KEMBAR78
IP Configuration | PDF | Routing | Network Switch
0% found this document useful (0 votes)
247 views64 pages

IP Configuration

Basic IP Configuration

Uploaded by

Rohit Singhal
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
247 views64 pages

IP Configuration

Basic IP Configuration

Uploaded by

Rohit Singhal
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 64

Network When systems connected to each other to share resources and data in a network is known as networking.

. Point to Point Configuration It is dedicated link exits between two devices. Multipoint When two or more device shares a link. Topology It is the physical structure (design) in which they are connected to each other. Types of topologies 1. Physical topology - It refers to arrangement of devices in a network they are BUS, Star, Tree, mesh. 2. Logical topology - It represents the way in which data is transferred from one device to next device irrespective of physical connection. Bus topology In this device share a common backbone cable to send and receive data. Ring topology In this each device is connected to adjacent devices forming a circle data flows in one direction only clockwise. Star topology In this topology multiple devices are connected to central connection point as hub or switch. Mesh topology In this device is connected to each other two mesh topology. Full mesh topology Each mode is connected to each other. Partial mesh topology It does not connect to each other it is very expensive. Tree topology It combines linear bus and star topology. A backbone is used to connect multiple star networks. Types of network

Lan local area network It is a small area network to share data and resources.

Types of lan 1. Ethernet used IEEE 802.3 standard and csma and cd technology 2. Token ring passes s token over the network in ring format 3. Token bus uses token mechanism the system are physically connected in bus format 4. FDDI it uses token passing technique like token ring network. It uses primary and secondary rings. CAN Campus Area network It is area network which is limited to a campus. MAN Metropolitan Area network It is an interconnection of networks in a city. WAN Wide Area network Wide network consists of geographical area which includes multiple computers or LANs. Modes of Transmission 1. Simplex It is unidirectional one devices transmit and other device data. 2. Half Duplex Uses only one wire to connected network and transmits data. It uses CSMA /CD to avoid collision only one device communicates eg. Walkietalkie 3. Full-Duplex It uses two wires for communication one for sending and one for receiving there is no threat of data collision both devices communicate at a time. Ethernet 1. It is a standard communication protocol embedded in software and hardware devices for LAN. 2. It uses bus or star topology. 3. Ethernet is frame based it uses baseband signalling and implies CSMA/CD. 4. Types of Ethernet are 10base2, 10baseT, 10base5 and 100baseT. 5. [Baseband it sends a single signal at a given instant] 6. Works on IEEE 802.3 standard. 7. Developed by DEC, Intel, Xerox corporation

Devices
HUB It is a device which contains a series ports to which computer can connect joins multiple network segments together to form a single segment Feature One broadcast, shares the bandwidth, one collision domain. Working When any transmission received on one port it will be sent at all ports in a hub and collision is checked out through CSMA/CD

Switch It is also a device which connects multiple LAN segments at data link layer. Working It examines data packets for sources and destination MAC address to sent it on respective port in case if destination is unknown than it acts like hub and floods the frame to every port Types of switch 1. Managed switch this type of switch uses SNMP which sets the communication parameter as per requirement of network it shows number of bytes and frames transmitted or received and number of error on each port. 2. Unmanaged switch - If Ethernet devices start to communication on connection One broadcast domain, multiple collision domain, switch has its own VLAN. Types of switching 1. Cut through switching These types of switches forward data packets as soon as they receive it. They validate data by comparing checksum value. 2. Store and forward switching - It performs a checksum on each data packets before forwarding it. This switch is slower than previous switch. These switch minimize the errors due to improper packet forwarding. 3. Fragment free switch It checks first 64 bytes of data. It provides a balance cut through switch and store and forward. Bridge All features are same of hub but it has MAC table.

Router It is a device that provides the best possible route to data packets to reach destination they use routing table to decide route of data. Join multiple network using different protocols. Operate at network layer. Function of router

1. Provide traffic management 2. Do not pass broadcast traffic 3. Connect different network segment. Repeater It is a device that increases the strength of data signals sent across the network it amplifies and passes it on next segment.

Bridges Devices that divide network into different segments. It decides network segment where the data has to travel in order to reach its own destination.

OSI Model Open System Interconnection 1. This model was developed by ISO - international standard organisation 2. It is a set of guidelines that application developers can use to create and implements application that run in network. 3. It provides a framework for creating and implementing networking standard, devices and internetworking schemes. Note- devices that operates on all seven layers are as follows 1. 2. 3. It has Network management stations Web and application services Gateways and network host seven layers divided into two groups.

1. Top three layers define how application within the end stations will communicate with each other and with users. 2. Bottom four layers define how data is transmitted end to end. Layers 1. 2. 3. 4. 5. 6. 7. Application files, print, message, database, application Presentation data encryption, compression and translation. Session dialog control Transport end to end connection Network routing Data link framing Physical physical topology Application layer It defines the manner in which application interact with network like database e-mail. It provides user interface protocol that work on this layer FTP,TFTP,SMTP, DNS, SNMP, NFS, NNTP

Presentation layer It defines the way in which data is formatted, presented, converted and encoded. Presents data and handles processing such as encryption. Session layer Co-ordinates communication and maintains session for as long as it is required performing security logging and administrative functions. Keeps different applications data separate. Transport layer It defines protocols for structuring messages and supervises the validity of transmission by performing error checking. Provides reliable or unreliable delivery. Performs error correction before retransmit. Protocols that works are TCP, UDP, SCTP. Network Layer It defines data-routing protocols to increase the likelihood that information arrives at correct destination node. Devices that work on this layer is routers and firewalls. Provides logical addressing which routers use for path determination. Protocols that work are ICMP, IGMP, IP,ARP, RARP. Data link layer Validates the integrity of flow of data from one node to another by synchronizing blocks of data and controlling the flow. Combines packets into bytes and bytes into frames. Provides access to media using MAC address. Performs error detection not correction. Protocols that works are HDLC, SDLC. Physical layer It defines mechanism for communicating with tansmission medium and interface hardware. Moves bits between devices. Specifies voltage wire speed and pin out of cables.

Protocols These are sets of rules to determine how data is transmitted over the network it works on several levels. Hardware level software level program level. Protocols are predefined set of rules which govern the transfer of data and communication between computers connected in a network.

Functions of protocols Regulate type of networks access method Compression techiques Topologies Cabling methods Speed of data transfer.

Ethernet It is a standard communication protocols embedded in software and hardware devices for lan.

1. Uses bus or star topologies 2. It is based on frames 3. It uses baseband signalling and implies CSMA / CD 4. Types of Ethernet are 10base2, 10baseT, 10base5, 100baseT. 5. Works on IEEE 802.3 standard. 6. Developed by DEC, INTEL, XEROX corporation. Note It is the only technology to support two different topologies.

Ethernet frames It is used to encapsultes packets handed down from network layers. It perform a data security check and ensures that data is not corrupted. It is made up of two sub layers. 1. MAC Media access control 2. LLC Logical link control. Frame Destination address 6 bytes / 48 bits Source address 6 bytes / 48 bits Length 64 bytes / 1024 bits Frame check sequence total 1632 bits

IEEE standards 802.3 Institute of electricals and electronics engineers. MAC 802.3 It defines how packets on media are placed. MAC address is of 48 bit (12 digit hexadecimal number) divided into two parts. MM:MM:MM:SS:SS:SS On first part it represents manufacturers identifier provided by IEEE. Second part represents a serial number provided by manufacturers. LLC Logical link control 802.2 It is responsible for identifying network layer protocols and then encapsulating them. It also provides flow control and sequencing of control bits.

DTE Data Terminal Equipment Devices which communicates on Ethernet network such as computer and printer. DCE Data Communication Equipment

Devices which provide communication on Ethernet eg. Switch and router.

IEEE 802 networking standard 1. 802.1 LAN /MAN management (internetork ) 2. 802.2 Logical link control 3. 802.3 CSMA /CD 4. 802.4 Token Bus 5. 802.5 Token Ring 6. 802.6 MAN Distributed Queue Dual Bus 7. 802.7 Broadband 8. 802.8 Fibre Optic LAN and MAN 9. 802.9 ISDN Isochronous LAN 10.802.10 Network Security 11.802.11 Wireless (a to n) 12.802.12 Demand Priority Access Method 13.802.15 Wireless Personal Area Network 14.802.16 Wireless MAN 15.802.17- Resilent Packet Ring 16.802.18 LAN/MAN Standard Commitee Cable Standard for UTP 1. 2. 3. 4. 5. 6. 7. Cat 1 telephone (carries only voice) Cat2 4Mbps 4 pairs of wires Cat3 10 Mbps RJ45 16 Mhz Cat4 16 Mbps 20 Mhz Cat 5 10 Mbps 100 Mhz Cat6 1000 Mbps 250 Mhz Cat7 600 Mhz

Data link layer for Ethernet It works on physical address known as MAC address i.e. of 48 bit (6 bytes) denoted by haxa-decimal digit. Responsible for converting packets into frames and transmitting to network layer. It encapsulates data and media access control which check error in data during and after reception. Its sub layer LLC provides error detection and flow control.

SNAP- Sub Network Access Protocol IEEE defines two frames SAP and SNAP in LLC that handle the data link layer.

SAP Service Access Point This frame is of one byte in length and uses only first 6 bits to identify network layer protocols. i.e. 2^6 =64 protocols only

SNAP This frame is of 2 byte so it can identify upto 65536 protocols.

TCP/IP Model Allows data transfer between network device

TCP It is transport layer of the protocol and serves to ensure a reliable verifiable data exchange between hosts on a network breaks data packets into segments number them and send in random order. IP It is responsible for network addressing routing connectionless and reliable DOD Model (Department of Defence) TCP/IP Model

Four layers of DOD Model 1. 2. 3. 4. Application Layer Host to host layer Internet layer Network access layer

Application layer Defines application such ad FTP Telnet interact through this layer. Protocols that function on this layer SNMP SMTP NNTP LDAP FTP POP3 IGMP TFTP IMAP NTP SFTP HTTP NFS

Host to host layer

Adds transport control information to user data. Responsible for source to destination delivery of entire message.

Internet layer It allows routing of data over the network. Adds IP information to form a packet ARP and RARP works on this layer. Network interface layer In this layer protocols that are used to transmit data to other device in network transmit data frames in network over the physical connection exchange data between devices. Application layer protocols Telnet It allows a user on a remote client machine to access the resources of another system.

FTP File Transfer Protocols (port 20,21) Used over internet to exchange files it can download a file from a server or upload a file to server. It is limited to listing and manipulating directories typing fules contents and copying files between hosts. Authentication required.

TFTP Trivial File Transfer Protocol. It is used to transfer files to and from a remote computer such a diskless workstations. These workstations do not have their own storage disk and boots from a network host or a server. It has no directory browsing abilities it can do nothing but send and receive files uses UDP. No authentication required.

NFS Network File System It allows two different types of file system to interoperate. Developed by SUN microsystem so that UNIX server can communicate with TCP.

SMTP Simple Mail Transfer Protocol It is used for transferring mail from client to server and server to server.Specifies how mail system work together and the format control message they use to exchange and transfer mail.

LDP Line printer daemon It is designed for printer sharing. It allows print jobs to be spooled and sent to networks printers using TCP/IP.

SNMP Simple Network Management Protocol It allows network administrator to collect information and remotely monitor other devices on network. It gives smart devices such as routers, switches, hubs, bridges, PCs to report their status and allows administrator to make changes. It uses two protocols. 1. SMI 2. MIB SMI Structure of management Information It defines the rules and does not define how many objects are managed in an entity SMI sets the rule for naming objects types and shows how to encase objects and values. MIB Management Information Base It creates a set of objects foe each entity that is similar to normal database. It defines the number of objects name the objects with respect to rules defined by SMI.

X-Window It defines a protocol for writing client/server application based on graphical user interface. NNTP Network News Transfer Protocol It is standard protocol used to transfer UseNet news from one machine to other UseNet news is a large collection of discussion group covering a wide range of topics. Provide connection oriented service. Gives failure delivery message (error generation) SFTP Secure File Transfer Protocol It is used to transfer files over an encrypted. it uses an SSH session which encrypts the connection.

POP - Post Office Protocol. It provides a storage mechanism for incoming mail. All messages are download to client for POP3 server. IMAP Internet Message Access Protocol

It allows user to download mail selectively current version is IMAP4. SSH Secure Shell It is used to establish secure telnet session used to run programs on remote system. Log into other system and move files maintaining strong encrypt connection. HTTPS Hyper text transfer protocol secure Allows browser and servers to sign authenticate and encrypt an HTTP message.

NTP Network Time Protocol. It is used to synchronize computer clock to some standard time source which is usually a nuclear clock. SCP Secure Copy Protocol It used SSH to establish and maintain an encrypted connection between host. The file transfer can then take place without fear of password or data interception. LDAP lightweight directory access protocol It keeps track of user and resources. It allows clients to perform objects lookups with a directory using standard method. IGMP Internet Group Management Protocol. It is used to manage IP multicast sessions. It keeps a track of group membership and active multicast streams. Transport Layer Protocols TCP Transmission Control Protocol It serves to ensures a reliable verifiable data exchange between a host on a network. It breaks Data into pieces, wraps the needed information; it numbers and sequences each segment so that destinations TCP can put the segment back in order. It is a full duplex connection oriented reliable and accurate protocol. Check the flow control. Error detection. UDP User Datagram Protocol It is connectionless, unreliable protocol. It adds port addresses and error control information to data and deliver the data. It is faster than TCP.

Network Layer Protocol IP Internet Protocol

It is connectionless protocol. It does not establish end to end connection before transmission. Its only job is to route the data to destination. ARP Address Resolution Protocol It finds the hardware (MAC) of a host from a known IP address. RARP Reverse Address Resolution Protocol It is a protocol which finds IP address from its MAC address. It is used by a diskless machine to request for IP address by DHCP server from its address.

Proxy ARP It is used to allow redundancy in case of a failure with the configured default gateway on a host. Proxy ARP is a variation of a ARP protocol in which an intermediate device such as a router sends a ARP response on behalf of an end node to requesting host. ICMP Internet Control Message Protocol It provides a method for communicating error message and other transmission information. They are (ICMP packets) encapsulated within IP datagram. Generates four messages 1. Destination Host unreachable If router or device is unable to deliver IP packets to destination in this case it discards the original packets 2. Network unreachable When packet fails to reach destination. 3. Host unreachable When packet fails if subnet is wrong. 4. Protocol unreachable When destination does not support upper layer protocol. 5. Port unreachable When TCP socket is not available. Echo Request Message It checks whether another device is reachable or not. Request Message ICMP redirect requires address of only one router to forward packet for efficient routing. Time exceeded Message Router sent IP packet when time reaches zero it discard original packet after time out.

Cisco Model
This model consists of 3 functional layer 1. Core layer 2. Distribution layer 3. Access layer

Core layer This main layer is responsible for fast, reliable communicating of data across network. It reduces latency time in delivery of packets. Factors 1. High data transfer rate 2. Low latency period 3. High reliability Distribution layer This layer is used for routing and managing network traffic, manipulates packets by queuing. Factors 1. 2. 3. 4. Packets filtering regulates packet by source and destination address. Access layer aggregation point serves as aggregation point. Control Broadcast and multicast serves as boundary and multicast domains. Application gateways create protocol gateways to from network architecture. 5. Implementing Security and network policies. Access layer Ensures that packets are delivered to destination, allows workgroup and user to utilize services provided by distribution layer and core layer. Functions 1. 2. 3. 4. Address filtering allows selected system to access LAN. Separate collision domains creates collision domain for each node. Share bandwidth enable network to handle all data. Handle switch bandwidth perform load balancing.

IP Addressing It is a numeric identifier assigned to a machine over the network.

IP terminology 1. 2. 3. 4. 5. Bit Digit either 0 or 1 Byte It is a pair of 8 bits. Octet an octet is made up of 8 bits Network address It is used in routing to send packet to a remote network. Broadcast Address It is used by application and host to send information to all nodes on a network.

IP has two version (Ranging from 0 to 15) 1. IP version 4 binary 2. IP version 6 hexadecimal IP version 4 It is of 32 bits divided into four sections through dot. Classification of IP address 00000000.00000000.00000000.00000000 = 32 bits Class A 1 to 126 8 bit network bits 24 bits host bits 10.0.0.0 to 10.255.255.255 private address 127.0.0.0 127.255.255.255 loopback address used for testing 0 and 1 bit is reserved 2 ^7 = 128 2 = 126 network

Class B 128 191 16 bit network 16 bit host bits 172.16.0.0 172.31.255.255 private address 1,0 two bits are reserved 2 ^ 6= 64 networks

Class C 192 -223 24 bit for network 8 bit host bits 192.168.0.0 192.168.255.255 private 1,1,0 three bits are reserved 2^5 = 32 network

Class D 224 239 used for multicast 1,1,1,0 four bits reserved 2^4 =16network

Class E 240 255 used for experiment 1,1,1,1,0 5 bit reserved 2 ^3 =8 network

Subnetting Used in IP networks to break up larger network into smaller subnet. Supernetting When we increase number of host bits

APIPA 169.254.0.0

Public address routable IP address are known as public address Private address non routable IP addresses are known as private address. Subnet mask It defines the network portion of the octet and which belongs to host.

Loads of reasons in favour of subnetting 1. 2. 3. 4. Reduced network traffic Optimized network performance Simplified management Facilitated spanning of large geographical distance.

Subnet Mask Class A 255.0.0.0 Class B 255.255.0.0 Class C 255.255.255.0

CIDR Classless Inter Domain Routing It allows a group of IP network to appear to other network as a unified larger entity. CIDR values 255.0.0.0 /8 255.192.0.0/10 255.240.0.0/12 255.252.0.0/14 255.128.0.0/9 255.224.0.0/11 255.248.0.0/13 255.254.0.0/15

Router It is network devices that allow directing data traffic to an appropriate destination. They use routing table to decide route of data. Join multiple network using different protocols. Operate at network layer.

Functions of router 1. Provide traffic management 2. Dont pass broadcast traffic 3. Connect different network segment Types of router memory DRAM Dynamic RAM Main storage memory for router. It contains dynamic configuration information. It stores a copy CISCO IOS Non volatile RAM It contains a backup copy of configuration for restoration Flash Memory It contains copy of CISCO IOS. It is erasable and programmable.

Router components 1. Processor It executes IOS commands it uses two types of processors like Motorola 68030, Orion. It makes routing decision and maintains routing tables. It requires access to memory to get data for making routing decisions ( to get instruction for execution) 2. ROM - non volatile storage device which decides boot process of router. 3. Post power on self test It provides a series of diagnostic test for router in reverse numerical order. 4. Bootstrap program It is rom monitor component that allows you to initialize the processor hardware when router boots. It loads IOS image for router with the help of configuration register. 5. Configuration register It is a file that decides the boot mode for ios image.

Function of Bootstrap Verifies configuration (file) register value Check NVRAM for boot system commands in startup configuration file. Mini IOS it provides an alternate file for router boot up if IOS unavailable.

ROM monitor It is a program stored in ROM which is used to debug user program.

RAM It consists of active IOS image that is loaded when the router boots. It stores active configuration files, routing tables and information in input and output buffers of router interface.

Flash - A non-volatile storage medium which contains IOS image through which router boots. NVRAM It stores configuration files for router and startup files.

Router boot sequence ******** 1. 2. 3. 4. It performs POST to test hardware and memory Bootstrap program is loaded from ROM and execute. Load IOS image from specified location (flash/RAM/TFTP server) Locates hardware and software components of router and display list of component on console. 5. Executes configuration commands which begins routing processes on router and provide IP address to router interfaces. IOS internetwork operating system It provides an interface between user and hardware i.e. network devices and user. It is an assembly of commands and functions that allows you to run network device. It allows us to work and configure those commands.

Features of IOS 1. Support different technologies supports data link layer technologies such as LAN and WAN copper and fibre wiring. 2. Scalability support different platform so that hardware could be changed without affecting the performance. 3. Security it enables to control access to network using different security policies.

Ports

Console port used to configure router locally it has 8 pin RJ45 connector connected with system through rollover cable. Auxiliary port connects modem to router through straight cable.

Command line interface Allows manual configuration of router through text based interface. It can be directly accessed through console port.

Router has three modes. 1. User Exec mode 2. Privileged Exec mode 3. Configuration mode User Exec mode used to check the router status and switch to different modes. To enter in privileged mode Router > prompt appears Router > en And privileged mode appears as Router #

Privileged mode to Executes higher level commands such as security and configuration setting. To switch to user mode Router # disable

Configuration mode it allows you to executes configuration commands for router. Router # config terminal Router (config) To exit from configuration mode ctrl + z Return to user mode directly exit

Router configuration It can be done in 3 ways 1. Using security device manager starts automatically 2. Using command line manual configuration 3. Using setup mode enables to configure host name, password etc.

Name prompt
User exec mode Privilege mode #

ways to access
access through cable or auxiliary port >

type enable on user mode to check all the configuration Mode on router

Global configuration (config)# mode

type config-t on privilege exec mode to make changes on

Router configuration.

Interface configuration serial (config-if)# Mode

it is used to make changes on whatever part either it is

or fast ethernet to give shutdown or No shutdown the interface

Line configuration if you want to apply password security on different lines. This (config-line)# Mode configuration mode.(line vty-virtual terminal, AUX, console)

Router configuration then (config-router)# Mode

if we are going to configure dynamic routing protocols

this mode comes in existence.

CLI prompt Interface to make changes to an interface you use interface command from global configuration mode

Router(config) interface ? Fast ethernet fa Serial s Loopback loopback interface

Router (config)# interface fast ethernet 0/0 Router (config-if)#

Sub-interface it allows you to create a logical interface within the router Router (config-if) # interface f0/0.1 Router (config-subif)#

Line commands to configure user mode password use the line command. Router (config-line)# any command entered from here is called sub-command

Routing protocol configurations To configure running protocol such as rip and eigrp Router (config-router)#

Router# config t Router (config) #router rip Router (config-router) # version 2 Router (config-router) #

Banners it manages displayed to all user when they access the router through telnet console and auxiliary port.

Note # is used at end at end of banner to indicate it is required it is finished

It is of 4 types Message of day banner displayed to all user accessing it through console, telnet or auxiliary port. Syntax : banner motd [delimiter] Delimiter character such as comma, fullstop, character or numeric values.

Exec process creation banner displayed when you create an EXEC process. It can be a line activation or incoming connection to vty (virtual terminal) line.

Incoming terminal line banner displayed on terminal that use reverse telnet [in this session is initiated by host computer for its user]

Log in banner it is configured to displayed on all terminals connected to router it can be viewed after MOTD banner and before the log in prompt.

To disable it no banner login is used

Routing it is the process of transferring data from the source to destination. It determines the best path for packets from one device and sends it through the network to other device. Minimum requirement for routing 1. 2. 3. 4. 5. Destination address Neighbour routers from which it can learn about remote networks Possible routers to all remote network The best route to each remote network How to maintain and verify routing information

Goals of routing

Stability- Information or packets are routed by using optimal path. Provides with a robust network while routing protocols take care of hardware failures, high load conditions. Dynamic update of network paths protocols are capable of updating the routing paths. Information is safe while transmitting by internetwork router.

There are 3 types of routing 1. Static routing 2. Dynamic routing 3. Default routing Static routing when we manual adds router in each routers routing table is known as static routing. Its administrative distance is 1. Its totally based on admin intervention.

In static routing we have to give the hop information of next hop.

Benefits of static routing There is no overhead on router CPU which means you could buy a cheaper router. There is no bandwidth usage between routers It adds security because administrator can choose to allow routing access to certain network only.

Disadvantages The administrator must really understand the internetwork and how each router is connected Not feasible for large network If network is added to a internetwork, the administrator has to add the route manually

Syntax Ip route [destination network][mask][next-hop-address or exit interface][AD] [permanent]

Ip route command used to create the static route Destination-network network you are placing in routing table Mask subnet mask being used on network Next hop address the address of next hop router that will recieve the packets and forward it to remote network. Exit interface used in place of next hop address if you want and show up as a directly connected route. AD- administrative Distance By default static route have an administrative distance of 1

Permanent if the interface is shut-down or the router cannot communicate to next hop router.

Configure IP address on interface E0 on router A

Router >en Router #config t Router (config) # hostname R1 R1(config)# int e0/0 R1 (config-if)# ip add 172.16.10.1 255.255.255.0 R1 (config-if)# no shut

R1 (config-if)# ip add 172.16.20.1 255.255.255.0 R1 (config-if)# no shut

Router B Router > Router # config t Router (config)# hostname r2 R2 (config)# int e0/1 R2 (config-if)# ip add 172.16.20.2 255.255.255.0 R2 (config-if)#no shut R2 (config-if)# ip add 172.16.30.1 255.255.255.0 R2 (config-if)# no shut

Static routing on router r1 R1 >en R1 #config t R1(config)#ip route <dest. Add> <mask> <gateway> R1(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.2

Static routing on router r2 R1 >en R2 #config t R2(config)#ip route <dest. Add> <mask> <gateway> R2(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.1

To disable static routing on r1 R1 #config t R1 (config) # no ip route 172.16.30.0 255.255.255.0 172.16.20.2

Dynamic routing It can be defined as the phenomena in which the routing protocols are assigned the job of finding the path to route the packets and update routing tables.

Routing protocol It is defines the set of rules used by router when it communicates routing information between neighbours.

Two types of routing protocols 1. Interior gateway protocols 2. Exterior gateway protocols Note the major difference between static and dynamic is that we get redundancy in dynamic routing because we publish our own self interface network so that any network can reach in multiple ways.

Administrative Distance it is used to rate the trustworthiness of routing information received on a router. Its range is between 0- 255. If router receives two updates listing the same remote network the first thing the router checks is the AD. Note- lower AD is preferred. If two protocols have same AD then router uses metrics such as hop count, bandwidth, cost delay, load and reliability, to find best to route the packets to connected network.

Hop the movement of a packet between any two network nodes.

Hop count A routing metric that calculates the distance between a source and destination based on the number of routers in the path RIP employs hop count as its sole metric.

Bandwidth The gap between the highest and lowest frequencies employed by network signals.

Cost it is an arbitrary value, based on hop count, bandwidth or another calculation that is typically assigned by a network administrator and used by routing protocol to compare different routes through an internetwork.

Delay- the time elapsed between a senders initiation of a transaction and first response they receive the time needed to move a packet from its source to its destination over a path. Load Amount of data on the link.

Classes of routing protocols 1. Distance vector 2. Link state 3. Hybrid Distance vector This protocols find the best path to a remote network by judging distance. The route with the least number of hops to the network is determined to be the best route. RIP and EIGRP classfull

Link state It is called shortest path first protocols. Router create 3 separate tables. 1. It keeps track of directly attached neighbour. 2. Determines the topology of entire internetwork. 3. One is used as routing table. 1. OSPF and IS-IS - classless OSPF It is an IP routing protocol that is completely link state. It sends updates containing the state of their own links to all other routers on network.

Hybrid This protocol use aspects of both distance vector and link state for eg. EIGRP

Interior Gateway Protocols It is used to route the packets inside an autonomous system (independent network system).

Protocols are RIP Routing Information Protocol. OSPF Open shortest path First IGRP Interior Gateway Routing Protocol EIGRP Enhanced Interior Gateway Routing Protocol IS-IS Intermediate system to intermediate system.

Exterior Routing Protocol Protocols that communicate between two or more autonomous system.

Two exterior Routing Protocols are EGP Exterior Gateway Protocol BGP Border Gateway Protocol

Configure router A

R1 # config t R1 (config) # router rip R1 (config-router) # network 172.16.20.0 R1 (config-router) # network 172.16.10.0 R1 (config-router) # no shut

Configure router B

R2 # config t R2 (config) # router rip R2 (config-router) # network 172.16.20.0 R2 (config-router) # network 172.16.30.0 R2 (config-router) # no shut

Default Routing We use default routing to send packets with a remote destination network not in routing table to the next hop router.

To configure a default route, we use wild card in the network address and mask location

To configure default routing of r1 R1# config t R1(config)# ip route 0.0.0.0 0.0.0.0 172.16.20.2

To configure default routing of r2 R2# config t R2(config)# ip route 0.0.0.0 0.0.0.0 172.16.20.1

Note Max 2 default route is pointed in a single network.

RIP Routing Information Protocol It manages the exchange of routing table information among router to exchange their routing tables at a predefined interval. RIP uses hop count to determine the best way to remote network. Max. Allowable hop count of 15 by default Efficient for small network.

RIP has 2 versions RIP version 1 RIP version2

RIP version1 It uses only classful routing which means that all devices in network must use same subnet mask. It does not send updates with subnet mask.

RIP version 2 It sends subnet mask information with the route updates. It is classless routing.

Note Both uses same administrative distance 120.

RIP timers Route update timer sets the interval (30 sec) between periodic routing updates in which the router sends a complete copy of its routing table out all neighbors. Route invalid timers determines the length of time that must elapse (180 sec) before a router determines that a route has become invalid.

Hold down timer Sets the amount of time during which routing information is suppressed

Route flash timer Sets the time between a route becoming invalid and its removal from routing table (240 sec).

Administrative Distance Static route RIP 1 & 2 Eigrp IGRP OSPF Unknown 1 120 90/170(internal / external) 100 110 255

Configure router 1 dynamic

R1 # config t R1 (config)# router rip R1(config)# network 172.16.20.0 R1(config)# network 172.16.10.0 R1 (config) # no auto-summary

To configure router 2

R2 # config t R2 (config)# router rip R2(config)# network 172.16.20.0 R2(config)# network 172.16.30.0 R2 (config) # no auto-summary

RIP version 2

Configure dynamic routing on router A

R1 # config t R1 (config)# router rip R1(config-router) # version 2 R1(config-router)# network 172.16.1.0 R1(config-router)# network 172.18.1.0 R1 (config-router) # no auto-summary

Configure dynamic routing on router B

R2 # config t R2 (config)# router rip R2(config-router)# version 2 R2(config-router)# network 172.16.1.0 R2(config-router)# network 199.1.11.0 R2 (config-router) # no auto-summary

Configure dynamic routing on router C

R3 # config t R3 (config)# router rip R3(config-router)# version 2 R3(config-router)# network 172.18.1.0 R3(config-router)# network 199.1.12.0 R3 (config-router) # no auto-summary

IGRP Interior Gateway Routing Protocol

It is a cisco- proprietary distance vector routing protocol. Support cisco routers only at both ends. Uses bandwidth and delay for determining best route to an internetwork. Needs autonomous system (AS) for configuration

Dynamic routing of router A R1 (config) # router igrp 10 R1 (config-router) # network 172.16.20.0 R1 (config-router) # network 172.16.10.0

Dynamic routing of router B R2 (config) # router igrp 10 R2 (config-router) # network 172.16.20.0 R2 (config-router) # network 172.16.30.0

Dynamic routing of router A

R1 (config) # router igrp 10 R1 (config-router) # network 172.17.20.0 R1 (config-router) # network 199.1.10.0 R1 (config)# router igrp 20 R1 (config-router)# network 172.16.30.0 R1 (config-router)# network 199.1.10.0

Dynamic routing of router B

R2 (config)# router igrp 10 R2 (config-router)# network 172.17.20.0 R2 (config-router)# network 199.1.11.0

Dynamic routing of router C

R3 (config)# router igrp 20 R3 (config-router)# network 172.16.20.0 R3 (config-router)# network 199.1.12.0

EIGRP Enhanced Interior Gateway Routing Protocol It is classless, enhanced distance vector protocol that gives us a real edge. It uses the concept of autonomous system. It works on path calculation based on five metrics. Bandwidth Load Delay Reliability

MTU Maximum Transmission Unit

Autonomous System A group of networks under mutual administration that share the same routing methodology. As are sub-divided by areas and must be assigned an individual 16 bit number given by IANA. Note The best point in EIGRP is that when any changes occur in any network then it releases its update. EIGRP uses following table for route discovery. Neighbour Table stores the condition of directly connected neighbour and new neighbour. Topology table store the advertisements of destinations by the neighbour which consists of destination address the neighbour that are linked with destination. Route Table router that helps to make the routing decisions are stored in route table. Successors path with the best metric as compared to all other paths. Feasible Successors it is a backup route and is stored in topology table. A successor route is stored in topology table and is copied and placed in routing table.

Troubleshooting commands

Show ip route shows the entire routing table Show ip route eigrp shows only eigrp entries Show ip eigrp neighbour show all eigrp neighbour Show ip eigrp topology show entries in eigrp in topology Debug eigrp packet hello packets sent / receive between adjacent router. Debug ip eigrp notification show eigrp changes and updates as they occur in your network.

Features of EIGRP

Supports for multiple autonomous system numbers on a single router.

Support VLSM Sends subnet mask information in routing updates Supports discontinuous network Supports summarization of router connected to reduce size of routing table.

OSPF Open Shortest Path First It is a link state routing protocol. Updates the routing table only when network changes occur. Its work is based upon area system. All areas are connected to area 0 which is backbone area. In each area there are 50 router supported.

Features Consists of areas and autonomous system Minimizes routing update traffic allows scalability Supports VLSM/CIDR Has unlimited hop count Allows multi-vendor deployment

OSPF hierarchy design

Autonomous system Sets the networks grouped together with a common administrative control

Areas A logical, rather than physical sets of segments along with their attached devices. Areas are commonly connected to other using routers to single autonomous system.

Backbone Area The basic portion of network that provides the primary path for traffic sent to and initiated from the other network.

Area border router (ABR) An OSPF router that is located on border of one or more OSPF areas. ABRs are used to connect OSPF areas to OSPF backbone.

Stub Area An OSPF area carrying a default route, intra area routes and inter area routes but no external routes. It does not have multiple exit point only single area border router is connected to stub area.

ASBR- Autonomous system boundary router An area border router placed between an OSPF autonomous system and non-OSPF network that operates both OSPF and an additional routing protocol such as RIP.

OSPF Terminology Link A router that is connected to the network and uses OSPF as its routing protocol is defined as link.

Router ID The IP address that identifies the router is called router ID.

Neighbour - When two or more router are connected physically with the help of an interface such as a serial or fast ethernet are termed as neighbour.

Adjacency it is a relationship between two OSPF router that permit the direct exchange of route updates.

Hello Protocol The protocols that are sent by the routers to discover and preserves the relationship with the neighbours. The protocols along with link state advertisement (LSA) update the topological database.

Neighbourship Database It is a list of all OSPF routers for which hello packets have been sent. A variety of details including the router ID and state are maintained on each router in this database.

Topological database It contains information from the entire link state advertisement packet that have been received for an area. Router uses the

information from the topology database as input into algorithm that computes the shortest path.

Designated Router These are decided hello protocols when two or more OSPF router attempt to access the same multi-access networks. These networks have more than one recipient. It reduces the number of adjacencies in multi-access network and reduces routing protocol traffic and topological size.

BDR Backup Designated Router The router used as an alternative for DR.

Broadcast (multi-access) It allows multi devices to connect to same network as well as provide a broadcast ability in which a single packet is delivered to all nodes on the network.

Non-broadcast multi-access These networks allow for multi-access but have no broadcast ability. So these networks require special OSPF configuration to function properly and neighbour relationship must be defined.

Point to point When two routers are connected directly using a serial cable and packets are terminated using a single communication path.

Point to multi-point When a router is connected to multiple routers using a single interface.

Configure an OSPF

Syntax Router ospf process_id Network ip_add wildcard mask Area area_#

Process_id provides a unique identification to OSPF processes running on router.

IP _address specifies the IP address of OSPF area interface.

Wildcard mask provides specification to router regarding part of address that should match.

Area Specifies area where the address on the router belongs

Router R1

R1 (config) # router ospf1 R1 (config-router) # network 192.168.10.64 0.0.0.7 area 0 R1 (config-router) # network 10.255.255.80 0.0.0.3 area 0

Router R2

R2 (config) # router ospf1 R2 (config-router) # network 192.168.10.48 0.0.0.7 area 0 R2 (config-router) # network 10.255.255.80 0.0.0.3 area 0 R2 (config-router) # 10.255.255.0 0.0.0.3 area 0

Router R3

R3 (config) # router ospf1 R3 (config-router) # network 192.168.10.16 0.0.0.7 area 0 R3 (config-router) # network 10.255.255.8 0.0.0.3 area 0

Router R1

R1 (config) # router ospf20 R1 (config-router) # network 172.16.10.0 0.0.0.255 area 0 R1 (config-router) # network 172.16.20.0 0.0.0.255 area 0

Router R2

R2(config) # router ospf20 R2 (config-router) # network 172.16.20.0 0.0.0.255 area 0 R2 (config-router) # network 172.16.30.0 0.0.0.255 area 0

Or

Router1

R1 (config) # router ospf 20 R1 (config-router) # network 172.16.0.0 0.0.255.255 area 0

Router 2 R2 (config) # router ospf 20 R1 (config-router) # network 172.16.0.0 0.0.255.255 area 0

Wildcards: Indicates that the corresponding octet in the network must match exactly 255 indicates that you dont care what the corresponding octet is in the network number.

Just the opposite of subnet mask Block Size 0, 3, 7, 15, 31, 63

Loopback These are logical interface which are virtual. It ensures that an interface is always active for ospf processes.

Advantages of loopback Used for diagnostic purposes Highest IP address on router will become that routers RID which is used to advertise the routes as well as elect DR and BDR.

Configuration R1 (config) # int loopback 0 R1 (config-if) # ip add 192.168.90.1 255.255.255.0 R1 (config) # int loopback 1 R1 (config-if) # ip add 192.168.80.1 255.255.255.0 R1 (config) # int loopback 2 R1 (config-if) # ip add 192.168.70.1 255.255.255.0 R1 (config-if ) # no shut

OSPF AD Administrative Distance 110 DR Designated Router Any network changes in area are maintained by DR.

Access-list A set of test conditions kept by routers that determines interesting traffic to and from the router for various services on the network.

Or

It is a set of commands, which are grouped together to filter traffic that enters or leaves an interface. It allows the administrator to deny or permit traffic that enters the interface.

Functions of ACL 1. 2. 3. 4. Reduce network traffic and increase the network performance. Control the flow of traffic in the network by limiting the routing updates. Provides security for network access. Make decision about the type of network to be forward or restricted on an interface.

Inbound list Filters the traffic as it enters the interface. Outbound access list Filters the traffic before it leaves the interface.

Types of ACL 1. Standard ACL 2. Extended ACL 3. Named ACL Standard Access List These use only the source IP address in an IP packet no destination address. It basically permits or deny suite of protocols.

Extended Access List These use source destination IP addresses to filter the packets. This gives extended access list the ability to make much more granular decision which controlling traffic.

Names Access List these are either standard or extended but they are referred by names.

Standard Access List

Access List are differentiated using a number. 1-99 100-199 1100-1199 1300-1999 200-299 2000-2699 700-799 IP standard access list IP extended access list extended 48 bit MAC address list IP standard access list (expanded range) protocol type code access list IP extended access list (expanded list) 48 bit MAC address access

Syntax standard access list Deny specify packets to reject Permit specify packets to forward Remark access list entry comment

R1 (config)#access-list 10 deny 172.16.10.0 0.0.0.255 R1 (config) # access-list 20 permit <source> <wildcard mask>

Log into the router Switch to privilege mode Configuration mode

Router > en Router (config) # hostname r2 R2 (config) # access-list1 deny 192.168.10.10 0.0.0.255 R2 (config) # access-list1 permit 192.168.10.10 0.0.0.255 R2 (config) # interface ethernet 0/0 R2 (config-if) # ip access-group 1 R2 (config-if) # exit R2 (config) #

Syntax Access-list 1-99 permit/deny source-address wildcard

199.1.11.0 Cannot access network 199.1.12.0 but can still access by the rest of network # Config t # access-list 10 deny 199.1.11.0 0.0.0.255 # access-list 10 permit any any # Int fa0/0 # Ip access-group 10 out

# 199.1.11.12.0 but can still access by the rest of network and host # Config t # access-list 10 deny 199.1.11.2 0.0.0.0 # access-list 10 permit any any

# int fa0/0 # ip access-group 10 out

R2 # config t R2 (config) # access-list 10 permit any any R2 (config) # interface ethernet 0 R2 (config-if)# access-group 10 out

Extended ACL Syntax Access-list <100-199> permit/deny Ip_protocol source-address source-wildcard log

Router r2 R2 (config) # access-list 131 deny tcp 192.168.70.10 255.255.255.0 202.197.47.1 255.255.255.0 R2 (config) # access-list 131 deny tcp 192.168.50.10 255.255.255.0 202.197.47.1 255.255.255.0 R2 (config) # int s0/1 R2 (config) # ip access-group 131 out

Switching

Switch It is a device responsible for multiple functions such as filtering flooding and sending frames. It works using destination address of individual frames. Operates at data link layer.

Features It creates private dedicated collision domain. Provides independent bandwidth on each port.

Layer 2 switching provides 1. Hardware base bridging 2. Wire speed 3. Low latency low cost Bridging Vs switching 1. 2. 3. 4. Bridges are software based switches are hardware Switch is a multi port bridge Both forward layer 2 broadcast Both learn MAC address by examining the source address of each frame received.

Functions of switch at layer Address learning they remember the source hardware address of each frame received on interface and enter this information into MAC data called forward/filter table.

Forward/filter decision When a frame is received on interface the switch looks at the destination hardware address and finds exit interface in MAC address. The frame is only forwarded out the specified destination port.

Loop avoidance If multiple connections between switches are created for redundancy purposes, network loops can occur STP [spanning tree protocol] is used to stop network loops while still permitting redundancy.

WAN Process

WAN connection types 1. Dedicated line ISDN These are point to point dedicated connection. A leased line is a pre established WAN communication path that goes from customer premises equipment through DCE switch then over to CPE of remote site.

2. Circuit switching telephone Used with dial-up networks such as PPP and ISDN. Passes data but needs to set up the connection first.

3. Packet-switching frame relay Dividing a continuous of data into small units packets enables data from multiple devices on network to share communication channel simultaneously but also requires the use of precise routing information.

4. Cell switching ATM In ATM networking the basic unit data for switching and multiplexing. Cells have a defined of 53 bytes including a 5 byte header that defines the cells data stream and 48 bytes of payload.

ISDN Integrated service digital network It is a set of digital services that transmit voice and over existing phone line at a high speed (64 kbps). Features 1. Speed 2. Multiple device support allows multiple device on single line. 3. Inexpensive ISDN supports two type of connection

1. BRI Basic Rate Interface 2. PRI Primary Rate Interface BRI It consists of two channels and one channel. B channel 64 kbps D channel 16 kbps

PRI It consists of 23 B channel and one D channel B channel 64 kbps D channel Used in North United States 23 B channels 1 D channel Total bit rate 1.544 mbps Used in Europe and Australia 30 B channels 1 D channel Total bit rate 2.048 mbps

Frame-relay It is a protocol used connecting devices on WAN. Operate at data link layer providing a connection-oriented network. A DLCI data link connection identifier is used for finding a communication path between source and destination nodes. Frame relay is configured on serial interface. Its default speed is up to 56 kbps. Component of frame relay Data terminal equipment connects a computer to WAN with the help of DCE DTE is end user equipment such as router or computer. A device where a communication path begins or ends is called DTE. Data communication equipment (DCE) creates a physical connection between over a network. It is responsible for forwarding traffic and transferring data between computers eg. Modem Important Terms DLCI Data Link connection identifier It is a frame relay header which is used to map router. It is a 10 bit number.

CIR Committed information Rate The maximum bandwidth of data guaranteed to be delivered by an ISP to customer. Note If any organization or customer wants more bandwidth apart from default whatever conjunction remains in network he needs to pay more to ISP.

LMI Local management Interface It is clocking and switching signalling standard between services provides and customer end devices. Or It is signalling standard used between your router and the first frame relay switch its connected to. It allows for passing information about the operation and status of virtual circuit between ISP and customer device. Virtual circuit A logical circuit device to assure reliable communication between two devices in a network. These circuits are what link together the thousands of devices connected to provide cloud. Router R1 R1 (config) # int s0 R1 (config) # encapsulation frame-relay R1 (config-if) # exit R1 (config) # int s0.1 point-to-point R1 (config-subif) # ip add 192.168.1.1 255.255.255.0 R1 (config-subif) # frame-relay interface dlci 102 R1 (config-subif) # frame-relay interface dlci 104 R1 (config-subif) # exit R1 # wr

Router R2 R2 (config) # int s1 R2 (config-if) # encapsulation frame-relay

R1 (config-if) # exit R1 (config) # int s1.1 point-to-point R1 (config-subif) # ip add 192.168.1.2 255.255.255.0 R1 (config-subif) # frame-relay interface dlci 201 R1 (config-subif) # frame-relay interface dlci 204 R1 (config-subif) # exit R1 # wr

NAT Network Address Translation It is a process of converting private of IP address into public IP address. It is a standard that allows LAN to operate with a single IP Address when connected to internet. It hides the IP address of private network. Types of NAT 1. Static NAT 2. Dynamic NAT 3. NAT overload PAT Static NAT It allows one to one mapping between local and global addresses. Dynamic NAT It allows pool of public IP address to convert in many private addresses. PAT Port Address Translation This process allows a single IP address to represent multiple resources by altering the source TCP or port number. Terminology Inside Local name of inside source address before translation. Outside Local name of destination host before translation. Inside global name of inside host after translation. Outside global name of outside host after translation.

Configuration commands

Access list It defines standard IP access list for inside network. IP NAT pool It defines an IP NAT pool for inside network. IP NAT inside source list pool Maps the access list to IP NAT pool. IP NAT outside source pool It defines mapping between access list and outside local pool. IP NAT inside source static It defines the addresses when using static address translation for local addresses. IP NAT [ inside 1 outside] It enables NAT on at least one inside and one outside interface. IP NAT inside destination list pool It defines mapping between the access list and real host pool. Static NAT configuration # ip nat inside source local_ip global_ip # int e0 # ip nat inside # exit NAT_router # configure terminal NAT router (config) # ip nat inside source static 192.168.50.10 # interface serial 0/1 # ip nat inside # exit NAT_router (config) # int serial 0/0 (config-if) # ip nat outside (config-if) # exit

Nat (config) # ip nat source static 10.1.1.1 170.46.2.2 Nat (config) # int e0 Nat (config-if) # ip add 10.1.1.10 255.255.255.0 Nat (config-if) # ip nat inside Nat (config-if) # exit Nat (config) # int s0 Nat (config-if) # ip add 170.46.2.1 255.255.255.0 Nat (config-if) # ip nat outside Nat (config- if) # exit

Dynamic configuration

Syntax # ip nat pool pool_name start_ip end_ip # ip nat inside source start_ip end_ip # int e0 # ip nat inside #exit

R2 (config) # ip nat pool airtel 170.16.13.19 170.16.13.32 255.255.255.0 R2 (config) # ip nat inside source192.168.1.0 192.168.1.254 R2 (config) #int e0 R2 (config-if) #ip nat inside source list 1 R2 (config-if) #exit R2 (config)# access-list 1 permit 192.168.1.0 0.0.0.255

PAT Port Address Translation Configuration Note To configure PAT delete dynamic NAT configuration using clear command

Nat (config) # clear ip Nat translation Nat (config) # no ip nat pool globalnet 172.168.50.10 172.168.50.50 netmask 255.255.255.0 Nat (config) # ip nat pool patpool 172.168.50.100 172.168.50.100 netmask 255.255.255.0 Nat (config) # access-list 1 permit 10.0.0.0 0.0.0.255 Nat (config) # access-list 1 permit 10.1.1.0 0.0.0.255 Nat (config) # access-list 1 permit 10.1.2.0 0.0.0.255 Nat (config) # ip nat inside source list 1 pool patpool overload

VLAN Virtual Local

Area Network

It is a logical LAN. It defines a

a logical subnet is a group switch ports assigned to same VLAN regardless of their physical location in a switched network.

VLAN is a group of network devices that behave as they are connected to a single network segment. Devices in single VLAN can share resources and bandwidth. This reduces the traffic on network but every needs to have separate network number.

Features of VLAN 1. Broadcast control we can create individual networks and direct the messages or data to the host connected to the specific VLAN. 2. Security It allows you to create and regulate independent networks or broadcast group which control ports to prevent unauthorized access of network. 3. Flexibility and scalability it allows us to construct groups or networks connected to a switch or group of switches and we can modify the group by adding or deleting user. Types of VLAN End to end VLAN members can reside on different switches. They are assigned to VLAN based on functions or workgroup rather than location. Local VLAN Host are assigned to VLAN based on their location.

VLAN membership can be assigned through 1. Static 2. Dynamic Static VLAN manually configured port by port. Administrator decides which broadcast domain the host shall be connected and also to which VLAN these hosts shall belong.

Note- IP address of host should belong to network address of its respective VLAN.

Dynamic VLAN Switches are assigned to VLAN automatically. It is based on number of host connected to switch. In this administrator needs to store the devices MAC address through VMPS- VLAN management policy server that maps MAC to VLAN.

Static VLAN Switch > en Switch # config t Switch (config) # int fa0/1 Switch (config-if) # switch_port mode access Switch (config-if) # switch_port access VLAN 12

Dynamic VLAN Switch > en Switch #config t Switch (config) # int fa0/1 Switch (config-if) # switch_port mode access Switch (config-if) # switch_port access VLAN dynamic Switch (config-if) # vmps server ip address.

Trunking

Trunk links it is a link of 100 or 1000 mbps point to point link between two switches it carries the traffic of multiple VLANs.

There are two options for trunking VLAN traffic between switches 1. ISL 2. 802.1 Q ISL inter switch link

It is a way of explicitly tagging VLAN to be multiplexed over a trunk link through external encapsulation. It allows the switch to identify VLAN membership of a frame over the trunk link.

IEEE 802.1 Q (supports ethernet & token ring) It is a standard method of frame tagging. It inserts a field into the frame immediately after source MAC to identify VLAN.

VTP VLAN trunking protocol These are used to manage all configured VLANs across a switch. It allows to add delete and rename VLAN information that propagates across all switches configured in VTP domain. Features of VTP 1. 2. 3. 4. 5. Consistent VLAN configuration across all switches in network. Supports ethernet ATM or FDDI networks Accurate tracking and monitoring of VLANs Dynamic reporting of added VLAN to all switch in a VTP domain. Plug and play VLAN adding.

VTP modes Switches support one of three VTP 1. Client 2. Server 3. Transparent 1. Client Mode Switches receive information from VTP servers but they also send and receive updates. They cannot create change or delete VLAN. 2. Server Mode This is default mode for all catalyst switches. It need at least one server in VTP domain switch can create add or delete VLAN in VTP domain. 3. Transparent Switches dont participate in VTP domain or share its VLAN database but they still forward VTP advertisement s through any configured trunk links. They create modify and delete VLAN and keep their own database.

VTP pruning It ensures that there is no VLAN traffic sent across a trunk link which does not participate in VLAN network. It pressure bandwidth by configuring it to reduce the amount of broadcast, multicast and unicast packet.

VTP configuration Switch( config) # vtp mode server Switch (config) # vtp domain domain_name

Trunk link configuration Ports can become trunk through static and dynamic registration using DTP (dynamic trunking protocol)

Switch modes 1. Access The port is user a port in a single VLAN. 2. Trunk The port negotiates trunking with the port on the other end of link. 3. Non-negotiate The port is a trunk and does not do DTP negotiation with other side of link. 4. Dynamic Desirable Actively negotiates trunking with other side of the link. It becomes a trunk dynamic desirable or dynamic auto mode. 5. Dynamic Auto Passively waits to be contracted by the other switch. It becomes a trunk if other end is set to trunk or dynamic desirable mode. Configuration ISL Trunks To configure an ISL trunk Switch (config-if) # trunk on

Trunk has 5 option 1. 2. 3. 4. 5. ON OFF Auto Desirable Non-negotiates

Configuration VLAN

Switch (config) #VLAN 10 Switch (config-vlan) # name sales.

To modify name Switch (config) # vlan 10 Switch (config-vlan) # name sales_group 10

To add port Switch (config-if) # switch_port access vlan 10

Verification commands

Show vtp status to verify vtp configuration Show interface gigabit ethernet 0/2 switch verify trunks Show vlan verify vlan Show spanning- tree vlan 10 verify stp configuration

THE INTERFAZE
= = EXCELLENCE IN IT/CISCO TECHNOLOGY = = www.howtonetwork.net -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------Name ___________________________________________________________ Mob. No._____________________________________ E-Mail ID_________________________________________________________Contact No.___________________________________ Academic Credential (with Stream) BE(IT) / BE(CS)/ BE(EC)/ BE(E & Ex) BCA/ MCA/ BSc(IT)/ MSc(IT) --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------1. Do you have any knowledge of Internetworking Technologies such as CISCO, Juniper, AVAYA, NORTEL, Check Points? If yes, Please specify. ________________________________________________________________________________________________________________ 2. Do you know the degree of importance if you have these vendor specific International Certifications additional to college degree? ________________________________________________________________________________________________________________ 3. Please mark under mention Vendor Specific Certification, if knows about that: apologies Professional Level (a) CCNP (Routing & Switching) (c) CCNP (Voice)/CCVP (b) CCNP(Security)/ CCSP (d) CCNP (Service Provider)/ CCIP Year/Semester

(e) Check Point Engineer/ Professional Expert Level (a) CCIE (Cisco Certified Internet Expert) Routing & Switching (b) CCIE (Cisco Certified Internet Expert) Security (c) CCIE (Cisco Certified Internet Expert) Voice over Internet Protocol (d) CCIE (Cisco Certified Internet Expert) Internet Service Provider

(e) CCIE (Cisco Certified Internet Expert) Wireless (f) CCIE (Cisco Certified Internet Expert) Storage Area Network

Specialization (a) Firewall Specialist (PIX/ASA/Juniper Netscreen/ Fortigate) (b) Identity Management Specialist (AAA) (c) Virtual Private Network (IP Sec, GRE/GRE over IP Sec, GET, DM VPN, Remote VPN, SSL (d) Advanced BGP & MPLS (e) VMware (f) Sunsolaries & Veritas

(g) Ethical Hacking (h) IPS/IDS

Few basic term which IT/CS/EC Students must know. Please try to recall your memory and try following questions : 4. You know the concept of TCP/UDP and all protocols comes under Internet Protocol Stack. Which is the fast protocol, TCP or UDP and why? ____________________________________________________________________________________________________________________ 5. IP Address may be defined as unique identity of the host. Now 224.0.0.10 is also IP Address. Can it be a unique identity of the host? Specify the class of IP Address mentioned in this question. ___________________________________________________________________________________________________________________ 6. (a) (c) (f) (i) (k) 6. (a) (d) (f) Expend the following : OSI , ISO, IOS CSMA CD/ CA IANA GRE FORTRAN/ REGEX (b) (e) (g) (j) (l) ICMP/IGMP VLSM/CIDR Internet DNS BGP/MPLS

Write the port number of following protocols and specify that they comes under TCP or UDP:FTP DNS Telnet (b) HTTP (e) RADIUS (g) SSL(e) RIP (h) HTTPS(c) NTP

(i) BGP

7.

Write down OSI Layers and arrange under mention protocol/ Devices in order of OSI Layer. Router, Hub, HTTP, TCP, UTP Cat6 Cable, IP, Switch, L3 Switch, Spanning Tree Protocol, UDP, Power Point,

8.

Fill in the balnks :

a) Protocol used to access web page from Web server with encryption _____________________ b) Protocol used to down load/upload files from server_________________________________ c) C language does not have its own commands to write program. It has to depend on ______________ d) Basic difference between symmetric and asymmetric encryption is -______________________________ e) One computing device with limited memory and Storage Capacity runs multiple task of different nature and multiple policies may be define for each context. The concept is called_____________________________ Its very cost effective. f) Operating System used to manage LAN and WAN are called __________________ & _______________ respectively. 9. Select the Routing Protocol : IPX, OSPF, Appletalks, BGP, SPX, EIGRP 10. We use Regular Expressions in computer program to obtain desired output. Interpret following Regular Expression :(a) 11. \\ (b) * (c) *.ppt

Who is Governor of Madhyapradesh ?

12.

Who won Vimbledon championship in Female ?

13.

What are the top News stories today ?

14.

List WAN Technologies which you knows ?

15.

What is MAC Address ? MAC Address function on which layer of OSI ?

16.

What is IP Address ? IP Address function on which layer of OSI ?

17.

What is the difference between Astronauts and Cosmonauts?

18.

Explain the function of RADAR? What is MTI and Doppler Effect?

19.

Why you can see the sparkles of firecracker much before its sound ?

20.

What is the deference between Virus and Worms?

Static and Dynamic NAT


Both static and dynamic NAT require that enough public addresses are available to satisfy the total number of simultaneous user sessions.

Static NAT
Static NAT also called inbound mapping, is the process of mapping an unregistered IP address to a registered IP address on a one-to-one basis. The unregistered or mapped IP address is assigned with the same registered IP address each time the request comes through. This process is particularly useful for web servers or hosts that must have a consistent address that is accessible from the Internet. Simply, Static NAT enables a PC on a stub domain to maintain an assigned IP address when communicating with other devices outside its network or the Internet. Static NAT configuration commands example:
R1#config t R1(config)#ip nat inside source static 10.10.10.2 212.165.200.123 R1(config)#interface fa0/0 10.10.10.1 255.255.255.0 R1(config)#ip nat inside R1(config)#interface se0/0 192.168.1.1 255.255.255.0 R1(config)#ip nat outside

The above configuration creates a permanent entry in the NAT table as long as the configuration is present and enables both inside and outside hosts to initiate a connection. All you need to do in static NAT configuration is to define the addresses to translate and then configure NAT on the right interfaces. Packets arriving on an inside interface from the identified IP addresses are

subject to translation. Packets arriving on an outside interface addressed to the identified IP address are subject to translation.

Dynamic NAT
Unlike static NAT that provides a permanent mapping between an internal address and a specific public address, dynamic NAT maps private IP addresses to public addresses. Dynamic NAT uses a pool of public addresses and assigns them on a first-come, first-served basis. When a host with a private IP address requests access to the Internet, dynamic NAT chooses an IP address from the pool that is not already in use by another host. Dynamic NAT is useful when fewer addresses are available than the actual number of hosts to be translated.

Dynamic NAT configuration commands example:


R1#config t R1(config)#ip nat-pool 179.9.8.80 179.9.8.95 netmask 255.255.255.0 R1 (config #ip nat inside source list 1 pool nat-pool1 R1 (config)#interface fa0/0 10.10.10.1 255.255.255.0 R1(config)#ip nat inside R1(config)#interface se0/0 R1(config)#ip address 192.168.1.1 255.255.255.0 R1(config)#ip nat outside R1(config)#access-list 1 permit 10.10.10.0 0.0.0.255

While static NAT provides a permanent mapping between an internal address and a specific public address, dynamic NAT maps private IP addresses to public addresses. These public IP addresses come from a NAT pool. Note: When configuring dynamic NAT, you need an ACL to permit only those addresses that are to be translated. Remember, you have to add an implicit "deny all" at the end of each ACL.

NAT Overload or PAT


NAT overload sometimes called PAT (Port Address Translation) maps multiple unregistered or private IP addresses to a single registered or public IP address by using different ports. This is what most home broadband routers do. Your ISP assigns an IP address to your router, but you find out that all the computers in the house could connect to the Internet at the same time. PAT uses unique source port numbers on the inside global IP address to distinguish between translations When a client logs on the Internet, the NAT router assigns a port number to its source address. NAT overload or PAT ensures that clients use a different TCP port number for each client session with a server on the Internet. When the server response, the client router routes the packet based on the source port number, which had become the destination port number. This process also validates that the incoming packets were requested, thus adding a degree of security to the session

NAT Overload Table


Inside Local IP Address 10.10.10.2:1555 10.10.10.3:2333 Inside Global IP Address 209.165.200.226:1555 209.165.200.226:2333 Outside Global IP Address 209.165.201.1:80 209.165.202.129:80 Outside Local IP Address 209.165.201.1:80 209.165.202.129:80

Looking at the figure above, NAT overload or PAT used unique source port numbers on the inside global IP address to distinguish between translations. As NAT processes each packet, it uses a port number to identify the packet source - 2333 and 1555 in the above figure -. * The source address (SA) is the inside local IP address with the assigned port number attached. * The destination address (DA) is the outside local IP address with the service port number attached, in this case port 80: HTTP (Internet).

At the border gateway router (R1), NAT overload changes the SA to the inside global IP address of the client, again with the port number attached. The DA is the same address, but is now referred to as the outside global IP address. When the web server replies, the same path is followed but in reverse.

You might also like