Submitted in partial fulfillment of the requirements for the award of degree of

BACHELOR OF TECHNOLOGY
IN
COMPUTER SCIENCE AND ENGINEERING INFORMATION
TECHNOLOGY

DEPARTMENT NAME: B.TECH (CSE)

I.K. GUJRAL PUNJAB TECHNICAL UNIVERSITY,
JALANDHAR
OF INSTITUTIONS
Jan 20_-May 20_

Submitted To : Submitted By:

ACKNOWLEDGMENT

1
I am highly grateful to the (Name of HOD) HOD CSE and IT,
(College Name) for providing this opportunity to carry out the six
month industrial training at INFOWIZ.
I would like to express my gratitude to other faculty members of
Computer Science and Engineering department of SGI, for providing
academic inputs, guidance and encouragement throughout the training
period.

The author would like to express a deep sense of gratitude and thank to
Mr. Kamaljot Kansal, Director of company, without whose permission,
wise counsel and able guidance, it would have not been possible to
pursue my training in this manner.

The help rendered by Mr. (Student Name), supervisor Er. Manish

Kumar for experimentation is greatly acknowledged.

Finally, I express my indebtedness to all who have directly or indirectly

contributed to the successful completion of my industrial training.

’INFOWIZ

2
INFOWIZ was formed in 2011 with the mission to provide Industrial training to
aspiring Engineers and technical support to industries. Within a short span of 9
years “Infowiz” has become one of the leading organizations which offer state of art
professional IT solutions, Industrial trainings, technical support and consultancy to
software companies in India and abroad. Due to quality assurance and high level of
commitments in our services, we have won quite a few accolades and are associated
with reputed universities and popular corporates, in the field. We strive to impart
personalized, professional and contemporary experiential trainings on all the
engineering streams that are necessary for the career, success and growth for both
students & industry respectively.

Business overview

Founded as industrial lab for providing industrial training to undergraduate

engineers, “Infowiz” has grown progressively to become vertically integrated
company in the industrial training arena. The core business of the company is to
deliver range of industrial trainings in various engineering streams to students, IT
solutions, software consultancy and support to small and big companies. ‘Infowiz’
enjoys the distinction of being Unique & Positive in the tri-city (Chandigarh,
Panchkula Mohali) with extensive steams of softwares & engineering subjects.
“Infowiz” is in a strong position to work with reputed Universities and Corporates`

Company Strategy

 Vision: To provide unique & high quality trainings that exceeds the
expectations of our esteemed Students and Clients.
 Purpose: To be a leader in the Industrial training industry by providing
enhanced relationship and profitability.
 Mission statement: To build long term relationships with our students and
clients and provide exceptional customer services by pursuing business
through innovation and advanced technology.

Core values:

 We believe in treating our students & customers with respect and faith,
 We grow through creativity, research and innovation,
 We integrate honesty, integrity and business ethics into all aspects of our business
functioning

Goals:

3
  Regional & National expansion in the field of trainings/software consultancy and
develop a strong base of students & corporates.
 Increase the assets and investments of the company to support the development of
services.
 To build good reputation in the field of Industrial trainings & software consultancy
and become a key player in the industry.

Accolades

INFOWIZ won the NATIONAL AWARD for 3 consecutive years 2014-

2015,2015-2016 & 2016-2017 for BEST Industrial Training
 Best Education Provider Award 2017 from Punjab Education Minister S.
Dalijit Singh Cheema.
 Best Industrial Training Award 2016 from Honorable GOVERNER of
Punjab & Haryana.
 Best Industrial Training Award 2015 from Dr .Udit Raj (MP) & Mrs.
Vimla Mehra (IPS Delhi)

Project Portfolio

1. Web Development (PHP & .NET)

2. JAVA (Core & Advance)
3. Embedded systems (AVR, PIC & ARM)
4. I-phone & Android application development
5. Networking (MCSE,MCITP, CCNA, CCNP & RHSE)
6. Python, Big Data, Hadoop
7. Angular JS, Microsoft Azure,
8. Ethical Hacking & Cloud Computing
9. SEO & Bidding
10. Automation ( Scada,PLC, Pannel,Drives )
11. Artificial Intelligence , Machine Learning & Virtual Reality
12. AUTOCAD Civil and Mechanical (2D & 3D)
13. Solid Works,Catia,Pro-E,NX-10,Cre-o,Cnc Programming
14. Staad Pro,3Ds MAX,Revit,Prima Vera
15. C/C++/Data structure
16. Short term/long term Industrial training
17. Technical Support & Consultancy
18. BBA,MBA (MARKETING,HR & FINANCE)

Business Information

4
Business Type: Industrial Training on Engineering courses, IT Solutions,
Implementation

State: Chandigarh (UT) Location(s): Chandigarh, Bhatinda Country: India

Employee Count: 74 (Including CEO & MD)

Delivery Lead-time: depend on the type of course and training

Business Name: INFOWIZ

Business Address: SCO 118-120, Basement, Sector 34A, Chandigarh 

Business Email: info@infowiz.co.in

Business Tel: +91172-4567-88  +91 9888-500-888 +91 9888-600-888

Management & Leadership

INFOWIZ is led by a team of professionals and technicians who are honest,

committed and always ready to accept contemporary challenges. The leadership
roles are

1. Mr. Kamaljot Kansal (CEO)

Mr. Kansal has been turning ideas into realities ever since he has taken up the task
of promoting INFOWIZ. In his own words “I never dreamt about success I worked
for It.” reflects that he believes in talk less and work more theory. No doubt under
his leadership INFOWIZ has become one of strongest companies in the field of IT
solutions in less than a decade. His management fundamental is “team work” as he
takes along, talks along all his team members and appreciates and attributes their
contribution to the success of INFOWIZ. He is determined to bring Infowiz in the
top 5 companies in the country.

2. Dr. Seema (Managing Director)

Dr. Seema has with more than 9 years of practical experience in the field is one of
the strongest pillars of INFOWIZ. Her management style is unique and well
accepted by the students and associates. She believes in taking new challenges and
implementing rational strategies for the benefit of organization.

ABSTRACT

5
Security has been a pivotal issue in the design and deployment of an enterprise
network. With the innovation and diffusion of new technology such as Universal
computing, Enterprise mobility, E-commerce and Cloud computing, the network
security has still remained as an ever increasing challenge. A Campus network is an
important part of campus life and network security is essential for a campus.
Campus network faces challenges to address core issues of security which are
governed by network architecture. Secured network protects an institution from
security attacks associated with network. A university network has a number of
uses, such as teaching, learning, research, management, e-library, result publishing
and connection with the external users. Network security will prevent the university
network from different types of threats and attacks. The theoretical contribution of
this study is a reference model architecture of the university campus network that
can be followed or adapted to build a robust yet flexible network that responds to
the next generation requirements. A hierarchical architecture of the campus network
is configured with different types of security issues for ensuring the quality of
service. In this project, a tested and secure network design is proposed based on the
practical requirements and this proposed network infrastructure is realizable with
adaptable infrastructure.

6
List of Figures

Figure No. Title Page No.

1.1.1 OSI Model 7
1.2.1 Networking Area 7
1.3.1 Point-to-point line configuration 8
1.3.2 Multipoint line configuration 9
1.4.1 Personal Area Network 9
1.4.2 Local Area Network 9
1.4.3 Metropolitan Area Network 10
1.4.4 Wide Area Network 10
1.5.1 Mesh Topology 11
1.5.2 Star Topology 11
1.5.3 Tree Topology 12
1.5.4 Bus Topology 12
1.5.5 Hybrid Topology 13
2.1.1-2.1.2 Software Interface Overview 18-19
3.2.1 RJ 45 Connector 21
3.2.2 Twisted Pair Cable 21
3.2.3 Coaxial Cable 22
3.2.4 Crossover Cable 22
3.2.5 Router 23
3.2.6 Switch 23
3.2.7 Laptop 24
3.2.8 Repeater 25
4.4.1 E-phone Overview 29
5.10.1 Router on stick 41

7
 Table of Contents
Sr. No. Topic Page No.
1. Introduction 7-17

2. Cisco Packet Tracer 18-19

3. Design Flow 20-26

4. Networking Protocols 27-40

5. Simulation and Working 41-63

6. Conclusion and Future Scope 64-65

8
Chapter 1
Introduction
1.1 Open System interconnection model:

OSI model is not network architecture because it does not specify the exact services
and protocols for each layer. It simply tells what each layer should do by defining its
input and output data. It is up to network architects to implement the layers according
to their needs and resources available.

These are the seven layers of the OSI model −

 Physical layer −It is the first layer that physically connects the two systems that
need to communicate. It transmits data in bits and manages simplex or duplex
transmission by modem. It also manages Network Interface Card’s hardware interface
to the network, like cabling, cable terminators, topography, voltage levels, etc.

 Data link layer − It is the firmware layer of Network Interface Card. It assembles
datagram’s into frames and adds start and stop flags to each frame. It also resolves
problems caused by damaged, lost or duplicate frames.

 Network layer − It is concerned with routing, switching and controlling flow of

information between the workstations. It also breaks down transport layer datagram’s
into smaller datagram’s.

 Transport layer − Till the session layer, file is in its own form. Transport layer
breaks it down into data frames, provides error checking at network segment level
and prevents a fast host from overrunning a slower one. Transport layer isolates the
upper layers from network hardware.

 Session layer − this layer is responsible for establishing a session between two
workstations that want to exchange data.

 Presentation layer − this layer is concerned with correct representation of data,

i.e. syntax and semantics of information. It controls file level security and is also
responsible for converting data to network standards.

9
 Fig.1.1.1 OSI Model

1.2 Networking

A network is a set of devices connected by media links. A node can be computer,

printer, or any other device capable of sending and/or receiving data generated by
other nodes on the network. The links connecting the device are often called
communication channels. In other words it is the interconnection of two or more
computers for sharing data and resources.

Fig. 1.2.1 Networking Area

10
1.3Modes Of Networking:

 Point-to-Point Line Configuration – It provides a dedicated link between two

devices. The entire capacity of the channel is reserved for transmission between those
two devices These configurations use an actual length of wire or cable to connect the
two ends. For e.g. when you change t.v. channels by infrared remote control, you are
establishing point-to-point line configuration.

Fig. 1.3.1

 Multipoint Line Configuration - In this multiple devices are attached to a single

link. The entire capacity of the link is shared for the transmission between all the devices
connected to a link.

Fig.1.3.2

 WORK GROUP MODEL

11
 All computers are peers; no computer has control over another computer.
Each computer has a set of user accounts. To use any computer in the workgroup, you must
have an account on that computer.

There are typically no more than ten to twenty computers.

All computers must be on the same local network or subnet.

 DOMAIN MODEL

One or more computers are servers. Network administrators use servers to control the
security and permissions for all computers on the domain.

This makes it easy to make changes because the changes are automatically made to all
computers.

If you have a user account on the domain, you can log on to any computer on the domain
without needing an account on that computer.

There can be hundreds or thousands of computers.

1.4Types Of Networking:

PAN

PAN is the acronym for Personal Area Network. PAN is the interconnection between devices
within the range of a person’s private space, typically within a range of 10 metres. If you
have transferred images or songs from your laptop to mobile or from mobile to your friend’s
mobile using Bluetooth, you have set up and used a personal area network.

Fig.1.4.1 Personal Area Network

LAN

12
LAN or Local Area Network is a wired network spread over a single site like an office,
building or manufacturing unit. LAN is set up to when team members need to share software
and hardware resources with each other but not with the outside world. Typical software
resources include official documents, user manuals, employee handbook, etc. Hardware
resources that can be easily shared over the network include printer, fax machines, modems,
memory space, etc. This decreases infrastructure costs for the organization drastically. It is
basically a set of devices connecting within the same location.

Fig.1.4.2 Local Area Network

MAN

MAN is the acronym for Metropolitan Area Network. It is a network spread over a city,
college campus or a small region. MAN is larger than a LAN and typically spread over
several kilometres. Objective of MAN is to share hardware and software resources, thereby
decreasing infrastructure costs. MAN can be built by connecting several LANs. It is a set of
devices connecting within the same city limits.

Fig.1.4.3 Metropolitan Area Network

WAN

13
WAN or Wide Area Network is spread over a country or many countries. WAN is
typically a network of many LANs, MANs and WANs. Network is set up using wired
or wireless connections, depending on availability and reliability. It is a set of devices
connected in two or more different locations.

Fig.1.4.4

1.5 TOPOLOGIES OF NETWORK

The term topology refers to the way a network is laid out, either physically or
logically. Two or more devices connect to a link; two or more links form a topology.
It is the geometric representation of the relationship of all the links and linking
devices.

MESH
In a mesh topology, every device has a dedicated point-to-point link to every other
device. The dedicated means link will carry the traffic between only two devices
where it connects. A fully connected mesh network has n devices, n(n-1)/2 links,
andn-1 input/output ports for each device.

Fig.1.5.1

STAR

14
In star topology, central controller is connected to each device individually. Central
controller can be a hub, switch or router. Any exchange of data between two nodes
must take place through the hub. It is the most popular topology for information and
voice networks as central controller can process data received from source device
before sending it to the destination device.

Fig.1.5.2
TREE
Tree topology has a group of star networks connected to a linear bus backbone cable.
It incorporates features of both star and bus topologies. Tree topology is also called
hierarchical topology. Like a star nodes are linked to a central hub that controls the
traffic to the network. The majority of devices connect to a secondary hub that in turn
connected to the central hub. The central hub in the tree is an active hub. The
secondary hubs may be active or passive hubs. The active hub contains the repeater,
which regenerates the bits pattern it receives before sending them out. A passive
hub provides a simple physical connection between the attached devices.

Fig.1.5.3 Tree Topology

BUS

15
Alternatively referred to as a line topology, a bus topology is a network setup in which
each computer and network device are connected to a single cable or backbone.
Depending on the type of network card used in each computer of the bus topology, a
coaxial cable or a RJ-45 network cable is used to connect computers together.
Backbone is a portion of a computer network that is capable of carrying the majority
of traffic on the network at high speeds. The backbone often connects large networks
or companies together.

Fig.1.5.4 Bus Topology

RING
In ring topology, each device has a dedicated point-to-point line configuration only
with two devices on either side of it. A signal is passed along the ring in one direction,
from device to device until it reaches its destination. Each device in the ring has a
repeater. When the devices receive the signal intended for the other node, it just
regenerates the bits and passes them along. Ring network passes a token. A token is a
Short message with the electronic address of the receiver. Each network interface card
is given a unique electronic address, which is used to identify the computer on the
network.

Fig. 1.5.5 Ring Topology

HYBRID

16
In this type of topology we integrate two or more different topologies to form a
resultant topology which has good points (as well as weaknesses) of all the
constituent basic topologies rather than having characteristics of one specific
topology. This combination of topologies is done according to the requirements of the
organization. For example, if there exists a ring topology in one office department
while a bus topology in another department, connecting these two will result in
Hybrid topology. Remember connecting two similar topologies cannot be termed as
Hybrid topology. Star-Ring and Star-Bus networks are most common examples of
hybrid network.

Fig.1.5.6 Hybrid Topology

1.6 IP ADDRESSING IN NETWORKING

There are two kinds of addresses used in networks:
Physical Address

17
1. It is also called hardware address or MAC address.MAC stands for media access control.
2. It is present in the chip of a NIC card.
3. It is unique for every NIC card and cannot be changed.
4. It is 48 bits. Out of 48 bits, 24 bits of address is given by the manufacturer of NIC card
and the remaining 24 bits of address is defined as per instructions given by IEEE.
5. IEEE stands for Institute of Electronics and Electrical Engineers.
Logical Address
1. It is also called software address.
2. It is given by the user and can be changed anytime.
3. Several schemes or protocols are used to define logical address in a computer.
4. These protocols are:
TCP/IP (Transmission Control Protocol/Internet Protocol)
IPX/SPX (Internetwork Packet Exchange/Sequential Packet Exchange)
DLC (Data Link Control)
AppleTalk

Protocol
Protocol is a set of rules which in communication between computers.
TCP/IP
1. It has become industry-standard
2. It was developed by DOD (Department of Defence) of USA.
3. It is used both in Internet (public network) and Intranet (private network).
4. It is of 32 bits.
5. Currently used version is IP v4.
6. IP v6 is also available.
7. It has four fields or octets.
8. Each octet is of 8 bits.
9. It can be represented by w.x.y.z
10. Minimum value of octet is 0 and maximum is 255
11. Each octet or field can have decimal values ranging from 0 to 255.
12. According to the value of w or first field, we have five classes of TCP/IP Addresses.

The first three classes are only used for computer addressing in a network.

1.7 IP ADDRESSING
IP (INTERNET PROTOCOL) is a 32 bit. It is divided in 4 octet each octet contain 8 bit. It
is numerical identification of computer on network. It is divided in to two parts one is

18
network and second is host. We use private ip address in LAN which is provided by IANA
(INTERNET ASSIGNING NUMBERING AUTHOURTIY). The minimum value (per
octet) is 0 and the maximum value is 255. IP address are divided in five classes.
1. Network ID: it represent the no. of on bit that is (1).
2. Host ID: it represent the no. of off bit that is (0).

Class Range Network Host ID Subnet Mask Total IP Valid IP

ID
A 1-127 8 24 255.0.0.0 16777216 16777214
B 128-191 16 16 255.255.0.0 65536 65534
C 192-223 24 8 255.255.255.0 256 254
D 224-239 It is reserved for multicast.
E 240-255 It is reserved for research/scientific use.

IP ADDRESS RANGES
Early network design, when global end to end connectivity was envisioned for all internet
hosts, intended that IP addresses be uniquely assigned to a particular computer or device.

However, it was found that it was not always necessary as private networks developed and
addresses space needed to be conserved (IPv4 address exhaustion).

Computer not connected to the internet, such as factory machines that communicate only with
each other via TCP/IP, need not have globally – unique IP addresses.

Three ranges of IPv4 addresses for private networks, one range for each class (A,B,C) were
reserved. These addresses are not routed on the Internet, and thus their use need not be
coordinated with an IP address registry.

IP Addresses are divided into two parts:

1. Private IP address
2. Public (live) IP address.

Public IP – It is used on public network i.e. internet and recognized on network. It is given
by the service provider IANA. Public IP is globally unique.

19
Private IP – It is used within the LAN or within the organization. But it is not
recognized on internet. It is given by the administrator. It is unique within the network
or organization. We don’t need to pay to service provider i.e. free and it is an
unregistered IP.
There are certain addresses in each class of IP address that are reserved for Private
networks. These are called private addresses.

Range for Private ip address

 Class A 10.0.0.0 to 10.255.255.255
 Class B 172.16.0.0 to 172.31.255.255
 Class C 192.168.0.0 to 192.168.255.255

Range of Public IP Address:

 1.0.0.0 to 9.255.255.255
 11.0.0.0 to 126.255.255.255
 128.0.0.0 to 172.15.255.255
 172.32.0.0 to 192.167.255.255
 192.169.0.0 to 223.255.255.255

1.8 Subnet Mask:

Subnet Mask is also 32 bit address,which tell us how many bits are used for network and
how many bits are used for host address. In subnet mask network bits are always 1 and host
bits are always 0.

Ping – Packet Internet Groper

This command is used to check the connectivity with other computer. Ping is performed with
in network or outside the network. In this process four packets are send to destination
address and four packets received from the destination address. Internet control massage
protocol is used for this process. Used for testing connectivity between two devices.

1.9 SUBNETTING
It is the process of dividing a single network into multiple smaller networks. It helps in
minimizing the wastage of IP address.
There are loads of reasons in favor of sub netting, including the following benefits:
20
Reduced Network Traffic – We all appreciate less traffic of any kind. Networks are no
different. Without trusty routers, packet traffic could grind the entire network down to a near
standstill. With routers most traffic will stay on the local network; only packets destined for
other networks will pass through the router. Routers create broadcast domains.

21
Chapter 2
Cisco Packet Tracer

2.1 Introduction to software used

The simulator that we have used to create a simulation of the network design of the Project is
CISCO PACKET TRACER version 7.2.1. Packet Tracer is an integrated simulation,
visualization, collaboration, and assessment environment. Packet Tracer supports student and
instructor creation of simulations, visualizations, and animations of networking phenomena.
Like any simulation, Packet Tracer relies on a simplified model of networking devices and
protocols. Real computer networks, experienced both in-person/hands-on and remotely,
remain the benchmark for understanding network behavior and developing networking skills.
Packet Tracer was created to help address the Digital Divide in networking education, where
many students and teachers lack access to equipment, bandwidth, and interactive modes of
learning networking.

Fig.2.1.1

22
 Fig.2.1.2 Interface Overview

23
Chapter 3
Design Flow

3.1 Architecture Diagram

(ADD your Project Photo Here)

Fig.3.1.1 ( Project Name)

Description: This project is based upon the networking on (Project Name). In this, we
configure networks ids i.e. internet protocols on routers with wired and wireless. In
academics block, there is wired routers i.e. the communication is done through the wires with
the help of routers and switches. We use three protocols there, namely, RIP, EIGRP and
OSPF. The network is secure because of telnet and secure socket shell. Also the
communication can be done from one side to another through dial- peer. On the other side,
there is wireless network i.e. all the home appliances are accessed through wireless router and
all the components are connected through Home Gateway.
Project is based on Big-Bazaar networking model architecture. In this networking model we
use some networking devices and cables to set a working project,

In this model we have use routing protocols and networking parameters.

 A one main router which is connected to the whole network, they pass the all
communication signals in the form of IP packages to other devices. And after the carrying the
signals they send the feedback IP Packages.

 We giving class A, class B, and class C different-different IP addresses in whole network.

 Whole networking divided in to sub units or sub branches then they easily handle their
own branch network.

 The whole networking based on the redistribution networking model.

24
A server is a computer program that provides services to other computer program (and their
users), in the same or other computer. The physical computer that runs a server program is
also often referred to as server. Services can be supplied centrally by the use of a server; in
other cases all the machines on a network have the same status with no dedicated server, and
services are supplied peer -to- peer.

Server used as an adjective, as in server operating system, refers to the product’s ability to
handle multiple requests, and is said to be “ server- grade”. A server operating system is
intended or better enabled to run server applications. The differences between the server and
workstation versions of a product can vary from the removal of an arbitrary software limits
due to licensing, as in the case of window 2000, or the addition of bundled applications as in
Mac OS X Server.

A server can also refer to a computer that has been set aside to run a specific server
application. Server application can be divided among server computers over an extreme
range, depending upon the workload.

In this project we also provided the remote access for routers to control and accessing the
other branch routers.In this cloud the router is configure with redistribution means the
configuration from rip to eigrp and rip to ospf and vice versa.

3.2 Required Components

Networking Cables:
 RJ45 CONNECTOR

RJ45 is the acronym for Registered Jack 45. RJ45 connector is an 8-pin jack used by devices
to physically connect to Ethernet based local area networks .Ethernet is a technology that
defines protocols for establishing a LAN. The cable used for Ethernet LANs are twisted pair
ones and have RJ45 connector pins at both ends. These pins go into the corresponding socket
on devices and connect the device to the network.

Fig.3.2.1 RJ 45 Connector
25
TWISTED PAIR CABLE

Copper wires are the most common wires used for transmitting signals because of good
performance at low costs. They are most commonly used in telephone lines. However, if two
or more wires are lying together, they can interfere with each other’s signals. To reduce this
electromagnetic interference, pair of copper wires are twisted together in helical shape like a
DNA molecule. Such twisted copper wires are called twisted pair. To reduce interference
between nearby twisted pairs, the twist rates are different for each pair.

Fig 3.2.2 Twisted pair Cable

COAXIAL CABLE
Coaxial cables are copper cables with better shielding than twisted pair cables, so that
transmitted signals may travel longer distances at higher speeds.

Fig.3.2.3

Crossover Cable
26
A crossover cable connects two devices of the same type, for example DTE-DTE or
DCE-DCE, usually connected asymmetrically ,by a modified cable called a crosslink.
Such distinction of devices was introduced by IBM Sometimes you will use crossover
cable, it's usually used to connect same type of devices. A crossover cable can be used
to:
 Connect 2 computers directly.

Fig.3.2.4 Crossover Cable

Network Devices:

ROUTER
A router is a network layer hardware device that transmits data from one LAN to another if
both networks support the same set of protocols. So a router is typically connected to at least
two LANs and the internet service provider .It receives its data in the form of packets, which
are data frames with their destination address added. Router also strengthens the signals
before transmitting them. That is why it is also called repeater. A router is a
communication device that is used to connect two logically and physically different
networks, two LANs, two WANs and a LAN with WAN. The main function of the router is
to sorting and the distribution of the data packets to their destinations based on their IP
addresses.

Fig.3.2.5 Router
SWITCH
27
Like the router, a switch is an intelligent device that maps the IP address with the MAC
address of the LAN card. Unlike the hubs, a switch does not broadcast the data to all the
computers; it sends the data packets only to the destined computer. Switches are used in the
LAN, MAN and WAN.

We have two types of switch.

1. Manageable Switch: It has console port by using this we can manage this switch
according to our need.
2. Non-Manageable Switch: It has no console port we use this switch as we purchase
it.

Fig.3.2.6

 GATEWAY
Gateway is a network device used to connect two or more dissimilar networks. In
networking parlance, networks that use different protocols are dissimilar networks. A
gateway usually is a computer with multiple NICs connected to different networks. A
gateway can also be configured completely using software.

 HUB
The central connecting device in a computer network is known as a hub. There are two types
of a hub i.e. active hub and passive hub. Every computer is directly connected with the hub.

Fig.3.2.7
BRIDGE

28
It is a device which is used to connect two different networks or locations together. It is a half
duplex device. Bridge can read the Ethernet data which gives the hardware address of the
destination address, not the IP address. Bridges forward all broadcast messages. Bridges and
switches basically do the same thing – break up collision domains on a network.

REPEATER

A repeater receives a signal and before it becomes too weak or corrupted regenerators the
original bit pattern. The repeater then sends the refreshed signal.

FIGURE 3.2.8 REPEATER

SERVER
A server is a running instance of an application capable of accepting requests from the client
and giving responses accordingly. Servers can run on any computer including dedicated
computers, which individually are also often referred to as "the server". Servers operate
within a client-server architecture. Servers are computer programs running to serve the
requests of other programs, the clients. Thus, the server performs some tasks on behalf of
clients. It facilitates the clients to share data, information or any hardware and software
resources Internet. Typical computing servers are database server, file server, mail server,
print server, web server, gaming server, and application server. Numerous systems use this
client server networking model including Web sites and email services. An alternative
model, peer-to-peer networking enables all computers to act as either a server or client as
needed.

LAPTOP
A laptop or a notebook is a portable personal computer with a clamshell form factor, suitable
for mobile use. There was a difference between laptops and notebooks in the past, but
29
nowadays it has gradually died away. Laptops are commonly used in a variety of settings,
including at work, in education, and for personal multimedia.

A laptop combines the components and inputs of a desktop computer, including display,
speakers, keyboard and pointing device (such as a touchpad) into a single device

Fig.3.2.9 Laptop

Chapter 4
Network Protocols

30
4.1 DYNAMIC ROUTING

In dynamic routing, we will enable a routing protocol on router. This protocol will send its
routing information to the neighbor router. The neighbors will analyze the information and
write new routes to the routing table. The routers will pass routing information receive from
one router to other router also. If there are more than one path available then routes are
compared and best path is selected.

Fig.4.1

Routing Information Protocol

The Routing Information Protocol (RIP) is one of the oldest distance-vector routing
protocols, which employs the hop count as a routing metric. RIP prevents routing loops by
implementing a limit on the number of hops allowed in a path from the source to a

31
destination. The maximum number of hops allowed for RIP is 15. This hop limit, however,
also limits the size of networks that RIP can support. A hop count of 16 is considered an
infinite distance, in other words the route is considered unreachable.

It is basically of two types:

 RIPv1- It is a class ful routing protocol that does not support sub netting. It uses
255.255.255.0 subnet mask for creating routing table.

 RIPv2- It is a classless routing protocol that supports sub netting.

EIGRP (Enhanced Interior Gateway Routing Protocol)

Enhanced Interior Gateway Routing Protocol is a routing protocol developed by Cisco

systems for routing many protocols across an enterprise Cisco network. It has characteristics
of both distance vector routing protocols and link state routing protocols. It is proprietary
which requires that you use Cisco routers. EIGRP will route the same protocols that IGRP
routes and use the same composite metrics as IGRP to select a best path destination.

OSPF (Open Shortest Path Factor)

Open Shortest Path First is a link-state routing protocol for Internet Protocol networks. It
uses a link state routing algorithm and falls into the group of interior routing protocols,
operating within a single autonomous system. It is defined as OSPF Version 2 for IPv4. The
updates for IPv6 are specified as OSPF Version 3.Area 0 is a backbone area number. It is
used in OSPF to connect two networks. An OSPF area is a grouping of contiguous networks
and routers. All routers in the same area share a common Area ID. Because a router can be a
member of more than one area at a time, the Area ID is associated with specific interfaces on
the router.

4.2 REDISTRIBUTION

Most networks you encounter will probably only run a single routing protocol like OSPF or
EIGRP. Maybe you find some old small networks that are still running RIP that need

32
migration to OSPF or EIGRP. What if you have a company that is running OSPF and you
just bought another company and their network is running EIGRP? It’s possible that we have
multiple routing protocols on our network and we’ll need some method to exchange routing
information between the different protocols. This is called redistribution. We’ll look into
some of the issues that we encounter. What are we going to do with our metrics? OSPF uses
cost and EIGRP uses K-values and they are not compatible with each other….RIP uses hop
count.

4.3 VTP (VLAN TRUNKING PROTOCOL)

VTP will let you create VLANs on one switch and all the other switches will
synchronize themselves. With the help of VTP, we can simplify the process of
creating Vlan. In multiple switches, we can configure one switch as VTP server
and all other switches will be configured as VTP client. We will create Vlans on
VTP server switch. The server will send periodic updates to VTP client switches.
The clients will create Vlans from the update received from the VTP server.

VTP server

VTP server is a switch in which we can create, delete or modify Vlans. The server will send
periodic updates for VTP clients.

VTP client

On VTP client, we are not able to create, modify or delete Vlans. The client will receive and
forward vtp updates. The client will create same Vlans as defined in vtp update. But we put
are switch in client mode having the same domain and password as the server has. Domain
name must match or case sensitive.

VTP Transparent

Transparent is a switch, which will receive and forward VTP update. It is able to create,
delete and modify Vlans locally. A transparent will not send its own VTP updates and will
not learn any information from received vtp update. It can only forward the Vlan information
but not synchronize the vlan information. Domain and password are same as that of server
and client.

4.4 VOIP (VOICE OVER INTERNET PROTOCOL)

VoIP Short Of "Voice Over Internet Protocol". VoIP is Also Called An "Internet
Telephone", "IP Telephony" And "Internet Calling". VoIP Is A Methodology Or Technology
For The Delivery Of Voice Communication Over Internet Protocol (IP) Network, Local Area
33
Network Or Wide Area Network. The Data Is Sent Digitally, Using The Internet Protocol
(IP) Instead Of Analog Telephone Lines. VoIP Allow People To Talk To One Another
Long-Distance And Around The World Without Having To Pay International Phone Charge.
VoIP Is An Alternative Way Of Making Phone Calls That Can Be Very Cheap Or
Completely Free.

VoIP Has Many Advantages:-

The Biggest Advantages Of VoIP is That We Can Use VoIP In Free Of Cost.

We Can Interact With Our Clients And Employees By Voip.

Skype Is A Example Of VoIP Services, We Can Skype For Share Message, Voice And
Video Calls For Free Worldwide.
Require Only Good Internet Connectionand VoIP Phone For Use VoIP Service

Fig 4.4.1 E-phone overview

How To Configure VoIP On CISCO Routers.

Step1

Configure Interface FastEthernet0/0 and DHCP Server on Router.

Configure The FA 0/0 Interface:-
34
Router> Enable
Router# Configure Terminal
Router(Config)# Interface FastEthernet0/0
Router(Config-If)# IP Address 192.168.1.1 255.255.255.0
Router(Config-If)# No Shutdown

Configure DHCP (Dynamic Host Configuration Server) on Router, DHCP Used For
Dynamically Provide IP Address in The Network. It Works on Port Number 67 and
68.
Configure DHCP on Router:-
Router(Config)# IP DHCP Pool VoIP
(VoIP Is DHCP Pool Name)
Router(Dhcp-Config)# Network 192.168.1.0 255.255.255.0
(DHCP Network Address 192.168.1.0 and Mask is /24)
Router(Dhcp-Config)# Default-Router 192.168.1.1
(192.168.1.1 Router Default Gateway Address)
Routera(Dhcp-Config)# Option 150 IP 192.168.1.1
(150 Mandatory for VoIP Configuration)

Step2

Configure The Call Manager Express Telephony Service On Router To Enable VoIP
Service.
Router(Config)#Telephony-Service
(Enable Telephony Service on Router)
Router(Config-Telephony)# Max-Dn N (Where N= 1,2,3,.....)
(Maximum Number Of Directory Numbers)
Router(Config-Telephony)# Max-Ephones N (Where N= 1,2,3,....)
(Maximum Number Of Ephones)

Router(Config-Telephony)# IPSource-Address 192.168.1.1 Port2000

(IP of Source Address With Port Number 2000)

Router(Config-Telephony)# Auto Assign 1 To 4 (Automatically Assign Ext

Numbers To Button)
35
Router(Config-Telephony)#Auto Assign 5 To 8 (Automatically Assign Ext
Numbers To Buttons)

Step3
Configure A Voice Vlan On Switch

Switch>Enable
Switch#ConfigureTerminal
Switch(Config) #Interface Range Fa0/1 - 4
Switch(Config-If-Range)# Switchport Mode Access
Switch(Config-If-Range)# Switchport Voice Vlan 1
Step4

Configure The Phone Directory For IP Phone 1

Router(Config)#Ephone-Dn1
(Define The First Directory Entry)
Router(Config-Ephone-Dn)#Number0001
(Assign Phone Number To IP Phone 1
Router(Config)#Ephone-Dn2
(Define The First Directory Entry)
Router(Config-Ephone-Dn)#Number0002
(Assign Phone Number To IP Phone 1)

Router(Config)#Ephone-Dn3
(Define The First Directory Entry)
Router(Config-Ephone-Dn)#Number0003
(Assign Phone Number To IP Phone 1)

Step5
Verify The Configuration

Ensure That The IP Phone Receives An IP Address And A The Phone Number 0001,
0002,0003.

Step 1 -)

36
 Fig.4.4.2

Step 2 -)

Fig.4.4.3

For connection between different networks of e-phone we use following command

R1(config)#dial-peer voice 1 voip

R1(config-dial)#destination-pattern 1…

37
(here we give number of opposite networks IP phone and gateway of that

network) R1(config-dial)#session target ipv4:192.168.20.1 R1(config-dial)#exit

R1(config)#dial-peer voice 2 voip

R1(config-dial)#destination-pattern 2…

R1(config-dial)#session target ipv4:192.168.30.1

R1(config-dial)#exit

Chapter 5
Working and Simulation

5.1 Routing Information Protocol

38
Router#confter
Router(config)#router rip
Router(config-router)#network <net address>
Router(config-router)#network <net address>
Router(config-router)#exit

Fig.5.1.1

Commands to enable RIP version 2

We have to change RIP version 1 to RIP version 2. Rest all communication will
remain
same in RIP version 2.

Router(config)#Router RIP
Router(config-router)#version 2
Router(config-router)#network 10.0.0.0
Router(config-router)# network
192.168.13.0 Router(config-router)#exit

5.2 EIGRP (Enhanced Interior Gateway Routing Protocol)

Commands to configure EIGRP

Router#config
Router(config)#router eigrp<process no>
Router(config-router)#network <net address><wild mask>

39
Router(config-router)#network <net address><wild mask>
Router(config-router)#exit

5.3 OSPF (Open Shortest Path Factor)

Commands to configure OSPF

Router#config
Router(config)#router ospf<process no> Router(config-router)#network
<net address><wild mask> area <area id> Router(config-
router)#network <net address><wild mask> area <area id>
Router(config-router)#exit
Wild Mask – Complement of subnet mask

Example
255.255.255.255
- 255.255.192.0 subnet mask

0.0.63.255 wild mask

Fig.5.3.1

Command to display OSPF parameter

Router# show IP protocol

Router# show IP OSPF
Router# show IP OSPF neighbor
Router# show IP OSPF database
Router# show IP OSPF interfaces

40
5.4 REDISTRIBUTION

Coding at redistribution router

Router eigrp 20
Redistribute rip metric 100 0 150 10 1500
Redistribute ospf 30 metric 10 100 100 10 10
Network 192.168.8.0
Router ospf 30
Log-adjacency-changes
Redistribute rip subnets
Redistribute eigrp 20 subnets
Network 192.168.9.0 0.0.0.255 area 0
Exit
router rip
Redistribute eigrp 20 metric 3
Redistribute ospf 30 metric 2
Network 192.168.7.0

5.5 PASSWORD CONFIGURATIONS ON ROUTER AND PCS

Router Access Modes

When we access router command prompt the router will display different modes.
According to the modes, privileges and rights are assigned to the user.

User mode
In this mode, we can display basic parameter and status of the router we can test
connectivity and perform telnet to other devices. In this mode we are not enable to
manage & configure router.

Privileged mode
In this mode, we can display all information, configuration, perform administration
task, debugging, testing and connectivity with other devices. We are not able to
perform here configuration editing of the router. The command to enter in this mode
is ‘enable’. We have to enter enable password or enable secret password to enter in
this mode. Enable secret has more priority than enable password. If both passwords
are configured then only enable secret will work.
Global configuration
This mode is used for the configuration of global parameters in the router. Global
parameters applied to the entire router. The command enter in this mode is ‘configure
terminal’.

Line configuration mode

This mode is used to configure lines like console, vty and auxiliary. There are main
41
types of line that are configured.
(i) Console
router(config)#line console 0

(ii) Auxiliary
router(config)#line aux 0

(iii) Telnet or vty

router(config)#line vty 0 4

Interface configuration mode

This mode is used to configure router interfaces. For e.g:- Ethernet, Serial, etc.
Router(config)#interface <type> <number>
Router(config)#interface serial 1

Routing configuration mode

This mode is used to configure routing protocol like RIP, EIGRP, and OSPF etc.
Router(config)#router <protocol> [<option>]
Router(config)#router rip
Router(config)#router eigrp 10

Configuring Password
There are five types of password available in a router
(1) Console Password router#configure
terminal router(config)#line console 0
router(config-line)#password <word>
router(config-line)#login router(config-
line)#exit

To erase password do all steps with no command

(2) Vty Password router>enable
router#configure terminal
router(config)#line vty 0 4
router(config-line)#password
<word> router(config-line)#login
router(config-line)#exit

(3) Auxiliary Password

router#configure terminal
42
router(config)#line Aux 0
router(config-line)#password
<word> router(config-line)#login
router(config-line)#exit

(4) Enable Password

router>enable
router#configure terminal
router(config)#enable password <word>
router(config)#exit

(5) Enable Secret Password

Enable Password is the clear text password.
Router>enable
Router#configure terminal
Router(config)#enable secret <word>
Router(config)#exit

(6)SSH (Secure Socket Layer/Shell)

The port no. of SSH is 22 and telnet is at 23. It is same as telnet but information is
encrypted. It is used for username password.

1(config)#enable secret ccna

1(config)#line vty 0 4
1(config-line)#password 123
1(config-line)#login local
1(config-line)#exit
1(config)#username mypc password 456
1(config)#ip domain name mydomain.com
1(config)#crypto key generate rsa

% Do you really want to replace them? [yes/no]: yes

The name for the keys will be: 1.mydomain.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may
take a few minutes.

How many bits in the modulus [512]: 456

% Generating 456 bit RSA keys, keys will be non-exportable...[OK]

1(config)#line vty 0 4
1(config-line)#transport input ssh
1(config-line)#exit

43
AT PC’s Command prompt

Fig.5.5.1 Runtime Communication

5.6 SWITCHING CONCEPTS

Switch works at layer 2 of OSI model which include MAC and layer 3 of OSI model by
assigning IP address and acts as a multilayer layer switch. At layer 2 switch works as plug
and play. We don’t need to enable them. We can create VLAN, inter-VLAN, VTP, port
security. PC’s are connected automatically.

Layer 2 switch create table i.e. (CAM)(Forwarding Table) CAM stands for Content Address
Management. Switch broadcast the hello packet to all ports where pcs are connected and then
in reply PC’s send their identity to switch i.e. their IP and MAC and switch creates table and
maintained it. Table is saved until the switch is plugged. Layer 2 switch works on frame.
Switch first multicast the data then uncast the data. By default all ports are in vlan 1. There is
only one difference between layer 2 and layer 3 switches. L3 has one feature which includes
routing. We can enable routing on

L3 i.e. RIP, STATIC, OSPF, EIGRP, EIGRP. But it is only for LAN to LAN. It doesn’t have
serial ports and not used for WAN to WAN.

Types of switches based on management

(1) Manageable switches

(2) Non-Manageable switches
(3) Semi-Manageable switches

Cisco Hierarchal Model

Cisco hierarchal model recommends three layer design of the network

(i) Core layer
(ii) Distribution layer
(iii) Access layer

44
On each layer there are some rules which we have to follow
(1) Highest performance devices are connected on Core layer
(2) Resources should be placed on Core layer
(3) Polices should not be applied on core layer
(4) On distribution layer, we can implement policies
(5) Distribution and Core devices should be connected with high-speed links.
(6) Access layer devices are basic devices and may be non-manageable.

5.7 VLAN (VIRTUAL LOCAL AREA NETWORK)

To perform logical segmentation, we have to create VLAN in the network. With the
help of VLAN, we can logically divide the broadcast domain of the network. Ports
are assigned to vlan 1 by default that is why switch is plug and play. Ports are directly
connected i.e. they communicate with each other. Different departments can
communicate within their depts. Only due to vlan. We divide switch logically instead
of physically. It provides security and broadcast control and cost is also reduced.
VLAN provides Virtual Segmentation of Broadcast Domain in the network. The
devices, which are member of same Vlan, are able to communicate with each other.
The devices of different Vlan may communicate with each other with routing. So that
different Vlan devices will use different n/w addresses. Vlan provides following
advantages: -
(1) Logical Segmentation of network
(2) Enhance network security

Creating port based Vlan

Commands to create Vlan
Switch#config ter
Switch(config)#vlan <no>
[name <word>]
Switch(config)#exit optional
Or
Switch#vlan database
Switch(vlan)#vlan <no>
[name <word>]
Switch(vlan)#exit

Commands to configure ports for a Vlan

By default, all ports are member of single vlan that is Vlan1. we can change vlan
membership according to our requirement.
Switch#conf ter
Switch(config)#interface <type> <no>
45
Switch(config-if)#switchport access vlan <no>
Switch(config-if)#exit

Commands to configure multiple ports in a

vlan Switch#conf ter
Switch(config)#interface range <type> <slot/port no (space)–(space) port
no> Switch(config-if)#switchport access vlan <no> Switch(config-if)#exit

To display mac address table

Switch#sh mac-address-table
Vlan Mac address type

20 00-08-a16-ab-6a-7b dynamic ports

fa0/7

46
5.8 TRUNKING

When there are multiple switches then we have to use trunk links to connect one switch with
other. If we are not using trunk links then we have to connect one cable from each vlan to the
corresponding vlan of the other switch. Traffic of multiple vlans are carried by trunk port.
Same vlan traffic is passed between switches using single link.

Fig.5.8.1

5.9 INTERVLAN
After creating Vlans, each Vlan has own broadcast domain. If we want communication from
one Vlan to another Vlan then we need to perform routing. There are three methods for inter
vlan communication.
(1) Inter Vlan using multi-interface router
(2) Inter Vlan using router on a stick method
(3) Inter Vlan using layer 3 switch
1751, 2621 routers supports Vlan

(1) Inter Vlan using multi-interface router

In this case, we have to connect one interface of router in each Vlan. This interface will act
as gateway for the corresponding vlan. Each Vlan has to use different n/w addresses. Data
from one Vlan to another Vlan will travel by router.

47
 Fig.5.9.1
ABOVE NETWORK At switch

interface FastEthernet0/1
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 3
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 3
switchport mode access
!
interface FastEthernet0/6
switchport access vlan 3
switchport mode access
!
interface FastEthernet0/7
switchport access vlan 4
switchport mode access
!

interface FastEthernet0/8
switchport access vlan 4
switchport mode access
!
interface FastEthernet0/9
switchport access vlan 4
switchport mode access
!
interface FastEthernet0/10
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 3
switchport mode access

interface FastEthernet0/12
switchport access vlan 4
switchport mode access

48
At router
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0

interface FastEthernet0/1
ip address 192.168.2.1 255.255.255.0

interface FastEthernet1/0
ip address 192.168.3.1 255.255.255.0

interface FastEthernet1/1
no ip address

5.10 Inter Vlan using router on a stick method

In this method a special router is used for Inter Vlan. In this router, we can create one
interface for each Vlan. The physical interface of router will be connected on trunk
port switch. This router will route traffic on the same interface by swapping vlan id
information with the help of frame tagging protocol. Here we need only single cable
for carry multiple vlan traffic.
We virtually divide the interface of router for vlans into subinterfaces.

FIGURE 5.10.1 ROUTER ON STICK METHOD

49
At Switch
Switch#sh vl

VLAN Name Status Ports

- -------------------------------- --------- -------------------------------
1 default active Fa0/8, Fa0/9, Fa0/10,
Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gig0/1, Gig0/2
10 green active Fa0/2, Fa0/3, Fa0/4
20 blue active Fa0/5, Fa0/6, Fa0/7
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

At router
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation dot1Q 10
ip address 10.0.0.1 255.0.0.0
!

interface FastEthernet0/0.2
encapsulation dot1Q 20
ip address 20.0.0.1 255.0.0.0

5.11 PORT SECURITY

By default, all interfaces on a Cisco switch are turned on. That means that an attacker could
connect to your network through a wall socket and potentially threaten your network. If you
know which devices will be connected to which ports, you can use the Cisco security feature
called port security. By using port security, a network administrator can associate specific
MAC addresses with the interface, which can prevent an attacker to connect his device. This
way you can restrict access to an interface so that only the authorized devices can use it. If an
unathorized device is connected, you can decide what action the switch will take, for example
discarding the traffic and shutting down the port.

50
Configuration on switch

Switch#conf ter
Switch(config)#interface <type> <no>
Switch(config-if)#switchport port-security Switch(config-if)#switchport port-
security maximum <no. of mac> Switch(config-if)#switchport port-security
violation <shutdown|restrict|reject> Switch(config-if)#switchport port-security mac-
address sticky Switch(config-if)#switchport port-security mac-address sticky <mac
address> Switch(config-if)#exit

5.12 PASSWORD ON MANAGEABLE SWITCH (CONSOLE PORT)

Switch has console port in front of it. We can also access or configure switch through
console port or through console cable.
Switch>enable

Switch#conf t

Switch(config)#h sw1

Sw1(config)#line console 0

Swi(config-line)#password abc

Sw1(config-line)#login

Sw1(config)#enable password _______

Sw1(Config)#enable secret______

Sw1(config)#line vty 0 4

Sw1(config)#password ccna

Sw1(config)#login

Telnet is not physical available so we use virtual terminal.

5.13 Virtual Trunking Protocol

Commands

Switch#conf ter
Switch(config)#vtp domain <name> Switch(config)#vtp
password <word> Switch(config)#vtp mode <server|
client|transparent> Switch(config)#exit

By default in cisco switches the VTP mode is set as VTP server with no domain and no
password.

51
To display VTP status
Switch#sh vtp status

For VTP all links must be configured with trunks. Information will only be passed if
switches are connected to fast Ethernet or higher interfaces.
Revision number for switches in the transparent mode are always set to zero.

5.14 DHCP CONFIGURATION

DHCP allows a server to dynamically distribute IP addressing and configuration information
to clients
One benefit of running DHCP on a routers is that it doesn't require any extra hardware (like a
Windows server does). In addition, running DHCP on a router can save your organization the
cost of a dedicated DHCP server. It also provides DHCP locally at each site—regardless of
whether the WAN is operational.

It requires IP Address, Subnet Mask, Default Gateway and DNS server.

To configure Cisco IOS DHCP, follow these steps, which include sample commands:

1. Configure an IP address on the router's Ethernet port, and bring up the interface. (On
an existing router, you would have already done this.)

Router(config)# interface ethernet0/0

Router(config-if)#ip address 1.1.1.1 255.0.0.0

Router(config-if)# no shutdown

2. Create a DHCP IP address pool for the IP addresses you want to use.

Router(config)# ip dhcp pool mypool

3. Specify the network and subnet for the addresses you want to use from the pool.

Router(dhcp-config)# network 1.1.1.0 /8

4. Specify the DNS domain name for the clients.

Router(dhcp-config)#domain-name mydomain.com

5. Specify the DNS servers.

Router(dhcp-config)#dns-server 1.1.1.10 1.1.1.11

6. Specify the default router (i.e., default gateway).

Router(dhcp-config)#default-router 1.1.1.1

52
7. Specify the lease duration for the addresses you're using from the pool.

Router(dhcp-config)#lease 7

8. Exit Pool Configuration Mode.

Router(dhcp-config)#exit

5.15 VOIP (VOICE OVER INTERNET PROTOCOL)

How To Configure VoIP On CISCO Routers.

Step1
Configure Interface FastEthernet0/0 and DHCP Server on Router.

Configure The FA 0/0 Interface:-

Router> Enable

Router# Configure Terminal

Router(Config)# Interface FastEthernet0/0

Router(Config-If)# IP Address 192.168.1.1 255.255.255.0

Router(Config-If)# No Shutdown

Configure DHCP on Router, DHCP Used For Dynamically Provide IP Address in The
Network. It Works on Port Number 67 and 68.

Configure DHCP on Router:-

Router(Config)# IP DHCP Pool VoIP
(VoIP Is DHCP Pool Name)

Router(Dhcp-Config)# Network 192.168.1.0 255.255.255.0

(DHCP Network Address 192.168.1.0 and Mask is /24)

Router(Dhcp-Config)# Default-Router 192.168.1.1

(192.168.1.1 Router Default Gateway Address)

Routera(Dhcp-Config)# Option 150 IP 192.168.1.1

(150 Mandatory for VoIP Configuration)

53
 Fig.5.15.1

Step2

Configure The Call Manager Express Telephony Service On Router To Enable VoIP
Service.
Router(Config)#Telephony-Service
(Enable Telephony Service on Router)

Router(Config-Telephony)# Max-Dn N (Where N= 1,2,3,.....)

(Maximum Number Of Directory Numbers)

Router(Config-Telephony)# Max-Ephones N (Where N= 1,2,3,....)

(Maximum Number Of Ephones)

Router(Config-Telephony)# IPSource-Address 192.168.1.1 Port2000

(IP of Source Address With Port Number 2000)

Router(Config-Telephony)# Auto Assign 1 To 4 (Automatically Assign Ext Numbers To

Button)

Router(Config-Telephony)#Auto Assign 5 To 8 (Automatically Assign Ext Numbers To

Buttons)

Fig.5.15.2

Step3

Configure A Voice Vlan On Switch

Switch>Enable

54
Switch#ConfigureTerminal
Switch(Config) #Interface Range Fa0/1 - 4

Switch(Config-If-Range)# Switchport Mode Access

Switch(Config-If-Range)# Switchport Voice Vlan 1

Fig.5.15.3

Step 4
Configure The Phone Directory For IP Phone 1

Router(Config)#Ephone-Dn1
(Define The First Directory Entry)
Router(Config-Ephone-Dn)#Number0001
(Assign Phone Number To IP Phone 1)

Step5

Verify The Configuration

Ensure That The IP Phone Receives An IP Address And A The Phone Number 0001,
0002,0003.

5. 16 GRE(GENERIC ROUTING ENCAPSULATION)

It is basically forms a virtual private network over internet. It provides connectivity between
two more sites over internet. Customer builds his own WAN over internet. It is a cost
effective solution.

55
GRE allows to have virtually point-to-point tunnel. It is used when packets need to be sent
from one network to another over the internet or an insecure network. It provides tunneling
protocol developed by Cisco. Gre tunnel is not encrypted, but they are much easier to
configure. Encapsulation is supported by variety of protocols inside point to point links.

Tunneling provides a mechanism to transport packets of one protocol within another

protocol. The protocol that is carried is called as the passenger protocol, and the protocol that
is used for carrying the passenger protocol is called as the transport protocol. Generic
Routing Encapsulation (GRE) is one of the available tunneling mechanisms which uses IP as
the transport protocol and can be used for carrying many different passenger protocols. The
tunnels behave as virtual point-to-point links that have two endpoints identified by the tunnel
source and tunnel destination addresses at each endpoint.

It creates vpn on router. VPN tunneling involves establishing and maintaining a logical
network connection. It will count on starting and ending addresses and it will not show other
addresses through which data passed. It shows only temporary IP not permanent. Though
VPN we can access any site if it is block/banned in India. So it will help to change the ip to
other countries ip.

COMMANDS AT ROUTER
interface Tunnel1
ip address 50.0.0.1 255.0.0.0
mtu 1476
tunnel source Serial0/2/0
tunnel destination 13.0.0.2
interface Serial0/2/0
ip address 10.0.0.1 255.0.0.0
!
interface Serial0/2/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router rip
network 10.0.0.0
Router# traceroute 50.0.0.2
Type escape sequence to abort.
Tracing the route to 50.0.0.2

1 50.0.0.2 12 msec 10 msec 16 msec

Router#

Always check through traceroute because all networks are not going to shown.

56
COMMANDS AT ANOTHRT ROUETR
interface Tunnel2
ip address 50.0.0.2 255.0.0.0
mtu 1476
tunnel source Serial0/0/0
tunnel destination 10.0.0.1
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 13.0.0.2 255.0.0.0
clock rate 64000

router rip
network 13.0.0.0

5.17 ACCESS CONTROL LIST

ACL are the basic security feature that is required in any network to control the flow
of traffic. Most of time our network may have servers and clients for which traffic
control is required. We can also use ACL to classify the traffic. ACLs are used in
features like QOS (Quality of Service), Prioritize traffic and interesting traffic for
ISDN. ACL is a set of rules which will allow or deny the specific traffic moving
through the router. It controls the flow of traffic from one network to other via router.

Classification Access Control List: -

Types of ACL based on Protocol: -

(1) IP Access Control List
(2) IPX Access Control List
(3) Appletalk Access Control List

Types of ACL based on Feature: -

(1) Standard ACL
(2) Extended ACL

Types of ACL based on Access mode: -

(1) Numbered ACL – set of rules indentified by a number
(2) Named ACL – set of rules indentified by a name
57
Types of ACL based on Order of rules: -
(1) Deny, permit
(2) Permit, deny

Types of ACL based on direction of implementation: -

(1) Inbound ACL – traffic coming towards the router interface
(2) Outbound ACL – traffic leaving the router interface
IP STANDARD ACL (Numbered)

Standard ACL can be named or numbered. The access-list number range is 1-99 (or
1300-1699). It can block a Network, Host and subnet. All services are blocked. It
filters traffic behalf of IP, subnets and networks. It is near of destination router.
Filtering is done based on only source IP address.

The syntax to create IP standard ACL are: -

Router#conf ter
Router(config)#access-list <no> <permit|deny>
<source> Router(config)#exit
<source> Single pc host 192.168.10.5
192.168.10.5
192.168.10.5 0.0.0.0
N/w 200.100.100.0 0.0.0.255
Subnet 200.100.100.32 0.0.0.15
All any

Example: - 172.16.0.16 – 18 should not access Internet; rest of all other pc should
Access Internet.

Fig..5.17.1

Router#conf ter
Router(config)#access-list 30 deny 172.16.0.16
Router(config)#access-list 30 deny 172.16.0.17
Router(config)#access-list 30 deny 172.16.0.18
Router(config)#access-list 30 permit any
Router(config)#exit
58
Applying ACL on interface

Router#conf ter
Router(config)#interface <type> <no>
Router(config-if)#ip access-group <ACL no.> <in|out>
Router(config-if)#exit

Rule for applying ACL

Only one ACL can be applied on each interface, in each direction for each protocol.

Example: - Suppose we want to allow Internet only for 192.168.10.32 – 70.

Fig.5.17.2

Router(config)#access-list 25 permit 192.168.10.32 0.0.0.31

Router(config)#access-list 25 permit 192.168.10.64 0.0.0.3
Router(config)#access-list 25 permit 192.168.10.68
Router(config)#access-list 25 permit 192.168.10.69
Router(config)#access-list 25 permit 192.168.10.70
Router(config)#interface serial 0
Router(config-if)#ip access-group 25 out

59
IP Standard ACL (Named)

In Numbered ACL editing feature is not available that is we are not able to delete
single
rule from the ACL. In Named ACL editing feature is available.

Router#config ter
Router(config)#ip access-list standard <name>
Router(config-std-nacl)#<deny|permit> <source>
Router(config-std-nacl)#exit
Router#conf ter
Router(config)#ip access-list standard abc
Router(config-std-nacl)#deny 172.16.0.16
Router(config-std-nacl)#deny 172.16.0.17
Router(config-std-nacl)#deny 172.16.0.18
Router(config-std-nacl)#permit any
Router(config-std-nacl)#exit

To modify the ACL

Router#conf ter
Router(config)#ip access-list standard abc
Router(config-std-nacl)#no deny 172.16.0.17
Router(config-std-nacl)#exit

To control Telnet access using ACL

If we want to control telnet with the help of ACL then we can create a standard ACL
and apply this ACL on vty port. The ACL that we will create for vty will be permit –
deny order.

Example: - suppose we want to allow telnet to our router from 192.168.10.5

& 192.168.10.30 pc.

Router#conf ter
Router(config)#access-list 50 permit 192.168.10.5
Router(config)#access-list 50 permit 192.168.10.30
Router(config)#line vty 0 4
Router(config-line)#access-class 50 in
Router(config)#exit

IP EXTENDED ACL (Numbered)

Extended ACL are advanced ACL. ACL, which can control traffic flow on the basis
of
five different parameters that are: -
(i) Source address
(ii) Destination address
60
(iii) Source port
(iv) Destination port
(v) Protocol (layer 3/layer 4)
It can be named or numbered. The access-list number range is 100-199 ( or 2000-
2699). We can allow or deny a network, host, subnet and service. Selected services
can be blocked. Filtering can be done based on source IP, destination IP, protocol,
port no.. Packet can be filter on behalf of ip, subnet, network, protocol, port (Protocol
Service). It is placed near of source router. By default deny statement is enabled.

The syntax to create Extended ACL

Router#conf ter
Router(config)#access-list <no> <deny|permit> <protocol> <source> [<s.port>]
<destination> [<d.port>]
router(config)#exit
<no> -> 100 to 199
<protocol> -> layer ¾

IP
TCP
UDP
ICMP
IGRP
<Source port> no (1 to 65535) or
<Destination port> telnet/www/ftp etc.
<Source> Single pc
<Destination> 192.168.10.4 0.0.0.0
host 192.168.10.4
N/w
200.100.100.0 0.0.0.255
Subnet
172.30.0.32 0.0.0.7
All
Any

Example rules of Extended ACL

Router(config)#access-list 140 deny ip 192.168.10.3 0.0.0.0 any

(All tcp/ip data is denied from source 192.168.10.3 to any destination)

Router(config)#access-list 120 permit ip any any

(All tcp/ip data permit from any source to any destination)

Router(config)#access-list 145 deny tcp any host 200.100.100.5

(All tcp data is denied from any source to host 200.100.100.5)
61
Router(config)#access-list 130 permit tcp any host 200.100.100.10 eq 80
(All tcp based data from any source is allowed to access destination 200.100.100.10
on

port no. 80 that is www(http) ) – web access

Router(config)#access-list 130 permit udp any host 200.100.100.10 eq
53 (Any pc is able to access our DNS service running on port no. 53)

Router(config)#access-list 150 deny tcp any any eq 23 [or

telnet] (Telnet traffic is not allowed)

Router(config)#access-list 160 deny icmp any any

(All icmp data from any source to any destination is denied)
To display ACL

Router#show access-lists or
Router#show access-list <no>

To display ACL applied on interface

Router#show ip interface
Router#show ip interface <type> <no>
Router#show ip interface Ethernet 0

Example: - Extended ACL

Suppose we want to control inbound traffic for our network. ACL should be
designed according the following policy.
(1) Access to web server (200.100.100.3) is allowed from any source.
(2) FTP server (200.100.100.4) should be accessible only from branch office n/w
(200.100.175.0/24).
(3) ICMP & Telnet should be allowed only from remote pc 200.100.175.80

62
 Fig.5.17.3

Router(config)#access-list 130 permit tcp any host 200.100.100.3 eq 80

Router(config)#access-list 130 permit tcp 200.100.175.0 0.0.0.255 200.100.100.4
0.0.0.0 Eq 21
Router(config)#access-list 130 permit icmp 200.100.175.80 0.0.0.0 any
Router(config)#access-list 130 permit tcp 200.100.175.80 0.0.0.0 any eq 23
Router(config)#access-list 130 permit udp any host 200.100.100.8 eq 53

Fig.5.17.3

63
Chapter 6
Conclusion and Future Scope

6.1 Future Scope

The future of networking will stay forever. Without networking we cannot communicate to
each other. The network in this campus is very secure because of the protocols we used. If
there is a chance to access network by any hacker or unauthorized user, it will show the fake
ip address to them because of the advanced virtual private network. Also there is wireless
networking which is of quite low cost and the user can access internet from anywhere in the
campus.

6.2 Advantages:
RELIABILITY

Network reliability is measured by frequency of failure, the time it takes a link to

recover from a failure, and the network’s robustness in a catastrophe.

 Frequency of failure – All networks fail occasionally. A network that fails

often , however, is of little value to a user.
 Recovery time of a network after a failure – A network that recovers
quickly iss more useful than one that does not.
 Catastrophe – Networks must be protected from catastrophic events such as
fire, earthquake, or theft. Protection is required against these events.

SECURITY

Network security issues include protecting data from unauthorized access and viruses.

 Unauthorized access – For a network to be useful, sensitive data must be

protected from unauthorized access. Protection can be accomplished at a number of
levels. At the lowest level are user identification codes and passwords. At a higher
level are encryption techniques. In these mechanisms, data are systematically altered
in such a way that if they are intercepted by an unauthorized user, they will be
unintelligible.

 Viruses – Network can be accessed from many points, it can be susceptible to

computer viruses. A virus is an illicitly introduced code that damages the system. A
good network is protected from viruses by hardware and software designed
specifically for that purpose.

64
6.3 APPLICATIONS OF NETWORKS

 Marketing and sales – Used extensively in both marketing and sales

organizations such as teleshopping and on-line reservation services for hotels, airlines
and so on.

 Financial services – Financial Services are totally dependent on computer

networks such as credit history searches, foreign exchange and investment services,
and electronic funds transfer (EFT), which allows a user to transfer money without
going to bank

 Manufacturing – Computer networks are used today in many aspects of

manufacturing, including manufacturing process itself.

 Electronic Messaging – Probably the most widely used network application is

electronic mail.

 Directory services – It allows list of files to be stored in a central location to

speed worldwide search operations.

 Teleconferencing – It allows conferences to occur without the participants being

in the same place such as text conferencing, voice conferencing, and video
conferencing

 Cable Television – Future services provided by cable television networks may

include voice on request, and many more.

65
 References

 https://www.google.com/search?
q=campus+network+design+project&se_es_tkn=etcr1ytz
 https://www.google.com/search?q=network+devices+images&se_es_tkn=vtyxjjhm

66