CCNA: IP Addressing

An IP address is a unique logical identifier for a node or host connection on an IP network. An IP address is a 32 bit binary number, and represented as 4 decimal values of 8 bits each. The decimal values range from 0 to 255. This is known as "dotted decimal" notation. Example: 192.189.210.078 It is sometimes useful to view the values in their binary form. 192 .189 .210 .078 11000000.10111101.11010010.1001110 Every IP address consists of network identifier and node identifier. The IP network is divided based on Class of network. The class of network is determined by the leading bits of the IP address as shown below.

Address Classes
There are 5 different address classes. You can determine which class any IP address is in by examining the first 4 bits of the IP address.

Class A addresses begin with 0xxx, or 1 to 126 decimal. Class B addresses begin with 10xx, or 128 to 191 decimal. Class C addresses begin with 110x, or 192 to 223 decimal. Class D addresses begin with 1110, or 224 to 239 decimal. Class E addresses begin with 1111, or 240 to 254 decimal.

Addresses beginning with 01111111, or 127 decimal, are reserved for loopback and for internal testing on a local machine. Class D addresses are reserved for multicasting. Class E addresses are reserved for future use. They should not be used for host addresses. Now we can see how the Class determines, by default, which part of the IP address belongs to the network (N) and which part belongs to the Host/node (H).

Class A: NNNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH Class B: NNNNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH Class C: NNNNNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH

In the example, 192.189.210.078 is a Class C address so by default the Network part of the address (also known as the Network Address) is defined by the first three octets (192.189.210.XXX) and the node part is defined by the last one octets (XXX.XXX.XXX.078).

In order to specify the network address for a given IP address, the node section is set to all "0"s. In our example, 192.189.210.0 specifies the network address for 192.189.210.078. When the node section is set to all "1"s, it specifies a broadcast that is sent to all hosts on the network. 192.189.210.255 specifies the broadcast address.

Private Subnets
There are three IP network addresses reserved for private networks. The addresses are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. They can be used by anyone setting up internal IP networks, such as an intranet. Internet routers never forward the private addresses over the public Internet.

CCNA: Subnet masking

Subnetting an IP Network is done primarily for better utilization of available IP address space, and routing purpose. Other reasons include better organization, use of different physical media (such as Ethernet, WAN, etc.), and securing network resources. A subnet mask enables you to identify the network and node parts of the address. The network bits are represented by the 1s in the mask, and the node bits are represented by the 0s. A logical AND operation between the IP address and the subnet mask provides the Network Address. For example, using our test IP address and the default Class C subnet mask, we get: 192.189.210.078: 1100 0000.1011 1101.1101 0010.0100 1110 Class C IP Address 255.255.255.000: 1111 1111.1111 1111.1111 1111.0000 0000 Default Class C subnet mask 192.189.210.0 1100 0000 1011 1101 1101 0010 0000 0000

As can be seen above, by using and AND operator, we can compute the network portion of an IP address. The network portion for the IP address given in the above example is 192.189.210.0, and the host portion of the IP address is 078.
Given below is a table that provides binary equivalent of decimal values.

For binary conversion, take first octet of a given IP address (in dotted decimal form), and lookup the binary value. Then take the second octet and lookup the binary value, and so on.
Binary Conversion Table Decimal 0 Binary Decimal 0000 0000 64 Binary Decimal 0100 0000 128 Binary Decimal 1000 0000 192 Binary 1100 0000

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

0000 0001 0000 0010 0000 0011 0000 0100 0000 0101 0000 0110 0000 0111 0000 1000 0000 1001 0000 1010 0000 1011 0000 1100 0000 1101 0000 1110 0000 1111

65 66 67 68 69 70 71 72 73 74 75 76 77 78 79

0100 0001 0100 0010 0100 0011 0100 0100 0100 0101 0100 0110 0100 0111 0100 1000 0100 1001 0100 1010 0100 1011 0100 1100 0100 1101 0100 1110 0100 1111

129 130 131 132 133 134 135 136 137 138 139 140 141 142 143

1000 0001 1000 0010 1000 0011 1000 0100 1000 0101 1000 0110 1000 0111 1000 1000 1000 1001 1000 1010 1000 1011 1000 1100 1000 1101 1000 1110 1000 1111

193 194 195 196 197 198 199 200 201 202 203 204 205 206 207

1100 0001 1100 0010 1100 0011 1100 0100 1100 0101 1100 0110 1100 0111 1100 1000 1100 1001 1100 1010 1100 1011 1100 1100 1100 1101 1100 1110 1100 1111

16 17 18 19 20 21

0001 0000 0001 0001 0001 0010 0001 0011 0001 0100 0001 0101

80 81 82 83 84 85

0101 0000 0101 0001 0101 0010 0101 0011 0101 0100 0101 0101

144 145 146 147 148 149

1001 0000 1001 0001 1001 0010 1001 0011 1001 0100 1001 0101

208 209 210 211 212 213

1101 0000 1101 0001 1101 0010 1101 0011 1101 0100 1101 0101

22 23 24 25 26 27 28 29 30 31

0001 0110 0001 0111 0001 1000 0001 1001 0001 1010 0001 1011 0001 1100 0001 1101 0001 1110 0001 1111

86 87 88 89 90 91 92 93 94 95

0101 0110 0101 0111 0101 1000 0101 1001 0101 1010 0101 1011 0101 1100 0101 1101 0101 1110 0101 1111

150 151 152 153 154 155 156 157 158 159

1001 0110 1001 0111 1001 1000 1001 1001 1001 1010 1001 1011 1001 1100 1001 1101 1001 1110 1001 1111

214 215 216 217 218 219 220 221 222 223

1101 0110 1101 0111 1101 1000 1101 1001 1101 1010 1101 1011 1101 1100 1101 1101 1101 1110 1101 1111

32 33 34 35 36 37 38 39 40 41 42

0010 0000 0010 0001 0010 0010 0010 0011 0010 0100 0010 0101 0010 0110 0010 0111 0010 1000 0010 1001 0010 1010

96 97 98 99 100 101 102 103 104 105 106

0110 0000 0110 0001 0110 0010 0110 0011 0110 0100 0110 0101 0110 0110 0110 0111 0110 1000 0110 1001 0110 1010

160 161 162 163 164 165 166 167 168 169 170

1010 0000 1010 0001 1010 0010 1010 0011 1010 0100 1010 0101 1010 0110 1010 0111 1010 1000 1010 1001 1010 1010

224 225 226 227 228 229 230 231 232 233 234

1110 0000 1110 0001 1110 0010 1110 0011 1110 0100 1110 0101 1110 0110 1110 0111 1110 1000 1110 1001 1110 1010

43 44 45 46 47

0010 1011 0010 1100 0010 1101 0010 1110 0010 1111

107 108 109 110 111

0110 1011 0110 1100 0010 1101 0110 1110 0110 1111

171 172 173 174 175

1010 1011 1010 1100 1010 1101 1010 1110 1010 1111

235 236 237 238 239

1110 1011 1110 1100 1010 1101 1110 1110 1110 1111

48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63

0011 0000 0011 0001 0011 0010 0011 0011 0011 0100 0011 0101 0011 0110 0011 0111 0011 1000 0011 1001 0011 1010 0011 1011 0011 1100 0011 1101 0011 1110 0011 1111

112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127

0111 0000 0111 0001 0111 0010 0111 0011 0111 0100 0111 0101 0111 0110 0111 0111 0111 1000 0111 1001 0111 1010 0111 1011 0111 1100 0111 1101 0111 1110 0111 1111

176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191

1011 0000 1011 0001 1011 0010 1011 0011 1011 0100 1011 0101 1011 0110 1011 0111 1011 1000 1011 1001 1011 1010 1011 1011 1011 1100 1011 1101 1011 1110 1011 1111

240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255

1111 0000 1111 0001 1111 0010 1111 0011 1111 0100 1111 0101 1111 0110 1111 0111 1111 1000 1111 1001 1111 1010 1111 1011 1111 1100 1111 1101 1111 1110 1111 1111

Example Question: Which of the following is a Class C IP address? A. 10.10.14.118 B. 135.23.112.57 C. 191.200.199.199 D. 204.67.118.54

Correct Answer: D. Explanation: IP addresses are written using decimal numbers separated by decimal points. This is called dotted decimal notation of expressing IP addresses. The different classes of IP addresses is as below: Class Format Leading Bit pattern Network address Range Maximum networks Maximum hosts 16,777,214 65,534 254

A B C

N.H.H.H N.N.H.H N.N.N.H

0 10 110

0-126 128-191 192-223

127 16,384 2,097,152

Network address of all zeros means "This network or segment". Network address of all 1s means " all networks", same as hexadecimal of all Fs. Network number 127 is reserved for loopback tests. Host (Node) address of all zeros mean "This Host (Node)". Host (Node) address of all 1s mean "all Hosts (Nodes) " on the specified network.

CCNA: Subnet masking -II

What we discussed in the previous section is Classful subnet masking. A Subnetmask normally contains the host portion of the bits also. This is called Classless Inter Domain Routing (CIDR). This will enable more networks for a given class of network address. For example, allowing 3 host bits towards subnet portion in our previous IP address, will allow us to offer 2X2X2 or 8 additional subnetworks. Traditionally, all zeros, and all ones subnets are not used, and hence we are left with 6 subnets.

192.189.210.078: 1100 0000.1011 1101.1101 0010.0100 1110 Class C IP Address 255.255.255.224: 1111 1111.1111 1111.1111 1111.1110 0000 Class C subnet mask with 3 additional bits of host portion used for Subnetting. Broadcast address: 1100 0000.1011 1101.1101 0010.0101 1111 :192.189.210.95 The above is the broadcast address for a given subnet (192.189.210.078). Under Classful routing, the broadcast address would have been 192.189.210.255. Note that by using Subnetting, we are able to increase the number of networks available within a given IP address. On the otherhand, we will be loosing the number of hosts available within a subnet to 24 or 16 hosts per subnet. Again, all zeros, and all ones host addresses are traditionally reserved for other purposes. CIDR (Classless InterDomain Routing) notation: Subnet mask is also represented as below: 192.189.210.078/27, where 27 is the number of bits in the network portion of the IP address. Why use CIDR? Normally, ISPs allocate the IP addresses for individuals or Corporates. The reason being that it is almost impossible to allocate a classful IP address to every individual or a corporate. Using CIDR, the biggest ISPs are given large pool of IP address space. The ISP's customers such as individual or Corporates are then allocated networks from the big ISP's pool. This kind of arrangement will enable efficient management and utilization of the Internet. Classful addresses can easily be written in CIDR notation Class A = A.B.C.D/8, Class B = A.B.C.D/16, and Class C = A.B.C.D/24 Where A,B,C,D are dotted decimal octets. Example Question: You have an IP of 156.233.42.56 with a subnet mask of 7 bits. How many hosts and subnets are possible? A. 126 hosts and 510 subnets B. 128 subnets and 512 hosts C. 510 hosts and 126 subnets D. 512 subnets and 128 hosts

Correct answer: C Explanation: Class B network has the form N.N.H.H, the default subnet mask is 16 bits long. There is additional 7 bits to the default subnet mask. The total number of bits in subnet are 16+7 = 23. This leaves us with 32-23 =9 bits for assigning to hosts. 7 bits of subnet mask corresponds to (2^7-2)=128-2 = 126 subnets. 9 bits belonging to host addresses correspond to (2^9-2)=512-2 = 510 hosts.

CCNA: Routing Fundamentals

When IP packets travel over the Internet, routing information is exchanged between the devices that control the flow of information over the Internet. These devices are known as routers, and they use the IP address as the basis for controlling the traffic. These devices need to talk the same language to function properly, though they belong to different administrative domains. For example, one router may be in Newyork(US), and the receiving router may be in London (UK). It is necessary that a routing protocol is followed for smooth flow of traffic. Given below are the widely used routing protocols for routing Internet traffic:

RIP v1 RIP v2 OSPF IGRP EIGRP BGP

Notations used: Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Interior Gateway Routing Protocol (IGRP), Enhanced Interior Gateway Routing Protocol (EIGRP), and Border Gateway Protocol (BGP). One often get confused between a routing protocol and a routed protocol. A routing protocol such as RIP is used to route information packets over the Internet, where as a routed protocol such as IP (or IPX) is the payload (contains data) that get routed from source to the destination. Routing protocols are primarily distinguished into three types:

Distance Vector Protocols Link State Protocols

Hybrid Protocols

RIP is an example of distance vector protocol. IS-IS is an example of Hybrid protocol, and OSPF is an example of Link State Protocol. The table below provides the routing protocol used with different routed protocols:
Routing Protocol RIP, OSPF,IS-IS, BGP,EIGRP RIP, NLSP, EIGRP RTMP, EIGRP Routed Protocol IP IPX AppleTalk

The list of routed, and routing protocols given in the above table is not complete, and given to serve as an example only. Routing Metric: This is a fundamental measure that routing protocols use for determining appropriate route to deliver packets. Each routing protocol uses its own measure of metric, and a sample of routing metrics used by different routing protocols is given below:
Routing Protocol RIPv2 EIGRP OSPF IS-IS Metric Hop count Bandwidth, Delay, Load, Reliability, and MTU Cost (Higher bandwidth indicates lower cost) Cost

The best route in RIP is determined by counting the number of hops required to reach the destination. A lower hop count route is always preferred over a higher hop count route. One disadvantage of using hop count as metric is that if there is a route with one additional hop, but with significantly higher bandwidth, the route with smaller bandwidth is taken. This is illustrated in the figure below:

The RIP routed packets take the path through 56KBPS link since the destination can be reached in one hop. Though, the alternative provides a minimum bandwidth of 1MBPS (though using two links of 1MBPS, and 2MBPS each), it represents 2 hops and not preferred by the RIP protocol.

Link State vs. Distance Vector

Distance Vector routing protocols usually send their entire routing table to their nearest neighbors at regular intervals. A router that receives several such routing tables filter the routes and arrive at its own and retransmits it to its neighbouring routers. There will some period of time where different routers hold non-optimized routes initially. After some time, known as convergence time, a final routing table is arrived at by all the routers. A faster convergence time results in a stable network. RIP, as mentioned earlier uses hop count as the metric for computing a route to a given destination. Other Distance Vector routing protocols, such as IGRP, improve on this by using hop count, bandwidth, current load, cost, and reliability to determine the best path. Link State routing protocols usually send only the routing changes to every other router within their area. Unlike Distance Vector, routers using Link State routing protocols maintain a picture of the entire network. A router can use this network wide information to determine the best route for traffic. Example Question: What is true about IP routing? A. The frame changes at each hop B. The source IP address changes at each hop C. The destination IP address changes at each hop

D. The hardware interface addresses remain constant Correct answer: A Explanation: IP Packets are transported from source network to the destination network by what is known as routing. Hop-by-hop routing model is used by the Internet for delivery of packets. At each hop, the destination IP address is examined, the best next hop is determined by the routing protocol (such as RIP, OSPF or BGP) and the packet is forwarded by one more hop through this route. The same process takes place at the next hop. During this process, the logical addresses remain same. In an IP network, the logical addresses are IP addresses. The hardware interface addresses, such as MAC address change with each hop.

RIP Routing Fundamentals

RIP stands for Routing Information Protocol. RIP is a dynamic, distance vector routing protocol and was developed for smaller IP based networks. As mentioned earlier, RIP calculates the best route based on hop count. There are currently two versions of RIP protocol.

RIPv1, and RIPv2

RIPv1: RIP version 1 is among the oldest protocols. Limitations of RIPv1: 1. Hop Count Limit: Destination that is more than 15 hops away is considered unreachable by RIPv1. 2. Classful Routing Only: RIP is a classful routing protocol. RIPv1 doesn't support classless routing. RIP v1 advertises all networks it knows as classful networks, so it is not possible to subnet a network using RIP v1. 3. Metric limitation: The best route in RIP is determined by counting the number of hops required to reach the destination. A lower hop count route is always preferred over a higher hop count route. One disadvantage of using hop count as metric is that if there is a route with one additional hop, but with significantly higher bandwidth, the route with smaller bandwidth is taken. This is illustrated in the figure below:

The RIP routed packets take the path through 56KBPS link since the destination can be reached in one hop. Though, the alternative provides a minimum bandwidth of 1MBPS (though using two links of 1MBPS, and 2MBPS each), it represents 2 hops and not preferred by the RIP protocol.

Features of RIP v2:

RIP v2 is a revised version of its predecessor RIP v1. The following are the important feature enhancements provided in RIPv2: 1. RIPv2 packets carry the subnet mask in each route entry, making RIPv2 a classless routing protocol. It provides support for variable-length subnet masking (VLSM) and classless addressing (CIDR). 2. Next Hop Specification: In RIPv2, each RIP entry includes a space where an explicit IP address can be entered as the next hop router for datagrams intended for the network in that entry. For example, this field can be used when the most efficient route to a network is through a router that is not running RIP. Since, that a router will not exchange RIP messages, explicit Next Hop field allows the router to be selected as the next hop router. 3. Authentication: RIPv1 does not support authentication. This loophole may be used maliciously by hackers, that may resulting in delivering the data packets to a fictitious destination as determined by the hacker. RIPv2 provides a basic authentication scheme, so that a router can accept RIP messages from a neighboring router only after ascertaining its authenticity. 4. Route Tag: Each RIPv2 entry includes a Route Tag field, where additional information about a route can be stored. It provides a method for distinguishing between internal routes (learned by RIP) and external routes (learned from other protocols).

Limitations of RIP v2:

One of the biggest limitations of RIPv1 still remains with RIPv2. It is hop count limitation, and metric. The hop count of 16 still remains as unreachable, and the metric still remains hop count. A smaller hop count limits the network diameter, that is the number of routers that can participate in the RIP network. Example Question: While the packet travels from source to destination through an Internetwork, which of the following statements are true? (Choose 2 best answers). A. The source and destination hardware (interface) addresses change B. The source and destination hardware (interface) addresses remain constant. C. The source and destination IP addresses change D. The source and destination IP addresses remain constant. Ans. A, D Explanation: While a packet travels through an Internetwork, it usually involves multiple hops. It is important to know that the logical address (IP address) of the source (that created the packet) and destination (final intended destination) remain constant, whereas the hardware (interface) addresses change with each hop.

OSPF Routing Fundamentals

OSPF stands for Open Shortest Path First. Definition: OSPF is a routing protocol used to determine the best route for delivering the packets within an IP networks. It was published by the IETF to serve as an Interior Gateway Protocol replacing RIP. The OSPF specification is published as Request For Comments (RFC) 1247. Note that OSPF is a link-state routing protocol, whereas RIP and IGRP are distance-vector routing protocols. Routers running the distance-vector algorithm send all or a portion of their routing tables in routing-update messages to their neighbors. OSPF sends link-state advertisements (LSAs) to all other routers within the same area. Information on attached interfaces, metrics used, and other variables is included in OSPF LSAs. OSPF routers use the SPF (Shortest Path First) algorithm to calculate the shortest path to each node. SPF algorithm is also known as Dijkstra algorithm.

Advantages of OSPF

OSPF is an open standard, not related to any particular vendor. OSPF is hierarchical routing protocol, using area 0 (Autonomous System) at the top of the hierarchy. OSPF uses Link State Algorithm, and an OSPF network diameter can be much larger than that of RIP. OSPF supports Variable Length Subnet Masks (VLSM), resulting in efficient use of networking resources. OSPF uses multicasting within areas. After initialization, OSPF only sends updates on routing table sections which have changed, it does not send the entire routing table, which in turn conserves network bandwidth. Using areas, OSPF networks can be logically segmented to improve administration, and decrease the size of routing tables.

Disadvantages of OSPF:

OSPF is very processor intensive due to implementation of SPF algorithm. OSPF maintains multiple copies of routing information, increasing the amount of memory needed. OSPF is a more complex protocol to implement compared to RIP.

OSPF Networking Hierarchy:

As mentioned earlier, OSPF is a hierarchical routing protocol. It enables better administration and smaller routing tables due to segmentation of entire network into smaller areas. OSPF consists of a backbone (Area 0) network that links all other smaller areas within the hierarchy. The following are the important components of an OSPF network:

Areas Area Border Routers Backbone Areas AS Boundary Routers Stub Areas Not-So-Stubby Areas Totally Stubby Area Transit Areas

ABR: Area Border Router ASBR: Autonomous System Boundary Router Areas: An area consists of routers that have been administratively grouped together. Usually, an area as a collection of contiguous IP subnetted networks. Routers that are totally within an area are called internal routers. All interfaces on internal routers are directly connected to networks within the area. Within an area, all routers have identical topological databases. Area Border Routers: Routers that belong to more than one area are called area border routers (ABRs). ABRs maintain a separate topological database for each area to which they are connected. Backbone Area: An OSPF backbone area consists of all routers in area 0, and all area border routers (ABRs). The backbone distributes routing information between different areas. AS Boundary Routers (ASBRs): Routers that exchange routing information with routers in other Autonomous Systems are called ASBRs. They advertise externally learned routes throughout the AS. Stub Areas: Stub areas are areas that do not propagate AS external advertisements. By not propagating AS external advertisements, the size of the topological databases is reduced on the internal routers of a stub area. This in turn reduces the processing power and the memory requirements of the internal routers.

Not-So-Stubby Areas (NSSA): An OSPF stub area has no external routes in it. A NSSA allows external routes to be flooded within the area. These routes are then leaked into other areas. This is useful when you have a non-OSPF router connected to an ASBR of a NSSA. The routes are imported, and flooded throughout the area. However, external routes from other areas still do not enter the NSSA.

Totally Stubby Area: Only default summary route is allowed in Totally Stubby Area. Transit Areas: Transit areas are used to pass traffic from an adjacent area to the backbone. The traffic does not originate in, nor is it destined for, the transit area.

Link State Advertisements (LSAs):

It is important to know different Link State Advertisements (LSAs) offered by OSPF protocol. Type 1: Router link advertisements generated by each router for each area it belongs to. Type 1 LSAs are flooded to a single area only.

Type 2: Network link advertisements generated by designated routers (DRs) giving the set of routers attached to a particular network. Type 2 LSAs are flooded to the area that contains the network. Type 3/4: These are summary link advertisements generated by ABRs describing inter-area routes. Type 3 describes routes to networks and is used for summarization. Type 4 describes routes to the ASBR. Type 5: Generated by the ASBR and provides links external to the Autonomous System (AS). Type 5 LSAs are flooded to all areas except stub areas and totally stubby areas. Type 6: Group membership link entry generated by multicast OSPF routers. Type 7: NSSA external routes generated by ASBR. Only flooded to the NSSA. The ABR converts LSA type 7 into LSA type 5 before flooding them into the backbone (area 0). Area Normal Stub NSSA Totally Stubby Restriction None Type 5 AS-external LSA NOT allowed Type 5 AS-external LSAs are NOT allowed, but Type 7 LSAs that convert to Type 5 at the NSSA ABR can traverse Type 3, 4 or 5 LSAs are NOT allowed except the default summary route

CCNA: Cisco IOS An Introduction

Cisco IOS (short for Internetwork Operating System) is the software used on a majority of Cisco Systems routers and switches. IOS consists of routing, switching, internetworking and telecommunications functions in a multitasking operating system. Cisco IOS has uses command line interface (CLI), and provides a fixed set of multiple-word commands. A Cisco IOS command line interface can be accessed through either a console connection, modem connection, or a telnet session. The set of commands available at any particular level is determined by the "mode" and the privilege level of the current user. Cisco IOS follows a command hierarchy, with each level offering different set of commands All commands are assigned a privilege level, from 0 to 15, and can only be accessed by users with the necessary privilege. Through the CLI, the commands available to each privilege level can be defined. Some of the widely used command hierarchy levels are given below: User EXEC level: This is the level that a connected user is allowed initially. User EXEC allows access to a limited set of basic monitoring commands. A ">" sign denotes User EXEC mode.

Privileged EXEC level: Privileged EXEC level allows access to all router commands including router configuration and management commands. This level is usually password protected for security reasons. A "#"sign denotes privileged EXEC mode. When a user is connected to a Cisco IOS, a User EXEC prompt appears. Now, the user can enter privileged EXEC mode by typing the password shown as below: Router> enable Password: [enable password] Router# configure terminal Router(config)# Global configuration mode: "Global configuration mode" provides commands to change the system's configuration. This is typically represented by "(config)#" sign as shown in the above example. Interface configuration mode: "Interface configuration mode" provides commands to change the configuration of a specific interface of the router. An interface configuration mode is denoted by "(config-in)#". A summary of Cisco IOS router command prompt is given below:
Prompt Router> Router# Router(config)# Router(config-if)# Router(config-router)# Router(config-line)# Explanation User EXEC mode Privileged EXEC mode Global configuration mode. # sign indicates this is only accessible at privileged EXEC mode. Interface level configuration mode. Routing engine level within configuration mode. Line level (vty, tty, async) within configuration mode.

Context Sensitive Help

Cisco IOS CLI offers context sensitive help. At any time during an EXEC session, a user can type a question mark (?) to get help. Two types of context sensitive help are available:

Word help and

Command syntax help.

Word help: Word help can be used to obtain a list of commands that begin with a given character string. To use word help, type in the characters in question followed immediately by the question mark (?). The following is an example of word help: Router# co? configure connect copy Command syntax help: Command syntax help can be used to obtain a list of commands, keyword, or argument options that are available starting with the keywords that the user had already entered. To use command syntax help, enter a question mark (?) after hitting a space. The router will then display a list of available command options with <cr> standing for carriage return. The following is an example of command syntax help: Router# configure ? memory Configure from NV memory network Configure from a TFTP network host terminal Configure from the terminal <cr> Cisco IOS also allows abbreviated commands support. For example, consider the following: Router#configure terminal Router(config)# Router#config term Router(config)# Both the above commands to the same job. The IOS correctly interprets the full command words. However, if there is any ambiguity, an error message is generated as below: Router(config)#c % Ambiguous command: "c" Checkout a ccna router simulator available from certexams.com. Example Question: What is the command used to add a banner to a Cisco router configuration? A. add banner B. banner motd # C. motd banner #

D. add banner #

Correct answer: B Explanation: The banner is displayed whenever anyone logs in to your Cisco router. The syntax is "banner motd # MOTD stands for "Message Of The Day". # symbol signifies the start of the banner message to the router. You will be prompted for the message to be displayed. You need to enter "#" symbol at the end of the message, signifying that the msg has ended. Alternatively, you can enter the banner in the same line as below: "banner motd # your message here# note that you need to begin and end the banner with a delimiter (here # sign).

CCNA: Access Control Lists

The Cisco Access Control List (ACL) is are used for filtering traffic based on a given filtering criteria on a router or switch interface. Based on the conditions supplied by the ACL, a packet is allowed or blocked from further movement. Cisco ACLs are available for several types of routed protocols including IP, IPX, AppleTalk, XNS, DECnet, and others. However, we will be discussing ACLs pertaining to TCP/IP protocol only. ACLs for TCP/IP traffic filtering are primarily divided into two types:

Standard Access Lists, and Extended Access Lists

Standard Access Control Lists: Standard IP ACLs range from 1 to 99. A Standard Access
List allows you to permit or deny traffic FROM specific IP addresses. The destination of the packet and the ports involved can be anything.

This is the command syntax format of a standard ACL. access-list access-list-number {permit|deny} {host|source source-wildcard|any} Standard ACL example: access-list 10 permit 192.168.2.0 0.0.0.255 This list allows traffic from all addresses in the range 192.168.2.0 to 192.168.2.255 Note that when configuring access lists on a router, you must identify each access list uniquely by assigning either a name or a number to the protocol's access list. There is an implicit deny added to every access list. If you entered the command: show access-list 10 The output looks like: access-list 10 permit 192.168.2.0 0.0.0.255 access-list 10 deny any

Extended Access Control Lists: Extended IP ACLs allow you to permit or deny traffic from
specific IP addresses to a specific destination IP address and port. It also allows you to have granular control by specifying controls for different types of protocols such as ICMP, TCP, UDP, etc within the ACL statements. Extended IP ACLs range from 100 to 199. In Cisco IOS Software Release 12.0.1, extended ACLs began to use additional numbers (2000 to 2699).
The syntax for IP Extended ACL is given below:

access-list access-list-number {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence] Note that the above syntax is simplified, and given for general understanding only.
Extended ACL example:

access-list 110 - Applied to traffic leaving the office (outgoing) access-list 110 permit tcp 92.128.2.0 0.0.0.255 any eq 80 ACL 110 permits traffic originating from any address on the 92.128.2.0 network. The 'any' statement means that the traffic is allowed to have any destination address with the limitation of going to port 80. The value of 0.0.0.0/255.255.255.255 can be specified as 'any'.

Applying an ACL to a router interface:

After the ACL is defined, it must be applied to the interface (inbound or outbound). The syntax for applying an ACL to a router interface is given below: interface <interface> ip access-group {number|name} {in|out} An Access List may be specified by a name or a number. "in" applies the ACL to the inbound traffic, and "out" applies the ACL on the outbound traffic. Example: To apply the standard ACL created in the previous example, use the following commands: Rouer(config)#interface serial 0 Rouer(config-if)#ip access-group 10 out Example Question: Which command sequence will allow only traffic from network 185.64.0.0 to enter interface s0? A. access-list 25 permit 185.64.0.0 255.255.0.0 int s0 ; ip access-list 25 out B. access-list 25 permit 185.64.0.0 255.255.0.0 int s0 ; ip access-group 25 out C. access-list 25 permit 185.64.0.0 0.0.255.255 int s0 ; ip access-list 25 in D. access-list 25 permit 185.64.0.0 0.0.255.255 int s0 ; ip access-group 25 in Correct answer: D Explanation: The correct sequence of commands are: 1. access-list 25 permit 185.64.0.0 0.0.255.255 2. int s0 3. ip access-group 25 in

WAN Protocols
1. Comparison of WAN and LAN technologies

2. Serial Links 1. Synchronous and 2. Asynchronous 3. Framing and WAN Protocols a. HDLC b. LAP, LAPB, LAPD c. PPP, and SLIP d. ISDN I. ISDN BRI II. ISDN PRI e. Frame Relay a. Frame Relay Protocol Overview b. Frame Relay Network Operation

Comparison of LANs and WANs

LANs (Local Area Networks) and WANs (Wide Area Networks) are two basic types of networks used in digital communications. We try to distinguish between LAN and WAN by comparing both technologies.

Property Protocols commonly used Communication method

LAN Ethernet, Token Ring, FDDI, etc. Shared Media

Main Advantage

Offer high speeds over short distances. Since LANs spread over short distances (typically a fraction of a kilometer), they offer very high speeds. The signal strengths offered by LAN devices is good, and LANs typically require less expensive equipment for transmission, and reception of signals.

1. Within a building, campus, or city Common Usage

2. Used to connect several host computers within a building or campus together. 2. WAN is normally used for

WAN X.25, Frame Relay, ISDN, Leased line etc. Point-to-point Offer relatively low speeds over longer distances. With WAN, the media becomes very expensive since it had to traverse over several kilometers (sometimes 100s or 1000s of Kilometers). Attenuation and noise become significant over such large distances. Hence, powerful transmitters, and receivers are used with WANs. These equipment tend to be very expensive. All these factors influence the protocols used for implementing WANs. 1. Between cities or any points that are geographically separated by a large distance (several kilometers or more)

connecting LANs separated by a large distance (say, several hundred kilometers) Up to 1 Gbps typical. Normally, all of LAN Up to several Gbps shared. bandwidth is available to a Though todays WANs offer single user (or host) at any very high bandwidths, the given time. The bandwidth is typically shared communication is burst in among several customers. nature. Very low cost per Mbps High cost per Mbps. Both LAN and WAN are used in different circumstances, and they both complement each other.

Speeds

Cost Comments

As a case study, a college Aurobindo has several departments and a centralized applications server. Each department needs to access the central server to access any application such as Microsoft Word or Excel. These applications are bandwidth intensive, and require high band width over a shorter distance. What is required under these circumstances is a Local Area Network. A LAN may be confined to a small room, or a building, or a big campus depending on the requirement. Now, that you want to provide email access to a school, Shanti situated in a different city. You can't provide a LAN connection, since it is typically limited to a fraction of a kilometer (or a few kilometers with signal conditioners). Another reason for unsuitability of LAN is that you can't lay cables over public property without explicit permissions. One feasible solution for this is to have a WAN connection. For example, both Aurobindo and Shanti can have a link to ISP at both ends, and setup a virtual LAN over the WAN. By using WAN, you can have your LAN spread across a large geographical regions. Without WAN, it would have been impossible to provide email access to the school. Internet is an example of a Wide Area Network spreading across continents.

CCNA: Introduction to WAN protocols

Wide Area Networks (WANs) operate over serial links. A serial link is one that transmits and receives digitized signal one bit at a time. Serial links using modems typically offer 56Kbps. Compare a serial link with that of a parallel link. An example of parallel link is printer connection over parallel cable. A printer receives several bits at a time and processes them all. A parallel line is typically used for connecting your monitor, printer, and CDROM drive. Parallel links run over a very short distances. Within serial links, there are two types: 1. Asynchronous serial links 2. Synchronous serial links

Asynchronous serial links: These are widely used for connecting to Internet using your dial-up modem. Asynchronous link is normally used for low speed communications.

Async (short for Asynchronous) links require start and stop bits for effective communication. It can also have parity bits for error checking. When using Async communication link, both sender and receiver need to agree on fixed line speed (expressed in terms of bits per second), otherwise, the receiver may not be able to receive any data at all. 2. Synchronous serial links: Synchronous links, as the name suggests use clocking to transmit or receive data. A clock signal is required for transmitting or receiving synchronous data.

The clock signal may be transmitted separately, or could be derived from the received signal. In either case, the clock signals are used for receiving the data. Synchronous links can operate at very high speeds. SDLC, and HDLC are examples of synchronous link protocols.

HDLC Protocol Overview

HDLC (High-level Data Link Control) is a group of protocols documented in ISO 3309 for transmitting synchronous data between serial links (Point-to-Point nodes). HDLC organizes data into a frame before transmission. HDLC protocol operates within Layer 2 (data link layer) of the OSI model. HDLC Frame Structure:

The HDLC frame consists of Flag, Address, Control, Data, and CRC fields as shown. The bit length of each field is given below:

Flag (both opening and closing flags): 8 bits (01111110 or 7E hex) Address: It is normally 8 or 16 bits in length. A leading 'zero' bit (MSB) indicates a unicast message; the remaining bits provide the destination node address. A leading 'one' bit (MSB) location indicates multicast message, the remaining bits provide the group address. Control: The field is 8 bits, or 16 bits wide and indicates whether the frame is a Control or Data frame. The field contains sequence number (hdlc frames are numbered to ensure delivery), poll (you need to reply) and final (indicating that this is the last frame) bits. Data (Payload): This is the information that is carried from node to node. This is a variable field. Sometimes padded with extra bits to provide fixed length. FCS (Frame Check Sequence) or CRC (Cyclic Redundancy Code): It is normally 16 bits wide. Frame Check Sequence is used to verify the data integrity. If the FCS fails, the frame is discarded. The polynomial used for 16 bit FCS: FCS [16 bits] = X16 + X12 + X5 + 1 Closing Flag: It is same as Opening Flag. If no prior care is taken, it is possible that flag character (01111110) is present in data field. If present, then it will wrongly be interpreted as end of frame. To avoid this ambiguity, a transmitter will force a '0' bit after encountering 5 continuous 1s. At the receiving end, the receiver drops the '0' bit when encountered with 5 continuous 1s, and continues with the next bit. This way, the flag pattern (01111110) is avoided in the data field. Normally, synchronous links transmit all the time. But, useful information may not be present at all times. Idle flags [11111111] may be sent to fill the gap between useful frames. Alternatively, a series of flags [01111110] may be transmitted to fill gaps between frames instead of transmitting idle flags [11111111]. Continuous transmission of signals is required to keep both the transmitting and receiving nodes synchronized. Ex.: frame...flag...flag...flag...frame..flag..flag..frame...frame... PPP and SLIP use a subnet of HDLC protocol. ISDN's D channel uses a modified version of HDLC. Also, note that Cisco routers' uses HDLC as default serial link encapsulation protocol.

HDLC Frame Types

The control field in HDLC is also used to indicate the frame type. There are three types of frames supported by HDLC. These are: I Frames: These are information frames, and contain user data S Frames: These are supervisory frames, and contain contain commands and responses U Frames: These are un-numbered frames, and typically contain commands and responses.

I Frames are sequentially numbered, carry user data, poll and final bits, and message acknowledgements. S Frames performs any retransmission requests, and other supervisory controls. U Frames can be used to initialize secondarys.

PPP and SLIP Protocols Overview

Serial Line Internet Protocol (SLIP):

This is a packet-framing protocol and defines a sequence of bytes that frame IP packets on a serial line. It is commonly used for point-to-point serial connections running TCP/IP.

Point-to-Point Protocol (PPP):

PPP is basically an encapsulation protocol that is used to transport datagrams over serial pointto-point links. Network address assignment, link configuration management, error detection, multi protocol support are some of the most prominent features of PPP protocol. PPP supports these features by using LCP (Link Control Protocol), and NCP (Network Control Protocol). LCP responsible for initiating, negotiating, configuring, maintaining, and terminating the serial link point-to-point connection. You can transport multiple protocols like IP, IPX, DECnet using PPP. Protocol frame configuration: As mentioned earlier, the protocol frame is a version of HDLC protocol. It contains six fields as shown in the diagram.

Flag (both opening and closing flags): 8 bits (01111110 or 7E hex) Address: PPP does not use node addresses. It is a single byte of 11111111, representing a broadcast address. Control: The field is 8 bits, wide and indicates whether the frame is a Control or Data frame. Protocol: 16 bits wide, and identify the protocol encapsulated in the DATA field of the frame. Data (Payload): This is the information that is carried from node to node. The default maximum length of the Data field is 1500 bytes. FCS (Frame Check Sequence) : It is either 16 bits, or 32 bits wide. Frame Check Sequence is used to verify the data integrity. If the FCS fails, the frame is discarded. FCS is implement by using Cyclic Redundancy Code (CRC).

Operation of PPP:
PPP operates over different phases consisting of

Link establishment and configuration negotiation Link quality determination phase (Optional) Network layer protocol configuration negotiation Link termination

Initially, PPP negotiates a link between the two point to point interfaces. These are normally a DTE and a DCE interfaces such as RS-232C, V.35, RS-422, and RS-423. PPP by itself does not impose any limitation on achievable speed. The physical interfaces, and the media normally limits the available link speeds. The second phase is link quality determination. This phase is optional. Once the Link level configuration is made, and the link is established, then the network level configuration is made. The link is terminated by LCP as and when required.

Advantages of PPP over SLIP:

1. Address notification: It enables a server machine to inform a dial-up client of its IP address for that link. SLIP requires that the user manually configure this information. 2. Authentication: PPP supports Password Authentication Protocol (PAP), and Challenge Handshake Authentication Protocol (CHAP) protocols. PAP transmits password in plain text, whereas CHAP uses encryption for authentication. 3. Multiple Protocol Support: PPP can support Multiple Protocols to operate on the same link. For example, both IP and IPX traffic can use same PPP link.

4. Link Monitoring: Offers link monitoring to help diagnose any link failures.

ISDN Protocols Overview

Integrated Services Digital Network (ISDN), as the name implies, provides integrated services that consist of telephony, data, and video transmission over ISDN. ISDN is of two types:

Basic Rate ISDN (BRI), and Primary Rate ISDN (PRI)

Basic Rate ISDN consists of two 64kbps B-channels (B for Bearer) and one D-channel (2B+1D). B-Channels are used for transmitting user information (voice, data, or video), and DChannel is used for transmitting control information. B-Channel offers a bandwidth of 64kbps, and D-Channel has a bandwidth of 16kbps. With 2B channels, BRI provides up to 128kbps uncompressed bandwidth. Note that the total bandwidth used by ISDN BRI is 192kbps. The remaining bandwidth [192 - (2B+D)] or 48kbps is used for framing. Primary Rate ISDN consists of 23 B-channels and one D-channel (23B+1D) for US or 30 Bchannels and one D-channel (30B+1D) for Europe, Australia, India, and some other countries. The ISDN standard followed by Europe is also known as Euro ISDN, and standardized by ETSI (European Telecommunications Standard Institute). The PRI D-Channel offers 64kbps bandwidth. There are several constituent standards that define ISDN. I.430 Standard: It describes the Physical layer and part of the Data Link layer for BRI. Q.920 and Q.921 Standards: Together, they provide the Data Link protocol used over the D channel. Q 930, and Q.931 Standards: Documents the Network layer user-to-user and user-to-network interface. The functionalities offered include call setup and breakdown, channel allocation, and other optional services. G.711 Standard: It describes the standard 64 kbps audio encoding used by telcos.

ISDN Reference Points:

ISDN standards specify several reference points that functionally separate the ISDN network. The ISDN devices need to comply with applicable reference point specifications. For example, a TE1 device such as an ISDN phone or a computer need to comply with reference point 'S' specifications. Various reference points specified in ISDN are given in the figure below:

R: This is the reference point between non-ISDN equipment and a Terminal Adapter (TA). S: This is the reference point between user terminals and Network Termination Type2 (NT2). T: This is the reference point between NT1 and NT2 devices. U: This is the reference point between NT1 devices and line termination equipment of the Telco

Frame Relay Protocols Overview

Before going ahead with Frame Relay protocol, and its operation, we discuss virtual circuits. Remember that a circuit provides connection between end nodes by means of an electrical connection. In data circuits, the term virtual circuit is also used in similar sense. A virtual circuit provides a logical connection between end nodes for the flow of information. There are two types of virtual circuits:

Permanent Virtual Circuit (PVC), and Switched Virtual Circuits (SVC)

Permanent Virtual Circuit (PVC): PVC is a permanent connection between the end nodes (DTEs) within a Frame Relay network. The virtual circuit is always available irrespective of whether any data is being transmitted or not. This type of connection (PVC) is used when it is required to consistently transfer data between the end nodes. A PVC can have two operational states as given below:
1. Data transfer state: Data is transmitted between the end nodes over the virtual circuit. 2. Idle state: No data is transferred between the end nodes. Note that PVC does not terminate the virtual circuit even when there is no data being transferred between the end nodes.

Switched Virtual Circuit(SVC): A switched virtual circuits (SVC) provide temporary connection between end nodes (DTEs) across a Frame Relay network. An SVC communication session has four states:

Call setup: The virtual circuit between two Frame Relay end nodes is established. Data transfer: Data is transmitted between the end nodes over the virtual circuit. Idle: The connection between end nodes is still active, but no data is transferred. An SVC call is terminated after a certain period of idle time Call termination: The virtual circuit between end nodes is terminated.

If there is some more data to be transmitted at a later time, an SVC is negotiated again. SVCs are advantageous when you have burst traffic, and you don't want to block the network bandwidth for a given virtual circuit 24hours a day. Unlike SVC, there is no call setup, and call termination procedures in PVC. This results in simple link management procedures, and more efficient data transfers. Frame Relay Protocol: FR is an HDLC protocol based network. We have discussed HDLC in earlier sections, and the HDLC frame is given below. Other protocols that use HDLC frames include SDLC, Frame Relay, and X.25. They primarily differ in how the address and control bits in HDLC frame are used.

The different fields are explained below with respect to Frame Relay: Flag (both opening and closing flags): 8 bits (01111110 or 7E hex) Address (Also known as Frame Relay Header): It is a 16-bit field as given below.

Data Link Connection Identifier (DLCI): The DLCI is 10-bit wide. DLCI identifies the virtual connection between the end node (a DTE device) and the switch (a DCE device). C/R: The C/R bit says whether the frame is a command or response. Forward Explicit Congestion Notification (FECN): This is a single-bit field that can be set to either 0 or 1 by a switch. Normally, FECN is zero. A value of 1 indicates network congestion in the direction of source to destination, known as Forward Explicit Congestion Notification. Backward Explicit Congestion Notification (BECN): This is a single-bit field that can be set to either 0 or 1 by a switch in the FR network. Normally, BECN is zero. A value of 1 indicates that the FR network has experienced congestion in the direction of destination to source. By using FECN and BECN, upper layer protocols can control the communication for efficient utilization of FR network.

Discard Eligibility (DE): This is set by the DTE device to indicate that the marked frame may be discarded in the event of network congestion. Discard Eligible frames are discarded first before removing frames that do not have DE bit set, in the event of network congestion. Note that all FECN, BECN, and DE enable FR network congestion control by regulating the communication, and prioritizing traffic. Extended Address (EA): The eighth bit of each byte of the Address field (header) is used to indicate the EA. If the EA value is 1, then the current byte is determined to be the last octet of the DLCI. Data: This field contains encapsulated upper-layer protocol data. It has variable length up to 16,000 octets. FCS (Frame Check Sequence) or CRC (Cyclic Redundancy Code): It is either 16 bits, or 32 bits wide. Frame Check Sequence is used to verify the data integrity. If the FCS fails, the frame is discarded.

Frame Relay Network Operation

A Frame Relay (FR) network is shown in the figure below. An FR network may be considered as a FR cloud that consists of FR switches, and customer nodes. A FR switch acts as DCE and the customer equipment works as DTE. A virtual circuit is established between the DTE and corresponding DCE. As mentioned earlier, a virtual circuit is identified by a DLCI (Data Link Connection Identifier) number. DLCIs have local significance. It means that on a given physical channel, there can not be two DLCIs which are identical.

Frame Relay is essentially a packet switched network, and can be compared with an X.25 network. Though both Frame Relay and X.25 use same basic protocol HDLC, there are several differences between the two. Some of the important differences between a Frame Relay network and and X.25 network are given below:

Feature Basic frame protocol used Typical Speed (bandwidth) Interactive sessions LAN connectivity for fast file transfers Protocol Overhead Protocol complexity Voice support Error Correction

X.25 HDLC Low Barely suitable Not suitable High High Poor Very good

Frame Relay HDLC High Suitable Suitable Minimal Low Good Not supported

Comments

1. Frame Relay is widely implemented these days. Frame Relay does not support any node1. X.25 is a very old protocol, and to-node error correction. With the widely implemented. However, it advent of highly reliable physical is hard to find any new channels, node-to-node error implementations. correction (offered by X.25) is considered to be out-of-date, and 2. X.25 implements node-tonode error correction, and very not essential.

suitable for noisy circuits. A severe drawback is high overhead, and transmission delays.

2. Revised specifications for Frame Relay network support LMI extensions. These include: global addressing, virtual circuit status messages, and multicasting