ICND120SG Vol2

ICND1
Interconnecting Cisco
Networking Devices,
Part 1
Volume 2
Version 2.0
Student Guide
Part Number: 97-3243-01
Americas Headquarters
Cisco Systems, Inc.
San Jose, CA
Asia Pacific Headquarters

Cisco Systems (USA) Pte. Ltd.
Singapore
Europe Headquarters
Cisco Systems International BV
Amsterdam,
The Netherlands
Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at
www.cisco.com/go/offices.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To
view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third party trademarks mentioned are the property
of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other
company. (1110R)
DISCLAIMER WARRANTY: THIS CONTENT IS BEING PROVIDED AS IS. CISCO MAKES AND YOU RECEIVE NO
WARRANTIES IN CONNECTION WITH THE CONTENT PROVIDED HEREUNDER, EXPRESS, IMPLIED, STATUTORY OR IN
ANY OTHER PROVISION OF THIS CONTENT OR COMMUNICATION BETWEEN CISCO AND YOU. CISCO SPECIFICALLY
DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND
FITNESS FOR A PARTICULAR PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
This learning product may contain early release content, and while Cisco believes it to be accurate, it falls subject to the
disclaimer above.
2013 Cisco Systems, Inc.
Table of Contents
Building a Medium-Sized Network
4-1
Implementing VLANs and Trunks
4-3
Issues in a Poorly Designed Network

VLAN Introduction
Trunking with 802.1Q
Creating a VLAN
Assigning a Port to a VLAN
Configuring an 802.1Q Trunk
VLAN Design Considerations
Physical Redundancy in a LAN
Summary
Routing Between VLANs

Purpose of Inter-VLAN Routing
Options for Inter-VLAN Routing
Configuring a Router with a Trunk Link
Summary
Using a Cisco Network Device as a DHCP Server

Need for a DHCP Server
Understanding DHCP
Configuring a DHCP Server
Monitoring DHCP Server Functions
DHCP Relay Agent
Summary
Introducing WAN Technologies

Introducing WANs
WANs vs. LANs
Role of Routers in WANs
WAN Communication Link Options
Point-to-Point Connectivity
Configuring a Point-to-Point Link
Summary
4-4
4-6
4-7
4-11
4-13
4-16
4-18
4-20
4-22
4-23
4-23
4-25
4-28
4-31
4-33
4-33
4-35
4-36
4-38
4-41
4-43
4-45
4-45
4-48
4-50
4-51
4-52
4-53
4-54
Introducing Dynamic Routing Protocols
4-55
Purpose of Dynamic Routing Protocols

Interior and Exterior Routing Protocols
4-55
4-58
Distance Vector and Link-State Routing Protocols

Understanding Link-State Routing Protocols
Summary
4-59
4-61
4-64
Implementing OSPF
4-65
Introducing OSPF
OSPF Adjacencies
SPF Algorithm
Router ID
4-65
4-67
4-69
4-71
Configuring Single-Area OSPF

Verifying OSPF Configuration
Summary
Module Summary
Module Self-Check
Introducing IPv6
Introducing Basic IPv6
IPv4 Addressing Exhaustion Workarounds
IPv6 Features
IPv6 Addresses
IPv6 Unicast Addresses
IPv6 Addresses Allocation
Basic IPv6 Connectivity
Summary
Understanding IPv6
IPv6 Header Changes and Benefits
ICMPv6
Neighbor Discovery
Stateless Autoconfiguration
Summary
Configuring IPv6 Routing

Routing for IPv6
Static Routing
OSPFv3
Summary
Module Summary
Module Self-Check
Glossary
ii
Interconnecting Cisco Networking Devices, Part 1
4-73
4-76
4-79
4-81
4-83
5-1
5-3
5-4
5-6
5-7
5-9
5-12
5-13
5-16
5-17
5-18
5-20
5-21
5-22
5-25
5-27
5-28
5-30
5-33
5-37
5-39
5-41
G-1
Module 4
Building a Medium-Sized
Network
When you understand how a switch and router operate, how they communicate, and how to configure basic
security, you can move on to understanding an expanded network. This module shows how to "virtualize"
your LAN using VLANs and how to configure Layer 3 connectivity between these VLANs. Then it
describes how to decrease the administrative burden of assigning IP addresses by using DHCP. The
introduction to WANs continues with an explanation of OSPF and of how to configure this routing protocol
so that a branch office router can exchange routing information with a headquarters router.
Objectives
Upon completing this module, you will be able to meet these objectives:
Implement and verify VLANs and trunking
Describe the application and configuration of inter-VLAN routing
Configure a Cisco IOS DHCPv4 server on a Cisco router and switch
Describe WANs and list major technologies
Describe the need for and purpose of dynamic routing protocols
Describe the operation and configuration of single-area OSPF
4-2
Lesson 1
Implementing VLANs and

Trunks
VLANs contribute to network performance by separating large broadcast domains into smaller segments. A
VLAN allows a network administrator to create logical groups of network devices. These devices act as if
they were in their own independent network, although they share a common infrastructure with other
VLANs. A VLAN is a logical broadcast domain that can span multiple physical LAN segments. Within the
switched internetwork, VLANs provide segmentation and organizational flexibility. You can design a
VLAN structure that lets you group stations that are segmented logically by functions, project teams, and
applications, without regard to the physical location of the users. VLANs allow you to implement access
and security policies to particular groups of users.
A VLAN can exist on a single switch or span multiple switches. VLANs can include stations in a single
building or multiple-building infrastructures. VLANs can also connect across WANs. A process of
forwarding network traffic from one VLAN to another VLAN using a router is called inter-VLAN routing.
VLANs are associated with unique IP subnets on the network. This subnet configuration facilitates the
routing process in a multi-VLAN environment. When you use a router to facilitate inter-VLAN routing, the
router interfaces can be connected to separate VLANs. Devices on those VLANs send traffic through the
router to reach other VLANs.
When multiple switches are implemented on the same network, there is a potential for intentional or
unintentional physical loops. When loops occur, broadcast storms may result, propagating frames
throughout the network. STP solves the problem of broadcast storms by disabling redundant links and
keeping them on standby if the primary link fails.
Objectives
Upon completing this lesson, you will be able to meet these objectives:
Describe the issues in poorly designed LANs
Describe the purpose and functions of VLANs
Define the purpose and function of trunking
Implement and verify VLANs

Assign ports to a VLAN
Configure and verify IEEE 802.1Q trunking
Describe VLAN design and creation guidelines
Describe how redundancy in a network can cause broadcast loops and describe a solution to this
problem

This topic describes the common issues that are found in poorly designed local networks.

These issues are often found in
poorly designed networks:
WAN
Large broadcast domains
Internet
Management and support

challenges
Possible security vulnerabilities
Marketing
Manufacturing
IT
Executives
Accounting
Engineering
Sales
HR
A poorly designed network has increased support costs, reduced service availability, and limited support for
new applications and solutions. Less-than-optimal performance directly affects end users and their access to
central resources. Some of the issues that stem from a poorly designed network include the following:
Large broadcast domains: Broadcasts exist in every network. Many applications and network
operations use broadcasts to function properly. Therefore, it is not possible to eliminate them
completely. In the same way that avoiding failure domains involves clearly defining boundaries,
broadcast domains should also have clear boundaries. They should also include an optimal number of
devices to minimize the negative effect of broadcasts.
Management and support difficulties: A poorly designed network may be disorganized, poorly
documented, and lack easily identified traffic flows, all of which can make support, maintenance, and
problem resolution time-consuming and difficult.
Possible security vulnerabilities: A switched network that has been designed with little attention to
security requirements at the access layer can compromise the integrity of the entire network.
Failure domains: One of the reasons to implement an effective network design is to minimize the
extent of problems when they occur. When Layer 2 and Layer 3 boundaries are not clearly defined,
failure in one network area can have a far-reaching effect.
4-4
A poorly designed network always has a negative effect, and it becomes a support burden and a cost burden
for any organization.
Student Guide
4-5
VLAN Introduction
This topic describes the basic idea behind VLANs.
VLAN Introduction
A VLAN is a virtual LAN.
VLAN = broadcast domain
Third
Floor
VLAN = logical network

(subnet)
Second
Floor
VLANs address these needs:

Segmentation
Security
Network flexibility
First
Floor
VLAN2
VLAN3
VLAN4
IT
HR
Sales
10.0.2.0/24 10.0.3.0/24 10.0.4.0/24
VLANs improve network performance by separating large broadcast domains into smaller segments. A
VLAN allows a network administrator to create logical groups of network devices. These devices act as if
they were in their own independent network, even if they share a common infrastructure with other VLANs.
A VLAN is a logical broadcast domain that can span multiple physical LAN segments. Within the switched
internetwork, VLANs provide segmentation and organizational flexibility. You can design a VLAN
structure that lets you group stations that are segmented logically by functions, project teams, and
applications, without regard to the physical location of the users. VLANs allow you to implement access
and security policies to particular groups of users. You can assign each switch port to only one VLAN,
which adds a layer of security (if the port is operating as an access port). Ports in the same VLAN share
broadcasts. Ports in different VLANs do not share broadcasts. Containing broadcasts within a VLAN
improves the overall performance of the network.
A VLAN can exist on a single switch or span multiple switches. VLANs can include stations in a single
building or multiple buildings. VLANs can also connect across WANs. The process of forwarding network
traffic from one VLAN to another VLAN using a router is called inter-VLAN routing. VLANs are
associated with unique IP subnets on the network. This subnet configuration facilitates the routing process
in a multi-VLAN environment. When you are using a router to facilitate inter-VLAN routing, the router
interfaces can be connected to separate VLANs. Devices on those VLANs send traffic through the router to
reach other VLANs.
Usually the subnets are chosen according to which VLANs they are associated with. The figure shows that
VLAN2 uses subnet 10.0.2.0/24, VLAN3 uses 10.0.3.0/24, and VLAN4 uses 10.0.4.0/24. In this example,
the third octet clearly identifies the VLAN that the device belongs to.
Each VLAN in a switched network corresponds to an IP network. Therefore, VLAN design must take into
consideration the implementation of a hierarchical, network-addressing scheme.
4-6

This topic describes the basic functionality that is provided by IEEE 802.1Q trunking.

Running many VLANs between switches would require the
same number of interconnecting links.
Green VLAN
Green VLAN
Red VLAN
Red VLAN
Blue VLAN
Blue VLAN
If every port belongs to one VLAN and you have several VLANs that are configured on switches,
interconnecting these VLANs would require one physical cable per VLAN. When the number of VLANs
increases, so does the number of required interconnecting links. Ports are then used for interswitch
connectivity instead of attaching end devices.
Trunking with 802.1Q (Cont.)

Combining many VLANs on the same port is called trunking.
A trunk allows the transportation of frames from different VLANs.
Each frame has a tag that specifies the VLAN that it belongs to.
Frames are forwarded to the corresponding VLAN based on the tag
information.
Green VLAN
Green VLAN
Red VLAN
Red VLAN
Blue VLAN
Blue VLAN
Student Guide
4-7
To fix this problem, you can use trunks that allow transportation of frames from different VLANs on the
same physical link.
A trunk is a point-to-point link between one or more Ethernet switch interfaces and another networking
device, such as a router or a switch. Ethernet trunks carry the traffic of multiple VLANs over a single link
and allow you to extend the VLANs across an entire network. A trunk does not belong to a specific VLAN.
It is a vehicle for VLANs between switches and routers. A special protocol is used to carry multiple VLANs
over a single link between two devices. Cisco supports the 802.1Q trunking protocol for Ethernet interfaces.
A trunk could also be used between a network device and a server or other device that is equipped with an
appropriate 802.1Q-capable NIC.

Server with 802.1QCapable NIC
802.1Q
Trunk
VLAN 1
802.1Q
Trunk
802.1Q
Trunk
VLAN 3
VLAN 2
802.1Q
Trunk
VLAN 5
VLAN 1
VLAN 6
You can configure an interface as trunking or nontrunking, or you can have it negotiate trunking with the
neighboring interface.
By default, all configured VLANs are carried over a trunk interface.
4-8

Dest Src Type Data FCS
Original
Frame
Dest Src Tag Type Data FCS
Tagged
Frame
When Ethernet frames are placed on a trunk, they need additional information about the VLANs that they
belong to. This task is accomplished by using the 802.1Q encapsulation header. The 802.1Q standard uses
an internal tagging mechanism that inserts a 4-byte tag field into the original Ethernet frame between the
Source Address and Type or Length fields. Because 802.1Q alters the frame, the trunking device
recomputes the FCS on the modified frame.
A 12-bit VLAN ID field within the tag is used to specify the VLAN to which the frame belongs.
A tiny part of the 4-byte tag field, 3 bits, is used to specify the priority of the frame. The details are
specified in the IEEE 802.1p standard.
802.1Q
Trunk
VLAN 1
802.1Q
Trunk
802.1Q
Trunk
VLAN 3
VLAN 2
802.1Q
Trunk
VLAN 5
VLAN 1
VLAN 6
Native VLAN Untagged

Student Guide
4-9
An 802.1Q trunk and its associated trunk ports have a native VLAN value. When configuring an 802.1Q
trunk, a matching native VLAN must be defined on each end of the trunk link. 802.1Q does not tag frames
for the native VLAN. Therefore, ordinary stations can read the native untagged frames but cannot read any
other frame because the frames are tagged.
Note
The default native VLAN is VLAN 1.
4-10 Interconnecting Cisco Networking Devices, Part 1
Creating a VLAN
This topic describes how to create a VLAN.
Creating a VLAN
Create VLAN 2
Fa0/3
SwitchX#configure terminal
SwitchX(config)#vlan 2
SwitchX(config-vlan)#name Sales
Adds VLAN 2 and names it "Sales"
The table lists the commands to use when adding a VLAN.

Command and Variable
Description
vlan vlan-id
ID of the VLAN to be added and configured. Do not enter leading zeros. You
can enter a single VLAN ID, a series of VLAN IDs that are separated by
commas, or a range of VLAN IDs that are separated by hyphens.
name vlan-name
(Optional) Specifies the VLAN name, which is an ASCII string from 1 to 32

characters that must be unique within the administrative domain.
For many Cisco Catalyst switches, you can use the vlan global configuration command to create a VLAN
and enter VLAN configuration mode. Use the no form of this command to delete the VLAN. The example
shows how to add VLAN 2 to the VLAN database and how to name it Sales.
To add a VLAN to the VLAN database, assign a number and name to the VLAN. VLAN 1 is the factory
default VLAN. Normal-range VLANs are identified with a number between 1 and 1001. VLAN numbers
1002 through 1005 are reserved for Token Ring and FDDI VLANs. VLAN IDs 1 and 1002 to 1005 are
automatically created and cannot be removed.
Configurations for VLAN IDs 1 to 1005 are written to the vlan.dat file (VLAN database). You can display
the VLANs by entering the show vlan privileged EXEC command. The vlan.dat file is stored in flash
memory.
To add an Ethernet VLAN, you must specify at least a VLAN number. If no name is entered for the VLAN,
the default is to append the VLAN number to the vlan command. For example, VLAN0004 would be the
default name for VLAN 4 if no name is specified.
For more details about the vlan (VLAN configuration mode) command, see the Cisco IOS LAN Switching
Command Reference at http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_16.html.
Student Guide
4-11
Creating a VLAN (Cont.)

SwitchX# show vlan id 2
VLAN Name
Status
Ports
---- -------------------- --------------------------2
Sales
active
Fa0/2, Fa0/12
VLAN Type SAID
MTU
Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ---- ------- ----- ------ ------ -------- --- --------- ------ -----2
enet 100002 1500 0
0
<output omitted>
Verifies VLAN2
After you configure the VLAN, validate the parameters for this VLAN.
Use the show vlan id vlan_number or the show vlan name vlan-name command to display information
about a particular VLAN. The figure shows an example of using the show vlan command to display the
contents of the vlan.dat file. The Sales VLAN, which is VLAN 2, is highlighted in the example.
Use the show vlan command to display information on all configured VLANs. The show vlan command
displays the switch ports that are assigned to each VLAN.
For more details about the show vlan command, see the Cisco IOS LAN Switching Command Reference at
the following URL:
http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_14.html.

This topic shows how to assign a port to a VLAN.

Assign FastEthernet
0/3 to VLAN 2
Fa0/3
SwitchX(config)#interface FastEthernet 0/3
SwitchX(config-if)#switchport access vlan 2
Assigns port FastEthernet0/3 to VLAN 2
The table lists the commands to use when assigning a port to a VLAN.
Description
interface interface
Enters interface configuration mode
switchport access vlan

vlan_number
Sets a nontrunking, untagged, single VLAN Layer 2 interface
When an end system is connected to a switch port, it should be associated with a VLAN, in accordance with
the network design. To associate a device with a VLAN, the switch port to which the device connects is
assigned to a single-data VLAN and therefore becomes an access port.
After creating a VLAN, you can manually assign a port or a number of ports to this VLAN. A port can
belong to only one VLAN at a time.
Note
By default, all ports are members of VLAN 1.
Student Guide
4-13
Assigning a Port to a VLAN (Cont.)

SwitchX#show vlan brief
VLAN Name
---- -------------------------------1
default
2
Sales
3
vlan3
4
vlan4
<output omitted>
Status
Ports
--------- ------------------active
Fa0/1
active
Fa0/3
active
active
Verifies that port FastEthernet0/3 was assigned to VLAN 2
Assigning a Port to a VLAN (Cont.)

SwitchX#show interface FastEthernet0/3 switchport
Name: Fa0/3
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 2 (Sales)
<output omitted>
Verifies VLAN membership on the Fa0/3 interface
Use the show vlan privileged EXEC command to display the VLAN assignment and membership type for
all switch ports. The show vlan command displays one line for each VLAN. The output for each VLAN
includes the VLAN name, status, and switch ports.
For more details about the show vlan command, see the Cisco IOS LAN Switching Command Reference at
Alternatively, use the show interfaces switchport privileged EXEC command to display the VLAN
information for a particular interface. The output in the example shows information about interface Fa0/3,
where VLAN 2, named Sales, is assigned.
For more details about the show interfaces switchport command, see the Cisco IOS LAN Switching
Command Reference at http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_13.html.
Student Guide
4-15

This topic shows how to configure an IEEE 802.1Q trunk.

Enter the interface configuration mode.
Configure the Fa0/11 interface as a VLAN trunk.
Change the native VLAN from 1 to 99.
Configure the
interface as a trunk
Fa0/11
Switch X
Fa0/6
Switch Y
SwitchX(config)#interface FastEthernet 0/11
SwitchX(config-if)#switchport mode trunk
SwitchX(config-if)#switchport trunk native vlan 99
Description
interface interface
Enters interface configuration mode.
switchport mode trunk
Sets the interface type. The keyword trunk specifies a trunking VLAN Layer 2
interface.
switchport trunk native vlan

vlan_number
Sets the native VLAN for the trunk in 802.1Q trunking mode.
The example configures the FastEthernet0/11 port on SwitchX as a trunk port. Use the switchport mode
interface configuration command to set a Fast Ethernet port to trunk mode. Many Cisco Catalyst switches
support DTP, which manages automatic trunk negotiation. DTP is a Cisco proprietary protocol. Switches
from other vendors do not support DTP. DTP is automatically enabled on a switch port when certain
trunking modes are configured on the switch port. DTP manages trunk negotiation only if the port on the
other switch is configured in a trunk mode that supports DTP.
The example shows the configuration of FastEthernet interface 0/11. The switchport trunk mode
command sets FastEthernet port 0/11 to trunk mode. The example shows the reconfiguration of the native
VLAN. VLAN 99 is configured as native VLAN. Therefore, traffic from VLAN 99 will be sent untagged.
Ensure that the other end of the trunk link (SwitchY) is configured for trunking and with the native VLAN
that is changed to 99.
Note
For details on all of the parameters that are associated with the switchport mode interface command,
visit http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_15.html.
Configuring an 802.1Q Trunk (Cont.)

SwitchX#show interfaces FastEthernet0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 99
Trunking Native Mode VLAN: 99
<output omitted>
SwitchX#show interfaces FastEthernet0/11 trunk
Port
Mode
Encapsulation Status
Native vlan
Fa0/11 on
802.1q
trunking
99
Port
Vlans allowed on trunk
Fa0/11
1-4094
Port
Vlans allowed and active in management domain
Fa0/11
1-13
<output omitted>
Verifies a trunk on the Fa0/11 interface
To verify a trunk configuration on a switch, use the show interfaces switchport and show interfaces
trunk commands. These two commands display the trunk parameters and VLAN information of the port.
For more details about the show interfaces switchport and show interfaces trunk commands, see the
Cisco IOS Interface and Hardware Component Command Reference at http://www.cisco.com/en/US/docs/
ios-xml/ios/interface/command/ir-s5.html.
Student Guide
4-17

This topic explains what you should be aware of when you segment your network with VLANs.

The maximum number of VLANs is switch-dependent.
VLAN 1 is the factory-default Ethernet VLAN.
A use-dedicated VLAN is for the Cisco switch management IP address.
Keep management traffic in a separate VLAN.
Change the native VLAN to something other than VLAN 1.
Typically, access-layer Cisco switches support up to 64, 256, or 1024 VLANs. The maximum number of
VLANs is switch dependent.
Cisco switches have a factory-default configuration in which various default VLANs are preconfigured to
support various media and protocol types. The default Ethernet VLAN is VLAN 1. Cisco Discovery
Protocol advertisements are sent on VLAN 1. A good security practice is to separate management and user
data traffic because you do not want users to be able to establish Telnet sessions to the switch.
If you want to communicate with the Cisco switch remotely for management purposes, the switch must
have an IP address. This IP address must be in the management VLAN, which by default is VLAN 1.
A good security practice is to change the native VLAN to something other than VLAN 1 (for example,
VLAN 98) and tag native VLAN traffic.
VLAN Design Considerations (Cont.)

When configuring a trunk link, consider the following:
Make sure that the native VLAN for an 802.1Q trunk is the same on both
ends of the trunk link.
DTP manages trunk negotiations between Cisco switches.
802.1Q
Trunk
VLAN 1
802.1Q
Trunk
802.1Q
Trunk
VLAN 3
VLAN 2
802.1Q
Trunk
VLAN 6
VLAN 5
VLAN 7
Ensure that the native VLAN for an 802.1Q trunk is the same on both ends of the trunk link. If the ends are
different, spanning-tree loops might result. If IEEE 802.1Q trunk configuration is not the same on both
ends, Cisco IOS Software will report error messages. Also ensure that native VLAN frames are untagged.
DTP offers four switchport modes: switch, trunk, dynamic auto, and dynamic desirable. A general guideline
is to disable autonegotiation. That is, do not use the dynamic auto and dynamic desirable switchport modes.
For details on all of the parameters that are associated with the switchport mode interface command, go to
Student Guide
4-19

This topic describes how loops can affect performance in a switched LAN and introduces STP as a solution.

Loops may occur in the network as part of a design strategy
for redundancy.
A
Segment A
Segment 1
Segment 2
Segment 3
Segment B
Segment 4
Adding switches to LANs can add the benefit of redundancy. Connecting two switches to the same network
segments ensures continuous operation if there are problems with one of the segments. Redundancy can
ensure the availability of the network at all times.
However, when switches are used for redundancy in a network, loops are a potential problem. When a host
on one network segment transmits data to a host on another network segment, and the two are connected by
two or more switches, each switch receives the data frames, looks up the location of the receiving device,
and forwards the frame. Because each switch forwards the frame, each frame is duplicated. A loop results,
and the frame circulates between the two paths without being removed from the network. The MAC tables
may also be updated with incorrect address information, resulting in inaccurate forwarding.
Suppose that a host named A sends a frame to a host named B. Host A resides on network segment A, and
host B resides on network segment B. Redundant connections between hosts are provided to ensure
continuous operation if a segment fails. For this example, it is assumed that none of the switches have
learned the address of host B.
Switch 1 receives the frame that is destined for host B and floods it out to switches 2 and 3. Switches 2 and
3 both receive the frame from host A (via switch 1) and correctly learn that host A is on segments 1 and 2,
respectively. Each switch forwards the frame to switch 4.
Switch 4 receives two copies of the frame from host A: one copy through switch 2 and one copy through
switch 3. Assume that the frame from switch 2 arrives first. Switch 4 learns that host A resides on segment
3. Because switch 4 does not know where host B is connected, it forwards the frame to all of its ports
(except the incoming port) and therefore to host B and switch 3. When the frame from switch 3 arrives at
switch 4, switch 4 updates its table to indicate that host A resides on segment 4. It then forwards the frame
to host B and switch 2.
Switches 2 and 3 now change their internal tables to indicate that host A is on segments 3 and 4. If the
initial frame from host A is a broadcast frame, both switches forward the frames endlessly. They would use
all of the available network bandwidth and block transmission of other packets on both segments. This
situation is called a broadcast storm.
Physical Redundancy in a LAN (Cont.)

Root
A
Segment A
Segment 1
1
Segment 2
Blocking
Segment 3
Segment B
Segment 4
The solution to loops is STP, which manages the physical paths to given network segments. STP provides
physical path redundancy while preventing the undesirable effects of active loops in the network. STP is on
by default in Cisco Catalyst switches.
STP behaves as follows:
STP forces certain ports into a standby state so that they do not listen to, forward, or flood data frames.
The overall effect is that there is only one path to each network segment that is active at any time.
If there is a problem with connectivity to any of the segments within the network, STP re-establishes
connectivity by automatically activating a previously inactive path, if one exists.
Student Guide
4-21
Summary
This topic summarizes the key points that were discussed in this lesson.
Summary
VLANs are independent LAN networks and address segmentation,
security, and organizational flexibility.
Ethernet trunks carry the traffic of multiple VLANs over a single link and
allow you to extend VLANs across many switches.
To implement VLANs and trunking, you need to create VLANs,
configure trunk links, and assign switch ports to selected VLANs.
Physical redundancy is required for network reliability.
STP ensures a loop-free topology.
Lesson 2
Routing Between VLANs

Routing is the process of determining where to send data packets that are destined for addresses outside of
the local network. Routers gather and maintain routing information to enable the transmission and receipt of
data packets. For traffic to cross from one VLAN to another, a Layer 3 process is necessary.
This lesson describes the basics of inter-VLAN routing operations, including subinterfaces and routers with
a trunk link.
Objectives
Describe the need for inter-VLAN routing
Describe options for inter-VLAN routing
Configure router with a trunk link

This topic describes the concept and purpose of inter-VLAN routing.

A VLAN creates a separate switching segment.
Traffic cannot be switched between VLANs.
VLANs have different IP subnets.
Routing is necessary to forward traffic between VLANs.
10.1.10.100/24
VLAN 10
10.1.20.100.0/24
VLAN 20
Each VLAN is a unique broadcast domain. Computers on separate VLANs are, by default, not able to
communicate. The way to permit these end stations to communicate is to use a solution called inter-VLAN
routing. Inter-VLAN communication occurs between broadcast domains via a Layer 3 device.
VLANs perform network partitioning and traffic separation at Layer 2 and are usually associated with
unique IP subnets on the network. This subnet configuration facilitates the routing process in a multi-VLAN
environment. Inter-VLAN communication cannot occur without a Layer 3 device. When you use a router to
facilitate inter-VLAN routing, the router interfaces can be connected to separate VLANs.

These solutions can provide inter-VLAN routing:
Router with a separate interface in each VLAN
Router with a trunk link
Layer 3 switch
Inter-VLAN routing is a process of forwarding network traffic from one VLAN to another VLAN using a
Layer 3 device.
Options for Inter-VLAN Routing (Cont.)

Option: Router with a separate interface in each VLAN
Router
fa0/0
10.1.10.1
VLAN 10
10.1.10.100/24
fa0/1
10.1.20.1
VLAN 20
10.1.20.100/24
Traditional inter-VLAN routing requires multiple physical interfaces on both the router and the switch.
VLANs are associated with unique IP subnets on the network. This subnet configuration facilitates the
routing process in a multi-VLAN environment. When using a router to facilitate inter-VLAN routing, the
router interfaces can be connected to separate VLANs. Devices on those VLANs send traffic through the
router to reach other VLANs.
Student Guide
4-25
When you use a separate interface for each VLAN on a router, you can quickly run out of interfaces. This
solution is not very scalable.

Option: Router with a trunk link
Router with a Trunk Link
fa0/0.10 - 10.1.10.1
fa0/0.20 - 10.1.20.1
VLAN 10
10.1.10.100/24
fa0/0.10
fa0/0.20
VLAN 20
10.1.20.100/24
Not all inter-VLAN routing configurations require multiple physical interfaces. Some router software
permits configuring router interfaces as trunk links. Trunk links open up new possibilities for inter-VLAN
routing. A router with a trunk link is a type of router configuration in which a single physical interface
routes traffic between multiple VLANs on a network.
The figure shows a router that is attached to a core switch. The configuration between a router and a core
switch is sometimes referred to as a router on a stick. The router interface is configured to operate as a
trunk link and is connected to a switch port that is configured in trunk mode. The router performs interVLAN routing by accepting VLAN-tagged traffic on the trunk interface coming from the adjacent switch
and internally routing between the VLANs using subinterfaces. (Subinterfaces are multiple virtual
interfaces that are associated with one physical interface.) To perform inter-VLAN routing functions, the
router must know how to reach all VLANs that are being interconnected. There must be a separate logical
connection on the router for each VLAN, and VLAN trunking (such as IEEE 802.1Q) must be enabled on
those connections. The router already knows about directly connected networks. The router then forwards
the routed VLAN traffic that is tagged for the destination VLAN out the same physical interface.
These subinterfaces are configured in software. Each is independently configured with its own IP addresses
and a VLAN assignment to operate on a specific VLAN. Subinterfaces are configured for different subnets
corresponding to their VLAN assignment to facilitate logical routing before the data frames are VLANtagged and sent back out the physical interface.

Option: Layer 3 switch
Multilayer Switch
fa0/0 - 10.1.10.1
VLAN 10
10.1.10.100/24
fa0/1 - 10.1.20.1
VLAN 20
10.1.20.100/24
Some switches can perform Layer 3 functions, replacing the need for dedicated routers to perform basic
routing on a network. Layer 3 switches are capable of performing inter-VLAN routing. Traditionally, a
switch makes forwarding decisions by looking at the Layer 2 header, while a router makes forwarding
decisions by looking at the Layer 3 header. A layer 3 switch combines the functionality of a switch and a
router into one device. It switches traffic when the source and destination are in the same VLAN and routes
traffic when the source and destination are in different VLANs (that is, on different IP subnets). To enable a
Layer 3 switch to perform routing functions, VLAN interfaces on the switch need to be properly
configured. You must use the IP addresses that match the subnet that the VLAN is associated with on the
network. The Layer 3 switch must also have IP routing enabled.
Layer 3 switching is more scalable than routers with a trunk link because the latter can only have so much
traffic through the trunk link. In general, a Layer 3 switch is primarily a Layer 2 device that has been
upgraded to have some routing capabilities. A router is a Layer 3 device that can perform some switching
functions.
However, the line between switches and routers becomes hazier every day. Some Layer 2 switches, such as
the switches in the Cisco Catalyst 2960 Series, support limited Layer 3 functionality. The Catalyst 2960
switch supports static routing on SVIs. Static routes can be configured, but routing protocols are not
supported. For more information, go to http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/
software/release/12.2_55_se/configuration/guide/swipstatrout.html.
Student Guide
4-27

This topic demonstrates how to configure a router on a stick.

Configures subinterfaces and trunking on the router
Gi0/0
Fa0/1
Fa0/13
VLAN 10
Configure the router
for inter-VLAN routing
Fa0/3
VLAN 20
Router(config)#interface GigabitEthernet 0/0.10

Router(config-if)#encapsulation dot1Q 10
Router(config-if)#ip address 10.1.10.1 255.255.255.0
Router(config-if)#interface GigabitEthernet 0/0.20
Router(config-if)#encapsulation dot1Q 20
Router(config-if)#ip address 10.1.20.1 255.255.255.0
Description
interface interface
encapsulation dot1Q
vlan_number
Defines the encapsulation format as IEEE 802.1Q and specifies the VLAN
identifier
ip address ip_address
network_mask
Assigns an IP address and network mask to an interface
In the figure, the GigabitEthernet0/0 interface is divided into subinterfaces: GigabitEthernet0/0.10 and
GigabitEthernet0/0.20. Each subinterface represents the router in each of the VLANs for which it routes.
In the example, the encapsulation dot1q 20 command enables 802.1Q encapsulation trunking on the
GigabitEthernet0/0.20 subinterface. The value 20 represents the VLAN number (or VLAN identifier),
therefore associating 802.1Q-tagged traffic from this VLAN with the subinterface.
Each 802.1Q-tagged VLAN on the trunk link requires a subinterface with 802.1Q encapsulation trunking
that is enabled in this manner. The subinterface number does not have to be the same as the dot1q VLAN
number. However, management and troubleshooting are easier when the two numbers are the same.
In this example, devices in different VLANs use the subinterfaces of the router as gateways to access the
devices that are connected to the other VLANs.
Configuring Router with a Trunk Link (Cont.)

Assigns ports to specific VLANs and configures the port toward the router as a
trunk
Gi0/0
Fa0/1
Fa0/13
VLAN 10
Configure the switch for
inter-VLAN routing
Fa0/3
VLAN 20
Switch(config)#interface FastEthernet 0/13

Switch(config-if)#switchport mode trunk
Switch(config-if)#interface FastEthernet 0/1
Switch(config-if)#switchport access vlan 10
Switch(config-if)#interface FastEthernet 0/3
Switch(config-if)#switchport access vlan 20
Description
interface interface
Enters interface configuration mode.
switchport mode trunk
Sets the interface type. The trunk keyword specifies a trunking VLAN Layer 2
interface.
switchport access
vlan_number
Sets the access VLAN when the interface is in access mode. To reset the
access-mode VLAN to the appropriate default VLAN for the switch, use the no
form of this command.
On the switch, assign interfaces to the appropriate VLANs and configure the interface toward the router as a
trunk. The trunk link will carry traffic from different VLANs, and the router will route between those
VLANs.
Student Guide
4-29

Verifies the VLAN subinterfaces
Router#show vlans
<output omitted>
Virtual LAN ID: 10 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface:
GigabitEthernet0/0.10
Protocols Configured:
Address:
Received:
IP
10.1.10.1
11
<output omitted>
Virtual LAN ID: 20 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface:
Protocols Configured:
Address:
Received:
IP
10.1.20.1
11
<output omitted>
Transmitted:
18
Transmitted:
8
To verify the router configuration, use show commands to display the current (running) configuration, IP
routing information, and IP protocol information per VLAN to verify that the routing table represents the
subnets of all VLANs.
The show vlans command displays the information about the Cisco IOS VLAN subinterfaces. The sample
output shows two VLAN subinterfaces, FastEthernet0/0.10 and FastEthernet0/0.20.

Verifies the IP routing table for VLAN subinterfaces
Router#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C
10.1.10.0/24 is directly connected, GigabitEthernet0/0.10
L
C
L
The show ip route command displays the current state of the routing table. The sample output shows two
subinterfaces. The GigabitEthernet0/0.10 and GigabitEthernet0/0.20 VLAN subinterfaces are directly
connected to the router.
Summary
Summary
Inter-VLAN communication cannot occur without a Layer 3 device
(Layer 3 switch or router).
Routing is necessary to forward traffic between VLANs.
A router with a trunk link is configured with a subinterface for each
VLAN.
Student Guide
4-31
Lesson 3
Using a Cisco Network

Device as a DHCP Server
Originally, network administrators had to manually configure the host address, default gateway, and other
network parameters on each host. However, DHCP provides these parameters dynamically. This lesson
describes the use of a Cisco router as a DHCP server.
Objectives
Describe the need for dynamic host IP address assignment
Describe DHCP operation
Configure a DHCP server
Describe how to monitor DHCP server functions
Describe the DHCP relay agent mechanism

This topic describes the need for a DHCP server in medium-sized LANs.

A manual IP address assignment in a medium-sized LAN is as
follows:
Time consuming
Prone to errors
Unfavorable to employee mobility
A DHCP IP address assignment in a segmented LAN is as

follows:
An IP address that is automatically assigned in accordance with user
VLAN settings
A centralized IP address allocation that enables consistency across the
whole organization
While manual assignment of IP addresses to network hosts is acceptable in small networks, it can present an
administrative burden in medium-sized LANs.
Manually setting all network connectivity parameters on the end host whenever it is moved or replaced can
be a time-consuming task for administrators. For mobile employees, who usually work from home and
occasionally come into the office, manually setting the correct network parameters can be challenging. In
addition, manual settings may be incorrect, or equipment brought to the office may already have settings in
place. The result could be poor network connectivity on the host or even a problem for other users if a host
with a duplicate IP address is connected to the local network.
Introducing a DHCP server to the local network simplifies IP address assignment. A DHCP server is
commonly used in small networks to support frequent changes and to assign correct IP addresses to guest
hosts that are connecting to a LAN. An even greater contribution to simplified administration is seen when
LANs are segmented using VLANs. A DHCP server automatically assigns IP addresses to end hosts
according to the VLAN assignment of the host.
Using a centralized DHCP server enables organizations to administer all dynamic IP address assignments in
one place. This practice ensures consistency across the organization, and branch offices, for example, can
be easily managed.
Understanding DHCP
This topic describes how DHCP operates.
Understanding DHCP
End
Host
Discover (broadcast)
Offer (unicast)
Request (broadcast)
Acknowledge (unicast)
DHCP
Server
DHCP dynamic allocation of IP addresses is based on a client-server model. The figure displays an example
of how an end host obtains an IP address from a DHCP server.
When DHCP dynamically allocates an IP address, the operation can be divided into the following phases:
1
DHCP discover: A client broadcasts a DHCP discover message with its own hardware MAC address
to discover available DHCP servers.
DHCP offer: When a DHCP server receives a DHCP discover from a client, it reserves an IP address
for the client and sends a DHCP offer to the client. This message contains the client MAC address, the
IP address that the server is offering, the subnet mask, the lease duration, and the IP address of the
DHCP server that is making the offer.
DHCP request: When a client receives a DHCP offer message, it responds with a DHCP request
message, indicating its intent to accept the parameters in the DHCP offer. A DHCP request message is
broadcast because the DHCP client has still not received an acknowledged IP address.
DHCP acknowledgment: After the DHCP server receives the DHCP request message, it
acknowledges the request with a unicast DHCP acknowledgment message. The packet includes
confirmation for all requested parameters. At this point, the IP configuration process is completed.
Student Guide
4-35

This topic describes how to configure a DHCP server on a Cisco IOS device.

Configuration scenario:
Configure a DHCP server on a Cisco
router
Configure a DHCP server

for LAN guest users
Assign IP addresses from address pool

10.1.50.0/24 with a lease time of 12
hours
Branch
Subnet
Do not assign IP addresses from

10.1.50.1 to 10.1.50.50
Additional parameters: default gateway,
domain name, and DNS server
In this example configuration scenario, a DHCP server will be configured on a Cisco IOS router. Guest
LAN users need to receive an IP address from the specified address pool along with a default gateway,
domain name, and IP address of a DNS server. The IP address assignment should be valid for 12 hours.
Note
A DHCP server can also be implemented on Cisco Catalyst switches.
Configuring a DHCP Server (Cont.)

Cisco IOS DHCP server configuration:
Enter the DHCP pool configuration mode
Assign DHCP parameters to the DHCP pool
Exclude IP addresses from the DHCP assignment
Branch(config)# ip dhcp pool Guests
Branch(dhcp-config) #network 10.1.50.0 /24
Branch(dhcp-config)# default-router 10.1.50.1
Branch(dhcp-config)# dns-server 10.1.50.1
Branch(dhcp-config)# domain-name example.com
Branch(dhcp-config)# lease 0 12
Branch(dhcp-config)# exit
Branch(config)# ip dhcp excluded-address 10.1.50.1 10.1.50.50
To enable the Cisco IOS DHCP server, enter DHCP configuration mode by defining a DHCP pool. Use the
commands that are shown in the table to define the pool parameters.
Command
Description
ip dhcp pool name
Defines the pool name and enters DHCP configuration

mode.
network network-number [mask | prefix-length]
Defines addresses in the DHCP pool. Optionally, define

a subnet mask or prefix length to define the network part.
default-router address
Specifies the IP address of the default router for a DHCP

client.
domain-name domain
Specifies the domain name for the DHCP client.
lease {days [hours] [minutes] | infinite}
Specifies the duration of the lease. The default is a oneday lease.
ip dhcp excluded-address ip-address [last-ip-address]
In global configuration mode, specifies a single excluded

IP address or range of addresses that a DHCP server
should not assign to DHCP clients.
Student Guide
4-37

This topic describes verification commands that can be used to monitor and verify a DHCP server
implementation on Cisco IOS Software.

Branch# show ip dhcp pool
Pool Guests :
Utilization mark (high/low)
: 100 / 0
Subnet size (first/next)
: 0 / 0
Total addresses
: 254
Leased addresses
: 2
Pending event
: none
1 subnet is currently in the pool :
Current index
IP address range
10.1.50.55
10.1.50.1 - 10.1.50.254
Leased addresses
2
Verifies information about configured DHCP address pools
You can verify configured DHCP parameters using the show ip dhcp pool command in privileged EXEC
mode. The total number of available addresses, configured address range, and number of leased addresses is
displayed. Keep in mind that the total addresses number does not take excluded IP addresses into account.
For more details about the show ip dhcp pool command, refer to Cisco IOS IP Addressing Services
Command Reference at http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr/command/ipaddrr1.html#GUID-23A47402-6EB5-4945-8DEB-ABCB7BCF3D68
Monitoring DHCP Server Functions (Cont.)

Branch# show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address
Client-ID/
Lease expiration
Hardware address/
User name
10.1.50.54
0100.0c29.8807.34
Oct 18 2012 06:56 PM
10.1.50.56
0100.0c29.4532.be
Oct 18 2012 07:08 PM
Type
Automatic
Automatic
Displays address bindings information
To verify the operation of a DHCP server, use the show ip dhcp binding command, which displays a list of
all IP address-to-MAC address bindings that have been provided by the DHCP service. Additionally, the
lease expiration time and type of DHCP allocation are listed.
Monitoring DHCP Server Functions (Cont.)

Branch# show ip dhcp conflict
IP address
Detection method
10.1.50.52
Gratuitous ARP
10.1.50.53
Ping
Detection time
Oct 18 2012 06:56 AM
Oct 18 2012 07:08 AM
VRF
Displays the address conflicts that are found by a DHCP server

IP Address: The IP address of the host as recorded on the DHCP server
Detection Method: The manner in which the IP address of the hosts were found on
the DHCP server; can be a ping or a gratuitous ARP
Detection time: The time when the conflict was found
To display address conflicts that are found by a DHCP server when addresses are offered to the client, use
the show ip dhcp conflict command in user EXEC or privileged EXEC mode.
The server uses ping to detect conflicts. The client uses GARP to detect conflicts. If an address conflict is
detected, the address is removed from the pool and the address is not assigned until an administrator
resolves the conflict.
Student Guide
4-39
The output in the figure shows, for each conflicting IP address, how the conflict was detected and the time
when it was detected.
You can clear conflicting IP addresses by using the clear ip dhcp conflict privileged EXEC command.
For more details about the show ip dhcp conflict command, refer to Cisco IOS IP Addressing Services
Command Reference at http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr/command/ipaddrr1.html#GUID-5A27A4B1-4B2A-417D-8530-9F792D072454.
DHCP Relay Agent

This topic reviews the need for a centralized DHCP solution and describes how to support its
implementation in a branch office.
DHCP Relay Agent

The need for a centralized DHCP solution:
Managing individual DHCP servers across many locations is timeconsuming.
Ensuring consistency in several different places can easily lead to
errors.
To support a centralized DHCP solution in branch offices, only

the DHCP relay agent needs to be configured.
When DHCP clients try to obtain an IP address, they search for a DHCP server within their segment.
Managing one DHCP server in each network segment can represent considerable administrative work. If
DHCP servers are spread across different physical locations and are managed by different administrators,
there is also a greater chance of human error.
A centralized DHCP solution enables an administrator to manage IP address assignment in one place for a
whole organization. While DHCP servers are usually positioned in the center of the network infrastructure,
other network devices can be configured with the DHCP relay agent functionality to enable clients to obtain
an IP address from a central DHCP server.
Student Guide
4-41
DHCP Relay Agent (Cont.)
End
Host
1 Discover (broadcast)
2 Discover (unicast)
4 Offer (unicast)
3 Offer (unicast)
Request
5 (broadcast)
6 Request (unicast)
Acknowledge
(unicast)
Acknowledge
7 (unicast)
DHCP
Server
172.16.1.100
Gi 0/0
Router Acting as DHCP Relay Agent
Branch(config-if)# ip helper-address 172.16.1.100
Enables DHCP relay agent on a local interface
DHCP clients use UDP broadcasts to send their initial DHCP discover message because they do not have
information about the network to which they are attached. If the client is on a network that does not include
a DHCP server, broadcasts are normally not forwarded by the attached router.
To allow DHCP clients on subnets that are not directly served by DHCP servers to communicate with
DHCP servers, DHCP relay agents can be installed on these subnets. You can configure the relay agent for
a specific segment with the ip helper-address address interface configuration command, where you specify
the IP address of a DHCP server.
When the DHCP relay agent receives the broadcast DHCP discover message, the relay agent transmits the
message to one or more DHCP servers as a unicast packet after the relay agent stores its own IP address in
the giaddr field of the DHCP packet. The DHCP server uses the giaddr to determine the subnet on which
the relay agent received the broadcast and allocates an IP address belonging to the same subnet. When the
DHCP server replies to the client, it sends the reply to the giaddr address, again using unicast. The relay
agent receives the response and retransmits it on the local network.
Note
The ip helper-address command enables forwarding of all of the well-known UDP ports that may be
included in a UDP broadcast message.
Summary
Summary
A DHCP server provides dynamic IP address assignment to end hosts,
reducing errors and the time that is needed to administer address
assignment.
Before a client obtains an IP address from a DHCP server, it exchanges
DHCP discover, offer, request, and acknowledge messages with the
DHCP server.
Both Cisco routers and Cisco Catalyst switches can be configured as
DHCP servers.
Use the verification commands show ip dhcp pool, show ip dhcp
binding, and show ip dhcp conflict to monitor a DHCP server.
When a centralized DHCP server is in use, configure DHCP relay agent
functionally using the ip helper-address interface configuration
command.
Student Guide
4-43
Lesson 4
Introducing WAN
Technologies
As an enterprise grows beyond a single location, it becomes necessary to interconnect LANs in various
locations to form a WAN. Several technologies are involved in the functioning of WANs. This lesson
describes the functions and characteristics of WANs.
Objectives
Describe a WAN and explain the need for WANs
Compare LANs and WANs
Describe the role of routers for WAN access
List the major options for WAN access communication links
Describe Ethernet emulation for point-to-point connectivity
Configure Ethernet interface for point-to-point connectivity
Introducing WANs
A WAN is a data communications network that operates beyond the geographic scope of a LAN. This topic
describes the basic idea behind WANs.
Introducing WANs
What is a WAN?
LAN
Access
WAN
Workgroups
Branch
Office
Building
Backbone
Campus
Backbone
Telecommuter
Remote
User
WANs use facilities that are provided by a service provider or carrier, such as a telephone or cable
company. They connect the locations of an organization to each other, to locations of other organizations, to
external services, and to remote users. WANs generally carry various traffic types such as voice, data, and
video.
Here are the three major characteristics of WANs:
WANs connect devices that are located over wide geographical areas.
WANs use the services of carriers such as telephone companies, cable companies, satellite systems,
and network providers.
WANs use various connection types to provide access to bandwidth over large geographical areas.
Introducing WANs (Cont.)

Why are WANs needed?
Main Office
Home Offices
Branch
Internet
WAN
Mobile Worker
Regional Office
Remote Office
Business Partners
There are several reasons why WANs are necessary in a communications environment. LAN technologies
provide both speed and cost effectiveness for the transmission of data in organizations in relatively small
geographic areas. However, there are other business needs that require communication among remote users:
People in regional or branch offices of an organization need to be able to communicate and share data.
Organizations often want to share information with other organizations across large distances. For
example, software manufacturers routinely communicate product and promotion information to
distributors that sell their products to end users.
Employees who travel on company business or work from home frequently need to access information
that resides on their corporate networks.
Because it is obviously not feasible to connect computers across a country or around the world with LAN
cables, various technologies have evolved to meet this need. WANs allow organizations and individuals to
meet their wide-area communications needs.
In recent years, several new technologies, which use Internet infrastructure to connect distant locations,
matured to offer good alternatives to traditional WAN connectivity options.
Student Guide
4-47
WANs vs. LANs

This topic compares WANs and LANs.
WANs vs. LANs

WAN = A collection of LANs
WANs
LANs
Area
Wide geographic area
Single building or small

geographic area
Ownership
Subscription to outside
service provider
Owned by organization
Cost
Recurring
Fixed
WANs are different from LANs in several ways. The most significant differences are geographical area and
ownership. A LAN connects computers, peripherals, and other devices in a single building or other small
geographic area. A WAN allows the transmission of data across broad distances. In addition, a company or
organization must subscribe to an outside WAN service provider to use WAN carrier network services.
LANs are typically owned by the company or organization that uses them. This is reflected also in costs.
While LANs usually require a one-time investment, WAN services normally involve a recurring monthly
fee, which is paid to a service provider.
WANs vs. LANs (Cont.)

SP
SP
SP
WAN
SP
WAN
LAN
SP
WAN
W
LAN
LAN
Some WANs are privately owned. However, because the development and maintenance of a private WAN
is expensive, only very large organizations can afford to maintain a private WAN. Most companies
purchase WAN connections from a service provider or ISP. The service provider is then responsible for
maintaining the back-end network connections and network services between the LANs.
When an organization has many global sites, establishing WAN connections and service can be complex.
For example, the major service provider for the organization may not offer service in every location or
country in which the organization has an office. As a result, the organization must purchase services from
multiple service providers. Using multiple service providers often leads to differences in the quality of the
services that are provided. In many emerging countries, for example, network designers find differences in
equipment availability, WAN services that are offered, and encryption technology for security. To support
an enterprise network, it is important to have uniform standards for equipment, configuration, and services.
Student Guide
4-49

An enterprise WAN is a collection of separate but connected LANs. Routers play a central role in
transmitting data through this interconnected network. This topic describes the functions and role of the
router in a WAN environment.

WANs vs. LANs
SP WAN
Routers have both LAN and WAN interfaces. While a router is used to segment LANs, it is also used as the
WAN access connection device. The functions and role of a router in accessing the WAN can be best
understood by looking at the types of connections that are available on the router. There are three basic
types: LAN interfaces, WAN interfaces, and management ports. LAN interfaces allow the router to connect
to the LAN media through Ethernet or some other LAN technology.
WAN connections are made through a WAN interface on a router to a service provider to a distant site or to
the Internet. These may be serial connections or any number of other WAN interfaces. With some types of
WAN interfaces, an external device such as a DSU, CSU, or modem (such as an analog modem, cable
modem, or DSL modem) is required to connect the router to the local POP of the service provider. The
physical demarcation point is the place where the responsibility for the connection changes from the user to
the service provider. It is very important because, when problems arise, both sides of the link need to know
which side the problem resides on.

This topic presents various WAN communication link options.

WAN
Dedicated
Switched
Internet
Options for implementing WAN solutions differ in technology, speed, and cost. WAN connections can be
carried over a private infrastructure or over a public infrastructure, such as the Internet.
Private connections include dedicated and switched communication link options.
Dedicated communication links: When permanent, dedicated connections are required, point-to-point
lines are used with various capacities that are limited only by underlying physical capabilities and the
willingness of users to pay for these dedicated lines. A point-to-point link provides an established
WAN communications path from the customer premises through the provider network to a remote
destination. Point-to-point lines are usually leased from a carrier and are also called leased lines.
Switched communication links: Many WAN users do not make efficient use of the fixed bandwidth
that is available with dedicated communication links because the data flow fluctuates. Service
providers have data networks that are available to more appropriately service these users. In packetswitched networks, the data is transmitted in labeled cells, frames, or packets over a common
infrastructure, which is utilized by several customers at once. Different technologies can be used to
ensure privacy and isolation of different customers and to provide desired bandwidth requirements and
SLAs.
Public connections use the global Internet infrastructure. Until recently, the Internet was not a viable
networking option for many businesses because of the significant security risks and lack of adequate
performance guarantees in an end-to-end Internet connection. With the development of VPN technology,
however, the Internet is now an inexpensive and secure option for connecting to teleworkers and remote
offices when performance guarantees are not critical. Internet WAN connection links are through
broadband services such as DSL, cable modem, and broadband wireless, and they are combined with VPN
technology to provide privacy across the Internet. Broadband connection options are typically used to
connect telecommuting employees to a corporate site over the Internet.
Student Guide
4-51
A point-to-point communication link provides a single, established WAN communication path from the
customer premises through a service provider infrastructure to a remote network. Different technologies can
be used to provide point-to-point connectivity. This topic introduces the concept of point-to-point links
based on Ethernet emulation, which is commonly offered by service providers.
Ethernet emulation:
Simple
Affordable
Flexible
Service Provider
Network
Demarc
Demarc
New York Office
London Office
When permanent connections are required, a point-to-point link is used to provide an established WAN
communication path from the customer premises through the provider network to a remote destination. A
point-to-point link can connect two geographically distant sites, such as a corporate office in New York and
a regional office in London. Point-to-point links are usually leased from a service provider.
Service providers can use different technologies to provide point-to-point connectivity. In recent years,
different solutions that are based on Ethernet emulation became popular.
The advantages of Ethernet emulation services include the following:
Simplicity: Although different technologies are used in service provider networks, customers always
obtain an Ethernet link that is simply plugged into their equipment. Which technology is used beyond
the demarcation point is transparent for end customers.
Cost: Ethernet ports on customer equipment are the cheapest connectivity option compared to other
solutions such as optical or serial interfaces.
Flexibility: Service providers are able to offer different link capabilities depending on the technology
that is used. Different bandwidth arrangements, bandwidth guarantees, and SLAs can be offered to
define the appropriate service that fits customer needs.

This topic shows how to configure a point-to-point link.

Configuring the Branch router with an IP address and interface description
SP Network
Branch
Gi0/1
HQ
Gi0/0
Branch(config)#interface GigabitEthernet0/1
Branch(config-if)#ip address 192.168.1.1 255.255.255.252
Branch(config-if)#description WAN Link to HQ
Branch(config-if)#no shutdown
Use ping to verify end-to-end connectivity
The figure displays configuration commands that are needed on the Branch router in an example topology
to establish connectivity over the WAN with Ethernet emulation.
Description
interface interface
ip address ip_address
subnet_mask
Sets an IP address and subnet mask on the interface
[no] shutdown
Disables or enables the interface
description
Sets the description on the interface
To perform verification, you can use the show interfaces command. Because the local interface is
connected to service provider equipment, the status of the interface and line protocol does not always reflect
the status of the WAN connection. You can use ping to verify end-to-end connectivity over the WAN link.
Student Guide
4-53
Summary
Summary
A WAN allows the transmission of data across broad geographic
distances.
A WAN is a collection of LANs, and routers play a central role in
transmitting data through WANs.
There are three WAN communication link options: dedicated
communication links, switched communication links, and public
connections.
A common type of WAN connectivity is the point-to-point connection that
emulates Ethernet.
Configuring an interface for emulated Ethernet WAN connectivity
consists of setting the IP address and enabling the interface.
Lesson 5
Introducing Dynamic Routing

Protocols
Routing is the process of determining where to send data packets that are destined for addresses outside the
local network. Routers gather and maintain routing information to enable the transmission and receipt of
these data packets. Routing information takes the form of entries in a routing table, with one entry for each
identified route. The router can use a routing protocol to create and maintain the routing table dynamically
so that network changes can be accommodated whenever they occur.
To effectively manage an IP network, you must understand the operation of dynamic routing protocols and
the effect that they have on an IP network. This lesson discusses the need for routing protocols and
describes the differences between interior and exterior routing protocols and also between link-state and
distance vector routing protocols. The operation of link-state protocols is explained.
Objectives
Describe the purpose of dynamic routing protocols
Compare interior and exterior routing protocols
Compare link-state and distance vector routing protocols
Describe the operation and characteristics of link-state routing protocols

This topic describes the purpose of dynamic routing protocols.

Dynamic routing protocol characteristics follow:
Routing protocols are sets of processes, algorithms, and messages that
are used to exchange routing information.
After directly connected routes have been installed, a router populates
its routing table with the best paths to remote destinations, as chosen by
the routing protocol.
After the path is determined, a router can route to the learned networks.
Purpose of Dynamic Routing Protocols (Cont.)

Network
10.1.1.0
Network
172.16.0.0
Network
Protocol
Destination
Network
Exit
Interface
EIGRP
OSPF
10.1.1.0
172.16.0.0
FA0/1
FA0/2
Dynamic routing relies on a routing protocol to disseminate knowledge. A routing protocol defines the rules
that a router uses when it communicates with neighboring routers to determine paths to remote networks
and maintain those networks in the routing tables.
A routing protocol facilitates the exchange of routing information between networks, allowing routers to
build routing tables dynamically. As routers become aware of changes to the networks for which they act as
the gateway or of changes to links between routers, this information is passed to other routers. When a
router receives information about new or changed routes, it updates its own routing table and, in turn,
passes the information to other routers. In this way, all routers have accurate routing tables that are updated
dynamically and can learn about routes to remote networks that are many hops away.
Routing protocols describe this information:
How updates are conveyed
What knowledge is conveyed
When to convey the knowledge
How to locate recipients of the updates
Purpose of Dynamic Routing Protocols (Cont.)

Dynamic routing protocols do as follows:
Discover remote networks
Maintain up-to-date routing information
Choose the best path to destination networks
Find a new best path if the current path is no longer available
The purpose of a routing protocol includes the following:

Discovering remote networks: There is no need to manually define the available destination (routes).
The routing protocol discovers remote networks and updates the internal routing table of the router.
Maintaining up-to-date routing information: The routing table contains entries about remote
networks. When changes occur in the network, routing tables are automatically updated.
Choosing the best path to destination networks: Routing protocols discover remote networks. More
paths to the destinations are possible, and the best paths enter the routing table.
Finding a new best path if the current path is no longer available: The routing table is constantly
updated, and new paths may also be added. When the current best path is not available or better paths
are found, the routing protocol selects a new best path.
Student Guide
4-57

This topic compares interior and exterior routing protocols.

Characteristics of autonomous systems:
An AS is a collection of networks within a common administrative
domain.
IGPs operate within an AS.
EGPs connect different autonomous systems.
Autonomous System 65100
EGPs (BGP)
IGPs (RIPv2, EIGRP, OSPF)
IGPs are used for routing within a routing domain. Those networks are under the control of a single
organization. An AS commonly comprises many individual networks belonging to companies, schools, and
other institutions.
An IGP is used to route within the AS and also within the individual networks themselves. For example, the
Corporation for Education Network Initiatives in California operates an AS that includes California schools,
colleges, and universities. The corporation uses an IGP to route within its AS to interconnect all of these
institutions. Each educational institution also uses an IGP of its own choosing to route within its own
individual network. The IGP that is used by each entity provides the best-path determination within its own
routing domains, just as the IGP that is used by the corporation provides the best-path routes within the AS
itself.
IGPs for IP include RIP, EIGRP, OSPF, and others. Some IGPs may be adequate in large corporate
networks but are not designed to handle tens of thousands or hundreds of thousands of routes, such as the
many thousands of routes that are present on the Internet.
EGPs, however, are designed for use between Autonomous systems that are under the control of different
administrations. BGP is an example of an EGP and is the routing protocol that is used in the Internet. BGP
is a path vector protocol that can use many different attributes to measure routes. BGP is typically used
between ISPs and sometimes between a company and an ISP.
Distance Vector and Link-State Routing Protocols

This topic compares link-state and distance vector routing protocols.
Distance Vector and Link-State Routing

Protocols
The types of dynamic routing protocols follow:
Distance vector: RIP
Advanced distance vector: EIGRP
Link-state: OSPF and IS-IS
Within an AS, most IGP routing can be classified as conforming to one of these algorithms:
Distance vector: The distance vector routing approach determines the direction (vector) and distance
(a metric, such as hop count in the case of RIP) to any link in the internetwork. Pure distance vector
protocols periodically send complete routing tables to all connected neighbors. This mode of operation
is key in defining what a distance vector routing protocol is. In large networks, these routing updates
can become enormous, causing significant traffic on the links. The only information that a router
knows about a remote network is the distance or metric to reach this network and which path or
interface to use to get there. Different distance vector routing protocols may use different kinds of
metrics. Distance vector routing protocols do not have an actual map of the network topology. For a
router, the view of the network is based on the information that is provided by its neighbors.
Advanced distance vector: The advanced distance vector approach combines aspects of the link-state
and distance vector algorithms. EIGRP is a Cisco proprietary routing protocol that combines the
advantages of link-state and distance vector routing protocols. EIGRP may act like a link-state routing
protocol because it uses a Hello protocol to discover neighbors and form neighbor relationships and
because only partial updates are sent when a change occurs. However, EIGRP is still based on the key
distance vector routing protocol principle that information about the rest of the network is learned from
directly connected neighbors.
Student Guide
4-59
Link-state: The link-state approach, which uses the SPF algorithm, creates an abstraction of the exact
topology of the entire internetwork, or at least of the partition in which the router is situated. A linkstate router uses the link-state information to create a topology map and to select the best path to all
destination networks in the topology. All link-state routers use an identical "map" of the network and
calculate the shortest paths to reach the destination networks in relation to where they are on this map.
Unlike their distance vector counterparts, complete routing tables are not exchanged periodically.
Instead, event-based, "triggered" updates containing only specific link-state information are sent.
Periodic keepalives that are small and efficient, in the form of hello messages, are exchanged between
directly connected neighbors to establish and maintain reachability to this neighbor.

This topic describes the operation and characteristics of link-state routing protocols and of OSPF in
particular.

Characteristics of link-state routing protocols follow:
A complete view of the network topology is created.
Updates are sent when there is a link change.
They are associated with SPF calculations.
They use the link-state information to do as follows:
Create a topology map.
Select the best path to all destination networks in the topology.
Link-state routing protocols collect routing information from all other routers in the network or within a
defined area of the network. After all of the information is collected, each router, independent of the other
routers, calculates the best paths to all destinations in the network. Because each router maintains its own
view of the network, the router is less likely to propagate incorrect information that is provided by a router.
A link is like an interface on a router. The state of the link is a description of this interface and of its
relationship to its neighboring routers. An example description of the interface would include the IP address
of the interface, the mask, the type of network to which it is connected, the routers that are connected to this
network, and so on. The collection of link states forms a link-state (or topological) database. The link-state
database is used to calculate the best paths through the network. Link-state routers find the best paths to
destinations by applying Dijkstras algorithm against the link-state database to build the SPF tree. The best
paths are then selected from the SPF tree and placed in the routing table.
Student Guide
4-61

(Cont.)
Link-state protocol components:
B
A
C
D
Link-State Packets
Topological
Database
Routing
Routing
Table
Table
SPF
Algorithm
SPF Tree
Link-state routing protocols are much more complex than their distance vector counterparts. However, the
basic functionality and configuration of link-state routing protocols are not complex at all.
To maintain routing information, link-state routing uses LSAs, a topological database, the SPF algorithm,
the resulting SPF tree, and a routing table of paths and ports to each network.
LSAs are used in OSPF for the routers to exchange knowledge about the network topology. The
topological, or link-state, database holds all of the information about the topology of the network. This
database is used by the SPF algorithm, which builds the SPF tree. The best paths are then inserted into the
routing table, and routing decisions are made based on the entries in the routing table.

(Cont.)
Hierarchical routing:
Consists of areas and autonomous systems
Area 0
Area 2
Area 1
Autonomous System
The ability of link-state routing protocols, such as OSPF, to divide one large AS into smaller groupings of
routers (called areas) is referred to as hierarchical routing. Link-state routing protocols use the concept of
areas for scalability. Topological databases contain information about every router and the associated
interfaces, which in large networks can use resources intensively. Arranging routers into areas effectively
partitions this potentially large database into smaller and more manageable databases.
With hierarchical routing, routing still occurs between the areas (interarea routing). At the same time, many
of the minute internal routing operations, such as recalculating the database, are kept within an area.
When a failure occurs in the network, such as a neighbor becoming unreachable, link-state protocols flood
LSAs using a special multicast address throughout an area. Each link-state router takes a copy of the LSA,
updates its link-state (topological) database, and forwards the LSA to all neighboring devices. LSAs cause
every router within the area to recalculate routes. Because LSAs must be flooded throughout an area and all
routers within this area must recalculate their routing tables, the number of link-state routers that can be in
an area should be limited.
The figure shows three areas. If Area 1 is having problems with an intermittent link, routers in the other
areas do not need to continually run their SPF calculation because they are isolated from the Area 1
problem.
Student Guide
4-63
Summary
Summary
Routing protocols are a set of processes, algorithms, and messages that
IGPs operate within an AS, while EGPs connect different autonomous
systems.
The distance vector routing approach determines the direction (vector)
and distance to any link in the internetwork.
Routers running link-state routing protocols maintain their own view of
the network, so the router is less likely to propagate incorrect
information that is provided by another router.
Lesson 6
Implementing OSPF
OSPF is an IGP that was designed by the IETF. Because OSPF is a widely deployed standard protocol,
knowledge of its configuration and maintenance is essential. This lesson describes the function of OSPF
and explains how to configure a single-area OSPF network on a Cisco router.
Objectives
Describe the features of OSPF
Explain how OSPF routers become neighbors
Explain how OSPF decides what is the best path through the network
Explain the OSPF router ID
Configure a single-area OSPF network
Verify a single-area OSPF configuration
Introducing OSPF
This topic describes the features of OSPF.
Introducing OSPF
Developed by the IETF
Creates a neighbor relationship by exchanging hello packets
Propagates LSAs rather than routing table updates:
Link: Router interface
State: Description of an interface and its relationship to neighboring routers
Floods LSAs to all OSPF routers in the area, not just directly connected
routers
Pieces together all of the LSAs that are generated by the OSPF routers
to create the OSPF link-state database
Uses the SPF algorithm to calculate the shortest path to each
destination and places it in the routing table
OSPF was developed as a replacement for the distance vector routing protocol RIP. The major advantages
of OSPF over RIP are its fast convergence and its ability to scale to much larger networks.
A router sends LSA packets immediately to advertise its state when there are state changes and sends them
periodically as well (every 30 minutes by default). Information about attached interfaces, metrics that are
used, and other variables are included in OSPF LSAs. As OSPF routers accumulate link-state information,
they use the SPF algorithm to calculate the shortest path to each node.
A topological (link-state) database is, essentially, an overall picture of networks in relation to routers. The
topological database contains the collection of LSAs that were received from all routers in the same area.
Because routers within the same area share the same information, they have identical topological databases.
OSPF Adjacencies
This topic describes how OSPF adjacencies are built.
OSPF Adjacencies
OSPF routers first establish adjacencies.
Hello packets are periodically sent to multicast address 224.0.0.5.
Routers must agree on certain information inside the hello packet before
an adjacency can be established.
Hello!
Hello!
Hello!
Router ID
Hello/Dead Interval*
Neighbors
Area ID*
Router Priority
DR IP Address
BDR IP Address
Authentication Data*
Hello!
*Must Match on Neighbor
Neighbor OSPF routers must recognize each other on the network before they can share information
because OSPF routing depends on the status of the link between two routers. The routers recognize each
other by using the Hello protocol. OSPF routers send hello packets on all OSPF-enabled interfaces to
determine if there are any neighbors on those links.
Receiving OSPF hello packets on an interface confirms to the OSPF router the presence of another OSPF
router on a link. The hello packet contains information that allows the OSPF routers to establish and
maintain neighbor relationships by ensuring bidirectional (two-way) communication between neighbors.
An OSPF neighbor relationship, or adjacency, is formed between two routers if they both agree on the area
ID, hello and dead intervals, and authentication. Of course, the routers must be on the same IP subnet.
Bidirectional communication occurs when a router recognizes itself in the neighbors list that is contained in
the hello packet that it receives from a neighbor.
Each interface that is participating in OSPF uses IP multicast address 224.0.0.5 to periodically send hello
packets. A hello packet contains this information:
Router ID: The router ID is a 32-bit number that uniquely identifies the router.
Hello and dead intervals: The hello interval specifies the frequency in seconds at which a router sends
hello packets. The dead interval is the time in seconds that a router waits to hear from a neighbor before
declaring the neighboring router out of service.
Neighbors: The Neighbors field lists the adjacent routers with established bidirectional
communication.
Area ID: To communicate, two routers must share a common segment, and their interfaces must
belong to the same OSPF area on this segment.
Router priority: The router priority is an 8-bit number that indicates the priority of a router.
Student Guide
4-67
DR and BDR IP addresses: These addresses are the IP addresses of the DR and BDR for the specific
network, if they are known.
Authentication password: If router authentication is enabled, two routers must exchange the same
password.
SPF Algorithm
This topic describes how OSPF builds the routing table and what it bases routing decisions on.
SPF Algorithm
OSPF uses a path cost as a metric.
By default, cost is calculated based on interface bandwidth.
Cost = Reference bandwidth / interface bandwidth, where reference
bandwidth is 100 Mb/s.
R1
R2
Cost = 30
Cost = 1
Cost = 4
Cost = 10
Cost = 20
Cost = 10
Cost = 2
Cost = 10
R3
Cost = 10
R4
The SPF algorithm places each router at the root of a tree and calculates the shortest path to each node,
using Dijkstras algorithm. Dijkstras algorithm is based on the cumulative cost to reach this destination.
A metric is an indication of the overhead that is required to send packets across a certain interface. OSPF
uses cost as a metric. A lower cost indicates a better path than a higher cost. The cost of an interface is
inversely proportional to the bandwidth of the interface, so a higher bandwidth indicates a lower cost. More
overhead, higher cost, and more time delays are involved in crossing a 10-Mb/s Ethernet line than in
crossing a 100-Mb/s Ethernet line.
The formula that is used to calculate OSPF cost follows:
Cost = reference bandwidth / interface bandwidth (in bits per second)
The default reference bandwidth is 108, which is 100,000,000, or the equivalent of the bandwidth of Fast
Ethernet. Therefore, the default cost of a 10-Mb/s Ethernet link is 108 / 107 = 10, and the cost of a 100-Mb/s
link is 108 / 108 = 1. A problem arises with links that are faster than 100 Mb/s. Because OSPF cost has to be
an integer, all links that are faster than Fast Ethernet have an OSPF cost of 1. In this case, you must change
the OSPF cost on an interface manually or adjust the reference bandwidth to a higher value.
To adjust the reference bandwidth for links with bandwidths greater than Fast Ethernet, use the auto-cost
reference-bandwidth command in router configuration mode.
The cost to reach a distant network from a router is the cumulative cost of all links on the path from the
router to the network. In the example, the cost from router R1 to the destination network via R3 is 40 (20 +
10 + 10), and the cost via router R2 is 30 (10 + 10 + 10). The path via R2 is better because it has a lower
cost.
Student Guide
4-69
SPF Algorithm (Cont.)

1
R2
R1
10
20
10
LSAs
Link-State
Database
SPF
Best Routes
Routing
Table
2
10
10
R3
SPF Tree
R4
R1 SPF Tree
Destination
Shortest Path
Cost
R2 LAN
R1 to R2
14
R3 LAN
R1 to R3
22
R4 LAN
R1 to R4
30
LSAs are flooded throughout the area using a reliable algorithm, which ensures that all routers in an area
have the same topological database. As a result of the flooding process, router R1 in the example has
learned the link-state information for each router in its routing area. Each router uses the information in its
topological database to calculate a shortest-path tree, with itself as the root. The SPF tree is then used to
populate the IP routing table with the best paths to each network.
For R1, the shortest path to each LAN and the cost are shown in the table. The shortest path is not
necessarily the path. Each router has its own view of the topology, although all of the routers build a
shortest-path tree using the same link-state database.
Router ID
This topic explains the router ID.
Router ID
The number by which the router is known to OSPF can be set manually
using the router-id command.
If router-id is not configured, the highest IP address on the active
loopback interface at the moment of OSPF process startup is selected
as the router ID.
If there is no active loopback interface, then the router selects the
highest IP address on the active interface at the moment of OSPF
process startup.
The OSPF router ID is used to uniquely identify each router in the OSPF routing domain. A router ID is
simply a label and is expressed as an IP address. Cisco routers derive the router ID based on three criteria
and with this precedence:
1.
The router uses the IP address (or dotted decimal number) that is configured with the OSPF router-id
command.
2.
If the router ID is not configured, the router chooses the highest IP address of its loopback interfaces.
3.
If no loopback interfaces are configured, the router chooses the highest active IP address of its physical
interfaces.
Note
The router ID looks like an IP address, but it is not routable and therefore is not included in the routing
table, unless the OSPF routing process chooses an interface (physical or loopback) that is appropriately
defined by a network command.
Student Guide
4-71
Router ID (Cont.)
RouterX#show ip protocols
Routing Protocol is "ospf 100"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 10.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
<output omitted>
Verifies the device OSPF router ID
If an OSPF router is not configured with an OSPF router-id command and no loopback interfaces are
configured, the OSPF router ID will be the highest active IP address on any of its interfaces. The interface
does not need to be enabled for OSPF, meaning that it does not need to be included in one of the OSPF
network commands. However, the interface must be activeit must be in the up state. The example shows
the router ID of RouterX with no OSPF router-id command and no loopback interfaces that are configured.
For more details about the show ip protocols command, check the Cisco IOS IP Routing: ProtocolIndependent Command Reference at http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_13.html.

This topic describes how to configure single-area OSPF.

Configure OSPF
Configure OSPF
10.1.1.0/24Gi0/0.1
10.1.10.0/24Gi0/0.10
Gi0/1
10.1.20.0/24Gi0/0.20
192.168.1.1
Branch
Gi0/1
172.16.1.10/24
192.168.1.2
HQ
Branch(config)#router ospf 1
Branch(config-router)#network 10.0.0.0 0.255.255.255 area 0
Branch(config)#interface GigabitEthernet 0/1
Branch(config-if)#ip ospf 1 area 0
Configures OSPF on the Branch router
Basic OSPF is configured in two steps:

1.
Enable the OSPF routing process.
2.
Identify the networks that you want to advertise.

Description
router ospf process_id
Enters into OSPF routing configuration mode. The process ID is a number

between 1 and 65,535 and is chosen by the network administrator. The process
ID is locally significant, which means that it does not have to match other OSPF
routers to establish adjacencies with those neighbors.
network ip-address
wildcard_mask area area_id
The network command uses a combination of network address and wildcard

mask and serves as a criteria match to identify the interfaces that are enabled
to send and receive OSPF packets. The network address, along with the
wildcard mask, identifies which IP networks are part of the OSPF network and
are included in OSPF routing updates. The area ID identifies the OSPF area to
which the network belongs. When all of the routers are within the same OSPF
area, the network commands must be configured with the same area ID on all
routers. Even if no areas are specified, there must be an Area 0. In a singlearea OSPF environment, the area is always 0.
ip ospf process_id area area_id
Alternatively to a network command, you can use this interface configuration

mode command that enables OSPF explicitly on the selected interface.
The network that is identified in the network command does not tell the router which network to advertise;
rather, it indicates interfaces on which OSPF will be enabled. The subnet on this interface is what will be
advertised. For example, entering network 10.1.1.1 0.0.0.0 area 0 on the Branch router tells the router to
enable interface GigabitEthernet 0/0.1 for the routing process. The OSPF process advertises the network
that is on this interface (10.1.1.0/24).
Student Guide
4-73
For more details on the router ospf command, go to http://www.cisco.com/en/US/docs/ios/mcl/

allreleasemcl/all_11.html.
For more details on the network command, go to http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/
all_10.html.
Configuring Single-Area OSPF (Cont.)

10.1.1.0/24 - Gi0/0.1
10.1.10.0/24 - Gi0/0.10
Gi0/1
10.1.20.0/24 - Gi0/0.20
192.168.1.1
Gi0/1
172.16.1.10/24
192.168.1.2
Branch
HQ
Branch(config)#router ospf 1
Branch(config-router)#passive-interface GigabitEthernet 0/0.1
Configures the passive interface on GigabitEthernet 0/0.1 on the Branch router.
The router automatically sends OSPF hello packets out of every interface that is included into the OSPF
process. To limit the amount of unnecessary traffic in the LAN or to prevent other routers on a local
network to learn about routes dynamically, you can stop sending routing updates out of a specific interface.
This is achieved by configuring a passive interface option for a selected interface on which OSPF adjacency
is not desired.
In the figure, interface GigabitEthernet 0/0.1 on router Branch is configured as passive in OSPF
configuration mode with the passive-interface GigabitEthernet 0/0.1 configuration command.
For more details about the passive-interface command, go to Cisco IOS IP Routing: Protocol-Independent
Command Reference.
Configuring Single-Area OSPF (Cont.)

Announced
Default Route
10.1.1.0/24Gi0/0.1
10.1.10.0/24Gi0/0.10
Gi0/1
10.1.20.0/24Gi0/0.20
192.168.1.1
Gi0/1
172.16.1.10/24
192.168.1.2
Branch
HQ
The HQ router announces the default route through OSPF.
To be able to perform routing toward external networks or toward the Internet, a router must either know all
of the destination networks or have a default route. You can statically configure the default route, but it can
also be learned dynamically via the OSPF routing protocol. The router that announces the default route
needs to be configured with the default-information originate command in the routing protocols
configuration mode.
For more details about the default-information originate command, go to Cisco IOS IP Routing: OSPF
Command Reference.
Student Guide
4-75

This topic describes how to verify the configuration of single-area OSPF.

Branch#show ip protocols
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 192.168.1.1
Maximum path: 4
Routing for Networks:
10.0.0.0 0.255.255.255 area 0
Routing on Interfaces Configured Explicitly (Area 0):
GigabitEthernet0/1
Passive Interface(s):
Routing Information Sources:
Gateway
Distance
Last Update
1.1.1.1
110
00:50:43
Distance: (default is 110)
Verifies that OSPF on the Branch router is routing for all networks that it needs to
The show ip protocols command shows a summary of configured routing protocol information. It can be
very useful for a quick verification of how routing protocols are configured. You can see which protocols
are enabled and which networks these protocols are routing for. You can also see on which interfaces the
routing protocols were enabled explicitly. If passive interfaces are configured, they will be seen in the
output as well.
For more information about the show ip protocols command, go to http://www.cisco.com/en/US/
docs/ios/mcl/allreleasemcl/all_13.html.
Verifying OSPF Configuration (Cont.)

Branch#show ip ospf interface brief
Interface
PID
Area
IP Address/Mask
Gi0/0.1
1
0
10.1.1.1/24
Gi0/1
1
0
192.168.1.1/24
Gi0/0.20
1
0
10.1.20.1/24
Gi0/0.10
1
0
10.1.10.1/24
Cost
1
1
1
1
State
DR
BDR
DR
DR
Nbrs F/C
0/0
1/1
0/0
0/0
Shows which interfaces are enabled for the OSPF routing process
The show ip ospf interface command shows you which interfaces are enabled for OSPF. It is useful to
determine if your network statements were correctly composed.
For more information about the show ip ospf interface command, go to http://www.cisco.com/en/US/

Branch#show ip ospf neighbor
Neighbor ID Pri
State
Dead Time
1.1.1.1
1
FULL/DR
00:00:36
Address
192.168.1.2
Interface
GigabitEthernet0/1
Shows OSPF neighbors
The show ip ospf neighbor command displays OSPF neighbor information on a per-interface basis.
Student Guide
4-77
The example shows output from the show ip ospf neighbor command, with a single line of summary
information for each neighbor. The Branch router formed a full adjacency (as shown under State) with its
neighbor (Neighbor ID). The full state means that the router and its neighbor have identical OSPF link-state
databases.
The figure also shows the expected time before Cisco IOS Software will declare the neighbor of the router
dead (Dead Time), the neighbor IP addresses (Address), and the interfaces that the neighbors are connected
to (Interface).
For more information about the show ip ospf neighbor command, go to http://www.cisco.com/en/US/

Branch# show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
<output omitted>
Gateway of last resort is 192.168.1.2 to network 0.0.0.0
O*E2 0.0.0.0/0 [110/1] via 192.168.1.2, 00:02:45, GigabitEthernet0/1
C
L
C
L
C
L
172.16.0.0/32 is subnetted, 1 subnets
O
172.16.1.100 [110/2] via 192.168.1.2, 00:56:58, GigabitEthernet0/1
C
192.168.1.0/24 is directly connected, GigabitEthernet0/1
L
192.168.1.1/32 is directly connected, GigabitEthernet0/1
The routing table displays OSPF routes.
The show ip route command displays the routes that are known to the router and how they were learned.
This command is one of the best ways to determine connectivity between the local router and the rest of the
internetwork. In the figure, two routes from OSPF are in the routing table. One describes the 172.16.1.100
network, while the second one represents the default route that was learned dynamically over OSPF.
For more information about the show ip route command, go to http://www.cisco.com/en/US/docs/ios/mcl/
allreleasemcl/all_13.html.
Summary
Summary
OSPF is a link-state routing protocol that uses an area hierarchy.
OSPF exchanges hello packets to establish neighbor adjacencies
between routers.
The SPF algorithm uses a cost metric to determine the best path. Lower
cost indicates a better path.
Configuration of basic OSPF requires two steps:
Identify the networks to advertise.
The show ip ospf neighbor command displays OSPF neighbor

information on a per-interface basis.
Student Guide
4-79
Module Summary
This topic summarizes the key points that were discussed in this module.
Module Summary
VLANs are independent LAN networks that address segmentation,
security, and organizational flexibility.
Inter-VLAN communication cannot occur without a Layer 3 device (a
Layer 3 switch or router).
The DHCP server provides dynamic IP address assignments to end
hosts, reducing errors and the time that is needed to administer address
assignment.
A WAN is a collection of LANs, and routers play a central role in
transmitting data through these networks.
Routing protocols are a set of processes, algorithms, and messages that
Configuration of basic OSPF requires two steps:
Identify the networks to advertise.
Module Self-Check
Questions
Use the questions here to review what you learned. The correct answers and solutions are found in the
Module Self-Check Answer Key.
1.
Which feature is required for multiple VLANs to span multiple switches? (Source: Implementing
VLANs and Trunks)
A.
B.
C.
D.
2.
Which information does the show vlan command display? (Source: Implementing VLANs and
Trunks)
A.
B.
C.
D.
3.
multilayer switch
router
bridge
trunk
redundancy information
which ports are trunks
names of the VLANs and ports that are assigned to the VLANs
STP information
Match the terms and statements. (Source: Implementing VLANs and Trunks)
A.
B.
C.
STP
VLAN 1
native VLAN
factory default Ethernet VLAN

sends frames untagged
ensures a loop-free topology
4.
Which command correctly assigns a subinterface to VLAN 50 using 802.1Q trunking? (Source:
Routing Between VLANs)
A.
B.
C.
D.
5.
Arrange the steps of DHCP operation in the correct order. (Source: Using a Cisco Network Device as
a DHCP Server)
A.
B.
C.
D.
6.
DHCP request
DHCP discover
DHCP acknowledgment
DHCP offer
show ip dhcp available addresses

show ip dhcp conflict
show ip dhcp binding
show ip dhcp pool
Which two protocols are link-state routing protocols? (Choose two.) (Source: Introducing Dynamic
Routing Protocols)
A.
B.
C.
D.
E.
8.
phase 4
phase 2
phase 1
phase 3
Which command would you use to verify the number of available addresses in a DHCP pool?
(Source: Using a Cisco Network Device as a DHCP Server)
A.
B.
C.
D.
7.
Router(config)# encapsulation 50 dot1Q

Router(config)# encapsulation trunk dot1Q 50
Router(config-if)# encapsulation dot1Q 50
Router(config-if)# encapsulation 802.1Q vlan 50
OSPF
EIGRP
BGP
IS-IS
RIP
Which two statements correctly describe link-state routing protocols? (Choose two.) (Source:
Introducing Dynamic Routing Protocols)
A. They send complete routing tables to all connected neighbors.
B. They use the SPF algorithm.
C. The only information that a router knows about a remote network is the distance or metric to
reach this network.
D. They use triggered updates.
E. Two examples are OSPF and EIGRP.
9.
Which two statements correctly describe OSPF? (Choose two.) (Source: Implementing OSPF)
A.
B.
C.
D.
OSPF is a Cisco proprietary protocol.

Routers create a neighbor relationship by exchanging hello packets.
By default, cost is configured by the network administrator.
The OSPF topological database contains the collection of LSAs that were received from all
routers in the same area.
E. The OSPF neighbor table contains all of the routers within an OSPF area.
10.
Which command would you use to enter the OSPF routing configuration mode? (Source:
Implementing OSPF)
A.
B.
C.
D.
Router(config)# router ospf

Router(config)# router ospf 1
Router(config)# network 10.0.0.0 0.0.0.255 area 0
Router(config-router)# network 10.0.0.0 0.0.0.255 area 0
Student Guide
4-85
Answer Key
1.
2.
3.
A.
B.
C.
4.
5.
A.
B.
C.
D.
6.
7.
A, D
8.
B, D
9.
B, D
VLAN 1
native VLAN
STP
factory default Ethernet VLAN

sends frames untagged
ensures a loop-free topology
phase 1
phase 2
phase 3
phase 4
DHCP discover
DHCP offer
DHCP request
DHCP acknowledgment
10. B
Module 5
Introducing IPv6
Activity Objective
The growth of the Internet and the adoption of networking over the past 20 years are pushing IPv4 to the
limits of its addressing capacity and its ability for continued growth. To sustain the evolution of the Internet,
the IETF developed a next-generation protocol, IPv6. This module describes the factors leading toward
IPv6 development and compares IPv4 with IPv6.
Objectives
Upon completing this module, you will be able to meet these objectives:
Describe IPv6 main features, addresses, and basic configuration
Describe IPv6 operations
Identify routing protocols for IPv6
5-2
Lesson 1
Introducing Basic IPv6

Overview
The ability to scale networks for future demands requires a limitless supply of IP addresses and improved
mobility. To cope with the depletion of IP addresses, several short-term solutions were developed.
IPv6 satisfies the increasingly complex requirements of hierarchical addressing that IPv4 does not satisfy.
With a 128-bit address length, the IPv6 address space is significantly larger and more diverse, and therefore
is more complicated to manage.
This lesson describes IPv6 main features, addresses, and basic configuration.
Objectives
Identify issues in IPv4
Identify main IPv6 features
Describe IPv6 addresses and address types
Describe IPv6 unicast addresses
Describe manual address assignment, stateless autoconfiguration, and DHCPv6
Configure and verify basic IPv6 connectivity on Cisco IOS routers

This topic describes the issues in IPv4.

To extend the lifetime and usefulness of IPv4 and circumvent address
shortage, several mechanisms were created:
CIDR
VLSM
NAT
DHCP
Over the years, hardware support has been added to devices to support
IPv4 enhancements.
In an effort to allocate IPv4 addresses efficiently, CIDR was developed. CIDR allowed the address space to
be divided into smaller blocks.
VLSMs allow more efficient use of IP addresses, specifically on small segments such as point-to-point
serial links. VLSM usage was recommended in RFC 1817. CIDR and VLSM support is a prerequisite for
ISPs to receive additional allocations.
NAT introduced a model in which a device facing outward to the Internet would have a globally routable
IPv4 address, while the internal network would be configured with private addresses. These private
addresses could never leave the site, so they could be identical in many different enterprise networks. In this
way, even large enterprises with thousands of systems could hide behind a small number of routable public
networks.
The DHCP is used by a client to acquire configuration information, such as an IP address, a default route,
and DNS setup from a server.
5-4
Problems with IPv4 Addressing Workarounds

NAT breaks the end-to-end model of IP.
NAT inhibits end-to-end network security.
Some applications are not NAT friendly.
The merging of private networks is difficult if overlapping IP address
ranges are used.
One of the arguments against deploying IPv6 is that NAT will solve the problems of limited address space
in IPv4. The use of NAT merely delays the exhaustion of the IPv4 address space by using global addresses
for large internal networks.
There are several negative implications of using NAT, some of which are identified in RFC 2775 and RFC
2993, as follows:
NAT breaks the end-to-end model of IP. IP was defined so that underlying layers do not process the
connection; only the endpoints process the connection.
NAT inhibits end-to-end network security. To protect the integrity of the IP header by some
cryptographic functions, the IP header cannot be changed between the origin of the packet (to protect
the integrity of the header) and the final destination (to check the integrity of the received packet). Any
translation of parts of a header on the path will break the integrity check.
When applications are not NAT-friendlywhich means that, for a specific application, more than
just port and address mapping are necessary to forward the packet through the NAT deviceNAT has
to embed complete knowledge of all the applications to perform correctly. This is especially true for
dynamically allocated ports with rendezvous ports, embedded IP addresses in application protocols,
security associations, and so on. Therefore, the NAT device needs to be upgraded each time a new nonNAT-friendly application is deployed (for example, peer-to-peer).
When different networks use the same private address space and they have to merge or connect, there is
an address-space collision. Hosts that are different but that have the same address cannot communicate
with each other. This problem can be resolved by techniques such as renumbering or Twice NAT.
(Twice NAT is the practice of changing both the source and destination address of a packet.) However,
these techniques are costly and, later on, increase NAT complications.
Student Guide
5-5
IPv6 Features
This topic describes the main features of IPv6.
IPv6 Features
Larger address space: Global reach capability, flexibility, aggregation,
multihoming, autoconfiguration, plug-and-play, renumbering
Simpler header: Routing code streamlined, simpler processing in
hardware
Security and mobility: Built into the standard, not as extensions
Transition richness: Several mechanisms available, including dualstacking
IPv6 includes a number of features that make it attractive for building global-scale, highly effective
networks. The larger address space, strict aggregation, and autoconfiguration provide important capabilities.
Streamlined header structures make processing IPv6 packets faster and more efficient for intermediate
routers within the network. This is especially true when large numbers of packets are routed in the core of
the IPv6 Internet.
Features that were not part of the original IPv4 specification, such as security and mobility, are now built
into IPv6.
IPv6 also includes a rich set of transition tools to allow an easy, nondisruptive transition over time to IPv6dominant networks.
5-6
IPv6 Addresses
This topic describes IPv6 addresses and different address types.
IPv6 Addresses
Address representation follows:
Format is x:x:x:x:x:x:x:x, where x is a 16-bit hexadecimal field:
Example: 2001:0DB8:010F:0001:0000:0000:0000:0ACD
Leading zeros in a field are optional:

Example: 2001:DB8:10F:1:0:0:0:ACD
Successive fields of 0 are represented as :: but only once in an

address:
Example: 2001:DB8:10F:1::ACD
IPv6 addresses are represented as a series of eight 16-bit hexadecimal fields that are separated by colons.
The A, B, C, D, E, and F in hexadecimal fields are case-insensitive.
These are some ways to shorten the writing of IPv6 addresses:
The leading zeros in a field are optional, so 010F can be written as 10F and 0000 can be written as 0.
Successive fields of zeros can be represented as a double colon (::) but only once in an address. An
address parser can identify the number of missing zeros by separating the two parts and filling in zeros
until the 128 bits are completed. However, if two double colons are placed in the address, there is no
way to identify the size of each block of zeros. Therefore, only one double colon is possible in a valid
IPv6 address.
The use of the double-colon technique makes many addresses very small; for example, FF01:0:0:0:0:0:0:1
becomes FF01::1. The unspecified address is written as a double colon because it contains only zeros.
Student Guide
5-7
IPv6 Address Types

Unicast
Multicast
Anycast
Broadcast
IPv6 supports three types of addresses:

Unicast: Unicast addresses are used in a one-to-one context.
Multicast: A multicast address identifies a group of interfaces. Traffic that is sent to a multicast
address is sent to multiple destinations at the same time. An interface may belong to any number of
multicast groups.
Anycast: An IPv6 anycast address is assigned to an interface on more than one node. When a packet is
sent to an anycast address, it is routed to the nearest interface that has this address. The nearest
interface is found according to the measure of distance of the particular routing protocol. All nodes that
share the same address should behave the same way so that the service is offered similarly regardless of
the node that services the request.
Each address type has specific rules regarding its construction and use.
IPv6 has no support for broadcast addresses in the way that they are used in IPv4. Instead, specific multicast
addresses (such as the all-nodes multicast address) are used.
5-8

This topic describes the IPv6 unicast addresses.

Types of IPv6 unicast addresses:
Global: Starts with 2000::/3 and assigned by the Internet Assigned
Numbers Authority
/23
2001
/32
/48
/64
Interface ID
0DB8
Registry
ISP Prefix
Site Prefix
Subnet Prefix
IPv6 Unicast Addresses (Cont.)

Private: Link local (starts with FE80::/10)
128 Bits
0
Interface ID
64 Bits
1111 1110 10
FE80::/10
10 Bits
Loopback (::1)
Unspecified (::)
Reserved: Used by the IETF
There are several basic types of IPv6 unicast addresses: global, reserved, private (link-local), loopback, and
unspecified.
Student Guide
5-9
RFC 4291 specifies 2000::/3 to be global unicast address space that the IANA may allocate to the RIRs. A
global unicast address is an IPv6 address from the global unicast prefix. The structure of global unicast
addresses enables the aggregation of routing prefixes, which limits the number of routing table entries in the
global routing table. Global unicast addresses that are used on links are aggregated upward through
organizations and eventually to the ISPs.
Link-local addresses are new to the concept of addressing with IP in the network layer. These addresses
refer only to a particular physical link. Link-local addresses typically begin with "FE80." The next digits
can be defined manually. If you do not define them manually, the interface MAC address is used based on
the EUI-64 format.
Just as in IPv4, a provision has been made for a special loopback IPv6 address for testing; datagrams that
are sent to this address loop back to the sending device. However, in IPv6 there is just one address, not a
whole block, for this function. The loopback address is 0:0:0:0:0:0:0:1, which is normally expressed as ::
1.
In IPv4, an IP address of all zeroes has a special meaning in that it refers to the host itself and is used when
a device does not know its own address. In IPv6, this concept has been formalized, and the all-zeroes
address is named the unspecified address. This address is typically used in the source field of a datagram
that is sent by a device that seeks to have its IP address configured. You can apply address compression to
this address. Because the address is all zeroes, the address becomes just ::.
The IETF reserved a portion of the IPv6 address space for various uses, both present and future. Reserved
addresses represent 1/256th of the total IPv6 address space.
The lowest address within each subnet prefix (the interface identifier set to all zeroes) is reserved as the
"subnet-router" anycast address.
The 128 highest addresses within each /64 subnet prefix are reserved to be used as anycast addresses.
EUI-64 Interface ID Assignment

EUI-64 Interface ID Assignment
MAC Address
00
00
90
90
27
27
FF
64-Bit Version
U/L Bit
00
90
27
FF
where X =
000000X0
17
FC
0F
17
FC
0F
FE
FE
17
FC
0F
1 = Universally Unique
0 = Locally Unique
X=1
EUI-64 Address
02
90
27
FF
FE
17
FC
0F
The EUI-64 standard explains how to stretch IEEE 802 MAC addresses from 48 to 64 bits by inserting the
16-bit 0xFFFE in the middle (at the 24th bit) of the MAC address to create a 64-bit, unique interface
identifier. In the first byte of the vendor OUI, bit 7 indicates the scope: 0 for global and 1 for local. As most
burned-in addresses are globally scoped, bit 7 will usually be 0. The EUI-64 standard also specifies that the
value of the 7th bit be inverted. So for example, MAC address 00-90-27-17-FC-0F becomes 02-90-27-17FC-0F. The resulting EUI-64 address on network 2001:0DB8:0:1::/64 would be
2001:0DB8:0:1:0290:27FF:FE17:FC0F.
Student Guide
5-11

This topic describes different address assignment options.

Manual assignment with or without EUI-64
Stateless autoconfiguration: Uses neighbor discovery mechanisms to
find routers and dynamically create IPv6 addresses
Stateful autoconfiguration: Uses a DHCPv6 server to assign IPv6
addresses and additional parameters to hosts
Router sends network-type information
(prefix, default route, and so on)
Host autoconfigured address:

prefix received + 64-bit interface ID
The IPv6 address can be completely specified, or the host identifier (the right-most 64 bits) can be
computed from the EUI-64 of the interface.
Having a much larger address space that is available, IPv6 engineers designed a way to enable
autoconfiguration of the addresses while still keeping the global uniqueness. A router on the local link will
send network-type information, such as the prefix of the local link and the default route, to all of the nodes
on the local link. A host can autoconfigure itself by appending its data link layer address (in a special 64-bit
EUI [EUI-64] format) to the local link prefix (64 bits). This autoconfiguration results in a complete 128-bit
IPv6 address that is usable on the local link and is, most likely, globally unique. To avoid the rare event of
address collision, a process is enabled to detect duplicate addresses.
Autoconfiguration enables plug and play, which connects devices to the network without any
configuration and without any stateful servers (such as DHCP servers). Autoconfiguration is an important
feature for enabling deployment of new devices on the Internet, such as cell phones, wireless devices, home
appliances and networks, and so on.
Autoconfiguration can be accomplished in two ways: statelessvia neighbor discovery and router
advertisementsas previously described, and stateful, using a DHCPv6 server. The difference between the
two is that, with the stateful method, a record is kept of which hosts are assigned which addresses. The
stateless method does not maintain these records.
A router announcement can indicate to hosts whether or not additional configuration parameters are
available via stateful configuration (DHCPv6), such as DNS, IP options, and so on.
DNS is a distributed Internet directory service that is used to translate between domain names and IP
addresses as well as between IP addresses and domain names. The DNS protocol had to be updated to
support IPv6 in addition to IPv4. Using DDNS, DHCPv6 clients can dynamically update their records in
DNS.

This topic describes needed configuration and verification tasks to enable IPv6 connectivity.

Router(config)#ipv6 unicast-routing
Enables IPv6 routing on Cisco routers

Router(config-if)#ipv6 address 2001:db8:D1A5:C900::1/64
Configures the interface with a specific IPv6 address
These are some configuration commands for enabling IPv6.
Configuring IPv6 Commands

Command
Description
ipv6 unicast-routing
Enables IPv6 routing on Cisco routers
ipv6 address ipv6-address/ipv6length [eui-64]
Configures the interface IPv6 address. With the eui-64 option, the last 64
bits in the address are calculated by the EUI-64 format from the MAC
address.
When configuring an IPv6 address and IPv6 length, there is a slash
between them. Be careful, there is no space between the IPv6 address,
slash, and IPv6 length.
Student Guide
5-13
Cisco IOS IPv6 Configuration Example

Branch
2001:db8 :D1A5:C900::1
HQ
2001:db8 :D1A5:C900::2
IPv6 configuration on the Branch router:

Branch(config)#ipv6 unicast-routing
Branch(config)#interface GigabitEthernet 0/1
Branch(config-if)#ipv6 address 2001:db8:D1A5:C900::1/64
IPv6 configuration on the headquarters router:

HQ(config)#ipv6 unicast-routing
HQ(config)#interface GigabitEthernet 0/1
HQ(config-if)#ipv6 address 2001:db8:D1A5:C900::2/64
The example shows an IPv6 configuration on two routers. The routers are connected with the Gigabit
Ethernet interface.
Cisco IOS IPv6 Configuration Example (Cont.)

Cisco IOS IPv6 verification:
Displays IPv6 interface status
Branch#show ipv6 interface GigabitEthernet 0/1
GigabitEthernet0/1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::FE99:47FF:FEE5:2599
No Virtual link-local address(es):
Description: Link to HQ
Global unicast address(es):
2001:DB8:D1A5:C900::1, subnet is 2001:DB8:D1A5:C900::/64
< output omitted >
Verifies IPv6 connectivity

Branch#ping 2001:db8:D1A5:C900::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:D1A5:C900::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms
Basic IPv6 Connectivity (Cont.)

Cisco IOS IPv6 verification (Cont.):
Traces the IPv6 address
Branch#traceroute 2001:db8:D1A5:C900::2
Tracing the route to 2001:DB8:D1A5:C900::2
1 2001:DB8:D1A5:C900::2 0 msec 0 msec 0 msec
Uses Telnet to connect to the IPv6 address

Branch#telnet 2001:db8:D1A5:C900::2
Trying 2001:DB8:D1A5:C900::2 ... Open
HQ#
SSH to the IPv6 address

Branch#ssh -l ccna 2001:DB8:D1A5:C900::2
Password:
HQ#
These are some commands for IPv6 verification.
Configuring IPv6 Commands

Command
Description
show ipv6 interface interface
Verifies IPv6 interface status and setup
ping ipv6-address
Verifies IPv6 connectivity
traceroute ipv6-address
Traces the IPv6 address
telnet ipv6-address
Uses Telnet to connect to the IPv6 address
ssh -l username ipv6-address
Establishes SSH remote session to the IPv6 address
Student Guide
5-15
Summary
Summary
To extend the lifetime and usefulness of IPv4 and circumvent address
shortage, several mechanisms were created: CIDR, VLSM, NAT, and
DHCP.
Main IPv6 features are larger address space, simpler header, security,
mobility, and transition richness.
IPv6 addresses are represented as a series of eight 16-bit hexadecimal
fields that are separated by colons.
There are several basic types of IPv6 unicast addresses: global,
reserved, private (link-local), loopback, and unspecified.
IPv6 addresses can be allocated by manual assignment with or without
EUI-64. Addresses can also be obtained automatically through stateless
or stateful autoconfiguration.
To enable IPv6 on the router, use the ipv6 unicast-routing command.
Lesson 2
Understanding IPv6
Overview
The header format for each IP packet carries crucial information for the routing and processing of each
packet payload. Header construction plays an important role in the efficiency and extensibility of the
network. ICMP plays an important role in troubleshooting networks, facilitating simple tools such as ping,
or determining that a packet could not reach its destination. This lesson describes both IPv6 and ICMPv6.
Any device that attaches to a network goes through numerous processes to identify itself and to obtain
services from the network. This premise is true in either an IPv4 or IPv6 network. However, people who
design and manage IPv6 networks will discover that although the processes that are used in IPv6, have
some similarities to those that are used in IPv4, they are different. Understanding these processes is
fundamental to properly supporting an IPv6-enabled environment.
This lesson describes IPv6 neighbor discovery, which is the process in which neighbors discover each other
and autoconfigure addresses.
The lesson also explains how stateless autoconfiguration helps to automatically assign IPv6 addresses to
devices in the network.
Objectives
Describe the IPv6 header format
Describe ICMPv6
Describe the neighbor discovery process and mapping from IPv6 addresses to Layer 2 addresses
Describe and configure stateless autoconfiguration

This topic describes the IPv6 header format.

IPv4 header format
Version
Type of Service
Hd Len
Identification
Time to Live
Protocol
Total Length
Flags
Fragment Offset
Header Checksum
Source Address
Destination Address
Options
Padding
20
Octets
Variable
Length
Data Portion
32 Bits
The IPv4 header contains 12 fields. Following these fields is an Options field of variable length that the
figure shows in yellow and a data portion that is usually the transport layer segment. The basic IPv4 header
has a size of 20 octets. The Options field increases the size of the IP header.
Of these 12 header fields, 6 are removed in IPv6; these fields are in green in the figure. The main reasons
for removing these fields in IPv6 are as follows:
The Internet Header Length (Hd Len) field was removed because all IPv6 headers are a fixed, 40-byte
length, unlike IPv4, in which the header length is variable.
Fragmentation is now processed differently and does not need the fields in the basic IP header. In IPv6,
routers no longer process fragmentation, which is a change that removes the processing issues that
result when routers process IPv4 fragmentation. The related, removed fields appear in the
Fragmentation Extension Header in IPv6, which is attached only to a packet that is actually
fragmented.
The Header Checksum field at the IP layer was removed because most data link layer technologies
already perform checksum and error control and because the relative reliability of the data link layer is
very good. However, this removal forces the upper-layer optional checksums, such as UDP, to become
mandatory.
The Options field is changed in IPv6 and is now processed by an extension header chain.
Most other fields were either unchanged or changed only slightly.
IPv6 Header Changes and Benefits (Cont.)

IPv6 header format
Version
Traffic Class
Payload Length
Flow Label
Next Header
Source Address
Hop Limit
40
Octets
Destination Address
Next Header
Extension Header Information
Variable
Length
Data Portion
32 Bits
The IPv6 header has 40 octets, instead of 20 octets as in IPv4. The IPv6 header has fewer fields, and the
header is aligned on 64-bit boundaries to enable fast processing by current and next-generation processors.
Address fields are four times larger than in IPv4.
The IPv6 header contains eight fields:
1.
Version: This 4-bit field contains the number 6, instead of the number 4 as in IPv4.
2.
Traffic Class: This 8-bit field is like the ToS field in IPv4.
3.
Flow Label: This new field has a length of 20 bits and is used to mark individual traffic flows with
unique values, of which routers can use to provide per-flow nondefault treatment.
4.
Payload Length: This field is like the Total Length field of IPv4, but because the IPv6 base header is a
fixed size, this field describes the length of the payload only, not of the entire packet.
5.
Next Header: The value of this field determines the type of information that follows the basic IPv6
header.
6.
Hop Limit: This field specifies the maximum number of hops that an IP packet can traverse.
7.
Source Address: This field of 16 octets or 128 bits identifies the source of the packet.
8.
Destination Address: This field of 16 octets or 128 bits identifies the destination of the packet.
Following these eight fields are the extension headers, if any, that carry optional Internet layer information.
The number of extension headers is not fixed, so the total length of the extension header chain is variable.
Student Guide
5-19
ICMPv6
This topic describes different ICMPv6 message types and how they are used.
ICMPv6
Provides diagnostic (echo, echo reply)
Router discovery (router solicitation, router advertisement)
Neighbor discovery (neighbor solicitation, neighbor advertisement)
Next Header = 58
ICMPv6 Packet
IPv6 Basic Header

ICMPv6 Packet
ICMPv6 Packet
ICMPv6 Type
ICMPv6 Code
Checksum
ICMPv6 Data
ICMPv6 is like ICMPv4. ICMPv6 enables nodes to make diagnostic tests and report problems. Like
ICMPv4, ICMPv6 implements two kinds of messages: error messages, such as Destination Unreachable,
Packet Too Big, or Time Exceeded, and informational messages, such as Echo Request and Echo Reply.
The ICMPv6 packet is identified as 58 in the Next Header field. Inside the ICMPv6 packet, the Type field
identifies the type of ICMP message. The Code field further details the specifics of this type of message.
The Data field contains information that is sent to the receiver for diagnostics or information purposes.
ICMPv6 is used on-link for router solicitation and advertisement, for neighbor solicitation and
advertisement (acquisition of data link layer addresses for IPv6 neighbors), and for the redirection of nodes
to the best gateway.
Neighbor Discovery
This topic describes the neighbor discovery process and mapping between IPv6 addresses and Layer 2
addresses.
Neighbor Discovery
Neighbor discovery performs the same functions in IPv6 as
ARP does in IPv4
Neighbor discovery:
Determines the link layer address of a neighbor
Finds neighbor routers on the link
Queries for duplicate addresses
Is achieved by using ICMPv6 with IPv6 multicast
Neighbor discovery is used on-link for router solicitation and advertisement, for neighbor solicitation and
advertisement, and for the redirection of nodes to the best gateway.
Neighbor discovery is a process that enables these functions:
Determines the data link layer address of a neighbor on the same link, such as ARP does in IPv4
Finds neighbor routers
Keeps track of neighbors
Neighbor discovery achieves these results by using ICMP with multicast addresses.
Student Guide
5-21
Stateless autoconfiguration uses neighbor discovery mechanisms to find routers and dynamically create
IPv6 addresses. This topic describes operation and configuration of IPv6 stateless autoconfiguration.
Router Advertisement
Router advertisement packet:

ICMP type 134
Source = router link-local address
Destination = FF02::1 (all-nodes multicast address)
Data = options, prefix, lifetime, autoconfiguration flag
Router advertisements are sent periodically and on request by routers on all of their configured interfaces. A
router advertisement is sent to the all-nodes multicast address. This information might be contained in the
message:
One or more prefixes that can be used on the link. This information enables stateless autoconfiguration
of the hosts. These prefixes must be /64 for stateless autoconfiguration.
Lifetime of the prefixes. By default, in Cisco IOS Software, the lifetime is very long: The default valid
lifetime is 30 days, and the default preferred lifetime is 7 days.
Flags that indicate the kind of autoconfiguration that the hosts can perform.
Default router information, such as existence and lifetime.
Other types of information for hosts, including default MTU and hop count.
By sending prefixes, a router advertisement enables the autoconfiguration of hosts. By assigning lifetimes
to prefixes, a router advertisement enables the renumbering of hosts. An old, deprecated prefix has a
lifetime that is decreased to zero, and a new prefix will have a normal lifetime.
Router advertisement timing and other parameters can be configured on the routers.
Stateless Autoconfiguration (Cont.)

Router solicitations
At boot time, nodes send router solicitations to promptly
receive router advertisements.
Router Solicitation
Router solicitation packet:

ICMP type 133
Source = :: (unspecified address)
Destination = FF02::2 (all-routers multicast address)
A router advertisement is typically sent immediately following a router solicitation. Router solicitations are
sent by hosts at boot time to ask routers to send an immediate router advertisement on the local link so that
the host can receive the autoconfiguration information without waiting for the next scheduled router
advertisement.
The router solicitation message is defined as follows:
The ICMP type is 133.
The source address is the unspecified address (or the IP address that is assigned to the sending interface
when the IP address is known, which is not usually the case).
The destination address is the all-routers multicast address with the link-local scope.
When an answer to a router solicitation is sent, the destination address of the router advertisement is the
unicast address of the requestor.
To avoid flooding, a router solicitation should be sent only at boot time and only three times. This practice
avoids flooding of router solicitation packets in the absence of a router on the network.
Student Guide
5-23
Stateless Autoconfiguration (Cont.)

The Branch router configures stateless autoconfiguration on the
interface.
The default route is added, based on route advertisement information, if
the default keyword is added.
Branch(config-if)#ipv6 address autoconfig [default]
Configure stateless
autoconfiguration on the
interfacet
Branch
HQ
Router
Solicitation
Router
Advertisement
This is a configuration command that enables stateless autoconfiguration on the router interface.
Configuring Stateless Autoconfiguration Command

Command
Description
ipv6 address autoconfig [default]
Configures stateless autoconfiguration on the interface
Summary
Summary
The IPv6 header has removed unnecessary fields, resulting in a more
streamlined, simpler protocol.
ICMPv6 provides diagnostic, router, and neighbor discovery.
Neighbor discovery is a critical process that allows neighbors to
determine the link-layer address that is associated with a given IPv6
address.
Autoconfiguration provides a type of network plug-and-play feature, in
which devices can assign their own address, based on router-provided
information.
Student Guide
5-25
Lesson 3
Configuring IPv6 Routing

Overview
Routing protocols must support IPv6 to facilitate the successful transport and operations of IPv6-generated
traffic. OSPF is a widely used IGP. Understanding the differences between OSPFv2 and OSPFv3 are
required for the successful deployment and operation of an IPv6 network using OSPF for routing. This
lesson describes how to configure and verify static IPv6 routes and OSPFv3.
Objectives
Describe routing types for IPv6
Configure and verify static routing for IPv6
Configure and verify OSPFv3
Routing for IPv6

This topic describes different routing protocols and methods that support IPv6 routing.
Routing for IPv6

Exterior Gateway
Protocols (EGPs)
(MP-BGP4)
Interior Gateway
Protocols (IGPs)
(RIPng, EIGRP for IPv6, OSPFv3)
Routing for IPv6 (Cont.)

IPv6 routing types:
static
RIPng (RFC 2080)
EIGRP for IPv6
OSPFv3 (RFC 2740)
MP-BGP4 (RFC 2545/2858)
Many of the common routing protocols have been modified to handle longer IPv6 addresses and different
header structures.
You can use and configure IPv6 static routing in the same way that you would with IPv4. There is an IPv6specific requirement per RFC 2461 that a router must be able to determine the link-local address of each of
its neighboring routers to ensure that the target address of a redirect message identifies the neighbor router
by its link-local address. This requirement means that using a global unicast address as a next-hop address
with IPv6 routing is not recommended.
Student Guide
5-29
Static Routing
This topic describes how to configure and verify static IPv6 routing.
Static Routing
IPv6
2001:DB8:A01::/48
2001:DB8:D1A5:C900::1
Gi0/1
2001:DB8 :AC10:100::64
2001:DB8:D1A5:C900::2
Server
Gi0/1
Internet
Branch
HQ
Default route
Static route
The static IPv6 route is configured on the HQ router:

HQ(config)#ipv6 route 2001:DB8:A01::/48 Gi0/1 2001:DB8:D1A5:C900::1
The default IPv6 route is configured on the Branch router:

Branch(config)#ipv6 route ::/0 Gi0/1 2001:DB8:D1A5:C900::2
These are IPv6 static and default route commands:
Configuring an IPv6 Static Route Command

Command
Description
ipv6 route ipv6_network/ipv6_mask

outgoing_interface ipv6_next_hop
Configures a static IPv6 route
ipv6 route ::/0 outgoing_interface

ipv6_next_hop
Configures a default IPv6 route
Static Routing (Cont.)

Verify the static IPv6 route on the HQ router:
HQ#show ipv6 route static
IPv6 Routing Table - default - 4 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, I1 - ISIS L1, I2 - ISIS L2
IA - ISIS interarea, IS - ISIS summary, D - EIGRP, EX - EIGRP external
ND - Neighbor Discovery, l - LISP
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
S
2001:DB8:A01::/48 [1/0]
via 2001:DB8:D1A5:C900::1, GigabitEthernet0/1

Verify the default IPv6 route on the Branch router:
Branch#show ipv6 route static
S
::/0 [1/0]
via 2001:DB8:D1A5:C900::2, GigabitEthernet0/1
Student Guide
5-31

Verify IPv6 connectivity from the Branch router to IPv6 address
2001:db8:AC10:100::64:
Branch#ping 2001:db8:AC10:100::64
Sending 5, 100-byte ICMP Echos to 2001:DB8:AC10:100::64, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/0 ms
These are IPv6 static routing verification commands:
IPv6 Static Routing Verification Commands

Command
Description
show ipv6 route
Displays IPv6 routing information
ping ipv6_address
Verifies connectivity to the IPv6 address
OSPFv3
This topic describes how to configure and verify OSPFv3.
OSPFv3
Router ID looks like an IPv4 address.
Adjacencies and next-hop attributes use link-local addresses.
IPv6 is used for transport of the LSA.
OSPFv3 is enabled per link, not per network.
These OSPF features have been updated for IPv6:

The OSPFv3 process no longer requires an IPv4 address for the router ID, but it does require a 32-bit
number to be set.
OSPFv3 adjacencies use link-local addresses to communicate. Router next-hop attributes are
neighboring router link-local addresses. Because link-local addresses have the same prefix, OSPF
needs to store the information about the outgoing interface.
OSPFv3 uses IPv6 for transport of LSAs. IPv6 protocol number 89 is used.
OSPFv3 is enabled per-link and identifies which networks (prefixes) are attached to this link for
determining prefix reachability propagation and OSPF area.
Student Guide
5-33
OSPFv3 (Cont.)
Router ID 0.0.0.2
Router ID 0.0.0.1
OSPFv3
Gi0/1
Gi0/1
Gi0/0
Gi0/0
Branch
2001:DB8:A01::/48
HQ
2001:DB8 :AC10:100::/64
OSPFv3 is configured on the HQ router:

HQ(config)# interface GigabitEthernet0/0
HQ(config-if)# ipv6 ospf 1 area 0
HQ(config-if)# exit
HQ(config)# interface GigabitEthernet0/1
HQ(config-if)# ipv6 ospf 1 area 0
HQ(config-if)# exit
HQ(config)# ipv6 router ospf 1
HQ(config-rtr)# router-id 0.0.0.1
OSPFv3 (Cont.)
OSPFv3 is configured on the Branch router:
Branch(config)# interface GigabitEthernet0/0
Branch(config-if)# ipv6 ospf 1 area 0
Branch(config-if)# exit
Branch(config)# interface GigabitEthernet0/1
Branch(config-if)# ipv6 ospf 1 area 0
Branch(config-if)# exit
Branch(config)# ipv6 router ospf 1
Branch(config-rtr)# router-id 0.0.0.2
These are OSPFv3 commands:
Configuring OSPFv3 Commands

Command
Description
ipv6 ospf process_id area area_id
Enables OSPFv3 routing on the interface
ipv6 router ospf process_id
Enables the OSPFv3 routing process and enters routing process

configuration mode
router-id router_id
Sets the OSPFv3 router ID with a 32-bit number
OSPFv3 (Cont.)
Verify the OSPFv3 route on the Branch router:
Branch# show ipv6 route ospf
O
2001:DB8:AC10:100::64/128 [110/1]
via FE80::FE99:47FF:FEE5:2551, GigabitEthernet0/1
Verify the OSPFv3 neighbor on the Branch router:

Branch# show ipv6 ospf neighbor
Neighbor ID
Pri
State
0.0.0.1
1
FULL/BDR
GigabitEthernet0/1
4
Dead Time
00:00:38
Interface ID
Interface
OSPFv3 (Cont.)
Verify OSPFv3 settings on the Branch router:
Branch# show ipv6 ospf
Routing Process "ospfv3 1" with ID 0.0.0.2
Event-log enabled, Maximum number of events: 1000, Mode: cyclic
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Minimum LSA interval 5 secs
Minimum LSA arrival 1000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x000000
Graceful restart helper support enabled
Reference bandwidth unit is 100 mbps
< output omitted >
Student Guide
5-35
These are OSPFv3 verification commands:
OSPFv3 Verification Commands

Command
Description
show ipv6 route
Displays IPv6 routing information
show ipv6 ospf neighbor
Displays OSPFv3 neighbors
show ipv6 ospf
Displays OSPFv3 settings (process ID, timers, and number of areas)
Summary
Summary
Cisco supports all of the major IPv6 routing protocols: RIPng, OSPFv3,
and EIGRP.
Configure the IPv6 static and default route by using the ipv6 route
command.
OSPFv3 is enabled per link and not per network. OSPFv3 adjacencies
use link-local addresses to communicate.
Student Guide
5-37
Module Summary
This topic summarizes the key points that were discussed in this module.
Module Summary
IPv6 includes a number of features that make it attractive for building
global-scale, highly effective networks. The larger address space and
autoconfiguration provide important capabilities.
Neighbor discovery is used on-link for router solicitation and
advertisement, for neighbor solicitation and advertisement, and for the
redirection of nodes to the best gateway.
You can use and configure IPv6 static routing in the same way that you
would with IPv4. OSPFv3 is one of the dynamic routing protocols that
supports IPv6.
Module Self-Check
Questions
Use the questions here to review what you learned in this module. The correct answers and solutions are
found in the Module Self-Check Answer Key.
1.
What was the primary issue that was solved by creating IPv6? (Source: Introducing Basic IPv6)
A.
B.
C.
D.
2.
What is the shortest way to represent IPv6 address 2001:0DB8:0000:300F:0000:0000:A87C:040B?

(Source: Introducing Basic IPv6)
A.
B.
C.
D.
3.
running out of address space

complicated IPv4 header
security and mobility
richness in the transition tools
2001:DB8:0:300F:0:A87C:40B
2001:DB8:0:300F::A87C:40B
2001:DB8::300F::A87C:40B
2001:0DB8:0:300F::A87C:040B
Which three IPv4 header fields were present in the IPv4 header but not in the IPv6 header? (Choose
three.) (Source: Understanding IPv6)
A.
B.
C.
D.
E.
IHL
type of service
header checksum
flags
flow label
4.
The extension headers serve which important function in IPv6 networks? (Source: Understanding
IPv6)
A.
B.
C.
D.
5.
Neighbor discovery is used for which two of these functions? (Choose two.) (Source: Understanding
IPv6)
A.
B.
C.
D.
6.
autoconfig ipv6 address

ipv6 address autoconfig
autoconfig ip address
ipv6 address stateless autoconfig
Which command is used to configure the static IPv6 default route? (Source: Configuring IPv6
Routing)
A.
B.
C.
D.
8.
discover Layer 2 addresses of on-link IPv6 peers

discover the global unicast address of the other host on the subnet
discover the Layer 2 address of the other host on the subnet
discover the link-local IPv6 addresses of on-link neighbors
Which interface command causes the IPv6 interface address to be obtained using stateless
autoconfiguration? (Source: Understanding IPv6)
A.
B.
C.
D.
7.
carry optional Internet layer information

allow IPv6 nodes to manipulate routers
identify processes that manipulate the routers in the path of a packet
replace the traditional role of TCP and UDP in a network
ipv6 route ::/0 interface next_hop

ipv6 route default interface next_hop
ipv6 route 0.0.0.0/0 interface next_hop
ip route 0.0.0.0/0 interface next_hop
Which item represents similarities between OSPFv3 and OSPFv2? (Source: Configuring IPv6
Routing)
A.
B.
C.
D.
support for IPv4 and IPv6

support for IPv4
enabled per-link, rather than per-network, using network statements
link-state routing protocols
Answer Key
1.
2.
3.
A, C, D
4.
5.
A, C
6.
7.
8.
Student Guide
5-43
Glossary
Term
Definition
ARP
Address Resolution Protocol. Internet protocol that is used to map an

IP address to a MAC address. Defined in RFC 826.
AS
autonomous system. A collection of networks under a common

administration sharing a common routing strategy. Autonomous
systems are subdivided by areas. An autonomous system must be
assigned a unique 16-bit number by the IANA.
BDR
backup designated router.
BGP
Border Gateway Protocol. Interdomain routing protocol that replaces

EGP. BGP exchanges reachability information with other BGP
systems. It is defined by RFC 1163.
CIDR
classless interdomain routing. Technique supported by BGP4 and

based on route aggregation. CIDR allows routers to group routes
together to reduce the quantity of routing information carried by the
core routers. With CIDR, several IP networks appear to networks
outside the group as a single, larger entity. With CIDR, IP addresses
and their subnet masks are written as four octets, separated by
periods, followed by a forward slash and a two-digit number that
represents the subnet mask.
CSU
channel service unit. Digital interface device that connects end-user

equipment to the local digital telephone loop. Often referred to
together with DSU, as CSU/DSU.
DDNS
Dynamic Domain Name System
DHCP
Dynamic Host Configuration Protocol. Provides a mechanism for

allocating IP addresses dynamically so that addresses can be reused
when hosts no longer need them.
DNS
Domain Name System. System used on the Internet for translating

names of network nodes into addresses.
DNS
Domain Name System. System used on the Internet for translating

names of network nodes into addresses.
DR
designated router.
DSU
data service unit. Device used in digital transmission that adapts the
physical interface on a DTE device to a transmission facility, such as
T1 or E1. The DSU also is responsible for such functions as signal
timing. Often referred to together with CSU, as CSU/DSU.
DTP
Dynamic Trunking Protocol.
EGP
Exterior Gateway Protocol. Internet protocol for exchanging routing

information between autonomous systems. Documented in RFC 904.
Not to be confused with the general term exterior gateway protocol.
EGP is an obsolete protocol that was replaced by BGP.
Student Guide
G-1
Term
Definition
EIGRP
Enhanced Interior Gateway Routing Protocol. Advanced version of

IGRP developed by Cisco. Provides superior convergence properties
and operating efficiency, and combines the advantages of link-state
protocols with those of distance vector protocols.
EIGRP
Enhanced Interior Gateway Routing Protocol. Advanced version of

IGRP developed by Cisco. Provides superior convergence properties
and operating efficiency, and combines the advantages of link-state
protocols with those of distance vector protocols.
EUI
extended universal identifier
FCS
frame check sequence. Extra characters added to a frame for error

control purposes. Used in HDLC, Frame Relay, and other data link
layer protocols.
GARP
Gratuitous Address Resolution Protocol.
giaddr
gateway IP address
Gigabit Ethernet
Standard for a high-speed Ethernet, approved by the IEEE (Institute

of Electrical and Electronics Engineers) 802.3z standards committee
in 1996.
IANA
Internet Assigned Numbers Authority. Organization operated under

the auspices of the ISOC as a part of the IAB. IANA delegates
authority for IP address-space allocation and domain-name
assignment to the InterNIC and other organizations. IANA also
maintains a database of assigned protocol identifiers used in the
TCP/IP stack, including autonomous system numbers.
ICMP
Internet Control Message Protocol. Network layer Internet protocol

that reports errors and provides other information relevant to IP
packet processing. Documented in RFC 792.
IEEE 802.1Q
The IEEE 802.1Q specification establishes a standard method for

tagging Ethernet frames with VLAN membership information and
defines the operation of VLAN bridges that permit the definition,
operation, and administration of VLAN topologies within a bridged
LAN infrastructure.
IETF
Internet Engineering Task Force. Task force consisting of over 80

working groups responsible for developing Internet standards. The
IETF operates under the auspices of ISOC.
IETF
Internet Engineering Task Force. Task force consisting of over 80

working groups responsible for developing Internet standards. The
IETF operates under the auspices of ISOC.
IGP
interior gateway protocol. Internet protocol used to exchange routing

information within an autonomous system. Examples of common
Internet IGPs include IGRP, OSPF, and RIP.
IGP
interior gateway protocol. Internet protocol used to exchange routing

information within an autonomous system. Examples of common
Internet IGPs include IGRP, OSPF, and RIP.
G-2
Term
Definition
IPv4
IP version 4
IPv6
IP version 6. Replacement for the current version of IP (version 4).

IPv6 includes support for flow ID in the packet header, which can be
used to identify flows. Formerly called IPng (next generation).
IS-IS
Intermediate System-to-Intermediate System. OSI link-state

hierarchical routing protocol based on DECnet Phase V routing,
whereby ISs (routers) exchange routing information based on a single
metric to determine network topology.
ISP
Internet service provider. Company that provides Internet access to

other companies and individuals.
LSA
link-state advertisement. Broadcast packet used by link-state

protocols that contains information about neighbors and path costs.
LSAs are used by the receiving routers to maintain their routing
tables. Sometimes called an LSP.
LSA
link-state advertisement. Broadcast packet used by link-state

protocols that contains information about neighbors and path costs.
LSAs are used by the receiving routers to maintain their routing
tables. Sometimes called an LSP.
MP-BGP
Multiprotocol Border Gateway Protocol
MTU
maximum transmission unit. Maximum packet size, in bytes, that a

particular interface can handle.
multicast address
Single address that refers to multiple network devices. Synonymous

with group address.
NAT
Network Address Translation. Mechanism for reducing the need for

globally unique IP addresses. NAT allows an organization with
addresses that are not globally unique to connect to the Internet by
translating those addresses into globally routable address space. Also
known as Network Address Translator.
NIC
network interface card. Board that provides network communication

capabilities to and from a computer system. Also called an adapter.
OSPF
Open Shortest Path First. Link-state, hierarchical IGP routing

algorithm proposed as a successor to RIP in the Internet community.
OSPF features include least-cost routing, multipath routing, and load
balancing. OSPF was derived from an early version of the IS-IS
protocol.
OSPF
Open Shortest Path First. Link-state, hierarchical IGP routing

algorithm proposed as a successor to RIP in the Internet community.
OSPF features include least-cost routing, multipath routing, and load
balancing. OSPF was derived from an early version of the IS-IS
protocol.
OUI
Organizational Unique Identifier. Three octets that are assigned by

the IEEE in a block of 48-bit LAN addresses.
Student Guide
G-3
Term
Definition
POP
Post Office Protocol. Protocol that client email applications use to

retrieve mail from a mail server.
RIP
Routing Information Protocol. IGP supplied with UNIX BSD systems.

The most common IGP in the Internet. RIP uses hop count as a
routing metric.
RIPng
Routing Information Protocol next generation
RIR
regional Internet registry
SLA
service level agreement.
SPF
shortest path first. Routing algorithm that iterates on length of path to

determine a shortest-path spanning tree. Commonly used in link-state
routing algorithms. Sometimes called Dijkstra's algorithm.
SSH
Secure Shell Protocol. Protocol that provides a secure remote

connection to a router through a TCP application.
STP
Spanning Tree Protocol. Bridge protocol that uses the spanning-tree

algorithm, enabling a learning bridge to dynamically work around
loops in a network topology by creating a spanning tree. Bridges
exchange BPDU messages with other bridges to detect loops, and
then remove the loops by shutting down selected bridge interfaces.
Refers to both the IEEE 802.1 Spanning Tree Protocol standard and
the earlier Digital Equipment Corporation Spanning Tree Protocol
upon which it is based. The IEEE version supports bridge domains
and allows the bridge to construct a loop-free topology across an
extended LAN. The IEEE version generally is preferred over the
Digital version.
SVI
switch virtual interface
ToS
type of service
UDP
User Datagram Protocol. Connectionless transport layer protocol in

the TCP/IP protocol stack. UDP is a simple protocol that exchanges
datagrams without acknowledgments or guaranteed delivery,
requiring that error processing and retransmission be handled by
other protocols. UDP is defined in RFC 768.
VLSM
variable-length subnet mask. Capability to specify a different subnet

mask for the same network number on different subnets. VLSM can
help optimize available address space.
G-4

ICND120SG Vol2

Uploaded by

Document Informationclick to expand document informationCCNA

Document Informationclick to expand document information

Copyright:

Available Formats

ICND120SG Vol2

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ICND120SG Vol2

Uploaded by

Copyright:

Available Formats

ICND1

Asia Pacific Headquarters

2013 Cisco Systems, Inc.

Implementing VLANs and Trunks

Issues in a Poorly Designed Network

Routing Between VLANs

Using a Cisco Network Device as a DHCP Server

Introducing WAN Technologies

Introducing Dynamic Routing Protocols

Purpose of Dynamic Routing Protocols

Distance Vector and Link-State Routing Protocols

Configuring Single-Area OSPF

Configuring IPv6 Routing

Interconnecting Cisco Networking Devices, Part 1

2013 Cisco Systems, Inc.

Interconnecting Cisco Networking Devices, Part 1

2013 Cisco Systems, Inc.

Implementing VLANs and

Implement and verify VLANs

Issues in a Poorly Designed Network

Issues in a Poorly Designed Network

Large broadcast domains

Management and support

2013 Cisco Systems, Inc.

Interconnecting Cisco Networking Devices, Part 1

2013 Cisco Systems, Inc.

2013 Cisco Systems, Inc.

VLAN = logical network

VLANs address these needs:

2013 Cisco Systems, Inc.

Interconnecting Cisco Networking Devices, Part 1

2013 Cisco Systems, Inc.

Trunking with 802.1Q

Trunking with 802.1Q

2013 Cisco Systems, Inc.

Trunking with 802.1Q (Cont.)

2013 Cisco Systems, Inc.

2013 Cisco Systems, Inc.

Trunking with 802.1Q (Cont.)

2013 Cisco Systems, Inc.

Interconnecting Cisco Networking Devices, Part 1

2013 Cisco Systems, Inc.

Trunking with 802.1Q (Cont.)

Dest Src Tag Type Data FCS

2013 Cisco Systems, Inc.

Trunking with 802.1Q (Cont.)

Native VLAN Untagged

2013 Cisco Systems, Inc.

The default native VLAN is VLAN 1.

4-10 Interconnecting Cisco Networking Devices, Part 1

2013 Cisco Systems, Inc.

Adds VLAN 2 and names it "Sales"

2013 Cisco Systems, Inc.

The table lists the commands to use when adding a VLAN.

(Optional) Specifies the VLAN name, which is an ASCII string from 1 to 32

2013 Cisco Systems, Inc.

Creating a VLAN (Cont.)