You are on page 1of 84

DECLARATION I hereby declare that the project work entitled CCNA (OSI, TCP/IP Models & Basic s of Routing)

is an authentic record of my own work carried out at Netmax Techno logies, Chandigarh as requirement of six weeks industrial training for the award of B.Tech. Degree in Electronics and Communication, under the guidance of Mr Na vdeep Mangal (Director Netmax Technologies, Chd.) SHAINI SACHDEVA 80406106016 ECE This is to certify that the above statement made by the candidate is correct to the best of our knowledge & belief. (Name & Designation) TRAINING & PLACEMENT OFFICER, ECE The INDUSTRIAL TRAINING Viva-Voce Examination of SHAINI SACHDEVA has been held o n .......... and accepted. (Name & Designation) EXTERNAL EXAMINER 2

Abstract The enterprise network is the lifeblood of any Small to Medium Enterprise (SME) with more than one site or supply chain partner. It enables access to business i nformation and allows for profitable and effective communication flows between e mployees in different enterprise sites. Network enterprise network equipment is mature and ubiquitous, but the quality of services provided by similar networks varies from city to city and from country to country. In particular, the quality variation gap between most of the cities in some developing nations and their c ounterparts in advanced nations is very wide. This is due to the lack in develop ing nations of an adequate IT infrastructure, which is taken for granted in deve loped nations. Planning an enterprise network in a developing nation is almost l ike planning it in the middle of a desert. This project briefly discusses the ar chitecture of an enterprise network. It examines the barriers to planning, desig ning and implementing an enterprise network. This project also covers the method s to implement enterprise level networks. In this project we will start from wor king basic router configuration then covering the Routing technologies required to route data between branches. After that we have implement WAN and Frame-relay is considered a good choice because it connects multiple location using single interface of router and reduce the hardware costs. For Internet connectivity we are also using frame relay. In this setup NAT is very essential in which we have translate live IP into local and vice-versa. In short we can say a lot of techn ologies are studied and implemented for the successful completion of the project . Following list of technologies that are required in this project. Administrati on of router Routing Types of routing Benefits of static and dynamic routing Sca lability of networks 2

LIST OF USED DEVICES & TECHNOLOGIES CONFIGURED Cisco router Core layer switch Di stribution layer switch Access layer switches

TECHNOLOGIES TO CREATE NETWORK Router IP Addressing Routing Cor er VLAN database Trunk Links Spanning Tree Configuration Configuring IP & Gatewa y VLAN Port Membership Distribution Switches VTP Client Configuring IP & Gateway Trunk Link Configuration VLAN Port Membership 4

ACKNOWLEDGEMENT Thanking and feeling obliged indicates that we believe in someone elses existence rather than in the Divine who rules everything. When we feel obliged, then we a re not honoring the principles of the Divine karma. We should appreciate people for what they are and not thank them for what they do We should be grateful to pe ople for what they are and not for their acts. Now, it is really a long journey, going back in the past times and making a big list of names for appreciation an d gratitude. Industrial Training is an important aspect of engineering. Through this training the student learns to conduct himself/herself in environment of th e industry. This training is also helpful in acquiring the required technical kn owledge. I am pursued my training at Netmax Technologies, Chandigarh. I learned a lot at this place. I really feel the deepest gratitude towards my supervisor, Mr Navdeep Mangal (Director, Netmax Technologies). His immense love has been of great value to me. Without his unrivalled guidance, constant encouragement, pain staking efforts, keen observance, benevolent attention the present dissertation work would have remained futile. He really has the ability to make a laidback pe rson the foremost one. I am deeply grateful to our training and placement office r Mr Inderjeet Singh Gill and all my respected teachers of Shaheed Bhagat Singh College of Engg. & Tech, Ferozepur for their smile, support, calm and soothing a ttitude, which yielded peace of mind during my busy work hours. The biggest appr eciation and gratitude is towards my seniors, who were brave enough to share the ir views, keep a vision on my work and who made the task of compiling the disser tation an easy way out for me. I salute these grand masters, filled with knowled ge, patience and above all love. They were tolerant and uncomplaining all the ti mes and calmed and supported me, when I needed them the most. They never retrace d their steps in the hour of need and were ready with their helping hands for al l the times. I offer appreciation to all these great people of my life, for what they are. May they all win laurels and their names are glorified and honored. N eedless to say, the more I direct my thoughts positively and feel genuinely than kful, I find that the more I get to experience good results. SHAINI SACHDEVA 804 06106016 2

PREFACE Practical training constitutes an integral part of engineering studies. The trai ning gives an opportunity to the students to express themselves to the industria l environment which is quite different from the teaching classroom. The training enables the student to work in the future. It enables the student to undergo th ose experiences which help them later when they join an organization. Industrial training is a major part of course. It is period in which we are introduced to the industrial environment or in other words we can say that industrial training is provided for the familiarization with the industrial environment, with the a dvancement in computer technologies and increased automation in the industries f or increasing their production. In organization where Making Things Right in the first instance is the driving motto, perfection and accuracy are inevitable. Ex cellence is an attitude that the whole of the human race is born with. It is the environment that makes sure that whether the result of this attitude is visible or otherwise. A well planned, properly executed and evaluated industrial traini ng helps a lot in inculcating a professional attitude. It provides a linkage bet ween the student and industry to develop an awareness of industrial approach to problem solving, based on a broad understanding of process and mode of operation of organization. The objective of training is to raise the level of performance on one or more of its aspects and this may be achieved by providing new knowled ge and information relevant to a job. During this period, the students get the r eal, firsthand experience for working in the actual environment. Most of the the oretical knowledge that has been gained during the course of their studies is pu t to test here. It covers all the remains uncovered in the classroom i.e. withou t it our studies remains ineffective and incomplete. Apart from this, the studen ts get an opportunity to learn the latest technology, which immensely helps them in building their carrier. I had the opportunity to have a real experience on m any ventures, which increased my sphere of knowledge to a great extent. I was en trusted with a real life project, working on which had finally made me step into the ongoing technology and gradually become a part of it. And all the credit go es to NETMAX TECHNOLOGIES, CHANDIGARH for providing me the opportunity and facil ity for the making of this dissertation. I availed this instance in a very satis factory manner and think it will be very beneficial for me in building my future . COMPANY PROFILE 2

Netmax Technologies is an organization which is established in the field of Netw ork Support, Network training, Software training and Embedded systems. In Educat ion we have strategic alliance with Pearson VUE and Parametric. We are authorize d Testing Partner of REDHAT & Cisco. We are also NOVELL EDUCATION PARTNER with w hich we provide NOVELL and SUSE LINUX courses. Netmax Technologies also conduct courses in CADENCE based design tools. Netmax Technologies also provide Technica l Research & Development support and consultancy to some Electronics companies. Our clients for R&D support in field of embedded systems. Recorders and Medicare ltd Chandigarh. TELEBOX India ltd. Lotus Machines Pvt. Ltd. Chandigarh. Impearl Electronics Pvt. Ltd. Chandigarh. KANTA Electrical Ltd. Mohali.

The partial list of our client for network field is as below: C ier ISP, Chandigarh Innovative Solutions, Chandigarh Emmtel ISP, Chandigarh NIPE R, Mohali Navik Technologies, Chandigarh Software Technology Parks India, Mohali Glide Internet Services Rana Group IDS HFCL Infotel Ltd. Targus Technologies Pv t. ltd STPI, Mohali BBMB The Tribune 4

OUR TEAM Presently we have a strong technical team of certified professionals for caterin g to these solutions and have presence in Chandigarh and Punjab. We have skilled team of engineers who are experienced in design, programming. We are having mor e than 15 engineers who are having prestigious certifications like CCNA, CCNP, C CSP, CCSA, MCSE, RHCE, C, C++, JAVA and PhP MySql Programming. Support Area (net work solutions) a. LINUX / UNIX networks b. SUN networks c. CISCO devices (Route rs, Switches, Firewalls, Cache Engine, RAS etc) d. Bandwidth Manager software an d hardware e. Radio Links f. Security Solutions Netmax-Technologies provide the following Courses in IT & Embedded Systems given below: Network Training a. CISCO CCNA, CCNP, CCSP, CCIE b. RED HAT LINUX c. SUN SOLARIS d. WINDOWS 2000, 2003 (MCP, MCSA & MCSE) e. SUSE LINUX Software Training a. C++ b. C c. JAVA d. PhP My Sql Programming e. 1 year Diploma in System administration & Networking. Design Services (Embedded systems) a) AVR family b) MCS 51 c) ELECTRONIC SYSTEM DESIGN 4

Our core strength is our commitment, technical expertise and cost effective solu tions. We ensure high service levels and prompt support availability leading to lower downtime. Netmax Technologies is a leader in education services and develo per of innovative embedded solutions. To meet the demands of Post PC era Netmax provides complete solutions as well as design-to-order services to satisfy our c ustomers. For NetMax Technologies Navdeep Mangal Sonika Mangal +9888070008, +988 8435109. Head Office NetMax Technologies SCO 58-59 Sector 34A Chandigarh 0172-46 44644 Branch Office NetMax Technologies SCO 198-200 Sector 34A Chandigarh 0172-2 608351 2

Contents Page No.

Declaration.....2 Certificate...3 Ab 2.

Hub17-18 Switch18Bridge19-

UTP (Unshielded Twisted Pair)21-23 Administrator model for networking

OSI (Open Systems Interconnection) Model24-29 2.1 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 yer.24-25 Layer 2: The Data Link Layer...25 Layer 3: The Netw 4

2.1.6 2.1.7 2.1.8 3.

Layer 6: The Presentation Layer.28 Layer 7: The Application Layer TCP/IP Model.30-32 3.1

TCP/IP MODEL...30 3.1.1 3.1.2 3.1.3 LAYER 1:- Application Layer 4.

IP Routing33-42 4.1 4.2 4.3 ROUTER...33 Rou 4.7.2 4.7.3 4.7.4 4.7.5 User mode......39 Privileged mode mode...40 Console Password..40 Vty Password 6 38 4.6 Configuring Password40

4.7.6 4.8 5 Encryption all passwords...41 Managing Configuration...41-42

Types Of Routing.43-64 5.1 Static Routing..43 routing.43 Disadvantages of static routing.43 Alternate command t ng static route44-45

Default Routing....46 Dynamic Routing.47 5.3.1 5.3. t Path First..59-61 OSPF Hierarchical Model.61 LSA Flooding in O 6

Access Control List...65-69 6.1 ACL.65 6.2 6.3 tandard ACL (Named)..67-68 IP Extended ACL (Numbered)68-69 7 LAN Switching70-73 7.1 7.2 LAN Switching70-71 VLAN Conclusion..74 Bibliography...75 8

List of Figures 1.1. 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 1.10 2.1 2.2 2.3 2.4 3.1 3.2 4.1 4.2 5.1 5. 2 5.3 5.4 5.5 5.6 5.7 5.8 5.9 5.10 5.11 5.12 6.1 6.2 PCS CONNECTED VIA HUB H..19 PCS CONNECTED VIA BRIDGE.20 DIFFERENT N/Ws CONNECTED 2

List of Tables 1.1 Pin Configuration22 2

ABBREVIATIONS n/w LAN WAN CSMA/CD CSMA/CA ISDN OSI TCP/IP NIC MAC IETF EXEC VTY VLAN BGP EIGRP IGRP OSPF RIP MTU VLSM IOS CLI Network Local Area Network Wide Area Network Car rier Sense Multiple Access/ Collision Detection Carrier Sense Multiple Access/ C ollision Avoidance Integrated Services Digital Network (ISDN) Open Systems Inter connection Transmission Control Protocol/Internet Protocol Network Interface Car d Media Access Control Internet Engineering Task Force EXECUTION (Virtual Telet Ype) VIRTUAL Local Area Network Border Gateway Protocol Enhanced Interior Gatewa y Routing Protocol Interior Gateway Routing Protocol Open Shortest Path First Ro uting Information Protocol Maximum Transmission Unit Variable Length Subnet Mask Internetwork Operating System Command-Line Interface 2

Chapter 1 NETWORKING 1.1 Network In one network more than one computer connected with each other through centrali zed device. They can share files and resources with each other. Networks are the method to share hardware resources and software resources. We can share the res ources with the help of operating system like windows, Linux, UNIX etc. To conne ct multiple networks we have to use internetworking devices like router, bridge, layer 3, switches etc. 1.2 LAN LAN stands for Local Area Network. The scope of the LAN is within one building, one school or within one lab. In LAN (Hub), media access method is used CSMA/CD in which each computer sense the carrier before sending the data over the n/w. I f carrier is free then you can transmit otherwise you have to wait or you have t o listen. In multiple accesses each computer has right that they can access each other. If two computers sense the carrier on same time then the collision occur . Each computer in the network aware about the collision. Now this stop transmit ting and they will use back off algorithm. In which random number is generated. This number or algorithm is used by each computer. Who has short number or small number, he has first priority to transmit the data over the network and other c omputers will wait for their turn. 1.3 WAN WAN stands for Wide Area Network, in which two local area networks are connected through public n/w. it may be through telecommunication infrastructure or dedic ated lines. For e.g.: - ISDN lines, Leased lines etc. In which we can use WAN de vices and WAN technology. You can also connect with your remote area through exi sting Internetwork called Internet. 1.4 Devices 1.4.1 Hub Hub is centralized device, which is used to connect multiple workstations. There are two types of Hub: 2

(i) Active Hub (ii) Passive Hub Fig. 1.1. PCS CONNECTED VIA HUB It has no special kind of memory. It simply receives the frame (data) and forwar ds it to all its nodes except the receiving node. It always performs broadcastin g. In case of hub, there is one collision domain and one broadcast domain. In ca se of hub, the media access method is used CSMA/CD (Carrier Sense Multiple Acces s/Collision Detection). Active Hub In Active hub, it receives the frame regenera te and then forward to all its nodes. Passive Hub In Passive hub, it simply rece ives the frame and forward to all its connected nodes. We cannot perform LAN seg mentation using hub. 1.4.2 Switch Switch is also used to connect multiple workstations. Switch is more intelligent than hub. It has special kind of memory called mac address/filter/lookup table. Switch reads mac addresses. Switch stores mac addresses in its filter address t able. Switch when receives frame, it reads the destination mac address and consu lt with its filter table. If he has entry in its filter table then he forwards t he frame to that particular mac address, if not found 2

then it performs broadcasting to all its connected nodes. Every port has its own buffer memory. A port has two queues one is input queue and second is output qu eue. When switch receives the frame, the frame is received in input queue and fo rward from output queue. So in case of switch there is no chance or place for co llisions. In case of switch, the media access method is used CSMA/CA (Carrier Se nse Multiple Access/ Collision Avoidance). Switches provide more efficiency, mor e speed and security. Fig. 1.2 PCS CONNECTED VIA SWITCH There are two types of switches: I. Manageable switches (can be configured with console cable). II. Non-manageable switches. We can perform LAN segmentation by using switches. 1.4.3 Bridge Bridge is a hardware device, which is used to provide LAN segmentation means it is used for break the collision domain. It has same functionality as performed b y switch. We can use bridge between two different topologies. It has fewer ports . Each port has a own buffer memory. It works on Data Link Layer of OSI model. I t also read mac address and stores it in its filter table. In case of bridge the re is one broadcast domain. 3

FIG. 1.3PCS CONNECTED VIA BRIDGE 1.4.4 Router Router is hardware device, which is used to communicate two different networks. Router performs routing and path determination. It does not perform broadcast in formation. FIG. 1.4DIFFERENT N/Ws CONNECTED VIA ROUTER There are two types of routers: I. Hardware Routers are developed by Cisco, HP. II. Software Routers is configured with the help of routing and remote access. T his feature is offered by Microsoft. This feature is by default installed, but you h ave to enable or configure it. Hardware routers are dedicated routers. They are more efficient. But in case of software routers, it has fewer features, slow per formance. 2

They are not very much efficient. 1.4.5 LAN Card LAN card is media access device. LAN card provide us connectivity in the network . There is a RJ45 (Registered Jack) connector space on the LAN card. RJ45 is use d in UTP cable. There is another led which is also called heartbeat of LAN card. When any activity occurs it may be receiving or transmitting any kind of data. This led start blinking and also tells us the status of LAN card. FIG. 1.5Internal network interface card Fig. 1.6 PCMCIA Network interface card 1.5 UTP (Unshielded Twisted Pair) 3

FIG. 1.7UTP Pin Configuration Hub/Switch PC/Router/Online Printer 1 2 3 4 5 6 7 8 Rx+ RxTx+ NC NC Tx NC NC TABLE 1.1 Uplink port(Hub/Switch) Tx+ Tx Rx+ NC NC Rx NC NC Tx+ Tx Rx+ NC NC Rx NC NC Pin Configuration 2

Fig. 1.8 Cross & Straight Cable Straight Cable 1 Orange white - Orange white 2 Orange - Orange 3 Green white - G reen white 4 Blue - Blue 5 Blue white - Blue white 6 Green - Green 7 Brown white - Brown white 8 Brown Brown Cross Cable 1 Orange white - Green white 2 Orange Green 3 Green white - Orange white 4 Blue - Blue 5 Blue white - Blue white 6 Gr een - Orange 7 Brown white - Brown white 8 Brown - Brown Fig. 1.9 RJ 45 Connector 1.6 Administrator model for networking Server software: - Software which are used to giving services are server softwar e. 2

Client software: - which gets services. NIC Media Client Software Server Software P Apache,Explorer, TCP/IP, Internet IP X/SPX, Outlook Express, RIIS, AppleTalk, Yahoo messenger OExchange 2003, Netbeui Cute FTP TFTP Server Send Mail O C O L Stack Fig. 1.10 Networking Model 4

Chapter 2 OSI (Open Systems Interconnection) Model 2.1 OSI Model OSI model is the layer approach to design, develop and implement network. OSI pr ovides following advantages: (i) Designing of network will be standard base. (ii ) Development of new technology will be faster. (iii) Devices from multiple vend ors can communicate with each other. (iv) Implementation and troubleshooting of network will be easy. MediaData LayerLayer Software Stack Layer NICPresentation Layer Protocol Link La yer Physical Network Application Layer Transport Session Layer 2

Fig. 2.1 OSI MODEL 2.1.1 Layer 1: The Physical Layer The bottom layer, or Layer 1, of the OSI reference model is called the physical layer. This layer is responsible for the transmission of the bit stream. It acce pts frames of data from Layer 2, the data link layer, and transmits their struct ure and content serially, one bit at a time. Layer 1 is also responsible for the reception of incoming streams of data, one bit at a time. These streams are the n passed on to the data link layer. The physical layer, quite literally, operate s on only 1s and 0s. It has no mechanism for determining the significance of the bits it transmits or receives. It is solely concerned with the physical charact eristics of electrical and/or optical signaling techniques. This includes the vo ltage of the electrical current used to transport the signal, the media type and impedance characteristics, and even the physical shape of the connector used to terminate the media. Transmission media includes any means of actually transpor ting signals generated by the OSIs Layer 1 mechanisms. Some examples of transmi ssion media are coaxial cabling, fiber-optic cabling, and twisted-pair wiring. 2.1.2 Layer 2: The Data Link Layer Layer 2 of the OSI reference model is called the data link layer. As all the lay ers do, it has two sets of responsibilities: transmit and receive. It is respons ible for providing end-toend validity of the data being transmitted. On the tran smit side, the data link layer is responsible for packing instructions---data--into frames. A frame is a structure indigenous to the data link layer that conta ins enough information to make sure that the data can be successfully sent acros s a LAN to its destination. Implicit in this definition is that the data link la yer contains its own address architecture. This addressing is only applicable to other networked devices that reside locally on the same data link layer domain. 2.1.3 Layer 3: The Network Layer The network layer enables internetworking. The protocols at this layer are respo nsible for 4

establishing the route to be used between the source and destination computers. This layer lacks any native transmission error detection/correction mechanisms a nd, consequently, is forced to rely on the end-to-end reliable transmission serv ice of either the data link layer or the transport layer. Although some data lin k layer technologies support reliable delivery, many others do not. Therefore, L ayer 3 protocols (such as IP) assume that Layer 4 protocols (such as TCP) will p rovide this functionality rather than assume Layer 2 will take care of it. 2.1.4 Layer 4: Transport Layer: Transport layer is responsible for connection or iented and connection less communication. Transport layer also performs other fu nctions like (i) (ii) Error checking Flow Control Buffering Windowing Multiplexi ng (iii) (iv) Sequencing Positive Acknowledgement Response (i) Error checking Transport layer generates cyclic redundancy check (CRC) and forward the CRC valu e to destination along with data. The other end will generate CRC according to d ata and match the CRC value with received value. If both are same, then data is accepted otherwise discard. (ii) Flow Control Flow control is used to control the flow of data during communication. For this purpose following methods are used: (a) Buffer Buffer is the temporary storage area. All the data is stored in the buffer memor y and when communication ability is available the data is forward to another. (b) Windowing Windowing is the maximum amounts of the data that can be send to destination wit hout receiving Acknowledgement. It is limit for buffer to send data without gett ing Acknowledgement. 5

Fig. 2.2 Windowing (c) Multiplexing Multiplexing means combining small data segment, which has same destination IP a nd same destination service. (iii) Sequencing Transport layer add sequence number to data, so that out of sequence data can be detected and rearranged in proper manner. (iv) Positive acknowledgement and Response When data is send to destination, the destination will reply with acknowledgemen t to indicate the positive reception of data. If acknowledgement is not received within a specified time then the data is resend from buffer memory. 2.1.5 Layer 5:.Session Layer: This layer initiate, maintain and terminate sessio ns between different applications. Due to this layer multiple application softwa re can be executed at the same time. 1. Connection Oriented Communication 2

Fig. 2.3 3 Way hand shaking Fig. 2.4 Connection Oriented Communication 2. Connection less Communication SEND SENDER Receiver 2.1.6 Layer 6: The Presentation Layer Layer 6, the presentation layer, is responsible for managing the way that data i s encoded. Not every computer system uses the same data encoding scheme, and the presentation layer is responsible for providing the translation between otherwi se incompatible data encoding schemes, such as American Standard Code for Inform ation Interchange (ASCII) and Extended Binary Coded Decimal Interchange Code (EB CDIC). The presentation layer can be used to mediate differences in floating-poi nt formats, as 2

well as to provide encryption and decryption services. 2.1.7 Layer 7: The Application Layer The top, or seventh, layer in the OSI reference model is the application layer. Despite its name, this layer does not include user applications. Instead, it pro vides the interface between those applications and the networks services. This layer can be thought of as the reason for initiating the communications session. For example, an email client might generate a request to retrieve new messages from the email server. This client application automatically generates a request to the appropriate Layer 7 protocol(s) and launches a communications session to get the needed files. 2.1.8 Data Encapsulation Data Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data Link Layer Physical Layer Data* Data** Data*** Transport Header | Data = Segment Network Header | Segment = Packet Header | Packet | Trailer = Frame 1 0 = Bits Data => Segment => Packet => Frames => Bits 3

CHAPTER 3 TCP/IP MODEL 3.1 TCP/IP MODEL TCP/IP is the most popular protocol stack, which consist of large no of protocol . According to the OSI model TCP/IP consist of only four layers. TCP/IP model is modified form of DOD (Department of Defense) model. Network Internet Transport Protocol Application Ph D NLARP Dns Ftp Tftp IGMP RIP OSPF TInternetRARP ICMPLan/Wan Snmp Ssl BGP Http Smtp All commonTelenet Ntp Tec hnologies Rdp & many more A TCP UDP Access Host) (Host to25 53 20 69 23 80 123 4 43 3389 pop3 imap P S 2

Fig. 3.1 TCP/IP MODEL 3.1.1 LAYER 1:- Application Layer This layer contains a large no. of protocols. Each protocol is designed to act a s server & client. Some of protocol will need connection oriented. TCP and other s may need connection less UDP for data transfer. Application layer use port no.s to identity each application at Transport layer. This layer performs most of fu nctions, which are specified by the Application, Presentation, and Session layer of OSI model. 3.1.2 LAYER 2:- Transport Layer Two protocols are available on Transport layer 1) Transmission Control Protocol 2) User Datagram Protocol I) Transmission Control Protocol TCP performs connecti on-oriented communication. Its responsibilities are: i) Error Checking ii) Ackno wledgement iii) Sequencing iv) Flow Control v) Windowing 4

Fig. 3.2 TCP Header II) User Datagram Protocol UDP is connection less protocol, which is responsible for error checking and ide ntifying applications using port numbers. Bytes 4 4 Source port 16 bits Length 16 bits Data Destination port 16 bits Checksum 16 bits UDP HEADER (8 bytes) 2

3.1.3 LAYER 3 Internet Layer The main function of Internet layer is routing and providing a single network in terface to the upper layers protocols. Upper or lower protocols have not any fun ctions relating to routing. To prevent this, IP provides one single network inte rface for the upper layer protocols. After that it is the job of IP and the vari ous Network Access protocols to get along and work together. The main protocols are used in Internet layer:1) Internet Protocol (IP) 2) Internet Control Message Protocol (ICMP) 3) Address Resolution Protocol (ARP) 4) Reverse Address Resolut ion Protocol (RARP) 5) Proxy ARP 4

CHAPTER 4 IP ROUTING 4.1 ROUTER Unlike most LAN components, routers are intelligent. More importantly, they can operate at all layers of the OSI reference model rather than just the first two. This enables them to internetwork multiple LANs by using Layer 3 addressing. A router must have two or more physical interfaces for interconnecting LANs and/or WAN transmission facilities. The router learns about the addresses of machines or networks that are somehow connected via each of its interfaces. The list of t hese addresses is kept in tables that correlate Layer 3 addresses with the port numbers that they are directly or indirectly connected to. A router uses two typ es of networking protocols, both of which operate at Layer 3. These are routable protocols and routing protocols. Routable protocols, also known as routed proto cols, are those that encapsulate user information and data into packets. An exam ple of a routed protocol is IP. IP is responsible for encapsulating application data for transport through a network to the appropriate destinations. Routing pr otocols are used between routers to determine available routes, communicate what is known about available routes, and forward routed protocol packets along thos e routes. The purpose of a routing protocol is to provide the router with all th e information it needs about the network to route datagrams. 4.2 Routing Routers are used to forward packets of data between devices that arent necessar ily connected to the same local network. Routing is the cumulative processes tha t discover paths through the network to specific destinations, compare redundant routes mathematically, and build tables that contain routing information. 2

The routers task is easy: It has only two interfaces. Any packets received by o ne of its interfaces was either delivered to the other interface or discarded as undeliverable. In this particular case, the router may well have been replaced by a hub, bridge, switch, or any other Layer 2 device. The routers real value l ies in determining routes to destinations on nonadjacent networks. 4.3 IP Addressing Class A Addresses Class B Addresses Class C Addresses Class D Addresses Class E Addresses IPv4 Address Formats IP addressing is accompanied by a two-tiered network address, consisting of the networks address and a host address. 4.3.1 Class A Addresses The Class A IPv4 address was designed to support extremely large networks. As th e need for very large-scale networks was perceived to be minimal, an architectur e was developed that maximized the possible number of host addresses but severel y limited the number of possible Class A networks that could be defined. A Class A IP address uses only the first octet to indicate the network address. The rem aining three octets enumerate host addresses. The first bit of a Class A address is always a 0. This mathematically limits the possible range of the Class A add ress to 127, which is the sum of 64 + 32 + 16 + 8 + 4 + 2 + 1. The leftmost bit s decimal value of 128 is absent from this equation. Therefore, there can only e ver be 127 possible Class A IP networks. The last 24 bits (that is, three dotted -decimal numbers) of a Class A address represent possible host addresses. The ra nge of possible Class A network addresses is from to Notice t hat only the first octet bears a network address number. The remaining three are used to create unique host addresses within each network number. As 2

such, they are set to zeroes when describing the range of network numbers. Note Technically, is also a Class A network address. However, it is reserve d for loop-back testing and cannot be assigned to a network. 4.3.2. Class B Addresses The Class B addresses were designed to support the needs of moderate- to large-s ized networks. The range of possible Class B network addresses is from to The mathematical logic underlying this class is fairly simple. A Class B IP address uses two of the four octets to indicate the network address . The other two octets enumerate host addresses. The first 2 bits of the first o ctet of a Class B address are 10. The remaining 6 bits may be populated with eit her 1s or 0s. This mathematically limits the possible range of the Class B addre ss space to 191, which is the sum of 128 + 32 + 16 + 8 + 4 + 2 + 1. The last 16 bits (two octets) identify potential host addresses. Each Class B address can su pport 65,534 unique host addresses. This number is calculated by multiplying two to the 16th power and subtracting two (values reserved by IP). Mathematically, there can only be 16,382 Class B networks defined. 4.3.3 Class C Addresses The Class C address space is, by far, the most commonly used of the original IPv 4 address classes. This address space was intended to support a lot of small net works. This address class can be thought of as the inverse of the Class A addres s space. Whereas the Class A space uses just one octet for network numbering, an d the remaining three for host numbering, the Class C space uses three octets fo r networking addressing and just one octet for host numbering. The first 3 bits of the first octet of a Class C address are 110. The first 2 bits sum to a decim al value of 192 (128 + 64). This forms the lower mathematical boundary of the Cl ass C address space. The third bit equates to a decimal value of 32. Forcing thi s bit to a value of 0 establishes the upper mathematical boundary of the address space. Lacking the capability to use the third digit limits the maximum value o f this octet to 255 - 32, which equals 223. Therefore, the range of possible Cla ss C network addresses is from to The last octet is use d for host addressing. Each Class C address can support a theoretical maximum of 256 unique host addresses (0 through 255), but only 254 are usable because 3

0 and 255 are not valid host numbers. There can be 2,097,150 different Class C n etwork numbers. Note In the world of IP addressing, 0 and 255 are reserved host address values. IP addresses that have all their host address bits set equal to 0 identify the local network. Similarly, IP addresses that have all their host a ddress bits set equal to 255 are used to broadcast to all end systems within tha t network number. 4.3.4. Class D Addresses The Class D address class was created to enable multicasting in an IP network. T he Class D multicasting mechanisms have seen only limited usage. A multicast add ress is a unique network address that directs packets with that destination addr ess to predefined groups of IP addresses. Therefore, a single station can simult aneously transmit a single stream of datagrams to multiple recipients. The need t o create separate streams of datagrams, one for each destination, is eliminated. Routers that support multicasting would duplicate the datagram and forward as ne eded to the predetermined end systems. Multicasting has long been deemed a desir able feature in an IP network because it can substantially reduce network traffi c. The Class D address space, much like the other address spaces, is mathematica lly constrained. The first 4 bits of a Class D address must be 1110. Presetting the first 3 bits of the first octet to 1s means that the address space begins at 128 + 64 + 32, which equals 224. Preventing the fourth bit from being used mean s that the Class D address is limited to a maximum value of 128 + 64 + 32 + 8 + 4 + 2 + 1, or 239. Therefore, the Class D addresses space ranges from to This range may seem odd because the upper boundary is specif ied with all four octets. Ordinarily, this would mean that the octets for both h ost and network numbers are being used to signify a network number. There is a r eason for this. The Class D address space isnt used for internetworking to indi vidual end systems or networks. Class D addresses are used for delivering multic ast datagrams within a private network to groups of IPaddressed end systems. Ther efore, there isnt a need to allocate octets or bits of the address to separate network and host addresses. Instead, the entire address space can be used to ide ntify groups of IP addresses (Classes A, B, or C). Today, numerous other proposa ls are being developed that would allow IP multicasting without the complexity o f a Class D address space. 4

4.3.5 Class E Addresses A Class E address has been defined, but is reserved by the IETF for its own rese arch. Therefore, no Class E addresses have been released for use in the Internet . The first 4 bits of a Class E address are always set to 1s; therefore, the ran ge of valid addresses is from to Given that this clas s was defined for research purposes, and its use is limited to inside the IETF, it is not necessary to examine it any further. 4.4 IP Routing When we want to connect two or more networks using different n/w addresses then we have to use IP Routing technique. The router will be used to perform routing between the networks. A router will perform following functions for routing. (1) Path determination The process of obtaining path in routing table is called pat h determination. There are three different methods to which router can learn pat h. i) Automatic detection of directly connected n/w. ii) Static & Default routin g iii) Dynamic routing (2) Packet forwarding It is a process that is by default enable in router. The router will perform packet forwarding only if route is ava ilable in the routing table. Path determination Packet forwarding 4.5 Routing Process (i) The pc has a packet in which destination address is not same as the local n/ w address. (ii) The pc will send an ARP request for default gateway. The router will reply to the ARP address and inform its Mac address to pc. (iii) The pc wil l encapsulate data, in which source IP is pc itself, destination IP is server, s ource Mac is pcs LAN interface and destination Mac is routers LAN interface. 6

oleObject1 Fig. 4.1 Routing Process S. MAC PC1 D. IP S. IP D. MAC R1 The router will receive the frame, store it into the buffer. When obtain packet from the frame then forward data according to the destination IP of packet. The router wi ll obtain a route from routing table according to which next hop IP and interfac e is selected (iv) According to the next hop, the packet will encapsulated with new frame and data is send to the output queue of the interface. 4.6 Router Access Modes 4

When we access router command prompt the router will display different modes. Ac cording to the modes, privileges and rights are assigned to the user. Fig. 4.2 Router access modes 4.6.1 User mode In this mode, we can display basic parameter and status of the router we can tes t connectivity and perform telnet to other devices. In this mode we are not enab le to manage & configure router. 4.6.2 Privileged mode In this mode, we can display all information, configuration, perform administrat ion task, debugging, testing and connectivity with other devices. We are not abl e to perform here configuration editing of the router. The command to enter in t his mode is enable. We have to enter enable password or enable secret password to enter in this mode. Enable secret has more priority than enable password. If bot h passwords are configured then only enable secret will work. 4.6.3 Global configuration This mode is used for the configuration of global parameters in the router. Glob al parameters applied to the entire router. For e.g.: - router hostname or acces s list of router the command enters in this mode is configure terminal. 4.6.4 Line configuration mode This mode is used to configure lines like console, vty and auxiliary. There are main types of line that are configured. (i) Console router(config)#line console 0 (ii) Auxiliary router(config)#line aux 0 (iii) Telnet or vty router(config)#li ne vty 0 4 2

4.6.5 Interface configuration mode This mode is used to configure router interfaces. For e.g:- Ethernet, Serial, BR I etc. Router(config)#interface <type> <number> Router(config)#interface serial 1 4

4.6.6 Routing configuration mode This mode is used to configure routing protocol like RIP, EIGRP, OSPF etc. Route r(config)#router <protocol> [<option>] Router(config)#router rip Router(config)# router eigrp 10 4.7 Configuring Password 4.7.1 Console Password router#configure terminal router(config)#line console 0 r outer(config-line)#password <word> router(config-line)#login router(config-line) #exit to erase password do all steps with no command. 4.7.2 Vty Password router> enable router#configure terminal router(config)#line vty 0 4 router(config-line) #password <word> router(config-line)#login router(config-line)#exit 4.7.3 Auxili ary Password router#configure terminal router(config)#line Aux 0 router(config-l ine)#password <word> router(config-line)#login router(config-line)#exit 4.7.4 En able Password router>enable router#configure terminal router(config)#enable pass word <word> router(config)#exit There are six types of password available in a router 2

4.7.5 Enable Secret Password Enable Password is the clear text password. It is stored as clear text in configuration where as enable secret password is the encrypted password with MD5 (Media Digest 5) algorithm. Router>enable Router#configure ter minal Router(config)#enable secret <word> Router(config)#exit 4.7.6 Encryption all passwords All passwords other than enable secret password are cle ar text password. We can encrypt all passwords using level 7 algorithms. The com mand to encrypt all passwords is Router#configure terminal Router(config)#servic e password-encryption 4.8 Managing Configuration There are two types of configuration present in a router (1) Startup Configurati on (2) Running Configuration (1) Startup configuration is stored in the NVRAM. S tartup configuration is used to save settings in a router. Startup configuration is loaded at the time of booting in to the Primary RAM. (2) Running Configurati on is present in the Primary RAM wherever we run a command for configuration; th is command is written in the running configuration. To save configuration Router #copy running-configuration startup-configuration Or Router#write To abort confi guration Router#copy startup-configuration running-configuration To display runn ing-configuration Router#show running-configuration To display startup configura tion Router#show startup-configuration Configuring HostName 2

Router#configure terminal Router#hostname <name> <name>#exit or end or /\z Confi guring Interfaces Interfaces configuration is one of the most important part of the router configuration. By default, all interfaces of Cisco router are in disa bled mode. We have to use different commands as our requirement to enable and co nfigure the interface. Configuring IP, Mask and Enabling the Interface Router#co nfigure terminal Router(config)#interface <type> <no> Router(config-if)#ip addre ss <ip> <mask> Router(config-if)#no shutdown Router(config-if)#exit Interface Nu mbers Interface numbers start from 0 for each type of interface some routers wil l directly used interface number while other router will use slot no/port no add ressing technique. To display interface status Router#show interfaces (to show a ll interfaces) Router#show interface <type> <no> 4

CHAPTER 5 TYPES OF ROUTING 5.1 Static Routing In this routing, we have to use IP route commands through which we can specify r outes for different networks. The administrator will analyze whole internetwork topology and then specify the route for each n/w that is not directly connected to the router. 5.1.1 Steps to perform static routing (1) Create a list of all n/w present in internetwork. (2) Remove the n/w address from list, which is directly connected to n/w. (3) Specify each route for each routing n/w by using IP route command. Router(config)#ip route <destination n/w> <mask> <next hop ip> Next hop IP it is the IP address of neighbor router that i s directly connected our router. Static Routing Example: Router#conf ter Router(config)#ip route 255.0.0 .0 5.1.2 Advantages of static routing (1) Fast and efficient. (2) More control over selected path. (3) Less overhead f or router. (4) Bandwidth of interfaces is not consumed in routing updates. 5.1.3 Disadvantages of static routing (1) More overheads on administrator. (2) Load balancing is not easily possible. (3) In case of topology change routing table has to be change manually. 2

5.1.4 Alternate command to specify static route Static route can also specify in following syntax: Router(config)#ip route 172.1 6.0.0 Or Router(config)#ip route s erial 0 5.1.5 Backup route or loading static route If more than one path is available from our router to destination then we can sp ecify one route as primary and other route as backup route. Administrator Distan ce is used to specify one route as primary and other route as backup. Router wil l select lower AD route to forward the traffic. By default static route has AD v alue of 1. With backup path, we will specify higher AD so that this route will b e used if primary route is unavailable. Protocols Directly Connected Static BGP EIGRP IGRP OSPF RIP Syntax: - To set backup path Router(config)#ip route <dest. n/w> <mask> <next hop> <AD> Or <exit interface> Example: Router#conf ter Router( config)#ip route Router(config)#ip route 150.1 0.0.0 8 (below 20) Router(config)#exit Scenario 1 4 AD 0 1 20 90 100 110 120

oleObject2 Fig.5.1 Static routing To display routing table Router#sh ip route To display static routes only Router #sh ip route static 2

S [1/0] via To display connected n/ws only Router#sh ip route connected To check all the interface of a router Router#sh interface br ief 5.2 Default Routing Default routing means a route for any n/w. these routes are specify with the hel p of following syntax: Router(config)#ip route <next hop> Or <ex it interface> This type of routing is used in following scenario. Scenario 2: St ub network A n/w which has only one exit interface is called stub network. 4

oleObject3 Fig. 5.2 Default routing If there is one next hop then we can use default routing. Internet connectivity On Internet, million of n/ws are present. So we have to specify default routing on our router. Default route is also called gateway of last resort. This route w ill be used when no other routing protocol is available. If there is one next hop then we can use default routing. 5.3 Dynamic Routing 2

In dynamic routing, we will enable a routing protocol on router. This protocol w ill send its routing information to the neighbor router. The neighbors will anal yze the information and write new routes to the routing table. The routers will pass routing information receive from one router to other router also. If there are more than one path available then routes are compared and best path is selec ted. Some examples of dynamic protocol are: RIP, IGRP, EIGRP, OSPF 5.3.1 Types of Dynamic Routing Protocols According to the working there are two types of Dynamic Routing Protocols. (1) D istance Vector (2) Link State According to the type of area in which protocol is used there are again two types of protocol: (1) Interior Routing Protocol (2) E xterior Routing Protocol (a) Distance Vector Routing The Routing, which is based on two parameters, that is distance and direction is called Distance Vector Routing. The example of Distance Vector Routing is RIP & IGRP. Operation: (1) Each Router will send its directly connected information t o the neighbor router. This information is send periodically to the neighbors. 2

oleObject4 Fig.5.3 Distance vector routing (2) The neighbor will receive routing updates and process the route according to following conditions: (i) If update of a new n/w is received then this informat ion is stored in routing table. (ii) If update of a route is received which is a lready present in routing table then route will be refresh that is route times a re reset to zero. (iii) If update is received for a route with lower metric then the route, which is already present in our routing table. The router will disca rd old route and write the new route in the routing table. (iv) If update is rec eived with higher metric then the route that is already present in routing table , in this case the new update will be discard. (3) A timer is associated with ea ch route. The router will forward routing information on all interfaces and enti re routing table is send to the neighbor. There are three types of timers associ ated with a route. (i) Route update timer. It is the time after which the router will send periodic update to the neighbor. (ii) Route invalid timer. It is the time after which the route is declared invalid, if there are no updates for the route. Invalid route are not forwarded to neighbor routers but it is still used to forward the traffic. (iii) Route flush timer. It is the time after which rout e is removed from the routing table, if there are no updates about the router. 2

Metric of Dynamic Routing Metric are the measuring unit to calculate the distanc e of destination n/w. A protocol may use a one or more than one at a time to cal culate the distance. Different types of metric are: (1) Hop Count (2) Band Width (3) Load (4) Reliability (5) Delay (6) MTU Hop Count It is the no. of Hops (Rou ters) a packet has to travel for a destination n/w. Bandwidth Bandwidth is the s peed of link. The path with higher bandwidth is preferred to send the data. Load Load is the amount of traffic present in the interface. Paths with lower load a nd high throughput are used to send data. Reliability Reliability is up time of interface over a period of time. Delay Delay is the time period b/w a packet is sent and received by the destination. MTU Maximum Transmission Unit It is the ma ximum size of packet that can be sent in a frame mostly MTU is set to 1500. Prob lems of Distance Vector There are two main problems of distance vector routing ( i) Bandwidth Consumption Routing Loops Bandwidth Consumption 2

The problem of excessive bandwidth consumption is solved out with the help of au tonomous system. It exchanges b/w different routers. We can also perform route s ummarization to reduce the traffic. (ii) Routing Loops It may occur b/w adjacent routers due to wrong routing information. Distance Vec tor routing is also called routing by Rumor. Due to this the packet may enter in the loop condition until their TTL is expired. 4

Method to solve routing loops There are five different methods to solve or reduc e the problem of routing loop. (i) Maximum Hop Count This method limits the maximum no. of hops a packet can travel. This method does not solve loop problem. But it reduces the loop size in the n/w. Due to this me thod the end to end size of a n/w is also limited. (ii) Flash Updates/Triggered Updates In this method a partial update is send to the all neighbors as soon as there is topology change. The router, which receives flash updates, will also send the f lash updates to the neighbor routers. oleObject5 Fig.5.4 Flash updates (iii) Split Horizon Split Horizon states routes that update receive from an interface cannot be send back to same interface. 2

oleObject6 Fig.5.5 Split horizon (iv) Poison Reverse This method is the combination of split Horizon and Flash updates. It implements the rule that information received from the interface can not be sent back to t he interface and in case of topology change flash updates will be send to the ne ighbor. (v) Hold Down If a route changes frequently then the route is declared in Hold Down state and no updates are received until the Hold Down timer expires. Routing Information P rotocol Features of RIP: * Distance Vector * Open standard * Broadcast Updates ( 2

* Metric Hop Count *Timers Update 30 sec Invalid 180 sec Hold 180 sec Flush 240 sec * Loop Control Split Horizon Triggered Updates Maximum Hop Count Hold Down * Maximum Hop Count 15 * Administrative Distance 120 * Equal Path Cost Load Balan cing * Maximum Load path 6 Default 4 * Does not support VLSM * Does not support Autonomous system Configuring RIP Router#conf ter Router(config)#router rip Router(config-router)#network <own net address> Router(config-router)#network <own net address> Router(config-router)# exit 2 oleObject7 oleObject8 oleObject9 Fig.5.6 Configuring RIP Router(config-router)#network Router(config-router)#network Router(config-router)#network via 4

Display RIP Routers Router#sh ip route rip R [120/5] via 172.30. 0.2 00:00:25 serial 1/0 RIP Dest. n/w mask AD Metric Next Hop Timer own Interfac e RIP advanced configuration (a) Passive Interfaces An interface, which is not a ble to send routing updates but able to receive routing update only is called Pa ssive Interface. We can declare an interface as passive with following commands: Router#conf ter Router(config)#router rip Router(config-router)#Passive-interfa ce <type> <no> Router(config-router)#exit (b) Configuring Timers Router(config)# router rip Router(config-router)#timers basic <update> <invalid> <hold down> <fl ush> Router(config-router)#exit Example: Router(conf-router)#timer basic 50 200 210 300 Update 50 sec Invalid 200 sec Hold 210 sec Flush 300 sec (c) To change A dministrative Distance Router(config)#router rip Router(config-router)#distance <value> Router(config-router)#exit 95 or 100 2

(d) To configure Load Balance RIP is able to perform equal path cost Load Balancing. If multiple paths are available with equal Hop Count for the destination then R IP will balance load equally on all paths. Load Balancing is enabled by default 4 paths. We can change the no. of paths. It can use simultaneously by following command: Router(config)#router rip Router(config-router)#maximum-path <1-6> (e) To display RIP parameters Router#sh ip protocol This command display following parameters: (i) RIP Timers (ii) RIP Version (iii) Route filtering (iv) Route redistribution (v) Interfaces on which update send ( vi) And receive (vii) Advertise n/w (viii) Passive interface (ix) Neighbor RIP ( i) Routing information sources (ii) Administrative Distance RIP version 2 RIP ve rsion 2 supports following new features: (1) Support VLSM (send mask in updates) (2) Multicast updates using address Support authentication Commands t o enable RIP version 2 We have to change RIP version 1 to RIP version 2. Rest al l communication will remain same in RIP version 2. Router(config)#Router RIP 2

Router(config-router)#version 2 Router(config-router)#exit To debug RIP routing Router#debug ip rip To disable debug routing Router#no debug ip rip (b) Link State Routing This type of routing is based on link state. Its working is explain as under (1) Each router will send Hello packets to all neighbors using all interfaces. (2) The router from which Hello reply receive are stored in the neighbor ship table. Hello packets are send periodically to maintain the neighbor table. (3) The rou ter will send link state information to the all neighbors. Link state informatio n from one neighbor is also forwarded to other neighbor. (4) Each router will ma intain its link state database created from link state advertisement received fr om different routers. (5) The router will use best path algorithm to store the p ath in routing table. (i) Problems of Link State Routing The main problems of link state routing are: (1) High bandwidth consumption. (2) More hardware resources required that is processor and memory (RAM) The routing protocols, which use link state routing, are: OSPF (ii) Enhanced Interior Gateway Routing Protocol * Cisco proprietary * Hybrid pro tocol Link State Distance Vector * Multicast Updates using Address 2 Features: -

* Support AS * Support VLSM * Automatic Route Summarization * Unequal path cost load balancing * Metric (32 bit composite) Bandwidth Delay Load Reliability MTU * Neighbor Recovery * Partial updates * Triggered updates * Backup Route * Multi Protocol Routing (iii) EIGRP Protocols & Modules (1) Protocol depended module This module is used to perform multi protocol routi ng that is the router will maintain 3 routing table for TCP/IP, IPX/SPX and Appl eTalk. IP Routing TCP/IP IPX Routing IPX/SPX Appletalk Routing Appletalk 4

(iv) Reliable Transport Protocol (Quiet Protocol) RTP is used to exchange routing updates with neighbor routers. It will also main tain neighbor relationship with the help of Hello packet. RTP has following feat ures: (1) Multicast updates ( (2) Neighbor recovery If neighbor stops responding to the Hello packets then RTP will send unicast Hello packet for tha t neighbor. (3) Partial updates (4) No updates are sending if there is no topolo gy change. (v) Configuring EIGRP Router(config)#router eigrp <as no> Router(config-router)#network <net addr.> Ro uter(config-router)#network <net addr.> Router(config-router)#exit (vi) Advanced Configuration EIGRP Configuring following options are same as configuring IGRP (1) Bandwidth on Inte rfaces (2) Neighbor (3) Load balancing Max path Variance (vii) Configuring EIGRP Metric If we want our router to use additional metric then we can use following command : Router(config)#Router eigrp <as no> Router(config-router)#metric weights 0 <k1 > <k2> <k3> <k4> <k5> Type of service (default) 1 Router(config-router)#exit Met ric Bandwidth K K1 Default value 1 2 0 1 0 0

Load Delay Reliability MTU K2 K3 K4 K5 0 1 0 0 All routers exchanging update with each other must have same AS no. and same K v alue. Router#sh ip eigrp topology It shows topology database. Router#sh ip eigrp neigh bor It shows neighbor table Debug EIGRP Router#debug ip eigrp 5.3.2 Autonomous system Autonomous system is the group of contiguous routers and n/w, which will share t heir routing information directly with each other. If all routers are in single domain and they share their information directly with each other then the size o f routing updates will depend on the no. of n/w present in the Internetwork. Upd ate for each n/w may take 150 200 bytes information. For example: - if there are 1000 n/ws then size of update will be 200*1000 = 200000 bytes The routing infor mation is send periodically so it may consume a large amount of bandwidth in our n/w. 4

oleObject10 Fig. 5.7 Autonomous system Protocols Interior Routing RIP IGRP EIGRP OSPF Exterior Routing BGP EXEIGRP 5.3.3 Open Shortest Path First Features: * Link State * Open standard * Multicast updates * Support VLSM * Support Area similar to AS 2

* Manual Route Summarization * Hierarchical model * Metric Bandwidth *Equal path cost load balancing * Support authentication *Unlimited hop count OSPF Terminol ogy (1) Hello packets (2) LSA (Link State Advertisement) (3) Neighbor (4) Neighbor t able (5) Topology table (LSA database) Router ID Router ID is the highest IP address of router interfaces. This id is used as the identity of the router. It maintains link state databases. The first preference for selecting router ID is given to the Logical interfaces. If logical interfac e is not present then highest IP of physical interface is selected as router id. ROUTER ID oleObject11 Fig. 5.8 Router ID 4

Area Area is the group of routers & n/ws, which can share their routing informat ion directly with each other. OSPF Area Characteristics: - Minimizes routing tab le entries. - Localizes impact of a topology change within an area. - Detailed L SA flooding stops at the area boundary. - Requires a hierarchical network design . Fig. 5.9 Autonomous system Adjacency A router is called adjacency when neighbor relationship is established . We can also say adjacency relationship is formed between the routers. 5.3.4 OSPF Hierarchical Model 4

oleObject12 Fig. 5.10 OSPF Hierarchical Model Area Router (Autonomous System Border Router ASBR) A router, which has all inter faces member of single area, is called area router. Backbone Area Area 0 is call ed backbone area. All other areas must connect to the backbone area for communic ation. Backbone Router A router, which has all interfaces members of area 0, is called backbone router. 2

Area Border Router A router, which connects an area with area 0, is called area border router. 5.3.5 LSA Flooding in OSPF If there are multiple OSPF routers on multi access n/w then there will be excess ive no. of LSA generated by the router and they can choke bandwidth of the netwo rk. oleObject13 Fig. 5.11 LSA Flooding in OSPF This problem is solved with the help of electing a router as designated router a nd backup designated router. Designated Router A router with highest RID (router id) will be designated router for a particular interface. This router is respon sible for receiving LSA from non-DR router and forward LSA to the all DR router. 4

Backup Designated Router This router will work as backup for the designated rout er. In BDR mode, it will receive all information but do not forward this informa tion to other non-DR router. Commands to configure OSPF Router#conf ter Router(c onfig)#router ospf <process no> Router(config-router)#network <net address> <wil d mask> area <area id> Router(config-router)#network <net address> <wild mask> a rea <area id> Router(config-router)#exit Wild Mask Complement of subnet mask Exa mple - Subnet mask Wild mask 255.255.255 .255 - subnet mask wild mask 4

oleObject14 Fig. 5.12 OSPF R1 Router(config-router)#network area 0 Router(config-rou ter)#network area 0 R2 Router(config-router)#network 20.0 .0.0 area 0 Router(config-router)#network a rea 1 Router(config-router)#network area 1 R3 Router(conf ig-router)#network area 1 Router(config-router)#network 5 area 1 Command: Router(config)#interface loopback <no> 2

Router(config-if)#ip address Router(config-if)#no sh Router(config-if)#exit Command to display OSPF parameter Router#show ip protoco l 4

CHAPTER 6 Access Control List 6.1 ACL ACL are the basic security feature that is required in any network to control th e flow of traffic. Most of time our network may have servers and clients for whi ch traffic control is required. We can also use ACL to classify the traffic. ACL s are used in features like QOS (Quality of Service), Prioritize traffic and int eresting traffic for ISDN. 6.2 Classification Access Control List: Types of ACL based on Protocol: (1) IP Acces s Control List (2) IPX Access Control List (3) AppleTalk Access Control List Typ es of ACL based on Feature: (1) Standard ACL (2) Extended ACL Types of ACL based on Access mode: (1) Numbered ACL (2) Named ACL Types of ACL based on Order of r ules: (1) Deny, permit (2) Permit, deny Types of ACL based on direction of imple mentation: (1) Inbound ACL (2) Outbound ACL 2

6.3 Flow chart of Inbound ACL Yes packed is Noany matching Theit permit?applied AIs packet Is there any Packet is receivedin ACL from top- down order? Is there Access listis rule on interfac e in inbound direction? dropped passed to is passed to Routing RE Engine Fig. 6.1 Flow chart of Inbound ACL 6.4 IP Standard ACL (Numbered) In Standard ACL, we are only able to specify source address for the filtering of packets. The syntax to create IP standard ACL are: Router#conf ter Router(confi g)#access-list <no> <permit|deny> <source> Router(config)#exit 2

<source> Single pc host N/w 200.1 00.100.0 Subnet All any 4

Example: - 18 should not access Internet; rest of all other pc shoul d access Internet. Fig. 6.2 Configuring ACL Router#conf ter Router(config)#access-list 30 deny Router(config)#ac cess-list 30 deny Router(config)#access-list 30 deny Rou ter(config)#access-list 30 permit any Router(config)#exit Applying ACL on interf ace Router#conf ter Router(config)#interface <type> <no> Router(config-if)#ip ac cess-group <ACL no.> <in|out> Router(config-if)#exit Rule for applying ACL Only one ACL can be applied on each interface, in each direction for each protocol. 6.5 IP Standard ACL (Named) In Numbered ACL editing feature is not available that is we are not able to dele te single rule from the ACL. In Named ACL editing feature is available. Router#c onfig ter Router(config)#ip access-list standard <name> Router(config-std-nacl)# <deny|permit> <source> 2

Router(config-std-nacl)#exit Router#conf ter Router(config)#ip access-list stand ard abc Router(config-std-nacl)#deny Router(config-std-nacl)#deny 17 Router(config-std-nacl)#deny Router(config-std-nacl)#permi t any To modify the ACL Router#conf ter Router(config)#ip access-list standard a bc Router(config-std-nacl)#no deny Router(config-std-nacl)#exit To c ontrol Telnet access using ACL If we want to control telnet with the help of ACL then we can create a standard ACL and apply this ACL on vty port. The ACL that we will create for vty will be permit deny order. Example: - suppose we want to allow telnet to our router from & pc. Router#conf ter Router(config)#access-list 50 permit Router(config)#access-list 50 permit Router(config)#line vty 0 4 Router(config-line)#access-cla ss 50 in Router(config)#exit 6.6 IP Extended ACL (Numbered) Extended ACL are advanced ACL. ACL, which can control traffic flow on the basis of five different parameters that are: (i) Source address (ii) Destination addre ss (iii) Source port (iv) Destination port (v) Protocol (layer 3/layer 4) Router (config-std-nacl)#exit 4

To display ACL Router#show access-lists or Router#show access-list <no> To displ ay ACL applied on interface Router#show ip interface Router#show ip interface <t ype> <no> Router#show ip interface Ethernet 0 2

Chapter 7 LAN Switching 7.1 LAN Switching Ethernet switches are used in LAN to create Ethernet n/ws. Switches forward the traffic on the basis of MAC address. Switches maintain a Mac Addressee table in which mac addresses and port nos used to perform switching decision. Working of b ridge and switch is similar to each other. Classification of switches Switches a re classified according to the following criteria: Types of switches based on wo rking (1) Store & Forward This switch receives entire frame then perform error c hecking and start forwarding data to the destination. (2) Cut through this switc h starts forwarding frame as soon as first six bytes of the frame are received. (3) Fragment-free this switch receives 64 bytes of the frame, perform error chec king and then start forwarding data. (4) Adaptive cut-through it changes its mod e according the condition. If it sees there are errors in many frames then it ch anges to Store & Forward mode from Cut through or Fragment-free. Types of switch es based on management (1) Manageable switches (2) Non-Manageable switches (3) S emi-Manageable switches Types of switches based on OSI layer (1) Layer 2 switche s (only switching) (2) Layer 3 switches (switching & routing) Types of switches based on command mode (only in Cisco) (1) IOS based (2) CLI based 2

Type of switches based on hierarchical model (1) Core layer switches (2) Distrib ution layer switches (3) Access layer switches Qualities of switch - No. of port s - Speed of ports - Type of media - Switching or wire speed or throughput Confi guring IP and Gateway on switch We can configure IP address on switch for web ac cess or telnet IP address is required for the administration of the switch. If w e have to access switch from remote n/w then we will configure default gateway i n addition to IP address. IP address is assigned to the logical interface of swi tch with following command:Switch(config)#interface vlan 1 Switch(config)#IP add ress <ip> <mask> Switch(config)#no sh Switch(config)#exit 7.2 VLAN (Virtual LAN) VLAN provides Virtual Segmentation of Broadcast Domain in the network. The devic es, which are member of same Vlan, are able to communicate with each other. The devices of different Vlan may communicate with each other with routing. So that different Vlan devices will use different n/w addresses. Vlan provides following advantages: (1) Logical Segmentation of network (2) Enhance network security Cr eating port based Vlan In port based Vlan, first we have to create a Vlan on man ageable switch then we have to add ports to the Vlan. Commands to create Vlan Sw itch#config ter Switch(config)#vlan <no> [name <word>] Switch(config)#exit optio nal 2

Or Switch#vlan database Switch(vlan)#vlan <no> [name <word>] Switch(vlan)#exit C ommands to configure ports for a Vlan By default, all ports are member of single vlan that is Vlan1. We can change vlan membership according to our requirement. Switch#conf ter Switch(config)#interface <type> <no> Switch(config-if)#switchpo rt access vlan <no> Switch(config-if)#exit Commands to configure multiple ports in a vlan Switch#conf ter Switch(config)#interface range <type> <slot/port no (s pace)(space) port no> Switch(config-if)#switchport access vlan <no> Switch(config -if)#exit Example: - Suppose we want to add interface fast Ethernet 0/10 to 0/18 in vlan5 Switch#config ter Switch(config)#interface range fastethernet 0/10 18 Switch(config-if)#switchport access vlan 5 Switchconfig-if#exit To Disable web a ccess in switch Switch#config ter Switch(config)#no ip http server To display ma c address table Switch#sh mac-address-table To Display Vlan and port membership Switch#sh vlan VTP server VTP server is a switch in which we can create, delete or modify Vlans. The server will send periodic updates for VTP clients. 4

VTP client On VTP client, we are not able to create, modify or delete Vlans. The client will receive and forward vtp updates. The client will create same Vlans as defined in vtp update. Commands Switch#conf ter Switch(config)#vtp domain <na me> Switch(config)#vtp password <word> Switch(config)#vtp mode <server|client|tr ansparent> Switch(config)#exit By default in cisco switches the VTP mode is set as VTP server with no domain and no password. To display VTP status Switch#sh vt p status 2

CONCLUSION CCNA training has made me learn 21st century skills such as complex problem solv ing and critical thinking. To conclude one can say that CCNA training was really beneficial for me and making report for such a great training is not being writ ten just for the sake of writing. I am crisply stating the main take away points from my work. I feel that CCNA Security Course help to meet the growing demand for network security skills. It provides the blended curriculum which provides a hands-on and carrier oriented introduction to come security concepts. The cours e is highly beneficial, as I feel; it helps students differentiate themselves in the marketplace. Develop students for network security carrier opportunities. I t enhances specialized security skills. 2

BIBLIOGRAPHY 1. 2 3 Course book on CCNA by Todd Lammle. Daily Diary 2