Network Handout PDF

Download as pdf or txt
Download as pdf or txt
You are on page 1of 91

Wipro Network L1

(CCNA) Handout
Networking Level – 1
CONTENT

Section 1 Basics of Networking

Section 2 OSI Reference Model

Section 3 Ethernet Technology

Section 4 Networking devices like HUB, SWITCH, ROUTER

Section 5 Switching

Section 6 Spanning Tree Protocol

Section 7 IPV4 Address and Subnet

Section 8 Router Components

Section 9 Cisco IOS Configuration

Section 10 Cisco Advanced IOS Configuration

Section 11 Routing Fundamentals

Section 12 Static Routing

Section 13 Routing Information protocol (RIP)

Section 14 Enhanced Interior Gateway Routing Protocol (EIGRP)

Section 15 Open Shortest Path First (OSPF)

Section 16 Virtual LAN (VLAN)

Section 17 Access Control Lists (ACL)

Section 18 WAN Wide Area Network

Section 19 PPP and HDLC

Section 20 Frame Relay

Section 21 Network Address Translation (NAT)


For internal purpose | Confidential 2
Section 1

Basics of Networking

Network

Network can be said as devices connected together to share information, resources and Services.
Some types of data or services that can be shared on a network are documents, music, email,
websites, databases, printers, faxes, telephony, videoconferencing, etc.

As network grows, Traffic also increases and the flow becomes inefficient and overloaded. Devices
like Router, Switch and bridges perform segmentation to manage the traffic flow.

Protocols are set of rules, which define the method by which devices share data and services.

Basic Network Types

Networks are generally broken down into five types:

LAN (Local Area Networks) - a high-speed network that covers a relatively small geographic area.

WAN (Wide Area Networks) – A WAN is a collection of networks that spans large geographical
locations, usually to interconnect multiple LANs.

MAN (Metropolitan Area Network). A MAN is defined as a network that spans several LAN‟ s
across a city-wide geographic area.

CAN (Campus Area Network). A CAN is defined as a network that confines within a campus
area.

PAN (Personnel Area Network) - A personal area network (PAN) is the interconnection of
information technology devices within the range of an individual person. Example: like connecting
Mobile, PDA to LAPTOP.

Network Types:

• Peer-to-Peer networks
• Client/Server networks
• Mainframe/Terminal networks

For internal purpose | Confidential 3


When using a peer-to-peer architecture, all hosts on the network can both request and service
data. For example, configuring two Windows XP workstations to share files would be considered
a peer-to-peer network.
Disadvantages of this type are that the data is spread across multiple devices, making it difficult
to manage and back-up that data. And more ever, security becomes non manageable, as you must
configure individual permissions and user accounts on each host. And this is not a Scalable
solution for enterprise, but can be used for very small networks.

When using client/server architecture, hosts are assigned specific roles. Clients request data
and services stored on Servers. Example: Connecting Windows XP workstations to a Windows
2003 Domain.
Advantage is that the data is now centrally located on a server or servers, and hence only one or
few entities to manage, back-up, and secure the data and is more scalable.
The Disadvantage here is being a single point of failure, but this can be overcome by using
Clustering.

Mainframe/terminal architecture is often referred to as a thin client environment, a single


device (the mainframe) stores all data and services for the network. This is similar to client/Server
Architecture but the mainframe performs all processing functions for the dumb terminals (or
thin-clients) that connect to the mainframe. The thin clients perform no processing whatsoever,
but serve only as input and output devices into the mainframe.

For internal purpose | Confidential 4


Section 2
OSI Reference Model

The Open Systems Interconnection (OSI) model was developed in early 1970‟ s and
formulated in 1983 by the International Organization for Standardization (ISO). It was the first
networking model, and provided the framework governing how information is sent across a
network. It is a set of guidelines for communicating between two end users.

The OSI Model consists of seven layers, each corresponding to a particular network function:

Layer 7 Application
Layer 6 Presentation
Layer 5 Session
Layer 4 Transport
Layer 3 Network
Layer 2 Data Link
Layer 1 Physical

A more practical model was developed by the Department of Defense, and became the basis for
the TCP/IP protocol suite.

The Upper Layers:


The top three layers of the OSI model are often referred to as the upper Layers. The protocols
used here are generally implemented in software.

The Application layer (Layer 7) provides the actual interface between the user application
and the network. This is the layer where user directly interacts. This layer ensures that the
remote communication peer is available and agrees upon the data integrity, privacy etc. Examples
of application layer protocols include:
• FTP (via an FTP client)
• HTTP (via a web-browser)
• SMTP (via an email client)
• Telnet

The Presentation layer (Layer 6) controls the formatting of user data, whether it is text,
video, sound, or an image. The presentation layer ensures that data from the sender to receiver
are in understandable format. This layer also performs encryption and compression of data.
Examples of presentation layer formats include:
• Text (RTF, ASCII, EBCDIC)
• Music (MIDI, MP3, WAV)
• Images (GIF, JPG, TIF, PICT)
• Movies (MPEG, AVI, MOV)

For internal purpose | Confidential 5


The Session layer (Layer 5) establishes, maintains, and finally terminates connections between
devices. Sessions can be full-duplex or half-duplex. Sessions might be for just a second for sending
one message or for longer duration. Each session to related to certain ports which might be static
or dynamic (Static ports are defined as well-known ports)

The four layers below the upper layers are referred as the lower Layers.

The Transport layer (Layer 4) is concerned with the reliable transfer of data, end-to-end.
This layer ensures transporting data in two methods that is Connection-oriented (reliable) or
Connectionless (Unreliable).

Two types of transport layer communication:

Connection-oriented - parameters must be agreed upon by both parties before a


connection is established.
Connectionless – no parameters are established before data is sent.

Parameters that are negotiated by connection-oriented protocols include:

Flow Control (Windowing) – Dictating how much data can be sent between
acknowledgements
TCP uses a series of acknowledgements enforcing flow control. When a router receives a packet,
it sends an acknowledgement back to the sender. If the sender does not receive acknowledge the
segment will be resent and reassembled in the correct order at the receiver.

Congestion Control:
This prevents the receiver‟ s buffer from being overloaded, since packets that are not received
due to a full buffer are not acknowledged.

Error-Checking:
The transport layer does not actually send data. Instead, it segments data into smaller pieces for
transport. Each segment is assigned a sequence number, so that the receiving device can
reassemble the data on arrival.

Examples of transport layer protocols include Transmission Control Protocol (TCP) and User
Datagram Protocol (UDP).

Three Way Handshake:

Steps involved in this are:


1. The sender requests SYN with the receiver,

For internal purpose | Confidential 6


2. The request is acknowledged by sending ACK and rules are agreed upon. The receiver
then requests SYN with the sender (bi directional).
3. The sender acknowledges the connection and the connection is established through with
data can be transferred.

Windowing:
The term refers to data sent during the time after the sender sent a packet, but before it completes
processing the acknowledgement it receives.

Size of window means the number of packets the sender can transmit before it must wait for an
acknowledgement. Sliding windows is nothing but changing the window size dynamically based on
the traffic.

Example: Transport control Protocol (TCP) and User Datagram Protocol (UDP). Sequenced
Packet Exchange (SPX) is the transport layer protocol in the IPX protocol suite.

TCP Header

Field Length Description

Source Port 16 bits Source TCP Port


Destination Port 16 bits Destination TCP Port
Sequence Number 32 bits Initial Sequence Number
Ack Number 32 bits Acknowledgement Number
Data Offset 4 bits Indicates where the data begins in a TCP segment
Reserved 6 bits Always set to 0
Control Bits 6 bits URG, ACK, PSH, RST, SYN and FIN flags
Windows 16 bits Used for Flow Control
Checksum 16 bits Used for Error-Checking
Urgent Pointer 16 bits
Options Variable
Padding Variable To ensure the TCP header ends at a 32 bit boundary

For internal purpose | Confidential 7


UDP – User Datagram Protocol:

UDP is considered as Connectionless Unreliable Protocol as there is no Handshake before


transmission. No acknowledgement are sent or received. It does not guarantee delivery only Best
effort. There is no Windowing or flow control.

UDP Header

Field Length Description

Source Port 16 bits Source UDP Port


Destination Port 16 bits Destination UDP Port
Length 16 bits Length of the header and the data
Checksum 16 bits Used for Error-Checking

TCP and UDP use ports to identify the different types of service,

TCP/UDP ports Numbers

TCP FTP

TCP SSH

23 TCP TELNET
25 TCP SMTP
53 UDP DNS
80 TCP HTTP
110 TCP POP3
443 TCP SSL
666 TCP DOOM

The Network layer (Layer 3) has two key responsibilities. First, this layer controls the logical
addressing of devices. Logical addresses are organized as a hierarchy, and are not embedded on
devices. And also the network layer determines the best path to a particular destination network,
and routes the data appropriately.
Examples: Internet Protocol (IP) and Internetwork Packet Exchange (IPX).
For internal purpose | Confidential 8
Routed Protocol means the one which are routed like IP and Routing Protocol means the
one which determine the path by exchanging the routes.

The Data-Link layer (Layer 2) actually consists of two sub-layers:


Logical Link Control (LLC) sub-layer
Media Access Control (MAC) sub-layer
The LLC sub-layer serves as the intermediary between the physical link and all higher layer
protocols. It ensures that protocols like IP can function regardless of what type of physical link is
being used. It is also used for flow-control and error-checking, with the help of transport layer
protocol such as TCP or UDP.
The MAC sub-layer controls access to the physical medium, serving as mediator if multiple devices
are trying to utilize the same physical link. Specific technologies have various methods of
accomplishing this.
Example: Ethernet uses CSMA/CD, Token Ring utilizes a token.

A frame contains a source and destination hardware or physical address. Hardware addresses
usually contain no hierarchy, and are often hard-coded on a device. Each device must have a
unique hardware address on the network.

As data is passed from the Application layer down the virtual layers of the OSI model, each of
the lower layers adds a header/Trailer containing protocol information specific to that layer.
These headers are called Protocol Data Units (PDUs), and the process of adding these headers
is called encapsulation.

Order of Encapsulation:

Layer 7 Application Data


Layer 6 Presentation Data
Layer 5 Session Data
Layer 4 Transport Segment
Layer 3 Network Packet
Layer 2 Data Link Frame
Layer 1 Physical Bits

OSI Reference Model Example

The following illustrates the OSI model in more practical terms, using a FTP request as an example:

For internal purpose | Confidential 9


• At the Application layer, a web browser serves as the user interface for accessing FTP sites.
Specifically, FTP interfaces between the web browser and the FTP server.

• The format of the data being accessed is a Presentation layer function. Common data formats
on the Internet include HTML, XML, PHP, GIF, JPG, ASCII etc. Additionally, any encryption or
compression mechanisms used on a FTP page are a function of this layer.

• The Session layer establishes the connection between the Requestor and FTP Server. It
determines whether the communication is half-duplex or full-duplex.
Since FTP is the protocol used it takes the help of TCP for connection oriented data transfer.

• The TCP protocol ensures the reliable delivery of data from the FTP server to the client. These
are functions of the Transport layer.
Here before sending the Data three-way handshake is performed for which it takes the help of
IP to send the SYN packet to the destination. Get the SYN, ACK packet from the destination
and send back ACK packet before sending the FTP request data.
• The logical in this case, IP addresses configured on the client and FTP server are a Network
Layer function. Additionally, the routers that determine the best path from the client to the FTP
server operate at this layer.
The network layer takes the help of Data link layer to identify the Layer 3 to Layer 2 mapping
using ARP
Note: ARP is used when the devices wants to map a Known IP to an Unknown MAC Address.
When devices learn MAC address it builds & maintains an ARP Cache table. The devices lookup
these ARP cache for proper MAC Address, if not found sends an ARP Broadcast with the Known
IP Address and for which gets an ARP Reply from the destination with the required MAC Address.

• IP addresses are translated to hardware addresses at the Data-Link layer.

• The actual cabling, network cards, hubs, and other devices that provide the physical connection
between the client and the web server operate at the Physical layer.

For internal purpose | Confidential 10


Section 3
Ethernet Technology

Ethernet has become the standard technology used in LAN networking. It is a transmission
method where each host on the network shares bandwidth on the link. There are different IEEE
categories of Ethernet:
802.3 - Ethernet (10 Mbps)
802.3u - Fast Ethernet (100 Mbps)
802.3z or 802.3ab - Gigabit Ethernet (1000 Mbps)

10base2 Coaxial - thinnet 10 Mbps 185 meters

10base5 Coaxial - thicknet 10 Mbps 500 meters

10baseT Twisted - pair 10 Mbps 100 meters

100baseT Twisted - pair 100 Mbps 100 meters

1000baseSX Fiber multi-mode 1 Gbps >500 meters

1000baseLX Fiber single-mode 1 Gbps > 3 km

Half-Duplex
Half duplex, devices can either transmit or receive data, but not simultaneously. Devices connected
to a hub operate at half-duplex

Full-Duplex
Full-duplex allows devices to both transmit and receive at the same time. Devices connected to a
switch can operate at full-duplex.

Twisted-Pair Cabling
Twisted-pair cable contains 2 or 4 pairs of wire, which are twisted around each other to reduce
crosstalk. Crosstalk is a form of electromagnetic interference EMI that reduces the strength and
Quality of the signal. Twisted-pair cabling can be either shielded or unshielded.

Various categories of twisted-pair cable, identified by the number of twists per inch.

• Category 3 (three twists per inch)


• Category 5 (five twists per inch)
• Category 5e (five twists per inch, pairs are twisted around each other)

For internal purpose | Confidential 11


Types of twisted Pair cables:

Straight-through Cable

Straight cables are used to connect


Host to a hub or switch
Router to a hub or switch

Crossover Cable

Crossover cables are used to connect


Host to a host
Hub to a hub
Switch to a switch
Hub to a switch
Router to a router

For internal purpose | Confidential 12


Rollover Cable

Rolled over cables are used to connect


PC into a Cisco router or Switch console or auxiliary port.

For internal purpose | Confidential 13


Section 4

NETWORKING DEVICES LIKE HUB, SWITCH, ROUTER

Before knowing the difference between different networking devices, let us define two terms
Broadcast Domain and Collision Domain.

Broadcast Domain:

It‟ s a set of networking devices that will receive all broadcasts sent on that segment. Broadcast
message will not have a specific destination, and will be received by each single device. If too many
devices are there in the broadcast domain, congestion can occur.

Collision Domain:

Any part of the network where there is a possibility that packets from two or more nodes will
interfere with each other is considered to be part of the same collision domain.
A network with a large number of nodes on the same segment will often have a lot of collisions
and therefore a large collision domain.

Hubs are Layer 1 devices that physically connect network devices together for communication.
Hubs do not look at the Data-Link header, and thus cannot make intelligent forwarding decisions
based on MAC address. Thus, hubs will always forward every frame, including unicasts, out every
port, excluding the port that frame originated from. Hubs are basically multiport repeaters. Hub
cannot be used to break up a broadcast domain or a collision domain.

Repeaters are used to regenerate an electrical signal to allow the signal to travel long distance.

Bridges are used to break up collision domains but not broadcast domain.

Switches are basically a highly intelligent bridge. Switches also offer many more ports than a
bridge. Switches break up collision domains by logically placing hosts into their own, smaller
collision domains. Consider an Ethernet network with 50 hosts. Using CSMA/CD, if one host is
transmitting then the other 49 hosts cannot transmit. Switches can be used to create virtual
networks, each containing a smaller amount of hosts. In a network of 10 hosts if switches are
used and if one host is transmitting data would not affect the other nine users in that virtual
network. The chance of collisions decreases as well. Both Bridges and Switches operate at
Layer 2 of OSI model.

Router breaks up a broadcast domain due to one simple rule: routers do not forward broadcasts.
Routers also break up collision domains, but not by default. Router operate at Layer 3 of OSI
model

For internal purpose | Confidential 14


In the above example, there are THREE broadcast domains, and FIVE separate collision
domains. In this all ports coming from Router creates a separate broadcast AND collision domain
and each port of a switch creates a separate collision domain but whereas Hubs belong to only
one collision domain.

For internal purpose | Confidential 15


Section 5

SWITCHING

Switches build CAM (Content Addressable memory) tables, to make intelligent forwarding
decisions on frames. The MAC address table maintains a list of MAC addresses and the switch
port each MAC is associated with.
When a Layer-2 switch is first powered on, it behaves much like a hub. The switch will flood
every frame, including unicasts, out every port except for the port the frame was received on.
The switch will then build a MAC address table by looking at the source MAC address of each
frame.
Layer-2 switches will forward a broadcast or multicast out every port, except for the port the
broadcast or multicast was received on.
Only Layer-3 devices can break apart broadcast domains. Because of this, Layer-2 switches are
not well suited for large, scalable networks. Layer-2 switches make forwarding decisions solely
based on Data-Link layer MAC addresses, and cannot differentiate different networks for which
Routers are must.

The three main functions of Switch are:


• Address Learning
• Intelligent forwarding and filtering
• Loop Avoidance

Device MAC Address Port


Comp-A aaaa.aaaa.aaaa E0
Comp-B bbbb.bbbb.bbbb E1

In the above diagram, Comp-A is attached to interface E0 and Comp-B is attached to interface
E1. When Comp-A sends a frame to Comp-B, the switch will add Comp-A‟ s MAC address to
For internal purpose | Confidential 16
its table and associate it with port E0. Since the Switch does not have the MAC of Comp-B in its
CAM table it will send a flood the frame out all ports except on which it was received, for which
it will get a reply from only Comp-B. Once it receives a frame from Comp-B, the switch will add
Comp-B‟ s MAC address to its table and associate it with port E1. In future any frame Comp-A
to Comp-B will be sent out only from port E0 through E1.
A switch is always in a perpetual state of learning. However, as the MAC address table becomes
populated, the flooding of frames will decrease, allowing the switch to perform more intelligent
forwarding decisions.
These forwarding decisions are made at wire speed, due to specialized hardware circuits called
ASICs (Application-Specific Integrated Circuits).

Switching Methods:
Switches support three methods of forwarding frames.

Cut-Through method reads only the header of a frame to determine its destination address.
This method transfers frames at wire speed, and has the least latency. No error checking is
attempted when using the cut-through method.

FragmentFree - Modified Cut-Through method reads only the first 64 bytes of a frame,
which is minimize size of an Ethernet packet. Most collisions or corruption occurs in the first 64
bytes of a frame.

Store-and-Forward method reads the entire frame, and performs a Cycle Redundancy Check (CRC) to
ensure complete reliability. However, this additional error-checking causes store-and-forward to have the
highest latency of any of the switching methods.

For internal purpose | Confidential 17


Section 6
Spanning Tree Protocol
Switching Loops

By default, a switch will forward a broadcast or multicast out all ports, except for the port the
broadcast or multicast was received on.
When a loop is introduced into the network, a highly destructive broadcast storm can
develop within seconds. Broadcast storms occur when broadcasts are endlessly switched
through the loop, choking off all other traffic.

If the computer connected to Switch 3 sends out a broadcast, the switch will forward the
broadcast out all ports, including the ports connecting to Switch 1 and Switch 4. Those
switches, likewise, will forward that broadcast out all ports, including to their neighboring
switches.
The broadcast will loop around the switches infinitely. In fact, there will be two separate
broadcast storms cycling in opposite directions through the switching loop. Only
powering off the switch or physically removing the loop will stop the storm. Along with
this it creates problems like Inconsistency in CAM table and multiple frame copies to the
gateway. To avoid all these Spanning tree Protocol is used.

MAC Address Default Priority Bridge ID


Switch 1 aaaa.aaaa.aaaa 32768 32768:aaaa.aaaa.aaaa
Switch 2 bbbb.bbbb.bbbb 32768 32768:bbbb.bbbb.bbbb
Switch 3 cccc.cccc.cccc 32768 32768:cccc.cccc.cccc
Switch 4 dddd.dddd.dddd 32768 32768:dddd.dddd.dddd
18
STP enabled switches communicate to form a topology of the entire switching network,
and then blocks a port if a loop exists. The blocked port can be reactivated if another link
on the switching network goes down, thus preserving fault-tolerance.
STP switches send BPDU’s (Bridge Protocol Data Units) to each other to form their
topology databases. BPDU‟ s are sent out all ports every two seconds, are forwarded
to a specific MAC multicast address: 0180.c200.0000.

STP Process

To maintain a loop-free environment, STP performs the following functions:


• A Root Bridge is elected
• Root Ports are identified
• Designated Ports are identified
• If a loop exists, a port is placed in Blocking state or Non Designated port. If the loop is removed
the blocked port is activated again.

Step 1: Root Bridge

Elect a Root Bridge, which serves as the centralized point of the STP topology. Good design
practice dictates that the Root Bridge be placed closest to the center of the STP topology.
The Root Bridge is determined by a switch‟ s priority. The default priority is 32,768, and
the lowest priority wins. In case of a tie in priority, the switch with the lowest MAC
address will be elected root bridge. The combination of a switch‟ s priority and MAC
address make up that switch‟ s Bridge ID.
In the above example:
Switches 1 to 4 have the default priority set. However, Switch 1 will become the root bridge,
as it has the lowest MAC address.
Switches exchange BPDU‟ s to perform the election process. By default, all switches believe
they are the Root Bridge, until a switch with a lower Bridge ID is discovered.
Root Bridge elections are a continuous process. If a new switch with a lower Bridge ID is
added to the topology, it will be elected as the new Root Bridge.

Step 2: Root Port

Root Ports are the port on each switch that has the lowest path cost to get to the Root Bridge.
Each switch has only one Root Port, and the Root Bridge cannot have a Root Port.
Path Cost is a cumulative cost based on the bandwidth of the links. The higher the bandwidth,
the lower the Path Cost:
Bandwidth Cost
4 Mbps 250
10 Mbps 100
16 Mbps 62
100 Mbps 19

For internal purpose | Confidential 19


1 Gbps 4
10 Gbps 2

Assume the links between all switches are 100Mbps Ethernet, with a Path Cost of 19.
Each switch will identify the port with the least cumulative Path Cost to get to the Root
Bridge. For Switch 2, the port leading up to Switch 1 has a Path Cost of 19, and becomes
the Root Port. For Switch 3, the port leading up to Switch 1 has a Path Cost of 19, and
becomes the Root Port.
For Switch 4, the port leading up to Switch 1 via Switch 2 and Switch 3 has a Path Cost
of 38, but the lowest senders (either Switch 2 or Switch 3) Bridge ID becomes the tie
breaker and hence for Switch 3, the port leading up to Switch 1 via switch 2 becomes
the Root Port.

Step 3: Designated Ports


Designated Ports are identified for each network segment and requires a Port, which has
the lowest path cost leading to the Root Bridge. This port will not be placed in a blocking
state. A port cannot be both a Designated Port and a Root Port.

Ports on the Root Bridge are never placed in a blocking state, and hence all ports originating
from Root bride will become Designated Ports for directly attached segments.
For the network segments between Switches 1 and 3, and between Switches 1 and 2,
Switch 1‟ s port will become the designated port. But for the network segments between
Switches 2 and 4, and between Switches 3 and 4, both require a Designated Port. The
ports on Switch 2 and Switch 3 have the lowest Path Cost to the Root Bridge for the two
respective segments, and thus both become Designated Ports.

Step 4: Non Designated Port:

The segment between Switch 3 and Switch 4 does not contain a Root Port but one of the
ports must be elected the Designated Port for that segment, and Switch 3 have the lowest
Path Cost to the Root Bridge and hence become designated port, the other must be
placed in a blocking state.

Electing Root Port if the Bridge ID and the Port Cost is same

For internal purpose | Confidential 20


In case if the bandwidth of two links are equal as above, then both of Switch 2‟ s interfaces
have an equal path cost to the Root Bridge. The tiebreaker to elect Root Port should be
the lowest bridge ID but if that is same then in these circumstances, Port ID will be used
as the tiebreaker. An interface‟ s Port ID consists of two parts - a 6-bit port priority
value, and the MAC address for that port. Whichever interface has the lowest Port ID
will become the Root Port.

STP Port States

Switch ports participating in STP progress through five port states:

Blocking – The default state of an STP port when a switch is powered on, Ports in a
blocking state do not forward frames or learn MAC addresses. It will still listen for BPDUs
from other switches.

Listening – A port will progress from a Blocking to a Listening state only if the switch
believes that the port will not be shut down to eliminate a loop. The port will listen for
BPDU‟ s to participate in the election of a Root Bridge, Root Ports, and Designated
Ports. Ports in a listening state will not forward frames or learn MAC addresses.

Learning – After a brief period of time, called a Forward Delay, a port in a listening
state will be elected either a Root Port or Designated Port, and placed in a learning state.
Ports in a learning state listen for BPDUs, and also begin to learn MAC addresses.
However, ports in a learning state will still not forward frames.

Forwarding – After another Forward Delay, a port in learning mode will be placed in
forwarding mode. Ports in a forwarding state can send and receive all data frames, and
continue to build the MAC address table. All designated, root, and non-uplink ports will
eventually be placed in a forwarding state.

Disabled – A port in disabled state has been administratively shut down, and does not participate
in STP or forward frames at all.

On average, a port in a blocking state will take approx. 50 seconds to reach a forwarding state.
For internal purpose | Confidential 21
STP Timers

• Hello Timer – Default is 2 seconds. Indicates how often BPDU‟ s are sent by switches.

• Forward Delay – Default is 15 seconds. This timer indicates a delay period in both the
listening and learning states of a port, for a total of 30 seconds.

• Max Age – Default is 20 seconds. Indicates how long a switch will keep BPDU information
from a neighboring switch before discarding it.

Section 7

IPV4 Address and Subnet

There are two types of Addressing Hardware Addressing and Logical Addressing,

Hardware Addressing
The hardware address is used by devices to communicate on the local network. Hardware
addressing is a function of the data-link layer of the OSI model (Layer-2). The hardware
address for Ethernet networks is the MAC address, a 48-bit hexadecimal address that is
usually hardcoded on the network card. The first six hexadecimal digits of a MAC identify
the manufacturer of the network card (referred to as the OUI (Organizational Unique
Identifier)), and the last 6 digits identify the host device (referred to as the host ID).

MAC addresses can be represented as below in HEX,


00:00:AB:AB:11:12 or 0000.ABAB.1112

Logical Addressing
Logical addressing is a function of the network layer-3 of the OSI Model. Logical addresses
provide a hierarchical structure to separate networks. A logical address identifies not only
a unique Host ID, but also the network that host belongs to. Additionally, logical addresses
are rarely hard-coded onto hosts, and can be changed freely.

IPv4 Addressing
An IP address is separated into four octets and represented in decimal as 192.168.10.
Each octet is 8 bits long, resulting in a 32-bit IP address. A computer understands an IP
address in its binary form; the above address in binary would look as follows:
11000000.10101000.00001010.00000001

In the above IP address one part identifies the network and the other part address identifies
the host. A subnet mask helps make this distinction.

Consider the following: IP Address: 192.168.10.1 Subnet Mask: 255.255.255.0


For internal purpose | Confidential 22
• If a binary bit is set to a 1 (or on) in a subnet mask, the corresponding bit in the address
identifies the network.
• If a binary bit is set to a 0 (or off) in a subnet mask, the corresponding bit in the address
identifies the host.
Looking at the above address and subnet mask in binary:
Address: 11000000.10101000.00001010.00000001
Subnet Mask: 11111111.11111111.11111111.00000000
The first 24 bits of the subnet mask are set to 1. Thus, the first 24 bits 192.168.10 of the
address 192.168.10.1 identify the network. The last 8 bits of the subnet mask are set to
0. Thus, the last 8 bits .1of the address 192.168.10.1identify the unique host on that
network.

Hosts on the same logical network will have identical network addresses, and can communicate
freely. For example, the following two hosts are on the same network:
Host A: 192.168.10.1 255.255.255.0
Host B: 192.168.10.2 255.255.255.0
Both share the same network address of 192.168.10., which is determined by the 255.255.255.0
subnet mask.

Hosts that are on different networks cannot communicate without an intermediating device.
For example:
Host A: 192.168.10.1 255.255.255.0
Host B: 192.168.11.1 255.255.255.0

IP Address Classes
The IPv4 address has three classes of Addresses. The value of the first octet of an address
determines the class of the network:

Class Address Range Default Subnet Mask


Class A 1 - 127 255.0.0.0
Class B 128 - 191 255.255.0.0
Class C 192 - 223 255.255.255.0

Class A networks range from 1 to 127. The default subnet mask is 255.0.0.0; thus, by
default, the first octet defines the network, and last three octets define the host. This
results in a maximum of 127 Class A networks, with 16,777,214 hosts per network.
Class A address: Address: 10.0.0.1, Subnet Mask: 255.0.0.0

Class B networks range from 128 to 191. The default subnet mask is 255.255.0.0; thus,
by default, the first two octets define the network, and the last two octets define the host.

For internal purpose | Confidential 23


This results in a maximum of 16,384 Class B networks, with 65,534 hosts per network.
Class B address: Address: 172.16.12.195, Subnet Mask: 255.255.0.0

Class C networks range from 192 to 223. The default subnet mask is 255.255.255.0;
thus, by default, the first three octets define the network, and the last octet defines the
host. This results in a maximum of 2,097,152 Class C networks, with 254 hosts per
network. Class C address: Address: 192.168.10.1, Subnet Mask: 255.255.255.0

CIDR (Classless Inter-Domain Routing)

Classless Inter-Domain Routing (CIDR) is another of representing a subnet mask. CIDR


identifies the number of binary bits set to a 1 (or on) in a subnet mask, preceded by a slash.

Consider the following subnet mask: 255.255.255.224

Looking at the above subnet mask in binary:


11111111.11111111.11111111.11100000

The first 28 bits of the above subnet mask are set to 1. To represent this in CIDR notation: /27

Subnet and Broadcast Addresses

Two addresses have been reserved on each network for special use. Each network must
have a subnet / network address, and a broadcast address. Neither of these addresses can
be assigned to a host device. The subnet address is used to identify the network itself.
Routing tables contain lists of networks, and each network is identified by its subnet
address.

Subnet addresses contain all 0 bits in the host portion of the address.
Example the following is a subnet address: 192.168.1.0/24

The broadcast address identifies all hosts on a particular network. A packet sent to the
broadcast address will be received and processed by every device on that network.
Broadcast addresses contain all 1 bits in the host portion of the address. Example, the
following is a broadcast address: 192.168.1.255/24

Broadcasts are one of three types of IP packets:


• Unicasts are packets sent from one host to another host
• Multicasts are packets sent from one host to a group of hosts
• Broadcasts are packets sent from one host to all other hosts on the local network

For internal purpose | Confidential 24


Subnetting

Subnetting is the process of dividing Major Network into smaller networks or subnets by taking
bits from the host portion of a subnet mask.

Consider the following Class C network: 192.168.10.0

The default subnet mask for this network is 255.255.255.0. This single network can be
subnetted into multiple networks. For example, assume a minimum of 14 new networks
are required. Resolving this is possible using the following magical formula:

2n – 2, where n identifies the number of bits to be considered from the host portion of the subnet
mask.

By default in Class C Subnet mask of 255.255.255.0 binary:


11111111.1111111.1111111.00000000

There are a total of 24 bits set to 1, which are used to identify the network.

There are a total of 8 bits set to 0, which are used to identify the host, and these host bits
can be considered for Subnets.
Taking bits from host essentially means changing host bits from 0 or off to 1 or on.

Network bits in a subnet mask must always be sequential, skipping bits is not allowed.

Consider the result if four bits are taken. Using the formula:

2n – 2= 24 – 2 = 16 – 2 = 14 new networks created with subnet mask


11111111.11111111.11111111.11110000 = 255.255.255.240.

To determine the number of hosts in each network, the same formula can be used: 2n – 2

2n – 2= 24 – 2 = 16 – 2 = 14 Valid hosts per network

Thus, subnetting a Class C network with a /28 mask creates fourteen new networks, with
fourteen usable hosts per network.

Determining the Range of Subnetted Networks:

Calculating the ranges of subnetted networks can be quickly calculated using shortcut
method by taking the subnet mask 255.255.255.240 and subtracting the subnetted octet
that is, 240 from 256.

256 – 240 = 16

For internal purpose | Confidential 25


Assuming ip subnet-zero is enabled; the first network will begin at 0. Then, simply continue adding
16 to list the first address of each new network:

0 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240

Knowing the first address of each new network makes it simple to determine the last address
of each network:

First Address 0 16 32 48 64 80 96 112 128 144 160 176 192 208 224
240
Valid Host 1 17 33 49 65 81 97 113 129 145 161 177 193 209 225 241
Range 14 30 46 62 78 94 110 126 142 158 174 190 206 222 238 254
Last Address 15 31 47 63 79 95 111 127 143 159 175 191 207 223 239 255

The last address of each network becomes the broadcast address for that network.

Note: There is a specific purpose for the „– 2‟ portion of the 2n – 2formula. Earlier it
was not acceptable to use an address that contained all 0 or all 1 bits in the network
portion of the address.

However, this is no longer true on modern systems. Specifically, on Cisco IOS devices, the
following command is now enabled by default:
Router(config)# ip subnet-zero

The ip subnet-zero commands allows for the use of networks with all „0‟ or all „1‟
bits in the network portion of the address. Thus, the formula for calculating the number
of new network is slightly altered, to simply 2n.

Hence if four bits are considered for networks: then it would be 2n = 24 = 16 networks.

A public address is a unique address on the internet and can be routed on the Internet. Hence
devices that should be Internet accessible must be configured with public addresses.

A private address is only used within an organization, and can never be routed on the internet.
Three private addressing ranges were allocated, one for each IPv4 class:

Class Range
Class A 10.0.0.0 – 10.255.255.255
Class B 172.16.0.0 – 172.31.255.255
Class C 192.168.0.0 – 192.168.255.255
Diagnostic Purposes - Loop Back Testing 127.0.0.0 – 127.255.255.255
Automatic Private IP Addressing (APIPA) 169.254.0.0 – 169.254.255.255

For internal purpose | Confidential 26


Section 8
Router Components

Router Memory Components

Cisco routers and switches generally contain four types of memory:

• ROM (Read-Only Memory)

• Flash

• NVRAM (Non-Volatile RAM) • RAM (Random-Access Memory)

Boot Sequence:

ROM contains a bootstrap program called ROM Monitor also referred as ROMmon.
When a router is powered on, the bootstrap runs a hardware diagnostic called POST
(Power-On Self Test). If POST completes successfully, the bootstrap then attempts to
locate an IOS based on the configuration file present in NVRAM, wherein we might have
Boot System command configured to locate a particular IOS (Internetwork Operating
System) file, if not it will load the Cisco IOS stored in Flash memory. Flash memory
can be erased or overwritten, thus making the Cisco IOS upgradeable. If the bootstrap
cannot find the IOS in Flash, a basic version of the IOS will be loaded from ROM. The
contents of ROM cannot be altered or erased; the entire ROM chip must be replaced if
an upgrade/repair is necessary. If the bootstrap does find the IOS in Flash, it is loaded into
RAM and attempts to find a Startup Configuration file in NVRAM. NVRAM is non-
volatile, thus its contents will survive a power-cycle. If the IOS cannot find a startup-config
file in NVRAM, it will attempt to load a configuration file from a TFTP server where in
the request is broadcasted to 255.255.255.255. If no TFTP server responds, the IOS will
enter Initial Configuration Mode, a series of interactive questions intended for quick
configuration of the router. If the IOS does find a startup-config file in NVRAM, this file is
loaded into RAM, and becomes the Running Configuration (running-config). RAM is a
volatile memory, and thus its contents will be lost if the router is power cycled.

Interfaces vs Lines

Cisco devices contain two different types of ports that are, interfaces and lines.

Interfaces connect routers and switches to each other. In other words, traffic is actually routed
or switched across interfaces. Some of the interfaces include:

• Serial interfaces
• Ethernet interfaces
• Fast Ethernet interfaces
• Token Ring interfaces
• ATM interfaces
For internal purpose | Confidential 27
• BRI/PRI interfaces

Interfaces are identified by both the type of interface, and the interface number which
usually begins with 0.Example: Ethernet 0, Serial 0 etc. There are other router families
such as the 3600 series which are modular, and have multiple slots for interfaces. In which
case, the interfaces on these routers are identified by both the module number and the
interface number. Example: The Second Serial interface on the first modular slot would
be identified as Serial0/1.

Lines identify ports that allow us to connect into, and then configure, Cisco devices. The most
common examples of lines include:

• Console ports
• Auxiliary ports
• VTY or telnet ports

Just like interfaces, lines are identified by both the type of line and the line number Example:
The first console port on a router would be identified as Console0.

Using Lines to Configure the IOS

All Cisco router or switch includes a console port, sometimes labeled on the device
simply as con. The console port is generally a RJ-45 connector, and requires a rollover
cable to connect to. The opposite side of the rollover cable connects to a PC‟ s serial
port using a serial terminal adapter.

From the PC, software such as HyperTerminal is required to make a connection from
the local serial port to the router console port. The following settings are necessary for
a successful connection:

• Bits per second - 9600 baud


• Data bits - 8
• Parity - None
• Stop bits - 1
• Flow Control - None

Cisco devices also include an auxiliary port, which is similarly to a console port, and can
be accessed using a rollover cable. Additionally, auxiliary ports support modem
commands, thus providing dial-in access to Cisco devices.
Telnet, and secured SSH, are the most common methods of remote access to routers
and switches. The standard edition of the IOS supports up to 5 simultaneous VTY
connections. Enterprise editions of the IOS support up to 255 VTY connections.

There are two requirements before a router/switch will accept a VTY connection:

For internal purpose | Confidential 28


• An IP address must be configured on an interface
• At least one VTY port must be configured with a password

For internal purpose | Confidential 29


Section 9
Cisco IOS Configuration

Cisco IOS

The Cisco IOS (Internetwork Operating System) is a command-line interface used


by nearly all current Cisco routers and Catalyst switches. The IOS provides the
mechanism to configure all Layer 2 and Layer 3 functions on Cisco devices.

IOS Version Numbers

IOS version numbers are represented as: x.y(z)t example: 12.4(3)

Router# show version

The Cisco IOS is stored in Flash on Cisco routers and Catalyst switches, in a .BIN file
format. It can be upgraded using one of several methods:

IOS Up gradation Methods

• Replacing the existing Flash stick


• Via a TFTP server
• Via Xmodem
• Via a PCMCIA slot (not supported by all Cisco devices)

The IOS .bin file stored in flash follows a specific naming convention. Observe the following IOS
image: c3640-advipservicesk9-mz.121-3.S.bin
C3640 advipservicesk9 M z 121 3 T
Cisco Feature Set Memory Compression Maintenance Minor identifier
H/w location format release release

IOS Modes on Cisco Devices

There are different modes as explained below:

By default the first mode you enter when logged into a Cisco device is User EXEC mode.
We can identify the User EXEC mode by the prompt “>” after the device hostname:

Router>

In this mode no configuration can be changed or viewed. Only basic status information can be
viewed from this mode.

For internal purpose | Confidential 30


Next mode is Privileged EXEC mode allows all configuration files, settings, and status
information to be viewed. We can identify the Privileged mode by the prompt “#” after
the device hostname:

Router#

To enter Privileged mode, type enable from User mode:

Router> enable

Router#

To return back to User mode from Privileged mode, type disable:

Router# disable

Router>

Only very little configuration can be done directly from Privileged mode.

The mode where we do most of the configuration is Global Configuration mode:

Router(config)#

To enter Global Configuration mode, type configure terminal from Privileged Mode:

Router# configure terminal

Router(config)#

To return back to Privileged mode, type exit:

Router(config)# exit

Router#

Further the GCM is sub sectioned as below

• Interface Configuration mode - Router(config-if)#


• Line Configuration mode - Router(config-line)#
• Router Configuration mode - Router(config-router)#

To configure an interface:

Router(config)# interface Fastethernet 0/0

Router(config-if)#
To configure a line:

For internal purpose | Confidential 31


Router(config)# line console 0

Router(config-line)#

Key Board Shortcuts when terminal editing feature is enabled:


CTRL-B Moves cursor one character backward
CTRL-F Moves cursor one character forward
CTRL-A Moves cursor to the beginning of the line
CTRL-E Moves cursor to the end of the line
ESC-B Moves cursor one work back
ESC-F Moves cursor one word forward
CTRL-P Returns previous commands from buffer
CTRL-N Returns next commands from buffer
CTRL-Z Exits to Privileged mode
TAB Completes the word
CTRL-C Exits from initial configuration mode

Commands and Description:


Command Description
Router# show history Displays previously entered commands
Router# ? Displays all available commands in that mode
Router# cl? Displays all commands which starts with cl
Router# clock ? Displays available options and Arguments for that
command
Router# show version Displays all info about the device including
Configuration register value
Router# show hardware Similar to show version
Router# show protocols Displays routed protocol information
Router# show ip protocols Displays routing protocol information
Router# show running-configure Displays the contents Active configuration or content of
RAM
Router# show startup-configure Displays startup configuration or content of NVRAM
Router# show terminal Displays information of Terminal and history size
Router# show ip interface brief Displays ip information of all interfaces
Router# show interface Fa0/0 Displays status if a specific interface
Router# show ip route Displays Routing table
Router# show process cpu Displays CPU usage and interrupts.
Router# show interfaces Displays information of all interfaces
For internal purpose | Confidential 32
Router# show controllers serial 0 Displays information about DCE / DTE and clock rate
interface brief
Router(config)# hostname R1 Changes the host name
Router(config-if)#description link Gives a description to the interface
is connected to TCL
Router(config)# banner motd # Creates a banner
Router# copy run start Copies content from RAM to NVRAM
Router# copy start run Copies content from NVRAM to RAM

Line Passwords and Configuration

Passwords can be configured on router lines, such as telnet (vty), console, and auxiliary ports.
To set or change the password for a console port and all telnet ports:

Router(config)# line console 0

Router(config-line)# login

Router(config-line)# password cisco

Router(config-line)# exec-timeout 0 0

Router(config-line)# logging synchronous

Router(config)# line vty 0 4

Router(config-line)# login

Router(config-line)# password cisco

Router(config-line)# exec-timeout 0 0

Router(config-line)# logging synchronous

The exec-timeout 0 0 command is optional, and disables the automatic timeout of your
connection. The two zeroes represent the timeout value in minutes and seconds,
respectively. Thus, to set a timeout for 5 minutes and 20 seconds:

Router(config-line)# exec-timeout 5 20

The logging synchronous command is also optional, and prevents system messages from
interrupting your command prompt.

Privilege mode Passwords and Configuration

Router(config)# enable password Cisco

For internal purpose | Confidential 33


Router(config)# enable secret cisco
The enable password command sets an unencrypted password and the enable secret
command sets an MD5-hashed password and is more secured. The enable password and
enable secret passwords cannot be the same.

By default line passwords are stored in clear-text in configuration files. To ensure that these
passwords are encrypted in all configuration files:

Router(config)# service password–encryption

To assign an IP address to an interface:

Router(config)# interface fa0/0

Router(config-if)# ip address 192.168.1.1 255.255.255.0

By default, all router interfaces are administratively shutdown. To take an interface


out of an administratively shutdown state: Router(config)# interface fa0/0

Router(config-if)# no shutdown

On the DCE (Data Communication Equipment) side of a serial connection we must set
the speed, or clock rate, for the DTE (Data Terminal Equipment) side. Clock rate is in
BPS (bitsper-second).

To set the clock rate, if you are the DCE side of a serial connection:

Router(config)# interface serial 0

Router(config-if)# clock rate 64000

Status of Router Interfaces

Serial 0 is up, line protocol is up – This means that the interface is up and running and both
ends are sending and receiving keepalives as well as traffic can be routed across an interface.

The first part of this status Serial0 is up refers to the physical layer status of the interface. The
second part line protocol is up refers to the data-link layer status of the interface.

Serial 0 is down, line protocol is down – This means that the interface is physically down,
this may be because a defective or unplugged cable or interface.

Serial 0 is up, line protocol is down – This means that line protocol is down which refers
to data-link layer functions. This may be because of:
• Absence of keepalives being sent or received
• Clock rate not set on the DCE side of a serial connection
For internal purpose | Confidential 34
• Different encapsulation types set on either side of the link

Serial 0 is administratively down, line protocol is down – This means the interface
has been administratively shutdown.

IOS Troubleshooting commands:


Command Description
Router# show tech-support Displays every config file and many show commands
together.
Router# debug ip packet Displays real time info of each and every packet
Router# debug all Debugs all possible options
Router# undebug all Stop all debug options
Router# ping 192.168.10.1 Checks connectivity to a particular IP
Router# traceroute 192.168.10.1 Checks hop by hop connectivity
Router# telnet 192.168.10.1 telnet to a remote device

To exit a telnet session:

Router# exit

To return to the router you telnetted from, without exiting the session:

• Hold CTRL+SHIFT+6 and then release


• Type the character x

To view all open telnet sessions:

Router# show sessions

Section 10
Cisco Advanced IOS Configuration

Configuration register (config-register) is a hexadecimal value that controls various aspects


of how a router boots, including:
For internal purpose | Confidential 35
• Baud Rate
• Boot Messages (enable/disable)
• Break (disable/ignore)
• Flash (read-only, read-write)
• NVRAM (use startup-config/bypass startup-config)
• The default config-register is 0x2102.

To change the config-register from the IOS:

Router(config)# config-register 0x2142

This configuration change does not take effect until the next reboot.

Backing up and Restoring the Cisco IOS

The Cisco IOS is stored in flash. Multiple IOS files can be loaded into flash, assuming there
is enough free space. You can view available free space, and the name of any file(s) in flash,
by typing:

Router# show flash

Router# copy flash tftp

You will be prompted for the following information:

• Address of remote host (the TFTP server)


• Source file name (the name of the file in flash)
• Destination file name

To load an IOS file from a TFTP server to the router‟ s flash:

Router# copy tftp flash

The process is nearly identical to copy a startup-configuration file to or from a router‟ s


NVRAM:

Router# copy startup tftp and Router# copy tftp startup


CDP - Cisco Discovery Protocol

CDP is a Cisco propriety protocol used to collect information about locally attached
Cisco switches and routers. CDP is enabled by default on all routers and switches, and
sends out updates every 60 seconds and hold time is 180 seconds. CDP protocol is
used to identify the VOICE VLAN information.

For internal purpose | Confidential 36


CDP will provide the following information about directly connected neighbors:

• Device ID – hostname of remote router/switch


• Local Interface – interface that remote router/switch is directly connected to
• Hold time – amount of time before remote device information is removed from
CDP table
• Capability – Type of remote device like whether it is router, switch, host
• Platform – Model of remote device
• IP Address – IP Address of the remote device

To view CDP timers and hold-down information:


Command Description
Router# show cdp Displays CDP timer and hold down information
Router# show cdp neighbors Displays neighbor information
Router# show cdp traffic Displays CDP traffic stats
Router# show cdp interface Displays CDP interface and port information
Router(config)# no cdp run To disable CDP globally
Router(config-if)# no cdp enable To disable CDP at an interface

For internal purpose | Confidential 37


Section 11
Routing Fundamentals

Routing is done by Router or Layer 3 Switch which helps in sending information from one
network to another network. Devices use paths usually based on the destination network,
and not the destination host.

Routing table consists of:

• The destination network and subnet mask


• The next hop address or router to get to the destination network
• Routing metrics and Administrative Distance
• Exit interface

Best Path Lookup:

To determine the best route to a destination, a router considers three important aspects Prefix-
length of the Network, Metric and Administrative distance in the same order as listed.

Prefix-length is the number of bits used to identify the network, and is used to determine the
most specific route. A longer prefix-length indicates a more specific route.

Example, if there are three routes to reach a host address of 172.16.0.0/16 in the routing table
like,

172.16.0.0/16

172.16.1.0/24

172.16.1.0/26

The router will do a bit-by-bit comparison to find the most specific route i.e., longest
matching prefix. Since the 172.16.1.0/26 network is more specific, that route will be used,
irrespective of the metric or Administrative distance.

Metric allows a router to choose the best path within a routing protocol. That means it
will choose the best among two or more paths as suggested by the same routing protocol.
Distance vector routing protocols use distance and direction as their metric. Link state
protocols utilize cost as their metric. Example: RIP uses hop count as the metric, so if
there are two paths to reach a particular destination with Hop count of 2 and 3
respectively, then the best path would be the one with lesser hops (i.e. 2 hops) as this
would be having lesser metric. Only routes with the best metric are added to the routing
table. If multiple equal-metric routes exist to a particular network, most routing protocols
will load-balance.
Administrative Distance is used to determine which routing protocol to trust the
most. This parameter will come to play when two or more routing protocols are used.
For internal purpose | Confidential 38
Always lowest administrative distance will win. If a router receives a route from RIP and
OSPF to the same network, then it will use Administrative Distance to determine which
routing path to choose.

Administrative Distance for Routing protocols:


Protocol Administrative Distance

Connected 0

Static 1

EIGRP Summary 5

External BGP 20

Internal EIGRP 90

IGRP 100

OSPF 110

IS-IS 115

RIP 120

External EIGRP 170

Internal BGP 200

Unknown 255

So always remember that the best path to a destination is firstly based on highest Prefix-length,
then the Metric and finally AD between routing protocols.

STATIC ROUTING:

There are two basic methods of building a routing table: Statically or Dynamically.
A static routing table is created, maintained, and updated by a network administrator, manually.

Advantages of Static Routing:


• Minimal CPU Usage
• Minimal Memory overhead
• No bandwidth used as there is no exchanging of routing Updates.
• Administrator can control as to how traffic is routed

Disadvantages of Static Routing


• Any changes in the topology must be manually configured by the administrator.
For internal purpose | Confidential 39
• There is no fault tolerance if a link goes down and hence Administrator has to
configure an alternate path if the primary link fails.
• Not scalable for larger networks

Static routes have an AD of 1, will always be preferred over dynamic routes, unless the default
AD is changed. A static route with an adjusted AD is called a floating static route.

DYNAMIC ROUTING

Advantages of Dynamic Routing


• Simpler to configure on larger networks
• Will dynamically choose a different route if the primary link goes down
• Ability to load balance between multiple links

Disadvantages of Dynamic Routing


• More Bandwidth used as updates are shared between routers.
• Routing protocols put additional load on router CPU/RAM for running algorithm to calculate
the path to the destination.
• Best route is defined by the routing protocol based on protocol characteristics and not the
network administrator

Dynamic routing protocols can be broadly classified as Distance Vector Protocol


and Link State Protocol.

Distance-vector Routing Protocols


• Distance vector protocols send Periodic updates of the full routing table to routing
neighbors.
• Distance-vector protocols suffer from slow convergence, and are highly susceptible
to loops.
• Some form of distance is used to calculate a route‟ s metric.
• The Bellman-Ford algorithm is used to determine the shortest path.

A distance-vector routing protocol advertises its directly-connected networks to its


neighbors. These updates are sent regularly like in RIP – every 30 seconds and IGRP every
90 seconds. Neighbors will add the routes from these updates to their own routing tables.
Each neighbor trusts this information completely, and will forward their full routing table
along with their connected routes to every other neighbor. This phenomenon of route
exchange is known as routing by rumor.
Since Periodic updates of full routing table is exchanged from neighbor to neighbor its
convergence is slow, this results in routing loops.
Examples of Distance vector Protocol are RIP and IGRP
RIP uses hop count as its distance metric, and IGRP uses a composite of bandwidth and delay.

For internal purpose | Confidential 40


Link-State Routing Protocols
Link-state protocols do not the concept of routing by rumor. Instead, routers send
updates advertising the state of their directly connected links. All routers know the state
of all existing links within their area, and store this information in a topology table. All
routers within an area have identical topology tables.

Link state Protocol does not send periodic updates, but instead exchange updates only when
there is a topology change.

Link-state protocols maintain three separate tables:


• Neighbor table – contains a list of all neighbors, and the interface each neighbor is connected
off of. Neighbors are formed by sending Hello packets.
• Topology table – contains a map of all links within an area, including each link‟ s status.
• Routing table – contains the best routes to each particular destination

Link-state protocols can converge very quickly and are immune to routing loops.
Additionally, because updates are sent only during a link-state change, and contain only
the change and not the full table, link-state protocols are less bandwidth intensive than
distance-vector protocols.

Link-state protocol utilizes more RAM and CPU on the router itself. Link-state protocols
uses the metric of cost, usually based on bandwidth, to calculate a route‟ s metric. The
Dijkstra formula is used to determine the shortest path.

Dynamic routing protocols can also be classified as Classful or Classless routing


Protocol.

Classful routing protocols

Classful routing protocols do not send subnet mask information along with their routing updates.

• If the router has a directly connected interface belonging to the same major
network, it will apply the same subnet mask as that of the interface on which it
received.
• If the router does not have any interfaces belonging to the same major network,
it will apply the classful subnet mask to the route once it is received.
• Classful routing protocol does not support VLSM (Variable Length Subnet Masks).
Examples of Classful routing protocol are RIP v1, IGRP.
• Always ensure that if networks are subnetted then all are in the same major
network and using the same subnet mask.

Classless routing protocols:

For internal purpose | Confidential 41


Classless routing protocols do send the subnet mask with their updates. Class less routing
supports VLSM. Examples: RIP v2, EIGRP, OSPF, IS-IS

Note: IP Classless Command


Unlike Routing protocol behaving as classful or classless the router itself behaves as a
classful router. If the classful router receives a packet destined for a 192.168.10.x subnet
that is not in the routing table, it will drop that packet, even if there is a default route.
To overcome these use the ip classless command under global configuration mode.

Router(config)# ip classless

Section 12

STATIC ROUTING

Configuring Static Routes


The basic syntax for a static route is as follows:
Router(config)# ip route [destination_network] [subnet_mask] [next-hop] {AD}

Router A:
Fa0/0 – 192.168.20.1 /24, Fa0/1- 192.168.30.1 /24

Router B:
Fa0/0 – 192.168.30.2 /24, Fa0/1- 192.168.40.1 /24

RouterA has 192.168.20.0/24 and 192.168.30.0/24 networks in its routing table as


directlyconnected routes.

To add a static route on RouterA to reach the 192.168.40.0/24 network via RouterB:
RouterA(config)# ip route 192.168.40.0 255.255.255.0 192.168.30.2
RouterB(config)# ip route 192.168.20.0 255.255.255.0 192.168.20.1

To remove a static route, simply type no in front of it:


RouterA(config)# no ip route 192.16.40.0 255.255.255.0 192.168.30.2

For internal purpose | Confidential 42


On point-to-point links an exit-interface can be specified instead of a next hop address as
below.
RouterA(config)# ip route 192.168.40.0 255.255.255.0 fa0/1
RouterB(config)# ip route 192.168.20.0 255.255.255.0 fa0/0

Always a static route configured using an exit-interface will have an Administrative


Distance of 0. But if configured with next hop Administrative distance will be default AD
of 1.

Floating Static Routing:

The Administrative Distance of a static route can be changed to create a floating static
route. A floating static route is often used as a backup route to a dynamic routing protocol.

To change the Administrative Distance of a static route to 201:

RouterA(config)# ip route 192.168.40.0 255.255.255.0 192.168.30.2 201

Static routes will only remain in the routing table as long as the interface connecting to
the next-hop router is up. To ensure a static route remains permanently in the routing
table, even if the next-hop interface is down:

RouterA(config)# ip route 192.168.12.0 255.255.255.0 192.168.11.2 permanent

Static routes can be used to discard traffic to specific networks by sending that traffic to
a logical null interface:

RouterA(config)# ip route 10.0.0.0 255.0.0.0 null0

Static Default Route

If a specific route to a particular network does not exist in the routing table the router will
drop all traffic destined to that network.

For internal purpose | Confidential 43


A default route, or gateway of last resort, allows traffic to be forwarded, even when a specific
route to that particular network is not there in the routing table.

The default route is identified by all zeros in both the network and subnet mask that is 0.0.0.0
0.0.0.0

The word “gateway of last resort” is used since it is the lastly used route, and will be used
only if a more specific route does not exist.

To configure a default route:

RouterA(config)# ip route 0.0.0.0 0.0.0.0 192.168.30.2

For internal purpose | Confidential 44


Section 13

Routing Information Protocol – RIP

RIP is an Open standard Distance Vector protocol that means it can be used on multiple vendor
environments. RIP is used for smaller networks.

RIP has the following Distance Vector characteristics:


• RIP sends out periodic routing updates every 30 seconds
• RIP sends out the full routing table every periodic update
• RIP uses a form of distance as its metric which is hop count
• RIP uses the Bellman-Ford Distance Vector algorithm to determine the best path to
a particular destination
• RIP utilizes UDP port 520
• RIP routes have an administrative distance of 120.
• RIP has a maximum hop count of 15 hops. Any network that is 16 hops away or
more is considered unreachable to RIP.
• RIP will load balance on multiple equal metric paths (by default, up to 4). If the metric
(hop count) is equal on multiple paths but with different bandwidth then RIP uses a
round-robin system of load-balancing between equal metric routes which can cause
Pinhole congestion.

RIP has got two versions that is Version 1 and Version 2:

Similarities and Differences between RIP v1 and RIP v2:

RIP V1 RIP v2
Classful Classless
Does not support VLSM Does support VLSM
Send updates as Broadcast Send updates as Multicast to IP 224.0.0.9
Max Hop count 15 Max Hop count 15
Does not support Authentication of Does support Authentication of Routing
Routing updates updates
RIP v1 routers will sent only Version 1 RIP v2 routers will sent only Version 2 packets
packets
RIP v1 routers will receive both Version RIP v2 routers will receive only Version 2
1 and 2 updates updates

For internal purpose | Confidential 45


RIP Loop Avoidance Mechanisms

RIP, as a Distance Vector routing protocol, is susceptible to loops due to its slow convergence.
Let‟ s assume no loop avoidance mechanisms are configured on either router.

Router A:
Fa0/0 – 192.168.20.1 /24, Fa0/1- 192.168.30.1 /24

Router B:
Fa0/0 – 192.168.30.2 /24, Fa0/1- 192.168.40.1 /24

Routing Loop Example:

As in the above example if the 192.168.40.0 network fails, Router B will send out an update to
Router A within 30 seconds when its update timer expires informing Router A that route is
unreachable with a metric = 16. But before the update is sent from Router B to Router A, if an
update from Router A reaches Router B, then Router A believes it can reach the 192.168.40.0
network in one hop through Router B. This update will cause Router B to believe it can reach
the failed 192.168.40.0 network in two hops, through Router A. Both routers will continue to
increment the metric for the network until they reach a hop count of 16, which is unreachable.
This behavior is known as counting to infinity.

Loop avoidance mechanisms:

Split-Horizon – Prevents a routing update from being sent out the interface on which it was
received. In our above example, this would prevent Router A from sending an update for the
192.168.40.0 network back to Router B, as it originally learned the route from Router B.
Splithorizon is enabled by default on Cisco Routers.

Route-Poisoning – Works in conjunction with split-horizon, by triggering an automatic


update for the failed network, without waiting for the update timer to expire. This update is
sent out all interfaces with infinity metric for that network.

Hold-Down Timers – Prevents RIP from accepting any new updates for routes in a holddown
state, until the hold-down timer expires. If Router A sends an update to Router B with a higher

For internal purpose | Confidential 46


metric than what is currently in Router B‟ s routing table, that route will be placed in a hold-
down state.
RIP Timers:
Update Timer 30 Seconds
Invalid Timer 180 Seconds
Hold down Timer 180 Seconds
Flush Timer 240 Seconds

To configure the RIP timers:

Router(config)# router rip

Router(config-router)# timers basic 15 120 120 180

The timers basic command allows us to change the update, invalid, hold-down, and flush timers.

RIP Configuration:

Router(config)#router rip

Router(config-router)#network x.x.x.x (Where x.x.x.x is major network information)

Router A:
Fa0/0 – 192.168.20.1 /24, Fa0/1- 192.168.30.1 /24

Router B:
Fa0/0 – 192.168.30.2 /24, Fa0/1- 192.168.40.1 /24

RouterA(config)# router rip


RouterA(config-router)# network 192.168.20.0
RouterA(config-router)# network 192.168.30.0

The first command, router rip, enables the RIP process. The network statements tell RIP which
networks you wish to advertise to other RIP routers.

For internal purpose | Confidential 47


To enable RIP v2
RouterA(config)# router rip
RouterA(config-router)# version 2

Even when router sends a RIPv2 update, by default it will still summarize the network to its
Classful boundary. Thus, RIPv2 acts like RIPv1, unless we disable auto summarization:

RouterA(config)# router rip


RouterA(config-router)# version 2
RouterA(config)# no auto-summary

For internal purpose | Confidential 48


Section 14

Enhanced Interior Gateway Routing Protocol

Features and Characteristic of EIGRP:

• EIGRP is a Cisco-proprietary protocol


• EIGRP is a Hybrid routing protocol, having features of both Distance-Vector and Link-
State routing protocols. As per distance vector characteristic EIGRP uses Routing by
rumors‟ and as per the link state characteristic doesn‟ t send periodic full routing
updates but send updates only when there is a topology change.
• EIGRP uses Diffusing Update Algorithm (DUAL) to determine the best path among all
“feasible” paths. DUAL also helps ensure a loop free routing environment.
• EIGRP will form neighbor relationships with adjacent routers in the same Autonomous
System (AS).
• EIGRP traffic is either sent as unicasts, or as multicasts on address 224.0.0.10,
depending on the EIGRP packet type.
• Reliable Transport Protocol (RTP) is used to ensure delivery of most EIGRP packets.
• EIGRP is a classless protocol, and thus supports VLSMs.
• EIGRP supports IP, IPX, and AppleTalk routing.
• EIGRP applies an Administrative Distance of 90 for routes originating within the local
Autonomous System.
• EIGRP applies an Administrative Distance of 170 for external routes coming from
outside the local Autonomous System
• EIGRP uses Bandwidth and Delay of the Line, by default, to calculate its distance
metric. It also supports three other parameters to calculate its metric: Reliability,
Load, and MTU.
• EIGRP has a maximum hop-count of 224, though the default maximum hop-count is
set to 100.
• EIGRP builds three separate tables:
• Neighbor table – list of all neighboring routers. Neighbors must belong to the same
Autonomous System
• Topology table – list of all routes in the Autonomous System
• Routing table – contains the best route for each known network

EIGRP Neighbor Table:


A neighbor table is constructed from the EIGRP Hello packets, which includes the following
information:
• The IP address of the neighboring router.
• The local interface that received the neighbor‟ s Hello packet.
• The Hold timer.
For internal purpose | Confidential 49
• A sequence number indicating the order neighbors were learned.
Adjacencies will not form unless the primary IP addresses on connecting interfaces are on the
same subnet. Neighbors cannot be formed on secondary addresses. EIGRP forms neighbor
relationships, called adjacencies, with other routers in the same AS by exchanging Hello packets.
Only after an adjacency is formed can routers share routing information. Hello packets are sent
as multicasts to address 224.0.0.10. Also “K” values should match to form adjacency. Hello and
Hold timers do not need to match between routers for an EIGRP neighbor relationship to form.
By default, on LAN and high-speed WAN interfaces, EIGRP Hellos are sent every 5 seconds. On
slower WAN links lesser than T1 speed, EIGRP Hellos are sent every 60 seconds by default.

The EIGRP Topology Table:


Once EIGRP neighbors form adjacencies, they will begin to share routing information. Each
router‟ s update contains a list of all routes known by that router, and the respective metrics
for those routes.
All such routes are added to an EIGRP router‟ s topology table. The route with the lowest
metric to each network will become the Feasible Distance (FD). The Feasible Distance for
each network will be installed into the routing table. The best route which is both in the Topology
table and Routing table is referred as Successor Route
The Feasible Distance is derived from the Advertised Distance of the router sending the
update, and the local router‟ s metric to the advertising router.

As shown in the diagram RouterA has three paths to reach the Destination Network RouterH,
either through Router B, C, or D. If we sum up the metrics to form a distance, we can determine
the following:
• RouterB‟ s Feasible Distance to the Destination Network is 10.
• RouterC‟ s Feasible Distance to the Destination Network is 25.
• RouterD‟ s Feasible Distance to the Destination Network is 11.
RouterB sends an update to RouterA, it will provide an Advertised Distance of 10 to the
Destination Network. RouterC will provide an AD of 25, and D will provide an AD of 11.
RouterA calculates the total distance to the Destination network by adding the AD of the
advertising router, with its own distance to reach that advertising router. For example,
RouterA‟ s metric to RouterB is 9; thus, the total distance will be 19 to reach the Destination
Network through RouterB.

For internal purpose | Confidential 50


From RouterA the successor route must be the route with the lowest metric. If we add the
Advertised Distance with the local metric between each router, we would see that:
• The route through RouterB has a distance of 19 to the destination
• The route through RouterC has a distance of 30 to the destination
• The route through RouterD has a distance of 14 to the destination

Hence route through RouterD (metric of 14) would become the Feasible Distance for
RouterA, and is added to the routing table as the best route.
To allow convergence to occur quickly if a link fails, EIGRP includes backup routes in the topology
table called Feasible Successors (FS). A route will only become a Successor if its Advertised
Distance is less than the current Feasible Distance. This is known as a Feasible Condition
(FC).
For example, we determined that RouterA‟ s Feasible Distance to the destination is 14, through
RouterD. RouterC‟ s Advertised Distance is 25, and thus would not become a feasible
successor, as it has a higher metric than RouterA‟ s current Feasible Distance. Routes that are
not Feasible Successors become route Possibilities. RouterB‟ s Advertised Distance is 8, which
is less than RouterA‟ s current Feasible Distance. Thus, the route through RouterB to the
Destination Network would become a Feasible Successor. Feasible Successors provide EIGRP
with redundancy, without forcing routers to re-converge (thus stopping the flow of traffic) when
a topology change occurs. If no Feasible Successor exists and a link fails, a route will enter an
Active (converging) state until an alternate route is found.

EIGRP Packet Types: EIGRP has five packet types:

Packet Type
Hello Packet Multicast
Update Packet Unicasts or Multicast
Query Packet Multicast
Reply Packet Unicasts
Acknowledgement Packet Unicasts

EIGRP Metrics
EIGRP can utilize 5 separate metrics to determine the best route to a destination:

Bandwidth K1 Slowest link in the route path, measured in kilobits


Load K2 Cumulative load of all outgoing interfaces in the path.
Delay of the K3 Cumulative delay of all outgoing interfaces in the path in tens of microseconds
Line
Reliability K4 Average reliability of all outgoing interfaces in the path
MTU K5 Smallest Maximum Transmission Unit in the path.

For internal purpose | Confidential 51


By default it uses only K1 and K3 that is Bandwidth and Delay as the cumulative metric. And
moreover The MTU value is actually never used to calculate the metric. And by default the formula
is [10000000/bandwidth + delay] * 256. Else the complete formula is:
[K1 * bandwidth * 256 + (K2 * bandwidth) / (256 - load) + K3 * delay * 256] * [K5 / (reliability +
K4)]

EIGRP Configuration:

Router(config)# router eigrp AS

Router(config-router)# network x.x.x.x (Where x.x.x.x is major network information)

Router A:
Fa0/0 – 192.168.20.1 /24, Fa0/1- 192.168.30.1 /24

Router B:
Fa0/0 – 192.168.30.2 /24, Fa0/1- 192.168.40.1 /24

RouterA(config)# router eigrp 100


RouterA(config-router)# network 192.168.20.0
RouterA(config-router)# network 192.168.30.0

The first command, router eigrp 100, enables the EIGRP process. The 100 indicates the
Autonomous System number. The Autonomous System number can range from 1 to 65535. Only
other EIGRP routers in Autonomous System 100 will form neighbor adjacencies and share
updates with this router.

The network statements serve two purposes in EIGRP:


• First, they identify which networks you wish to advertise to other EIGRP routers.
• Second, they identify which interfaces on the local router to attempt to form neighbor
relationships out of those interfaces.

For internal purpose | Confidential 52


EIGRP Route States

An EIGRP route can exist in one of two states, in the topology table:
• Active state
• Passive State
A Passive state indicates that a route is reachable, and that EIGRP is fully converged. A stable
working EIGRP network will have all routes in a Passive state.

Stuck in Active (SIA)

Routes will become Stuck-in-Active (SIA) when a router sends out an EIGRP Query packet, but
does not receive an EIGRP Reply packet within three minutes. In other words, a route will
become SIA if EIGRP fails to re-converge.

EIGRP Load-Balancing

By default, EIGRP will automatically load-balance across equal-metric routes four by default, six
maximum depending on the IOS. EIGRP also supports load-balancing across routes with an
unequal metric using the Variance command. The variance command assigns a “multiplier,” in
this instance of X. Multiply this variance value by the metric of our Successors Feasible Distance
to balance load on all paths equal or up to the value calculated.

EIGRP COMMAND REFERENCES

Command Description
Router(config-if)# ip hello-interval eigrp 100 8 Changes the hello interval to 8 seconds for
AS 100
Router(config-if)# ip hold-interval eigrp 100 24 Changes the dead interval to 24 seconds for
AS 100
Router(config-router)# no auto-summary Disables auto summarization
RouterC(config-router)# passive-interface s0 Displays EIGRP updates being sent out of an
interface as well will not form neighbor
relationship
Router(config-if)# bandwidth 64000 Changes Bandwidth on an interface
Router(config-if)# ip bandwidth-percent eigrp 10 Limits EIGRP usage of bandwidth on an
30 interface.
Router(config-if)# delay 10000 Changes delay on an interface
RouterA(config-router)# variance 2 Used for Un-equal load balancing
Router# show ip eigrp neighbor View EIGRP neighbor table
Router# show ip eigrp topology View EIGRP topology table
Router# show ip eigrp traffic View EIGRP traffic sent and received
For internal purpose | Confidential 53
Router# debug eigrp neighbors
Router# debug eigrp packet Debug EIGRP
Router# debug eigrp route
Router# debug eigrp summary

For internal purpose | Confidential 54


Section 15

OSPF (Open Shortest Path First)

Features and characteristics of OSPF are as follows:

• OSPF is a open standard protocol


• OSPF is a link state routing protocol, designed to scale efficiently to support larger
networks.
• OSPF allows for a hierarchical network design through the use of Areas • OSPF
will form neighbor relationships with adjacent routers in the same Area.
• OSPF advertises the status of directly connected links in the form of Link-State
Advertisements (LSAs).
• OSPF will only send out updates when there is a topology change
• OSPF traffic is multicast either to address 224.0.0.5 which is all OSPF routers or
224.0.0.6 to all Designated Routers.
• OSPF uses the Dijkstra Shortest Path First algorithm to determine the shortest path.
• OSPF is a classless protocol, and thus supports VLSMs.
• OSPF supports only IP routing.
• OSPF routes have an administrative distance is 110.
• OSPF uses cost as its metric, which is computed based on the bandwidth of the link.
OSPF has no hop-count limit.
• OSPF is a hierarchical system that separates an Autonomous System into individual
areas.
• OSPF traffic can either be intra-area (within the area), inter-area (between different
areas), or external (from another AS).
• OSPF routers build a Topology Database of all links within their area, and all routers
within an area will have an identical topology database. Routing updates between these
routers will only contain information about links local to their area. Limiting the
topology database to include only the local area conserves bandwidth and reduces
CPU loads.
• Area 0 is required for OSPF to function, and is considered the “Backbone” area. As a
rule, all other areas must have a connection into Area 0, though this rule can be
bypassed using virtual links.
• Area 0 is often referred to as the transit area to connect all other areas.

For internal purpose | Confidential 55


Different OSPF router types:

• Internal Routers – all router interfaces belong to only one Area.


(Area 1 – R4, R5, R6 and Area 2 – R7, R8, R9)
• Area Border Routers (ABRs) – contains interfaces in at least two separate areas
(R2 is ABR in Area 0 and Area 1, R3 is ABR in Area 0 and Area 2)
• Backbone Routers – contain at least one interface in Area 0
(R1, R2 and R3 area Backbone Routers)
• Autonomous System Border Routers (ASBRs) – contain a connection to a
separate
Autonomous System
(R1 is an ASBR)

The OSPF process builds and maintains three separate tables:


• A neighbor table – contains a list of all neighboring routers.
• A topology table – contains a list of all possible routes to all known networks within
an area.
• A routing table – contains the best route for each known network.

OSPF Neighbor Table:

• OSPF forms neighbor relationships, called adjacencies, with other routers in the same
Area by exchanging Hello packets to multicast address 224.0.0.5. Only after an
adjacency is formed can routers share routing information. Each OSPF router is
identified by a unique Router ID. The Router ID can be configured in three ways:
• The Router ID can be manually specified.

For internal purpose | Confidential 56


• If not manually specified, the highest IP address configured on any Loopback interface
on the router will become the Router ID.
• If no loopback interface exists, the highest IP address configured on any Physical
interface will become the Router ID.
• By default, Hello packets are sent out OSPF-enabled interfaces every 10 seconds for
broadcast and point-to-point interfaces, and 30 seconds for non-broadcast and point-
to-multipoint interfaces. Dead interval is four times the hello interval, that means dead
interval on a broadcast or point-to-point interface is 40 where as on a non-broadcast
and point-to-multipoint interface is 120.
• OSPF routers will form adjacency only if the following parameters within a Hello
packet are same on each router:

 Area ID
 Authentication
 Subnet Mask
 Hello Interval
 Dead Interval

OSPF Designated router:

In multi-access networks such as Ethernet, we will have many neighbor relationships on the same
physical segment. As in the above example there are five routers connected into the same multi-
access segment. Hence total number of neighbor relationship would be n(n-1)/2, where n is the
number of routers, hence we require 10 separate adjacencies for a fully meshed network. As the
number of devices increases it leads to unnecessary Link State Advertisement (LSA) traffic. And
more ever if a link on one of the Router fails; it would flood this information to all neighbors and
each neighbor, in turn, would then flood that same information to all other neighbors. This is a
waste of bandwidth and processor load. To prevent this, OSPF will elect a Designated Router
For internal purpose | Confidential 57
(DR) for each multi-access networks, accessed via multicast address 224.0.0.6. As always for
redundancy purposes, a Backup Designated Router (BDR) is also elected.
OSPF routers will form adjacencies with the DR and BDR. If a change occurs to a link, the update
is forwarded only to the DR, which then forwards it to all other routers. This greatly reduces
the flooding of LSAs. DR and BDR elections are determined by a router‟ s OSPF priority, which
is configured on a per-interface basis. The router with the highest priority becomes the DR;
second highest becomes the BDR. If priorities are same then the tie breaker

For internal purpose | Confidential 58


would be the routers Router ID, Which ever the router has the highest Router ID will become
the DR.
Default priority on Cisco routers is 1.
A priority of 0 will prevent the router from being elected DR or BDR.
Example: As per the above diagram RouterE will be the DR and RouterD will be the
BDR.

OSPF Neighbor States

As neighbor adjacencies are formed, they will progress through several “states,” including:

State Description
Down No Hellos have been heard from the neighboring router.
Init Hello packet has been heard from the neighbor, but two way communication
has not yet been initialized.
2-Way Indicates Neighbor adjacency, and is possible if a router sees its own Router
ID in its neighbor‟ s hello packet. DR and BDR is also elected in this state.
EXSTART Election of Master/slave relationships are formed between routers to
determine who will begin the exchange.
Exchange Routers exchanging Database Descriptors (DBDs). DBDs contain a
description of the router‟ s Topology Database. A router will examine a
neighbor‟ s DBD to determine if it has information to share.
Loading Exchange of Link State Advertisements, containing information about all
links connected to each router. Essentially, routers are sharing their
topology tables with each other by sending and receiving LSU’s
Full Routers are fully synchronized and have exchanges LSAcks.

OSPF Network Types

Network Type DR, BDR Election Neighbor Statement


Broadcast Multi-Access OSPF will elect DR, BDR No neighbor statement
Point-to-Point OSPF will not elect DR, BDR No neighbor statement
Point-to-Multipoint OSPF will not elect DR, BDR No neighbor statement
Non-broadcast Multi-access OSPF will elect DR, BDR Neighbor statement is
Network (NBMA) required
For internal purpose | Confidential 56
LSA TYPES:

Type Description Generated By


LSA Type 1 Router LSA‟ s All Routers
LSA Type 2 Network LSA‟ s Designated Router
LSA Type 3 Network Summary LSA‟ s Area Border Router
LSA Type 4 ASBR Summary LSA‟ s Area Border Router
LSA Type 5 External LSA‟ s Autonomous System Border Router

The OSPF Metric


OSPF determines the best path to a destination network based on based on metric cost, which
is based on the bandwidth of interfaces. The total cost of a route is the sum of all outgoing
interface costs. Lowest cost is preferred. It uses the formula 108/Bandwidth

Interface Type Cost

Serial – 64 Kbps 1562

T1 – 1.544 Mbps 64

Ethernet – 10 Mbps 10

Token Ring – 16 Mbps 6

Fast Ethernet – 100 Mbps 1

For internal purpose | Confidential 57

For internal purpose | Confidential 60


OSPF Configuration:

Router(config)#router ospf [process ID]

Router(config-router)#network x.x.x.x y.y.y.y area z (Where x.x.x.x is network information,


y.y.y.y is wildcard information and z is area)

Router A:
Fa0/0 – 192.168.20.1 /24, Fa0/1- 192.168.30.1 /24

Router B:
Fa0/0 – 192.168.30.2 /24, Fa0/1- 192.168.40.1 /24

RouterA(config)# router ospf 100


RouterA(config-router)# network 192.168.20.0 0.0.0.255 area 1 RouterA(config-router)#
network 192.168.30.0 0.0.0.255 area 0

The 100 in the router ospf statement, indicates the OSPF process ID, and can be unique on each
router. The process ID allows multiple OSPF processes to run on the same router. After the
network we are using wildcard mask instead of a subnet mask in the network statement. With
OSPF, we don‟ t advertise the networks instead we enable the interfaces to be in specific areas,
so that those routers can form neighbor relationships. The wildcard mask 0.0.0.255 tells us that
the last octet can match any number.
The first network statement places interface Fa0/0 on RouterA into Area 1, and the second
network statement places interface Fa0/1 on RouterA into Area 0. We could also have written
the network statement more specifically like

RouterA(config)# router ospf 100


RouterA(config-router)# network 192.168.20.1 0.0.0.0 area 1 RouterA(config-router)#
network 192.168.30.1 0.0.0.0 area 0

In order for Router B to form a neighbor relationship with RouterA, its connecting interface must
be put in the same Area and subnet as RouterA:

RouterB(config)# router ospf 101


RouterB(config-router)# network 192.168.40.1 0.0.0.0 area 1
RouterB(config-router)# network 192.168.30.2 0.0.0.255 area 0
In the above configuration please observer that the process Id is 101 which is not same as in
RouterA as this is locally significant, and RouterB‟ s fa0/0 is in area 0 and fa0/1 in area 1.
For internal purpose | Confidential 62
OSPF COMMAND REFERENCES

Command Description
RouterC(config-router)# passive-interface s0 Prevents Neighbor relationship as well, will
not send and receive updates.
RouterC(config-router)# router-id 1.1.1.1 Manually specifies the Router-Id
RouterC(config-router)# area 1 virtual-link 3.3.3.3 Create Virtual Links, where Virtual links can
be used as a workaround, to allow logically
connect separated areas to Area 0
Router(config-if)# bandwidth 64000 Change the bandwidth on an interface
Router(config-if)# ip ospf cost 5 Change the cost of an interface
Router(config-router)# ospf auto-cost Changes the reference used in calculating the
referencebandwidth 100 metric
Router(config-if)# ip ospf priority 2 Changes the ospf priority of an interface
Router# show ip ospf neighbor Displays Neighbor Table
Router# show ip ospf database Displays Database table
Router# show ip ospf 100 View Specific OSPF process
Router# show ip ospf interface fa0/0 View Specific OSPF process on an interface
Router# debug ip ospf adj
Router# debug ip ospf events Debug OSPF in real time
Router# debug ip ospf hello

For internal purpose | Confidential 63


Section 16

Virtual LANs (VLANs)

Features and Characteristics of VLAN

Virtual LANs separate a Layer 2 switch into multiple broadcast domains.


Each VLAN is its own individual broadcast domain
Most commonly each VLAN will be in its own Subnet.
One or more ports can be assigned to a specific VLAN. Only
ports belonging to the same VLAN can freely communicate;
Inter VLAN communication requires a router to communicate.
Broadcasts from one VLAN will never be sent out ports belonging to another VLAN.

As in above diagram six computers are connected to a Layer 2 switch. PC1, PC3 and PC5 belong
to VLAN 1, and PC2, PC4 and PC6 belong to VLAN 2. Since PC1, PC3 and PC5 belong to the
same VLAN, IP subnet and broadcast domain they can communicate to each other without the
need of a router. Similarly PC2, PC4 and PC6 belong to the same VLAN, IP subnet and broadcast
domain they can communicate to each other without a router, But PC1, PC3 and PC5 will not
be able to communicate with PC2, PC4, or PC6 as they belong to separate VLANs and separate
IP subnets. Broadcasts from VLAN 1 will never go out ports configured for VLAN 2. A router
will be necessary for both VLANs to communicate.
Most Catalyst multi-layer switches have integrated or modular routing processors. Otherwise,
an external router is required for inter-VLAN communication.

By default with Cisco Catalysts, all ports on every switch belong to VLAN 1. VLAN 1 is also
considered the management VLAN.

For internal purpose | Confidential 64


Advantages of VLAN:

Broadcast Control: In a generic Layer 2 switched environment, broadcasts are received by


every host on the switched network. But at the same time if VLANs are configured then, each
VLAN belongs to its own broadcast domain; thus broadcast traffic from one VLAN will never
reach another VLAN.
Security – We can logically separate PC based on functions, Department etc by creating multiple
VLANs.
Flexibility and Scalability – Irrespective of the geographical position, users and devices can be
added or moved anywhere on the physical network, but remain to be in the same VLAN. Thus,
access to resources will never be interrupted.

VLAN Membership

VLAN membership of two ways:

Statically – One or more switch-ports must be manually assigned to a VLAN. Any device
connecting to these switch-ports becomes a member of that VLAN.

Dynamically – Devices are automatically assigned into a VLAN based on its MAC address. Cisco
developed a dynamic VLAN product called the VLAN Membership Policy Server (VMPS).
In more sophisticated systems, a user‟ s network account can be used to determine VLAN
membership.

VLAN Port Types

There are two types of ports supported on a VLAN-enabled switch, access ports and trunk
ports.

An access port belongs to only one VLAN. Host devices, such as computers and printers, plug
into access ports. A host automatically becomes a member of the VLAN, which the switch-port
is assigned to. This is done transparently, and the host is usually unaware of the VLAN
infrastructure. By default, all switch ports are access ports.
Trunk ports do not belong to a single VLAN. Any or all VLANs can traverse trunk links to
reach other switches. Only Fast or Gigabit Ethernet ports can be used as trunk links.

VLAN Frame-Tagging

For internal purpose | Confidential 65


On trunk links, switches need to differentiate the frames with respect to VLAN it belongs to.
Frame tagging places a VLAN ID in each frame, identifying which VLAN the frame belongs to.
Tagging occurs only when a frame is sent out a trunk port.

Cisco switches support two frame-tagging protocols, Inter-Switch Link (ISL) and IEEE 802.1Q.

For internal purpose | Confidential 66


Inter-Switch Link (ISL) is a Cisco‟ s proprietary frame-tagging protocol, and supports frames
like Ethernet, Token Ring, FDDI, and ATM frames. ISL encapsulates a frame with an additional
header (26 bytes) and trailer (4 bytes), increasing the size of an Ethernet frame up to 30 bytes.
The header contains the 10 byte VLAN ID. Since ISL increases the size of a frame, non-Cisco
devices will actually drop ISL-tagged frames. Many devices are configured with a maximum
acceptable size for Ethernet frames (usually 1518 bytes). ISL frames can be as large as 1544 bytes,
and thus are considered to be “giants” or corrupt.

IEEE 802.1Q is an Open standard frame tagging protocol supported by most switch
manufacturers, including Cisco. Instead of adding an additional header and trailer, 802.1Q actually
embeds a 4-byte VLAN ID into the Layer 2 frame header. This still increases the size of a frame
from its usual 1518 bytes to 1522 bytes which is supported by most of the devices.

Manual vs. Dynamic Trunking

ISL or 802.1Q tagging can either be manually configured on Catalyst trunk ports, or dynamically
decided using Cisco‟ s proprietary Dynamic Trunking Protocol (DTP).

A port can be placed into a dynamic trunk mode, or into static trunk mode. The either ends can
be different modes to create a trunk link.

Trunk Static trunking. Interface enters permanent


trunk mode, and will negotiate trunking
Dynamic Desirable Attempts to trunk with remote port.
Dynamic Auto Does not actively attempt to trunk with
remote port, but will form trunk if remote port
negotiates for trunking.

Possible Combinations to form trunk is as below:

Port End 1 Port end 2 Trunking

Trunk Trunk Yes

Trunk Dynamic Desirable Yes

Trunk Dynamic Auto Yes

Trunk Access No

Dynamic Desirable Dynamic Desirable Yes

Dynamic Desirable Dynamic Auto Yes


Dynamic Desirable Trunk Yes

Dynamic Desirable Access No

Dynamic Auto Dynamic Desirable Yes

Dynamic Auto Dynamic Auto No

Dynamic Auto Trunk Yes

For internal purpose | Confidential 62

For internal purpose | Confidential 68


Switch Configuration:

To configure IP address to a Switch

Switch(config)# int vlan 1


Switch(config-if)# ip address 192.168.10.2 255.255.255.0

To configure Default gateway on a Switch

Switch(config)# ip address 192.168.10.1

To configure Static VLAN

Switch(config)# vlan 100


Switch(config-vlan)# name CCNA_VLAN

The above command creates VLAN 100 in the name CCNA_VLAN.

Note: VLANs is stored in Flash in a database file named vlan.dat.


However, information concerning which ports are assigned to a specific VLAN is not stored in
this file; it is stored in the startup-config file instead.

Assign an interface to this VLAN.

Switch(config)# interface fa0/1


Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 100

The above command configures the interface fa0/1 as an access port, and assigns this access port
to VLAN 100.

To view the list of VLANs, including which ports are assigned to each VLAN:
Switch# show vlan

Configuring Trunk Links


To manually configure a trunk port, either for ISL or 802.1Q tagging:

Switch(config)# interface fa0/10


Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation [isl] [dot1q]

The command sets the interface as a trunk port and also manually sets the tagging protocol the
trunk link will use. Both sides of the trunk line must be configured with the same tagging protocol.
For internal purpose | Confidential 69
The Catalyst switch can negotiate the tagging protocol:

Switch(config)# interface fa0/1


Switch(config-if)# switchport trunk encapsulation negotiate VLAN Trunking Protocol
(VTP)

In large switched networks, it will be difficult to maintain a consistent VLAN database across all
switches on the network. VLAN Trunking Protocol (VTP) allows the VLAN database to be easily
managed and consistent throughout the network.
Switches configured with VTP are joined to a VTP domain. Only switches belonging to the same
domain will share VLAN information, and a switch can only belong to a single domain. When an
update is made to the VLAN database, this information is propagated to all switches via VTP
advertisements.
By default, VTP updates are sent out every 300 seconds, or anytime a change to the database
occurs. VTP updates are sent across VLAN 1 and are only sent out trunk ports.

VTP Modes

Server – Switches can create, modify or delete entries in the VLAN database. Servers advertise
their VLAN database to all other switches on the network. Servers can synchronize their database
along with other Servers switches or Client switches. This is the default mode for Cisco Catalyst
switches. Servers can only advertise VLANs 1 - 1005.

Client – Switches cannot make modifications to the VLAN database, and will receive all of their
VLAN information from VTP servers. A client will also forward an update from a server to other
clients.

Transparent – Switches will not advertise or accept any VLAN database information from other
switches. Changes made are only local to the transparent switch. However, transparent VTP
switches will forward VTP information from servers to clients.

All synchronize their database based on their revision number.

Catalyst switches that participate in a VTP domain support up to 1005 VLANs. Catalyst switches
configured in VTP transparent mode support up to 4094 VLANs.

Configuring VTP

To configure VTP domain:


Switch(config)# vtp domain Cisco

For internal purpose | Confidential 70


To configure a switch‟ s VTP Mode:
Switch(config)# vtp mode server
Switch(config)# vtp mode client
Switch(config)# vtp mode transparent

VTP domain can be password protected using:


Switch(config)# vtp password P@ssw0rd

All switches participating in the VTP domain must be configured with the same password.

VTP versions: Version 1 and Version 2

VTP version 2 supports additional functionality, including error checking and support for token
Ring. VTP version 2 also allows transparent switches to always forward update information from
servers to clients, even if the transparent switch is in a separate domain. By default, a Catalyst
switch uses VTP version 1.

To configure the VTP version:

Switch(config)# vtp version 2

To view status information about VTP, including version, domain and mode: Switch#
show vtp status

Message and error counters can also be viewed:


Switch# show vtp counters

VTP Pruning

VTP pruning is a process of preventing unnecessary VLAN broadcast or multicast traffic. With
VTP pruning, traffic is only sent out the necessary VLAN trunk ports where those VLANs exist.

For internal purpose | Confidential 71


In the above example, VTP pruning would prevent VLAN 3, VLAN 4 and VLAN 5 broadcasts
from being sent to Switch 3. Also Pruning would prevent VLAN 5 broadcasts from being sent to
Switch 2.

VTP pruning is disabled by default on Catalyst IOS switches. To enable VTP pruning:

Switch(config)# vtp pruning

For internal purpose | Confidential 72


Section 17

Access Control Lists (ACLs)

Access control lists is used not only to filter traffic, but also to identify traffic.

Access lists are a set of rules or written statements, organized in a rule table. Each rule or line in
an access-list provides a condition, to either permit or deny:
When access-list is used to filter traffic, and when the permit statement is used, it means to
allow the traffic and when a deny statement is used it means to block the traffic.
And as with the second functionality of using an access list to identify traffic, the permit
statement is used to include traffic and a deny statement is used to not to include the traffic.

Examples of filtering traffic:

Permit only a particular host to telnet to a router not others


Permit only HTTP traffic from one network to an other and at the same time block all other
traffic.

Examples of identifying traffic:

• Identifying interesting traffic to bring up an ISDN link or VPN tunnel


• Identifying routes to filter or allow in routing updates
• Identifying traffic for QoS purposes

Here will be working with ACL to filter traffic:

After configuring ACL or set of rules, these ACL are applied on interfaces. When a packet enters
or exits an interface with an ACL applied, the packet is compared against the criteria of the ACL.
If the packet matches the first line of the ACL, the appropriate action as to whether permit or
deny is taken. If there is no match, then the second line criteria is examined. Again, if there is a
match, the appropriate action is taken; if there is no match, the third line of the ACL is compared
to the packet and the process continues until a match is found, at which time the ACL stops
running. If no match is found, then there is an implicit ‘deny all’ at the end of all access lists
which will deny all traffic. You don‟ t create it, and you can‟ t delete it. Thus, access lists that
contain only deny statements will prevent all traffic.

Access lists are applied either inbound or outbound Inbound ACL: Packets received on an
interface will be checked against ACL and then Routing table before sending the packets out.
Outbound ACL: Here Packets will be checked against routing table and then ACL before
leaving the Router.
For internal purpose | Confidential 73
Only one access list per interface, per protocol, per direction is allowed. More specific and
frequently used rules should be at the top of your access list, to optimize CPU usage. New entries
to an access list are added to the bottom. You cannot remove individual lines from numbered
access list. You must delete and recreate the access to truly make changes. Types of Access
Lists

There are two categories of access lists: numbered and named.

Numbered access lists is based on several ranges of numbers dedicated to a specific protocol,
ACL are defined. Example:
1–99 IP standard access list
100-199 IP extended access list
1300-1999 IP standard access list (expanded range)
2000-2699 IP extended access list (expanded range)

Named access lists provide a bit more flexibility. Descriptive names can be used to identify your
access-lists. Additionally, individual lines can be added and removed from a named accesslist.
However, like numbered lists, all new entries are still added to the bottom of the access list.

Standard IP Access List

Standard IP access-lists are based upon the source host or network IP address, and should be
placed closest to the destination network.

Example:

access-list 10 permit 192.168.10.0 0.0.0.255

This list allows traffic from all addresses in the range 192.168.10.0 to 192.168.10.255

Extended IP Access List

Extended IP access-lists block based upon the source IP address, destination IP address, and TCP
or UDP port number. Extended access-lists should be placed closest to the source network.

Example:

access-list 101 permit tcp 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255 eq 80


ACL 100 says to permit only HTTP traffic originating from any address on the 192.168.10.0/24 network
to 192.168.20.0/24 network.

For internal purpose | Confidential 74


Standard IP Access List Example:

Syntax: access-list [1-99] [permit | deny] [source address] [wildcard mask] [log]

Router A:
Fa0/0 – 192.168.20.1 /24, Fa0/1- 192.168.30.1 /24

Router B:
Fa0/0 – 192.168.30.2 /24, Fa0/1- 192.168.40.1 /24

Example: To block Hosts in network 192.168.20.0 from accessing the hosts in the 192.168.40.0
network

RouterB(config)# access-list 10 deny 192.168.20.0 0.0.0.255


RouterB(config)# access-list 10 permit any

To apply this access list,

RouterB(config)# int fa0/1


RouterB(config-if)# ip access-group 10 out

Extended IP Access List Example:

Syntax: access-list [100-199] [permit | deny] [protocol] [source address] [wildcard mask]
[destination address] [wildcard mask] [operator [port]] [log]

For internal purpose | Confidential 75


Router A:
Fa0/0 – 192.168.20.1 /24, Fa0/1- 192.168.30.1 /24

Router B:
Fa0/0 – 192.168.30.2 /24, Fa0/1- 192.168.40.1 /24

Example: If a file server is on the 192.168.40.x network with an IP address of 192.168.40.2. To


block network 192.168.30.0 from accessing anything on the 192.168.40.0 network, EXCEPT for
the FTP port on the file server.

RouterA(config)# access-list 101 permit tcp 192.168.20.0 0.0.0.255 host 192.168.40.2 eq 20


RouterA(config)# access-list 101 permit tcp 192.168.20.0 0.0.0.255 host 192.168.40.2 eq 21
RouterA(config)# access-list 101 deny ip192.168.20.0 0.0.0.255 192.168.40.0 0.0.0.255
RouterA(config)# access-list 101 permit ip any any

To apply this access list:

RouterB(config)# int fa0/0


RouterB(config-if)# ip access-group 101 in

Telnet Access List Example

Even though telnet access can be restricted using extended ACL it would be of more overhead
on Routers memory since it has to check for each packet entering or leaving the router, hence
we use telnet access lists which gives us the flexibility of applying the same on telnet lines rather
on an interface.

For internal purpose | Confidential 76


Router A:
Fa0/0 – 192.168.20.1 /24, Fa0/1- 192.168.30.1 /24

Router B:
Fa0/0 – 192.168.30.2 /24, Fa0/1- 192.168.40.1 /24

Example: Create an access list that prevents anyone from 192.168.40.x network from telneting
into Router A, but allow all other networks telnet access to RouterA.

RouterA(config)# access-list 10 deny 192.168.40.0 0.0.0.255


RouterA(config)# access-list 10 permit any

To apply it to telnet line:

RouterA(config)# line vty 0 4


RouterA(config-line)# access-class 10 in

Access lists can be verified using:

Router# show access-list 101


Router# show ip interface

For internal purpose | Confidential 77


Section 18

WAN – Wide Area Network

WAN spans a large geographic area, such as a state, province or country. WANs often connect
multiple smaller networks, such as local area networks or metro area networks.
The world's most popular WAN is the Internet. WANs generally utilize different and much more
expensive networking equipment than do LANs. Key technologies often found in WANs include
SONET, Frame Relay, and ATM.

WAN Connection Types


WANs are generally grouped into three separate connection types:
• Point-to-Point technologies
• Circuit-switched technologies
• Packet-switched technologies

Point-to-Point connection also known as leased line is used to provide full connectivity between
two sites in a point-to-point manner. This type of connection is purchased from the telephone
company and uses a permanent path through the Telco‟ s infrastructure, from one site to
another. There is no call setup and teardown, which means the circuit, is always available.

Since the company owns the line, it has full use of the bandwidth, whether it is used or not. The
speed of the link can range up to a T3, which is approximately 45 Mbps. This is a very costly
connection type as the distance increases. This type of connection is usually done with a
synchronous serial type of connection. Cisco supports this type with virtually all of their routers,
using one or more different types of synchronous serial connections, including EIA/TIA-232

V.35

HSSI
In Circuit-Switched Connections the circuit, or dedicated path, is created when the call is
initiated to the remote site and the circuit is destroyed when the call ends. The best example of
a circuit-switched network is the Public Switched Telephone Network (PSTN). There are two
For internal purpose | Confidential 78
types of circuit-switched connections available: Asynchronous and ISDN (Integrated
Services Digital Network).

Asynchronous circuits for data transfer are accomplished through a modem and the use of
the telephone network. The cost is less when compared to other types of WAN connections,
but at the same time low bandwidth is available. Depending on the setup of the connection, the
best that can be accomplished is 56 Kbps.

ISDN has two flavors that are used for WAN connections. The first is Basic Rate Interface (BRI)
and has a maximum bandwidth of 128 Kbps and the other is Primary Rate Interface (PRI) and can
reach speeds up to 2 Mbps.

Packet-Switched Connections is a method where two or more sites are connected through
a shared network, typically called a cloud. By shared network, we mean that more than one
company has access to the cloud. Remote sites are connected via a virtual circuit (VC) that allows
data to traverse the cloud and arrive at the correct location. Within the cloud, each packet can
take a different path to reach the final destination. Because the data travels through a shared
cloud, the cost tends to be lower than the same bandwidth used for a dedicated line. Although
usually more expensive and not as freely available as circuit-switched networks, the additional
bandwidth is up to T1 speeds. Also, it is cheaper over longer distances than dedicated lines.

WAN Terminologies

For internal purpose | Confidential 79


Router of the customer is connected to a CSU/DSU (Channelized Service Unit/Data Service
Unit), which provides the clocking and channelization for T1 or T3 technology. The CSU/DSU
converts the signal for use on an Ethernet or other LAN technology network. If other WAN
technology is used then a different device will be required, like

• ISDN – a terminal adapter


• Dialup – a modem

The Demarc refers to the point of last responsibility for the service provider. All equipment on
the Customer Premises side of the Demarc is the customer‟ s responsibility to maintain.

The Smart Jack physically terminates the T1 line. If there is a connectivity issue, the provider will
perform a ping test to the smart jack.

The Local Loop or Last Mile refers to the physical line connecting from the Customer Premises
to the provider‟ s nearest Central Office (CO).

Protocols Used on WANs

There are many different types of protocols used on WAN. These protocols all operate at layer
2 (at least) of the OSI model (data-link layer).

Point-to-Point Protocol (PPP)


Serial Line Internet Protocol (SLIP)
High-Level Data Link Control (HDLC)
Frame Relay (FR)
X.25

For internal purpose | Confidential 80


Section 19

PPP and HDLC

High-Level Data-link Control (HDLC) is a WAN encapsulation protocol used on dedicated point-
to-point serial lines. Though HDLC is technically an ISO standard protocol, Cisco‟ s
implementation of HDLC is proprietary, and will not work with other routers. HDLC is also
Cisco‟ s default encapsulation type for serial point-to-point links. HDLC provides no
authentication mechanism.

Point-to-Point Protocol (PPP) is a standardized WAN encapsulation protocol that can be


used on a wide variety of WAN technologies, including:

• Serial dedicated point-to-point lines


• Asynchronous dial-up (essentially dialup)
• ISDN

PPP uses:

• LCP – for establishing, setting-up, and terminating point-to-point links


• NCP – allows multiple Layer-3 protocols (such as IP and IPX) to be encapsulated into
frames

PPP Features:

• Authentication
• Compression
• Multi-link
• Error Control

Configuring HDLC

Router(config)# int s0/0


Router(config-if)# encapsulation hdlc

Configuring PPP

Router(config)# int s0/0


Router(config-if)# encapsulation ppp
For internal purpose | Confidential 81
PPP Authentication Methods

PPP supports PAP (Password Authentication Protocol) and CHAP (Challenge


Handshake Authentication Protocol). PAP sends passwords in clear text, and thus does not
provide much security. CHAP uses MD5 to apply an irreversible hash.

To configure PPP authentication:

Router(config)# hostname RouterA


RouterA(config)# username RouterB password P@ssw0rd
RouterA(config)# int s0/0
RouterA(config-if)# ppp authentication chap

After setting the hostname the username and password used for PPP authentication is set. The
username must be the hostname of the remote router, and the password must be the same on
both routers.

The above configuration sets the authentication to chap. To instead configure pap authentication:

Router(config)# int s0/0


Router(config-if)# ppp authentication pap

To view the encapsulation configured on the interface:

Router# show interface s0/0

To troubleshoot PPP authentication:

Router# debug ppp authentication

For internal purpose | Confidential 82


Section 20
Frame Relay

Frame-Relay is a packet-switched technology, which shares bandwidth between users on the


switched network. Frame-relay costs less compared to dedicated, leased Lines.

All customer devices connect into the frame relay cloud, this cloud contains many Frame-Relay
switches and routers. Virtual circuits (VC) must be created for each end to end
communication. A VC is a one-way path through the Frame-Relay cloud.

In the above example, in order to establish full communication between all the four, A virtual
circuit between all of them which can be calculated using the formula n(n-1)/2, which in this case
would be 6 Virtual Circuits. Frame-relay circuits can either be permanent (PVC), or switched
(SVC). A permanent virtual circuit is always kept active and most commonly used virtual circuit.
A switched virtual circuit is created and terminated as and when required like a circuit switched
network. Like in Ethernet where Layer 2 to layer 3 mapping with respect to MAC Address and
IP Address, Frame relay uses Data Link Connection Identifiers (DLCIs) to create virtual
circuits. Frame-Relay switches make forwarding decisions based on DLCIs.

Frame-Relay Encapsulation Types

Cisco supports two types Frame relay encapsulations.

• Cisco – the default, and proprietary, Frame-Relay encapsulation


• IETF – the standardized Frame-Relay encapsulation.

By default it uses Cisco Frame encapsulation.

Frame-Relay Local Management Interface (LMI)

For internal purpose | Confidential 83


LMI is the type of signaling used between the customer router and provider‟ s Frame-Relay
switch. LMI provides status updates of Virtual Circuits between the Frame switch and the router.
It is also the keepalive mechanism.

There are three LMI-types:

• Cisco – default and proprietary (naturally)


• ANSI
• Q.933a

Frame Relay Point –to-Point Configuration:

INDIA SINGAPORE

Router Configuration on INDIA

INDIA(config)# int s0
INDIA(config-if)# ip address 192.168.30.1 255.255.0.0
INDIA(config-if)# encapsulation frame-relay
INDIA(config-if)# frame-relay lmi-type cisco
INDIA(config-if)# frame-relay interface-dlci 102
INDIA(config-if)# no shut

Router Configuration on SINGAPORE

SINGAPORE (config)# int s0


SINGAPORE (config-if)# ip address 192.168.30.2 255.255.0.0
SINGAPORE (config-if)# encapsulation frame-relay
SINGAPORE (config-if)# frame-relay lmi-type cisco
SINGAPORE (config-if)# frame-relay interface-dlci 102
SINGAPORE (config-if)# no shut

The frame-relay interface-dlci command identifies the one-way PVC on a point-to-point


connection. DLCI between INDIA – SINGAPORE is 102. DLCI between SINGAPORE - INDIA
is 201. These DLCI numbers are assigned by the provider, as the provider‟ s Frame switch is
configured with the appropriate DLCI information.
Router can get all PVC and DLCI information directly from the Frame-Relay switch via LMI, using
Inverse-ARP. Inverse-ARP is enabled by default on Cisco routers.

If Inverse-ARP has to be disabled on an interface the following command is used:


For internal purpose | Confidential 84
Router(config)# int s0/0
Router(config-if)# no frame-relay inverse-arp

Frame Relay Multipoint / Full Mesh Configuration:

Router Configuration on INDIA

INDIA(config)# int s0
INDIA(config-if)# ip address 192.168.30.1 255.255.0.0
INDIA(config-if)# encapsulation frame-relay ietf
INDIA(config-if)# frame-relay lmi-type cisco
INDIA(config-if)# no frame-relay inverse-arp
INDIA(config-if)# frame-relay map ip 192.168.30.2 102 broadcast
INDIA(config-if)# frame-relay map ip 192.168.30.3 103 broadcast
INDIA(config-if)# no shut

Router Configuration on SINGAPORE

SINGAPORE (config)# int s0


SINGAPORE (config-if)# ip address 192.168.30.2 255.255.0.0
SINGAPORE (config-if)# encapsulation frame-relay ietf
SINGAPORE(config-if)# frame-relay lmi-type cisco
SINGAPORE (config-if)# no frame-relay inverse-arp
SINGAPORE (config-if)# frame-relay map ip 192.168.30.1 201 broadcast
SINGAPORE (config-if)# frame-relay map ip 192.168.30.3 203 broadcast
SINGAPORE (config-if)# no shut

For internal purpose | Confidential 85


For internal purpose | Confidential 86
Router Configuration on MALAYSIA

MALAYSIA(config)# int s0
MALAYSIA (config-if)# ip address 192.168.30.1 255.255.0.0
MALAYSIA(config-if)# encapsulation frame-relay ietf
MALAYSIA(config-if)# frame-relay lmi-type cisco
MALAYSIA(config-if)# no frame-relay inverse-arp
MALAYSIA(config-if)# frame-relay map ip 192.168.30.1 301 broadcast
MALAYSIA(config-if)# frame-relay map ip 192.168.30.2 302 broadcast
MALAYSIA(config-if)# no shut

Full-mesh Frame-Relay environments can get quite expensive. Partial-mesh environments are
often more cost-effective. Example of partial Mesh topology is hub-and-spoke, with one central
or hub location that connects all other locations called spokes. In a partial-mesh environment,
if both spokes terminate on the Hub router‟ s physical serial interface, splithorizon will prevent
one spokes network reaching the other spokes. To overcome this, at Hub we can use sub-
interfaces with different subnets creating Point-to-point links with each spoke.

Frame-Relay Commands:

Router# show frame-relay pvc Displays information about each PVC


Router# show frame-relay map Displays Frame-Relay DLCI-mappings,
Router# show frame-relay lmi Displays the LMI-type and traffic on each interface.
Router# debug frame-relay lmi Used in troubleshooting communication problems
between the router and Frame-Relay Switch
Router# debug frame-relay Displays packets received on a Frame-Relay interface:
Router# debug frame- Displays Frame Relay packets sent on a interface:
relay packet

For internal purpose | Confidential 83


Section 21

NAT -Network Address Translation

IP Address can be either Private Address or Public Address,

A public address is a unique address on the internet and can be routed on the Internet. Hence
devices that should be Internet accessible must be configured with public addresses.

A private address is only used within an organization, and can never be routed on the internet.
Three private addressing ranges were allocated, one for each IPv4 class:

Class Range
Class A 10.0.0.0 – 10.255.255.255
Class B 172.16.0.0 – 172.31.255.255
Class C 192.168.0.0 – 192.168.255.255

NAT is used to translate between private addresses and public addresses. NAT allows devices
configured with a private address to be changed to public address and vice versa allowing those
devices to communicate across the Internet.

NAT helps in conserving IP Address

NAT provides an additional benefit – hiding the specific addresses and addressing structure of
the internal network.

NAT Types

Static NAT – Static NAT does an one-to-one translation between two addresses, or between
a port on one address to a port on another address. Static NAT is most often used to assign a
public address to a device behind a NAT-enabled firewall/router.

Dynamic NAT – Uses a pool of global addresses to dynamically translate the outbound traffic
of clients.

NAT Overload or Port Address Translation (PAT) – Translates to a single global address
with unique port numbers. PAT is necessary when the number of internal clients exceeds the
available global addresses.

For internal purpose | Confidential 85


84
NAT Terminology

Inside Local – the specific IP address assigned to an inside host – usually a Private address.
Inside Global – the address that identifies an inside host to the outside world - usually a public
address.
Outside Global – the address assigned to an outside host - usually a public address at the
remote site.
Outside Local – the address that identifies an outside host to the inside network.

Configuration of NAT

Configuring Static NAT

Router(config)# int e0/0


Router(config-if)# ip nat inside
Router(config)# int s0/0
Router(config-if)# ip nat outside
Router(config)# ip nat inside source static 192.168.20.1 128.168.1.1

The above command translates Inside Local address of 192.168.20.1 to inside global of
128.168.1.1. Also the inside and outside interfaces are identified:

Configuring Dynamic NAT

Router(config)# int e0/0


Router(config-if)# ip nat inside
Router(config)# int s0/0
Router(config-if)# ip nat outside
Router(config)# ip nat pool Outpool 128.168.1.1 128.168.1.62 netmask 255.255.255.192
Router(config)# access-list 10 permit 192.168.20.0 0.0.0.255
Router(config)# ip nat inside source list 10 pool Outpool

The above command creates a Pool of Inside Global IP‟ s in the name of Outpool, so that the
clients as identified by the ACL can pick an address dynamically from the pool before exiting the
network. Also the inside and outside interfaces are identified:

For internal purpose | Confidential 85


Configuring NAT Overload (or PAT)

Router(config)# int e0/0


Router(config-if)# ip nat inside
Router(config)# int s0/0
Router(config-if)# ip nat outside
Router(config)# ip nat inside source list 10 interface Serial0/0 overload Router(config)#
access-list 10 permit 192.168.20.0 0.0.0.255

Any inside host with a source that matches access-list 10 will be translated with overload to the
IP address configured on the Serial0/0 interface. Also the inside and outside interfaces are
identified.

NAT Commands

Router# show ip nat translations Displays all current static and dynamic translations
Router# show ip nat statistics Displays an interface Status of inside or outside, displays
NAT translations statistics:
Router# debug ip nat Displays NAT translations in real-time
Router# clear ip nat translation Clear all dynamic NAT entries from the translation table

For internal purpose | Confidential 86


Wipro Network Handout

Shivaramakrishna. S, 2 x CCIE #24937, (Routing & Switching, Service Provider),


MCT #3089724, IPv6 Certified Engineer (GOLD), CCNP, CCIP, MCSE – NT, 2K to 2K12,
MCITP, MCDBA, JNCIA – JUNOS, RHCSAv7, RHCEv7, VCP5-DCV
shivaramakrishna.seetharaman@wipro.com

For internal purpose only | Confidential 87

You might also like