You are on page 1of 81

DIOS Philippines IT Training

Network Fundamentals

Chapter 1 Networking Basics

Chapter Objective:
At the end of this chapter you are expected to have an understanding on the following:
basic networking concepts, network symbols OSI and TCP/IP model Network Design Concepts, Topologies, Physical connections, Network Types Port numbers IP Addressing, IP Address Classes, Private IPs, and Subnetting how, why and when End-to-end communications (UDP and TCP/IP)

Chapter 1 Networking Basics

What is a Network A network consists of two or more computers that are linked in order to share resources, exchange files, or allow electronic communications. The computers on a network may be linked through cables, telephone lines, radio waves, satellites, or infrared light beams. The data is conveyed with the use of on-and-off pulses of electricity.

Understanding the pieces of a network

The Basic Network



WAN interface card

Network Application

Home Office Internet Web Browsing Intranet/Internet Database Application Oracle/Mysql/Sql Instant Messenger Email / Online BBS Online Games

Common Data Network Symbols

Router Wireless Link Phone

Wireless Router Bridge

Laptop Repeater


Firewall Switch Hub Wireless Access Wireless Bridge

Token Ring

Gigabit Switch Serial Link Serial Link DCE Internet/Cloud Token Ring Copper Cross Over IP Phone

Network Devices
Network Interface Cards Layer 2 device that connects computers to other network equipment to the transmission medium - connects Host to the network - detects collision on the ethernet network/prevents collision on token - passes frames to the upper/lower layer of the OSI Routers A network layer device that connects two networks. Determines the best path for data packets transmission end-to-end. Blocks layer 2 broadcast. Repeaters - A physical layer device that amplifies the signals it receives on one port and resends or repeats them on another. Used to extend the maximum length of a network segment. Hubs A physical layer device that serves as a central connection point for networked devices. A hub repeats the signal it receives on one port to all other ports. Speed 10mbps to 100mpbs. Bridges A data link layer device that logically separates a network into segments but lets the two segments appear to be one network to higher layer protocols. Switches A layer 2 device that is used to connect 1 or many segments of LANs and to filter and forward packets among them. Often referred to as multi-port bridges.

Network Media
the actual path over which data/signal travels as it moves from one component to another. Network Media Types Copper Wired Glass Wired Air wireless Radio - Wireless

Network Design
Characteristics of a Network / Consideration for Network Applications/Design
Speed called data rate/bandwidth, measured in bits (bits, bytes, kb, mb, gb, tb) Cost cost of network components, installation, maintenance Security how secure the network. Delay - the time data travels from one point to another Availability the measure of likelihood that the link is available between the end points Topology physical defines the physical components like cable types, devices, while Logical defines the path the data travels.

Common Network Types

LAN - Local Area Network A LAN connects network devices over a relatively short distance. A networked office building, school, or home usually contains a single LAN, though sometimes one building will contain a few small LANs and occasionally a LAN will span a group of nearby buildings. LAN is often but not always implemented as a single IP subnet. In addition to operating in a limited space, LANs are also typically owned, controlled, and managed by a single person or organization. They also tend to use certain connectivity technologies, primarily Ethernet and Token Ring.

WAN - Wide Area Network a WAN spans a large physical distance. The Internet is the largest WAN, spanning the Earth. A WAN is a geographically-dispersed collection of LANs. A network device called a router connects LANs to a WAN. In IP networking, the router maintains both a LAN address and a WAN address. A WAN differs from a LAN in several important ways: Most WANs are not owned by any one organization but rather exist under collective or distributed ownership and management. WANs tend to use technology like ATM, Frame Relay and X.25 for connectivity over the longer distances. Cost

Other Types of Area Networks

Wireless Local Area Network - a LAN based on WiFi wireless network technology Metropolitan Area Network - a network spanning a physical area larger than a LAN but smaller than a WAN, such as a city. A MAN is typically owned an operated by a single entity such as a government body or large corporation. Campus Area Network - a network spanning multiple LANs but smaller than a MAN, such as on a university or local business campus. Storage Area Network - connects servers to data storage devices through a technology like Fibre Channel. System Area Network - links high-performance computers with high-speed connections in a cluster configuration. Also known as Cluster Area Network.

Network Topology
Bus Topology
A bus network topology is a network architecture in which a set of clients are connected via a shared communications line, called a bus. Advantages Easy to implement and extend Well suited for temporary or small networks not requiring high speeds (quick setup) Cheaper than other topologies. Cost effective as only a single cable is used Cable faults are easily identified. Weight reduction due to less wires Disadvantages Limited cable length and number of stations. If there is a problem with the cable, the entire network goes down. Maintenance costs may be higher in the long run. Performance degrades as additional computers are added or on heavy traffic.(shared bandwidth) Proper termination is required (loop must be in closed path). Significant Capacitive Load (each bus transaction must be able to stretch to most distant link). It works best with limited number of nodes. It is slower than the other topologies.

Ring Topology
A ring network is a network topology in which each node connects to exactly two other nodes, forming a single continuous pathway for signals through each node - a ring. Data travels from node to node, with each node along the way handling every packet. Advantages Very orderly network where every device has access to the token and the opportunity to transmit Performs better than a star topology under heavy network load Can create much larger network using Token Ring Does not require network server to manage the connectivity between the computers Disadvantages One malfunctioning workstation or bad port in the MAU can create problems for the entire network Moves, adds and changes of devices can affect the network Network adapter cards and MAU's are much more expensive than Ethernet cards and hubs Much slower than an Ethernet network under normal load

Star Topology
A Star topology is a network topology where each machine is connected to a central hub, The hub acts as a signal booster or repeater which in turn allows the signal to travel greater distances. The star topology reduces the chance of network failure by connecting all of the systems to a central node. Advantages Better Performance Isolation of Devices Benefits from Centralization Simplicity Disadvantage Failure of central device brings the entire network down

Mesh Topology
Mesh topology is distinguished by having redundant links between devices. Advantages Fault Tolerance Disadvantages Installation and configuration Maintenance of redundant links Network Architecture Four basic that are needed to be addressed in order to meet user expectations: - Fault Tolerance - Scalability - Quality of Service (QOS) - Security

Port Numbers
Controlled by Internet Assigned Numbers Authority (IANA) Allows and keeps track of different applications accessed at the same time

How Port Numbers Work -provides sessions, provides hosts to know where to send information in case of multiple windows/sessions/sockets opened end-to-end. Well Known Port Numbers (1-1024) Registered (1025-49151) Vendor Assigned/Dynaminc (49152-65535)

The OSI Model (Open Systems Interconnection)

Purpose Help break down network functions Creates standard for equipment manufacturing Allows vendor to focus in specialized areas of networking
Layer Layer Name

PDU Name Data

Devices per layer

What it do Interfaces with the application Provides network access to applications Encryption/formats in standard format




Starts and ends sessions Keeps session logically separated, multiple connection management Segments Dictates how data is send (reliable/unreliable) Defines well known ports, provides some error detection, flow control Connection oriented or connectionless Routers Mac/Switch/Bridge/NIC Provides logical addressing Finds best path to destination Provides physical addressing, connection/connection less Ensures data is error free, frame sequencing Physical aspects, electric signals, access to cables, pin outs


3 2

Network Datalink

Packets Frame



Cables/WAN/repeaters Hubs

OSI In Action

SERVER B HTTP/Mail Server/FTP IP Address: Subnet Mask MAC: DD:EE:FF:GG:HH:II

HOST A IP Address: Subnet Mask: MAC: AA:BB:CC:DD:EE:FF


Application Presentation Session Transport Network

Uses web browser, ie and typed in, asks dns to resolve ip, get website request Formats data, html, asci, encryption Creates separate session chooses reliable or unreliable , http = reliable requires ack sender sets source and dest. port address, s: 1050 (dynamic) d:80 (http) Assigns Source IP: Assigns Destination IP ( (source IP and destination IP does not change) Creates frames, provides physical addressing Source MAC:AA:BB:CC:DD:EE:FF Destinationation MAC: DD:EE:FF:GG:HH:II Submits bits to the wire

Application Presentation Session Transport Network






OSI Model Application Presentation Session Transport Network Datalink

TCP/IP Model

TCP/IP Protocol Suite








Transport Internet Network Access ARP Ethernet

TCP IP Token Ring

UDP IGMP Frame Relay



Understanding TCP/IP
Internet Protocol (IP) Connectionless Uses hierarchical addressing Provides best-effort delivery Has no built-in data delivery Operates at Layer 3 of the OSI (network) and Layer 2 of the TCP/IP (Internet model) Has no built-in data recovery


IP Address (IPv4) Basics

Unique numerical address used on a device participating in a computer network Consists of two parts, the network and the host (unique) The subnet mask dictates which portions of the IP address identifies the network and host. 32 bits, 4 Octet, each octet from 0-255 network

IP Address : 192. 168. 1.20 < identified by Subnet Mask : subnet mask as host Gateway : IP Address : 192.168. 1.40 < host bits Subnet Mask : 255.255.255. 0 Gateway :

Default Address Classes

3 Usable Address Class
Class Range of First Octet Default Subnet Mask 1st Octet Binary Number of Networks 27 = 128 Number of Networks

Class A Class B Class C

1-126 128-191 192-223


224 = 16,777,216 216 = 65,536 28 = 256

214 = 16,384 221 = 2,097,152 1110 1111

Class D Class E

First Octed is 224-239 Reserved

Multi-cast Group

Public Addresses Usable on the Internet Private Address created to conserve IPv4 addresses Usable on internal networks (non-routable) requires NAT to connect to the 3 Classes of Private Address internet 8 bit block / Class A: 20 bit block / Class B: 16 bit block / Class C:

Reserved IP Addresses
Address Reserved for Specific Purposes Network Address An IP Address that has all 0s on the host portion ex. Directed Broadcast Address An IP Address that has all 1s on the host portion ex. Local Broadcast Address Loopback Address used for test, sending to itself 169.254.x.x autoconfiguration range

Classfull Vs. Classless

Current technology - Classless IP Addressing The subnet mask determines the network portion and the host portion. Value of first octet does NOT matter (older classful IP addressing) Hosts and Classless Inter-Domain Routing (CIDR). Classless IP Addressing is what is used within the Internet and in most internal networks. Older technology - Classful IP Addressing Value of first octet determines the network portion and the host portion. Used with classful routing protocols like RIPv1. The Cisco IP Routing Table is structured in a classful manner

Classfull Address

Looks at the first Octet to see which Class it belongs Class C = last Octet is host

Looks at the first Octet to see which Class it belongs Class A = 2, 3 and 4 Octet are host

Looks at the first Octet to see which Class it belongs Class A = 2, 3 and 4 Octet are host

Classless Address

Looks at the subnet mask Octet to see which is the network and which is the host portion Last octed = host

Last 4 bits of the 4th octet is the host portion
4th octet + last 7 bits is the host portion
4th octet is the host portion

Media Access Control (MAC) address

The ethernet address, or MAC address is a Layer 2 address, typically burned into adapter. Format : 00-0d-65-ac-50-7f 48 bits Organizational Unique Identifier (OUI) First 24 bits, IEEE assigned, identifies the manufacture of the card Vendor Assigned: 24 bits, uniquely identifies the Ethernet hardware
OIU Vendor Assigned

mac address 00-0d-65


Local and Remote Communication

Local/LAN Layers
Host A wants to send data to Host B Host A compares his IP address and subnet mask with IP and subnet mask of Host B < same network Host A confirmed that they are on the same network but doesnt have Host Bs mac address on its arp table Host A sends an arp broadcast to Host B with the ff: fields Smac:aa:bb:cc:dd:ee:ff SIP: DIP:

Network Datalink Physical

HOST A - Default gateway: MAC:aa:bb:cc:dd:ee:ff

Host B Replies with its MAC Address, transmission begins

Router drops / blocks the broadcast

HOST B - Default gateway: MAC:bb:cc:dd:ee:ff:gg

Remote Communication
HOST A - Default gateway: MAC:aa:bb:cc:dd:ee:ff
Host A compares his IP address and subnet mask with IP and subnet mask of Host B Not same not same Host A forwards the data to his default-gateway with the ff: fields SMAC: aa:bb:cc:dd:ee:ff SIP: DMAC:


SIP: SMAC: cc:dd:ee:ff:gg:hh:ii:jj DIP:

SIP: SMAC: aa:bb:cc:dd:ee:ff DIP: DMAC:cc:dd:ee:ff:gg:hh:ii:jj


SIP: SMAC:ee:ff:gg:hh:ii:jj:kk:ll DIP: DMAC:ff:gg:hh:ii:jj:kk:ll:mm


R1 R2

SIP: SMAC:ff:gg:hh:ii:jj:kk:ll:mm DIP: DMAC:gg:hh:ii:jj:kk:ll:mm:nn

SMAC: dd:ee:ff:gg:hh:ii:jj:kk DIP:



R4 ff:gg:hh:ii:jj:kk:ll:mm

TCP/UDP Communications
Layers: Transport, Network, Datalink, Physical

UDP Connectionless Best Effort Delivery (no error detection) Unreliable No windowing Trades reliability for speed TCP Builds Connection Uses Sequence Number (error detection) Reliable (uses ack) (used for error recovery) Uses Windowing Sending Data using UDP Creates session and sends data with out waiting for acknowledgement if it is received

Sending Data using TCP (3 way handshake) Positive Acknowledgement with Retransmission (PAR) Sequence Numbering
Computer A sends a synchronize message to B containing a sequence number; seq=100 Computer A receives the Ack it expects and the connection is now established. All communication will now send incremented syns and acks to ensure a good connection;syn=102, ack=301. Computer A receives the Ack it expects and the connection is now established. All communication will now send incremented syns and acks to ensure a good connection; syn=102, ack=301. Computer A sends data with sequence no. 10 SEQ 10 SEQ 5 ACK 11 Upon receipt, Computer A learned that seq10 was received by B thru ACK11 and sends the next data SEQ11 with ack6 indicating it received SEQ5 and incremented it by 1 SEQ 11 ACK 6 SEQ 5 ACK 11 Data Transmission problem Computer B acknowledges that it received the message by incrementing the sequence number (ACK) and sends its own sequence. Ack=101, syn=300

Upon receipt, Computer B sends a return data seq number 5 and an acknowledgement that it received that data (seq10) by sending ACK11

After receiving the same seq. number and ack number, Computer A learns that the last data it send got dropped and resends it.

After waiting for dropped data timer, Computer B resends the last seq and ack numbers telling the other side about the last sequence it received. SEQ 5 ACK 11

SEQ 11 ACK 6

TCP Windowing
Amount of data a sender can send before waiting for an ack Recipient controls how much data is sent.

Receiver controls the amount of data sent to the wire

My window size is 3

ACK2 packets received. Change window size 2


Receiver controls the amount of Data sent to the wire

Subnetting is essentially the modification/breaking up of a single IP network to create two or more logically visible sub-sections. Burrows host bits to form more networks When is subnetting necessary? Subnetting is required when one network number needs to be distributed across multiple LAN segments. This may be the case in instances when: A company uses two or more types of LAN technology (for example, Ethernet, Token Ring) on their network. Two network segments are restricted by distance limitations (for example, remote offices linked via point-to-point circuit). Segments need to be localized for network management reasons (accounting segment, sales segment, etc.). Hosts which dominate most of the LAN bandwidth need to be isolated. Breakdown network to increase latency/ breakdown broadcast domain Cisco recommends less than 500 hosts per network

IP Address (IPv4)
Understanding Binary (base2) number system -Used by computer, 1s (on) and 0s (off) -In every network First address is network address, last address is broadcast Exponent Place Value 192 168 1 224 7 128 1 1 0 1 6 64 1 0 0 1 5 32 0 1 0 1 4 16 0 0 0 0 3 8 0 1 0 0 2 4 0 0 0 0 1 2 0 0 0 0 0 1 0 0 1 0

192 -128 64 -64 0

128=on 64=on

168 -128 40 -32 8 -8 0

128=on 32=on 8=on

1 -1 0

1=on Rest 0

224 -128 128=on 96 -64 64=on 32 -32 32=on -0

Slash Notation
Total number of network bits
1st Octed Number of Network Bits Network Mask Binary Equivalent 8 255 11111111 2nd Octet 8 255 11111111 3rd Octet 8 255 11111111 4th Octet 4 240 11110000 /28 28 bits Slash Notation

*Routers perform logical AND with the IP and Network Mask to determine which network the IP belongs
Ex. IP address 192.168.1 .00000011 Ex. IP address 192.168.1 .00111100 00000000 Belongs to network Broadcast = 00001111 or .15 Next Network = 00010000 or .16 00110000 Belongs to network Broadcast = 00111111 or .63 Next network = 01000000 or .64

TYPES OF SUBNETTING 1) Subnetting given a required number of networks 2) Subnetting given a required number of clients/hosts 3) Finding original network range (IP address & Subnet Mask given)

A service provider has given you the Class C network range Your company needs 20 networks. 1) Determine the number of subnets and convert to binary
requirement = 20 networks = 000 10100 <no. of bits required

2) Reserve required bits in subnet mask and find incremental value - Our original subnet mask is (Class C subnet) - The full binary representation of the subnet mask is as follows: = 11111111.11111111.11111111.00000000 reserved host bits

- We must convert 5 of the client bits (0) to network bits (1) in order to satisfy the requirements:
New Mask = 11111111.11111111.11111111.00000000 or

Finding the Increment - last possible network New Mask = 11111111.11111111.11111111.11111000 last network bit is your increment bit. New mask is or /29


3) Use increment (8) to find network ranges - Start with your given network address and add your increment to the subnetted octet, you can now fill in the ranges.
Networks Up to range of total of 32 networks Network Address

Valid Host Range - 6 (6 hosts) - 14 (6 hosts) 254 (6 hosts)

Broadcast Address 200.40.1. 255

Subnetting when given a required number of clients A service provider has given you the Class C network range Your company needs 50 hosts per network Step 1) Determine the number of clients and convert to binary - In this example, the binary representation of 50 = 00110010 Step 2) Reserve required bits in subnet mask and find incremental value - The binary value of 50 clients tells us that we need at least 6 client bits to satisfy this requirement. original subnet mask is (Class C subnet) , convert to binary = 11111111.11111111.11111111.00000000 Place the 6 host bits starting from right, the rest of the octet is 1. New Mask = 11111111.11111111.11111111.1(1) 000000 Or Increment is the last 1 bit or the 64

Step 3) Use increment to find network ranges - Start with your given network address and add your increment to the subnetted octet: - You can now fill in your end ranges, which is the last possible IP address before you start the next range Remember that the first and last address of the range are network and broadcast

Given an IP address & Subnet Mask, find original network range Identify the original range of addresses (the subnet) that this IP address belongs to break the subnet mask back into binary and find the increment that was used = 11111111.11111111.11111111.111(1)0000 Last 1 bit is the increment = 16 - Use this increment to find the network ranges until you pass the given IP address: (passed given IP address - Now, fill in the end ranges to find the answer to the scenario: (IP address belongs to this range)

Variable Length Subnet Mask

VLSM provides the ability to subnet an already subnetted network address Saves unused IP address, most efficient addressing

30 hosts

2 hosts p2p link

2 hosts p2p link

60 hosts

10 hosts

Convert required no. of hosts to binary. 60=00111100 = 6 bits Reserve host bits 11 000000 increment is 64 (last 1) (/26)

Get the range by adding increment add increment (64) range - broadcast

2 Convert required no. of hosts to binary. 30=000 11110 = 5 bits Reserve host bits 11100000 increment is 32 (last 1) (/27) 3 Convert required no. of hosts to binary. 10=0000 1010 = 4 bits Reserve host bits 11110000 increment is 16 (last 1) (/28)

add next req. increment (32host)

add next req. increment (10host)

Convert required no. of hosts to binary. 2=00000010 = 2 bits Reserve host bits 11111100 increment is 4 (last 1) (/30)
30 hosts

Get the range by adding increment add increment (4) range - broadcast add next req. increment (4) - broadcast 60 hosts 10 hosts

VLSM address

Chapter 2 Local Area Network

LAN Method of Communications / Types of Ethernet Traffic Unicast one host sends data to a specific host Broadcast one host sends data to all, data is received by all hosts connected except from the one it came from. Multicast data is sent to a specific group

Multicast group member

Commonly used types of UTP cabling are as follows:

Category 1 Used for telephone communications. Not suitable for transmitting data. Category 2 Capable of transmitting data at speeds up to 4 megabits per second (Mbps). Category 3 Used in 10BASE-T networks. Can transmit data at speeds up to 10 Mbps. Category 4 Used in Token Ring networks. Can transmit data at speeds up to 16 Mbps. Category 5 Can transmit data at speeds up to 100 Mbps. Category 5e Used in networks running at speeds up to 1000 Mbps (1 gigabit per second [Gbps]). Category 6 Typically, Category 6 cable consists of four pairs of 24 American Wire Gauge (AWG) copper wires. Category 6 cable is currently the fastest standard for UTP.

UTP Cabling Standards

Straight Thru = T568A + T568A / T568A+T568B used on connect different devices Cross Over = T568A + T568B used to connect same devices (eg. Router to router Cabling Patch Panels Wall Jack Crimping Tools

What is CSMA/CD
Carrier Sense Multiple Access/ Collision Detection rules/standard on how Ethernet devices transmit information to the Ethernet network Carrier Network Signal Sense The ability of host to detect if there is a transmission Multiple Access all devices have equal access Collision happens when two devices sends at once Detection how hosts handle collisions when collisions occur Back off algorithm random timer before hosts can resend data after collision detection

problems with CSMA/CD

LAN Design Challenges Data Collision, bandwidth

Collision Domain several users would all share the same port on a network device and would compete for resources (bandwidth) and only one host can transmit at a time. Ex. ARP how many devices can send or receive data at the same time if two hosts sends data at the same time, a collision occurs Broadcast domain span of the network where hosts can be reached via broadcast.
Hub = 1 collision domain
All hosts are listening to the wire to see if it is free. Host 1 wants to send data to Host 2 and checks the wire if it is free and sends data Hub sends it to all ports. More computer causes clogging/collision

Network Segmenting
Why segment a network
Increases the bandwidth available to each user: Bandwidth is a shared entity, but each segment and its users have full use of the bandwidth available. For example, if there are 100 users on a 100 Mbps segment, each user has an average of 1 Mbps of available bandwidth. If this same segment were further segmented into 10 segments with 10 users on each segment, however, then every user would have an average of 10 Mbps of available bandwidth. Fewer collisions: In general, traffic tends to stay within a segment, and less traffic is routed beyond the segment to contend for access to the backbone. Reduces Ethernet distance limitations: There are inherent distance limitations on an Ethernet network. When a network is segmented with a router (and only a router; not a bridge, and not a switch), the beginning point from which the maximum distance for the cabling is determined is reestablished.

Segmenting Methods using bridge

using switch

using routers

Network Segmenting
breaking up of collision domain to reduce congestion

Bridges A data link layer device that logically separates a network into segments but lets the two segments appear to be one network to higher layer protocols. Can forward or block frames.
Segment A Segment B

BRIDGE (created 2 collision domains) Learns mac address connected on Segment A and B

Hosts on Segment A can send data on other hosts on Segment A while Hosts on Segment B can send data on hosts on Segment B at the same time. If host on Segment A sends data for host on Segment B, the bridge will pass it to the other side of the network Problem =slow (software based), few ports

Switch Operation
Each ports is a collision domain Full-duplex Hardware based data processing (ASIC) Higher port density than bridges Data Buffering VLANs Supports higher bandwidth

MAC Table is also called: CAM Table Bridging Table Switch Table


COLLISION DOMAIN Multicast group member



BROADCAST DOMAIN Maintains CAM (Content Accessible Memory) Table Which stores MAC Address - makes the switch intelligent

A switch uses MAC Address to forward frames, when it is first powered on, the MAC address (CAM table) is empty and learns the MAC address via the attached devices ARP (address resolution protocol) requests. (CAM Table Empty) Host A sends a frame to Host C., when switch receives it, it floods the frame to all other port (destination unknown), the MAC address of Host A is learned and added to the table and associates it with the port it was received. Host C takes the ownership and replies with its IP address. Switch adds Host C MAC address and the port to the CAM table. Host A now sends frame to specific port instead of flooding the frame.
CAM Table MAC Address aa:bb:cc:dd:ee:ff bb:aa:bb:cc:dd:ee cc:dd:ee:ff:gg:hh IP Address Port Fa0/1 Fa0/2 Fa0/3




Switch Frame Transmission Mode

Cut-Through The switch checks the destination address and immediately begins forwarding the frame. Decreases latency but can also transmit frames containing errors. Store and forward the switch waits to receive the entire frame before forwarding. Reads the entire frame and performs Cyclic Redundancy Check (CRC), if bad, the frame is discarded. Increased latency. Fragment-free the switch reads the first 64kb before forwarding the frame (the minimum number of bytes needed to detect and filter out collision frames).

How Switch Segments the network Mac Address Learning switches learn the MAC address of devices attached to each of their ports. These addresses are store in a MAC database (CAM table). Forwarding and Filtering switches determine which port a frame must be sent out to reach the destination. If known address, it is sent only to the port, otherwise, the frame is flooded to all ports except from the port it was received. Flooding switches flood all unknown frames, broadcasts/multicasts to all ports except to the one it was received.

PT Activity Building A switched Network

DHCP Pool = lan clients Scope = Range = 192.168.100 254 Excluded = 192.168.1 99 Reserved: (dynamic manual) Aa:bb:cc:dd:ee:ff Static Allocation 192.168.100 192.168.101 192.168.102

DHCP Server

Chapter 3 Cisco IOS

Objectives: At the end of the training, you are expected to have good understanding on the following: Cisco IOS and its use and features Cisco Boot process Accessing Cisco Routers/Switch/IOS Cisco IOS Function Level Cisco Enhance Editing Commands

Cisco IOS
internetwork operating system Provides the following features: Carries network protocols and functions Connectivity Security Scalability Reliability Can be accessed thru console, cable telnet/SSH connection.

Cisco IOS Boot Process

1. completes Power-On Self-Test (POST) 2. Finds and loads IOS 3. Finds and applies device configuration

Cisco IOS Naming Convention

Baseentry level image (IP Base, Enterprise Base) Servicesaddition of IP Telephony Service, MPLS, Voice over IP (VoIP), Voice over Frame Relay (VoFR), and ATM (SP Services, Enterprise Services) Advancedaddition of VPN, Cisco IOS Firewall, 3DES encryption, SSH, Cisco IOS IPsec and Intrusion Detection Systems (IDS) (Advanced Security, Advanced IP Services) Enterpriseaddition of multi-protocols, including IBM, IPX, AppleTalk (Enterprise Base, Enterprise Services)

The Cisco IOS software image name represents the hardware, feature set, format, and other information about the image file Example of a Cisco IOS Image Name

Booting the Router

Full IOS

Stripped IOS version

Test the router hardware (POST). Find and load the Cisco IOS software. Find and apply configuration statements, including protocol functions and interface addresses.

Boot System Command

Configuration register

Check Configuration Register value (NVRAM) 0 = ROM Monitor mode 1 = ROM IOS 2 - 15 = startup-config in NVRAM

The order in which the router looks for system bootstrap information
depends on the boot field setting in the configuration register. The configuration register is a 16-bit register in NVRAM. The lowest four bits of the configuration register form the boot field. To ensure that the upper 12 bits are not changed, first retrieve the current values of the configuration register using the show version command. Then use the config-register command, changing only the value of the last hexadecimal digit.

Showing the configuration register show version

Gateway-Router>show version Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-DO3S-M), Version 12.0(5)T1, RELEASE SOFTWARE (fc1) Copyright (c) 1986-1999 by cisco Systems, Inc. Compiled Tue 17-Aug-99 13:18 by cmong Image text-base: 0x80008088, data-base: 0x80CB67B0 ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) NoSmo-Gateway uptime is 5 weeks, 3 days, 20 hours, 33 minutes System returned to ROM by power-on System restarted at 13:30:22 PST Thu Mar 7 2002 System image file is "flash:c2600-do3s-mz.120-5.T1"

Location of ios and filename

cisco 2621 (MPC860) processor (revision 0x102) with 39936K/9216K bytes of memory . Processor board ID JAB03520113 (2485375272) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 2 FastEthernet/IEEE 802.3 interface(s) 4 Serial(sync/async) network interface(s) 32K bytes of non-volatile configuration memory. --More Config register Configuration register is 0x2102 Gateway-Router>

External/Remote Cisco Device Configuration

Console terminal Remote Terminal (aux port) Telnet TFTP Ciscoworks SSH Only a console or remote terminal connection can initially configure a cisco device Configuring/connecting to console 1.Needs console cable (rollover) and a pc 2.Connect the rj45 end of the cable to the Cisco devices console port 3.Connect the other end to the pc 4.Set pcs com port to: baud rate-9600bps, 8 databits, no parity, 1 stop bit, no flow control

Cisco IOS Function Level

IOS function level Access Level Function Indicator

User Exec mode Privileged Exec mode Global Exec mode configuration Interface Configuration

User mode Enable mode Config mode

Limited, view only View and change configuration Change settings such as ip Change interface settings

> Router# (Conf)# (Conf-if)#

The Friendly Cisco IOS HELP keys

? - displays available command per level -more indicates there are more options to choose below, press space bar to view, enter next line or any key to proceed s + ? displays all commands that starts with letter s Show shows all variants of show command, displays information

Enhanced Editing commands (shortcuts)

Ctrl-A Ctrl-E Esc-B Esc-F Ctrl-B Ctrl-F Ctrl-D Backspace Ctrl-R Ctrl-U Ctrl-W Ctrl-Z Tab Ctrl-P or up arrow Ctrl-N or down arrow

Moves the cursor to the beginning of the line Moves cursor to the end of the line Moves the cursor back one word Moves the cursor forward one word Moves the cursor back one Character Moves the cursor forward one character Deletes a single character Removes one character to the left of the cursor Redisplays a line Erases from the cursor to the beginning of the line Erases a word Ends the configuration mode and returns to the EXEC mode Completes a partially entered (unambiguous) command Recalls a command beginning from the most recent Returns the most common command in the buffer

Command history default 10 lines, max 256 using history-size command History-size (no. of lines Show history

Chapter 4 Basic Router/Switch Configuration

Objective: At the end of this chapter, you are expected to have a good understanding on the following areas:

Understanding Router functions and use Basic router/switch boot process, switch interfaces Connecting to cisco router/switch Basic Switch/Router security(setting port security, telnet, ssh, console passwords) Connecting hosts to switch Basic Router interface configuration and router as a DHCP server Creating Switch VLAN Creating router subinterfaces and InterVLAN routing (router-on-a-stick) Discovering Neighbor cisco devices

Switch LED Indicators

Led status provides information on switch status during start-up, normal conditions, and fault operations. Pressing the mode button toggles through the following display mode -Port Status - Bandwidth utilization -Full-duplex support

Sytem LED Redundant Power Supply (RPS) Port Status (STAT)

Green: system good Amber: system malfunction; one or more POST errors Green: RPS good Flashing Green: RPS connected but is used by other device Amber: RPS bad Flashing Amber: PS and RPS good and used by the switch Green: Link present Flashing Green: link present/activity Alternating Green and Amber: Link Fault Amber: Port not forwarding Green: Bandwitdh util displayed over the amber LED Amber: Max backplane util since last powered on Green and Amber: model dependent Green: full duplex Off: half-duplex

Bandwidth Utilization (UTL)

Full-duplex (FDUP)

Switch Basics
Connect console cable to switch console port Set terminal program (hyperterminal/putty) baud rate-9600bps,8 databits, no parit,1 stop bit, no flow control show version
The number of Ethernet switching interfaces The serial numbers of the device and its power supplies The MAC address of the switch The revision number of the motherboard The model number of the switch Whether you've enabled password recovery

The version of the IOS operating system The version of the ROM bootstrap The version of the boot loader How someone last powered on the device The time and date the system last started The "uptime" for the system The image file that the device last started (i.e., the actual path to the IOS software) How much RAM the device has

The processor board ID, which you can use to determine the version of the device's motherboard The number and type of each interface on the device (e.g., Qty 2 Ethernet, Qty 6 Serial (routers, etc.) The number of terminal lines on the router if a router has asynchronous serial lines attached The amount of nonvolatile RAM (NVRAM), used to hold the SAVED version of the configuration file, also known as the startup-configuration The amount and type of Flash on the device (except on a switch), used to hold the operating system when it isn't in use (Think of it as the equivalent to a hard drive on a PC.) The configuration register on the device, which is a hexadecimal number used to tell the device what to do when it boots. (Typically, this only changes when you need to bypass the configuration file because of a lost password, but you can also change it for other special cases.) The hostname of the device

Switch Basics
Showing Switch Status Show running-config Show startup-config Show version Show interfaces Configure hosts with IP range: console

MAC Address Management -learn by the switch (dynamic) -static assigned by admin

Mac-address-static (mac-address) vlan (vlan id) interface (interface id) -Associates a MAC address to a particular switch port.

Configuring Switch from CLI

The following Two configuration modes are available -The Global configuration mode switch#conf t switch(config)#hostname L2Switch - Interface configuration mode switch(config)#interface fa0/1 switch(config-if)#switchport mode access Configuring switch management vlan VLAN1 = default logical interface used for management To assign IP Address on a switch management VLAN switch(config)# Interface vlan1 switch(config-if)# Ip address switch(config-if)# No shutdown Configuring Switch default-gateway switch(config)# ip default-gateway

Switch Security
Basic security suggestions for network devices Use complex passwords Limit telnet by using access list Use SSH instead of telnet Physically secure access to switch Use banners to warn against unauthorized access Set up monitor sys log Configure port security Disable unused ports Set ports either as trunk or access

Configuring console password

Switch(config)#line console 0 Switch(config-line)#login Switch(config-line)#password ccna

Configuring enable & secret password

Switch(config)#enable password cisco Switch(config)#enable secret cisco1

Configuring telnet password

Switch(config)#line vty 0 15 Switch(config-line)#login Switch(config-line)#password ccna

Configuring Login and MOTD banner

Switch#conf t Switich(config)#banner login # <indicates next chars are the banners <start banner text here> # <indicates end of banner text Switch#conf t Switch(config)#banner motd # <indicates next chars are the banners <start banner text here> # <indicates end of banner text

Configuring SSH (encrypted)

Switch(config)#username cisco password 0 ccna <create username and password Switch(config)#ip domain-name <assign domain name to the device Switch(config)#crypto key generate rsa <generate rsa key Switch(config)#512 Switch(config)#ip ssh ver 2 <enable SSH Switch(config)#line vty 0 15 Switch(config-line)#login local Switch(config-line)#transport input telnet ssh <enable vty to authenticate using SSH

Securing VTY Access

Restricting access to VTY lines by ip address, done by using Access lists Uses wild card mask for ip ranges Access list number from 1 to 99 or 1300 to 1999 <syntax> Access-list <access-list no.> -permit/deny <source address> <wildcardmask Access class <access-list no.> in/out (create access list no. 10 permitting telnet access to VTY lines from network Switch(config)#access-list 10 permit Switch(config)#line vty 0 15 Switch(config-if)access-class 10 in <applies access-list to telnet ports Telnet = used to connect to remote hosts/cisco devices, requires ip address, username & password Securing Unused Ports - Disable ports (issue shutdown command on unused ports) - Place unused ports in an unused VLAN

Configuring Port Security

-limits number of MAC addresses allowed per port and which are allowed -Can be manually configured or dynamically learned by the switch. - Switch port-security mac-address [mac-address] Manually configures the port to use a specific MAC - Switchport port-security maximu [value] Configures the maximum number of MAC addresses allowed on the port. Default 1 -Switchport port-security violation [restrict|shutdown] option provides the action to be taken when maximum no. of MAC address is reached when MAC addresses not associated with the port try to access the port. Restrict, tells switch to restrict access, shutdown tells the switch to shutdown the port.

Switch(config)#int fa0/1 Switch(config-if)#switchport mode access Switch(config-if)#switchport port-security Switch(config-if)# switchport port-security max 1 Switch(config-if)#switchport port-security mac-address sticky Switch(config-if)#switchport port-security violation restrict To verify: use show port-security command


When troubleshooting switches always remember that: -Switches operate at Layer 2 of the OSI model -Switches provide an interface to the physical media -Problems generally are seen at Layer 1 and Layer 2 -Layer 3 issues could be regarding IP connectivity to the switch -Be familiar with switch operation Switch Issues Common switch Layer 1 issues include the following -Bad Wire (shows excessive collisions and noise show ip interface) -EMI is introduced -New equipment is installed check voltage stability -Wire length (look at collision and late collision show ip interface) -Cable type, and if cable is connected to the right port. Identifying and Resolving Access Port Issues -Media Related Issues (up and down port) -Duplex mismatch (one end uses full other end uses half autonegotiation failure) -Speed mismatch (one end using 100 other end using 10 autonegotiation failure) -check port status

VLANs are users grouped in a logical broadcast domains that can span multiple physical segments. VLAN allow logically defined user groups rather than defined by their physical locations. Characteristics of VLAN VLAN can span multiple LAN segments VLAN improves segmentation, flexibility, and security VLAN segmentation is not bound by the physical location of the users Only ports on the specific VLAN share broadcast, other VLAN do not see other VLAN broadcast A VLAN can exist on one or several switches Provides QOS and Access Control VLAN Operation VLAN traffic stays only on the VLAN it originated. Reducing overall network traffic. VLAN require a trunk connection between switches Each trunk can carry traffic for multiple VLAN Only one VLAN membership per port only

Normal Switch V.S. VLAN One Collision Domain per port Broadcast are sent to all ports One subnet per LAN Very Limited Access Control

1 VLAN = 1 Subnet = 1 Broadcast Domain

VLAN range is from 1 to 4094 VLAN 1002 1005 are reserved Switch supports up to 255 VLANs VLAN requires trunk port to pass traffic across multiple switches VLAN Port Membership Modes Static Access port belongs to a single VLAN and statically assigned Trunk port is member of all VLAN, sends / receives tagged frames from multiple VLAN Dynamic Access belongs to one VLAN. Assigned by a VLAN Membership Policy Server (VMPS). Cannot connect to other switches. Voice VLAN connected to ip phone that is configured to connect to a Voice VLAN and Data VLAN Native VLAN receives/sends untagged frames.

VLAN Assignment
VLAN Membership can be either static or dynamic Static The VLAN port is statically configured by admin Dynamic assignment the switch uses a VMPS (VLAN Membership Policy Server). The VMPS is a database that maps MAC addresses to VLAN. Adding and Assigning VLANS
!!!Configure port to be part of certain VLAN CISCO(config)#vlan 1 CISCO(config-vlan)#name management CISCO(config)#interface fastethernet 0/5 CISCO(config-if)#switchport mode access CISCO(config-vlan)#exit CISCO(config-if)#switchport access vlan 10 CISCO(config-if)#end CISCO(config)#vlan 10 !!!Configure multiple port to be part of certain VLAN CISCO(config-vlan)#name sales CISCO(config)#interface range fastethernet 0/7 - 9 CISCO(config-vlan)#exit CISCO(config-if)#switchport mode access CISCO(config)#vlan 20 CISCO(config-if)#switchport access vlan 20 CISCO(config-if)#end CISCO(config-vlan)#name hrd !!!configure fa port connected to router to trunk CISCO(config-vlan)#exit CISCO(config)#interface fastethernet 0/0 CISCO(config)#vlan 30 CISCO(config-vlan)#name accounting CISCO(config-if)#switchport mode trunk CISCO(config-if)#switchport trunk encapsulation dot1q CISCO(config-vlan)#exit CISCO(config-if)#duplex full

VLAN1 = 20 hosts Subnet

VLAN1 = 10 hosts Subnet

VLAN1 = 10 hosts Subnet

VLAN1 = 10 hosts Subnet

Port Forwarding Mail/Web Server FTP/DHCP DNS/AD Database


Server Technologies and Advertising Them. DHCP History BootP RARP DHCP Web Server Dominant Application Apache MS IIS Mail Server POP3 SMTP FTP Microsoft FTP server built in Filezilla