3. 3
Data Networks
Sharing data through the use of floppy disks is not an
efficient or cost-effective manner in which to operate
businesses.
Businesses needed a solution that would successfully
address the following three problems:
• How to avoid duplication of equipment and
resources
• How to communicate efficiently
• How to set up and manage a network
Businesses realized that networking technology could
increase productivity while saving money.
4. 4
Networking Devices
Equipment that connects directly to a network segment
is referred to as a device.
These devices are broken up into two classifications.
• end-user devices
• network devices
End-user devices include computers, printers, scanners,
and other devices that provide services directly to the
user.
Network devices include all the devices that connect
the end-user devices together to allow them to
communicate.
5. 5
Network Interface Card
A network interface card (NIC) is a printed circuit
board that provides network communication
capabilities to and from a personal computer. Also
called a LAN adapter.
7. 7
Repeater
A repeater is a network device used to regenerate a
signal.
Repeaters regenerate analog or digital signals distorted
by transmission loss due to attenuation. A repeater does
not perform intelligent routing.
8. 8
Hub
Hubs concentrate
connections. In other words,
they take a group of hosts
and allow the network to see
them as a single unit.
This is done passively, without
any other effect on the data
transmission.
Active hubs not only
concentrate hosts, but they
also regenerate signals.
9. 9
Bridge
Bridges convert network transmission data formats as
well as perform basic data transmission management.
Bridges, as the name implies, provide connections
between LANs. Not only do bridges connect LANs, but
they also perform a check on the data to determine
whether it should cross the bridge or not. This makes
each part of the network more efficient.
10. 10
Workgroup Switch
Workgroup switches add
more intelligence to data
transfer management.
Switches can determine
whether data should
remain on a LAN or not,
and they can transfer the
data to the connection
that needs that data.
11. 11
Router
Routers have all capabilities of the previous devices.
Routers can regenerate signals, concentrate multiple
connections, convert data transmission formats, and
manage data transfers.They can also connect to a
WAN, which allows them to connect LANs that are
separated by great distances.
12. 12
“The Cloud”
The cloud is used in diagrams to represent where the
connection to the internet is.
It also represents all of the devices on the internet.
13. 13
Network Topologies
Network topology defines the structure of the network.
One part of the topology definition is the physical
topology, which is the actual layout of the wire or media.
The other part is the logical topology,which defines how
the media is accessed by the hosts for sending data.
18. 18
Extended Star Topology
An extended star topology links individual stars together
by connecting the hubs and/or switches.This topology
can extend the scope and coverage of the network.
20. 20
Mesh Topology
A mesh topology is implemented to provide as
much protection as possible from interruption of
service.
Each host has its own connections to all other hosts.
Although the Internet has multiple paths to any one
location, it does not adopt the full mesh topology.
21. 21
LANs, MANs, & WANs
One early solution was the creation of local-area
network (LAN) standards which provided an open set of
guidelines for creating network hardware and software,
making equipment from different companies
compatible.
What was needed was a way for information to move
efficiently and quickly, not only within a company, but
also from one business to another.
The solution was the creation of metropolitan-area
networks (MANs) and wide-area networks (WANs).
24. 24
Wireless LAN Organizations
and Standards
In cabled networks, IEEE is the prime issuer of standards for
wireless networks. The standards have been created within
the framework of the regulations created by the Federal
Communications Commission (FCC).
A key technology contained within the 802.11 standard is
Direct Sequence Spread Spectrum (DSSS).
27. 27
SANs
A SAN is a dedicated,
high-performance network
used to move data
between servers and
storage resources.
Because it is a separate,
dedicated network, it
avoids any traffic conflict
between clients and
servers.
28. 28
Virtual Private Network
A VPN is a private network that is constructed within a public network
infrastructure such as the global Internet. Using VPN, a telecommuter
can access the network of the company headquarters through the
Internet by building a secure tunnel between the telecommuter’s PC
and a VPN router in the headquarters.
32. 32
Why do we need the OSI Model?
To address the problem of networks increasing in
size and in number, the International Organization
for Standardization (ISO) researched many
network schemes and recognized that there was
a need to create a network model that would
help network builders implement networks that
could communicate and work together and
therefore, released the OSI reference model in
1984.
33. 33
Don’t Get Confused.
ISO - International Organization for
Standardization
OSI - Open System Interconnection
IOS - Internetwork Operating System
The ISO created the OSI to make the IOS more
efficient. The “ISO” acronym is correct as shown.
To avoid confusion, some people say
“International Standard Organization.”
34. 34
The OSI Reference Model
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
The OSI Model will be
used throughout your
entire networking
career!
Memorize it!
35. 35
Layer 7 - The Application Layer
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
This layer deal with
networking applications.
Examples:
• Email
• Web browsers
PDU - User Data
36. 36
Layer 6 - The Presentation Layer
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
This layer is responsible
for presenting the data in
the required format which
may include:
• Encryption
• Compression
PDU - Formatted Data
37. 37
Layer 5 - The Session Layer
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
This layer establishes,
manages, and terminates
sessions between two
communicating hosts.
Example:
• Client Software
( Used for logging in)
PDU - Formatted Data
38. 38
Layer 4 - The Transport Layer
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
This layer breaks up the
data from the sending host
and then reassembles it in
the receiver.
It also is used to insure
reliable data transport
across the network.
PDU - Segments
39. 39
Layer 3 - The Network Layer
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
Sometimes referred to as the
“Cisco Layer”.
Makes “Best Path
Determination” decisions
based on logical addresses
(usually IP addresses).
PDU - Packets
40. 40
Layer 2 - The Data Link Layer
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
This layer provides reliable
transit of data across a
physical link.
Makes decisions based on
physical addresses (usually
MAC addresses).
PDU - Frames
41. 41
Layer 1 - The Physical Layer
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
This is the physical media
through which the data,
represented as electronic
signals, is sent from the
source host to the
destination host.
Examples:
• CAT5 (what we have)
• Coaxial (like cable TV)
• Fiber optic
PDU - Bits
42. 42
OSI Model Analogy
Application Layer - Source Host
After riding your new bicycle a few times in
NewYork, you decide that you want to give it to
a friend who lives in Munich,Germany.
43. 43
OSI Model Analogy
Presentation Layer - Source Host
Make sure you have the proper directions to
disassemble and reassemble the bicycle.
45. 45
OSI Model Analogy
Transport Layer - Source Host
Disassemble the bicycle and put different pieces
in different boxes. The boxes are labeled
“1 of 3”, “2 of 3”, and “3 of 3”.
46. 46
OSI Model Analogy
Network Layer - Source Host
Put your friend's complete mailing address (and
yours) on each box.Since the packages are too
big for your mailbox (and since you don’t have
enough stamps) you determine that you need to
go to the post office.
47. 47
OSI Model Analogy
Data Link Layer – Source Host
Jamshedpur post office takes possession of the
boxes.
50. 50
OSI Model Analogy
Network Layer - Destination
Upon examining the destination address,
New York post office determines that your
boxes should be delivered to your written
home address.
51. 51
OSI Model Analogy
Transport Layer - Destination
Your friend calls you and tells you he got all 3
boxes and he is having another friend named
BOB reassemble the bicycle.
53. 53
OSI Model Analogy
Presentation Layer - Destination
BOB is finished and “presents” the bicycle to
your friend. Another way to say it is that your
friend is finally getting him “present”.
55. 55
Host Layers
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
These layers
only exist in the
source and
destination host
computers.
56. 56
Media Layers
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
These layers manage
the information out in
the LAN or WAN
between the source
and destination hosts.
61. 61
LAN Physical Layer
Various symbols are used to represent media types.
The function of media is to carry a flow of information
through a LAN.Networking media are considered Layer
1, or physical layer, components of LANs.
Each media has advantages and disadvantages.
Some of the advantage or disadvantage comparisons
concern:
• Cable length
• Cost
• Ease of installation
• Susceptibility to interference
Coaxial cable, optical fiber, and even free space can
carry network signals. However, the principal medium
that will be studied is Category 5 unshielded twisted-pair
cable (Cat 5 UTP)
63. 63
UTP Implementation
EIA/TIA specifies an RJ-45 connector for UTP cable.
The RJ-45 transparent end connector shows eight colored wires.
Four of the wires carry the voltage and are considered “tip” (T1
through T4).
The other four wires are grounded and are called “ring” (R1 through
R4).
The wires in the first pair in a cable or a connector are designated as T1
& R1
64. 64
Connection Media
The registered jack (RJ-45) connector and jack are the
most common.
In some cases the type of connector on a network
interface card (NIC) does not match the media that it
needs to connect to.
The attachment unit interface (AUI) connector allows
different media to connect when used with the
appropriate transceiver.
A transceiver is an adapter that converts one type of
connection to another.
65. 65
Ethernet Standards
The Ethernet standard specifies that each of the pins on
an RJ-45 connector have a particular purpose. A NIC
transmits signals on pins 1 & 2, and it receives signals on
pins 3 & 6.
66. 66
Remember…
A straight-thru cable has T568B on both ends. A crossover (or
cross-connect) cable has T568B on one end and T568A on
the other. A console cable had T568B on one end and
reverse T568B on the other, which is why it is also called a
rollover cable.
67. 67
Straight-Thru or Crossover
Use straight-through cables for the following
cabling:
• Switch to router
• Switch to PC or server
• Hub to PC or server
Use crossover cables for the following cabling:
• Switch to switch
• Switch to hub
• Hub to hub
• Router to router
• PC to PC
• Router to PC
68. 68
Sources of Noise on Copper Media
Noise is any electrical energy on the
transmission cable that makes it difficult for
a receiver to interpret the data sent from
the transmitter. TIA/EIA-568-B certification of
a cable now requires testing for a variety of
types of noise.Twisted-pair cable is designed
to take advantage of the effects of crosstalk
in order to minimize noise. In twisted-pair
cable, a pair of wires is used to transmit one
signal.The wire pair is twisted so that each
wire experiences similar crosstalk. Because a
noise signal on one wire will appear
identically on the other wire, this noise be
easily detected and filtered at
receiver.Twisting one pair of wires in a cable
also helps to reduce crosstalk of data or
noise signals from adjacent wires.
72. 72
Fiber Optic Connectors
Connectors are attached to the fiber ends so that the fibers can be
connected to the ports on the transmitter and receiver.
The type of connector most commonly used with multimode fiber is
the Subscriber Connector (SC connector).On single-mode fiber, the
Straight Tip (ST) connector is frequently used
73. 73
Fiber Optic Patch Panels
Fiber patch panels similar to the patch panels used with
copper cable.
74. 74
Cable Specifications
10BASE-T
The T stands for twisted pair.
10BASE5
The 5 represents the fact that a signal can travel for
approximately 500 meters 10BASE5 is often referred to as
Thicknet.
10BASE2
The 2 represents the fact that a signal can travel for
approximately 200 meters 10BASE2 is often referred to as
Thinnet.
All 3 of these specifications refer to the speed of transmission at
10 Mbps and a type of transmission that is baseband, or digitally
interpreted. Thinnet and Thicknet are actually a type of
networks, while 10BASE2 & 10BASE5 are the types of cabling
80. 80
Serial Implementation of DTE & DCE
When connecting directly to a service provider, or to a
device such as a CSU/DSU that will perform signal
clocking, the router is a DTE and needs a DTE serial
cable.
This is typically the case for routers.
81. 81
Back-to-Back Serial Connection
When performing
a back-to-back
router scenario in
a test
environment, one
of the routers will
be a DTE and the
other will be a
DCE.
82. 82
Repeater
A repeater is a network device used to regenerate a signal.
Repeaters regenerate analog or digital signals distorted by
transmission loss due to attenuation.Repeater is a Physical Layer
device
83. 83
The 4 Repeater Rule
The Four Repeater Rule for 10-Mbps Ethernet should be
used as a standard when extending LAN segments.
This rule states that no more than four repeaters
can be used between hosts on a LAN.
This rule is used to limit latency added to frame travel by
each repeater.
85. 85
Network Interface Card
The function of a NIC is to connect a host device to the network medium.
A NIC is a printed circuit board that fits into the expansion slot on the motherboard or
peripheral device of a computer. The NIC is also referred to as a network adapter.
NICs are considered Data Link Layer devices because each NIC carries a unique code
called a MAC address.
86. 86
MAC Address
MAC address is 48 bits in length and expressed as twelve
hexadecimal digits.MAC addresses are sometimes referred to as
burned-in addresses (BIA) because they are burned into read-only
memory (ROM) and are copied into random-access memory
(RAM) when the NIC initializes.
87. 87
Bridge
Bridges are Data Link layer devices.Connected host
addresses are learned and stored on a MAC address
table.Each bridge port has a unique MAC address
90. 90
Switch
Switches are Data Link
layer devices.
Each Switch port has a
unique MAC address.
Connected host MAC
addresses are learned
and stored on a MAC
address table.
91. 91
Switching Modes
cut-through
A switch starts to transfer the frame as soon as the destination MAC
address is received. No error checking is available.
Must use synchronous switching.
store-and-forward
At the other extreme, the switch can receive the entire frame before
sending it out the destination port. This gives the switch software an
opportunity to verify the Frame Check Sum (FCS) to ensure that the frame
was reliably received before sending it to the destination.
Must be used with asynchronous switching.
fragment-free
A compromise between the cut-through and store-and-forward modes.
Fragment-free reads the first 64 bytes, which includes the frame header,
and switching begins before the entire data field and checksum are read.
92. 92
Full Duplex
Another capability emerges when only two nodes are connected. In a network that
uses twisted-pair cabling, one pair is used to carry the transmitted signal from one node
to the other node. A separate pair is used for the return or received signal. It is possible
for signals to pass through both pairs simultaneously. The capability of communication in
both directions at once is known as full duplex.
95. 95
Microsegmentation
A switch is simply a bridge with many ports. When only one node is
connected to a switch port, the collision domain on the shared media
contains only two nodes. The two nodes in this small segment, or collision
domain, consist of the switch port and the host connected to it. These small
physical segments are called micro segments.
96. 96
Peer-to-Peer Network
In a peer-to-peer network, networked computers act as equal partners, or
peers.
As peers, each computer can take on the client function or the server
function.
At one time, computer A may make a request for a file from computer B,
which responds by serving the file to computer A. Computer A functions as
client, while B functions as the server. At a later time, computers A and B
can reverse roles.
In a peer-to-peer network, individual users control their own resources.
Peer-to-peer networks are relatively easy to install and operate. As networks
grow, peer-to-peer relationships become increasingly difficult to
coordinate.
97. 97
Client/Server Network
In a client/server arrangement, network services are located on a
dedicated computer called a server.
The server responds to the requests of clients.
The server is a central computer that is continuously available to respond to
requests from clients for file, print, application, and other services.
Most network operating systems adopt the form of a client/server
relationship.
99. 99
Why Another Model?
Although the OSI reference model is universally
recognized, the historical and technical open standard of
the Internet is Transmission Control Protocol / Internet
Protocol (TCP/IP).
The TCP/IP reference model and the TCP/IP protocol stack
make data communication possible between any two
computers, anywhere in the world, at nearly the speed of
light.
The U.S. Department of Defense (DoD) created the TCP/IP
reference model because it wanted a network that could
survive any conditions, even a nuclear war.
100. 100
Don’t Confuse the Models
Application
Transport
Internet
Network
Access
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
102. 102
The Application Layer
The application
layer of the
TCP/IP model
handles high-
level protocols,
issues of
representation,
encoding, and
dialog control.
103. 103
The transport layer provides transport services
from the source host to the destination host. It
constitutes a logical connection between these
endpoints of the network. Transport protocols
segment and reassemble upper-layer
applications into the same data stream
between endpoints.
The transport layer data stream provides end-
to-end transport services.
The Transport Layer
104. 104
The Internet Layer
The purpose of the Internet layer is to select the
best path through the network for packets to
travel. The main protocol that functions at this
layer is the Internet Protocol (IP). Best path
determination and packet switching occur at
this layer.
105. 105
The Network Access Layer
The network access layer is also called the host-to-network
layer. It the layer that is concerned with all of the issues
that an IP packet requires to actually make a physical link
to the network media. It includes LAN and WAN details, and
all the details contained in the OSI physical and data-link
layers. NOTE: ARP & RARP work at both the Internet and
Network Access Layers.
106. 106
Comparing TCP/IP & OSI Models
NOTE: TCP/IP transport layer using UDP does not always guarantee reliable
delivery of packets as the transport layer in the OSI model does.
107. 107
Introduction to the Transport Layer
The primary duties of the transport layer, Layer 4 of the OSI model, are
to transport and regulate the flow of information from the source to
the destination, reliably and accurately.
End-to-end control and reliability are provided by sliding windows,
sequencing numbers, and acknowledgments.
108. 108
More on The Transport Layer
The transport layer provides transport services from the source host
to the destination host.
It establishes a logical connection between the endpoints of the
network.
• Transport services include the following basic services:
• Segmentation of upper-layer application data
• Establishment of end-to-end operations
• Transport of segments from one end host to another
end host
• Flow control provided by sliding windows
• Reliability provided by sequence numbers and
acknowledgments
109. 109
Flow Control
As the transport layer sends data segments, it tries to ensure that data is not lost.
A receiving host that is unable to process data as quickly as it arrives could be a
cause of data loss.
Flow control avoids the problem of a transmitting host overflowing the buffers in the
receiving host.
110. 110
3-Way Handshake
TCP requires connection establishment before data transfer begins.
For a connection to be established or initialized, the two hosts must
synchronize their Initial Sequence Numbers (ISNs).
111. 111
Basic Windowing
Data packets must be
delivered to the
recipient in the same
order in which they
were transmitted to
have a reliable,
connection-oriented
data transfer.
The protocol fails if any
data packets are lost,
damaged, duplicated,
or received in a
different order.
An easy solution is to
have a recipient
acknowledge the
receipt of each packet
before the next packet
is sent.
115. 115
TCP
Transmission Control Protocol (TCP) is a connection-oriented Layer
4 protocol that provides reliable full-duplex data transmission.
TCP is part of the TCP/IP protocol stack. In a connection-oriented
environment, a connection is established between both ends
before the transfer of information can begin.
TCP is responsible for breaking messages into segments,
reassembling them at the destination station, resending anything
that is not received, and reassembling messages from the
segments.TCP supplies a virtual circuit between end-user
applications.
The protocols that use TCP include:
• FTP (File Transfer Protocol)
• HTTP (Hypertext Transfer Protocol)
• SMTP (Simple Mail Transfer Protocol)
• Telnet
117. 117
UDP
User Datagram Protocol (UDP) is the connectionless transport protocol in
the TCP/IP protocol stack.
UDP is a simple protocol that exchanges datagrams, without
acknowledgments or guaranteed delivery. Error processing and
retransmission must be handled by higher layer protocols.
UDP uses no windowing or acknowledgments so reliability, if needed, is
provided by application layer protocols. UDP is designed for applications
that do not need to put sequences of segments together.
The protocols that use UDP include:
• TFTP (Trivial File Transfer Protocol)
• SNMP (Simple Network Management Protocol)
• DHCP (Dynamic Host Control Protocol)
• DNS (Domain Name System)
119. 119
Well Known Port Numbers
The following port numbers should be memorized:
NOTE:
The curriculum forgot to mention one of the most important port numbers.
Port 80 is used for HTTP or WWW protocols. (Essentially access to the internet.)
126. 126
Network and Host Addressing
Using the IP address of the
destination network, a router
can deliver a packet to the
correct network.
When the packet arrives at a
router connected to the
destination network, the router
uses the IP address to locate
the particular computer
connected to that network.
Accordingly, every IP address
has two parts.
127. 127
Network Layer Communication Path
A router forwards packets from the originating network to the
destination network using the IP protocol. The packets must
include an identifier for both the source and destination networks.
128. 128
Internet Addresses
IP Addressing is a hierarchical structure.An IP address combines two
identifiers into one number. This number must be a unique number,
because duplicate addresses would make routing impossible.The first
part identifies the system's network address.The second part, called
the host part, identifies which particular machine it is on the network.
129. 129
IP Address Classes
IP addresses are divided into classes to define the large, medium,
and small networks.
Class A addresses are assigned to larger networks.
Class B addresses are used for medium-sized networks, &
Class C for small networks.
131. 131
Address Class Prefixes
To accommodate different size networks and aid in classifying these
networks, IP addresses are divided into groups called classes.This is classful
addressing.
132. 132
Network and Host Division
Each complete 32-bit IP address is broken down into a network part
and a host part. A bit or bit sequence at the start of each address
determines the class of the address. There are 5 IP address classes.
133. 133
Class A Addresses
The Class A address was designed to support extremely
large networks, with more than 16 million host addresses
available. Class A IP addresses use only the first octet to
indicate the network address. The remaining three octets
provide for host addresses.
134. 134
Class B Addresses
The Class B address was designed to support the needs of moderate
to large-sized networks.A Class B IP address uses the first two of the
four octets to indicate the network address. The other two octets
specify host addresses.
135. 135
Class C Addresses
The Class C address space is the most commonly used of the original
address classes.This address space was intended to support small
networks with a maximum of 254 hosts.
136. 136
Class D Addresses
The Class D address class was created to enable multicasting in an IP
address. A multicast address is a unique network address that directs
packets with that destination address to predefined groups of IP
addresses. Therefore, a single station can simultaneously transmit a
single stream of data to multiple recipients.
137. 137
Class E Addresses
A Class E address has been defined. However, the Internet
Engineering Task Force (IETF) reserves these addresses for its own
research. Therefore, no Class E addresses have been released for use
in the Internet.
138. 138
IP Address Ranges
The graphic below shows the IP address range of the first octet
both in decimal and binary for each IP address class.
139. 139
IPv4
As early as 1992, the Internet Engineering
Task Force (IETF) identified two specific
concerns: Exhaustion of the remaining,
unassigned IPv4 network addresses and
the increase in the size of Internet routing
tables.
Over the past two decades, numerous
extensions to IPv4 have been developed.
Two of the more important of these are
subnet masks and classless interdomain
routing (CIDR).
140. 140
Finding the Network Address with ANDing
By ANDing the Host address of 192.168.10.2 with 255.255.255.0
(its network mask) we obtain the network address of 192.168.10.0
143. 143
Network/Broadcast Addresses
at the Binary Level
An IP address that has binary 0s in all host bit positions is
reserved for the network address, which identifies the network.
An IP address that has binary 1s in all host bit positions is
reserved for the broadcast address, which is used to send data
to all hosts on the network. Here are some examples:
Class Network Address Broadcast Address
A 100.0.0.0 100.255.255.255
B 150.75.0.0 150.75.255.255
C 200.100.50.0 200.100.50.255
144. 144
Public IP Addresses
Unique addresses are required for each device on a network.
Originally, an organization known as the Internet Network
Information Center (InterNIC) handled this procedure.
InterNIC no longer exists and has been succeeded by the Internet
Assigned Numbers Authority (IANA).
No two machines that connect to a public network can have the
same IP address because public IP addresses are global and
standardized.
All machines connected to the Internet agree to conform to the
system.
Public IP addresses must be obtained from an Internet service
provider (ISP) or a registry at some expense.
145. 145
Private IP Addresses
Private IP addresses are another solution to the problem of the
impending exhaustion of public IP addresses.As mentioned,
public networks require hosts to have unique IP addresses.
However, private networks that are not connected to the
Internet may use any host addresses, as long as each host
within the private network is unique.
146. 146
Mixing Public and
Private IP Addresses
Private IP addresses can be intermixed, as shown in the graphic,
with public IP addresses.This will conserve the number of addresses
used for internal connections. Connecting a network using private
addresses to the Internet requires translation of the private
addresses to public addresses. This translation process is referred
to as Network Address Translation (NAT).
147. 147
Introduction to Subnetting
Subnetting a network means to use the subnet mask to divide
the network and break a large network up into smaller, more
efficient and manageable segments, or subnets.
With subnetting, the network is not limited to the default Class A,
B, or C network masks and there is more flexibility in the network
design.
Subnet addresses include the network portion, plus a subnet field
and a host field. The ability to decide how to divide the original
host portion into the new subnet and host fields provides
addressing flexibility for the network administrator.
152. 152
Static Assignment of an IP Address
Static assignment works
best on small networks.
The administrator
manually assigns and
tracks IP addresses for
each computer, printer,
or server on the intranet.
Network printers,
application servers, and
routers should be
assigned static IP
addresses.
153. 153
SIEMENS
NI XDORF
SIEMENS
NIXDORF
Host A
Host B
IP Address: 128.0.10.4
HW Address: 080020021545
ARP Reply
ARP Request - Broadcast to all hosts
„What is the hardware address for IP address 128.0.10.4?“
SI EMENS
NI XDORF
Fig. 32 How does ARP work? (TI1332EU02TI_0004 The Network Layer, 47)
ARP
(Address Resolution Protocol)
154. 154
Fig. 33 The ARP command (TI1332EU02TI_0004 The Network Layer, 47)
155. 155
B
1 Network = 1 Broadcast Domain
Broadcast: ARP requestBroadcast: ARP request
A
B
2 Networks = 2 Broadcast Domains
Broadcast: ARP requestBroadcast: ARP request
A
Router
host B would reply
no one would reply
Fig. 34 Proxy-ARP concept (TI1332EU02TI_0004 The Network Layer, 49)
156. 156
A
Router R
Broadcast Message to all:
If your IP address matches “B”
then please tell me your
Ethernet address
B
A
B
Yes, I know the destination
network, let me give you my
Ethernet address
I take care, to forward
IP packets to B
157. 157
RARP
Reverse Address Resolution Protocol (RARP) associates a known MAC addresses
with an IP addresses.
A network device, such as a diskless workstation, might know its MAC address
but not its IP address. RARP allows the device to make a request to learn its IP
address.
Devices using RARP require that a RARP server be present on the network to
answer RARP requests.
158. 158
BootP
The bootstrap protocol (BOOTP) operates in a client-server environment and
only requires a single packet exchange to obtain IP information.
However, unlike RARP, BOOTP packets can include the IP address, as well as
the address of a router, the address of a server, and vendor-specific
information.
One problem with BOOTP, however, is that it was not designed to provide
dynamic address assignment. With BOOTP, a network administrator creates a
configuration file that specifies the parameters for each device.The
administrator must add hosts and maintain the BOOTP database.
Even though the addresses are dynamically assigned, there is still a one to one
relationship between the number of IP addresses and the number of hosts.
This means that for every host on the network there must be a BOOTP profile
with an IP address assignment in it. No two profiles can have the same IP
address.
159. 159
DHCP
Dynamic host configuration protocol (DHCP) is the successor to BOOTP.
Unlike BOOTP, DHCP allows a host to obtain an IP address dynamically without the
network administrator having to set up an individual profile for each device.
All that is required when using DHCP is a defined range of IP addresses on a DHCP
server.As hosts come online, they contact the DHCP server and request an address.
The DHCP server chooses an address and leases it to that host.
With DHCP, the entire network configuration of a computer can be obtained in one
message.
This includes all of the data supplied by the BOOTP message, plus a leased IP
address and a subnet mask.
The major advantage that DHCP has over BOOTP is that it allows users to be mobile.
161. 161
Introduction to Routers
A router is a special type of computer. It has the same basic components as a
standard desktop PC. However, routers are designed to perform some very
specific functions. Just as computers need operating systems to run software
applications, routers need the Internetwork Operating System software (IOS) to
run configuration files. These configuration files contain the instructions and
parameters that control the flow of traffic in and out of the routers. The many
parts of a router are shown below:
162. 162
RAM
Random Access Memory, also called dynamic RAM (DRAM)
RAM has the following characteristics and functions:
• Stores routing tables
• Holds ARP cache
• Holds fast-switching cache
• Performs packet buffering (shared RAM)
• Maintains packet-hold queues
• Provides temporary memory for the configuration file of the
router while the router is powered on
• Loses content when router is powered down or restarted
163. 163
NVRAM
Non-Volatile RAM
NVRAM has the following characteristics and functions:
• Provides storage for the startup configuration file
• Retains content when router is powered down or
restarted
164. 164
Flash
Flash memory has the following characteristics and
functions:
• Holds the operating system image (IOS)
• Allows software to be updated without
removing and replacing chips on the processor
• Retains content when router is powered down
or restarted
• Can store multiple versions of IOS software
Is a type of electronically erasable, programmable ROM
(EEPROM)
165. 165
ROM
Read-Only Memory
ROM has the following characteristics and functions:
• Maintains instructions for power-on self test (POST)
diagnostics
• Stores bootstrap program and basic operating
system software
• Requires replacing pluggable chips on the
motherboard for software upgrades
166. 166
Interfaces
Interfaces have the following characteristics and functions:
• Connect router to network for frame entry and exit
• Can be on the motherboard or on a separate module
Types of interfaces:
• Ethernet
• Fast Ethernet
• Serial
• Token ring
• ISDN BRI
• Loopback
• Console
• Aux
170. 170
Fixed Interfaces
When cabling routers for serial connectivity, the routers will either have
fixed or modular ports. The type of port being used will affect the syntax
used later to configure each interface. Interfaces on routers with fixed
serial ports are labeled for port type and port number.
171. 171
Modular Serial Port Interfaces
Interfaces on routers with modular serial ports are labeled for port type, slot, and port
number.The slot is the location of the module.To configure a port on a modular card, it is
necessary to specify the interface using the syntax “port type slot number/port number.” Use the
label “serial 0/1,” when the interface is serial, the slot number where the module is installed is slot
0, and the port that is being referenced is port 1.
172. 172
Routers & DSL Connections
The Cisco 827 ADSL router has one asymmetric digital subscriber
line (ADSL) interface. To connect a router for DSL service, use a
phone cable with RJ-11 connectors. DSL works over standard
telephone lines using pins 3 and 4 on a standard RJ-11 connector.
176. 176
Establishing a
HyperTerminal Session
Take the following steps
to connect a terminal to
the console port on the
router:
First, connect the
terminal using the RJ-45
to RJ-45 rollover cable
and an RJ-45 to DB-9 or
RJ-45 to DB-25 adapter.
Then, configure the
terminal or PC terminal
emulation software for
9600 baud, 8 data bits,
no parity, 1 stop bit, and
no flow control.
177. 177
Cisco IOS
Cisco technology is built around the Cisco Internetwork
Operating System (IOS), which is the software that
controls the routing and switching functions of
internetworking devices.
A solid understanding of the IOS is essential for a network
administrator.
178. 178
The Purpose of Cisco IOS
As with a computer, a router or switch cannot function without an
operating system. Cisco calls its operating system the Cisco
Internetwork Operating System or Cisco IOS.
It is the embedded software architecture in all of the Cisco routers
and is also the operating system of the Catalyst switches.
Without an operating system, the hardware does not have any
capabilities.
The Cisco IOS provides the following network services:
• Basic routing and switching functions
• Reliable and secure access to networked resources
• Network scalability
180. 180
Setup Mode
Setup is not intended as the mode for entering complex protocol features in the
router. The purpose of the setup mode is to permit the administrator to install a minimal
configuration for a router, unable to locate a configuration from another source.
In the setup mode, default answers appear in square brackets [ ] following the
question. Press the Enter key to use these defaults.
During the setup process, Ctrl-C can be pressed at any time to terminate the process.
When setup is terminated using Ctrl-C, all interfaces will be administratively shutdown.
When the configuration process is completed in setup mode, the following options will
be displayed:
[0] Go to the IOS command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration to nvram and exit.
Enter your selection [2]:
181. 181
Operation of Cisco IOS Software
The Cisco IOS devices have three distinct operating environments or modes:
• ROM monitor
• Boot ROM
• Cisco IOS
The startup process of the router normally loads into RAM and executes one
of these operating environments. The configuration register setting can be
used by the system administrator to control the default start up mode for the
router.
To see the IOS image and version that is running, use the show version
command, which also indicates the configuration register setting.
183. 183
Initial Startup of Cisco Routers
A router initializes by loading the bootstrap, the operating system, and a
configuration file.
If the router cannot find a configuration file, it enters setup mode.
Upon completion of the setup mode a backup copy of the configuration file
may be saved to nonvolatile RAM (NVRAM).
The goal of the startup routines for Cisco IOS software is to start the router
operations. To do this, the startup routines must accomplish the following:
• Make sure that the router hardware is tested and functional.
• Find and load the Cisco IOS software.
• Find and apply the startup configuration file or enter the setup
mode.
When a Cisco router powers up, it performs a power-on self test (POST).
During this self test, the router executes diagnostics from ROM on all
hardware modules.
184. 184
After the Post…
After the POST, the following events occur as the router initializes:
Step 1
The generic bootstrap loader in ROM executes. A bootstrap is a simple set of
instructions that tests hardware and initializes the IOS for operation.
Step 2
The IOS can be found in several places. The boot field of the configuration register
determines the location to be used in loading the IOS. If the boot field indicates a
flash or network load, boot system commands in the configuration file indicate the
exact name and location of the image.
Step 3
The operating system image is loaded.
Step 4
The configuration file saved in NVRAM is loaded into main memory and executed one
line at a time. The configuration commands start routing processes, supply addresses
for interfaces, and define other operating characteristics of the router.
Step 5
If no valid configuration file exists in NVRAM, the operating system searches for an
available TFTP server. If no TFTP server is found, the setup dialog is initiated.
186. 186
Router LED Indicators
Cisco routers use LED indicators to provide status information.
Depending upon the Cisco router model, the LED indicators will vary.
An interface LED indicates the activity of the corresponding
interface. If an LED is off when the interface is active and the
interface is correctly connected, a problem may be indicated. If an
interface is extremely busy, its LED will always be on. The green OK
LED to the right of the AUX port will be on after the system initializes
correctly.
188. 188
The show version Command
The show version command displays information about the Cisco IOS
software version that is currently running on the router. This includes the
configuration register and the boot field settings.
The following information is available from the show version command:
IOS version and descriptive information
• Bootstrap ROM version
• Boot ROM version
• Router up time
• Last restart method
• System image file and location
• Router platform
• Configuration register setting
Use the show version command to identify router IOS image and boot source.
To find out the amount of flash memory, issue the show flash command.
191. 191
Router User Interface Modes
The Cisco command-line interface (CLI) uses a hierarchical structure. This
structure requires entry into different modes to accomplish particular tasks.
Each configuration mode is indicated with a distinctive prompt and allows
only commands that are appropriate for that mode.
As a security feature the Cisco IOS software separates sessions into two
access levels, user EXEC mode and privileged EXEC mode. The privileged
EXEC mode is also known as enable mode.
197. 197
CLI Command Modes
All command-line interface (CLI) configuration changes to a Cisco router
are made from the global configuration mode. Other more specific modes
are entered depending upon the configuration change that is required.
Global configuration mode commands are used in a router to apply
configuration statements that affect the system as a whole.
The following command moves the router into global configuration mode
Router#configure terminal (or config t)
Router(config)#
When specific configuration modes are entered, the router prompt changes
to indicate the current configuration mode.
Typing exit from one of these specific configuration modes will return the
router to global configuration mode. Pressing Ctrl-Z returns the router to all
the way back privileged EXEC mode.
198. 198
Configuring a Router’s Name
A router should be given a unique name as one of the
first configuration tasks.
This task is accomplished in global configuration mode
using the following commands:
Router(config)#hostname Tokyo
Tokyo(config)#
As soon as the Enter key is pressed, the prompt changes
from the default host name (Router) to the newly
configured host name (which is Tokyo in the example
above).
200. 200
Message Of The Day (MOTD)
A message-of-the-day (MOTD) banner can be displayed on all
connected terminals.
Enter global configuration mode by using the command config t
Enter the command
banner motd # The message of the day goes here #.
Save changes by issuing the command copy run start
201. 201
Configuring a Console Password
Passwords restrict access to routers.
Passwords should always be configured for virtual terminal lines and
the console line.
Passwords are also used to control access to privileged EXEC mode
so that only authorized users may make changes to the
configuration file.
The following commands are used to set an optional but
recommended password on the console line:
Router(config)#line console 0
Router(config-line)#password <password>
Router(config-line)#login
202. 202
Configuring a Modem Password
If configuring a router via a modem you are most likely connected
to the aux port.
The method for configuring the aux port is very similar to configuring
the console port.
Router(config)#line aux 0
Router(config-line)#password <password>
Router(config-line)#login
203. 203
Configuring Interfaces
An interface needs an IP Address and a Subnet Mask to be configured.
All interfaces are “shutdown” by default.
The DCE end of a serial interface needs a clock rate.
Router#config t
Router(config)#interface serial 0/1
Router(config-if)#ip address 200.100.50.75 255.255.255.240
Router(config-if)#clock rate 56000 (required for serial DCE only)
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#int f0/0
Router(config-if)#ip address 150.100.50.25 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#exit
Router#
On older routers, Serial 0/1 would be just Serial 1 and f0/0 would be e0.
s = serial e = Ethernet f = fast Ethernet
204. 204
Configuring a Telnet Password
A password must be set on one or more of the virtual terminal (VTY)
lines for users to gain remote access to the router using Telnet.
Typically Cisco routers support five VTY lines numbered 0 through 4.
The following commands are used to set the same password on all
of the VTY lines:
Router(config)#line vty 0 4
Router(config-line)#password <password>
Router(config-line)#login
205. 205
Examining the show Commands
There are many show commands that can be used to examine the contents of files in
the router and for troubleshooting. In both privileged EXEC and user EXEC modes, the
command show ? provides a list of available show commands. The list is considerably
longer in privileged EXEC mode than it is in user EXEC mode.
show interfaces – Displays all the statistics for all the interfaces on the router. show int
s0/1 – Displays statistics for interface Serial 0/1
show controllers serial – Displays information-specific to the interface hardware
show clock – Shows the time set in the router
show hosts – Displays a cached list of host names and addresses
show users – Displays all users who are connected to the router
show history – Displays a history of commands that have been entered
show flash – Displays info about flash memory and what IOS files are stored there
show version – Displays info about the router and the IOS that is running in RAM
show ARP – Displays the ARP table of the router
show start – Displays the saved configuration located in NVRAM
show run – Displays the configuration currently running in RAM
show protocol – Displays the global and interface specific status of any configured
Layer 3 protocols
209. 209
Ethernet Overview
Ethernet is now the dominant LAN technology in the world.
Ethernet is not one technology but a family of LAN technologies.
All LANs must deal with the basic issue of how individual stations
(nodes) are named, and Ethernet is no exception.
Ethernet specifications support different media, bandwidths, and
other Layer 1 and 2 variations.
However, the basic frame format and addressing scheme is the
same for all varieties of Ethernet.
210. 210
Ethernet and the OSI
Model
Ethernet
operates in
two areas of
the OSI
model, the
lower half of
the data link
layer, known
as the MAC
sublayer and
the physical
layer
212. 212
Layer 2 Framing
Framing is the Layer 2 encapsulation process.
A frame is the Layer 2 protocol data unit.
The frame format diagram shows different groupings of bits (fields)
that perform other functions.
214. 214
3 Common Layer 2 Technologies
Ethernet
Uses CSMA/CD logical bus
topology (information flow is
on a linear bus) physical star
or extended star (wired as a
star)
Token Ring
logical ring topology
(information flow is controlled
in a ring) and a physical star
topology (in other words, it is
wired as a star)
FDDI
logical ring topology
(information flow is controlled
in a ring) and physical dual-
ring topology(wired as a dual-
ring)
215. 215
Collision Domains
To move data between one Ethernet station and
another, the data often passes through a repeater.
All other stations in the same collision domain see traffic
that passes through a repeater.
A collision domain is then a shared resource. Problems
originating in one part of the collision domain will usually
impact the entire collision domain.
217. 217
Backoff
After a collision occurs and all stations allow the cable to become
idle (each waits the full interframe spacing), then the stations that
collided must wait an additional and potentially progressively
longer period of time before attempting to retransmit the collided
frame.
The waiting period is intentionally designed to be random so that
two stations do not delay for the same amount of time before
retransmitting, which would result in more collisions.
220. 220
Prefix Length and Network
Mask
Range of Addresses: 192.168.1.64 through 192.168.1.79
• Have the first 28 bits in common, which is
represented by a /28 prefix length
• 28 bits in common can also be represented in dotted
decimal as 255.255.255.240
In the IP network number that accompanies the network
mask, when the host bits of the IP network number are:
• All binary zeros – that address is the bottom of the
address range
• All binary ones – that address is the top of the
address range
Binary ones in the network mask represent network bits in the
accompanying IP address; binary zeros represent host bits
11000000.10101000.00000001.0100xxxx IP Address
11111111.11111111.11111111.11110000 Network
Mask
Fourth Octet
64 01000000
65 01000001
66 01000010
67 01000011
68 01000100
69 01000101
70 01000110
71 01000111
72 01001000
73 01001001
74 01001010
75 01001011
76 01001100
77 01001101
78 01001110
79 01001111
231. 231
Classless Interdomain Routing
–CIDR is a mechanism developed to alleviate
exhaustion of addresses and reduce routing
table size.
–Block addresses can be summarized into
single entries without regard to the classful
boundary of the network number.
–Summarized blocks are installed in routing
tables.
232. 232
What Is CIDR?
• Addresses are the same as in the route summarization figure, except that
Class B network 172 has been replaced by Class C network 192.
239. 239
Administrative Distance
The administrative distance is an optional parameter that gives a measure
of the reliability of the route. The range of an AD is 0-255 where smaller
numbers are more desireable.
The default administrative distance when using next-hop address is 1, while
the default administrative distance when using the outgoing interface is 0.
You can statically assign an AD as follows:
Router(config)#ip route 172.16.3.0
255.255.255.0 172.16.4.1 130
Sometimes static routes are used for backup purposes. A static route can be
configured on a router that will only be used when the dynamically learned
route has failed. To use a static route in this manner, simply set the
administrative distance higher than that of the dynamic routing protocol
being used.
240. 240
Configuring Default Routes
Default routes are used to route packets with destinations that do
not match any of the other routes in the routing table.
A default route is actually a special static route that uses this format:
ip route 0.0.0.0 0.0.0.0 [next-hop-address | outgoing interface]
This is sometimes referred to as a “Quad-Zero” route.
Example using next hop address:
Router(config)#ip route 0.0.0.0 0.0.0.0 172.16.4.1
Example using the exit interface:
Router(config)#ip route 0.0.0.0 0.0.0.0 s0/0
241. 241
Verifying Static
Route Configuration
After static routes are configured it is important to verify
that they are present in the routing table and that routing
is working as expected.
The command show running-config is used to view the
active configuration in RAM to verify that the static route
was entered correctly.
The show ip route command is used to make sure that
the static route is present in the routing table.
245. 245
Routing Protocols
Routing protocols
includes the following:
processes for sharing
route information
allows routers to
communicate with
other routers to
update and maintain
the routing tables
Examples of routing
protocols that support
the IP routed protocol
are:
RIP, IGRP,
OSPF, BGP,
and EIGRP.
247. 247
Routed Protocols
Protocols used at the network layer that transfer data from one host to another across a
router are called routed or routable protocols. The Internet Protocol (IP) and Novell's
Internetwork Packet Exchange (IPX) are examples of routed protocols. Routers use routing
protocols to exchange routing tables and share routing information. In other words,
routing protocols enable routers to route routed protocols.
249. 249
Autonomous System
AS 2000
AS 3000
IGP
Interior Gateway Protocols are
used for routing decisions
within an Autonomous System.
Exterior Gateway
Protocols are used
for routing between
Autonomous Systems
EGP
AS 1000
An Autonomous System (AS) is a group of IP networks,
which has a single and clearly defined external routing
policy.
Fig. 48 IGP and EGP (TI1332EU02TI_0004 The Network Layer, 67)
250. 250
IGP
Interior Gateway Protocol
(IGP)
Exterior Gateway
Protocol (EGP)
EGP
EGP
EGP
Interior Gateway Protocol
(IGP)
AS 1000
AS 2000
AS 3000
Fig. 49 The use of IGP and EGP protocols (TI1332EU02TI_0004 The Network Layer, 67)
251. 251
IGP and EGP
An autonomous system is a network or set of networks under
common administrative control, such as the cisco.com domain.
252. 252
Categories of Routing
Protocols
Most routing algorithms can be classified into one of two categories:
• distance vector
• link-state
The distance vector routing approach determines the direction
(vector) and distance to any link in the internetwork.
The link-state approach, also called shortest path first, recreates the
exact topology of the entire internetwork.
254. 254
2 Hops
1 Hop1 Hop
Destination
192.16.1.0
192.16.5.0
192.16.7.0
Distance
1
1
2
Routing table contains the addresses
of destinations and the distance
of the way to this destination.
Flow of routing
information
Flow of routing
information
Router B Router CRouter A Router D
192.16.1.0192.16.1.0 192.16.7.0192.16.7.0
192.16.5.0192.16.5.0
Distance Vector Routing (DVR)
260. 260
RIPv1
Distance Vector Routing Protocol,
classful
Distribution of Routing Tables via broadcast
to adjacent routers
Only one kind of metric:
Number of Hops
Connections with different
bandwidth can not be weighted
Routing loops can occur
-> bad convergence in case of a failure
Count to infinity problem
(infinity = 16)
Maximum network size is limited
by the number of hops
Fig.59PropertiesofRIPv1(TI1332EU02TI_0004TheNetworkLayer,81)
262. 262
200.14.13.0/24200.14.13.0/24
130.24.13.0/24130.24.13.0/24
Router A
Port 2
200.14.13.2/24
Port 2
200.14.13.2/24
Port 1
130.24.13.1/24
Port 1
130.24.13.1/24
130.24.36.0/24130.24.36.0/24
RIP-1: 130.24.36.0 RIP-1: 130.24.36.0
RIP-1: 130.24.0.0
130.24.25.0/24130.24.25.0/24
RIP-1 permits only a Single Subnet Mask
Fig. 60 RIP-1 permits only a single subnet mask (TI1332EU02TI_0004 The Network Layer, 83)
263. 263
Router Configuration
The router command starts a routing process.
The network command is required because it enables the routing
process to determine which interfaces participate in the sending
and receiving of routing updates.
An example of a routing configuration is:
GAD(config)#router rip
GAD(config-router)#network 172.16.0.0
The network numbers are based on the network class addresses, not
subnet addresses or individual host addresses.
266. 266
The debug ip rip Command
Most of the RIP
configuration
errors involve an
incorrect network
statement,
discontiguous
subnets, or split
horizons. One
highly effective
command for
finding RIP
update issues is
the debug ip rip
command. The
debug ip rip
command
displays RIP
routing updates
as they are sent
and received.
267. 267
Problem: Routing LoopsRouting loops
can occur
when
inconsistent
routing tables
are not
updated due
to slow
convergence
in a changing
network.
271. 271
Route Poisoning
Route poisoning is used by various distance vector protocols in order
to overcome large routing loops and offer explicit information when
a subnet or network is not accessible. This is usually accomplished by
setting the hop count to one more than the maximum.
272. 272
Triggered Updates
New routing tables are sent to neighboring routers on a regular basis.
For example, RIP updates occur every 30 seconds.
However a triggered update is sent immediately in response to some
change in the routing table.
The router that detects a topology change immediately sends an
update message to adjacent routers that, in turn, generate triggered
updates notifying their adjacent neighbors of the change.
When a route fails, an update is sent immediately rather than waiting on
the update timer to expire.
Triggered updates, used in conjunction with route poisoning, ensure that
all routers know of failed routes before any holddown timers can expire.
275. 275
IGRP
Interior Gateway Routing Protocol (IGRP) is a proprietary
protocol developed by Cisco.
Some of the IGRP key design characteristics emphasize the
following:
• It is a distance vector routing protocol.
• Routing updates are broadcast every 90 seconds.
• Bandwidth, load, delay and reliability are used to
create a composite metric.
276. 276
IGRP Stability Features
IGRP has a number of features that are designed to enhance its stability, such as:
• Holddowns
• Split horizons
• Poison reverse updates
Holddowns
Holddowns are used to prevent regular update messages from inappropriately
reinstating a route that may not be up.
Split horizons
Split horizons are derived from the premise that it is usually not useful to send
information about a route back in the direction from which it came.
Poison reverse updates
Split horizons prevent routing loops between adjacent routers, but poison reverse
updates are necessary to defeat larger routing loops.
Today, IGRP is showing its age, it lacks support for variable length subnet masks
(VLSM). Rather than develop an IGRP version 2 to correct this problem, Cisco has
built upon IGRP's legacy of success with Enhanced IGRP.
281. 281
LSP:
„My links to
R2 and R4 are
up“
LSP: „My links to
R1 and R3 are up,
my link to R4 is down.“
LSP: „My links to
R2 and R4 are up.“
LSP:
„My links to R1 and R3 are
up.
My link to R2 is down.“
Router 1 Router 4
Router 2 Router 3
SPF
Routing
Table
Link State Routing (LSR)
LSP....link state packet
SPF... shortest path first
283. 283
Router A Router C
Router B Router D
Router E22
11
44
22
44
11
B - 2
C - 1
B - 2
C - 1
A - 2
D - 4
A - 2
D - 4
A - 1
D - 2
E - 4
A - 1
D - 2
E - 4
C - 2
B - 4
E - 1
C - 2
B - 4
E - 1
C - 4
D - 1
C - 4
D - 1
Router A Router B Router C Router D Router E
Link State Database
AA
CB
D
E
A D
EC
BB
D A
E B
CC
E C B
A
DD
Link State Routing (LSR)
284. 284
Link State Routing Features
Link-state algorithms are also known as Dijkstras algorithm or as SPF (shortest path first)
algorithms.
Link-state routing algorithms maintain a complex database of topology information.
The distance vector algorithm are also known as Bellman-Ford algorithms. They have
nonspecific information about distant networks and no knowledge of distant routers.
A link-state routing algorithm maintains full knowledge of distant routers and how they
interconnect. Link-state routing uses:
• Link-state advertisements (LSAs)
A link-state advertisement (LSA) is a small packet of routing information
that is sent between routers.
• Topological database
A topological database is a collection of information gathered from LSAs.
• SPF algorithm
The shortest path first (SPF) algorithm is a calculation performed on the
database resulting in the SPF tree.
• Routing tables – A list of the known paths and interfaces.
288. 288
OSPF is a Link-State Routing
Protocols
–Link-state (LS) routers recognize much more
information about the network than their distance-vector
counterparts,Consequently LS routers tend to make more
accurate decisions.
–Link-state routers keep track of the
following:
• Their neighbours
• All routers within the same area
• Best paths toward a destination
289. 289
Link-State Data Structures
–Neighbor table:
• Also known as the adjacency database
(list of recognized neighbors)
–Topology table:
• Typically referred to as LSDB
(routers and links in the area or network)
• All routers within an area have an identical LSDB
–Routing table:
• Commonly named a forwarding database
(list of best paths to destinations)
290. 290
OSPF vs. RIP
RIP is limited to 15 hops, it converges slowly, and it sometimes chooses
slow routes because it ignores critical factors such as bandwidth in route
determination. OSPF overcomes these limitations and proves to be a
robust and scalable routing protocol suitable for the networks of today.
299. 299
Link-State Data Structure:
Network Hierarchy
•Link-state routing requires a hierachical
network structure that is enforced by
OSPF.
•This two-level hierarchy consists of the
following:
• Transit area (backbone or area 0)
• Regular areas (nonbackbone areas)
302. 302
LS Data Structures:
Adjacency Database
– Routers discover neighbors by exchanging
hello packets.
– Routers declare neighbors to be up after checking
certain parameters or options in the hello packet.
– Point-to-point WAN links:
• Both neighbors become fully adjacent.
– LAN links:
• Neighbors form an adjacency with the DR and BDR.
• Maintain two-way state with the other routers (DROTHERs).
– Routing updates and topology information are only
passed between adjacent routers.
303. 303
OSPF Adjacencies
Routers build logical adjacencies between each other
using the Hello Protocol. Once an adjacency is formed:
• LS database packets are exchanged to synchronize
each other’s LS databases.
• LSAs are flooded reliably throughout the area or network
using these adjacencies.
305. 305
Open Shortest Path First
Calculation
•Routers find the best paths to destinations by
applying Dijkstra’s SPF algorithm to the link-
state database as follows:
– Every router in an area has the identical
link-state database.
– Each router in the area places itself into
the root of the tree that is built.
– The best path is calculated with respect to the
lowest total cost of links to a specific destination.
– Best routes are put into the forwarding database.
322. 322
router ospf process-idrouter ospf process-id
Router(config)#
•Turns on one or more OSPF routing processes in
the IOS software.
Configuring Basic OSPF:
Single Area
network address inverse-mask area [area-id]network address inverse-mask area [area-id]
Router(config-router)#
•Router OSPF subordinate command that defines
the interfaces (by network number) that OSPF
will run on. Each network number must be
defined to a specific area.
324. 324
show ip protocolsshow ip protocols
Router#
• Verifies the configured IP routing protocol
processes, parameters and statistics
Verifying OSPF Operation
show ip route ospfshow ip route ospf
Router#
•Displays all OSPF routes learned by the router
show ip ospf interfaceshow ip ospf interface
Router#
•Displays the OSPF router ID, area ID and
adjacency information
325. 325
show ip ospfshow ip ospf
Router#
•Displays the OSPF router ID, timers, and statistics
Verifying OSPF Operation
(Cont.)
show ip ospf neighbor [detail]show ip ospf neighbor [detail]
Router#
•Displays information about the OSPF neighbors,
including Designated Router (DR) and Backup
Designated Router (BDR) information on
broadcast networks
326. 326
The show ip route ospf
Command
RouterA# show ip route ospf
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile,
B - BGP, D - EIGRP, EX - EIGRP external, O - OSPF,
IA - OSPF inter area, E1 - OSPF external type 1,
E2 - OSPF external type 2, E - EGP, i - IS-IS, L1 - IS-IS
level-1, L2 - IS-IS level-2, * - candidate default
Gateway of last resort is not set
10.0.0.0 255.255.255.0 is subnetted, 2 subnets
O 10.2.1.0 [110/10] via 10.64.0.2, 00:00:50, Ethernet0
327. 327
The show ip ospf interface
Command
RouterA# show ip ospf interface e0
Ethernet0 is up, line protocol is up
Internet Address 10.64.0.1/24, Area 0
Process ID 1, Router ID 10.64.0.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DROTHER, Priority 1
Designated Router (ID) 10.64.0.2, Interface address 10.64.0.2
Backup Designated router (ID) 10.64.0.1, Interface address 10.64.0.1
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:04
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.64.0.2 (Designated Router)
Suppress hello for 0 neighbor(s)
328. 328
The show ip ospf neighbor
Command
RouterB# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.64.1.1 1 FULL/BDR 00:00:31 10.64.1.1 Ethernet0
10.2.1.1 1 FULL/- 00:00:38 10.2.1.1 Serial0
332. 332
Point-to-Point Links
• Usually a serial interface running either PPP
or HDLC
• May also be a point-to-point subinterface
running Frame Relay or ATM
• No DR or BDR election required
• OSPF autodetects this interface type
• OSPF packets are sent using multicast 224.0.0.5
333. 333
Multi-access Broadcast
Network
• Generally LAN technologies like Ethernet and Token Ring
• DR and BDR selection required
• All neighbor routers form full adjacencies with the DR and
BDR only
• Packets to the DR use 224.0.0.6
• Packets from DR to all other routers use 224.0.0.5
334. 334
Electing the DR and BDR
• Hello packets are exchanged via IP multicast.
• The router with the highest OSPF priority is
selected as the DR.
• Use the OSPF router ID as the tie breaker.
• The DR election is nonpreemptive.
335. 335
Setting Priority for DR Election
ip ospf priority numberip ospf priority number
•This interface configuration command assigns the
OSPF priority to an interface.
•Different interfaces on a router may be assigned
different values.
•The default priority is 1. The range is from 0 to 255.
•0 means the router is a DROTHER; it can’t be the DR
or BDR.
Router(config-if)#
337. 337
Creation of Adjacencies
RouterA# debug ip ospf adj
Point-to-point interfaces coming up: No election
%LINK-3-UPDOWN: Interface Serial1, changed state to up
OSPF: Interface Serial1 going Up
OSPF: Rcv hello from 192.168.0.11 area 0 from Serial1 10.1.1.2
OSPF: End of hello processing
OSPF: Build router LSA for area 0, router ID 192.168.0.10
OSPF: Rcv DBD from 192.168.0.11 on Serial1 seq 0x20C4 opt 0x2 flag 0x7 len 32
state INIT
OSPF: 2 Way Communication to 192.168.0.11 on Serial1, state 2WAY
OSPF: Send DBD to 192.168.0.11 on Serial1 seq 0x167F opt 0x2 flag 0x7 len 32
OSPF: NBR Negotiation Done. We are the SLAVE
OSPF: Send DBD to 192.168.0.11 on Serial1 seq 0x20C4 opt 0x2 flag 0x2 len 72
338. 338
Creation of Adjacencies
(Cont.)
RouterA# debug ip ospf adj
Ethernet interface coming up: Election
OSPF: 2 Way Communication to 192.168.0.10 on Ethernet0, state 2WAY
OSPF: end of Wait on interface Ethernet0
OSPF: DR/BDR election on Ethernet0
OSPF: Elect BDR 192.168.0.12
OSPF: Elect DR 192.168.0.12
DR: 192.168.0.12 (Id) BDR: 192.168.0.12 (Id)
OSPF: Send DBD to 192.168.0.12 on Ethernet0 seq 0x546 opt 0x2 flag 0x7 len 32
<…>
OSPF: DR/BDR election on Ethernet0
OSPF: Elect BDR 192.168.0.11
OSPF: Elect DR 192.168.0.12
DR: 192.168.0.12 (Id) BDR: 192.168.0.11 (Id)
340. 340
Overview
Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco-
proprietary routing protocol based on Interior Gateway Routing Protocol
(IGRP).
Unlike IGRP, which is a classful routing protocol, EIGRP supports CIDR and
VLSM.
Compared to IGRP, EIGRP boasts faster convergence times, improved
scalability, and superior handling of routing loops.
Furthermore, EIGRP can replace Novell Routing Information Protocol
(RIP) and AppleTalk Routing Table Maintenance Protocol (RTMP), serving
both IPX and AppleTalk networks with powerful efficiency.
EIGRP is often described as a hybrid routing protocol, offering the best of
distance vector and link-state algorithms.
341. 341
Comparing EIGRP with IGRP
IGRP and EIGRP are compatible with each other.
EIGRP offers multiprotocol support, but IGRP does not.
EIGRP and IGRP use different metric calculations.
EIGRP scales the metric of IGRP by a factor of 256.
IGRP has a maximum hop count of 255.
EIGRP has a maximum hop count limit of 224.
Enabling dissimilar routing protocols such as OSPF and RIP to share
information requires advanced configuration. Redistribution, the
sharing of routes, is automatic between IGRP and EIGRP as long as
both processes use the same autonomous system (AS) number.
345. 345
EIGRP Concepts & Terminology
EIGRP routers keep route and topology information readily available
in RAM, so they can react quickly to changes.
Like OSPF, EIGRP saves this information in several tables and
databases.
EIGRP saves routes that are learned in specific ways.
Routes are given a particular status and can be tagged to provide
additional useful information.
EIGRP maintains three tables:
• Neighbor table
• Topology table
• Routing table
346. 346
Neighbor Table
The neighbor table is the most important table in EIGRP.
Each EIGRP router maintains a neighbor table that lists adjacent
routers. This table is comparable to the adjacency database used
by OSPF. There is a neighbor table for each protocol that EIGRP
supports.
When a neighbor sends a hello packet, it advertises a hold time. The
hold time is the amount of time a router treats a neighbor as
reachable and operational. In other words, if a hello packet is not
heard within the hold time, then the hold time expires.
When the hold time expires, the Diffusing Update Algorithm (DUAL),
which is the EIGRP distance vector algorithm, is informed of the
topology change and must recalculate the new topology.
347. 347
Topology Table
The topology table is made up of all the EIGRP routing tables in the
autonomous system.
DUAL takes the information supplied in the neighbor table and the topology
table and calculates the lowest cost routes to each destination. By tracking
this information, EIGRP routers can identify and switch to alternate routes
quickly.
The information that the router learns from the DUAL is used to determine the
successor route, which is the term used to identify the primary or best route.
A copy is also placed in the topology table.
Every EIGRP router maintains a topology table for each configured network
protocol. All learned routes to a destination are maintained in the topology
table.
348. 348
Routing Table
The EIGRP routing table holds the best routes to a destination. This
information is retrieved from the topology table. Each EIGRP router maintains
a routing table for each network protocol.
A successor is a route selected as the primary route to use to reach a
destination.DUAL identifies this route from the information contained in the
neighbor and topology tables and places it in the routing table.
There can be up to four successor routes for any particular route. These can
be of equal or unequal cost and are identified as the best loop-free paths to
a given destination.
A copy of the successor routes is also placed in the topology table.
A feasible successor (FS) is a backup route.These routes are identified at the
same time the successors are identified, but they are only kept in the
topology table. Multiple feasible successors for a destination can be
retained in the topology table although it is not mandatory.
349. 349
EIGRP Data Structure
Like OSPF, EIGRP relies on different types of packets to maintain its various tables
and establish complex relationships with neighbor routers. The five EIGRP packet
types are:
• Hello
• Acknowledgment
• Update
• Query
• Reply
EIGRP relies on hello packets to discover, verify, and rediscover neighbor routers.
Rediscovery occurs if EIGRP routers do not receive hellos from each other for a
hold time interval but then re-establish communication.
EIGRP routers send hellos at a fixed but configurable interval, called the hello
interval. The default hello interval depends on the bandwidth of the interface.
On IP networks, EIGRP routers send hellos to the multicast IP address 224.0.0.10.
351. 351
EIGRP Algorithm
The sophisticated DUAL algorithm results in the exceptionally fast
convergence of EIGRP.
Each router constructs a topology table that contains information about
how to route to a destination network.
Each topology table identifies the following:
• The routing protocol or EIGRP
• The lowest cost of the route, which is called Feasible Distance
• The cost of the route as advertised by the neighboring router,
which is called Reported Distance
The Topology heading identifies the preferred primary route, called the
successor route (Successor), and, where identified, the backup route, called
the feasible successor (FS). Note that it is not necessary to have an identified
feasible successor.
358. 358
Verifying the EIGRP Configuration
To verify the EIGRP configuration a number of show and
debug commands are available.
These commands are shown on the next few slides.
365. 365
What are ACLs?
ACLs are lists of conditions that are applied to traffic traveling
across a router's interface. These lists tell the router what types of
packets to accept or deny. Acceptance and denial can be
based on specified conditions.
ACLs can be created for all routed network protocols, such as
Internet Protocol (IP) and Internetwork Packet Exchange (IPX).
ACLs can be configured at the router to control access to a
network or subnet.
Some ACL decision points are source and destination addresses,
protocols, and upper-layer port numbers.
ACLs must be defined on a per-protocol, per direction, or per
port basis.
366. 366
Reasons to Create ACLs
The following are some of the primary reasons to create ACLs:
• Limit network traffic and increase network performance.
• Provide traffic flow control.
• Provide a basic level of security for network access.
• Decide which types of traffic are forwarded or blocked at
the router interfaces. For example: Permit e-mail traffic to
be routed, but block all telnet traffic.
Allow an administrator to control what areas a client can access
on a network.
If ACLs are not configured on the router, all packets passing
through the router will be allowed onto all parts of the network.
371. 371
Creating ACLs
ACLs are created in the global configuration mode. There are
many different types of ACLs including standard, extended, IPX,
AppleTalk, and others. When configuring ACLs on a router, each
ACL must be uniquely identified by assigning a number to it. This
number identifies the type of access list created and must fall within
the specific range of numbers that is valid for that type of list.
Since IP is by far the most
popular routed protocol,
addition ACL numbers
have been added to
newer router IOSs.
Standard IP: 1300-1999
Extended IP: 2000-2699
375. 375
Basic Rules for ACLs
These basic rules should be followed when creating and applying access lists:
• One access list per protocol per direction.
• Standard IP access lists should be applied closest to the destination.
• Extended IP access lists should be applied closest to the source.
• Use the inbound or outbound interface reference as if looking at the port
from inside the router.
• Statements are processed sequentially from the top of list to the bottom
until a match is found, if no match is found then the packet is denied.
• There is an implicit deny at the end of all access lists. This will not appear in
the configuration listing.
• Access list entries should filter in the order from specific to general.
Specific hosts should be denied first, and groups or general filters should come last.
• Never work with an access list that is actively applied.
• New lines are always added to the end of the access list.
• A no access-list x command will remove the whole list. It is not possible to
selectively add and remove lines with numbered ACLs.
• Outbound filters do not affect traffic originating from the local router.
376. 376
Wildcard Mask Examples
5 Examples follow that demonstrate how a wildcard mask can be
used to permit or deny certain IP addresses, or IP address ranges.
While subnet masks start with binary 1s and end with binary 0s,
wildcard masks are the reverse meaning they typically start with
binary 0s and end with binary 1s.
In the examples that follow Cisco has chosen to represent the binary
1s in the wilcard masks with Xs to focus on the specific bits being
shown in each example.
You will see that while subnet masks were ANDed with ip addresses,
wildcard masks are ORed with IP addresses.
.
383. 383
Verifying ACLs
There are many show commands that will verify the content and
placement of ACLs on the router.
The show ip interface command displays IP interface information
and indicates whether any ACLs are set.
The show access-lists command displays the contents of all ACLs on
the router.
show access-list 1 shows just access-list 1.
The show running-config command will also reveal the access lists
on a router and the interface assignment information.
384. 384
Standard ACLs
Standard ACLs check the source address of IP packets that are routed.
The comparison will result in either permit or deny access for an entire protocol suite,
based on the network, subnet, and host addresses.
The standard version of the access-list global configuration command is used to
define a standard ACL with a number in the range of 1 to 99 (also from 1300 to 1999 in
recent IOS).
If there is no wildcard mask. the default mask is used, which is 0.0.0.0.
(This only works with Standard ACLs and is the same thing as using host.)
The full syntax of the standard ACL command is:
Router(config)#access-list access-list-number {deny |
permit} source [source-wildcard ] [log]
The no form of this command is used to remove a standard ACL. This is the syntax:
Router(config)#no access-list access-list-number
385. 385
Extended ACLs
Extended ACLs are used more often than standard ACLs because they provide a
greater range of control. Extended ACLs check the source and destination packet
addresses as well as being able to check for protocols and port numbers.
The syntax for the extended ACL statement can get very long and often will wrap in
the terminal window.
The wildcards also have the option of using the host or any keywords in the command.
At the end of the extended ACL statement, additional precision is gained from a field
that specifies the optional Transmission Control Protocol (TCP) or User Datagram
Protocol (UDP) port number.
Logical operations may be specified such as, equal (eq), not equal (neq), greater
than (gt), and less than (lt), that the extended ACL will perform on specific protocols.
Extended ACLs use an access-list-number in the range 100 to 199 (also from 2000 to
2699 in recent IOS).
Layer 2 of 2 Note: The two commands shown in the slide can also be combined into one command: vtp domain switchlab transparent
Layer 2 of 2 Note: The two commands shown in the slide can also be combined into one command: vtp domain switchlab transparent
Layer 2 of 2 Note: The two commands shown in the slide can also be combined into one command: vtp domain switchlab transparent
Note: Once a port has been assigned to a VLAN, it cannot send or receive traffic from devices in another VLAN without the intervention of a Layer 3 device like a router. The 1900 can’t be configure as the VMPS. A CiscoWorks 2000 or CWSI management station or a Catalyst 5000 switch can be configured as the VMPS. In the future, dynamic VLANs may also offer membership based on other criteria such as protocol or application. Dynamic VLANs are covered in the Managing Cisco Switched Internetworks class.
8 28 25 25 Purpose: Provide the student with the basic information Emphasize: Slide contents Transition:
Note: The 1900 only supports ISL trunking. ISL is Cisco proprietary. 802.1Q is an IEEE standard. Other trunk types: LANE (VLANSs over ATM) 802.10 (FDDI trunk)
Notes: VTP is a Cisco proprietary feature. VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs on a network-wide basis. VTP minimizes misconfigurations and configuration inconsistencies that can cause several problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. A VTP domain (also called a VLAN management domain) is one switch or several interconnected switches sharing the same VTP domain. A switch is configured to be in only one VTP domain. You make global VLAN configuration changes for the domain by using the Cisco IOS command-line interface (CLI), Cisco Visual Switch Manager Software, or Simple Network Management Protocol (SNMP). By default, a 1900 switch is in the no-management-domain state until it receives an advertisement for a domain over a trunk link or you configure a management domain. The default VTP mode is server mode, but VLANs are not propagated over the network until a management domain name is specified or learned. If the switch receives a VTP advertisement over a trunk link, it inherits the management domain name and configuration revision number. The switch then ignores advertisements with a different management domain name or an earlier configuration revision number. When you make a change to the VLAN configuration on a VTP server, the change is propagated to all switches in the VTP domain. VTP advertisements are transmitted out all trunk connections, including Inter-Switch Link (ISL), IEEE 802.1Q, IEEE 802.10, and ATM LAN Emulation (LANE). If you configure a switch from VTP transparent mode, you can create and modify VLANs, but the changes are not transmitted to other switches in the domain, and they affect only the individual switch.
Emphasize: Default VTP mode on the Catalyst switches is server. Be careful when adding new switches into an existing network. This is covered in more detail later.
Layer 2 of 2 Emphasize: The latest revision number is what the switches will synchronize to.
Emphasize: VTP prunning provides optimized flooding. Without VTP prunning, station A’s broadcast will be flooded to all switches whether they have any port in the red VLAN or not. Note: VLAN1 can’t be prunned. STP, CDP, VTP updates are sent on VLAN1. All switches in the switched network must support prunning or prunning will be disabled. Each trunk port maintains a state variable per VLAN indicating if the switch has any port assigned to a particular VLAN or not.
Notes: All switches in a VTP domain must run the same VTP version. The password entered with a domain name should be the same for all switches in the domain. If you configure a VTP password, the management domain will not function properly if you do not assign the management domain password to each switch in the domain. A VTP version 2-capable switch can operate in the same VTP domain as a switch running VTP version 1, provided version 2 is disabled on the version 2-capable switch (version 2 is disabled by default). Do not enable VTP version 2 on a switch unless all of the switches in the same VTP domain are version 2-capable. When you enable version 2 on a switch, all of the version 2-capable switches in the domain must have version 2 enabled. If there is a version 1-only switch, it will not exchange VTP information with switches with version 2 enabled. If there are Token Ring networks in your environment, you must enable VTP version 2 for Token Ring VLAN switching to function properly. Enabling or disabling VTP pruning on a VTP server enables or disables VTP pruning for the entire management domain. In the lab, all the switches are set to VTP transparent mode.
Layer 2 of 2 Note: The two commands shown in the slide can also be combined into one command: vtp domain switchlab transparent
