigned. Factors such as load and reliability are dynamic because they are
calculated for each interface in real-time by the router.

The more factors that make up a metric, the greater the flexibility to tailor network operations to meet specific
needs. By default, IGRP uses the static factors bandwidth and delay to calculate a metric value. These two
factors can be configured manually to control which routes a router chooses. IGRP may also be configured to
include the dynamic factors of load and reliability in the metric calculation. By using dynamic factors, IGRP
routers can make decisions based on current conditions. If a link becomes heavily loaded or unreliable, IGRP
will increase the metric of routes using that link. An alternate route with a lower metric would be used instead.

IGRP calculates the metric by adding the weighted values of different characteristics of the link to the network
in question. Here is the formula for calculating the composite metric for IGRP:

Metric = [K1 * Bandwidth + (K2 * Bandwidth)/(256-load) + K3*Delay] * [K5/(reliability + K4)]

The default constant values are K1 = K3 = 1 and K2 = K4 = K5 = 0.

If K5 = 0, the [K5/(reliability + K4)] term is not used. Given the default values for K1 through K5, the
composite metric calculation used by IGRP reduces to Metric = Bandwidth + Delay.

485
Only for individual use – not for distribute on Internet

20.1.7 Determining the route next hop

This page will explain how a router determines the next hop for a packet.

Routing algorithms fill routing tables with a variety of information. Destination next hop associations
determine the best path and which router to forward the packet to next. This router represents the next hop on
the way to the final destination.

When a router receives an incoming packet, it checks the destination address and attempts to associate this
address with a next hop.

486
Only for individual use – not for distribute on Internet

487
Only for individual use – not for distribute on Internet
20.1.8 Determining the last routing update

This page lists some commands that are used to find the last routing update:

 show ip route
 show ip route address
 show ip protocols
 show ip rip database

488
Only for individual use – not for distribute on Internet

20.1.9 Observing multiple paths to destination

This page will discuss the support of multiple paths to the same destination by some routing protocols.

Multi-path algorithms permit traffic over multiple lines, provide better throughput, and are more reliable than
single path algorithms.

IGRP supports unequal cost path load balancing, which is known as variance. The variance command instructs
the router to include routes with a metric less than n times the minimum metric route for that destination,
where n is the number specified by the variance command. The variable n can take a value between 1 and 128,
with the default being 1, which means equal cost load balancing.

rt1 has two routes to network 192.168.30.0. The variance command will be set on rt1 to ensure that both paths
to network 192.168.30.0 are utilized.

Figure shows the output from show ip route from rt1 before the variance is configured. FastEthernet 0/0 is
the only route to 192.168.30.0. This route has an Administrative Distance of 100 and a metric of 8986.

Figure shows the output from show ip route from rt1 after the variance is configured. The preferred route is
interface FastEthernet 0/0, but Serial 0/0 will also be used. After the variance command is executed, IGRP
will use load balancing between the two links.

489
Only for individual use – not for distribute on Internet

20.2 Network Testing

20.2.1 Introduction to network testing

This page will give students an overview of how to test a network. Basic testing of a network should proceed in
sequence from one OSI reference model layer to the next. Begin with Layer 1 and work up to Layer 7, if
necessary. At Layer 1, look for simple problems such as power cords plugged in the wall and other physical
connections. The most common problems that occur on IP networks result from errors in the addressing
scheme. It is important to test the address configuration before continuing with further configuration steps.
Each test presented in this lesson focuses on network operations at a specific layer of the OSI model. At Layer
3, the commands telnet and ping are used to test the network.

490
Only for individual use – not for distribute on Internet
20.2.2 Using a structured approach to troubleshooting

Troubleshooting is a process that allows a user to find problems on a network. This page explains why an
orderly process should be used to troubleshoot a network. This process should be based on the networking
standards set in place by a network administrator. Documentation is a very important part of the
troubleshooting process.

The steps in this model are as follows:

Step 1 Collect all available information and analyze the symptoms of the failure.

Step 2 Localize the problem to a particular network segment, module, unit, or user.

Step 3 Isolate the trouble to specific hardware or software within the unit, module, or user network account.

Step 4 Locate and correct the problem.

Step 5 Verify that the problem has been solved.

Step 6 Document the problem and the solution.

Figure shows another approach to troubleshooting. These are not the only ways to troubleshoot a network.
However, an orderly process is important to keep a network running smoothly and efficiently.

When a structured approach is used, every member of a network support team knows which steps the other
team members have completed to troubleshoot the network. If a variety of troubleshooting ideas are tried with
no organization or documentation, problem solving is not efficient. Even if a problem is solved in the non-
structured environment, it will be difficult to replicate the solution for similar problems.

491
Only for individual use – not for distribute on Internet

492
Only for individual use – not for distribute on Internet

20.2.3 Testing by OSI layers

This page will describe the types of errors that occur at the first three layers of the OSI model.

Layer 1 errors can include the following:

 Broken cables
 Disconnected cables
 Cables connected to the wrong ports
 Intermittent cable connection
 Rollover, crossover, or straight-through cables used incorrectly
 Transceiver problems
 DCE cable problems
 DTE cable problems
 Devices turned off

Layer 2 errors can include the following:

 Improperly configured serial interfaces


 Improperly configured Ethernet interfaces
 Improper encapsulation set
 Improper clockrate settings on serial interfaces
 Network interface card (NIC) problems

Layer 3 errors can include the following:

 Routing protocol not enabled


 Wrong routing protocol enabled
 Incorrect IP addresses
 Incorrect subnet masks

If errors appear on the network, the process of testing through the OSI layers should begin. The ping command
is used at Layer 3 to test connectivity. At Layer 7 the telnet command may be used to verify the application
layer software between source and destination stations. Both of these commands will be discussed in detail in a
later section.

493
Only for individual use – not for distribute on Internet

20.2.4 Layer 1 troubleshooting using indicators

The page will explain how to troubleshoot Layer 1 issues with the help of indicator lights. Most interfaces or
NICs have indicator lights that show if there is a valid connection. This light is often called the link light. The
interface may also have lights to indicate when traffic is transmitted (TX) or received (RX). If the interface has
indicator lights that do not show a valid connection, check for faulty or incorrect cabling. If cabling is correct,
power off the device and reseat the interface card.

Check to make sure that all cables are connected to the appropriate ports. Make sure that all cross-connects are
properly patched to the correct location using the appropriate cable and method.

Verify that the proper cable is used. A crossover cable may be required for direct connections between two
switches or hubs, or between two hosts such as PCs or routers. Verify that the cable from the source interface
is properly connected and is in good condition. If there is doubt that the connection is good, reseat the cable
and ensure that the connection is secure. Try replacing the cable with a known working cable. If this cable
connects to a wall jack, use a cable tester to ensure that the jack is properly wired.

Also check any transceiver in use to ensure that it is the correct type, is properly connected, and is properly
configured. If the problem continues after the cable is replaced, replace the transceiver if one is used.
Always check to make sure that the device is powered on. Always check the basics before running diagnostics
or attempting complex troubleshooting.

494
Only for individual use – not for distribute on Internet
20.2.5 Layer 3 troubleshooting using ping

This page will explain how the ping utility can be used to test network connectivity. Many network protocols
support an echo protocol to help diagnose basic network connectivity. Echo protocols are used to determine if
protocol packets are routed. The ping command sends a packet to the destination host and then waits for a
reply packet from that host. Results from this echo protocol can help evaluate the path-to-host reliability,
delays over the path, and whether the host can be reached or is functioning. The ping output displays the
minimum, average, and maximum times it takes for a ping packet to find a specified system and return. The
ping command uses ICMP to verify the hardware connection and the logical address of the network layer. This
is a very basic way to test network connectivity. Figure shows the ICMP message types. This is a very basic
testing mechanism for network connectivity.

In Figure , the ping target 172.16.1.5 responded successfully to all five datagrams sent. Each exclamation
point (!) indicates a successful echo. One or more periods (.) indicates that the application on the router timed
out before it received a packet echo from the ping target.
The following command activates a diagnostic tool that is used to test connectivity:

Router#ping [protocol] {host | address}

To test network connectivity, the ping command sends ICMP echo requests to a target host and measures how
long it takes to reply. The ping command tracks the number of packets sent, the number of replies received,
and the percentage of packets lost. It also tracks the amount of time required for packets to reach the
destination and for replies to be received. This information can be used to verify communications between
hosts and determine if information was lost.
The ping command can be invoked from both user EXEC mode and privileged EXEC mode. The ping
command can be used to confirm basic network connectivity on AppleTalk, ISO Connectionless Network
Service (CLNS), IP, Novell, Apollo, VINES, DECnet, or XNS networks.
The use of an extended ping command directs the router to perform a more extensive range of test options. To
use extended ping, type ping at the command line, and press the Enter key. Prompts will appear each time the
Enter key is pressed. These prompts provide many more options than with a standard ping.

Use the ping command when the network functions properly to see how the command works under normal
conditions. This can be used as a comparison, or baseline, when troubleshooting. The Lab Activity will allow
students to use the ping command to send an ICMP echo request.

495
Only for individual use – not for distribute on Internet

20.2.6 Layer 7 troubleshooting using Telnet

This page will explain how Telnet can be used to troubleshoot the application layer.

The Telnet utility is a virtual terminal protocol that is part of the TCP/IP protocol suite. It allows verification of
the application layer software between source and destination stations. This is the most complete test
496
Only for individual use – not for distribute on Internet
mechanism available. The Telnet utility is normally used to connect remote devices, to gather information, and
to run programs.

The Telnet application provides a virtual terminal connection to routers that use TCP/IP. For troubleshooting
purposes, it is useful to verify that a connection can be made using Telnet. This proves that at least one TCP/IP
application is able to connect end-to-end. A successful Telnet connection indicates that the upper-layer
application and the services of lower layers are functioning properly.

If an administrator can Telnet to one router but not to another router, verify lower layer connectivity. If
connectivity has been verified, it is likely that the Telnet failure is caused by specific addressing, naming, or
access permission problems. These problems can exist on the administrator's router or on the router that failed
as a Telnet target.

If the Telnet to a particular server fails from one host, Telnet from a router and other devices. If a login prompt
is not achieved during Telnet, check the following:

 A reverse DNS lookup may not be found on the client address. Many Telnet servers will not allow
connections from IP addresses that have no DNS entry. This is a common problem for DHCP-assigned
addresses if the administrator has not added DNS entries for the DHCP pools.
 It is possible that a Telnet application cannot negotiate the appropriate options and will not connect. On
a Cisco router, this negotiation process can be viewed with the debug telnet command.
 It is possible that Telnet is disabled or has been moved to a port other than 23 on the destination server.

The Lab Activity will allow students to troubleshoot a network with Telnet and the ping command. The
Interactive Media Activity will help students become more familiar with Telnet

20.3 Troubleshooting Router Issues Overview

20.3.1 Troubleshooting Layer 1 using show interfaces

This page will discuss show commands and explain how they are used to troubleshoot Layer 1 issues.

The Cisco IOS contains many commands for troubleshooting. Among the more widely used are the show
commands. Every aspect of the router can be viewed with one or more of the show commands.
The show command used to check the status and statistics of the interfaces is the show interfaces command.
The show interfaces command without arguments returns status and statistics on all the router ports.
The show interfaces <interface name> returns the status and statistics of only the named port. To view the
status of Serial 0/0, use show interfaces serial 0/0.

497
Only for individual use – not for distribute on Internet
The status of two important portions of the interfaces is shown with the show interfaces command. They are
the physical, or hardware portion and logical, or software, portion. These can be related to the Layer 1 and the
Layer 2 functions.

The hardware includes cables, connectors, and interfaces showing the condition of the physical connection
between the devices. The software status shows the state of messages such as keepalives, control information,
and user information that are passed between adjacent devices. This relates to the condition of a Layer 2
protocol passed between two connected router interfaces.

These important elements can be demonstrated by an example of a serial port on a modular router.
The show interfaces serial 0/0 command displays the line and data-link protocol status of serial port one.

The first parameter refers to the hardware layer and indicates if the interface receives a Carrier Detect (CD)
signal from the other end of the connection. If the line is down, a problem may exist with the cabling,
equipment somewhere in the circuit may be powered off or malfunctioning, or one end may be
administratively down. If the interface is administratively down it has been manually disabled in the
configuration.

The show interfaces serial 0/0 command also provides information to help diagnose other Layer 1 issues that
are not as easy to determine. An increasing number of carrier transitions counts on a serial link may indicate
one or more of the following problems:

 Line interruptions due to problems in the service provider network


 Faulty switch, DSU, or router hardware

If an increasing number of input errors appear in the show interfaces serial 0/0 output, there are several
possible sources of those errors. Some common Layer 1 problems are as follows:

 Faulty telephone company equipment


 Noisy serial line
 Incorrect cable or cable length
 Damaged cable or connection
 Defective CSU or DSU
 Defective router hardware

Another area to examine is number of interface resets. These are the result of too many missed keepalives.
The following Layer 1 problems could be a cause of interface resets:

 Bad line that causes carrier transitions


 Possible hardware problem at the CSU, DSU, or switch

If carrier transitions and interface resets are increasing or if input errors are high while this occurs, the problem
is likely to be a bad link or defective CSU or DSU.

The number of errors should be interpreted relative to the amount of traffic that the router has processed and
the amount of time that the statistics have been captured. The router tracks statistics that provide information
about the interface. The statistics reflect router operation since it was started or since the last time the counters
were cleared.

If the show interfaces output shows the last clearing of the counters as never, use the show version command
to find out how long the router has been functional.

Use the clear counters privileged EXEC command to reset the counters to zero. These counters should always
be cleared after an interface problem has been corrected. This reset to zero gives a better picture of the current
status of the network and will help verify that an issue has been corrected.
498
Only for individual use – not for distribute on Internet

499
Only for individual use – not for distribute on Internet

20.3.2 Troubleshooting Layer 2 using show interfaces

This page will further explain why the show interfaces command may be the most important tool to discover
Layer 1 and Layer 2 problems with the router. The first parameter, which is line, refers to the physical layer.
The second parameter, which is protocol, indicates if the IOS processes that control the line protocol consider
the interface usable. This is determined by whether keepalives are successfully received. Keepalives are
defined as messages sent by one network device to inform another network device that the virtual circuit
between the two is still active. If the interface misses three consecutive keepalives, the line protocol is marked
as down.

When the line is down, the protocol is always down, because there is no useable media for the Layer 2
protocol. This will be true when the interface is down due to a hardware problem and when it is
administratively down.

500
Only for individual use – not for distribute on Internet
If the interface is up and the line protocol is down, a Layer 2 problem exists. Possible causes are as follows:

 No keepalives
 No clock rate
 Mismatch in encapsulation type

The show interfaces command should be used after configuring a serial interface to verify the changes and
that the interface is operational. The Interactive Media activity will help students understand the show
interfaces command

20.3.3 Troubleshooting using show cdp

This page will explain the functions of the show cdp command.

CDP advertises device information to its direct neighbors. This includes MAC and IP addresses and outgoing
interfaces.

The output from the show cdp neighbors command displays information about directly connected Cisco
device neighbors. This information is useful for debugging connectivity issues. If a cabling problem is
suspected, enable the interfaces with the no shutdown command and then execute the show cdp neighbors
detail command before any other configuration. The command displays specific device detail such as the
active interfaces, the port ID, and the device. The version of Cisco IOS that is running on the remote devices is
also shown.

If the physical layer functions properly, then all other directly connected Cisco devices should be displayed. If
no known device appears, this usually indicates a Layer 1 problem.

501
Only for individual use – not for distribute on Internet
One area of concern with CDP is security. The amount of information CDP provides is so extensive that it can
be a potential security hole. For security reasons CDP should be configured only on links between Cisco
devices and disabled on user ports or links that are not locally managed. In the Lab Activity, students will use
the show cdp command to learn about network devices

502
Only for individual use – not for distribute on Internet
20.3.4 Troubleshooting using traceroute

This page will describe the functions of the traceroute command.

The traceroute command is often referred to as the trace command in reference materials. However, the
correct command syntax is traceroute. The traceroute command displays the routes that packets take to their
destinations. The traceroute command can also be used to test each hop at the network layer and provide
performance benchmarks.

The output of the traceroute command generates a list of hops that were successfully reached. If the data
successfully reaches the intended destination, then the output indicates every router that the datagram passes
through. This output can be captured and used for future troubleshooting of the internetwork.

Traceroute output will also indicate the specific hop at which the failure occurs. A line of output is generated
on the terminal for each router in the path. This indicates the IP address of the interface that the data entered. If
an asterisk (*) appears, the packet failed. To isolate the problem area, obtain the last good hop from the
traceroute output and compare it to a diagram of the internetwork.

The traceroute command also provides information about the performance of links. The round trip time (RTT)
is the time required to send an echo packet and get a response. This is useful for an approximate idea of the
delay on the link. These figures are not precise enough to be used for an accurate performance evaluation.
However, this output can be captured and used for future performance troubleshooting of the internetwork.

Notice that the device receiving the traceroute also has to know how to send the reply back to the source of the
traceroute. For the traceroute or ping data to make the round trip between routers, there must be known routes
in both directions. A failed response is not always an indication of a problem because ICMP messages could be
rate-limited or filtered at the host site. This is especially true across the Internet.

Traceroute sends out a sequence of User Datagram Protocol (UDP) datagrams from the router to an invalid
port address on the remote host. For the first sequence of three datagrams, a TTL field value is set to 1. The
TTL value of 1 causes the datagram to time out at the first router in the path. This router then responds with an
ICMP Time Exceeded Message (TEM) indicating that the datagram has expired.

Three more UDP messages are now sent, this time with the TTL value set to 2. This causes the second router to
return ICMP TEMs. This process continues until the packets actually reach the other destination or the
maximum TTL has been reached. The default maximum TTL for traceroute is 30.

Since these datagrams are trying to access an invalid port at the destination host, ICMP Port Unreachable
Messages are returned instead of ICMP TEMs. This indicates an unreachable port and signals the Traceroute
program to end the process. The Lab Activity will help students become more familiar with the traceroute
command.

503
Only for individual use – not for distribute on Internet
20.3.5 Troubleshooting routing issues

This page will describe the show ip protocols and show ip route commands. These commands display
information about routing protocols and the routing table. The output from these commands can be used to
verify the routing protocol configuration.

The show ip route command may be the most important command used to troubleshoot routing issues. This
command displays the contents of the IP routing table. The output from the show ip route command shows the
entries for all known networks and subnetworks, and how that information was learned.

If there is a problem reaching a host in a particular network, then the output of the show ip route command
can be used to verify that the router has a route to that network.

If the output of the show ip route command does not show the expected learned routes, or any learned routes,
then the problem may be that routing information has not been exchanged. In this case, use the show ip
protocols command on the router to check for a routing protocol configuration error.

The show ip protocols command displays values about IP routing protocol information on the entire router.
This command can be used to confirm which protocols are configured, which networks are being advertised,
which interfaces are sending updates, and the sources of routing updates. The show ip protocols output also
shows timers, filters, route summarization, route redistribution, and other parameters that are specific to each
routing protocol that is enabled on the router. When multiple routing protocols are configured, the information
about each protocol is listed in a separate section.

The show ip protocols command output can be used to diagnose many routing issues. For example, it can be
used to identify a router that may advertise incorrect routing information. This command may be used to
confirm that expected protocols, advertised networks, and routing neighbors are present. It is important to have
documentation that indicates the expected results, or baseline information, when a problem occurs. It may be
impossible to identify the problem without such documentation. The Lab Activity will teach students how to
use the show ip route and show ip protocols command

504
Only for individual use – not for distribute on Internet

20.3.6 Troubleshooting using show controllers

This page will teach students about troubleshooting using the show controllers command. Router
configuration and troubleshooting can be performed remotely when physical inspection of the connections is
not possible. The show controllers command is useful to determine the type of cable connected without
inspecting the cables.
The output displayed by the show controllers command indicates the type of cable detected by the controller.
This is useful for finding a serial interface with no cable, the wrong type of cable, or a defective cable.

The show controllers serial 0/0 command queries the integrated circuit, or controller chip, that controls the
serial interfaces and displays information about the physical interface serial 0/0. This output varies for different
controller chips.
Regardless of the controller chip type, the show controllers command produces a large amount of output.
Other than the cable type, most of this output is internal technical detail about the controller chip status.
Without specific knowledge of the integrated circuit, this information is of little use. The Lab Activity will
show students how to troubleshoot with the show controllers command

505
Only for individual use – not for distribute on Internet
20.3.7 Introduction to debug

This page will explain the functions of the debug command.

The debug commands assist in the isolation of protocol and configuration problems. The debug command is
used to display dynamic data and events. Since the show commands only display static information, they
provide a historical picture of the router operation. The debug command output gives more insight into the
current events of the router. These events could be traffic on an interface, error messages generated by nodes
on the network, protocol-specific diagnostic packets, and other useful troubleshooting data. The dynamic
output of the debug command creates performance issues. This command produces high processor overhead
that may disrupt normal router operation. For this reason, debug should be used conservatively. Use debug
commands to examine specific types of traffic or problems after likely problems have been narrowed a few
causes. The debug command should be used to isolate problems and not to monitor normal network operation.

WARNING:
The debug all command should be used sparingly as this can disrupt router operations.

By default, the router sends the debug output and system messages to the console. If a Telnet session is used to
examine the router, then the debug output and system messages can be redirected to the remote terminal. This
is done through the Telnet session with the terminal monitor command. Use extra caution when the debug
commands are selected from a Telnet session. No command should be selected that will cause the debug
output to create additional traffic that creates debug output. If this occurs, the Telnet session will rapidly
saturate the link with traffic or the router will exhaust one or more resources. A good rule to follow to prevent
this recursion of traffic is to never debug any activity on the port where the session is established.

The output of the different debug commands varies. Some may frequently generate many lines while others
produce a line or two of output every few minutes.

Another IOS software service that will enhance the usefulness of the debug output is the timestamps
command. This command will put a timestamp on a debug message. This information provides the time when
the debug event occurred and the duration of time between events.

This is often very useful when troubleshooting intermittent problems. By time stamping the output, a pattern of
occurrence is often recognized. This helps to isolate the source of the problem. This also prevents the
technician from intently watching the debug output for what may seem like hours.

The following command configures a timestamp that will show the hour:minute:second of the output, the
amount of time since the router was last powered up, or when a reload command was executed:

GAD(config)#service timestamps debug uptime

The output from this is useful to determine the time between events. To determine how long since the last
occurrence of the debug event, the time since the last reload has to be used as a reference. This time can be
found with the show version command.

A more practical use of the timestamps is to have it display the time and date that the event occurred. This will
simplify the process of determining the last occurrence of the debug event. This is done using the datetime
option:

GAD(config)#service timestamps debug datetime localtime

506
Only for individual use – not for distribute on Internet
It should be noted that this command is only useful if the clock is set on the router. Otherwise, the timestamp
shown in the debug output is not an accurate time. To ensure that the timestamps are correct, the router clock
should be set to the correct time from privileged EXEC mode with the following command:

GAD#clock set 15:46:00 3 May 2004

NOTE: On some Cisco platforms, the router clock is not backed up with a battery source, so the system time
will need to be reset after a router reload or power failure.

The no debug all and undebug all commands turn off all diagnostic output. To disable a particular debug
command, use the no form of the command. For example, if the debug ip rip command is used to monitor
RIP, it can be disabled with no debug ip rip. To view what is currently being examined by a debug command,
use show debugging.

507
Only for individual use – not for distribute on Internet

508
Only for individual use – not for distribute on Internet
20.3.8 Summary

This page summarizes the topics discussed in this module.

The show ip route command is used to gather detailed information about the routes installed on the router. It
displays the contents of the IP routing table. New routes may be added with static routing, which allows an
administrator to manually define routes, or with dynamic routing, which uses the rules defined by a routing
protocol to exchange information and determine the best path.

Default routes are used when the router is unable to match a destination network with a more specific entry in
the routing table. The router uses this default route to reach the gateway of last resort in an effort to forward the
packet.

The path determination function occurs at the network layer of the OSI model. It enables a router to evaluate
the available paths to a destination and to establish the preferred handling of a packet. This information is
configured manually or collected dynamically. The administrative distance of the route is used by the router to
decide what the best path is to a particular destination. The administrative distance is a number that measures
the trustworthiness of the source of the route information. Lower administrative distances indicate more
trustworthy sources.
To determine the best route to a destination, routing protocols use a value that measures the desirability of a
route called a metric. The metric is usually determined by factors such as hop count, bandwidth, delay, load,
reliability, and cost. Typically, the smaller the metric number, the better the path.
Troubleshooting should be an orderly process based on the networking standards set in place by an
administrator. Documentation is an important part of the troubleshooting process. Indicator lights are a useful
tool for troubleshooting at Layer 1. At Layer 3, ping is used to test network connectivity. Telnet connections
are used to verify the application layer software between a source and a destination.
The show interfaces command shows the status of two important portions of the interfaces. They are the
physical or hardware portion and logical or software portion. These can be related to the Layer 1 and the Layer
2 functions. If the interface is up and the line protocol is down, a Layer 2 problem exists. If the physical layer
is properly functioning, then all other directly connected Cisco devices should be displayed. If no known
device appears, a Layer 1 problem likely exists.

To debug connectivity issues, the show cdp neighbors command is used to display information about directly
connected neighbors. Use the traceroute command to trace the routes that packets take to destinations. This
command can be used to test the network layer at each hop and provide performance benchmarks.

To verify the routing protocol configuration, use the show ip protocols and show ip route commands. These
commands display information about routing protocols and the routing table. To determine the type of cable
connected without inspecting the cables, use the show controllers command.

The debug command is used to display dynamic data and events. Since the show commands only display static
information, they provide a historical picture of the router operation. The debug command output gives more
insight to the current events of the router.

509
Only for individual use – not for distribute on Internet
21 MODULE 10

Module Overview

Routers use the IP address information in an IP packet header to determine the interface to which a packet
should be switched based on its destination. Since IP does not ensure that the packet reaches the destination, it
is described as an unreliable, connectionless protocol, that uses best-effort delivery. If packets are dropped in
route, arrive in the wrong order, or are transmitted faster than the receiver can accept them, IP alone cannot
correct the problem. To address these problems, IP relies on TCP. This module describes TCP and its functions
and introduces UDP, another important Layer 4 protocol.

Each layer within the OSI reference model has various functions. These functions are independent of the other
layers. Each layer expects to receive services from the layer beneath it, and each layer provides certain services
to the layer above it. The application, presentation, and session layers of the OSI model, which are all
considered to be part of the application layer in the TCP/IP model, access the services of the transport layer
through logical entities called ports. This module will introduce the concept of ports and will explain the
critical importance of ports and port numbers in data networking.

This module covers some of the objectives for the CCNA 640-801, INTRO 640-821, and ICND 640-811
exams. -

Students who complete this module should be able to perform the following tasks:

 Describe TCP and its functions


 Describe TCP synchronization and flow control
 Describe UDP operation and processes
 Identify common port numbers
 Describe multiple conversations between hosts
 Identify ports used for services and clients
 Describe port numbering and well known ports
 Understand the differences and the relationship between MAC addresses, IP addresses, and port
numbers

21.1 TCP Operation

21.1.1 TCP operation

This page will explain how the transport layer provides reliability and flow control.

IP addresses allow for the routing of packets between networks. However, IP makes no guarantees about
delivery. The transport layer is responsible for the reliable transport of and regulation of data flow from source
to destination. This is accomplished through the use of sliding windows and sequencing numbers along with a
synchronization process. This process ensures that each host is ready and willing to communicate.

To understand reliability and flow control, think of a student who studies a foreign language for one year. Now
imagine the student visits a country where the language is used. The student must ask people to repeat their
words for reliability and to speak slowly for comprehension, which relates to the concept of flow control. The
transport layer, which is Layer 4 of the OSI model, uses TCP to provide these services to Layer 5.

510
Only for individual use – not for distribute on Internet

21.1.2 Synchronization or three-way handshake

This page will explain the synchronization process that TCP uses. The process is also called a three-way
handshake.

TCP is a connection-oriented protocol. Prior to data transmission, the two communicating hosts go through a
synchronization process to establish a virtual connection for each session between hosts. This synchronization
process ensures that both sides are ready for data transmission and allows the devices to determine the initial
sequence numbers for that session. This process is known as a three-way handshake. This is a three-step
process that establishes the virtual connection between the two devices. It is also important to note that the
three-way handshake is initiated by a client host. To establish a TCP session, the client host will use the well-
known port number of the service it wishes to contact on a server host.

In step one, the initiating host (client) sends a synchronization (SYN flag set) packet to initiate a connection.
This indicates that a packet has a valid initial Sequence Number value in this segment for this session of x. The
SYN bit set in the header indicates a connection request. The SYN bit is single bit in the code field of the TCP
segment header. The Sequence Number is a 32 bit field TCP segment header.

In step two, the other host receives the packet, records the Sequence Number of x from the client, and replies
with an acknowledgment (ACK flag set). The ACK control bit set indicates that the Acknowledgment Number
field contains a valid acknowledgment value. The ACK flag is a single bit in the code field of the TCP segment
header and the Acknowledgment Number is a 32 bit field TCP segment header. Once a connection is
established, the ACK flag is set for all segments during the session. The Acknowledgment Number field
contains the next sequence number that this host is expecting to receive (x + 1). The Acknowledgment Number
of x + 1 means the host has received all bytes up to and including x, and expects to next receive byte x + 1. The
host also initiates a return session. This includes a TCP segment with its own initial Sequence Number value of
y and with the SYN flag set.

In step three, the initiating host responds with a simple Acknowledgment Number value of y + 1, which is the
Sequence Number value of Host B + 1. This indicates that it received the previous acknowledgment and
finalizes the connection process for this session.

It is important to understand that initial sequence numbers are used to initiate communication between two
devices. They act as reference starting numbers between the two devices. The sequence numbers give each
host a way to acknowledge so that the receiver knows the sender is responding to the proper connection
request. The Interactive Media Activity will help students understand synchronization

511
Only for individual use – not for distribute on Internet

21.1.3 Denial of service attacks

This page will teach students about denial of service (DoS) attacks. DoS attacks are designed to deny services
to legitimate hosts that try to establish connections. DoS attacks are commonly used by hackers to halt system
responses. One type of DoS is known as SYN flooding. SYN flooding exploits the normal three-way
handshake and causes targeted devices to acknowledge to source addresses that will not complete the
handshake.

The three-way handshake begins when the initiating host sends a SYN packet. The SYN packet includes the
source IP address and the destination IP address. This source and destination address information is used by the
recipient to send the acknowledgment packet back to the initiating device.

In a DoS attack, the hacker initiates a SYN but spoofs the source IP address. Spoofing is a term used when the
receiving device replies to a non-existent, unreachable IP address and then is placed in a wait state until it
receives the final acknowledgment from the initiator. The waiting request is placed in a connection queue or a
holding area in memory. This wait state requires the attacked device to use system resources, such as memory,
until the connection timer times out. Hackers will flood the attacked host with false SYN requests to utilize all
of its connection resources and prevent it from responding to legitimate connection requests.

512
Only for individual use – not for distribute on Internet
To defend against these attacks, system administrators may decrease the connection timeout period and
increase the connection queue size. Software also exists that can detect these types of attacks and initiate
defensive measures.

21.1.4 Windowing and window size

This page will explain how TCP uses windows to provide flow control.

The amount of data that needs to be transmitted is often too large to be sent in a single data segment. In this
case, the data must be broken into smaller pieces to allow for proper data transmission. TCP is responsible for
breaking data into segments. This can be compared to the way that small children are fed. Their food is cut into
smaller pieces that their mouths can accommodate. Additionally, a device may not be able to receive data as
quickly as the source can send it. The device may be busy with other tasks or the sender may be a more robust
device.

Once the data is segmented, it must be transmitted to the destination device. One of the services provided by
TCP is flow control, which regulates how much data is sent during a given transmission period. The process of
flow control is known as windowing.

Window size determines the amount of data that can be transmitted at one time before the destination responds
with an acknowledgment. After a host transmits the window-sized number of bytes, the host must receive an
acknowledgment that the data has been received before it can send any more data. For example, if the window
size is 1, each byte must be acknowledged before the next byte is sent.

TCP utilizes windowing to dynamically determine transmission size. Devices negotiate a window size to allow
a specific number of bytes to be transmitted before an acknowledgment.

This process of dynamically varying the window size increases reliability. The window size can be varied
based upon acknowledgments. The Interactive Media Activity will help students understand the concept of
windowing.

513
Only for individual use – not for distribute on Internet

21.1.5 Sequencing numbers

This page explains how TCP uses sequence numbers for reliable data transmissions.

TCP breaks data into segments. After the synchronization process occurs and the window size has been
established, the data segments are transported from the sender to the receiver. The data segments must be

514
Only for individual use – not for distribute on Internet
reassembled after all the data is received. There is no guarantee that the data will arrive in the order it was
transmitted. TCP applies sequence numbers to the data segments that are transmitted so that the receiver can
reassemble the bytes in their original order. This way, if TCP segments arrive out of order, the segments will
still be assembled correctly.

These sequencing numbers also act as reference numbers so that the receiver will know if it has received all of
the data. They also identify the missing data pieces to the sender so it can retransmit the missing data. This
offers increased efficiency since the sender only needs to resend the missing segments instead of the entire set
of data. Each TCP segment is numbered before transmission.
The sequence number portion comes after the destination port in the segment format. At the receiving station,
TCP uses the sequence numbers to reassemble the segments into a complete message. If a sequence number is
missing in the series, that segment is retransmitted

21.1.6 Positive acknowledgments

This page explains how positive acknowledgments are used to enhance reliability.

515
Only for individual use – not for distribute on Internet
Acknowledgment is a common step in the synchronization process, which includes sliding windows and data
sequencing. In a TCP segment, the sequence number field is followed by the Acknowledgment Number field.
This field is where tracking of transmitted and received bytes are indicated.

One problem with the IP protocol is that there is no verification method to determine if data segments reach
their destination. So data segments may be constantly forwarded with no knowledge as to whether or not they
were actually received. TCP uses positive acknowledgment and retransmission (PAR) to control data flow and
confirm data delivery.

Many protocols use PAR to provide reliability. With PAR, the source sends a packet, starts a timer, and waits
for an acknowledgment before it sends the next packet in the session. If the timer expires before the source
receives an acknowledgment, the source retransmits the packet and resets the timer. The acknowledgment is
provided by the value of Acknowledgment Number and the ACK flag set in the TCP header. TCP uses
expectational acknowledgment in which the Acknowledgment Number value refers to the next octet that is
expected as part of the TCP session.

Windowing is a flow control mechanism that requires the source device to receive an acknowledgment from
the destination after a specific amount of data bytes has been transmitted. With a window size of three, the
source device can send three octets to the destination. It must then wait for an acknowledgment of these bytes.
If the destination receives the three octets, it sends an acknowledgment to the source device, which can then
transmit three more octets. If the destination does not receive the three octets, it does not send an
acknowledgment. This may be caused by overflowing buffers or packets lost in transit. Since the source does
not receive an acknowledgment, it knows that the octets should be retransmitted and that the window size
should be reduced. This window size reduction provides the receiving host less bytes to process from its
buffers before more data arrives. This effectively slows the communication between hosts to provide more
reliability between the hosts.

The Lab Activity will teach students how to enable and monitor multiple host sessions. The Interactive Media
Activity will help students become more familiar with windows.

516
Only for individual use – not for distribute on Internet

21.1.7 UDP operation

This page will explain the similarities and differences between TCP and UDP.

The TCP/IP protocol stack contains many different protocols, each designed to perform a certain task. IP
provides Layer 3 connectionless transport through an internetwork. TCP enables connection-oriented, reliable
transmission of packets at Layer 4 of the OSI model. UDP provides connectionless, unreliable transmission of
packets at Layer 4 of the OSI model.

Both TCP and UDP use IP as their Layer 3 protocol. In addition, TCP and UDP are used by various application
layer protocols. TCP provides services for applications such as FTP, HTTP, SMTP, and DNS. UDP is the
transport layer protocol used by DNS, TFTP, SNMP, and DHCP.

TCP must be used when applications need to guarantee that a packet arrives intact, in sequence, and
unduplicated. The overhead necessary to ensure delivery of a packet is sometimes a problem with TCP. Not all
applications need to guarantee delivery of the data packet, so they use the faster, connectionless delivery
mechanism afforded by UDP. The UDP protocol standard is described in RFC 768.

UDP does not use windowing or ACKs so application layer protocols must provide error detection.

The Source Port field is an optional field used only if information needs to return to the sending host. When a
destination router receives a routing update, the source router is not requesting anything so nothing needs to
return to the source. There is no exchange of information or data. The Destination Port field specifies the
application to which UDP needs to pass the protocol. A DNS request from a host to a DNS server would have
a Destination Port field of 53, the UDP port number for DNS. The Length field identifies the number of octets
in the UDP segment. The UDP checksum is optional but should be used to ensure that the data has not been
damaged during transmission. For transport across the network, UDP is encapsulated within the IP packet.

Once a UDP segment arrives at the destination IP address, a mechanism must exist which allows the receiving
host to determine the exact destination application. Destination ports are used for this purpose. If a host is
running both TFTP and DNS services, it must be able to determine what service the arriving UDP segments
need. The Destination Port field in the UDP header determines the application to which a UDP segment will be
delivered.

517
Only for individual use – not for distribute on Internet

21.2 Overview of Transport Layer Ports

21.2.1 Multiple conversations between hosts

This page will explain how hosts handle multiple conversations at the same time.

At any given moment, thousands of packets that provide hundreds of different services travel through a modern
network. Many servers use a multitude of services and this causes unique problems for the addressing of
packets. If a server is running both SMTP and HTTP, it uses the destination port field to determine what
service the source is requesting. The source cannot construct a packet destined for just the server IP address
because the destination would not know what service was being requested. A port number must be associated
with the conversation between hosts to ensure that the packet reaches the appropriate service on the server. If a
server could not distinguish between different conversations, a client could not send an e-mail and browse a
Web page at the same time. A method for transport layer conversations to be separated must be used.

Hosts running TCP/IP associate ports at the transport layer with certain applications. Port numbers are used to
keep track of different conversations that cross the network at the same time. Port numbers are needed for a
host to communicate with a server that uses multiple services. Both TCP and UDP use port or socket numbers
to pass information to the upper layers.

Application software developers have agreed to use the well-known port numbers that are defined in RFC1700.
Any conversation bound for the FTP application uses the standard port number 21. Conversations that do not
involve applications with well-known port numbers are assigned port numbers that have been randomly
selected from within a specific range. These port numbers are used as source and destination addresses in the
TCP segment.

518
Only for individual use – not for distribute on Internet
Port numbers have the following assigned ranges:

 The Well Known Ports are those from 0 through 1023


 The Registered Ports are those from 1024 through 49151
 The Dynamic and/or Private Ports are those from 49152 through 65535

Systems initiating communication requests use port numbers to select proper applications. Source port
numbers for these requests are dynamically assigned by the originating host, and are usually a number larger
than 1023. Port numbers in the range of 0-1023 are considered public port numbers and are controlled by the
Internet Assigned Numbers Authority (IANA).

Post office box numbers are a good analogy for port numbers. A piece of mail may be sent to a zip code, city,
and P.O. box. The zip code and city direct mail to the correct general mail facility while the P.O. box ensures
the item is delivered to the one individual to whom the mail is addressed. Similarly, the IP address gets the
packet to the correct server, but the TCP or UDP port number guarantees the packet is passed to the correct
application.

519
Only for individual use – not for distribute on Internet

21.2.2 Ports for services

This page introduces port numbers that are used for different services.

Services running on hosts must have a port number assigned to them so communication can occur. A remote
host attempting to connect to a service expects that service to use specific transport layer protocols and ports.
Some ports, which are defined in RFC 1700, are known as the well-known ports. These ports are reserved in
both TCP and UDP.

These well-known ports define applications that run above the transport layer protocols. For example, a server
that runs FTP will use ports 20 and 21 to forward TCP connections from clients to its FTP application. This
allows the server to determine which service a client requests. TCP and UDP use port numbers to determine
the correct service to which requests are forwarded

520
Only for individual use – not for distribute on Internet
Reserved TCP and UDP Port numbers

521
Only for individual use – not for distribute on Internet
21.2.3 Ports for clients

This page will discuss source ports, which are set by clients.

Whenever a client connects to a service on a server, a source and destination port must be specified. TCP and
UDP segments contain fields for source and destination ports. Destination ports, or ports for services, are
normally defined using the well-known ports. Source ports set by the client are determined dynamically.

In general, a client determines the source port by randomly assigning a number above 1023. For example, a
client that attempts to communicate with a Web server will use TCP and assign the destination port as 80 and
the source port as 1045. When the packet arrives at the server, it moves up to the transport layer and eventually
to the HTTP service, which operates at port 80. The HTTP server responds to the clients request with a
segment that uses port 80 as the source and 1045 as the destination. Clients and servers use ports to distinguish
which process each segment is associated with

21.2.4 Port numbering and well-known port numbers

This page will discuss the three categories of port numbers.

Port numbers are represented by 2 bytes in the header of a TCP or UDP segment. This 16-bit value can result
in port numbers ranging from 0 to 65535. The three categories of port numbers are well-known ports,
registered ports, and dynamic or private ports. The first 1023 ports are well-known ports. These ports are used
for well-known network services such as FTP, Telnet, or DNS.

Registered ports range from 1024 to 49151. Ports between 49152 and 65535 are defined as dynamic or private
ports. The Interactive Media Activity will help students become more familiar with port numbers

522
Only for individual use – not for distribute on Internet

21.2.5 Example of multiple sessions between hosts

This page will explain how port numbers are used to track multiple sessions that can occur between hosts. The
source and destination port numbers combine with the network address to form a socket. A pair of sockets, one
on each host, forms a unique connection. For instance, a host might have a Telnet connection through port 23
and an Internet connection through port 80. The IP and the MAC addresses would be the same because the
packets are received from the same host. Therefore, each conversation on the source side needs its own port
number, and each service requested needs its own port number.
In the Lab Activity, students will enable HTTP on a router and observe well-known ports.

21.2.6 Comparison of MAC addresses, IP addresses, and port numbers

This page will describe the three types of addresses in reference to the OSI model. Port numbers are located at
the transport layer and are serviced by the network layer. The network layer assigns the logical address, or IP
address, and is then serviced by the data link layer, which assigns the physical address, or MAC address.

A good analogy can be made with a normal letter. The address on a letter consists of a name, street, city, and
state. These can be compared to the port, MAC, and IP address used for network data. The name on the
envelope would be equivalent to a port number, the street address is the MAC, and the city and state is the IP
address. Multiple letters can be mailed to the same street address, city and state, but contain different names on
the letters. For instance, two letters could be mailed to the same house with one addressed to ―John Doe‖ and
the other to ―Jane Doe‖. This is analogous to multiple sessions with different port numbers.

523
Only for individual use – not for distribute on Internet
21.2.7 Summary

This page summarizes the topics discussed in this module.

The transport layer of the OSI model is responsible for the reliable transport and regulation of data flow from a
source to a destination. TCP makes sure that each host on the network is ready and willing to communicate.

A three-way handshake is a process that ensures that each side is ready for data transmission and allows each
device to determine the initial sequence number. A three-way handshake starts with a host initiating a
connection. The other host receives a packet, records a sequence number and then replies with an ACK. The
initiating host then responds back and finalizes the connection.

DoS attacks are designed to deny services to legitimate hosts that attempt to establish connections. It is used by
hackers to halt system response. SYN flooding is one type of DoS attack. It exploits the normal three-way
handshake and causes targeted devices to ACK to source addresses that will not complete the handshake.
Spoofing occurs when a receiving device replies to a non-existent, unreachable IP address and is placed in a
wait state until it receives the final ACK from the initiator. In addition to software specifically created as a
defense against these kinds of attacks, an administrator can decrease the connection timeout period and
increase the connection queue size.

Breaking data into smaller pieces is called segmenting and is done with TCP. Once the data is segmented, it
must be transmitted to the destination device. TCP applies sequence numbers to the data segments so that the
receiver can reassemble the bytes properly and the sender knows when all the segments have been received.
Windowing is the process of flow control that regulates how much data is sent during a given transmission
period. TCP uses a sliding window when determining transmission size. A sliding window allows for devices
to negotiate a window size to allow for more than one byte to be sent during a single transmission.

Many protocols use PAR to provide reliability. With PAR, the source sends a packet, starts a timer, and waits
for an ACK before it sends the next packet. If the timer expires before the source receives an ACK, the source
retransmits the packet and resets the timer. TCP uses expectational ACKs in which the Acknowledgment
Number refers to the next octet that is expected.

UDP provides connectionless, non-guaranteed transmission of packets at Layer 4 of the OSI model. Since UDP
does not use windowing or acknowledgments, application layer protocols must provide error detection.

A port number must be associated with the conversation between hosts to ensure that the packet reaches the
appropriate service on the server. Port numbers have the following assigned ranges:

 The Well Known Ports are those from 0 through 1023


 The Registered Ports are those from 1024 through 49151
 The Dynamic and/or Private Ports are those from 49152 through 65535

The three methods of addressing include port numbers, which are located at the transport layer and serviced by
the network layer. The network layer assigns the logical or IP address and the data link layer assigns the
physical or MAC address.

524
Only for individual use – not for distribute on Internet
22 MODULE 11

Module Overview

Network administrators must be able to deny unwanted access to a network and allow authorized users to
access necessary services. Security tools such as passwords, callback equipment, and physical security devices
are helpful. However, they often lack the flexibility of basic traffic filters and the specific controls that most
administrators prefer. For example, a network administrator may want to allow users access to the Internet, but
not permit external users Telnet access into the LAN.

Routers provide the capability to filter traffic, such as blocking Internet traffic, with access control lists
(ACLs). An ACL is a sequential list of permit or deny statements that apply to addresses or upper-layer
protocols. This module will introduce standard and extended ACLs as a way to control network traffic and
explain how they are used as part of a security solution.

This module includes tips, considerations, recommendations, and general guidelines on how to use ACLs. It
also includes the commands and configurations needed to create ACLs. Finally, this module provides examples
of standard and extended ACLs and describes ACL placement on router interfaces.

An ACL can be as simple as a single line that permits packets from a specific host or it can be a complex set of
rules and conditions that defines network traffic and determines the router processes. While many of the
advanced uses of ACLs are beyond the scope of this course, this module provides details about standard and
extended ACLs, the proper placement of ACLs, and some special applications of ACLs. This module covers
some of the objectives for the CCNA 640-801 and ICND 640-811 exams.

Students who complete this module should be able to perform the following tasks:

 Describe the differences between standard and extended ACLs


 Explain the rules for placement of ACLs
 Create and apply named ACLs
 Describe the function of firewalls
 Use ACLs to restrict virtual terminal access

22.1 Access Control List Fundamentals

22.1.1 Introduction to ACLs

This page will explain what ACLs are and how they are used.
ACLs are lists of conditions used to test network traffic that tries to travel across a router interface. These
lists tell the router what types of packets to accept or deny. Acceptance and denial can be based on specified
conditions. ACLs enable management of traffic and secure access to and from a network.

ACLs can be created for all routed network protocols such as IP and Internetwork Packet Exchange (IPX).
ACLs can be configured at the router to control access to a network or subnet.
To filter network traffic, ACLs determine if routed packets are forwarded or blocked at the router interfaces.
The router examines each packet and will forward or discard it based on the conditions specified in the ACL.
An ACL makes routing decisions based on source address, destination address, protocols, and upper-layer port
numbers.

ACLs must be defined on a per protocol, per direction, or per port basis. To control traffic flow on an
interface, an ACL must be defined for each protocol enabled on the interface. ACLs control traffic in one
direction at a time on an interface. Two separate ACLs must be created to control inbound and outbound
traffic. Every interface can have multiple protocols and directions defined. If the router has two interfaces

525
Only for individual use – not for distribute on Internet
configured for IP, AppleTalk, and IPX, 12 separate ACLs would be needed. There would be one ACL for each
protocol, times two for each direction, times two for the number of ports.

ACLs can be used to perform the following tasks:

 Limit network traffic and increase network performance. For example, ACLs that restrict video traffic
could greatly reduce the network load and increase network performance.
 Provide traffic flow control. ACLs can restrict the delivery of routing updates. If updates are not
required because of network conditions, bandwidth is preserved.
 Provide a basic level of security for network access. ACLs can allow one host to access a part of the
network and prevent another host from accessing the same area. For example, Host A is allowed to
access the Human Resources network and Host B is prevented from accessing it.
 Decide which types of traffic are forwarded or blocked at the router interfaces. ACLs can permit e-mail
traffic to be routed, but block all Telnet traffic.
 Control which areas a client can access on a network.
 Screen hosts to permit or deny access to a network segment. ACLs can be used to permit or deny a user
to access file types such as FTP or HTTP.

If ACLs are not configured on the router, all packets that pass through the router will be permitted to access
the entire network.

526
Only for individual use – not for distribute on Internet

22.1.2 How ACLs work

An ACL is made up of statements that define whether packets are accepted or rejected at inbound and
outbound interfaces. This page will explain how these statements are edited and added to an ACL. These
decisions are made by matching a condition statement in an access list and then performing the accept or reject
action defined in the statement.

The order in which ACL statements are placed is important. The Cisco IOS software tests the packet against
each condition statement in order from the top of the list to the bottom. Once a match is found in the list, the
accept or reject action is performed and no other ACL statements are checked. If a condition statement that
permits all traffic is located at the top of the list, no statements added below that will ever be checked.

If additional condition statements are needed in an access list, the entire ACL must be deleted and recreated
with the new condition statements. To make the process of revising an ACL simpler it is a good idea to use a
text editor such as Notepad and paste the ACL into the router configuration.

The beginning of the router process is the same, whether ACLs are used or not. As a frame enters an
interface, the router checks to see whether the Layer 2 address matches or if it is a broadcast frame. If the
frame address is accepted, the frame information is stripped off and the router checks for an ACL on the
inbound interface. If an ACL exists, the packet is now tested against the statements in the list. If the packet
matches a statement, the packet is either accepted or rejected. If the packet is accepted in the interface, it will
then be checked against routing table entries to determine the destination interface and switched to that
interface. Next, the router checks whether the destination interface has an ACL. If an ACL exists, the packet is
tested against the statements in the list. If the packet matches a statement, it is either accepted or rejected. If
there is no ACL or the packet is accepted, the packet is encapsulated in the new Layer 2 protocol and
forwarded out the interface to the next device.

As a review, ACL statements operate in sequential, logical order. If a condition match is true, the packet is
permitted or denied and the rest of the ACL statements are not checked. If all the ACL statements are
unmatched, an implicit deny any statement is placed at the end of the list by default. The invisible deny any
statement at the end of the ACL will not allow unmatched packets to be accepted. When first learning how to
create ACLs, it is a good idea to add the deny any at the end of ACLs to reinforce the dynamic presence of the
implicit deny.

527
Only for individual use – not for distribute on Internet

528
Only for individual use – not for distribute on Internet

22.1.3 Creating ACLs

This page will explain how ACLs are created in global configuration mode. There are many types of ACLs.
This lesson explains standard ACLs, extended ACLs, and named ACLs. When ACLs are configured on a
router, each ACL must have a unique identification number assigned to it. This number identifies the type of
access list created and must fall within the specific range of numbers that is valid for that type of list.

After the proper command mode is entered and the list type number is decided upon, the user enters the access
list statements using the keyword access-list, followed by the proper parameters. After the proper command
mode is entered and the list type number is set, the user enters the access list statements with the access-list
command followed by the proper parameters. This is the first of the two-step process. The second step of the
process is assigning the ACL to the proper interface.

In TCP/IP, ACLs are assigned to one or more interfaces and can filter inbound traffic or outbound traffic by
using the ip access-group command in interface configuration mode. The access-group command is issued
in the interface configuration mode. When an ACL is assigned to an interface, inbound or outbound placement
should be specified. The filter direction can be set to check packets that travel into or out of an interface. To
determine if an ACL controls inbound or outbound traffic, the network administrator must view the interfaces
as if looking at them from inside the router. This is a very important concept. Traffic that travels into an
interface is filtered by the inbound access list. Traffic going out of an interface is filtered by the outbound
access list. After a numbered ACL is created, it must be assigned to an interface. An ACL containing
numbered ACL statements cannot be altered. It must be deleted by using the no access-list list-number
command and then recreated.

Use the following rules to create and apply access lists ( ACLs ):

 There should be one access list per protocol per direction.


 Standard access lists should be applied closest to the destination.
 Extended access lists should be applied closest to the source.
 The inbound or outbound interface should be referenced as if looking at the port from inside the router.
 Statements are processed sequentially from the top of the list to the bottom until a match is found. If no
match is found then the packet is denied, and discarded.
 There is an implicit deny any at the end of all access lists. This will not appear in the configuration
listing.
 Access list entries should filter in the order from specific to general. Specific hosts should be denied
first, and groups or general filters should come last.
 The match condition is examined first. The permit or deny is examined only if the match is true.
 Never work with an access list that is actively applied.
 A text editor should be used to create comments that outline the logic. Then fill in the statements that
perform the logic.

529
Only for individual use – not for distribute on Internet
 New lines are always added to the end of the access list. A no access-list x command will remove the
whole list. It is not possible to selectively add and remove lines with numbered ACLs
 An IP access list will send an ICMP host unreachable message to the sender of the rejected packet and
will discard the packet in the bit bucket.
 An access list should be removed carefully. If an access list that is applied to a production interface is
removed, some versions of IOS will apply a default deny any to the interface and all traffic will be
halted.
 Outbound filters do not affect traffic that originates from the local router.

The Lab Activity will help students become more familiar with the syntax that is used to create an ACL.

530
Only for individual use – not for distribute on Internet

22.1.4 The function of a wildcard mask

This page will explain what a wildcard mask is and how it is used.

A wildcard mask is a 32-bit quantity that is divided into four octets. A wildcard mask is paired with an IP
address. The numbers one and zero in the mask are used to identify how to treat the corresponding IP address
bits. The term wildcard mask represents the ACL mask-bit matching process and comes from an analogy of a
wildcard that matches any other card in the game of poker. Wildcard masks have no functional relationship
with subnet masks. They are used for different purposes and follow different rules.

The subnet mask and the wildcard mask represent two different things when they are compared to an IP
address. Subnet masks use binary ones and zeros to identify the network, subnet, and host portion of an IP
address. Wildcard masks use binary ones and zeros to filter individual or groups of IP addresses to permit or
deny access to resources based on an IP address. The only similarity between a wildcard mask and a subnet
mask is that they are both thirty-two bits long and use binary ones and zeros.
The mask in Figure would be written as 0.0.255.255. A zero indicates a value that will be checked. The Xs,
or ones, are used to block values.
In the wildcard mask process, the IP address in the access-list statement has the wildcard mask applied to it.
This creates the match value, which is used to compare and see if a packet should be processed by this ACL
statement, or sent to the next statement to be checked. The second part of the ACL process is that any IP
address that is checked by a particular ACL statement will have the wildcard mask of that statement applied to
it. The result of the IP address and the wildcard mask must equal the match value of the ACL. This process is
illustrated in the animation in Figure .
There are two special keywords that are used in ACLs, the any and host options. The any option substitutes
0.0.0.0 for the IP address and 255.255.255.255 for the wildcard mask. This option will match any address that
it is compared against. The host option substitutes 0.0.0.0 for the mask. This mask requires that all bits of the
ACL address and the packet address match. This option will match just one address

531
Only for individual use – not for distribute on Internet

532
Only for individual use – not for distribute on Internet

533
Only for individual use – not for distribute on Internet

534
Only for individual use – not for distribute on Internet

535
Only for individual use – not for distribute on Internet

536
Only for individual use – not for distribute on Internet

537
Only for individual use – not for distribute on Internet
22.1.5 Verifying ACLs

This page will explain how show commands can be used to verify the content and placement of ACLs on a
router.
The show ip interface command displays IP interface information and indicates whether any ACLs are
assigned to the interface. The show access-lists command displays the contents of all ACLs on the router.
To see a specific list, add the ACL name or number as an option for this command. The show running-config
command will also reveal the access lists on a router and the interface assignment information.

These show commands will verify the list contents and placement. It is also a good practice to test the access
lists with sample traffic to ensure that the access list logic is correct. In the Lab Activity, students will use
show commands to verify ACLs on a router.

538
Only for individual use – not for distribute on Internet

22.2 Access Control Lists (ACLs)

22.2.1 Standard ACLs

This page will explain the function of standard ACLs. Students will also learn the syntax used for a standard
ACL.

Standard ACLs check the SOURCE address of IP packets that are routed. The ACL will either permit
or deny access for an entire protocol suite, based on the network, subnet, and host addresses. For example,
packets that come in Fa0/0 are checked for their source addresses and protocols. If they are permitted, the
packets are routed through the router to an output interface. If they are not permitted, they are dropped at the
incoming interface.

539
Only for individual use – not for distribute on Internet
The standard version of the access-list global configuration command is used to define a standard ACL with a
number in the range of 1 to 99 (also from 1300 to 1999 in recent IOS). In Cisco IOS Software Release
12.0.1, standard ACLs began using additional numbers (1300 to 1999) to provide a maximum of 798 possible
standard ACLs. These additional numbers are referred to as expanded IP ACLs. In the first ACL statement,
notice that there is no wildcard mask. Since no list is shown, the default mask of 0.0.0.0 is used. The entire
address must match or the router must check for a match in the next line in the ACL.
The full syntax of the standard ACL command is as follows:

Router(config)#access-listaccess-list-number deny permit remarksource [source-wildcard ] [log]

The no form of this command is used to remove a standard ACL. The remark keyword makes the access list
easier to understand. Each remark is limited to 100 characters. For example, it is not immediately clear what
the purpose of the following entry is:

Router(config)#access-list 1 permit 171.69.2.88

It is much easier to read a remark about the entry to understand its effect, as follows:

Router(config)#access-list 1 remark Permit only Jones workstation through access-list 1 permit


171.69.2.88

To remove a standard ACL, use the no form of the command. This is the syntax:

Router(config)#no access-listaccess-list-number

The no form of this command is used to remove a standard ACL. The syntax is as follows:

Router(config)#no access-list access-list-number

The ip access-group command links an existing standard ACL to an interface:

Router(config)#ip access-group {access-list-number | access-list-name } {in | out }

The table shows descriptions of the parameters used in this syntax. The Lab Activities will teach students
how to plan, configure, and apply standard ACLs to permit or deny traffic.

540
Only for individual use – not for distribute on Internet

541
Only for individual use – not for distribute on Internet
22.2.2 Extended ACLs

This page will provide an overview of extended ACLs.

Extended ACLs are used more often than standard ACLs because they provide a greater range of control.
Extended ACLs check the source and destination packet addresses and can also check for protocols and
port numbers. This gives greater flexibility to describe what the ACL will check. Access can be permitted or
denied based on where a packet originates, its destination, protocol type, and port addresses. An extended ACL
can simultaneously allow e-mail traffic from Fa0/0 to specific S0/0 destinations and deny file transfers and
Web browsing. When packets are discarded, some protocols send an echo packet to the sender, stating that the
destination was unreachable.

For a single ACL, multiple statements may be configured. Each statement should have the same access list
number, to relate the statements to the same ACL. There can be as many condition statements as needed,
limited only by the available router memory. Of course, the more statements there are, the more difficult it will
be to comprehend and manage the ACL.

The syntax for the extended ACL statement can get very long and often will wrap in the terminal window. The
wildcards also have the option of using the host or any keywords in the command.

At the end of the extended ACL statement, an administrator can specify a TCP or UDP port number. The
well-known port numbers for TCP/IP are shown in Figure . Logical operations may be specified such as,
equal (eq), not equal (neq), greater than (gt), and less than (lt). The extended ACL will perform these
operations on specific protocols. Extended ACLs use an access-list-number in the range 100 to 199 (also from
2000 to 2699 in recent IOS). In Cisco IOS Software Release 12.0.1, extended ACLs began using additional
numbers (2000 to 2699) to provide a maximum of 799 possible extended ACLs. These additional numbers are
referred to as expanded IP ACLs.

The ip access-group command links an existing extended ACL to an interface. Remember that only one ACL
per interface, per direction, per protocol is allowed. The format of the command is as follows:

Router(config-if)#ip access-group access-list-number {in | out }

The Lab Activities on this page will help students plan, configure, and apply extended ACLs to filter network
traffic.

542
Only for individual use – not for distribute on Internet

543
Only for individual use – not for distribute on Internet

544
Only for individual use – not for distribute on Internet

545
Only for individual use – not for distribute on Internet

546
Only for individual use – not for distribute on Internet

547
Only for individual use – not for distribute on Internet
Reserved TCP and UDP Port numbers

548
Only for individual use – not for distribute on Internet
22.2.3 Named ACLs

This page will explain the benefits and restrictions of named ACLs.

IP named ACLs were introduced in Cisco IOS Software Release 11.2. Named ACLs allow standard and
extended ACLs to be given names instead of numbers. The following are advantages that are provided by
a named access list:

 Alphanumeric names can be used to identify ACLs.


 The IOS does not limit the number of named ACLs that can be configured.
 Named ACLs provide the ability to modify ACLs without deletion and reconfiguration. However, a
named access list will only allow for statements to be inserted at the end of a list. It is a good idea to
use a text editor to create named ACLs.

Consider the following before implementing named ACLs.

Named ACLs are not compatible with Cisco IOS releases prior to Release 11.2.

The same name may not be used for multiple ACLs. For example, it is not permissible to specify both a
standard and extended ACL named George.

It is important to be aware of named access lists because of the advantages just discussed. Advanced access list
operations such as named ACLs will be presented in the CCNP curriculum.

A named ACL is created with the ip access-list command. This places the user in the ACL configuration
mode. In ACL configuration mode, specify one or more conditions to be permitted or denied. This
determines whether the packet is passed or dropped when the ACL statement matches.

The configuration in Figure creates a standard ACL named Internetfilter and an extended ACL named
marketing_group. The figure also shows how the named access lists are applied to an interface.
The Lab Activities on this page will show students how to create named ACLs to control network traffic

549
Only for individual use – not for distribute on Internet

550
Only for individual use – not for distribute on Internet

22.2.4 Placing ACLs

This page will explain where an ACL should be placed. The placement of ACLs is an important consideration.

Proper ACL placement will filter traffic and make the network more efficient. The ACL should be placed
where it has the greatest impact on efficiency.

In Figure the administrator wants to deny Telnet or FTP traffic from the Router A Ethernet LAN segment to
the switched Ethernet LAN Fa0/1 on Router D. At the same time, other traffic must be permitted. There are
several ways to do this. The recommended solution is an extended ACL that specifies both source and
destination addresses. Place this extended ACL in Router A. Then, packets do not cross the Router A Ethernet
segment or the serial interfaces of Routers B and C, and do not enter Router D. Traffic with different source
and destination addresses will still be permitted.

The general rule is to put the extended ACLs as close as possible to the source of the traffic denied. Standard
ACLs do not specify destination addresses, so they should be placed as close to the destination as possible. For
example, a standard ACL should be placed on Fa0/0 of Router D to prevent traffic from Router A.

Administrators can only place access lists on devices that they control. Therefore access list placement must be
determined in the context of where the network administrator's control extends.

551
Only for individual use – not for distribute on Internet

552
Only for individual use – not for distribute on Internet

553
Only for individual use – not for distribute on Internet

554
Only for individual use – not for distribute on Internet
22.2.5 Firewalls

This page will explain how ACLs are used in firewall routers.

A firewall is an architectural structure that exists between the user and the outside world to protect the internal
network from intruders. In most circumstances, intruders come from the global Internet and the thousands of
remote networks that it interconnects. Typically, a network firewall consists of several different machines that
work together to prevent unwanted and illegal access.

In this architecture, the router that is connected to the Internet, referred to as the exterior router, forces all
incoming traffic to go to the application gateway. The router that is connected to the internal network, the
interior router, accepts packets only from the application gateway. The gateway controls the delivery of
network-based services both into and from the internal network. For example, only certain users might be
allowed to communicate with the Internet, or only certain applications might be permitted to establish
connections between an interior and exterior host. If the only application that is permitted is e-mail, then only
e-mail packets should be allowed through the router. This protects the application gateway and avoids
overwhelming it with packets that it would otherwise discard.

ACLs should be used in firewall routers, which are often positioned between the internal network and an
external network, such as the Internet. This allows control of traffic entering or exiting a specific part of the
internal network. The firewall router provides a point of isolation so that the rest of the internal network
structure is not affected.

A configuration of ACLs on border routers, which are routers situated on the boundaries of the network, is
necessary to provide security benefits. This provides basic security from the outside network, or from a less
controlled area of the network, into a more private area of the network. On these border routers, ACLs can be
created for each network protocol configured on the router interfaces.

22.2.6 Restricting virtual terminal access

This page will explain how ACLs are created for virtual ports.

Standard and extended access lists apply to packets that travel through a router. They are not designed to
block packets that originate within the router. An outbound Telnet extended access list does not prevent router
initiated Telnet sessions, by default.

555
Only for individual use – not for distribute on Internet
Just as there are physical ports or interfaces, such as Fa0/0 and S0/0 on the router, there are also virtual ports.
These virtual ports are called vty lines. There are five vty lines, which are numbered 0 through 4, as shown in
Figure . For security purposes, users can be denied or permitted virtual terminal access to the router but
denied access to destinations from that router.

The purpose of restricted vty access is increased network security. The Telnet protocol can also be used to
create a nonphysical vty connection to the router. There is only one type of vty access list. Identical restrictions
should be placed on all vty lines since it is not possible to control the line on which a user will connect.

The process to create the vty access list is the same as described for an interface. However, applying the ACL
to a terminal line requires the access-class command instead of the access-group command.

The following should be considered when configuring access lists on vty lines:

 A name or number can be used to control access to an interface.


 Only numbered access lists can be applied to virtual lines.
 Identical restrictions should be set on all the virtual terminal lines, because a user can attempt to
connect to any of them.

In the second Lab Activity, students will use ACLs to control IP traffic.

22.2.7 Summary

This page summarizes the topics discussed in this module.

556
Only for individual use – not for distribute on Internet
ACLs are lists of conditions that are applied to traffic that travels across a router interface. They can be created
for all routed network protocols such as IP and IPX. Packets are accepted or denied based on these lists.

Network administrators create ACLs to control network access. ACLs provide the ability to limit network
traffic, increase performance, and manage security issues. ACL statements operate in sequential, logical order.
When a condition is matched as true, the packet is permitted or denied and the rest of the ACL statements are
not checked. If all the ACL statements are unmatched, an implicit deny any statement is placed at the end of
the list by default. The invisible deny any statement at the end of the ACL will not allow unmatched packets to
be accepted. When first learning how to create ACLs, it is a good idea to add the deny any at the end of ACLs
to reinforce the dynamic presence implicit deny.

ACLs are created in the global configuration mode and the basic rules should be applied. Each ACL on a
router must be configured with a unique number or a name. When a numbered ACL is used, the number
identifies the type of access list. Numbered ACLs may be either standard or extended, and must fall within the
specific range of numbers that is valid for that type of list . Standard IP ACLs use the numbers from 1 to 99.
Extended IP ACLs use the numbers from 100 to 199. ACLs are created by entering the command access-list.
Once created, the list is then assigned to the proper interface.

The placement of an ACL has a great impact on network efficiency. The general rule is to put the extended
ACLs as close as possible to the source of the traffic denied. Standard ACLs do not specify destination
addresses, so they should be placed as close to the destination as possible.

A wildcard mask is a 32-bit quantity that is divided into four octets. The numbers one and zero in the mask are
used to determine the treatment of the corresponding IP address bits. In the wildcard mask process, the IP
address in the access-list statement has the wildcard mask applied to it. This creates the match value, which
compares the two and determines whether the packet should be processed by this ACL statement, or sent to the
next statement to be checked.

The show ip interface command displays IP interface information and indicates whether any ACLs are set.
The show access-lists command displays the contents of all ACLs on the router. To see a specific list, add the
ACL name or number as an option for this command. The show running-config command will also display
the access lists on a router and the interface assignment information.

Standard ACLs check the source IP address of packets that are routed. The ACL will permit or deny access
based on the network, subnet, and host address. Extended ACLs are used more often than standard ACLs
because they provide a greater range of control. Extended ACLs check the source and destination packet
addresses and can also check for protocols and port numbers. A named ACL may be either an extended or
standard ACL. Named ACLs provide the ability to modify ACLs without deleting and then reconfiguring
them. A named access list will allow the deletion of statements but will only allow for statements to be inserted
at the end of a list.

557
Only for individual use – not for distribute on Internet

23 MODULE 1
Module Overview

Network administrators must anticipate and manage the physical growth of networks. This may require them to
buy or lease another floor of a building for new network equipment such as racks, patch panels, switches, and
routers. Network designers must choose address schemes that allow for growth. Variable-length subnet mask
(VLSM) is used to create efficient and scalable address schemes.

Almost every enterprise must implement an IP address scheme. Many organizations select TCP/IP as the only
routed protocol to run on their networks. Unfortunately, the architects of TCP/IP did not predict that the
protocol would eventually sustain a global network of information, commerce, and entertainment. IPv4 offered
an address strategy that was scalable for a time before it resulted in an inefficient allocation of addresses. IPv4
may soon be replaced with IP version 6 (IPv6) as the dominant protocol of the Internet. IPv6 has virtually
unlimited address space and implementation has begun in some networks. Over the past two decades,
engineers have successfully modified IPv4 so that it can survive the exponential growth of the Internet. VLSM
is one of the modifications that has helped to bridge the gap between IPv4 and IPv6.

Networks must be scalable since the needs of users evolve. When a network is scalable it is able to grow in a
logical, efficient, and cost-effective way. The routing protocol used in a network helps determine the
scalability of the network. It is important to choose the routing protocol wisely. Routing Information Protocol
version 1 (RIP v1) is suitable for small networks. However, it is not scalable to large networks. RIP version 2
(RIP v2) was developed to overcome these limitations.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.
Students who complete this module should be able to perform the following tasks:

 Define VLSM and briefly describe the reasons for its use
 Divide a major network into subnets of different sizes using VLSM
 Define route aggregation and summarization as they relate to VLSM
 Configure a router using VLSM
 Identify the key features of RIP v1 and RIP v2
 Identify the important differences between RIP v1 and RIP v2
 Configure RIP v2
 Verify and troubleshoot RIP v2 operation
 Configure default routes using the ip route and ip default-network commands

23.1 VLSM

23.1.1 What is VLSM and why is it used?

As IP subnets have grown, administrators have looked for ways to use their address space more efficiently.
This page introduces a technique called VLSM. With VLSM, a network administrator can use a long mask on
networks with few hosts, and a short mask on subnets with many hosts. -1- -2- -3-

558
Only for individual use – not for distribute on Internet

In order to implement VLSM, a network administrator must use a routing protocol that supports it. Cisco
routers support VLSM with Open Shortest Path First ( OSPF ), Integrated IS-IS, Enhanced Interior Gateway
Routing Protocol ( EIGRP ), RIP v2, and static routing. -4-

VLSM allows an organization to use more than one subnet mask within the same network address space.
VLSM implementation maximizes address efficiency, and is often referred to as subnetting a subnet. -5-

Classful routing protocols require that a single network use the same subnet mask. As an example, a network
with an address of 192.168.187.0 can use just one subnet mask, such as 255.255.255.0.

A routing protocol that allows VLSM gives the network administrator freedom to use different subnet masks
for networks within a single autonomous system. -6- Figure -7- shows an example of how a network

559
Only for individual use – not for distribute on Internet
administrator can use a 30-bit mask for network connections, a 24-bit mask for user networks, and even a 22-
bit mask for networks with up to 1000 users.

23.1.2 A waste of space

This page will explain how certain address schemes can waste address space.
In the past, the first and last subnet were not supposed to be used. The use of the first subnet, which was known
as subnet zero, was discouraged because of the confusion that could occur if a network and a subnet had the
same address. This also applied to the use of the last subnet, which was known as the all-ones subnet. With the
evolution of network technologies and IP address depletion, the use of the first and last subnets have become
an acceptable practice in conjunction with VLSM.
In Figure -1- , the network management team has borrowed three bits from the host portion of the Class C
address that has been selected for this address scheme.

If the team decides to use subnet zero, there will be eight useable subnets. Each subnet can support 30 hosts.
If the team decides to use the no ip subnet-zero command, there will be seven usable subnets with 30 hosts in
each subnet. Cisco routers with Cisco IOS version 12.0 or later, use subnet zero by default.

In Figure -2- , the Sydney, Brisbane, Perth, and Melbourne remote offices may each have 30 hosts. The team
realizes that it has to address the three point-to-point WAN links between Sydney, Brisbane, Perth, and
Melbourne. If the team uses the last three subnets for the WAN links, all of the available addresses will be used
and there will be no room for growth. The team will also have wasted the 28 host addresses from each subnet
to simply address three point-to-point networks. This address scheme would waste one-third of the potential
address space. Such an address scheme is fine for a small LAN. However, it is extremely wasteful if point-to-
point connections are used. -3-

560
Only for individual use – not for distribute on Internet

23.1.3 When to use VLSM

It is important to design an address scheme that allows for growth and does not waste addresses. This page
examines how VLSM can be used to prevent the waste of addresses on point-to-point links.

As shown in Figure -1- , the network management team has decided to avoid the wasteful use of the /27 mask
on the point-to-point links. The team applies VLSM to the address problem.

To apply VLSM to the address problem, the team breaks the Class C address into subnets of variable sizes.
Large subnets are created for LANs. Very small subnets are created for WAN links and other special cases. A
30-bit mask is used to create subnets with only two valid host addresses. This is the best solution for the point-
to-point connections. The team will take one of the three subnets they previously decided to assign to the WAN
links, and subnet it again with a 30-bit mask.

In the example, the team has taken one of the last three subnets, subnet 6, and subnetted it again. This time the
team uses a 30-bit mask. Figures -2- and -3-illustrate that after using VLSM, the team has eight ranges of
addresses to be used for the point-to-point links.

561
Only for individual use – not for distribute on Internet

562
Only for individual use – not for distribute on Internet
23.1.4 Calculating subnets with VLSM

VLSM helps to manage IP addresses. This page will explain how to use VLSM to set subnet masks that fit the
link or segment requirements. A subnet mask should satisfy the requirements of a LAN with one subnet mask
and the requirements of a point-to-point WAN with another. -1-

The example in Figure -1-shows a network that requires an address scheme.

The example contains a Class B address of 172.16.0.0 and two LANs that require at least 250 hosts each. If the
routers use a classful routing protocol, the WAN link must be a subnet of the same Class B network. Classful
routing protocols such as RIP v1, IGRP, and EGP do not support VLSM. Without VLSM, the WAN link
would need the same subnet mask as the LAN segments. A 24-bit mask of 255.255.255.0 can support 250
hosts. -2- -3-

The WAN link only needs two addresses, one for each router. That means that 252 addresses would be wasted.

If VLSM was used, a 24-bit mask would still be applied on the LAN segments for the 250 hosts. A 30-bit mask
could be used for the WAN link because only two host addresses are needed.

Figure -4- shows where the subnet addresses can be applied based on the number of host requirements. The
WAN links use subnet addresses with a prefix of /30. This prefix allows for only two host addresses which is
just enough for a point-to-point connection between a pair of routers.

In Figure -5-, the subnet addresses used are generated when the 172.16.32.0/20 subnet is divided into /26
subnets.

To calculate the subnet addresses used on the WAN links, further subnet one of the unused /26 subnets. In this
example, 172.16.33.0/26 is further subnetted with a prefix of /30. This provides four more subnet bits and
therefore 16 (24) subnets for the WANs. Figure -6- illustrates how to work through a VLSM system.

VLSM can be used to subnet an already subnetted address. For example, consider the subnet address
172.16.32.0/20 and a network that needs ten host addresses. With this subnet address, there are 212 – 2, or 4094
host addresses, most of which will be wasted. With VLSM it is possible to subnet 172.16.32.0/20 to create
more network addresses with fewer hosts per network. When 172.16.32.0/20 is subnetted to 172.16.32.0/26,
there is a gain of 26, or 64 subnets. Each subnet can support 26 – 2, or 62 hosts.

Use the following steps to apply VLSM to 172.16.32.0/20:

1. Write 172.16.32.0 in binary form.


2. Draw a vertical line between the 20th and 21st bits, as shown in Figure -5-. The original subnet boundary
was /20.
3. Draw a vertical line between the 26th and 27th bits, as shown in Figure -5- . The original /20 subnet
boundary is extended six bits to the right, which becomes /26.
4. Calculate the 64 subnet addresses with the bits between the two vertical lines, from lowest to highest in
value. The figure shows the first 5 five subnets available.

It is important to remember that only unused subnets can be further subnetted. If any address from a subnet is
used, that subnet cannot be further subnetted. In Figure -6-, four subnet numbers are used on the LANs. The
unused 172.16.33.0/26 subnet is further subnetted for use on the WAN links.

563
Only for individual use – not for distribute on Internet

564
Only for individual use – not for distribute on Internet

565
Only for individual use – not for distribute on Internet
23.1.5 Route aggregation with VLSM

This page will explain the benefits of route aggregation with VLSM.

When VLSM is used, it is important to keep the subnetwork numbers grouped together in the network to allow
for aggregation. For example, networks like 172.16.14.0 and 172.16.15.0 should be near one another so that
the routers only carry a route for 172.16.14.0/23. -1-

The use of classless interdomain routing (CIDR) and VLSM prevents address waste and promotes route
aggregation, or summarization. Without route summarization, Internet backbone routing would likely have
collapsed sometime before 1997. -2-

Figure -2- illustrates how route summarization reduces the burden on upstream routers. This complex hierarchy
of variable-sized networks and subnetworks is summarized at various points with a prefix address, until the
entire network is advertised as a single aggregate route of 200.199.48.0/20. Route summarization, or
supernetting, is only possible if the routers of a network use a classless routing protocol, such as OSPF or
EIGRP. Classless routing protocols carry a prefix that consists of a 32-bit IP address and bit mask in the
routing updates. In Figure -2-, the summary route that eventually reaches the provider contains a 20-bit prefix
common to all of the addresses in the organization. That address is 200.199.48.0/22 or
11001000.11000111.0011. For summarization to work, addresses should be carefully assigned in a hierarchical
fashion so that summarized addresses will share the same high-order bits.

The following are important rules to remember:

 A router must know in detail the subnet numbers attached to it.


 A router does not need to inform other routers about each subnet if the router can send one aggregate
route for a set of routes.
 A router that uses aggregate routes has fewer entries in its routing table.

VLSM increases route summarization flexibility because it uses the higher-order bits shared on the left,
even if the networks are not contiguous. -3-

Figure -3- shows that the addresses share the first 20 bits. These bits are colored red. The 21st bit is not the
same for all the routes. Therefore the prefix for the summary route will be 20 bits long. This is used to
calculate the network number of the summary route.

Figure -4- shows that the addresses share the first 21 bits. These bits are colored red. The 22nd bit is not the
same for all the routes. Therefore the prefix for the summary route will be 21 bits long. This is used to
calculate the network number of the summary route.

566
Only for individual use – not for distribute on Internet

23.1.6 Configuring VLSM

This page will teach students how to calculate and configure VLSM. If VLSM is the scheme chosen, it must
then be calculated and configured correctly. -1-

The following are VLSM calculations for the LAN connections in Figure -1-

567
Only for individual use – not for distribute on Internet
 Network address: 192.168.10.0
 The Perth router has to support 60 hosts. That means a minimum of six bits are needed in the host
portion of the address. Six bits will yield 26 – 2, or 62 possible host addresses. The LAN connection for
the Perth router is assigned the 192.168.10.0/26 subnet.
 The Sydney and Singapore routers have to support 12 hosts each. That means a minimum of four bits
are needed in the host portion of the address. Four bits will yield 24 – 2, or 14 possible host addresses.
The LAN connection for the Sydney router is assigned the 192.168.10.96/28 subnet and the LAN
connection for the Singapore router is assigned the 192.168.10.112/28 subnet.
 The KL router has to support 28 hosts. That means a minimum of five bits are needed in the host
portion of the address. Five bits will yield 25 – 2, or 30 possible host addresses. The LAN connection
for the KL router is assigned the 192.168.10.64/27 subnet.

The following are VLSM calculations for the point-to-point connections in Figure -1-:

 Perth to KL

The connection from Perth to KL requires only two host addresses. That means a minimum of two bits
are needed in the host portion of the address. Two bits will yield 22 – 2, or 2 possible host addresses.
The Perth to KL connection is assigned the 192.168.10.128/30 subnet.

 Sydney to KL

The connection from Sydney to KL requires only two host addresses. That means a minimum of two
bits are needed in the host portion of the address. Two bits will yield 22 – 2, or 2 possible host
addresses. The Sydney to KL connection is assigned the 192.168.10.132/30 subnet.

 Singapore to KL

The connection from Singapore to KL requires only two host addresses. That means a minimum of two
bits are needed in the host portion of the address. Two bits will yield 22 – 2, or 2 possible host
addresses. The Singapore to KL connection is assigned the 192.168.10.136/30 subnet.

The following configuration is for the Singapore to KL point-to-point connection:

Singapore(config)#interface serial 0
Singapore(config-if)#ip address 192.168.10.137 255.255.255.252
KualaLumpur(config)#interface serial 1
KualaLumpur(config-if)#ip address 192.168.10.138 255.255.255.252

568
Only for individual use – not for distribute on Internet

569
Only for individual use – not for distribute on Internet

570
Only for individual use – not for distribute on Internet

23.2 RIP version 2

23.2.1 RIP history

This page will explain the functions and limitations of RIP. The Internet is a collection of autonomous systems
( AS ). Each AS is generally administered by a single entity. Each AS has a routing technology which can
differ from other autonomous systems. The routing protocol used within an AS is referred to as an Interior
Gateway Protocol (IGP). A separate protocol used to transfer routing information between autonomous
systems is referred to as an Exterior Gateway Protocol ( EGP ). RIP is designed to work as an IGP in a
moderate-sized AS. It is not intended for use in more complex environments.

RIP v1 is considered a classful IGP. -1-


RIP v1 is a distance vector protocol that broadcasts the entire routing table to each neighbor router at
predetermined intervals. The default interval is 30 seconds. RIP uses hop count as a metric, with 15 as the
maximum number of hops.

If the router receives information about a network, and the receiving interface belongs to the same network but
is on a different subnet, the router applies the one subnet mask that is configured on the receiving interface:

 For Class A addresses, the default classful mask is 255.0.0.0.


 For Class B addresses, the default classful mask is 255.255.0.0.
 For Class C addresses, the default classful mask is 255.255.255.0.

RIP v1 is a popular routing protocol because virtually all IP routers support it. The popularity of RIP v1
is based on the simplicity and the universal compatibility it demonstrates. RIP v1 is capable of load
balancing over as many as six ( 6 ) equal-cost paths, with four paths as the default.

RIP v1 has the following limitations:

 It does not send subnet mask information in its updates.


 It sends updates as broadcasts on 255.255.255.255.
 It does not support authentication.
 It is not able to support VLSM or classless interdomain routing (CIDR).

RIP v1 is simple to configure, as shown in Figure -2-

.
571
Only for individual use – not for distribute on Internet

23.2.2 RIP v2 features

This page will discuss RIP v2, which is an improved version of RIP v1. Both versions of RIP share the
following features:

 It is a distance vector protocol that uses a hop count metric.


 It uses holddown timers to prevent routing loops – default is 180 seconds.
 It uses split horizon to prevent routing loops.
 It uses 16 hops as a metric for infinite distance.

RIP v2 provides prefix routing, which allows it to send out subnet mask information with the route update.
Therefore, RIP v2 supports the use of classless routing in which different subnets within the same network can
use different subnet masks, as in VLSM.

RIP v2 provides for authentication in its updates. A set of keys can be used on an interface as an authentication
check. RIP v2 allows for a choice of the type of authentication to be used in RIP v2 packets. The choice can be
either clear text or Message-Digest 5 ( MD5 ) encryption. Clear text is the default. MD5 can be used to
authenticate the source of a routing update. MD5 is typically used to encrypt enable secret passwords and it
has no known reversal. RIP v2 multicasts routing updates using the Class D address 224.0.0.9, which
provides for better efficiency.

23.2.3 Comparing RIP v1 and v2

This page will provide some more information about how RIP works. It will also describe the differences
between RIP v1 and RIP v2. RIP uses distance vector algorithms to determine the direction and distance to any
link in the internetwork. If there are multiple paths to a destination, RIP selects the path with the least number
of hops. However, because hop count is the only routing metric used by RIP, it does not necessarily select the
fastest path to a destination.

572
Only for individual use – not for distribute on Internet
RIP v1 allows routers to update their routing tables at programmable intervals. The default interval is 30
seconds. The continual sending of routing updates by RIP v1 means that network traffic builds up quickly. -1-
To prevent a packet from looping infinitely, RIP allows a maximum hop count of 15. If the destination
network is more than 15 routers away, the network is considered unreachable and the packet is dropped.
This situation creates a scalability issue when routing in large heterogeneous networks. RIP v1 uses split
horizon to prevent loops. This means that RIP v1 advertises routes out an interface only if the routes were not
learned from updates entering that interface. It uses holddown timers to prevent routing loops. Holddowns
ignore any new information about a subnet indicating a poorer metric for a time equal to the holddown timer.

Figure -2-summarizes the behavior of RIP v1 when used by a router.

RIP v2 is an improved version of RIP v1. It has many of the same features of RIP v1. RIP v2 is also a distance
vector protocol that uses hop count, holddown timers, and split horizon. Figure -3- compares and contrasts RIP
v1 and RIP v2. The TTL field in the IP packet forces the packet to be dropped. When the hop count reaches
15 routers, the network is considered unreachable, and the packet is dropped because the router doesn't have a
route to the destination network.

The first Lab Activity on this page will show students how to set up and configure RIP on routers. The second
Lab Activity will review the basic configuration of routers. The Interactive Media Activity will help students
understand the differences between RIP v1 and RIP v2.

573
Only for individual use – not for distribute on Internet

23.2.4 Configuring RIP v2

This page will teach students how to configure RIP v2. RIP v2 is a dynamic routing protocol that is configured
by naming the routing protocol RIP Version 2, and then assigning IP network numbers without specifying
subnet values. This section describes the basic commands used to configure RIP v2 on a Cisco router. -1-

To enable a dynamic routing protocol, the following tasks must be completed:

 Select a routing protocol, such as RIP v2.


 Assign the IP network numbers without specifying the subnet values.
 Assign the network or subnet addresses and the appropriate subnet mask to the interfaces.

RIP v2 uses multicasts to communicate with other routers. The routing metric helps the routers find the best
path to each network or subnet.

The router command starts the routing process. -2-


The network command causes the implementation of the following three functions:

 The routing updates are multicast out an interface.


574
Only for individual use – not for distribute on Internet
 The routing updates are processed if they enter that same interface.
 The subnet that is directly connected to that interface is advertised.

The network command is required because it allows the routing process to determine which interfaces will
participate in the sending and receiving of routing updates. The network command starts up the routing
protocol on all interfaces that the router has in the specified network. The network command also allows the
router to advertise that network.

The router rip and version 2 commands combined specify RIP v2 as the routing protocol, while the network
command identifies a participating attached network. -3-

In this example, the configuration of Router A includes the following:

 router rip – Enables RIP as the routing protocol


 version 2 – Identifies version 2 as the version of RIP being used
 network 172.16.0.0 – Specifies a directly connected network
 network 10.0.0.0 – Specifies a directly connected network

The interfaces on Router A connected to networks 172.16.0.0 and 10.0.0.0, or their subnets, will send and
receive RIP v2 updates. These routing updates allow the router to learn the network topology. Routers B and C
have similar RIP configurations but with different network numbers specified.

Figure -4- shows another example of a RIP v2 configuration. The Lab Activities on this page will show
students how to convert RIP v1 to RIP v2

575
Only for individual use – not for distribute on Internet

576
Only for individual use – not for distribute on Internet
23.2.5 Verifying RIP v2

The show ip protocols and show ip route commands display information about routing protocols and the
routing table. -1- This page explains how show commands are used to verify a RIP configuration.

The show ip protocols command displays values about routing protocols and routing protocol timer
information associated with the router. In the example, the router is configured with RIP and sends updated
routing table information every 30 seconds. This interval is configurable. If a router running RIP does not
receive an update from another router for 180 seconds or more, the first router marks the routes served by the
non-updating router as being invalid. In Figure -1- , the holddown timer is set to 180 seconds. Therefore, an
update to a route that was down and is now up could stay in the holddown state until the full 180 seconds have
passed.

If there is still no update after 240 seconds the router removes the routing table entries. The router is injecting
routes for the networks listed following the Routing for Networks line. The router is receiving routes from the
neighboring RIP routers listed following the Routing Information Sources line. The distance default of 120
refers to the administrative distance for a RIP route.

The show ip interface brief command can also be used to list a summary of the information and status of an
interface.

The show ip route command displays the contents of the IP routing table. -2- The routing table contains entries
for all known networks and subnetworks, and contains a code that indicates how that information was learned.

Examine the output to see if the routing table is populated with routing information. If entries are missing,
routing information is not being exchanged. Use the show running-config or show ip protocols Privileged
EXEC commands on the router to check for a possible misconfigured routing protocol. The Lab Activity will
teach students how to use show commands to verify RIP v2 configurations.

577
Only for individual use – not for distribute on Internet

23.2.6 Troubleshooting RIP v2

This page explains the use of the debug ip rip command.

Use the debug ip rip command to display RIP routing updates as they are sent and received. -1-
The no debug all or undebug all commands will turn off all debugging.

The example shows that the router being debugged has received updates from one router at source address
10.1.1.2. figure -2- The router at source address 10.1.1.2 sent information about two destinations in the
routing table update. The router being debugged also sent updates, in both cases to the multicast address
224.0.0.9 as the destination. The number in parentheses is the source address encapsulated into the IP header.

Other outputs sometimes seen from the debug ip rip command includes entries such as the following:

RIP: broadcasting general request on Ethernet0


RIP: broadcasting general request on Ethernet1

These outputs appear at startup or when an event occurs such as an interface transition or a user manually
clears the routing table.

An entry, such as the following, is most likely caused by a malformed packet from the transmitter:

RIP: bad version 128 from 160.89.80.43

Examples of debug ip rip outputs and meanings are shown in Figure -3- The Lab Activities will help students
become more familiar with debug commands.

578
Only for individual use – not for distribute on Internet

23.2.7 Default routes

This page will describe default routes and explain how they are configured.

By default, routers learn paths to destinations three different ways:

 Static routes – The system administrator manually defines the static routes as the next hop to a
destination. Static routes are useful for security and traffic reduction, as no other route is known.
 Default routes – The system administrator also manually defines default routes as the path to take
when there is no known route to the destination. Default routes keep routing tables shorter. When an
579
Only for individual use – not for distribute on Internet
entry for a destination network does not exist in a routing table, the packet is sent to the default
network.
 Dynamic routes – Dynamic routing means that the router learns of paths to destinations by receiving
periodic updates from other routers.

In Figure -1-, the static route is indicated by the following command:

Router(config)#ip route 172.16.1.0 255.255.255.0 17.16.2.1

The ip default-network command establishes a default route in networks using dynamic routing protocols: -2-

Router(config)#ip default-network 192.168.20.0

Generally after the routing table has been set to handle all the networks that must be configured, it is often
useful to ensure that all other packets go to a specific location. This is called the default route for the router.
One example is a router that connects to the Internet. All the packets that are not defined in the routing table
will go to the nominated interface of the default router.

The ip default-network command is usually configured on the routers that connect to a router with a static
default route.

In Figure -3-, Hong Kong 2 and Hong Kong 3 would use Hong Kong 4 as the default gateway. Hong Kong 4
would use interface 192.168.19.2 as its default gateway. Hong Kong 1 would route packets to the Internet for
all internal hosts. To allow Hong Kong 1 to route these packets it is necessary to configure a default route as:

HongKong1(config)#ip route 0.0.0.0 0.0.0.0 s0/0

The zeros in the IP address and mask portions of the command represent any destination network with any
mask. Default routes are referred to as quad zero routes. In the diagram, the only way Hong Kong 1 can go to
the Internet is through interface s0/0

580
Only for individual use – not for distribute on Internet

23.2.8 Module Summary

This page summarizes the topics discussed in this module.

Variable-Length Subnet Masks ( VLSM ), often referred to as "subnetting a subnet", is used to maximize
addressing efficiency. It is a feature that allows a single autonomous system to have networks with different
subnet masks. The network administrator is able to use a long mask on networks with few hosts, and a short
mask on subnets with many hosts.

It is important to design an addressing scheme that allows for growth and does not involve wasting addresses.
To apply VLSM to the addressing problem, large subnets are created for addressing LANs. Very small subnets
are created for WAN links and other special cases.

VLSM helps to manage IP addresses. VLSM allows for the setting of a subnet mask that suits the link or the
segment requirements. A subnet mask should satisfy the requirements of a LAN with one subnet mask and the
requirements of a point-to-point WAN with another.

Addresses are assigned in a hierarchical fashion so that summarized addresses will share the same high-
order bits. There are specific rules for a router. It must know in detail the subnet numbers attached to it and it
does not need to tell other routers about each individual subnet if the router can send an aggregate route for a
set of routers. A router using aggregate routes would have fewer entries in its routing tables.

If VLSM is the scheme chosen, it must then be calculated and configured correctly.

RIP v1 is considered an interior gateway protocol that is classful. RIP v1 is a distance vector protocol that
broadcasts its entire routing table to each neighbor router at predetermined intervals. The default interval is 30
seconds. RIP uses hop count as a metric, with 15 as the maximum number of hops.

To enable a dynamic routing protocol, select a routing protocol, such as RIP v2, assign the IP network
numbers without specifying the subnet values, and then assign the network or subnet addresses and the
appropriate subnet mask to the interfaces. In RIP v2, the router command starts the routing process. The
network command causes the implementation of three functions. The routing updates are multicast out an
581
Only for individual use – not for distribute on Internet
interface, the routing updates are processed if they enter that same interface, and the subnet that is directly
connected to that interface is advertised. The version 2 command enables RIP v2.

The show ip protocols command displays values about routing protocols and routing protocol timer
information associated with the router. Use the debug ip rip command to display RIP routing updates as they
are sent and received. The no debug all or undebug all commands will turn off all debugging.

24 MODULE 2
Module Overview

The two main classes of IGPs are distance vector and link-state. Both types of routing protocols find routes
through autonomous systems. Distance vector and link-state routing protocols use different methods to
accomplish the same tasks.

Link-state routing algorithms, also known as shortest path first ( SPF ) algorithms, maintain a complex
database of topology information. A link-state routing algorithm maintains full knowledge of distant routers
and how they interconnect. In contrast, distance vector algorithms provide nonspecific information about
distant networks and no knowledge of distant routers.

It is important to understand how link-state routing protocols operate in order to configure, verify, and
troubleshoot them. This module explains how link-state routing protocols work, outlines their features,
describes the algorithm they use, and points out the advantages and disadvantages of link-state routing.

Early routing protocols such as RIP v1 were all distance vector protocols. There are many distance vector
routing protocols in use today such as RIP v2, IGRP, and the hybrid routing protocol EIGRP. As networks
have grown larger and more complex, the limitations of distance vector routing protocols have become
apparent. Routers that use a distance vector routing protocol learn about the network topology from the routing
table updates of neighbor routers. Bandwidth usage is high because of the periodic exchange of routing
updates, and network convergence is slow which results in poor routing decisions.

Link-state routing protocols differ from distance vector protocols. Link-state protocols flood route information,
which allows every router to have a complete view of the network topology. Triggered updates allow efficient
use of bandwidth and faster convergence. Changes in the state of a link are sent to all routers in the network as
soon as the change occurs.

OSPF is one of the most important link-state protocols. OSPF is based on open standards, which means it can
be developed and improved by multiple vendors. It is a complex protocol that is a challenge to implement in a
large network. The basics of OSPF are covered in this module.

OSPF configuration on a Cisco router is similar to the configuration of other routing protocols. Similarly,
OSPF must be enabled on a router and the networks that will be advertised by OSPF must be identified. OSPF

582
Only for individual use – not for distribute on Internet
has a number of features and configuration procedures that are unique. These features make OSPF a powerful
choice for a routing protocol, but also make it a challenge to configure.

In large networks, OSPF can be configured to span many areas and several different area types. The ability to
design and implement large OSPF networks begins with the ability to configure OSPF in a single area. This
module also discusses the configuration of single-area OSPF.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.
Students who complete this module should be able to perform the following tasks:

 Identify key link-state routing protocol features


 Explain how link-state routing information is maintained
 Discuss the link-state routing algorithm
 Examine the advantages and disadvantages of link-state routing protocols
 Compare and contrast link-state routing protocols with distance vector routing protocols
 Enable OSPF on a router
 Configure a loopback address to set router priority
 Modify the cost metric to change OSPF route preference
 Configure OSPF authentication
 Change OSPF timers
 Describe the steps to create and propagate a default route
 Use show commands to verify OSPF operation
 Configure the OSPF routing process
 Define key OSPF terms
 Describe the OSPF network types
 Describe the OSPF Hello protocol
 Identify the basics steps in the operation of OSPF

24.1 Link-state Routing protocol

24.1.1 Overview of link-state routing

Link-state routing protocols perform differently than distance vector protocols. This page will explain the
differences between distance vector and link-state protocols. This information is vital for network
administrators. One essential difference is that distance vector protocols use a simpler method to exchange
route information. Figure -1- outlines the characteristics of both distance vector and link-state routing
protocols. Link-state routing algorithms maintain a complex database of topology information. While the
distance vector algorithm has nonspecific information about distant networks and no knowledge of distant
routers, a link-state routing algorithm maintains full knowledge of distant routers and how they interconnect.
The Interactive Media Activity will help students identify the different features of link-state and distance
vector protocols.

583
Only for individual use – not for distribute on Internet

24.1.2 Link-state routing protocol features

This page will explain how link-state protocols route data.

Link-state routing protocols collect route information from all other routers in the network or within a defined
area of the network. Once all of the information is collected, each router calculates the best paths to all
destinations in the network. Since each router maintains its own view of the network, it is less likely to
propagate incorrect information provided by any of its neighboring routers.

The following are some link-state routing protocol functions:

 Respond quickly to network changes


 Send triggered updates only when a network change has occurred
 Send periodic updates known as link-state refreshes
 Use a hello mechanism to determine the reachability of neighbors -1- -2-

Each router multicasts hello packets to keep track of the state of the neighbor routers. Each router uses LSAs
to keep track of all the routers in its area of the network. The hello packets contain information about the

584
Only for individual use – not for distribute on Internet
networks that are attached to the router. In Figure -3 -, P4 knows about its neighbors, P1 and P3, on the Perth3
network. The LSAs provide updates on the state of links that are interfaces on other routers in the network.

Routers that use link-state routing protocols have the following features:

 Use the hello information and LSAs received from other routers to build a database about the network
 Use the SPF algorithm to calculate the shortest route to each network
 Store the route information in the routing table

24.1.3 How routing information is maintained

This page will explain how link-state protocols use the following features:

 The LSAs
 A topological database
 The SPF algorithm
 The SPF tree
 A routing table of paths and ports to determine the best path for packets -1-

585
Only for individual use – not for distribute on Internet

Link-state routing protocols were designed to overcome the limitations of distance vector routing protocols.
For example, distance vector protocols only exchange routing updates with immediate neighbors while link-
state routing protocols exchange routing information across a much larger area.

When a failure occurs in the network, such as a neighbor becomes unreachable, link-state protocols flood
LSAs with a special multicast address throughout an area. This process sends information out all ports, except
the port on which the information was received. Each link-state router takes a copy of the LSA and updates its
link-state, or topological database. The link-state router then forwards the LSA to all neighbor devices. LSAs
cause every router within the area to recalculate routes. For this reason, the number of link-state routers within
an area should be limited.

A link is the same as an interface on a router. The state of the link is a description of an interface and the
relationship to the neighbor routers. For example, a description of the interface would include the IP address of
the interface, the subnet mask, the type of network that it is connected to, the routers connected to that network,
and so on. The collection of link-states form a link-state database which is sometimes called a topological
database. The link-state database is used to calculate the best paths through the network. Link-state routers
apply the Dijkstra shortest path first algorithm against the link-state database. This builds the SPF tree with the
local router as the root. The best paths are then selected from the SPF tree and placed in the routing table.

24.1.4 Link-state routing algorithms

Link-state routing algorithms maintain a complex database of the network topology by exchanging link-state
advertisements (LSAs) with other routers in a network. This page describes the link-state routing algorithm.

Link-state routing algorithms have the following characteristics:

 They are known collectively as SPF protocols.


 They maintain a complex database of the network topology.
 They are based on the Dijkstra algorithm.

Link-state protocols develop and maintain full knowledge of the network routers and how they interconnect.
This is achieved through the exchange of LSAs with other routers in the network.

586
Only for individual use – not for distribute on Internet
Each router constructs a topological database from the LSAs that it receives. The SPF algorithm is then used to
compute the reachability of destinations. This information is used to update the routing table. This process can
discover changes in the network topology caused by component failure or network growth.

An LSA exchange is triggered by an event in the network instead of periodic updates. This speeds up the
convergence process because there is no need to wait for a series of timers to expire before the routers can
converge.

If the network shown in Figure -1- uses a link-state routing protocol, there is no concern about connectivity
between routers A and D. Based on the protocol that is employed and the metrics that are selected, the routing
protocol can discriminate between two paths to the same destination and use the best one. In Figure -2- there
are two routing entries in the table for the route from Router A to Router D. In this figure, the routes have
equal costs so the link-state routing protocol records both routes. Some link-state protocols provide a way to
assess the performance capabilities of the two routes and choose the best one. If the preferred route through
Router C experiences operational difficulties such as congestion or component failure, the link-state routing
protocol can detect this change and route packets through Router B.

587
Only for individual use – not for distribute on Internet
24.1.5 Advantages and disadvantages of link-state routing

This page lists the advantages and disadvantages of link-state routing protocols.

The following are advantages of link-state routing protocols: -1-

 Link-state protocols use cost metrics to choose paths through the network. The cost metric reflects the
capacity of the links on those paths.
 Link-state protocols use triggered updates and LSA floods to immediately report changes in the
network topology to all routers in the network. This leads to fast convergence times.
 Each router has a complete and synchronized picture of the network. Therefore, it is very difficult for
routing loops to occur.
 Routers use the latest information to make the best routing decisions.
 The link-state database sizes can be minimized with careful network design. This leads to smaller
Dijkstra calculations and faster convergence.
 Every router, at the very least, maps the topology of its own area of the network. This attribute helps to
troubleshoot problems that can occur.
 Link-state protocols support CIDR and VLSM.

The following are some disadvantages of link-state routing protocols:

 They require more memory and processor power than distance vector protocols. This makes it
expensive to use for organizations with small budgets and legacy hardware.
 They require strict hierarchical network design, so that a network can be broken into smaller areas to
reduce the size of the topology tables.
 They require an administrator who understands the protocols well.
 They flood the network with LSAs during the initial discovery process. This process can significantly
decrease the capability of the network to transport data. It can noticeably degrade the network
performance.

24.1.6 Compare and contrast distance vector and link-state routing

This page will compare distance vector and link-state routing protocols.

All distance vector protocols learn routes and then send these routes to directly connected neighbors.
However, link-state routers advertise the states of their links to all other routers in the area so that each router
can build a complete link-state database. These advertisements are called link-state advertisements or LSAs.
Unlike distance vector routers, link-state routers can form special relationships with their neighbors and other
link-state routers. This is to ensure that the LSA information is properly and efficiently exchanged.

588
Only for individual use – not for distribute on Internet
The initial flood of LSAs provides routers with the information that they need to build a link-state database.
Routing updates occur only when the network changes. If there are no changes, the routing updates occur
after a specific interval. If the network changes, a partial update is sent immediately. The partial update only
contains information about links that have changed. Network administrators concerned about WAN link
utilization will find these partial and infrequent updates an efficient alternative to distance vector routing
protocols, which send out a complete routing table every 30 seconds. When a change occurs, link-state routers
are all notified simultaneously by the partial update. Distance vector routers wait for neighbors to note the
change, implement the change, and then pass the update to the neighbor routers. -1-

The benefits of link-state over distance vector protocols include faster convergence and improved bandwidth
utilization. Link-state protocols support CIDR and VLSM. This makes them a good choice for complex and
scalable networks. In fact, link-state protocols generally outperform distance vector protocols on any size
network. Link-state protocols are not implemented on every network because they require more memory and
processor power than distance vector protocols and can overwhelm slower equipment. Another reason they are
not more widely implemented is the fact that link-state protocols are quite complex. Link-state routing
protocols require well-trained administrators to correctly configure and maintain them.

24.2 Single-Area OSPF Concepts

24.2.1 OSPF overview

This page will introduce OSPF. OSPF is a link-state routing protocol that is based on open standards. It is
described in several standards of the Internet Engineering Task Force ( IETF ). The Open in OSPF means that
it is open to the public and is non-proprietary.

OSPF, when compared to RIP v1 and v2, is the preferred IGP because it is scalable. RIP is limited to 15 hops,
it converges slowly, and it sometimes chooses slow routes because it ignores critical factors such as bandwidth
in route determination. A drawback to using OSPF is that it only supports the TCP/IP protocol suite. -1- -2-

589
Only for individual use – not for distribute on Internet

OSPF has overcome these limitations and is a robust and scalable routing protocol that is suitable for modern
networks. OSPF can be used and configured as a single area for small networks. -3- It can also be used for
large networks.

590
Only for individual use – not for distribute on Internet
As shown in Figure - 4- , large OSPF networks use a hierarchical design. Multiple areas connect to a
distribution area, or area 0 which is also called the backbone. The design approach allows for extensive control
of routing updates. Area definition reduces routing overhead, speeds up convergence, confines network
instability to an area, and improves performance.

24.2.2 OSPF terminology

This page will introduce some terms that are related to OSPF.

Link-state routers identify neighboring routers and then communicate with the identified neighbors. OSPF has
its own terminology. The new terms are shown in Figure -1-

OSPF gathers information from neighbor routers about the link status of each OSPF router. -2-
591
Only for individual use – not for distribute on Internet

This information is flooded to all its neighbors. An OSPF router advertises its own link-states and passes on
received link-states. -3-

The routers process the information about link-states and build a link-state database. -4-

592
Only for individual use – not for distribute on Internet
Every router in the OSPF area will have the same link-state database. -5- Therefore, every router has the same
information about the state of the links and the neighbors of every other router.

Each router then applies the SPF algorithm on its own copy of the database. This calculation determines the
best route to a destination. The SPF algorithm adds up the cost, which is a value that is usually based on
bandwidth. -6- The lowest cost path is added to the routing table, which is also known as the forwarding
database. -7-

Each router keeps a list of adjacent neighbors, called the adjacency database. The adjacency database is a list
of all the neighbor routers to which a router has established bidirectional communication. This is unique to
each router. -8-

593
Only for individual use – not for distribute on Internet

To reduce the number of exchanges of routing information among several neighbors on the same network,
OSPF routers elect a designated router ( DR ) and a backup designated router ( BDR ) that serve as focal
points for routing information exchange. The Interactive Media Activity will teach students about OSPF
terminology. -9-

24.2.3 Comparing OSPF with distance vector routing protocols

This page will explain how OSPF compares to distance vector protocols such as RIP. Link-state routers
maintain a common picture of the network and exchange link information upon initial discovery or network
changes. Link-state routers do not broadcast routing tables periodically as distance vector protocols do. -1-
Therefore, link-state routers use less bandwidth for routing table maintenance.

594
Only for individual use – not for distribute on Internet

RIP is appropriate for small networks, and the best path is based on the lowest number of hops. OSPF is
appropriate for large, scalable internetworks, and the best path is determined by the speed of the link.
RIP and other distance vector protocols use simple algorithms to compute best paths. The SPF algorithm is
complex. Routers that implement distance vector protocols need less memory and less powerful processors
than those that implement OSPF.

OSPF selects routes based on cost, which is related to speed. The higher the speed, the lower the OSPF cost
of the link.

OSPF selects the fastest loop-free path from the SPF tree as the best path in the network.

OSPF guarantees loop-free routing. Distance vector protocols may cause routing loops. -2-

If links are unstable, flooding of link-state information can lead to unsynchronized link-state advertisements
and inconsistent decisions among routers. -3-

595
Only for individual use – not for distribute on Internet

OSPF addresses the following issues:

 Speed of convergence
 Support for Variable Length Subnet Mask (VLSM)
 Network size
 Path selection
 Grouping of members

In large networks RIP convergence can take several minutes since the routing table of each router is
copied and shared with directly connected routers. After initial OSPF convergence, maintaining a
converged state is faster because only the changes in the network are flooded to other routers in an area.

OSPF supports VLSMs and therefore is referred to as a classless protocol. RIP v1 does not support VLSMs,
however, RIP v2 does support VLSMs.

RIP considers a network that is more than 15 routers away to be unreachable because the number of hops is
limited to 15. This limits RIP to small topologies. OSPF has no size limits and is suitable for intermediate to
large networks.

RIP selects a path to a network by adding one to the hop count reported by a neighbor. It compares the hop
counts to a destination and selects the path with the smallest distance or hops. This algorithm is simple and
does not require a powerful router or a lot of memory. RIP does not take into account the available bandwidth
in best path determination.

OSPF selects a path using cost, a metric based on bandwidth. All OSPF routers must obtain complete
information about the networks of every router to calculate the shortest path. This is a complex algorithm.
Therefore, OSPF requires more powerful routers and more memory than RIP.

RIP uses a flat topology. Routers in a RIP region exchange information with all routers. OSPF uses the concept
of areas. A network can be subdivided into groups of routers. In this way OSPF can limit traffic to these areas.
Changes in one area do not affect performance in other areas. This hierarchical approach allows a network to
scale efficiently. -4-

596
Only for individual use – not for distribute on Internet

The Interactive Media Activity will help students learn the differences between link-state and distance vector
protocols.

24.2.4 Shortest path algorithm

This page will explain how OSPF uses the shortest-path algorithm to determine the best path to a destination.

In this algorithm, the best path is the lowest cost path. Edsger Wybe Dijkstra, a Dutch computer scientist,
formulated the shortest path-algorithm, also known as Dijkstra's algorithm. The algorithm considers a network
to be a set of nodes connected by point-to-point links. -1-
Each link has a cost. Each node has a name. Each node has a complete database of all the links and so
complete information about the physical topology is known. All router link-state databases, within a given
area, are identical. The table in Figure -1- shows the information that node D has received. For example, D
received information that it was connected to node C with a link cost of 4 and to node E with a link cost of 1.

The shortest path algorithm then calculates a loop-free topology using the node as the starting point and
examining in turn information it has about adjacent nodes. In Figure -2- , node B has calculated the best path
to D. The best path to D is by way of node E, which has a cost of 4. This information is converted to a route
entry in B which will forward traffic to C. Packets to D from B will flow B to C to E, then to D in this OSPF
network.

597
Only for individual use – not for distribute on Internet
In the example, node B determined that to get to node F the shortest path has a cost of 5, through node C. All
other possible topologies will either have loops or a higher cost paths.

24.2.5 OSPF network types

This page will introduce the three types of OSPF networks. A neighbor relationship is required for OSPF
routers to share routing information. A router will try to become adjacent, or neighbor, to at least one other
router on each IP network to which it is connected. OSPF routers determine which routers to become adjacent
to based on the type of network they are connected to. Some routers may try to become adjacent to all neighbor
routers. Other routers may try to become adjacent to only one or two neighbor routers. Once an adjacency is
formed between neighbors, link-state information is exchanged.

OSPF interfaces automatically recognize three types of networks:

 Broadcast multi-access, such as Ethernet


 Point-to-point networks
 Nonbroadcast multi-access ( NBMA ), such as Frame Relay -1-

598
Only for individual use – not for distribute on Internet
A fourth type, point-to-multipoint, can be manually configured on an interface by an administrator. -2-

In a multi-access network, it is not known in advance how many routers will be connected. In point-to-
point networks, only two routers can be connected.

In a broadcast multi-access network segment, many routers may be connected. If every router had to
establish full adjacency with every other router and exchange link-state information with every neighbor, there
would be too much overhead. If there are 5 routers, 10 adjacency relationships would be needed and 10 link-
states sent. If there are 10 routers then 45 adjacencies would be needed. In general, for n routers, n*(n-1)/2
adjacencies would need to be formed.

The solution to this overhead is to hold an election for a designated router ( DR ). This router becomes adjacent
to all other routers in the broadcast segment. All other routers on the segment send their link-state information
to the DR. The DR in turn acts as the spokesperson for the segment. The DR sends link-state information to all
other routers on the segment using the multicast address of 224.0.0.5 for all OSPF routers.

Despite the gain in efficiency that electing a DR provides, there is a disadvantage. The DR represents a single
point of failure. A second router is elected as a backup designated router ( BDR ) to take over the duties of the
DR if it should fail. -3- To ensure that both the DR and the BDR see the link-states all routers send on the
segment, the multicast address for all designated routers, 224.0.0.6, is used.

On point-to-point networks only two nodes exist and no DR or BDR is elected. Both routers become fully
adjacent with each other. The Interactive Media Activity will help students recognize the three types of OSPF
networks.

599
Only for individual use – not for distribute on Internet
24.2.6 OSPF Hello protocol

This page will introduce hello packets and the Hello protocol.

When a router starts an OSPF routing process on an interface, it sends a hello packet and continues to
send hellos at regular intervals. The rules that govern the exchange of OSPF hello packets are called the
Hello protocol.

At Layer 3 of the OSI model, the hello packets are addressed to the multicast address 224.0.0.5. This
address is ―all OSPF routers‖. OSPF routers use hello packets to initiate new adjacencies and to ensure that
neighbor routers are still functioning. Hellos are sent every 10 seconds by default on broadcast multi-access
and point-to-point networks. On interfaces that connect to NBMA networks, such as Frame Relay, the default
time is 30 seconds.

On multi-access networks the Hello protocol elects a designated router ( DR ) and a backup designated router (
BDR ).

Although the hello packet is small, it consists of the OSPF packet header. -1- For the hello packet the type
field is set to 1.

The hello packet carries information that all neighbors must agree upon before an adjacency is formed, and
link-state information is exchanged. -2-

The Interactive Media Activity will help students identify the fields in an OSPF packet header.

600
Only for individual use – not for distribute on Internet
24.2.7 Steps in the operation of OSPF

This page will explain how routers communicate in an OSPF network.

When a router starts an OSPF routing process on an interface, it sends a Hello packet and continues to send
Hellos at regular intervals. The set of rules that govern the exchange of OSPF Hello packets is called the Hello
protocol. On multi-access networks, the Hello protocol elects a designated router (DR) and a backup
designated router (BDR). The Hello carries information about which all neighbors must agree to form an
adjacency and exchange link-state information. On multi-access networks the DR and BDR maintain
adjacencies with all other OSPF routers on the network. -1- -2-

Adjacent routers go through a sequence of states. Adjacent routers must be in the full state before routing
tables are created and traffic routed. Each router sends link-state advertisements (LSA) in link-state update
(LSU) packets. These LSAs describe all of the routers links. Each router that receives an LSA from its
neighbor records the LSA in the link-state database. This process is repeated for all routers in the OSPF
network.

When the databases are complete, each router uses the SPF algorithm to calculate a loop free logical topology
to every known network. The shortest path with the lowest cost is used in building this topology, therefore the
best route is selected. -3-

601
Only for individual use – not for distribute on Internet

Routing information is now maintained. When there is a change in a link-state, routers use a flooding process
to notify other routers on the network about the change. The Hello protocol dead interval provides a simple
mechanism for determining that an adjacent neighbor is down. -4-….. -7-

602
Only for individual use – not for distribute on Internet

24.3 Single-Area OSPF Configuration

24.3.1 Configuring OSPF routing process

This page will teach students how to configure OSPF.

OSPF routing uses the concept of areas. Each router contains a complete database of link-states in a specific
area. An area in the OSPF network may be assigned any number from 0 to 65,535. However a single area is
assigned the number 0 and is known as area 0. In multi-area OSPF networks, all areas are required to connect
to area 0. Area 0 is also called the backbone area.

OSPF configuration requires that the OSPF routing process be enabled on the router with network addresses
and area information specified. -1-

Network addresses are configured with a wildcard mask and not a subnet mask. The wildcard mask
represents the links or host addresses that can be present in this segment. Area IDs can be written as a whole
number or dotted decimal notation. -2-

603
Only for individual use – not for distribute on Internet

To enable OSPF routing, use the global configuration command syntax:

Router(config)#router ospf process-id

The process ID is a number that is used to identify an OSPF routing process on the router. Multiple OSPF
processes can be started on the same router. The number can be any value between 1 and 65,535. Most
network administrators keep the same process ID throughout an autonomous system, but this is not a
requirement. It is rarely necessary to run more than one OSPF process on a router. IP networks are advertised
as follows in OSPF:

Router(config-router)#network address wildcard-mask area area-id

Each network must be identified with the area to which it belongs. The network address can be a whole
network, a subnet, or the address of the interface. The wildcard mask represents the set of host addresses that
the segment supports. This is different than a subnet mask, which is used when configuring IP addresses on
interfaces. The Lab Activity will help students configure and verify OSPF routing.

24.3.2 Configuring OSPF loopback address and router priority

This page will explain the purpose of an OSPF loopback interface. Students will also learn how to assign an IP
address to a loopback interface.

When the OSPF process starts, the Cisco IOS uses the highest local active IP address as its OSPF router ID.
If there is no active interface, the OSPF process will not start. If the active interface goes down, the OSPF
process has no router ID and therefore ceases to function until the interface comes up again.

To ensure OSPF stability there should be an active interface for the OSPF process at all times. A loopback
interface, which is a logical interface, can be configured for this purpose. When a loopback interface is
configured, OSPF uses this address as the router ID, regardless of the value. On a router that has more
than one loopback interface, OSPF takes the highest loopback IP address as its router ID.

To create and assign an IP address to a loopback interface use the following commands:

Router(config)#interface loopback number


Router(config-if)#ip address ip-address subnet-mask

604
Only for individual use – not for distribute on Internet
It is considered good practice to use loopback interfaces for all routers running OSPF. This loopback interface
should be configured with an address using a 32-bit subnet mask of 255.255.255.255. A 32-bit subnet mask is
called a host mask because the subnet mask specifies a network of one host. When OSPF is requested to
advertise a loopback network, OSPF always advertises the loopback as a host route with a 32-bit mask. -1-

In broadcast multi-access networks there may be more than two routers. OSPF selects a designated router ( DR
) to be the focal point of all link-state updates and link-state advertisements. Because the DR role is critical, a
backup designated router ( BDR ) is elected to take over if the DR fails.

If the network type of an interface is broadcast, the default OSPF priority is 1. When OSPF priorities are the
same, the OSPF election for DR is decided on the router ID. The highest router ID is selected.

The election result can be determined by ensuring that the ballots, the hello packets, contain a priority for that
router interface. The interface reporting the highest priority for a router will ensure that it becomes the DR. -2-

The priorities can be set to any value from 0 to 255. A value of 0 prevents that router from being elected. A
router with the highest OSPF priority will be selected as the DR. A router with the second highest priority will
be the BDR. After the election process, the DR and BDR retain their roles even if routers are added to the
network with higher OSPF priority values.

605
Only for individual use – not for distribute on Internet
Modify the OSPF priority by entering global interface configuration ip ospf priority command on an interface
that is participating in OSPF. -3-

The command show ip ospf interface will display the interface priority value as well as other key
information.-4-

Router(config-if)#ip ospf priority number


Router#show ip ospf interface type number

The Lab Activity will teach students to configure loopback interfaces for OSPF as well as observe the election
process for DR and BDR.

606
Only for individual use – not for distribute on Internet
24.3.3 Modifying OSPF cost metric

This page will teach students how to modify cost values on network interfaces.

OSPF uses cost as the metric for determining the best route. A cost is associated with the output side of each
router interface. Costs are also associated with externally derived routing data. In general, the path cost is
calculated using the formula 10^8/ bandwidth, where bandwidth is expressed in bps. The system administrator
can also configure cost by other methods. The lower the cost, the more likely the interface is to be used to
forward data traffic. The Cisco IOS automatically determines cost based on the bandwidth of the interface. -1-

It is essential for proper OSPF operation that the correct interface bandwidth is set.

Router(config)#interface serial 0/0


Router(config-if)#bandwidth 56

Cost can be changed to influence the outcome of the OSPF cost calculation. A common situation requiring a
cost change is in a multi-vendor routing environment. A cost change would ensure that one vendor‘s cost value
would match another vendor‘s cost value. Another situation is when Gigabit Ethernet is being used. The
default cost assigns the lowest cost value of 1 to a 100 Mbps link. In a 100-Mbps and Gigabit Ethernet
situation, the default cost values could cause routing to take a less desirable path unless they are adjusted. The
cost number can be between 1 and 65,535. -2-

Use the following interface configuration command to set the link cost:

Router(config-if)#ip ospf cost number

The Lab Activities will show students how to modify the OSPF cost metric of an interface.

24.3.4 Configuring OSPF authentication

This page will explain why OSPF authentication keys are used and how they are configured.

607
Only for individual use – not for distribute on Internet
By default, a router trusts that routing information is coming from a router that should be sending the
information. A router also trusts that the information has not been tampered with along the route.

To guarantee this trust, routers in a specific area can be configured to authenticate each other.

Each OSPF interface can present an authentication key for use by routers sending OSPF information to other
routers on the segment. The authentication key, known as a password, is a shared secret between the routers.
This key is used to generate the authentication data in the OSPF packet header. -1-

The password can be up to eight characters. Use the following command syntax to configure OSPF
authentication:

Router(config-if)#ip ospf authentication-key password

After the password is configured, authentication must be enabled:

Router(config-router)#area area-number authentication

With simple authentication, the password is sent as plain text. This means that it can be easily decoded if a
packet sniffer captures an OSPF packet.

It is recommended that authentication information be encrypted. To send encrypted authentication information


and to ensure greater security, the message-digest keyword is used. The MD5 keyword specifies the type of
message-digest hashing algorithm to use, and the encryption type field refers to the type of encryption, where 0
means none and 7 means proprietary.

Use the interface configuration command mode syntax:

Router(config-if)#ip ospf message-digest-key key-id encryption-type md5 key

The key-id is an identifier and takes the value in the range of 1 through 255. The key is an alphanumeric
password up to sixteen characters. Neighbor routers must use the same key identifier with the same key value.

The following is configured in router configuration mode:

Router(config-router)#area area-id authentication message-digest

608
Only for individual use – not for distribute on Internet
MD5 authentication creates a message digest. A message digest is scrambled data that is based on the
password and the packet contents. The receiving router uses the shared password and the packet to re-calculate
the digest. If the digests match, the router believes that the source and contents of the packet have not been
tampered with. The authentication type identifies which authentication, if any, is being used. In the case of
message-digest authentication, the authentication data field contains the key-id and the length of the message
digest that is appended to the packet. The message digest is like a watermark that cannot be counterfeited.

The Lab Activities will require students to set up an IP address scheme for an OSPF area. Students will then
configure OSPF authentication for the area.

24.3.5 Configuring OSPF timers

This page will explain how the hello and dead intervals are configured on an OSPF network.

OSPF routers must have the same hello intervals and the same dead intervals to exchange information. By
default, the dead interval is four times the value of the hello interval. This means that a router has four chances
to send a hello packet before being declared dead.

On broadcast OSPF networks, the default hello interval is 10 seconds and the default dead interval is 40
seconds. On nonbroadcast networks, the default hello interval is 30 seconds and the default dead interval is
120 seconds. These default values result in efficient OSPF operation and seldom need to be modified.

A network administrator is allowed to choose these timer values. A justification that OSPF network
performance will be improved is needed prior to changing the timers. These timers must be configured to
match those of any neighboring router.

To configure the hello and dead intervals on an interface, use the following commands: -1-

Router(config-if)#ip ospf hello-interval seconds


Router(config-if)#ip ospf dead-interval seconds

The Lab Activities will help students understand how to configure OSPF timers to enhance network efficiency.

24.3.6 OSPF, propagating a default route

This page will teach students how to configure a default route for an OSPF router.

OSPF routing ensures loop-free paths to every network in the domain. To reach networks outside the domain,
either OSPF must know about the network or OSPF must have a default route. To have an entry for every
network in the world would require enormous resources for each router.

A practical alternative is to add a default route to the OSPF router connected to the outside network. This route
can be redistributed to each router in the AS through normal OSPF updates. -1-

609
Only for individual use – not for distribute on Internet

A configured default route is used by a router to generate a gateway of last resort. The static default route
configuration syntax uses the network 0.0.0.0 address and a subnet mask 0.0.0.0:

Router(config)#ip route 0.0.0.0 0.0.0.0 [interface | next-hop address ]

This is referred to as the quad-zero route, and any network address is matched using the following rule. The
network gateway is determined by ANDing the packet destination with the subnet mask.

The following configuration statement will propagate this route to all the routers in a normal OSPF area:

Router(config-router)#default-information originate

All routers in the OSPF area will learn a default route provided that the interface of the border router to
the default gateway is active. The Lab Activities will help students configure an OSFP network and then set
up a default route.

24.3.7 Common OSPF configuration issues

This page will discuss some configuration issues that could prevent communications between OSPF routers.
An OSPF router must establish a neighbor or adjacency relationship with another OSPF router to exchange
routing information. Failure to establish a neighbor relationship is caused by any of the following reasons: -1-

610
Only for individual use – not for distribute on Internet
 Hellos are not sent from both neighbors.
 Hello and dead interval timers are not the same.
 Interfaces are on different network types.
 Authentication passwords or keys are different.

In OSPF routing it is also important to ensure the following:

 All interfaces have the correct addresses and subnet mask.


 network area statements have the correct wildcard masks.
 network area statements put interfaces into the correct area.

24.3.8 Verifying the OSPF configuration

This page will explain how show commands can be used to troubleshoot OSPF.

To verify the OSPF configuration a number of show commands are available. Figure -1- lists these
commands. Figure -2- shows commands useful for troubleshooting OSPF.

24.3.9 Module Summary

This page summarizes the topics discussed in this module.


611
Only for individual use – not for distribute on Internet
An essential difference between link-state routing protocols and distance vector protocols is how they
exchange routing information. Link-state routing protocols respond quickly to network changes, send triggered
updates only when a network change has occurred, send periodic updates known as link-state refreshes, and
use a hello mechanism to determine the reachability of neighbors.

A router running a link-state protocol uses the hello information and LSAs it receives from other
routers to build a database about the network. It also uses the shortest path first (SPF) algorithm to
calculate the shortest route to each network.

To overcome the limitations of distance vector routing protocols, link-state routing protocols use link-
state advertisements (LSAs), a topological database, the shortest path first (SPF) algorithm, a resulting SPF
tree, and a routing table of paths and ports to each network to determine the best paths for packets.

A link is the same as an interface on a router. The state of the link is a description of an interface and the
relationship to its neighboring routers. Link-state routers advertise with LSAs the states of their links to all
other routers in the area so that each router can build a complete link-state database. They form special
relationships with their neighbors and other link-state routers. Link state routers are a good choice for complex,
scalable networks. The benefits of link-state routing over distance vector protocols include faster convergence
and improved bandwidth utilization. Link-state protocols support classless interdomain routing (CIDR) and
variable-length subnet mask ( VLSM ).

Open Shortest Path First ( OSPF ) is a link-state routing protocol based on open standards. The Open in
OSPF means that it is open to the public and is non-proprietary. OSPF routers elect a Designated Router (DR)
and a Backup Designated Router (BDR) that serve as focal points for routing information exchange in order to
reduce the number of exchanges of routing information among several neighbors on the same network. OSPF
selects routes based on cost, which in the Cisco implementation is related to bandwidth. OSPF selects the
fastest loop-free path from the shortest-path first tree as the best path in the network. OSPF guarantees loop-
free routing. Distance vector protocols may cause routing loops. When a router starts an OSPF routing process
on an interface, it sends a hello packet and continues to send hellos at regular intervals. The rules that govern
the exchange of OSPF hello packets are called the Hello protocol. If all parameters in the OSPF Hello packets
are agreed upon, the routers become neighbors.

Each router sends link-state advertisements ( LSA ) in link-state update ( LSU ) packets. Each router
that receives an LSA from its neighbor records the LSA in the link-state database. This process is
repeated for all routers in the OSPF network. When the databases are complete, each router uses the SPF
algorithm to calculate a loop free logical topology to every known network. The shortest path with the lowest
cost is used in building this topology, therefore the best route is selected.

This routing information is maintained. When there is a change in a link-state, routers use a flooding process to
notify other routers on the network about the change. The Hello protocol dead interval provides a simple
mechanism for determining that an adjacent neighbor is down.

612
Only for individual use – not for distribute on Internet
25 MODULE 3
Module Overview

EIGRP is a Cisco-proprietary routing protocol that is based on IGRP.

EIGRP supports CIDR and VLSM which allows network designers to maximize address space. When
compared to IGRP which is a classful routing protocol, EIGRP boasts faster convergence times, improved
scalability, and superior management of routing loops.

Furthermore, EIGRP can replace Novell RIP and AppleTalk Routing Table Maintenance Protocol ( RTMP ).
EIGRP serves both IPX and AppleTalk networks with powerful efficiency.

EIGRP is often described as a hybrid routing protocol that offers the best of distance vector and link-state
algorithms.

EIGRP is an advanced routing protocol that relies on features commonly associated with link-state protocols.
Some of the best features of OSPF, such as partial updates and neighbor discovery, are similarly put to use by
EIGRP. However, EIGRP is easier to configure than OSPF.

EIGRP is an ideal choice for large, multi-protocol networks built primarily on Cisco routers.

This module covers common EIGRP configuration tasks. The emphasis is on ways in which EIGRP establishes
relationships with adjacent routers, calculates primary and backup routes, and responds to failures in known
routes to a particular destination.

A network is made up of many devices, protocols, and media that allow data communication to occur. When a
network component does not work correctly, it can affect the entire network. In any case, network
administrators must quickly identify and troubleshoot problems when they arise. The following are some
reasons why network problems occur:

 Commands are entered incorrectly


 Access lists are constructed or placed incorrectly
 Routers, switches, or other network devices are misconfigured
 Physical connections are bad

A network administrator should troubleshoot in a methodical manner with the use a general problem-solving
model. It is often useful to check for physical layer problems first and then move up the layers in an organized
manner. Although this module focuses on how to troubleshoot Layer 3 protocols, it is important to
troubleshoot and eliminate any problems that may exist at the lower layers.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.

Students who complete this module should be able to perform the following tasks:

 Describe the differences between EIGRP and IGRP


 Describe the key concepts, technologies, and data structures of EIGRP
 Understand EIGRP convergence and the basic operation of the Diffusing Update Algorithm ( DUAL )
 Perform basic EIGRP configuration
 Configure EIGRP route summarization
 Describe the processes used by EIGRP to build and maintain routing tables
 Verify EIGRP operations
 Describe the eight-step process for general troubleshooting
 Apply a logical process to troubleshoot routing
 Use the show and debug commands to troubleshoot RIP
 Use the show and debug commands to troubleshoot IGRP
613
Only for individual use – not for distribute on Internet
 Use the show and debug commands to troubleshoot EIGRP
 Use the show and debug commands to troubleshoot OSPF

25.1.1 Comparing EIGRP and IGRP

Cisco released EIGRP in 1994 as a scalable and improved version of its proprietary distance vector routing
protocol, IGRP. This page will explain how EIGRP and IGRP compare to each other. The distance vector
technology and distance information found in IGRP is also used in EIGRP.

EIGRP has improved convergence properties and operates more efficiently over IGRP. This allows a network
to have improved architecture as well as retain the current investment in IGRP.

The comparisons between EIGRP and IGRP fall into the following major categories:

 Compatibility mode
 Metric calculation
 Hop count
 Automatic protocol redistribution
 Route tagging

IGRP and EIGRP are compatible with each other. This compatibility provides seamless interoperability with
IGRP routers. This is important as users can take advantage of the benefits of both protocols. EIGRP offers
multiprotocol support, but IGRP does not.

EIGRP and IGRP use different metric calculations. EIGRP scales the metric of IGRP by a factor of 256. That
is because EIGRP uses a metric that is 32 bits long, and IGRP uses a 24-bit metric. EIGRP can multiply or
divide by 256 to easily exchange information with IGRP. -1-

614
Only for individual use – not for distribute on Internet
IGRP has a maximum hop count of 255. EIGRP has a maximum hop count limit of 224. This is
more than adequate to support large, properly designed internetworks.

To enable dissimilar routing protocols such as OSPF and RIP to share information requires advanced
configuration. Redistribution, or route sharing, is automatic between IGRP and EIGRP as long as both
processes use the same AS number. In Figure -2- , RTB automatically redistributes routes learned from EIGRP
to the IGRP AS, and vice versa.

EIGRP tags routes learned from IGRP or any outside source as external because they did not originate
from EIGRP routers. IGRP cannot differentiate between internal and external routes.

Notice that in the show ip route command output for the routers in Figure -3- , EIGRP routes are flagged with
D, and external routes are denoted by EX. RTA identifies the difference between the 172.16.0.0 network,
which was learned through EIGRP, and the 192.168.1.0 network that was redistributed from IGRP. In the RTC
table, the IGRP protocol makes no such distinction. RTC, which uses IGRP only, just sees IGRP routes,
despite the fact that both 10.1.1.0 and 172.16.0.0 were redistributed from EIGRP. The Interactive Media
Activity will help students recognize the characteristics of IGRP and EIGRP.

615
Only for individual use – not for distribute on Internet
25.1.2 EIGRP concepts and terminology

This page will discuss the three tables that EIGRP uses to store network information.

EIGRP routers keep route and topology information readily available in RAM so they can react quickly
to changes. Like OSPF, EIGRP saves this information in several tables and databases.

EIGRP saves routes that are learned, in specific ways. Routes are given a particular status and can be
tagged to provide additional useful information.

The following three tables are maintained by EIGRP:

 Neighbor table
 Topology table
 Routing table

The neighbor table is the most important table in EIGRP. Each EIGRP router maintains a neighbor table that
lists adjacent routers. This table is comparable to the adjacency database used by OSPF. There is a neighbor
table for each protocol that EIGRP supports. -1-

When newly discovered neighbors are learned, the address and interface of the neighbor is recorded. This
information is stored in the neighbor data structure. When a neighbor sends a hello packet, it advertises a hold
time. The hold time is the amount of time a router treats a neighbor as reachable and operational. If a hello
packet is not received within the hold time, then the hold time expires. When the hold time expires, the
Diffusing Update Algorithm ( DUAL ), which is the EIGRP distance vector algorithm, is informed of the
topology change and must recalculate the new topology.

The topology table is made up of all the EIGRP routing tables in the autonomous system. DUAL takes the
information supplied in the neighbor table and the topology table and calculates the lowest cost routes to each
destination. -2- EIGRP tracks this information so that EIGRP routers can identify and switch to alternate routes
quickly. The information that the router learns from the DUAL is used to determine the successor route, which
is the term used to identify the primary or best route. This information is also entered into the topology table.

616
Only for individual use – not for distribute on Internet

Every EIGRP router maintains a topology table for each configured network protocol. All learned routes to a
destination are maintained in the topology table.

The topology table includes the following fields: -2-

 Feasible distance (FD) - This is the lowest calculated metric to each destination. For example, the
feasible distance to 32.0.0.0 is 2195456.
 Route source - The identification number of the router that originally advertised that route. This field is
populated only for routes learned externally from the EIGRP network. Route tagging can be
particularly useful with policy-based routing. For example, the route source to 32.0.0.0 is 200.10.10.10
through 200.10.10.10.
 Reported distance (RD) - The distance reported by an adjacent neighbor to a specific destination. For
example, the reported distance to 32.0.0.0 is /281600 as indicated by (2195456/281600).
 Interface information - The interface through which the destination can be reached.
 Route status - The status of a route. Routes are identified as being either passive, which means that the
route is stable and ready for use, or active, which means that the route is in the the process of being
recomputed by DUAL.

The EIGRP routing table holds the best routes to a destination. This information is retrieved from the topology
table. EIGRP routers maintain a routing table for each network protocol.

A successor is a route selected as the primary route to reach a destination. -3-

617
Only for individual use – not for distribute on Internet

DUAL identifies this route from the information contained in the neighbor and topology tables and places it in
the routing table. There can be up to four successor routes for any particular destination. These can be of equal
or unequal cost and are identified as the best loop-free paths to a given destination. A copy of the successor
routes is also placed in the topology table.

A feasible successor ( FS ) is a backup route. -4-

These routes are identified at the same time as the successors, but these routes are only kept in the topology
table. Multiple feasible successors for a destination can be retained in the topology table although it is not
mandatory. -5-

618
Only for individual use – not for distribute on Internet

A router views the feasible successors as neighbors downstream, or closer to the destination than it is. Feasible
successor cost is computed by the advertised cost of the neighbor router to the destination. If a successor route
goes down, the router will look for an identified feasible successor. This route will be promoted to successor
status. A feasible successor must have a lower advertised cost than the current successor cost to the destination.
If a feasible successor is not identified from the current information, the router places an Active status on a
route and sends out query packets to all neighbors in order to recompute the current topology. The router can
identify any new successor or feasible successor routes from the new data that is received from the reply
packets that answer the query requests. The router will then place a Passive status on the route.

The topology table can record additional information about each route. EIGRP classifies routes as either
internal or external. EIGRP adds a route tag to each route to identify this classification. Internal routes
originate from within the EIGRP AS
External routes originate outside the EIGRP AS . Routes learned or redistributed from other routing
protocols, such as RIP, OSPF, and IGRP, are external. Static routes that originate outside the EIGRP AS
are external. The tag can be configured to a number between 0-255 to customize the tag. -6- -7-

619
Only for individual use – not for distribute on Internet

620
Only for individual use – not for distribute on Internet

25.1.3 EIGRP design features

This page will describe some key design features of EIGRP.

EIGRP operates quite differently from IGRP. EIGRP is an advance distance vector routing protocol, but
also acts as a link-state protocol in the way that it updates neighbors and maintains routing information.
The following are advantages of EIGRP over simple distance vector protocols: -1-

 Rapid convergence
 Efficient use of bandwidth
 Support for VLSM and CIDR.
 Multiple network layer support
 Independence from routed protocols.

Independence from routed protocols means that protocol-dependent modules ( PDMs ) protect EIGRP from
lengthy revision. As routed protocols evolve, they may need new protocol modules, but changes to EIGRP will
not be necessary.

EIGRP routers converge quickly because they rely on DUAL. DUAL guarantees loop-free operation
throughout a route computation which allows all routers involved in a topology change to synchronize at the
same time.
621
Only for individual use – not for distribute on Internet
EIGRP sends partial, bounded updates and makes efficient use of bandwidth. EIGRP uses minimal bandwidth
when the network is stable. EIGRP routers do not send the complete tables, but instead, send partial,
incremental updates. This is similar to OSPF operation, except that EIGRP routers send these partial updates
only to the routers that need the information, not to all routers in an area. For this reason, they are called
bounded updates. Instead of timed routing updates, EIGRP routers use small hello packets to keep in touch
with each other. Though exchanged regularly, hello packets do not use up a significant amount of bandwidth.

EIGRP supports IP, IPX, and AppleTalk through PDMs. EIGRP can redistribute IPX-RIP and IPX SAP
information to improve overall performance. In effect, EIGRP can take over for these two protocols. EIGRP
routers receive routing and service updates, and update other routers only when changes in the SAP or routing
tables occur. In EIGRP networks, routing updates occur in partial updates.

EIGRP can also take over for the AppleTalk RTMP. As a distance vector routing protocol, RTMP relies on
periodic and complete exchanges of routing information. To reduce overhead, EIGRP uses event-driven
updates to redistributes AppleTalk routing information. EIGRP also uses a configurable composite metric to
determine the best route to an AppleTalk network. RTMP uses hop count, which can result in suboptimal
routing. AppleTalk clients expect RTMP information from local routers, so EIGRP for AppleTalk should be
run only on a clientless network, such as a WAN link.

25.1.4 EIGRP technologies

This page will discuss some of the new technologies that EIGRP includes. Each new technology represents an
improvement in EIGRP operation efficiency, speed of convergence, or functionality relative to IGRP and other
routing protocols. These technologies fall into one of the following four categories:

 Neighbor discovery and recovery


 Reliable Transport Protocol
 DUAL finite-state machine algorithm
 Protocol-dependent modules

Simple distance vector routers do not establish any relationship with their neighbors. RIP and IGRP routers
merely broadcast or multicast updates on configured interfaces. In contrast, EIGRP routers actively establish
relationships with their neighbors, much the same way that OSPF routers do.

EIGRP routers establish adjacencies as described in Figure -1-

622
Only for individual use – not for distribute on Internet
EIGRP routers use small hello packets to accomplish this. Hellos are sent by default every five seconds. An
EIGRP router assumes that as long as it receives hello packets from known neighbors, those neighbors and
their routes remain viable or passive. The following are possible when EIGRP routers form adjacencies:

 Dynamically learn of new routes that join the network


 Identify routers that become either unreachable or inoperable
 Rediscover routers that had previously been unreachable

Reliable Transport Protocol (RTP) is a transport layer protocol that guarantees ordered delivery of EIGRP
packets to all neighbors. On an IP network, hosts use TCP to sequence packets and ensure their timely
delivery. However, EIGRP is protocol-independent. This means it does not rely on TCP/IP to exchange routing
information the way that RIP, IGRP, and OSPF do. To stay independent of IP, EIGRP uses RTP as its own
proprietary transport layer protocol to guarantee delivery of routing information.

EIGRP can call on RTP to provide reliable or unreliable service as the situation warrants. For example, hello
packets do not require the overhead of reliable delivery because they are frequent and should be kept small.
The reliable delivery of other routing information can actually speed convergence because then EIGRP routers
do not wait for a timer to expire before they retransmit.

With RTP, EIGRP can multicast and unicast to different peers simultaneously. This allows for maximum
efficiency.

The centerpiece of EIGRP is the DUAL, which is the EIGRP route-calculation engine. The full name of this
technology is DUAL finite-state machine (FSM). An FSM is an algorithm machine, not a mechanical device
with parts that move. FSMs define a set of possible states that something can go through, the events that cause
those states, and the events that result from those states. Designers use FSMs to describe how a device,
computer program, or routing algorithm will react to a set of input events. The DUAL FSM contains all the
logic used to calculate and compare routes in an EIGRP network.

DUAL tracks all the routes advertised by neighbors. Composite metrics of each route are used to compare
them. -2- -3-

623
Only for individual use – not for distribute on Internet

DUAL also guarantees that each path is loop free. DUAL inserts lowest cost paths into the routing table.
These primary routes are known as successor routes. A copy of the successor routes is also placed in the
topology table.

EIGRP keeps important route and topology information readily available in a neighbor table and a
topology table. These tables supply DUAL with comprehensive route information in case of network
disruption. DUAL uses the information in these tables to select alternate routes quickly. If a link goes down,
DUAL looks for an alternative route path, or feasible successor, in the topology table.

One of the best features of EIGRP is its modular design. Modular, or layered designs, prove to be the most
scalable and adaptable. Support for routed protocols, such as IP, IPX, and AppleTalk, is included in EIGRP
through PDMs. In theory, EIGRP can add PDMs to easily adapt to new or revised routed protocols such as
IPv6.

Each PDM is responsible for all functions related to its specific routed protocol.
The IP-EIGRP module is responsible for the following functions:

 Send and receive EIGRP packets that bear IP data


 Notify DUAL of new IP routing information that is received
 Maintain the results of DUAL routing decisions in the IP routing table
 Redistribute routing information that was learned by other IP-capable routing protocols

25.1.5 EIGRP data structure

Like OSPF, EIGRP relies on different types of packets to maintain its tables and establish relationships with
neighbor routers. This page will describe these packet types.

The following are the five types of EIGRP packets: -1-

 Hello
 Acknowledgment
624
Only for individual use – not for distribute on Internet
 Update
 Query
 Reply

EIGRP relies on hello packets to discover, verify, and rediscover neighbor routers. Rediscovery occurs if
EIGRP routers do not receive hellos from each other for a hold time interval but then re-establish
communication. -2-

EIGRP routers send hellos at a fixed, but configurable interval called the hello interval. The default hello
interval depends on the bandwidth of the interface. -3-
On IP networks, EIGRP routers send hellos to the multicast IP address 224.0.0.10.

EIGRP routers store information about neighbors in the neighbor table. The neighbor table includes the
Sequence Number (Seq No) field to record the number of the last received EIGRP packet that each neighbor
sent. The neighbor table also includes a Hold Time field which records the time the last packet was received.
Packets should be received within the Hold Time interval period to maintain a Passive state. The Passive state
is a reachable and operational status.

If EIGRP does not receive a packet from a neighbor within the hold time, EIGRP considers that
neighbor down. DUAL then steps in to re-evaluate the routing table. By default, the hold time is three times
the hello interval, but an administrator can configure both timers as desired.

OSPF requires neighbor routers to have the same hello and dead intervals to communicate. EIGRP has
no such restriction. Neighbor routers learn about each of the other respective timers through the exchange of
hello packets. They then use that information to forge a stable relationship regardless of unlike timers.

Hello packets are always sent unreliably. This means that no acknowledgment is transmitted.

EIGRP routers use acknowledgment packets to indicate receipt of any EIGRP packet during a reliable
exchange. RTP provides reliable communication between EIGRP hosts. A message that is received must be
acknowledged by the recipient to be reliable. Acknowledgment packets, which are hello packets without data,
are used for this purpose. Unlike multicast hellos, acknowledgment packets are unicast. Acknowledgments can
be attached to other kinds of EIGRP packets, such as reply packets.

625
Only for individual use – not for distribute on Internet
Update packets are used when a router discovers a new neighbor. EIGRP routers send unicast update packets
to that new neighbor so that it can add to its topology table. More than one update packet may be needed to
convey all the topology information to the newly discovered neighbor.

Update packets are also used when a router detects a topology change. In this case, the EIGRP router sends a
multicast update packet to all neighbors, which alerts them to the change. All update packets are sent reliably.

An EIGRP router uses query packets whenever it needs specific information from one or all of its neighbors. A
reply packet is used to respond to a query.

If an EIGRP router loses its successor and cannot find a feasible successor for a route, DUAL places the route
in the Active state. A query is then multicasted to all neighbors in an attempt to locate a successor to the
destination network. Neighbors must send replies that either provide information on successors or indicate that
no information is available. Queries can be multicast or unicast, while replies are always unicast. Both packet
types are sent reliably.

25.1.6 EIGRP algorithm

This page will describe the DUAL algorithm, which results in the exceptionally fast convergence of EIGRP.

The sophisticated DUAL algorithm results in the exceptionally fast convergence of EIGRP. To better
understand convergence with DUAL, consider the example in Figure -1- . Each router has constructed a
topology table that contains information about how to route to destination Network A.

Each topology table identifies the following information:

 The routing protocol or EIGRP


 The lowest cost of the route, which is called feasible distance (FD)
 The cost of the route as advertised by the neighboring router, which is called reported distance (RD)

The Topology column identifies the primary route called the successor route (successor), and, where identified,
the backup route called the feasible successor (FS). Note that it is not necessary to have an identified feasible
626
Only for individual use – not for distribute on Internet
successor. The EIGRP network follows a sequence of actions to allow convergence between the routers, which
currently have the following topology information: -1-

 Router C has one successor route by way of Router B.


 Router C has one feasible successor route by way of Router D.
 Router D has one successor route by way of Router B.
 Router D has no feasible successor route.
 Router E has one successor route by way of Router D.
 Router E has no feasible successor.

The feasible successor route selection rules are specified in Figure -2-

The following example demonstrates how each router in the topology will carry out the feasible successor
selection rules when the route from Router D to Router B goes down:

In Router D: -3-

 Route by way of Router B is removed from the topology table.


 This is the successor route. Router D has no feasible successor identified.
 Router D must complete a new route computation.

627
Only for individual use – not for distribute on Internet
In Router C:

 Route to Network A by way of Router D is down.


 Route by way of Router D is removed from the table.
 This is the feasible successor route for Router C.

In Router D: -4-

 Router D has no feasible successor. It cannot switch to an identified alternative backup route.
 Router D must recompute the topology of the network. The path to destination Network A is set to
Active.
 Router D sends a query packet to all connected neighbors to request topology information.
 Router C does have a previous entry for Router D.
 Router D does not have a previous entry for Router E.

In Router E:

 Route to Network A through Router D is down.


 The route by way of Router D is removed from the table.
 This is the successor route for Router E.
 Router E does not have a feasible route identified.
 Note that the RD cost of routing by way of Router C is 3. That is the same cost as the successor route
by way of Router D.

In Router C: -5-

 Router E sends a query packet to Router C.


 Router C removes Router E from the table.
 Router C replies to Router D with a new route to Network A.

628
Only for individual use – not for distribute on Internet

In Router D:

 Route status to destination Network A is still marked as Active. The computation has not been
completed yet.
 Router C has replied to Router D to confirm that a route to destination Network A is available with a
cost of 5. Figure -3-
 Router D still waits for a reply from Router E.

In Router E:

 Router E has no feasible successor to reach destination Network A.


 Router E, therefore, tags the status of the route to destination network as Active.
 Router E has to recompute the network topology.
 Router E removes the route by way of Router D from the table.
 Router E sends a query to Router C, to request topology information.
 Router E already has an entry by way of Router C. It is at a cost of 3, the same as the successor route.

In Router E: -6-

 Router C replies with an RD of 3.


 Router E can now set the route by way of Router C as the new successor with an FD of 4 and an RD of
3.
 Router E replaces the Active status of the route to destination Network A with a Passive status. Note
that a route will have a Passive status by default as long as hello packets are received. In this example,
only Active status routes are flagged.

629
Only for individual use – not for distribute on Internet

In Router E: -7-

 Router E sends a reply to Router D to inform it of the Router E topology information.

In Router D:

 Router D receives the reply packed from Router E.


 Router D enters this data for the route to destination Network A by way of Router E.
 This route becomes an additional successor route as the cost is the same as routing by way of Router C
and the RD is less than the FD cost of 5.

Convergence occurs among all EIGRP routers that use the DUAL algorithm.
630
Only for individual use – not for distribute on Internet
25.2 EIGRP Configuration
25.2.1 Configuring EIGRP

Despite the complexity of DUAL, configuring EIGRP can be relatively simple. EIGRP configuration
commands vary depending on the protocol that is to be routed. Some examples of these protocols are IP, IPX,
and AppleTalk. This page describes EIGRP configuration for the IP protocol. -1-

Perform the following steps to configure EIGRP for IP:

1. Use the following to enable EIGRP and define the autonomous system:

router(config)#router eigrp autonomous-system-number < AS >

The autonomous system number is used to identify all routers that belong within the internetwork. This
value must match all routers within the internetwork.

2. Indicate which networks belong to the EIGRP autonomous system on the local router by using the
following command:

router(config-router)#network network-number

The network-number is the network number that determines which interfaces of the router are
participating in EIGRP and which networks are advertised by the router.

The network command configures only connected networks. For example, network 3.1.0.0, which is on
the far left of the main Figure, is not directly connected to Router A. Consequently, that network is not
part of the configuration of Router A.

3. When configuring serial links using EIGRP, it is important to configure the bandwidth setting on the
interface. If the bandwidth for these interfaces is not changed, EIGRP assumes the default bandwidth
631
Only for individual use – not for distribute on Internet
on the link instead of the true bandwidth. If the link is slower, the router may not be able to converge,
routing updates might become lost, or suboptimal path selection may result. To set the interface
bandwidth, use the following syntax:

router(config-if)#bandwidth kbps

The bandwidth command is only used by the routing process and should be set to match the line speed
of the interface.

4. Cisco also recommends adding the following command to all EIGRP configurations:

router(config-router)#eigrp log-neighbor-changes

This command enables the logging of neighbor adjacency changes to monitor the stability of the
routing system and to help detect problems.

In the Lab Activities, students will set up an IP address scheme and configure EIGRP.

25.2.2 Configuring EIGRP summarization

This page will teach students how to manually configure summary addresses.

EIGRP automatically summarizes routes at the classful boundary. This is the boundary where the network
address ends, as defined by class-based addressing. This means that even though RTC is connected only to the
subnet 2.1.1.0, it will advertise that it is connected to the entire Class A network, 2.0.0.0. In most cases auto
summarization is beneficial because it keeps routing tables as compact as possible. -1-

However, automatic summarization may not be the preferred option in certain instances. For example, if there
are discontiguous subnetworks auto-summarization must be disabled for routing to work properly. -2-

632
Only for individual use – not for distribute on Internet

To turn off auto-summarization, use the following command:

router(config-router)#no auto-summary

With EIGRP, a summary address can be manually configured by configuring a prefix network. Manual
summary routes are configured on a per-interface basis, so the interface that will propagate the route summary
must be selected first. Then the summary address can be defined with the ip summary-address eigrp
command:

router(config-if)#ip summary-address eigrp autonomous-system-number ip-address mask


administrative-distance

EIGRP summary routes have an administrative distance of 5 by default. Optionally, they can be configured for
a value between 1 and 255. In Figure -3-, RTC can be configured using the commands shown:

RTC(config)#router eigrp 2446


RTC(config-router)#no auto-summary
RTC(config-router)#exit
RTC(config)#interface serial 0/0
RTC(config-if)#ip summary-address eigrp 2446 2.1.0.0 255.255.0.0

633
Only for individual use – not for distribute on Internet
Therefore, RTC will add a route to its table as follows:

D 2.1.0.0/16 is a summary, 00:00:22, Null0

Notice that the summary route is sourced from Null0 and not from an actual interface. This is because this
route is used for advertisement purposes and does not represent a path that RTC can take to reach that network.
On RTC, this route has an administrative distance of 5.

RTD is not aware of the summarization but accepts the route. The route is assigned the administrative distance
of a normal EIGRP route, which is 90 by default.

In the configuration for RTC, auto-summarization is turned off with the no auto-summary command. If auto-
summarization was not turned off, RTD would receive two routes, the manual summary address, which is
2.1.0.0 /16, and the automatic, classful summary address, which is 2.0.0.0 /8.

In most cases when manually summarizing, the no auto-summary command should be issued.

25.2.3 Verifying basic EIGRP

This page will explain how show commands can be used to verify EIGRP configurations. Figure -1- lists the
key EIGRP show commands and briefly discusses their functions.

634
Only for individual use – not for distribute on Internet
The Cisco IOS debug feature also provides useful EIGRP monitoring commands. -2-

The Lab Activities will require students to set up an IP address scheme and verify EIGRP configurations.

25.2.4 Building neighbor tables

This page will explain how EIGRP builds neighbor tables. Students will also learn about the information that is
stored in a neighbor table and how it is used.

Simple distance vector routers do not establish any relationship with their neighbors. RIP and IGRP routers
merely broadcast or multicast updates on configured interfaces. In contrast, EIGRP routers actively establish
relationships with their neighbors as do OSPF routers. -1-

The neighbor table is the most important table in EIGRP. Each EIGRP router maintains a neighbor table
that lists adjacent routers. This table is comparable to the adjacency database used by OSPF. There is a
neighbor table for each protocol that EIGRP supports.

EIGRP routers establish adjacencies with neighbor routers by using small hello packets.

Hellos are sent by default every five ( 5 ) seconds. -2-

635
Only for individual use – not for distribute on Internet

An EIGRP router assumes that, as long as it is receiving hello packets from known neighbors, those neighbors
and their routes remain viable or passive.

By forming adjacencies, EIGRP routers do the following:

 Dynamically learn of new routes that join their network


 Identify routers that become either unreachable or inoperable
 Rediscover routers that had previously been unreachable

The following fields are found in a neighbor table:

 Neighbor address - This is the network layer address of the neighbor router.
 Hold time - This is the interval to wait without receiving anything from a neighbor before considering
the link unavailable. Originally, the expected packet was a hello packet, but in current Cisco IOS
software releases, any EIGRP packets received after the first hello will reset the timer.
 Smooth Round-Trip Timer (SRTT) - This is the average time that it takes to send and receive packets
from a neighbor. This timer is used to determine the retransmit interval (RTO).
 Queue count (Q Cnt) - This is the number of packets waiting in a queue to be sent. If this value is
constantly higher than zero, there may be a congestion problem at the router. A zero means that there
are no EIGRP packets in the queue.
 Sequence Number (Seq No) - This is the number of the last packet received from that neighbor.
EIGRP uses this field to acknowledge a transmission of a neighbor and to identify packets that are out
of sequence. The neighbor table is used to support reliable, sequenced delivery of packets and can be
regarded as analogous to the TCP protocol used in the reliable delivery of IP packets.

25.2.5 Discover routes

This page will explain how EIGRP stores route and topology information. Students will also learn how DUAL
uses this information to route data.

EIGRP routers keep route and topology information available in RAM, so changes can be reacted to
quickly. Like OSPF, EIGRP keeps this information in several tables or databases.

636
Only for individual use – not for distribute on Internet

The EIGRP distance vector algorithm, DUAL, uses the information gathered in the neighbor and topology
tables and calculates the lowest cost route to the destination. The primary route is called the successor route.
When calculated, DUAL places the successor route in the routing table and a copy in the topology table.

DUAL also attempts to calculate a backup route in case the successor route fails. This is called the
feasible successor route. When calculated, DUAL places the feasible route in the topology table. This route can
be called upon if the successor route to a destination becomes unreachable or unreliable. The Interactive Media
Activity will help students understand some important EIGRP terms and concepts.

25.2.6 Select routes

This page will explain how DUAL selects an alternative route in the topology table when a link goes down.
-1-…..-3-
If a feasible successor is not found, the route is flagged as Active, or unusable at present. Query packets are
sent to neighboring routers requesting topology information. DUAL uses this information to recalculate
successor and feasible successor routes to the destination.

Once DUAL has completed these calculations, the successor route is placed in the routing table. Then both the
successor route and feasible successor route are placed in the topology table. The route to the final destination
will now pass from an Active status to a Passive status. This means that the route is now operational and
reliable.

The sophisticated algorithm of DUAL results in EIGRP having exceptionally fast convergence. To better
understand convergence using DUAL, consider the example in Figure -1-. All routers have built a topology
table that contains information about how to route to destination network Z.

Each table identifies the following:

 The routing protocol or EIGRP


 The lowest cost of the route or Feasible Distance (FD)
 The cost of the route as advertised by the neighboring router or Reported Distance (RD)
637
Only for individual use – not for distribute on Internet

638
Only for individual use – not for distribute on Internet
The Topology table identifies the preferred primary route, which is called the successor route (Successor). If it
is identified, the Topology table will also identify the backup route, which is called the feasible successor (FS).
Note that it is not necessary to have an identified feasible successor. -4-

25.2.7 Maintaining routing tables

This page will explain how DUAL maintains and updates routing tables.

DUAL tracks all routes advertised by neighbors using the composite metric of each route to compare them.
DUAL also guarantees that each path is loop-free.

Lowest-cost paths are then inserted by the DUAL algorithm into the routing table. These primary routes are
known as successor routes. A copy of the successor paths is placed in the topology table.

EIGRP keeps important route and topology information readily available in a neighbor table and a topology
table. These tables supply DUAL with comprehensive route information in case of network disruption. DUAL
selects alternate routes quickly by using the information in these tables.

If a link goes down, DUAL looks for an alternative route path, or feasible successor, in the topology table. If a
feasible successor is not found, the route is flagged as active, or unusable at present. Query packets are sent to
neighboring routers requesting topology information. DUAL uses this information to recalculate successor and
feasible successor routes to the destination.

Once DUAL has completed these calculations, the successor route is placed in the routing table. Then both the
successor route and feasible successor route are placed in the topology table. The route to the final destination
will now pass from an active status to a passive status. This means that the route is now operational and
reliable.

EIGRP routers establish and maintain adjacencies with neighbor routers by using small hello packets. Hellos
are sent by default every five seconds. An EIGRP router assumes that, as long as it is receiving hello packets
from known neighbors, those neighbors and their routes remain viable, or passive.

When newly discovered neighbors are learned, the address and interface of the neighbor is recorded. This
information is stored in the neighbor data structure. When a neighbor sends a hello packet, it advertises a hold
time. The hold time is the amount of time a router treats a neighbor as reachable and operational. In other

639
Only for individual use – not for distribute on Internet
words, if a hello packet is not heard from within the hold time, the hold time expires. When the hold time
expires, DUAL is informed of the topology change, and must recalculate the new topology.

In the example in Figures -1-..-3-, DUAL must reconstruct the topology following the discovery of a broken
link between router D and router B. The new successor routes will be placed in the updated routing table.

640
Only for individual use – not for distribute on Internet
25.3 Troubleshooting Routing Protocols

25.3.1 Routing protocol troubleshooting process

This page will explain the logical sequence of steps that should be used to troubleshoot all routing protocols.

All routing protocol troubleshooting should begin with a logical sequence, or process flow. This process flow
is not a rigid outline for troubleshooting an internetwork.

However, it is a foundation from which a network administrator can build a problem-solving process to suit a
particular environment.

1. When analyzing a network failure, make a clear problem statement.

2. Gather the facts needed to help isolate possible causes.

3. Consider possible problems based on the facts that have been gathered.

4. Create an action plan based on the remaining potential problems.

641
Only for individual use – not for distribute on Internet
5. Implement the action plan, performing each step carefully while testing to see whether the symptom
disappears.

6. Analyze the results to determine whether the problem has been resolved. If it has, then the process is
complete.

7. If the problem has not been resolved, create an action plan based on the next most likely problem in the
list. Return to Step 4, change one variable at a time, and repeat the process until the problem is solved.

8. Once the actual cause of the problem is identified, try to solve it.

Cisco routers provide numerous integrated commands to assist in monitoring and troubleshooting an
internetwork:

 show commands help monitor installation behavior and normal network behavior, as well as isolate
problem areas. Figure -9-
 debug commands assist in the isolation of protocol and configuration problems Figure -10-
 TCP/IP network tools such as ping, traceroute, and telnet

642
Only for individual use – not for distribute on Internet

Cisco IOS show commands are among the most important tools for understanding the status of a router,
detecting neighboring routers, monitoring the network in general, and isolating problems in the network.

EXEC debug commands can provide a wealth of information about interface traffic, internal error messages,
protocol-specific diagnostic packets, and other useful troubleshooting data. Use debug commands to isolate
problems, not to monitor normal network operation. Only use debug commands to look for specific types of
traffic or problems. Before using the debug command, narrow the problems to a likely subset of causes. Use
the show debugging command to view which debugging features are enabled.

25.3.2 Troubleshooting RIP configuration

This page will discuss VLSM as the most common problem that occurs in RIP networks. VLSM prevents the
advertisement of RIP routes. The most common problem found in Routing Information Protocol (RIP) that
prevents RIP routes from being advertised is the variable-length subnet mask (VLSM). This is because RIP
Version 1 does not support VLSM.
If the RIP routes are not being advertised, check the following:

 Layer 1 or Layer 2 connectivity issues exist.


 VLSM subnetting is configured. VLSM subnetting cannot be used with RIP v1.
 Mismatched RIP v1 and RIP v2 routing configurations exist.
 Network statements are missing or incorrectly assigned.
 The outgoing interface is down.
 The advertised network interface is down.

The show ip protocols command provides information about the parameters and current state of the active
routing protocol process. RIP sends updates to the interfaces in the specified networks. -1-
If interface FastEthernet 0/1 was configured but the network was not added to RIP routing, no updates would
be sent out or received from the interface.

643
Only for individual use – not for distribute on Internet
Use the debug ip rip EXEC command to display information on RIP routing transactions. The no debug ip
rip , no debug all , or undebug all commands will turn off all debugging.

Figure -2- shows that the router being debugged has received an update from another router at source address
192.168.3.1. That router sent information about two destinations in the routing table update. The router being
debugged also sent updates. Both routers broadcasted address 255.255.255.255 as the destination. The number
in parentheses is the source address encapsulated into the IP header.

An entry most likely caused by a malformed packet from the transmitter is shown in the following output:
RIP: bad version 128 from 160.89.80.43.

25.3.3 Troubleshooting IGRP configuration

This page will teach students how to troubleshoot IGRP. IGRP is an advanced distance vector routing protocol
that was developed by Cisco in the 1980s. IGRP has several features that differentiate it from other distance
vector routing protocols such as RIP. -1-

644
Only for individual use – not for distribute on Internet
Use the router igrp autonomous-system command to enable the IGRP routing process:

R1(config)#router igrp 100 == 100= number Autonomus Sistem ( AS )

Use the router configuration network network-number command to enable interfaces to participate in the
IGRP update process:

R1(config-router)#network 172.30.0.0
R1(config-router)#network 192.168.3.0

Verify IGRP configuration with the show running-configuration and show ip protocols commands: -2-

R1#show ip protocols

Verify IGRP operation with the show ip route command: -3-

R1#show ip route

645
Only for individual use – not for distribute on Internet
If IGRP does not appear to be working correctly, check the following:

 Layer 1 or Layer 2 connectivity issues exist.


 Autonomous system numbers on IGRP routers are mismatched.
 Network statements are missing or incorrectly assigned.
 The outgoing interface is down.
 The advertised network interface is down.

To view IGRP debugging information, use the following commands:

 debug ip igrp transactions [host ip address] to view IGRP transaction information


 debug ip igrp events [host ip address] to view routing update information

To turn off debugging, use the no debug ip igrp command.

If a network becomes inaccessible, routers running IGRP send triggered updates to neighbors to inform them.
A neighbor router will then respond with poison reverse updates and keep the suspect network in a holddown
state for 280 seconds.

25.3.4 Troubleshooting EIGRP configuration

This page will provide some commands that are used to troubleshoot EIGRP.

Normal EIGRP operation is stable, efficient in bandwidth utilization, and relatively simple to monitor and
troubleshoot.

Use the router eigrp autonomous-system command to enable the EIGRP routing process:

R1(config)#router eigrp 100

To exchange routing updates, each router in the EIGRP network must be configured with the same autonomous
system number.

Use the router configuration network network-number command to enable interfaces to participate in the
EIGRP update process:

R1(config-router)#network 172.30.0.0
R1(config-router)#network 192.168.3.0

Verify EIGRP configuration with the show running-configuration and show ip protocols commands: -1-

R1#show ip protocols

646
Only for individual use – not for distribute on Internet

Some possible reasons why EIGRP may not be working correctly are:

 Layer 1 or Layer 2 connectivity issues exist.


 Autonomous system numbers on EIGRP routers are mismatched.
 The link may be congested or down.
 The outgoing interface is down.
 The advertised network interface is down.
 Auto-summarization is enabled on routers with discontiguous subnets. Use the no auto-summary
command to disable automatic network summarization.

One of the most common reasons for a missing neighbor is a failure on the actual link. Another possible cause
of missing neighbors is an expired holddown timer. Since hellos are sent every 5 seconds on most networks,
the hold-time value in a show ip eigrp neighbors command output should normally be a value between 10
and 15. Figure -2-

647
Only for individual use – not for distribute on Internet
To effectively monitor and troubleshoot an EIGRP network, use the commands described in Figures -3- and -4-

25.3.5 Troubleshooting OSPF configuration

This page will show students how to troubleshoot OSPF. OSPF is a link-state protocol.

Open Shortest Path First (OSPF) is a link-state protocol. A link is an interface on a router. The state of the link
is a description of that interface and of its relationship to its neighboring routers. For example, a description of
the interface would include the IP address, the mask, the type of network to which it is connected, the routers
connected to that network, and so on. This information forms a link-state database.

The majority of problems encountered with OSPF relate to the formation of adjacencies and the
synchronization of the link-state databases. The show ip ospf neighbor command is useful for troubleshooting
adjacency formation. The show commands that can be used to troubleshoot OSPF are shown in Figure -1-.

Use the debug ip ospf events Privileged EXEC command to display the following information about OSPF-
related events:

 Adjacencies
 Flooding information
 Designated router selection
 Shortest path first (SPF) calculation

648
Only for individual use – not for distribute on Internet
If a router configured for OSPF routing is not seeing an OSPF neighbor on an attached network, perform the
following tasks:

 Verify that both routers have been configured with the same IP mask, OSPF hello interval, and OSPF
dead interval.
 Verify that both neighbors are part of the same area.

To display information about each Open Shortest Path First (OSPF) packet received, use the debug ip ospf
packet Privileged EXEC command. The no form of this command disables debugging output.

The debug ip ospf packet command produces one set of information for each packet received. The output
varies slightly, depending on which authentication is used.

25.3.6 Module Summary

This page summarizes the topics discussed in this module.

Although IGRP and EIGRP are compatible with each other, there are some differences. EIGRP offers
multiprotocol support, but IGRP does not. EIGRP and IGRP use different metric calculations.

IGRP has a maximum hop count of 255.

EIGRP has a maximum hop count limit of 224.


EIGRP routers keep route and topology information readily available in RAM. Like OSPF, EIGRP saves
this information in three tables. The neighbor table lists adjacent routers, the topology table which is made up
of all the EIGRP routing tables in the autonomous system, and the routing table which holds the best routes to
a destination. DUAL (the EIGRP distance vector algorithm) takes the information supplied in the neighbor
table and the topology table and calculates the lowest cost routes to each destination. The preferred primary
route is called the successor route and the backup route is called the feasible successor (FS).

EIGRP is an advanced distance vector routing protocol and acts as a link-state protocol when updating
neighbors and maintaining routing information. Advantages include rapid convergence, efficient use of
bandwidth, support for VLSM and CIDR, support for multiple network layers, and independence from routed
protocols.

649
Only for individual use – not for distribute on Internet
The DUAL algorithm results in the fast convergence of EIGRP. Each router has constructed a topology
table that contains information about how to route to specific destinations. Each topology table identifies the
routing protocol or EIGRP, the lowest cost of the route, which is called Feasible Distance (FD), and the cost of
the route as advertised by the neighboring router called Reported Distance (RD).

EIGRP configuration commands vary depending on which protocol is used. Some examples of these
protocols are IP, IPX, and AppleTalk. The network command configures only connected networks. EIGRP
automatically summarizes routes at the classful boundary. If there are discontiguous subnetworks, auto-
summarization must be disabled for routing to work properly. Verifying EIGRP operation is performed by the
use of various show commands.

The most important table in EIGRP is the neighbor table that lists adjacent routers. Hello packets are
used to establish adjacencies with neighboring routers. By default, hellos are sent every five seconds. Neighbor
tables contain fields for the neighbor address, hold time, smooth round-trip timer (SRTT), queue count (Q
Cnt), and a sequence number (Seq NO).

If a link goes down, DUAL looks for an alternative route path, or feasible successor, in the topology
table. If a feasible successor is not found, the route is flagged as active, or unusable at present. Query packets
are sent to neighboring routers requesting topology information. DUAL uses this information to recalculate
successor and feasible successor routes to the destination.

The eight ( 8 ) steps of the troubleshooting process should be followed when determining the cause of
routing protocol problems. Variable-length subnet mask (VLSM) is the most common problem found in
Routing Information Protocol (RIP) that prevents RIP routes from being advertised. The show ip protocols
command provides information about the parameters and current state of the active routing protocol process.
For IGRP, use the router igrp autonomous-system command to enable the IGRP routing process. For EIGRP,
use the router eigrp autonomous-system command to enable the EIGRP routing process. The show ip ospf
neighbor command is useful for troubleshooting adjacency formation for OSPF since the majority of problems
relate to the formation of adjacencies and the synchronization of the link-state database.

650
Only for individual use – not for distribute on Internet
26 MODULE 4
Module Overview

LAN design has evolved. Network designers until very recently used hubs and bridges to build networks. Now
switches and routers are the key components in LAN design, and the capabilities and performance of these
devices continue to improve.

This module describes the roots of modern Ethernet LANs with an emphasis on the evolution of
Ethernet/802.3, the most commonly deployed LAN architecture. A look at the historical context of LAN
development and various network devices that can be utilized at different layers of the OSI model will help
students better understand the reasons why network devices have evolved as they have.

Until recently, repeaters were used in most Ethernet networks. Network performance suffered as too many
devices shared the same segment. Network engineers then added bridges to create multiple collision domains.
As networks grew in size and complexity, the bridge evolved into the modern switch which allows
microsegmentation of the network. Modern networks are now built with switches and routers, often with both
functionalities in one device.

Many modern switches are capable of performing varied and complex tasks in the network. This module will
provide an introduction to network segmentation and will describe the basics of switch operation.

Switches and bridges perform much of the heavy work in LANs where they make nearly instantaneous
decisions when frames are received. This module describes in detail how switches learn the physical addresses
of nodes, and how switches transmit and filter frames. This module also describes the principles of LAN
segmentation and collision domains.

Switches are Layer 2 devices that are used to increase available bandwidth and reduce network congestion. A
switch can segment a LAN into microsegments, which are segments with only a single host.
Microsegmentation creates multiple collision-free domains from one large domain. As a Layer 2 device, the
LAN switch increases the number of collision domains, but all hosts connected to the switch are still part of
the same broadcast domain.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.

Students who complete this module should be able to perform the following tasks:

 Describe the history and function of shared, or half-duplex Ethernet


 Define collision as it relates to Ethernet networks
 Define CSMA/CD
 Describe some of the key elements that affect network performance
 Describe the function of repeaters
 Define network latency
 Define transmission time
 Define network segmentation with routers, switches, and bridges
 Define Ethernet switch latency
 Explain the differences between Layer 2 and Layer 3 switching
 Define symmetric and asymmetric switching
 Define memory buffering
 Compare and contrast store-and-forward and cut-through switching
 Understand the differences between hubs, bridges, and switches
 Describe the main functions of switches
 List the major switch frame transmission modes
 Describe the process by which switches learn addresses
 Identify and define forwarding modes
 Define LAN segmentation
651
Only for individual use – not for distribute on Internet
 Define microsegmentation with the use of switches
 Describe the frame-filtering process
 Compare and contrast collision and broadcast domains
 Identify the cables needed to connect switches to workstations
 Identify the cables needed to connect switches to other switches

26.1 Introduction to Ethernet/802.3 LANs

26.1.1 Ethernet/802.3 LAN development

This page will review the devices that are found on a network.

The earliest LAN technologies used either thick Ethernet or thin Ethernet infrastructures. It is important to
understand the limitations of these infrastructures, as shown in Figure -1- , in order to understand the
advancements in LAN switching.

The addition of hubs or concentrators into the network offered an improvement on thick and thin Ethernet
technology. A hub is a Layer 1 device and is sometimes referred to as an Ethernet concentrator or a multi-port
repeater. Hubs allow better access to the network for more users. Hubs regenerate data signals which allows
networks to be extended to greater distances. Hubs do not make any decisions when data signals are received.
Hubs simply regenerate and amplify the data signals to all connected devices, except for the device that
originally sent the signal.

Ethernet is fundamentally a shared technology where all users on a given LAN segment compete for the same
available bandwidth. This situation is analogous to a number of cars that try to access a one-lane road at the
same time. Since the road has only one lane, only one car can access it at a time. As hubs were added to the
network, more users competed for the same bandwidth. -2-

Collisions are a by-product of Ethernet networks. If two or more devices try to transmit at the same time, a
collision occurs. This situation is analogous to two cars that try to merge into a single lane and cause a
collision. Traffic is backed up until the collision can be cleared. Excessive collisions in a network result in
slow network response times. This indicates that the network is too congested or has too many users who need
to access the network at the same time.

Layer 2 devices are more intelligent than Layer 1 devices. Layer 2 devices make forwarding decisions based
on Media Access Control ( MAC ) addresses contained within the headers of transmitted data frames.

652
Only for individual use – not for distribute on Internet

A bridge is a Layer 2 device used to divide, or segment, a network. Bridges collect and selectively pass
data frames between two network segments. In order to do this, bridges learn the MAC address of devices on
each connected segment. With this information, the bridge builds a bridging table and forwards or blocks
traffic based on that table. This results in smaller collision domains and greater network efficiency. -3-
Bridges do not restrict broadcast traffic. However, they do provide greater traffic control within a network.

A switch is also a Layer 2 device and may be referred to as a multi-port bridge. Switches make
forwarding decisions based on MAC addresses contained within transmitted data frames. Switches learn the
MAC addresses of devices connected to each port and this information is entered into a switching table.

Switches create a virtual circuit between two connected devices that want to communicate. When the
virtual circuit is created, a dedicated communication path is established between the two devices. The
implementation of a switch on the network provides microsegmentation. This creates a collision free
environment between the source and destination, which allows maximum utilization of the available
bandwidth. Switches are able to facilitate multiple, simultaneous virtual circuit connections. This is analogous
to a highway that is divided into multiple lanes and each car has its own dedicated lane. -4-

The disadvantage of Layer 2 devices is that they forward broadcast frames to all connected devices on the
network. Excessive broadcasts in a network result in slow network response times.

653
Only for individual use – not for distribute on Internet
A router is a Layer 3 device. Routers make decisions based on groups of network addresses, or classes,
as opposed to individual MAC addresses. Routers use routing tables to record the Layer 3 addresses of the
networks that are directly connected to the local interfaces and network paths learned from neighbor routers.

The following are functions of a router:

 Examine inbound packets of Layer 3 data


 Choose the best path for the data through the network
 Route the data to the proper outbound port

Routers do not forward broadcasts unless they are programmed to do so. Therefore, routers reduce the size of
both the collision domains and the broadcast domains in a network. Routers are the most important devices to
regulate traffic on large networks. Routers enable communication between two computers regardless of
location or operating system.

LANs typically employ a combination of Layer 1, Layer 2, and Layer 3 devices. Implementation of these
devices depends on factors that are specific to the particular needs of the organization. The Interactive Media
Activity will require students to match network devices to the layers of the OSI model.

654
Only for individual use – not for distribute on Internet
26.1.2 Factors that impact network performance

This page will describe some factors that cause LANs to become congested and overburdened. In addition to a
large number of network users, several other factors have combined to test the limits of traditional LANs: -1-

 The multitasking environment present in current desktop operating systems such as Windows,
Unix/Linux, and Mac OS X allows for simultaneous network transactions. This increased capability has
lead to an increased demand for network resources.
 The use of network intensive applications such as the World Wide Web has increased. Client/server
applications allow administrators to centralize information and make it easier to maintain and protect
information.
 Client/server applications do not require workstations to maintain information or provide hard disk
space to store it. Given the cost benefit of client/server applications, such applications are likely to
become even more widely used in the future.

26.1.3 Elements of Ethernet/802.3 networks

This page will describe some factors that can have a negative impact on the performance of an Ethernet
network.

Ethernet is a broadcast transmission technology. Therefore network devices such as computers, printers, and
file servers communicate with one another over a shared network medium. The performance of a shared
medium Ethernet/802.3 LAN can be negatively affected by several factors: -1-

 The data frame delivery of Ethernet/802.3 LANs is of a broadcast nature.


 The carrier sense multiple access/collision detect (CSMA/CD) method allows only one station to
transmit at a time.
 Multimedia applications with higher bandwidth demand such as video and the Internet, coupled with
the broadcast nature of Ethernet, can create network congestion.
 Normal latency occurs as frames travel across the network medium and through network devices.

655
Only for individual use – not for distribute on Internet

Ethernet uses CSMA/CD and can support fast transmission rates. Fast Ethernet, or 100BASE-T, provides
transmission speeds up to 100 Mbps. Gigabit Ethernet provides transmission speeds up to 1000 Mbps and 10-
Gigabit Ethernet provides transmission speeds up to 10,000 Mbps. The goal of Ethernet is to provide a best-
effort delivery service and allow all devices on the shared medium to transmit on an equal basis. Collisions are
a natural occurrence on Ethernet networks and can become a major problem. -2- -3-

656
Only for individual use – not for distribute on Internet
26.1.4 Half-duplex networks

This page will explain how collisions occur on a half-duplex network.

Originally Ethernet was a half-duplex technology. Half-duplex allows hosts to either transmit or receive at
one time, but not both. Each host checks the network to see whether data is being transmitted before it
transmits additional data. If the network is already in use, the transmission is delayed. Despite transmission
deferral, two or more hosts could transmit at the same time. This results in a collision. When a collision occurs,
the host that detects the collision first, sends out a jam signal to the other hosts. When a jam signal is received,
each host stops data transmission, then waits for a random period of time to retransmit the data. The back-off
algorithm generates this random delay. As more hosts are added to the network, collisions are more likely to
occur.

Ethernet LANs become saturated because users run network intensive software, such as client/server
applications, which cause hosts to transmit more often and for longer periods of time. The network interface
card ( NIC ), used by LAN devices, provides several circuits so that communication among devices can occur.

26.1.5 Network congestion

This page will discuss some factors that create a need for more bandwidth on a network.

Advances in technology produce faster and more intelligent desktop computers and workstations. The
combination of more powerful workstations and network intensive applications has created a need for greater
network capacity, or bandwidth. -1-

657
Only for individual use – not for distribute on Internet
All these factors place a strain on networks with 10 Mbps of available bandwidth and that is why many
networks now provide 100 Mbps bandwidth on their LANs. -2-

The following are types of media that have increased in transmission over networks:

 Large graphics files


 Full-motion video
 Multimedia applications

There is also an increase in the number of users on a network. As more people utilize networks to share larger
files, access file servers, and connect to the Internet, network congestion occurs. This results in slower
response times, longer file transfers, and less productive network users. To relieve network congestion, either
more bandwidth is needed or the available bandwidth must be used more efficiently. -3-

658
Only for individual use – not for distribute on Internet
26.1.6 Network latency

This page will help students understand the factors that increase network latency.

Latency, or delay, is the time a frame or a packet takes to travel from the source station to the final
destination. It is important to quantify the total latency of the path between the source and the destination for
LANs and WANs. In the specific case of an Ethernet LAN, it is important to understand latency and its effect
on network timing as it is used to determine if CSMA/CD will work properly.

Latency has at least three sources:

 First, there is the time it takes the source NIC to place voltage pulses on the wire and the time it takes
the destination NIC to interpret these pulses. This is sometimes called NIC delay, typically around 1
microsecond for a 10BASE-T NIC.
 Second, there is the actual propagation delay as the signal takes time to travel through the cable.
Typically, this is about 0.556 microseconds per 100 m for Cat 5 UTP. Longer cable and slower nominal
velocity of propagation (NVP) results in more propagation delay.
 Third, latency is added based on network devices that are in the path between two computers. These are
either Layer 1, Layer 2, or Layer 3 devices.

Latency does not depend solely on distance and number of devices. For example, if three properly
configured switches separate two workstations, the workstations may experience less latency than if two
properly configured routers separated them. This is because routers conduct more complex and time-intensive
functions. A router must analyze Layer 3 data.

26.1.7 Ethernet 10BASE-T transmission time

This page will explain how transmission time is determined for 10BASE-T.

All networks have what is called bit time or slot time. Many LAN technologies, such as Ethernet, define bit
time as the basic unit of time in which one bit can be sent. In order for the electronic or optical devices to
recognize a binary one or zero, there must be some minimum duration during which the bit is on or off.

Transmission time equals the number of bits to be sent times the bit time for a given technology. Another way
to think about transmission time is the interval between the start and end of a frame transmission, or between
the start of a frame transmission and a collision. Small frames take a shorter amount of time. Large frames take
a longer amount of time. -1-

659
Only for individual use – not for distribute on Internet

Each 10-Mbps Ethernet bit has a 100 ns transmission window. This is the bit time. A byte equals eight bits.
Therefore, 1 byte takes a minimum of 800 ns to transmit. A 64-byte frame, which is the smallest 10BASE-T
frame that allows CSMA/CD to function properly, has a transmission time of 51,200 ns or 51.2 microseconds.
Transmission of an entire 1000-byte frame from the source requires 800 microseconds. The time at which the
frame actually arrives at the destination station depends on the additional latency introduced by the network.
This latency can be due to a variety of delays including all of the following:

 NIC delays
 Propagation delays
 Layer 1, Layer 2, or Layer 3 device delays

The Interactive Media Activity will help students determine the 10BASE-T transmission times for different
frame sizes.

26.1.8 The benefits of using repeaters

This page will explain how a repeater can be used to extend the distance of a LAN.

The distance that a LAN can cover is limited due to attenuation. Attenuation means that the signal weakens as
it travels through the network. The resistance in the cable or medium through which the signal travels causes
the loss of signal strength. An Ethernet repeater is a physical layer device on the network that boosts or
regenerates the signal on an Ethernet LAN. When a repeater is used to extend the distance of a LAN, a single
network can cover a greater distance and more users can share that same network. However, the use of
repeaters and hubs adds to problems associated with broadcasts and collisions. It also has a negative effect on
the overall performance of the shared media LAN. -1- ( Hub ) -2-
The Interactive Media Activity will teach students about the Cisco 1503 Micro Hub.

660
Only for individual use – not for distribute on Internet
26.1.9 Full-duplex transmitting

This page will explain how full-duplex Ethernet allows the transmission of a packet and the reception of a
different packet at the same time. This simultaneous transmission and reception requires the use of two pairs of
wires in the cable and a switched connection between each node. This connection is considered point-to-point
and is collision free. Because both nodes can transmit and receive at the same time, there are no negotiations
for bandwidth. Full-duplex Ethernet can use a cable infrastructure already in place, as long as the medium
meets the minimum Ethernet standards.

To transmit and receive simultaneously, a dedicated switch port is required for each node. Full-duplex
connections can use 10BASE-T, 100BASE-TX, or 100BASE-FX media to create point-to-point connections.
The NICs on all connected devices must have full-duplex capabilities.

The full-duplex Ethernet switch takes advantage of the two pairs of wires in the cable and creates a direct
connection between the transmit ( TX ) at one end of the circuit and the receive ( RX ) at the other end. With
the two stations connected in this manner a collision free environment is created as the transmission and receipt
of data occurs on separate non-competitive circuits.

Ethernet can usually only use 50 to 60 percent of the available 10 Mbps of bandwidth because of collisions and
latency. Full-duplex Ethernet offers 100 percent of the bandwidth in both directions. This produces a potential
20 Mbps throughput, which results from 10 Mbps TX and 10 Mbps RX. -1-

The Interactive Media Activity will help students learn the different characteristics of two full-duplex Ethernet
standards.

26.2 Introduction to LAN Switching

26.2.1 LAN segmentation

This page will explain LAN segmentation.

A network can be divided into smaller units called segments. Figure -1- shows an example of a segmented
Ethernet network. The entire network has fifteen computers. Of the fifteen computers, six are servers and nine
are workstations. Each segment uses the CSMA/CD access method and maintains traffic between users on the
segment. Each segment is its own collision domain. -2-

Segmentation allows network congestion to be significantly reduced within each segment. When data is
transmitted within a segment, the devices within that segment share the total available bandwidth. Data that is
passed between segments is transmitted over the backbone of the network through a bridge, router, or switch.
661
Only for individual use – not for distribute on Internet

26.2.2 LAN segmentation with bridges

This page will describe the main functions of a bridge in a LAN.

Bridges are Layer 2 devices that forward data frames based on the MAC address. Bridges read the source
MAC address of the data packets to discover the devices that are on each segment. The MAC addresses are
then used to build a bridging table. This allows bridges to block packets that do not need to be forwarded from
the local segment. -1-

662
Only for individual use – not for distribute on Internet

Although bridges are transparent to other network devices, the latency on a network increases by ten ( 10 ) to
thirty ( 30 ) % percent when a bridge is used. The increased latency is because of the decisions that bridges
make before the packets are forwarded. A bridge is considered a store-and-forward device. Bridges examine
the destination address field and calculate the cyclic redundancy check (CRC) in the Frame Check Sequence
field before the frame is forwarded. If the destination port is busy, bridges temporarily store the frame until that
port is available. -2- -3-

663
Only for individual use – not for distribute on Internet

26.2.3 LAN segmentation with routers

This page will explain how routers are used to segment a LAN.

Routers provide network segmentation which adds a latency factor of twenty to thirty percent over a switched
network. The increased latency is because routers operate at the network layer and use the IP address to
determine the best path to the destination node. Figure -1- shows a Cisco router.

Bridges and switches provide segmentation within a single network or subnetwork. Routers provide
connectivity between networks and subnetworks.

Routers do not forward broadcasts while switches and bridges must forward broadcast frames. -2-

664
Only for individual use – not for distribute on Internet
26.2.4 LAN segmentation with switches

This page will explain how switches are used to segment a LAN.

Switches decrease bandwidth shortages and network bottlenecks, such as those between several
workstations and a remote file server. Figure -1- shows a Cisco switch. Switches segment LANs into
microsegments which decreases the size of collision domains.

However, all hosts connected to a switch are still in the same broadcast domain. -2-

In a completely switched Ethernet LAN, the source and destination nodes function as if they are the only nodes
on the network. When these two nodes establish a link, or virtual circuit, they have access to the maximum
available bandwidth. These links provide significantly more throughput than Ethernet LANs connected by
bridges or hubs.

This virtual network circuit is established within the switch and exists only when the nodes need to
communicate. -3-

665
Only for individual use – not for distribute on Internet

26.2.5 Basic operations of a switch

This page will discuss the basic functions of a switch in a LAN.

Switching is a technology that decreases congestion in Ethernet, Token Ring, and Fiber Distributed Data
Interface ( FDDI ) LANs. Switches use microsegmentation to reduce collision domains and network traffic.
This reduction results in more efficient use of bandwidth and increased throughput. LAN switches often
replace shared hubs and are designed to work with cable infrastructures already in place. -1-

The following are the two basic operations that switches perform:

 Switch data frames - The process of receiving a frame on a switch interface, selecting the correct
forwarding switch port(s), and forwarding the frame.
 Maintain switch operations - Switches build and maintain forwarding tables. Switches also construct
and maintain a loop-free topology across the LAN.

Figures -2- through -6- show the basic operations of a switch.


666
Only for individual use – not for distribute on Internet

667
Only for individual use – not for distribute on Internet

26.2.6 Ethernet switch latency

This page will explain how Ethernet switches contribute to latency.

Switch latency is the period of time when a frame enters a switch to the time it takes the frame to exit the
switch. Latency is directly related to the configured switching process and volume of traffic.

Latency is measured in fractions of a second. Network devices operate at incredibly high speeds so every
additional nanosecond of latency adversely affects network performance.

668
Only for individual use – not for distribute on Internet

26.2.7 Layer 2 and Layer 3 switching

This page will show students how switching occurs at the data link and the network layer.

There are two methods of switching data frames, Layer 2 switching and Layer 3 switching. Routers and Layer
3 switches use Layer 3 switching to switch packets. Layer 2 switches and bridges use Layer 2 switching to
forward frames.

The difference between Layer 2 and Layer 3 switching is the type of information inside the frame that is used
to determine the correct output interface. Layer 2 switching is based on MAC address information. Layer 3
switching is based on network layer addresses, or IP addresses. The features and functionality of Layer 3
switches and routers have numerous similarities. The only major difference between the packet switching
operation of a router and a Layer 3 switch is the physical implementation. In general-purpose routers, packet
switching takes place in software, using microprocessor-based engines, whereas a Layer 3 switch performs
packet forwarding using application specific integrated circuit ( ASIC ) hardware.

Layer 2 switching looks at a destination MAC address in the frame header and forwards the frame to the
appropriate interface or port based on the MAC address in the switching table. -1-

The switching table is contained in Content Addressable Memory ( CAM ). If the Layer 2 switch does not
know where to send the frame, it broadcasts the frame out all ports to the network. When a reply is returned,
the switch records the new address in the CAM.

669
Only for individual use – not for distribute on Internet

Layer 3 switching is a function of the network layer. The Layer 3 header information is examined and the
packet is forwarded based on the IP address. -2-

Traffic flow in a switched or flat network is inherently different from the traffic flow in a routed or hierarchical
network. Hierarchical networks offer more flexible traffic flow than flat networks.

26.2.8 Symmetric and asymmetric switching

This page will explain the difference between symmetric and asymmetric switching.

670
Only for individual use – not for distribute on Internet
LAN switching may be classified as symmetric or asymmetric based on the way in which bandwidth is
allocated to the switch ports. A symmetric switch provides switched connections between ports with the same
bandwidth. -1-

An asymmetric LAN switch provides switched connections between ports of unlike bandwidth, such as a
combination of 10-Mbps and 100-Mbps ports. -2-

671
Only for individual use – not for distribute on Internet
Asymmetric switching enables more bandwidth to be dedicated to the server switch port in order to prevent a
bottleneck. This allows smoother traffic flows where multiple clients are communicating with a server at the
same time. Memory buffering is required on an asymmetric switch. The use of buffers keeps the frames
contiguous between different data rate ports.

26.2.9 Memory buffering

This page will explain what a memory buffer is and how it is used.

An Ethernet switch may use a buffering technique to store-and-forward frames. Buffering may also be used
when the destination port is busy. The area of memory where the switch stores the data is called the memory
buffer. This memory buffer can use two methods for forwarding frames, port-based memory buffering and
shared memory buffering. -1-

In port-based memory buffering frames are stored in queues that are linked to specific incoming ports. A frame
is transmitted to the outgoing port only when all the frames ahead of it in the queue have been successfully
transmitted. It is possible for a single frame to delay the transmission of all the frames in memory because of a
busy destination port. This delay occurs even if the other frames could be transmitted to open destination ports.

Shared memory buffering deposits all frames into a common memory buffer which all the ports on the switch
share. The amount of buffer memory required by a port is dynamically allocated. The frames in the buffer are
linked dynamically to the destination port. This allows the packet to be received on one port and then
transmitted on another port, without moving it to a different queue.

The switch keeps a map of frame to port links showing where a packet needs to be transmitted. The map link is
cleared after the frame has been successfully transmitted. The memory buffer is shared. The number of frames
stored in the buffer is restricted by the size of the entire memory buffer, and not limited to a single port buffer.
This permits larger frames to be transmitted with fewer dropped frames. This is important to asymmetric
switching, where frames are being exchanged between different rate ports.

26.2.10 Two switching methods

This page will introduce store-and-forward and cut-through switching.

The following two switching modes are available to forward frames: -1- -2-

 Store-and-forward - The entire frame is received before any forwarding takes place. The destination
and source addresses are read and filters are applied before the frame is forwarded. Latency occurs
while the frame is being received. Latency is greater with larger frames because the entire frame must
be received before the switching process begins. The switch is able to check the entire frame for errors,
which allows more error detection.
 Cut-through - The frame is forwarded through the switch before the entire frame is received. At a
minimum the frame destination address must be read before the frame can be forwarded. This mode
decreases the latency of the transmission, but also reduces error detection.

The following are two forms of cut-through switching: -3-

672
Only for individual use – not for distribute on Internet
 Fast-forward - Fast-forward switching offers the lowest level of latency. Fast-forward switching
immediately forwards a packet after reading the destination address. Because fast-forward switching
starts forwarding before the entire packet is received, there may be times when packets are relayed with
errors. Although this occurs infrequently and the destination network adapter will discard the faulty
packet upon receipt. In fast-forward mode, latency is measured from the first bit received to the first bit
transmitted.
 Fragment-free - Fragment-free switching filters out collision fragments before forwarding begins.
Collision fragments are the majority of packet errors. In a properly functioning network, collision
fragments must be smaller than 64 bytes. Anything greater than 64 bytes is a valid packet and is usually
received without error. Fragment-free switching waits until the packet is determined not to be a
collision fragment before forwarding. In fragment-free mode, latency is also measured from the first bit
received to the first bit transmitted.

The latency of each switching mode depends on how the switch forwards the frames. To accomplish faster
frame forwarding, the switch reduces the time for error checking. However, reducing the error checking time
can lead to a higher number of retransmissions.

STORE-AND-FORWARD

673
Only for individual use – not for distribute on Internet

26.3 Switch Operation

26.3.1 Functions of Ethernet switches

This page will review the functions of an Ethernet switch.

A switch is a device that connects LAN segments using a table of MAC addresses to determine the segment on
which a frame needs to be transmitted. Both switches and bridges operate at Layer 2 of the OSI model. -1-

Switches are sometimes called multiport bridges or switching hubs. Switches make decisions based on MAC
addresses and therefore, are Layer 2 devices. -2-

674
Only for individual use – not for distribute on Internet

In contrast, hubs regenerate the Layer 1 signals out of all ports without making any decisions. Since a
switch has the capacity to make path selection decisions, the LAN becomes much more efficient. Usually, in
an Ethernet network the workstations are connected directly to the switch. Switches learn which hosts are
connected to a port by reading the source MAC address in frames. The switch opens a virtual circuit between
the source and destination nodes only. This confines communication to those two ports without affecting traffic
on other ports. In contrast, a hub forwards data out all of its ports so that all hosts see the data and must process
it, even if that data is not intended for it. -4-

High-performance LANs are usually fully switched: -5-

 A switch concentrates connectivity, making data transmission more efficient. Frames are switched from
incoming ports to outgoing ports. Each port or interface can provide the full bandwidth of the
connection to the host.
 On a typical Ethernet hub, all ports connect to a common backplane or physical connection within the
hub, and all devices attached to the hub share the bandwidth of the network. If two stations establish a
session that uses a significant level of bandwidth, the network performance of all other stations attached
to the hub is degraded.
 To reduce degradation, the switch treats each interface as an individual segment. When stations on
different interfaces need to communicate, the switch forwards frames at wire speed from one interface
to the other, to ensure that each session receives full bandwidth.

675
Only for individual use – not for distribute on Internet

To efficiently switch frames between interfaces, the switch maintains an address table. When a frame enters
the switch, it associates the MAC address of the sending station with the interface on which it was received.

The main features of Ethernet switches are:

 Isolate traffic among segments


 Achieve greater amount of bandwidth per user by creating smaller collision domains

The first feature, isolate traffic among segments, provides for greater security for hosts on the network. Each
segment uses the CSMA/CD access method to maintain data traffic flow among the users on that segment.
Such segmentation allows multiple users to send information at the same time on the different segments
without slowing down the network. -6-

By using the segments in the network fewer users and/or devices are sharing the same bandwidth when
communicating with one another. Each segment has its own collision domain.
Ethernet switches filter the traffic by redirecting the datagrams to the correct port or ports, which are based on
Layer 2 MAC addresses.

676
Only for individual use – not for distribute on Internet

The second feature is called microsegmentation. Microsegmentation allows the creation of dedicated network
segments with one host per segment. Each hosts receives access to the full bandwidth and does not have to
compete for available bandwidth with other hosts. Popular servers can then be placed on individual 100-Mbps
links. Often in networks of today, a Fast Ethernet switch will act as the backbone of the LAN, with Ethernet
hubs, Ethernet switches, or Fast Ethernet hubs providing the desktop connections in workgroups. As
demanding new applications such as desktop multimedia or video conferencing become more popular, certain
individual desktop computers will have dedicated 100-Mbps links to the network. -8-

677
Only for individual use – not for distribute on Internet
26.3.2 Frame transmission modes

This page will describe the three main frame transmission modes: -1-

 Cut-through - A switch that performs cut-through switching only reads the destination address when
receiving the frame. The switch begins to forward the frame before the entire frame arrives. This mode
decreases the latency of the transmission, but has poor error detection. There are two forms of cut-
through switching:
1. Fast-forward switching - This type of switching offers the lowest level of latency by
immediately forwarding a packet after receiving the destination address. Latency is measured
from the first bit received to the first bit transmitted, or first in first out (FIFO). This mode has
poor LAN switching error detection.
2. Fragment-free switching - This type of switching filters out collision fragments, with are the
majority of packet errors, before forwarding begins. Usually, collision fragments are smaller
than 64 bytes. Fragment-free switching waits until the received packet has been determined not
to be a collision fragment before forwarding the packet. Latency is also measured as FIFO.
 Store-and-forward - The entire frame is received before any forwarding takes place. The destination
and source addresses are read and filters are applied before the frame is forwarded. Latency occurs
while the frame is being received. Latency is greater with larger frames because the entire frame must
be received before the switching process begins. The switch has time available to check for errors,
which allows more error detection.
 Adaptive cut-through - This transmission mode is a hybrid mode that is a combination of cut-through
and store-and-forward. In this mode, the switch uses cut-through until it detects a given number of
errors. Once the error threshold is reached, the switch changes to store-and-forward mode. -2-

678
Only for individual use – not for distribute on Internet
26.3.3 How switches and bridges learn addresses

This page will explain how bridges and switches learn addresses and forward frames.

Bridges and switches only forward frames that need to travel from one LAN segment to another. To
accomplish this task, they must learn which devices are connected to which LAN segment. -1-

A bridge is considered an intelligent device because it can make decisions based on MAC addresses. To do
this, a bridge refers to an address table. When a bridge is turned on, broadcast messages are transmitted asking
all the stations on the local segment of the network to respond. As the stations return the broadcast message,
the bridge builds a table of local addresses. This process is called learning.

Bridges and switches learn in the following ways:

 Reading the source MAC address of each received frame or datagram


 Recording the port on which the MAC address was received

In this way, the bridge or switch learns which addresses belong to the devices connected to each port.

The learned addresses and associated port or interface are stored in the addressing table. The bridge examines
the destination address of all received frames. The bridge then scans the address table searching for the
destination address.

The switching table is stored using Content Addressable Memory ( CAM ). CAM is used in switch
applications to perform the following functions:

 To take out and process the address information from incoming data packets
 To compare the destination address with a table of addresses stored within it

The CAM stores host MAC addresses and associated port numbers. The CAM compares the received
destination MAC address against the CAM table contents. If the comparison yields a match, the port is
provided, and the switch forwards the packet to the correct port and address. -2-

679
Only for individual use – not for distribute on Internet

An Ethernet switch can learn the address of each device on the network by reading the source address of each
frame transmitted and noting the port where the frame entered the switch. The switch then adds this
information to its forwarding database. Addresses are learned dynamically. This means that as new addresses
are read, they are learned and stored in CAM. When a source address is not found in CAM, it is learned and
stored for future use.

Each time an address is stored, it is time stamped. This allows for addresses to be stored for a set period of
time. Each time an address is referenced or found in CAM, it receives a new time stamp. Addresses that are not
referenced during a set period of time are removed from the list. By removing aged or old addresses, CAM
maintains an accurate and functional forwarding database.

The processes followed by the CAM are as follows:

1. If the address is not found, the bridge forwards the frame out all ports except the port on which it was
received. This process is called flooding. The address may also have been deleted by the bridge because
the bridge software was recently restarted, ran short of address entries in the address table, or deleted
the address because it was too old. Since the bridge does not know which port to use to forward the
frame, it will send it to out all ports, except the one from which it was received. It is clearly
unnecessary to send it back to the same cable segment from which it was received, since any other
computer or bridges on this cable must already have received the packet.
2. If the address is found in an address table and the address is associated with the port on which it was
received, the frame is discarded. It must already have been received by the destination.
3. If the address is found in an address table and the address is not associated with the port on which it
was received, the bridge forwards the frame to the port associated with the address.

If the address is found in an address table and the address is not associated with the port on which it was
received, the bridge forwards the frame to the port associated with the address.

26.3.4 How switches and bridges filter frames

This page will explain how switches and bridges filter frames. In this discussion, the terms ―switch‖ and
―bridge‖ are synonymous.

680
Only for individual use – not for distribute on Internet
Most switches are capable of filtering frames based on any Layer 2 frame field. For example, a switch can be
programmed to reject, not forward, all frames sourced from a particular network. Because link layer
information often includes a reference to an upper-layer protocol, switches can usually filter on this parameter.
Furthermore, filters can be helpful in dealing with unnecessary broadcast and multicast packets.

Once the switch has built the local address table, it is ready to operate. When it receives a frame, it examines
the destination address. If the frame address is local, the switch ignores it. If the frame is addressed for another
LAN segment, the switch copies the frame onto the second segment.

 Ignoring a frame is called filtering.


 Copying the frame is called forwarding.

Basic filtering keeps local frames local and sends remote frames to another LAN segment.

Filtering on specific source and destination addresses performs the following actions:

 Stopping one station from sending frames outside of its local LAN segment
 Stopping all "outside" frames destined for a particular station, thereby restricting the other stations with
which it can communicate

Both types of filtering provide some control over internetwork traffic and can offer improved security.

Most Ethernet switches can now filter broadcast and multicast frames. Bridges and switches that can filter
frames based on MAC addresses can also be used to filter Ethernet frames by multicast and broadcast
addresses. This filtering is achieved through the implementation of virtual local-area networks or VLANs.
VLANs allow network administrators to prevent the transmission of unnecessary multicast and broadcast
messages throughout a network. Occasionally, a device will malfunction and continually send out broadcast
frames, which are copied around the network. This is called a broadcast storm and it can significantly reduce
network performance. A switch that can filter broadcast frames makes a broadcast storm less harmful.

Today, switches are also able to filter according to the network-layer protocol. This blurs the demarcation
between switches and routers. A router operates on the network layer using a routing protocol to direct traffic
around the network. A switch that implements advanced filtering techniques is usually called a brouter.
Brouters filter by looking at network layer information but they do not use a routing protocol. -1-

26.3.5 Why segment LANs?

This page will explain the two main reasons to segment a LAN.

There are two primary reasons for segmenting a LAN. The first is to isolate traffic between segments. The
second reason is to achieve more bandwidth per user by creating smaller collision domains.

Without LAN segmentation, LANs larger than a small workgroup could quickly become clogged with traffic
and collisions. -1-

681
Only for individual use – not for distribute on Internet

LAN segmentation can be implemented through the utilization of bridges, switches, and routers. Each of these
devices has particular pros and cons.

With the addition of devices like bridges, switches, and routers the LAN is segmented into a number of smaller
collision domains. In the example shown, four collision domains have been created. -2-

By dividing large networks into self-contained units, bridges and switches provide several advantages. Bridges
and switches will diminish the traffic experienced by devices on all connected segments, because only a certain
percentage of traffic is forwarded. Bridges and switches reduce the collision domain but not the broadcast
domain. -3-

Each interface on the router connects to a separate network. Therefore the insertion of the router into a LAN
will create smaller collision domains and smaller broadcast domains. This occurs because routers do not
forward broadcasts unless programmed to do so.

682
Only for individual use – not for distribute on Internet
A switch employs "microsegmentation" to reduce the collision domain on a LAN. The switch does this by
creating dedicated network segments, or point-to-point connections. The switch connects these segments in a
virtual network within the switch.

This virtual network circuit exists only when two nodes need to communicate. This is called a virtual circuit as
it exists only when needed, and is established within the switch.

26.3.6 Microsegmentation implementation

This page will explain the functions of a switch in a LAN due to microsegmentation.

LAN switches are considered multi-port bridges with no collision domain, because of microsegmentation. -1-
Data is exchanged at high speeds by switching the frame to its destination. By reading the destination MAC
address Layer 2 information, switches can achieve high-speed data transfers, much like a bridge does. This
process leads to low latency levels and a high rate of speed for frame forwarding.

683
Only for individual use – not for distribute on Internet

Ethernet switching increases the bandwidth available on a network. It does this by creating dedicated network
segments, or point-to-point connections, and connecting these segments in a virtual network within the switch.
This virtual network circuit exists only when two nodes need to communicate. This is called a virtual circuit
because it exists only when needed, and is established within the switch.

Even though the LAN switch reduces the size of collision domains, all hosts connected to the switch are still in
the same broadcast domain. Therefore, a broadcast from one node will still be seen by all the other nodes
connected through the LAN switch. -4-

684
Only for individual use – not for distribute on Internet
Switches are data link layer devices that, like bridges, enable multiple physical LAN segments to be
interconnected into a single larger network. Similar to bridges, switches forward and flood traffic based on
MAC addresses. Because switching is performed in hardware instead of in software, it is significantly faster.
Each switch port can be considered a micro-bridge acting as a separate bridge and gives the full bandwidth of
the medium to each host.

26.3.7 Switches and collision domains

This page will discuss collisions, which is a major disadvantage of Ethernet 802.3 networks.

A major disadvantage of Ethernet 802.3 networks is collisions. Collisions occur when two hosts transmit
frames simultaneously. When a collision occurs, the transmitted frames are corrupted or destroyed in the
collision. The sending hosts stop sending further transmissions for a random period of time, based on the
Ethernet 802.3 rules of CSMA/CD. Excessive collisions cause networks to be unproductive. -1-

The network area where frames originate and collide is called the collision domain. All shared media
environments are collision domains. -2-

685
Only for individual use – not for distribute on Internet
When a host is connected to a switch port, the switch creates a dedicated connection. This connection is
considered to be an individual collision domain. For example, if a twelve-port switch has a device connected to
each port then twelve collision domains are created. -3-

A switch builds a switching table by learning the MAC addresses of the hosts that are connected to each switch
port. -4-

When two connected hosts want to communicate with each other, the switch looks up the switching table and
establishes a virtual connection between the ports. The virtual circuit is maintained until the session is
terminated.

In Figure -5- , Host B and Host C want to communicate with each other. The switch creates the virtual
connection which is referred to as a microsegment. The microsegment behaves as if the network has only two
hosts, one host sending and one receiving providing maximum utilization of the available bandwidth.

Switches reduce collisions and increase bandwidth on network segments because they provide dedicated
bandwidth to each network segment.

686
Only for individual use – not for distribute on Internet

26.3.8 Switches and broadcast domains

This page will describe the three methods of data transmission that are used in a network.

Communication in a network occurs in three ways. The most common way of communication is by unicast
transmissions. In a unicast transmission, one transmitter tries to reach one receiver.

Another way to communicate is known as a multicast transmission. Multicast transmission occurs when one
transmitter tries to reach only a subset, or a group, of the entire segment. -1-

The final way to communicate is by broadcasting. Broadcasting is when one transmitter tries to reach all the
receivers in the network. The server station sends out one message and everyone on that segment receives the
message.

When a device wants to send out a Layer 2 broadcast, the destination MAC address in the frame is set to all
ones. A MAC address of all ones is FF:FF:FF:FF:FF:FF in hexadecimal. By setting the destination to this
value, all the devices will accept and process the broadcasted frame.

687
Only for individual use – not for distribute on Internet
The broadcast domain at Layer 2 in referred to as the MAC broadcast domain. The MAC broadcast domain
consists of all devices on the LAN that receive frame broadcasts by a host to all other machines on the LAN.

A switch is a Layer 2 device. When a switch receives a broadcast, it forwards it to each port on the switch
except the incoming port. Each attached device must process the broadcast frame. This leads to reduced
network efficiency, because available bandwidth is used for broadcasting purposes. -2-

When two switches are connected, the broadcast domain is increased. In this example a broadcast frame is
forwarded to all connected ports on Switch 1. Switch 1 is connected to Switch 2. The frame is propagated to all
devices connected to Switch 2. -3-

The overall result is a reduction in available bandwidth. This happens because all devices in the broadcast
domain must receive and process the broadcast frame.

Routers are Layer 3 devices. Routers do not propagate broadcasts. Routers are used to segment both
collision and broadcast domains.

688
Only for individual use – not for distribute on Internet
26.3.9 Communication between switches and workstations

This page will explain how switches learn about workstations in a LAN.

When a workstation connects to a LAN, it is unconcerned about the other devices that are connected to the
LAN media. The workstation simply transmits data frames using a NIC to the network medium.

The workstation could be attached directly to another workstation using a crossover cable.
Cross-over cables are used to connect the following devices: -1-

 Workstation to Workstation
 Switch to Switch
 Switch to hub
 Hub to hub
 Router to router
 Router to PC

Straight-through cables are used to connect the following devices:

 Switch to router
 Switch to workstation or server
 Hub to workstation or server

Switches are Layer 2 devices that use intelligence to learn the MAC addresses of the devices that are attached
to the ports of the switch. This data is entered into a switching table. Once the table is complete, the switch can
read the destination MAC address of an incoming data frame on a port and immediately forward it.
Until a device transmits, the switch does not know its MAC address.

Switches provide significant scalability on a network and may be directly connected. Figure
illustrates one scenario of frame transmission utilizing a multi-switch network.

689
Only for individual use – not for distribute on Internet

690
Only for individual use – not for distribute on Internet
26.3.10 Module Summary

Ethernet is the most common LAN architecture and it is used to transport data between devices on a
network. Originally Ethernet was a half-duplex technology. Using half-duplex, a host could either transmit or
receive at one time, but not both. When two or more Ethernet hosts transmit at the same time on a shared
medium, the result is a collision. The time a frame or a packet takes to travel from the source station to the
final destination is known as latency or delay. The three sources of latency include NIC delay, actual
propagation delay, and delay due to specific network devices.

Bit or slot time is the basic unit of time in which ONE ( 1 ) bit can be sent. there must be some minimum
duration during which the bit is on or off in order for the device to recognize a binary one or zero ( 0 ).

Attenuation means that a signal will weaken at it travels through the network. This limits the distance that
a LAN can cover. A repeater can extend the distance of a LAN but it also has a negative effect on the overall
performance of a LAN.

Full-duplex transmission between stations is achieved by using point-to-point Ethernet connections. Full-
duplex transmission provides a collision-free transmission environment. Both stations can transmit and receive
at the same time, and there are no negotiations for bandwidth. The existing cable infrastructure can be utilized
as long as the medium meets the minimum Ethernet standards.

Segmentation divides a network into smaller units to reduce network congestion and enhance security.
The CSMA/CD access method on each segment maintains traffic between users. Segmentation with a Layer 2
bridge is transparent to other network devices but latency is increased significantly. The more work done by a
network device, the more latency the device will introduce into the network. Routers provide segmentation of
networks but can add a latency factor of 20% to 30% over a switched network. This increased latency is
because a router operates at the network layer and uses the IP address to determine the best path to the
destination node. A switch can segment a LAN into microsegments which decreases the size of collision
domains. However all hosts connected to the switch are still in the same broadcast domain.
Switching is a technology that decreases congestion in Ethernet, Token Ring, and Fiber Distributed Data
Interface (FDDI) LANs. Switching is the process of receiving an incoming frame on one interface and
delivering that frame out another interface. Routers use Layer 3 switching to route a packet. Switches use
Layer 2 switching to forward frames. A symmetric switch provides switched connections between ports with
the same bandwidth. An asymmetric LAN switch provides switched connections between ports of unlike
bandwidth, such as a combination of 10-Mbps and 100-Mbps ports.
A memory buffer is an area of memory where a switch stores data. It can use two methods for forwarding
frames including port-based memory buffering and shared memory buffering.
There are two modes used to forward frames. Store-and-forward receives the entire frame before
forwarding while cut-through forwards the frame as it is received decreasing latency. Fast-forward and
fragment-free are two types of cut-through forwarding.

691
Only for individual use – not for distribute on Internet
27 MODULE 5
Module Overview

The task to design a network can be a challenge as it involves more than just a connection of two computers. A
network requires many features in order to be reliable, manageable, and scalable. To design reliable,
manageable, and scalable networks, network designers must realize that each of the major components of a
network has distinct design requirements.

Network design has become more difficult despite improvements in equipment performance and media
capabilities. The use of multiple media types and LANs that interconnect with other networks add to the
complexity of the network environment. Good network designs improve performance and also reduce the
difficulties associated with network growth and evolution.

A LAN spans a single room, a building, or a set of buildings that are close together. A group of buildings that
are located close to each other and belong to a single organization are referred to as a campus. The following
aspects of the network need to be identified before a large LAN is designed:

 An access layer that connects end users to the LAN


 A distribution layer that provides policy-based connectivity between end-user LANs
 A core layer that provides the fastest connection between the distribution points

Each of these LAN design layers require switches that are best suited for the specific tasks. The features,
functions, and technical specifications for each switch vary based on the LAN design layer for which the
switch is intended. For the best network performance, it is important to understand the role of each layer and
then choose the switch that best suits the layer requirements.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.
Students who complete this module should be able to perform the following tasks:

 Describe the four major goals of LAN design


 List the key considerations in LAN design
 Understand the steps in systematic LAN design
 Understand the design issues associated with Layers 1 through 3 LAN structure, or topology
 Describe the three-layer design model
 Identify the functions of each layer of the three-layer model
 List Cisco access layer switches and their features
 List Cisco distribution layer switches and their features
 List Cisco core layer switches and their features

27.1 LAN design goals

27.1.1 LAN design goals

The first step in LAN design is to establish and document the goals of the design. These goals are unique to
each organization or situation. This page will describe the requirements of most network designs:

 Functionality - The network must work. The network must allow users to meet their job requirements.
The network must provide user-to-user and user-to-application connectivity with reasonable speed and
reliability.

692
Only for individual use – not for distribute on Internet
 Scalability - The network must be able to grow. The initial design should grow without any major
changes to the overall design.
 Adaptability - The network must be designed with a vision toward future technologies. The network
should not include elements that would limit implementation of new technologies as they become
available.
 Manageability - The network should be designed to facilitate network monitoring and management to
ensure continuous stability of operation.

The Interactive Media Activity will help students become more familiar with the four main design goals.

27.1.2 LAN design considerations

This page will describe some important factors to consider when a LAN is designed.

Many organizations have upgraded their current LANs or plan to implement new LANs. This expansion in
LAN design is due to the development of high-speed technologies such as Asynchronous Transfer Mode
(ATM). This expansion is also due to complex LAN architectures that use LAN switching and virtual LANs
(VLANs).

To maximize available LAN bandwidth and performance, the following LAN design considerations must be
addressed:

 The function and placement of servers


 Collision domain issues
 Segmentation issues
 Broadcast domain issues

Servers allow network users to communicate, and share files, printers and application services. Servers
typically do not function as workstations. Servers run specialized operating systems, such as NetWare,
Windows NT, UNIX, and Linux. Each server is usually dedicated to one function, such as e-mail or file
sharing.

Servers can be categorized as either enterprise servers or workgroup servers. An enterprise server supports all
the users on the network as it offers services, such as e-mail or Domain Name System (DNS). E-mail or DNS
is a service that everyone in an organization needs because it is a centralized function. A workgroup server
supports a specific set of users and offers services such as word processing and file sharing.

As seen in Figure -1-, enterprise servers should be placed in the main distribution facility (MDF). Whenever
possible, the traffic to enterprise servers should travel only to the MDF and not be transmitted across other
networks. However, some networks use a routed core or may even have a server farm for the enterprise
servers. In these cases, network traffic travels across other networks and usually cannot be avoided. Ideally,
workgroup servers should be placed in the intermediate distribution facilities (IDFs) closest to the users who
access the applications on these servers. This allows traffic to travel the network infrastructure to an IDF, and
does not affect other users on that network segment. Layer 2 LAN switches located in the MDF and IDFs
should have 100 Mbps or more allocated to these servers.

693
Only for individual use – not for distribute on Internet

Ethernet nodes use CSMA/CD. Each node must contend with all other nodes to access the shared medium, or
collision domain. If two nodes transmit at the same time, a collision occurs. When collisions occur, the
transmitted frame is destroyed, and a jam signal is sent to all nodes on the segment. The nodes wait a random
period of time, and then resend the data. Excessive collisions can reduce the available bandwidth of a network
segment to thirty-five or forty percent of the available bandwidth. -2-

Segmentation is when a single collision domain is split into smaller collision domains. -3- Smaller collision
domains reduces the number of collisions on a LAN segment, and allows for greater utilization of bandwidth.
Layer 2 devices such as bridges and switches can be used to segment a LAN. Routers can achieve this at Layer
3.

694
Only for individual use – not for distribute on Internet
A broadcast occurs when the destination media access control (MAC) address is set to FF-FF-FF-FF-FF-FF. A
broadcast domain refers to the set of devices that receive a broadcast data frame that originates from any
device within that set. All hosts that receive a broadcast data frame must process it. This process consumes the
resources and available bandwidth of the host. Layer 2 devices such as bridges and switches reduce the size of
a collision domain. These devices do not reduce the size of the broadcast domain. Routers reduce the size of
the collision domain and the size of the broadcast domain at Layer 3. -4-

27.1.3 LAN design methodology

For a LAN to be effective and serve the needs of its users, it should be designed and implemented based on a
planned series of systematic steps. This page will describe the following steps:

 Gather requirements and expectations


 Analyze requirements and data
 Design the Layer 1, 2, and 3 LAN structure, or topology
 Document the logical and physical network implementation

The process to gather information helps to clarify and identify any current network problems. This information
includes the history of the organization and current status, their projected growth, operation policies and
management procedures, office systems and procedures, and the viewpoints of the people who will use the
LAN. -1-

695
Only for individual use – not for distribute on Internet
The following questions should be asked to gather information:

 Who are the people that will use the network?


 What is the skill level of these people?
 What are their attitudes toward computers and computer applications?
 How developed are the organizational documented policies?
 Has some data been declared mission critical?
 Have some operations been declared mission critical?
 What protocols are allowed on the network?
 Are only certain desktop hosts supported?
 Who is responsible for LAN addresses, naming, topology design, and configuration?
 What are the organizational human, hardware, and software resources?
 How are these resources currently linked and shared?
 What financial resources does the organization have available?

Documentation of the requirements allow for an informed estimate of costs and timelines for projected LAN
design implementation. It is important to understand performance issues of any network. -2-

Availability measures the usefulness of the network. The following are a few of the many things that affect
availability:

 Throughput
 Response time
 Access to resources

Every customer has a different definition of availability. For example, there may be a need to transport voice
and video over the network. These services may require more bandwidth than is available on the network or
backbone. To increase availability, more resources can be added, but that increases the cost of the network.
Network designs should provide the greatest availability for the least cost.

The next step in the network design is to analyze the requirements of the network and its users. Network user
needs constantly change. As more voice and video-based network applications become available, the necessity
to increase network bandwidth grows too.

A LAN that is not able to provide prompt and accurate information to its users is useless. Steps must be taken
to ensure that the information requirements of the organization and its workers are met.

The next step is to decide on an overall LAN topology that will satisfy the user requirements. -3- -4-

696
Only for individual use – not for distribute on Internet

In this curriculum, concentration will be on the star topology and extended star topology. The star topology and
extended star topology use Ethernet 802.3 CSMA/CD technology. CSMA/CD star topology is the dominant
configuration in the industry.

LAN topology design can be broken into the following three unique categories of the OSI reference model:

 Network layer
 Data link layer
 Physical layer

The final step in LAN design methodology is to document the physical and logical topology of the network.
The physical topology of the network refers to the way in which various LAN components are connected
together. The logical design of the network refers to the flow of data in a network. It also refers to the name
and address schemes used in the implementation of the LAN design solution. -5-

697
Only for individual use – not for distribute on Internet
The following are important LAN design documentation:

 OSI layer topology map -6-


 LAN logical map
 LAN physical map
 Cut sheets -7-
 VLAN logical map -8-
 Layer 3 logical map -9-
 Address maps -10-

698
Only for individual use – not for distribute on Internet

699
Only for individual use – not for distribute on Internet
27.1.4 Layer 1 design

This page will teach students how to design the Layer 1 topology of a network.

One of the most important components to consider in network design are the cables. -1-
Today, most LAN cabling is based on Fast Ethernet technology. Fast Ethernet is Ethernet that has been
upgraded from 10 Mbps to 100 Mbps, and has the ability to utilize full-duplex functionality. Fast Ethernet uses
the standard Ethernet broadcast-oriented logical bus topology of 10BASE-T, and the CSMA/CD method for
MAC addresses.

Design issues at Layer 1 include the type of cabling to be used, typically copper or fiber-optic, and the
overall structure of the cabling. -2-
This also includes the TIA/EIA-568-A standard for layout and connection of wiring schemes. Layer 1 media
types include 10/100BASE-TX, Category 5, 5e, or 6 unshielded twisted-pair (UTP), or shielded twisted-pair
(STP), and 100BaseFX fiber-optic cable.

Careful evaluation of the strengths and weaknesses of the topologies should be performed. A network is only
as effective as the cables that are used. -3-
Layer 1 issues cause most network problems. A complete cable audit should be conducted, when significant
changes are planned for a network. This helps to identify areas that require upgrades and rewiring.

700
Only for individual use – not for distribute on Internet

Fiber-optic cable should be used in the backbone and risers in all cable designs. Category 5e UTP cable should
be used in the horizontal runs. The cable upgrade should take priority over any other necessary changes.
Enterprises should also make certain that these systems conform to well-defined industry standards, such as the
TIA/EIA-568-A specifications.

The TIA/EIA-568-A standard specifies that every device connected to the network should be linked to a
central location with horizontal cabling. This applies if all the hosts that need to access the network are within
the 100-meter (328 ft.) distance limitation for Category 5e UTP Ethernet.

In a simple star topology with only one wiring closet, the MDF includes one or more horizontal cross-connect
(HCC) patch panels. -4-
HCC patch cables are used to connect the Layer 1 horizontal cabling with the Layer 2 LAN switch ports. The
uplink port of the LAN switch, based on the model, is connected to the Ethernet port of the Layer 3 router with
a patch cable. At this point, the end host has a complete physical connection to the router port.

When hosts in larger networks exceed the 100-meter (328 ft.) limitation for Category 5e UTP, more than one
wiring closet is required. Multiple wiring closets mean multiple catchment areas. The secondary wiring closets
701
Only for individual use – not for distribute on Internet
are referred to as IDFs. -5-
TIA/EIA-568-A standards specify that IDFs should be connected to the MDF by vertical cabling, also called
backbone cabling. -6-
A vertical cross-connect (VCC) is used to interconnect the various IDFs to the central MDF. Fiber-optic cable
is normally used because the vertical cable lengths are typically longer than the 100-meter (328 ft.) limit for
Category 5e UTP cable. -7-

702
Only for individual use – not for distribute on Internet

The logical diagram is the network topology model without all the details of the exact installation paths of the
cables. -8-
The logical diagram is the basic road map of the LAN which includes the following elements:

 Specify the locations and identification of the MDF and IDF wiring closets.
 Document the type and quantity of cables used to interconnect the IDFs with the MDF.
 Document the number of spare cables that are available to increase the bandwidth between the wiring
closets. For example, if the vertical cabling between IDF 1 and the MDF is at eighty percent utilization,
two additional pairs could be used to double the capacity.
 Provide detailed documentation of all cable runs, the identification numbers, and the port the run is
terminated on at the HCC or VCC. -9-

The logical diagram is essential to troubleshoot network connectivity problems. If Room 203 loses
connectivity to the network, the cut sheet shows that the room has cable run 203-1, which is terminated on
HCC1 port 13. Cable testers can be used to determine Layer 1 failure. If it is, one of the other two runs can be
used to reestablish connectivity and provide time to troubleshoot run 203-1

703
Only for individual use – not for distribute on Internet

27.1.5 Layer 2 design

This page will discuss some important Layer 2 design considerations.

The purpose of Layer 2 devices in the network is to switch frames based on destination MAC address
information, provide error detection, and to reduce congestion in the network. -1-
The two most common Layer 2 network devices are bridges and LAN switches. Devices at Layer 2 determine
the size of the collision domains.

Collisions and collision domain size are two factors that negatively affect the performance of a network. -2-
Microsegmentation of the network reduces the size of collision domains and reduces collisions.
Microsegmentation is implemented through the use of bridges and switches. The goal is to boost performance
for a workgroup or a backbone. Switches can be used with hubs to provide the appropriate level of
performance for different users and servers.

704
Only for individual use – not for distribute on Internet
Another important characteristic of a LAN switch is how it allocates bandwidth on a per-port basis. This
provides more bandwidth to vertical cabling, uplinks, and servers. -3-
This type of switching is referred to as asymmetric switching. Asymmetric switching provides switched
connections between ports of unlike bandwidth, such as a combination of 10-Mbps and 100-Mbps ports.
Symmetric switching provides switched connections between ports of similar bandwidth.

The desired capacity of a vertical cable run is greater than that of a horizontal cable run. The installation of a
LAN switch at the MDF and IDF allows the vertical cable run to manage the data traffic from the MDF to the
IDF. -4-
The horizontal runs between the IDF and the workstations use Category 5e UTP. A horizontal cable drop
should not be longer than 100 meters (328 ft.). In a normal environment, 10 Mbps is adequate for the
horizontal drop. Asymmetric LAN switches allow 10-Mbps and 100-Mbps ports on a single switch.

705
Only for individual use – not for distribute on Internet
The next task is to determine the number of 10 Mbps and 100 Mbps ports needed in the MDF and every IDF.
This is accomplished by a review of the user requirements for the number of horizontal cable drops per room
and the number of total drops in any catchment area. This includes the number of vertical cable runs. For
example, suppose that user requirements dictate four horizontal cable runs to be installed in each room. The
IDF services a catchment area of 18 rooms. Therefore, four drops in each of the 18 rooms equals 4x18, or 72
LAN switch ports.

The size of a collision domain is determined by the number of hosts that are physically connected to any single
port on the switch. This also affects the bandwidth that is available to any host. In an ideal situation, there is
only one host connected on a LAN switch port. The collision domain would consist only of the source host and
destination host. The size of the collision domain would be two. Because of the small size of this collision
domain, there should be virtually no collisions when any two hosts communicate with each other. Another way
to implement LAN switching is to install shared LAN hubs on the switch ports. This allows multiple hosts to
connect to a single switch port. -5-

All hosts connected to the shared LAN hub share the same collision domain and bandwidth. That means that
collisions would occur more frequently. -6-

706
Only for individual use – not for distribute on Internet
Shared media hubs are generally used in a LAN switch environment to create more connection points at the
end of the horizontal cable runs. -7-
This is an acceptable solution, but care must be taken. Collision domains should be kept small and bandwidth
to the host must be provided in accordance to the specifications gathered in the requirements phase of the
network design process. -8-

707
Only for individual use – not for distribute on Internet
27.1.6 Layer 3 design

This page will describe some Layer 3 design considerations.

A router is a Layer 3 device and is considered one of the most powerful devices in the network topology.

Layer 3 devices can be used to create unique LAN segments. Layer 3 devices allow communication between
segments based on Layer 3 addresses, such as IP addresses. Implementation of Layer 3 devices allows for
segmentation of the LAN into unique physical and logical networks. Routers also allow for connectivity to
WANs, such as the Internet. -1-

Layer 3 routing determines traffic flow between unique physical network segments based on Layer 3
addresses. A router forwards data packets based on destination addresses. A router does not forward LAN-
based broadcasts such as ARP requests. Therefore, the router interface is considered the entry and exit point of
a broadcast domain and stops broadcasts to other LAN segments.

Routers provide scalability because they serve as firewalls for broadcasts and they can divide networks into
subnetworks, or subnets, based on Layer 3 addresses. -2-

In order to decide whether to use routers or switches, it is important to determine the problem that needs to be
solved. If the problem is related to protocol rather than issues of contention, then routers are the appropriate
solution. Routers solve problems with excessive broadcasts, protocols that do not scale well, security issues,
and network layer addresses. Routers are more expensive and more difficult to configure than switches.

708
Only for individual use – not for distribute on Internet
Figure -3- shows an example of an implementation that has multiple networks. All data traffic from Network 1
destined for Network 2 has to go through the router. In this implementation, there are two broadcast domains.
The two networks have unique Layer 3 network address schemes. Multiple physical networks can be created if
the horizontal cabling and vertical cabling are patched into the appropriate Layer 2 switch. This can be done
with patch cables. This implementation also provides robust security because all traffic in and out of the LAN
must pass through the router.

Once an IP address scheme is developed for a client, it should be clearly documented. A standard convention
should be set for addresses of important hosts on the network. -4-

This address scheme should be kept consistent throughout the entire network. Address maps provide a
snapshot of the network. -5- -6-

709
Only for individual use – not for distribute on Internet

Physical maps of the network helps to troubleshoot the network. -7-

VLAN implementation combines Layer 2 switching and Layer 3 routing technologies to limit both collision
domains and broadcast domains. VLANs also provide security with the creation of VLAN groups that
communicate with other VLANs through routers. -8-

710
Only for individual use – not for distribute on Internet
A physical port association is used to implement VLAN assignment. Ports P1, P4, and P6 have been assigned
to VLAN 1. VLAN 2 has ports P2, P3, and P5. Communication between VLAN 1 and VLAN 2 can occur only
through the router. This limits the size of the broadcast domains and uses the router to determine whether
VLAN 1 can talk to VLAN 2. Figure -9-

27.2 LAN Switches

27.2.1 Switched LANs, access layer overview

The construction of a LAN that satisfies the needs of both medium and large-sized organizations is more likely
to be successful if a hierarchical design model is used. The use of a hierarchical design model will make it
easier to make changes to the network as the organization grows. This page will discuss the three layers of the
hierarchical design model:

 The access layer provides users in workgroups access to the network. -1-
 The distribution layer provides policy-based connectivity.
 The core layer provides optimal transport between sites. The core layer is often referred to as the
backbone.

711
Only for individual use – not for distribute on Internet
This hierarchical model applies to any network design. It is important to realize that these three layers may
exist in clear and distinct physical entities. However, this is not a requirement. These layers are defined to aid
in successful network design and to represent functionality that must exist in a network.

The access layer is the entry point for user workstations and servers to the network. In a campus LAN the
device used at the access layer can be a switch or a hub.

If a hub is used, bandwidth is shared. If a switch is used, then bandwidth is dedicated. If a workstation or server
is directly connected to a switch port, then the full bandwidth of the connection to the switch is available to the
connected computer. If a hub is connected to a switch port, bandwidth is shared between all devices connected
to the hub. -2-

Access layer functions also include MAC layer filtering and microsegmentation. MAC layer filtering allows
switches to direct frames only to the switch port that is connected to the destination device. The switch creates
small Layer 2 segments called microsegments. The collision domain can be as small as two devices. Layer 2
switches are used in the access layer. -3-

27.2.2 Access layer switches

This page will explain the functions of access layer switches.

Access layer switches operate at Layer 2 of the OSI model and provide services such as VLAN membership.
The main purpose of an access layer switch is to allow end users into the network. An access layer switch
should provide this functionality with low cost and high port density.

The following Cisco switches are commonly used at the access layer: -1-

 Catalyst 1900 series


 Catalyst 2820 series
 Catalyst 2950 series
712
Only for individual use – not for distribute on Internet
 Catalyst 4000 series
 Catalyst 5000 series

The Catalyst 1900 or 2820 series switch is an effective access device for small or medium campus networks.
The Catalyst 2950 series switch effectively provides access for servers and users that require higher bandwidth.
This is achieved with Fast Ethernet capable switch ports. The Catalyst 4000 and 5000 series switches include
Gigabit Ethernet ports and are effective access devices for a larger number of users in large campus networks.
-2-

27.2.3 Distribution layer overview

This page will describe the distribution layer and explain its purpose.

The distribution layer of the network is between the access and core layers. It helps to define and separate the
core. The purpose of this layer is to provide a boundary definition in which packet manipulation can take place.
Networks are segmented into broadcast domains by this layer. Policies can be applied and access control lists
can filter packets. The distribution layer does not allow the problems to affect the core layer. The distribution
layer also prevents these problems from affecting the core layer. Switches in this layer operate at Layer 2 and
Layer 3. The following are some of the distribution layer functions in a switched network:

 Aggregation of the wiring closet connections


 Broadcast/multicast domain definition
713
Only for individual use – not for distribute on Internet
 VLAN routing
 Any media transitions that need to occur
 Security

27.2.4 Distribution layer switches

This page will explain the features and functions of distribution layer switches.

Distribution layer switches are the aggregation points for multiple access layer switches. The switch must be
able to accommodate the total amount of traffic from the access layer devices.

The distribution layer switch must have high performance. The distribution layer switch is a point at which a
broadcast domain is delineated. The distribution layer combines VLAN traffic and is a focal point for policy
decisions about traffic flow. For these reasons, distribution layer switches operate at both Layer 2 and Layer 3
of the OSI model. Switches in this layer are referred to as multilayer switches. These multilayer switches
combine the functions of a router and a switch in one device. They are designed to switch traffic to gain higher
performance than a standard router. If they do not have an associated router module, then an external router is
used for the Layer 3 function.

The following Cisco switches are suitable for the distribution layer:

 Catalyst 2926G
 Catalyst 5000 family
 Catalyst 6000 family

714
Only for individual use – not for distribute on Internet
27.2.5 Core layer overview

This page will discuss the main functions of the core layer.

The core layer is a high-speed switching backbone. If they do not have an associated router module, an
external router is used for the Layer 3 function. This layer of the network design should not perform any packet
manipulation. Packet manipulation, such as access list filtering, would slow down the switching of packets. A
core infrastructure with redundant alternate paths gives stability to the network in the event of a single device
failure. -1-

The core can be designed to use Layer 2 or Layer 3 switching. ATM or Ethernet switches can be used.

27.2.6 Core layer switches

This page will explain the basic requirements for core layer switches.

The core layer is the backbone of the campus switched network. The switches in this layer can make use of a
number of Layer 2 technologies. Provided that the distance between the core layer switches is not too great, the
switches can use Ethernet technology. Other Layer 2 technologies such as ATM cell switching, can also be
used. In a network design, the core layer can be a routed, or Layer 3, core. Core layer switches are designed to
provide efficient Layer 3 functionality when needed. Factors such as need, cost, and performance should be
considered before a choice is made. The following Cisco switches are suitable for the core layer: -1- …..-3-

 Catalyst 6500 series


 Catalyst 8500 series
 IGX 8400 series
 Lightstream 1010

715
Only for individual use – not for distribute on Internet
27.2.7 Module Summary

This page summarizes the topics discussed in this module.

LAN design depends on the requirements of individual organizations but typically focuses on
functionality, scalability, manageability, and adaptability. For a LAN to be effective, it should be designed
and implemented based on a planned series of systematic steps. The steps require data and requirements to be
gathered and analyzed, Layers 1,2, and 3 implemented, and everything to be documented.
The following are important LAN design documentation:

 OSI layer topology map


 LAN logical map
 LAN physical map
 Cut sheets
 VLAN logical map
 Layer 3 logical map
 Address maps

Layer 1 design issues include the type of cables to be used and the overall structure of the cabling. This
also includes the TIA/EIA-568-A standard for layout and connection of wiring schemes. Layer 1 media types
include 10/100BASE-TX, Category 5, 5e, or 6 unshielded twisted-pair (UTP), or shielded twisted-pair (STP),
and 100BaseFX fiber-optic cable.

The logical diagram of the LAN includes the locations and identification of the MDF and IDF wiring
closets, the type and quantity of cables used to interconnect the IDFs with the MDF, and the number of spare
cables available to increase the bandwidth between the wiring closets.

Layer 2 devices provide flow control, error detection, error correction, and reduce congestion in the
network. Bridges and LAN switches are the two most common Layer 2 network devices. Microsegmentation
of the network reduces the size of collision domains and reduces collisions.

Routers are Layer 3 devices that can be used to create unique LAN segments. They allow communication
between segments based on Layer 3 addresses, such as IP addresses. Implementation of Layer 3 devices allows
for segmentation of the LAN into unique physical and logical networks. Routers also allow for connectivity to
WANs such as the Internet.

VLAN implementation combines Layer 2 switching and Layer 3 routing technologies to limit both
collision domains and broadcast domains. VLANs can also be used to provide security by creating the VLAN
groups according to function and by using routers to communicate between VLANs.

The hierarchical design model includes three layers. The access layer provides users in workgroups, access to
the network. The distribution layer provides policy-based connectivity. The core layer provides optimal
transport between sites. The core layer is often referred to as the backbone.

Access layer switches operate at Layer 2 of the OSI model and provide services such as VLAN
membership. The main purpose of an access layer switch is to allow end users into the network. An access
layer switch should provide this functionality with low cost and high port density.

The distribution layer switch is a point at which a broadcast domain is delineated. The distribution layer
combines VLAN traffic and is a focal point for policy decisions about traffic flow. For these reasons,
distribution layer switches operate at both Layer 2 and Layer 3 of the OSI model. Switches in this layer are
referred to as multilayer switches.

The core layer is a high-speed switching backbone. This layer of the network design should not perform any
packet manipulation. Packet manipulation, such as access list filtering, would slow down the switching of
716
Only for individual use – not for distribute on Internet
packets. A core infrastructure with redundant alternate paths give stability to the network in the event of a
single device failure.

717
Only for individual use – not for distribute on Internet

28 MODULE 6

Module Overview

A switch is a Layer 2 network device that acts as the concentration point for the connection of workstations,
servers, routers, hubs, and other switches.

A hub is an older type of concentration device that also provides multiple ports. However, hubs are inferior to
switches because all devices connected to a hub share the bandwidth and the same collision domain. Another
drawback to hubs is that they only operate in half-duplex mode. In half-duplex mode, hubs can only send or
receive data at any given time, but they cannot do both at the same time. Switches can operate in full-duplex
mode, which means they can send and receive data simultaneously.

Switches are multi-port bridges. Switches are the current standard technology for Ethernet LANs that utilize a
star topology. A switch provides many dedicated, point-to-point virtual circuits between connected network
devices, so collisions are not likely to occur.

Because of the dominant role of switches in modern networks, the ability to understand and configure switches
is essential for network support.

New switches have a preset configuration with factory defaults. This configuration rarely meets the needs of
network administrators. Switches can be configured and managed from a command-line interface (CLI).
Network devices can also be configured and managed through a web based interface and a browser.

Network administrators must be familiar with all tasks associated with the management of networks with
switches. Some of these tasks include maintenance of the switch and its IOS. Other tasks include management
of the interfaces and tables for optimal, reliable, and secure operation. Basic switch configuration, IOS
upgrades, and password recovery are essential network administrator skills.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.

Students who complete this module should be able to perform the following tasks:

 Identify the major components of a Catalyst switch


 Monitor switch activity and status with the use of LED indicators
 Examine the switch bootup output with the use of HyperTerminal
 Use the help features of the command-line interface
 List the major switch command modes
 Verify the default settings of a Catalyst switch
 Set an IP address and default gateway for the switch to allow connection and management over a
network
 View the switch settings with a Web browser
 Configure interfaces for speed and duplex operation
 Examine and manage the switch MAC address table
 Configure port security
 Manage configuration files and IOS images
 Perform password recovery on a switch
 Upgrade the IOS of a switch

718
Only for individual use – not for distribute on Internet
28.1 Starting the Switch

28.1.1 Physical startup of the Catalyst switch

This page will explain the features, functions, and startup of switches.

Switches are dedicated, specialized computers that contain a central processing unit (CPU), random access
memory (RAM), and an operating system. As shown in Figure
, switches usually have several ports that hosts can connect to, as well as specialized ports for the purpose of
management. Switches can be managed and the configuration can be viewed and changed through the console
port.

Switches typically have no power switch to turn them on and off. They simply connect or disconnect from a
power source.

Several switches from the Cisco Catalyst 2900 series are shown in Figure
. There are 12-port, 24-port, and 48-port models. The top two switches in Figure
are fixed configuration symmetrical switches that offer FastEthernet on all ports or a combination of 10Mbps
and 100Mbps ports. The next three switches are asymmetrical models with two fixed fiber or copper Gigabit
Ethernet ports. The bottom four switches are asymmetrical models with modular Gigabit Interface Converter
(GBIC) slots, which can accommodate a variety of copper and fiber media options.

28.1.2 Switch LED indicators

The front panel of a switch has several lights to help monitor system activity and performance. These lights are
called light-emitting diodes (LEDs). This page will discuss the LEDs on the front of a switch:

 System LED
 Remote Power Supply (RPS) LED
 Port Mode LEDs
 Port Status LEDs

The System LED shows whether the system is receiving power and functioning correctly.

The RPS LED indicates whether or not the remote power supply is in use.

The Mode LEDs indicate the state of the Mode button. The modes are used to determine how the Port Status
LEDs are interpreted. To select or change the port mode, press the Mode button repeatedly until the Mode
LEDs indicate the desired mode.

Figure -1- describes the Port Status LED colors as these are dependent on the value of the Mode LEDs.

719
Only for individual use – not for distribute on Internet

28.1.3 Verifying port LEDs during switch POST

This page will explain how LEDs can be used to determine if a switch works properly and has established a
link with its target.

Once the power cable is connected, the switch initiates a series of tests called the power-on self test (POST).
POST runs automatically to verify that the switch functions correctly. The System LED indicates the success
or failure of POST. If the System LED is off but the switch is plugged in, then POST is running. If the System
LED is green, then POST was successful. If the System LED is amber, then POST failed. POST failure is
considered to be a fatal error. Reliable operation of the switch should not be expected if POST fails.

The Port Status LEDs also change during POST. The Port Status LEDs turn amber for about 30 seconds as the
switch discovers the network topology and searches for loops. If the Port Status LEDs turn green, the switch
has established a link between the port and a target, such as a computer. If the Port Status LEDs turn off, the
switch has determined that nothing is plugged into the port. -1-

720
Only for individual use – not for distribute on Internet
28.1.4 Viewing initial bootup output from the switch

This page will explain how HyperTerminal can be used to check and configure a switch.

In order to configure or check the status of a switch, connect a computer to the switch in order to establish a
communication session. Use a rollover cable to connect the console port on the back of the switch to a COM
port on the back of the computer. -1-

Start HyperTerminal on the computer. A dialog window will be displayed. -2-

The connection must first be named when initially configuring the HyperTerminal communication with the
switch. Select the COM port to which the switch is connected from the pull-down menu, and click the OK
button. A second dialog window will be displayed. Set up the parameters as shown in Figure -3- , and click the
OK button.

721
Only for individual use – not for distribute on Internet

Plug the switch into a wall outlet. The initial bootup output from the switch should be displayed on the
HyperTerminal screen. -4- This output shows information about the switch, details about POST status, and
data about the switch hardware.

722
Only for individual use – not for distribute on Internet

After the switch has booted and completed POST, prompts for the System Configuration dialog are presented.
The switch may be configured manually with or without the assistance of the System Configuration dialog.
The System Configuration dialog on the switch is simpler than that on a router.
723
Only for individual use – not for distribute on Internet
28.1.5 Examining help in the switch CLI

This page will explain how the help system is used in the CLI of Cisco switches. The CLI for Cisco switches
?
is very similar to the CLI for Cisco routers. To use the help system enter a question mark ( ). When this
sign is entered at the system prompt, a list of commands available for the current command mode is displayed.

724
Only for individual use – not for distribute on Internet
The help system is very flexible. To obtain a list of commands that begin with a particular character sequence,
enter those characters followed immediately by the question mark (?). Do not enter a space before the question
mark. This form of help is called word help, because it completes a word.

To list keywords or arguments that are associated with a particular command, enter one or more words
associated with the command, followed by a space and then a question mark (?). This form of help is called
command syntax help, because it provides applicable keywords or arguments based on a partial command.

The Interactive Media Activity will help students understand how switches reduce the size of collision
domains.

28.1.6 Switch command modes

This page will discuss two switch command modes. The default mode is User EXEC mode. The User EXEC
mode is recognized by its prompt, which ends in a greater-than character ( > ). The commands available in
User EXEC mode are limited to those that change terminal settings, perform basic tests, and display system
information. Figure -1- describes the show commands that are available in User EXEC mode.

The enable command is used to enter Privileged EXEC mode from User EXEC mode. Privileged EXEC mode
is also recognized by its prompt, which ends in a pound-sign character ( # ). The Privileged EXEC mode
command set includes the configure command as well as all commands from the User EXEC mode. The
configure command allows other command modes to be accessed. Because these modes are used to configure
the switch, access to Privileged EXEC mode should be password protected to prevent unauthorized use. If a
password is set, users are prompted to enter the password to gain access to Privileged EXEC mode. The
password does not appear on the screen, and is case sensitive.

725
Only for individual use – not for distribute on Internet
28.2 Configuring the Switch

28.2.1 Verifying the Catalyst switch default configuration

This page will teach students about the default configuration of a switch and how to verify it.

When powered up for the first time, a switch has default data in the running configuration file. The default
hostname is Switch. No passwords are set on the console or virtual terminal ( vty ) lines. -1-

A switch may be given an IP address for management purposes. This is configured on the virtual interface,
VLAN 1. By default, the switch has no IP address. -1-

The switch ports or interfaces are set to auto mode -2- , and all switch ports are in VLAN 1.

726
Only for individual use – not for distribute on Internet

-3- VLAN 1 is known as the default management VLAN.

727
Only for individual use – not for distribute on Internet

The flash directory by default, has a file that contains the IOS image, a file called env_vars, and a sub-directory
called html. After the switch is configured, the flash directory will contain a file called config.text as well as a
VLAN database. As seen in Figure -4- , the flash directory does not contain a config.text file or a VLAN
database file called vlan.dat.

The IOS version and the configuration register settings can be verified with the show version command. -5-

In this default state, the switch has one broadcast domain and the CLI can be used to manage and configure the
switch through the console port. The Spanning-Tree Protocol is also enabled, and allows the bridge to
construct a loop-free topology across an extended LAN.
728
Only for individual use – not for distribute on Internet
For small networks, the default configuration may be sufficient. The benefits of better performance with
microsegmentation are obtained immediately.

The Lab Activities will allow students to check the default configurations of two Cisco 2900 series switches.

729
Only for individual use – not for distribute on Internet
28.2.2 Configuring the Catalyst switch

This page will teach students how to configure a switch.

A switch may be preconfigured and only passwords may need to be entered for the User EXEC or Privileged
EXEC modes. Switch configuration mode is entered from Privileged EXEC mode.

In the CLI, the default Privileged EXEC mode prompt is Switch#. In User EXEC mode the prompt is Switch>.

The following steps will ensure that a new configuration will completely overwrite the current configuration:

 To remove the current VLAN information, delete the VLAN database file called vlan.dat from the flash
directory
 Erase the back up configuration file called startup-config
 Restart the switch with the reload command -1-

Security, documentation, and management are important for every network device.

A switch should be given a hostname, and passwords should be set on the console and vty lines. -2-

A switch should be assigned an IP address so that it can be accessed remotely using Telnet or other TCP/IP
applications. A switch should be assigned a default gateway so that when working from the command line
interface, other networks can be accessed. -3-
730
Only for individual use – not for distribute on Internet

By default, VLAN 1 is the management VLAN. The management VLAN is used to manage all of the network
devices on a network. In a switch-based network, all network devices should be in the management VLAN. All
ports belong to VLAN 1 by default. A best practice is to remove all of the access ports from VLAN 1 and place
them in another VLAN. This allows for management of network devices while keeping traffic from the
network hosts off of the management VLAN.

The Fast Ethernet switch ports default to auto-speed and auto-duplex. This allows the interfaces to negotiate
these settings. Network administrators can manually configure the interface speed and duplex values if
necessary. -4-

731
Only for individual use – not for distribute on Internet
Some network devices can provide a web-based interface for configuration and management purposes. Once a
switch is configured with an IP address and gateway, it can be accessed in this way. A web browser can access
this service using the IP address and port 80, the default port for http. The HTTP service can be turned on or
off, and the port address for the service can be chosen. -5-

Any additional software such as an applet can be downloaded to the browser from the switch. Also, the switch
can be managed by a browser based graphical user interface (GUI). -6- -7-

28.2.3 Managing the MAC address table

This page will explain how switches create and manage MAC address tables.

Switches examine the source address of frames that are received on the ports to learn the MAC address of PCs
or workstations that are connected to it. These learned MAC addresses are then recorded in a MAC address
table. Frames that have a destination MAC address that has been recorded in the table can be switched out to
the correct interface.

The show mac-address-table command can be entered in the Privileged EXEC mode to examine the
addresses that a switch has learned. -1-

732
Only for individual use – not for distribute on Internet

A switch dynamically learns and maintains thousands of MAC addresses. To preserve memory and for optimal
operation of the switch, learned entries may be discarded from the MAC address table. Machines may have
been removed from a port, turned off, or moved to another port on the same switch or a different switch. This
can cause confusion when frames are forwarded. For all these reasons, if no frames are seen with a previously
learned address, the MAC address entry is automatically discarded or aged out after 300 seconds.

Rather than wait for a dynamic entry to age out, network administrators can use the clear mac-address-table
command in Privileged EXEC mode. -2-

MAC address entries configured by network administrators can also be removed with this command. This
method to clear table entries ensures that invalid addresses are removed immediately.

The Lab Activities will teach students how to create a basic switch configuration and manage the MAC address
table.

733
Only for individual use – not for distribute on Internet
28.2.4 Configuring static MAC addresses

This page will explain how static MAC addresses are configured on a Catalyst 2900 switch.

A MAC address can be permanently assigned to an interface. The following are reasons to assign a permanent
MAC address to an interface:

 The MAC address will not be aged out automatically by the switch.
 A specific server or user workstation must be attached to the port and the MAC address is known.
 Security is enhanced.

The following command can be used to configure a static MAC address for a switch:

Switch(config)#mac-address-table static <mac-address of host > vlan <vlan name > interface FastEthernet
<Ethernet number >

The following command can be used to remove a static MAC address for a switch:

Switch(config)#no mac-address-table static <mac-address of host > vlan <vlan name > interface
FastEthernet <Ethernet number >

In the Lab Activities, students will configure static MAC addresses.

734
Only for individual use – not for distribute on Internet

28.2.5 Configuring port security

This page will explain why port security is important and how it is configured on a Catalyst 2950 switch.

Network security is an important responsibility for network administrators. Access layer switch ports are
accessible through the structured cabling at wall outlets. Anyone can plug in a PC or laptop into one of these
outlets. This is a potential entry point to the network by unauthorized users. Switches provide a feature called
port security. It is possible to limit the number of addresses that can be learned on an interface. The switch can
be configured to take an action if this is exceeded. -1-

Secure MAC addresses can be configured statically. However, it is a complex task to configure secure MAC
addresses statically, and is usually prone to error.

An alternative approach is to set port security on a switch interface. The number of MAC addresses per
port can be limited to 1. The first address dynamically learned by the switch becomes the secure address.

To reverse port security on an interface use the no form of the command. The command show port security
can be used to verify port security status. The Lab Activities will show students how to configure port security
on a switch.
735
Only for individual use – not for distribute on Internet
28.2.6 Executing adds, moves, and changes

This page will discuss some items that should be configured before a switch is added to a network.The
following are parameters that should be configured on a new switch that is added to a network: -1-

 Switch name
 IP address for the switch in the management VLAN
 A default gateway
 Line passwords

When a host is moved from one port or switch to another, configurations that can cause unexpected behavior
should be removed. The switch can then be reconfigured to reflect the changes. -2-

736
Only for individual use – not for distribute on Internet
28.2.7 Managing switch operating system file

This page will teach students how to document and maintain the operational configuration files for network
devices.

Network administrators should document and maintain the operational configuration files for network devices.
The most current running-configuration file should be backed up on a server or disk. This is not only essential
documentation, but is very useful if a configuration needs to be restored.

The IOS should also be backed up to a local server. The IOS can then be reloaded to flash memory if needed.

28.2.8 1900/2950 password recovery

This page will discuss the importance of passwords and explain how they are recovered.

For security and management purposes, passwords must be set on the console and vty lines. An enable
password and an enable secret password must also be set. These practices help ensure that only authorized
users have access to the User and Privileged EXEC modes of the switch. There will be circumstances where
physical access to the switch can be achieved, but access to the User or Privileged EXEC mode cannot be
gained because the passwords are not known or have been forgotten. -1-

In these circumstances, a password recovery procedure must be followed. The Lab Activities will show
students how to recover a password on a Catalyst 2900 series switch.

28.2.9 1900/2950 firmware upgrade

This page will explain the purpose of IOS and firmware upgrades and how they are performed. IOS and
firmware images are periodically released with bugs fixes, new features, and performance improvements. If the
network can be made more secure, or can operate more efficiently with a new version of the IOS, then the IOS
should be upgraded. To upgrade the IOS, download a copy of the new image to a local server from the Cisco
Connection Online (CCO) Software Center.

737
Only for individual use – not for distribute on Internet
28.2.10 Module Summary

This page summarizes the topics discussed in this module.

Switches are similar to routers. They have basic computer components including a CPU, RAM, and an
operating system. There are several ports that are used to connect hosts and for management. LEDs on the
front of the switch show the system status, RPS, port mode, and port status. When powered on, a switch
performs POST automatically to verify that the switch functions correctly. HyperTerminal can be used to
configure or check the status of a switch.

Another similarity to Cisco routers is the CLI. Enter a question mark ( ? ) to access help. A list of available
commands will display. Switches provide word help and command syntax help.

Switches and routers have the same command modes. User EXEC is the default and is indicated by the greater-
than character (>). The enable command changes User EXEC to Privileged EXEC as indicated by the pound
sign (#). Access to Privileged EXEC mode should be password protected to prevent unauthorized use. The
configure command allows other command modes to be accessed.

Default data is provided when the switch is powered up for the first time. For management purposes, a switch
is assigned an IP address. Use the show version command to verify the IOS version and the configuration
register settings.

Once a switch is configured with an IP address and gateway, it can be accessed through a web-based interface.
This allows for the configuration and management of the switch. This service can be accessed through a web
browser with the IP address and port 80, the default port for http.

A switch dynamically learns and maintains thousands of MAC addresses. If frames with a previously learned
address are not received, the MAC address entry is automatically discarded or aged out after 300 seconds. The
command clear mac-address-table entered in the Privileged EXEC mode can be used to manually clear
address tables.

A permanent MAC address assigned to an interface ensures that the MAC address will not be aged out
automatically by the switch and to enhance security. The command mac-address-table static <mac-address of
host > vlan <vlan name > interface FastEthernet <Ethernet number > can be used to configure a static MAC
address. Use the no form of the command to remove it. The command show port security can be used to
verify port security.

The switch name, IP address, default gateway, and line passwords should be configured on a new switch that is
added to a network. When a host is moved from one port or switched to another, configurations that can cause
unexpected behavior should be removed. Documentation should be maintained for the current configuration
and backups to the server or a disk should be performed periodically.

738
Only for individual use – not for distribute on Internet
29 MODULE 7
Module Overview

Redundancy in a network is critical. It allows networks to be fault tolerant. Redundant topologies protect
against network downtime, or nonavailability. Downtime can be caused by the failure of a single link, port, or
network device. Network engineers are often required to balance the cost of redundancy with the need for
network availability.

Redundant topologies based on switches and bridges are susceptible to broadcast storms, multiple frame
transmissions, and MAC address database instability. These problems can make a network unusable.
Therefore, redundancy should be carefully planned and monitored.

Switched networks provide the benefits of smaller collision domains, microsegmentation, and full duplex
operation. Switched networks provide better performance.

Redundancy in a network is required to protect against loss of connectivity due to the failure of an individual
component. However, this provision can result in physical topologies with loops. Physical layer loops can
cause serious problems in switched networks.

The Spanning-Tree Protocol is used in switched networks to create a loop free logical topology from a physical
topology that has loops. Links, ports, and switches that are not part of the active loop free topology do not
forward data frames. The Spanning-Tree Protocol is a powerful tool that gives network administrators the
security of a redundant topology without the risk of problems caused by switching loops.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.

Students who complete this module should be able to perform the following tasks:

 Define redundancy and its importance in networking


 Describe the key elements of a redundant network topology
 Define broadcast storms and describe their impact on switched networks
 Define multiple frame transmissions and describe their impact on switched networks
 Identify causes and results of MAC address database instability
 Identify the benefits and risks of a redundant topology
 Describe the role of spanning-tree in a redundant-path switched network
 Identify the key elements of spanning-tree operation
 Describe the process for root bridge election
 List the spanning-tree states in order
 Compare Spanning-Tree Protocol and Rapid Spanning-Tree Protocol

29.1 Redundant Topologies

29.1.1 Redundancy

This page will explain how redundancy can improve network reliability and performance.

Many companies and organizations increasingly rely on computer networks for their operations. Access to file
servers, databases, the Internet, intranets, and extranets is critical for successful businesses. If the network is
down, productivity and customer satisfaction decline.

Increasingly, companies require continuous network availability, or uptime. 100 percent uptime is perhaps
impossible, but many organizations try to achieve 99.999 percent, or five nines, uptime. Extremely reliable
networks are required to achieve this goal. This is interpreted to mean one hour of downtime, on average, for
739
Only for individual use – not for distribute on Internet
every 4,000 days, or approximately 5.25 minutes of downtime per year. To achieve such a goal requires
extremely reliable networks.

Network reliability is achieved through reliable equipment and network designs that are tolerant to failures and
faults. Networks should be designed to reconverge rapidly so that the fault is bypassed.

Figure illustrates redundancy. Assume that a car must be used to get to work. If the car has a fault that makes
it unusable, it is impossible to use the car to go to work until it is repaired.

On average, if the car is unuseable due to failure one day out of ten, the car has ninety percent usage.
Therefore, reliability is also 90 percent.

A second car will improve matters. There is no need for two cars just to get to work. However, it does provide
redundancy, or backup, in case the primary vehicle fails. The ability to get to work is no longer dependent on a
single car.

Both cars may become unusable simultaneously, one day in every 100. The second car raises reliability to 99
percent. -1-

29.1.2 Redundant topologies

This page will explain the concept and benefits of a redundant topology. A goal of redundant topologies is to
eliminate network outages caused by a single point of failure. All networks need redundancy for enhanced
reliability.

A network of roads is a global example of a redundant topology. If one road is closed for repair, there is likely
an alternate route to the destination. -1-

Consider a community separated by a river from the town center. If there is only one bridge across the river,
there is only one way into town. The topology has no redundancy. -2-

740
Only for individual use – not for distribute on Internet

If the bridge is flooded or damaged by an accident, travel to the town center across the bridge is impossible. -3-

A second bridge across the river creates a redundant topology. The suburb is not cut off from the town center if
one bridge is impassable. -4-….-5-

741
Only for individual use – not for distribute on Internet
29.1.3 Redundant switched topologies

This page will explain how switches operate in a redundant topology.

Networks with redundant paths and devices allow for more network uptime. Redundant topologies eliminate
single points of failure. If a path or device fails, the redundant path or device can take over the tasks of the
failed path or device. -1-

If Switch A fails, traffic can still flow from Segment 2 to Segment 1 and to the router through Switch B.

Switches learn the MAC addresses of devices on their ports so that data can be properly forwarded to the
destination. Switches flood frames for unknown destinations until they learn the MAC addresses of the
devices. -2-

742
Only for individual use – not for distribute on Internet
A redundant switched topology may cause broadcast storms, multiple frame copies, and MAC address table
instability problems. Broadcasts and multicasts are also flooded. -3-

29.1.4 Broadcast storms

This page will explain the effects of broadcasts and multicasts in a switched network.
Broadcasts and multicasts can cause problems in a switched network. Multicasts are treated as broadcasts by
the switches. Broadcast and multicast frames are flooded out all ports, except the one on which the frame was
received.
If Host X sends a broadcast, like an ARP request for the Layer 2 address of the router, then Switch A
will forward the broadcast out all ports. Switch B is on the same segment and also forwards all broadcasts.
Switch B receives all the broadcasts that Switch A forwarded and Switch A receives all the broadcasts that
Switch B forwarded. Switch A forwards the broadcasts received from Switch B. Switch B forwards the
broadcasts received from Switch A.
The switches continue to propagate broadcast traffic over and over. This is called a broadcast storm.
This broadcast storm will continue until one of the switches is disconnected. Since broadcasts require time and
network resources to process, they reduce the flow of user traffic. The network will appear to be down or
extremely slow.

743
Only for individual use – not for distribute on Internet
29.1.5 Multiple frame transmissions

This page will explain multiple frame transmissions in a redundant switched network.

In a redundant switched network it is possible for an end device to receive multiple frames.

Assume that the MAC address of Router Y has been timed out by both switches. Also assume that Host X still
has the MAC address of Router Y in its ARP cache and sends a unicast frame to Router Y. The router receives
the frame because it is on the same segment as Host X.

Switch A does not have the MAC address of Router Y and will therefore flood the frame out its ports. Switch
B also does not know which port Router Y is on. Switch B then floods the frame it received. This causes
Router Y to receive multiple copies of the same frame. This results in unnecessary utilization of network
resources.

29.1.6 Media access control database instability

This page will explain how incorrect information can be forwarded in a redundant switched network.

In a redundant switched network it is possible for switches to learn the wrong information. A switch can
incorrectly learn that a MAC address is on one port, when it is actually on a different port. In this example
the MAC address of Router Y is not in the MAC address table of either switch.
Host X sends a frame directed to Router Y. Switches A and B learn the MAC address of Host X on port 0.
The frame to Router Y is flooded on port 1 of both switches. Switches A and B receive this information on port
1 and incorrectly learn the MAC address of Host X on port 1. When Router Y sends a frame to Host X, Switch
A and Switch B also receive the frame and will send it out port 1. This is unnecessary, but the switches have
incorrectly learned that Host X is on port 1. In this example the unicast frame from Router Y to Host X will
be caught in a loop

744
Only for individual use – not for distribute on Internet
29.2 Spanning-Tree Protocol

29.2.1 Redundant topology and spanning tree

This page will teach students how to create a loop free logical topology.

Redundant network topologies are designed to ensure that networks continue to function in the presence of
single points of failure. Work is interrupted less often for users because the network continues to function. Any
interruptions that are caused by a failure should be as short as possible.

Reliability is increased by redundancy. A network that is based on switches or bridges will introduce redundant
links between those switches or bridges to overcome the failure of a single link. These connections introduce
physical loops into the network. These bridging loops are created so if one link fails another can take over
the function of forwarding traffic.

When the destination of the traffic is unknown to a switch, it floods traffic out all ports except the port that
received the traffic. Broadcasts and multicasts are also forwarded out every port except the port that received
the traffic. This traffic can be caught in a loop.

745
Only for individual use – not for distribute on Internet
In the Layer 2 header, there is no Time To Live (TTL) value. If a frame is sent into a Layer 2 looped topology
of switches, it can loop forever. This wastes bandwidth and makes the network unusable.

At Layer 3, the TTL is decremented and the packet is discarded when the TTL reaches 0. This creates a
dilemma. A physical topology that contains switching or bridging loops is necessary for reliability, yet a
switched network cannot have loops.

The solution is to allow physical loops, but create a loop free logical topology. For this logical topology,
traffic destined for the server farm attached to Cat-5 from any user workstation attached to Cat-4 will travel
through Cat-1 and Cat-2. This will happen even though there is a direct physical connection between Cat-5 and
Cat-4.

The loop free logical topology created is called a tree. This topology is a star or extended star logical topology.
This topology is the spanning-tree of the network. It is a spanning-tree because all devices in the network are
reachable or spanned.

The algorithm used to create this loop free logical topology is the spanning-tree algorithm. This algorithm can
take a relatively long time to converge. A new algorithm called the rapid spanning-tree algorithm was
developed to reduce the time for a network to compute a loop free logical topology.

29.2.2 Spanning-tree protocol

This page will explain how STP can be used to create a loop free network.

Ethernet bridges and switches can implement the IEEE 802.1d Spanning-Tree Protocol and use the spanning-
tree algorithm to construct a loop free shortest path network.

Shortest path is based on cumulative link costs. Link costs are based on the speed of the link.

746
Only for individual use – not for distribute on Internet
The Spanning-Tree Protocol establishes a root node called the root bridge. The Spanning-Tree Protocol
constructs a topology that has one path for every node on the network. This tree originates from the root
bridge. Redundant links that are not part of the shortest path tree are blocked.

It is because certain paths are blocked that a loop free topology is possible. Data frames received on blocked
links are dropped.

The Spanning-Tree Protocol requires network devices to exchange messages to detect bridging loops.
Links that will cause a loop are put into a blocking state.

Switches send messages called the bridge protocol data units (BPDUs) to allow the formation of a loop free
logical topology. BPDUs continue to be received on blocked ports. This ensures that if an active path or device
fails, a new spanning-tree can be calculated.

BPDUs contain information that allow switches to perform specific actions:

 Select a single switch that will act as the root of the spanning-tree.
 Calculate the shortest path from itself to the root switch.
 Designate one of the switches as the closest one to the root, for each LAN segment. This switch is
called the designated switch. The designated switch handles all communication from that LAN segment
towards the root bridge.
 Choose one of its ports as its root port, for each non-root switch. This is the interface that gives the best
path to the root switch.
 Select ports that are part of the spanning-tree. These ports are called designated ports. Non-designated
ports are blocked.

747
Only for individual use – not for distribute on Internet
29.2.3 Spanning-tree operation

This page will teach students about the ports and devices that are found in an STP switched network.

When the network has stabilized, it has converged and there is one spanning-tree per network.

As a result, for every switched network the following elements exist:

 One root bridge per network


 One root port per non-root bridge
 One designated port per segment
 Unused, or non-designated ports

Root ports and designated ports are used for forwarding (F) data traffic.

Non-designated ports discard data traffic. These ports are called blocking (B) or discarding ports.

29.2.4 Selecting the root bridge

This page will explain how a root bridge is selected in an STP network.

The first decision that all switches in the network make, is to identify the root bridge. The position of the root
bridge in a network affects the traffic flow.

When a switch is turned on, the spanning-tree algorithm is used to identify the root bridge. BPDUs are sent out
with the bridge ID (BID). The BID consists of a bridge priority that defaults to 32768 and the switch MAC
address. By default BPDUs are sent every two seconds.

748
Only for individual use – not for distribute on Internet

When a switch first starts up, it assumes it is the root switch and sends BPDUs that contain the switch MAC
address in both the root and sender BID. These BPDUs are considered inferior because they are generated from
the designated switch that has lost its link to the root bridge. The designated switch transmits the BPDUs with
the information that it is the root bridge as well as the designated bridge. These BPDUs contain the switch
MAC address in both the root and sender BID.

The BIDs are received by all switches. Each switch replaces higher root BIDs with lower root BIDs in the
BPDUs that are sent out. All switches receive the BPDUs and determine that the switch with the lowest root
BID value will be the root bridge.

Network administrators can set the switch priority to a smaller value than the default, which makes the BID
smaller. This should only be implemented when the traffic flow on the network is well understood.

The Lab Activities will teach students how to select the root bridge for a basic switch configuration.

749
Only for individual use – not for distribute on Internet

29.2.5 Stages of spanning-tree port states

This page will explain the five port states of a switch that uses STP.

Time is required for protocol information to propagate throughout a switched network. Topology changes in
one part of a network are not instantly known in other parts of the network due to propagation delay. Data
loops can occur when a switch changes the state of a port too quickly.

Each port on a switch that uses the Spanning-Tree Protocol has one of five states, as shown in Figure .

750
Only for individual use – not for distribute on Internet
In the blocking state, ports can only receive BPDUs. Data frames are discarded and no addresses can be
learned. It may take up to 20 seconds to change from this state.

Ports transition from the blocking state to the listening state. In this state, switches determine if there are any
other paths to the root bridge. The path that is not the least cost path to the root bridge returns to the blocking
state. The listening period is called the forward delay and lasts for 15 seconds. In the listening state, data is not
forwarded and MAC addresses are not learned. BPDUs are still processed.

Ports transition from the listening state to the learning state. In this state, data is not forwarded, but MAC
addresses are learned from traffic that is received. The learning state lasts for 15 seconds and is also called the
forward delay. BPDUs are still processed.

Ports transitions from the learning state to the forwarding state. In this state user data is forwarded and MAC
addresses continue to be learned. BPDUs are still processed.

A port can be in a disabled state. This disabled state can occur when an administrator shuts down the port or
the port fails.

The time values given for each state are the default values. These values have been calculated on an
assumption that there will be a maximum of seven switches in any branch of the spanning-tree from the root
bridge. The Interactive Media Activities will help students learn the five spanning-tree port states

29.2.6 Spanning-tree recalculation

This page will describe the convergence of a spanning-tree network.

A switched internetwork has converged when all the switch and bridge ports are in either the forwarding or
blocking state. Forwarding ports send and receive data traffic and BPDUs. Blocking ports only receive
BPDUs.

When the network topology changes, switches and bridges recompute the spanning-tree and cause a disruption
in network traffic.

751
Only for individual use – not for distribute on Internet

Convergence on a new spanning-tree topology that uses the IEEE 802.1d standard can take up to 50 seconds.
This convergence is made up of the max-age of 20 seconds, plus the listening forward delay of 15 seconds, and
the learning forward delay of 15 seconds. The Lab Activities will show students how to create and verify a
basic switch configuration

29.2.7 Rapid spanning-tree protocol

This page will describe the Rapid Spanning-Tree Protocol.


The Rapid Spanning-Tree Protocol is defined in the IEEE 802.1w LAN standard.
The standard and protocol introduce new features:

 Clarification of port states and roles


 Definition of a set of link types that can go to forwarding state rapidly
 Concept of allowing switches in a converged network to generate BPDUs rather than relaying root
bridge BPDUs

The blocking state of a port is renamed as the discarding state. The role of a discarding port is that of an
alternate port. The discarding port can become the designated port if the designated port of the segment fails.

752
Only for individual use – not for distribute on Internet
Link types have been defined as point-to-point, edge-type, and shared. These changes allow rapid discovery
of link failure in switched networks.

Point-to-point links and edge-type links can go to the forwarding state immediately.

Network convergence should take no longer than 15 seconds with these changes.

The Rapid Spanning-Tree Protocol, IEEE 802.1w, will eventually replace the Spanning-Tree Protocol, IEEE
802.1d.

29.2.8 Summary

This page summarizes the topics discussed in this module.

Redundancy is defined as a duplication of components that allows continued functionality despite the failure of
an individual component. In a network, redundancy means to have a backup method to connect all devices.
Redundant topologies increase network reliability and decrease downtime caused by a single point of failure.

A redundant switched topology may cause broadcast storms, multiple frame transmissions, and MAC address
table instability problems. A broadcast storm is caused by multiple hosts that send and receive multiple
broadcast messages. The result is that they continue to propagate broadcast traffic over and over until one of
the switches is disconnected. During a broadcast storm, the network appears to be down or extremely slow.
Multiple frame transmissions occur when a router receives multiple copies of a frame from multiple switches
due to an unknown MAC address. These excessive transmissions cause the router to time out. When a switch
incorrectly learns a MAC address of a port, it can cause a loop situation and instability for the MAC address
table.

Since switches operate at Layer 2 of the OSI model, all forwarding decisions are made at this level. Layer 2
does not provide a TTL value, which is the set amount of time a packet is provided to reach a destination. The
problem is that physical topologies contain switching or bridging loops necessary for reliability, yet a switched
network cannot have loops. The solution is to allow physical loops, but create a loop free logical topology.

753
Only for individual use – not for distribute on Internet
The loop free logical topology created is called a tree. The topology is a star or extended star that spans the tree
of the network. All devices are reachable or spanned. The algorithm used to create this loop free logical
topology is the spanning-tree algorithm.

The Spanning-Tree Protocol establishes a root node, called the root bridge. The Spanning-Tree Protocol
constructs a topology that has one path for every node on the network. This results in a tree that originates from
the root bridge. Redundant links that are not part of the shortest path tree are blocked. It is because certain
paths are blocked that a loop free topology is possible. Data frames received on blocked links are dropped.

Switches send messages called the bridge protocol data units (BPDUs) to allow the formation of a loop free
logical topology. BPDUs continue to be received on blocked ports. BPDUs contain information that allow
switches to perform specific actions:

 Select a single switch that will act as the root of the spanning-tree.
 Calculate the shortest path from itself to the root switch.
 Designate one of the switches as the designated switch.
 Choose one of its ports as its root port, for each non-root switch.
 Select ports that are part of the spanning-tree. These ports are called designated ports.

IEEE 802.1w LAN standard defines the Rapid Spanning-Tree Protocol. It serves to clarify port states and roles,
define a set of link types, and allow switches in a converged network to generate BPDUs rather than use the
root bridge BPDUs. The blocking state of a port is renamed as the discarding state. The role of a discarding
port is that of an alternate port. The discarding port can become the designated port if the designated port of the
segment fails.

30 MODULE 8

Overview

An important feature of Ethernet switching is the ability to create virtual LANs (VLANs). A VLAN is a logical
group of network stations and devices. VLANs can be grouped by job functions or departments, regardless of
physical location of users. Traffic between VLANs is restricted. Switches and bridges forward unicast,
multicast, and broadcast traffic only on LAN segments that serve the VLAN to which the traffic belongs. In
other words, devices on a VLAN only communicate with devices that are on the same VLAN. Routers provide
connectivity between different VLANs.

VLANs increase overall network performance by logically grouping users and resources together. Businesses
often use VLANs as a way of ensuring that a particular set of users are logically grouped regardless of the
physical location. Organizations use VLANs to group users in the same department together. For example,

754
Only for individual use – not for distribute on Internet
users in the Marketing department are placed in the Marketing VLAN, while users in the Engineering
Department are placed in the Engineering VLAN.

VLANs can enhance scalability, security, and network management. Routers in VLAN topologies provide
broadcast filtering, security, and traffic flow management.

Properly designed and configured VLANs are powerful tools for network administrators. VLANs simplify
tasks when additions, moves, and changes to a network are necessary. VLANs improve network security and
help control Layer 3 broadcasts. However, improperly configured VLANs can make a network function poorly
or not function at all. Proper VLAN configuration and implementation is critical to the network design process.

Cisco is taking a positive approach toward vendor interoperability, but LANs can consist of intermixed
network topologies and device configurations. Each vendor develops its own proprietary VLAN product and
may not be entirely compatible with other VLAN products due to differences in VLAN services.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.

Students who complete this module should be able to perform the following tasks:

 Define VLANs
 List the benefits of VLANs
 Explain how VLANs are used to create broadcast domains
 Explain how routers are used for communication between VLANs
 List the common VLAN types
 Define ISL and 802.1Q
 Explain the concept of geographic VLANs
 Configure static VLANs on Catalyst 2900 series switches
 Verify and save VLAN configurations
 Delete VLANs from a switch configuration

30.1 VLAN Concepts

30.1.1 VLAN introduction

This TI compares and contrasts traditional switched LANs, where the physical topology is closely related to
the logical topology. Generally workstations must be grouped by their physical proximity to a switch. VLANs
allow almost complete independence of the physical and logical topologies. Administrators can use VLANs to
define groupings of workstations, even if they are separated by switches and on different LAN segments, as
one VLAN, one collision domain, and one broadcast domain. This capability is extremely powerful.This page
will explain what a VLAN is and how it works.

A VLAN is a logical group of network stations, services, and devices that is not restricted to a physical LAN
segment. -1-

755
Only for individual use – not for distribute on Internet

VLANs facilitate easy administration of logical groups of stations and servers that can communicate as if they
were on the same physical LAN segment. They also facilitate easier administration of moves, adds, and
changes in members of these groups.

VLANs logically segment switched networks based on job functions, departments, or project teams, regardless
of the physical location of users or physical connections to the network. All workstations and servers used by a
particular workgroup share the same VLAN, regardless of the physical connection or location.

Configuration or reconfiguration of VLANs is done through software. Therefore, VLAN configuration does
not require network equipment to be physically moved or connected. -2- -3-

756
Only for individual use – not for distribute on Internet

A workstation in a VLAN group is restricted to communicating with file servers in the same VLAN group.
VLANs logically segment the network into different broadcast domains so that packets are only switched
between ports that are assigned to the same VLAN. VLANs consist of hosts or network equipment connected
by a single bridging domain. The bridging domain is supported on different network equipment. LAN switches
operate bridging protocols with a separate bridge group for each VLAN.

VLANs are created to provide segmentation services traditionally provided by physical routers in LAN
configurations. VLANs address scalability, security, and network management. Routers in VLAN topologies
provide broadcast filtering, security, and traffic flow management. Switches do not bridge traffic between
VLANs, as this violates the integrity of the VLAN broadcast domain. Traffic should only be routed between
VLANs.

30.1.2 Broadcast domains with VLANs and routers

This page will explain how packets are routed between different broadcast domains.

A VLAN is a broadcast domain created by one or more switches. The network design in Figures -1- and -2-
requires three separate broadcast domains.

757
Only for individual use – not for distribute on Internet

Figure -2- shows how three separate switches are used to create three separate broadcast domains. Layer 3
routing allows the router to send packets to the three different broadcast domains.

In Figure -3- , a VLAN is created with one router and one switch. Three separate broadcast domains exist. The
router routes traffic between the VLANs using Layer 3 routing. The switch in Figure -3- , forwards frames to
the router interfaces if certain circumstances exist:

 If it is a broadcast frame
 If the destination is one of the MAC addresses on the router

758
Only for individual use – not for distribute on Internet

If Workstation 1 on the Engineering VLAN wants to send frames to Workstation 2 on the Sales VLAN, the
frames are sent to the Fa0/0 MAC address of the router. Routing occurs through the IP address on the Fa0/0
router interface for the Engineering VLAN.

If Workstation 1 on the Engineering VLAN wants to send a frame to Workstation 2 on the same VLAN, the
destination MAC address of the frame is that of Workstation 2.

VLAN implementation on a switch causes certain actions to occur:

 The switch maintains a separate bridging table for each VLAN.


 If the frame comes in on a port in VLAN 1, the switch searches the bridging table for VLAN 1.
 When the frame is received, the switch adds the source address to the bridging table if it is currently
unknown.
 The destination is checked so a forwarding decision can be made.
 For learning and forwarding, the search is made against the address table for that VLAN only

30.1.3 VLAN operation

This page will explain the features of different types of VLANs.

A VLAN comprises a switched network that is logically segmented. Each switch port can be assigned to a
VLAN. Ports assigned to the same VLAN share broadcasts. Ports that do not belong to that VLAN do not
share these broadcasts. This improves network performance because unnecessary broadcasts are reduced.

Static membership VLANs are called port-based and port-centric membership VLANs. As a device enters the
network, it automatically assumes the VLAN membership of the port to which it is attached. -1-

759
Only for individual use – not for distribute on Internet

Users attached to the same shared segment, share the bandwidth of that segment. Each additional user attached
to the shared medium means less bandwidth and deterioration of network performance. VLANs offer more
bandwidth to users than a hub-based Ethernet shared network. The default VLAN for every port in the switch
is the management VLAN. The management VLAN is always VLAN 1 and may not be deleted. At least one
port must be assigned to VLAN 1 in order to manage the switch. All other ports on the switch may be
reassigned to alternate VLANs.

Dynamic membership VLANs are created through network management software. CiscoWorks 2000 or
CiscoWorks for Switched Internetworks is used to create Dynamic VLANs. Dynamic VLANs allow for
membership based on the MAC address of the device connected to the switch port. As a device enters the
network, the switch that it is connected to queries a database on the VLAN Configuration Server for VLAN
membership. -2-

760
Only for individual use – not for distribute on Internet
In port-based or port-centric VLAN membership, the port is assigned to a specific VLAN membership
independent of the user or system attached to the port. When using this membership method, all users of the
same port must be in the same VLAN. A single user, or multiple users, can be attached to a port and never
realize that a VLAN exists. -3- This approach is easy to manage because no complex lookup tables are required
for VLAN segmentation.

Network administrators are responsible for configuring VLANs both statically and dynamically.

Bridges filter traffic that does not need to go to segments other than the destination segment. If a frame needs
to cross a bridge and the destination MAC address is known, the bridge only forwards the frame to the correct
bridge port. If the MAC address is unknown, it floods the frame to all ports in the broadcast domain, or VLAN,
except the source port where the frame was received. Switches are considered multiport bridges.

761
Only for individual use – not for distribute on Internet

30.1.4 Benefits of VLANs

This page will discuss the administrative benefits of VLANs.

VLANs allow network administrators to organize LANs logically instead of physically. This is a key benefit.
This allows network administrators to perform several tasks:

 Easily move workstations on the LAN


 Easily add workstations to the LAN
 Easily change the LAN configuration
 Easily control network traffic
 Improve security

762
Only for individual use – not for distribute on Internet
30.1.5 VLAN types

This page will describe three basic VLAN types that are used to determine and control VLAN membership
assignments: -

 Port-based VLANs
 MAC address based VLANs
 Protocol-based VLANs

The number of VLANs in a switch vary based on several factors:

 Traffic patterns
 Types of applications
 Network management needs
 Group commonality

The IP addressing scheme is another important consideration in defining the number of VLANs in a switch.
For example, a network that uses a 24-bit mask to define a subnet has a total of 254 host addresses allowed on
one subnet. Because a one-to-one correspondence between VLANs and IP subnets is strongly recommended,
there can be no more than 254 devices in any one VLAN. It is further recommended that VLANs should not
extend outside of the Layer 2 domain of the distribution switch.

There are two major methods of frame tagging, Inter-Switch Link (ISL) and 802.1Q. ISL is a Cisco
proprietary protocol and used to be the most common, but is now being replaced by the IEEE 802.1Q standard
frame tagging.

As packets are received by the switch from any attached end-station device, a unique packet identifier is added
within each header. This header information designates the VLAN membership of each packet. The packet is
then forwarded to the appropriate switches or routers based on the VLAN identifier and MAC address. Upon
reaching the destination node the VLAN ID is removed from the packet by the adjacent switch and forwarded
to the attached device. Packet tagging provides a mechanism for controlling the flow of broadcasts and
applications while not interfering with the network and applications. LAN emulation (LANE) is a way to make
an Asynchronous Transfer Mode (ATM) network simulate an Ethernet network. There is no tagging in LANE,
but the virtual connection used implies a VLAN ID.

763
Only for individual use – not for distribute on Internet

764
Only for individual use – not for distribute on Internet

30.2 VLAN Configuration

30.2.1 VLAN basics

This page will provide basic information about VLANs and describe the features of an end-to-end VLAN
network.

In a switched environment, a workstation only receives traffic addressed to it. Because switches filter network
traffic, workstations in a switched environment send and receive data at full, dedicated bandwidth. Unlike a
shared-hub system where only one station can transmit at a time, a switched network allows many concurrent
transmissions within a broadcast domain. This process does not directly affect other stations inside or outside a
broadcast domain. Figure illustrates that communication between pairs A/B, C/D and E/F does not affect the
other station pairs.

Each VLAN must have a unique Layer 3 network or subnet address assigned to it. This enables routers to
switch packets between VLANs.

VLANs can exist either as end-to-end networks or they can exist inside of geographic boundaries.

An end-to-end VLAN network has several characteristics:

 VLAN membership for users is based on department or job function, regardless of where the users are
located.
 All users in a VLAN should have the same 80/20 traffic flow patterns.
 VLAN membership for users should not change when they relocate within the campus.
 Each VLAN has a common set of security requirements for all members.

Switch ports are provisioned for each user at the access layer. Each color represents a subnet. Because users
relocate, each switch can eventually become a member of all VLANs. Frame tagging is used to carry
information from multiple VLANs between access layer switches and distribution layer switches.

ISL is a Cisco proprietary protocol that maintains VLAN information as traffic flows between switches and
routers. IEEE 802.1Q is an open-standard (IEEE) VLAN tagging mechanism in switching installations.
Catalyst 2950 switches do not support ISL trunking.

Workgroup servers operate in a client/server model. For this reason, users are assigned to the same VLAN as
the server they use to maximize the performance of Layer 2 switching and keep traffic localized.

765
Only for individual use – not for distribute on Internet
In Figure , a core layer router is used to route between subnets. The network is engineered, based on traffic
flow patterns, to have 80 percent of the traffic contained within a VLAN. The remaining 20 percent crosses the
router to the enterprise servers and to the Internet and WAN

30.2.2 Geographic VLANs

This page will explain why geographic VLANs have become more common than end-to-end VLANs.

End-to-end VLANs allow devices to be grouped based upon resource usage. This includes such parameters as
server usage, project teams, and departments. The goal of end-to-end VLANs is to maintain 80 percent of the
traffic on the local VLAN.

As corporate networks move to centralize their resources, end-to-end VLANs become more difficult to
maintain. Users are required to use many different resources, many of which are no longer in their VLAN. This
shift in placement and usage of resources require VLANs to be created around geographic boundaries rather
than commonality boundaries.

This geographic location can be as large as an entire building or as small as a single switch inside a wiring
closet. In a geographic VLAN structure, it is typical to find the new 20/80 rule in effect. That means that 20
percent of the traffic remains within the local VLAN and 80 percent of the network traffic travels outside the
local VLAN. Although this topology means that 80 percent of the services from resources must travel through
a Layer 3 device, this design allows networks to provide a deterministic and consistent method to access
resources.

766
Only for individual use – not for distribute on Internet

30.2.3 Configuring static VLANs

This page will describe the type of network in which a static VLAN can be configured. Students will also learn
how to configure a VLAN.

Static VLANs are ports on a switch that are manually assigned to a VLAN. This can be accomplished with a
VLAN management application or configured directly into the switch through the CLI. These ports maintain
their assigned VLAN configuration until they are changed manually. This type of VLAN works well in
networks with specific requirements:

 All moves are controlled and managed.


 There is robust VLAN management software to configure the ports.
 The additional overhead required to maintain end-station MAC addresses and custom filtering tables is
not acceptable.

Dynamic VLANs do not rely on ports assigned to a specific VLAN.

To configure VLANs on Cisco 2900 series switches, specific guidelines must be observed:

 The maximum number of VLANs is switch dependent.


 One of the factory-default VLANs is VLAN 1.
 The default Ethernet VLAN is VLAN 1.
 Cisco Discovery Protocol (CDP) and VLAN Trunking Protocol (VTP) advertisements are sent on
VLAN 1 (VTP will be discussed in Module 9).
 The IP address of the switch is in the VLAN 1 broadcast domain by default.
 The switch must be in VTP server mode to create, add, or delete VLANs.

The creation of a VLAN on a switch is a very straightforward and simple task. If an IOS command-based
switch is used, the command vlan database can be used in the Privileged EXEC mode to enter into VLAN
configuration mode. A VLAN name may also be configured, if necessary:

767
Only for individual use – not for distribute on Internet
Switch#vlan database
Switch(vlan)#vlan vlan_number
Switch(vlan)#exit

Upon exiting, the VLAN is applied to the switch. The next step is to assign the VLAN to one or more
interfaces:

Switch(config)#interface fastethernet 0/9


Switch(config-if)#switchport access vlan vlan_number

30.2.4 Verifying VLAN configuration

This page will explain how to verify VLAN configurations.

The commands show vlan, show vlan brief, or show vlan id id_number can be used to verify VLAN
configurations.

The following facts apply to VLANs:

 A created VLAN remains unused until it is mapped to switch ports.


 All Ethernet ports are assigned to VLAN 1 by default.

Figure shows a list of applicable commands. Figure shows the steps necessary to assign a new VLAN to a
port on the Sydney switch. Figures and list the output of the show vlan and show vlan brief commands.

The Lab Activities will allow students to create and verify a basic switch configuration with two VLANs

768
Only for individual use – not for distribute on Internet

769
Only for individual use – not for distribute on Internet

30.2.5 Saving VLAN configuration

This page will teach students how to create a text file of a VLAN configuration and use it for backup.

It is useful to keep a copy of the VLAN configuration as a text file, especially when backups or audits need to
be performed.

The switch configuration settings can be backed up to a TFTP server with the copy running-config tftp
command. The HyperTerminal text capture feature along with the commands show running-config and show
vlan can be used to capture configurations settings.

770
Only for individual use – not for distribute on Internet
30.2.6 Deleting VLANs

This page will teach students how to remove a VLAN from a Cisco IOS command based switch interface. This
process is similar to the procedure that is used to remove a command from a router.

In Figure , FastEthernet 0/9 was assigned to VLAN 300 with the command switchport access vlan 300. To
remove this VLAN from the interface, simply use the no form of the command.

The command below is used to remove a VLAN from a switch:

Switch#vlan database
Switch(vlan)#no vlan 300

When a VLAN is deleted, all ports assigned to that VLAN become inactive. The ports will, however, remain
associated with the deleted VLAN until assigned to a new VLAN.

The Lab Activities will show students how to delete VLAN configurations.

771
Only for individual use – not for distribute on Internet

30.3 Troubleshooting VLANs

30.3.1 Overview

This page will explain what students will learn from this lesson.

VLANs are now commonplace in campus networks. VLANs give network engineers flexibility in designing
and implementing networks. VLANs also enable broadcast containment, security, and geographically disparate
communities of interest. However, as with basic LAN switching, problems can occur when VLANs are
implemented. This lesson will show some of the more common problems that can occur with VLANs, and it
will provide several tools and techniques for troubleshooting.

Students completing this lesson should be able to:

 Utilize a systematic approach to VLAN troubleshooting


 Demonstrate the steps for general troubleshooting in switched networks
772
Only for individual use – not for distribute on Internet
 Describe how spanning-tree problems can lead to broadcast storms
 Use show and debug commands to troubleshoot VLANs

30.3.2 VLAN troubleshooting process

This page will help students develop a systematic approach that can be used to troubleshoot switch related
problems.

It is important to develop a systematic approach for troubleshooting switch related problems.

The following steps can assist in isolating a problem on a switched network:

1. Check the physical indications, such as LED status.


2. Start with a single configuration on a switch and work outward.
3. Check the Layer 1 link.
4. Check the Layer 2 link.
5. Troubleshoot VLANs that span several switches.

When troubleshooting, check to see if the problem is a recurring one rather than an isolated fault. Some
recurring problems are due to growth in demand for services by workstation ports outpacing the configuration,
trunking, or capacity to access server resources. For example, the use of Web technologies and traditional
applications, such as file transfer and e-mail, is causing network traffic growth that enterprise networks must
handle.

Many campus LANs face unpredictable network traffic patterns that result from the combination of intranet
traffic, fewer centralized campus server locations, and the increasing use of multicast applications. The old
80/20 rule, which stated that only 20 percent of network traffic went over the backbone, is obsolete. Internal
Web browsing now enables users to locate and access information anywhere on the corporate intranet. Traffic
patterns are dictated by where the servers are located and not by the physical workgroup configurations with
which they happen to be grouped.

773
Only for individual use – not for distribute on Internet
If a network frequently experiences bottleneck symptoms, like excessive overflows, dropped frames, and
retransmissions, there may be too many ports riding on a single trunk or too many requests for global resources
and access to intranet servers.

Bottleneck symptoms may also occur because a majority of the traffic is being forced to traverse the backbone.
Another cause may be that any-to-any access is common, as users draw upon corporate Web-based resources
and multimedia applications. In this case, it may be necessary to consider increasing the network resources to
meet the growing demand.

30.3.3 Preventing broadcast storms

This page will teach students how to prevent broadcast storms.

A broadcast storm occurs when a large number of broadcast packets are received on a port. Forwarding these
packets can cause the network to slow down or to time out. Storm control is configured for the switch as a
whole, but operates on a per-port basis. Storm control is disabled by default.

Prevention of broadcast storms by setting threshold values to high or low discards excessive broadcast,
multicast, or unicast MAC traffic. In addition, configuration of values for rising thresholds on a switch will
shut the port down.

STP problems include broadcast storms, loops, dropped BPDUs and packets. The function of STP is to ensure
that no logic loops occur in a network by designating a root bridge. The root bridge is the central point of a
spanning-tree configuration that controls how the protocol operates.

The location of the root bridge in the extended router and switch network is necessary for effective
troubleshooting. The show commands on both the router and the switch can display root-bridge information. --
-1- Configuration of root bridge timers set parameters for forwarding delay or maximum age for STP
information. -2- Manually configuring a device as a root bridge is another configuration option.

If the extended router and switch network encounters a period of instability, it helps to minimize the STP
processes occurring between devices.
774
Only for individual use – not for distribute on Internet
If it becomes necessary to reduce BPDU traffic, put the timers on the root bridge at their maximum values.
Specifically, set the forward delay parameter to the maximum of 30 seconds,
and set the max_age parameter to the maximum of 40 seconds.

A physical port on a router or switch may be part of more than one spanning tree if it is a trunk.
The Spanning-Tree Protocol (STP) is considered one of the most important Layer 2 protocols on the Catalyst
switches. By preventing logical loops in a bridged network, STP allows Layer 2 redundancy without
generating broadcast storms. Minimize spanning-tree problems by actively developing a baseline study of the
network.

775
Only for individual use – not for distribute on Internet
30.3.4 Troubleshooting VLANs

This page will explain how the show and debug commands can be used to troubleshoot VLANs. Figure -1-
illustrates the most common problems found when troubleshooting VLANs.

To troubleshoot the operation of Fast Ethernet router connections to switches, it is necessary to make sure that
the router interface configuration is complete and correct. Verify that an IP address is not configured on the
Fast Ethernet interface. IP addresses are configured on each subinterface of a VLAN connection. Verify that
the duplex configuration on the router matches that on the appropriate port/interface on the switch.

The show vlan command displays the VLAN information on the switch. Figure -2-, displays the output from
the show vlan command. The display shows the VLAN ID, name, status, and assigned ports.

776
Only for individual use – not for distribute on Internet

The show vlan displays information about that VLAN on the router. The show vlan command followed by the
VLAN number displays specific information about that VLAN on the router. -3-

777
Only for individual use – not for distribute on Internet
Output from the command includes the VLAN ID, router subinterface, and protocol information. -4-

The show spanning-tree command displays the spanning-tree topology known to the router. -5- This
command will show the STP settings used by the router for a spanning-tree bridge in the router and switch
network.

778
Only for individual use – not for distribute on Internet
The first part of the show spanning-tree output lists global spanning-tree configuration parameters, followed
by those that are specific to given interfaces. -6-

Bridge Group 1 is executing the IEEE compatible Spanning-Tree Protocol.

The following lines of output show the current operating parameters of the spanning tree:

Bridge Identifier has priority 32768, address 0008.e32e.e600 Configured hello time 2, Max age 20, forward
delay 15

The following line of output shows that the router is the root of the spanning tree:

We are the root of the spanning tree.

Key information from the show spanning-tree command creates a map of the STP network.

The debug sw-vlan packets command displays general information about VLAN packets received but not
configured to support the router. VLAN packets that the router is configured to route or switch are counted and
indicated when using the show vlans command.

30.3.5 VLAN troubleshooting scenarios


Network administrators can troubleshoot switched networks proficiently after the techniques are learned and
are adapted to the company needs. Experience is the best way to improve these skills.

This page will describe two VLAN troubleshooting scenarios that refer to the most common problems.

Each of these scenarios contains an analysis of the problem to then solving the problem. Using appropriate
779
Only for individual use – not for distribute on Internet
specific commands and gathering meaningful information from the outputs, the progression of the
troubleshooting process can be completed.

When having difficulty with a trunk connection between a switch and a router, be sure to consider the
following possible causes:

Scenario 1: A trunk line cannot be established between a switch and a router


Figure -1- illustrates this scenario:

1. Make sure that the port is connected and not receiving any physical-layer, alignment or frame-check-
sequence (FCS) errors. This can be done with the show interfaces command on the switch.
2. Verify that the duplex and speed are set properly between the switch and the router. This can be done
with the show interface status command on the switch or the show interfaces command on the
router.
3. Configure the physical router interface with one subinterface for each VLAN that will route traffic.
Verify this with the show interfaces IOS command. Also, make sure that each subinterface on the
router has the proper encapsulation type, VLAN number, IP address, and subnet mask configured.
This can be done with the show interfaces or show running-config IOS commands.
4. Confirm that the router is running an IOS release that supports trunking. This can be verified with the
show version command.

Scenario 2: Dropped packets and loops


Figure -2- illustrates this scenario:

Spanning-tree bridges use topology change notification Bridge Protocol Data Unit packets (BPDUs) to
notify other bridges of a change in the spanning-tree topology of the network. The bridge with the lowest
identifier in the network becomes the root. Bridges send these BPDUs any time a port makes a transition to
or from a forwarding state, as long as there are other ports in the same bridge group. These BPDUs migrate
toward the root bridge.

There can be only one root bridge per bridged network. An election process determines the root bridge. The
root determines values for configuration messages, in the BPDUs, and then sets the timers for the other
bridges. Other designated bridges determine the shortest path to the root bridge and are responsible for
780
Only for individual use – not for distribute on Internet
advertising BPDUs to other bridges through designated ports. A bridge should have ports in the blocking
state if there is a physical loop.

Problems can arise for internetworks in which both IEEE and DEC spanning-tree algorithms are used by
bridging nodes. These problems are caused by differences in the way the bridging nodes handle spanning
tree BPDU packets, or hello packets, and in the way they handle data.

In this scenario, Switch A, Switch B, and Switch C are running the IEEE spanning-tree algorithm. Switch D
is inadvertently configured to use the DEC spanning-tree algorithm.

Switch A claims to be the IEEE root and Switch D claims to be the DEC root. Switch B and Switch C
propagate root information on all interfaces for IEEE spanning tree. However, Switch D drops IEEE
spanning-tree information. Similarly, the other routers ignore Router D's claim to be root.

The result is that in none of the bridges believing there is a loop and when a broadcast packet is sent on the
network, a broadcast storm results over the entire internetwork. This broadcast storm will include Switches
X and Y, and beyond.

To resolve this problem, reconfigure Switch D for IEEE. Although a configuration change is necessary, it
might not be sufficient to reestablish connectivity. There will be a reconvergence delay as devices exchange
BPDUs and recompute a spanning tree for the network

30.3.6 Summary

This page summarizes the topics discussed in this module.

A VLAN is a group of network services not restricted to a physical segment or LAN switch. Configuration or
reconfiguration of VLANs is done through software which makes it unnecessary to physically connect or move
cables and equipment. VLANs address scalability, security, and network management. Routers in VLAN
topologies provide broadcast filtering, security, and traffic flow management. Traffic should only be routed
between VLANs. Switches may not bridge any traffic as this would violate the integrity of the VLAN
broadcast domain.

781
Only for individual use – not for distribute on Internet
The primary benefit of VLANs is that they permit the network administrator to organize the LAN logically
instead of physically. This includes the ability to move workstations on the LAN, add workstations to the
LAN, change the LAN configuration, control network traffic, and improve security.

A VLAN is a broadcast domain created by one or more switches. VLANs are used to create broadcast domains
in order to improve the overall performance of the network. Implementing VLANs on a switch causes the
switch to maintain a separate bridging table for each VLAN. If the frame comes in on a port in VLAN 1, the
switch searches the bridging table for VLAN 1. When the frame is received, the switch adds the source address
to the bridging table if it is currently unknown. The switch then checks the destination so a forwarding decision
can be made. For learning and forwarding the search is made against the address table for that VLAN only.

There are three basic VLAN memberships for determining and controlling how a packet gets assigned., They
include port-based VLANs, MAC address based VLANs, and protocol based VLANs.

Inter-Switch Link (ISL) is a method of frame tagging that is quickly being replaced by being replaced by
802.1Q frame tagging. Packet tagging provides a mechanism for controlling the flow of broadcasts and
applications while not interfering with the network and applications.

Each VLAN must have a unique Layer 3 network address assigned. This enables routers to switch packets
between VLANs. VLANs can exist either as end-to-end networks or they can exist inside of geographic
boundaries.

An end-to-end VLAN network groups users into VLANs based on group or job function. All users in a VLAN
should have the same 80/20 traffic flow patterns. VLAN membership does not change for a user as they
physically move locations. Each VLAN has a common set of security requirements for all members.

Static VLANs are ports on a switch that are manually assigned to a VLAN by using a VLAN management
application or by working directly within the switch. These ports maintain their assigned VLAN configuration
until they are changed manually. Dynamic VLANs do not rely on ports assigned to a specific VLAN. Use the
show vlan, show vlan brief, or show vlan idid_number commands to verify VLAN configuration.

A systematic approach is used for troubleshooting issues on a VLAN. To isolate a problem, check the physical
indications, such as LED status. Start with a single configuration on a switch and work outward. Check the
Layer 1 link then check the Layer 2 link. Troubleshoot VLANs that span several switches. Some recurring
problems are due to growth in demand for services by workstation ports outpacing the configuration, trunking,
or capacity to access server resources.

782
Only for individual use – not for distribute on Internet
31 MODULE 9

Overview

Early VLANs were difficult to implement across networks. Each VLAN was manually configured on each
switch. VLAN management over an extended network was a complicated task. To further complicate matters,
each switch manufacturer had different VLAN capability methods. VLAN trunking was developed to solve
these problems.

VLAN trunking allows many VLANs to be defined throughout an organization by the addition of special tags
to frames that identify the VLAN to which they belong. This tagging allows many VLANs to be carried
throughout a large switched network over a common backbone, or trunk. VLAN trunking is standards-based,
with the IEEE 802.1Q trunking protocol now widely implemented. Inter-Switch Link (ISL) is a Cisco
proprietary trunking protocol that can be implemented in all Cisco networks.

The manual configuration and maintenance of VLAN Trunking Protocol (VTP) on numerous switches can be a
challenge. A key benefit of VTP is the automation of many VLAN configuration tasks after VTP is configured
on a network.

This module explains 1 implementation in a switched network.

VLAN technology provides network administrators with many advantages. Among other things, VLANs help
control Layer 3 broadcasts, improve network security, and can help to logically group network users. However,
VLANs have an important limitation. They operate at Layer 2 which means that devices on different VLANs
cannot communicate without the use of routers and network layer addresses.

This module covers some of the objectives for the CCNA 640-801 and ICND 640-811 exams.

Students who complete this module should be able to perform the following tasks:

 Explain the origins and functions of VLAN trunking


 Describe how trunking enables the implementation of VLANs in a large network
 Define IEEE 802.1Q
 Define Cisco ISL
 Configure and verify a VLAN trunk
 Define VTP
 Explain why VTP was developed
 Describe the contents of VTP messages
 List and define the three VTP modes
 Configure and verify VTP on an IOS-based switch
 Explain why routers are necessary for inter-VLAN communication
 Explain the difference between physical and logical interfaces
 Define subinterfaces
 Configure inter-VLAN routing with subinterfaces on a router port

783
Only for individual use – not for distribute on Internet
31.1 Trunking

31.1.1 History of trunking

This page will explain the evolution of trunking. The history of trunking goes back to the origins of radio and
telephony technologies. In radio technology, a trunk is a single communications line that carries multiple
channels of radio signals.

In the telephony industry, the trunking concept is associated with the telephone communication path or channel
between two points. One of these two points is usually the Central Office (CO). -1- Shared trunks may also be
created for redundancy between COs. -2-

The concept used by the telephone and radio industries was then adopted for data communications. An
example of this in a communications network is a backbone link between an MDF and an IDF. A backbone is
composed of several trunks.

Currently, the same principle of trunking is applied to network switching technologies. A trunk is a physical
and logical connection between two switches across which network traffic travels. -3-

784
Only for individual use – not for distribute on Internet

31.1.2 Trunking concepts

This page will explain how trunks are used in a switched VLAN environment. As mentioned before, a trunk is
a physical and logical connection between two switches across which network traffic travels. It is a single
transmission channel between two points. The two points are usually switching centers.

In a switched network, a trunk is a point-to-point link that supports several VLANs. The purpose of a trunk is
to conserve ports when a link between two devices that implement VLANs is created. Figure -1- illustrates two
VLANs shared across switches Sa and Sb. Each switch uses two physical links so that each port carries traffic
for a single VLAN. This is a simple way to implement inter-switch VLAN communication, but it does not
scale well.

The addition of a third VLAN would require the use of two more ports, one on each connected switch. This
design is also inefficient in terms of load sharing. In addition, the traffic on some VLANs may not justify a
dedicated link. Trunking bundles multiple virtual links over one physical link. This allows the traffic of several
VLANs to travel over a single cable between the switches. -2-

A comparison for trunking is like a highway distributor. -3- The roads with different start and end points share
a main national highway for a few kilometers then divide again to reach their particular destinations. This
method is more cost effective than the construction of an entire road from start to end for every known or new
destination.

785
Only for individual use – not for distribute on Internet

31.1.3 Trunking operation

This page will explain how trunks manage frame transmissions between VLANs.

The switching tables at both ends of the trunk can be used to make forwarding decisions based on the
destination MAC addresses of the frames. As the number of VLANs that travel across the trunk increase, the
forwarding decisions become slower and more difficult to manage. The decision process becomes slower
because the larger switching tables take longer to process.

Trunking protocols were developed to effectively manage the transfer of frames from different VLANs on a
single physical line. The trunking protocols establish agreement for the distribution of frames to the associated
ports at both ends of the trunk.

The two types of trunking mechanisms that exist are frame filtering and frame tagging. Frame tagging has been
adopted as the standard trunking mechanism by the IEEE.

786
Only for individual use – not for distribute on Internet

Trunking protocols that use frame tagging achieve faster delivery of frames and make management easier.

The unique physical link between the two switches is able to carry traffic for any VLAN. In order to achieve
this, each frame sent on the link is tagged to identify which VLAN it belongs to. Different tagging schemes
exist. The two most common tagging schemes for Ethernet segments are ISL and 802.1Q:

 ISL – A Cisco proprietary protocol


 802.1Q – An IEEE standard that is the focus of this section

The Interactive Media Activity will help students understand how trunk links reduce the need for physical
interfaces on a switch.

787
Only for individual use – not for distribute on Internet
31.1.4 VLANs and Trunking

Specific protocols, or rules, are used to implement trunking. Trunking provides an effective method to
distribute VLAN ID information to other switches.

The two standard trunking mechanisms are frame tagging and frame filtering. This page will explain how
frame tagging can be used to provide a more scalable solution to VLAN deployment. The IEEE 802.1Q
standard specifies frame tagging as the method to implement VLANs.

VLAN frame tagging was specifically developed for switched communications. Frame tagging places a unique
identifier in the header of each frame as it is forwarded throughout the network backbone. The identifier is
understood and examined by each switch before any broadcasts or transmissions are made to other switches,
routers, or end stations. When the frame exits the network backbone, the switch removes the identifier before
the frame is transmitted to the target end station. Frame tagging functions at Layer 2 and does not require much
network resources or administrative overhead.

It is important to understand that a trunk link does not belong to a specific VLAN. A trunk link is a conduit for
VLANs between switches and routers.

ISL is a protocol that maintains VLAN information as traffic flows between the switches. With ISL, an
Ethernet frame is encapsulated with a header that contains a VLAN ID.

788
Only for individual use – not for distribute on Internet
31.1.5 Trunking implementation

This page will teach students how to create and configure a VLAN trunk on a Cisco IOS command-based
switch. First configure the port as a trunk and then use the commands shown in Figure to specify the trunk
encapsulation.

Verify that trunking has been configured and verify the settings with the show interfacesFa0/port_num or
show interfacestrunk commands from Privileged EXEC mode of the switch.

The Lab Activities will teach students how to create trunk links between two switches and allow
communication between paired VLANs.

This page concludes this lesson. The next lesson will discuss VTP. The first page will provide a history and
overview of VTP.

31.2 VTP

31.2.1 History of VTP

This page will introduce the VLAN Trunking Protocol ( VTP ).

VLAN Trunking Protocol (VTP) was created by Cisco to solve operational problems in a switched network
with VLANs. It is a Cisco proprietary protocol.

Consider the example of a domain with several interconnected switches that support several VLANs. A
domain is a logical group of users and resources under the control of one server, called the primary domain
controller (PDC). To maintain connectivity within VLANs, each VLAN must be manually configured on each
switch. As the organization grows and additional switches are added to the network, each new switch must be
manually configured with VLAN information. A single incorrect VLAN assignment could cause two potential
problems:
789
Only for individual use – not for distribute on Internet
 Cross-connected VLANs due to VLAN configuration inconsistencies
 VLAN misconfiguration across mixed media environments such as Ethernet and Fiber Distributed Data
Interface (FDDI)

With VTP, VLAN configuration is consistently maintained across a common administrative domain.
Additionally, VTP reduces management and monitoring complexities of networks with VLANs benefits

VTP benefits

31.2.2 VTP concepts

This page will explain how VTP is used in a network.

The role of VTP is to maintain VLAN configuration consistency across a common network administration
domain. VTP is a messaging protocol that uses Layer 2 trunk frames to add, delete, and rename VLANs on a
single domain. VTP also allows for centralized changes that are communicated to all other switches in the
network.

VTP messages are encapsulated in either ISL or IEEE 802.1Q protocol frames, and passed across trunk links to
other devices. In IEEE 802.1Q frames, a 4-byte field is used to tag the frame.

While switch ports are normally assigned to only a single VLAN, trunk ports by default carry frames from all
VLANs.

31.2.3 VTP operation

This page will explain how VTP messages are transmitted. Students will also learn about the three VTP switch
modes.

A VTP domain is made up of one or more interconnected devices that share the same VTP domain name. A
switch can be in one VTP domain only.
790
Only for individual use – not for distribute on Internet
When transmitting VTP messages to other switches in the network, the VTP message is encapsulated in a
trunking protocol frame such as ISL or IEEE 802.1Q. Figure shows the generic encapsulation for VTP
within an ISL frame. The VTP header varies based on the type of VTP message, but generally, the same four
items are found in all VTP messages:

 VTP protocol version - Either version 1 or 2


 VTP message type - Indicates one of four types of messages
 Management domain name length - Indicates the size of the name that follows
 Management domain name - Name configured for the management domain

VTP switches operate in one of three modes:

 Server
 Client
 Transparent

VTP servers can create, modify, and delete VLAN and VLAN configuration parameters for the entire domain.
VTP servers save VLAN configuration information in the switch NVRAM. VTP servers send VTP messages
out to all trunk ports.

VTP clients cannot create, modify, or delete VLAN information. This mode is useful for switches that lack the
memory to store large tables of VLAN information. The only role of VTP clients is to process VLAN changes
and send VTP messages out all trunk ports.

Switches in VTP transparent mode forward VTP advertisements but ignore information contained in the
message. A transparent switch will not modify its database when updates are received, or send out an update
that indicates a change in its VLAN status. Except for forwarding VTP advertisements, VTP is disabled on a
transparent switch.

VLANs detected within the advertisements serve as notification to the switch that traffic with the newly
defined VLAN IDs may be expected.

791
Only for individual use – not for distribute on Internet
In Figure , Switch C transmits a VTP database entry with additions or deletions to Switch A and Switch B.
The configuration database has a revision number that is incremented by one. A higher configuration revision
number indicates that the VLAN information that is received is more current then the stored copy. Any time a
switch receives an update that has a higher configuration revision number, the switch overwrites the stored
information with the new information sent in the VTP update. Switch F will not process the update because it
is in a different domain. This overwrite process means that if the VLAN does not exist in the new database, it
is deleted from the switch. In addition, VTP maintains its own configuration in NVRAM. The erase startup-
configuration command clears the configuration in the NVRAM, but not the VTP database revision number.
To set the configuration revision number back to zero, the switch must be rebooted.

By default, management domains are set to a nonsecure mode. That means that the switches interact without
the use of a password. To automatically set the management domain to secure mode, a password can be added.
The same password must be configured on every switch in the management domain to use secure mode

31.2.4 VTP implementation

This page will describe the two types of VTP advertisements and the three types of VTP messages.

With VTP, each switch advertises on its trunk ports its management domain, configuration revision number,
the VLANs that it knows about, and certain parameters for each known VLAN. These advertisement frames
are sent to a multicast address so that all neighbor devices can receive the frames. However, the frames are not
forwarded by normal bridging procedures. All devices in the same management domain learn about any new
VLANs configured in the transmitting device. A new VLAN must be created and configured on one device
only in the management domain. All the other devices in the same management domain automatically learn the
information.

Advertisements on factory-default VLANs are based on media types. User ports should not be configured as
VTP trunks.

792
Only for individual use – not for distribute on Internet
Each advertisement starts as configuration revision number 0. As changes are made, the configuration revision
number is increased incrementally by one, or n + 1. The revision number continues to increment until it
reaches 2,147,483,648. When it reaches that point, the counter will reset back to zero.

There are two ( 2 ) types of VTP advertisements:

 Requests from clients that want information at bootup


 Response from servers

There are three ( 3 ) types of VTP messages:

 Advertisement requests
 Summary advertisements
 Subset advertisements

With advertisement requests, clients request VLAN information and the server responds with summary and
subset advertisements.

By default, server and client Catalyst switches issue summary advertisements every five minutes. Servers
inform neighbor switches what they believe to be the current VTP revision number. If the domain names
match, the server or client compares the configuration revision number that it received. If the switch receives a
revision number that is higher than the current revision number in that switch, it issues an advertisement
request for new VLAN information.

793
Only for individual use – not for distribute on Internet

Subset advertisements contain detailed information about VLANs such as VTP version type, domain name and
related fields, and the configuration revision number. Certain actions can trigger subset advertisements:

 VLAN creation or deletion


 VLAN suspension or activation
 VLAN name change
 VLAN maximum transmission unit (MTU) change

Advertisements can contain some or all of the following information:

 Management domain name - Advertisements with different names are ignored.


 Configuration revision number - The higher number indicates a more recent configuration.
 Message Digest 5 (MD5) - MD5 is the key that is sent with the VTP when a password has been
assigned. If the key does not match, the update is ignored.
 Updater identity - The updater identity is the identity of the switch that sends the VTP summary
advertisement.

794
Only for individual use – not for distribute on Internet
31.2.5 VTP configuration

This page will teach students how to configure VTP.

Specific steps must be considered before VTP and VLANs are configured on the network:

1. Determine the version number of VTP that will be utilized.


2. Decide if the switch will be a member of a management domain that already exists, or if a new domain
should be created. If a management domain exists, determine the name and password of the domain.
3. Choose a VTP mode for the switch.

Two different versions of VTP are available, Version 1 and Version 2. The two versions are not interoperable.
If a switch is configured in a domain for VTP Version 2, all switches in the management domain must be
configured for VTP Version 2. VTP Version 1 is the default. VTP version 2 can be implemented if the features
required are not in version 1. The most common feature that is needed is Token Ring VLAN support.

To configure the VTP version on a Cisco IOS command-based switch, first enter VLAN database mode.

The following command can be used to enter VLAN database mode and configure the VTP version number.

Switch#vlan database
Switch(vlan)#vtp v2-mode

If the switch is the first switch in the network, the management domain should be created. If the management
domain has been secured, configure a password for the domain.

The following command can be used to create the management domain.

Switch(vlan)#vtp domain cisco

The domain name can be between 1 and 32 characters in length. The password must be between 8 and 64
characters long.
795
Only for individual use – not for distribute on Internet
To add a VTP client to a VTP domain that already exists, verify that its VTP configuration revision number is
lower than the configuration revision number of the other switches in the VTP domain. Use the show vtp
status command. Switches in a VTP domain always use the VLAN configuration of the switch with the
highest VTP configuration revision number. If a switch is added with a higher revision number than what is
currently in the VTP domain, it can erase all VLAN information from the VTP server and VTP domain.

Choose one of the three available VTP modes for the switch. If this is the first switch in the management
domain and additional switches will be added, set the mode to server. The additional switches will be able to
learn VLAN information from this switch. There should be at least one server.

VLANs can be created, deleted, and renamed at will without the switch propagating changes to other switches.
VLANs can overlap if several people configure devices within a network. For example, the same VLAN ID
can be used for VLANs with dissimilar purposes.

The following command can be used to set the correct mode of the switch:

Switch(vlan)#vtp {client | server | transparent}

Figure shows the output of the show vtp status command. This command is used to verify VTP
configuration settings on a Cisco IOS command-based switch.

796
Only for individual use – not for distribute on Internet
Figure shows an example of the show vtp counters command. This command is used to display statistics
about advertisements sent and received on the switch. The Lab Activities will allow students to practice VTP
client and server configurations.

31.3 Inter-VLAN Routing Overview

31.3.1 VLAN basics

This page will review what a VLAN is and how it is used. A VLAN is a logical grouping of devices or users
that can be grouped by function, department, or application regardless of their physical location.

797
Only for individual use – not for distribute on Internet
VLANs are configured at the switch through software. The number of competing VLAN implementations can
require the use of proprietary software from the switch vendor. Grouping ports and users into communities of
interest, referred to as VLAN organizations, may be accomplished by the use of a single switch or more
powerfully among connected switches within the enterprise. By grouping the ports and users together across
multiple switches, VLANs can span single building infrastructures or interconnected buildings. VLANs assist
in the effective use of bandwidth as they share the same broadcast domain or Layer 3 network. VLANs
optimize use of bandwidth. VLANs contend for the same bandwidth although the bandwidth requirements may
vary greatly by workgroup or department. The following are some VLAN configuration issues:

 A switch creates a broadcast domain


 VLANs help manage broadcast domains
 VLANs can be defined on port groups, users or protocols
 LAN switches and network management software provide a mechanism to create VLANs

798
Only for individual use – not for distribute on Internet
VLANs help control the size of broadcast domains and localize traffic. VLANs are associated with individual
networks. Therefore, network devices in different VLANs cannot directly communicate without the
intervention of a Layer 3 routing device.

When a node in one VLAN needs to communicate with a node in another VLAN, a router is necessary to route
the traffic between VLANs. Without the routing device, inter-VLAN traffic would not be possible.

31.3.2 Introducing inter-VLAN routing

This page will explain how routers operate between VLANs.

When a host in one broadcast domain wishes to communicate with a host in another broadcast domain, a router
must be involved.

Port 1 on a switch is part of VLAN 1, and port 2 is part of VLAN 200. If all of the switch ports were part of
VLAN 1, the hosts connected to these ports could communicate. In this case however, the ports are part of
different VLANs, VLAN 1 and VLAN 200. A router must be involved if hosts from the different VLANs need
to communicate.

799
Only for individual use – not for distribute on Internet
The most important benefit of routing is its proven history of facilitating networks, particularly large networks.
Although the Internet serves as the obvious example, this point is true for any type of network, such as a large
campus backbone. Because routers prevent broadcast propagation and use more intelligent forwarding
algorithms than bridges and switches, routers provide more efficient use of bandwidth. This simultaneously
results in flexible and optimal path selection. For example, it is very easy to implement load balancing across
multiple paths in most networks when routing. On the other hand, Layer 2 load balancing can be very difficult
to design, implement, and maintain.

If a VLAN spans across multiple devices a trunk is used to interconnect the devices. A trunk carries traffic for
multiple VLANs. For example, a trunk can connect a switch to another switch, a switch to the inter-VLAN
router, or a switch to a server with a special NIC installed that supports trunking.

Remember that when a host on one VLAN wants to communicate with a host on another, a router must be
involved. The Interactive Media Activity will help students understand how packets are routed between
VLANs.

31.3.3 Inter-VLAN issues and solutions

This page will describe some logical and physical connectivity issues that occur between VLANs.

When VLANs are connected together, several technical issues will arise. Two of the most common issues that
arise in a multiple-VLAN environment are:

 The need for end user devices to reach non-local hosts


 The need for hosts on different VLANs to communicate

When a router needs to make a connection to a remote host, it checks its routing table to determine if a known
path exists. If the remote host falls into a subnet that it knows how to reach, then the system checks to see if it
can connect along that interface. If all known paths fail, the system has one last option, the default route. This
route is a special type of gateway route, and it is usually the only one present in the system. On a router, an
asterisk (*) indicates a default route in the output of the show ip route command. For hosts on a local area
network, this gateway is set to whatever machine has a direct connection to the outside world, and it is the
Default Gateway listed in the workstation TCP/IP settings. If the default route is being configured for a router
800
Only for individual use – not for distribute on Internet
which itself is functioning as the gateway to the public Internet, then the default route will point to the gateway
machine at an Internet service provider (ISP) site. Default routes are implemented using the ip route
command.

Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1

In this example, 192.168.1.1 is the gateway. Inter-VLAN connectivity can be achieved through either logical
or physical connectivity.

Logical connectivity involves a single connection, or trunk, from the switch to the router. That trunk can
support multiple VLANs. This topology is called a router on a stick because there is a single connection to the
router. However, there are multiple logical connections between the router and the switch.

Physical connectivity involves a separate physical connection for each VLAN. This means a separate physical
interface for each VLAN.

Early VLAN designs relied on external routers connected to VLAN-capable switches. In this approach,
traditional routers are connected via one or more links to a switched network. The router-on-a-stick designs
employ a single trunk link that connects the router to the rest of the campus network. Inter-VLAN traffic
must cross the Layer 2 backbone to reach the router where it can move between VLANs. Traffic then travels
back to the desired end station using normal Layer 2 forwarding. This out-to-the-router-and-back flow is
characteristic of router-on-a-stick designs.

801
Only for individual use – not for distribute on Internet
31.3.4 Physical and logical interfaces

This page will explain how physical and logical interfaces are added to a network design.

In a traditional situation, a network with four VLANs would require four physical connections between the
switch and the external router.

As technologies such as Inter-Switch Link (ISL) became more common, network designers began to use trunk
links to connect routers to switches. Although any trunking technology such as ISL, 802.1Q, 802.10, or
LAN emulation (LANE) can be used, Ethernet-based approaches such as ISL and 802.1Q are most common.

802
Only for individual use – not for distribute on Internet
The Cisco Proprietary protocol ISL as well as the IEEE multivendor standard 802.1q are used to trunk VLANs
over Fast Ethernet links.

The solid line in the example refers to the single physical link between the Catalyst Switch and the router. This
is the physical interface that connects the router to the switch.

As the number of VLANs increases on a network, the physical approach of having one router interface per
VLAN quickly becomes unscalable. Networks with many VLANs must use VLAN trunking to assign multiple
VLANs to a single router interface.

The dashed lines in the example refer to the multiple logical links running over this physical link using
subinterfaces. The router can support many logical interfaces on individual physical links. For example, the
Fast Ethernet interface FastEthernet 1/0 might support three virtual interfaces numbered FastEthernet 1/0.1,
1/0.2 and 1/0.3.

The primary advantage of using a trunk link is a reduction in the number of router and switch ports used. Not
only can this save money, it can also reduce configuration complexity. Consequently, the trunk-connected
router approach can scale to a much larger number of VLANs than a one-link-per-VLAN design.

31.3.5 Dividing physical interfaces into subinterfaces

This page will introduce subinterfaces.

A subinterface is a logical interface within a physical interface, such as the Fast Ethernet interface on a router.

Multiple subinterfaces can exist on a single physical interface.

Each subinterface supports one VLAN, and is assigned one IP address. In order for multiple devices on the
same VLAN to communicate, the IP addresses of all meshed subinterfaces must be on the same network or
subnetwork. For example, if subinterface FastEthernet 0/0.1 has an IP address of 192.168.1.1 then 192.168.1.2,
192.168.1.3, and 192.1.1.4 are the IP addresses of devices attached to subinterface FastEthernet 0/0.1.

803
Only for individual use – not for distribute on Internet
In order to route between VLANs with subinterfaces, a subinterface must be created for each VLAN.

The next page will discuss the commands that are used to create a subinterface and apply a trunking protocol
and an IP address to it.

804
Only for individual use – not for distribute on Internet
31.3.6 Configuring inter-VLAN routing

This page will demonstrate the commands that are used to configure inter-VLAN routing between a router and
a switch.

This section demonstrates the commands necessary to configure inter-VLAN routing between a router and a
switch. Before any of these commands are implemented, each router and switch should be checked to see
which VLAN encapsulations they support. Catalyst 2950 switches have supported 802.1q trunking since the
release of Cisco IOS release 12.0(5.2)WC(1), but they do not support Inter-Switch Link (ISL) trunking. In
order for inter-VLAN routing to work properly, all of the routers and switches involved must support the same
encapsulation.

On a router, an interface can be logically divided into multiple, virtual subinterfaces. Subinterfaces provide a
flexible solution for routing multiple data streams through a single physical interface.
To define subinterfaces on a physical interface, perform the following tasks:

 Identify the interface.


 Define the VLAN encapsulation.
 Assign an IP address to the interface.

To identify the interface, use the interface command in global configuration mode.

Router(config)#interface fastethernetport-number subinterface-number

The port-number identifies the physical interface, and the subinterface-number identifies the virtual interface.

805
Only for individual use – not for distribute on Internet
The router must be able to talk to the switch using a standardized trunking protocol. This means that both
devices that are connected together must understand each other. In the example, 802.1Q is used. To define the
VLAN encapsulation, enter the encapsulation command in interface configuration mode.

Router(config-subif)#encapsulation dot1q vlan-number

The vlan-number identifies the VLAN for which the subinterface will carry traffic. A VLAN ID is added to the
frame only when the frame is destined for a nonlocal network. Each VLAN packet carries the VLAN ID within
the packet header.

To assign the IP address to the interface, enter the following command in interface configuration mode.

Router(config-subif)#ip address ip-address subnet-mask

The ip-address and subnet-mask are the 32-bit network address and mask of the specific interface.

In the example, the router has three subinterfaces configured on Fast Ethernet interface 0/0. These three
interfaces are identified as 0/0.1, 0/0.2, and 0/0.3. All interfaces are encapsulated for 802.1Q. Interface 0/0.1 is
routing packets for VLAN 1, whereas interface 0/0.2 is routing packets for VLAN 20 and 0/0.3 is routing
packets for VLAN 30. In the Lab Activities, students will learn to configure inter-VLAN routing between a
router and a switch.

Router(config)#interface fastethernet 0/0


Router(config-if)#no shutdown
Router(config)#interface fastethernet 0/0 .2
Router(config-subif)#encapsulation dot1q 2
Router(config-subif)#ip address 192.168.2.1 255.255.255.0
Router(config)#interface fastethernet 0/0 .3
Router(config-subif)#encapsulation dot1q 3
Router(config-subif)#ip address 192.168.3.1 255.255.255.0

806
Only for individual use – not for distribute on Internet

VLAN trunking mode ( five - 5 mode )

Mode Function DTP Frames Final State


Transmitted (Local Port)
Makes the port willing to convert the link to a
AUTO (default) Yes, periodic. Trunking
trunk. The port becomes a trunk port if the
neighboring port is set to on or desirable mode.
ON Puts the port into permanent trunking mode and Yes, periodic. Trunking,
negotiates to convert the link into a trunk. The unconditionally.
port becomes a trunk port even if the neighboring
port does not agree to the change.
NONEGOTIATE Puts the port into permanent trunking mode but Yes, periodic. Trunking,
prevents the port from generating DTP frames. unconditionally.
You must configure the neighboring port
manually as a trunk port to establish a trunk
link. This is useful for devices that do not support
DTP.
DESIRABLE Makes the port actively attempt to convert the Yes, periodic. It will end up in
link to a trunk link. The port becomes a trunk trunking state only
port if the neighboring port is Set to on desirable if the remote mode
or auto mode. is on, auto, or
desirable.
OFF Puts the port into No in steady Non-trunking
state,

A trunk port can be configured as one of the following 5 different modes:


on, off, desirable, auto, or nonegotiate.

9.3.8 Summary

This page summarizes the topics discussed in this module.

A trunk is a physical and logical connection between two switches across which network traffic travels. The
concept of trunking goes back to the origins of radio and telephony technologies. In the context of a VLAN
switching environment, a trunk is a point-to-point link that supports several VLANs.

The purpose of a trunk is to conserve ports when creating a link between two devices implementing VLANs.
Trunking will bundle multiple virtual links over one physical link by allowing the traffic for several VLANs to
travel over a single cable between the switches.

Switching tables at both ends of the trunk can be used to make port forwarding decisions based on frame
destination MAC addresses. This process slows as the number of VLANs traveling across the trunk increases.
To effectively manage the transfer of frames from different VLANs on a single physical line trunking
protocols were developed. The trunking protocols establish agreement for the distribution of frames to the
associated ports at both ends of the trunk.

There are two types of trunking mechanisms, fame filtering and frame tagging. Trunking protocols that use a
frame tagging mechanism assign an identifier to the frames. This provides better management and faster
delivery. Frame tagging functions at Layer 2 and requires little processing or administrative overhead. ISL, the
Cisco proprietary Inter-Switch Link protocol and 802-1Q, the IEEE standard are the most common tagging
schemes for Ethernet segments.

807
Only for individual use – not for distribute on Internet
Before trunking can be implemented, determine what encapsulation the port can support by using the show
port capabilities command. To verify that trunking has been configured use the show trunk
[mod_num/port_num ] command from Privileged mode on the switch.

VLAN Trunking Protocol (VTP) was created to solve operational problems in a switched network with
VLANs. The two most common problems include cross-connected VLANs caused by configuration
inconsistencies and misconfiguration across mixed media environments.

With VTP, VLAN configuration is consistently maintained across a common administrative domain. A VTP
domain is made up of one or more interconnected devices that share the same VTP domain name. A switch can
be in one VTP domain only. When transmitting VTP messages to other switches in the network, the VTP
message is encapsulated in a trunking protocol frame such as ISL or IEEE 802.1Q. VTP switches operate in
one of three modes. They include server which can create, modify, and delete VLAN and VLAN configuration
parameters for the entire domain, client which processes VLAN changes and sends VTP messages out all trunk
ports, and transparent which forwards VTP advertisements but ignores information contained in the message.

With VTP, each switch advertises on its trunk ports, its management domain, configuration revision number,
the VLANs that it knows about, and certain parameters for each known VLAN.

There are two types of VTP advertisements; client requests and server responses. They generate three types of
VTP messages including an advertisement request, summary advertisement, and a subset advertisement. With
advertisement requests, clients request VLAN information and the server responds with summary and subset
advertisements. By default, server and client Catalyst switches issue summary advertisements every five
minutes. Servers inform neighbor switches what they believe to be the current VTP revision number. That
number is compared and if there are differences, requests new VLAN information. Subset advertisements
contain detailed information about VLANs such as VTP version type, domain name and related fields, and the
configuration revision number.

Before configuring VTP and VLAN on a network, determine the version number of VTP, if anew domain
should be created, and the VTP mode. There should be at least one server. To set the correct mode of the Cisco
IOS command-based switch, use the Switch(vlan)#vtp {client | server | transparent} command.

Use the show vtp status command to verify the VTP configuration revision number is lower than the
configuration revision number on the other switches in the VTP domain before adding a client.

When a host in one broadcast domain wishes to communicate with a host in another broadcast domain, a router
must be involved. On a router, an interface can be logically divided into multiple, virtual subinterfaces.
Subinterfaces provide a flexible solution for routing multiple data streams through a single physical interface.

808
Only for individual use – not for distribute on Internet
BASIC KONFIGURACIJA SWITCH-a

switch#show running-config ( prikaz trenutne konfiguracije )


switch#show startup-config ( prikaz startne konfiguracije )
switch#configure terminal ( ulaz u global config mode )
switch (config)#hostname SW1 ( postavljanje imena switcha SW1 )
SW1#exit

SW1#configure terminal ( ulaz u global config mode )

SW1(config)#line console 0 ( ulaz u config mode console )


SW1(config-line)#line console 0 ( ulaz u config mode console )
SW1(config-line)#password cisco ( postavljanje passw. cisco za ulaz preko console )
SW1(config-line)#login ( prihvaćanje passw. cisco za ulaz preko console )

SW1(config-line)#line vty 0 15 ( ulaz u config mode vty - telnet )


SW1(config-line)#password cisco ( postavljanje passw. cisco za ulaz preko telneta )
SW1(config-line)#login ( prihvaćanje passw. cisco za ulaz preko telneta )

SW1(config-line)#exit ( prelaz iz line config moda u global config mode )

SW1(config)#enable password cisco ( aktiviranje passworda cisco na switchu )


SW1(config)#enable secret class ( aktiviranje enkripcije passworda class na switchu )

SW1(config)#interface vlan 1 ( ulazak u config mode interface VLAN1 )


SW1(config-if)#ip address 192.168.1.2 255.255.255.0 ( postavljanje IP adrese za VLAN1 )
SW1(config-if)#exit

SW1(config)#ip default-gateway 192.168.1.1 ( postavljanje default gateway-a za VLAN1 )


SW1(config-if)#exit

SW1#show interface vlan 1 (prikaz interfacea u VLAN 1 )


SW1#copy running-config startup-config (spremanje trenutne konfiguracije u NVRAM )
SW1#show running-config (prikaz trenutne konfiguracije )

809
Only for individual use – not for distribute on Internet
MANAGING THE STARTUP CONFIGURATION FILE

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )

Switch#show flash ( prikazuje FLASH na switchu )


Switch#show startup-config ( prikazuje startnu konfiguraciju na switchu )

Switch#copy running-config startup-config ( kopira trenutno pokrenutu konfiguraciju u NVRAM za startnu


konfiguraciju na switchu )

Switch#copy startup-config tftp ( kopira STARTUP configuration file na TFTP server )


Address or name of remote host[]?192.168.1.3 ( IP adresa TFTP servera )
Destination file name[switch-config]?switch-config + ENTER ( upis naziva file [destination] koji snimamo
na TFTP server )

Switch#copy tftp startup-config ( kopira STARTUP configuration file SA TFTP servera )


Address or name of remote host[]?192.168.1.3 ( IP adresa TFTP servera )
Source file name[]?tftp ( izvor odakle uzimamo file )
Destination file name[]?switch-config + Enter (naziv file za destinaciju )

Switch#show startup-config ( prikazuje startnu konfiguraciju na switchu )

810
Only for individual use – not for distribute on Internet
CHANGE PLACE or ADD NEW SWITCH
Host1 C:\> ping 192.168.1.2
Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )

Switch#show mac-address-table ( prikazuje MAC address table )

Switch#configure terminal ( ulazak u global config mode )


Switch(config)#mac-address-table static 00e0.2917.1884 vlan 1 interface fastethernet 0/4 ( postavljanje
statičke MAC adrese na fastethernetu 0/4 u VLAN-u 1 )
Switch#exit

Switch#show mac-address-table
Switch#show running-config

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode FA 0/4 )
Switch(config-if)#switchport port-security ( AKTIVIRA port security )
Switch(config-if)#exit
Switch(config)#exit

Switch#show mac-address-table
Switch#clear mac-address-table

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode FA 0/4 )
Switch(config-if)#switchport port-security maximum 1 ( postavlja port security na MAX MAC COUNT 1 )
Switch(config-if)#exit
Switch(config)#exit
Switch#show mac-address-table
Switch#clear mac-address-table
Switch#show mac-address-table

Switch#configure terminal
Switch(config)#interface fastethernet 0/4
Switch(config-if)#no switchport port-security ( DEAKTIVIRA port security )
Switch(config-if)#exit
Switch(config)#interface fastethernet 0/8 ( ulazak u config mode FA 0/8 )
Switch(config-if)#switchport port-security maximum 1 ( postavlja port security na MAX MAC COUNT 1 )
Switch(config-if)#exit
Switch(config)#exit

Switch#show mac-address-table
Switch#clear mac-address-table
Switch#show mac-address-table

811
Only for individual use – not for distribute on Internet
CONFIGURE PORT SECURITY

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )

Switch#show mac-address-table ( prikazuje MAC address table )

Switch#configure terminal ( ulazak u global config mode )


Switch(config)#mac-address-table static 00e0.2917.1884 vlan 1 interface fastethernet 0/4 ( postavljanje
statičke MAC adrese na fastethernetu 0/4 u VLAN-u 1 )
Switch#exit

Switch#show mac-address-table
Switch#show running-config

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode FA 0/4 )
Switch(config-if)#switchport mode access ( set port to access mode )
Switch(config-if)#switchport port-security ( AKTIVIRA port security )
Switch(config-if)#switchport port-security maximum 1 ( postavlja port security na MAX MAC COUNT 1 )
Switch(config-if)#switchport port-security violation shutdown ( deaktiviranje porta u slučaju neovlaštenog
pristupa, preko dotičnog porta )
Switch(config-if)#exit
Switch(config)#exit

Switch#show interface fastethernet 0/4

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode FA 0/4 )
Switch(config-if)#no shutdown ( aktivira port fa 0/4 )

812
Only for individual use – not for distribute on Internet
MANAGING THE SWITCH
OPERATING SISTEM FILE
IOS

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )
Switch#show flash ( prikazuje FLASH na switchu )

Switch#copy flash tftp ( kopira FLASH na TFTP server )


Source file name[]?c2950-c3h2s-mz-120-5.3.wc.1.bin ( upis naziva file [source] koji će biti snimljen na tftp
server )
Address or name of remote host[]?192.168.1.3 ( IP adresa TFTP servera )
Destination file name[]?c2950-c3h2s-mz-120-5.3.wc.1.bin ( upis naziva file [destination] koji je snimljen na
tftp server )
…………………………..nakon toga pojavljuju se svi uskličnici !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Switch#copy tftp flash tftp ( kopira FLASH SA TFTP servera na switch )


Source file name[]?c2950-c3h2s-mz-120-5.3.wc.1.bin ( upis naziva file [source] koji će biti snimljen sa
servera na switch )
Address or name of remote host[]?192.168.1.3 ( IP adresa TFTP servera )
Destination file name[]?c2950-c3h2s-mz-120-5.3.wc.1.bin ( upis naziva file [destination] koji je snimljen na
switch )
Do you want the overwrite ? [confirm] ENTER
…………………………..nakon toga pojavljuju se svi uskličnici !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Switch#show version ( prikazuje trenutnu verziju IOS-a )

813
Only for individual use – not for distribute on Internet
PASSWORD RECOVERY PROCEDURE
ON a 2900 SERIE SWITCH

Pristup isključivo preko Console konekcije

Host1 C:\> ping 192.168.1.2


To regain access to the switch, you need to do password recovery. Start by connecting to do console port with
a PC.
When all hardware is ready, turn OFF power to the switch.
Turn the power BACK ON, while holding down the mode button. Release the MODE button when the LED
over port 1 goes out.
( Uključite ponovno switch ali držeći tipku MODE pritisnutu. Kada se LED dioda na portu 1 ugasi onda pustite
MODE tipku ).

Host1 C:\> NEXT.


Host1 C:\>flash_init ( naredba za početak procedure vraćanja passworda )
Host1 C:\>load_helper ( učitavanje pomoći )
Host1 C:\>dir flash: ( očitavanje sastava direktorija Flash )
Switch>rename flash:config.text flash:config.old ( preimenovanje datoteke config.text u config.old
Switch>boot ( rebootanje switcha )
……………….nakon restarta switcha pojavljuje se puno #################### i naziv BIN datoteke.
Pred kraj podizanja switcha pojavljuje se pitanje:
Continue with configuration dialog? [yes/no] N ( upišite N za NO )

Switch>rename flash:config.old flash:config.text ( preimenovanje datoteke config.old u config.text

Switch>enable ( ulaz u EXEC mode )

Switch#copy flash:config.text system:running-config ( kopiranje config.text u trenutno pokrenutu


konfiguraciju running-config )

Destination file name [running-config]?running-config ili ENTER ( destinacijski file )

Switch#configure terminal ( ulaz u global configuration mode )

Switch(config)#no enable secret ( brisanje lozinke koja je bila upisana kao SECRET )

Switch(config)#enable password cisco ( postavljanje nove lozinke cisco)


Switch(config)#enable secret class ( postavljanje nove lozinke console line)

Switch(config)#line console 0 ( ulaz u config mode za console konektiranje PC-to_switch )


Switch(config-line)#password cisco ( postavljanje passworda cisco )
Switch(config-line)#exit
Switch(config)#line vty 0 15 ( ulaz u config mode za TELNET konektiranje )
Switch(config-line)#password cisco ( postavljanje passworda cisco )
Switch(config-line)#exit
Switch(config)#exit
Switch#copy running-config startup-config ( spremanje trenutno pokrenute konfiguracije u NVRAM )

814
Only for individual use – not for distribute on Internet

815
Only for individual use – not for distribute on Internet
SELECTING THE ROOT BRIDGE
SWITCH

Root Bridge je trenutno Switch_A. Treba promijeniti da Switch_B bude Root Bridge

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch_A#enable
Switch_A#class ( password )
Switch_A#show interface vlan 1 ( prikaz tablice VLAN 1 )

Switch_B#enable
Switch_B#class ( password )
Switch_B#show interface vlan 1 ( prikaz tablice VLAN 1 )

Switch_A#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID )

Postavljanje Switch_B za Root Bridge


Switch_B#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID )
Switch_B#configure terminal ( ulazak u global config mode )
Switch_B(config )#spanning-tree vlan 1 proirity 4096 ( postavljanje prioriteta na switchu iz 32769 u 4096 )
Switch_B(config )#exit

Switch_A#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID, a vidi se I
promjena ROOT ID prioriteta koja je sada 4097 a BRIDGE ID je i dalje 32769 )

Switch_B#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID, a vidi se I
promjena ROOT ID prioriteta koja je sada 4097 kao i BRIDGE ID prioritet4097 )

Switch_B)#show running-config ( u prikazu trenutne konfiguracije možemo vidjeti da je ovaj switch_B


postavljen za ROOT BRIDGE jer ima prioritet 4096 a switch ima prioritet 32769 )

816
Only for individual use – not for distribute on Internet
SPANNING-TREE RECALCULATION on SWITCH

Host_A C:\> ping 192.168.1.2 ( pinganje switcha A )


Host_A C:\>ipconfig ( IP adresa Hosta_A )

Host_B C:\> ping 192.168.1.3 ( pinganje switcha B)


Host_B C:\>ipconfig ( IP adresa Hosta_B )

Switch_A#enable
Switch_A#class ( password )
Switch_A#show interface vlan 1 ( prikaz tablice VLAN 1 na switchu A)

Switch_B#enable
Switch_B#class ( password )
Switch_B#show interface vlan 1 ( prikaz tablice VLAN 1 na switchu B )

Switch_A#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID )

Switch_B#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID )

Kada isključimo jedan od kablova na nekom portu, onda pomoću naredbe show spanning-tree vidimo da je
dotični izbačen iz tablice rekalkulacije za protocol.

817
Only for individual use – not for distribute on Internet
CONFIGURATION STATIC VLANs

Host_A C:\> ping 192.168.1.2 ( pinganje switcha )


Host_A C:\>ipconfig ( IP adresa Hosta_A )

Host_B C:\> ping 192.168.1.3 ( pinganje switcha)


Host_B C:\>ipconfig ( IP adresa Hosta_B )

Switch#enable
Switch#class ( password )

Switch#show version ( prikaz IOS verzije)


Switch#show interface vlan ( prikaz tablice svih VLAN-ova na switchu )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, ako postavljamo novi Vlan )
Switch(vlan)#vlan 2 name VLAN2 ( postavljanje novog vlana pod nazivom VLAN2, obavezno broj 2 staviti
uz naziv vlana. )
Switch(vlan)#vlan 3 name VLAN3 ( postavljanje novog vlana pod nazivom VLAN3, obavezno broj 3 staviti
uz naziv vlana. )
Switch(vlan)#exit

Switch#show vlan ( prikazuje sve VLAN-ove na switchu. Tu možemo vidjeti da smo dodali dva nova Vlan-a 2
i 3 ali im nije niti jedan port dodjeljen. )

Switch#configure terminal
Switch(config)#interface fastethernet 0/2 ( ulazak u config mode fastethetnet interface-a 0/2 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje interface-a FA0/2 u VLAN 2 )
Switch(config-if)#end ( prelazak u EXEC mode )
Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti da sada port FA0/2 pripada Vlanu 2 )

Switch#configure terminal
Switch(config)#interface fastethernet 0/3 ( ulazak u config mode fastethetnet interface-a 0/3 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 3)
Switch(config-if)#switchport access vlan 3 ( prebacivanje interface-a FA0/3 u VLAN 3 )
Switch(config-if)#end ( prelazak u EXEC mode )

Switch#show vlan id 2 ( prikaz tablice Vlan 2 gdje možemo vidjeti koji portovi pripadaju Vlanu 2 sa
detaljnijim informacijama )

Switch#show vlan name vlan2 ( ova naredba je ista kao i gornja iznad, tj. prikazuje iste informacije, prikaz
tablice Vlan 2 gdje možemo vidjeti koji portovi pripadaju Vlanu 2 sa detaljnijim informacijama )

818
Only for individual use – not for distribute on Internet
CREATE new VLAN and MOVE INTERFACES in NEW VLAN,
VERIFYING VLAN CONFIGURATIONS
SWITCH 2900 serie
Kreiranje novih VLAN-ova i prebacivanje Interfaces iz VLAN 1 u VLAN 2 i VLAN 3

Switch#enable
Switch#class ( password )

Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju VLAN 1 )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, ako postavljamo novi Vlan )
Switch(vlan)#vlan 2 name VLAN2 ( postavljanje novog vlana pod nazivom VLAN2, obavezno broj 2 staviti
uz naziv vlana. )
Switch(vlan)#vlan 3 name VLAN3 ( postavljanje novog vlana pod nazivom VLAN3, obavezno broj 3 staviti
uz naziv vlana. )
Switch(vlan)#exit

Switch#configure terminal

Switch(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje interface-a FA0/4 u VLAN 2 )
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/5 ( ulazak u config mode fastethetnet interface-a 0/5 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje interface-a FA0/5 u VLAN 2 )
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/6 ( ulazak u config mode fastethetnet interface-a 0/6 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje interface-a FA0/6 u VLAN 2 )
Switch(config-if)#end ( prebacivanje u EXEC USER mode )

Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju VLAN 1 osim 04,0/5,0/6 koji pripadaju VLAN 2 )

Switch#configure terminal

Switch(config)#interface fastethernet 0/7 ( ulazak u config mode fastethetnet interface-a 0/7 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 3)
Switch(config-if)#switchport access vlan 3 ( prebacivanje interface-a FA0/7 u VLAN 3 )
Switch(config-if)#exit

819
Only for individual use – not for distribute on Internet
SWITCH 1900 serie

Kreiranje novih VLAN-ova i prebacivanje Interfaces iz VLAN 1 u VLAN 2 i VLAN 3


Neke naredbe postavljanja iz jednog VLAN-a u drugi VLAN se razlikuju od serije do serije switcha.

Switch#enable
Switch#class ( password )

Switch#show vlan-membership ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u
ovom momentu svi interfaces ( portovi ) pripadaju VLAN 1 )

Switch#configure terminal
Switch(config)#vlan 2 name VLAN2 ( postavljanje novog vlana pod nazivom VLAN2, obavezno broj 2
staviti uz naziv vlana. )
Switch(config)#vlan 3 name VLAN3 ( postavljanje novog vlana pod nazivom VLAN3, obavezno broj 3
staviti uz naziv vlana. )
Switch(config)#exit

Switch#configure terminal

Switch(config)#interface ethernet 0/4 ( ulazak u config mode ethetnet interface-a 0/4 )


Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/4 u VLAN 2 )
Switch(config)#interface ethernet0/5 ( ulazak u config mode ethetnet interface-a 0/5 )
Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/5 u VLAN 2 )
Switch(config)#interface ethernet 0/6 ( ulazak u config mode ethetnet interface-a 0/6 )
Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/6 u VLAN 2 )
Switch(config-if)#end ( prebacivanje u EXEC USER mode )

Switch#show vlan-membership ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u
ovom momentu svi interfaces ( portovi ) pripadaju VLAN 1 osim 04,0/5,0/6 koji pripadaju VLAN 2 )

Switch#configure terminal

Switch(config)#interface ethernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )


Switch(config-if)#vlan static 3( prebacivanje ( postavljanje ) interface-a e0/7 u VLAN 3 )
Switch(config-if)#exit

820
Only for individual use – not for distribute on Internet
CREATE and DELETE VLAN 3
SWITCH 2900 serie
Kreiranje i Brisanje VLAN-ova

Switch_A#enable
Switch_A#class ( password )
Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju VLAN 1 )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, add or delete VLAN )
Switch(vlan)#vlan 2 name VLAN2 ( kreiranje novog VLAN, obavezno broj 2 staviti uz naziv vlana. )
Switch(vlan)#vlan 3 name VLAN3 ( kreiranje novog VLAN, obavezno broj 3 staviti uz naziv vlana )
Switch(vlan)#exit

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje (postavljanje) interface-a FA0/4 u VLAN 2
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/5 ( ulazak u config mode fastethetnet interface-a 0/5 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje (postavljanje) interface-a FA0/5 u VLAN 2
Switch(config-if)#exit

Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju VLAN 1 osim 04,0/5,0/6 koji pripadaju VLAN 2 )

Switch#configure terminal
Switch(config)#interface fastethernet 0/7 ( ulazak u config mode fastethetnet interface-a 0/7 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 3)
Switch(config-if)#switchport access vlan 3 ( prebacivanje interface-a FA0/7 u VLAN 3 )
Switch(config-if)#exit

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch(config-if)#no switchport access vlan 2 ( brisanje interface-a FA0/4 iz VLAN 2 )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, add or delete VLAN )
Switch(vlan)#no vlan 3 ( brisanje VLAN-a 3 sa switcha )
Switch(vlan)#exit

DELETE a FastEthetrnet interface FROM a VLAN 3


Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#interface FastEthernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )
Switch(config-if)#no switchport access vlan 3 ( brisanje VLAN 3 sa switcha )
Switch(config-if)#exit

821
Only for individual use – not for distribute on Internet
CREATE and DELETE VLAN 3
SWITCH 1900 serie

Kreiranje i Brisanje VLAN-ova


Neke naredbe postavljanja iz jednog VLAN-a u drugi VLAN se razlikuju od serije do serije switcha.

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )

Switch#show vlan-membership ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u
ovom momentu svi interfaces ( portovi ) pripadaju VLAN 1 )

Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#vlan 2 name VLAN2 ( kreiranje novog VLAN, obavezno broj 2 staviti uz naziv vlan. )
Switch(config)#vlan 3 name VLAN3 ( kreiranje novog VLAN, obavezno broj 3 staviti uz naziv vlan. )
Switch(config)#exit

Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#interface Ethernet 0/4 ( ulazak u config mode ethetnet interface-a 0/4 )
Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/4 u VLAN 2 )
Switch(config)#interface Ethernet0/5 ( ulazak u config mode ethetnet interface-a 0/5 )
Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/5 u VLAN 2 )
Switch(config-if)#end ( prebacivanje u EXEC USER mode )

Switch#show vlan-membership ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u
ovom momentu svi interfaces ( portovi ) pripadaju VLAN 1 osim 04,0/5, koji pripadaju VLAN 2 )

Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )

Switch(config)#interface Ethernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )


Switch(config-if)#vlan static 3( prebacivanje ( postavljanje ) interface-a e0/7 u VLAN 3 )
Switch(config-if)#exit

Switch#configure terminal
Switch(config)#interface Ethernet 0/4 ( ulazak u config mode ethernet interface-a 0/4 )
Switch(config-if)#no vlan-membership 2 ( brisanje interface-a e0/4 iz VLAN 2 )

Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#interface Ethernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )
Switch(config-if)#no vlan static 3 ( brisanje VLAN 3 sa switcha )
Switch(config-if)#exit

DELETE a Ethernet interface FROM a VLAN 3


Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#interface Ethernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )
Switch(config-if)#no vlan-membership 3 ( brisanje VLAN 3 sa switcha )
Switch(config-if)#exit

822
Only for individual use – not for distribute on Internet
TRUNKING WITH ISL
SWITCH 2900 serie
Switchs su konfigurirani sa osnovnim funkcijama: Primjer je samo za Switch 1

Switch_A#enable
Switch_A#class ( password )
Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju defaultnom VLAN-u )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, add or delete VLAN )
Switch(vlan)#vlan 10 name Accounting ( kreiranje novog VLAN pod nazivom Acounting )
Switch(vlan)#vlan 20 name Marketing ( kreiranje novog VLAN pod nazivom Marketing )
Switch(vlan)#vlan 30 name Engineering ( kreiranje novog VLAN pod nazivom Engineering )
Switch(vlan)#exit

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 10)
Switch(config-if)#switchport access vlan 10 ( prebacivanje (postavljanje) interface-a FA0/4 u VLAN10

Switch(config-if)#interface fastethernet 0/5


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10

Switch(config-if)#interface fastethernet 0/6


823
Only for individual use – not for distribute on Internet
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/7


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20

Switch(config)#interface fastethernet 0/8


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20

Switch(config-if)#interface fastethernet 0/9


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/10


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 30

Switch(config)#interface fastethernet 0/11


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 30

Switch(config-if)#interface fastethernet 0/12


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 30
Switch(config-if)#end

Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju portova-interfaces )

Probajte pingati IP address 192.168.1.5 => neuspješno


Nije postavljen Ciscov ISL protocol na portovima Fa0/1 koji spajaju dva switcha
824
Only for individual use – not for distribute on Internet

Switch#configure terminal
Switch(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch(config-if)#switchport mode trunk set trunk type na switchport type Fa0/1 )
Switch(config-if)#switchport trunk encapsulation isl ( postavljanje ISL trunk na portu Fa0/1 )
Switch(config-if)#end

Switch#show interface fastethernet 0/1 switchport ( provjera postavljenog trunk type na Fa0/1 )

Probajte pingati IP address 192.168.1.5 => uspješno

825
Only for individual use – not for distribute on Internet
TRUNKING WITH 802.1Q
SWITCH_A 2900 serie
Switch-es su konfigurirani sa osnovnim funkcijama: Primjer je samo za Switch_A

Switch_A#enable
Switch_A#class ( password )
Switch_A#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju defaultnom VLAN-u )

Switch_A#vlan database ( ulazak u vlan-config mode za VLAN-ove na Switch_Au, add or delete VLAN )
Switch_A(vlan)#vlan 10 name Accounting ( kreiranje novog VLAN pod nazivom Acounting )
Switch_A(vlan)#vlan 20 name Marketing ( kreiranje novog VLAN pod nazivom Marketing )
Switch_A(vlan)#vlan 30 name Engineering ( kreiranje novog VLAN pod nazivom Engineering )
Switch_A(vlan)#exit

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch_A(config-if)#Switchport mode access ( configure the port as nontrunking single vlan interface, Define
the VLAN membership mode for the port (Layer 2 access )
Switch_A(config-if)#Switchport access vlan 10 ( prebacivanje (postavljanje) interface-a FA0/4 u VLAN10

Switch_A(config-if)#interface fastethernet 0/5


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10

Switch_A(config-if)#interface fastethernet 0/6


Switch_A(config-if)#Switchport mode access
826
Only for individual use – not for distribute on Internet
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#exit

Switch_A(config)#interface fastethernet 0/7


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20

Switch_A(config)#interface fastethernet 0/8


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20

Switch_A(config-if)#interface fastethernet 0/9


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20
Switch_A(config-if)#exit

Switch_A(config)#interface fastethernet 0/10


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30

Switch_A(config)#interface fastethernet 0/11


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30

Switch_A(config-if)#interface fastethernet 0/12


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30
Switch_A(config-if)#end

Switch_A#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju portova-interfaces

Probajte pingati IP address 192.168.1.5 Host B koji je spojen na Fa0/12=> neuspješno


Nije postavljen Ciscov ISL protocol na portovima Fa0/1 koji spajaju dva Switch_A ( TRUNK )

827
Only for individual use – not for distribute on Internet

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch_A(config-if)#Switchport mode trunk set trunk type na Switchport type Fa0/1 )
Switch_A(config-if)#Switchport trunk encapsulation dot1q ( postavljanje dot1q trunk na portu Fa0/1
Switch_A(config-if)#end

Switch_A#show interface fastethernet 0/1 Switchport ( provjera postavljenog trunk type na Fa0/1 )

Probajte pingati IP address 192.168.1.5 => uspješno

NAPOMENA:

Switch_A(config-if)#Switchport trunk encapsulation dot1q ( postavljanje dot1q trunk na portu Fa0/1

Ovu naredbu nije potrebno postavljati na Cisco Switchu 2950 jer on podržava samo 802.1Q ( dot1q )

828
Only for individual use – not for distribute on Internet
VTP CLIENT and SERVER CONFIGURATION
SWITCH_A 2900 serie ( e-Lab 9.2.5 )
Switch-es su konfigurirani sa osnovnim funkcijama: Primjer je samo za Switch_A

Switch_A#enable
Switch_A#class ( password )
Switch_A#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju defaultnom VLAN-u )

Switch_A#vlan database ( ulazak u vlan-config mode za VLAN-ove na Switch_A, add or delete VLAN
Switch_A(vlan)#vtp server ( aktiviranje switcha kao Servera )
Device Mode Allready VTP SERVER ( uređaj je spreman raditi kao VTP SERVER )
Switch_A(vlan)#vtp domain group1 ( promjena naziva domene iz Switch_A u naziv group1 )
Changing VTP domain name from Switch_A to group1
Switch_A(vlan)#vlan 10 name Accounting ( kreiranje novog VLAN pod nazivom Acounting )
Switch_A(vlan)#vlan 20 name Marketing ( kreiranje novog VLAN pod nazivom Marketing )
Switch_A(vlan)#vlan 30 name Engineering ( kreiranje novog VLAN pod nazivom Engineering )
Switch_A(vlan)#exit

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch_A(config-if)#Switchport mode access ( configure the port as nontrunking single vlan interface, Define
the VLAN membership mode for the port (Layer 2 access )
Switch_A(config-if)#Switchport access vlan 10 ( prebacivanje (postavljanje) interface-a FA0/4 u VLAN10
Switch_A(config-if)#interface fastethernet 0/5
Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
829
Only for individual use – not for distribute on Internet

Switch_A(config-if)#interface fastethernet 0/6


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#exit

Switch_A(config)#interface fastethernet 0/7


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20

Switch_A(config-if)#interface fastethernet 0/8


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20

Switch_A(config-if)#interface fastethernet 0/9


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20
Switch_A(config-if)#exit

Switch_A(config)#interface fastethernet 0/10


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30

Switch_A(config-if)#interface fastethernet 0/11


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30

Switch_A(config-if)#interface fastethernet 0/12


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30
Switch_A(config-if)#end

Switch_A#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju portova-interfaces

Switch_B#vlan database ( ulazak u vlan-config mode za VLAN-ove na Switch_A, add or delete VLAN
Switch_B(vlan)#vtp client ( konfiguracija – aktiviranje Switch_B, kao CLIENT-a )

830
Only for individual use – not for distribute on Internet
Setting device to VTP CLIENT mode
Switch_B(vlan)#vtp domain group1 ( promjena naziva domene iz Switch_B u naziv group1 )
Changing VTP domain name from Switch_B to group1

Switch_A#configure terminal ( priprema za kreiranje 802.1Q TRUNK na FA0/1 )


Switch_A(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch_A(config-if)#switchport mode trunk ( set trunk type na Switchport type Fa0/1 )
Switch_A(config-if)#end

SWITCH-B
Switch_B#configure terminal ( priprema za kreiranje 802.1Q TRUNK na FA0/1 )
Switch_B(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch_B(config-if)#switchport mode trunk ( set trunk type na Switchport type Fa0/1 )
Switch_B(config-if)#end

Switch_B#show interface fastethernet 0/1 switchport ( provjera postavljenog trunk type na Fa0/1 )

NADALJE dolazi konfiguracija Switch_B sa postavljanjem interfaces u VLAN-ove

NAPOMENA:

Switch_A(config-if)#Switchport trunk encapsulation dot1q ( postavljanje dot1q trunk na portu Fa0/1

Ovu naredbu nije potrebno postavljati na Cisco Switchu 2950 jer on podržava samo 802.1Q ( dot1q )

831
Only for individual use – not for distribute on Internet
CONFIGURING inter-VLAN ROUTING
SWITCH_A 2900 serie

Switch_A#enable
Switch_A#class ( password )
Switch_A#vlan database ( ulazak u vlan-config mode za VLAN-ove na Switch_A, add or delete VLAN
Switch_A(vlan)#vlan 10 name Sales ( kreiranje novog VLAN pod nazivom Sales )
Switch_A(vlan)#vlan 20 name Support ( kreiranje novog VLAN pod nazivom Support )
Switch_A(vlan)#exit

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/5
Switch_A(config-if)#switchport mode access
Switch_A(config-if)#switchport access vlan 10
Switch_A(config-if)#interface fastethernet 0/6
Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#interface fastethernet 0/7
Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#interface fastethernet 0/8
Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#end

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/9
Switch_A(config-if)#switchport mode access
Switch_A(config-if)#switchport access vlan 20
Switch_A(config)#interface fastethernet 0/10
Switch_A(config-if)#switchport mode access
Switch_A(config-if)#switchport access vlan 20
Switch_A(config)#interface fastethernet 0/11
Switch_A(config-if)#switchport mode access
832
Only for individual use – not for distribute on Internet
Switch_A(config-if)#switchport access vlan 20
Switch_A(config)#interface fastethernet 0/12
Switch_A(config-if)#switchport mode access
Switch_A(config-if)#switchport access vlan 20
Switch_A(config-if)#end

Switch_A#show vlan

Switch_A#configure terminal ( priprema za kreiranje 802.1Q TRUNK na FA0/1 )


Switch_A(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch_A(config-if)#switchport mode trunk ( set trunk type na Switchport type Fa0/1 )
Switch_A(config-if)#end

Router#enable
Password: class

Router#configure terminal (ulazak u GLOBAL configuration mode Routera )

Router(config)#interface fastethernet 0/1 (ulazak u config mode fastethetnet interface-a 0/1 )


Router(config-if)#no shutdown ( aktiviranje -podizanje fastethetnet interface-a 0/1)

Router(config-if)#interface fastethernet 0/1.1 ( ulazak u subinterface 0/1.1 mode za interface 0/1)


Router(config-subif)#encapsulation dot1q 1 ( postavljanje subinterface 0/1.1 za 802.1 trunking–
enkapsulaciju na VLAN-u 1)
Router(config-subif)#ip address 192.168.1.1 255.255.255.0 ( postavljanje IP adrese za subinterface 0/1.1
što je ujedno i Gateway za mrežu )

Router(config-subif)#interface fastethernet 0/1.2 ( ulazak u subinterface 0/1.2 mode za interface 0/1)


Router(config-subif)#encapsulation dot1q 10 ( postavljanje subinterface 0/1.2 za 802.1 trunking–
enkapsulaciju na VLAN-u 10 )
Router(config-subif)#ip address 192.168.5.1 255.255.255.0 ( postavljanje IP adrese za subinterface 0/1.2
što je ujedno i Gateway za mrežu )

Router(config-subif)#interface fastethernet 0/1.3 ( ulazak u subinterface 0/1.3 mode za interface 0/1)

833
Only for individual use – not for distribute on Internet
Router(config-subif)#encapsulation dot1q 20 ( postavljanje subinterface 0/1.3 za 802.1 trunking–
enkapsulaciju na VLAN-u 20 )
Router(config-subif)#ip address 192.168.7.1 255.255.255.0 ( postavljanje IP adrese za subinterface 0/1.3
što je ujedno i Gateway za mrežu )
Router(config-subif)#end

Router#show ip route

Probajte premještati konekcije na portovima i pingati IP adrese ( pingovi trebaju biti uspješni )

834
Only for individual use – not for distribute on Internet

32 MODULE 1
Module Overview

The rapid growth of the Internet has astonished most observers. One reason that the Internet has grown so
quickly is due to the flexibility of the original design. Without developing new methodologies of IP address
assignment, this rapid growth of the Internet would have exhausted the current supply of IP addresses. In order
to cope with a shortage of IP addresses, several solutions were developed. One widely implemented solution is
Network Address Translation (NAT).

NAT is a mechanism for conserving registered IP addresses in large networks and simplifying IP addressing
management tasks. As a packet is routed through a network device, usually a firewall or border router, the
source IP address is translated from a private internal network address to a routable public IP address. This
allows the packet to be transported over public external networks, such as the Internet. The public address in
the reply is then translated back to the private internal address for delivery within the internal network. A
variation of NAT, called Port Address Translation (PAT), allows many internal private addresses to be
translated using a single external public address.

Routers, servers, and other key devices on the network usually require a static IP configuration, which is
entered manually. However, desktop clients do not require a specific address but rather any one in a range of
addresses. This range is typically within an IP subnet. A workstation within a specific subnet can be assigned
any address within a range while other values are static, including the subnet mask, default gateway, and DNS
server.

The Dynamic Host Configuration Protocol (DHCP) was designed to assign IP addresses and other important
network configuration information dynamically. Because desktop clients typically make up the bulk of
network nodes, DHCP is an extremely useful timesaving tool for network administrators.

Students completing this module should be able to:

 Identify private IP addresses as described in RFC 1918


 Discuss characteristics of NAT and PAT
 Explain the benefits of NAT
 Explain how to configure NAT and PAT, including static translation, dynamic translation, and
overloading
 Identify the commands used to verify NAT and PAT configuration
 List the steps used to troubleshoot NAT and PAT configuration
 Discuss the advantages and disadvantages of NAT
 Describe the characteristics of DHCP
 Explain the differences between BOOTP and DHCP
 Explain the DHCP client configuration process
 Configure a DHCP server
 Verify DHCP operation
 Troubleshoot a DHCP configuration
 Explain DHCP relay requests

835
Only for individual use – not for distribute on Internet
32.1 Scaling IP Addresses

32.1.1 Private addressing

RFC 1918 sets aside the following three blocks of private IP addresses:

 1 Class A address
 16 Class B addresses
 256 Class C addresses

These addresses are for private, internal network use only. Packets containing these addresses are not routed
over the Internet.

Public Internet addresses must be registered by a company with an Internet authority, for example, American
Registry for Internet Numbers (ARIN) or Réseaux IP Européens (RIPE), the Regional Internet Registry
responsible for Europe and North Africa. These public Internet addresses can also be leased from an ISP.
Private IP addresses are reserved and can be used by anyone. That means two networks, or two million
networks, can each use the same private address. A border router should never route RFC 1918 addresses. ISPs
typically configure the border routers to prevent privately addressed traffic from being forwarded.

NAT provides great benefits to individual companies and the Internet. Before NAT, a host with a private
address could not access the Internet. Using NAT, individual companies can address some or all of their hosts
with private addresses and use NAT to provide access to the Internet.

32.1.2 Introducing NAT and PAT

NAT is designed to conserve IP addresses and enable networks to use private IP addresses on internal
networks. These private, internal addresses are translated to routable, public addresses. This is accomplished
by internetwork devices running specialized NAT software which can increase network privacy by hiding
internal IP addresses.

A NAT enabled device typically operates at the border of a stub network. A stub network is a network that has
a single connection to its neighbor network. -1-

836
Only for individual use – not for distribute on Internet

When a host inside the stub network wants to transmit to a host on the outside, it forwards the packet to the
border gateway router. The border gateway router performs the NAT process, translating the internal private
address of a host to a public, external routable address. -2-

837
Only for individual use – not for distribute on Internet

In NAT terminology, the internal network is the set of networks that are subject to translation. The external
network refers to all other addresses.

Cisco defines the following NAT terms:

 Inside local address – The IP address assigned to a host on the inside network. The address is usually
not an IP address assigned by the Internet Network Information Center (InterNIC) or service provider.
This address is likely to be an RFC 1918 private address.
 Inside global address – A legitimate IP address assigned by the InterNIC or service provider that
represents one or more inside local IP addresses to the outside world.
 Outside local address – The IP address of an outside host as it is known to the hosts on the inside
network.
 Outside global address – The IP address assigned to a host on the outside network. The owner of the
host assigns this address.

32.1.3 Major NAT and PAT features

NAT translations can be used for a variety of purposes and can be either dynamically or statically assigned.
Static NAT is designed to allow one-to-one mapping of local and global addresses. This is particularly useful
for hosts which must have a consistent address that is accessible from the Internet. These internal hosts may be
enterprise servers or networking devices.

Dynamic NAT is designed to map a private IP address to a public address. Any IP address from a pool of
public IP addresses is assigned to a network host. Overloading, or Port Address Translation (PAT), maps
multiple private IP addresses to a single public IP address. Multiple addresses can be mapped to a single
address because each private address is tracked by a port number. -1-

PAT uses unique source port numbers on the inside global IP address to distinguish between translations. -2-
The port number is encoded in 16 bits. The total number of internal addresses that can be translated to one
external address could theoretically be as high as 65,536 per IP address. Realistically, the number of ports that
can be assigned a single IP address is around 4000. PAT will attempt to preserve the original source port. If
this source port is already used, PAT will assign the first available port number starting from the beginning of
the appropriate port group 0-511, 512-1023, or 1024-65535. When there are no more ports available and there
is more than one external IP address configured, PAT moves to the next IP address to try to allocate the
original source port again. This process continues until it runs out of available ports and external IP addresses.

838
Only for individual use – not for distribute on Internet
NAT offers the following benefits:

 Eliminates reassigning each host a new IP address when changing to a new ISP. NAT eliminates the
need to readdress all hosts that require external access, saving time and money.
 Conserves addresses through application port-level multiplexing. With PAT, internal hosts can share a
single public IP address for all external communications. In this type of configuration, very few
external addresses are required to support many internal hosts, thereby conserving IP addresses.
 Protects network security. Because private networks do not advertise their addresses or internal
topology, they remain reasonably secure when used in conjunction with NAT to gain controlled
external access.

839
Only for individual use – not for distribute on Internet
32.1.4 Configuring NAT and PAT
Static Translation

To configure static inside source address translation, perform the tasks in Figures -1- and -2-

840
Only for individual use – not for distribute on Internet
Figure -3- shows the use of static NAT translation. The router will translate packets from host 10.1.1.2 to a
source address of 192.168.1.2.

841
Only for individual use – not for distribute on Internet
Dynamic Translation

To configure dynamic inside source address translation, perform the tasks in Figure -4- .

The access list must permit only those addresses that are to be translated. Remember that there is an implicit
―deny all‖ at the end of each access list. An access list that is too permissive can lead to unpredictable results.
Cisco advises against configuring access lists referenced by NAT commands with the permit any command.
Using permit any can result in NAT consuming too many router resources, which can cause network problems.

842
Only for individual use – not for distribute on Internet
Figure -5- translates all source addresses passing access list 1, which have source address from 10.1.0.0/24, to
an address from the pool named nat-pool1. The pool contains addresses from 179.9.8.80/24 to 179.9.8.95/24.

NOTE
NAT will not translate the host 10.1.1.2, as it is not permitted for translation by the access list.

Overloading

Overloading is configured in two ways depending on how public IP addresses have been allocated. An ISP can
allocate a network only one public IP address, and this is typically assigned to the outside interface which
connects to the ISP. Figure -6- shows how to configure overloading in this situation.

843
Only for individual use – not for distribute on Internet

Another way of configuring overload is if the ISP has given one or more public IP addresses for use as a NAT
pool. This pool can be overloaded as shown in the configuration in Figure -7- .

844
Only for individual use – not for distribute on Internet
Figure -8- shows an example configuration of PAT.

32.1.5 Verifying PAT configuration

Once NAT is configured, use the clear and show commands to verify that it is operating as expected.

By default, dynamic address translations will time out from the NAT translation table after a period of non-use.
When port translation is not configured, translation entries time out after 24 hours, unless the timers are
reconfigured with the ip nat translation timeout timeout_ seconds command from global configuration mode. Clear
the entries before the timeout by using one of the commands in Figure -1-.

845
Only for individual use – not for distribute on Internet

Translation information may be displayed by performing one of the tasks in EXEC mode -2-.

Alternatively, use the show run command and look for NAT, access list, interface, or pool commands with the
required values.

846
Only for individual use – not for distribute on Internet
32.1.6 Troubleshooting NAT and PAT configuration

When IP connectivity problems in a NAT environment exist, it is often difficult to determine the cause of the
problem. Many times NAT is mistakenly blamed, when in reality there is an underlying problem.

When trying to determine the cause of an IP connectivity problem, it helps to rule out NAT. Use the following
steps to determine whether NAT is operating as expected:

1. Based on the configuration, clearly define what NAT is supposed to achieve.


2. Verify that correct translations exist in the translation table.
3. Verify the translation is occurring by using show and debug commands.
4. Review in detail what is happening to the packet and verify that routers have the correct routing
information to move the packet along.

Use the debug ip nat command to verify the operation of the NAT feature by displaying information about
every packet that is translated by the router. The debug ip nat detailed command generates a description of each
packet considered for translation. This command also outputs information about certain errors or exception
conditions, such as the failure to allocate a global address.

Figure shows a sample debug ip nat output. In this example, the first two lines of the debugging output show
that a Domain Name System (DNS) request and reply were produced. The remaining lines show the debugging
output of a Telnet connection from a host on the inside of the network to a host on the outside of the network.

Decode the debug output by using the following key points:

 The asterisk next to NAT indicates that the translation is occurring in the fast-switched path. The first
packet in a conversation will always go through the slow path, which means this first packet is process-
switched. The remaining packets will go through the fast-switched path if a cache entry exists.
 s = a.b.c.d is the source address.
 Source address a.b.c.d is translated to w.x.y.z.
 d = e.f.g.h is the destination address.
 The value in brackets is the IP identification number. This information may be useful for debugging.
This is useful, for example, because it enables correlation with other packet traces from protocol
analyzers.

847
Only for individual use – not for distribute on Internet
32.1.7 Issues with NAT

NAT has several advantages, including: -1-

 Conserves the legally registered addressing scheme by allowing the privatization of intranets.
 Increases the flexibility of connections to the public network. Multiple pools, backup pools, and load
balancing pools can be implemented to assure reliable public network connections.
 Consistency of the internal network addressing scheme. On a network without private IP addresses and
NAT, changing public IP addresses requires the renumbering of all hosts on the existing network. The
costs of renumbering hosts can be significant. NAT allows the existing scheme to remain while
supporting a new public addressing scheme.

NAT is not without drawbacks. Enabling address translation will cause a loss of functionality, particularly with
any protocol or application that involves sending IP address information inside the IP payload. This requires
additional support by the NAT device.

NAT increases delay. Switching path delays are introduced because of the translation of each IP address within
the packet headers. The first packet will always go through the slow path, which means this first packet is
process-switched. The remaining packets will go through the fast-switched path if a cache entry exists.

Performance may be a consideration because NAT is currently accomplished by using process switching. The
CPU must look at every packet to decide whether it must be translated. The CPU must alter the IP header, and
possibly alter the TCP or UDP header.

One significant disadvantage when implementing and using NAT is the loss of end-to-end IP traceability. It
becomes much more difficult to trace packets that undergo numerous packet address changes over multiple
NAT hops. Hackers who want to determine the source of a packet will find it difficult to trace or obtain the
original source or destination address.

NAT also forces some applications that use IP addressing to stop functioning because it hides end-to-end IP
addresses. Applications that use physical addresses instead of a qualified domain name will not reach
destinations that are translated across the NAT router. Sometimes, this problem can be avoided by
implementing static NAT mappings.

Cisco IOS NAT supports the following traffic types: -2-

 ICMP
 File Transfer Protocol (FTP), including PORT and PASV commands
 NetBIOS over TCP/IP, datagram, name, and session services
 RealNetworks' RealAudio
 White Pines' CUSeeMe
 Xing Technologies' StreamWorks
 DNS "A" and "PTR" queries
 H.323/Microsoft NetMeeting, IOS versions 12.0(1)/12.0(1)T and later
 VDOnet's VDOLive, IOS versions 11.3(4)11.3(4)T and later
 VXtreme's Web Theater, IOS versions 11.3(4)11.3(4)T and later
848
Only for individual use – not for distribute on Internet
 IP Multicast, IOS version 12.0(1)T with source address translation only

Cisco IOS NAT does not support the following traffic types:

 Routing table updates


 DNS zone transfers
 BOOTP
 talk and ntalk protocols
 Simple Network Management Protocol (SNMP)

849
Only for individual use – not for distribute on Internet
32.2 DHCP

32.2.1 Introducing DHCP

Dynamic Host Configuration Protocol (DHCP) works in a client/server mode. DHCP enables DHCP clients on
an IP network to obtain their configurations from a DHCP server. Less work is involved in managing an IP
network when DHCP is used. The most significant configuration option the client receives from the server is
its IP address. The DHCP protocol is described in RFC 2131.

A DHCP client is included in most modern operating systems including the various Windows operating
systems, Novell Netware, Sun Solaris, Linux, and MAC OS. The client requests addressing values from the
network DHCP server -1-

This server manages the allocation of the IP addresses and will answer configuration requests from clients.

850
Only for individual use – not for distribute on Internet

The DHCP server can answer requests for many subnets. DHCP is not intended for configuring routers,
switches, and servers. These type of hosts need to have static IP addresses.

DHCP works by providing a process for a server to allocate IP information to clients. Clients lease the
information from the server for an administratively defined period. When the lease expires the client must ask
for another address, although the client is typically reassigned the same address.

Administrators typically prefer a network server to offer DHCP services because these solutions are scalable
and relatively easy to manage. Cisco routers can use a Cisco IOS feature set, Easy IP, to offer an optional, full-
featured DHCP server. Easy IP leases configurations for 24 hours by default. This is useful in small offices and
home offices where the home user can take advantage of DHCP and NAT without having an NT or UNIX
server.

851
Only for individual use – not for distribute on Internet
Administrators set up DHCP servers to assign addresses from predefined pools. DHCP servers can also offer
other information, such as DNS server addresses, WINS server addresses, and domain names. Most DHCP
servers also allow the administrator to define specifically what client MAC addresses can be serviced and
automatically assign them the same IP address each time. -1-, -2-, -3-

DHCP uses User Datagram Protocol (UDP) as its transport protocol. The client sends messages to the server
on port 67. The server sends messages to the client on port 68.

32.2.2 BOOTP and DHCP differences

The Internet community first developed the BOOTP protocol to enable configuration of diskless workstations.
BOOTP was originally defined in RFC 951 in 1985. As the predecessor of DHCP, BOOTP shares some
operational characteristics. Both protocols are client/server based and use UDP ports 67 and 68. Those ports
are still known as BOOTP ports.

The four ( 4 ) basic IP parameters include:

 IP address
 Gateway address
 Subnet mask
 DNS server address

BOOTP does not dynamically allocate IP addresses to a host. When a client requests an IP address, the
BOOTP server searches a predefined table for an entry that matches the MAC address for the client. If an entry
exists, then the corresponding IP address for that entry is returned to the client. This means that the binding
between the MAC address and the IP address must have already been configured in the BOOTP server.

There are two ( 2 ) primary differences between DHCP and BOOTP: -1-

 DHCP defines mechanisms through which clients can be assigned an IP address for a finite lease
period. This lease period allows for reassignment of the IP address to another client later, or for the
client to get another assignment, if the client moves to another subnet. Clients may also renew leases
and keep the same IP address.
 DHCP provides the mechanism for a client to gather other IP configuration parameters, such as WINS
and domain name.

32.2.3 Major DHCP features

There are three mechanisms used to assign an IP address to the client:

 Automatic allocation – DHCP assigns a permanent IP address to a client.


 Manual allocation – The IP address for the client is assigned by the administrator. DHCP conveys the
address to the client.
 Dynamic allocation – DHCP assigns, or leases, an IP address to the client for a limited period of time.

852
Only for individual use – not for distribute on Internet
The focus of this section is the dynamic allocation mechanism.
Some of the configuration parameters available are listed in IETF RFC 1533:

 Subnet mask
 Router
 Domain Name
 Domain Name Server(s)
 WINS Server(s)

The DHCP server creates pools of IP addresses and associated parameters. -1-
Pools are dedicated to an individual logical IP subnet. This allows multiple DHCP servers to respond and IP
clients to be mobile. If multiple servers respond, a client can choose only one of the offers.

32.2.4 DHCP operation

The DHCP client configuration process uses the following steps: -1-, -2-

1. A client must have DHCP configured when starting the network membership process. The client sends
a request to a server requesting an IP configuration. Sometimes the client may suggest the IP address it
wants, such as when requesting an extension to a DHCP lease. The client locates a DHCP server by
sending a broadcast called a DHCPDISCOVER.
2. When the server receives the broadcast, it determines whether it can service the request from its own
database. If it cannot, the server may forward the request on to another DHCP server. If it can, the
DHCP server offers the client IP configuration information in the form of a unicast DHCPOFFER. The
DHCPOFFER is a proposed configuration that may include IP address, DNS server address, and lease
time.
3. If the client finds the offer agreeable, it will send another broadcast, a DHCPREQUEST, specifically
requesting those particular IP parameters. Why does the client broadcast the request instead of
unicasting it to the server? A broadcast is used because the first message, the DHCPDISCOVER, may
have reached more than one DHCP server. If more than one server makes an offer, the broadcasted
DHCPREQUEST allows the other servers to know which offer was accepted. The offer accepted is
usually the first offer received.
4. The server that receives the DHCPREQUEST makes the configuration official by sending a unicast
acknowledgment, the DHCPACK. It is possible, but highly unlikely, that the server will not send the
DHCPACK. This may happen because the server may have leased that information to another client in
the interim. Receipt of the DHCPACK message enables the client to begin using the assigned address
immediately.

853
Only for individual use – not for distribute on Internet
5. If the client detects that the address is already in use on the local segment it will send a
DHCPDECLINE message and the process starts again. If the client received a DHCPNACK from the
server after sending the DHCPREQUEST, then it will restart the process again.
6. If the client no longer needs the IP address, the client sends a DHCPRELEASE message to the server.

Depending on an organization's policies, it may be possible for an end user or an administrator to statically
assign a host an IP address that belongs in the DHCP servers address pool. Just in case, the Cisco IOS DHCP
server always checks to make sure that an address is not in use before the server offers it to a client. The server
will issue an ICMP echo request, or will ping, to a pool address before sending the DHCPOFFER to a client.
Although configurable, the default number of pings used to check for a potential IP address conflict is two.

854
Only for individual use – not for distribute on Internet
32.2.5 Configuring DHCP

Like NAT, a DHCP server requires that the administrator define a pool of addresses. The ip dhcp pool
command defines which addresses will be assigned to hosts.

The first command, ip dhcp pool , creates a pool with the specified name and puts the router in a specialized
DHCP configuration mode. In this mode, use the network statement to define the range of addresses to be
leased. -1-

Router(config)#ip dhcp pool pool-name

Router(config)#network network-number mask prefix

If specific addresses on the network are to be excluded, return to global configuration mode.

The ip dhcp excluded-address command configures the router to exclude an individual address or range of
addresses when assigning addresses to clients. The ip dhcp excluded-address command may be used to
reserve addresses that are statically assigned to key hosts, for instance, the interface address on the router. -2-

Router(config)#ip dhcp excluded-address low-address high-address

855
Only for individual use – not for distribute on Internet
Typically, a DHCP server will be configured to assign much more than an IP address. Other IP configuration
values such as the default gateway can be set from the DHCP configuration mode. Using the default-router
command sets the default gateway. The address of the DNS server, dns-server , and WINS server, netbios-
name-server , can also be configured here. The IOS DHCP server can configure clients with virtually any
TCP/IP information.

A list of the key IOS DHCP server commands entered in the DHCP pool configuration mode are shown in
Figure -3-.

The DHCP service is enabled by default on versions of Cisco IOS that support it. To disable the service, use
the no service dhcp command. Use the service dhcp global configuration command to re-enable the DHCP
server process.

32.2.6 Verifying DHCP operation

To verify the operation of DHCP, the command show ip dhcp binding can be used. This displays a list of all
bindings created by the DHCP service.

To verify that messages are being received or sent by the router, use the command show ip dhcp server
statistics . This will display count information regarding the number of DHCP messages that have been sent
and received.

856
Only for individual use – not for distribute on Internet
32.2.7 Troubleshooting DHCP

To troubleshoot the operation of the DHCP server, the command debug ip dhcp server events can be used.
This command will show that the server periodically checks to see if any leases have expired. Also displayed
are the processes of addresses being returned and addresses being allocated.

32.2.8 DHCP Relay

DHCP clients use IP broadcasts to find the DHCP server on the segment. What happens when the server and
the client are not on the same segment and are separated by a router? Routers do not forward these broadcasts.

DHCP is not the only critical service that uses broadcasts. Cisco routers and other devices may use broadcasts
to locate TFTP servers. Some clients may need to broadcast to locate a TACACS server. A TACACS server is
a security server. Typically, in a complex hierarchical network, clients do not reside on the same subnet as key
servers. Such remote clients will broadcast to locate these servers. However, routers, by default, will not
forward client broadcasts beyond their subnet.

Because some clients are useless without services such as DHCP, one of two choices must be implemented.
The administrator will need to place servers on all subnets or use the Cisco IOS helper address feature.
Running services such as DHCP or DNS on several computers creates overhead and administrative difficulties
making the first option inefficient. When possible, administrators should use the ip helper-address command
to relay broadcast requests for these key UDP services.

By using the helper address feature, a router can be configured to accept a broadcast request for a UDP service
and then forward it as a unicast to a specific IP address.

By default, the ip helper-address command forwards the following eight UDP services:

 Time
 TACACS (security server )
 DNS
 BOOTP/DHCP Server
 BOOTP/DHCP Client
 TFTP
 NetBIOS Name Service
 NetBIOS datagram Service

In the particular case of DHCP, a client broadcasts a DHCPDISCOVER packet on its local segment. -1-

857
Only for individual use – not for distribute on Internet

This packet is picked up by the gateway. If a helper-address is configured, the DHCP packet is forwarded to
the specified address. Before forwarding the packet, the router fills in the GIADDR field of the packet with the
IP address of the router for that segment. This address will then be the gateway address for the DHCP client,
when it gets the IP address. -2-

The DHCP server receives the discover packet. The server uses the GIADDR field to index into the list of
address pools in order to find one which has the gateway address set to the value in GIADDR. This pool is then
used to supply the client with its IP address. -3-, -4-

858
Only for individual use – not for distribute on Internet

859
Only for individual use – not for distribute on Internet
32.2.9 Summary

An understanding of the following key points should have been achieved:

 Private addresses are for private, internal use and should never be routed by a public Internet router.
 NAT alters the IP header of a packet so that the destination address, the source address, or both
addresses are replaced with different addresses.
 PAT uses unique source port numbers on the inside global IP address to distinguish between
translations.
 NAT translations can occur dynamically or statically and can be used for a variety of uses.
 NAT and PAT may be configured for static translation, dynamic translation, and overloading.
 The process for verifying NAT and PAT configuration include the clear and show commands.
 The debug ip nat command is used for troubleshooting NAT and PAT configuration.
 NAT has advantages and disadvantages.
 DHCP works in a client/server mode, enabling clients to obtain IP configurations from a DHCP server.
 BOOTP is the predecessor of DHCP and shares some operational characteristics with DHCP, but
BOOTP is not dynamic.
 A DHCP server manages pools of IP addresses and associated parameters. Each pool is dedicated to an
individual logical IP subnet.
 The DHCP client configuration process has four steps.
 Usually, a DCHP server is configured to assign more than IP addresses.
 The show ip dhcp binding command is used to verify DHCP operation.
 The debug ip dhcp server events command is used for troubleshooting DHCP.
 When a DHCP server and a client are not on the same segment and are separated by a router, the ip
helper-address command is used to relay broadcast requests.

860
Only for individual use – not for distribute on Internet
33 MODULE 2

Module Overview

As the enterprise grows beyond a single location, it is necessary to interconnect the LANs in the various
branches to form a wide-area network (WAN). This module examines some of the options available for these
interconnections, the hardware needed to implement them, and the terminology used to discuss them.

There are many options currently available today for implementing WAN solutions. They differ in technology,
speed, and cost. Familiarity with these technologies is an important part of network design and evaluation.

If all data traffic in an enterprise is within a single building, a LAN meets the needs of the organization.
Buildings can be interconnected with high-speed data links to form a campus LAN if data must flow between
buildings on a single campus. However, a WAN is needed to carry data if it must be transferred between
geographically separate locations. Individual remote access to the LAN and connection of the LAN to the
Internet are separate study topics, and will not be considered here.

Most students will not have the opportunity to design a new WAN, but many will be involved in designing
additions and upgrades to existing WANs, and will be able to apply the techniques learned in this module.

Students completing this module should be able to:

 Differentiate between a LAN and WAN


 Identify the devices used in a WAN
 List WAN standards
 Describe WAN encapsulation
 Classify the various WAN link options
 Differentiate between packet-switched and circuit-switched WAN technologies
 Compare and contrast current WAN technologies
 Describe equipment involved in the implementation of various WAN services
 Recommend a WAN service to an organization based on its needs
 Describe DSL and cable modem connectivity basics
 Describe a methodical procedure for designing WANs
 Compare and contrast WAN topologies
 Compare and contrast WAN design models
 Recommend a WAN design to an organization based on its needs

33.1 WAN Technologies

33.1.1 WAN technology

A WAN is a data communications network that operates beyond the geographic scope of a LAN. One primary
difference between a WAN and a LAN is that a company or organization must subscribe to an outside WAN
service provider in order to use WAN carrier network services. A WAN uses data links provided by carrier
services to access the Internet and connect the locations of an organization to each other, to locations of other
organizations, to external services, and to remote users. WANs generally carry a variety of traffic types, such
as voice, data, and video. Telephone and data services are the most commonly used WAN services.

Devices on the subscriber premises are called customer premises equipment (CPE). -1-

861
Only for individual use – not for distribute on Internet

The subscriber owns the CPE or leases the CPE from the service provider. A copper or fiber cable connects the
CPE to the service provider‘s nearest exchange or central office (CO). This cabling is often called the local
loop, or "last-mile". A dialed call is connected locally to other local loops, or non-locally through a trunk to a
primary center. It then goes to a sectional center and on to a regional or international carrier center as the call
travels to its destination. -2-

In order for the local loop to carry data, a device such as a modem is needed to prepare the data for
transmission. Devices that put data on the local loop are called data circuit-terminating equipment, or data
communications equipment (DCE). The customer devices that pass the data to the DCE are called data
terminal equipment (DTE). -3-

862
Only for individual use – not for distribute on Internet
The DCE primarily provides an interface for the DTE into the communication link on the WAN cloud. The
DTE/DCE interface uses various physical layer protocols, such as High-Speed Serial Interface (HSSI) and
V.35. These protocols establish the codes and electrical parameters the devices use to communicate with each
other. -4-

WAN links are provided at various speeds measured in bits per second (bps), kilobits per second (kbps or 1000
bps), megabits per second (Mbps or 1000 kbps) or gigabits per second (Gbps or 1000 Mbps). The bps values
are generally full duplex. This means that an E1 line can carry 2 Mbps, or a T1 can carry 1.5 Mbps, in each
direction simultaneously. -5-

863
Only for individual use – not for distribute on Internet
33.1.2 WAN devices

WANs are groups of LANs connected together with communications links from a service provider. Because
the communications links cannot plug directly into the LAN, it is necessary to identify the various pieces of
interfacing equipment. -1-

LAN-based computers with data to transmit send data to a router that contains both LAN and WAN
interfaces.-2-

The router will use the Layer 3 address information to deliver the data on the appropriate WAN interface.
Routers are active and intelligent network devices and therefore can participate in network management.
Routers manage networks by providing dynamic control over resources and supporting the tasks and goals for
networks. Some of these goals are connectivity, reliable performance, management control, and flexibility.

The communications link needs signals in an appropriate format. For digital lines, a channel service unit (CSU)
and a data service unit (DSU) are required. The two are often combined into a single piece of equipment, called
the CSU/DSU. The CSU/DSU may also be built into the interface card in the router. -3-

864
Only for individual use – not for distribute on Internet

A modem is needed if the local loop is analog rather than digital, support digital and analog signals. -4-

Modems transmit data over voice-grade telephone lines by modulating and demodulating the signal. The
digital signals are superimposed on an analog voice signal that is modulated for transmission. The modulated
signal can be heard as a series of whistles by turning on the internal modem speaker. At the receiving end the
analog signals are returned to their digital form, or demodulated.

When ISDN is used as the communications link, all equipment attached to the ISDN bus must be ISDN-
compatible. Compatibility is generally built into the computer interface for direct dial connections, or the
router interface for LAN to WAN connections. Older equipment without an ISDN interface requires an ISDN
terminal adapter (TA) for ISDN compatibility.

Communication servers concentrate dial-in user communication and remote access to a LAN. They may have a
mixture of analog and digital (ISDN) interfaces and support hundreds of simultaneous users.

33.1.3 WAN Standards

WANs use the OSI reference model, but focus mainly on Layer 1 and Layer 2. WAN standards typically
describe both physical layer delivery methods and data link layer requirements, including physical addressing,
865
Only for individual use – not for distribute on Internet
flow control, and encapsulation. WAN standards are defined and managed by a number of recognized
authorities. -1-

The physical layer protocols describe how to provide electrical, mechanical, operational, and functional
connections to the services provided by a communications service provider. Some of the common physical
layer standards are listed in Figure -2- , and their connectors illustrated in Figure -3-

866
Only for individual use – not for distribute on Internet
The data link layer protocols define how data is encapsulated for transmission to remote sites, and the
mechanisms for transferring the resulting frames. A variety of different technologies are used, such as ISDN,
Frame Relay or Asynchronous Transfer Mode (ATM). These protocols use the same basic framing mechanism,
high-level data link control (HDLC), an ISO standard, or one of its sub-sets or variants. -4-

33.1.4 WAN encapsulation

Data from the network layer is passed to the data link layer for delivery on a physical link, which is normally
point-to-point on a WAN connection. The data link layer builds a frame around the network layer data so the
necessary checks and controls can be applied. Each WAN connection type uses a Layer 2 protocol to
encapsulate traffic while it is crossing the WAN link. To ensure that the correct encapsulation protocol is used,
the Layer 2 encapsulation type used for each router serial interface must be configured. The choice of
encapsulation protocols depends on the WAN technology and the equipment. Most framing is based on the
HDLC standard.

HDLC framing gives reliable delivery of data over unreliable lines and includes signal mechanisms for flow
and error control. -1-

The frame always starts and ends with an 8-bit flag field, the bit pattern is 01111110. Because there is a
likelihood that this pattern will occur in the actual data, the sending HDLC system always inserts a 0 bit after
every five 1s in the data field, so in practice the flag sequence can only occur at the frame ends. The receiving
system strips out the inserted bits. When frames are transmitted consecutively the end flag of the first frame is
used as the start flag of the next frame.

867
Only for individual use – not for distribute on Internet
The address field is not needed for WAN links, which are almost always point-to-point. The address field is
still present and may be one or two bytes long. The control field indicates the frame type, which may be
information, supervisory, or unnumbered:

 Unnumbered frames carry line setup messages.


 Information frames carry network layer data.
 Supervisory frames control the flow of information frames and request data retransmission in the event
of an error.

The control field is normally one byte, but will be two bytes for extended sliding windows systems. Together
the address and control fields are called the frame header. The encapsulated data follows the control field. Then
a frame check sequence (FCS) uses the cyclic redundancy check (CRC) mechanism to establish a two or four
byte field.

Several data link protocols are used, including sub-sets and proprietary versions of HDLC. -2-

Both PPP and the Cisco version of HDLC have an extra field in the header to identify the network layer
protocol of the encapsulated data. -3-

33.1.5 Packet and circuit switching

Packet-switched networks were developed to overcome the expense of public circuit-switched networks and to
provide a more cost-effective WAN technology.

When a subscriber makes a telephone call, the dialed number is used to set switches in the exchanges along the
route of the call so that there is a continuous circuit from the originating caller to that of the called party.
Because of the switching operation used to establish the circuit, the telephone system is called a circuit-
switched network. If the telephones are replaced with modems, then the switched circuit is able to carry
computer data. -1-

868
Only for individual use – not for distribute on Internet

The internal path taken by the circuit between exchanges is shared by a number of conversations. Time
division multiplexing (TDM) is used to give each conversation a share of the connection in turn. TDM assures
that a fixed capacity connection is made available to the subscriber.

If the circuit carries computer data, the usage of this fixed capacity may not be efficient. For example, if the
circuit is used to access the Internet, there will be a burst of activity on the circuit while a web page is
transferred. This could be followed by no activity while the user reads the page and then another burst of
activity while the next page is transferred. This variation in usage between none and maximum is typical of
computer network traffic. Because the subscriber has sole use of the fixed capacity allocation, switched circuits
are generally an expensive way of moving data.

An alternative is to allocate the capacity to the traffic only when it is needed, and share the available capacity
between many users. With a circuit-switched connection, the data bits put on the circuit are automatically
delivered to the far end because the circuit is already established. If the circuit is to be shared, there must be
some mechanism to label the bits so that the system knows where to deliver them. It is difficult to label
individual bits, therefore they are gathered into groups called cells, frames, or packets. The packet passes from
exchange to exchange for delivery through the provider network. Networks that implement this system are
called packet-switched networks. -2-

869
Only for individual use – not for distribute on Internet

The links that connect the switches in the provider network belong to an individual subscriber during data
transfer, therefore many subscribers can share the link. Costs can be significantly lower than a dedicated
circuit-switched connection. Data on packet-switched networks are subject to unpredictable delays when
individual packets wait for other subscriber packets to be transmitted by a switch.

The switches in a packet-switched network determine, from addressing information in each packet, which link
the packet must be sent on next. There are two approaches to this link determination, connectionless or
connection-oriented. Connectionless systems, such as the Internet, carry full addressing information in each
packet. Each switch must evaluate the address to determine where to send the packet. Connection-oriented
systems predetermine the route for a packet, and each packet need only carry an identifier. In the case of Frame
Relay, these are called Data Link Control Identifiers (DLCI). The switch determines the onward route by
looking up the identifier in tables held in memory. The set of entries in the tables identifies a particular route or
circuit through the system. If this circuit is only physically in existence while a packet is traveling through it, it
is called a Virtual Circuit (VC).

The table entries that constitute a VC can be established by sending a connection request through the network.
In this case the resulting circuit is called a Switched Virtual Circuit (SVC). Data that is to travel on SVCs must
wait until the table entries have been set up. Once established, the SVC may be in operation for hours, days or
weeks. Where a circuit is required to be always available, a Permanent Virtual Circuit (PVC) will be
established. Table entries are loaded by the switches at boot time so the PVC is always available.

870
Only for individual use – not for distribute on Internet
33.1.6 WAN link options

Figure -1- provides an overview of WAN link options.

Circuit switching establishes a dedicated physical connection for voice or data between a sender and receiver.
Before communication can start, it is necessary to establish the connection by setting the switches. This is done
by the telephone system, using the dialed number. ISDN is used on digital lines as well as on voice-grade lines.

To avoid the delays associated with setting up a connection, telephone service providers also offer permanent
circuits. These dedicated or leased lines offer higher bandwidth than is available with a switched circuit.

Examples of circuit-switched connections include:

 Plain Old Telephone System (POTS)


 ISDN Basic Rate Interface (BRI)
 ISDN Primary Rate Interface (PRI)

Many WAN users do not make efficient use of the fixed bandwidth that is available with dedicated, switched,
or permanent circuits, because the data flow fluctuates. Communications providers have data networks
available to more appropriately service these users. In these networks, the data is transmitted in labeled cells,
frames, or packets through a packet-switched network. Because the internal links between the switches are
shared between many users, the costs of packet switching are lower than those of circuit switching. Delays
(latency) and variability of delay (jitter) are greater in packet-switched than in circuit-switched networks. This
is because the links are shared and packets must be entirely received at one switch before moving to the next.
Despite the latency and jitter inherent in shared networks, modern technology allows satisfactory transport of
voice and even video communications on these networks.

Packet-switched networks may establish routes through the switches for particular end-to-end connections.
Routes established when the switches are started are PVCs. Routes established on demand are SVCs. If the
routing is not pre-established and is worked out by each switch for each packet, the network is called
connectionless.

871
Only for individual use – not for distribute on Internet
To connect to a packet-switched network, a subscriber needs a local loop to the nearest location where the
provider makes the service available. This is called the point-of-presence (POP) of the service. Normally this
will be a dedicated leased line. This line will be much shorter than a leased line directly connected to the
subscriber locations, and often carries several VCs. -2-
Since it is likely that not all the VCs will require maximum demand simultaneously, the capacity of the leased
line can be smaller than the sum of the individual VCs. Examples of packet or cell switched connections
include:

 Frame Relay
 X.25
 ATM

33.2 WAN Technologies

33.2.1 Analog dialup

When intermittent, low-volume data transfers are needed, modems and analog dialed telephone lines provide
low capacity and dedicated switched connections. -1-

872
Only for individual use – not for distribute on Internet
Traditional telephony uses a copper cable, called the local loop, to connect the telephone handset in the
subscriber premises to the public switched telephone network (PSTN). The signal on the local loop during a
call is a continuously varying electronic signal that is a translation of the subscriber voice.

The local loop is not suitable for direct transport of binary computer data, but a modem can send computer data
through the voice telephone network. The modem modulates the binary data into an analog signal at the source
and demodulates the analog signal at the destination to binary data.

The physical characteristics of the local loop and its connection to the PSTN limit the rate of the signal. The
upper limit is around 33 kbps. The rate can be increased to around 56 kbps if the signal is coming directly
through a digital connection.

For small businesses, this can be adequate for the exchange of sales figures, prices, routine reports, and email.
Using automatic dialup at night or on weekends for large file transfers and data backup can take advantage of
lower off-peak tariffs (line charges). Tariffs are based on the distance between the endpoints, time of day, and
the duration of the call.

The advantages of modem and analog lines are simplicity, availability, and low implementation cost. The
disadvantages are the low data rates and a relatively long connection time. The dedicated circuit provided by
dialup will have little delay or jitter for point-to-point traffic, but voice or video traffic will not operate
adequately at relatively low bit rates.

33.2.2 ISDN

The internal connections, or trunks, of the PSTN have changed from carrying analog frequency-division
multiplexed signals, to time-division multiplexed ( TDM ) digital signals. An obvious next step is to enable the
local loop to carry digital signals that result in higher capacity switched connections.

Integrated Services Digital Network ( ISDN ) turns the local loop into a TDM digital connection. The
connection uses 64 kbps bearer channels (B) for carrying voice or data and a signaling, delta channel (D) for
call set-up and other purposes.

Basic Rate Interface ( BRI ) ISDN is intended for the home and small enterprise and provides two 64 kbps B
channels and a 16 kbps D channel. For larger installations, Primary Rate Interface ( PRI ) ISDN is available.
PRI delivers twenty-three 64 kbps B channels and one 64 kbps D channel in North America, for a total bit rate
of up to 1.544 Mbps. This includes some additional overhead for synchronization. In Europe, Australia, and
other parts of the world, ISDN PRI provides thirty B channels and one D channel for a total bit rate of up to
2.048 Mbps, including synchronization overhead. -1-

In North America PRI corresponds to a T1 connection. The rate of international PRI corresponds to an E1
connection.

873
Only for individual use – not for distribute on Internet
The BRI D channel is underutilized, as it has only two B channels to control. Some providers allow the D
channel to carry data at low bit rates such as X.25 connections at 9.6 kbps.

For small WANs, the BRI ISDN can provide an ideal connection mechanism. BRI has a call setup time that is
less than a second, and its 64 kbps B channel provide greater capacity than an analog modem link. -2-

If greater capacity is required, a second B channel can be activated to provide a total of 128 kbps. Although
inadequate for video, this would permit several simultaneous voice conversations in addition to data traffic.

Another common application of ISDN is to provide additional capacity as needed on a leased line connection.
The leased line is sized to carry average traffic loads while ISDN is added during peak demand periods. ISDN
is also used as a backup in the case of a failure of the leased line. ISDN tariffs are based on a per-B channel
basis and are similar to those of analog voice connections.

With PRI ISDN, multiple B channels can be connected between two end points. This allows for video
conferencing and high bandwidth data connections with no latency or jitter. Multiple connections can become
very expensive over long distances.

33.2.3 Leased line

When permanent dedicated connections are required, leased lines are used with capacities ranging up to 2.5
Gbps. A point-to-point link provides a pre-established WAN communications path from the customer
premises through the provider network to a remote destination. Point-to-point lines are usually leased from a
carrier and are called leased lines. Leased lines are available in different capacities. -1-

874
Only for individual use – not for distribute on Internet
These dedicated circuits are generally priced based on bandwidth required and distance between the two
connected points. Point-to-point links are generally more expensive than shared services such as Frame Relay.
The cost of leased-line solutions can become significant when they are used to connect many sites. There are
times when cost of the leased line is outweighed by the benefits. The dedicated capacity gives no latency or
jitter between the endpoints. Constant availability is essential for some applications such as electronic
commerce.

A router serial port is required for each leased-line connection. A CSU/DSU and the actual circuit from the
service provider are also required.

Leased lines are used extensively for building WANs and give permanent dedicated capacity. -2-

They have been the traditional connection of choice but have a number of disadvantages. WAN traffic is often
variable and leased lines have a fixed capacity. This results in the bandwidth of the line seldom being exactly
what is needed. In addition, each end point would need an interface on the router which would increase
equipment costs. Any changes to the leased line generally require a site visit by the carrier to change capacity.

Leased lines provide direct point-to-point connections between enterprise LANs and connect individual
branches to a packet-switched network. Several connections can be multiplexed over a leased line, resulting in
shorter links and fewer required interfaces.

33.2.4 X.25

In response to the expense of leased lines, telecommunications providers introduced packet-switched networks
using shared lines to reduce costs. The first of these packet-switched networks was standardized as the X.25
group of protocols. X.25 provides a low bit rate shared variable capacity that may be either switched or
permanent. -1-

875
Only for individual use – not for distribute on Internet
X.25 is a network-layer protocol and subscribers are provided with a network address. Virtual circuits can be
established through the network with call request packets to the target address. The resulting SVC is identified
by a channel number. Data packets labeled with the channel number are delivered to the corresponding
address. Multiple channels can be active on a single connection.

Subscribers connect to the X.25 network with either leased lines or dialup connections. X.25 networks can also
have pre-established channels between subscribers that provide a PVC.

X.25 can be very cost effective because tariffs are based on the amount of data delivered rather than connection
time or distance. Data can be delivered at any rate up to the connection capacity. This provides some
flexibility. X.25 networks are usually low capacity, with a maximum of 48 kbps. In addition, the data packets
are subject to the delays typical of shared networks.

X.25 technology is no longer widely available as a WAN technology in the US. Frame Relay has replaced
X.25 at many service provider locations.

Typical X.25 applications are point-of-sale card readers. These readers use X.25 in dialup mode to validate
transactions on a central computer. Some enterprises also use X.25 based value-added networks (VAN) to
transfer Electronic Data Interchange (EDI) invoices, bills of lading, and other commercial documents. For
these applications, the low bandwidth and high latency are not a concern, because the low cost makes the use
of X.25 affordable.

33.2.5 Frame Relay

With increasing demand for higher bandwidth and lower latency packet switching, communications providers
introduced Frame Relay. Although the network layout appears similar to that for X.25, available data rates are
commonly up to 4 Mbps, with some providers offering even higher rates. -1-

Frame Relay differs from X.25 in several aspects. Most importantly, it is a much simpler protocol that works at
the data link layer rather than the network layer.

Frame Relay implements no error or flow control. The simplified handling of frames leads to reduced latency,
and measures taken to avoid frame build-up at intermediate switches help reduce jitter.

Most Frame Relay connections are PVCs rather than SVCs. The connection to the network edge is often a
leased line but dialup connections are available from some providers using ISDN lines. The ISDN D channel is
used to set up an SVC on one or more B channels. Frame Relay tariffs are based on the capacity of the
connecting port at the network edge. Additional factors are the agreed capacity and committed information rate
(CIR) of the various PVCs through the port.

Frame Relay provides permanent shared medium bandwidth connectivity that carries both voice and data
traffic. Frame Relay is ideal for connecting enterprise LANs. The router on the LAN needs only a single
interface, even when multiple VCs are used. The short-leased line to the Frame Relay network edge allows
cost-effective connections between widely scattered LANs
876
Only for individual use – not for distribute on Internet
33.2.6 ATM Asynchronous Transfer Mode

Communications providers saw a need for a permanent shared network technology that offered very low
latency and jitter at much higher bandwidths. Their solution was Asynchronous Transfer Mode ( ATM ).
ATM has data rates beyond 155 Mbps. As with the other shared technologies, such as X.25 and Frame Relay,
diagrams for ATM WANs look the same. -1-

ATM is a technology that is capable of transferring voice, video, and data through private and public networks.
It is built on a cell-based architecture rather than on a frame-based architecture. ATM cells are always a fixed
length of 53 bytes. The 53 byte ATM cell contains a 5 byte ATM header followed by 48 bytes of ATM
payload. Small, fixed-length cells are well suited for carrying voice and video traffic because this traffic is
intolerant of delay. Video and voice traffic do not have to wait for a larger data packet to be transmitted.

The 53 byte ATM cell is less efficient than the bigger frames and packets of Frame Relay and X.25.
Furthermore, the ATM cell has at least 5 bytes of overhead for each 48-byte payload. When the cell is carrying
segmented network layer packets, the overhead will be higher because the ATM switch must be able to
reassemble the packets at the destination. A typical ATM line needs almost 20% greater bandwidth than Frame
Relay to carry the same volume of network layer data.

ATM offers both PVCs and SVCs, although PVCs are more common with WANs.

As with other shared technologies, ATM allows multiple virtual circuits on a single leased line connection to
the network edge.

33.2.7 DSL Digital Subscriber Line

Digital Subscriber Line (DSL) technology is a broadband technology that uses existing twisted-pair telephone
lines to transport high-bandwidth data to service subscribers. DSL service is considered broadband, as opposed
to the baseband service for typical LANs. Broadband refers to a technique which uses multiple frequencies
within the same physical medium to transmit data. The term xDSL covers a number of similar yet competing
forms of DSL technologies: -1-

 Asymmetric DSL ( ADSL )


 Symmetric DSL ( SDSL )
 High Bit Rate DSL ( HDSL )
 ISDN (like) DSL ( IDSL )
 Consumer DSL ( CDSL ), also called DSL-lite or G.lite

877
Only for individual use – not for distribute on Internet

DSL technology allows the service provider to offer high-speed network services to customers, utilizing
installed local loop copper lines. DSL technology allows the local loop line to be used for normal telephone
voice connection and an always-on connection for instant network connectivity. Multiple DSL subscriber lines
are multiplexed into a single, high capacity link by the use of a DSL Access Multiplexer (DSLAM) at the
provider location. DSLAMs incorporate TDM technology to aggregate many subscriber lines into a less
cumbersome single medium, generally a T3/DS3 connection. Current DSL technologies are using
sophisticated coding and modulation techniques to achieve data rates up to 8.192 Mbps.

The voice channel of a standard consumer telephone covers the frequency range of 330 Hz to 3.3 KHz. A
frequency range, or window, of 4 KHz is regarded as the requirements for any voice transmission on the local
loop. DSL technologies place upload (upstream) and download (downstream) data transmissions at frequencies
above this 4 KHz window. This technique is what allows both voice and data transmissions to occur
simultaneously on a DSL service. -2-

The two basic types of DSL technologies are asymmetric (ADSL) and symmetric (SDSL). All forms of DSL
service are categorized as ADSL or SDSL and there are several varieties of each type. Asymmetric service
provides higher download or downstream bandwidth to the user than upload bandwidth. Symmetric service
provides the same capacity in both directions.

Not all DSL technologies allow the use of a telephone. SDSL is called dry copper because it does not have a
ring tone and does not offer telephone service on the same line. Therefore a separate line is required for the
SDSL service.

The different varieties of DSL provide different bandwidths, with capabilities exceeding those of a T1 or E1
leased line. The transfer rates are dependent on the actual length of the local loop and the type and condition of
its cabling. For satisfactory service, the loop must be less than 5.5 kilometers (3.5 miles). DSL availability is
far from universal, and there are a wide variety of types, standards, and emerging standards. It is not a popular
choice for enterprise computer departments to support home workers. Generally, a subscriber cannot choose to
878
Only for individual use – not for distribute on Internet
connect to the enterprise network directly, but must first connect to an Internet service provider (ISP). From
here, an IP connection is made through the Internet to the enterprise. Thus, security risks are incurred. To
address security concerns, DSL services provide capabilities for using Virtual Private Network (VPN)
connections to a VPN server, which is typically located at the corporate site.

33.2.8 Cable modem

Coaxial cable is widely used in urban areas to distribute television signals. -1-
Network access is available from some cable television networks. This allows for greater bandwidth than the
conventional telephone local loop.

Enhanced cable modems enable two-way, high-speed data transmissions using the same coaxial lines that
transmit cable television. Some cable service providers are promising data speeds up to 6.5 times that of T1
leased lines. This speed makes cable an attractive medium for transferring large amounts of digital information
quickly, including video clips, audio files, and large amounts of data. Information that would take two minutes
to download using ISDN BRI can be downloaded in two ( 2 ) seconds through a cable modem connection.

Cable modems provide an always-on connection and a simple installation. An always-on cable connection
means that connected computers are vulnerable to a security breach at all times and need to be suitably secured
with firewalls. To address security concerns, cable modem services provide capabilities for using Virtual
Private Network ( VPN ) connections to a VPN server, which is typically located at the corporate site.

A cable modem is capable of delivering up to 30 to 40 Mbps of data on one 6 MHz cable channel. This is
almost 500 times faster than a 56 Kbps modem.

879
Only for individual use – not for distribute on Internet
With a cable modem, a subscriber can continue to receive cable television service while simultaneously
receiving data to a personal computer. This is accomplished with the help of a simple one-to-two splitter. -2-

Cable modem subscribers must use the ISP associated with the service provider. All the local subscribers share
the same cable bandwidth. As more users join the service, available bandwidth may be below the expected
rate. -3, -4-, -5-

880
Only for individual use – not for distribute on Internet

33.3 WAN Design

33.3.1 WAN communication

WANS are considered to be a set of data links connecting routers on LANs. User end stations and servers on
LANs exchange data. Routers pass data between networks across the data links.

Because of cost and legal reasons, a communications provider or a common carrier normally owns the data
links that make up a WAN. The links are made available to subscribers for a fee and are used to interconnect
LANs or connect to remote networks. WAN data transfer speed (bandwidth) is considerably slower than the
100 Mbps that is common on a LAN. The charges for link provision are the major cost element of a WAN and
the design must aim to provide maximum bandwidth at acceptable cost. With user pressure to provide more
service access at higher speeds and management pressure to contain cost, determining the optimal WAN
configuration is not an easy task.
881
Only for individual use – not for distribute on Internet
WANs carry a variety of traffic types such as data, voice, and video. The design selected must provide
adequate capacity and transit times to meet the requirements of the enterprise. Among other specifications, the
design must consider the topology of the connections between the various sites, the nature of those
connections, and bandwidth capacity.

Older WANs often consisted of data links directly connecting remote mainframe computers. -1-

Today‘s WANs, though, connect geographically separated LANs. -2-

End-user stations, servers, and routers communicate across LANs, and the WAN data links terminate at local
routers. By exchanging Layer 3 address information about directly connected LANs, routers determine the
most appropriate path through the network for the required data streams. Routers can also provide quality of
service (QoS) management, which allots priorities to the different traffic streams.

882
Only for individual use – not for distribute on Internet
Because the WAN is merely a set of interconnections between LAN based routers, there are no services on the
WAN. WAN technologies function at the lower three layers of the OSI reference model. -3-

Routers determine the destination of the data from the network layer headers and transfer the packets to the
appropriate data link connection for delivery on the physical connection.

33.3.2 Steps in WAN design

Designing a WAN can be a challenging task, but approaching the design in a systematic manner can lead to
superior performance at a reduced cost. Many WANs have evolved over time, therefore many of the guidelines
discussed here may not have been considered. Every time a modification to an existing WAN is considered, the
steps in this module should be followed. WAN modifications may arise from changes such as an expansion in
the enterprise the WAN serves, or accommodation of new work practices and business methods.

Enterprises install WAN connectivity because there is a need to move data in a timely manner between
external branches. The WAN is there to support the enterprise requirements. Meeting these requirements incurs
costs, such as equipment provisioning and management of the data links.

In designing the WAN, it is necessary to know what data traffic must be carried, its origin, and its destination.
WANs carry a variety of traffic types with varying requirements for bandwidth, latency, and jitter. -1-

883
Only for individual use – not for distribute on Internet
For each pair of end points and for each traffic type, information is needed on the various traffic
characteristics. -2-

Determining this may involve extensive studies of and consultation with the network users. The design often
involves upgrading, extending, or modifying an existing WAN. Much of the data needed can come from
existing network management statistics.

Knowing the various end points allows the selection of a topology or layout for the WAN. The topology will
be influenced by geographic considerations but also by requirements such as availability. A high requirement
for availability will require extra links that provide alternative data paths for redundancy and load balancing.

With the end points and the links chosen, the necessary bandwidth can be estimated. Traffic on the links may
have varying requirements for latency and jitter. With the bandwidth availability already determined, suitable
link technologies must be selected.

Finally, installation and operational costs for the WAN can be determined and compared with the business
need driving the WAN provision.

In practice, following the steps shown in Figure -3- is seldom a linear process. Several modifications may be
necessary before a design is finalized. Continued monitoring and re-evaluation are also required after
installation of the WAN to maintain optimal performance.

884
Only for individual use – not for distribute on Internet
33.3.3 How to identify and select networking capabilities

Designing a WAN essentially consists of the following:

 Selecting an interconnection pattern or layout for the links between the various locations
 Selecting the technologies for those links to meet the enterprise requirements at an acceptable cost

Many WANs use a star topology. As the enterprise grows and new branches are added, the branches are
connected back to the head office, producing a traditional star topology. -1-

Star end-points are sometimes cross-connected, creating a mesh or partial mesh topology. -2-, -3-

885
Only for individual use – not for distribute on Internet
This provides for many possible combinations for interconnections. When designing, re-evaluating, or
modifying a WAN, a topology that meets the design requirements must be selected.

In selecting a layout, there are several factors to consider. More links will increase the cost of the network
services, and having multiple paths between destinations increases reliability. Adding more network devices to
the data path will increase latency and decrease reliability. Generally, each packet must be completely received
at one node before it can be passed to the next. A range of dedicated technologies with different features is
available for the data links. -4-

Technologies that require the establishment of a connection before data can be transmitted, such as basic
telephone, ISDN, or X.25, are not suitable for WANs that require rapid response time or low latency. Once
established, ISDN and other dialup services are low latency, low jitter circuits. ISDN is often the application of
choice for connecting a small office or home office (SOHO) network to the enterprise network, providing
reliable connectivity and adaptable bandwidth. Unlike cable and DSL, ISDN is an option wherever modern
telephone service is available. ISDN is also useful as a backup link for primary connections and for providing
bandwidth-on-demand connections in parallel with a primary connection. A feature of these technologies is
that the enterprise is only charged a fee when the circuit is in use.

The different parts of the enterprise may be directly connected with leased lines, or they may be connected
with an access link to the nearest point-of-presence (POP) of a shared network. X.25, Frame Relay, and ATM
are examples of shared networks. Leased lines will generally be much longer and therefore more expensive
than access links, but are available at virtually any bandwidth. They provide very low latency and jitter.

ATM, Frame Relay, and X.25 networks carry traffic from several customers over the same internal links. The
enterprise has no control over the number of links or hops that data must traverse in the shared network. It
cannot control the time data must wait at each node before moving to the next link. This uncertainty in latency
and jitter makes these technologies unsuitable for some types of network traffic. However, the disadvantages of
a shared network may often be outweighed by the reduced cost. Because several customers are sharing the link,
the cost to each will generally be less than the cost of a direct link of the same capacity.

Although ATM is a shared network, it has been designed to produce minimal latency and jitter through the use
of high-speed internal links sending easily manageable units of data, called cells. ATM cells have a fixed
length of 53 bytes, 48 for data and 5 for the header. ATM is widely used for carrying delay-sensitive traffic.
Frame Relay may also be used for delay-sensitive traffic, often using QoS mechanisms to give priority to the
more sensitive data.

A typical WAN uses a combination of technologies that are usually chosen based on traffic type and volume.
ISDN, DSL, Frame Relay, or leased lines are used to connect individual branches into an area. Frame Relay,
ATM, or leased lines are used to connect external areas back to the backbone. ATM or leased lines form the
WAN backbone.

886
Only for individual use – not for distribute on Internet
33.3.4 Three-layer design model

A systematic approach is needed when many locations must be joined. A hierarchical solution with three layers
offers many advantages. -1-

Imagine an enterprise that is operational in every country of the European Union and has a branch in every
town with a population over 10,000. Each branch has a LAN, and it has been decided to interconnect the
branches. A mesh network is clearly not feasible because nearly 500,000 links would be needed for the 900
centers. A simple star will be very difficult to implement because it needs a router with 900 interfaces at the
hub or a single interface that carries 900 virtual circuits to a packet-switched network.

Instead, consider a hierarchical design model. A group of LANs in an area are interconnected, several areas are
interconnected to form a region, and the various regions are interconnected to form the core of the WAN.

The area could be based on the number of locations to be connected with an upper limit of between 30 and 50.

887
Only for individual use – not for distribute on Internet
The area would have a star topology, -2-

with the hubs of the stars linked to form the region. -3-, -4-

Regions could be geographic, connecting between three and ten areas, and the hub of each region could be
linked point-to-point. -5-
888
Only for individual use – not for distribute on Internet

This three-layer model follows the hierarchical design used in telephone systems. The links connecting the
various sites in an area that provide access to the enterprise network are called the access links or access layer
of the WAN. Traffic between areas is distributed by the distribution links, and is moved onto the core links for
transfer to other regions, when necessary.

This hierarchy is often useful when the network traffic mirrors the enterprise branch structure and is divided
into regions, areas, and branches. It is also useful when there is a central service to which all branches must
have access, but traffic levels are insufficient to justify direct connection of a branch to the service.

The LAN at the center of the area may have servers providing area-based as well as local service. Depending
on the traffic volumes and types, the access connections may be dial up, leased, or Frame Relay. Frame Relay
facilitates some meshing for redundancy without requiring additional physical connections. Distribution links
could be Frame Relay or ATM, and the network core could be ATM or leased line.

33.3.5 Other layered design models

Many networks do not require the complexity of a full three-layer hierarchy. -1- Simpler hierarchies may be
used. -2-

889
Only for individual use – not for distribute on Internet

An enterprise with several relatively small branches that require minimal inter-branch traffic may choose a
one-layer design. Historically this has not been popular because of the length of the leased lines. Frame Relay,
where charges are not distance related, is now making this a feasible design solution.

If there is a need for some geographical concentration, a two-level design is appropriate. This produces a "star
of stars" pattern. Again, the pattern chosen based on leased line technology will be considerably different from
the pattern based on Frame Relay technology.

When planning simpler networks, the three-layer model should still be considered as it may provide for better
network scalability. The hub at the center of a two-layer model is also a core, but with no other core routers
connected to it. Likewise, in a single-layer solution the area hub serves as the regional hub and the core hub.
This allows easy and rapid future growth as the basic design can be replicated to add new service areas.

33.3.6 Other WAN design considerations

Many enterprise WANs will have connections to the Internet. This poses security problems but also provides
an alternative for inter-branch traffic.

Part of the traffic that must be considered during design is going to or coming from the Internet. Since the
Internet probably exists everywhere that the enterprise has LANs, there are two principal ways that this traffic
can be carried. Each LAN can have a connection to its local ISP, or there can be a single connection from one
of the core routers to an ISP. The advantage of the first method is that traffic is carried on the Internet rather
than on the enterprise network, possibly leading to smaller WAN links. The disadvantage of permitting
multiple links, is that the whole enterprise WAN is open to Internet-based attacks. It is also difficult to monitor
and secure the many connection points. A single connection point is more easily monitored and secured, even
though the enterprise WAN will be carrying some traffic that would otherwise have been carried on the
Internet.

If each LAN in the enterprise has a separate Internet connection, a further possibility is opened for the
enterprise WAN. Where traffic volumes are relatively small, the Internet can be used as the enterprise WAN
with all inter-branch traffic traversing the Internet. -1-
Securing the various LANs will be an issue, but the saving in WAN connections may pay for the security.

Servers should be placed closest to the locations that will access them most often. Replication of servers, with
arrangement for off-peak inter-server updates, will reduce the required link capacity. Location of Internet-
accessible services will depend on the nature of the service, anticipated traffic, and security issues. This is a
specialized design topic beyond the scope of this curriculum.
890
Only for individual use – not for distribute on Internet

33.3.7 Summary

An understanding of the following key points should have been achieved:

 Differences in the geographic areas served between WANs and LANs


 Similarities in the OSI model layers involved between WANs and LANs
 Familiarity with WAN terminology describing equipment, such as CPE, CO, local loop, DTE, DCE,
CSU/DSU, and TA
 Familiarity with WAN terminology describing services and standards, such as ISDN, Frame Relay,
ATM, T1, HDLC, PPP, POST, BRI, PRI, X.25, and DSL
 Differences between packet-switched and circuit-switched networks
 Differences and similarities between current WAN technologies, including analog dialup, ISDN, leased
line, X.25, Frame Relay, and ATM services
 Advantages and drawbacks of DSL and cable modem services
 Ownership and cost associated with WAN data links
 Capacity requirements and transit times for various WAN traffic types, such as voice, data, and video
 Familiarity with WAN topologies, such as point-to-point, star, and meshed
 Elements of WAN design, including upgrading, extending, modifying an existing WAN, and
recommending a WAN service to an organization based on its needs
 Advantages offered with a three-layer hierarchical WAN design
 Alternatives for interbranch WAN traffic

891
Only for individual use – not for distribute on Internet
34 MODULE 3

Module Overview

This module presents an overview of WAN technologies. It introduces and explains WAN terminologies such
as serial transmission, time division multiplexing (TDM), demarcation, data terminal equipment (DTE) and
data communications equipment (DCE). The development and use of high-level data link control (HDLC)
encapsulation as well as methods to configure and troubleshoot a serial interface are presented.

Point-to-Point Protocol ( PPP ) is the protocol of choice to implement over a serial WAN switched
connection. It can handle both synchronous and asynchronous communication and includes error detection.
Most importantly it incorporates an authentication process using either CHAP or PAP. PPP can be used on
various physical media, including twisted pair, fiber optic lines, and satellite transmission.

The configuration procedures for PPP, as well as available options and troubleshooting concepts, are described
in this module.

Students completing this module should be able to:

 Explain serial communication


 Describe and give an example of TDM
 Identify the demarcation point in a WAN
 Describe the functions of the DTE and DCE
 Discuss the development of HDLC encapsulation
 Use the encapsulation hdlc command to configure HDLC
 Troubleshoot a serial interface using the show interface and show controllers commands
 Identify the advantages of using PPP
 Explain the functions of the Link Control Protocol (LCP) and the Network Control Protocol (NCP)
components of PPP
 Describe the parts of a PPP frame
 Identify the three phases of a PPP session
 Explain the difference between PAP and CHAP
 List the steps in the PPP authentication process
 Identify the various PPP configuration options
 Configure PPP encapsulation
 Configure CHAP and PAP authentication
 Use show interface to verify the serial encapsulation
 Troubleshoot any problems with the PPP configuration using debug PPP

892
Only for individual use – not for distribute on Internet
34.1 PPP

34.1.1 Introduction to serial communication

WAN technologies are based on serial transmission at the physical layer. This means that the bits of a frame
are transmitted one at a time over the physical medium.

The bits that make up the Layer 2 frame are signaled one at a time by physical layer processes onto the
physical medium. -1-
The signaling methods include Nonreturn to Zero Level ( NRZ-L ), High Density Binary 3 ( HDB3 ), and
Alternative Mark Inversion ( AMI ). These are examples of physical layer encoding standards, similar to
Manchester encoding for Ethernet. Among other things, these signaling methods differentiate between one
serial communication method and another.

Some of the many different serial communications standards are as follows:

 RS-232-E
 V.35
 High Speed Serial Interface ( HSSI )

34.1.2 Time-division multiplexing TDM

Time-division multiplexing ( TDM ) is the transmission of several sources of information using one common
channel, or signal, and then the reconstruction of the original streams at the remote end.

In the example shown in Figure -1-, there are three sources of information carried in turn down the output
channel. First, a chunk of information is taken from each input channel. The size of this chunk may vary, but
typically it is either a bit or a byte at a time. Depending on whether bits or bytes are used, this type of TDM is
called bit-interleaving or byte-interleaving.

893
Only for individual use – not for distribute on Internet
Each of the three input channels has its own capacity. For the output channel to be able to accommodate all the
information from the three inputs, the capacity of the output channel must be no less than the sum of the inputs.

In TDM, the output timeslot is always present whether or not the TDM input has any information to transmit.
TDM output can be compared to a train with 32 railroad cars. Each is owned by a different freight company
and every day the train leaves with the 32 cars attached. If one of the companies has product to send, the car is
loaded. If the company has nothing to send, the car remains empty, but it is still part of the train.

TDM is a physical layer concept, it has no regard for the nature of the information that is being multiplexed
onto the output channel. TDM is independent of the Layer 2 protocol that has been used by the input channels.

One TDM example is Integrated Services Digital Network (ISDN). ISDN basic rate (BRI) has three channels
consisting of two 64 kbps B-channels (B1 and B2), and a 16 kbps D-channel. The TDM has nine timeslots,
which are repeated. -2-

34.1.3 Demarcation point

The demarcation point, or "demarc" as it is commonly known, is the point in the network where the
responsibility of the service provider or "telco" ends. In the United States, a telco provides the local loop into
the customer premises and the customer provides the active equipment such as the channel service unit/data
service unit ( CSU/DSU ) on which the local loop is terminated. This termination often occurs in a
telecommunications closet and the customer is responsible for maintaining, replacing, or repairing the
equipment.

In other countries around the world, the network terminating unit ( NTU ) is provided and managed by the
telco. This allows the telco to actively manage and troubleshoot the local loop with the demarcation point
occurring after the NTU. The customer connects a customer premises equipment (CPE ) device, such as a
router or frame relay access device, into the NTU using a V.35 or RS-232 serial interface. -1-

894
Only for individual use – not for distribute on Internet
34.1.4 DTE/DCE

A serial connection has a data terminal equipment (DTE) device at one end of the connection and a data
communications equipment ( DCE ) device at the other end. The connection between the two DCEs is the
WAN service provider transmission network. The CPE, which is generally a router, is the DTE. Other DTE
examples could be a terminal, computer, printer, or fax machine. The DCE, commonly a modem or CSU/DSU,
is the device used to convert the user data from the DTE into a form acceptable to the WAN service provider
transmission link. This signal is received at the remote DCE, which decodes the signal back into a sequence of
bits. This sequence is then signaled to the remote DTE. -1-

Many standards have been developed to allow DTEs to communicate with DCEs. The Electronics Industry
Association ( EIA ) and the International Telecommunication Union Telecommunications Standardization
Sector ( ITU-T ) have been most active in the development of these standards. The ITU-T refers to the DCE as
data circuit-terminating equipment. The EIA refers to the DCE as data communication equipment.

The DTE/DCE interface for a particular standard defines the following specifications:

 Mechanical/physical - Number of pins and connector type


 Electrical - Defines voltage levels for 0 and 1
 Functional - Specifies the functions that are performed by assigning meanings to each of the signaling
lines in the interface
 Procedural - Specifies the sequence of events for transmitting data

If two DTEs must be connected together, like two computers or two routers in the lab, a special cable called a
null-modem is necessary to eliminate the need for a DCE. For synchronous connections, where a clock signal
is needed, either an external device or one of the DTEs must generate the clock signal.

The synchronous serial port on a router is configured as DTE or DCE depending on the attached cable, which
is ordered as either DTE or DCE to match the router configuration. If the port is configured as DTE, which is
the default setting, external clocking is required from the CSU/DSU or other DCE device.

The cable for the DTE to DCE connection is a shielded serial transition cable. The router end of the shielded
serial transition cable may be a DB-60 connector, which connects to the DB-60 port on a serial WAN interface
card. The other end of the serial transition cable is available with the connector appropriate for the standard
that is to be used. The WAN provider or the CSU/DSU usually dictates this cable type. Cisco devices support
the EIA/TIA-232, EIA/TIA-449, V.35, X.21, and EIA/TIA-530 serial standards. -2-

895
Only for individual use – not for distribute on Internet

To support higher densities in a smaller form factor, Cisco has introduced a Smart Serial cable. The router
interface end of the Smart Serial cable is a 26-pin connector significantly more compact than the DB-60
connector.

34.1.5 HDLC encapsulation

Initially, serial communications were based on character-oriented protocols. Bit-oriented protocols were more
efficient but they were also proprietary. In 1979, the ISO agreed on HDLC as a standard bit-oriented data link
layer protocol that encapsulates data on synchronous serial data links. This standardization led to other
committees adopting it and extending the protocol. Since 1981, ITU-T has developed a series of HDLC
derivative protocols. The following examples of derivative protocols are called link access protocols:

 Link Access Procedure, Balanced (LAPB) for X.25


 Link Access Procedure on the D channel (LAPD) for ISDN
 Link Access Procedure for Modems (LAPM) and PPP for modems
 Link Access Procedure for Frame Relay (LAPF) for Frame Relay

HDLC uses synchronous serial transmission providing error-free communication between two points. HDLC
defines a Layer 2 framing structure that allows for flow control and error control using acknowledgments and a
windowing scheme. Each frame has the same format, whether it is a data frame or a control frame.

Standard HDLC does not inherently support multiple protocols on a single link, as it does not have a way to
indicate which protocol is being carried. Cisco offers a proprietary version of HDLC. The Cisco HDLC frame
uses a proprietary 'type' field that acts as a protocol field. This field enables multiple network layer protocols to
share the same serial link. HDLC is the default Layer 2 protocol for Cisco router serial interfaces. -1-

896
Only for individual use – not for distribute on Internet

HDLC defines the following three types of frames, each with a different control field format:

 Information frames ( I-frames ) - Carry the data to be transmitted for the station. There is additional
flow and error control, and data may be piggybacked on an information frame.
 Supervisory frames ( S-frames ) - Provide request/response mechanisms when piggybacking is not
used.
 Unnumbered frames ( U-frames ) - Provide supplemental link control functions, such as connection
setup. The code field identifies the U-frame type.

The first one or two bits of the control field serve to identify the frame type. In the control field of an
Information ( I ) frame, the send-sequence number refers to the number of the frame to be sent next. The
receive-sequence number provides the number of the frame to be received next. Both sender and receiver
maintain send and receive sequence numbers.

34.1.6 Configuring HDLC encapsulation

The default encapsulation method used by Cisco devices on synchronous serial lines is Cisco HDLC. If the
serial interface is configured with another encapsulation protocol, and the encapsulation must be changed back
to HDLC, enter the interface configuration mode of the serial interface. Then enter the encapsulation hdlc
command to specify the encapsulation protocol on the interface.

Cisco HDLC is a point-to-point protocol that can be used on leased lines between two Cisco devices. When
communicating with a non-Cisco device, synchronous PPP is a more viable option.

897
Only for individual use – not for distribute on Internet
34.1.7 Troubleshooting a serial interface

The output of the show interfaces serial command displays information specific to serial interfaces. When
HDLC is configured, "Encapsulation HDLC" should be reflected in the output. -1-

898
Only for individual use – not for distribute on Internet
When PPP is configured, "Encapsulation PPP" should be seen in the output. -2-

Five ( 5 ) possible problem states can be identified in the interface status line of the show interfaces serial
display: -3-

 Serial x is down, line protocol is down


 Serial x is up, line protocol is down
 Serial x is up, line protocol is up (looped)
 Serial x is up, line protocol is down (disabled)
 Serial x is administratively down, line protocol is down

899
Only for individual use – not for distribute on Internet
Troubleshooting a Serial interface

900
Only for individual use – not for distribute on Internet

901
Only for individual use – not for distribute on Internet
The show controllers command is another important diagnostic tool when troubleshooting serial lines. The
show controllers output indicates the state of the interface channels and whether a cable is attached to the
interface. In Figure -4- , serial interface 0/0 has a V.35 DTE cable attached. The command syntax varies,
depending on platform. For serial interfaces on Cisco 7000 series routers, use the show controllers cbus
command.

If the electrical interface output is shown as UNKNOWN, instead of V.35, EIA/TIA-449, or some other
electrical interface type, an improperly connected cable is the likely problem. A problem with the internal
wiring of the card is also possible. If the electrical interface is unknown, the corresponding display for the
show interfaces serial < X > command will show that the interface and line protocol are down.

CAUTION
Debugging output is assigned high priority in the CPU process and can render the system unusable. For
this reason, debug commands should only be used to troubleshoot specific problems or during
troubleshooting sessions with Cisco technical support staff. It is good practice to use debug commands
during periods of low network traffic and when the fewest users are online. Debugging during these
periods decreases the likelihood that increased debug command processing overhead will affect system
use.

34.2 PPP Authentication

34.2.1 PPP layered architecture

PPP uses a layered architecture. A layered architecture is a logical model, design, or blueprint that aids in
communication between interconnecting layers. The Open System Interconnection (OSI) model is the layered
architecture used in networking. PPP provides a method for encapsulating multi-protocol datagrams over a
point-to-point link, and uses the data link layer for testing the connection.

Therefore PPP is made up of 2 ( two ) sub-protocols: -1-

 Link Control Protocol - Used for establishing the point-to-point link. -2-
 Network Control Protocol - Used for configuring the various network layer protocols. -3-

902
Only for individual use – not for distribute on Internet
PPP can be configured on the following types of physical interfaces:

 Asynchronous serial
 Synchronous serial
 High-Speed Serial Interface (HSSI)
 Integrated Services Digital Network (ISDN)

PPP uses Link Control Protocol (LCP) to negotiate and setup control options on the WAN data link. PPP uses
the Network Control Protocol (NCP) component to encapsulate and negotiate options for multiple network
layer protocols. The LCP sits on top of the physical layer and is used to establish, configure, and test the data-
link connection.

PPP also uses LCP to automatically agree upon encapsulation format options such as:

 Authentication - Authentication options require that the calling side of the link enter information to
help ensure the caller has the network administrator's permission to make the call. Peer routers
exchange authentication messages. Two authentication choices are Password Authentication Protocol
(PAP) and Challenge Handshake Authentication Protocol (CHAP).
 Compression - Compression options increase the effective throughput on PPP connections by reducing
the amount of data in the frame that must travel across the link. The protocol decompresses the frame at
its destination. Two compression protocols available in Cisco routers are Stacker and Predictor.
 Error detection - Error detection mechanisms with PPP enable a process to identify fault conditions.
The Quality and Magic Number options help ensure a reliable, loop-free data link.
 Multilink - Cisco IOS Release 11.1 and later supports multilink PPP. This alternative provides load
balancing over the router interfaces that PPP uses.
 PPP Callback - To further enhance security, Cisco IOS Release 11.1 offers callback over PPP. With
this LCP option, a Cisco router can act as a callback client or as a callback server. The client makes the
initial call, requests that it be called back, and terminates its initial call. The callback router answers the
initial call and makes the return call to the client based on its configuration statements.

LCP will also do the following:

 Handle varying limits on packet size


 Detect common misconfiguration errors
 Terminate the link
 Determine when a link is functioning properly or when it is failing

PPP permits multiple network layer protocols to operate on the same communications link. For every network
layer protocol used, a separate Network Control Protocol (NCP) is provided. For example, Internet Protocol
(IP) uses the IP Control Protocol (IPCP), and Internetwork Packet Exchange (IPX) uses the Novell IPX
Control Protocol (IPXCP). NCPs include functional fields containing standardized codes to indicate the
network layer protocol type that PPP encapsulates.

The fields of a PPP frame are as follows:

 Flag - Indicates the beginning or end of a frame and consists of the binary sequence 01111110.
 Address - Consists of the standard broadcast address, which is the binary sequence 11111111. PPP
does not assign individual station addresses.
 Control - 1 byte that consists of the binary sequence 00000011, which calls for transmission of user
data in an unsequenced frame. A connectionless link service similar to that of Logical Link Control
(LLC) Type 1 is provided.
 Protocol - 2 bytes that identify the protocol encapsulated in the data field of the frame. -4-
 Data - 0 or more bytes that contain the datagram for the protocol specified in the protocol field. The
end of the data field is found by locating the closing flag sequence and allowing 2 bytes for the frame
check sequence (FCS) field. The default maximum length of the data field is 1500 bytes.

903
Only for individual use – not for distribute on Internet
 FCS - Normally 16 bits or 2 bytes that refers to the extra characters added to a frame for error control
purposes.

904
Only for individual use – not for distribute on Internet

34.2.2 Establishing a PPP session

PPP session establishment progresses through three phases. These phases are link establishment,
authentication, and the network layer protocol phase. -1-

LCP frames are used to accomplish the work of each of the LCP phases.
The following three classes of LCP frames are used in a PPP session:

 Link-establishment frames are used to establish and configure a link.


 Link-termination frames are used to terminate a link.
 Link-maintenance frames are used to manage and debug a link.

The three PPP session establishment phases are:

 Link-establishment phase - In this phase each PPP device sends LCP frames to configure and test the
data link. LCP frames contain a configuration option field that allows devices to negotiate the use of
options such as the maximum transmission unit (MTU), compression of certain PPP fields, and the
link-authentication protocol. If a configuration option is not included in an LCP packet, the default
value for that configuration option is assumed. -2-
Before any network layer packets can be exchanged, LCP must first open the connection and negotiate
the configuration parameters. This phase is complete when a configuration acknowledgment frame has
been sent and received.
 Authentication phase (optional) - After the link has been established and the authentication protocol
decided on, the peer may be authenticated. Authentication, if used, takes place before the network layer
protocol phase is entered. As part of this phase, LCP also allows for an optional link-quality
905
Only for individual use – not for distribute on Internet
determination test. The link is tested to determine whether the link quality is good enough to bring up
network layer protocols. -3-, -4-

 Network layer protocol phase - In this phase the PPP devices send NCP packets to choose and
configure one or more network layer protocols, such as IP. -5-
Once each of the chosen network layer protocols has been configured, packets from each network layer
protocol can be sent over the link. If LCP closes the link, it informs the network layer protocols so that
they can take appropriate action. The show interfaces command reveals the LCP and NCP states under
PPP configuration.

The PPP link remains configured for communications until either of the following:

 LCP or NCP frames close the link.


 An inactivity timer expires.
 A user intervenes.

906
Only for individual use – not for distribute on Internet

34.2.3 PPP authentication protocols

The authentication phase of a PPP session is optional. After the link has been established and the
authentication protocol chosen, the peer can be authenticated. If it is used, authentication takes place before the
network layer protocol configuration phase begins.

The authentication options require that the calling side of the link enter authentication information. This helps
to ensure that the user has the permission of the network administrator to make the call. Peer routers exchange
authentication messages.

When configuring PPP authentication, the network administrator can select Password Authentication Protocol
(PAP) or Challenge Handshake Authentication Protocol (CHAP). -1-, -2-

In general, CHAP is the preferred protocol.

907
Only for individual use – not for distribute on Internet

34.2.4 Password Authentication Protocol (PAP)

PAP provides a simple method for a remote node to establish its identity, using a two-way handshake. -1-

After the PPP link establishment phase is complete, a username/password pair is repeatedly sent by the remote
node across the link until authentication is acknowledged or the connection is terminated. -2-

908
Only for individual use – not for distribute on Internet

PAP is not a strong authentication protocol. Passwords are sent across the link in clear text and there is no
protection from playback or repeated trial-and-error attacks. The remote node is in control of the frequency and
timing of the login attempts.

34.2.5 Challenge Handshake Authentication Protocol (CHAP)

CHAP is used at the startup of a link and periodically verifies the identity of the remote node using a three-way
handshake. CHAP is performed upon initial link establishment and is repeated during the time the link is
established.

After the PPP link establishment phase is complete, the local router sends a "challenge" message to the remote
node. -1-

The remote node responds with a value calculated using a one-way hash function, which is typically Message
Digest 5 (MD5). This response is based on the password and challenge message. -2-

909
Only for individual use – not for distribute on Internet
The local router checks the response against its own calculation of the expected hash value. If the values
match, the authentication is acknowledged, otherwise the connection is immediately terminated. -3-

CHAP provides protection against playback attack through the use of a variable challenge value that is unique
and unpredictable. Since the challenge is unique and random, the resulting hash value will also be unique and
random. The use of repeated challenges is intended to limit the time of exposure to any single attack. The local
router or a third-party authentication server is in control of the frequency and timing of the challenges.

34.2.6 PPP encapsulation and authentication process

When the encapsulation ppp command is used, either PAP or CHAP authentication can be optionally added.
If no authentication is specified the PPP session starts immediately.

If authentication is required the process proceeds through the following steps: -1-

 The method of authentication is determined.


 The local database or security server, which has a username and password database, is checked to see if
the given username and password pair matches.
 The process checks the authentication response sent back from the local database. If it is a positive
response, the PPP session is started. If negative, the session is terminated.

The Figure -2-, and corresponding Figure -3- details the CHAP authentication process.

910
Only for individual use – not for distribute on Internet

911
Only for individual use – not for distribute on Internet
34.3 Configuring PPP

34.3.1 Introduction to configuring PPP

Configurable aspects of PPP include methods of authentication, compression, error detection, and whether or
not multilink is supported. The following section describes the different configuration options for PPP.

Cisco routers that use PPP encapsulation may include the LCP configuration options described in Figure -1-.

912
Only for individual use – not for distribute on Internet
34.3.2 Configuring PPP

The following example enables PPP encapsulation on serial interface 0/0:

Router#configure terminal
Router(config)#interface serial 0/0
Router(config-if)#encapsulation ppp

Point-to-point software compression can be configured on serial interfaces that use PPP encapsulation.
Compression is performed in software and might significantly affect system performance. Compression is not
recommended if most of the traffic consists of compressed files.

To configure compression over PPP, enter the following commands:

Router(config)#interface serial 0/0


Router(config-if)#encapsulation ppp
Router(config-if)#compress [predictor | stac]

Enter the following to monitor the data dropped on the link, and avoid frame looping:

Router(config)#interface serial 0/0


Router(config-if)#encapsulation ppp
Router(config-if)#ppp quality percentage

The following commands perform load balancing across multiple links:

Router(config)#interface serial 0/0


Router(config-if)#encapsulation ppp
Router(config-if)#ppp multilink

913
Only for individual use – not for distribute on Internet
34.3.3 Configuring PPP authentication

The procedure outlined in the table describes how to configure PPP encapsulation and PAP/CHAP
authentication protocols. -1-, -2-

Correct configuration is essential, since PAP and CHAP will use these parameters to authenticate.

914
Only for individual use – not for distribute on Internet
Figure -3- is an example of a two-way PAP authentication configuration. Both routers authenticate and are
authenticated, so the PAP authentication commands mirror each other. The PAP username and password that
each router sends must match those specified with the username name password password command of the
other router.

PAP provides a simple method for a remote node to establish its identity using a two-way handshake. This is
done only upon initial link establishment. The hostname on one router must match the username the other
router has configured. The passwords must also match.

CHAP is used to periodically verify the identity of the remote node using a three-way handshake. The
hostname on one router must match the username the other router has configured. The passwords must also
match. This is done upon initial link establishment and can be repeated any time after the link has been
established. -4-

915
Only for individual use – not for distribute on Internet
34.3.4 Verifying the serial PPP encapsulation configuration

Use the show interfaces serial command to verify proper configuration of HDLC or PPP encapsulation. The
command output in Figure -1- illustrates a PPP configuration. When high-level data link control (HDLC) is
configured, "Encapsulation HDLC" should be reflected in the output of the show interfaces serial command.
When PPP is configured, its Link Control Protocol (LCP) and Network Control Protocol (NCP) states can
be checked using the show interfaces serial command.

916
Only for individual use – not for distribute on Internet

Figure -2- lists commands used when enabling, configuring, and verifying PPP.

34.3.5 Troubleshooting the serial encapsulation configuration

The debug ppp authentication command displays the authentication exchange sequence. Figure -1-
illustrates the Left router output during CHAP authentication with the router on the right when debug ppp
authentication is enabled. With two-way authentication configured, each router authenticates the other.
Messages appear for both the authenticating process and the process of being authenticated. Use the debug
ppp authentication command to display the exchange sequence as it occurs.

Figure -2- highlights router output for a two-way PAP authentication.

917
Only for individual use – not for distribute on Internet
The debug ppp command is used to display information about the operation of PPP. The no form of this
command disables debugging output. -3-

Router# debug ppp {authentication | packet | negotiation | error | chap}

Router# no debug ppp {authentication | packet | negotiation | error | chap}

34.3.6 Summary

An understanding of the following key points should have been achieved:

 Time division multiplexing


 The demarcation point in a WAN
 The definition and functions of the DTE and DCE
 The development of HDLC encapsulation
 Using the encapsulation hdlc command to configure HDLC
 Troubleshooting a serial interface using the show interface and show controllers commands
 The advantages of using PPP protocol
 The functions of the Link Control Protocol (LCP) and the Network Control Protocol (NCP)
components of PPP
 The parts of a PPP frame
 The three phases of a PPP session
 The difference between PAP and CHAP
 The steps in the PPP authentication process
 The various options for PPP configuration
 How to configure PPP encapsulation
 How to configure CHAP and PAP authentication
 Using show interface to verify the serial encapsulation
 Troubleshooting problems with the PPP configuration using the debug ppp command

918
Only for individual use – not for distribute on Internet
35 MODULE 4

Module Overview

Integrated Services Digital Network (ISDN) is a network that provides end-to-end digital connectivity to
support a wide range of services including voice and data services.

ISDN allows multiple digital channels to operate simultaneously through the same regular phone wiring used
for analog lines, but ISDN transmits a digital signal rather than analog. Latency is much lower on an ISDN line
than on an analog line.

Dial-on-demand routing (DDR) is a technique developed by Cisco that allows the use of existing telephone
lines to form a wide-area network (WAN), instead of using separate, dedicated lines. Public switched
telephone networks (PSTNs) are involved in this process.

DDR is used when a constant connection is not needed, thus reducing costs. DDR defines the process of a
router connecting using a dialup network when there is traffic to send, and then disconnecting when the
transfer is complete.

Students completing this module should be able to:

 Define the ISDN standards used for addressing, concepts, and signaling
 Describe how ISDN uses the physical and data link layers
 List the interfaces and reference points for ISDN
 Configure the router ISDN interface
 Determine what traffic is allowed when configuring DDR
 Configure static routes for DDR
 Choose the correct encapsulation type for DDR
 Be able to determine and apply an access list affecting DDR traffic
 Configure dialer interfaces

35.1 ISDN Concepts

35.1.1 Introducing ISDN

There are several WAN technologies used to provide network access from remote locations. One of these
technologies is ISDN. ISDN can be used as a solution to the low bandwidth problems that small offices or dial-
in users have with traditional telephone dial-in services.
919
Only for individual use – not for distribute on Internet
The traditional PSTN was based on an analog connection between the customer premises and the local
exchange, also called the local loop. -1-

The analog circuits introduce limitations on the bandwidth that can be obtained on the local loop. Circuit
restrictions do not permit analog bandwidths greater than approximately 3000 Hz. ISDN technology permits
the use of digital data on the local loop, providing better access speeds for the remote users. -2-

Telephone companies developed ISDN with the intention of creating a totally digital network. ISDN allows
digital signals to be transmitted over existing telephone wiring. This became possible when the telephone
company switches were upgraded to handle digital signals. ISDN is generally used for telecommuting and
networking small and remote offices into the corporate LAN.

Telephone companies developed ISDN as part of an effort to standardize subscriber services. This included the
User-Network Interface (UNI), better known as the local loop. The ISDN standards define the hardware and
call setup schemes for end-to-end digital connectivity. These standards help achieve the goal of worldwide
connectivity by ensuring that ISDN networks easily communicate with one another. In an ISDN network, the
digitizing function is done at the user site rather than the telephone company.

ISDN brings digital connectivity to remote sites.


The following list provides some of the benefits of ISDN: -3-

 Carries a variety of user traffic signals, including data, voice, and video
 Offers much faster call setup than modem connections
 B channels provide a faster data transfer rate than modems
920
Only for individual use – not for distribute on Internet
 B channels are suitable for negotiated Point-to-Point Protocol (PPP) links

ISDN is a versatile service able to carry voice, video, and data traffic. It is possible to use multiple channels to
carry different types of traffic over a single connection.

ISDN uses out-of-band signaling, the delta (D channel), for call setup and signaling. To make a normal
telephone call, the user dials the number one digit at a time. Once all the numbers are received, the call can be
placed to the remote user. ISDN delivers the numbers to the switch at D-channel rates, thus reducing the time it
takes to set up the call.

ISDN also provides more bandwidth than a traditional 56 kbps dialup connection. ISDN uses bearer channels,
also called B channels, as clear data paths. Each B channel provides 64 kbps of bandwidth. With multiple B
channels, ISDN offers more bandwidth for WAN connections than some leased services. An ISDN connection
with two B channels would provide a total usable bandwidth of 128 kbps.

Each ISDN B channel can make a separate serial connection to any other site in the ISDN network. Since PPP
operates over both synchronous and asynchronous serial links, ISDN lines can be used in conjunction with PPP
encapsulation.

35.1.2 ISDN standards and access methods

Work on standards for ISDN began in the late 1960s. A comprehensive set of ISDN recommendations was
published in 1984 and is continuously updated by the International Telecommunication Union
Telecommunication Standardization Sector (ITU-T), formerly known as the Consultative Committee for
International Telegraph and Telephone (CCITT). The ISDN standards are a set of protocols that encompass
digital telephony and data communications. The ITU-T groups and organizes the ISDN protocols according to
the following general topic areas: -1-

 E Protocols — Recommend telephone network standards for ISDN. For example, the E.164 protocol
describes international addressing for ISDN.
 I Protocols — Deal with concepts, terminology, and general methods. The I.100 series includes
general ISDN concepts and the structure of other I-series recommendations. I.200 deals with service
aspects of ISDN. I.300 describes network aspects. I.400 describes how the UNI is provided.
 Q Protocols — Cover how switching and signaling should operate. The term signaling in this context
means the process of establishing an ISDN call.

921
Only for individual use – not for distribute on Internet

ISDN standards define two main channel types, each with a different transmission rate. The bearer channel, or
B channel, is defined as a clear digital path of 64 kbps. It is said to be clear because it can be used to transmit
any type of digitized data in full-duplex mode. For example, a digitized voice call can be transmitted on a
single B channel. The second channel type is called a delta channel, or D channel. There can either be 16 kbps
for the Basic Rate Interface ( BRI ) or 64 kbps for the Primary Rate Interface (PRI ). -2-
The D channel is used to carry control information for the B channel.

When a TCP connection is established, there is an exchange of information called the connection setup. This
information is exchanged over the path on which the data will eventually be transmitted. Both the control
information and the data share the same pathway. This is called in-band signaling. ISDN however, uses a
separate channel for control information, the D channel. This is called out-of-band signaling.

ISDN specifies two standard access methods, BRI and PRI. A single BRI or PRI interface provides a
multiplexed bundle of B and D channels.

BRI uses two 64 kbps B channels plus one 16kbps D channel. BRI operates with many Cisco routers. Because
it uses two B channels and one D channel, BRI is sometimes referred to as 2B+D.

The B channels can be used for digitized speech transmission. In this case, specialized methods are used for the
voice encoding. Also, the B channels can be used for relatively high-speed data transport. In this mode, the
922
Only for individual use – not for distribute on Internet
information is carried in frame format, using either high-level data link control (HDLC) or PPP as the Layer 2
protocol. PPP is more robust than HDLC because it provides a mechanism for authentication and negotiation
of compatible link and protocol configuration.

ISDN is considered a circuit-switched connection. The B channel is the elemental circuit-switching unit.

The D channel carries signaling messages, such as call setup and teardown, to control calls on B channels.
Traffic over the D channel employs the Link Access Procedure on the D Channel (LAPD) protocol. LAPD is a
data link layer protocol based on HDLC.

In North America and Japan, PRI offers twenty-three 64 kbps B channels and one 64 kbps D channel. A PRI
offers the same service as a T1 or DS1 connection. In Europe and much of the rest of the world, PRI offers 30
B channels and one D channel in order to offer the same level of service as an E1 circuit. PRI uses a Data
Service Unit/Channel Service Unit (DSU/CSU) for T1/E1 connections.

35.1.3 ISDN 3-layer model and protocols

ISDN utilizes a suite of ITU-T standards spanning the physical, data link, and network layers of the OSI
reference model: -1-

 The ISDN BRI and PRI physical layer specifications are defined in ITU-T I.430 and I.431,
respectively.
 The ISDN data link specification is based on LAPD and is formally specified in the following:
 ITU-T Q.920
 ITU-T Q.921
 ITU-T Q.922
 ITU-T Q.923

 The ISDN network layer is defined in ITU-T Q.930, also known as I.450 and ITU-T Q.931, also known
as I.451. These standards specify user-to-user, circuit-switched, and packet-switched connections.

BRI service is provided over a local copper loop that traditionally carries analog phone service. While there is
only one physical path for a BRI, there are three separate information paths, 2B+D. Information from the three
channels is multiplexed into the one physical path.

ISDN physical layer, or Layer 1, frame formats differ depending on whether the frame is outbound or inbound.
If the frame is outbound, it is sent from the terminal to the network. Outbound frames use the TE frame format.
If the frame is inbound, it is sent from the network to the terminal. Inbound frames use the NT frame format.-2-

923
Only for individual use – not for distribute on Internet

Each ISDN BRI frame contains two 2 sub-frames each containing the following:

 8 bits from the B1 channel


 8 bits from the B2 channel
 2 bits from the D channel
 6 bits of overhead

ISDN BRI frames therefore comprise 48 bits. Four thousand of these frames are transmitted every second.
Each B channel, B1and B2, has a capacity of 8 * 4000 * 2 = 64 kbps, while channel D has a capacity of 2 *
4000 * 2 = 16 kbps. This accounts for 144 kbps (B1 + B2 + D) of the total ISDN BRI physical interface bit rate
of 192 kbps. The remainder of the data rate are the overhead bits that are required for transmission: 6 * 4000 *
2 = 48 kbps.

The overhead bits of an ISDN sub-frame are used as follows:

 Framing bit — Provides synchronization


 Load balancing bit- Adjusts the average bit value
 Echo of previous D channel bits — Used for contention resolution when several terminals on a
passive bus contend for a channel
 Activation bit — Activates devices
 Spare bit — Unassigned

Note that the physical bit rate for the BRI interface is 48*4000 = 192 kbps. The effective rate is 144 kbps = 64
kbps + 64 kbps + 16 kbps (2B+D).

Layer 2 of the ISDN signaling channel is LAPD. LAPD is similar to HDLC. LAPD is used across the D
channel to ensure that control and signaling information is received and flows properly.

The LAPD flag and control fields are identical to those of HDLC.
The LAPD address field is 2 bytes long. -3-
The first address field byte contains the service access point identifier (SAPI), which identifies the portal at
which LAPD services are provided to Layer 3. The command/response bit (C/R), indicates whether the frame
contains a command or a response. The second byte contains the terminal endpoint identifier (TEI). Each piece
of terminal equipment on the customer premises needs a unique identifier. The TEI may be statically assigned
at installation, or the switch may dynamically assign it when the equipment is started up. If the TEI is statically

924
Only for individual use – not for distribute on Internet
assigned during installation, the TEI is a number ranging from 0 to 63. Dynamically assigned TEIs range from
64 to 126. A TEI of 127, or all 1s, indicates a broadcast.

35.1.4 ISDN functions

Several exchanges must occur for one router to connect to another using ISDN. To establish an ISDN call, the
D channel is used between the router and the ISDN switch. Signal System 7 (SS7) signaling is used between
the switches within the service provider network.

The D channel between the router and the ISDN switch is always up. Q.921 describes the ISDN data-link
processes of LAPD, which functions like Layer 2 processes in the OSI reference model. The D channel is used
for call control functions such as call setup, signaling, and termination. These functions are implemented in the
Q.931 protocol. Q.931 specifies OSI reference model Layer 3 functions. The Q.931 standard recommends a
network layer connection between the terminal endpoint and the local ISDN switch, but it does not impose an
end-to-end recommendation. Because some ISDN switches were developed before Q.931 was standardized,
the various ISDN providers and switch types can and do use various implementations of Q.931. Because
switch types are not standard, routers must have commands in their configuration specifying the ISDN switch
to which they are connecting.

The following sequence of events occurs during the establishment of a BRI or PRI call: -1-

1. The D channel is used to send the called number to the local ISDN switch. -2-
2. The local switch uses the SS7 signaling protocol to set up a path and pass the called number to the
remote ISDN switch. -3-
3. The remote ISDN switch signals the destination over the D channel. -4-
4. The destination ISDN NT-1 device sends the remote ISDN switch a call-connect message.
5. The remote ISDN switch uses SS7 to send a call-connect message to the local switch. -5-
6. The local ISDN switch connects one B channel end-to-end, leaving the other B channel available for a
new conversation or data transfer. Both B channels can be used simultaneously. -6-

925
Only for individual use – not for distribute on Internet

926
Only for individual use – not for distribute on Internet

927
Only for individual use – not for distribute on Internet

35.1.5 ISDN reference points

ISDN standards define functional groups as devices or pieces of hardware that enable the user to access the
services of the BRI or PRI. Vendors can create hardware that supports one or more functions. ISDN
specifications define four reference points that connect one ISDN device to another. -1-
Each device in an ISDN network performs a specific task to facilitate end-to-end connectivity. -2-

To connect devices that perform specific functions, the interface between the two devices needs to be well
defined. These interfaces are called reference points. -3-
The reference points that affect the customer side of the ISDN connection are as follows:

 R — References the connection between a non-ISDN compatible device Terminal Equipment type 2
(TE2) and a Terminal Adapter (TA), for example an RS-232 serial interface.
 S — References the points that connect into the customer switching device Network Termination type 2
(NT2) and enables calls between the various types of customer premises equipment.
 T — Electrically identical to the S interface, it references the outbound connection from the NT2 to the
ISDN network or Network Termination type 1 (NT1).
 U — References the connection between the NT1 and the ISDN network owned by the telephone
company.

Because the S and T references are electrically similar, some interfaces are labeled S/T interfaces. Although
they perform different functions, the port is electrically the same and can be used for either function.

928
Only for individual use – not for distribute on Internet

929
Only for individual use – not for distribute on Internet

35.1.6 Determining the router ISDN interface

In North America, the NT1 is part of the Customer Premise Equipment (CPE). This means that the customer
must supply an NT1 device or a device with integrated NT1 functionality. In North America, ISDN routers are
typically equipped with ISDN BRI-U interface cards to provide NT1 functionality. In Europe, the service
provider supplies a separate NT1 device. Therefore, the customer supplies an ISDN capable device to connect
to the NT1, such as a router with an ISDN BRI-ST interface. -1-

To select a Cisco router with the appropriate ISDN interface, do the following:

930
Only for individual use – not for distribute on Internet
1. Determine whether the router supports ISDN BRI. Look on the back of the router for a BRI connector
or a BRI WAN Interface Card (WIC).
2. Determine the provider of the NT1. An NT1 terminates the local loop to the central office (CO) of the
ISDN service provider. In North America, the NT1 is part of the Customer Premise Equipment (CPE).
This means that the customer must supply an NT1 device or a device with integrated NT1 functionality.
In North America, ISDN routers are typically equipped with ISDN BRI-U interface cards to provide
NT1 functionality. In Europe, the service provider supplies a separate NT1 device. Therefore, the
customer supplies an ISDN capable device to connect to the NT1, such as a router with an ISDN BRI-
ST interface.
3. If the NT1 is built into the CPE, the router should have a U interface. If the router has an S/T interface,
then it will need an external NT1 to connect to the ISDN provider. -2-

If the router has a connector labeled BRI then it is already ISDN-enabled. With a native ISDN interface already
built in, the router is a TE1 and will need to connect to an NT1. If the router has a U interface, it also has a
built-in NT1. -3-

If the router does not have a connector labeled BRI, and it is a fixed-configuration, or non-modular router, then
it must use an existing serial interface. With non-native ISDN interfaces such as serial interfaces, an external
TA device must be attached to the serial interface to provide BRI connectivity. If the router is modular it may
be possible to upgrade to a native ISDN interface, providing it has an available slot.

CAUTION
A router with a U interface should never be connected to an NT1 as it will damage the interface.

931
Only for individual use – not for distribute on Internet
35.1.7 ISDN switch types

Routers must be configured to identify the type of switch with which they will communicate. Available ISDN
switch types vary, depending in part on the country in which the switch is being used. As a consequence of
various implementations of Q.931, the D channel signaling protocol used on ISDN switches varies from
vendor to vendor.

Services offered by ISDN carriers vary considerably from country to country or region to region. -1-

Like modems, each switch type operates slightly differently, and has a specific set of call setup requirements.
Before the router can be connected to an ISDN service, it must be configured for the switch type used at the
CO. This information must be specified during router configuration so the router can communicate with the
switch, place ISDN network level calls, and send data. -2-

In addition to knowing the switch type the service provider is using, it may also be necessary to know what
service profile identifiers (SPIDs) are assigned by the telco. A SPID is a number provided by the ISDN carrier
to identify the line configuration of the BRI service. SPIDs allow multiple ISDN devices, such as voice and
data equipment, to share the local loop. SPIDs are required by DMS-100 and National ISDN-1 switches.

SPIDs are used only in North America and Japan. The ISDN carrier provides a SPID to identify the line
configuration of the ISDN service. In many cases when configuring a router, the SPIDs will need to be entered.
932
Only for individual use – not for distribute on Internet
Each SPID points to line setup and configuration information. SPIDs are a series of characters that usually
resemble telephone numbers. SPIDs identify each B channel to the switch at the central office. Once identified,
the switch links the available services to the connection. Remember, ISDN is typically used for dialup
connectivity. The SPIDs are processed when the router initially connects to the ISDN switch. If SPIDs are
necessary, but are not configured correctly, the initialization will fail, and the ISDN services cannot be used.

35.2 ISDN Configuration

35.2.1 Configuring ISDN BRI

The command isdn switch-type switch-type can be configured at the global or interface command mode to
specify the provider ISDN switch. -1-

Configuring the isdn switch-type command in the global configuration mode sets the ISDN switch type
identically for all ISDN interfaces. Individual interfaces may be configured, after the global configuration
command, to reflect an alternate switch type.

When the ISDN service is installed, the service provider will issue information about the switch type and
SPIDs. SPIDs are used to define the services available to individual ISDN subscribers. Depending on the
switch type, these SPIDs may have to be added to the configuration. National ISDN-1 and DMS-100 ISDN
switches require SPIDs to be configured, but the AT&T 5ESS switch does not. SPIDs must be specified when
using the Adtran ISDN simulator.

The format of the SPIDs can vary depending on the ISDN switch type and specific provider requirements. Use
the isdn spid1 and isdn spid2 interface configuration mode commands to specify the SPID required by the
ISDN network when the router initiates a call to the local ISDN exchange. -2-, -3-

933
Only for individual use – not for distribute on Internet

Configuration of ISDN BRI is a mix of global and interface commands. -4-


To configure the ISDN switch type, use the isdn switch-type command in global configuration mode:

Router(config)#isdn switch-type switch-type

The argument switch-type indicates the service provider switch type. To disable the switch on the ISDN
interface, specify isdn switch-type none . The following example configures the National ISDN-1 switch type
in the global configuration mode:

Router(config)#isdn switch-type basic-ni

To define SPIDs use the isdn spid# command in interface configuration mode. This command is used to define
the SPID numbers that have been assigned for the B channels:

Router(config-if)#isdn spid1 spid-number [ldn ]


Router(config-if)#isdn spid2 spid-number [ldn ]

The optional ldn argument defines a local dial directory number. On most switches, the number must match the
called party information coming in from the ISDN switch. SPIDs are specified in interface configuration mode.
To enter interface configuration mode, use the interface bri command in the global configuration mode:

Router(config)#interface bri slot/port


Router(config)#interface bri0/0
Router(config-if)#isdn spid1 51055540000001 5554000
Router(config-if)#isdn spid2 51055540010001 5554001
934
Only for individual use – not for distribute on Internet
Router(config)#no shutdown

35.2.2 Configuring ISDN PRI

ISDN PRI is delivered over a leased T1 or E1 line. The main PRI configuration tasks are as follows: -1-

1. Specify the correct PRI switch type that the router interfaces with at the CO of the ISDN provider.
2. Specify the T1/E1 controller, framing type, and line coding for the facility of the ISDN provider.
3. Set a PRI group timeslot for the T1/E1 facility and indicate the speed used.

Because routers connect to PRI using T1/E1, there is no "interface pri" command. Instead, the physical
interface on the router that connects to the leased line is called a T1 controller, or an E1 controller, if an E1 line
is being used. This controller must be configured properly in order to communicate with the carrier network.
The ISDN PRI D and PRI B channels are configured separately from the controller, using the interface serial
command.

Use the isdn switch-type command to specify the ISDN switch used by the provider to which the PRI
connects. As with BRI, this command can be issued globally or in interface configuration mode. The table
shows the switch types available for ISDN PRI configuration: -2-

935
Only for individual use – not for distribute on Internet

Router(config)#isdn switch-type primary-net5

Configuring a T1 or E1 controller is done in four 4 parts: -3-

1. From global configuration mode, specify the controller and the slot/port in the router where the PRI
card is located:

Router(config)#controller {t1 | e1} {slot/port}

Router(config-controller)#

2. Configure the framing, line coding, and clocking, as dictated by the service provider. The framing
command is used to select the frame type used by the PRI service provider. For T1, use the following
command syntax:

Router(config-controller)#framing {sf | esf}

For E1 lines, use the framing command with the following options:

Router(config-controller)#framing {crc4 | no-crc4} [australia]

Use the linecode command to identify the physical-layer signaling method on the digital facility of the
provider:

Router(config-controller)#linecode {ami | b8zs| hdb3}

In North America, the B8ZS signaling method is used for T1 carrier facilities. It allows a full 64 kbps
for each ISDN channel. In Europe, it is typically HDB3 encoding that is used.

3. Configure the specified interface for PRI operation and the number of fixed timeslots that are allocated
on the digital facility of the provider:

Router(config-controller)#pri-group [timeslots range]

For T1, the range of timeslots used is 1-24. For E1 the range of timeslots used is 1-31.

4. Specify an interface for PRI D-channel operation. The interface is a serial interface to a T1/E1 on the
router:

Router(config)#interface serial{slot/port: | unit:}{23 | 15}

936
Only for individual use – not for distribute on Internet

Within an E1 or T1 facility, the channels start numbering at 1. The numbering ranges from 1 to 31 for E1 and 1
to 24 for T1. Serial interfaces in the Cisco router start numbering at 0. Therefore, channel 16, the E1 signaling
channel, is channel 15 on the interface. Channel 24, the T1 signaling channel, becomes channel 23 on the
interface. Thus, interface serial 0/0:23 refers to the D channel of a T1 PRI.

Subinterfaces, commonly used with Frame Relay, are designated with a dot, or period. For example, serial
0/0.16 is a subinterface. Do not confuse the channels of a T1 or E1 with subinterfaces. Channels use a colon
instead of a dot to indicate the channel number:

 S0/0.23 refers to a subinterface


 S0/0:23 refers to a channel

35.2.3 Verifying ISDN configuration

Several show commands can be used to verify that the ISDN configuration has been implemented correctly. -1

937
Only for individual use – not for distribute on Internet
To confirm BRI operations, use the show isdn status command to inspect the status of the BRI interfaces. This
command can be used after configuring the ISDN BRI to verify that the TE1, or router, is communicating
correctly with the ISDN switch. In the Figure -2- output, the TEIs have been successfully negotiated and ISDN
Layer 3 is ready to make or receive calls.

Verify that Layer 1 Status is ACTIVE, and that the Layer 2 Status state
MULTIPLE_FRAME_ESTABLISHED appears. This command also displays the number of active calls.

The show isdn active command displays current call information, including all of the following:

 Called number
 Time until the call is disconnected
 Advice of charge (AOC)
 Charging units used during the call
 Whether the AOC information is provided during calls or at end of calls

The show dialer command displays information about the dialer interface:

 Current call status


 Dialup timer values
 Dial reason
 Remote device that is connected

The show interface bri0/0 displays statistics for the BRI interface configured on the router. Channel specific
information is displayed by putting the channel number at the end of the command. In this case, the show
interface bri0/0:1 command shows the following:

 The B channel is using PPP encapsulation.


 LCP has negotiated and is open.
 There are two NCPs running, IPCP and Cisco Discovery Protocol Control Protocol (CDPCP). -3-

938
Only for individual use – not for distribute on Internet

35.2.4 Troubleshooting the ISDN configuration

The following commands are used to debug and troubleshoot the ISDN configuration: -1-

 The debug isdn q921 command shows data link layer, or Layer 2, messages on the D channel between
the router and the ISDN switch. Use this command if the show isdn status command does not show
Layer 1 as ACTIVE and Layer 2 as MULTIPLE_FRAME_ESTABLISHED.
 The debug isdn q931 command shows the exchange of call setup and teardown messages of the Layer
3 ISDN connection.
 The debug ppp authentication command displays the PPP authentication protocol messages,
including Challenge Handshake Authentication Protocol (CHAP) packet exchanges and Password
Authentication Protocol (PAP) exchanges.
 The debug ppp negotiation command displays information on PPP traffic and exchanges while the
PPP components are negotiated. This includes LCP, authentication, and NCP exchanges. A successful
PPP negotiation will first open the LCP state, then authenticate, and finally negotiate NCP.
 The debug ppp error command displays protocol errors and error statistics associated with PPP
connection negotiation and operation. Use the debug ppp commands to troubleshoot a Layer 2 problem
if the show isdn status command does not indicate an ISDN problem.

939
Only for individual use – not for distribute on Internet
35.3 DDR Configuration

35.3.1 DDR operation

Dial-on-demand routing (DDR) is triggered when traffic that matches a predefined set of criteria is queued to
be sent out a DDR-enabled interface. The traffic that causes a DDR call to be placed is referred to as
interesting traffic. Once the router has transmitted the interesting traffic, the call is terminated.

The key to efficient DDR operation is in the definition of interesting traffic. Interesting traffic is defined with
the dialer-list command. Dialer lists can allow all traffic from a specific protocol to bring up a DDR link, or
they can query an access list to see what specific types of traffic should bring up the link. Dialer lists do not
filter traffic on an interface. Even traffic that is not interesting will be forwarded if the connection to the
destination is active.

DDR is implemented in Cisco routers in the following steps:

1. The router receives traffic, performs a routing table lookup to determine if there is a route to the
destination, and identifies the outbound interface. -1-
2. If the outbound interface is configured for DDR, the router does a lookup to determine if the traffic is
interesting. -2-
3. The router identifies the dialing information necessary to make the call using a dialer map to access the
next-hop router. -3-
4. The router then checks to see if the dialer map is in use. If the interface is currently connected to the
desired remote destination, the traffic is sent. If the interface is not currently connected to the remote
destination, the router sends call-setup information through the BRI using the D channel. -4-
5. After the link is enabled, the router transmits both interesting and uninteresting traffic. Uninteresting
traffic can include data and routing updates.
6. The idle timer starts and runs as long as no interesting traffic is seen during the idle timeout period and
disconnects the call based on the idler timer configuration. -5-

The idle timer setting specifies the length of time the router should remain connected if no interesting traffic
has been sent. Once a DDR connection is established, any traffic to that destination will be permitted.
However, only interesting traffic resets the idle timer.

940
Only for individual use – not for distribute on Internet

941
Only for individual use – not for distribute on Internet
35.3.2 Configuring legacy DDR

Legacy DDR is a term used to define a very basic DDR configuration in which a single set of dialer parameters
is applied to an interface. If multiple unique dialer configurations are needed on one interface, then dialer
profiles should be used.

To configure legacy DDR perform the following steps:

 Define static routes -1-


 Specify interesting traffic -2-
 Configure the dialer information -3-

942
Only for individual use – not for distribute on Internet
35.3.3 Defining static routes for DDR

To forward traffic, routers need to know what route to use for a given destination. When a dynamic routing
protocol is used, the DDR interface will dial the remote site for every routing update or hello message if these
packets are defined as interesting traffic. To prevent the frequent or constant activation of the DDR link,
configure the necessary routes statically.

To configure a static route for IP use the following command:

Router(config)#ip route net-prefix mask {address | interface } [distance ] [permanent]

The Central router has a static route to network 10.40.0.0 on the Home router. -1-
The Home router has two static routes defined for the two subnets on the Central LAN. If the network attached
to the Home router is a stub network, then all non-local traffic should be sent to Central.
A default route is a better choice for the Home router in this instance.

Home(config)#ip route 0.0.0.0 0.0.0.0 10.1.0.2

When configuring static routes, consider the following:

 By default, a static route will take precedence over a dynamic route because of its lower administrative
distance. Without additional configuration, a dynamic route to a network will be ignored if a static
route is present in the routing table for the same network.
 To reduce the number of static route entries, define a summarized or default static route.

943
Only for individual use – not for distribute on Internet
35.3.4 Specifying interesting traffic for DDR

DDR calls are triggered by interesting traffic. This traffic can be defined as any of the following:

 IP traffic of a particular protocol type


 Packets with a particular source address or destination
 Other criteria as defined by the network administrator

Use the dialer-list command to identify interesting traffic. The command syntax is as follows:

Router(config)#dialer-list dialer-group-num protocol protocol-name {permit | deny | list access-list-number }

The dialer-group-num is an integer between 1 and 10 that identifies the dialer list to the router. The command
dialer-list 1 protocol ip permit will allow all IP traffic to trigger a call. -1-
Instead of permitting all IP traffic, a dialer list can point to an access list in order to specify exactly what types
of traffic should bring up the link. The reference to access list 101 in dialer list 2 prevents FTP and Telnet
traffic from activating the DDR link. Any other IP packet is considered interesting, and will therefore initiate
the DDR link.

35.3.5 Configuring DDR dialer information

There are several steps involved in configuring the DDR interface. PPP is configured on the dialer interface
using the same commands that enable PPP on a serial interface. HDLC is the default encapsulation for an
ISDN interface on a Cisco router, but most networks employ PPP for circuit-switched connections. Because of
its robustness, interoperability, and additional features such as authentication, PPP is the data link protocol in
use on the B channels of most routers. To configure PPP on the DDR interface use the following commands: -1

Home(config)#username Central password cisco


Home(config)#interface bri0/0
Home(config-if)#encapsulation ppp
Home(config-if)#ppp authentication chap
Home(config-if)#ip address 10.1.0.1 255.255.255.0

944
Only for individual use – not for distribute on Internet

A dialer list specifying the interesting traffic for this DDR interface needs to be associated with the DDR
interface. This is done using the dialer-group group-number command: -2-

Home(config-if)#dialer-group 1

In the command, group-number specifies the number of the dialer group to which the interface belongs. The
group number can be an integer from 1 to 10. This number must match the dialer-list group-number . Each
945
Only for individual use – not for distribute on Internet
interface can have only one dialer group. However, the same dialer list can be assigned to multiple interfaces
with the dialer-group command.

The correct dialing information for the remote DDR interface needs to be specified. This is done using the
dialer map command. -3-

The dialer map command maps the remote protocol address to a telephone number. This command is
necessary to dial multiple sites.

Router(config-if)#dialer map protocol next-hop-address [name hostname ] [speed 56 | 64] [broadcast] dial-
string

If dialing only one site, use an unconditional dialer string command that always dials the one phone number
regardless of the traffic destination. This step is unique to legacy DDR. Although the information is always
required, the steps to configure destination information are different when using dialer profiles instead of
legacy DDR.

The dialer idle-timeout seconds command may be used to specify the number of idle seconds before a call is
disconnected. -4-
The seconds represent the number of seconds until a call is disconnected after the last interesting packet is sent.
The default is 120.

946
Only for individual use – not for distribute on Internet

35.3.6 Dialer profiles

Legacy DDR is limited because the configuration is applied directly to a physical interface. Since the IP
address is applied directly to the interface, then only DDR interfaces configured in that specific subnet can
establish a DDR connection with that interface. This means that there is a one-to-one correspondence between
the two DDR interfaces at each end of the link.

Dialer profiles remove the configuration from the interface receiving or making calls and only bind the
configuration to the interface on a per-call basis. Dialer profiles allow physical interfaces to dynamically take
on different characteristics based on incoming or outgoing call requirements.
Dialer profiles can do all of the following:

 Define encapsulation and access control lists


 Determine minimum or maximum calls
 Turn features on or off

Dialer profiles aid in the design and deployment of more complex and scalable circuit-switched internetworks
by implementing a more scalable DDR model in Cisco routers and access servers. Dialer profiles separate the
logical portion of DDR, such as the network layer, encapsulation, and dialer parameters, from the physical
interface that places or receives calls. -1-

Using dialer profiles, the following tasks may be performed:

 Configure B channels of an ISDN interface with different IP subnets.


 Use different encapsulations on the B channels of an ISDN interface.
 Set different DDR parameters for the B channels of an ISDN interface.
 Eliminate the waste of ISDN B channels by letting ISDN BRIs belong to multiple dialer pools.

A dialer profile consists of the following elements: -2-

 Dialer interface — A logical entity that uses a per-destination dialer profile.

947
Only for individual use – not for distribute on Internet
 Dialer pool — Each dialer interface references a dialer pool, which is a group of one or more physical
interfaces associated with a dialer profile.
 Physical interfaces — Interfaces in a dialer pool are configured for encapsulation parameters and to
identify the dialer pools to which the interface belongs. PPP authentication, encapsulation type, and
multilink PPP are all configured on the physical interface. -3-

Like legacy DDR, dialer profiles activate when interesting traffic is queued to be sent out a DDR interface.
First, an interesting packet is routed to a remote DDR IP address. The router then checks the configured dialer
interfaces for one that shares the same subnet as the remote DDR IP address. If one exists, the router looks for
an unused physical DDR interface in the dialer pool. The configuration from the dialer profile is then applied
to the interface and the router attempts to create the DDR connection. When the connection is terminated, the
interface is returned to the dialer pool for the next call.

948
Only for individual use – not for distribute on Internet

35.3.7 Configuring dialer profiles

Multiple dialer interfaces may be configured on a router. Each dialer interface is the complete configuration for
a destination. The interface dialer command creates a dialer interface and enters interface configuration mode.
-1-

To configure the dialer interface, perform the following tasks:

1. Configure one or more dialer interfaces with all the basic DDR commands:
 IP address
 Encapsulation type and authentication
 Idle-timer
 Dialer-group for interesting traffic
2. Configure a dialer string and dialer remote-name to specify the remote router name and phone
number to dial it. The dialer pool associates this logical interface with a pool of physical interfaces.
3. Configure the physical interfaces and assign them to a dialer pool using the dialer pool-member
command. -2-

An interface can be assigned to multiple dialer pools by using multiple dialer pool-member commands. If
more than one physical interface exists in the pool, use the priority option of the dialer pool-member
command to set the priority of the interface within a dialer pool. If multiple calls need to be placed and only
one interface is available, then the dialer pool with the highest priority is the one that dials out.

A combination of any of these interfaces may be used with dialer pools:

 Synchronous Serial
 Asynchronous Serial
 BRI
 PRI

949
Only for individual use – not for distribute on Internet

35.3.8 Verifying DDR configuration

The show dialer interface [BRI] command displays information in the same format as the legacy DDR
statistics on incoming and outgoing calls.

The message "Dialer state is data link layer up" suggests that the dialer came up properly and interface BRI
0/0:1 is bound to the profile dialer1. -1-

The show isdn active command displays information about the current active ISDN calls. -2-
In this output, the ISDN call is outgoing to a remote router named Seattle.
950
Only for individual use – not for distribute on Internet
The show isdn status command displays information about the three layers of the BRI interface. -3-
In this output, ISDN Layer 1 is active, ISDN Layer 2 is established with SPID1 and SPID2 validated, and there
is one active connection on Layer 3.

951
Only for individual use – not for distribute on Internet

35.3.9 Troubleshooting the DDR configuration

There are two major types of DDR problems. Either a router is not dialing when it should, or it is constantly
dialing when it should not. Several debug commands can be used to help troubleshoot problems with a DDR
configuration.

In the following lines, the seventh and eighth most significant hexadecimal numbers indicate the type of
message. -1-

 0x05 indicates a call setup message


 0x02 indicates a call proceeding message
 0x07 indicates a call connect message
 0x0F indicates a connect acknowledgment (ack) message

The debug isdn q931 command is useful for viewing Layer 2 ISDN call setup exchanges for both outgoing
and incoming calls. The ―i =‖ field in the Q.921 payload field is the hexadecimal value of a Q.931 message. -2-
, -3-

The debug dialer [events | packets] command is useful for troubleshooting DDR connectivity. The debug
dialer events command sends a message to the console indicating when a DDR link has connected and what
traffic caused it to connect. -4-
If a router is not configured correctly for DDR, then the output of the command will usually indicate the source
of the problem. If there is no debug output, then the router is not aware of any interesting traffic. An incorrectly
configured dialer or access list may be the cause.

Not all DDR problems result in an interface failing to dial. Routing protocols can cause an interface to
continuously dial, even if there is no user data to send. An interface that is constantly going up and down is
said to be flapping. The debug dialer packet command sends a message to the console every time a packet is
sent out a DDR interface. Use this debug command to see exactly what traffic is responsible for a flapping
DDR interface.

952
Only for individual use – not for distribute on Internet
If a router is not connecting when it should, then it is possible that an ISDN problem is the cause, as opposed to
a DDR problem. The remote router may be incorrectly configured, or there could be a problem with the ISDN
carrier network. Use the isdn call interface command to force the local router to attempt to dial into the
remote router. -5-
If the routers cannot communicate using this command, then the lack of connectivity is an ISDN problem, not
a DDR problem. However, if the routers can communicate, then both the toll network and the ISDN
configurations on the routers are working properly. In this case, the problem is most likely an error in the DDR
configuration on either router.

In some cases it is useful to reset the connection between the router and the local ISDN switch. The clear
interface bri command clears currently established connections on the interface and resets the interface with
the ISDN switch. This command forces the router to renegotiate its SPIDs with the ISDN switch, and is
sometimes necessary after making changes to the isdn spid1 and isdn spid2 commands on an interface.

953
Only for individual use – not for distribute on Internet

954
Only for individual use – not for distribute on Internet
35.3.10 Summary

ISDN refers to a set of communication protocols proposed by telephone companies to permit telephone
networks to carry integrated voice, video, and data services. ISDN permits communication over high-quality,
high-speed, digital communication channels.

DDR is used in order to save the costs of a dedicated WAN line for organizations and companies that do not
need a permanent connection. It can also be used as a backup by organizations that use the dedicated line for
critical applications.

An understanding of the following key points should have been achieved:

 ISDN carries data, voice, and video


 ISDN uses standards for addressing, concepts, and signaling
 ISDN uses the physical and data-link layers
 Interfaces and reference points for ISDN
 Router configuration for ISDN
 Which traffic is allowed when configuring DDR
 Static routes for DDR
 The correct encapsulation type for DDR
 Access lists affecting DDR traffic
 Dialer interfaces

955
Only for individual use – not for distribute on Internet
36 MODULE 5

Module Overview

Frame Relay was originally developed as an extension of ISDN. It was designed to enable the circuit-switched
technology to be transported on a packet-switched network. The technology has become a stand-alone and
cost-effective means of creating a WAN.

Frame Relay switches create virtual circuits to connect remote LANs to a WAN. The Frame Relay network
exists between a LAN border device, usually a router, and the carrier switch. The technology used by the
carrier to transport the data between the switches is not important to Frame Relay.

The sophistication of the technology requires a thorough understanding of the terms used to describe how
Frame Relay works. Without a firm understanding of Frame Relay, it is difficult to troubleshoot its
performance.

Frame Relay has become one of the most extensively used WAN protocols. One reason for its popularity is
that it is inexpensive compared to leased lines. Another reason Frame Relay is popular is that configuration of
user equipment in a Frame Relay network is very simple.

This module explains how to configure Frame Relay on a Cisco router. Frame Relay connections are created
by configuring routers or other devices to communicate with a Frame Relay switch. The service provider
usually configures the Frame Relay switch. This helps keep end-user configuration tasks to a minimum.

Students completing this module should be able to:

 Explain the scope and purpose of Frame Relay


 Discuss the technology of Frame Relay
 Compare point-to-point and point-to-multipoint topologies
 Examine the topology of a Frame Relay network
 Configure a Frame Relay Permanent Virtual Circuit (PVC)
 Create a Frame Relay Map on a remote network
 Explain the issues of a non-broadcast multi-access network
 Describe the need for subinterfaces and how to configure them
 Verify and troubleshoot a Frame Relay connection

36.1 Frame Relay Concepts

36.1.1 Introducing Frame Relay

Frame Relay is an International Telecommunication Union Telecommunications Standardization Sector (ITU-


T) and American National Standards Institute (ANSI) standard. Frame Relay is a packet-switched, connection-
oriented, WAN service. It operates at the data link layer of the OSI reference model. Frame Relay uses a subset
of the high-level data-link control ( HDLC ) protocol called Link Access Procedure for Frame Relay ( LAPF
956
Only for individual use – not for distribute on Internet
). Frames carry data between user devices called data terminal equipment (DTE), and the data communications
equipment (DCE) at the edge of the WAN. -1-

Originally Frame Relay was designed to allow ISDN equipment to have access to a packet-switched service on
a B channel. However, Frame Relay is now a stand-alone technology.

A Frame Relay network may be privately owned, but it is more commonly provided as a service by a public
carrier. It typically consists of many geographically scattered Frame Relay switches interconnected by trunk
lines. -2-, -3-

957
Only for individual use – not for distribute on Internet

Frame Relay is often used to interconnect LANs. When this is the case, a router on each LAN will be the DTE.
A serial connection, such as a T1/E1 leased line, will connect the router to a Frame Relay switch of the carrier
at the nearest point-of-presence for the carrier. The Frame Relay switch is a DCE device. Frames from one
DTE will be moved across the network and delivered to other DTEs by way of DCEs. -4-

Computing equipment that is not on a LAN may also send data across a Frame Relay network. The computing
equipment will use a Frame Relay access device ( FRAD ) as the DTE.

958
Only for individual use – not for distribute on Internet
36.1.2 Frame Relay terminology

The connection through the Frame Relay network between two DTEs is called a virtual circuit (VC). Virtual
circuits may be established dynamically by sending signaling messages to the network. In this case they are
called switched virtual circuits (SVCs). However, SVCs are not very common. Generally permanent virtual
circuits (PVCs) that have been preconfigured by the carrier are used. A VC is created by storing input-port to
output-port mapping in the memory of each switch and thus linking one switch to another until a continuous
path from one end of the circuit to the other is identified. -1-

959
Only for individual use – not for distribute on Internet
Because it was designed to operate on high-quality digital lines, Frame Relay provides no error recovery
mechanism. If there is an error in a frame, as detected by any node, it is discarded without notification.

The FRAD or router connected to the Frame Relay network may have multiple virtual circuits connecting it to
various end points. This makes it a very cost-effective replacement for a mesh of access lines. With this
configuration, each end point needs only a single access line and interface. More savings arise as the capacity
of the access line is based on the average bandwidth requirement of the virtual circuits, rather than on the
maximum bandwidth requirement.

The various virtual circuits on a single access line can be distinguished because each VC has its own Data Link
Connection Identifier (DLCI). -2-

The DLCI is stored in the address field of every frame transmitted. The DLCI usually has only local
significance and may be different at each end of a VC. -3-

960
Only for individual use – not for distribute on Internet
36.1.3 Frame Relay stack layered support

Frame Relay functions by doing the following:

 Takes data packets from a network layer protocol, such as IP or IPX


 Encapsulates them as the data portion of a Frame Relay frame -1-, -2-

 Passes them to the physical layer for delivery on the wire

The physical layer is typically EIA/TIA-232, 449 or 530, V.35, or X.21. The Frame Relay frame is a subset of
the HDLC frame type. Therefore it is delimited with flag fields. The 1-byte flag uses the bit pattern 01111110.
The Frame Check Sequence (FCS) is used to determine if any errors in the layer 2 address field occurred
during transmission. The FCS is calculated prior to transmission and the result is inserted in the FCS field. At
the distance end, a second FCS value is calculated and compared to the FCS in the frame. If the results are the
same, the frame is processed. If there is a difference, the frame is discarded. No notification is sent to the
source when a frame is discarded. Error control left to the upper layers of the OSI model.

36.1.4 Frame Relay bandwidth and flow control

The serial connection or access link to the Frame Relay network is normally a leased line. The speed of the line
is the access speed or port speed. Port speeds are typically between 64 kbps and 4 Mbps. Some providers offer
speeds up to 45 Mbps.

Usually there are several PVCs operating on the access link with each VC having dedicated bandwidth
availability. This is called the committed information rate (CIR). The CIR is the rate at which the service
provider agrees to accept bits on the VC.

961
Only for individual use – not for distribute on Internet
Individual CIRs are normally less than the port speed. However, the sum of the CIRs will normally be greater
than the port speed. Sometimes this is a factor of 2 or 3. Statistical multiplexing accommodates the bursty
nature of computer communications since channels are unlikely to be at their maximum data rate
simultaneously.

While a frame is being transmitted, each bit will be sent at the port speed. For this reason, there must be a gap
between frames on a VC if the average bit rate is to be the CIR.

The switch will accept frames from the DTE at rates in excess of the CIR. This effectively provides each
channel with bandwidth on demand up to a maximum of the port speed. Some service providers impose a VC
maximum that is less than the port speed. The difference between the CIR and the maximum, whether the
maximum is port speed or lower, is called the Excess Information Rate (EIR).

The time interval over which the rates are calculated is called the committed time (Tc). The number of
committed bits in Tc is the committed burst (Bc). The extra number of bits above the committed burst, up to the
maximum speed of the access link, is the excess burst (Be).

Although the switch accepts frames in excess of the CIR, each excess frame is marked at the switch by setting
the Discard Eligible (DE) bit to "1" in the address field. -1-, -2-, -3-

962
Only for individual use – not for distribute on Internet

The switch maintains a bit counter for each VC. An incoming frame is marked DE if it puts the counter over
Bc. An incoming frame is discarded if it pushes the counter over Bc + Be. At the end of each Tc seconds the
counter is reset. The counter may not be negative, so idle time cannot be saved up.

Frames arriving at a switch are queued or buffered prior to forwarding. As in any queuing system, it is possible
that there will be an excessive buildup of frames at a switch. This causes delays. Delays lead to unnecessary
retransmissions that occur when higher-level protocols receive no acknowledgment within a set time. In severe
cases this can cause a serious drop in network throughput.

To avoid this problem, Frame Relay switches incorporate a policy of dropping frames from a queue to keep the
queues short. Frames with their DE bit set will be dropped first.

When a switch sees its queue increasing, it tries to reduce the flow of frames to it. It does this by notifying
DTEs of the problem by setting the Explicit Congestion Notification (ECN) bits in the frame address field.
963
Only for individual use – not for distribute on Internet
The Forward ECN (FECN) bit is set on every frame that the switch receives on the congested link. The
Backward ECN (BECN) bit is set on every frame that the switch places onto the congested link. DTEs
receiving frames with the ECN bits set are expected to try to reduce the flow of frames until the congestion
clears. -4-

If the congestion occurs on an internal trunk, DTEs may receive notification even though they are not the cause
of the congestion.

The DE, FECN and BECN bits are part of the address field in the LAPF frame.

964
Only for individual use – not for distribute on Internet
36.1.5 Frame Relay address mapping and topology

When more than two sites are to be connected, consideration must be given to the topology of the connections
between them.

Frame Relay is unlikely to be cost-effective when only two sites are interconnected with a point-to-point
connection. Frame Relay is more cost-effective where multiple sites must be interconnected.

WANs are often interconnected as a star topology. A central site hosts the primary services and is connected to
each of the remote sites needing access to the services. -1-

In a hub and spoke topology the location of the hub is chosen to give the lowest leased line cost. When
implementing a star topology with Frame Relay, each remote site has an access link to the frame relay cloud
with a single VC. The hub has an access link with multiple VCs, one for each remote site. -2-

Because Frame Relay tariffs are not distance related, the hub does not need to be in the geographical center of
the network.
965
Only for individual use – not for distribute on Internet
A full mesh topology is chosen when services to be accessed are geographically dispersed and highly reliable
access to them is required. With full mesh, every site is connected to every other site. Unlike with leased line
interconnections, this can be achieved in Frame Relay without additional hardware. -3-

It is necessary to configure additional VCs on the existing links to upgrade from star to full mesh topology.
Multiple VCs on an access link will generally make better use of Frame Relay than single VCs. This is because
they take advantage of the built-in statistical multiplexing. -4-

For large networks, full mesh topology is seldom affordable. This is because the number of links required for a
full mesh topology grows at almost the square of the number of sites. While there is no equipment issue for
Frame Relay, there is a limit of less than 1000 VCs per link. In practice, the limit will be less than that, and
larger networks will generally be partial mesh topology. With partial mesh, there are more interconnections
than required for a star arrangement, but not as many as for a full mesh. The actual pattern is very dependant
on the data flow requirements.

In any Frame Relay topology, when a single interface is used to interconnect multiple sites, there may be
reachability issues. This is due to the nonbroadcast multiaccess (NBMA) nature of Frame Relay. Split horizon
is a technique used by routing protocols to prevent routing loops. Split horizon does not allow routing updates
to be sent out the same interface that was the source of the route information. This can cause problems with
routing updates in a Frame Relay environment where multiple PVCs are on a single physical interface.

Whatever the underlying topology of the physical network, a mapping is needed in each FRAD or router
between a data link layer Frame Relay address and a network layer address, such as an IP address. Essentially,
the router needs to know what networks are reachable beyond a particular interface. The same problem exists if

966
Only for individual use – not for distribute on Internet
an ordinary leased line is connected to an interface. The difference is that the remote end of a leased line is
connected directly to a single router. Frames from the DTE travel down a leased line as far as a network
switch, where they may fan out to as many as 1000 routers. The DLCI for each VC must be associated with the
network address of its remote router. This information can be configured manually by using map commands.
The DLCI can also be configured automatically using Inverse ARP.

36.1.6 Frame Relay LMI ( Local Management Interface )

Frame Relay was designed to provide packet-switched data transfer with minimal end-to-end delays.
Anything that might contribute to delays was omitted. When vendors implemented Frame Relay as a separate
technology rather than as one component of ISDN, they decided that there was a need for DTEs to dynamically
acquire information about the status of the network. This feature was omitted in the original design. The
extensions for this status transfer are called the Local Management Interface ( LMI ).

The 10-bit DLCI field allows VC identifiers 0 through 1023. The LMI extensions reserve some of these
identifiers. This reduces the number of permitted VCs. LMI messages are exchanged between the DTE and
DCE using these reserved DLCIs. -1-

The LMI extensions include the following:

 The keepalive mechanism, which verifies that a VC is operational


 The multicast mechanism
 The flow control
 The ability to give DLCIs global significance
 The VC status mechanism

There are several LMI types, each of which is incompatible with the others. The LMI type configured on the
router must match the type used by the service provider.

Three 3 types of LMIs are supported by Cisco routers:

 Cisco - The original LMI extensions


 Ansi - Corresponding to the ANSI standard T1.617 Annex D
 q933a - Corresponding to the ITU standard Q933 Annex A

LMI messages are carried in a variant of LAPF frames. This variant includes four extra fields in the header so
that they will be compatible with the LAPD frames used in ISDN. The address field carries one of the reserved
DLCIs. Following this are the control, protocol discriminator, and call reference fields that do not change. The
fourth field indicates the LMI message type. -2-

967
Only for individual use – not for distribute on Internet

There are one or more information elements ( IE ) that follow the header.

Each IE consists of the following:

 A one byte IE identifier


 An IE length field
 One or more bytes containing actual data that typically includes the status of a DLCI

Status messages help verify the integrity of logical and physical links. This information is critical in a routing
environment because routing protocols make decisions based on link integrity.

36.1.7 Stages of Inverse ARP and LMI operation

LMI status messages combined with Inverse ARP messages allow a router to associate network layer and data
link layer addresses.

968
Only for individual use – not for distribute on Internet
When a router that is connected to a Frame Relay network is started, it sends an LMI status inquiry message to
the network. The network replies with an LMI status message containing details of every VC configured on the
access link. -1-

Periodically the router repeats the status inquiry, but subsequent responses include only status changes. After a
set number of these abbreviated responses, the network will send a full status message.

If the router needs to map the VCs to network layer addresses, it will send an Inverse ARP message on each
VC. The Inverse ARP message includes the network layer address of the router, so the remote DTE, or router,
can also perform the mapping. The Inverse ARP reply allows the router to make the necessary mapping entries
in its address to DLCI map table. If several network layer protocols are supported on the link, Inverse ARP
messages will be sent for each. -2-

969
Only for individual use – not for distribute on Internet

36.2 Configuring Frame Relay

36.2.1 Configuring basic Frame Relay

This section explains how to configure a basic Frame Relay PVC. -1-
Frame Relay is configured on a serial interface. The default encapsulation type is the Cisco proprietary version
of HDLC. To change the encapsulation to Frame Relay use the encapsulation frame-relay [cisco | ietf]
command.

cisco Uses the Cisco proprietary Frame Relay encapsulation. Use this option if connecting to another Cisco
router. Many non-Cisco devices also support this encapsulation type. This is the default.
ietf Sets the encapsulation method to comply with the Internet Engineering Task Force ( IETF ) standard
970
Only for individual use – not for distribute on Internet
RFC 1490. Select this if connecting to a non-Cisco router.

Cisco's proprietary Frame Relay encapsulation uses a 4-byte header, with 2 bytes to identify the data-link
connection identifier (DLCI) and 2 bytes to identify the packet type.

Set an IP address on the interface using the ip address command. Set the bandwidth of the serial interface
using the bandwidth command. Bandwidth is specified in kilobits per second (kbps). This command is used to
notify the routing protocol that bandwidth is statically configured on the link. The bandwidth value is used
by Interior Gateway Routing Protocol ( IGRP ), Enhanced Interior Gateway Routing Protocol ( EIGRP ), and
Open Shortest Path First ( OSPF ) to determine the metric of the link. -2-

The LMI connection is established and configured by the frame-relay lmi-type [ansi | cisco | q933a]
command. This command is only needed if using Cisco IOS Release 11.1 or earlier. With IOS Release 11.2 or
later, the LMI-type is autosensed and no configuration is needed. The default LMI type is cisco. The LMI
type is set on a per-interface basis and is shown in the output of the show interfaces command.

These configuration steps are the same, regardless of the network layer protocols operating across the network.

971
Only for individual use – not for distribute on Internet
36.2.2 Configuring a static Frame Relay map

The local DLCI must be statically mapped to the network layer address of the remote router when the remote
router does not support Inverse ARP. This is also true when broadcast traffic and multicast traffic over the
PVC must be controlled. These static Frame Relay map entries are referred to as static maps.

Use the frame-relay map protocol protocol-address dlci [broadcast] command to statically map the remote
network layer address to the local DLCI.

36.2.3 Reachability issues with routing updates in NBMA

By default, a Frame Relay network provides non-broadcast multi-access (NBMA) connectivity between remote
sites. An NBMA environment is viewed like other multiaccess media environments, such as Ethernet, where
all the routers are on the same subnet. However, to reduce cost, NBMA clouds are usually built in a hub-and-
spoke topology. With a hub-and-spoke topology, the physical topology does not provide the multi-access
capabilities that Ethernet does. -1-

972
Only for individual use – not for distribute on Internet

The physical topology consists of multiple PVCs.

A Frame Relay NBMA topology may cause two 2 problems:

 Reachability issues regarding routing updates


 The need to replicate broadcasts on each PVC when a physical interface contains more than one PVC

Split-horizon updates reduce routing loops by not allowing a routing update received on one interface to be
forwarded out the same interface. If Router B, a spoke router, sends a broadcast routing update to Router A, the
hub router, and Router A has multiple PVCs over a single physical interface, then Router A cannot forward
that routing update through the same physical interface to other remote spoke routers. If split-horizon is
disabled, then the routing update can be forwarded out the same physical interface from which it came. Split-
horizon is not a problem when there is a single PVC on a physical interface. This would be a point-to-point
Frame Relay connection. -2-

Routers that support multiple connections over a single physical interface have many PVCs that terminate in a
single router. This router must replicate broadcast packets such as routing update broadcasts, on each PVC, to
the remote routers. The replicated broadcast packets can consume bandwidth and cause significant latency to
973
Only for individual use – not for distribute on Internet
user traffic. It might seem logical to turn off split-horizon to resolve the reachability issues caused by split-
horizon. However, not all network layer protocols allow split-horizon to be disabled and disabling split-horizon
increases the chances of routing loops in any network.

One way to solve the split-horizon problem is to use a fully meshed topology. However, this will increase the
cost because more PVCs are required. The preferred solution is to use subinterfaces.

36.2.4 Frame Relay subinterfaces

To enable the forwarding of broadcast routing updates in a hub-and-spoke Frame Relay topology, configure
the hub router with logically assigned interfaces. These interfaces are called subinterfaces. Subinterfaces are
logical subdivisions of a physical interface. -1-

In split-horizon routing environments, routing updates received on one subinterface can be sent out another
subinterface. In a subinterface configuration, each virtual circuit can be configured as a point-to-point
connection. This allows each subinterface to act similarly to a leased line. Using a Frame Relay point-to-point
subinterface, each pair of the point-to-point routers is on its own subnet.

Frame Relay subinterfaces can be configured in either point-to-point or multipoint mode:

 Point-to-point - A single point-to-point subinterface is used to establish one PVC connection to


another physical interface or subinterface on a remote router. In this case, each pair of the point-to-
point routers is on its own subnet and each point-to-point subinterface would have a single DLCI. In a
point-to-point environment, each subinterface is acting like a point-to-point interface. Therefore,
routing update traffic is not subject to the split-horizon rule.
 Multipoint - A single multipoint subinterface is used to establish multiple PVC connections to multiple
physical interfaces or subinterfaces on remote routers. All the participating interfaces would be in the
same subnet. The subinterface acts like an NBMA Frame Relay interface so routing update traffic is
subject to the split-horizon rule.

The encapsulation frame-relay command is assigned to the physical interface. All other configuration items,
such as the network layer address and DLCIs, are assigned to the subinterface.

Multipoint configurations can be used to conserve addresses that can be especially helpful if Variable Length
Subnet Masking ( VLSM ) is not being used. However, multipoint configurations may not work properly given
the broadcast traffic and split-horizon considerations. The point-to-point subinterface option was created to
avoid these issues.

974
Only for individual use – not for distribute on Internet
36.2.5 Configuring Frame Relay subinterfaces

The Frame Relay service provider will assign the DLCI numbers. These numbers range from 16 to 992, and
usually have only local significance. This number range will vary depending on the LMI used. DLCIs can have
global significance in certain circumstances.

In the figure, Router A has two point-to-point subinterfaces. The s0/0.110 subinterface connects to router B
and the s0/0.120 subinterface connects to router C. Each subinterface is on a different subnet.
To configure subinterfaces on a physical interface, the following steps are required:

 Configure Frame Relay encapsulation on the physical interface using the encapsulation frame-relay
command
 For each of the defined PVCs, create a logical subinterface -1-

router(config)#interface serial number.subinterface-number [multipoint | point-to-point] -2-

975
Only for individual use – not for distribute on Internet
To create a subinterface, use the interface serial command. Specify the port number, followed by a period (.),
and then by the subinterface number. Usually, the subinterface number is chosen to be that of the DLCI. This
makes troubleshooting easier. The final required parameter is stating whether the subinterface is a point-to-
point or point-to-multipoint interface. Either the multipoint or point-to-point keyword is required. There is no
default.

The following commands create the subinterface for the PVC to router B:

routerA(config)# interface serial 0/0.110 point-to-point

If the subinterface is configured as point-to-point , then the local DLCI for the subinterface must also be
configured in order to distinguish it from the physical interface. The DLCI is also required for multipoint
subinterfaces for which Inverse ARP is enabled. It is not required for multipoint subinterfaces configured with
static route maps.

The frame-relay interface-dlci command is used to configure the local DLCI on the subinterface

router(config-subif)#frame-relay interface-dlci dlci-number -3-

36.2.6 Verifying the Frame Relay configuration

The show interfaces command displays information regarding the encapsulation and Layer 1 and Layer 2
status. It also displays information about the following:

 The LMI type


 The LMI DLCI
 The Frame Relay data terminal equipment/data circuit-terminating equipment (DTE/DCE) type

Normally, the router is considered a data terminal equipment ( DTE ) device. However, a Cisco router can be
configured as a Frame Relay switch. The router becomes a data circuit-terminating equipment (DCE) device
when it is configured as a Frame Relay switch. -1-

976
Only for individual use – not for distribute on Internet

Use the show frame-relay lmi command to display LMI traffic statistics. -2-
For example, this command demonstrates the number of status messages exchanged between the local router
and the local Frame Relay switch.

Use the show frame-relay pvc [interface interface] [dlci] command to display the status of each configured
PVC as well as traffic statistics. -3-
This command is also useful for viewing the number of BECN and FECN packets received by the router. The
PVC status can be active, inactive, or deleted.

The show frame-relay pvc command displays the status of all the PVCs configured on the router. Specifying a
PVC will show the status of only that PVC. In Figure -3-, the show frame-relay pvc 100 command displays
the status of only PVC 100.

977
Only for individual use – not for distribute on Internet
Use the show frame-relay map command to display the current map entries and information about the
connections.

The following information interprets the show frame-relay map output that appears in Figure -4-

 10.140.1.1 is the IP address of the remote router, dynamically learned via the Inverse ARP process
 100 is the decimal value of the local DLCI number
 0x64 is the hex conversion of the DLCI number, 0x64 = 100 decimal
 0x1840 is the value as it would appear on the wire because of the way the DLCI bits are spread out in
the address field of the Frame Relay frame
 Broadcast/multicast is enabled on the PVC
 PVC status is active

To clear dynamically created Frame Relay maps, which are created using Inverse ARP, use the clear frame-
relay-inarp command. -5-

978
Only for individual use – not for distribute on Internet
36.2.7 Troubleshooting the Frame Relay configuration

Use the debug frame-relay lmi command to determine whether the router and the Frame Relay switch are
sending and receiving LMI packets properly. -1-
The "out" is an LMI status message sent by the router. The "in" is a message received from the Frame Relay
switch. A full LMI status message is a "type 0". An LMI exchange is a "type 1". The "dlci 100, status 0x2"
means that the status of DLCI 100 is active. The possible values of the status field are as follows:

 0x0 - Added/inactive means that the switch has this DLCI programmed but for some reason it is not
usable. The reason could possibly be the other end of the PVC is down.
 0x2 - Added/active means the Frame Relay switch has the DLCI and everything is operational.
 0x4 - Deleted means that the Frame Relay switch does not have this DLCI programmed for the router,
but that it was programmed at some point in the past. This could also be caused by the DLCIs being
reversed on the router, or by the PVC being deleted by the service provider in the Frame Relay cloud.

36.2.8 Summary

An understanding of the following key points should have been achieved:

 The scope and purpose of Frame Relay


 The technology of Frame Relay
 Point-to-point and point-to-multipoint topologies
 The topology of a Frame Relay network
 How to configure a Frame Relay Permanent Virtual Circuit (PVC)
 How to create a Frame Relay Map on a remote network
 Potential problems with routing in a non-broadcast multi-access network
 Why subinterfaces are needed and how they are configured
 How to verify and troubleshoot a Frame Relay connection

979
Only for individual use – not for distribute on Internet

980
Only for individual use – not for distribute on Internet
37 MODULE 6

Module Overview

The first PCs were designed as standalone desktop systems. The operating system (OS) software allowed one
user at a time to access files and system resources. The user had physical access to the PC. As PC-based
computer networks gained popularity in the workplace, software companies developed specialized network
operating systems (NOS). Developers designed NOS to provide file security, user privileges, and resource
sharing among multiple users. The explosive growth of the Internet compelled developers to build the NOS of
today around Internet-related technologies and services like the World Wide Web (WWW).

Network connectivity is now essential to the desktop computing. The distinction between modern desktop
operating systems, now loaded with networking features and services, and their NOS counterparts has blurred.
Now, most popular operating systems, such as Microsoft Windows 2000 and Linux, are found on high-
powered network servers and on the desktops of end users.

Knowledge of different operating systems will ensure that the correct operating system is selected to offer all
the necessary services. UNIX, Linux, Mac OS X, and several Windows operating systems will be introduced.

Effective management of LANs and WANs is the key element to maintaining a productive environment in the
networking world. As more services become available to more users, the performance of networks suffer.
Network administrators, through constant monitoring, must recognize and be able to rectify problems before
they become noticeable to the end users.

Various tools and protocols are available to monitor the network on a local and remote basis. A comprehensive
understanding of these tools is critical to effective network management.

Students completing this module should be able to:

 Identify several potential tasks performed by a workstation


 Identify several potential functions of a server
 Describe the roles of equipment in a client/server environment
 Describe the differences between a NOS and a desktop operating system
 List several Windows operating systems and their features
 List several alternatives to the Windows operating systems and their features
 Identify network management tools
 Identify the driving forces behind network management
 Describe the OSI and network management model
 Describe simple network management protocol (SNMP) and common management information
protocol (CMIP)
 Describe how management software gathers information and records problems

37.1 Workstations and Servers

37.1.1 Workstations

A workstation is a client computer that is used to run applications and is connected to a server from which it
obtains data shared with other computers. A server is a computer that runs a NOS.
A workstation uses special software, such as a network shell program to perform the following tasks:

 Intercepts user data and application commands


 Decides if the command is for the local operating system or for the NOS.
981
Only for individual use – not for distribute on Internet
 Directs the command to the local operating system or to the network interface card (NIC) for
processing and transmission onto the network
 Delivers transmissions from the network to the application running on the workstation

Some Windows operating systems may be installed on workstations and servers. The NT/2000/XP versions of
Windows software provide network server capability. Windows 9x and ME versions only provide workstation
support. -1-

UNIX or Linux can serve as a desktop operating system but are usually found on high-end computers. These
workstations are employed in engineering and scientific applications, which require dedicated high-
performance computers.
Some of the specific applications that are frequently run on UNIX workstations are included in the
following list:

 Computer-aided design (CAD)


 Electronic circuit design
 Weather data analysis
 Computer graphics animation
 Telecommunications equipment management

Most current desktop operating systems include networking capabilities and support multi-user access. For this
reason, it is becoming more common to classify computers and operating systems based on the types of
applications the computer runs. This classification is based on the role or function that the computer plays,
such as workstation or server. Typical desktop or low-end workstation applications might include word
processing, spreadsheets, and financial management. On high-end workstations, -2- the applications might
include graphical design or equipment management and others as listed above.

A diskless workstation is a special class of computer designed to run on a network. As the name implies, it has
no disk drives but does have a monitor, keyboard, memory, booting instructions in ROM, and a network
interface card. The software that is used to establish a network connection is loaded from the bootable ROM
chip located on the NIC.

Because a diskless workstation does not have any disk drives, it is not possible to upload data from the
workstation or download anything to it. A diskless workstation cannot pass a virus onto the network, nor can it
be used to take data from the network by copying this information to a disk drive. As a result, diskless
workstations offer greater security than ordinary workstations. For this reason, such workstations are used in
networks where security is paramount.

Laptops can also serve as workstations on a LAN and can be connected through a docking station, external
LAN adapter, or a Personal Computer Memory Card International Association (PCMCIA) card. A docking
station is an add-on device that turns a laptop into a desktop. -3-

982
Only for individual use – not for distribute on Internet

37.1.2 Servers

In a network operating system environment, many client systems access and share the resources of one or more
servers. -1-

Desktop client systems are equipped with their own memory and peripheral devices, such as a keyboard,
monitor, and a disk drive. Server systems must be equipped to support multiple concurrent users and multiple
tasks as clients make demands on the server for remote resources. -2-

NOSs have additional network management tools and features that are designed to support access by large
numbers of simultaneous users. On all but the smallest networks, NOSs are installed on powerful servers.
Many users, known as clients, share these servers. Servers usually have high-capacity, high-speed disk drives,
large amounts of RAM, high-speed NICs, and in some cases, multiple CPUs. These servers are typically
configured to use the Internet family of protocols, TCP/IP, and offer one or more TCP/IP services.

Servers running NOSs are also used to authenticate users and provide access to shared resources. These servers
are designed to handle requests from many clients simultaneously. Before a client can access the server
resources, the client must be identified and be authorized to use the resource. Identification and authorization is
achieved by assigning each client an account name and password. The account name and password are then
verified by an authentication service to permit or deny access to the network. By centralizing user accounts,
security, and access control, server-based networks simplify the work of network administration.

Servers are typically larger systems than workstations and have additional memory to support multiple tasks
that are active or resident in memory at the same time. Additional disk space is also required on servers to hold
983
Only for individual use – not for distribute on Internet
shared files and to function as an extension to the internal memory on the system. Also, servers typically
require extra expansion slots on their system boards to connect shared devices, such as printers and multiple
network interfaces.

Another feature of systems capable of acting as servers is the processing power. Ordinarily, computers have a
single CPU, which executes the instructions that make up a given task or process. In order to work efficiently
and deliver fast responses to client requests, a NOS server requires a powerful CPU to execute its tasks or
programs. Single processor systems with one CPU can meet the needs of most servers if the CPU has the
necessary speed. To achieve higher execution speeds, some systems are equipped with more than one
processor. Such systems are called multiprocessor systems. Multiprocessor systems are capable of executing
multiple tasks in parallel by assigning each task to a different processor. The aggregate amount of work that the
server can perform in a given time is greatly enhanced in multiprocessor systems. -3-

Since servers function as central repositories of resources that are vital to the operation of client systems, these
servers must be efficient and robust. The term robust indicates that the server systems are able to function
effectively under heavy loads. It also means the systems are able to survive the failure of one or more
processes or components without experiencing a general system failure. This objective is met by building
redundancy into server systems. Redundancy is the inclusion of additional hardware components that can take
over if other components fail. Redundancy is a feature of fault tolerant systems that are designed to survive
failures and can be repaired without interruption while the systems are up and running. Because a NOS
depends on the continuous operation of its server, the extra hardware components justify the additional
expense. -4-

Server applications and functions include web services using Hypertext Transfer Protocol ( HTTP ), File
Transfer Protocol ( FTP ), and Domain Name System ( DNS ). Standard e-mail protocols supported by network
servers include Simple Mail Transfer Protocol ( SMTP ), Post Office Protocol 3 ( POP3 ), and Internet
Messaging Access Protocol ( IMAP ). File sharing protocols include Sun Microsystems Network File System (
NFS ) and Microsoft Server Message Block ( SMB ). -5-

Network servers frequently provide print services. A server may also provide Dynamic Host Configuration
Protocol ( DHCP ), which automatically allocates IP addresses to client workstations. In addition to running
services for the clients on the network, servers can be set to act as a basic firewall for the network. This is
accomplished using proxy or Network Address Translation ( NAT ), both of which hide internal private
network addresses from the Internet. -6-

984
Only for individual use – not for distribute on Internet

One server running a NOS may work well when serving only a handful of clients. But most organizations must
deploy several servers in order to achieve acceptable performance. A typical design separates services so one
server is responsible for e-mail, another server is responsible for file sharing, and another is responsible for
FTP.

The concentration of network resources, such as files, printers, and applications on servers, also makes the data
generated easier to back up and maintain. Rather than have these resources distributed on individual machines,
network resources can be located on specialized, dedicated servers for easy access and back up.

37.1.3 Client-server relationship

The client-server computing model distributes processing over multiple computers. Distributed processing
enables access to remote systems for the purpose of sharing information and network resources. In a client-
server environment, the client and server share or distribute processing responsibilities. Most network
operating systems are designed around the client-server model to provide network services to users. A
computer on a network can be referred to as a host, workstation, client, or server. A computer running TCP/IP,
whether it is a workstation or a server, is considered a host computer. -1-

Definitions of other commonly used terms are:

 Local host - The machine on which the user currently is working.


 Remote host - A system that is being accessed by a user from another system.
 Server - Provides resources to one or more clients by means of a network.
 Client - A machine that uses the services from one or more servers on a network.

An example of a client-server relationship is a FTP session. FTP is a universal method of transferring a file
from one computer to another. For the client to transfer a file to or from the server, the server must be running
the FTP daemon or service. In this case, the client requests the file to be transferred. The server provides the
services necessary to receive or send the file.

The Internet is also a good example of a distributed processing client-server computing relationship. The client
or front end typically handles user presentation functions, such as screen formatting, input forms, and data
editing. This is done with a browser, such as Netscape or Internet Explorer. Web browsers send requests to
web servers. When the browser requests data from the server, the server responds, and the browser program
receives a reply from the web server. The browser then displays the HTTP data that was received. The server
or back end handles the client's requests for Web pages and provides HTTP or WWW services.

985
Only for individual use – not for distribute on Internet
Another example of a client-server relationship is a database server and a data entry or query client in a LAN.
The client or front end might be running an application written in the C or Java language, and the server or
back end could be running Oracle or other database management software. In this case, the client would handle
formatting and presentation tasks for the user. The server would provide database storage and data retrieval
services for the user.

In a typical file server environment, the client might have to retrieve large portions of the database files to
process the files locally. This retrieval of the database files can cause excess network traffic. With the client-
server model, the client presents a request to the server, and the server database engine might process 100,000
records and pass only a few back to the client to satisfy the request. Servers are typically much more powerful
than client computers and are better suited to processing large amounts of data. With client-server computing,
the large database is stored, and the processing takes place on the server. The client has to deal only with
creating the query. A relatively small amount of data or results might be passed across the network. This
satisfies the client query and results in less usage of network bandwidth. The graphic shows an example of
client-server computing. Note that the workstation and server normally would be connected to the LAN by a
hub or switch. -2-

The distribution of functions in client-server networks brings substantial advantages, but also incurs some
costs. Although the aggregation of resources on server systems brings greater security, simpler access, and
coordinated control, the server introduces a single point of failure into the network. Without an operational
server, the network cannot function at all. Additionally, servers require trained, expert staff to administer and
maintain them, which increases the expense of running the network. Server systems require additional
hardware and specialized software that adds substantially to the cost.

37.1.4 Introduction to NOS

A computer OS is the software foundation on which computer applications and services run on a workstation.
Similarly, a NOS enables communication between multiple devices and the sharing of resources across a
network. A NOS operates on UNIX, Microsoft Windows NT, or Windows 2000 network servers. -1-

Common functions of an OS on a workstation include controlling the computer hardware, executing programs
and providing a user interface. The OS performs these functions for a single user. Multiple users can share the

986
Only for individual use – not for distribute on Internet
machine but they cannot log on at the same time. In contrast, a NOS distributes functions over a number of
networked computers. A NOS depends on the services of the native OS in each individual computer. The NOS
then adds functions that allow access to shared resources by a number of users concurrently.

Workstations function as clients in a NOS environment. When a workstation becomes a client in a NOS
environment, additional specialized software enables the local user to access non-local or remote resources, as
if these resources were a part of the local system. The NOS enhances the reach of the client workstation by
making remote services available as extensions of the local operating system.

A system capable of operating as a NOS server must be able to support multiple users concurrently. The
network administrator creates an account for each user, allowing the user to logon and connect to the server
system. The user account on the server enables the server to authenticate that user and allocate the resources
that the user is allowed to access. Systems that provide this capability are called multi-user systems.

A NOS server is a multitasking system, capable of executing multiple tasks or processes at the same time. The
NOS scheduling software allocates internal processor time, memory, and other elements of the system to
different tasks in a way that allows them to share the system resources. Each user on the multi-user system is
supported by a separate task or process internally on the server. These internal tasks are created dynamically as
users connect to the system and are deleted when users disconnect.

The main features to consider when selecting a NOS are performance, management and monitoring tools,
security, scalability, and robustness or fault tolerance. The following section briefly defines each of these
features. -2-

Performance

A NOS must perform well at reading and writing files across the network between clients and servers. It must
be able to maintain fast performance under heavy loads, when many clients are making requests. Consistent
performance under heavy demand is an important standard for a NOS.

Management and monitoring

The management interface on the NOS server provides the tools for server monitoring, client administration,
file, print, and disk storage management. The management interface provides tools for the installation of new
services and the configuration of those services. Additionally, servers require regular monitoring and
adjustment.

Security

A NOS must protect the shared resources under its control. Security includes authenticating user access to
services to prevent unauthorized access to the network resources. Security also performs encryption to protect
information as it travels between clients and servers.

Scalability

987
Only for individual use – not for distribute on Internet
Scalability is the ability of a NOS to grow without degradation in performance. The NOS must be capable of
sustaining performance as new users join the network and new servers are added to support them.

Robustness/fault tolerance

A measure of robustness is the ability to deliver services consistently under heavy load and to sustain its
services if components or processes fail. Using redundant disk devices and balancing the workload across
multiple servers can improve NOS robustness.

37.1.5 Microsoft NT, 2000, and .NET

Since the release of Windows 1.0 in November 1985, Microsoft has produced many versions of Windows
operating systems with improvements and changes to support a variety of users and purposes. Figure -1-
summarizes the current Windows OS.

NT 4 was designed to provide an environment for mission critical business that would be more stable than the
Microsoft consumer operating systems. It is available for both desktop (NT 4.0 Workstation) and server (NT
4.0 Server). An advantage of NT over previous Microsoft OSs is that DOS and older Windows programs can
be executed in virtual machines (VMs). Program failures are isolated and do not require a system restart.

Windows NT provides a domain structure to control user and client access to server resources. It is
administered through the User Manager for Domains application on the domain controller. Each NT domain
requires a single primary domain controller which holds the Security Accounts Management Database (SAM)
and may have one or more backup domain controllers, each of which contains a read-only copy of the SAM.
When a user attempts to logon, the account information is sent to the SAM database. If the information for that
account is stored in the database, the user will be authenticated to the domain and have access to the
workstation and network resources.

Based on the NT kernel, the more recent Windows 2000 has both desktop and server versions. Windows 2000
supports ―plug-and-play‖ technology, permitting installation of new devices without the need to restart the
system. Windows 2000 also includes a file encryption system for securing data on the hard disk.

Windows 2000 enables objects, such as users and resources, to be placed into container objects called
organizational units (OUs). Administrative authority over each OU can be delegated to a user or group. This
feature allows more specific control than is possible with Windows NT 4.0.

Windows 2000 Professional is not designed to be a full NOS. It does not provide a domain controller, DNS
server, DHCP server, or render any of the services that can be deployed with Windows 2000 Server. The
primary purpose of Windows 2000 Professional is to be part of a domain as a client-side operating system. The
type of hardware that can be installed on the system is limited. Windows 2000 Professional can provide limited
server capabilities for small networks and peer-to-peer networks. It can be a file server, a print server, an FTP
server, and a web server, but will only support up to ten simultaneous connections.

988
Only for individual use – not for distribute on Internet
Windows 2000 Server adds to the features of Windows 2000 Professional many new server-specific functions.
It can also operate as a file, print, web and application server. The Active Directory Services feature of
Windows 2000 Server serves as the centralized point of management of users, groups, security services, and
network resources. It includes the multipurpose capabilities required for workgroups and branch offices as well
as for departmental deployments of file and print servers, application servers, web servers, and communication
servers.

Windows 2000 Server is intended for use in small-to-medium sized enterprise environments. It provides
integrated connectivity with Novell NetWare, UNIX, and AppleTalk systems. It can also be configured as a
communications server to provide dialup networking services for mobile users. Windows 2000 Advanced
Server provides the additional hardware and software support needed for enterprise and extremely large
networks.

Microsoft has developed Windows .NET server with the ability to provide a secure and reliable system to run
enterprise-level web and FTP sites to compete with the Linux, UNIX and Novell‘s One NET. The Windows
.NET Server provides XML Web Services to companies which run medium to high volume web traffic.

37.1.6 UNIX, Sun, HP, and LINUX


Origins of UNIX

UNIX is the name of a group of operating systems that trace their origins back to 1969 at Bell Labs. Since its
inception, UNIX was designed to support multiple users and multitasking. UNIX was also one of the first
operating systems to include support for Internet networking protocols. The history of UNIX, which now spans
over 30 years, is complicated because many companies and organizations have contributed to its development.
-1-

UNIX was first written in assembly language, a primitive set of instructions that control the internal
instructions of a computer. However, UNIX could only run on a specific type of computer. In 1971, Dennis
989
Only for individual use – not for distribute on Internet
Ritchie created the C language. In 1973, Ritchie along with fellow Bell Labs programmer Ken Thompson
rewrote the UNIX system programs in C language. Because C is a higher-level language, UNIX could be
moved or ported to another computer with far less programming effort. The decision to develop this portable
operating system proved to be the key to the success of UNIX. During the 1970s, UNIX evolved through the
development work of programmers at Bell Labs and several universities, notably the University of California,
at Berkeley. -2-, -3

When UNIX first started to be marketed commercially in the 1980s, it was used to run powerful network
servers, not desktop computers.
Today, there are dozens of different versions of UNIX, including the following:

 Hewlett Packard UNIX (HP-UX)


 Berkeley Software Design, Inc. (BSD UNIX), which has produced derivatives such as FreeBSD
 Santa Cruz Operation (SCO) UNIX
 Sun Solaris
 IBM UNIX (AIX)

UNIX, in its various forms, continues to advance its position as the reliable, secure OS of choice for mission-
critical applications that are crucial to the operation of a business or other organization. UNIX is also tightly
integrated with TCP/IP. TCP/IP basically grew out of UNIX because of the need for LAN and WAN
communications.

The Sun Microsystems Solaris Operating Environment and its core OS, SunOS, is a high-performance,
versatile, 64-bit implementation of UNIX. Solaris runs on a wide variety of computers, from Intel-based
personal computers to powerful mainframes and supercomputers. Solaris is currently the most widely used
version of UNIX in the world for large networks and Internet websites. Sun is also the developer of the "Write
Once, Run Anywhere" Java technology.

Despite the popularity of Microsoft Windows on corporate LANs, much of the Internet runs on powerful
UNIX systems. Although UNIX is usually associated with expensive hardware and is not user friendly, recent
developments, including the creation of Linux, have changed that image.

990
Only for individual use – not for distribute on Internet
Origins of Linux
In 1991, a Finnish student named Linus Torvalds began work on an operating system for an Intel 80386-based
computer. Torvalds became frustrated with the state of desktop operating systems, such as DOS, and the
expense and licensing issues associated with commercial UNIX. Torvalds set out to develop an operating
system that was UNIX-like in its operation but used software code that was open and completely free of charge
to all users.

Torvald's work led to a worldwide collaborative effort to develop Linux, an open source operating system that
looks and feels like UNIX. By the late 1990s, Linux had become a viable alternative to UNIX on servers and
Windows on the desktop. The popularity of Linux on desktop PCs has also contributed to interest in using
UNIX distributions, such as FreeBSD and Sun Solaris on the desktop. Versions of Linux can now run on
almost any 32-bit processor, including the Intel 80386, Motorola 68000, Alpha, and PowerPC chips.

As with UNIX, there are numerous versions of Linux. Some are free downloads from the web, and others are
commercially distributed.
The following are a few of the most popular versions of Linux:

 Red Hat Linux – distributed by Red Hat Software


 OpenLinux – distributed by Caldera
 Corel Linux
 Slackware
 Debian GNU/Linux
 SuSE Linux

Linux is one of the most powerful and reliable operating systems in the world today. Because of this, Linux has
already made inroads as a platform for power users and in the enterprise server arena. Linux is less often
deployed as a corporate desktop operating system. Although graphical user interfaces (GUIs) are available to
make Linux user-friendly, most beginning users find Linux more difficult to use than Mac OS or Windows.
Currently, many companies, such as Red Hat, SuSE, Corel, and Caldera, are striving to make Linux a viable
operating system for the desktop. -4-, -5-, -6-, -7-

Application support must be considered when Linux is implemented on a desktop system. The number of
business productivity applications is limited when compared to Windows. However, some vendors provide
Windows emulation software, such as WABI and WINE, which enables many Windows applications to run on
Linux. Additionally, companies such as Corel are making Linux versions of their office suites and other
popular software packages.

Networking with Linux


Recent distributions of Linux have networking components built in for connecting to a LAN, establishing a
dialup connection to the Internet, or other remote network. In fact, TCP/IP is integrated into the Linux kernel
instead of being implemented as a separate subsystem.Some advantages of Linux as a desktop operating
system and network client include the following:
 It is a true 32-bit operating
system.
 It supports preemptive
multitasking and virtual
memory.
 The code is open source and
thus available for anyone to
enhance and improve.

991
Only for individual use – not for distribute on Internet

37.1.7 Apple

Apple Macintosh computers were designed for easy networking in a peer-to-peer, workgroup situation.
Network interfaces are included as part of the hardware and networking components are built into the
Macintosh operating system. Ethernet and Token Ring network adapters are available for the Macintosh.

The Macintosh, or Mac, is popular in many educational institutions and corporate graphics departments. Macs
can be connected to one another in workgroups and can access AppleShare file servers. Macs can also be
connected to PC LANs that include Microsoft, NetWare, or UNIX servers.

Mac OS X (10)

The Macintosh operating system, Mac OS X, is sometimes referred to as Apple System 10.

Some of the features of Mac OS X are in the GUI called Aqua. The Aqua GUI resembles a cross between
Microsoft Windows XP and Linux X-windows GUI. Mac OS X is designed to provide features for the home
computer, such as Internet browsing, video and photo editing, and games, while still providing features that
offer powerful and customizable tools that IT professionals need in an operating system.

The Mac OS X is fully compatible with older versions of the Mac operating systems. Mac OS X provides a
new feature that allows for AppleTalk and Windows connectivity. The Mac OS X core operating system is
called Darwin. Darwin is a UNIX-based, powerful system that provides stability and performance. These
enhancements provide Mac OS X with support for protected memory, preemptive multitasking, advanced
memory management, and symmetric multiprocessing. This makes Mac OS X a formidable competitor
amongst operating systems

37.1.8 Concept of service on servers

NOSs are designed to provide network processes to clients. Network services include the WWW, file sharing,
mail exchange, directory services, remote management, and print services. Remote management is a powerful
service that allows administrators to configure networked systems that are miles apart. It is important to
understand that these network processes are referred to as services in Windows 2000 and daemons in UNIX
and Linux. Network processes all provide the same functions, but the way processes are loaded and interact
with the NOS are different in each operating system. -1-, -2-, -3-

992
Only for individual use – not for distribute on Internet

Depending on the NOS, some of these key network processes may be enabled during a default installation.
Most popular network processes rely on the TCP/IP suite of protocols. Because TCP/IP is an open, well-known
set of protocols, TCP/IP-based services are vulnerable to unauthorized scans and malicious attacks. Denial of
service (DoS) attacks, computer viruses, and fast-spreading Internet worms have forced NOS designers to
reconsider which network services are started automatically.

Recent versions of popular NOSs, such as Windows and Red Hat Linux, restrict the number of network
services that are on by default. When deploying a NOS, key network services will need to be enabled
manually.

When a user decides to print in a networked printing environment, the job is sent to the appropriate queue for
the selected printer. Print queues stack the incoming print jobs and services them using a first-in, first-out
(FIFO) order. When a job is added to the queue, it is placed at the end of the waiting list and printed last. The
printing wait time can sometimes be long, depending on the size of the print jobs at the head of the queue. A
network print service will provide system administrators with the necessary tools to manage the large number
of print jobs being routed throughout the network. This includes the ability to prioritize, pause, and even delete
print jobs that are waiting to be printed.

File sharing

The ability to share files over a network is an important network service. There are many file sharing protocols
and applications in use today. Within a corporate or home network, files are typically shared using Windows
File Sharing or the NFS protocol. In such environments, an end user may not even know if a given file is on a
local hard disk or on a remote server. Windows File Sharing and NFS allow users to easily move, create, and
delete files in remote directories.

993
Only for individual use – not for distribute on Internet
FTP

Many organizations make files available to remote employees, to customers, and to the general public using
FTP. FTP services are made available to the public in conjunction with web services. For example, a user may
browse a website, read about a software update on a web page, and then download the update using FTP.
Smaller companies may use a single server to provide FTP and HTTP services, while larger companies may
choose to use dedicated FTP servers.

Although FTP clients must logon, many FTP servers are configured to allow anonymous access. When users
access a server anonymously, they do not need to have a user account on the system. The FTP protocol also
allows users to upload, rename, and delete files, so administrators must be careful to configure an FTP server
to control levels of access.

FTP is a session-oriented protocol. Clients must open an application layer session with the server, authenticate,
and then perform an action, such as download or upload. If the client session is inactive for a certain length of
time, the server disconnects the client. This inactive length of time is called an idle timeout. The length of an
FTP idle timeout varies depending on the software.

Web services

The World Wide Web is now the most visible network service. In less than a decade, the World Wide Web has
become a global network of information, commerce, education, and entertainment. Millions of companies,
organizations, and individuals maintain websites on the Internet. Websites are collections of web pages stored
on a server or group of servers.

The World Wide Web is based on a client/server model. Clients attempt to establish TCP sessions with web
servers. Once a session is established, a client can request data from the server. HTTP typically governs client
requests and server transfers. Web client software includes GUI web browsers, such as Netscape Navigator and
Internet Explorer.

Web pages are hosted on computers running web service software. The two most common web server software
packages are Microsoft Internet Information Services (IIS) and Apache Web Server. Microsoft IIS runs on a
Windows platform and Apache Web Server runs on UNIX and Linux platforms. A Web service software
package is available for virtually all operating systems currently in production.

DNS

The DNS protocol translates an Internet name, such as www.cisco.com, into an IP address. Many applications
rely on the directory services provided by DNS to do this work. Web browsers, e-mail programs, and file
transfer programs all use the names of remote systems. The DNS protocol allows these clients to make requests
to DNS servers in the network for the translation of names to IP addresses. Applications can then use the
addresses to send their messages. Without this directory lookup service, the Internet would be almost
impossible to use.

DHCP

The purpose of DHCP is to enable individual computers on an IP network to learn their TCP/IP configurations
from the DHCP server or servers. DHCP servers have no information about the individual computers until
information is requested. The overall purpose of this is to reduce the work necessary to administer a large IP
network. The most significant piece of information distributed in this manner is the IP address that identifies
the host on the network. DHCP also allows for recovery and the ability to automatically renew network IP
addresses through a leasing mechanism. This mechanism allocates an IP address for a specific time period,
releases it, and then assigns a new IP address. DHCP allows all this to be done by a DHCP server which saves
the system administrator considerable amount of time

994
Only for individual use – not for distribute on Internet
37.2 Network Managment

37.2.1 Introduction to network management

As a network evolves and grows, it becomes a more critical and indispensable resource to the organization. -1-
As more network resources are available to users, the network becomes more complex, and maintaining the
network becomes more complicated. Loss of network resources and poor performance are results of increased
complexity and are not acceptable to the users. -2-

995
Only for individual use – not for distribute on Internet
The network administrator must actively manage the network, diagnose problems, prevent situations from
occurring, and provide the best performance of the network for the users. At some point, networks become too
large to manage without automated network management tools.

Network Management includes the following duties:

 Monitoring network availability


 Improving automation
 Monitoring response time
 Providing security features
 Rerouting traffic
 Restoring capabilities
 Registering users

The driving forces behind network management are shown in Figure -3- and explained below:

 Controlling corporate assets – If network resources are not effectively controlled, they will not
provide the results that management requires.
 Controlling complexity – With massive growth in the number of network components, users,
interfaces, protocols, and vendors, loss of control of the network and its resources threatens
management.
 Improved service – Users expect the same or improved service as the network grows and the resources
become more distributed.
 Balancing various needs – Users must be provided with various applications at a given level of
support, with specific requirements in the areas of performance, availability, and security.
 Reducing downtime – Ensure high availability of resources by proper redundant design.
 Controlling costs – Monitor and control resource utilization so that user needs can be satisfied at a
reasonable cost.

Some basic network management terms are introduced in Figure -4- .

996
Only for individual use – not for distribute on Internet
37.2.2 OSI and network management model

The International Standards Organization (ISO) created a committee to produce a model for network
management, under the direction of the OSI group.

This model has four 4 parts:

 Organization
 Information
 Communication
 Functional

This is a view of network management from the top-down, divided into four submodels and recognized by the
OSI standard. -1-

The Organization model -2- describes the components of network management such as a manager, agent, and
so on, and their relationships. The arrangement of these components leads to different types of architecture,
which will be discussed later.

The Information model is concerned with structure and storage of network management information. -3-
This information is stored in a database, called a management information base ( MIB ). The ISO defined the
structure of management information (SMI) to define the syntax and semantics of management information
stored in the MIB. MIBs and SMI will be covered in more depth later.

The Communication model deals with how the management data is communicated between the agent and
manager process. -4-
It is concerned with the transport protocol, the application protocol, and commands and responses between
peers.

The Functional model addresses the network management applications that reside upon the network
management station (NMS). -5-

997
Only for individual use – not for distribute on Internet

The OSI network management model categorizes five 5 areas of function, sometimes referred to as the
FCAPS model:

 Fault
 Configuration
 Accounting
 Performance
 Security

This network management model has gained broad acceptance by vendors as a useful way of describing the
requirements for any network management system.

37.2.3 SNMP and CMIP standards

To allow for interoperability of management across many different network platforms, network management
standards are required so that vendors can implement and adhere to these standards. Two main standards have
emerged: -1-

 Simple Network Management Protocol – IETF community


 Common Management Information Protocol – Telecommunications community

SNMP actually refers to a set of standards for network management, including a protocol, a database structure
specification, and a set of data objects. SNMP was adopted as the standard for TCP/IP internets in 1989 and
became very popular. An upgrade, known as SNMP version 2c (SNMPv2c) was adopted in 1993. SNMPv2c
provides support for centralized and distributed network management strategies, and included improvements in
998
Only for individual use – not for distribute on Internet
the structure of management information (SMI), protocol operations, management architecture, and security.
This was designed to run on OSI based networks as well as TCP/IP based networks. Since then SNMPv3 has
been released. To solve the security shortcomings of SNMPv1 and SNMPv2c, SNMPv3 provides secure access
to MIBs by authenticating and encrypting packets over the network. The CMIP is an OSI network management
protocol that was created and standardized by the ISO for the monitoring and control of heterogeneous
networks.

37.2.4 SNMP operation

SNMP is an application layer protocol designed to facilitate the exchange of management information between
network devices. By using SNMP to access management information data, such as packets per second sent on
an interface or number of open TCP connections, network administrators can more easily manage network
performance to find and solve network problems.

Today, SNMP is the most popular protocol for managing diverse commercial, university, and research
internetworks.

Standardization activity continues even as vendors develop and release state-of-the-art SNMP-based
management applications. SNMP is a simple protocol, yet its feature set is sufficiently powerful to handle the
difficult problems involved with the management of heterogeneous networks.

The organizational model for SNMP based network management includes four elements:

 Management station
 Management agent
 Management information base
 Network management protocol

The NMS is usually a standalone workstation, but it may be implemented over several systems. It includes a
collection of software called the network management application (NMA). The NMA includes a user interface
to allow authorized network managers to manage the network. It responds to user commands issued throughout
the network. The management agents are network-management software modules that reside in key network
devices, such as other hosts, routers, bridges and hubs. They respond to requests for information and requests
for actions from the NMS, such as polling, and may provide the NMS with important but unsolicited
information, such as traps. All the management information of a particular agent is stored in the management
information base on that agent.

An agent might keep track of the following:

 Number and state of its virtual circuits


 Number of certain kinds of error messages received

999
Only for individual use – not for distribute on Internet
 Number of bytes and packets in and out of the device
 Maximum output queue length, for routers and other internetworking devices
 Broadcast messages sent and received
 Network interfaces going down and coming up

The NMS performs a monitoring function by retrieving the values from the MIB. The NMS can cause an
action to take place at an agent. The communication between the manager and the agent is carried out by an
application layer network management protocol. SNMP uses User Datagram Protocol (UDP) and
communicates over ports 161 and 162. It is based on an exchange of messages.

There are three 3 common message types:

 Get - Enables the management station to retrieve the value of MIB objects from the agent.
 Set - Enables the management station to set the value of MIB objects at the agent.
 Trap - Enables the agent to notify the management station of significant events.

This model is referred to as a two-tier model. -1- However, it assumes that all network elements are
manageable by SNMP. This is not always the case, as some devices have a proprietary management interface.
In these cases, a three-tiered model is required. -2- . A network manager who wants to obtain information or
control this proprietary node communicates with a proxy agent. The proxy agent then translates the manager‘s
SNMP request into a form appropriate to the target system and uses whatever proprietary management protocol
is appropriate to communicate with the target system. Responses from the target to the proxy are translated into
SNMP messages and communicated back to the manager.

Network management applications often offload some network management functionality to a remote monitor
(RMON) probe. The RMON probe gathers management information locally, and then the network manager
periodically retrieves a summary of this data.

The NMS is an ordinary workstation, running a typical operating system. -3- It has a large amount of RAM, to
hold all the management applications running at the same time. The manager runs a typical network protocol
stack, such as TCP/IP. The network management applications rely on the host operating system, and on the
communication architecture. Examples of network management applications are Ciscoworks2000, HP
Openview, and IBM NetView.

As discussed before, the manager may be a standalone, centralized workstation sending out queries to all
agents, no matter where they are located. -4- . In a distributed network, a decentralized architecture is more
appropriate, with local NMS at each site. These distributed NMS can act in a client-server architecture, in
which one NMS acts as a master server, and the others are clients. The clients send their data to the master
server for centralized storage. -5-. An alternative is that all distributed NMSs have equal responsibility, each
with their own manager databases, so the management information is distributed over the peer NMSs. -6-

1000
Only for individual use – not for distribute on Internet

1001
Only for individual use – not for distribute on Internet

1002
Only for individual use – not for distribute on Internet
37.2.5 Structure of management information and MIBs

A MIB is used to store the structured information representing network elements and their attributes. The
structure itself is defined in a standard called the SMI, which defines the data types that can be used to store an
object, how those objects are named, and how they are encoded for transmission over a network. -1-

MIBs are highly structured depositories for information about a device. Many standard MIBs exist, but more
MIBs that are proprietary exist to uniquely manage different vendor‘s devices. The original SMI MIB was
categorized into eight different groups, totaling 114 managed objects. More groups were added to define MIB-
II, which now replaces MIB-I.

All managed objects in the SNMP environment are arranged in a hierarchical or tree structure. The leaf objects
of the tree, which are the elements that appear at the bottom of the diagram, are the actual managed objects.
Each managed object represents some resource, activity or related information that is to be managed. A unique
object identifier, which is a number in dot notation, identifies each managed object. Each object identifier is
described using abstract syntax notation (ASN.1). -2-

SNMP uses these object identifiers to identify the MIB variables to retrieve or modify. Objects that are in the
public domain are described in MIBs introduced in Request for Comments (RFCs). They are readily accessible
at: http://www.ietf.org

All vendors are encouraged to make their MIB definitions known. Once an assigned enterprise value has been
given, the vendor is responsible for creating and maintaining sub-trees

1003
Only for individual use – not for distribute on Internet

37.2.6 SNMP protocol

The agent is a software function embedded in most networked devices, such as routers, switches, managed
hubs, printers, and servers. -1-

It is responsible for processing SNMP requests from the manager. It is also responsible for the execution of
routines that maintain variables as defined in the various supported MIBs.

Interaction between the manager and the agent is facilitated by the SNMP. The term simple comes from the
restricted number of message types that are part of the initial protocol specification. The strategy was designed
to make it easier for developers to build management capabilities into network devices. The initial protocol
specification is referred to as SNMPv1 (version 1).
1004
Only for individual use – not for distribute on Internet
There are three types of SNMP messages issued on behalf of an NMS. They are GetRequest, GetNextRequest
and SetRequest. -2-

All three messages are acknowledged by the agent in the form of a GetResponse message. An agent may issue
a Trap message in response to an event that affects the MIB and the underlying resources.

The development of SNMPv2c addressed limitations in SNMPv1. The most noticeable enhancements were the
introduction of the GetBulkRequest message type and the addition of 64-bit counters to the MIB. Retrieving
information with GetRequest and GetNextRequest was an inefficient method of collecting information. Only
one variable at a time could be solicited with SNMPv1. The GetBulkRequest addresses this weakness by
receiving more information with a single request. Secondly, the 64-bit counters addressed the issue of counters
rolling over too quickly, especially with higher speed links like Gigabit Ethernet.

The management entity is also referred to as the manager or NMS. -3-

1005
Only for individual use – not for distribute on Internet
It is responsible for soliciting information from the agent. The solicitations are based on very specific requests.
The manager processes the retrieved information in a number of ways. The retrieved information can be logged
for later analysis, displayed using a graphing utility, or compared with preconfigured values to test if a
particular condition has been met.

Not all manager functions are based on data retrieval. There is also the ability to issue changes of a value in the
managed device. This feature enables an administrator to configure a managed device using SNMP.

The interaction between the manager and the managed device does introduce traffic to the network. Caution
should be taken when introducing managers on to the network. Aggressive monitoring strategies can
negatively affect network performance. Bandwidth utilizations will go up, which may be an issue for WAN
environments. Also, monitoring has a performance impact on the devices being monitored, since they are
required to process the manager requests. This processing should not take precedence over production services.

A general rule is that a minimum amount of information should be polled as infrequently as possible.
Determine which devices and links are most critical and what type of data is required.

SNMP uses user datagram protocol (UDP) as a transport protocol. Since UDP is connectionless and unreliable,
it is possible for SNMP to lose messages. SNMP itself has no provision for guarantee of delivery, so it is up to
the application using SNMP to cope with lost messages.

Each SNMP message contains a cleartext string, called a community string. The community string is used like
a password to restrict access to managed devices. -4-

SNMPv3 has addressed the security concerns raised by transmitting the community string in cleartext.

An example of what the SNMPv2c message looks like is illustrated in Figure -5-. A detailed presentation of
the protocol can be found in the Internet standard RFC1905.

The fact that the community string is cleartext is no surprise to anyone who has studied the Internet Protocol
(IP) protocol suite. All fields specified in the protocol suite are cleartext, except for security authentication and
encryption specifications.

1006
Only for individual use – not for distribute on Internet

The community string was essentially a security placeholder until the SNMPv2 working group could ratify
security mechanisms. The efforts were referred to the SNMPv3 working group. All SNMP-based management
applications need to be configured to use the appropriate community strings. Some organizations frequently
change the community string values to reduce the risk of malicious activity from the unauthorized use of the
SNMP service.

In spite of the weakness associated with community-based authentication, management strategies are still
based on SNMPv1. Cisco devices do support SNMPv3 message types and the increased security capabilities,
but most management software applications do not support SNMPv3. -6-

1007
Only for individual use – not for distribute on Internet
SNMPv3 supports the concurrent existence of multiple security models. -7-

37.2.7 Configuring SNMP

In order to have the NMS communicate with networked devices, the devices must have SNMP enabled and the
SNMP community strings configured. These devices are configured using the command line syntax described
in the following paragraphs.

More than one read-only string is supported. The default on most systems for this community string is public.
It is not advisable to use the default value in an enterprise network. To set the read-only community string used
by the agent, use the following command: -1-

Router(config)#snmp-server community string ro

 String – Community string that acts like a password and permits access to the SNMP protocol

1008
Only for individual use – not for distribute on Internet
 ro – (Optional) Specifies read-only access. Authorized management stations are only able to retrieve
MIB objects.

More than one read-write string is supported. All SNMP objects are available for write access. The default on
most systems for this community string is private. It is not advisable to use this value in an enterprise network.
To set the read-write community string used by the agent, use the following command:

Router(config)#snmp-server community string rw

 rw – (Optional) Specifies read-write access. Authorized management stations are able to both retrieve
and modify MIB objects

There are several strings that can be used to specify location of the managed device and the main system
contact for the device.

Router(config)#snmp-server location text

Router(config)#snmp-server contact text

 text – String that describes the system location information

These values are stored in the MIB objects sysLocation and sysContact .

37.2.8 RMON

RMON is a major step forward in Internetwork management. It defines a remote monitoring MIB that
supplements MIB-II and provides the network manager with vital information about the network. The
remarkable feature of RMON is that while it is simply a specification of a MIB, with no changes in the
underlying SNMP protocol, it provides a significant expansion in SNMP functionality. -1-

With MIB-II, the network manager can obtain information that is purely local to individual devices. -2-
Consider a LAN with a number of devices on it, each with an SNMP agent. An SNMP manager can learn of
the amount of traffic into and out of each device, but with MIB-II it cannot easily learn about the traffic on the
LAN as a whole.

Network management in an internetworked environment typically requires one monitor per subnetwork.

The RMON standard originally designated as IETF RFC 1271, now RFC 1757, was designed to provide
proactive monitoring and diagnostics for distributed LAN-based networks. Monitoring devices, called agents
or probes, on critical network segments allow for user-defined alarms to be created and a wealth of vital
statistics to be gathered by analyzing every frame on a segment.

The RMON standard divides monitoring functions into nine groups to support Ethernet topologies and adds a
tenth group in RFC 1513 for Token Ring-unique parameters. The RMON standard was crafted to be deployed
as a distributed computing architecture, where the agents and probes communicate with a central management
1009
Only for individual use – not for distribute on Internet
station, a client, using SNMP. These agents have defined SNMP MIB structures for all nine or ten Ethernet or
Token Ring RMON groups, allowing interoperability between vendors of RMON-based diagnostic tools. The
RMON groups are defined as: -3-

 Statistics group - Maintains utilization and error statistics for the subnetwork or segment being
monitored. Examples are bandwidth utilization, broadcast, multicast, CRC alignment, fragments, and so
on.
 History group - Holds periodic statistical samples from the statistics group and stores them for later
retrieval. Examples are utilization, error count, and packet count.
 Alarm group - Allows the administrator to set a sampling interval and threshold for any item recorded
by the agent. Examples are absolute or relative values and rising or falling thresholds.
 Host group - Defines the measurement of various types of traffic to and from hosts attached to the
network. Examples are packets sent or received, bytes sent or received, errors, and broadcast and
multicast packets.
 Host TopN group - Provides a report of TopN hosts based on host group statistics.
 Traffic matrix group - Stores errors and utilization statistics for pairs of communicating nodes of the
network. Examples are errors, bytes, and packets.
 Filter group - A filter engine that generates a packet stream from frames that match the pattern
specified by the user.
 Packet capture group - Defines how packets that match filter criteria are buffered internally.
 Event group - Allows the logging of events, also called generated traps, to the manager, together with
time and date. Examples are customized reports based upon the type of alarm

1010
Only for individual use – not for distribute on Internet

37.2.9 Syslog

The Cisco syslog logging utility is based on the UNIX syslog utility. System events are usually logged to the
system console unless disabled. The syslog utility is a mechanism for applications, processes, and the operating
system of Cisco devices to report activity and error conditions. The syslog protocol is used to allow Cisco
devices to issue these unsolicited messages to a network management station.

Every syslog message logged is associated with a timestamp, a facility, a severity, and a textual log message.
These messages are sometimes the only means of gaining insight into some device misbehaviors.

Severity level indicates the critical nature of the error message. -1-
There are eight levels of severity, 0-7, with level 0 (zero) being the most critical, and level 7 the least critical.
The levels are as follows:

0 Emergencies
1 Alerts
2 Critical
3 Errors
4 Warnings
5 Notifications

1011
Only for individual use – not for distribute on Internet
6 Informational
7 Debugging

The facility and severity level fields are used for processing the messages. Level 0 (zero) to level 7 are facility
types provided for custom log message processing. The Cisco IOS defaults to severity level 6.This setting is
configurable.

In order to have the NMS receive and record system messages from a device, the device must have syslog
configured. -2-

Below is a review of the command line syntax on how to configure these devices.

To enable logging to all supported destinations:

Router(config)#logging on

To send log messages to a syslog server host, such as CiscoWorks2000:

Router(config)#logging hostname | ip address

To set logging severity level to level 6, informational:

1012
Only for individual use – not for distribute on Internet
Router(config)#logging trap informational

To include timestamp with syslog message:

Router(config)#service timestamps log datetime

37.2.10 Summary

An understanding of the following key points should have been achieved:

 The functions of a workstation and a server


 The roles of various equipment in a client/server environment
 The development of Networking Operating Systems (NOS)
 An overview of the various Windows platforms
 An overview of some of the alternatives to Windows operating systems
 Reasons for network management
 The layers of OSI and network management model
 The type and application of network management tools
 The role that SNMP and CMIP play in network monitoring
 How management software gathers information and records problems
 How to gather reports on network performance

1013
Only for individual use – not for distribute on Internet
BASIC KONFIGURACIJA SWITCH-a

switch#show running-config ( prikaz trenutne konfiguracije )


switch#show startup-config ( prikaz startne konfiguracije )
switch#configure terminal ( ulaz u global config mode )
switch (config)#hostname SW1 ( postavljanje imena switcha SW1 )
SW1#exit

SW1#configure terminal ( ulaz u global config mode )

SW1(config)#line console 0 ( ulaz u config mode console )


SW1(config-line)#line console 0 ( ulaz u config mode console )
SW1(config-line)#password cisco ( postavljanje passw. cisco za ulaz preko console )
SW1(config-line)#login ( prihvaćanje passw. cisco za ulaz preko console )

SW1(config-line)#line vty 0 15 ( ulaz u config mode vty - telnet )


SW1(config-line)#password cisco ( postavljanje passw. cisco za ulaz preko telneta )
SW1(config-line)#login ( prihvaćanje passw. cisco za ulaz preko telneta )

SW1(config-line)#exit ( prelaz iz line config moda u global config mode )

SW1(config)#enable password cisco ( aktiviranje passworda cisco na switchu )


SW1(config)#enable secret class ( aktiviranje enkripcije passworda class na switchu )

SW1(config)#interface vlan 1 ( ulazak u config mode interface VLAN1 )


SW1(config-if)#ip address 192.168.1.2 255.255.255.0 ( postavljanje IP adrese za VLAN1 )
SW1(config-if)#exit

SW1(config)#ip default-gateway 192.168.1.1 ( postavljanje default gateway-a za VLAN1 )


SW1(config-if)#exit

SW1#show interface vlan 1 (prikaz interfacea u VLAN 1 )


SW1#copy running-config startup-config (spremanje trenutne konfiguracije u NVRAM )
SW1#show running-config (prikaz trenutne konfiguracije )

1014
Only for individual use – not for distribute on Internet
MANAGING THE STARTUP CONFIGURATION FILE

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )

Switch#show flash ( prikazuje FLASH na switchu )


Switch#show startup-config ( prikazuje startnu konfiguraciju na switchu )

Switch#copy running-config startup-config ( kopira trenutno pokrenutu konfiguraciju u NVRAM za startnu


konfiguraciju na switchu )

Switch#copy startup-config tftp ( kopira STARTUP configuration file na TFTP server )


Address or name of remote host[]?192.168.1.3 ( IP adresa TFTP servera )
Destination file name[switch-config]?switch-config + ENTER ( upis naziva file [destination] koji snimamo
na TFTP server )

Switch#copy tftp startup-config ( kopira STARTUP configuration file SA TFTP servera )


Address or name of remote host[]?192.168.1.3 ( IP adresa TFTP servera )
Source file name[]?tftp ( izvor odakle uzimamo file )
Destination file name[]?switch-config + Enter (naziv file za destinaciju )

Switch#show startup-config ( prikazuje startnu konfiguraciju na switchu )

1015
Only for individual use – not for distribute on Internet
CHANGE PLACE or ADD NEW SWITCH
Host1 C:\> ping 192.168.1.2
Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )

Switch#show mac-address-table ( prikazuje MAC address table )

Switch#configure terminal ( ulazak u global config mode )


Switch(config)#mac-address-table static 00e0.2917.1884 vlan 1 interface fastethernet 0/4 ( postavljanje
statičke MAC adrese na fastethernetu 0/4 u VLAN-u 1 )
Switch#exit

Switch#show mac-address-table
Switch#show running-config

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode FA 0/4 )
Switch(config-if)#switchport port-security ( AKTIVIRA port security )
Switch(config-if)#exit
Switch(config)#exit

Switch#show mac-address-table
Switch#clear mac-address-table

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode FA 0/4 )
Switch(config-if)#switchport port-security maximum 1 ( postavlja port security na MAX MAC COUNT 1 )
Switch(config-if)#exit
Switch(config)#exit
Switch#show mac-address-table
Switch#clear mac-address-table
Switch#show mac-address-table

Switch#configure terminal
Switch(config)#interface fastethernet 0/4
Switch(config-if)#no switchport port-security ( DEAKTIVIRA port security )
Switch(config-if)#exit
Switch(config)#interface fastethernet 0/8 ( ulazak u config mode FA 0/8 )
Switch(config-if)#switchport port-security maximum 1 ( postavlja port security na MAX MAC COUNT 1 )
Switch(config-if)#exit
Switch(config)#exit

Switch#show mac-address-table
Switch#clear mac-address-table
Switch#show mac-address-table

1016
Only for individual use – not for distribute on Internet
CONFIGURE PORT SECURITY

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )

Switch#show mac-address-table ( prikazuje MAC address table )

Switch#configure terminal ( ulazak u global config mode )


Switch(config)#mac-address-table static 00e0.2917.1884 vlan 1 interface fastethernet 0/4 ( postavljanje
statičke MAC adrese na fastethernetu 0/4 u VLAN-u 1 )
Switch#exit

Switch#show mac-address-table
Switch#show running-config

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode FA 0/4 )
Switch(config-if)#switchport mode access ( set port to access mode )
Switch(config-if)#switchport port-security ( AKTIVIRA port security )
Switch(config-if)#switchport port-security maximum 1 ( postavlja port security na MAX MAC COUNT 1 )
Switch(config-if)#switchport port-security violation shutdown ( deaktiviranje porta u slučaju neovlaštenog
pristupa, preko dotičnog porta )
Switch(config-if)#exit
Switch(config)#exit

Switch#show interface fastethernet 0/4

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode FA 0/4 )
Switch(config-if)#no shutdown ( aktivira port fa 0/4 )

1017
Only for individual use – not for distribute on Internet
MANAGING THE SWITCH
OPERATING SISTEM FILE
IOS

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )
Switch#show flash ( prikazuje FLASH na switchu )

Switch#copy flash tftp ( kopira FLASH na TFTP server )


Source file name[]?c2950-c3h2s-mz-120-5.3.wc.1.bin ( upis naziva file [source] koji će biti snimljen na tftp
server )
Address or name of remote host[]?192.168.1.3 ( IP adresa TFTP servera )
Destination file name[]?c2950-c3h2s-mz-120-5.3.wc.1.bin ( upis naziva file [destination] koji je snimljen na
tftp server )
…………………………..nakon toga pojavljuju se svi uskličnici !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Switch#copy tftp flash tftp ( kopira FLASH SA TFTP servera na switch )


Source file name[]?c2950-c3h2s-mz-120-5.3.wc.1.bin ( upis naziva file [source] koji će biti snimljen sa
servera na switch )
Address or name of remote host[]?192.168.1.3 ( IP adresa TFTP servera )
Destination file name[]?c2950-c3h2s-mz-120-5.3.wc.1.bin ( upis naziva file [destination] koji je snimljen na
switch )
Do you want the overwrite ? [confirm] ENTER
…………………………..nakon toga pojavljuju se svi uskličnici !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Switch#show version ( prikazuje trenutnu verziju IOS-a )

1018
Only for individual use – not for distribute on Internet
PASSWORD RECOVERY PROCEDURE
ON a 2900 SERIE SWITCH

Pristup isključivo preko Console konekcije

Host1 C:\> ping 192.168.1.2


To regain access to the switch, you need to do password recovery. Start by connecting to do console port with
a PC.
When all hardware is ready, turn OFF power to the switch.
Turn the power BACK ON, while holding down the mode button. Release the MODE button when the LED
over port 1 goes out.
( Uključite ponovno switch ali držeći tipku MODE pritisnutu. Kada se LED dioda na portu 1 ugasi onda pustite
MODE tipku ).

Host1 C:\> NEXT.


Host1 C:\>flash_init ( naredba za početak procedure vraćanja passworda )
Host1 C:\>load_helper ( učitavanje pomoći )
Host1 C:\>dir flash: ( očitavanje sastava direktorija Flash )
Switch>rename flash:config.text flash:config.old ( preimenovanje datoteke config.text u config.old
Switch>boot ( rebootanje switcha )
……………….nakon restarta switcha pojavljuje se puno #################### i naziv BIN datoteke.
Pred kraj podizanja switcha pojavljuje se pitanje:
Continue with configuration dialog? [yes/no] N ( upišite N za NO )

Switch>rename flash:config.old flash:config.text ( preimenovanje datoteke config.old u config.text

Switch>enable ( ulaz u EXEC mode )

Switch#copy flash:config.text system:running-config ( kopiranje config.text u trenutno pokrenutu


konfiguraciju running-config )

Destination file name [running-config]?running-config ili ENTER ( destinacijski file )

Switch#configure terminal ( ulaz u global configuration mode )

Switch(config)#no enable secret ( brisanje lozinke koja je bila upisana kao SECRET )

Switch(config)#enable password cisco ( postavljanje nove lozinke cisco)


Switch(config)#enable secret class ( postavljanje nove lozinke console line)

Switch(config)#line console 0 ( ulaz u config mode za console konektiranje PC-to_switch )


Switch(config-line)#password cisco ( postavljanje passworda cisco )
Switch(config-line)#exit
Switch(config)#line vty 0 15 ( ulaz u config mode za TELNET konektiranje )
Switch(config-line)#password cisco ( postavljanje passworda cisco )
Switch(config-line)#exit
Switch(config)#exit
Switch#copy running-config startup-config ( spremanje trenutno pokrenute konfiguracije u NVRAM )

1019
Only for individual use – not for distribute on Internet

1020
Only for individual use – not for distribute on Internet
SELECTING THE ROOT BRIDGE
SWITCH

Root Bridge je trenutno Switch_A. Treba promijeniti da Switch_B bude Root Bridge

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch_A#enable
Switch_A#class ( password )
Switch_A#show interface vlan 1 ( prikaz tablice VLAN 1 )

Switch_B#enable
Switch_B#class ( password )
Switch_B#show interface vlan 1 ( prikaz tablice VLAN 1 )

Switch_A#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID )

Postavljanje Switch_B za Root Bridge


Switch_B#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID )
Switch_B#configure terminal ( ulazak u global config mode )
Switch_B(config )#spanning-tree vlan 1 proirity 4096 ( postavljanje prioriteta na switchu iz 32769 u 4096 )
Switch_B(config )#exit

Switch_A#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID, a vidi se I
promjena ROOT ID prioriteta koja je sada 4097 a BRIDGE ID je i dalje 32769 )

Switch_B#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID, a vidi se I
promjena ROOT ID prioriteta koja je sada 4097 kao i BRIDGE ID prioritet4097 )

Switch_B)#show running-config ( u prikazu trenutne konfiguracije možemo vidjeti da je ovaj switch_B


postavljen za ROOT BRIDGE jer ima prioritet 4096 a switch ima prioritet 32769 )

1021
Only for individual use – not for distribute on Internet
SPANNING-TREE RECALCULATION on SWITCH

Host_A C:\> ping 192.168.1.2 ( pinganje switcha A )


Host_A C:\>ipconfig ( IP adresa Hosta_A )

Host_B C:\> ping 192.168.1.3 ( pinganje switcha B)


Host_B C:\>ipconfig ( IP adresa Hosta_B )

Switch_A#enable
Switch_A#class ( password )
Switch_A#show interface vlan 1 ( prikaz tablice VLAN 1 na switchu A)

Switch_B#enable
Switch_B#class ( password )
Switch_B#show interface vlan 1 ( prikaz tablice VLAN 1 na switchu B )

Switch_A#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID )

Switch_B#show spanning-tree ( prikaz protocola, interface-a, prioriteta, root ID, bridge ID )

Kada isključimo jedan od kablova na nekom portu, onda pomoću naredbe show spanning-tree vidimo da je
dotični izbačen iz tablice rekalkulacije za protocol.

1022
Only for individual use – not for distribute on Internet
CONFIGURATION STATIC VLANs

Host_A C:\> ping 192.168.1.2 ( pinganje switcha )


Host_A C:\>ipconfig ( IP adresa Hosta_A )

Host_B C:\> ping 192.168.1.3 ( pinganje switcha)


Host_B C:\>ipconfig ( IP adresa Hosta_B )

Switch#enable
Switch#class ( password )

Switch#show version ( prikaz IOS verzije)


Switch#show interface vlan ( prikaz tablice svih VLAN-ova na switchu )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, ako postavljamo novi Vlan )
Switch(vlan)#vlan 2 name VLAN2 ( postavljanje novog vlana pod nazivom VLAN2, obavezno broj 2 staviti
uz naziv vlana. )
Switch(vlan)#vlan 3 name VLAN3 ( postavljanje novog vlana pod nazivom VLAN3, obavezno broj 3 staviti
uz naziv vlana. )
Switch(vlan)#exit

Switch#show vlan ( prikazuje sve VLAN-ove na switchu. Tu možemo vidjeti da smo dodali dva nova Vlan-a 2
i 3 ali im nije niti jedan port dodjeljen. )

Switch#configure terminal
Switch(config)#interface fastethernet 0/2 ( ulazak u config mode fastethetnet interface-a 0/2 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje interface-a FA0/2 u VLAN 2 )
Switch(config-if)#end ( prelazak u EXEC mode )
Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti da sada port FA0/2 pripada Vlanu 2 )

Switch#configure terminal
Switch(config)#interface fastethernet 0/3 ( ulazak u config mode fastethetnet interface-a 0/3 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 3)
Switch(config-if)#switchport access vlan 3 ( prebacivanje interface-a FA0/3 u VLAN 3 )
Switch(config-if)#end ( prelazak u EXEC mode )

Switch#show vlan id 2 ( prikaz tablice Vlan 2 gdje možemo vidjeti koji portovi pripadaju Vlanu 2 sa
detaljnijim informacijama )

Switch#show vlan name vlan2 ( ova naredba je ista kao i gornja iznad, tj. prikazuje iste informacije, prikaz
tablice Vlan 2 gdje možemo vidjeti koji portovi pripadaju Vlanu 2 sa detaljnijim informacijama )

1023
Only for individual use – not for distribute on Internet
CREATE new VLAN and MOVE INTERFACES in NEW VLAN,
VERIFYING VLAN CONFIGURATIONS
SWITCH 2900 serie
Kreiranje novih VLAN-ova i prebacivanje Interfaces iz VLAN 1 u VLAN 2 i VLAN 3

Switch#enable
Switch#class ( password )

Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju VLAN 1 )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, ako postavljamo novi Vlan )
Switch(vlan)#vlan 2 name VLAN2 ( postavljanje novog vlana pod nazivom VLAN2, obavezno broj 2 staviti
uz naziv vlana. )
Switch(vlan)#vlan 3 name VLAN3 ( postavljanje novog vlana pod nazivom VLAN3, obavezno broj 3 staviti
uz naziv vlana. )
Switch(vlan)#exit

Switch#configure terminal

Switch(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje interface-a FA0/4 u VLAN 2 )
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/5 ( ulazak u config mode fastethetnet interface-a 0/5 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje interface-a FA0/5 u VLAN 2 )
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/6 ( ulazak u config mode fastethetnet interface-a 0/6 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje interface-a FA0/6 u VLAN 2 )
Switch(config-if)#end ( prebacivanje u EXEC USER mode )

Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju VLAN 1 osim 04,0/5,0/6 koji pripadaju VLAN 2 )

Switch#configure terminal

Switch(config)#interface fastethernet 0/7 ( ulazak u config mode fastethetnet interface-a 0/7 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 3)
Switch(config-if)#switchport access vlan 3 ( prebacivanje interface-a FA0/7 u VLAN 3 )
Switch(config-if)#exit
SWITCH 1900 serie

Kreiranje novih VLAN-ova i prebacivanje Interfaces iz VLAN 1 u VLAN 2 i VLAN 3


Neke naredbe postavljanja iz jednog VLAN-a u drugi VLAN se razlikuju od serije do serije switcha.

1024
Only for individual use – not for distribute on Internet

Switch#enable
Switch#class ( password )

Switch#show vlan-membership ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u
ovom momentu svi interfaces ( portovi ) pripadaju VLAN 1 )

Switch#configure terminal
Switch(config)#vlan 2 name VLAN2 ( postavljanje novog vlana pod nazivom VLAN2, obavezno broj 2
staviti uz naziv vlana. )
Switch(config)#vlan 3 name VLAN3 ( postavljanje novog vlana pod nazivom VLAN3, obavezno broj 3
staviti uz naziv vlana. )
Switch(config)#exit

Switch#configure terminal

Switch(config)#interface ethernet 0/4 ( ulazak u config mode ethetnet interface-a 0/4 )


Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/4 u VLAN 2 )
Switch(config)#interface ethernet0/5 ( ulazak u config mode ethetnet interface-a 0/5 )
Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/5 u VLAN 2 )
Switch(config)#interface ethernet 0/6 ( ulazak u config mode ethetnet interface-a 0/6 )
Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/6 u VLAN 2 )
Switch(config-if)#end ( prebacivanje u EXEC USER mode )

Switch#show vlan-membership ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u
ovom momentu svi interfaces ( portovi ) pripadaju VLAN 1 osim 04,0/5,0/6 koji pripadaju VLAN 2 )

Switch#configure terminal

Switch(config)#interface ethernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )


Switch(config-if)#vlan static 3( prebacivanje ( postavljanje ) interface-a e0/7 u VLAN 3 )
Switch(config-if)#exit

1025
Only for individual use – not for distribute on Internet
CREATE and DELETE VLAN 3
SWITCH 2900 serie
Kreiranje i Brisanje VLAN-ova

Switch_A#enable
Switch_A#class ( password )
Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju VLAN 1 )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, add or delete VLAN )
Switch(vlan)#vlan 2 name VLAN2 ( kreiranje novog VLAN, obavezno broj 2 staviti uz naziv vlana. )
Switch(vlan)#vlan 3 name VLAN3 ( kreiranje novog VLAN, obavezno broj 3 staviti uz naziv vlana )
Switch(vlan)#exit

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje (postavljanje) interface-a FA0/4 u VLAN 2
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/5 ( ulazak u config mode fastethetnet interface-a 0/5 )


Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 2)
Switch(config-if)#switchport access vlan 2 ( prebacivanje (postavljanje) interface-a FA0/5 u VLAN 2
Switch(config-if)#exit

Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju VLAN 1 osim 04,0/5,0/6 koji pripadaju VLAN 2 )

Switch#configure terminal
Switch(config)#interface fastethernet 0/7 ( ulazak u config mode fastethetnet interface-a 0/7 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 3)
Switch(config-if)#switchport access vlan 3 ( prebacivanje interface-a FA0/7 u VLAN 3 )
Switch(config-if)#exit

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch(config-if)#no switchport access vlan 2 ( brisanje interface-a FA0/4 iz VLAN 2 )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, add or delete VLAN )
Switch(vlan)#no vlan 3 ( brisanje VLAN-a 3 sa switcha )
Switch(vlan)#exit

DELETE a FastEthetrnet interface FROM a VLAN 3


Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#interface FastEthernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )
Switch(config-if)#no switchport access vlan 3 ( brisanje VLAN 3 sa switcha )
Switch(config-if)#exit
CREATE and DELETE VLAN 3
SWITCH 1900 serie

1026
Only for individual use – not for distribute on Internet
Kreiranje i Brisanje VLAN-ova
Neke naredbe postavljanja iz jednog VLAN-a u drugi VLAN se razlikuju od serije do serije switcha.

Host1 C:\> ping 192.168.1.2


Host1 C:\>ipconfig
Switch#enable
Switch#class ( password )

Switch#show vlan-membership ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u
ovom momentu svi interfaces ( portovi ) pripadaju VLAN 1 )

Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#vlan 2 name VLAN2 ( kreiranje novog VLAN, obavezno broj 2 staviti uz naziv vlan. )
Switch(config)#vlan 3 name VLAN3 ( kreiranje novog VLAN, obavezno broj 3 staviti uz naziv vlan. )
Switch(config)#exit

Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#interface Ethernet 0/4 ( ulazak u config mode ethetnet interface-a 0/4 )
Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/4 u VLAN 2 )
Switch(config)#interface Ethernet0/5 ( ulazak u config mode ethetnet interface-a 0/5 )
Switch(config-if)#vlan static 2 ( prebacivanje ( postavljanje ) interface-a e0/5 u VLAN 2 )
Switch(config-if)#end ( prebacivanje u EXEC USER mode )

Switch#show vlan-membership ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u
ovom momentu svi interfaces ( portovi ) pripadaju VLAN 1 osim 04,0/5, koji pripadaju VLAN 2 )

Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )

Switch(config)#interface Ethernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )


Switch(config-if)#vlan static 3( prebacivanje ( postavljanje ) interface-a e0/7 u VLAN 3 )
Switch(config-if)#exit

Switch#configure terminal
Switch(config)#interface Ethernet 0/4 ( ulazak u config mode ethernet interface-a 0/4 )
Switch(config-if)#no vlan-membership 2 ( brisanje interface-a e0/4 iz VLAN 2 )

Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#interface Ethernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )
Switch(config-if)#no vlan static 3 ( brisanje VLAN 3 sa switcha )
Switch(config-if)#exit

DELETE a Ethernet interface FROM a VLAN 3


Switch#configure terminal ( ulazak u global config. mode and add or delete VLAN )
Switch(config)#interface Ethernet 0/7 ( ulazak u config mode ethetnet interface-a 0/7 )
Switch(config-if)#no vlan-membership 3 ( brisanje VLAN 3 sa switcha )
Switch(config-if)#exit
TRUNKING WITH ISL
SWITCH 2900 serie
Switchs su konfigurirani sa osnovnim funkcijama: Primjer je samo za Switch 1

1027
Only for individual use – not for distribute on Internet

Switch_A#enable
Switch_A#class ( password )
Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju defaultnom VLAN-u )

Switch#vlan database ( ulazak u configuration mode za VLAN-ove na switchu, add or delete VLAN )
Switch(vlan)#vlan 10 name Accounting ( kreiranje novog VLAN pod nazivom Acounting )
Switch(vlan)#vlan 20 name Marketing ( kreiranje novog VLAN pod nazivom Marketing )
Switch(vlan)#vlan 30 name Engineering ( kreiranje novog VLAN pod nazivom Engineering )
Switch(vlan)#exit

Switch#configure terminal
Switch(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch(config-if)#switchport mode access ( change a switchport to non-default VLAN, ulazak u config
mode gdje ćemo prebaciti port iz defaultnog Vlana 1 u NON defaultni Vlan u ovom slučaju je to VLAN 10)
Switch(config-if)#switchport access vlan 10 ( prebacivanje (postavljanje) interface-a FA0/4 u VLAN10

Switch(config-if)#interface fastethernet 0/5


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10

Switch(config-if)#interface fastethernet 0/6


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/7


1028
Only for individual use – not for distribute on Internet
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20

Switch(config)#interface fastethernet 0/8


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20

Switch(config-if)#interface fastethernet 0/9


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#exit

Switch(config)#interface fastethernet 0/10


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 30

Switch(config)#interface fastethernet 0/11


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 30

Switch(config-if)#interface fastethernet 0/12


Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 30
Switch(config-if)#end

Switch#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju portova-interfaces )

Probajte pingati IP address 192.168.1.5 => neuspješno


Nije postavljen Ciscov ISL protocol na portovima Fa0/1 koji spajaju dva switcha

Switch#configure terminal
Switch(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch(config-if)#switchport mode trunk set trunk type na switchport type Fa0/1 )
Switch(config-if)#switchport trunk encapsulation isl ( postavljanje ISL trunk na portu Fa0/1 )
1029
Only for individual use – not for distribute on Internet
Switch(config-if)#end

Switch#show interface fastethernet 0/1 switchport ( provjera postavljenog trunk type na Fa0/1 )

Probajte pingati IP address 192.168.1.5 => uspješno


TRUNKING WITH 802.1Q
SWITCH_A 2900 serie
Switch-es su konfigurirani sa osnovnim funkcijama: Primjer je samo za Switch_A

1030
Only for individual use – not for distribute on Internet

Switch_A#enable
Switch_A#class ( password )
Switch_A#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju defaultnom VLAN-u )

Switch_A#vlan database ( ulazak u vlan-config mode za VLAN-ove na Switch_Au, add or delete VLAN )
Switch_A(vlan)#vlan 10 name Accounting ( kreiranje novog VLAN pod nazivom Acounting )
Switch_A(vlan)#vlan 20 name Marketing ( kreiranje novog VLAN pod nazivom Marketing )
Switch_A(vlan)#vlan 30 name Engineering ( kreiranje novog VLAN pod nazivom Engineering )
Switch_A(vlan)#exit

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch_A(config-if)#Switchport mode access ( configure the port as nontrunking single vlan interface, Define
the VLAN membership mode for the port (Layer 2 access )
Switch_A(config-if)#Switchport access vlan 10 ( prebacivanje (postavljanje) interface-a FA0/4 u VLAN10

Switch_A(config-if)#interface fastethernet 0/5


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10

Switch_A(config-if)#interface fastethernet 0/6


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#exit

Switch_A(config)#interface fastethernet 0/7


Switch_A(config-if)#Switchport mode access
1031
Only for individual use – not for distribute on Internet
Switch_A(config-if)#Switchport access vlan 20

Switch_A(config)#interface fastethernet 0/8


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20

Switch_A(config-if)#interface fastethernet 0/9


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20
Switch_A(config-if)#exit

Switch_A(config)#interface fastethernet 0/10


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30

Switch_A(config)#interface fastethernet 0/11


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30

Switch_A(config-if)#interface fastethernet 0/12


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30
Switch_A(config-if)#end

Switch_A#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju portova-interfaces

Probajte pingati IP address 192.168.1.5 Host B koji je spojen na Fa0/12=> neuspješno


Nije postavljen Ciscov ISL protocol na portovima Fa0/1 koji spajaju dva Switch_A ( TRUNK )

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch_A(config-if)#Switchport mode trunk set trunk type na Switchport type Fa0/1 )
Switch_A(config-if)#Switchport trunk encapsulation dot1q ( postavljanje dot1q trunk na portu Fa0/1

1032
Only for individual use – not for distribute on Internet
Switch_A(config-if)#end

Switch_A#show interface fastethernet 0/1 Switchport ( provjera postavljenog trunk type na Fa0/1 )

OVOM naredbom vidimo je li aktiviran TRUNK mod na portu Fa 0/1


( Administrative mode : trunk )
( Operational mode: trunk )

Probajte pingati IP address 192.168.1.5 => uspješno

NAPOMENA:

Switch_A(config-if)#Switchport trunk encapsulation dot1q ( postavljanje dot1q trunk na portu Fa0/1

Ovu naredbu nije potrebno postavljati na Cisco Switchu 2950 jer on podržava samo 802.1Q ( dot1q )

1033
Only for individual use – not for distribute on Internet
VTP CLIENT and SERVER CONFIGURATION
SWITCH_A 2900 serie ( e-Lab 9.2.5 )
Switch-es su konfigurirani sa osnovnim funkcijama: Primjer je samo za Switch_A

Switch_A#enable
Switch_A#class ( password )
Switch_A#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju interfaces, u ovom
momentu svi interfaces ( portovi ) pripadaju defaultnom VLAN-u )

Switch_A#vlan database ( ulazak u vlan-config mode za VLAN-ove na Switch_A, add or delete VLAN
Switch_A(vlan)#vtp server ( aktiviranje switcha kao Servera )
Device Mode Allready VTP SERVER ( uređaj je spreman raditi kao VTP SERVER )
Switch_A(vlan)#vtp domain group1 ( promjena naziva domene iz Switch_A u naziv group1 )
Changing VTP domain name from Switch_A to group1
Switch_A(vlan)#vlan 10 name Accounting ( kreiranje novog VLAN pod nazivom Acounting )
Switch_A(vlan)#vlan 20 name Marketing ( kreiranje novog VLAN pod nazivom Marketing )
Switch_A(vlan)#vlan 30 name Engineering ( kreiranje novog VLAN pod nazivom Engineering )
Switch_A(vlan)#exit

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/4 ( ulazak u config mode fastethetnet interface-a 0/4 )
Switch_A(config-if)#Switchport mode access ( configure the port as nontrunking single vlan interface, Define
the VLAN membership mode for the port (Layer 2 access )
Switch_A(config-if)#Switchport access vlan 10 ( prebacivanje (postavljanje) interface-a FA0/4 u VLAN10
Switch_A(config-if)#interface fastethernet 0/5
Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
1034
Only for individual use – not for distribute on Internet

Switch_A(config-if)#interface fastethernet 0/6


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#exit

Switch_A(config)#interface fastethernet 0/7


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20

Switch_A(config-if)#interface fastethernet 0/8


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20

Switch_A(config-if)#interface fastethernet 0/9


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 20
Switch_A(config-if)#exit

Switch_A(config)#interface fastethernet 0/10


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30

Switch_A(config-if)#interface fastethernet 0/11


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30

Switch_A(config-if)#interface fastethernet 0/12


Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 30
Switch_A(config-if)#end

Switch_A#show vlan ( prikaz tablice Vlanova gdje možemo vidjeti info o pripadanju portova-interfaces

Switch_B#vlan database ( ulazak u vlan-config mode za VLAN-ove na Switch_A, add or delete VLAN
Switch_B(vlan)#vtp client ( konfiguracija – aktiviranje Switch_B, kao CLIENT-a )

1035
Only for individual use – not for distribute on Internet
Setting device to VTP CLIENT mode
Switch_B(vlan)#vtp domain group1 ( promjena naziva domene iz Switch_B u naziv group1 )
Changing VTP domain name from Switch_B to group1

Switch_A#configure terminal ( priprema za kreiranje 802.1Q TRUNK na FA0/1 )


Switch_A(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch_A(config-if)#switchport mode trunk ( set trunk type na Switchport type Fa0/1 )
Switch_A(config-if)#end

SWITCH-B
Switch_B#configure terminal ( priprema za kreiranje 802.1Q TRUNK na FA0/1 )
Switch_B(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch_B(config-if)#switchport mode trunk ( set trunk type na Switchport type Fa0/1 )
Switch_B(config-if)#end

Switch_B#show interface fastethernet 0/1 switchport ( provjera postavljenog trunk type na Fa0/1 )

NADALJE dolazi konfiguracija Switch_B sa postavljanjem interfaces u VLAN-ove

NAPOMENA:

Switch_A(config-if)#Switchport trunk encapsulation dot1q ( postavljanje dot1q trunk na portu Fa0/1

Ovu naredbu nije potrebno postavljati na Cisco Switchu 2950 jer on podržava samo 802.1Q ( dot1q )

1036
Only for individual use – not for distribute on Internet
CONFIGURING inter-VLAN ROUTING
SWITCH_A 2900 serie

Switch_A#enable
Switch_A#class ( password )
Switch_A#vlan database ( ulazak u vlan-config mode za VLAN-ove na Switch_A, add or delete VLAN
Switch_A(vlan)#vlan 10 name Sales ( kreiranje novog VLAN pod nazivom Sales )
Switch_A(vlan)#vlan 20 name Support ( kreiranje novog VLAN pod nazivom Support )
Switch_A(vlan)#exit

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/5
Switch_A(config-if)#switchport mode access
Switch_A(config-if)#switchport access vlan 10
Switch_A(config-if)#interface fastethernet 0/6
Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#interface fastethernet 0/7
Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#interface fastethernet 0/8
Switch_A(config-if)#Switchport mode access
Switch_A(config-if)#Switchport access vlan 10
Switch_A(config-if)#end

Switch_A#configure terminal
Switch_A(config)#interface fastethernet 0/9
Switch_A(config-if)#switchport mode access
Switch_A(config-if)#switchport access vlan 20
Switch_A(config)#interface fastethernet 0/10
Switch_A(config-if)#switchport mode access
Switch_A(config-if)#switchport access vlan 20
Switch_A(config)#interface fastethernet 0/11
Switch_A(config-if)#switchport mode access
1037
Only for individual use – not for distribute on Internet
Switch_A(config-if)#switchport access vlan 20
Switch_A(config)#interface fastethernet 0/12
Switch_A(config-if)#switchport mode access
Switch_A(config-if)#switchport access vlan 20
Switch_A(config-if)#end

Switch_A#show vlan

Switch_A#configure terminal ( priprema za kreiranje 802.1Q TRUNK na FA0/1 )


Switch_A(config)#interface fastethernet 0/1 ( ulazak u config mode fastethetnet interface-a 0/1 )
Switch_A(config-if)#switchport mode trunk ( set trunk type na Switchport type Fa0/1 )
Switch_A(config-if)#end

Router#enable
Password: class

Router#configure terminal (ulazak u GLOBAL configuration mode Routera )

Router(config)#interface fastethernet 0/1 (ulazak u config mode fastethetnet interface-a 0/1 )


Router(config-if)#no shutdown ( aktiviranje -podizanje fastethetnet interface-a 0/1)

Router(config-if)#interface fastethernet 0/1.1 ( ulazak u subinterface 0/1.1 mode za interface 0/1)


Router(config-subif)#encapsulation dot1q 1 ( postavljanje subinterface 0/1.1 za 802.1 trunking–
enkapsulaciju na VLAN-u 1)
Router(config-subif)#ip address 192.168.1.1 255.255.255.0 ( postavljanje IP adrese za subinterface 0/1.1
što je ujedno i Gateway za mrežu )

Router(config-subif)#interface fastethernet 0/1.2 ( ulazak u subinterface 0/1.2 mode za interface 0/1)


Router(config-subif)#encapsulation dot1q 10 ( postavljanje subinterface 0/1.2 za 802.1 trunking–
enkapsulaciju na VLAN-u 10 )
Router(config-subif)#ip address 192.168.5.1 255.255.255.0 ( postavljanje IP adrese za subinterface 0/1.2
što je ujedno i Gateway za mrežu )

Router(config-subif)#interface fastethernet 0/1.3 ( ulazak u subinterface 0/1.3 mode za interface 0/1)

1038
Only for individual use – not for distribute on Internet
Router(config-subif)#encapsulation dot1q 20 ( postavljanje subinterface 0/1.3 za 802.1 trunking–
enkapsulaciju na VLAN-u 20 )
Router(config-subif)#ip address 192.168.7.1 255.255.255.0 ( postavljanje IP adrese za subinterface 0/1.3
što je ujedno i Gateway za mrežu )
Router(config-subif)#end

Router#show ip route

Probajte premještati konekcije na portovima i pingati IP adrese

1039
Only for individual use – not for distribute on Internet
NAT has advantages and disadvanteges

Statment Analog DialUP

Statment ISDN dialUP

1040
Only for individual use – not for distribute on Internet

Statment Leased lines

Statment An X.25 circuit

1041
Only for individual use – not for distribute on Internet

Statment Frame Relay

Statment ATM connections

Statment DSL connections

1042
Only for individual use – not for distribute on Internet

Statment Cable modem connections

WAN design steps

1043
Only for individual use – not for distribute on Internet

Establishing a PPP Session

PPP layered arhitecture

PPP encapsulation and autenthication process

1044
Only for individual use – not for distribute on Internet

ISDN reference points

ISDN function

1045
Only for individual use – not for distribute on Internet
Frame Relay terminology

LMI mesaage format identification

1046
Only for individual use – not for distribute on Internet

Network Managment terminology

RMON matching

1047
Only for individual use – not for distribute on Internet

Autor ovog materijala_ Ivan Cindric www.ic.ims.hr

Ovaj material namijenjen je za osobnu upotrebu i nitko nema dozvolu da


ga distribuira putem interneta za download

1048

You might also like