Professional Documents
Culture Documents
Project Report Ccna
Project Report Ccna
I hereby declare that the project work entitled CCNA (OSI, TCP/IP Models & Basics of
Routing) is an authentic record of my own work carried out at Netmax Technologies,
Chandigarh as requirement of six weeks industrial training for the award of B.Tech.
Degree in Electronics and Communication, under the guidance of Mr Navdeep Mangal
(Director Netmax Technologies, Chd.)
SHAINI SACHDEVA
80406106016
ECE
This is to certify that the above statement made by the candidate is correct to the best of
our knowledge & belief.
Abstract
The enterprise network is the lifeblood of any Small to Medium Enterprise (SME) with
more than one site or supply chain partner. It enables access to business information and
allows for profitable and effective communication flows between employees in different
enterprise sites. Network enterprise network equipment is mature and ubiquitous, but the
quality of services provided by similar networks varies from city to city and from country
to country.
In particular, the quality variation gap between most of the cities in some developing
nations and their counterparts in advanced nations is very wide. This is due to the lack in
developing nations of an adequate IT infrastructure, which is taken for granted in
developed nations. Planning an enterprise network in a developing nation is almost like
planning it in the middle of a desert. This project briefly discusses the architecture of an
enterprise network. It examines the barriers to planning, designing and implementing an
enterprise network. This project also covers the methods to implement enterprise level
networks.
In this project we will start from working basic router configuration then covering the
Routing technologies required to route data between branches.
After that we have implement WAN and Frame-relay is considered a good choice because
it connects multiple location using single interface of router and reduce the hardware
costs.
For Internet connectivity we are also using frame relay. In this setup NAT is very essential
in which we have translate live IP into local and vice-versa.
In short we can say a lot of technologies are studied and implemented for the successful
completion of the project.
Following list of technologies that are required in this project.
Administration of router
Routing
Types of routing
Benefits of static and dynamic routing
Scalability of networks
Cisco router
Core layer switch
Distribution layer switch
Access layer switches
Router
IP Addressing
Routing
Core Switch
VTP server
VLAN database
Trunk Links
Spanning Tree Configuration
Configuring IP & Gateway
VLAN Port Membership
Distribution Switches
VTP Client
Configuring IP & Gateway
Trunk Link Configuration
VLAN Port Membership
ACKNOWLEDGEMENT
Thanking and feeling obliged indicates that we believe in someone elses existence rather
than in the Divine who rules everything. When we feel obliged, then we are not honoring
the principles of the Divine karma. We should appreciate people for what they are and not
thank them for what they do We should be grateful to people for what they are and not
for their acts. Now, it is really a long journey, going back in the past times and making a
big list of names for appreciation and gratitude.
Industrial Training is an important aspect of engineering. Through this training the
student learns to conduct himself/herself in environment of the industry. This training is
also helpful in acquiring the required technical knowledge. I am pursued my training at
Netmax Technologies, Chandigarh. I learned a lot at this place. I really feel the deepest
gratitude towards my supervisor, Mr Navdeep Mangal (Director, Netmax Technologies).
His immense love has been of great value to me. Without his unrivalled guidance,
constant encouragement, painstaking efforts, keen observance, benevolent attention the
present dissertation work would have remained futile. He really has the ability to make a
laidback person the foremost one.
I am deeply grateful to our training and placement officer Mr Inderjeet Singh Gill and
all my respected teachers of Shaheed Bhagat Singh College of Engg. & Tech,
Ferozepur for their smile, support, calm and soothing attitude, which yielded peace of
mind during my busy work hours.
The biggest appreciation and gratitude is towards my seniors, who were brave enough to
share their views, keep a vision on my work and who made the task of compiling the
dissertation an easy way out for me. I salute these grand masters, filled with knowledge,
patience and above all love. They were tolerant and uncomplaining all the times and
calmed and supported me, when I needed them the most. They never retraced their steps
in the hour of need and were ready with their helping hands for all the times.
I offer appreciation to all these great people of my life, for what they are. May they all
win laurels and their names are glorified and honored. Needless to say, the more I direct
my thoughts positively and feel genuinely thankful, I find that the more I get to
experience good results.
SHAINI SACHDEVA
80406106016
7
PREFACE
Practical training constitutes an integral part of engineering studies. The training gives an
opportunity to the students to express themselves to the industrial environment which is
quite different from the teaching classroom. The training enables the student to work in
the future. It enables the student to undergo those experiences which help them later when
they join an organization.
Industrial training is a major part of course. It is period in which we are introduced to the
industrial environment or in other words we can say that industrial training is provided for
the familiarization with the industrial environment, with the advancement in computer
technologies and increased automation in the industries for increasing their production. In
organization where Making Things Right in the first instance is the driving motto,
perfection and accuracy are inevitable.
Excellence is an attitude that the whole of the human race is born with. It is the
environment that makes sure that whether the result of this attitude is visible or otherwise.
A well planned, properly executed and evaluated industrial training helps a lot in
inculcating a professional attitude. It provides a linkage between the student and industry
to develop an awareness of industrial approach to problem solving, based on a broad
understanding of process and mode of operation of organization. The objective of training
is to raise the level of performance on one or more of its aspects and this may be achieved
by providing new knowledge and information relevant to a job.
During this period, the students get the real, firsthand experience for working in the actual
environment. Most of the theoretical knowledge that has been gained during the course of
their studies is put to test here. It covers all the remains uncovered in the classroom i.e.
without it our studies remains ineffective and incomplete. Apart from this, the students
get an opportunity to learn the latest technology, which immensely helps them in building
their carrier.
I had the opportunity to have a real experience on many ventures, which increased my
sphere of knowledge to a great extent. I was entrusted with a real life project, working on
which had finally made me step into the ongoing technology and gradually become a part
of it. And all the credit goes to NETMAX TECHNOLOGIES, CHANDIGARH for
providing me the opportunity and facility for the making of this dissertation. I availed this
instance in a very satisfactory manner and think it will be very beneficial for me in
building my future.
8
COMPANY PROFILE
Netmax Technologies is an organization which is established in the field of Network
Support, Network training, Software training and Embedded systems.
In Education we have strategic alliance with Pearson VUE and Parametric. We are
authorized Testing Partner of REDHAT & Cisco. We are also NOVELL EDUCATION
PARTNER with which we provide NOVELL and SUSE LINUX courses. Netmax
Technologies also conduct courses in CADENCE based design tools.
Netmax Technologies also provide Technical Research & Development support and
consultancy to some Electronics companies.
Our clients for R&D support in field of embedded systems.
CEDTI, Mohali
Premier ISP, Chandigarh
Innovative Solutions, Chandigarh
Emmtel ISP, Chandigarh
NIPER, Mohali
Navik Technologies, Chandigarh
Software Technology Parks India, Mohali
Glide Internet Services
Rana Group
IDS
HFCL Infotel Ltd.
Targus Technologies Pvt. ltd
STPI, Mohali
BBMB
The Tribune
OUR TEAM
Presently we have a strong technical team of certified professionals for catering to these
solutions and have presence in Chandigarh and Punjab. We have skilled team of engineers
who are experienced in design, programming. We are having more than 15 engineers who
are having prestigious certifications like CCNA, CCNP, CCSP, CCSA, MCSE, RHCE,
C, C++, JAVA and PhP MySql Programming.
Support Area (network solutions)
a.
b.
c.
d.
e.
f.
Software Training
a.
b.
c.
d.
e.
C++
C
JAVA
PhP My Sql Programming
1 year Diploma in System administration & Networking.
10
Our core strength is our commitment, technical expertise and cost effective solutions. We
ensure high service levels and prompt support availability leading to lower downtime.
Netmax Technologies is a leader in education services and developer of innovative
embedded solutions. To meet the demands of Post PC era Netmax provides complete
solutions as well as design-to-order services to satisfy our customers.
For NetMax Technologies
Navdeep Mangal
Sonika Mangal
+9888070008, +9888435109.
Head Office
NetMax Technologies
SCO 58-59
Sector 34A
Chandigarh
0172-4644644
Branch Office
NetMax Technologies
SCO 198-200
Sector 34A
Chandigarh
0172-2608351
11
Contents
Page No.
Declaration.....2
Certificate...3
Abstract.4-5
Acknowledgement..........6
Preface
....7
Company Profile..8-10
List of Figures14
List of Tables.....15
Abbreviations16
1.
Networking17-23
1.1
Network.17
1.2
LAN...17
1.3
WAN..17
1.4
Devices...17
1.4.1
Hub17-18
1.4.2
Switch18-
1.4.3
Bridge19-20
1.4.4
Router.20
1.4.5
Lan Card.21
19
2.
1.5
1.6
OSI Model.24
2.1.1
2.1.2
2.1.3
2.1.4
3.
2.1.5
2.1.6
2.1.7
2.1.8
Data Encapsulation..29
TCP/IP Model.30-32
3.1
4.
TCP/IP MODEL...30
3.1.1
3.1.2
3.1.3
IP Routing33-42
4.1
ROUTER...33
4.2
Routing33-34
4.3
IP Addressing34
4.3.1
Class A Addresses34-35
Class C Addresses35-36
Class E Addresses.37
4.4
IP Routing.....37
4.5
Routing Process.....37-
4.6
38
4.7
4.6.1
User mode......39
4.6.2
Privileged mode.39
4.6.3
Global configuration..39
4.6.4
4.6.5
4.6.6
Configuring Password40
4.7.1
Console Password..40
4.7.2
Vty Password.40
4.7.3
Auxiliary Password40
4.7.4
Enable Password40
13
4.8
5
4.7.5
4.7.6
Managing Configuration...41-42
Types Of Routing.43-64
5.1 Static Routing..43
5.1.1
5.1.2
5.1.3
5.1.4
5.1.5
5.2
Default Routing....46
5.3
Dynamic Routing.47
5.3.1
5.3.2
Autonomous system58-59
5.3.3
5.3.4
5.3.5
6.2
6.3
6.4
6.5
6.6
LAN Switching70-73
7.1
LAN Switching70-71
7.2
Conclusion..74
Bibliography...75
14
List of Figures
1.1.
1.2
1.3
1.4
1.5
1.6
1.7
UTP21
1.8
1.9
RJ 45 Connector.22
1.10
Networking Model.23
2.1
OSI MODEL..24
2.2
Windowing.26
2.3
2.4
3.1
TCP/IP MODEL.30
3.2
TCP Header31
4.1
Routing Process......38
4.2
5.1
Static routing..45
5.2
Default routing...46
5.3
5.4
Flash updates..50
5.5
Split horizon...50
5.6
Configuring RIP.52
5.7
Autonomous system...59
5.8
Router ID60
5.9
Autonomous system...60
5.10
5.11
5.12
OSPF..63
6.1
6.2
Configuring ACL.......67
15
List of Tables
1.1
Pin Configuration22
16
ABBREVIATIONS
n/w
Network
LAN
WAN
CSMA/CD
CSMA/CA
ISDN
OSI
TCP/IP
NIC
MAC
IETF
EXEC
EXECUTION
VTY
VLAN
BGP
EIGRP
IGRP
OSPF
RIP
MTU
VLSM
IOS
CLI
Command-Line Interface
17
Chapter 1
NETWORKING
1.1
Network
In one network more than one computer connected with each other through centralized
device. They can share files and resources with each other. Networks are the method to
share hardware resources and software resources. We can share the resources with the
help of operating system like windows, Linux, UNIX etc. To connect multiple networks
we have to use internetworking devices like router, bridge, layer 3, switches etc.
1.2
LAN
LAN stands for Local Area Network. The scope of the LAN is within one building, one
school or within one lab. In LAN (Hub), media access method is used CSMA/CD in
which each computer sense the carrier before sending the data over the n/w. If carrier is
free then you can transmit otherwise you have to wait or you have to listen. In multiple
accesses each computer has right that they can access each other. If two computers sense
the carrier on same time then the collision occur. Each computer in the network aware
about the collision. Now this stop transmitting and they will use back off algorithm. In
which random number is generated. This number or algorithm is used by each computer.
Who has short number or small number, he has first priority to transmit the data over the
network and other computers will wait for their turn.
1.3
WAN
WAN stands for Wide Area Network, in which two local area networks are connected
through public n/w. it may be through telecommunication infrastructure or dedicated
lines. For e.g.: - ISDN lines, Leased lines etc.
In which we can use WAN devices and WAN technology. You can also connect with your
remote area through existing Internetwork called Internet.
1.4
Devices
1.4.1 Hub
Hub is centralized device, which is used to connect multiple workstations. There are two
types of Hub: 18
It has no special kind of memory. It simply receives the frame (data) and forwards it to all
its nodes except the receiving node. It always performs broadcasting. In case of hub, there
is one collision domain and one broadcast domain. In case of hub, the media access
method is used CSMA/CD (Carrier Sense Multiple Access/Collision Detection).
Active Hub
In Active hub, it receives the frame regenerate and then forward to all its nodes.
Passive Hub
In Passive hub, it simply receives the frame and forward to all its connected
nodes.
1.4.2 Switch
Switch is also used to connect multiple workstations. Switch is more intelligent than hub.
It has special kind of memory called mac address/filter/lookup table. Switch reads mac
addresses. Switch stores mac addresses in its filter address table. Switch when receives
frame, it reads the destination mac address and consult with its filter table. If he has entry
in its filter table then he forwards the frame to that particular mac address, if not found
then it performs broadcasting to all its connected nodes.
19
Every port has its own buffer memory. A port has two queues one is input queue and
second is output queue. When switch receives the frame, the frame is received in input
queue and forward from output queue. So in case of switch there is no chance or place for
collisions. In case of switch, the media access method is used CSMA/CA (Carrier Sense
Multiple Access/ Collision Avoidance). Switches provide more efficiency, more speed and
security.
1.4.3 Bridge
Bridge is a hardware device, which is used to provide LAN segmentation means it is used
for break the collision domain. It has same functionality as performed by switch. We can
use bridge between two different topologies. It has fewer ports. Each port has a own
buffer memory. It works on Data Link Layer of OSI model. It also read mac address and
stores it in its filter table. In case of bridge there is one broadcast domain.
20
1.4.4 Router
Router is hardware device, which is used to communicate two different networks. Router
performs routing and path determination. It does not perform broadcast information.
FIG. 1.5
1.5
22
FIG. 1.7UTP
Pin Configuration
Hub/Switch
PC/Router/Online
Uplink
Rx+
RxTx+
NC
NC
Tx
NC
NC
Printer
Tx+
Tx
Rx+
NC
NC
Rx
NC
NC
port(Hub/Switch)
Tx+
Tx
Rx+
NC
NC
Rx
NC
NC
1
2
3
4
5
6
7
8
TABLE 1.1
Pin Configuration
Straight Cable
1 Orange white - Orange white
2 Orange - Orange
3 Green white - Green white
4 Blue - Blue
5 Blue white - Blue white
6 Green - Green
7 Brown white - Brown white
8 Brown Brown
Cross Cable
1 Orange white - Green white
2 Orange - Green
23
1.6
Server software: - Software which are used to giving services are server software.
Client software: - which gets services.
Server Software Apache,
IIS,
Exchange 2003,
FTP Server
Send Mail
P
R
O
T
O
C
O
L
Stack
TCP/IP,
IPX/SPX,
AppleTalk,
Netbeui
NIC
Client Software
Internet Explorer,
Outlook Express,
Yahoo messenger
Cute FTP
P
R
O
T
O
C
O
L
Stack
NIC
Media
Media
Fig. 1.10 Networking Model
24
Chapter 2
OSI (Open Systems Interconnection) Model
2.1
OSI Model
OSI model is the layer approach to design, develop and implement network.
OSI provides following advantages: (i) Designing of network will be standard base.
(ii) Development of new technology will be faster.
(iii) Devices from multiple vendors can communicate with each other.
(iv) Implementation and troubleshooting of network will be easy.
Software
Protocol Stack
Application Layer
Presentation Layer
Session Layer
Transport Layer
Network Layer
NIC
Media
Physical Layer
of the bits it transmits or receives. It is solely concerned with the physical characteristics
of electrical and/or optical signaling techniques. This includes the voltage of the electrical
current used to transport the signal, the media type and impedance characteristics, and
even the physical shape of the connector used to terminate the media. Transmission media
includes any means of actually transporting signals generated by the OSI's Layer 1
mechanisms. Some examples of transmission media are coaxial cabling, fiber-optic
cabling, and twisted-pair wiring.
2.1.4 Layer 4: Transport Layer: Transport layer is responsible for connection oriented and connection less
communication. Transport layer also performs other functions like
(i) Error checking
(ii) Flow Control
Buffering
Windowing
26
(iii)
(iv)
Multiplexing
Sequencing
Positive Acknowledgement Response
(a) Buffer
Buffer is the temporary storage area. All the data is stored in the buffer memory
and when communication ability is available the data is forward to another.
(b) Windowing
Windowing is the maximum amounts of the data that can be send to destination
without receiving Acknowledgement. It is limit for buffer to send data without
getting Acknowledgement.
(c) Multiplexing
Multiplexing means combining small data segment, which has same destination IP
and same destination service.
(iii) Sequencing
Transport layer add sequence number to data, so that out of sequence data can be detected
and rearranged in proper manner.
2.1.5 Layer 5:.Session Layer: This layer initiate, maintain and terminate sessions between different applications. Due to
this layer multiple application software can be executed at the same time.
1. Connection Oriented Communication
Receiver
28
Application Layer
Data*
Presentation Layer
Data**
Session Layer
Data***
Transport Layer
Network Layer
Physical Layer
1 0 = Bits
29
CHAPTER 3
TCP/IP MODEL
3.1
TCP/IP MODEL
TCP/IP is the most popular protocol stack, which consist of large no of protocol.
According to the OSI model TCP/IP consist of only four layers. TCP/IP model is
modified form of DOD (Department of Defense) model.
Rdp
& many more
AHttp Smtp Dns Ftp Tftp Telenet Ntp Snmp Ssl
25 53 20 69
23
123
443
3389
pop3 imap
P 80
Application
S
TCP UDP
Transport
(Host to Host)
Internet Protocol
ARP RARP ICMP IGMP RIP OSPF BGP
Internet
Network
Access
DL
Ph
Fig. 3.1 TCP/IP MODEL
UDP is connection less protocol, which is responsible for error checking and
identifying applications using port numbers.
UDP HEADER (8 bytes)
Bytes 4
4
Length 16 bits
Checksum 16 bits
Data
32
CHAPTER 4
IP ROUTING
4.1
ROUTER
Unlike most LAN components, routers are intelligent. More importantly, they can operate
at all layers of the OSI reference model rather than just the first two. This enables them to
internetwork multiple LANs by using Layer 3 addressing.
A router must have two or more physical interfaces for interconnecting LANs and/or
WAN transmission facilities. The router learns about the addresses of machines or
networks that are somehow connected via each of its interfaces. The list of these
addresses is kept in tables that correlate Layer 3 addresses with the port numbers that they
are directly or indirectly connected to.
A router uses two types of networking protocols, both of which operate at Layer 3. These
are routable protocols and routing protocols. Routable protocols, also known as routed
protocols, are those that encapsulate user information and data into packets. An example
of a routed protocol is IP. IP is responsible for encapsulating application data for transport
through a network to the appropriate destinations.
Routing protocols are used between routers to determine available routes, communicate
what is known about available routes, and forward routed protocol packets along those
routes. The purpose of a routing protocol is to provide the router with all the information
it needs about the network to route datagrams.
4.2
Routing
Routers are used to forward packets of data between devices that aren't necessarily
connected to the same local network. Routing is the cumulative processes that discover
paths through the network to specific destinations, compare redundant routes
mathematically, and build tables that contain routing information.
33
The router's task is easy: It has only two interfaces. Any packets received by one of its
interfaces was either delivered to the other interface or discarded as undeliverable. In this
particular case, the router may well have been replaced by a hub, bridge, switch, or any
other Layer 2 device. The router's real value lies in determining routes to destinations on
nonadjacent networks.
4.3
IP Addressing
A Class A IP address uses only the first octet to indicate the network address. The
remaining three octets enumerate host addresses. The first bit of a Class A address is
always a 0. This mathematically limits the possible range of the Class A address to 127,
which is the sum of 64 + 32 + 16 + 8 + 4 + 2 + 1. The leftmost bit's decimal value of 128
is absent from this equation. Therefore, there can only ever be 127 possible Class A IP
networks.
The last 24 bits (that is, three dotted-decimal numbers) of a Class A address represent
possible host addresses. The range of possible Class A network addresses is from 1.0.0.0
to 126.0.0.0. Notice that only the first octet bears a network address number. The
remaining three are used to create unique host addresses within each network number. As
34
such, they are set to zeroes when describing the range of network numbers.
Note Technically, 127.0.0.0 is also a Class A network address. However, it is reserved for
loop-back testing and cannot be assigned to a network.
The last octet is used for host addressing. Each Class C address can support a theoretical
maximum of 256 unique host addresses (0 through 255), but only 254 are usable because
0 and 255 are not valid host numbers. There can be 2,097,150 different Class C network
numbers.
Note In the world of IP addressing, 0 and 255 are reserved host address values. IP
addresses that have all their host address bits set equal to 0 identify the local network.
Similarly, IP addresses that have all their host address bits set equal to 255 are used to
broadcast to all end systems within that network number.
4.4
IP Routing
When we want to connect two or more networks using different n/w addresses then we
have to use IP Routing technique. The router will be used to perform routing between the
networks. A router will perform following functions for routing.
Path determination
Packet forwarding
4.5
Routing Process
(i) The pc has a packet in which destination address is not same as the local n/w
address.
(ii) The pc will send an ARP request for default gateway. The router will reply to
the ARP address and inform its Mac address to pc.
37
S. MAC
PC1
D. IP 172.16.0.5
S. IP 10.0.0.6
D. MAC
R1
The router will receive the frame, store it into the buffer. When obtain packet from the
frame then forward data according to the destination IP of packet. The router will obtain a
route from routing table according to which next hop IP and interface is selected
(iv) According to the next hop, the packet will encapsulated with new frame and data is
send to the output queue of the interface.
4.6
When we access router command prompt the router will display different modes.
According to the modes, privileges and rights are assigned to the user.
38
39
4.7
Configuring Password
Console Password
router#configure terminal
router(config)#line console 0
router(config-line)#password <word>
router(config-line)#login
router(config-line)#exit
to erase password do all steps with no command.
4.7.2
Vty Password
router>enable
router#configure terminal
router(config)#line vty 0 4
router(config-line)#password <word>
router(config-line)#login
router(config-line)#exit
4.7.3
Auxiliary Password
router#configure terminal
router(config)#line Aux 0
router(config-line)#password <word>
router(config-line)#login
router(config-line)#exit
4.7.4
Enable Password
router>enable
router#configure terminal
router(config)#enable password <word>
router(config)#exit
40
4.7.5
4.7.6
4.8
Managing Configuration
Router#configure terminal
Router#hostname <name>
<name>#exit or end or /\z
Configuring Interfaces
Interfaces configuration is one of the most important part of the router configuration. By
default, all interfaces of Cisco router are in disabled mode. We have to use different
commands as our requirement to enable and configure the interface.
Configuring IP, Mask and Enabling the Interface
Router#configure terminal
Router(config)#interface <type> <no>
Router(config-if)#ip address <ip> <mask>
Router(config-if)#no shutdown
Router(config-if)#exit
Interface Numbers
Interface numbers start from 0 for each type of interface some routers will directly used
interface number while other router will use slot no/port no addressing technique.
To display interface status
Router#show interfaces (to show all interfaces)
Router#show interface <type> <no>
42
CHAPTER 5
TYPES OF ROUTING
5.1 Static Routing
In this routing, we have to use IP route commands through which we can specify routes
for different networks. The administrator will analyze whole internetwork topology and
then specify the route for each n/w that is not directly connected to the router.
Or
Router(config)#ip route 172.16.0.0 255.255.0.0 serial 0
AD
Directly Connected
Static
BGP
20
EIGRP
90
IGRP
100
OSPF
110
RIP
120
44
5.2
Default Routing
45
Default routing means a route for any n/w. these routes are specify with the help of
following syntax: Router(config)#ip route 0.0.0.0 0.0.0.0 <next hop>
Or
<exit interface>
This type of routing is used in following scenario.
Scenario 2: Stub network
A n/w which has only one exit interface is called stub network.
5.3
Dynamic Routing
In dynamic routing, we will enable a routing protocol on router. This protocol will send
its routing information to the neighbor router. The neighbors will analyze the information
and write new routes to the routing table.
The routers will pass routing information receive from one router to other router also. If
there are more than one path available then routes are compared and best path is selected.
Some examples of dynamic protocol are: RIP, IGRP, EIGRP, OSPF
The Routing, which is based on two parameters, that is distance and direction is
called Distance Vector Routing.
The example of Distance Vector Routing is RIP & IGRP.
Operation: (1) Each Router will send its directly connected information to the neighbor
router. This information is send periodically to the neighbors.
47
(2) The neighbor will receive routing updates and process the route according to
following conditions: (i) If update of a new n/w is received then this information is stored in
routing table.
(ii) If update of a route is received which is already present in routing table
then route will be refresh that is route times are reset to zero.
(iii) If update is received for a route with lower metric then the route,
which is already present in our routing table. The router will discard old
route and write the new route in the routing table.
(iv) If update is received with higher metric then the route that is already
present in routing table, in this case the new update will be discard.
(3) A timer is associated with each route. The router will forward routing
information on all interfaces and entire routing table is send to the neighbor. There
are three types of timers associated with a route.
(i) Route update timer. It is the time after which the router will send
periodic update to the neighbor.
(ii) Route invalid timer. It is the time after which the route is declared
invalid, if there are no updates for the route. Invalid route are not
forwarded to neighbor routers but it is still used to forward the traffic.
(iii) Route flush timer. It is the time after which route is removed from the
routing table, if there are no updates about the router.
Metric of Dynamic Routing
Metric are the measuring unit to calculate the distance of destination n/w. A protocol may
use a one or more than one at a time to calculate the distance. Different types of metric
are: (1) Hop Count
(2) Band Width
(3) Load
(4) Reliability
(5) Delay
(6) MTU
Hop Count
It is the no. of Hops (Routers) a packet has to travel for a destination n/w.
48
Bandwidth
Bandwidth is the speed of link. The path with higher bandwidth is preferred to send the
data.
Load
Load is the amount of traffic present in the interface. Paths with lower load and high
throughput are used to send data.
Reliability
Reliability is up time of interface over a period of time.
Delay
Delay is the time period b/w a packet is sent and received by the destination.
MTU Maximum Transmission Unit
It is the maximum size of packet that can be sent in a frame mostly MTU is set to 1500.
Problems of Distance Vector
There are two main problems of distance vector routing
Bandwidth Consumption
Routing Loops
(i)
Bandwidth Consumption
The problem of excessive bandwidth consumption is solved out with the help of
autonomous system. It exchanges b/w different routers. We can also perform route
summarization to reduce the traffic.
(ii)
Routing Loops
It may occur b/w adjacent routers due to wrong routing information. Distance
Vector routing is also called routing by Rumor. Due to this the packet may enter in
the loop condition until their TTL is expired.
49
This method limits the maximum no. of hops a packet can travel. This method
does not solve loop problem. But it reduces the loop size in the n/w. Due to this
method the end to end size of a n/w is also limited.
(ii)
In this method a partial update is send to the all neighbors as soon as there is
topology change. The router, which receives flash updates, will also send the flash
updates to the neighbor routers.
(iii)
Split Horizon
Split Horizon states routes that update receive from an interface cannot be send
back to same interface.
50
(iv)
Poison Reverse
This method is the combination of split Horizon and Flash updates. It implements
the rule that information received from the interface can not be sent back to the
interface and in case of topology change flash updates will be send to the
neighbor.
(v)
Hold Down
If a route changes frequently then the route is declared in Hold Down state and no
updates are received until the Hold Down timer expires.
Routing Information Protocol
Features of RIP: * Distance Vector
* Open standard
* Broadcast Updates
(255.255.255.255)
* Metric
Hop Count
*Timers
Update 30 sec
Invalid 180 sec
Hold 180 sec
Flush 240 sec
51
* Loop Control
Split Horizon
Triggered Updates
Maximum Hop Count
Hold Down
* Maximum Hop Count 15
* Administrative Distance 120
* Equal Path Cost Load Balancing
* Maximum Load path 6
Default 4
* Does not support VLSM
* Does not support Autonomous system
Configuring RIP
Router#conf ter
Router(config)#router rip
Router(config-router)#network <own net address>
Router(config-router)#network <own net address>
Router(config-router)#exit
172.16.0.6
52
10.0.0.1
172.16.0.5
175.2.1.1
200.100.100.12
Fig.5.6 Configuring RIP
Router(config-router)#network 10.0.0.0
Router(config-router)#network 172.16.0.0
Router(config-router)#network 200.100.100.0
175.2.0.0 via 172.16.0.6
53
Passive Interfaces
An interface, which is not able to send routing updates but able to receive routing
update only is called Passive Interface. We can declare an interface as passive with
following commands: Router#conf ter
Router(config)#router rip
Router(config-router)#Passive-interface <type> <no>
Router(config-router)#exit
(b)
Configuring Timers
Router(config)#router rip
Router(config-router)#timers basic <update> <invalid> <hold down>
<flush>
Router(config-router)#exit
95 or 100
54
(d)
(e)
Router(config-router)#version 2
Router(config-router)#exit
To debug RIP routing
Router#debug ip rip
To disable debug routing
Router#no debug ip rip
(b)
This type of routing is based on link state. Its working is explain as under
(1) Each router will send Hello packets to all neighbors using all interfaces.
(2) The router from which Hello reply receive are stored in the neighbor ship
table. Hello packets are send periodically to maintain the neighbor table.
(3) The router will send link state information to the all neighbors. Link state
information from one neighbor is also forwarded to other neighbor.
(4) Each router will maintain its link state database created from link state
advertisement received from different routers.
(5) The router will use best path algorithm to store the path in routing table.
(i)
The main problems of link state routing are: (1) High bandwidth consumption.
(2) More hardware resources required that is processor and memory (RAM)
The routing protocols, which use link state routing, are: OSPF
(ii)
57
(iv)
RTP is used to exchange routing updates with neighbor routers. It will also maintain
neighbor relationship with the help of Hello packet. RTP has following features: (1) Multicast updates (224.0.0.10)
(2) Neighbor recovery
If neighbor stops responding to the Hello packets then RTP will send unicast Hello packet
for that neighbor.
(3) Partial updates
(4) No updates are sending if there is no topology change.
(v)
Configuring EIGRP
(vi)
If we want our router to use additional metric then we can use following
command: Router(config)#Router eigrp <as no>
Router(config-router)#metric weights 0 <k1> <k2> <k3> <k4> <k5>
Type of service (default) 1
Router(config-router)#exit
Metric
Default value
Bandwidth
K1
1
58
Load
K2
Delay
K3
Reliability
K4
MTU
K5
All routers exchanging update with each other must have same AS no. and same K value.
Debug EIGRP
Router#debug ip eigrp
59
Fig.
Protocols
Interior Routing
Exterior Routing
RIP
BGP
IGRP
EXEIGRP
EIGRP
OSPF
Area
Area is the group of routers & n/ws, which can share their routing information directly
with each other.
OSPF Area Characteristics:
61
- Minimizes routing
table entries.
- Localizes impact of
a topology change
within an area.
- Detailed LSA
flooding stops at the
area boundary.
- Requires a
hierarchical network
design.
Fig. 5.9
Autonomous system
Adjacency
A router is called adjacency when neighbor relationship is established. We can also say
adjacency relationship is formed between the routers.
62
This problem is solved with the help of electing a router as designated router and backup
designated router.
Designated Router
63
A router with highest RID (router id) will be designated router for a particular interface.
This router is responsible for receiving LSA from non-DR router and forward LSA to the
all DR router.
Backup Designated Router
This router will work as backup for the designated router. In BDR mode, it will receive all
information but do not forward this information to other non-DR router.
Commands to configure OSPF
Router#conf ter
Router(config)#router ospf <process no>
Router(config-router)#network <net address> <wild mask> area <area id>
Router(config-router)#network <net address> <wild mask> area <area id>
Router(config-router)#exit
Wild Mask Complement of subnet mask
Example
255.255.0.0
0.0.255.255
255.255.255.255
- Subnet mask
Wild mask
255.255.255.255
- 255.255.192.0
subnet mask
0.0.63.255
wild mask
64
R1
Router(config-router)#network 20.0.0.0 0.255.255.255 area 0
Router(config-router)#network 10.0.0.0 0.255.255.255 area 0
R2
Router(config-router)#network 20.0.0.0 0.255.255.255 area 0
Router(config-router)#network 30.0.0.0 0.255.255.255 area 1
Router(config-router)#network 40.0.0.0 0.255.255.255 area 1
R3
Router(config-router)#network 40.0.0.0 0.255.255.255 area 1
Router(config-router)#network 50.0.0.0 0.255.255.255 area 1
Command: Router(config)#interface loopback <no>
Router(config-if)#ip address 200.100.100.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#exit
Command to display OSPF parameter
Router#show ip protocol
65
CHAPTER 6
Access Control List
6.1 ACL
ACL are the basic security feature that is required in any network to control the flow of
traffic. Most of time our network may have servers and clients for which traffic control is
required. We can also use ACL to classify the traffic. ACLs are used in features like QOS
(Quality of Service), Prioritize traffic and interesting traffic for ISDN.
6.2
Classification Access Control List: Types of ACL based on Protocol: (1) IP Access Control List
(2) IPX Access Control List
(3) AppleTalk Access Control List
Types of ACL based on Feature: (1) Standard ACL
(2) Extended ACL
Types of ACL based on Access mode: (1) Numbered ACL
(2) Named ACL
Types of ACL based on Order of rules: (1) Deny, permit
(2) Permit, deny
Types of ACL based on direction of implementation: (1) Inbound ACL
(2) Outbound ACL
66
6.3
Yes
NoThe pack
Yes
Yes
The packed is passed to RE
No
The pack
Is it permit?
6.4
In Standard ACL, we are only able to specify source address for the filtering of packets.
The syntax to create IP standard ACL are: Router#conf ter
Router(config)#access-list <no> <permit|deny> <source>
Router(config)#exit
<source> Single pc host 192.168.10.5
192.168.10.5
192.168.10.5 0.0.0.0
N/w 200.100.100.0 0.0.0.255
Subnet 200.100.100.32 0.0.0.15
All any
67
68
Example: - 172.16.0.16 18 should not access Internet; rest of all other pc should access
Internet.
Router#conf ter
Router(config)#access-list 30 deny 172.16.0.16
Router(config)#access-list 30 deny 172.16.0.17
Router(config)#access-list 30 deny 172.16.0.18
Router(config)#access-list 30 permit any
Router(config)#exit
Applying ACL on interface
Router#conf ter
Router(config)#interface <type> <no>
Router(config-if)#ip access-group <ACL no.> <in|out>
Router(config-if)#exit
Rule for applying ACL
Only one ACL can be applied on each interface, in each direction for each protocol.
6.5
In Numbered ACL editing feature is not available that is we are not able to delete single
rule from the ACL. In Named ACL editing feature is available.
Router#config ter
Router(config)#ip access-list standard <name>
Router(config-std-nacl)#<deny|permit> <source>
Router(config-std-nacl)#exit
69
Router#conf ter
Router(config)#ip access-list standard abc
Router(config-std-nacl)#deny 172.16.0.16
Router(config-std-nacl)#deny 172.16.0.17
Router(config-std-nacl)#deny 172.16.0.18
Router(config-std-nacl)#permit any
To modify the ACL
Router#conf ter
Router(config)#ip access-list standard abc
Router(config-std-nacl)#no deny 172.16.0.17
Router(config-std-nacl)#exit
To control Telnet access using ACL
If we want to control telnet with the help of ACL then we can create a standard ACL and
apply this ACL on vty port. The ACL that we will create for vty will be permit deny
order.
Example: - suppose we want to allow telnet to our router from 192.168.10.5 &
192.168.10.30 pc.
Router#conf ter
Router(config)#access-list 50 permit 192.168.10.5
Router(config)#access-list 50 permit 192.168.10.30
Router(config)#line vty 0 4
Router(config-line)#access-class 50 in
Router(config)#exit
6.6
Extended ACL are advanced ACL. ACL, which can control traffic flow on the basis of
five different parameters that are: (i) Source address
(ii) Destination address
(iii) Source port
(iv) Destination port
(v) Protocol (layer 3/layer 4) Router(config-std-nacl)#exit
70
To display ACL
Router#show access-lists or
Router#show access-list <no>
To display ACL applied on interface
Router#show ip interface
Router#show ip interface <type> <no>
Router#show ip interface Ethernet 0
71
Chapter 7
LAN Switching
7.1 LAN Switching
Ethernet switches are used in LAN to create Ethernet n/ws. Switches forward the traffic
on the basis of MAC address. Switches maintain a Mac Addressee table in which mac
addresses and port nos used to perform switching decision. Working of bridge and switch
is similar to each other.
Classification of switches
Switches are classified according to the following criteria: Types of switches based on working
(1) Store & Forward
This switch receives entire frame then perform error checking and start
forwarding data to the destination.
(2) Cut through this switch starts forwarding frame as soon as first six bytes of the
frame are received.
(3) Fragment-free this switch receives 64 bytes of the frame, perform error
checking and then start forwarding data.
(4) Adaptive cut-through it changes its mode according the condition. If it sees
there are errors in many frames then it changes to Store & Forward mode from
Cut through or Fragment-free.
Types of switches based on management
(1) Manageable switches
(2) Non-Manageable switches
(3) Semi-Manageable switches
Types of switches based on OSI layer
(1) Layer 2 switches (only switching)
(2) Layer 3 switches (switching & routing)
Types of switches based on command mode (only in Cisco)
(1) IOS based
(2) CLI based
72
7.2
VLAN provides Virtual Segmentation of Broadcast Domain in the network. The devices,
which are member of same Vlan, are able to communicate with each other. The devices of
different Vlan may communicate with each other with routing. So that different Vlan
devices will use different n/w addresses. Vlan provides following advantages: (1) Logical Segmentation of network
(2) Enhance network security
Creating port based Vlan
In port based Vlan, first we have to create a Vlan on manageable switch then we have to
add ports to the Vlan.
Commands to create Vlan
Switch#config ter
Switch(config)#vlan <no>
73
[name <word>]
Switch(config)#exit optional
Or
Switch#vlan database
Switch(vlan)#vlan <no>
[name <word>]
Switch(vlan)#exit
Commands to configure ports for a Vlan
By default, all ports are member of single vlan that is Vlan1. We can change vlan
membership according to our requirement.
Switch#conf ter
Switch(config)#interface <type> <no>
Switch(config-if)#switchport access vlan <no>
Switch(config-if)#exit
Commands to configure multiple ports in a vlan
Switch#conf ter
Switch(config)#interface range <type> <slot/port no (space)(space) port no>
Switch(config-if)#switchport access vlan <no>
Switch(config-if)#exit
Example: - Suppose we want to add interface fast Ethernet 0/10 to 0/18 in vlan5
Switch#config ter
Switch(config)#interface range fastethernet 0/10 18
Switch(config-if)#switchport access vlan 5
Switchconfig-if#exit
To Disable web access in switch
Switch#config ter
Switch(config)#no ip http server
To display mac address table
Switch#sh mac-address-table
To Display Vlan and port membership
Switch#sh vlan
74
VTP server
VTP server is a switch in which we can create, delete or modify Vlans. The server will
send periodic updates for VTP clients.
VTP client
On VTP client, we are not able to create, modify or delete Vlans. The client will receive
and forward vtp updates. The client will create same Vlans as defined in vtp update.
Commands
Switch#conf ter
Switch(config)#vtp domain <name>
Switch(config)#vtp password <word>
Switch(config)#vtp mode <server|client|transparent>
Switch(config)#exit
By default in cisco switches the VTP mode is set as VTP server with no domain
and no password.
To display VTP status
Switch#sh vtp status
75
CONCLUSION
CCNA training has made me learn 21st century skills such as complex problem solving
and critical thinking.
To conclude one can say that CCNA training was really beneficial for me and making
report for such a great training is not being written just for the sake of writing. I am
crisply stating the main take away points from my work.
I feel that CCNA Security Course help to meet the growing demand for network security
skills. It provides the blended curriculum which provides a hands-on and carrier oriented
introduction to come security concepts. The course is highly beneficial, as I feel; it helps
students differentiate themselves in the marketplace. Develop students for network
security carrier opportunities. It enhances specialized security skills.
76
BIBLIOGRAPHY
1.
www.cisco.com
Daily Diary
77