Ccna Workbook R&s

Network Bulls
Data Encapsulation and Decapsulation
Data Encapsulation
Sending and receiving of data from a source device to the destination device is possible with the help of networking protocols
by using data encapsulation. When a host transmits data to another device across a network, the data is encapsulated with
protocol information at each layer of the OSI reference model. Each layer communicates with its neighbor layer on the
destination. Each layer uses Protocol Data Units (PDUs) to communicate and exchange information.
Protocol Data Unit (PDU)

The Protocol Data Units contain the control information attached to the data at each layer. The information is attached to the
header of the data field but can also be in end of the data field or trailer. PDUs are encapsulated by attaching them to the data
at each layer of the OSI reference model. Each Protocol Data Unit has a name depending on the information each header has.
This PDU information is only read by the neighbor layer on the destination and then is stripped off and the data is handed to
the next layer.
OSI Layer Model and PDUs

The seven layered Open System Interconnection (OSI) model is basically defined for reducing the complexity of the
internetworking. The OSI Model is then divided into two segments for more ease, Upper layers and Data Flow layers. The 7th,
6th and 5th layer of the OSI reference model are application layers also known as upper layers. The upper layers are directly
related with user interface while the 4rth, 3rd, 2nd and 1st layer of the OSI model are also called data flow layers because they
are related with the flow of the data. Each data flow layer has a Protocol Data Unit.
Copyrights Network Bulls 2013-2018

Website NB: www.networkbulls.com || Website NBT: www.networkbulls.org
Placement portal: www.networkbulls.in || Study portal: www.networkbulls.net
Network Bulls
The Protocol Data Unit of each data flow layers is defined as follows:
Transport Layer: Segment is the PDU of the Transport layer.

Network Layer: Packet is the PDU of the Transport layer.
Data Link Layer: Frame is the PDU of the Transport layer.
Physical Layer: Bit is the PDU of the Transport layer.
Encapsulation and De-Encapsulation Process

The encapsulation and de-encapsulation of header control information on each layer of the OSI reference model is as follows:
TCP Header Encapsulation

The application-layers user data is converted for transmission on the network. The data stream is then handed down to the
Transport layer, which sets up a virtual circuit to the destination. The data stream is then broken up, and a Transport layer
header is created and called a segment. The header control information is attached to the Transport layer header of the data
field. Each segment is sequenced so the data stream can be put back together on the destination exactly as transmitted.
IP Header Encapsulation
Each segment is then handed to the Network layer for logical addressing and routing through a routed protocol, for example IP,
IPX, Apple Talk and DECNET etc. The Network-layer protocol adds a header to the segment handed down to the Data Link layer.
Remember that the 3rd and 4rth layers work together to rebuild a data stream on a destination host. However, they have no
responsibility for placing their Protocol Data Units on a local network segment, which is the only way to get the information to
host or router.
MAC Header Encapsulation

The Data Link layer receives the packets from the Network layer and placing them on the network medium such as cable or

Network Bulls
wireless media. The Data Link layer encapsulates each packet in a frame, and the MAC header carries the source Mac address
and destination Mac address. If the device is on a different network, then the frame is sent to a router to be routed through an
internetwork.
Physical Layer Encapsulation

Once the frame gets to the destination network, a new frame is used to get the packet to the destination host. To put this
frame on the network, it must first be put into a digital signal. Since a frame is really a logical group of 1s and 0s, the Physical
layer of the OSI model is responsible for encapsulating these digits into a digital signal, which is read by devices on the same
local network.
Data encapsulation flow

At a transmitting device, the data encapsulation method works as follows:
User information is converted into data for transmission on the network. Data is converted into segments and a reliable or
unreliable connection is set up between the source and destination devices using connection oriented and connectionless
protocols. Segments are converted into packets using a logical address such as IP datagram using an IP address. Packets are
converted into frames for transmission on the local network. Media Access Control (MAC) addresses or Ethernet addresses are
commonly used to uniquely identify hosts on a local network segment. Frames are converted into bytes and bits, and a digital
encoding and clocking or signaling method is used.

Network Bulls
De-Encapsulation
On destination side, the receiving devices will synchronize on the digital signal and extract the 1s and 0s from the digital signal.
At this point the devices build the frames, run a Cyclic Redundancy Check (CRC), and then check their output against the output
in the Frame Check Sequence (FCS) field of the data frame. If the information matches then the packet is pulled from the frame,
and the frame is discarded. This process is known as de-encapsulation. The packet then transfers to the Network layer, where
the IP address is checked. If the IP address matches then the segment is pulled from the packet, and the packet is discarded.
The data is processed at the Transport layer that rebuilds the data stream and acknowledges to the transmitting station that it
received each piece of segment. It then happily transfers the data stream to the upper layer application.
Collision Domain:
Collision domain is a set of LAN devices whose frames could collide with one another. This happens with hubs, bridges,
repeaters and wireless access points as only one device can send and receive at a time. If more than one device tries sending or
receiving, the information is lost and irrecoverable and it will need to be resent. This can slow down network performance
along with making it a security threat.
A hub is considered a layer one device of the OSI model; all it does is send packets out on all ports including the port in which
the packet was received on. This causes a collision because only one device can transmit at time. This also shares the bandwidth
of all devices connected to that collision domain
All the devices are connected to a hub in this diagram. When two pcs send data at the same time, there can be a collision so the
number of collision domain of hub is one.

Network Bulls
Question.
Find the number of collision domain of the network.
Answer. Number of Collision domain is 4
Description:
Here our network has a Switch and a Hub. A switch uses layer two of the OSI model, so the switch uses MAC addresses to send
the packet to the correct device. Rather than sending it to all ports, a switch only sends the packet out one port, if it has the
MAC address in its MAC address table. If not the switch will send the packet on all ports except for the port in which the packet
was received on. Switches provide separate collision domains on each port. This provides dedicated bandwidth to that device.
This also allows simultaneous conversations between devices on different ports. Each port can be operated at full-duplex so the
device can send and receive information at the same time. Switch has collision domain per-port.
The 3 directly connected pc to the switch will have their own collision domain and the port with which the pc is connected to
the hub is shared with hub, as hub will entertain the switch as an end device and put the switch with the other two pc in the
same collision so the total number of collision domains is 4. 3 pc’s and 1 shared with hub.
Broadcast domain
The definition of a broadcast domain is a set of devices that if one device sends a broadcast frame, all other devices will receive
that frame in the same broadcast domain. So if devices are in the same IP network, they will be able to receive a broadcast
message. Having a smaller broadcast domain can improve network performance and improve against security attacks. The
more PCs and network devices connected to a single broadcast domain, the more broadcast messages you will have.
Remember a broadcast message goes to every PC and network device.

Network Bulls
Switch by default has single broadcast domain and per-port collision domain.
Router has per-port collision and broadcast domain.
Hub has single broadcast and collision domain.
Question: Find the number of collision domains and broadcast domains.
The number of collision domain is 11
And the broadcast domain is 3

Network Bulls
Question: Find the collision and broadcast domain.

1.
2.

Network Bulls
SUBNETTING
Subnetting is the process of making small networks (subnets) from a large network.
Basic Procedure to make Subnets
Suppose you have a network 192.168.10.0/24, it means you have a network of 256 addresses (0-255) or you can say you have a
network of block size 256. You normally use it as a class C Address. What will happen if you ON one more bit. Let’s try this out-
Network - 192.168.10.0/25
Now you have 25 ON bits, so subnet mask will be 255.255.255.128
Network Address- 192.168.10.0
Subnet Mask- 255.255.255.128
Now you have to find out what will be block size of your network
192.168.10.0/25.
Block size = 256 – (a value from subnet mask).
Always choose a nonzero value from subnet mask and start reading the subnet mask from right to left. In the above case, your
value is 128.
If you have a subnet mask 255.255.192.0, then your value will be 192.
(Don’t consider the zero.) Now put the value in above formula.
So the block size of your network 192.168.10.0/25 is
Block size=256 – 128= 128
x
No. of Subnets= 2 , here x is equal to the number of extra ON bits (except default ones).
In our case, you have one extra ON bit, don’t consider the default 24 bits of class C.
x 1
No. of subnets = 2 = 2 = 2
y
No of hosts per subnet = 2 -2, here y is number the OFF bits. In our case we have (32-25) 7 OFF bits.
7
So number of subnets = 2 -2=128-2=126.
Block size 128

No. of subnets 2
No. of hosts per subnet 126
Now find the Network addresses of your subnets-

Network Bulls
nd
Start from the IP address 192.168.10.0 which is a Network address for your first subnet. To get the Network address of your 2
st th
subnet, add the block size in fourth octet of your 1 network address. Remember, you are adding the block size in 4 octet,
th rd
because you use the value of 4 octet to find the block size. If you are using the value of 3 octet to get the block size, you
rd
have to add the block size in the 3 octet of your Network address.
Network address Broadcast address

First subnet 192.168.10.0 ?
Second subnet 192.168.10.128 ?
st
Broadcast address of 1 subnet will be the ip address before 192.168.10.128 and that is 192.168.10.127 or you can count from
0 to 127 and that will give you a block size of 128.
nd
Broadcast address of 2 subnet will be 192.168.10.255

First subnet 192.168.10.0 192.168.10.127
Second subnet 192.168.10.128 192.168.10.255
Host addresses will be the addresses between Network address and Broadcast address. Host addresses are those addresses
that you can assign to your devices.
Range of Host addresses

First subnet 192.168.10.1 - 192.168.10.126
Second subnet 192.168.10.129 - 192.168.10.254
st
From above table, you can see that the 1 host address and last host address of your first subnet and second subnet.
Class C subnetting examples
Example: 1
Network address = 192.168.10.0
CIDR = 26
26 bits are ON, so subnet mask =255.255.255.192
Block size =256-192 =64
2
No. of subnets= 2 = 4
6
No. of hosts per subnet= 2 -2 =64-2 =62

1st subnet 192.168.10.0 192.168.10.63
nd
2 subnet 192.168.10.64 192.168.10.127
rd
3 subnet 192.168.10.128 192.168.10.191
th
4 subnet 192.168.10.192 192.168.10.255

Network Bulls
1st subnet 192.168.10.1 - 192.168.10.62
2nd subnet 192.168.10.65 - 192.168.10.126
rd
3 subnet 192.168.10.129-192.168.10.190
th
4 subnet 192.168.10.193-192.168.10.254
Class B subnetting examples
Example: 1
CIDR = 17
Block size =256-128 =128
1
15
No. of hosts per subnet= 2 -2

1st subnet 172.16.0.0 172.16.127.255
nd
2 subnet 172.16.128.0 172.16.255.255

1st subnet 172.16.0.1 -172.16.127.254
2nd subnet 172.16.128.1 -172.16.255.254
Example: 2
CIDR = 24
Block size =256-255 =1
8
8
No. of hosts per subnet= 2 -2 =256-2 =254

1st subnet 172.16.0.0 172.16.0.255
nd
2 subnet 172.16.1.0 172.16.1.255
------ ----- -------
th
256 subnet 172.16.255.0 172.16.255.255

Network Bulls
1st subnet 172.16.0.1 -172.16.0.254
2nd subnet 172.16.1.1 -172.16.1.254
-------- --------
th
256 subnet 172.16.255.1 -172.16.255.254
Example: 3
CIDR = 25
Block size =256-128 =128
9
7
No. of hosts per subnet= 2 -2 =126

1st subnet 172.16.0.0 172.16.0.127
nd
2 subnet 172.16.0.128 172.16.0.255
rd
3 subnet 172.16.1.0 172.16.1.127
th
4 subnet 172.16.1.128 172.16.1.255
------ ----- -------
Last subnet 172.16.255.128 172.16.255.255

1st subnet 172.16.0.1 -172.16.0.126
2nd subnet 172.16.0.129 -172.16.0.254
rd
3 subnet 172.16.1.1 -172.16.1.126
th
4 subnet 172.16.1.129 -172.16.1.254
-------- --------
last subnet 172.16.255.129-172.16.255.254
Class A subnetting examples
Example: 1
CIDR = 9
Block size =256-128 =128
1
23
No. of hosts per subnet= 2 -2

Network Bulls
1st subnet 10.0.0.0 10.127.255.255
nd
2 subnet 10.128.0.0 10.255.255.255

1st subnet 10.0.0.1 – 10.127.255.254
2nd subnet 10.128.0.1 – 10.255.255.254
Example: 2
CIDR = 16
Block size =256-255 =1
8
No. of subnets= 2 =256
16
No. of hosts per subnet= 2 -2 =65534

1st subnet 10.0.0.0 10.0.255.255
nd
2 subnet 10.1.0.0 10.1.255.255
------ ----- -------
Last subnet 10.255.0.0 10.255.255.255

1st subnet 10.0.0.1 -10.0.255.254
2nd subnet 10.1.0.1 – 10.1.255.254
-------- --------
Last subnet 10.255.0.1 -10.255.255.254
Variable Length Subnet Mask (VLSM)

In subnetting, you divided one large network into small networks (subnets) with subnet mask of same length. But using VLSM,
you can divide one large network into subnets with subnet mask of different lengths and you can choose the length of mask
according to the number of hosts required on your network.
Before starting the VLSM, first understand the below table. This table says that if you want to get a block size of 128, then you
have to ON one extra bit, and to get a block size of 64, you have to ON two extra bits and so on.
Block size Extra ON bits

128 1
64 2
32 3
16 4
8 5
4 6

Network Bulls
Basic procedure for VLSM
Consider the above diagram; here you need a network having capability of at least 60 host addresses between R1 and SW1 and
also need a different network having at least 30 host addresses between R2 and SW2. Similar for networks b/w R3 and SW3, R1
and R2, R2 and R3.
Now suppose ISP gave you a network 192.168.10.0/24 and you have to use IP addresses of this network for your topology. You
cannot use the subnetting, because subnetting will divide the network into subnets with subnet mask of same length so you will
get blocks of same size. But in the above topology, you want a network with block size 64 b/w R1 and SW1 and network of
block size 32 b/w R2 and SW2 and so on. So there is only option is left, that is VLSM.
192.168.10.0 B/w R1 and SW1, you need 60 host addresses. To get 60 host
192.168.10.1 addresses, you need at least block size of 64 and to get a block
192.168.10.2 size of 64, you have to ON 2 extra bits. So total bits will be 26
192.168.10.3 (24bits of first three octets +2 extra bits to get a block size of 64).
192.168.10.4 So network
- b/w R1 and SW1 will be 192.168.10.0/26
-
192.168.10.63
192.168.10.64 B/w R2 and SW2, you need 30 host addresses, so block of size 32
192.168.10.65 will be enough. To get a block size of 32, you have to ON 3 extra
192.168.10.66 bits.
- So total ON bits will be 27(24+3).
- Network will be 192.168.10.64/27
192.168.10.95
192.168.10.96 B/w R3 and SW3, you need 12 host addresses, so block size =16
192.168.10.97 will be enough. So to get a block size of 16, you have to ON 4
192.168.10.98 extra bits. So total ON bits =28.
- Network will be 192.168.10.96/28
-
192.168.10.111
192.168.10.112 B/w R1 and R2, you need 2 host addresses, so block size =4 is
192.168.10.113 enough. So to get a block size of 4, you have to ON 6 extra bits. so
192.168.10.114 total ON bits =30. Network will be
192.168.10.115 192.168.10.112/30
192.168.10.116 B/w R2 and R3

192.168.10.117 Network will be
192.168.10.118 192.168.10.116/30
192.168.10.119

Network Bulls
Summarization/Supernetting
Summarization is reverse process of subnetting. In subnetting, you divided one large network into subnets but in
summarization, you will combine small subnets to make large network
Purpose of using summarization:
 Reduce the size of routing table. So that router can analyze the routing table faster.
 It will be easy for router to send a summary route rather than individual subnets.
Basic procedure for Summarization
Suppose you have four subnets like –
192.168.10.0/30
192.168.10.4/30
192.168.10.8/30
192.168.10.12/30
And you want to make a summarization of above subnets. First you have to understand the subnets. These subnets are
representing the IP addresses from 192.168.10.0 to 192.168.10.15. Now you have total 16 IP addresses, so block size of 16 is
enough and to get a block size of 16, you have to ON 4 extra bits. So you will get a subnet mask of length 28(24+4). And your
network address will be 192.168.10.0
So summarization of above subnets will be 192.168.10.0/28
Example: 1
Summarize the below subnets-
10.0.0.0/24
10.0.1.0/24
10.0.2.0/24
10.0.3.0/24
rd
Solution: 3 octet is changing (0-3), so block size of 4 is enough. To get a block size of 4 , you have to ON 6 extra bits. So total
st nd
ON bits are 22(16 bits of 1 and 2 octet+6). Network address will be 10.0.0.0
Summary route = 10.0.0.0/22
Example: 2
Summarize the below subnets-
10.0.1.0/24
10.0.2.0/24

Network Bulls
10.0.3.0/24
10.0.4.0/24
rd
Solution: 3 octet is changing (1-4), in this case, block size of 4 is not enough. In block size of 4, you have numbers from 0 to 3.
So here you will choose a bigger block size than 4, and that will be 8. To get a block size of 8, you have to ON 5 extra bits. So
st nd
total ON bits are 21(16 bits of 1 and 2 octet+5). Network address will be 10.0.0.0 because when you use subnet mask length
21, then it will give you subnets like 10.0.0.0/21, 10.0.8.0/21, 10.0.16.0/21
Summary route = 10.0.0.0/21
Questions
1. Summarize the below subnets-
10.0.0.0/24
10.0.1.0/24
10.0.2.0/24
10.0.3.0/24
2. Summarize the below subnets-
10.0.1.0/24
10.0.2.0/24
10.0.3.0/24
10.0.4.0/24
3. Do the subnetting of 192.168.10.0 using CIDR value 29
4. Do the subnetting of 172.168.0.0 using CIDR value 19.
9. You are working in a data center environment and are assigned the addressing plan to allow the maximum number of
subnets with as many as 30 hosts each. Which IP address range meets these requirements?
A. 10.188.31.0/27
B. 10.188.31.0/26
C. 10.188.31.0/29
D. 10.188.31.0/28
E. 10.188.31.0/25
10. In the implementation of VLSM techniques on a network using a single Class C IP address, which subnet mask is the most
efficient for point-to-point serial links?

Network Bulls
A. 255.255.255.240
B. 255.255.255.254
C. 255.255.255.252
D. 255.255.255.0
E. 255.255.255.248
11. You have an interface on a router with the IP address of 192.168.192.10/29. Including the router interface, how many hosts
can have IP addresses on the LAN attached to the router interface?
A. 6
B. 8
C. 30
D. 62
E. 126
12. Which configuration command must be in effect to allow the use of 8 subnets if the Class C subnet mask is
255.255.255.224?
A. Router(config)#ip classless
B. Router(config)#ip version 6
C. Router(config)#no ip classful
D. Router(config)#ip unnumbered
E. Router(config)#ip subnet-zero
F. Router(config)#ip all-nets
13. You have a network with a subnet of 172.16.17.0/22. Which is the valid host address?
A. 172.16.17.1-255.255.255.252
B. 172.16.0.1-255.255.240.0
C. 172.16.18.255-255.255.252.0
14. Your organization told you to use the network 192.168.10.0/24 for below diagram but there is condition that you have to
use the subnets with specific hosts according to the diagram. And do not waste the IP addresses.
15. Do the summarization of below subnets-
192.168.10.24/30
192.168.10.28/30
192.168.10.32/30
192.168.10.36/30

Network Bulls
Router Basics
Router Components
Think of a router as just like another computer just it is dedicated to its job in networks. So the components of the router are:
Power supply Supplies the power to the router just like we have a power supply in a Computer Cabinet.
Flash Contains IOS the operating system of the router. It is an EEPROM-Electrically Erasable
Programmable Read Only Memory i.e. non-volatile.
Boot ROM It is the ROM of the router just like a motherboard in PC. It contains bootstrap program
which locates and loads the IOS from flash into RAM
RAM It is volatile. Stores the running copy of IOS, running-config
CPU The processor of the router responsible for processing functions of router.

Network Bulls
Console port of a switch is generally at the back side of the switch
How to access the router or switch?

There are two main ways of accessing a router or switch.
1. Console
You should have the physical access of router for this. This is used more commonly for putting initial configuration on
to the router or switch so that we can access it remotely.
Common use-
– Configuring a device that has never been configured.
– Configuring a device directly, because you are physically located where the device is.
– Troubleshooting a device that you can no longer access remotely.
– Performing password recovery
We connect this DB9 connector side to PC’s COM port and the RJ45 side of this cable is put into the console port of
the router.

Network Bulls
Terminal emulation software is used to access the router on PC. When connected using console port PC is acting as a
Dumb Terminal, everything you do is being done in real time on the router. There are various terminal emulation
softwares like- HyperTerminal, TeraTerm, Secure CRT, Putty, etc. You can use any software of your choice as terminal
emulator.
As many people nowadays use Laptops and even new computer do not have COM ports, there are DB9 to USB converters
as shown below that can be used if you want to connect console to a computer that doesn’t have DB9 COM port
2. Virtual terminal
There are two options commonly used for virtual terminal-
a) Telnet- This method of configuring is less commonly used in Enterprise networks because the commands you
give to router are sent without encryption i.e. in clear text. So if someone manages to capture the packets, he
will be able to know what you are configuring on the router.
b) SSH- This method is used widely in Enterprise networks. Before sending the commands it encrypts them so even
if packet is captured, the text in them is not understandable.

Network Bulls
IOS Basics
1. Getting familiar with the modes
Router>
Switch>
This mode you see here is called User mode. It will allow you to view the state of the router, but will not allow you to modify its
configuration.
Router> enable
Router#
If you give the enable command as shown up here in user mode notice the prompt changes and you move to the privilege
mode. This mode allows administrator to modify some of the configuration of the router or switch.
Router# disable
Router>
If you give the disable command as shown up here in privilege mode, notice the prompt changes and you move back to the
user mode.
Router#configure terminal
Router(config)#
If you give the above shown command in privilege mode you move into global configuration mode. This mode is used
commonly for configuring most of the configurations on router or to go further into other configuration modes like interface
configuration mode.
Router(config)#exit
Router#
If you want to move back to privilege mode use the command as shown.
NOTE: - There are other modes in a router which we will see as we configure routers and switches. Make sure before typing in a
particular command that you are in the appropriate mode otherwise the command will not be executed correctly .

Network Bulls
2. Basic config of Router and shortcuts in CLI

If the router do not have a saved configuration,
After several lines of information on the screen you should eventually see:
Would you like to enter the initial configuration dialog? [yes/no]: n

• Always answer “n” for no.
• We will never be using setup mode.
• If you accidentally press “y” and enter Setup Mode, press and hold down the control key and press C (CTRL-C).
• Wait a few seconds, and then press Enter.
On some routers you may see the following message.
Would you like to terminate autoinstall? [yes/no]: y
<There will be several lines of output>
Router>
Shortcuts and help in CLI
Entering a short command is sufficient in router CLI as long as there is no confusion over the command you are asking for.
For example
Router>en
Router#
As shown above, en is as good as enable because there is no other command in the user mode beginning with en.
You can use Tab key on the keyboard to complete your command in CLI. For example, if tab key is pressed after conf, the
command is completed with the command configure. If tab is pressed after configure t command, it would be completed as
configure terminal.
Router#conf
Router#configure t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#
Network Bulls
You can use? for help. Like shown below it shows all the command that can be typed in this mode. Here the output has been
omitted to save space.
Router#?
Exec commands:
<1-99> Session number to resume
auto Exec level Automation
clear Reset functions
clock Manage the system clock
If done like below it shows all commands that begin with s.
Router#s?
setup show ssh
3. Configure a hostname on the router
Router>enable
Router(config)#hostname R1
R1(config)#
4. Banner config
%SYS-5-CONFIG_I: Configured from console by console
R1(config)#banner motd @
Enter TEXT message. End with the character '@'.
NOTICE
THIS IS A PRIVATE NETWORK. DON'T PROCEED FURTHER IF YOU ARE NOT AUTHORISED TO.
@
R1(config)#
Network Bulls
5. Saving the configuration on a router
R1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
R1#
6. Enable password config

R1(config)#enable password cisco
R1(config)#end
R1#disable
R1>en
Password:
R1#
7. Enable secret config

R1(config)#enable secret cisco123
Verification shown below

R1#show running-config
Current configuration : 627 bytes
hostname R1
enable password cisco
enable secret 5 $1$mERr$5.a6P4JqbNiMX01usIfka/

Network Bulls
8. Configure Console password

Console password will be asked whenever someone is trying to access the router through
console port.
R1(config)#line console 0
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#
The first command here moves you into line configuration mode for console port. Then we set cisco as the password. The login
command here enables password checking or you can say that it tells the router to ask for password when someone is trying to
access through console port.
Now again this password is also shown as clear text if someone checks the running-config. So to encrypt all of our clear text
passwords we can use the below mentioned command to encrypt all of our passwords that are shown in clear text like console
password, enable password. To verify this you can use show run after this command.
R1(config)#service password-encryption
9. Configure IP on a router
You can configure IP on some interface of a router. Here first we move in to the interface configuration mode for the interface
fastethernet 0/0 using the first command. There we specify the IP address we want to assign to interface followed by the
subnet mask we intend to use.
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 10.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
Now by default the interface is administratively down or in other words the interface has a command shutdown under
interface configuration. To remove any command from a router we can add no in front of that command. So we turn on the
interface by no shutdown. Router can be seen displaying a log message that it was successful in bringing the interface up.

Network Bulls
10. Configure Router for Telnet

R1(config)#line vty 0 4
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#
First we move into the line configuration mode for virtual terminal line. Here ‘0 4’ means we are configuring the router for 0 to
4 i.e. a total of five concurrent telnet sessions. A total of 5 people can telnet this router at the same time. Now we configure the
password as cisco for telnet and just like we enabled password checking for console using the login command, we are enabling
password checking for telnet. There are these 3 sub portions of telnet config which should be configured on to the router
before you can access it through-
1. An interface with IP
2. Enable or Enable secret
3. Vty config(which we just did)
Since our router R1 has these all these, lets verify by trying to telnet it.
Our topology looks like this. We haven’t configured anything on the switch.
We just assigned these two hosts IP address so that they can communicate with router. So let’s verify the reach ability to R1
using Ping.

Network Bulls
Since we are able to ping let’s try to telnet to R1 from PC
11. Backup IOS on a TFTP server

We are still using the same topology and continuing on. Before beginning with the process of backup let’s verify connectivity to
TFTP server using ping.
! - means the reply for it was received successfully
. - means the device timed out while waiting for the reply.
U - means the destination is unreachable

Also let’s check the exact filename of IOS in flash because we will need it next step.

Network Bulls
Now you need to copy from flash to tftp
12. IOS installation through ROMMON mode

For this delete the IOS file from flash and reboot the router using reload command in privilege mode or just turn it off and on
using the switch on router. Now since there is no IOS in flash router goes into ROMMON mode

Network Bulls
So we need to set values for some variables using the below. Make sure you give these variables as it is. There meaning is quite
self explanatory.
To initiate the process of download of the file from TFTP server use
Show the file being received from tftp server
Router will erase all the registers on the flash and copy the file to flash.

Network Bulls
13. Password recovery for a cisco router

It may happen that you forget the line console password or enable password of a router. So how do you recover the password
of the router? The step by step procedure is
1. Power cycle the device and interrupt the boot sequence by using a combination of the keys ctrl+break. It will take you
to the ROMMON mode
2. Change the configuration register value to 0x2142.
In show version commands output previously you can verify that the configuration register value by default is
0x2102. So if this value is at default the router after copying IOS from flash it during booting copies the startup-config
from NVRAM if present. By setting the value to 0x2142 we are telling the router to bypass the NVRAM during booting,
so the router will start fresh without any config.
3. Power cycle the device. It will boot without any config.
4. Go to privilege mode and do the following
5. Go to the global config mode and change or remove the password.
6. Change the configuration register value back to 0x2102.
7. Verify its value by using show version. Here the output has been omitted to the part which we are interested in.
8. Save the configuration using
9. Reload the router using

Network Bulls
TELNET PROTOCOL
The TELNET protocol provides a standardized interface, through which a program on one host (the TELNET client) may
access the resources of another host (the TELNET server) as though the client were a local terminal connected to the
server.
For example, a user on a workstation on a LAN may connect to a host attached to the LAN as if the workstation was a
terminal attached directly to the host. Of course, TELNET may be used across WANs as well as LANs.
Most TELNET implementations do not provide you with graphics capabilities.
TELNET Overview
 TELNET is a general protocol, meant to support logging in from almost any type of terminal to almost any type of
computer.
 It allows a user at one site to establish a TCP connection to a login server or terminal server at another site.
 A TELNET server generally listens on TCP Port 23.
How it works
 A user is logged in to the local system, and invokes a TELNET program (the TELNET client) by typing
 telnet xxx.xxx.xxx
where xxx.xxx.xxx is either a host name or an IP address.
 The TELNET client is started on the local machine (if it isn't already running). That client establishes a TCP connection
with the TELNET server on the destination system

Network Bulls
Now you can see R2 configuring R1 by remotely accessing R1 through telnet.

Configuration of telnet on R1:
And enable password is necessary for telnet client
The Traceroute Command

The traceroute command is used to discover the routes that packets actually take when traveling to their destination.
On end devices like Windows PC, we use tracert command which works like traceroute command in Cisco Routers.
In the above diagram we will traceroute from r6 to r3 and check the results.

Network Bulls
With the help of traceroute command we figure out the path of the network and the transit networks.
Cisco Discovery Protocol

Cisco Discovery Protocol (CDP) is a proprietary protocol designed by Cisco to help administrators collect information about
both locally attached and remote devices. By using CDP, you can gather hardware and protocol information about neighbor
devices, which is useful info for troubleshooting the network.
CDP messages are generated every 60 seconds as multicast messages on each of its active interfaces.
The information shared in a CDP packet about a Cisco device includes the following:
 Name of the device configured with the hostname command

 IOS software version
 Hardware capabilities, such as routing, switching, and/or bridging
 Hardware platform, such as 2600, 2950, or 1900
 The layer-3 address(es) of the device
 The interface the CDP update was generated on
CDP allows devices to share basic configuration information without even configuring any protocol specific
information and is enabled by default on all interfaces. CDP is a Data link Protocol occurring at Layer 2 of the OSI
model. CDP is not routable and can only go over to directly connected devices.
CDP is enabled, by default, on all Cisco devices. CDP updates are generated as multicasts every 60 seconds with a
hold-down period of 180 seconds for a missing neighbor. The no cdp run command globally disables CDP, while the
no CDP enable command disables CDP on an interface. Use show CDP neighbors to list out your directly connected
Cisco neighboring devices. Adding the detail parameter will display the layer-3 addressing configured on the
neighbor.
Cisco Discovery Protocols Configuration commands
Router#show cdp Displays global CDP information (such as timers)

Router#show cdp neighbors Displays information about neighbors
Router#show cdp neighbors detail Displays more detail about the neighbor device
Router#show cdp entry word Displays information about the device named word
Router#show cdp entry * Displays information about all devices
Router#show cdp interface Displays information about interfaces that have CDP running
Router#show cdp interface x Displays information about specific interface x running CDP

Network Bulls
Router#show cdp traffic Displays traffic information—packets in/out/version
Router(config)#cdp holdtime x Changes the length of time to keep CDP packets
Router(config)#cdp timer x Changes how often CDP updates are sent
Router(config)#cdp run Enables CDP globally (on by default)
Router(config)#no cdp run Turns off CDP globally
Router(config-if)#cdp enable Enables CDP on a specific interface
Router(config-if)#cdp enable Enables CDP on a specific interface
Router(config-if)#no cdp enable Turns off CDP on a specific interface
Router#clear cdp counters Resets traffic counters to 0
Router#clear cdp table Deletes the CDP table
Router#debug cdp adjacency Monitors CDP neighbor information
Router#debug cdp events Monitors all CDP events
Router#debug cdp ip Monitors CDP events specifically for IP
Router#debug cdp packets Monitors CDP packet-related information
Example:
Show cdp neighbors
With cdp neighbors command we get the interface type and platform type of the neighbor. It’s a easy way to find the device
types connected to a device.

Network Bulls
Show cdp neighbor details

Network Bulls
IP ROUTING
Routing Protocols
There are three classes of routing protocols:
Distance vector The distance-vector protocols find the best path to a remote network by Judging distance. Each time a packet
goes through a router, that’s called a hop. The route with the least number of hops to the network is determined to be the best
route. The vector indicates the direction to the remote network. Both RIP and IGRP are distance-vector routing protocols. They
send the entire routing table to directly connected neighbors.
Link state In link-state protocols, also called shortest-path-first protocols, the routers each create three separate tables. One of
these tables keeps track of directly attached neighbors, one determines the topology of the entire internetwork, and one is
used as the routing table. Link-state routers know more about the internetwork than any distance vector routing protocol.
OSPF is an IP routing protocol that is completely link state. Link state protocols send updates containing the state of their own
links to all other routers on the network.
Hybrid Hybrid protocols use aspects of both distance vector and link state—for example, EIGRP.
Task 1: Static routing
Task 1.1:- Ping Router3 from Router1 and use static route
Solution:
R1(config)#ip route 192.168.23.0 255.255.255.0 192.168.12.2
R3(config)#ip route 192.168.12.0 255.255.255.0 192.168.23.2

Network Bulls
Verification:
Task 2: Default Routing
Task2.1: ping from R1 to R4 without using any routing protocol and use default
route
Solution :
R1(config)# ip route 0.0.0.0 0.0.0.0 192.168.12.2
R4(config)# ip route 0.0.0.0 0.0.0.0 192.168.24.2
Verification:

Network Bulls
We can see that our ping is successful. The only difference between default route and static route is that default route is less
preferred and you can see to that through the following
Here gateway of last resort statement is showing that to reach any network which is not in the routing table, it should use
192.168.12.2 as next hop and forwarded it to R2.
The route selection mechanism is
1. Longest prefix match
2. Administrative distance
3. Metric
And default route is least preferred because of least prefix match
Task3: RIP(v1) [Ping from R1 to R4 and R2 ]

Network Bulls
Solution :
R1(config)#router rip
R1(config-router)#network 192.168.12.0
R1(config-router)#exit
Verification:
We can see that R1 is able to ping R4 and the first Ping drop is because of Arp
Lets Check R1’s routing table.

Network Bulls
Here the R in front of the routes shows that we are getting the RIP routes to these networks
And the [120/2] in the line represent the AD(administrative Distance) where as the 2 represent the metric i.e. hop count for RIP
so 192.168.34.0 is 2 hops away from R1.
RIP version 1 performs auto summary by default so if we advertise a class B network’s subnet it will advertise the whole class B
network to which that subnet belongs.
Example:
R1(config)#int l1
R1(config-if)#ip address 172.16.20.1 255.255.255.0
R1(config-if)#exit
We have advertised a class B subnet of 172.16.20.0 but RIP version 1 by default will advertise the whole network i.e.
172.16.0.0/16
lets check the routing table of R3

Network Bulls
We can see that R3 is getting a network of 172.16.0.0/16 only
We can check the RIP database to understand how RIP is doing the summarization With the command
R1#sh ip rip database
Here we can check that RIP is summarizing every sub network to its class full network

Network Bulls
Task 4: RIP version 2
Ping from R1 to R4
Solution:
R1(config-if)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary

Network Bulls
Verification :
R1 is successfully pinging R4
But the important thing is that we are using version 2 of RIP
The main difference between RIPv1 and RIPv2 are
RIP Version 1 RIP Version 2

No authentication support Supports Authentication
No VLSM Support Supports VLSM
Uses Broadcast for advertisement Uses multicast for advertisement
Lets Check the routing table of R1
We can see that this time we are not getting summarized network that is 172.16.0.0/16 but we get another network i.e.
172.16.12.0 and 172.16.34.0
The command
no auto-summary’s behavior is not to automatically summarize the network which is RIP v1’s default behavior but RIP v1 must
be changed to RIP v2
Version 2 - this command enables RIP version 2
And with this command RIP send and receive only version 2 updates
Whereas by default RIP sends version 1 and receives both version 1 and version 2

Network Bulls
In the above diagram we can see that now we can receive only version 2 routes and auto-summarization is disabled.
Task 5: RIP (Passive Interface)
R2’s f0/0 interface is passive interface i.e. no updates will be sent through this interface but all
the updates will be received. In this example, R2 will get routes from R3 but R3 will not get
routes from R2.

Network Bulls
R2(config-router)#passive-interface fastethernet0/0
R4(config)#
Descriptions:
Here the routing table of R3

Network Bulls
And the routing table of R2
And the protocol database of R2 explain that f0/0 is passive-interface

Network Bulls
Task 6: RIP (Load Balancing)
Solution:

Network Bulls

Network Bulls
And you can see that the cost to reach the 3.3.3.3 network is 2 so we are getting equal cost routes toward 3.3.3.3 hence we are
getting equal-cost load balancing.
Task 7: EIGRP Routing Protocol
Ping From R1 to R4
Solution:
R1(config)#router eigrp 10

Network Bulls
R1(config-router)#network 192.168.12.0 0.0.0.255
R3(config-if)#router eigrp 10
R3(config)#

Network Bulls
Verification:
Using ping command we can check the ping
Lets Check the routing table of R1

Network Bulls
Here the AD of EIGRP is 90 and its metric is quite big because it use bandwidth and delay for calculating metric , and we can see
192.168.34.0/24 have 3 paths because all have same metric and load balancing is done at EIGRP.
Task 8: EIGRP (Load-Balancing)
R5 will be getting R4’s loopback 1 network 4.4.4.4/32 via R3 and R1 And there will be load balancing at R5 because of same
metric at R5.
Configuration:
Network Bulls
Description:
After all the configuration and neighbor establishment, EIGRP 10 on R5 will install routes it learns from its neighbors.
EIGRP install routes on the bases of the metric and if the metric is same than both routes are used with load-balancing
mechanism.

Network Bulls
Here is the routing table of EIGRP at R5.
EIGRP neighbors:
Topology table of EIGRP at R5 also shows load-balancing for 4.4.4.4

Network Bulls
We can see clearly the metric for 4.4.4.4/32 via f0/0 and f0/1 is same and exact because of which we get 2 routes for 4.4.4.4 in
routing table.
Task 9: EIGRP (Passive interfaces)

Network Bulls
R2’s f0/0 interface is passive i.e. it will not send and receive updates through this interface i.e R2 will not have a neighborship
with R3 and they will not exchange routes
CONFIGURATION:
R2(config-router)#passive-interface f0/0
Description:
EIGRP 10 process on R2 will not for neighborship with R3 due to passive interface configured on R2.

Network Bulls
We can clearly see that EIGRP is not working on f0/0 interface but R2 will advertise that network to R4 and R1

Network Bulls
Task 10: EIGRP Unequal Cost Load Balancing
Solution:
R1(config-router)#variance 2
EIGRP performs equal load balancing by default but we can also do unequal load balancing
Here at R1 we are getting 3 equal paths to the network 192.168.34.0

Network Bulls
But for unequal load balancing we will first reduce the bandwidth to 1200 at s1/0
Now we are getting only 2 paths
To do that we need a special command that is variance
And with variance in action we get

Network Bulls
Task 11: OSPF configuration

Network Bulls
Solution:
R1(config-if)#router ospf 10
R1(config-router)#network 192.168.100.0 0.0.0.255 area 0
Verification:
Lets check OSPF neighborship
With command show ip ospf neighbor
Hence R1 is neighbor with R2, R3 and R4
Lets check the routing table of R1

Network Bulls
Here we don’t have any OSPF route because we have created the neighborship through this network and it is common to all the
routers.
Task 12: DR BDR Election

R1 should be DR and R2 should be BDR and R4 never participates in the DR/BDR election.

Network Bulls
R1(config)#int f0/0
R1(config-if)#ip ospf priority 255
R1(config-if)#exit
R2(config)#int f0/0
R2(config-if)#exit
R4(config)#int f0/0
R4(config-if)#exit
Verification:
DR/BDR election occurs at multi-access interfaces like f0/0
Here DR is elected on the basis of Router ID and priority
By default the Router ID is the highest IP address present in the routing table at the time of OSPF process configuration and
priority by default is 1
So we can check that before changing the priority
R1 is DR because R1 start up first and becomes DR and it will be challenged by R4 or R3 or R2 only if we clear ip ospf process
with command “Clear ip ospf process”
But with priority we can change it without clearing the process.
And 255 is the maximum priority value and 0 is the lowest priority
We change the priority to 0 if we don’t want a router to participate in DR/BDR election
Lets have a look at the R1’s neighbor table after setting priorities

Network Bulls
Here R2 will always remain BDR and R1 always remain DR even after we clear process of OSPF because their priorities are
better than R3 an R4
Hence

Network Bulls
SWITCHING
Task 1: Interfaces
You have multiple tools to list the status and different parameters of all interfaces on an IOS based switch.
Show interfaces status
You can also show the configuration of an interface by showing the running-config related to that interface:
Switch#sh run int f0/1
interface FastEthernet0/1
switchport mode dynamic desirable
Selecting interfaces
Either by selecting single interface:

Network Bulls
Interface f0/1
Or by selecting multiple interfaces range:
For example, selecting interfaces from 1 to 5
interface range fastethernet 0/1 - 5
Or non-contiguously:
For example, selecting interfaces from 1 to 5, 9 and 17 from the first module, 15 to 21, 25 and 29 from the second module.
interface range fastethernet 0/1 - 5 , 9 , 17 , fastethernet 1/15 - 21 , 25 , 29
Task 2: Basic interfaces configuration
You should hard code all essential configurations of interfaces on both sides to avoid mismatch parameters.
interface fastethernet 0/1 - 48

duplex {auto|full|half}
speed {auto|10|100|1000}
no shutdown
Task3: Configure IP address subnet mask and default gateway
IP address and default gateway is used to configure switch remotely via telnet or SSH. Without these essential configurations,
you have to connect with switch via console cable each time. That's very tedious as you have to go near to switch each time.
Switch>enable
Switch#configure terminal
Switch(config)#hostname S1
S1(config)#interface vlan 1
S1(config-if)#ip address 10.0.0.10 255.0.0.0
S1(config-if)#no shutdown
%LINK-5-CHANGED: Interface Vlan1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
S1(config-if)#exit
S1(config)#ip default-gateway 10.0.0.1
Task 4: Enable Telnet and password protect the line
You can secure a switch by using passwords to restrict various levels of access. Using passwords and assigning privilege levels
are simple ways of providing both local and remote terminal access control in a network. Passwords can be established on
individual lines, such as the console, and to the privileged EXEC (enable) mode. Passwords are case sensitive. By default there
Network Bulls
are five VTY ports on the switch, allowing five simultaneous Telnet sessions, noting that other Cisco devices might have more
than five logical VTY ports. The five total VTY ports are numbered from 0 through 4 and are referred to all at once as line VTY 0
4.
S1(config)#line console 0
S1(config-line)#password cisco
S1(config-line)#login
S1(config-line)#exit
S1(config)#line vty 0 4
S1(config-line)#password Menu
S1(config-line)#login
S1(config-line)#exit
S1(config)#
Task 5: Enable Switch port security
This feature set allows you (among several other options) to disable a port if more than one MAC address is detected as being
connected to the port. This feature is commonly applied to ports that connect security-sensitive devices such as servers. You
can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the stations
allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with
source addresses outside the group of defined addresses.
Switch>enable
Switch#configure terminal
Switch(config)#hostname S2
S2(config)#interface fastEthernet 0/1
S2(config-if)#switchport mode access
S2(config-if)#switchport port-security
S2(config-if)#switchport port-security maximum 1
S2(config-if)#switchport port-security mac-address sticky
S2(config-if)#switchport port-security violation shutdown
S2(config-if)#exit
S2(config)#
Task 6: Configure VLAN and assign ports to the Vlans
On SW1, create 3 VLAN’s. VLAN 10 with the name Sales, VLAN 20 with the name Development, VLAN 30 with the name
Marketing.
Solution:
you can create the VLAN’s by using the vlan number name vlan_name command.
SW1 con0 is now available
Press RETURN to get started.
SW1>enable
SW1#config terminal

Network Bulls
SW1(config)#vlan 10
SW1(config-vlan)#name Sales
SW1(config-vlan)#vlan 20
SW1(config-vlan)#name Development
SW1(config-vlan)#vlan 30
SW1(config-vlan)#name Marketing
SW1(config-vlan)#end
SW1#
Assign Port Fa0/1 to VLAN 10, assign interface Fa0/2 to VLAN 20 and assign interface Fa0/3 to VLAN 30. Afterward, verify your
configuration.
To configure switchport interfaces in a specific VLAN you will use the switchport access vlan # command in interface
configuration mode. To verify your VLAN configuration you’ll use the show VLAN on a Cisco Catalyst Series switch in user or
privileged mode as shown below on a Catalyst Series switch.
SW1#configure terminal
SW1(config)#interface Fa0/1
SW1(config-if)#switchport access vlan 10
SW1(config-if)#interface Fa0/2
SW1(config-if)#interface Fa0/3
SW1(config-if)#end
SW#show vlan
VLAN Name Status Ports
---- ---------------------------- --------- -------------------------------
1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gi0/1, Gi0/2
10 Sales active Fa0/1
20 Development active Fa0/2
30 Marketing active Fa0/3
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
SW1#
Task 7: Configuring Management Vlan

Network Bulls
Step 1. – Create the VLAN number 10 and name it Management.
SW1>enable
SW1>configure terminal
SW1(config)#vlan 10
SW1(config-vlan)#name Management
SW1#
Step 2. – Create the VLAN 10 interface and assign it an IP address of 10.1.1.10/24.
To complete this objective you first need to create the VLAN interface by going into global configuration and then VLAN
interface configuration mode by using the command interface vlan # Keep in mind that the VLAN interface number is
proportional to the vlan number created. So Interface VLAN 10 is used for VLAN 10 whereas interface VLAN 20 would be used
for VLAN 20.
SW1(config)#interface vlan10
SW1(config-if)#ip address 10.1.1.10 255.255.255.0
SW1(config-if)#no shut
SW1(config-if)#
Step 3. – Assign the FastEthernet0/1 interface on SW1 to VLAN 10.
SW1(config-if)#interface FastEthernet0/1
SW1(config-if)#end
SW1#
By this point you should now be able to ping the IP address of VLAN 10 of Switch from R1 interface f0/0 as shown below;
R1#ping 10.1.1.10
Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/39/100 ms
R1#
Step 4. – Verify the management VLAN configuration by using R1 to telnet the IP address of VLAN 10 on SW1.
R1#telnet 10.1.1.10
Trying 10.1.1.10 ... Open
User Access Verification
Password:
SW1>

Network Bulls
Task 8: Configuring Trunk Ports using ISL or 802.1q
To configure an interface as a static trunk you’ll first need to configure the encapsulation type first as an interface whose trunk
encapsulation is “Auto” cannot be configured to “trunk” mode.
SW1 con0 is now available
SW1>enable
SW1(config-if-range)#interface fa0/10
SW1(config-if)#switchport trunk encapsulation dot1q
SW1(config-if)#switchport mode trunk
SW1(config-if)#end
SW1#
And now the same configuration on SW2;
SW2>enable
SW2(config-if-range)#interface fa0/10
SW2(config-if)#switchport trunk encapsulation dot1q
SW2(config-if)#switchport mode trunk
SW2(config-if)#end
SW2#
Verify your trunk link configuration by using the show interface FastEthernet0/10 trunk command as shown below on both SW1
and SW2;
SW1#show interface FastEthernet0/10 trunk
Port Mode Encapsulation Status Native vlan

Fa0/10 on 802.1q trunking 1
Port Vlans allowed on trunk

Fa0/10 1-4094
Port Vlans allowed and active in management domain

Fa0/10 1,10
Port Vlans in spanning tree forwarding state and not pruned

Fa0/10 1
SW1#

Network Bulls
SW2#show interface FastEthernet0/10 trunk

Fa0/10 on 802.1q trunking 1

Fa0/10 1-4094

Fa0/10 1,10

Fa0/10 1
SW2#end
You can use trunk links to pass traffic in multiple VLAN’s between multiple switches using a single link.
Below configuration shows how to configure ISL as trunk protocol
c3560-Switch1>enable
c3560-Switch1#configure terminal
c3560-Switch1(config)#interface fa0/10
c3560-Switch1(config-if)#switchport trunk encap isl
c3560-Switch1(config-if)#switchport mode trunk
c3560-Switch1(config-if)#end
c3560-Switch1#sh int fa0/10 trunk

Fa0/10 on isl trunking 1

Fa0/10 none

Fa0/10 none

Fa0/10 none
c3560-Switch1#
Task 9: Configure SW1 as the VTP Server and configure SW2 and SW3 as VTP
Clients. Set the VTP Domain name to CISCO on all three switches.
Configuring the VTP Mode and VTP Domain are done by the use of the vtp mode modetype and the vtp domain domainname as
shown below; Keep in mind when setting the VTP Domain, this must be set prior to the VTP mode if you are setting the VTP
domain on a client switch. If you need to change the VTP domain you must set it to transparent then change the name and/or
password then set the switch back to VTP mode client.
SW1>enable
SW1(config)#vtp mode server
Network Bulls
Device mode already VTP SERVER.
SW1(config)#vtp domain CISCO
Changing VTP domain name from NULL to CISCO
SW1(config)#
SW2>enable
Domain name already set to CISCO.
SW2(config)#vtp mode client
Setting device to VTP CLIENT mode.
SW2(config)#
SW3>enable
Domain name already set to CISCO.
SW3(config)#vtp mode client
Setting device to VTP CLIENT mode.
SW3(config)#
Configure VLAN 10 with the name Development on the VTP Server and verify that it propagates to SW2 and SW3 properly.
To complete this objective you need to create the VLAN on the VTP Server, which in this case is SW1.
SW1(config)#vlan 10
SW1(config-vlan)#name Development
SW1#
SW2#show vlan

---- -------------------------------- --------- -------------------------------
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
10 Development active
SW3#show vlan

---- -------------------------------- --------- -------------------------------
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/13, Fa0/14, Fa0/15
Network Bulls
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
10 Development active
Task 10: Set the VTP Version to v2 and secure the VTP Domain by using the
password Cisco$123. Verify your configuration
To set the VTP version to v2, you execute the vtp version 2 command on the VTP Server switch, this setting is propagated to all
switches in the VTP domain.
To set the VTP password, use the vtp password Cisco$123 command in global configuration mode as shown below;
SW1(config)#vtp version 2
SW1(config)#vtp password Cisco$123
Setting device VLAN database password to Cisco$123
SW1(config)#end
SW2(config)#end
SW3(config)#end
To verify the VTP version mode use the show vtp status command in user or privileged mode as shown below;
SW2#show vtp status

VTP Version : running VTP2
Configuration Revision :3
Maximum VLANs supported locally : 1005
Number of existing VLANs :6
VTP Operating Mode : Client
VTP Domain Name : CISCO
VTP Pruning Mode : Disabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0x96 0xF1 0x2F 0xDD 0x5F 0x1F 0x37 0x53
Configuration last modified by 192.168.255.1 at 3-2-93 15:11:27
SW2#

Network Bulls
To verify the VTP Password you must use the show vtp password command in privileged mode only as shown below;
SW2#show vtp password

VTP Password: Cisco$123
SW2#
Task 11: Configure Inter-vlan Routing
Step 1. – Configure a new Sub-Interface on R1 to match the VLAN 20 (Fa0/0.20) and configure the sub-interface to use 802.1q
encapsulation and the Dot1q tag of 20. Configure the sub-interface to use the IP address 10.1.20.1/24.
To create a new sub-interface you’ll use the interface fa0/0.# command in global configuration mode. To enable the sub-
interface to use 802.1q you’ll use the encapsulation dot1q # command whereas # is the dot1q VLAN tag as shown below;
R1>enable
R1#configure terminal
R1(config)#interface fa0/0
R1(config-if)#no shut
R1(config-if)#interface fa0/0.20
R1(config-subif)#encapsulation dot1q 20
R1(config-subif)#ip add 10.1.20.1 255.255.255.0
R1(config-subif)#exit
R1(config)#

Network Bulls
Step 2. – Configure a new Sub-Interface on R1 to match the VLAN 30 (Fa0/0.30) and configure the sub-interface to use 802.1q
encapsulation and the Dot1q tag of 30. Configure the sub-interface to use the IP address 10.1.30.1/24. Verify your sub-interface
configuration.
R1(config)#interface fa0/0.30
R1(config-subif)#encapsulation dot1q 30
R1(config-subif)#ip add 10.1.30.1 255.255.255.0
R1(config-subif)#end
R1#sh run interface fa0/0.20

interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.1.20.1 255.255.255.0
end
R1#sh run interface fa0/0.30

interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 10.1.30.1 255.255.255.0
end
R1#show ip interface brief | inc FastEthernet0/0

Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset up up
FastEthernet0/0.20 10.1.20.1 YES manual up up
FastEthernet0/0.30 10.1.30.1 YES manual up up
R1#
Step 3. – Verify that host1 can ping host2 using R1 as the default-gateway as shown below;
R2#ping 10.1.30.3
Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.30.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/23/52 ms
Task 12: Configuring Switchport Spanning Tree Portfast

SW1>enable

Network Bulls
SW1(config)#interface fa0/1
SW1(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast has been configured on FastEthernet0/1 but will only have effect when the interface is in a non-trunking mode.
SW1(config-if)#end
We can enable port fast feature on a switch by using the global config command as well
SW1(config)#spanning-tree portfast default
%Warning: this command enables portfast by default on all interfaces. You
should now disable portfast explicitly on switched ports leading to hubs,
switches and bridges as they may create temporary bridging loops.
SW1(config)#end
SW1#
Task 13: Spanning –tree Root bridge election

You can decrease Switch priority to make a Switch as Root Bridge
SW1(config)#spanning-tree vlan 1 priority 4096
SW1(config-if)#end
Verification command
SW2#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 4097
Address 0014.f2d2.4180
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)

Address 001c.57d8.9000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec

Network Bulls
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- ---------------------------
Fa0/10 Altn BLK 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
We can see that Switch 1 whose mac address 0014.f2d2.4180 has become the Root Bridge
Task 14: Spanning-tree Port priority

SW1(config-if)#spanning-tree port-priority 64
SW1(config-if)#end
SW1#
SW1#
____________________________________________________________________________
Task 15: Enable BPDU Guard Feature
SW1 BPDU Guard interface configuration shown below;
SW1(config-if)#spanning-tree bpduguard enable
SW1(config-if)#end
SW1#
Task 16: Enabling BPDU Filter

When you globally enable BPDU filtering on Port Fast-enabled interfaces, it prevents interfaces that are in a Port Fast-
operational state from sending or receiving BPDUs. The interfaces still send a few BPDUs at link-up before the switch begins to
filter outbound BPDUs. You should globally enable BPDU filtering on a switch so that hosts connected to these interfaces do not
receive BPDUs. If a BPDU is received on a Port Fast-enabled interface, the interface loses its Port Fast-operational status, and
BPDU filtering is disabled.
S1(config -if-range)# spanning –tree bpdufilter enable

Network Bulls
WAN Technologies
WANs connect networks, users and services across a broad geographic area. WANs connect LANs across a wide geographic
area.
WANs and their protocols function at layers 1 and 2 of the OSI model.
The physical Layer components of WANs define electrical and operational connection. Examples V.35, RJ-45,
The Data Link Layer defines WAN protocols that define how data is encapsulated for transmission across the WAN. Examples of
these protocols are frame-relay, ATM, HDLC and PPP.
WAN Devices
The following devices are used for WAN services:
Routers: connect the LAN to the WAN. Routers provide network layer services. They route data from one network to another.
Modems or DSU/CSUs: In analog lines, modems convert analog to digital, Modems modulate and demodulate a signal,
enabling data to be transmitted over telephone lines. In digital lines, data service units/channel service units (DSU/CSU) convert
one form of digital format to another digital format.
WAN networking devices: used in WAN network. These are Frame-relay switch, x.25 operate at the data link layer of the OSI
model.
Serial WAN interfaces
Serial interfaces are specified as DTE (data terminal equipment) or data communication equipment (DCE). DCE converts user
data into the service provider in other words, DCE provide clocking for the serial link. As example DCE is a CSU/DSU or a serial
interfaces configured for clocking.

Network Bulls
WAN Cabling
Several ways exist to carry traffic across the WAN. The implementation depends on distance, speed, and the type of service
required. Connection speeds typically vary from 56 kbps to T1/E1 ( 1.544/2.048 mbps, but can be as high as 10 Gbps)
WAN Connection Types
WAN services area generally leased from service providers on a subscription basis. The following three main types of WAN
connections exist:
Leased-Line: A leased line ( or point-to-point dedicated connection) provides a preeestablished connection through the serivce
provider network (WAN) to a remote network. It provide a reserved connection for the client but are costly.
Circuit-swtched: Circuit switching provides a dedicated circuit path between sender and recevier for the duration of the call. It
is used for basic telephone serivce or ISDN.

Network Bulls
Packet-switched: with packet switching, devices transport packets using virtual circuits (VC) that provide end-to-end
connectivity. Packet header identifies the destination. It provides much lower cost.
Layer 2 Encapsulation Protocols

High-level Data Link Control (HDLC): The default encapsulation type on point-to-point dedicated links and circuit-switched
connections.
Configuring HDLC
Router (config-if) # encapsulation HDLC
Bu default HDLC is configured on serial links.
Point-to-Point protocol (PPP):
PPP Provides connections between devices over several types of physical interfaces and ISDN. PPP works with many network
layer protocols, Including IP and IPX. PPP uses Password Authentication Protocol (PAP) and Challenge Handshake
Authentication Protocol (CHAP).PPP uses a network control protocol (NCP) component to encapsulate multiple protocols and
the Link Control Protocol (LCP) to set up and Negotiate control options on the data link.

Network Bulls
Task1: Configure PPP
R1 (config-If) # encapsulation PPP
R1 (config-If) #ip add 192.168.12.1 255.255.255.0
R2 (config-If) # encapsulation PPP
R2 (config-If) #ip add 192.168.12.2 255.255.255.0

Network Bulls
Task 2: Partial Map ( HUB and Spoke) on Physical interfaces Static Mapping
Configuration:
Gurgaon
Gurgaon (config) # interface serial 0/0
Gurgaon (config-if) # IP address 20.0.0.1 255.255.255.0
Gurgaon (config-if) # encapsulation Frame-relay
Gurgaon (config-if) # no frame-relay inverse ARP (disable automatic mapping)
Gurgaon (config-if) # Frame-relay map IP 20.0.0.2 102 broadcast
Gurgaon (config-if) # Frame-relay map IP 20.0.0.3 103 broadcast
USA
USA (config) # interface serial 0/0
USA (config-if) # IP address 20.0.0.2 255.255.255.0
USA (config-if) # encapsulation Frame-relay
USA (config-if) # no frame-relay inverse ARP (disable automatic mapping)
USA (config-if) # Frame-relay map IP 20.0.0.1 201 broadcast

Network Bulls
BANGLORE
BANGLORE (config) # interface serial 0/0
BANGLORE (config-if) # IP address 20.0.0.3 255.255.255.0
BANGLORE (config-if) # encapsulation Frame-relay
BANGLORE (config-if) # no frame-relay inverse ARP (disable automatic mapping)
BANGLORE (config-if) # Frame-relay map IP 20.0.0.1 301 broadcast
Verification Command:
#show Frame-relay map
All PVC should be in active state.
Between Spoke Communication:
For spoke communication need spoke to spoke mapping:
Commands:
USA (config-if) # Frame-relay map IP 20.0.0.3 201
BANGLORE (config-if) # Frame-relay map IP 20.0.0.2 301
Task 3: Static IPv6 address Configuration
R1 ( config ) # inter ser 0/0
R1 ( config-if )# ipv6 address 2001:abc::1/64
R1 ( config-if )# no shutdown

Network Bulls
R2 ( config ) # inter ser 0/0
R2 ( config-if )# ipv6 address 2001:abc::2/64
R2 ( config-if )# no shutdown
Reachability:
R1# ping 2001: abc::2
Task 4: RIPng
R1 (config)# IPv6 Unicast-routing
R1 (config)# Ipv6 router rip cisco

Network Bulls
R1 (config-if)# inter f0/0
R1 (config-if)# Ipv6 rip cisco enable
R1 (config-if)# inter s0/0
R2 Commands
R2 (config)# IPv6 unicast-routing
R2 (config-f)# inter s0/0
R3 commands
R3 (config-if)# IPv6 unnicast-routing
R3 (config-f)# inter s0/0
R3 (config-f)# Ipv6 rip cisco enable

Network Bulls
Task 5: EIGRPv6
R1 (config)# ipv6 router eigrp 100
R1(config-rtr)# router-id 1.1.1.1
R1(config-rtr)# no shutdown
R1 (config-if)# ipv6 eigrp 100

Network Bulls

Network Bulls
ACL
Introduction to Access Lists
An access list is kind of a security feature and it is a sequential collection of permit and deny conditions that apply to your
device. You can make your own list of conditions to control the traffic in your network using access lists. With the right
combination of access lists, network managers arm themselves with the power to enforce nearly any security policy they can
invent.
You can use access lists in several ways:
 To control the transmission of packets on an interface

 To control virtual terminal line access
 To restrict contents of routing updates
Filter IP Packets
Packet filtering helps control packet movement through the network. Such control can help limit network traffic and restrict
network use by certain users or devices. To permit or deny packets from crossing specified router interfaces, you can use access
lists.
This section summarizes how to create access lists and how to apply them.
The router checks addresses in the packets against the conditions in an access list one by one. The first match determines
whether the router accepts or rejects the packets. Because the router stops checking conditions after the first match, the order
of the conditions is critical. If no conditions match, the router rejects the packets
Access List Examples
In the following example, network 36.0.0.0 is a Class A network whose second octet specifies a subnet; that is, its subnet mask
is 255.255.0.0. The third and fourth octets of a network 36.0.0.0 address specify a particular host. Using access list 2, the router
would accept one address on subnet 48 and reject all others on that subnet. The last line of the list shows that the router would
accept addresses on all other network 36.0.0.0 subnets.
access-list 2 permit 36.48.0.3

access-list 2 deny 36.48.0.0 0.0.255.255
access-list 2 permit 36.0.0.0 0.255.255.255
interface ethernet 0
ip access-group 2 in
Examples of Implicit Masks in Access Lists
The following access list only allows access for those hosts on the three specified networks. It assumes that subnetting is not
used; the masks apply to the
host portions of the network addresses. Any hosts with a source address that does not match the access list statements will be
rejected.

Network Bulls
(Note: all other access implicitly denied)
To specify a large number of individual addresses more easily, you can omit the address mask that is all zeros from the access-
list global configuration
command. Thus, the following two configuration commands are identical in effect:
access-list 2 permit 36.48.0.3

Named Access List

As discussed earlier, named access lists are just another way to create standard and extended access lists. It is easy to manage
named ACL as compared to numbered ACL.
Named access lists allow you to use names to both create and apply either standard or extended access lists. There is nothing
new or different about these access lists aside from being able to refer to them in a way that makes sense to humans. But there
are some changes in the commands.
For example, you can create the same outbound access list in the form of Named Access List. In the below configuration
example, name of access list is CCNA (you can give any name) and it is a standard access list and it is denying the traffic coming
from 192.168.15.0/24 and permit the rest of traffic.
R1(config)#ip access-list standard CCNA
R1(config-std-nacl)#deny 192.168.15.0 0.0.0.255
R1(config-std-nacl)#permit any
R1(config-std-nacl)#exit
Inbound access list in the form of Named Access List (CCNA_2 is the name of access list.)
R1(config)#ip access-list extended CCNA_2
R1(config-ext-nacl)#deny tcp 192.168.25.0 0.0.0.255 any eq telnet
R1(config-ext-nacl)#permit ip any any
R1(config-ext-nacl)#exit
Time Based ACL

Time-based ACLs work a lot like extended ACLs do, but their type of access control is totally time oriented. Basically, you specify
a certain time of day and week and then identify that particular period by giving it a name referenced by a task. The time period
is based upon the router’s clock.
Suppose you want to apply the CCNA_2 access list on every weekdays in office hours (9:00am to 6:00pm)
Network Bulls
First create the Time-range using below configuration-
Time range for CCNA_2 access list-
R1(config)#time-range CCNA2_time
R1(config-time-range)#periodic weekdays 09:00 to 18:00
R1(config-time-range)#exit
R1(config)#^Z
After creating the time-ranges for access-list, apply it on the access-lists using below configuration
R1(config)#ip access-list extended CCNA_2
R1(config-ext-nacl)#deny tcp 192.168.25.0 0.0.0.255 any eq telnet time-range CCNA2_time
R1(config-ext-nacl)#exit
R1#show time-range
time-range entry: CCNA2_time (inactive)
periodic weekdays 9:00 to 18:00
Verification command:
Show ip access-list
Or
Show access-list
Clear the Access List Counter
The system counts how many packets pass each line of an access list; the counters are displayed by the show access-lists
command. You can clear the counters of an access list by performing the following task in EXEC mode.
Clear access-list counter

Network Bulls
Task 1: Standard Access-list
 Makesure you use the most specific wildcard for all your access-lists.
 Youare only allowed to use standard access-lists.
 Configureyour network so traffic from router R1 L1 interface can't reach Loopback1 of R3
 Configure your network so trafficfrom router R3 L2 interface can't reach Loopback2 of R1
Solution:
R1
Access-list 2 deny host 3.3.3.3
Access-list 2 permit any
ip address 12.1.1.1 255.255.255.0
no shut
R3
Access-list 5 deny host 1.1.1.1
Access-list 5 permit any
ip address 23.1.1.3 255.255.255.0

Network Bulls
Task 2: Extended Access-list
 Make sure you use the most specific wildcard for all your access-lists.
 You are only allowed to use extended access-lists.
 Configure your network so traffic from router R1 L1 interface can't ping Loopback of R3
traffic from router R3 L1 interface should not be able to access port 80 of Loopback of R1
Solution:
R1
access-list 100 deny tcp 3.3.3.0 0.0.0.255 1.1.1.0 0.0.0.255 eq www
access-list 100 permit ip any any
ip address 12.1.1.1 255.255.255.0
no shut
R3
access-list 105 deny ICMP 11.1.1.0 0.0.0.255 33.3.3.0 0.0.0.255 echo
ip address 23.1.1.3 255.255.255.0

Network Bulls
Task 3: Time-Based Access-list
Configure router R2 so users are unable to access the HTTP server 2.2.2.2 on weekdays between 9:00 - 17:00
Solution
R2
time-range TIME
Periodic weekdays 09:00 to 17:00
access-list 100 deny tcp 192.168.12.0 0.0.0.255 host 2.2.2.2 eq www time-range TIME
ip address 192.168.12.2 255.255.255.0
no sh
exit

Network Bulls
NAT
Why we need NAT
With the explosion of the Internet and the increase in home networks and business networks, the number of available IP
addresses is simply not enough. The obvious solution is to redesign the address format to allow for more possible addresses.
This is being developed (IPv6) but will take several years to implement because it requires modification of the entire
infrastructure of the Internet. That’s why we need NAT. NAT will not provide a long term solution but it will be fine for short
term. There are some more features like security and administration that we can get using NAT in our network.

Network Bulls
Introduction
Network Address Translation allows a single device, such as a router, to act as agent between the Internet (or "public network")
and a local (or "private") network so that it can translate the traffic coming into and leaving the private network.
The internal network is usually a LAN (Local Area Network), commonly referred to as the stub domain. In above network,
NETWORKBULLS CORPORATION is a stub domain. A stub domain is a LAN that uses private IP addresses internally. Most of the
network traffic in a stub domain is local; it doesn't travel off the internal network. Of course, any computers that use private IP
addresses must use Network Address Translation to communicate with the rest of the world.
NAT can be configured in various ways.
In the example below the NAT router is configured to translate private IP addresses (inside local addresses) that reside on the
private (inside) network to public IP addresses. This happens whenever a device on the inside with a private address needs to
communicate with the public (outside) network.
IP addresses have different designations based on whether they are on the private network (stub domain) or on the public
network (Internet) and whether the traffic is incoming or outgoing:

Network Bulls
NAT has many forms and can work in several ways:
Static NAT - mapping a private IP address to a public IP address on a one−to−one basis. It is particularly useful when a device
needs to be accessible from outside the network. For example, private address of server (192.168.10.1) can be translated into
single public address, so that it can be accessed from outside.
Dynamic NAT _ Maps a private IP address to a public IP address from a group of public IP addresses. Dynamic NAT also
establishes a one−to−one mapping between private and public IP address, but the mapping could vary depending on the public
address available in the pool, at the time of communication. For example, private addresses (192.168.10.2 -192.168.10.5) of
Marketing, IT, Sale and Finance departments can be translated into different public addresses using a pool of public addresses
(55.0.0.1 -55.0.0.54).
Overloading _ A form of dynamic NAT that maps multiple private IP addresses to a single public IP address by using different
ports. Known also as PAT (Port Address Translation), single address NAT or port−level multiplexed NAT.
In overloading, each computer on the private network (192.168.10.2 -192.168.10.5) is translated to the same IP address
(55.0.0.1) but with a different port number assignment.
Task 1: Static NAT
 IP addresses have been preconfigured as specified in the topology picture.

 Create a static NAT configuration on router NAT to translate the 192.168.12.1 IP address into the 192.168.23.2 IP
address.
Solution:
R2.
ip address 192.168.12.2 255.255.255.0
ip nat inside
no sh

Network Bulls
ip address 192.168.23.2 255.255.255.0
ip nat outside
ip nat inside source static 192.168.12.1 192.168.23.2
Task 2: Dynamic NAT
 All IPv4 addresses have been preconfigured for you.

 IP Routing has been disabled and a default gateway is configured on router Jack, Joe and WWW.
 Configure a pool for NAT Dynamic . The range of IP addresses you receivedfrom the Internet Provider is 172.16.0.1 -
172.16.0.100.
 Configure NAT Dynamic so when router Jack or Joe connect to router WWW they are translated to one of the IP addresses in
the pool
Solution:
ip address 192.168.13.3 255.255.255.0
ip nat inside
no sh
exit

Network Bulls
ip address 192.168.23.3 255.255.255.0
ip nat inside
no sh
exit
ip address 192.168.34.3 255.255.255.0
ip nat outside
no sh
exit
ip nat pool Networkbulls 172.16.0.1 172.16.0.100 netmask 255.255.255.0
ip nat inside source list 1 pool GNS3VAULT
Task 3: PAT overload

Network Bulls
 All IPv4 addresses have been preconfigured for you.
 IP Routing has been disabled and a default gateway is configured on router Emma, Alice and WWW.
 Configure PAT so when router Emma or Alice sends an IP packet to router WWW the source address is translated to
the IP address on the F0/0 interface of router PAT.
Solution:
ip address 192.168.34.3 255.255.255.0
ip nat outside
no sh
ip address 192.168.123.3 255.255.255.0
ip nat inside
no sh
ip nat inside source list 1 interface FastEthernet0/0 overload


Ccna Workbook R&s

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ccna Workbook R&s

Uploaded by

Copyright:

Available Formats

Network Bulls

Data Encapsulation and Decapsulation

Protocol Data Unit (PDU)

OSI Layer Model and PDUs

Copyrights Network Bulls 2013-2018

Transport Layer: Segment is the PDU of the Transport layer.

Encapsulation and De-Encapsulation Process

TCP Header Encapsulation

MAC Header Encapsulation

Copyrights Network Bulls 2013-2018

Physical Layer Encapsulation

Data encapsulation flow

Copyrights Network Bulls 2013-2018

Copyrights Network Bulls 2013-2018

Find the number of collision domain of the network.

Answer. Number of Collision domain is 4

Copyrights Network Bulls 2013-2018

Router has per-port collision and broadcast domain.

Hub has single broadcast and collision domain.

Question: Find the number of collision domains and broadcast domains.

The number of collision domain is 11

And the broadcast domain is 3

Copyrights Network Bulls 2013-2018

Question: Find the collision and broadcast domain.

Copyrights Network Bulls 2013-2018

Basic Procedure to make Subnets

Now you have 25 ON bits, so subnet mask will be 255.255.255.128

Network Address- 192.168.10.0

Subnet Mask- 255.255.255.128

Block size = 256 – (a value from subnet mask).

So the block size of your network 192.168.10.0/25 is

Block size=256 – 128= 128

Block size 128

Now find the Network addresses of your subnets-

Copyrights Network Bulls 2013-2018

Network address Broadcast address

Network address Broadcast address

Range of Host addresses

Class C subnetting examples

Network address = 192.168.10.0

26 bits are ON, so subnet mask =255.255.255.192

Block size =256-192 =64

Network address Broadcast address

Copyrights Network Bulls 2013-2018

Network address = 172.16.0.0

17 bits are ON, so subnet mask =255.255.128.0

Block size =256-128 =128

Network address Broadcast address

Range of Host addresses

Network address = 172.16.0.0

24 bits are ON, so subnet mask =255.255.255.0

Block size =256-255 =1

Network address Broadcast address

Copyrights Network Bulls 2013-2018

Network address = 172.16.0.0

25 bits are ON, so subnet mask =255.255.255.128

Block size =256-128 =128

Network address Broadcast address

Range of Host addresses

Class A subnetting examples

Network address = 10.0.0.0

9 bits are ON, so subnet mask =255.128.0.0

Block size =256-128 =128