Professional Documents
Culture Documents
sikandarbaadshah@gmail.com 9985048840
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 1
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
IP ADDRESS
IPV4
D 224.0.0.0 -
239.255.255.255
E 240.0.0.0 -
255.255.255.255
Private IP Address
There are certain addresses in each class of IP address that are reserved for Private
Networks. These addresses are called private addresses.
Class A 10.0.0.0 to 10.255.255.255
Class B 172.16.0.0 to 172.31.255.255
Class C 192.168.0.0 to 192.168.255.255
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 2
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Subnet Mask
Subnet Mask:-Its an address used to identify the network and host portion of the ip
address
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 3
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
SUBNETTING
FLSM : Example-- 1
Req = 40 hosts using C-class address network 192.168.1.0/24
2h - 2 >= req
26 2 >= 40
64 2 >= 40
62 >= 40
Hosts/Subet = 2h - 2 = 26 2 = 64 2
= 62 Hosts/Subet
Subnets = 2n = 22 = 4 Subnets
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 4
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Range :
FLSM : Example-- 2
Req = 500 hosts using B-class address network 172.16.0.0/16
2h - 2 >= req
29 2 >= 500
512 2 >= 500
510 >= 500
Hosts/Subet = 2h - 2 = 29 2 = 512 2
= 510 Hosts/Subet
Range :
FLSM : Example-- 3
Req = 2000 hosts using A-class address network 10.0.0.0/8
2h - 2 >= req
211 2 >= 2000
2048 2 >= 2000
2046 >= 2000
Range:
10.0.0.0/21 10.0.7.255/21
10.0.8.0/21 10.0.15.255/21
10.0.16.0/21 10.0.23.255/21
10.0.248.0/21 10.0.255.255/21
Advantages
Efficient Use of IP addresses: Without VLSMs, networks would have to use the same subnet
mask throughout the network. But all your networks dont have the same number of hosts.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 7
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
200. 200.200.32/ 27
200. 200.200.164/30
25 Hosts
25 Hosts 200.200.200.168/30
200. 200.200.64/ 27
25 Hosts
200. 200.200.96/ 27
200.200.200.172/30
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 8
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Routing Table
150.50. 33. 0/24 150.50. 33. 0/24
150.50. 34. 0/24
150.50. 35. 0/24
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 9
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
OSI Reference Model
Layer - 7 Application
Application
User support
Layer - 6 Presentation
Presentation Layers
or
Layer - 5 Session
Session Software Layers
Layer - 4 Transport
Transport Core layer of
the OSI
Layer - 3 Network
Network
Network support
Layer - 2 Data
Data Link
Link Layers
or
Layer - 1 Physical
Physical Hardware Layers
Application Layer
Application Layer is responsible for providing an interface for the users to interact with
application services or Networking Services.
Ex: Web browser etc.
Identification of Services is done using Port Numbers.
Port is a logical communication Channel
Port number is a 16 bit identifier.
Total No. Ports 0 65535
Server Ports 1 - 1023
Client Ports 1024 65535
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 10
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
The major functions described at this layer are..
Encoding Decoding
Ex: ASCII, EBCDIC (Text)
JPEG,GIF,TIFF (Graphics)
MIDI,WAV (Voice)
MPEG,DAT,AVI (Video)
Encryption Decryption
Ex: DES, 3-DES, AES
Compression Decompression
Ex: Predictor, Stacker, MPPC
Session Layer
o It deals with sessions or Interactions between the applications.
o It is responsible for establishing, maintaining and terminating the sessions.
o Session ID is used to identify a session or interaction
Ex: RPC, SQL, NFS
Transport Layer
It is responsible for end-to-end transportation of data between the applications.
The major functions described at the Transport Layer are...
Identifying Service
Multiplexing & De-multiplexing
Segmentation
Sequencing & Reassembling
Error Correction
Flow Control
Identifying a Service: Services are identified at this layer with the help of Port Nos.
The major protocols which takes care of Data Transportation at Transport layer
areTCP, UDP
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 11
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
TCP UDP
Transmission Control Protocol User Datagram Protocol
Connection Oriented Connection Less
Reliable communication( with Unreliable communication ( no
Acks ) Acks )
Slower data Transportation Faster data Transportation
Protocol No is 6 Protocol No is 17
Eg: HTTP, FTP, SMTP Eg: DNS, DHCP, TFTP
Network Layer
It is responsible for end-to end Transportation of data across multiple networks.
Logical addressing & Path determination (Routing) are described at this layer.
The protocols works at Network layer are
Routed Protocols:
Routed protocols acts as data carriers and defines logical addressing.
IP, IPX, AppleTalk... Etc
Routing Protocols:
Routing protocols performs Path determination (Routing).
RIP, IGRP, EIGRP, OSPF.. Etc
Data-link Layer
It is responsible for end-to-end delivery of data between the devices on a Network segment.
Data link layer comprises of two sub-layers.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 12
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
2) LLC (Logical Link Control)
It deals with Layer 3 (Network layer)
Devices works at Data link layer are Switch, Bridge, NIC card.
Physical Layer
It deals with physical transmission of Binary data on the given media (copper, Fiber,
wireless..).
It also deals with electrical, Mechanical and functional specifications of the devices,
media.. etc
The major functions described at this layer are..
Devices works at physical layer are Hub, Modems, Repeater, and Transmission Media
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 13
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
TCP/IP
The Transmission Control Protocol/Internet Protocol (TCP/IP) suit was created by the
Department of Defense (DoD).
Application
Application
Presentation
Presentation Application
Application
Session
Session
Transport
Transport Host-to-Host
Host-to-Host
Network
Network Internet
Internet
Data
Data Link
Link Network
Network
Access
Access
Physical
Physical
Process/Application Layer
The Process / Application layer defines protocols for node-to- node application
communication and also controls user interface specification.
Telnet
Telnet is used for Terminal Emulation.
It allows a user sitting on a remote machine to access the resources of
another machine.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 14
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
F T P (File Transfer Protocol)
It allows you to transfer files from one machine to another.
It also allows access to both directories and files.
It uses TCP for data transfer and hence slow but reliable.
TCP UDP
Transmission Control Protocol User Datagram Protocol
Connection Oriented Connection Less
Reliable communication( with Unreliable communication ( no
Acks ) Acks )
Slower data Transportation Faster data Transportation
Protocol No is 6 Protocol No is 17
Eg: HTTP, FTP, SMTP Eg: DNS, DHCP, TFTP
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 15
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Reverse Address Resolution Protocol (RARP)
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 16
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
INTRODUCTION TO ROUTERS
What is a Router?
Router is a device which makes communication possible between two or more
different networks present in same or different geographical locations.
Nortel
Multicom
Cyclades
Juniper
Dlink
Linksys
3Com
Router Classification
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 17
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
AUI
Attachment
Unit Interface Serial Ports
S0 and S1 Power Switch
E0
Brief Overview
WAN interfaces
Serial interface (S0, S1 etc) 60 pin/26 pin(smart serial)
ISDN interface(BRI0 etc) RJ45
Administration interfaces
Console RJ45 Local Administration
Auxiliary RJ45 Remote Administration
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 18
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Serial Port
Serial pin configuration is 60 pin configuration female (i.e. 15 pins and 4 rows) and
Smart Serial pin configuration is 26 pin
configurations female.
It is known as WAN Port
It is used for connecting to Remote Locations
V.35 cable is having 60 pin configuration male at
one end and on the other end 18 pin configurations
male.
Console Port
It is known as Local Administrative Port
It is generally used for Initial Configuration, Password Recovery
and Local Administration of the Router. It is RJ45 Port
IMP: It is the most delicate port on the Router. So make less use of
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 19
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
the Console Port.
Console Connectivity
Connect a rollover cable to the router
console port (RJ-45 connector).
Connect the other end of the rollover
cable to the RJ-45 to DB-9 converter
Attach the female DB-9 converter to a
PC Serial Port.
Open Emulation Software
Auxiliary Port
It is known as Remote Administrative Port.
Used for remote administration
Its an RJ-45 port
A console or a rollover cable is to be used.
Internal Components
ROM
A bootstrap program is located here. It is same as the BIOS of the PC. Bootstrap
program current version is 11.0
Flash
Internetwork Operating System (IOS) developed by Cisco is stored here. IOS is
Command line interface.
NVRAM
Non volatile RAM, similar to Hard Disk It is also known as Permanent Storage or
Startup Configuration. Generally size of NVRAM is 32 KB.
RAM
It is also known as Temporary Storage or running Configuration. Minimum size of
RAM is 2MB. The size of RAM is greater than NVRAM in the Router.
Processor
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 20
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Motorola Processor 70 Mhz, RISC based processor (Reduced Instruction Set Computer)
Modes of Routers
User Mode:-
Only some basic monitoring
Privileged Mode:-
monitoring and some troubleshooting
Global Configuration mode:-
All Configurations that effect the router globally
Interface mode:-
Configurations done on the specific interface
Rommon Mode:- Reverting Password
Console Connectivity
Connect a rollover cable to the router console port (RJ-
45 connector).
Connect the other end of the rollover cable to the RJ-
45 to DB-9 converter
Attach the female DB-9 converter to a PC Serial Port.
Open emulation software on the PC.
IN WINDOWS
IN LINUX
# minicom s
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 21
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 22
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Exercise- 1
BASIC COMMANDS
User mode:
Router >
Router > enable
Privilege mode:
Router # show running-config
Router # show startup-config
Router # show flash
Router # show version
Router #show ip interface brief
Router(config) #
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 23
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Assigning Auxiliary password:
Show commands:
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 24
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
WAN CONNECTIONS
1) Dedicated line
2) Circuit switched
3) Packet switched
Dedicated line:-
Permanent connection for the destination
Used for short or long distance
Bandwidth is fixed
Availability is 24/7
Charges are fixed whether used or not.
Uses analog circuits
Always same path is used for destination
Example is Leased Line
Circuit switched:-
It is also used for short and medium distances.
Bandwidth is fixed
Charges depend on usage of line
Also called as line on demand.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 25
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Usually used for backup line
Connects at BRI port of router
Packet switched:-
Used for medium or longer connections
Bandwidth is shared
Many virtual connections on one physical connection
Leased line provides service 24/7 through out the year, not like Dial-up Connection which can
be connected when required. Leased Lines are obtained depending on the annual rental basis.
Moreover, its rent depends on the distance between the sites.
Short leased line which is used with in the city and cost is also less for it.
Medium leased line is used to connect sites in two different states like
Hyderabad and Chennai.
Long Leased Line also called as IPLC. It stands for International private lease
circuit uses to connect two different countries. Its the most expensive among all.
Leased Line provides excellent quality of service with high speed of data transmission.
As its a private physical connection assures complete security and privacy even with
voice.
Speed of the leased line varies from 64 kbps to 2 Mbps or more. Always Leased Line has
fixed bandwidth.
Note:-
Once leased line is setup not only we can send data but transmission of voice is also possible.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 26
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
In addition to this, both voice and date can be sent simultaneously.
E0 V.35 V.35 E0
10.1.1.1/8 Cable Cable 20.1.1.1/8
2 pair of
Copper Wire
HYDERABAD KSA
MUX MUX
DCE DTE
Leased line Modem also called as CSU/DSU (Channel Service Unit and Data Service Unit). It
acts as a DCE device which generates clock rate.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 27
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Lab Setup
Wan Representation
S0
HYD S1 KSA
Note: - while practicing labs we use V.35 cable for back to back connection with router where
as in real time V.35 cable terminates at the Lease Line Modem. Thats the reason we have to
use clock rate command in the labs where as its not require in the real scenario. CSU/DSU is
used to generate the speed.
In different countries different codes are used for Leased Line with different speeds. In Europe
its is identified as E whereas in UK its is identified with letter T
In Europe, there are five types of lines distinguished according to their speed:
E0 (64Kbps),
E1 = 32 E0 lines (2Mbps),
E1 = 128 E0 lines (8Mbps),
E3 = 16 E1 lines (34Mbps),
E4 = 64 E1 lines (140Mbps)
1. T1 (1.544 Mbps)
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 28
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Advantages Disadvantages
2. T2 = 4 T1 lines (6 Mbps),
3. T3 = 28 T1 lines (45 Mbps),
4. T4 = 168 T1 lines (275 Mbps)
WAN Protocols
PPP HDLC
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 29
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
PAP is done only upon initial link establishment
PAP is not a strong authentication protocol.
Passwords are sent across the link in clear text.
After the PPP link establishment phase is complete, the local router sends a unique
challenge message to the remote node.
The remote node responds with a value (MD5)
The local router checks the response against its own calculation of the expected hash
value.
If the values match, the authentication is acknowledged. Otherwise, the connection is
terminated immediately.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 30
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Configuration of HDLC:-
Router(config)# interface serial 0/0
Router(config-if)# encapsulation hdlc
Configuration of PPP:
Router# configure terminal
Router(config)# interface serial 0/0
Router(config-if)# encapsulation ppp
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 31
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
V.35 Modem
E0 V.35 V.35 E0
10.1.1.1/8 Cable Cable 20.1.1.1/8
2 pair of
Copper Wire
HYDERABAD KSA
MUX MUX
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 32
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Lab Setup
Wan Representation
S0
HYD S1 KSA
A Back to Back Cable is used which emulates the copper wire, modems and MUX, the
complete exchange setup.
Without DCE & DTE device communication is not possible.
1.1.1.1/8
S0
HYD S1 KSA
1.1.1.2/8
E0 E0
10.1.1.1/8 20.1.1.1/24
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 33
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
ON HYD:
ON KSA :
Troubleshooting commands:
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 34
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
FRAME RELAY
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 35
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
LMI allows DTE (router) to send status enquiry messages (keep alive)to DCE (frame
relay switch) to exchange status information about the virtual circuits devices for
checking the connectivity.
1. CISCO (Default)
2. ANSI
3. Q933A
Note:- On Cisco router LMI is auto sense able no need to configure
Congestion indicates traffic problem in the path when more packets are transmitted in one
direction.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 36
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Congestion notifications
1) FECN (forward explicit congestion notification)
2) BECN (backward explicit congestion notification)
FECN
Indicates congestion as frame goes from source to destination
Used this value inside frame relay frame header in forward direction
FCEN =0 indicates no congestion
BECN
Used by the destination (and send to source) to indicate that there is
congestion.
Used this value inside frame relay frame header in backward direction
BCEN =0 indicates no congestion
ADVANTAGES
VCs overcome the scalability problem of leased line by providing the multiple
logical circuits over the same physical connection
Cheaper
Best quality
VCs are full duplex
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 37
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
ROUTING
Routing
Forwarding of packets from one network to another network choosing the best
path from the routing table.
Routing table consist of only the best routes for every destinations.
1.1.1.1/8
S0
HYD S1 KSA
1.1.1.2/8
E0 E0
10.1.1.1/8 20.1.1.1/24
Rules of Routing
HYD Ethernet interface should be in the same network as your HYD LAN and
similarly on KSA side.
Types of Routing
1. Static Routing
2. Default Routing
3. Dynamic Routing
Static Routing
It is configured by Administrator manually.
Mandatory need of Destination Network ID
It is Secure & fast
Used for Small organizations with a network of 10-15 Routers.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 38
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Administrative distance for Static Route is 0 and 1.
Administrative distance:
It is the trustworthiness of the routing information. Lesser the Administrative distance,
higher the preference.
Disadvantages:-
Used for small network.
Everything to manually
Network change effect complete n/W
EXERCISE-3
STATIC ROUTING
1.1.1.1/8
S0
HYD S1 KSA
1.1.1.2/8
E0 E0
10.1.1.1/8 20.1.1.1/24
ON HYD :
ON KSA :
1.1.1.1/8 2.2.2.11/8
S0 S0
S1 S1
DUBAI
HYD KSA
1.1.1.2/8 2.2.2.2/8
E0/0 E0 E0
10.1.1.10/8 20.1.1.10/8 30.1.1.10/8
ON HYD :
ON KSA:
ON DUBAI :
Default Routes
Manually adding the single route for the entire destination. Default route is used when
destination is unknown
Last preferred route in the routing table
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 41
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
When there is no entry for the destination network in a routing table, the router will
forward the packet to its default router.
Default routes help in reducing the size of your routing table.
INTERNET
HYD
E0 E0
192.168.1.150/24 202.54.30.150/24
LAN - 192.168.1.0/24
IP 202.54.30.1/24
Or
Router(config)# ip route <Destination Network ID> <Destination Subnet Mask>
<Exit interface type><interface number>
1.1.1.1/8 2.2.2.11/8
S0 S0
S1 S1
DUBAI
HYD KSA
1.1.1.2/8 2.2.2.2/8
E0/0 E0 E0
10.1.1.10/8 20.1.1.10/8 30.1.1.10/8
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 42
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
DEFAULT ROUTING:
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 43
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
DYNAMIC ROUTING
Administrative Distance
Rating of the Trustworthiness of a routing information source.
The Number is between 0 and 255
The higher the value, the lower the trust.
Default administrative distances are as follows :
Directly Connected = 0
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 44
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Static Route = 1
IGRP = 100
OSPF = 110
RIP = 120
EIGRP = 90/170
Rip Timers
RIP Version 2
Classless routing protocol
Supports VLSM
Auto summary can be done on every router
Supports authentication
Trigger updates
Uses multicast address 224.0.0.9.
Advantages of RIP
Easy to configure
No design constraints
No complexity
Less overhead
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 45
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Disadvantage of RIP
Bandwidth utilization is very high as broadcast for every 30 second
Works only on hop count
Not scalable as hop count is only 15
Slow convergence
Configuring RIP 1
Router(config)# router rip
Router(config-router)# network <Network ID>
Configuring RIP 2
Router(config)# router rip
Router(config-router)# network <Network ID>
Router(config-router)# version 2
1.1.1.1/8
S0
HYD S1 KSA
1.1.1.2/8
E0 E0
10.1.1.1/8 20.1.1.1/24
Configuration of RIP v1
On Hyderabad Router
HYDERABAD # config t
HYDERABAD(config) # router rip
HYDERABAD(config-router) # network 10.0.0.0
HYDERABAD(config-router) # network 1.0.0.0
HYDERABAD(config-router) # exit
HYDERABAD(config) # exit
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 46
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
On KSA Router
KSA # config t
KSA(config) # router rip
KSA(config-router) # network 20.0.0.0
KSA(config-router) # network 1.0.0.0
KSA(config-router) # exit
KSA(config) # exit
CONFIGURATION OF RIP V2
On Hyderabad Router
HYDERABAD # config t
HYDERABAD(config) # router rip
HYDERABAD(config-router) # network 10.0.0.0
HYDERABAD(config-router) # network 1.0.0.0
HYDERABAD(config-router) # Version 2
HYDERABAD(config-router) # exit
HYDERABAD(config) # exit
On KSA Router
KSA # config t
KSA(config) # router rip
KSA(config-router) # network 20.0.0.0
KSA(config-router) # network 1.0.0.0
KSA(config-router) # Version 2
KSA(config-router) # exit
KSA(config) # exit
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 47
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
IGP EGP
Disadvantages of EIGRP
Works only on Cisco Routers
Configuring EIGRP
Router(config)# router eigrp <as no>
Router(config-router)# network <Network ID>
1.1.1.1/8
S0
HYD S1 KSA
1.1.1.2/8
E0 E0
10.1.1.1/8 20.1.1.1/24
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 49
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
ON HYD:
ON KSA:
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 50
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
OSPF
OSPF stand for Open Shortest path first
Standard protocol
Its a link state protocol
It uses SPF (shortest path first) or dijkistra algorithm
Unlimited hop count
Metric is cost (cost=10 ^8/B.W.)
Administrative distance is 110
It is a classless routing protocol
It supports VLSM and CIDR
It supports only equal cost load balancing
Introduces the concept of Areas to ease management and control traffic
Router ID
The highest IP address of the active
physical interface of the router is Router ID.
If logical interface is configured, the
highest IP address of the logical interface is
Router ID
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 51
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 52
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Router Types
In OSPF depending upon the network design and configuration we have different types of
routers.
Internal Routers are routers whose interfaces all belong to the same area. These routers have
a single Link State Database.
Area Border Routers (ABR) It connects one or more areas to the backbone area and has at
least one interface that belongs to the backbone, Backbone Router Area 0 routers
Autonomous System Boundary Router (ASBR) Router participating in OSPF and other
protocols (like RIP, EIGRP and BGP)
1) Neighbor Table Neighbor table contains information about the directly connected
ospf neighbors forming adjacency.
2) Database table Database table contains information about the entire view of the
topology with respect to each router.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 53
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
3) Routing information Table Routing table contains information about the best path
calculated by the shortest path first algorithm in the
database table.
Advantages of OSPF
Open standard
No hop count limitations
Loop free
Faster convergence
Disadvantages
Consume more CPU resources
Support only equal cost balancing
Support only IP protocol dont work on IPX and APPLE Talk
Summarization only on ASBR and ABR
Configuring OSPF
1.1.1.1/8
S0
HYD S1 KSA
1.1.1.2/8
E0 E0
10.1.1.1/8 20.1.1.1/24
ON HYD: AREA 0
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 54
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
HYD(config) # router ospf 2
HYD(config-router) # network 10.0.0.0 0.255.255.255 area 0
HYD(config-router) # network 1.0.0.0 0.255.255.255 area 0
HYD(config-router) # exit
HYD(config) # exit
ON KSA:
AREA 2
1.1.1.1/8 2.2.2.11/8
S0 S0
S1 S1
DUBAI
HYD KSA
AREA 1 1.1.1.2/8 2.2.2.2/8
E0/0 E0 E0
10.1.1.10/8 20.1.1.10/8 30.1.1.10/8
AREA 0
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 55
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
ON HYD:
ON KSA:
ON DUBAI:
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 56
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
ACL is a set of rules which will allow or deny the specific traffic moving through the
router
It is a Layer 3 security which controls the flow of traffic from one router to another.
It is also called as Packet Filtering Firewall.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 57
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Wild Card Mask for a Host will be always 0.0.0.0
E.g.
255.255.255.255
255.255.255.240
---------------------
0. 0. 0. 15
To Verify :
Router# show access-list
Router# show access-list <no>
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 58
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
IP
FTP DHCP
SMTP NNTP
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 59
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Router(config)# ip access-list extended <name>
Router(config-ext-nacl)# <permit/deny> <protocol> <source address>
<source wildcard mask> <destination address>
< destination wildcard mask> <operator> <service>
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 60
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Network Diagram
1.1.1.1/8 2.2.2.1/8
S0 S0
STANDARD ACCESS-LIST
Lab-1 Requirement
Creation of ACL :
HYD (config) # access-list 5 deny 20.0.0.0 0.255.255.255
HYD (config) # access-list 5 deny 30.1.1.2 0.0.0.0
HYD (config) # access-list 5 deny host 30.1.1.3
HYD (config) # access-list 5 permit any
Implementation
HYD (config) # interface fa0/0
HYD (config-if ) # ip access-group 5 out
Creation of ACL :
HYD (config) # access-list 10 pemit host 10.1.1.2
HYD (config) # access-list 10 pemit host 10.1.1.3
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 61
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Implementation
CHE (config) # line vty 0 4
CHE (config-line) # access-class 1 in
CHE (config-line) # exit
CHE (config) # exit
Extended ACL
Lab Requirment
1. 10.1.1.2 should not ping 20.1.1.2
2. 30.0.0.0 NETWORK should not access 10.1.1.2 web service
On HYD:
HYD # config terminal
HYD (config) # access-list 100 deny icmp 10.1.1.2. 0.0.0.0 20.1.1.2 0.0.0.0 echo
HYD (config) # access-list 100 deny tcp host 10.1.1.2 30.0.0.0 0.255.255.255 eq 80
HYD (config) # access-list 100 permit ip any any
Implementation
HYD (config) #interface fa0/0
HYD (config-if) # ip access- group 100 in
HYD (config-if) #exit
HYD (config) # exit
HYD # sh ip access-list
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 62
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
NETWORK ADDRESS TRANSLATION
Small companies typically get their public IP addresses directly from their ISPs, which have a
limited number.
Large companies can sometimes get their public IP addresses from a registration authority,
such as the Internet Assigned Numbers Authority (IANA).
Common devices that can perform address translation include firewalls, routers, and servers.
Typically address translation is done at the perimeter of the network by either a firewall (more
commonly) or a router.
There are certain addresses in each class of IP address that are reserved for Private Networks.
These addresses are called private addresses.
Outside Local Address - The IP address of an outside host as it known to the hosts in
the inside network.
Outside Global Address - The IP address assigned to a host on the outside network.
The owner of the host assigns this address.
Types of NAT:-
1. Dynamic NAT
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 63
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
2. Static NAT
3. PAT
Static NAT
This type of NAT is designed to allow one-to-one mapping between local and global
addresses.
Keep in mind that the static version requires you to have one real Internet IP address
for every host on your network..
Syntax:
(Config)# IP nat inside source static <private IP> <public IP>
Implementation :
(Config) # interface s0
(Config-if)# ip nat outside
(Config)# interface e0
(Config-if)# ip nat inside
Dynamic NAT
This version gives you the ability to map an unregistered IP address to a registered IP
address from out of a pool of registered IP addresses.
You dont have to statically configure your router to map an inside to an outside
address as you would using static NAT, but you do have to have enough real IP
addresses for everyone whos going to be sending packets to and receiving them from
the Internet.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 64
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Syntax :
(Config)# access-list < NO> permit <net.ID> <WCM>
(Config)#ip nat inside pool <name> <starting Pub IP><end Pub IP>
<netmask < mask>
Implementation :
(Config) # interface s0
(Config-if)# ip nat outside
(Config)# interface e0
(Config-if)# ip nat inside
It is also known as Port Address Translation (PAT), and by using PAT (NAT
Overload), you get to have thousands of users connect to the Internet using only one
real global IP address.
NAT Overload is the real reason we havent run out of valid IP address on the Internet
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 65
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Syntax :
(Config)# access-list < NO> permit <net.ID> <WCM>
(Config)#ip nat inside pool <name> <starting Pub IP><end Pub IP> netmask
< mask>
Implementation :
(Config) # interface s0
(Config-if)# ip nat outside
(Config)# interface e0
(Config-if)# ip nat inside
1.1.1.1/8
S0
HYD S1 KSA
1.1.1.2/8
E0 E0
10.1.1.1/8 20.1.1.1/24
STATIC NAT
Lab requirment
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 66
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Lab pre-requirment:
Default route configured on both the routers .
Implementation :
(Config) # interface s0
(Config-if)# ip nat outside
(Config)# interface e0
(Config-if)# ip nat inside
To verify :
# sh ip nat translations
1. Assign tlnet password to KSA router and telnet from the PC in the HYD lan.
2. Issue sh users command after telnet you can see the ip translated in the output
3. # sh ip nat translations on HYD router
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 67
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
DYNAMIC NAT
Lab requirment
Private IP range : 10.0.0.0/8 Network
Public ip range : 200.1.1.0/28 range
Lab pre-requirment:
Default route configured on both the routers .
Implementation :
(Config) # interface s0
(Config-if)# ip nat outside
(Config)# interface e0
(Config-if)# ip nat inside
To verify :
# sh ip nat translations
Assign tlnet password to KSA router and telnet from the PC in the HYD lan.
Issue sh users command after telnet you can see the ip translated in the output
# sh ip nat translations on HYD router
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 68
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Lab requirment
Lab pre-requirment:
Default route configured on both the routers .
Implementation :
(Config) # interface s0
(Config-if)# ip nat outside
(Config)# interface e0
(Config-if)# ip nat inside
To verify :
# sh ip nat translations
Assign tlnet password to KSA router and telnet from the PC in the HYD lan.
Issue sh users command after telnet you can see the ip translated in the output
# sh ip nat translations on HYD router
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 69
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
BASIC SWITCHING
Hub
It is a Physical layer device (Layer 1)
It is Dummy Device
It works with 0s and 1s (Bits)
It works with broadcasting
It works with shared bandwidth
It is has 1 Broadcast Domain and 1 Collision Domain
Collisions are identified using Access Methods called CSMA/CD and CSMA/CA
Switch
It is Datalink layer device (Layer 2)
Its is An Intelligent device
It works with Physical addresses (i.e. MAC addresses)
It works with fixed bandwidth
It works with Flooding and Unicast
It has 1 Broadcast domain and Number of Collision domains depends upon the number
of ports.
It maintains a MAC address table
Broadcast Domains
E0 E1
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 70
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Collision Domains
E0 E1
Types of Switches
Manageable switches
On a Manageable switch, an IP address can be assigned and configurations can be
made. It has a console port .
Unmanageable switches
On an Unmanageable switch, configurations cannot be made, an IP address cannot be
assigned as there is no console port.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 71
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Catalyst 1900
Catalyst 2900
3550 switch
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 72
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Switching Mode
Latency is the total time taken for a Frame to pass through the Switch. Latency depends on the
switching mode and the hardware capabilities of the Switch.
Console Connectivity
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 73
All contents are copyright @ 2007-2010 All rights reserved.
LAN 10.0.0.0/8
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Attach the female DB-9 adapter to a PC Serial Port.
Open emulation software on the PC.
Emulation Software
IN WINDOWS
IN LINUX
# minicom -s
2950>en
2950#config terminal
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 74
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
2950(config) #enable password < password>
2950(config) #exit
To assign IP to a Switch
ADVANCE SWTCHING
Spanning Tree Protocol (STP) uses Spanning Tree Algorithm to avoid the Switching
loops in layer-2 devices (bridges or switches).
STP works when multiple switches are used with redundant links avoiding Broadcast
Storms, Multiple Frame Copies & Database instability.
First Developed By DEC
STP is a open standard (IEEE 802.1D)
STP is enabled by default on all Cisco Catalyst switches
STP Terminology
BPDU
All switches exchange information through what is called as Bridge Protocol
Data Units (BPDUs)
BPDUs contain a lot of information to help the switches determine the topology
and any loops that result from that topology.
BPDUs are sent every 2 sec
Bridge ID
Each switch has a unique identifier called a Bridge ID or Switch ID
Bridge ID = Priority + MAC address of the switch
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 75
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
When a switch advertises a BPDU , they place their switch id in these BPDUs.
Root Bridge
The bridge with the Best (Lowest) ID.
Out of all the switches in the network , one is elected as a root bridge that
becomes the focal point in the network.
Non-Root bridge
All Switches other than the Root Bridge are Non-Root Bridges
Designated port
Either a port On a root bridge or a port that has been
determined as having the best (lower) cost.
A designated port will always in Forward Mode
Root port
The link directly connected to the root bridge, or the
shortest path to the root bridge.
Priority and Alternatives if Config occurred.
Root port with the least cost (Speed) connecting to the root bridge.
The bridge with the Best (Lowest) Switch ID.
Lowest Physical Port Number.
Only One root port will be in Bridge or switch.
Non Designated port
All the Port or ports which are blocked by STP to avoid switching loop.
A Non Designated port Will Always in Blocked Mode.
Listening: Listens to BPDUs to make sure no loops occur on the network before
passing data frames.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 76
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Learning: Learns MAC addresses and builds a filter table but does not forward frames.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 77
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
VIRTUAL LAN
A Layer 2 Security
Divides a Single Broadcast domain into Multiple Broadcast domains.
By default all ports of the switch are in VLAN1. This VLAN1 is known as
Administrative VLAN or Management VLAN
VLAN can be created from 2 1001
Can be Configured on a Manageable switch only
2 Types of VLAN Configuration
Static VLAN
Dynamic VLAN
1 Broadcast Domain
A B
B
E0 E1
C E2 E3 D
4 Collision Domains
By default, routers allow broadcasts only within the originating network, but switches
forward broadcasts to all segments.
The reason its called a flat network is because its one Broadcast domain , not because
its design is physically flat. (Flat Network Structure)
Network adds, moves, and changes are achieved by configuring a port into the
appropriate VLAN.
A group of users needing high security can be put into a VLAN so that no users outside
of the VLAN can communicate with them.
As a logical grouping of users by function, VLANs can be considered independent
from their physical or geographic locations.
VLANs can enhance network security.
VLANs increase the number of broadcast domains while decreasing their size.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 78
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
2 Broadcast Domains
A B
B
E0 E1
C E2 E3 D
4 Collision Domains
Static VLAN
Static VLANs are based on port numbers
Need to manually assign a port on a switch to a VLAN
Also called Port-Based VLANs
It can be a member of single VLAN and not multiple VLANs
Creation of VLAN:-
Switch # vlan database
Switch(vlan)# vlan <vlan id> name <vlan name>
Switch(vlan)# exit
Verify using
Switch # show vlan
Dynamic VLAN
Dynamic VLANs are based on the MAC address of a PC
Switch automatically assigns the port to a VLAN
Each port can be a member of multiple VLANs
For Dynamic VLAN configuration, a software called VMPS( VLAN Membership Policy
Server) is needed
Types of links/ports
Access links
This type of link is only part of one VLAN, and its referred to as the native
VLAN of the port.
Any device attached to an access link is unaware of a VLAN membershipthe
device just assumes its part of a broadcast domain, but it has no understanding
of the physical network.
Switches remove any VLAN information from the frame before its sent to an
accesslink device.
Trunk links
Trunks can carry multiple VLANs.
A trunk link is a 100- or 1000Mbps point-to-point link between two switches,
between a switch and router, or between a switch and server. These carry the
traffic of multiple VLANsfrom1 to 1005 at a time.
Trunking allows you to make a single port part of multiple VLANs at the same
time.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 80
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 81
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
ISL IEEE 802.1Q
VTP Modes
VTP Mode are of three types :
Server Mode
o A Switch configured in Server mode can Add , Modify and Delete VLANs
o A Default VTP mode for all switches
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 82
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Client Mode
o A switch configured in Client mode cannot Add , Modify and Delete its VLAN
configurations
o Doesnt store its VLAN configuration information in the NVRAM. Instead ,
learns it from the server every time it boots up
Transparent Mode
o A switch configured in a Transparent Mode can Add , Modify and Delete
VLAN configurations.
o Changes in one transparent switch will not affect any other switch.
VTP Pruning
Preserves bandwidth by configuring it to reduce the amount of broadcasts, multicasts,
and unicast packets.
VTP pruning only sends broadcasts to trunk links that truly must have the information.
Enabling pruning on a VTP server, enables it for the entire domain.
By default, VLANs 2 through 1005 are pruning-eligible, but VLAN 1 can never prune
because its an administrative VLAN.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 83
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Implementing VLAN
VLAN 3
VLAN 2
Ports
Task 1
o Create VLAN 2 and VLAN 3 and assign name SALES and FINANCE to each VLAN.
o Configure ports fa 0/2 fa 0/4 as access-ports and assign VLAN 2 to ports fa 0/1 and
fa0/3. Assign VLAN 3 to ports fa 0/2 and fa 0/4.
SW1
Creating Vlan
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 84
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Switch(config-if)# Switchport access vlan2
Switch(config-if)# exit
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 85
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
LAB 2 CONFIGURE TRUNKING
Trunk
Task :
o Create VLANs according to the scenario and assign to their respective access-ports.
o Configure ISL trunk between SW1 (fa0/11) and SW 2 (fa0/11)
On SW1
Switch# vlan database
Switch(vlan)# vlan 2 name sales
Switch(vlan)# exit
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 86
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Switch(config)# Int fa0/1
Switch(config-if)# Switchport mode access
Switch(config-if)# Switchport access vlan2
Switch(config-if)# exit
On SW2
Switch# vlan database
Switch(vlan)# vlan 2 name sales
Switch(vlan)# exit
Verification :
SW1#show interfaces trunk
Verifying connectivity between PC 1 and PC 3(i.e PCs in the same vlan) you
get reply
VLAN 20
VLAN
VLAN 10
o Create VLAN 10 and assign to ports fa 0/1 and fa 0/2. Create VLAN 20 and assign to
ports fa 0/3 and fa 0/4. Configure port fa 0/5 as dot1q trunk. Use sub-interfaces on
interface e 0 on R1 to accomplish this task.
ON router (R1)
Router (config) # Int e 0
Router (config-if ) # No ip address
Router (config-if ) # exit
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 88
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Router (config) # Int e 0/0.10
Router (config-sub-if ) # Encapsulation dotlq 10
Router (config-sub-if ) # Ip address 10.1.1.1 255.0.0.0
Router (config-sub-if ) # exit
Router (config) # Int e 0/0.20
Router (config-sub-if ) # Encapsulation dotlq 20
Router (config-sub-if ) # Ip address 20.1.1.1 255.0.0.0
ON SW1
Switch# vlan database
Switch(vlan)# vlan 10 name sales
Switch(vlan)# exit
Verification :
o Verify if PCs in VLAN 10 can communicate with PCs in VLAN 20 using Ping
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 90
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 91
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
ROUTER:
It is an internetworking device used to connect two or more
different networks
It works on layer 3 i.e. network layer
.It Performs Routing
ROUTING:- Forwarding packets from one network to another network choosing the best path
is called routing.
HUB
It is generally used to connect all devices on a network so that they can communicate with
each other. It always does broadcasting.
SWITCH
Like Hub, it is also used to connect all devices on a network so that they can
communicate with each other. But first time it will do broadcast and from second time
onwards it will do unicast.
What is TCP/IP?
TCP/IP is a standard language like English used by computers and network devices for
communication
TCP/IP is a universal standard and can make communication possible among all operation
system
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 92
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
Quick Reference
Quick Notes - LAN
What is carrier sense multiple access collision detect (CSMA/CD)?
CSMA/CD describes the Ethernet access method. In CSMA/CD, many stations can transmit
on the same cable, and no station has priority over any other. Before a station transmits, it
listens on the wire to make sure no other station is transmitting. If no other station is
transmitting, the station transmits across the wire. CSMA/CD is all about devices taking turns
using the wire.
What are the advantages and disadvantages of segmenting the LAN with routers?
An advantage of segmenting the LAN with routers is that each interface on a router creates a
single broadcast and collision domain. Routers operate at Layer 3 of the OSI model and do not
propagate broadcasts. Some disadvantages are that routers are not transparent and are
implemented in software, thus introducing latency in the network.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 94
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
They reduce the number of users per segment.
They provide dedicated bandwidth to each segment.
Transparent bridging (switching) provides five bridging functions to determine what to do when
it receives a frame.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 95
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
What is the Spanning-Tree Protocol (STP)?
STP is a loop-prevention bridge-to-bridge protocol. Its main purpose is to dynamically maintain
a loop-free network. It does this by sending out Bridge Protocol Data Units (BPDUs),
discovering any loops in the topology, and blocking one or more redundant links.
What two key concepts does STP calculation use to create a loop-free topology?
The two key concepts that STP uses to calculate a loop-free topology are
Bridge ID (BID)
Path cost
What is the default bridge priority in a Bridge ID for all Cisco switches?
32,768
What is the spanning tree path cost for each of the following?
10 Mbps
100 Mbps
1 Gbps
The path costs are as follows:
10 Mbps - 100
100 Mbps - 19
1 Gbps - 4
When calculating a loop-free environment, what four-step decision sequence does spanning
tree use to determine what will be the root bridge and which ports will forward or block?
The four-step decision sequence that spanning tree uses to determine the root bridge and
which port will forward is as follows:
Step 1. The lowest root BID
Step 2. The lowest path cost to the root bridge
Step 3. The lowest sender BID
Step 4. The lowest port ID
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 96
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
themselves?
Bridges pass STP information using special frame called Bridge Protocol Data Units (BPDUs).
How do nonroot bridges decide which port they will elect as a root port?
Nonroot bridges use root path cost to determine which port will be the root port. Root path cost
is the cumulative cost of all links to the root bridge. The port with the lowest root path cost is
elected the bridge's root port and is placed in the forwarding state.
What is the difference between path cost and root path cost?
Path cost is the value assigned to each port. It is added to BPDUs received on that port to
calculate the root path cost. Root path cost is defined as the cumulative cost to the root bridge.
In a BPDU, this is the value transmitted in the cost field. In a bridge, this value is calculated by
adding the receiving port's path cost to the value contained in the BPDU.
If a nonroot bridge has two redundant ports with the same root path cost, how does the bridge
choose which port will be the root port?
If a nonroot bridge has redundant ports with the same root path cost, the deciding factor is the
port with the lowest port ID (port number).
After the root bridge and root ports are selected, the last step in spanning tree is to elect
designated ports. How do bridges elect designated ports?
In spanning tree, each segment in a bridged network has one designated port. This port is a
single port that both sends and receives traffic to and from that segment and the root bridge.
All other ports are placed in a blocking state. This ensures that only one port on any segment
can send and receive traffic to and from the root bridge, ensuring a loop-free topology. The
bridge containing the designated port for a segment is called the designated bridge for that
segment. Designated ports are chosen based on cumulative root path cost to the root bridge.
Note: Every active port on the root bridge becomes a designated port.
If a bridge is faced with a tie in electing designated ports, how does it decide which port will be
the designated port?
In the event of a tie, STP uses the four-step decision
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 97
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
process discussed in Question 30. It first looks for the BPDU with the lowest BID; this is always
the root bridge. If the switch is not the root bridge, it moves to the next step: the BPDU with the
lowest path cost to the root bridge. If both paths are equal, STP looks for the BPDU with the
lowest sender BID. If these are equal, STP uses the link with the lowest port ID as the final
tiebreaker.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 98
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
What is the default time a port takes to transition from the blocking state to the forwarding
state?
The default time a port takes to transition from the blocking state to the forwarding state is 50
seconds: 20 seconds for Max Age, 15 seconds for listening, and 15 seconds for learning.
What does STP do when it detects a topology change in the network due to a bridge or link
failure?
If spanning tree detects a change in the network due to a bridge or link failure, at least one
bridge interface changes from the blocking state to the forwarding state, or vice versa.
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 99
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
What are synchronous links?
Synchronous links have identical frequencies and contain individual characters
encapsulated in control bits, called start/stop bits, that designate the beginning and end
of each character. Synchronous links try to use the same speed as the other end of a
serial link.
Describe HDLC.
HDLC was derived from Synchronous Data Link Control (SDLC). It is the default
encapsulation type on point-to-point dedicated links and circuit-switched connections
between Cisco routers. It is an ISO-standard bit-oriented data-link protocol that
encapsulates data on synchronous links. HDLC is a connection-oriented protocol that
has very little overhead. HDLC lacks a protocol field and therefore cannot encapsulate
multiple network layer protocols across the same link. Because of this, each vendor has
its own method of identifying the network-layer protocol. Cisco offers a propriety
version of HDLC that uses a type field that acts as a protocol field, making it possible
for multiple network-layer protocols to share the same link.
By default, Cisco uses HDLC as its default encapsulation method across synchronous
lines (point-to-point links). If a serial line uses a different encapsulation protocol, how
do you change it back to HDLC?
To change a serial line back to HDLC, use the following interface command on the serial
interface you want to change: Router(config-if)#encapsulation hdlc
Describe X.25/LAPB.
X.25/LAPB is an ITU-T standard that has a tremendous amount of overhead because of
its strict timeout and windowing techniques. LAPB is the connection-oriented protocol
used with X.25. It uses the ABM (Asynchronous Balance Mode) transfer mode.
X.25/LAPB was used in the 1980s when WAN links were not as error-free as they are
today. X.25 is a predecessor of Frame Relay. X.25
In the Cisco Hierarchical Model, what is the function of the access layer?
Sometimes referred to as the desktop layer, the access layer is the point at which users
connect to the network through low-end switches. Some functions of the access layer include:
Connectivity into the distribution layer
Shared Bandwidth
MAC Address filtering (switching)
Segmentation
What is the function of the distribution layer in the Cisco Hierarchical Model?
The distribution layer is also known as the workgroup layer. It is the demarcation point
between the access and core layers of the network. Its
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 101
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
primary function is to provide routing, filtering, and WAN access. The distribution layer
determines how packets access the core, so it is the layer at which to implement policy-based
connectivity. Some functions include the following:
Collection point for access layer devices
Broadcast and multicast domain segmentation
Security and filtering services such as firewalls and access lists
Providing translation between different media types
Inter-VLAN routing
What is the role of the core layer in the Cisco Hierarchical Model?
The core layer is the backbone of the network. Its main function is to switch traffic as fast as
possible. Therefore, it should not perform any filtering to slow down traffic.
The ISO's OSI Reference Model contains seven layers. What are they? Include the layer
number and name of each layer in your answer.
The seven layers of the OSI model are as follows:
Layer 7 - Application layer
What are some reasons that the industry uses a layered model?
Here are some reasons why the industry uses a layered model:
It encourages industry standardization by defining what functions occur at each level.
It allows vendors to modify or improve components at only one layer versus rewriting the whole
protocol stack.
It helps interoperability by defining standards for the operations at each level.
It helps with troubleshooting.
What does the application layer (Layer 7) of the OSI model do, and what are some examples
of this layer?
The application layer is the layer that is closest to the user. This means that this layer interacts
directly with the software application. The application layer's main function is to identify and
establish communication partners, determine resource availability, and synchronize
communication. Some examples include the following:
TCP/IP applications such as Telnet, File Transfer Protocol
In the OSI model, what are the responsibilities of the presentation layer (Layer 6)? Give some
examples of this layer.
Also known as the translator, the presentation layer provides coding and conversion functions
to application layer data. This guarantees that the application layer on another system can
read data transferred from the application layer of a different system. Some examples of the
presentation layer are:
Compression, decompression, and encryption
JPEG, TIFF, GIFF, PICT, QuickTime, MPEG, and ASCII
What are the functions of the session layer (Layer 5)? Give some examples.
The session layer is responsible for creating, managing, and ending communication sessions
between presentation layer entities. These sessions consist of service requests and responses
that develop between applications located on different network devices. Some examples
include SQL, RPC, NFS, X Window System, ZIP, NetBIOS names, and AppleTalk ASP.
What is the transport layer (Layer 4) responsible for? Give some examples of transport layer
implementations.
The transport layer segments and reassembles data from upper-layer applications into data
streams. It provides reliable data transmission to upper layers. End-to-end communications,
flow control, multiplexing, error detection and correction, and virtual circuit management are
typical transport layer functions. Some examples include TCP, UDP*, and SPX.
Note: watch out for end-to-end on communications on the exam! Transport layer.
What is flow control, and what are the three methods of implementing it?
Flow control is the method of controlling the rate at which a computer sends data, thus
preventing network congestion. The three methods of implementing flow control are
Buffering
Congestion avoidance
Windowing
Almost certain to be on the exam.
Describe the function of the network layer (Layer 3), and give some examples of network layer
implementations.
The network layer provides internetwork routing and logical
In addition to learning the remote network and providing a path to the network, what other
functions do routers carry out?
Routers perform these tasks:
Routers, by default, do not forward broadcasts or multicasts.
Routers can perform bridging and routing functions.
If a router has multiple paths to a destination, it can determine the best path to the destination.
Routers forward traffic based on Layer 3 destination addresses.
Routers can connect Virtual LANs (VLANs).
Routers can provide quality of service for specified types of network traffic.
The IEEE defines what two sublayers of the data link layer?
The two sublayers of the data link layer are
The Logical Link Control (LLC) sublayer
The Media Access Control (MAC) sublayer
These two sublayers provide physical media independence.
What functions does the Media Access Control (MAC) sublayer provide?
The MAC sublayer specifies how data is placed and transported over the physical wire. The
LLC layer communicates with the network layer, but the MAC layer communicates downward
directly to the physical layer. Physical addressing (MAC addresses), network topologies, error
notification, and delivery of frames are defined at this sublayer.
What are some network devices that operate at the data link layer?
Bridges and switches are network devices that operate at the data link layer. Both devices filter
traffic by MAC addresses.
What is the function of the OSI model's physical layer (Layer 1)? Give some examples of
physical layer implementations.
The physical layer defines the physical medium. It defines the media type, the connector type,
and the signaling type (baseband versus broadband). This includes voltage levels, physical
data rates, and maximum cable lengths. The physical layer is responsible for converting
frames into electronic bits of data, which are then sent or received across the physical
medium. Twisted pair, coaxial cable, and fiber-optic cable operate at this level. Other
implementations at this layer are repeaters/hubs, RJ-45.
The Ethernet and IEEE 802.3 standards define what three physical wiring standards that
operate at 10 Mbps?
These physical wiring standards operate at 10 Mbps:
10Base2
How do the different layers of the OSI model communicate with each other?
Each layer of the OSI model can communicate only with the layer above it, below it, and
parallel to it (a peer layer). For example, the presentation layer can communicate with only the
application layer, session layer, and presentation layer on the machine it is communicating
with. These layers communicate with each other using protocol data units (PDUs). These
PDUs control information that is added to the user data at each layer of the model. This
information resides in fields called headers (the front of the data field) and trailers (the end of
the data field).
What is data encapsulation?
A PDU can include different information as it goes up or down the OSI model. It is given a
different name according to the information it is carrying (the layer it is at). When the transport
layer receives upper layer data, it adds a TCP header to the data; this is called a segment. The
segment is then passed to the network layer, and an IP header is added; thus, the data
becomes a packet. The packet is passed to the data link layer, thus becoming a frame. This
frame is then converted into bits and is passed across the network medium. This is data
encapsulation. For the CCNA test, you should know the following:
Application layer -- Data
Transport layer -- Segment
What are the number ranges used to define standard and extended IP access lists?
The number ranges used to define standard and extended IP
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 108
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
access lists are as follows:
Standard IP access lists 1 to 99 and 1300 to 1999 Extended IP access lists 100 to 199 and
2000 to 2699
What is the IOS command syntax used to create a standard IP access list?
Here is the command syntax to create a standard IP access list:
access-list access-list-number {permit deny} source-address [wildcard mask]access-list-
number is a number from 1 to 99.
For example:
RouterA(config)#access-list 10 deny 192.168.0.0 0.0.0.255
After you create a standard or extended IP access list, how do you apply it to an interface on a
Cisco router?
To apply an access list to an interface on a Cisco router, use the ip access-group interface
command: ip access-group access-list-number {in out}For example:RouterA(config)#int
s0RouterA(config-if)#ip access-group 10 in
Create a standard access list that permits the following networks:
192.168.200.0192.168.216.0192.168.232.0192.168.248.0
There are two ways to do this. First, you can create one access list that contains an entry for
each network:
access-list 10 permit 192.168.200.0 0.0.0.255access-list 10 permit 192.168.216.0
0.0.0.255access-list 10 permit 192.168.232.0 0.0.0.255access-list 10 permit 192.168.248.0
0.0.0.255
A second way to do this is to create a single entry with wildcard masks:
access-list 10 permit 192.168.200.0 0.0.48.255
To see how this one statement denies all the networks, you must look at it in binary:
.200= 11001000.216= 11011000.232= 11101000.248= 11111000
All the bits match except the third and fourth bits. With wildcard masks, these are the bits you
want to match. Therefore, your wildcard mask would be 00110000 in binary, which is 48.
What is the Cisco IOS command syntax used to create an extended access list?
Here is the Cisco IOS command syntax to create an extended access list: access-list access-
list-number {permit deny} protocol source-address source-wildcard [operator port] destination-
address destination-wildcard [operator port]
protocol examples include IP, TCP, UDP, ICMP, GRE, and IGRP.
operator port can be lt (less than), gt (greater than), eq (equal to), or neg (not equal to) and a
protocol port number.
What IOS command can you use to see whether an IP access list is applied to an interface?
The IOS command to see whether an IP access list is applied to an interface is
show ip interface interface-type interface-number
For example:
RouterA#show ip interface s0
Serial0 is up, line protocol is up Internet address is 192.168.1.2/24 Broadcast address is
255.255.255.255 Address determined by non-volatile memory MTU is 1500 bytes Helper
address is not set Directed broadcast forwarding is enabled Multicast reserved groups joined:
224.0.0.9 Outgoing access list is not set Inbound access list is 10 Proxy ARP is enabled
Security level is default Split horizon is enabled ICMP redirects are always sent ICMP
unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled
IP fast switching on the same interface is enabled IP Feature Fast switching turbo vector IP
multicast fast switching is disabled IP multicast distributed fast switching is disabled IP route-
cache flags are Fast Router Discovery is disabled IP output packet accounting is disabled IP
access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header
compression is disabled Probe proxy name replies are disabled Policy routing is disabled
Network address translation is disabled Web Cache Redirect is disabled BGP Policy Mapping
is disabled
What is the difference between switched virtual circuits (SVCs) and permanent virtual circuits
(PVCs)?
SVCs are virtual circuits that are dynamically established when data needs to be transferred
and that are terminated when data transmission is complete. SVCs consist of four states: call
setup, data transfer, idle, and call termination. PVCs are permanently established virtual
circuits that operate in one of two states: idle or data transfer. When the PVC is idle, the
connection between the DTE devices is still active.
In the Frame Relay header, what is the discard eligibility (DE) bit?
If congestion is detected on the Frame Relay network, the DE bit is turned on in the Frame
Relay header. The DE bit is turned on for frames that are in excess of the CIR. The DE bit tells
a switch which frames to discard if they must be discarded.
What is the default LMI type for Cisco routers that are configured for Frame Relay?
The default LMI for Cisco routers configured for Frame Relay is Cisco. If you are running Cisco
IOS Release 11.2 or later, the Cisco router tries to autosense which LMI type the Frame Relay
switch is using. If it cannot autosense the LMI type, the router uses Cisco as its LMI type. The
three types of LMIs supported by Cisco routers are:
Cisco
ANSI
Q933a
When a router receives LMI information, it updates its VC status to one of three states. What
are these three states?
The three states that a VC uses to update its status are as follows:
Active state The connection is active, and routers can exchange data.
Inactive state The local connection to the Frame Relay switch is working, but the remote
router's connection to the Frame Relay switch is not working.
Deleted state Indicates that no LMIs are being received from the Frame Relay switch or that
there is no service between the router and the Frame Relay switch.
RouterB(config)#int s 0
RouterB(config-if)#encapsulation frame-relay
The default encapsulation for a serial interface configured for Frame Relay is cisco. If you are
connecting to a non-Cisco router, how do you change the encapsulation type?
If you are connecting to a non-Cisco router in a Frame Relay network, you need to specify ietf
as the encapsulation type:
If you are using Cisco IOS Release 11.1 or earlier, or if you do not want to autosense the LMI
type, how do you define the LMI type on a Cisco router?
To define the LMI type on a Cisco router, use the frame-relay lmi-type {ansi cisco q933a}
interface command:
RouterB(config-if)#encapsulation frame-relay
If a remote router does not support Inverse ARP, you must define the address-to-DLCI table
statically. How do you create these static maps?
To define static maps on a Cisco router, use the following command:
broadcast specifies whether you want to forward broadcasts over the VC, permitting dynamic
routing protocols over the VC. ietf cisco is the encapsulation type.
How do you display the encapsulation type, DLCI, LMI type, and whether the device is a DTE
or DCE on a serial interface?
To display the interface's encapsulation type, DLCI number, LMI type, and whether the device
is a DTE or DCE, use the show interface interface-type interface-number command:
RouterA#show int s0
What Cisco IOS command displays the LMI traffic statistics and LMI type?
The show frame-relay lmi command displays the LMI traffic statistics and LMI type:
RouterA#show frame-relay lmi
routera#
How do you display the current Frame Relay map entries and information about these
connections on a Cisco router?
To view the current map entries and information about the connections, use the show frame-
relay map command:
Use the clear frame-relay-inarp privileged EXEC command to clear dynamic Frame Relay
maps created by Inverse ARP.
If these routers share a command link and agree on parameters set within their Hello packets
then they become neighbors. If these parameters differ then the routers do not become
neighbors and communication stops.
OSPF routers form adjacencies with certain routers. These routers are determined by the layer
2 (data link) media type and as soon as the adjacencies are formed each router sends LSAs
(Link State Advertisements) to all adjacent routers. The LSAs describe the state of each
router's links. There are multiple LSA types and a route that receives an LSA from a neighbor
records the LSA in a link-state database and floods a copy of the LSA to all its other neighbors.
When all databases are complete - then each router uses the SPF (Shortest-Path First)
algorithm to calculate a loop-free topology and builds its routing table based on this topology.
It is important to note that the Hello protocol is bidrectional and is the means by which
neighbors are discovered and acts as keepalives between neighboring routers. It also
establishes and maintain neighbor relationships and elects the DR (Designated Router) and
BDR (Backup Designated Router) to represent the segment on Broadcast and NBMA
(nobroadcast multiaccess) networks.
Note: Hello protocols are sent periodically sent out each OSPF-enabled interface using IP
multicast address 224.0.0.5. The default interval on NBMA (nonbroadcast multiaccess)
networks is 30 seconds. The default interval on Broadcast, Point-to-point, and point-to-
multipoint networks is 10 seconds.
Type 2 LSAs are network LSAs and are generated by the DR (Designated Router) and the
BDR (Backup Designated Router). They describe the routers attached to a particular network
and are flooded within a single area (area 0 for example).
Based on the schema above -- if adjacencies are established with only with the DR
(Designated Router) and BDR (Backup Designated Router)- what is the circuit count?
Formula:
2(n - 1) where n is the number of routers in the network.
2(5 - 1) = 8 circuits.
A circuit can also be thought of as an adjacency or connection.
Count four going into the DR and 4 going into the BDR for a total of 8.
Note: OSPF avoids synchronizing between every pair of routers in the network by using a DR
and BDR. This way adjacencies are formed only to the DR and BDR, and the number of LSAs
sent over the network is reduced. Now only the DR and BDR have four adjacencies, and all
the other routers have two.
On an OSPF-enabled router -- what is the router ID and where does an OSPF-enabled router
receive its router ID?
To initialize - OSPF must be able to define a router ID. The most common and stable source
for a router ID is the IP address set on the logical loopback interface that is always available. If
no logical interface is defined -- then the router receives its ID from the highest IP address on
the physical interfaces.
Note: If two loopback addresses are defined -- it will use the highest loopback address. Think
highest logical or highest physical interface address.
Virtual links: Virtual links area special configuration that the router interprets as unnumbered
point-to-point networks. The network administrator creates/defines virtual links.
What is routing?
Routing is the process in which items are forwarded from one location to another. Routing is a
hop-by-hop paradigm.
A Cisco router performs routing and switching functions. Describe what each function does.
Routing is a way to learn and maintain awareness of the network topology. Each router
maintains a routing table in which it looks up the destination Layer 3 address to get the packet
one step closer to its destination.The switching function is the actual movement of temporary
traffic through the router, from an inbound interface to an outbound interface.
What are the three types of routes you can use in a Cisco router?
The three types of routes are static routes, dynamic routes, and default routes.
This example instructs the router to route to 172.16.0.1 any packets that have a destination of
172.17.0.0 to 172.17.255.255
IGP is used to exchange routing information among routers in the same autonomous system
(AS). EGP is used to communicate between ASs.
Note: For more information about autonomous systems, see Interconnecting Cisco Network
Device (Cisco Press).
Static route
EIGRP
IGRP
OSPF
RIP
External EIGRP
Unknown
Static route 1
EIGRP 90
IGRP 100
OSPF 110
RIP 120
External EIGRP 170
Unknown 255
How do distance vector routing protocols keep track of any changes to the internetwork?
Distance vector routing protocols keep track of an internetwork by periodically broadcasting
updates out all active interfaces. This broadcast contains the entire routing table. This method
is often called routing by rumor.
Slow convergence of distance vector routing protocols can
What are some mechanisms that distance vector protocols implement to prevent routing loops
and inconsistent routing tables?
Here are some of the ways distance vector routing protocols prevent routing loops and
inconsistent routing tables:
Maximum hop count Split horizon
What is convergence?
Convergence is when all routers have consistent knowledge and correct routing tables.
What is IP RIP? IP
RouterB(config-router)#network 192.168.1.0
RouterB(config-router)#network 192.168.2.0
How do you stop RIP updates from propagating out an interface on a router?
Sometimes you do not want RIP updates to propagate across the WAN, wasting valuable
bandwidth or giving out valuable information about your internetwork. The easiest way to stop
RIP updates from propagating out an interface is to use the passive-interface global
configuration command.
RouterA(config-router)#network 192.168.0.0
RouterA(config-router)#network 192.168.1.0
RouterA(config-router)#network 192.168.2.0
Route update timer Time between router updates The default is 90 seconds.
Route invalid timer Time that must expire before a route becomes invalid . The default is 270
seconds.
Route flush timer[md]Time from when a route becomes invalid to when it is removed from the
routing table. The default is 630 seconds.
What three major functions do Data Link Layer / Layer 2 Switches perform?
Address learning
Packet forwarding/filtering
Loop avoidance by spanning tree
What will occur when you attempt to segment a network with hubs and repeaters?
Basically, hubs and repeaters become extensions of the physical cable plant. All devices that connect to
either a hub or a repeater share the same bandwidth and by definition hubs and repeaters create a single
broadcast and collision domain.
Think of both devices are pass-through devices much like a electrical power-strip. Hubs and repeaters
reside on the Physical Layer / Layer 1 of the OSI model where they pass 0s and 1s along the wire or up
to the Data Link Layer. CSUs / Channel Service Units fall into the same category. All are regarded as
unintelligent devices. No addressing takes place on the Physical layer.
What are the pros can cons of segmenting a LAN with routers?
Cons: Routers are not transparent and are implemented in software thereby introducing latency in the
network.
Remember: Routers = Network Layer / Layer 3 on the OSI model - Logical addressing (IP address).
Functions: Two key functions: routing and switching. The routing component is responsibile for
learning and maintaining awareness of the network topology. The switching function is the process of
moving packets from an inbound interface (Ethernet 0 for example) to an outbound interface (Serial 0
for example). Path selection is a key term.
What is microsegmentation?
Each workstation or network device on the network has its own dedicated segment - also known as a
Collision Domain - to a switch. Each device gets the segments full bandwidth and does not have to share
the dedicated segment with other devices. Collisions are reduced because each segment is its own
Collision Domain.
Important: Full-duplex transmission is achieved by microsegmentation. Each device can send and
receive at the same time which doubles the amount of bandwidth between nodes.
How do you configure an IP address and subnet mask on a Catalyst 1900 switch?
To configure an IP address and subnet mask on a Catalyst 1900 switch, use the ip address address mask
global configuration command:
Why would you want to assign an IP address to a Layer 2 device, such as a switch?
You would assign an IP address to a Layer 2 device for management and configuration. With an IP
address enabled on a Cisco switch, you can Telnet into it and change the configuration. You can also
enable SNMP on the device and remotely monitor the switch.
On a Catalyst 1900 switch, what command can you use to view the switch's IP address, subnet mask,
and default gateway?
The show ip command displays the switch's IP address, subnet mask, and default gateway. Here's an
example:
Management VLAN: 1
Domain name:
HTTP port : 80
RIP : Enabled
Cat1900#
Cat1900(config)#interface e0/1
Cat1900(config-if)#duplex full
Cat1900(config)#interface e0/1
Cat1900(config-if)#duplex full
What command can you use to view the duplex settings and spanning tree state of a Catalyst switch?
You use the show interface type module/port EXEC command to view the duplex settings and spanning
tree state. This example shows the output for the show interface command on Ethernet interface 0/1:
Forward Transitions: 1
What command can you use to check for frame check sequence (FCS) or late collision errors?
The show interface type module/port EXEC command displays FCS or late collision errors.
Cat1900#show interface e0/1
How do you display the MAC address table on a Catalyst 1900 switch?
The show mac-address-table EXEC command displays the MAC address table and also tells you
whether the MAC address entry is dynamic, permanent, or static. Here's an example: Cat1900#show
mac-address-table
----------------------------------------------------------------------
What is the maximum number of MAC addresses a Catalyst 1900 can store in its MAC address table?
The maximum number of MAC addresses a Catalyst 1900 can store in its MAC address table is 1024.
How do you restrict a MAC address to a specific port on a Catalyst 1900 switch?
To restrict a MAC address to a specific port, use the mac-address-table restricted static mac-address type
module/port src-if-list global command:
What EXEC command can you use to show the port security configurations on a Catalyst 1900 switch?
The show mac-address-table security command displays the port security configurations: Cat1900#show
mac-address-table security
Action upon address violation : Suspend Interface Addressing Security Address Table Size Clear
Address
-------------------------------------------------------------------------------
Ethernet 0/1 Disabled N/A NoEthernet 0/2 Disabled N/A NoEthernet 0/3 Enabled 100 NoEthernet 0/4
Disabled N/A NoEthernet 0/5 Disabled N/A NoEthernet 0/6 Disabled N/A NoEthernet 0/7 Disabled
N/A NoEthernet 0/8 Disabled N/A NoEthernet 0/9 Disabled N/A No
What Catalyst command can you use to display information about the IOS software version and
hardware information about the switch?
The show version EXEC command displays the IOS software version and hardware information about
the switch. The following example shows the output of the show version command on a Catalyst switch:
Cat1900#show version
What Catalyst command do you use to back up the running configuration to a TFTP server?
Use the copy nvram tftp://host/dst_file command to back up the running configuration to a TFTP server:
How do you restore a configuration file from a TFTP server on a Catalyst 1900 switch?
To restore a configuration file from a TFTP server, use the copy tftp://host/src_file nvram command:
Cat1900#
What Catalyst 1900 command would you use to restore the switch to its factory settings?
To restore a 1900 series switch to its factory settings, use the delete nvram command.
Note: Because CDP is media-independent it can operate over most media types. The only
media types CDP cannot operate over are X.25, because it doesn't support SNAP
encapsulation, and Frame Relay point-to-multipoint interfaces.
RouterB(config)#int e0
RouterB#show cdp
Note: For the CCNA test, remember that the default time a device will send out CDP
information is 60 seconds and the default holdtime is 180 seconds.
On a Cisco router, what does the show cdp neighbors command display?
The show cdp neighbors command displays the following:
The device's capability code (this tells you if the device is a router, switch, or repeater)
Hardware platform of the neighboring device (what type of Cisco device it is and the model)
Capability Codes:
Layer 3 address of the remote device (if the device has more than one Layer 3 address on its
interface, only the primary address is shown)
-------------------------
Entry address(es):
IP address: 192.168.2.1
(fc1)Copyright (c) 1986-2000 by cisco Systems, Inc.Compiled Wed 06-Sep-00 01:08 by Linda
Encapsulation ARPA
Encapsulation HDLC
Encapsulation HDLC
What Cisco IOS router command can you use to see a neighbor router's IP address?
To see a neighbor router's IP address, you must use the show cdp neighbor detail or show cdp
entry * user mode or EXEC command. (This one will probably be on the exam)
What IOS command do you use to view the active outbound telnet sessions for the current
user on a Cisco router?
The show sessions command displays the active outbound telnet sessions from that particular
user on your router.
RouterA#show sessions
What key sequence do you use to suspend a Telnet session on a remote system and return to
your local router?
To suspend a Telnet session, press Ctrl-Shift-6, and then press X.
RouterA#
Upon using the ping EXEC command, you receive one of the following responses:
I
What does each of these responses mean?
. = Each period indicates that the network server timed out while waiting for a reply.
RouterA#trace 192.168.2.2
What are the two ways in which a Cisco router resolves host names to IP addresses?
A Cisco router resolves host names using either a host table on each router or a DNS server.
What Cisco IOS command would you use to view the current configuration register value?
The show version command is used to display the router's current configuration register:
RouterA#show version
RouterA#show flash
What IOS command would you use to copy the running configuration on a router to a TFTP
server?
To copy the running configuration to a TFTP server, use the copy running-config tftp privileged
EXEC command:
!!
How do you erase the router's configuration and bring it back to the factory default?
The erase startup-config privileged EXEC command erases your router's configuration, thus
bringing it back to its factory defaults:
RouterB#erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm]
How do you restore a configuration file from a TFTP server into your Cisco router's RAM?
The copy tftp running-config privileged EXEC command merges the saved and running
configuration into your router's RAM, so any commands not explicitly change or removed will
remain in the running configuration.
RouterB#copy tftp running-config
Accessing tftp://192.168.0.2/routerb-confg...
[OK - 780/1024 bytes] 780 bytes copied in 4.12 secs (195 bytes/sec)
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6897716 bytes copied in
90.856 secs (76641 bytes/sec)
routed protocols
enable password
Router>enable
Password:
Router#
When you are in privileged EXEC mode, how do you return to user EXEC mode?
You return to user EXEC mode using the disable, exit, or end IOS commands. Here is an
example of using the disable command:
Router#disable
Router>
What two types of content-sensitive help are available in the Cisco IOS?
Word help and command syntax help are the two types of content-sensitive help. Word help
uses a question mark and identifies commands that start with a character or sequence of
characters. For example, the following router output shows the use of word help for any IOS
command that starts with the letters cl:
Router#cl?
clear clock
Command syntax help is when you use a question mark after a command so that you can see how to complete
the command.
For example:
Router#clock ?
set Set the time and date
On
Router#show version
Cisco Internetwork Operating System SoftwareIOS (tm) 2500 Software (C2500-D-L), Version
12.0(13), RELEASE SOFTWARE (fc1)Copyright (c) 1986-2000 by Cisco Systems,
Inc.Compiled Wed 06-Sep-00 01:08 by lindaImage text-base: 0x030388F8, data-base:
0x00001000 ROM: System Bootstrap, Version 5.2(5), RELEASE SOFTWAREBOOTFLASH:
3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(5), RELEASE SOFTWARE (fc1)
Router uptime is 50 minutesSystem restarted by power-onSystem image file is "flash:c2500-d-
l.120-13.bin" cisco 2505 (68030) processor (revision C) with 8192K/2048K bytes of
memory.Processor board ID 02073409, with hardware revision 00000000(text omitted)32K
bytes of non-volatile configuration memory.8192K bytes of processor board System flash
(Read ONLY) Configuration register is 0x2102
Router#show running-config
Building configuration...
Current configuration:
!
version 12.0service timestamps debug uptimeservice timestamps log uptimeno service
password-encryption
!
hostname Router
!
enable password cisco
!
--More--
What Cisco router command would you use to view a list of the most recently used
commands?
The show history command, by default, displays the last ten commands used. You can also
use the up arrow key (or Ctrl-P) to display the last command you entered and the down arrow
key (or Ctrl-N) to display the previous commands you entered. The following is an example of
the show history command:
Router#show history
en
Command history is enabled by default and records ten commands in its history buffer for the
current session. How do you edit the number of commands that are stored in the router's
history buffer?
To edit the number of command lines stored for the current session, use the terminal history
[size number-of-lines] command in privileged EXEC mode. For example, the following changes
the history size to 20 lines:
On a Cisco router, name the enhanced editing commands that are used to do the following:
Move the cursor to the beginning of the line
Move the cursor to the end of the line
Move the cursor forward one character
Move the cursor back one character
Move the cursor back one word Delete a line
Complete a line Display a line versus a screen
Move the cursor to the beginning of the line Ctrl-A
Move the cursor to the end of the line Ctrl-E
Move the cursor forward one character Ctrl-F
Move the cursor back one character Ctrl-B
Move the cursor back one word Esc-B
Delete all characters from the cursor to the beginning of the command
line - Ctrl-U
Complete a line - Tab
Display a line versus a screen - Enter
Router(config)#hostname RouterA
RouterA(config)#
RouterA(config)#banner motd # Enter TEXT message. End with the character '#'.Warning only
authorized users many access this Router. #
RouterA(config)#
Note: The MOTD banner is displayed to anyone connecting to the router via Telnet, console
port, or auxiliary port.
RouterA(config)#line console 0
RouterA(config-line)#login
RouterA(config-line)#password CCNA
In this example, the login subcommand forces the router to prompt for authentication. Without
this command, the router will not authenticate a password. The password CCNA command
sets the console password to CCNA. The password you set is case-sensitive.
RouterA(config)#line vty 0 4
RouterA(config-line)#login
RouterA(config-line)#password CCNA
What command do you use to add a password to the auxiliary interface on your Cisco router?
To add a password to the auxiliary interface, use the line aux
On a Cisco router, how do you set a password to restrict access to privileged EXEC mode?
You set a password to restrict access to privileged EXEC mode using the enable password
global configuration command:
By default, when you view the router's configuration, the enable password is not encrypted.
What command can you enter to use an encrypted enable password?
To use an encrypted enable password, use the enable secret password global configuration
command, where password is a case-sensitive password you assign:
When you view the configuration on Cisco routers, only the enable secret password is
encrypted.
RouterA(config)#service password-encryption
RouterA(config)#interface serial 1
RouterA(config-if)#
Cisco interfaces start with 0 instead of 1. So the first interface would be number 0. The prompt
also changes to RouterA(config-if)# to tell you that you are in interface mode. If you have a
router with module slot, such as the Cisco 3600, you would enter into interface mode by
entering the slot/port number. For example, if you have a
What are some of the things the show interface interface-type number command displays?
The show interface command displays the following: Whether the interface is administratively
down Whether the line protocol is up or down An Internet address (if one is configured) MTU
and bandwidth Traffic statistics on the interface Interface encapsulation type
RouterA#show interface s0
Serial0 is down, line protocol is down
Hardware is HD64570 Internet address is 192.168.1.1/24 MTU 1500 bytes, BW 1544 Kbit,
DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive
set (10 sec) Last input never, output never, output hang never Last clearing of "show interface"
counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy:
weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations
0/0/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5
minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0
packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input
errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 underruns 0
output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped
out 0 carrier transitions DCD=up DSR=up DTR=down RTS=down CTS=up
On your Cisco router, you enter show interface s0 and notice that the port is administratively
down. What does this mean, and how do you fix it?
When an interface is administratively down, it has been shut down manually. To remedy this,
enter the interface command no shut.
What two commands can you use to show the clock rate on a serial interface?
To view the clock rate on a serial interface, you can use the show running-config enable
command and the show controllers enable command.
Assuming that you are using no CSU/DSU and you are using back-to-back DTE/DCE serial
cables, what command would you use to set the serial interface on a router to provide clocking
to another router at 64 Kbps?
The command to set the serial interface on a router to provide clocking to another router at 64
Kbps is clock rate 64000. Setting the clock rate on an interface makes it a DCE interface.
What Cisco IOS router command would you use to find out
RouterA#show controllers s 0
HD unit 0, idb = 0xCCE04, driver structure at 0xD2298buffer size 1524 HD unit 0, V.35 DCE
cable, clockrate 56000cpb = 0x81, eda = 0x4940, cda = 0x4800RX ring with 16 entries at
0x814800
PPP is a data link layer protocol that provides network-layer services. What are the two
sublayers of PPP?
The two sublayers of PPP are the following:
Network Core Protocol (NCP) is the component that encapsulates and configures multiple
network layer protocols. Some examples<>
Link Control Protocol (LCP) is used to establish, configure, maintain, and terminate PPP
connections.
PAP is the less-secure of the two methods; passwords are sent in clear text and are
exchanged only upon initial link establishment.
CHAP is used upon initial link establishment and periodically to make sure that the router is
still communicating with the same host. CHAP passwords are
NETMETRIC-SOLUTIONS www.netmetric-solutions.com 145
All contents are copyright @ 2007-2010 All rights reserved.
Instructor : Sikandar
sikandarbaadshah@gmail.com 9985048840
exchanged as MD5 encrypted values.
Step 3. Network layer protocol phase--PPP sends NCP packets to choose and configure one
or more network layer protocols to be encapsulated and sent over the PPP data link (Layer 3).
How do you enable PPP authentication using PAP or CHAP on a Cisco router?
To enable PPP authentication on a Cisco router, follow these steps:
Step 1. Make sure that each router has a host name assigned to it using the hostname
command.
Step 2. On each router, define the username of the remote router and password that both
routers will use with the username name password password command.
Step 3. Configure PPP authentication with the ppp authentication {chap chap pap pap chap
pap} interface command. (If both PAP and CHAP are enabled, the first method you specify in
the command is used. If the peer suggests the second method or refuses the first method, the
second method is used.)
For example:
RouterB(config)#hostname RouterB
RouterB(config)#int s0
HDLC
What are the two methods you can use to assign a port to a VLAN?
The two methods to assign a port to a VLAN are
Statically
Dynamically
How many extra bytes does ISL add to an existing Ethernet frame?
ISL adds a 26-byte ISL header and a 4-byte CRC to each frame, extending each Ethernet
frame by 30 bytes. ISL tagging is implemented in ASICs, so tagging is done at wire speed.
What is VTP?
VLAN Trunking Protocol (VTP) is a Layer 2 messaging protocol that maintains VLAN
configuration consistency throughout a common administrative domain by managing VLANs'
additions, deletions, and name changes across multiple switches. Without VTP, you would
have to add VLAN information in all switches in your network.
How often are VTP advertisements flooded throughout the management domain?
VTP advertisements are flooded throughout the management domain every 5 minutes or
whenever a change occurs in VLAN configuration.
What VLAN number are CDP and VTP advertisements sent across?
CDP and VTP advertisements are sent on VLAN 1, which is also known as the management
VLAN.
What must you remember before you create VLANs on a Catalyst switch?
Before you create VLANs on a Catalyst 1900 switch, the switch must be in VTP server mode
or VTP transparent mode.
Cat1900(config)#vtp server
Cat1900#show vtp
Configuration revision: 0
What Catalyst 1900 command can you use to verify VLAN information?
To verify VLAN information, use the show vlan vlan-number privileged EXEC command.
What two protocols function at the transport (host-to-host) layer of the TCP/IP model?
The two protocols that function at the host-to-host layer of the TCP/IP model are TCP and
UDP. (TCP is a connection-oriented, reliable protocol. UDP is a connectionless and
unacknowledged protocol.)
How many bytes are in the header for TCP and UDP packets?
A TCP header contains 20 bytes, and a UDP header contains 8 bytes.
What are some protocols that operate at the TCP/IP Internet layer?
Some protocols that operate at the TCP/IP Internet layer are
IP
ICMP
ARP
RARP
What are the IP address ranges for Class A, Class B, and Class C addresses?
The address ranges are as follows: Class A 1.0.0.0 to 126.0.0.0Class B 128.0.0.0 to
191.255.0.0Class C 192.0.0.0 to 223.255.255.0
RouterB(config)#inter e0
RouterB(config-if)#no shut
Note: By default all interfaces on a Cisco router are administratively disabled. To enable them
you must use the "no shut" interface command.
What Cisco IOS command can you use to program the router to use a DNS server to resolve
host names?
The ip name-server server-address [[server-address2]...[server-address6]] command lets you
program the Cisco router to resolve host names with a DNS server. Here's an example:
If you enter a command that a Cisco router does not recognize, the router tries to resolve the
command you just entered with a DNS server. How do you turn off this DNS domain lookup?
To turn off DNS domain lookup, use the no ip domain-lookup global command. Here's an
example: RouterB#enb
RouterB#config t
RouterB(config)#no ip domain-lookup
For different VLANs to communicate with each other, they need to be routed (a router!). To
perform inter-VLAN routing, what two things must occur?
To perform inter-VLAN routing, the following must occur:
The router must know how to reach all VLANs being interconnected.
The router must have a separate physical connection on the router for each VLAN, or trunking
must be enabled on a single physical connection.
RouterB(config-subif)#encapsulation isl 1
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
7 packets output, 1584 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
5 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up